summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitignore50
-rw-r--r--.travis.yml20
-rw-r--r--COPYING118
-rw-r--r--ChangeLog15162
-rw-r--r--Makefile.am6
-rw-r--r--NEWS2166
-rw-r--r--README122
-rw-r--r--TODO127
-rw-r--r--acinclude.m454
-rwxr-xr-xautogen.sh12
-rw-r--r--configure.ac682
-rw-r--r--contrib/Makefile.am6
-rw-r--r--contrib/README10
-rw-r--r--contrib/adduser-old.c300
-rw-r--r--contrib/adduser.c502
-rwxr-xr-xcontrib/adduser.sh90
-rwxr-xr-xcontrib/adduser2.sh743
-rwxr-xr-xcontrib/atudel85
-rw-r--r--contrib/groupmems.shar546
-rw-r--r--contrib/pwdauth.c308
-rw-r--r--contrib/shadow-anonftp.patch147
-rw-r--r--contrib/udbachk.tgzbin0 -> 17571 bytes
-rw-r--r--doc/HOWTO1918
-rw-r--r--doc/Makefile.am5
-rw-r--r--doc/README.limits66
-rw-r--r--doc/README.platforms33
-rw-r--r--doc/WISHLIST40
-rw-r--r--doc/console.c.spec.txt36
-rw-r--r--doc/cracklib26.diff340
-rw-r--r--etc/Makefile.am24
-rw-r--r--etc/limits30
-rw-r--r--etc/login.access54
-rw-r--r--etc/login.defs400
-rw-r--r--etc/pam.d/Makefile.am32
-rw-r--r--etc/pam.d/chage4
-rw-r--r--etc/pam.d/chfn4
-rw-r--r--etc/pam.d/chgpasswd4
-rw-r--r--etc/pam.d/chpasswd4
-rw-r--r--etc/pam.d/chsh4
-rw-r--r--etc/pam.d/groupadd4
-rw-r--r--etc/pam.d/groupdel4
-rw-r--r--etc/pam.d/groupmems4
-rw-r--r--etc/pam.d/groupmod4
-rw-r--r--etc/pam.d/login11
-rw-r--r--etc/pam.d/newusers4
-rw-r--r--etc/pam.d/passwd4
-rw-r--r--etc/pam.d/su13
-rw-r--r--etc/pam.d/useradd4
-rw-r--r--etc/pam.d/userdel4
-rw-r--r--etc/pam.d/usermod4
-rw-r--r--etc/useradd8
-rw-r--r--lib/.indent.pro5
-rw-r--r--lib/Makefile.am69
-rw-r--r--lib/commonio.c1271
-rw-r--r--lib/commonio.h170
-rw-r--r--lib/defines.h385
-rw-r--r--lib/encrypt.c95
-rw-r--r--lib/exitcodes.h49
-rw-r--r--lib/faillog.h57
-rw-r--r--lib/fields.c130
-rw-r--r--lib/fputsx.c90
-rw-r--r--lib/get_gid.c54
-rw-r--r--lib/get_pid.c54
-rw-r--r--lib/get_uid.c54
-rw-r--r--lib/getdef.c539
-rw-r--r--lib/getdef.h47
-rw-r--r--lib/getlong.c59
-rw-r--r--lib/getulong.c62
-rw-r--r--lib/groupio.c462
-rw-r--r--lib/groupio.h55
-rw-r--r--lib/groupmem.c106
-rw-r--r--lib/gshadow.c529
-rw-r--r--lib/gshadow_.h75
-rw-r--r--lib/lockpw.c108
-rw-r--r--lib/nscd.c57
-rw-r--r--lib/nscd.h13
-rw-r--r--lib/pam_defs.h58
-rw-r--r--lib/port.c477
-rw-r--r--lib/port.h83
-rw-r--r--lib/prototypes.h440
-rw-r--r--lib/pwauth.c234
-rw-r--r--lib/pwauth.h66
-rw-r--r--lib/pwio.c226
-rw-r--r--lib/pwio.h55
-rw-r--r--lib/pwmem.c106
-rw-r--r--lib/selinux.c103
-rw-r--r--lib/semanage.c378
-rw-r--r--lib/sgetgrent.c154
-rw-r--r--lib/sgetpwent.c122
-rw-r--r--lib/sgetspent.c208
-rw-r--r--lib/sgroupio.c328
-rw-r--r--lib/sgroupio.h52
-rw-r--r--lib/shadow.c557
-rw-r--r--lib/shadowio.c267
-rw-r--r--lib/shadowio.h53
-rw-r--r--lib/shadowmem.c89
-rw-r--r--lib/spawn.c82
-rw-r--r--lib/subordinateio.c701
-rw-r--r--lib/subordinateio.h41
-rw-r--r--lib/tcbfuncs.c613
-rw-r--r--lib/tcbfuncs.h19
-rw-r--r--lib/utent.c93
-rw-r--r--libmisc/.indent.pro5
-rw-r--r--libmisc/Makefile.am73
-rw-r--r--libmisc/addgrps.c131
-rw-r--r--libmisc/age.c201
-rw-r--r--libmisc/audit_help.c109
-rw-r--r--libmisc/basename.c50
-rw-r--r--libmisc/chkname.c99
-rw-r--r--libmisc/chkname.h50
-rw-r--r--libmisc/chowndir.c201
-rw-r--r--libmisc/chowntty.c99
-rw-r--r--libmisc/cleanup.c144
-rw-r--r--libmisc/cleanup_group.c237
-rw-r--r--libmisc/cleanup_user.c152
-rw-r--r--libmisc/console.c133
-rw-r--r--libmisc/copydir.c839
-rw-r--r--libmisc/entry.c68
-rw-r--r--libmisc/env.c275
-rw-r--r--libmisc/failure.c343
-rw-r--r--libmisc/failure.h84
-rw-r--r--libmisc/find_new_gid.c498
-rw-r--r--libmisc/find_new_sub_gids.c86
-rw-r--r--libmisc/find_new_sub_uids.c86
-rw-r--r--libmisc/find_new_uid.c498
-rw-r--r--libmisc/getdate.h39
-rw-r--r--libmisc/getdate.y977
-rw-r--r--libmisc/getgr_nam_gid.c66
-rw-r--r--libmisc/getrange.c124
-rw-r--r--libmisc/gettime.c89
-rw-r--r--libmisc/hushed.c100
-rw-r--r--libmisc/idmapping.c164
-rw-r--r--libmisc/idmapping.h44
-rw-r--r--libmisc/isexpired.c125
-rw-r--r--libmisc/limits.c611
-rw-r--r--libmisc/list.c271
-rw-r--r--libmisc/log.c116
-rw-r--r--libmisc/loginprompt.c178
-rw-r--r--libmisc/mail.c92
-rw-r--r--libmisc/motd.c81
-rw-r--r--libmisc/myname.c69
-rw-r--r--libmisc/obscure.c323
-rw-r--r--libmisc/pam_pass.c80
-rw-r--r--libmisc/pam_pass_non_interractive.c167
-rw-r--r--libmisc/pwd2spwd.c91
-rw-r--r--libmisc/pwd_init.c102
-rw-r--r--libmisc/pwdcheck.c60
-rw-r--r--libmisc/remove_tree.c133
-rw-r--r--libmisc/rlogin.c198
-rw-r--r--libmisc/root_flag.c124
-rw-r--r--libmisc/salt.c260
-rw-r--r--libmisc/setugid.c148
-rw-r--r--libmisc/setupenv.c312
-rw-r--r--libmisc/shell.c103
-rw-r--r--libmisc/strtoday.c243
-rw-r--r--libmisc/sub.c78
-rw-r--r--libmisc/sulog.c106
-rw-r--r--libmisc/ttytype.c90
-rw-r--r--libmisc/tz.c80
-rw-r--r--libmisc/ulimit.c70
-rw-r--r--libmisc/user_busy.c266
-rw-r--r--libmisc/utmp.c464
-rw-r--r--libmisc/valid.c105
-rw-r--r--libmisc/xgetXXbyYY.c144
-rw-r--r--libmisc/xgetgrgid.c64
-rw-r--r--libmisc/xgetgrnam.c64
-rw-r--r--libmisc/xgetpwnam.c64
-rw-r--r--libmisc/xgetpwuid.c64
-rw-r--r--libmisc/xgetspnam.c64
-rw-r--r--libmisc/xmalloc.c68
-rw-r--r--libmisc/yesno.c79
-rw-r--r--man/.gitignore8
-rw-r--r--man/Makefile.am218
-rw-r--r--man/chage.1.xml321
-rw-r--r--man/chfn.1.xml238
-rw-r--r--man/chgpasswd.8.xml250
-rw-r--r--man/chpasswd.8.xml303
-rw-r--r--man/chsh.1.xml204
-rw-r--r--man/config.xml.in2
-rw-r--r--man/cs/Makefile.am26
-rw-r--r--man/cs/man1/expiry.125
-rw-r--r--man/cs/man1/gpasswd.176
-rw-r--r--man/cs/man1/groups.129
-rw-r--r--man/cs/man1/id.162
-rw-r--r--man/cs/man1/su.1111
-rw-r--r--man/cs/man5/faillog.535
-rw-r--r--man/cs/man5/gshadow.552
-rw-r--r--man/cs/man5/passwd.557
-rw-r--r--man/cs/man5/shadow.564
-rw-r--r--man/cs/man8/faillog.886
-rw-r--r--man/cs/man8/groupadd.8113
-rw-r--r--man/cs/man8/groupdel.860
-rw-r--r--man/cs/man8/groupmems.885
-rw-r--r--man/cs/man8/groupmod.879
-rw-r--r--man/cs/man8/grpck.8111
-rw-r--r--man/cs/man8/lastlog.840
-rw-r--r--man/cs/man8/logoutd.830
-rw-r--r--man/cs/man8/nologin.828
-rw-r--r--man/cs/man8/vipw.871
-rw-r--r--man/da/Makefile.am32
-rw-r--r--man/de/Makefile.am66
-rw-r--r--man/es/Makefile.am17
-rw-r--r--man/es/man1/login.1332
-rw-r--r--man/es/man1/newgrp.132
-rw-r--r--man/es/man1/passwd.1138
-rw-r--r--man/es/man1/su.1139
-rw-r--r--man/es/man5/passwd.5138
-rw-r--r--man/es/man8/vigr.81
-rw-r--r--man/es/man8/vipw.892
-rw-r--r--man/expiry.1.xml149
-rw-r--r--man/faillog.5.xml116
-rw-r--r--man/faillog.8.xml265
-rw-r--r--man/fi/Makefile.am12
-rw-r--r--man/fi/man1/chfn.168
-rw-r--r--man/fi/man1/chsh.149
-rw-r--r--man/fi/man1/passwd.195
-rw-r--r--man/fi/man1/su.1119
-rw-r--r--man/fr/Makefile.am80
-rw-r--r--man/generate_mans.mak56
-rw-r--r--man/generate_translations.mak19
-rw-r--r--man/gpasswd.1.xml322
-rw-r--r--man/groupadd.8.xml357
-rw-r--r--man/groupdel.8.xml228
-rw-r--r--man/groupmems.8.xml257
-rw-r--r--man/groupmod.8.xml320
-rw-r--r--man/groups.1.xml128
-rw-r--r--man/grpck.8.xml314
-rw-r--r--man/gshadow.5.xml193
-rw-r--r--man/hu/Makefile.am17
-rw-r--r--man/hu/man1/chfn.175
-rw-r--r--man/hu/man1/chsh.165
-rw-r--r--man/hu/man1/gpasswd.181
-rw-r--r--man/hu/man1/groups.159
-rw-r--r--man/hu/man1/id.163
-rw-r--r--man/hu/man1/login.1123
-rw-r--r--man/hu/man1/newgrp.189
-rw-r--r--man/hu/man1/passwd.1164
-rw-r--r--man/hu/man1/sg.11
-rw-r--r--man/hu/man1/su.1185
-rw-r--r--man/hu/man5/passwd.599
-rw-r--r--man/hu/man8/lastlog.868
-rw-r--r--man/id.1.xml119
-rw-r--r--man/id/Makefile.am9
-rw-r--r--man/id/man1/chsh.153
-rw-r--r--man/id/man1/login.1311
-rw-r--r--man/id/man8/useradd.8214
-rw-r--r--man/it/Makefile.am66
-rw-r--r--man/ja/Makefile.am58
-rw-r--r--man/ja/man1/chage.1120
-rw-r--r--man/ja/man1/chfn.172
-rw-r--r--man/ja/man1/chsh.172
-rw-r--r--man/ja/man1/expiry.153
-rw-r--r--man/ja/man1/gpasswd.170
-rw-r--r--man/ja/man1/groups.165
-rw-r--r--man/ja/man1/id.157
-rw-r--r--man/ja/man1/login.1141
-rw-r--r--man/ja/man1/newgrp.192
-rw-r--r--man/ja/man1/passwd.1217
-rw-r--r--man/ja/man1/sg.11
-rw-r--r--man/ja/man1/su.188
-rw-r--r--man/ja/man3/shadow.3153
-rw-r--r--man/ja/man5/faillog.564
-rw-r--r--man/ja/man5/limits.589
-rw-r--r--man/ja/man5/login.access.569
-rw-r--r--man/ja/man5/login.defs.5193
-rw-r--r--man/ja/man5/passwd.5113
-rw-r--r--man/ja/man5/porttime.593
-rw-r--r--man/ja/man5/shadow.5102
-rw-r--r--man/ja/man5/suauth.5116
-rw-r--r--man/ja/man8/chpasswd.870
-rw-r--r--man/ja/man8/faillog.897
-rw-r--r--man/ja/man8/groupadd.868
-rw-r--r--man/ja/man8/groupdel.865
-rw-r--r--man/ja/man8/groupmod.870
-rw-r--r--man/ja/man8/grpck.8116
-rw-r--r--man/ja/man8/grpconv.81
-rw-r--r--man/ja/man8/grpunconv.81
-rw-r--r--man/ja/man8/lastlog.880
-rw-r--r--man/ja/man8/logoutd.855
-rw-r--r--man/ja/man8/newusers.871
-rw-r--r--man/ja/man8/pwck.8121
-rw-r--r--man/ja/man8/pwconv.880
-rw-r--r--man/ja/man8/pwunconv.81
-rw-r--r--man/ja/man8/sulogin.895
-rw-r--r--man/ja/man8/useradd.8176
-rw-r--r--man/ja/man8/userdel.877
-rw-r--r--man/ja/man8/usermod.8145
-rw-r--r--man/ja/man8/vigr.81
-rw-r--r--man/ja/man8/vipw.838
-rw-r--r--man/ko/Makefile.am16
-rw-r--r--man/ko/man1/chfn.154
-rw-r--r--man/ko/man1/chsh.143
-rw-r--r--man/ko/man1/groups.132
-rw-r--r--man/ko/man1/id.152
-rw-r--r--man/ko/man1/login.1300
-rw-r--r--man/ko/man1/newgrp.129
-rw-r--r--man/ko/man1/su.192
-rw-r--r--man/ko/man5/passwd.5119
-rw-r--r--man/ko/man8/vigr.81
-rw-r--r--man/ko/man8/vipw.864
-rw-r--r--man/lastlog.8.xml224
-rw-r--r--man/limits.5.xml219
-rw-r--r--man/login.1.xml429
-rw-r--r--man/login.access.5.xml140
-rw-r--r--man/login.defs.5.xml556
-rw-r--r--man/login.defs.d/CHFN_AUTH.xml40
-rw-r--r--man/login.defs.d/CHFN_RESTRICT.xml51
-rw-r--r--man/login.defs.d/CHSH_AUTH.xml40
-rw-r--r--man/login.defs.d/CONSOLE.xml46
-rw-r--r--man/login.defs.d/CONSOLE_GROUPS.xml44
-rw-r--r--man/login.defs.d/CREATE_HOME.xml41
-rw-r--r--man/login.defs.d/DEFAULT_HOME.xml44
-rw-r--r--man/login.defs.d/ENCRYPT_METHOD.xml54
-rw-r--r--man/login.defs.d/ENVIRON_FILE.xml42
-rw-r--r--man/login.defs.d/ENV_HZ.xml47
-rw-r--r--man/login.defs.d/ENV_PATH.xml43
-rw-r--r--man/login.defs.d/ENV_SUPATH.xml44
-rw-r--r--man/login.defs.d/ENV_TZ.xml48
-rw-r--r--man/login.defs.d/ERASECHAR.xml43
-rw-r--r--man/login.defs.d/FAILLOG_ENAB.xml39
-rw-r--r--man/login.defs.d/FAIL_DELAY.xml39
-rw-r--r--man/login.defs.d/FAKE_SHELL.xml39
-rw-r--r--man/login.defs.d/FTMP_FILE.xml38
-rw-r--r--man/login.defs.d/GID_MAX.xml45
-rw-r--r--man/login.defs.d/HUSHLOGIN_FILE.xml42
-rw-r--r--man/login.defs.d/ISSUE_FILE.xml38
-rw-r--r--man/login.defs.d/KILLCHAR.xml42
-rw-r--r--man/login.defs.d/LASTLOG_ENAB.xml38
-rw-r--r--man/login.defs.d/LOGIN_RETRIES.xml44
-rw-r--r--man/login.defs.d/LOGIN_STRING.xml44
-rw-r--r--man/login.defs.d/LOGIN_TIMEOUT.xml38
-rw-r--r--man/login.defs.d/LOG_OK_LOGINS.xml38
-rw-r--r--man/login.defs.d/LOG_UNKFAIL_ENAB.xml43
-rw-r--r--man/login.defs.d/MAIL_CHECK_ENAB.xml42
-rw-r--r--man/login.defs.d/MAIL_DIR.xml60
-rw-r--r--man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml57
-rw-r--r--man/login.defs.d/MD5_CRYPT_ENAB.xml60
-rw-r--r--man/login.defs.d/MOTD_FILE.xml39
-rw-r--r--man/login.defs.d/NOLOGINS_FILE.xml40
-rw-r--r--man/login.defs.d/OBSCURE_CHECKS_ENAB.xml38
-rw-r--r--man/login.defs.d/PASS_ALWAYS_WARN.xml38
-rw-r--r--man/login.defs.d/PASS_CHANGE_TRIES.xml39
-rw-r--r--man/login.defs.d/PASS_MAX_DAYS.xml40
-rw-r--r--man/login.defs.d/PASS_MAX_LEN.xml43
-rw-r--r--man/login.defs.d/PASS_MIN_DAYS.xml40
-rw-r--r--man/login.defs.d/PASS_WARN_AGE.xml41
-rw-r--r--man/login.defs.d/PORTTIME_CHECKS_ENAB.xml39
-rw-r--r--man/login.defs.d/QUOTAS_ENAB.xml40
-rw-r--r--man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml69
-rw-r--r--man/login.defs.d/SUB_GID_COUNT.xml48
-rw-r--r--man/login.defs.d/SUB_UID_COUNT.xml48
-rw-r--r--man/login.defs.d/SULOG_FILE.xml38
-rw-r--r--man/login.defs.d/SU_NAME.xml41
-rw-r--r--man/login.defs.d/SU_WHEEL_ONLY.xml44
-rw-r--r--man/login.defs.d/SYSLOG_SG_ENAB.xml38
-rw-r--r--man/login.defs.d/SYSLOG_SU_ENAB.xml39
-rw-r--r--man/login.defs.d/SYS_GID_MAX.xml43
-rw-r--r--man/login.defs.d/SYS_UID_MAX.xml42
-rw-r--r--man/login.defs.d/TCB_AUTH_GROUP.xml37
-rw-r--r--man/login.defs.d/TCB_SYMLINKS.xml53
-rw-r--r--man/login.defs.d/TTYGROUP.xml56
-rw-r--r--man/login.defs.d/TTYTYPE_FILE.xml39
-rw-r--r--man/login.defs.d/UID_MAX.xml44
-rw-r--r--man/login.defs.d/ULIMIT.xml38
-rw-r--r--man/login.defs.d/UMASK.xml55
-rw-r--r--man/login.defs.d/USERDEL_CMD.xml72
-rw-r--r--man/login.defs.d/USERGROUPS_ENAB.xml46
-rw-r--r--man/login.defs.d/USE_TCB.xml38
-rw-r--r--man/logoutd.8.xml105
-rw-r--r--man/newgidmap.1.xml183
-rw-r--r--man/newgrp.1.xml177
-rw-r--r--man/newuidmap.1.xml182
-rw-r--r--man/newusers.8.xml472
-rw-r--r--man/nologin.8.xml95
-rw-r--r--man/passwd.1.xml510
-rw-r--r--man/passwd.5.xml206
-rw-r--r--man/pl/Makefile.am44
-rw-r--r--man/po/LINGUAS8
-rw-r--r--man/po/Makefile.in245
-rw-r--r--man/po/Makevars27
-rw-r--r--man/po/XMLFILES42
-rw-r--r--man/po/da.po8140
-rw-r--r--man/po/de.po10632
-rw-r--r--man/po/fr.po11084
-rw-r--r--man/po/it.po10997
-rw-r--r--man/po/pl.po9500
-rw-r--r--man/po/ru.po11767
-rw-r--r--man/po/shadow-man-pages.pot4961
-rw-r--r--man/po/sv.po9714
-rw-r--r--man/po/zh_CN.po9435
-rw-r--r--man/porttime.5.xml149
-rw-r--r--man/pt_BR/Makefile.am12
-rw-r--r--man/pt_BR/man1/gpasswd.193
-rw-r--r--man/pt_BR/man5/passwd.5133
-rw-r--r--man/pt_BR/man5/shadow.581
-rw-r--r--man/pt_BR/man8/groupadd.883
-rw-r--r--man/pt_BR/man8/groupdel.859
-rw-r--r--man/pt_BR/man8/groupmod.861
-rw-r--r--man/pwck.8.xml363
-rw-r--r--man/pwconv.8.xml281
-rw-r--r--man/ru/Makefile.am66
-rw-r--r--man/sg.1.xml166
-rw-r--r--man/shadow.3.xml248
-rw-r--r--man/shadow.5.xml314
-rw-r--r--man/su.1.xml453
-rw-r--r--man/suauth.5.xml229
-rw-r--r--man/subgid.5.xml139
-rw-r--r--man/subuid.5.xml139
-rw-r--r--man/sulogin.8.xml178
-rw-r--r--man/sv/Makefile.am49
-rw-r--r--man/tr/Makefile.am18
-rw-r--r--man/tr/man1/chage.190
-rw-r--r--man/tr/man1/chfn.179
-rw-r--r--man/tr/man1/login.1114
-rw-r--r--man/tr/man1/passwd.1172
-rw-r--r--man/tr/man1/su.184
-rw-r--r--man/tr/man5/passwd.5113
-rw-r--r--man/tr/man5/shadow.596
-rw-r--r--man/tr/man8/groupadd.897
-rw-r--r--man/tr/man8/groupdel.877
-rw-r--r--man/tr/man8/groupmod.891
-rw-r--r--man/tr/man8/useradd.8195
-rw-r--r--man/tr/man8/userdel.894
-rw-r--r--man/tr/man8/usermod.8142
-rw-r--r--man/useradd.8.xml849
-rw-r--r--man/userdel.8.xml349
-rw-r--r--man/usermod.8.xml606
-rw-r--r--man/vipw.8.xml250
-rw-r--r--man/zh_CN/Makefile.am66
-rw-r--r--man/zh_TW/Makefile.am18
-rw-r--r--man/zh_TW/man1/chfn.158
-rw-r--r--man/zh_TW/man1/chsh.145
-rw-r--r--man/zh_TW/man1/newgrp.138
-rw-r--r--man/zh_TW/man1/su.162
-rw-r--r--man/zh_TW/man5/passwd.5132
-rw-r--r--man/zh_TW/man8/chpasswd.869
-rw-r--r--man/zh_TW/man8/groupadd.888
-rw-r--r--man/zh_TW/man8/groupdel.855
-rw-r--r--man/zh_TW/man8/groupmod.863
-rw-r--r--man/zh_TW/man8/useradd.8184
-rw-r--r--man/zh_TW/man8/userdel.865
-rw-r--r--man/zh_TW/man8/usermod.8129
-rw-r--r--po/LINGUAS38
-rw-r--r--po/Makevars31
-rw-r--r--po/POTFILES.in116
-rw-r--r--po/bs.po2419
-rw-r--r--po/ca.po3722
-rw-r--r--po/cs.po3686
-rw-r--r--po/da.po2628
-rw-r--r--po/de.po2533
-rw-r--r--po/dz.po3501
-rw-r--r--po/el.po3743
-rw-r--r--po/es.po3750
-rw-r--r--po/eu.po3312
-rw-r--r--po/fi.po3609
-rw-r--r--po/fr.po11112
-rw-r--r--po/gl.po3517
-rw-r--r--po/he.po2554
-rw-r--r--po/hu.po3641
-rw-r--r--po/id.po3510
-rw-r--r--po/it.po3859
-rw-r--r--po/ja.po2890
-rw-r--r--po/kk.po2944
-rw-r--r--po/km.po3506
-rw-r--r--po/ko.po3292
-rw-r--r--po/nb.po3828
-rw-r--r--po/ne.po3497
-rw-r--r--po/nl.po3731
-rw-r--r--po/nn.po3025
-rw-r--r--po/pl.po3625
-rw-r--r--po/pt.po3304
-rw-r--r--po/pt_BR.po3696
-rw-r--r--po/ro.po3575
-rw-r--r--po/ru.po3310
-rw-r--r--po/shadow.pot2346
-rw-r--r--po/sk.po3801
-rw-r--r--po/sq.po2365
-rw-r--r--po/stats20
-rw-r--r--po/sv.po3073
-rw-r--r--po/tl.po3612
-rw-r--r--po/tr.po3916
-rw-r--r--po/uk.po3624
-rw-r--r--po/vi.po2833
-rw-r--r--po/zh_CN.po3444
-rw-r--r--po/zh_TW.po3214
-rw-r--r--shadow.spec.in93
-rw-r--r--src/.gitignore35
-rw-r--r--src/.indent.pro5
-rw-r--r--src/Makefile.am138
-rw-r--r--src/chage.c948
-rw-r--r--src/chfn.c753
-rw-r--r--src/chgpasswd.c587
-rw-r--r--src/chpasswd.c630
-rw-r--r--src/chsh.c564
-rw-r--r--src/expiry.c210
-rw-r--r--src/faillog.c741
-rw-r--r--src/gpasswd.c1207
-rw-r--r--src/groupadd.c624
-rw-r--r--src/groupdel.c491
-rw-r--r--src/groupmems.c652
-rw-r--r--src/groupmod.c871
-rw-r--r--src/groups.c218
-rw-r--r--src/grpck.c887
-rw-r--r--src/grpconv.c286
-rw-r--r--src/grpunconv.c250
-rw-r--r--src/id.c207
-rw-r--r--src/lastlog.c428
-rw-r--r--src/login.c1339
-rw-r--r--src/login_nopam.c336
-rw-r--r--src/logoutd.c299
-rw-r--r--src/newgidmap.c186
-rw-r--r--src/newgrp.c853
-rw-r--r--src/newuidmap.c186
-rw-r--r--src/newusers.c1251
-rw-r--r--src/nologin.c55
-rw-r--r--src/passwd.c1168
-rw-r--r--src/pwck.c893
-rw-r--r--src/pwconv.c333
-rw-r--r--src/pwunconv.c256
-rw-r--r--src/su.c1222
-rw-r--r--src/suauth.c239
-rw-r--r--src/sulogin.c257
-rw-r--r--src/useradd.c2315
-rw-r--r--src/userdel.c1283
-rw-r--r--src/usermod.c2285
-rw-r--r--src/vipw.c562
-rw-r--r--tests/README21
-rwxr-xr-xtests/bug332198-test.exp61
-rwxr-xr-xtests/bug334803-test.exp83
-rw-r--r--tests/chage/01/data/chage17
-rw-r--r--tests/chage/01/data/chage27
-rw-r--r--tests/chage/01/data/chage37
-rw-r--r--tests/chage/01/data/chage47
-rw-r--r--tests/chage/01/data/chage57
-rw-r--r--tests/chage/01/data/chage67
-rw-r--r--tests/chage/01/data/chage77
-rw-r--r--tests/chage/01/data/chage7b7
-rw-r--r--tests/chage/01/data/chage81
-rw-r--r--tests/chage/01/data/group42
-rw-r--r--tests/chage/01/data/gshadow42
-rw-r--r--tests/chage/01/data/passwd26
-rw-r--r--tests/chage/01/data/shadow26
-rw-r--r--tests/chage/01/data/usage16
-rwxr-xr-xtests/chage/01/run206
-rwxr-xr-xtests/chage/01/run1.exp31
-rwxr-xr-xtests/chage/01/run2.exp31
-rw-r--r--tests/chage/02/data/group42
-rw-r--r--tests/chage/02/data/gshadow42
-rw-r--r--tests/chage/02/data/passwd20
-rw-r--r--tests/chage/02/data/shadow20
-rwxr-xr-xtests/chage/02/run50
-rwxr-xr-xtests/chage/02/run.exp83
-rwxr-xr-xtests/chage/03_chsh_usage/chage.test48
-rw-r--r--tests/chage/03_chsh_usage/config.txt0
-rw-r--r--tests/chage/03_chsh_usage/config/etc/group42
-rw-r--r--tests/chage/03_chsh_usage/config/etc/gshadow42
-rw-r--r--tests/chage/03_chsh_usage/config/etc/passwd26
-rw-r--r--tests/chage/03_chsh_usage/config/etc/shadow26
-rw-r--r--tests/chage/03_chsh_usage/data/usage.out16
-rwxr-xr-xtests/chage/04_chsh_usage_invalid_option/chage.test54
-rw-r--r--tests/chage/04_chsh_usage_invalid_option/config.txt0
-rw-r--r--tests/chage/04_chsh_usage_invalid_option/config/etc/group42
-rw-r--r--tests/chage/04_chsh_usage_invalid_option/config/etc/gshadow42
-rw-r--r--tests/chage/04_chsh_usage_invalid_option/config/etc/passwd26
-rw-r--r--tests/chage/04_chsh_usage_invalid_option/config/etc/shadow26
-rw-r--r--tests/chage/04_chsh_usage_invalid_option/data/usage.out17
-rwxr-xr-xtests/chage/05_chsh_usage_2_users/chage.test54
-rw-r--r--tests/chage/05_chsh_usage_2_users/config.txt0
-rw-r--r--tests/chage/05_chsh_usage_2_users/config/etc/group42
-rw-r--r--tests/chage/05_chsh_usage_2_users/config/etc/gshadow42
-rw-r--r--tests/chage/05_chsh_usage_2_users/config/etc/passwd26
-rw-r--r--tests/chage/05_chsh_usage_2_users/config/etc/shadow26
-rw-r--r--tests/chage/05_chsh_usage_2_users/data/usage.out16
-rwxr-xr-xtests/chage/06_chsh_usage_no_users/chage.test54
-rw-r--r--tests/chage/06_chsh_usage_no_users/config.txt0
-rw-r--r--tests/chage/06_chsh_usage_no_users/config/etc/group42
-rw-r--r--tests/chage/06_chsh_usage_no_users/config/etc/gshadow42
-rw-r--r--tests/chage/06_chsh_usage_no_users/config/etc/passwd26
-rw-r--r--tests/chage/06_chsh_usage_no_users/config/etc/shadow26
-rw-r--r--tests/chage/06_chsh_usage_no_users/data/usage.out16
-rwxr-xr-xtests/chage/07_chsh_usage-l_exclusive/chage.test57
-rw-r--r--tests/chage/07_chsh_usage-l_exclusive/config.txt0
-rw-r--r--tests/chage/07_chsh_usage-l_exclusive/config/etc/group42
-rw-r--r--tests/chage/07_chsh_usage-l_exclusive/config/etc/gshadow42
-rw-r--r--tests/chage/07_chsh_usage-l_exclusive/config/etc/passwd26
-rw-r--r--tests/chage/07_chsh_usage-l_exclusive/config/etc/shadow26
-rw-r--r--tests/chage/07_chsh_usage-l_exclusive/data/usage.out17
-rwxr-xr-xtests/chage/08_chsh_usage_invalid_date/chage.test59
-rw-r--r--tests/chage/08_chsh_usage_invalid_date/config.txt0
-rw-r--r--tests/chage/08_chsh_usage_invalid_date/config/etc/group42
-rw-r--r--tests/chage/08_chsh_usage_invalid_date/config/etc/gshadow42
-rw-r--r--tests/chage/08_chsh_usage_invalid_date/config/etc/passwd26
-rw-r--r--tests/chage/08_chsh_usage_invalid_date/config/etc/shadow26
-rw-r--r--tests/chage/08_chsh_usage_invalid_date/data/usage.out17
-rwxr-xr-xtests/chage/09_chsh_usage_invalid_numeric_arg/chage.test59
-rw-r--r--tests/chage/09_chsh_usage_invalid_numeric_arg/config.txt0
-rw-r--r--tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/group42
-rw-r--r--tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/gshadow42
-rw-r--r--tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/passwd26
-rw-r--r--tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/shadow26
-rw-r--r--tests/chage/09_chsh_usage_invalid_numeric_arg/data/usage.out17
-rwxr-xr-xtests/chage/10_chsh-l/chage.test51
-rw-r--r--tests/chage/10_chsh-l/config.txt0
-rw-r--r--tests/chage/10_chsh-l/config/etc/group42
-rw-r--r--tests/chage/10_chsh-l/config/etc/gshadow42
-rw-r--r--tests/chage/10_chsh-l/config/etc/passwd32
-rw-r--r--tests/chage/10_chsh-l/config/etc/shadow30
-rw-r--r--tests/chage/10_chsh-l/data/myuser17
-rw-r--r--tests/chage/10_chsh-l/data/myuser107
-rw-r--r--tests/chage/10_chsh-l/data/myuser117
-rw-r--r--tests/chage/10_chsh-l/data/myuser27
-rw-r--r--tests/chage/10_chsh-l/data/myuser37
-rw-r--r--tests/chage/10_chsh-l/data/myuser47
-rw-r--r--tests/chage/10_chsh-l/data/myuser57
-rw-r--r--tests/chage/10_chsh-l/data/myuser67
-rw-r--r--tests/chage/10_chsh-l/data/myuser77
-rw-r--r--tests/chage/10_chsh-l/data/myuser87
-rw-r--r--tests/chage/10_chsh-l/data/myuser97
-rwxr-xr-xtests/chage/11_chsh_usage_invalid_user/chage.test54
-rw-r--r--tests/chage/11_chsh_usage_invalid_user/config.txt0
-rw-r--r--tests/chage/11_chsh_usage_invalid_user/config/etc/group42
-rw-r--r--tests/chage/11_chsh_usage_invalid_user/config/etc/gshadow42
-rw-r--r--tests/chage/11_chsh_usage_invalid_user/config/etc/passwd26
-rw-r--r--tests/chage/11_chsh_usage_invalid_user/config/etc/shadow26
-rw-r--r--tests/chage/11_chsh_usage_invalid_user/data/usage.out1
-rwxr-xr-xtests/chage/12_chsh_usage-l_invalid_user2/chage.test54
-rw-r--r--tests/chage/12_chsh_usage-l_invalid_user2/config.txt0
-rw-r--r--tests/chage/12_chsh_usage-l_invalid_user2/config/etc/group42
-rw-r--r--tests/chage/12_chsh_usage-l_invalid_user2/config/etc/gshadow42
-rw-r--r--tests/chage/12_chsh_usage-l_invalid_user2/config/etc/passwd26
-rw-r--r--tests/chage/12_chsh_usage-l_invalid_user2/config/etc/shadow26
-rw-r--r--tests/chage/12_chsh_usage-l_invalid_user2/data/usage.out1
-rwxr-xr-xtests/chage/13_chsh_locked_passwd/chage.test59
-rw-r--r--tests/chage/13_chsh_locked_passwd/config.txt0
-rw-r--r--tests/chage/13_chsh_locked_passwd/config/etc/group42
-rw-r--r--tests/chage/13_chsh_locked_passwd/config/etc/gshadow42
-rw-r--r--tests/chage/13_chsh_locked_passwd/config/etc/passwd26
-rw-r--r--tests/chage/13_chsh_locked_passwd/config/etc/shadow26
-rw-r--r--tests/chage/13_chsh_locked_passwd/data/usage.out2
-rwxr-xr-xtests/chage/14_chsh_locked_shadow/chage.test59
-rw-r--r--tests/chage/14_chsh_locked_shadow/config.txt0
-rw-r--r--tests/chage/14_chsh_locked_shadow/config/etc/group42
-rw-r--r--tests/chage/14_chsh_locked_shadow/config/etc/gshadow42
-rw-r--r--tests/chage/14_chsh_locked_shadow/config/etc/passwd26
-rw-r--r--tests/chage/14_chsh_locked_shadow/config/etc/shadow26
-rw-r--r--tests/chage/14_chsh_locked_shadow/data/usage.out2
-rwxr-xr-xtests/chage/15_chage-I_no_shadow_entry/chage.test39
-rw-r--r--tests/chage/15_chage-I_no_shadow_entry/config.txt1
-rw-r--r--tests/chage/15_chage-I_no_shadow_entry/config/etc/group42
-rw-r--r--tests/chage/15_chage-I_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/chage/15_chage-I_no_shadow_entry/config/etc/login.defs315
-rw-r--r--tests/chage/15_chage-I_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/chage/15_chage-I_no_shadow_entry/config/etc/shadow19
-rw-r--r--tests/chage/15_chage-I_no_shadow_entry/data/passwd20
-rw-r--r--tests/chage/15_chage-I_no_shadow_entry/data/shadow20
-rwxr-xr-xtests/chage/16_chage-m_no_shadow_entry/chage.test39
-rw-r--r--tests/chage/16_chage-m_no_shadow_entry/config.txt1
-rw-r--r--tests/chage/16_chage-m_no_shadow_entry/config/etc/group42
-rw-r--r--tests/chage/16_chage-m_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/chage/16_chage-m_no_shadow_entry/config/etc/login.defs315
-rw-r--r--tests/chage/16_chage-m_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/chage/16_chage-m_no_shadow_entry/config/etc/shadow19
-rw-r--r--tests/chage/16_chage-m_no_shadow_entry/data/passwd20
-rw-r--r--tests/chage/16_chage-m_no_shadow_entry/data/shadow20
-rwxr-xr-xtests/chage/17_chage-M_no_shadow_entry/chage.test39
-rw-r--r--tests/chage/17_chage-M_no_shadow_entry/config.txt1
-rw-r--r--tests/chage/17_chage-M_no_shadow_entry/config/etc/group42
-rw-r--r--tests/chage/17_chage-M_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/chage/17_chage-M_no_shadow_entry/config/etc/login.defs315
-rw-r--r--tests/chage/17_chage-M_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/chage/17_chage-M_no_shadow_entry/config/etc/shadow19
-rw-r--r--tests/chage/17_chage-M_no_shadow_entry/data/passwd20
-rw-r--r--tests/chage/17_chage-M_no_shadow_entry/data/shadow20
-rwxr-xr-xtests/chage/18_chage-d_no_shadow_entry/chage.test39
-rw-r--r--tests/chage/18_chage-d_no_shadow_entry/config.txt1
-rw-r--r--tests/chage/18_chage-d_no_shadow_entry/config/etc/group42
-rw-r--r--tests/chage/18_chage-d_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/chage/18_chage-d_no_shadow_entry/config/etc/login.defs315
-rw-r--r--tests/chage/18_chage-d_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/chage/18_chage-d_no_shadow_entry/config/etc/shadow19
-rw-r--r--tests/chage/18_chage-d_no_shadow_entry/data/passwd20
-rw-r--r--tests/chage/18_chage-d_no_shadow_entry/data/shadow20
-rwxr-xr-xtests/chage/19_chage-W_no_shadow_entry/chage.test39
-rw-r--r--tests/chage/19_chage-W_no_shadow_entry/config.txt1
-rw-r--r--tests/chage/19_chage-W_no_shadow_entry/config/etc/group42
-rw-r--r--tests/chage/19_chage-W_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/chage/19_chage-W_no_shadow_entry/config/etc/login.defs315
-rw-r--r--tests/chage/19_chage-W_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/chage/19_chage-W_no_shadow_entry/config/etc/shadow19
-rw-r--r--tests/chage/19_chage-W_no_shadow_entry/data/passwd20
-rw-r--r--tests/chage/19_chage-W_no_shadow_entry/data/shadow20
-rwxr-xr-xtests/chage/20_chage-E_no_shadow_entry/chage.test39
-rw-r--r--tests/chage/20_chage-E_no_shadow_entry/config.txt1
-rw-r--r--tests/chage/20_chage-E_no_shadow_entry/config/etc/group42
-rw-r--r--tests/chage/20_chage-E_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/chage/20_chage-E_no_shadow_entry/config/etc/login.defs315
-rw-r--r--tests/chage/20_chage-E_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/chage/20_chage-E_no_shadow_entry/config/etc/shadow19
-rw-r--r--tests/chage/20_chage-E_no_shadow_entry/data/passwd20
-rw-r--r--tests/chage/20_chage-E_no_shadow_entry/data/shadow20
-rwxr-xr-xtests/chage/21_chage_no_shadow_file/chage.test58
-rw-r--r--tests/chage/21_chage_no_shadow_file/config.txt0
-rw-r--r--tests/chage/21_chage_no_shadow_file/config/etc/group42
-rw-r--r--tests/chage/21_chage_no_shadow_file/config/etc/gshadow42
-rw-r--r--tests/chage/21_chage_no_shadow_file/config/etc/passwd26
-rw-r--r--tests/chage/21_chage_no_shadow_file/config/etc/shadow26
-rw-r--r--tests/chage/21_chage_no_shadow_file/data/usage.out1
-rwxr-xr-xtests/chage/22_chage_myuser-l/chage.test51
-rw-r--r--tests/chage/22_chage_myuser-l/config.txt0
-rw-r--r--tests/chage/22_chage_myuser-l/config/etc/group42
-rw-r--r--tests/chage/22_chage_myuser-l/config/etc/gshadow42
-rw-r--r--tests/chage/22_chage_myuser-l/config/etc/passwd32
-rw-r--r--tests/chage/22_chage_myuser-l/config/etc/shadow30
-rw-r--r--tests/chage/22_chage_myuser-l/data/myuser17
-rwxr-xr-xtests/chage/23_chage_myuser-I/chage.test54
-rw-r--r--tests/chage/23_chage_myuser-I/config.txt0
-rw-r--r--tests/chage/23_chage_myuser-I/config/etc/group42
-rw-r--r--tests/chage/23_chage_myuser-I/config/etc/gshadow42
-rw-r--r--tests/chage/23_chage_myuser-I/config/etc/passwd26
-rw-r--r--tests/chage/23_chage_myuser-I/config/etc/shadow26
-rw-r--r--tests/chage/23_chage_myuser-I/data/usage.out1
-rwxr-xr-xtests/chage/24_chage_myuser-l_other/chage.test54
-rw-r--r--tests/chage/24_chage_myuser-l_other/config.txt0
-rw-r--r--tests/chage/24_chage_myuser-l_other/config/etc/group42
-rw-r--r--tests/chage/24_chage_myuser-l_other/config/etc/gshadow42
-rw-r--r--tests/chage/24_chage_myuser-l_other/config/etc/passwd26
-rw-r--r--tests/chage/24_chage_myuser-l_other/config/etc/shadow26
-rw-r--r--tests/chage/24_chage_myuser-l_other/data/usage.out1
-rwxr-xr-xtests/chage/25_chage_interractive/chage.test39
-rw-r--r--tests/chage/25_chage_interractive/config.txt1
-rw-r--r--tests/chage/25_chage_interractive/config/etc/group42
-rw-r--r--tests/chage/25_chage_interractive/config/etc/gshadow42
-rw-r--r--tests/chage/25_chage_interractive/config/etc/login.defs315
-rw-r--r--tests/chage/25_chage_interractive/config/etc/passwd26
-rw-r--r--tests/chage/25_chage_interractive/config/etc/shadow26
-rw-r--r--tests/chage/25_chage_interractive/data/shadow26
-rwxr-xr-xtests/chage/25_chage_interractive/run.exp31
-rwxr-xr-xtests/chage/26_chage_interractive_date_0/chage.test39
-rw-r--r--tests/chage/26_chage_interractive_date_0/config.txt1
-rw-r--r--tests/chage/26_chage_interractive_date_0/config/etc/group42
-rw-r--r--tests/chage/26_chage_interractive_date_0/config/etc/gshadow42
-rw-r--r--tests/chage/26_chage_interractive_date_0/config/etc/login.defs315
-rw-r--r--tests/chage/26_chage_interractive_date_0/config/etc/passwd26
-rw-r--r--tests/chage/26_chage_interractive_date_0/config/etc/shadow26
-rw-r--r--tests/chage/26_chage_interractive_date_0/data/shadow26
-rwxr-xr-xtests/chage/26_chage_interractive_date_0/run.exp31
-rwxr-xr-xtests/chage/27_chage_interractive_date_-1/chage.test39
-rw-r--r--tests/chage/27_chage_interractive_date_-1/config.txt1
-rw-r--r--tests/chage/27_chage_interractive_date_-1/config/etc/group42
-rw-r--r--tests/chage/27_chage_interractive_date_-1/config/etc/gshadow42
-rw-r--r--tests/chage/27_chage_interractive_date_-1/config/etc/login.defs315
-rw-r--r--tests/chage/27_chage_interractive_date_-1/config/etc/passwd26
-rw-r--r--tests/chage/27_chage_interractive_date_-1/config/etc/shadow26
-rw-r--r--tests/chage/27_chage_interractive_date_-1/data/shadow26
-rwxr-xr-xtests/chage/27_chage_interractive_date_-1/run.exp31
-rwxr-xr-xtests/chage/28_chage_interractive_date_EPOCH/chage.test39
-rw-r--r--tests/chage/28_chage_interractive_date_EPOCH/config.txt1
-rw-r--r--tests/chage/28_chage_interractive_date_EPOCH/config/etc/group42
-rw-r--r--tests/chage/28_chage_interractive_date_EPOCH/config/etc/gshadow42
-rw-r--r--tests/chage/28_chage_interractive_date_EPOCH/config/etc/login.defs315
-rw-r--r--tests/chage/28_chage_interractive_date_EPOCH/config/etc/passwd26
-rw-r--r--tests/chage/28_chage_interractive_date_EPOCH/config/etc/shadow26
-rw-r--r--tests/chage/28_chage_interractive_date_EPOCH/data/shadow26
-rwxr-xr-xtests/chage/28_chage_interractive_date_EPOCH/run.exp31
-rwxr-xr-xtests/chage/29_chage_interractive_date_pre-EPOCH/chage.test39
-rw-r--r--tests/chage/29_chage_interractive_date_pre-EPOCH/config.txt1
-rw-r--r--tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/group42
-rw-r--r--tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/gshadow42
-rw-r--r--tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/login.defs315
-rw-r--r--tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/passwd26
-rw-r--r--tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/shadow26
-rwxr-xr-xtests/chage/29_chage_interractive_date_pre-EPOCH/run.exp26
-rwxr-xr-xtests/chage/30_chage_interractive_date_pre-EPOCH2/chage.test39
-rw-r--r--tests/chage/30_chage_interractive_date_pre-EPOCH2/config.txt1
-rw-r--r--tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/group42
-rw-r--r--tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/gshadow42
-rw-r--r--tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/login.defs315
-rw-r--r--tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/passwd26
-rw-r--r--tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/shadow26
-rwxr-xr-xtests/chage/30_chage_interractive_date_pre-EPOCH2/run.exp32
-rwxr-xr-xtests/chage/31_chage_interractive_date_invalid/chage.test39
-rw-r--r--tests/chage/31_chage_interractive_date_invalid/config.txt1
-rw-r--r--tests/chage/31_chage_interractive_date_invalid/config/etc/group42
-rw-r--r--tests/chage/31_chage_interractive_date_invalid/config/etc/gshadow42
-rw-r--r--tests/chage/31_chage_interractive_date_invalid/config/etc/login.defs315
-rw-r--r--tests/chage/31_chage_interractive_date_invalid/config/etc/passwd26
-rw-r--r--tests/chage/31_chage_interractive_date_invalid/config/etc/shadow26
-rwxr-xr-xtests/chage/31_chage_interractive_date_invalid/run.exp26
-rwxr-xr-xtests/chage/32_chage_interractive_date_invalid2/chage.test39
-rw-r--r--tests/chage/32_chage_interractive_date_invalid2/config.txt1
-rw-r--r--tests/chage/32_chage_interractive_date_invalid2/config/etc/group42
-rw-r--r--tests/chage/32_chage_interractive_date_invalid2/config/etc/gshadow42
-rw-r--r--tests/chage/32_chage_interractive_date_invalid2/config/etc/login.defs315
-rw-r--r--tests/chage/32_chage_interractive_date_invalid2/config/etc/passwd26
-rw-r--r--tests/chage/32_chage_interractive_date_invalid2/config/etc/shadow26
-rwxr-xr-xtests/chage/32_chage_interractive_date_invalid2/run.exp26
-rwxr-xr-xtests/chage/33_chage_interractive-W_invalid1/chage.test39
-rw-r--r--tests/chage/33_chage_interractive-W_invalid1/config.txt1
-rw-r--r--tests/chage/33_chage_interractive-W_invalid1/config/etc/group42
-rw-r--r--tests/chage/33_chage_interractive-W_invalid1/config/etc/gshadow42
-rw-r--r--tests/chage/33_chage_interractive-W_invalid1/config/etc/login.defs315
-rw-r--r--tests/chage/33_chage_interractive-W_invalid1/config/etc/passwd26
-rw-r--r--tests/chage/33_chage_interractive-W_invalid1/config/etc/shadow26
-rwxr-xr-xtests/chage/33_chage_interractive-W_invalid1/run.exp32
-rwxr-xr-xtests/chage/34_chage_interractive-W_invalid2/chage.test39
-rw-r--r--tests/chage/34_chage_interractive-W_invalid2/config.txt1
-rw-r--r--tests/chage/34_chage_interractive-W_invalid2/config/etc/group42
-rw-r--r--tests/chage/34_chage_interractive-W_invalid2/config/etc/gshadow42
-rw-r--r--tests/chage/34_chage_interractive-W_invalid2/config/etc/login.defs315
-rw-r--r--tests/chage/34_chage_interractive-W_invalid2/config/etc/passwd26
-rw-r--r--tests/chage/34_chage_interractive-W_invalid2/config/etc/shadow26
-rwxr-xr-xtests/chage/34_chage_interractive-W_invalid2/run.exp32
-rwxr-xr-xtests/chage/35_chage_interractive-W-1/chage.test39
-rw-r--r--tests/chage/35_chage_interractive-W-1/config.txt1
-rw-r--r--tests/chage/35_chage_interractive-W-1/config/etc/group42
-rw-r--r--tests/chage/35_chage_interractive-W-1/config/etc/gshadow42
-rw-r--r--tests/chage/35_chage_interractive-W-1/config/etc/login.defs315
-rw-r--r--tests/chage/35_chage_interractive-W-1/config/etc/passwd26
-rw-r--r--tests/chage/35_chage_interractive-W-1/config/etc/shadow26
-rw-r--r--tests/chage/35_chage_interractive-W-1/data/shadow26
-rwxr-xr-xtests/chage/35_chage_interractive-W-1/run.exp31
-rwxr-xr-xtests/chage/36_chage_interractive-I_invalid1/chage.test39
-rw-r--r--tests/chage/36_chage_interractive-I_invalid1/config.txt1
-rw-r--r--tests/chage/36_chage_interractive-I_invalid1/config/etc/group42
-rw-r--r--tests/chage/36_chage_interractive-I_invalid1/config/etc/gshadow42
-rw-r--r--tests/chage/36_chage_interractive-I_invalid1/config/etc/login.defs315
-rw-r--r--tests/chage/36_chage_interractive-I_invalid1/config/etc/passwd26
-rw-r--r--tests/chage/36_chage_interractive-I_invalid1/config/etc/shadow26
-rwxr-xr-xtests/chage/36_chage_interractive-I_invalid1/run.exp32
-rwxr-xr-xtests/chage/37_chage_interractive-I_invalid2/chage.test39
-rw-r--r--tests/chage/37_chage_interractive-I_invalid2/config.txt1
-rw-r--r--tests/chage/37_chage_interractive-I_invalid2/config/etc/group42
-rw-r--r--tests/chage/37_chage_interractive-I_invalid2/config/etc/gshadow42
-rw-r--r--tests/chage/37_chage_interractive-I_invalid2/config/etc/login.defs315
-rw-r--r--tests/chage/37_chage_interractive-I_invalid2/config/etc/passwd26
-rw-r--r--tests/chage/37_chage_interractive-I_invalid2/config/etc/shadow26
-rwxr-xr-xtests/chage/37_chage_interractive-I_invalid2/run.exp32
-rwxr-xr-xtests/chage/38_chage_interractive-I-1/chage.test39
-rw-r--r--tests/chage/38_chage_interractive-I-1/config.txt1
-rw-r--r--tests/chage/38_chage_interractive-I-1/config/etc/group42
-rw-r--r--tests/chage/38_chage_interractive-I-1/config/etc/gshadow42
-rw-r--r--tests/chage/38_chage_interractive-I-1/config/etc/login.defs315
-rw-r--r--tests/chage/38_chage_interractive-I-1/config/etc/passwd26
-rw-r--r--tests/chage/38_chage_interractive-I-1/config/etc/shadow26
-rw-r--r--tests/chage/38_chage_interractive-I-1/data/shadow26
-rwxr-xr-xtests/chage/38_chage_interractive-I-1/run.exp31
-rwxr-xr-xtests/chage/39_chage_interractive-d-1/chage.test39
-rw-r--r--tests/chage/39_chage_interractive-d-1/config.txt1
-rw-r--r--tests/chage/39_chage_interractive-d-1/config/etc/group42
-rw-r--r--tests/chage/39_chage_interractive-d-1/config/etc/gshadow42
-rw-r--r--tests/chage/39_chage_interractive-d-1/config/etc/login.defs315
-rw-r--r--tests/chage/39_chage_interractive-d-1/config/etc/passwd26
-rw-r--r--tests/chage/39_chage_interractive-d-1/config/etc/shadow26
-rw-r--r--tests/chage/39_chage_interractive-d-1/data/shadow26
-rwxr-xr-xtests/chage/39_chage_interractive-d-1/run.exp31
-rwxr-xr-xtests/chroot/chage/01_chage--root/chage.test52
-rw-r--r--tests/chroot/chage/01_chage--root/config.txt10
-rw-r--r--tests/chroot/chage/01_chage--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/chage/01_chage--root/config/etc/group41
-rw-r--r--tests/chroot/chage/01_chage--root/config/etc/gshadow41
-rw-r--r--tests/chroot/chage/01_chage--root/config/etc/passwd19
-rw-r--r--tests/chroot/chage/01_chage--root/config/etc/shadow19
-rw-r--r--tests/chroot/chage/01_chage--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/chage/01_chage--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/chage/01_chage--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/chage/01_chage--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/chage/01_chage--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/chage/01_chage--root/data/shadow20
-rwxr-xr-xtests/chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test50
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/config.txt10
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/group41
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/gshadow41
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/passwd19
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/shadow19
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/chgpasswd/01_chgpasswd--root/data/gshadow42
-rwxr-xr-xtests/chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test50
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/config.txt10
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/default/useradd36
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/group41
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/gshadow41
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/passwd19
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/shadow19
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/group42
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/chpasswd/01_chpasswd--root_nopam/data/shadow20
-rwxr-xr-xtests/chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test50
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config.txt10
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/default/useradd36
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/group41
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/gshadow41
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/passwd19
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/shadow19
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/group42
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/chpasswd5
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/common-password33
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/chpasswd/02_chpasswd--root_pam/data/shadow20
-rwxr-xr-xtests/chroot/chsh/01_chsh--root/chsh.test52
-rw-r--r--tests/chroot/chsh/01_chsh--root/config.txt10
-rw-r--r--tests/chroot/chsh/01_chsh--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/chsh/01_chsh--root/config/etc/group41
-rw-r--r--tests/chroot/chsh/01_chsh--root/config/etc/gshadow41
-rw-r--r--tests/chroot/chsh/01_chsh--root/config/etc/passwd19
-rw-r--r--tests/chroot/chsh/01_chsh--root/config/etc/shadow19
-rw-r--r--tests/chroot/chsh/01_chsh--root/config_chroot.list1
-rw-r--r--tests/chroot/chsh/01_chsh--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/chsh/01_chsh--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/chsh/01_chsh--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh20
-rw-r--r--tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-account25
-rw-r--r--tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-auth25
-rw-r--r--tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-session25
-rw-r--r--tests/chroot/chsh/01_chsh--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/chsh/01_chsh--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/chsh/01_chsh--root/config_chroot/etc/shells3
-rw-r--r--tests/chroot/chsh/01_chsh--root/data/passwd21
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/config.txt10
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/config/etc/group41
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/config/etc/gshadow41
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/config/etc/passwd19
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/config/etc/shadow19
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/data/group42
-rw-r--r--tests/chroot/gpasswd/01_gpasswd--root/data/gshadow42
-rwxr-xr-xtests/chroot/gpasswd/01_gpasswd--root/gpasswd.test52
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/config.txt10
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/config/etc/group41
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/config/etc/gshadow41
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/config/etc/passwd19
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/config/etc/shadow19
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/data/group43
-rw-r--r--tests/chroot/groupadd/01_groupadd--root/data/gshadow43
-rwxr-xr-xtests/chroot/groupadd/01_groupadd--root/groupadd.test52
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/config.txt10
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/config/etc/group41
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/config/etc/gshadow41
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/config/etc/passwd19
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/config/etc/shadow19
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/data/group41
-rw-r--r--tests/chroot/groupdel/01_groupdel--root/data/gshadow41
-rwxr-xr-xtests/chroot/groupdel/01_groupdel--root/groupdel.test52
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/config.txt10
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/config/etc/group41
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/config/etc/gshadow41
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/config/etc/passwd19
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/config/etc/shadow19
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/data/group42
-rw-r--r--tests/chroot/groupmod/01_groupmod--root/data/gshadow42
-rwxr-xr-xtests/chroot/groupmod/01_groupmod--root/groupmod.test52
-rw-r--r--tests/chroot/grpck/01_grpck--root/config.txt10
-rw-r--r--tests/chroot/grpck/01_grpck--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/grpck/01_grpck--root/config/etc/group41
-rw-r--r--tests/chroot/grpck/01_grpck--root/config/etc/gshadow41
-rw-r--r--tests/chroot/grpck/01_grpck--root/config/etc/passwd19
-rw-r--r--tests/chroot/grpck/01_grpck--root/config/etc/shadow19
-rw-r--r--tests/chroot/grpck/01_grpck--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/grpck/01_grpck--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/grpck/01_grpck--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/grpck/01_grpck--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/grpck/01_grpck--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/grpck/01_grpck--root/data/group42
-rw-r--r--tests/chroot/grpck/01_grpck--root/data/gshadow42
-rwxr-xr-xtests/chroot/grpck/01_grpck--root/grpck.test50
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/config.txt10
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/config/etc/group41
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/config/etc/gshadow41
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/config/etc/passwd19
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/config/etc/shadow19
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/data/group42
-rw-r--r--tests/chroot/grpconv/01_grpconv--root/data/gshadow42
-rwxr-xr-xtests/chroot/grpconv/01_grpconv--root/grpconv.test50
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/config.txt10
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/config/etc/group41
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/config/etc/gshadow41
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/config/etc/passwd19
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/config/etc/shadow19
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/grpunconv/01_grpunconv--root/data/group42
-rwxr-xr-xtests/chroot/grpunconv/01_grpunconv--root/grpunconv.test52
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/config.txt10
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/config/etc/group41
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/config/etc/gshadow41
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/config/etc/passwd19
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/config/etc/shadow19
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/data/group42
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/data/gshadow42
-rw-r--r--tests/chroot/lastlog/01_lastlog--root/data/lastlog.list2
-rwxr-xr-xtests/chroot/lastlog/01_lastlog--root/lastlog.test47
-rw-r--r--tests/chroot/login/01_login_sublogin/config.txt3
-rw-r--r--tests/chroot/login/01_login_sublogin/config/etc/group42
-rw-r--r--tests/chroot/login/01_login_sublogin/config/etc/gshadow42
-rw-r--r--tests/chroot/login/01_login_sublogin/config/etc/login.defs315
-rw-r--r--tests/chroot/login/01_login_sublogin/config/etc/passwd21
-rw-r--r--tests/chroot/login/01_login_sublogin/config/etc/shadow20
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot.list3
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/group42
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/login.defs315
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-account25
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-auth25
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-password33
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session25
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session-noninteractive25
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/login107
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/other16
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/securetty390
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/security/limits.conf0
-rw-r--r--tests/chroot/login/01_login_sublogin/config_chroot/etc/shadow20
-rwxr-xr-xtests/chroot/login/01_login_sublogin/login.exp25
-rwxr-xr-xtests/chroot/login/01_login_sublogin/login.test33
-rw-r--r--tests/chroot/pwck/01_pwck--root/config.txt10
-rw-r--r--tests/chroot/pwck/01_pwck--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/pwck/01_pwck--root/config/etc/group41
-rw-r--r--tests/chroot/pwck/01_pwck--root/config/etc/gshadow41
-rw-r--r--tests/chroot/pwck/01_pwck--root/config/etc/passwd19
-rw-r--r--tests/chroot/pwck/01_pwck--root/config/etc/shadow19
-rw-r--r--tests/chroot/pwck/01_pwck--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/pwck/01_pwck--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/pwck/01_pwck--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/pwck/01_pwck--root/config_chroot/etc/passwd23
-rw-r--r--tests/chroot/pwck/01_pwck--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/pwck/01_pwck--root/data/pwck.out59
-rwxr-xr-xtests/chroot/pwck/01_pwck--root/pwck.test67
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/config.txt10
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/config/etc/group41
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/config/etc/gshadow41
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/config/etc/passwd19
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/config/etc/shadow19
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/data/passwd21
-rw-r--r--tests/chroot/pwconv/01_pwconv--root/data/shadow21
-rwxr-xr-xtests/chroot/pwconv/01_pwconv--root/pwconv.test50
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/config.txt10
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/config/etc/group41
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/config/etc/gshadow41
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/config/etc/passwd19
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/config/etc/shadow19
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/pwunconv/01_pwunconv--root/data/passwd21
-rwxr-xr-xtests/chroot/pwunconv/01_pwunconv--root/pwunconv.test52
-rw-r--r--tests/chroot/useradd/01_useradd--root/config.txt10
-rw-r--r--tests/chroot/useradd/01_useradd--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/useradd/01_useradd--root/config/etc/group41
-rw-r--r--tests/chroot/useradd/01_useradd--root/config/etc/gshadow41
-rw-r--r--tests/chroot/useradd/01_useradd--root/config/etc/passwd19
-rw-r--r--tests/chroot/useradd/01_useradd--root/config/etc/shadow19
-rw-r--r--tests/chroot/useradd/01_useradd--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/useradd/01_useradd--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/useradd/01_useradd--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/useradd/01_useradd--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/useradd/01_useradd--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/useradd/01_useradd--root/data/group43
-rw-r--r--tests/chroot/useradd/01_useradd--root/data/gshadow43
-rw-r--r--tests/chroot/useradd/01_useradd--root/data/passwd22
-rw-r--r--tests/chroot/useradd/01_useradd--root/data/shadow21
-rwxr-xr-xtests/chroot/useradd/01_useradd--root/useradd.test52
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/config.txt10
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/config/etc/default/useradd36
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/config/etc/group41
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/config/etc/gshadow41
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/config/etc/passwd19
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/config/etc/shadow19
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/group42
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/data/group43
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/data/gshadow43
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/data/passwd22
-rw-r--r--tests/chroot/useradd/02_useradd--root_login.defs/data/shadow21
-rwxr-xr-xtests/chroot/useradd/02_useradd--root_login.defs/useradd.test52
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config.txt10
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/default/useradd36
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/group41
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/gshadow41
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/passwd19
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/shadow19
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/default/useradd36
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/group42
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/data/group43
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/data/gshadow43
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/data/passwd22
-rw-r--r--tests/chroot/useradd/03_useradd--root_useradd.default/data/shadow21
-rwxr-xr-xtests/chroot/useradd/03_useradd--root_useradd.default/useradd.test52
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config.txt10
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/default/useradd36
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/group41
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/gshadow41
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/passwd19
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/shadow19
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/default/useradd36
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/group42
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/useradd/04_useradd--root_useradd-D/data/useradd.out7
-rwxr-xr-xtests/chroot/useradd/04_useradd--root_useradd-D/useradd.test61
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config.txt10
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/default/useradd36
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/group41
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/gshadow41
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/passwd19
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/shadow19
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/default/useradd36
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/group42
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/useradd/05_useradd--root_useradd-D-e-g/data/useradd.default38
-rwxr-xr-xtests/chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test56
-rw-r--r--tests/chroot/userdel/01_userdel--root/config.txt10
-rw-r--r--tests/chroot/userdel/01_userdel--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/userdel/01_userdel--root/config/etc/group41
-rw-r--r--tests/chroot/userdel/01_userdel--root/config/etc/gshadow41
-rw-r--r--tests/chroot/userdel/01_userdel--root/config/etc/passwd19
-rw-r--r--tests/chroot/userdel/01_userdel--root/config/etc/shadow19
-rw-r--r--tests/chroot/userdel/01_userdel--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/userdel/01_userdel--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/userdel/01_userdel--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/userdel/01_userdel--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/userdel/01_userdel--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/userdel/01_userdel--root/data/group41
-rw-r--r--tests/chroot/userdel/01_userdel--root/data/gshadow41
-rw-r--r--tests/chroot/userdel/01_userdel--root/data/passwd20
-rw-r--r--tests/chroot/userdel/01_userdel--root/data/shadow19
-rwxr-xr-xtests/chroot/userdel/01_userdel--root/userdel.test52
-rw-r--r--tests/chroot/usermod/01_usermod--root/config.txt10
-rw-r--r--tests/chroot/usermod/01_usermod--root/config/etc/default/useradd36
-rw-r--r--tests/chroot/usermod/01_usermod--root/config/etc/group41
-rw-r--r--tests/chroot/usermod/01_usermod--root/config/etc/gshadow41
-rw-r--r--tests/chroot/usermod/01_usermod--root/config/etc/passwd19
-rw-r--r--tests/chroot/usermod/01_usermod--root/config/etc/shadow19
-rw-r--r--tests/chroot/usermod/01_usermod--root/config_chroot/etc/group42
-rw-r--r--tests/chroot/usermod/01_usermod--root/config_chroot/etc/gshadow42
-rw-r--r--tests/chroot/usermod/01_usermod--root/config_chroot/etc/login.defs335
-rw-r--r--tests/chroot/usermod/01_usermod--root/config_chroot/etc/passwd21
-rw-r--r--tests/chroot/usermod/01_usermod--root/config_chroot/etc/shadow20
-rw-r--r--tests/chroot/usermod/01_usermod--root/data/passwd21
-rwxr-xr-xtests/chroot/usermod/01_usermod--root/usermod.test52
-rw-r--r--tests/chsh/01/data/chsh11
-rw-r--r--tests/chsh/01/data/chsh21
-rw-r--r--tests/chsh/01/data/group42
-rw-r--r--tests/chsh/01/data/gshadow42
-rw-r--r--tests/chsh/01/data/passwd21
-rw-r--r--tests/chsh/01/data/shadow21
-rw-r--r--tests/chsh/01/data/shells16
-rwxr-xr-xtests/chsh/01/run143
-rwxr-xr-xtests/chsh/01/run.exp38
-rwxr-xr-xtests/chsh/02_chsh_usage/chsh.test48
-rw-r--r--tests/chsh/02_chsh_usage/config.txt0
-rw-r--r--tests/chsh/02_chsh_usage/config/etc/group0
-rw-r--r--tests/chsh/02_chsh_usage/config/etc/gshadow0
-rw-r--r--tests/chsh/02_chsh_usage/config/etc/passwd0
-rw-r--r--tests/chsh/02_chsh_usage/config/etc/shadow0
-rw-r--r--tests/chsh/02_chsh_usage/data/usage.out7
-rwxr-xr-xtests/chsh/03_chsh_usage_invalid_option/chsh.test54
-rw-r--r--tests/chsh/03_chsh_usage_invalid_option/config.txt0
-rw-r--r--tests/chsh/03_chsh_usage_invalid_option/config/etc/group0
-rw-r--r--tests/chsh/03_chsh_usage_invalid_option/config/etc/gshadow0
-rw-r--r--tests/chsh/03_chsh_usage_invalid_option/config/etc/passwd0
-rw-r--r--tests/chsh/03_chsh_usage_invalid_option/config/etc/shadow0
-rw-r--r--tests/chsh/03_chsh_usage_invalid_option/data/usage.out8
-rwxr-xr-xtests/chsh/04_chsh_usage_2_users/chsh.test54
-rw-r--r--tests/chsh/04_chsh_usage_2_users/config.txt0
-rw-r--r--tests/chsh/04_chsh_usage_2_users/config/etc/group0
-rw-r--r--tests/chsh/04_chsh_usage_2_users/config/etc/gshadow0
-rw-r--r--tests/chsh/04_chsh_usage_2_users/config/etc/passwd0
-rw-r--r--tests/chsh/04_chsh_usage_2_users/config/etc/shadow0
-rw-r--r--tests/chsh/04_chsh_usage_2_users/data/usage.out7
-rwxr-xr-xtests/chsh/05_chsh_myuser_restricted_shell/chsh.test41
-rw-r--r--tests/chsh/05_chsh_myuser_restricted_shell/config.txt0
-rw-r--r--tests/chsh/05_chsh_myuser_restricted_shell/config/etc/group42
-rw-r--r--tests/chsh/05_chsh_myuser_restricted_shell/config/etc/gshadow42
-rw-r--r--tests/chsh/05_chsh_myuser_restricted_shell/config/etc/passwd21
-rw-r--r--tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shadow21
-rw-r--r--tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shells15
-rwxr-xr-xtests/chsh/05_chsh_myuser_restricted_shell/run.exp34
-rwxr-xr-xtests/chsh/06_chsh_myuser_non_restricted_shell/chsh.test41
-rw-r--r--tests/chsh/06_chsh_myuser_non_restricted_shell/config.txt0
-rw-r--r--tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/group42
-rw-r--r--tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/gshadow42
-rw-r--r--tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/passwd21
-rw-r--r--tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shadow21
-rw-r--r--tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shells16
-rw-r--r--tests/chsh/06_chsh_myuser_non_restricted_shell/data/passwd21
-rwxr-xr-xtests/chsh/06_chsh_myuser_non_restricted_shell/run.exp40
-rwxr-xr-xtests/chsh/07_chsh_usage_invalid_user/chsh.test54
-rw-r--r--tests/chsh/07_chsh_usage_invalid_user/config.txt0
-rw-r--r--tests/chsh/07_chsh_usage_invalid_user/config/etc/group0
-rw-r--r--tests/chsh/07_chsh_usage_invalid_user/config/etc/gshadow0
-rw-r--r--tests/chsh/07_chsh_usage_invalid_user/config/etc/passwd0
-rw-r--r--tests/chsh/07_chsh_usage_invalid_user/config/etc/shadow0
-rw-r--r--tests/chsh/07_chsh_usage_invalid_user/data/usage.out1
-rwxr-xr-xtests/chsh/08_chsh_myuser_to_restricted_shell/chsh.test41
-rw-r--r--tests/chsh/08_chsh_myuser_to_restricted_shell/config.txt0
-rw-r--r--tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/group42
-rw-r--r--tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/gshadow42
-rw-r--r--tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/passwd21
-rw-r--r--tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shadow21
-rw-r--r--tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shells15
-rw-r--r--tests/chsh/08_chsh_myuser_to_restricted_shell/data/passwd21
-rwxr-xr-xtests/chsh/08_chsh_myuser_to_restricted_shell/run.exp41
-rwxr-xr-xtests/chsh/09_chsh_myuser_to_missing_shell/chsh.test42
-rw-r--r--tests/chsh/09_chsh_myuser_to_missing_shell/config.txt0
-rw-r--r--tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/group42
-rw-r--r--tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/gshadow42
-rw-r--r--tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/passwd21
-rw-r--r--tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shadow21
-rw-r--r--tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shells15
-rw-r--r--tests/chsh/09_chsh_myuser_to_missing_shell/data/passwd21
-rwxr-xr-xtests/chsh/09_chsh_myuser_to_missing_shell/run.exp41
-rwxr-xr-xtests/chsh/10_chsh_myuser_to_non_executable_shell/chsh.test46
-rw-r--r--tests/chsh/10_chsh_myuser_to_non_executable_shell/config.txt0
-rw-r--r--tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/group42
-rw-r--r--tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/gshadow42
-rw-r--r--tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/passwd21
-rw-r--r--tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shadow21
-rw-r--r--tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shells15
-rw-r--r--tests/chsh/10_chsh_myuser_to_non_executable_shell/data/passwd21
-rwxr-xr-xtests/chsh/10_chsh_myuser_to_non_executable_shell/run.exp41
-rwxr-xr-xtests/chsh/11_chsh_auth_failure/chsh.test41
-rw-r--r--tests/chsh/11_chsh_auth_failure/config.txt0
-rw-r--r--tests/chsh/11_chsh_auth_failure/config/etc/group42
-rw-r--r--tests/chsh/11_chsh_auth_failure/config/etc/gshadow42
-rw-r--r--tests/chsh/11_chsh_auth_failure/config/etc/passwd21
-rw-r--r--tests/chsh/11_chsh_auth_failure/config/etc/shadow21
-rw-r--r--tests/chsh/11_chsh_auth_failure/config/etc/shells15
-rw-r--r--tests/chsh/11_chsh_auth_failure/data/passwd21
-rwxr-xr-xtests/chsh/11_chsh_auth_failure/run.exp36
-rwxr-xr-xtests/chsh/12_chsh_warning_missing_shell/chsh.test48
-rw-r--r--tests/chsh/12_chsh_warning_missing_shell/config.txt0
-rw-r--r--tests/chsh/12_chsh_warning_missing_shell/config/etc/group42
-rw-r--r--tests/chsh/12_chsh_warning_missing_shell/config/etc/gshadow42
-rw-r--r--tests/chsh/12_chsh_warning_missing_shell/config/etc/pam.d/chsh20
-rw-r--r--tests/chsh/12_chsh_warning_missing_shell/config/etc/passwd21
-rw-r--r--tests/chsh/12_chsh_warning_missing_shell/config/etc/shadow21
-rw-r--r--tests/chsh/12_chsh_warning_missing_shell/config/etc/shells16
-rw-r--r--tests/chsh/12_chsh_warning_missing_shell/data/chsh.err1
-rw-r--r--tests/chsh/12_chsh_warning_missing_shell/data/passwd21
-rwxr-xr-xtests/chsh/13_chsh_warning_non_executable/chsh.test52
-rw-r--r--tests/chsh/13_chsh_warning_non_executable/config.txt0
-rw-r--r--tests/chsh/13_chsh_warning_non_executable/config/etc/group42
-rw-r--r--tests/chsh/13_chsh_warning_non_executable/config/etc/gshadow42
-rw-r--r--tests/chsh/13_chsh_warning_non_executable/config/etc/pam.d/chsh20
-rw-r--r--tests/chsh/13_chsh_warning_non_executable/config/etc/passwd21
-rw-r--r--tests/chsh/13_chsh_warning_non_executable/config/etc/shadow21
-rw-r--r--tests/chsh/13_chsh_warning_non_executable/config/etc/shells16
-rw-r--r--tests/chsh/13_chsh_warning_non_executable/data/chsh.err1
-rw-r--r--tests/chsh/13_chsh_warning_non_executable/data/passwd21
-rwxr-xr-xtests/chsh/14_chsh_locked_passwd/chsh.test59
-rw-r--r--tests/chsh/14_chsh_locked_passwd/config.txt0
-rw-r--r--tests/chsh/14_chsh_locked_passwd/config/etc/group42
-rw-r--r--tests/chsh/14_chsh_locked_passwd/config/etc/gshadow42
-rw-r--r--tests/chsh/14_chsh_locked_passwd/config/etc/passwd26
-rw-r--r--tests/chsh/14_chsh_locked_passwd/config/etc/shadow26
-rw-r--r--tests/chsh/14_chsh_locked_passwd/data/chsh.err2
-rwxr-xr-xtests/chsh/15_chsh_PAM_error/chsh.test58
-rw-r--r--tests/chsh/15_chsh_PAM_error/config.txt0
-rw-r--r--tests/chsh/15_chsh_PAM_error/config/etc/group42
-rw-r--r--tests/chsh/15_chsh_PAM_error/config/etc/gshadow42
-rw-r--r--tests/chsh/15_chsh_PAM_error/config/etc/pam.d/chsh1
-rw-r--r--tests/chsh/15_chsh_PAM_error/config/etc/pam.d/other1
-rw-r--r--tests/chsh/15_chsh_PAM_error/config/etc/passwd26
-rw-r--r--tests/chsh/15_chsh_PAM_error/config/etc/shadow26
-rw-r--r--tests/chsh/15_chsh_PAM_error/data/chsh.err1
-rw-r--r--tests/cktools/01/data/group41
-rw-r--r--tests/cktools/01/data/gshadow41
-rw-r--r--tests/cktools/01/data/passwd19
-rw-r--r--tests/cktools/01/data/run2.err0
-rw-r--r--tests/cktools/01/data/run2.out13
-rw-r--r--tests/cktools/01/data/shadow19
-rwxr-xr-xtests/cktools/01/run154
-rwxr-xr-xtests/cktools/01/run262
-rw-r--r--tests/cktools/02_pwck_sort/config.txt5
-rw-r--r--tests/cktools/02_pwck_sort/config/etc/group42
-rw-r--r--tests/cktools/02_pwck_sort/config/etc/gshadow42
-rw-r--r--tests/cktools/02_pwck_sort/config/etc/passwd20
-rw-r--r--tests/cktools/02_pwck_sort/config/etc/shadow20
-rw-r--r--tests/cktools/02_pwck_sort/data/passwd20
-rw-r--r--tests/cktools/02_pwck_sort/data/shadow20
-rwxr-xr-xtests/cktools/02_pwck_sort/pwck.test39
-rw-r--r--tests/cktools/03_grpck_sort/config.txt5
-rw-r--r--tests/cktools/03_grpck_sort/config/etc/group42
-rw-r--r--tests/cktools/03_grpck_sort/config/etc/gshadow42
-rw-r--r--tests/cktools/03_grpck_sort/config/etc/passwd20
-rw-r--r--tests/cktools/03_grpck_sort/config/etc/shadow20
-rw-r--r--tests/cktools/03_grpck_sort/data/group42
-rw-r--r--tests/cktools/03_grpck_sort/data/gshadow42
-rwxr-xr-xtests/cktools/03_grpck_sort/grpck.test39
-rw-r--r--tests/cktools/04_pwck_sort_missing_shadow_user/config.txt5
-rw-r--r--tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/group42
-rw-r--r--tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/gshadow42
-rw-r--r--tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/passwd20
-rw-r--r--tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/shadow19
-rw-r--r--tests/cktools/04_pwck_sort_missing_shadow_user/data/passwd20
-rw-r--r--tests/cktools/04_pwck_sort_missing_shadow_user/data/shadow19
-rwxr-xr-xtests/cktools/04_pwck_sort_missing_shadow_user/pwck.test39
-rw-r--r--tests/cktools/05_grpck_sort_missing_shadow_group/config.txt5
-rw-r--r--tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/group42
-rw-r--r--tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/gshadow41
-rw-r--r--tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/passwd20
-rw-r--r--tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/shadow20
-rw-r--r--tests/cktools/05_grpck_sort_missing_shadow_group/data/group42
-rw-r--r--tests/cktools/05_grpck_sort_missing_shadow_group/data/gshadow41
-rwxr-xr-xtests/cktools/05_grpck_sort_missing_shadow_group/grpck.test39
-rw-r--r--tests/cktools/06_pwck_sort_NIS_server/config.txt5
-rw-r--r--tests/cktools/06_pwck_sort_NIS_server/config/etc/group43
-rw-r--r--tests/cktools/06_pwck_sort_NIS_server/config/etc/gshadow43
-rw-r--r--tests/cktools/06_pwck_sort_NIS_server/config/etc/passwd24
-rw-r--r--tests/cktools/06_pwck_sort_NIS_server/config/etc/shadow21
-rw-r--r--tests/cktools/06_pwck_sort_NIS_server/data/passwd24
-rw-r--r--tests/cktools/06_pwck_sort_NIS_server/data/shadow21
-rwxr-xr-xtests/cktools/06_pwck_sort_NIS_server/pwck.test39
-rw-r--r--tests/cktools/07_pwck_sort_NIS_client/config.txt5
-rw-r--r--tests/cktools/07_pwck_sort_NIS_client/config/etc/group45
-rw-r--r--tests/cktools/07_pwck_sort_NIS_client/config/etc/gshadow43
-rw-r--r--tests/cktools/07_pwck_sort_NIS_client/config/etc/passwd22
-rw-r--r--tests/cktools/07_pwck_sort_NIS_client/config/etc/shadow22
-rw-r--r--tests/cktools/07_pwck_sort_NIS_client/data/passwd22
-rw-r--r--tests/cktools/07_pwck_sort_NIS_client/data/shadow22
-rwxr-xr-xtests/cktools/07_pwck_sort_NIS_client/pwck.test39
-rw-r--r--tests/cktools/grpck/04_grpck_missing_field_group_delete/config.txt2
-rw-r--r--tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/group42
-rw-r--r--tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/04_grpck_missing_field_group_delete/data/group41
-rw-r--r--tests/cktools/grpck/04_grpck_missing_field_group_delete/data/gshadow41
-rwxr-xr-xtests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.test37
-rw-r--r--tests/cktools/grpck/05_grpck_missing_field_group_keep/config.txt2
-rw-r--r--tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/group42
-rw-r--r--tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/05_grpck_missing_field_group_keep/data/gshadow41
-rwxr-xr-xtests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.test37
-rw-r--r--tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config.txt2
-rw-r--r--tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/group42
-rw-r--r--tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/shadow20
-rwxr-xr-xtests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test37
-rw-r--r--tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config.txt2
-rw-r--r--tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/group42
-rw-r--r--tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/07_grpck_missing_field_gshadow_add/data/gshadow42
-rwxr-xr-xtests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test37
-rw-r--r--tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config.txt2
-rw-r--r--tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/group42
-rw-r--r--tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/data/gshadow41
-rwxr-xr-xtests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test37
-rw-r--r--tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config.txt2
-rw-r--r--tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/group42
-rw-r--r--tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/shadow20
-rwxr-xr-xtests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test37
-rw-r--r--tests/cktools/grpck/10_grpck_missing_field_group_local/config.txt2
-rw-r--r--tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/group42
-rw-r--r--tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/10_grpck_missing_field_group_local/data/group41
-rw-r--r--tests/cktools/grpck/10_grpck_missing_field_group_local/data/gshadow41
-rwxr-xr-xtests/cktools/grpck/10_grpck_missing_field_group_local/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/10_grpck_missing_field_group_local/grpck.test45
-rw-r--r--tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config.txt2
-rw-r--r--tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/group42
-rw-r--r--tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/group42
-rw-r--r--tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/gshadow42
-rw-r--r--tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/shadow20
-rwxr-xr-xtests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test45
-rw-r--r--tests/cktools/grpck/12_grpck_unknown_user_group/config.txt2
-rw-r--r--tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/group42
-rw-r--r--tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/12_grpck_unknown_user_group/data/group42
-rwxr-xr-xtests/cktools/grpck/12_grpck_unknown_user_group/grpck.exp20
-rwxr-xr-xtests/cktools/grpck/12_grpck_unknown_user_group/grpck.test37
-rw-r--r--tests/cktools/grpck/13_grpck_unknown_user_gshadow/config.txt2
-rw-r--r--tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/group42
-rw-r--r--tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/13_grpck_unknown_user_gshadow/data/gshadow42
-rwxr-xr-xtests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.exp21
-rwxr-xr-xtests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test37
-rw-r--r--tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config.txt2
-rw-r--r--tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/group42
-rw-r--r--tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/data/gshadow42
-rwxr-xr-xtests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.exp31
-rwxr-xr-xtests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test37
-rw-r--r--tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config.txt2
-rw-r--r--tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/group42
-rw-r--r--tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/data/group42
-rwxr-xr-xtests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test37
-rw-r--r--tests/cktools/grpck/16_grpck_duplicate_entry_group/config.txt2
-rw-r--r--tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/group43
-rw-r--r--tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/16_grpck_duplicate_entry_group/data/group42
-rwxr-xr-xtests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.exp20
-rwxr-xr-xtests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.test37
-rw-r--r--tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config.txt2
-rw-r--r--tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/group42
-rw-r--r--tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/gshadow43
-rw-r--r--tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/data/gshadow42
-rwxr-xr-xtests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.exp20
-rwxr-xr-xtests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test37
-rw-r--r--tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config.txt2
-rw-r--r--tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/group43
-rw-r--r--tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/shadow20
-rwxr-xr-xtests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.exp24
-rwxr-xr-xtests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test37
-rw-r--r--tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config.txt2
-rw-r--r--tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/group42
-rw-r--r--tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/gshadow43
-rw-r--r--tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/shadow20
-rwxr-xr-xtests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test37
-rw-r--r--tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config.txt2
-rw-r--r--tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/group42
-rw-r--r--tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/gshadow43
-rw-r--r--tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/data/gshadow42
-rwxr-xr-xtests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test37
-rw-r--r--tests/cktools/grpck/21_grpck_invalid_group_name/config.txt2
-rw-r--r--tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/group42
-rw-r--r--tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/shadow20
-rwxr-xr-xtests/cktools/grpck/21_grpck_invalid_group_name/grpck.exp17
-rwxr-xr-xtests/cktools/grpck/21_grpck_invalid_group_name/grpck.test37
-rw-r--r--tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config.txt2
-rw-r--r--tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/group42
-rw-r--r--tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/group41
-rw-r--r--tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/gshadow41
-rwxr-xr-xtests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test37
-rw-r--r--tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config.txt2
-rw-r--r--tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/group42
-rw-r--r--tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/shadow20
-rwxr-xr-xtests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.exp18
-rwxr-xr-xtests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test37
-rw-r--r--tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config.txt2
-rw-r--r--tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/group42
-rw-r--r--tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/group41
-rw-r--r--tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/gshadow41
-rwxr-xr-xtests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test37
-rw-r--r--tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config.txt2
-rw-r--r--tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/group42
-rw-r--r--tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/shadow20
-rwxr-xr-xtests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.exp23
-rwxr-xr-xtests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test37
-rw-r--r--tests/cktools/grpck/26_grpck_no_gshadow_file/config.txt5
-rw-r--r--tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/group42
-rw-r--r--tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/gshadow41
-rw-r--r--tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/26_grpck_no_gshadow_file/data/grpck.out3
-rwxr-xr-xtests/cktools/grpck/26_grpck_no_gshadow_file/grpck.test58
-rw-r--r--tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config.txt5
-rw-r--r--tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/group42
-rw-r--r--tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/gshadow41
-rw-r--r--tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/27_grpck_sort_no_gshadow_file/data/group42
-rwxr-xr-xtests/cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test43
-rw-r--r--tests/cktools/grpck/28_grpck_usage/config.txt10
-rw-r--r--tests/cktools/grpck/28_grpck_usage/config/etc/default/useradd36
-rw-r--r--tests/cktools/grpck/28_grpck_usage/config/etc/group41
-rw-r--r--tests/cktools/grpck/28_grpck_usage/config/etc/gshadow41
-rw-r--r--tests/cktools/grpck/28_grpck_usage/config/etc/passwd19
-rw-r--r--tests/cktools/grpck/28_grpck_usage/config/etc/shadow19
-rw-r--r--tests/cktools/grpck/28_grpck_usage/data/usage.out9
-rwxr-xr-xtests/cktools/grpck/28_grpck_usage/grpck.test47
-rw-r--r--tests/cktools/grpck/29_grpck_sort_readonly/config.txt10
-rw-r--r--tests/cktools/grpck/29_grpck_sort_readonly/config/etc/default/useradd36
-rw-r--r--tests/cktools/grpck/29_grpck_sort_readonly/config/etc/group41
-rw-r--r--tests/cktools/grpck/29_grpck_sort_readonly/config/etc/gshadow41
-rw-r--r--tests/cktools/grpck/29_grpck_sort_readonly/config/etc/passwd19
-rw-r--r--tests/cktools/grpck/29_grpck_sort_readonly/config/etc/shadow19
-rw-r--r--tests/cktools/grpck/29_grpck_sort_readonly/data/usage.out1
-rwxr-xr-xtests/cktools/grpck/29_grpck_sort_readonly/grpck.test54
-rw-r--r--tests/cktools/grpck/30_grpck_3_files/config.txt10
-rw-r--r--tests/cktools/grpck/30_grpck_3_files/config/etc/default/useradd36
-rw-r--r--tests/cktools/grpck/30_grpck_3_files/config/etc/group41
-rw-r--r--tests/cktools/grpck/30_grpck_3_files/config/etc/gshadow41
-rw-r--r--tests/cktools/grpck/30_grpck_3_files/config/etc/passwd19
-rw-r--r--tests/cktools/grpck/30_grpck_3_files/config/etc/shadow19
-rw-r--r--tests/cktools/grpck/30_grpck_3_files/data/usage.out9
-rwxr-xr-xtests/cktools/grpck/30_grpck_3_files/grpck.test54
-rw-r--r--tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config.txt2
-rw-r--r--tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/group42
-rw-r--r--tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/data/group41
-rwxr-xr-xtests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.exp20
-rwxr-xr-xtests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test44
-rw-r--r--tests/cktools/grpck/32_grpck_sort_nis/config.txt5
-rw-r--r--tests/cktools/grpck/32_grpck_sort_nis/config/etc/group45
-rw-r--r--tests/cktools/grpck/32_grpck_sort_nis/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/32_grpck_sort_nis/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/32_grpck_sort_nis/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/32_grpck_sort_nis/data/group45
-rw-r--r--tests/cktools/grpck/32_grpck_sort_nis/data/gshadow42
-rwxr-xr-xtests/cktools/grpck/32_grpck_sort_nis/grpck.test39
-rw-r--r--tests/cktools/grpck/33_grpck_locked_group/config.txt0
-rw-r--r--tests/cktools/grpck/33_grpck_locked_group/config/etc/default/useradd36
-rw-r--r--tests/cktools/grpck/33_grpck_locked_group/config/etc/group42
-rw-r--r--tests/cktools/grpck/33_grpck_locked_group/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/33_grpck_locked_group/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/33_grpck_locked_group/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/33_grpck_locked_group/data/grpck.err2
-rwxr-xr-xtests/cktools/grpck/33_grpck_locked_group/grpck.test60
-rw-r--r--tests/cktools/grpck/34_grpck_locked_gshadow/config.txt0
-rw-r--r--tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/default/useradd36
-rw-r--r--tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/group42
-rw-r--r--tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/34_grpck_locked_gshadow/data/grpck.err2
-rwxr-xr-xtests/cktools/grpck/34_grpck_locked_gshadow/grpck.test60
-rw-r--r--tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config.txt2
-rw-r--r--tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/group45
-rw-r--r--tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/data/group44
-rwxr-xr-xtests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.exp20
-rwxr-xr-xtests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test37
-rw-r--r--tests/cktools/grpck/36_grpck_password_group_gshadow/config.txt5
-rw-r--r--tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/group42
-rw-r--r--tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/gshadow42
-rw-r--r--tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/passwd20
-rw-r--r--tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/shadow20
-rw-r--r--tests/cktools/grpck/36_grpck_password_group_gshadow/data/grpck.out2
-rwxr-xr-xtests/cktools/grpck/36_grpck_password_group_gshadow/grpck.test54
-rw-r--r--tests/cktools/grpck/37_grpck_invalid_option/config.txt10
-rw-r--r--tests/cktools/grpck/37_grpck_invalid_option/config/etc/group41
-rw-r--r--tests/cktools/grpck/37_grpck_invalid_option/config/etc/gshadow41
-rw-r--r--tests/cktools/grpck/37_grpck_invalid_option/config/etc/passwd19
-rw-r--r--tests/cktools/grpck/37_grpck_invalid_option/config/etc/shadow19
-rw-r--r--tests/cktools/grpck/37_grpck_invalid_option/data/usage.out10
-rwxr-xr-xtests/cktools/grpck/37_grpck_invalid_option/grpck.test54
-rw-r--r--tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config.txt2
-rw-r--r--tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/group42
-rw-r--r--tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/shadow11
-rw-r--r--tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/passwd10
-rw-r--r--tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/shadow10
-rwxr-xr-xtests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test37
-rw-r--r--tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config.txt2
-rw-r--r--tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/group42
-rw-r--r--tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/shadow11
-rw-r--r--tests/cktools/pwck/05_pwck_missing_field_passwd_keep/data/shadow10
-rwxr-xr-xtests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.exp22
-rwxr-xr-xtests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test37
-rw-r--r--tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config.txt2
-rw-r--r--tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/group42
-rw-r--r--tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/shadow11
-rwxr-xr-xtests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test37
-rw-r--r--tests/cktools/pwck/07_pwck_missing_field_shadow_add/config.txt2
-rw-r--r--tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/group42
-rw-r--r--tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/shadow11
-rw-r--r--tests/cktools/pwck/07_pwck_missing_field_shadow_add/data/shadow11
-rwxr-xr-xtests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test37
-rw-r--r--tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config.txt2
-rw-r--r--tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/group42
-rw-r--r--tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/shadow11
-rw-r--r--tests/cktools/pwck/08_pwck_missing_field_shadow_delete/data/shadow10
-rwxr-xr-xtests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test37
-rw-r--r--tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config.txt2
-rw-r--r--tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/group42
-rw-r--r--tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/shadow11
-rwxr-xr-xtests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test37
-rw-r--r--tests/cktools/pwck/10_pwck_missing_field_passwd_local/config.txt2
-rw-r--r--tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/group42
-rw-r--r--tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/shadow11
-rw-r--r--tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/passwd10
-rw-r--r--tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/shadow10
-rwxr-xr-xtests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test45
-rw-r--r--tests/cktools/pwck/11_pwck_missing_field_shadow_local/config.txt2
-rw-r--r--tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/group42
-rw-r--r--tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/shadow11
-rw-r--r--tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/passwd11
-rw-r--r--tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/shadow11
-rwxr-xr-xtests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test45
-rw-r--r--tests/cktools/pwck/12_pwck_unknown_user_group_ID/config.txt2
-rw-r--r--tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/group42
-rw-r--r--tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/shadow11
-rwxr-xr-xtests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.exp18
-rwxr-xr-xtests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test37
-rw-r--r--tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config.txt2
-rw-r--r--tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/group42
-rw-r--r--tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/passwd12
-rw-r--r--tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/shadow11
-rw-r--r--tests/cktools/pwck/13_pwck_duplicate_entry_passwd/data/passwd11
-rwxr-xr-xtests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.exp20
-rwxr-xr-xtests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test37
-rw-r--r--tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config.txt2
-rw-r--r--tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/group42
-rw-r--r--tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/shadow12
-rw-r--r--tests/cktools/pwck/14_pwck_duplicate_entry_shadow/data/shadow11
-rwxr-xr-xtests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.exp20
-rwxr-xr-xtests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test37
-rw-r--r--tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config.txt2
-rw-r--r--tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/group42
-rw-r--r--tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/passwd12
-rw-r--r--tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/shadow11
-rwxr-xr-xtests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test37
-rw-r--r--tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config.txt2
-rw-r--r--tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/group42
-rw-r--r--tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/shadow12
-rwxr-xr-xtests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test37
-rw-r--r--tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config.txt2
-rw-r--r--tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/group42
-rw-r--r--tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/passwd12
-rw-r--r--tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/shadow11
-rw-r--r--tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/data/passwd11
-rwxr-xr-xtests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test37
-rw-r--r--tests/cktools/pwck/18_pwck_invalid_user_name/config.txt2
-rw-r--r--tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/group42
-rw-r--r--tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/shadow11
-rwxr-xr-xtests/cktools/pwck/18_pwck_invalid_user_name/pwck.exp18
-rwxr-xr-xtests/cktools/pwck/18_pwck_invalid_user_name/pwck.test37
-rw-r--r--tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config.txt2
-rw-r--r--tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/group42
-rw-r--r--tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/shadow11
-rw-r--r--tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/passwd10
-rw-r--r--tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/shadow10
-rwxr-xr-xtests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test37
-rw-r--r--tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config.txt2
-rw-r--r--tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/group42
-rw-r--r--tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/shadow11
-rwxr-xr-xtests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.exp18
-rwxr-xr-xtests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test37
-rw-r--r--tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config.txt2
-rw-r--r--tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/group42
-rw-r--r--tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/passwd11
-rw-r--r--tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/shadow11
-rw-r--r--tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/passwd10
-rw-r--r--tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/shadow10
-rwxr-xr-xtests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.exp23
-rwxr-xr-xtests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test37
-rw-r--r--tests/cktools/pwck/22_pwck_usage/config.txt10
-rw-r--r--tests/cktools/pwck/22_pwck_usage/config/etc/group41
-rw-r--r--tests/cktools/pwck/22_pwck_usage/config/etc/gshadow41
-rw-r--r--tests/cktools/pwck/22_pwck_usage/config/etc/passwd19
-rw-r--r--tests/cktools/pwck/22_pwck_usage/config/etc/shadow19
-rw-r--r--tests/cktools/pwck/22_pwck_usage/data/usage.out10
-rwxr-xr-xtests/cktools/pwck/22_pwck_usage/pwck.test47
-rw-r--r--tests/cktools/pwck/23_pwck_locked_passwd/config.txt0
-rw-r--r--tests/cktools/pwck/23_pwck_locked_passwd/config/etc/group42
-rw-r--r--tests/cktools/pwck/23_pwck_locked_passwd/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/23_pwck_locked_passwd/config/etc/passwd20
-rw-r--r--tests/cktools/pwck/23_pwck_locked_passwd/config/etc/shadow20
-rw-r--r--tests/cktools/pwck/23_pwck_locked_passwd/data/pwck.err2
-rwxr-xr-xtests/cktools/pwck/23_pwck_locked_passwd/pwck.test60
-rw-r--r--tests/cktools/pwck/24_pwck_locked_shadow/config.txt0
-rw-r--r--tests/cktools/pwck/24_pwck_locked_shadow/config/etc/group42
-rw-r--r--tests/cktools/pwck/24_pwck_locked_shadow/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/24_pwck_locked_shadow/config/etc/passwd20
-rw-r--r--tests/cktools/pwck/24_pwck_locked_shadow/config/etc/shadow20
-rw-r--r--tests/cktools/pwck/24_pwck_locked_shadow/data/pwck.err2
-rwxr-xr-xtests/cktools/pwck/24_pwck_locked_shadow/pwck.test60
-rw-r--r--tests/cktools/pwck/25_pwck_usage_invalid_option/config.txt0
-rw-r--r--tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/group42
-rw-r--r--tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/passwd20
-rw-r--r--tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/shadow20
-rw-r--r--tests/cktools/pwck/25_pwck_usage_invalid_option/data/pwck.err11
-rwxr-xr-xtests/cktools/pwck/25_pwck_usage_invalid_option/pwck.test56
-rw-r--r--tests/cktools/pwck/26_pwck_usage-s-r/config.txt0
-rw-r--r--tests/cktools/pwck/26_pwck_usage-s-r/config/etc/group42
-rw-r--r--tests/cktools/pwck/26_pwck_usage-s-r/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/26_pwck_usage-s-r/config/etc/passwd20
-rw-r--r--tests/cktools/pwck/26_pwck_usage-s-r/config/etc/shadow20
-rw-r--r--tests/cktools/pwck/26_pwck_usage-s-r/data/pwck.err1
-rwxr-xr-xtests/cktools/pwck/26_pwck_usage-s-r/pwck.test56
-rw-r--r--tests/cktools/pwck/27_pwck_usage_3_files/config.txt0
-rw-r--r--tests/cktools/pwck/27_pwck_usage_3_files/config/etc/group42
-rw-r--r--tests/cktools/pwck/27_pwck_usage_3_files/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/27_pwck_usage_3_files/config/etc/passwd20
-rw-r--r--tests/cktools/pwck/27_pwck_usage_3_files/config/etc/shadow20
-rw-r--r--tests/cktools/pwck/27_pwck_usage_3_files/data/pwck.err10
-rwxr-xr-xtests/cktools/pwck/27_pwck_usage_3_files/pwck.test56
-rw-r--r--tests/cktools/pwck/28_pwck_no_shadow_file/config.txt10
-rw-r--r--tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/group42
-rw-r--r--tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/passwd23
-rw-r--r--tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/shadow20
-rw-r--r--tests/cktools/pwck/28_pwck_no_shadow_file/data/pwck.out7
-rwxr-xr-xtests/cktools/pwck/28_pwck_no_shadow_file/pwck.test58
-rw-r--r--tests/cktools/pwck/29_pwck_password_change_in_future/config.txt10
-rw-r--r--tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/group42
-rw-r--r--tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/passwd20
-rw-r--r--tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/shadow20
-rw-r--r--tests/cktools/pwck/29_pwck_password_change_in_future/data/pwck.out2
-rwxr-xr-xtests/cktools/pwck/29_pwck_password_change_in_future/pwck.test54
-rw-r--r--tests/cktools/pwck/30_pwck_NIS_entries/config.txt10
-rw-r--r--tests/cktools/pwck/30_pwck_NIS_entries/config/etc/group42
-rw-r--r--tests/cktools/pwck/30_pwck_NIS_entries/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/30_pwck_NIS_entries/config/etc/passwd23
-rw-r--r--tests/cktools/pwck/30_pwck_NIS_entries/config/etc/shadow23
-rw-r--r--tests/cktools/pwck/30_pwck_NIS_entries/data/pwck.out10
-rwxr-xr-xtests/cktools/pwck/30_pwck_NIS_entries/pwck.test54
-rw-r--r--tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config.txt10
-rw-r--r--tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/group42
-rw-r--r--tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/gshadow42
-rw-r--r--tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/passwd20
-rw-r--r--tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/shadow20
-rw-r--r--tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/data/pwck.out2
-rwxr-xr-xtests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test54
-rw-r--r--tests/cktools/pwck/32_pwck_quiet/config.txt10
-rw-r--r--tests/cktools/pwck/32_pwck_quiet/config/etc/group41
-rw-r--r--tests/cktools/pwck/32_pwck_quiet/config/etc/gshadow41
-rw-r--r--tests/cktools/pwck/32_pwck_quiet/config/etc/passwd22
-rw-r--r--tests/cktools/pwck/32_pwck_quiet/config/etc/shadow19
-rw-r--r--tests/cktools/pwck/32_pwck_quiet/data/pwck.out9
-rwxr-xr-xtests/cktools/pwck/32_pwck_quiet/pwck.test54
-rwxr-xr-xtests/cleanup.sh33
-rw-r--r--tests/common/Makefile14
-rwxr-xr-xtests/common/compare_file.pl116
-rw-r--r--tests/common/config.sh121
-rw-r--r--tests/common/config_chroot-i386.list25
-rw-r--r--tests/common/config_chroot-powerpc.list25
-rw-r--r--tests/common/fopen_failure.c46
-rw-r--r--tests/common/link_failure.c51
-rw-r--r--tests/common/log.sh46
-rw-r--r--tests/common/open_RDONLY_failure.c51
-rw-r--r--tests/common/open_RDWR_failure.c51
-rw-r--r--tests/common/rename_failure.c50
-rw-r--r--tests/common/rmdir_failure.c51
-rw-r--r--tests/common/time_0.c16
-rw-r--r--tests/common/time_past.c52
-rw-r--r--tests/common/unlink_failure.c51
-rw-r--r--tests/common/unlinkat_failure.c62
-rw-r--r--tests/convtools/01/data/1/group42
-rw-r--r--tests/convtools/01/data/1/passwd21
-rw-r--r--tests/convtools/01/data/2/group42
-rw-r--r--tests/convtools/01/data/2/gshadow42
-rw-r--r--tests/convtools/01/data/2/passwd21
-rw-r--r--tests/convtools/01/data/2/shadow21
-rwxr-xr-xtests/convtools/01/run117
-rw-r--r--tests/convtools/02_grpconv_remove_gshadow_only_entries/config.txt2
-rw-r--r--tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/group42
-rw-r--r--tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/gshadow43
-rw-r--r--tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/passwd20
-rw-r--r--tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/shadow20
-rw-r--r--tests/convtools/02_grpconv_remove_gshadow_only_entries/data/gshadow42
-rwxr-xr-xtests/convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test39
-rw-r--r--tests/convtools/03_grpconv_copy_passwd/config.txt2
-rw-r--r--tests/convtools/03_grpconv_copy_passwd/config/etc/group42
-rw-r--r--tests/convtools/03_grpconv_copy_passwd/config/etc/gshadow41
-rw-r--r--tests/convtools/03_grpconv_copy_passwd/config/etc/passwd19
-rw-r--r--tests/convtools/03_grpconv_copy_passwd/config/etc/shadow19
-rw-r--r--tests/convtools/03_grpconv_copy_passwd/data/group42
-rw-r--r--tests/convtools/03_grpconv_copy_passwd/data/gshadow42
-rwxr-xr-xtests/convtools/03_grpconv_copy_passwd/grpconv.test39
-rw-r--r--tests/convtools/04_grpconv_no_password/config.txt2
-rw-r--r--tests/convtools/04_grpconv_no_password/config/etc/group42
-rw-r--r--tests/convtools/04_grpconv_no_password/config/etc/gshadow41
-rw-r--r--tests/convtools/04_grpconv_no_password/config/etc/passwd19
-rw-r--r--tests/convtools/04_grpconv_no_password/config/etc/shadow19
-rw-r--r--tests/convtools/04_grpconv_no_password/data/group42
-rw-r--r--tests/convtools/04_grpconv_no_password/data/gshadow42
-rwxr-xr-xtests/convtools/04_grpconv_no_password/grpconv.test39
-rw-r--r--tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config.txt3
-rw-r--r--tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/group42
-rw-r--r--tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/gshadow42
-rw-r--r--tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/passwd19
-rw-r--r--tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/shadow19
-rw-r--r--tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/group42
-rw-r--r--tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/gshadow42
-rwxr-xr-xtests/convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test39
-rw-r--r--tests/convtools/06_grpconv_error_group_locked/config.txt1
-rw-r--r--tests/convtools/06_grpconv_error_group_locked/config/etc/group42
-rw-r--r--tests/convtools/06_grpconv_error_group_locked/config/etc/gshadow41
-rw-r--r--tests/convtools/06_grpconv_error_group_locked/config/etc/passwd19
-rw-r--r--tests/convtools/06_grpconv_error_group_locked/config/etc/shadow19
-rw-r--r--tests/convtools/06_grpconv_error_group_locked/data/grpconv.err2
-rwxr-xr-xtests/convtools/06_grpconv_error_group_locked/grpconv.test63
-rw-r--r--tests/convtools/07_grpconv_error_gshadow_locked/config.txt1
-rw-r--r--tests/convtools/07_grpconv_error_gshadow_locked/config/etc/group42
-rw-r--r--tests/convtools/07_grpconv_error_gshadow_locked/config/etc/gshadow41
-rw-r--r--tests/convtools/07_grpconv_error_gshadow_locked/config/etc/passwd19
-rw-r--r--tests/convtools/07_grpconv_error_gshadow_locked/config/etc/shadow19
-rw-r--r--tests/convtools/07_grpconv_error_gshadow_locked/data/grpconv.err2
-rwxr-xr-xtests/convtools/07_grpconv_error_gshadow_locked/grpconv.test62
-rw-r--r--tests/convtools/08_grpunconv_no_gshadow_file/config.txt1
-rw-r--r--tests/convtools/08_grpunconv_no_gshadow_file/config/etc/group42
-rw-r--r--tests/convtools/08_grpunconv_no_gshadow_file/config/etc/gshadow43
-rw-r--r--tests/convtools/08_grpunconv_no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/convtools/08_grpunconv_no_gshadow_file/config/etc/shadow20
-rwxr-xr-xtests/convtools/08_grpunconv_no_gshadow_file/grpunconv.test43
-rw-r--r--tests/convtools/09_grpunconv_error_group_locked/config.txt1
-rw-r--r--tests/convtools/09_grpunconv_error_group_locked/config/etc/group42
-rw-r--r--tests/convtools/09_grpunconv_error_group_locked/config/etc/gshadow41
-rw-r--r--tests/convtools/09_grpunconv_error_group_locked/config/etc/passwd19
-rw-r--r--tests/convtools/09_grpunconv_error_group_locked/config/etc/shadow19
-rw-r--r--tests/convtools/09_grpunconv_error_group_locked/data/grpunconv.err2
-rwxr-xr-xtests/convtools/09_grpunconv_error_group_locked/grpunconv.test62
-rw-r--r--tests/convtools/10_grpunconv_error_gshadow_locked/config.txt1
-rw-r--r--tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/group42
-rw-r--r--tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/gshadow41
-rw-r--r--tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/passwd19
-rw-r--r--tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/shadow19
-rw-r--r--tests/convtools/10_grpunconv_error_gshadow_locked/data/grpunconv.err2
-rwxr-xr-xtests/convtools/10_grpunconv_error_gshadow_locked/grpunconv.test62
-rw-r--r--tests/convtools/11_pwconv_error_passwd_locked/config.txt5
-rw-r--r--tests/convtools/11_pwconv_error_passwd_locked/config/etc/group42
-rw-r--r--tests/convtools/11_pwconv_error_passwd_locked/config/etc/gshadow41
-rw-r--r--tests/convtools/11_pwconv_error_passwd_locked/config/etc/passwd19
-rw-r--r--tests/convtools/11_pwconv_error_passwd_locked/config/etc/shadow19
-rw-r--r--tests/convtools/11_pwconv_error_passwd_locked/data/pwconv.err2
-rwxr-xr-xtests/convtools/11_pwconv_error_passwd_locked/pwconv.test62
-rw-r--r--tests/convtools/12_pwconv_error_shadow_locked/config.txt5
-rw-r--r--tests/convtools/12_pwconv_error_shadow_locked/config/etc/group42
-rw-r--r--tests/convtools/12_pwconv_error_shadow_locked/config/etc/gshadow41
-rw-r--r--tests/convtools/12_pwconv_error_shadow_locked/config/etc/passwd19
-rw-r--r--tests/convtools/12_pwconv_error_shadow_locked/config/etc/shadow19
-rw-r--r--tests/convtools/12_pwconv_error_shadow_locked/data/pwconv.err2
-rwxr-xr-xtests/convtools/12_pwconv_error_shadow_locked/pwconv.test62
-rw-r--r--tests/convtools/13_pwunconv_error_passwd_locked/config.txt5
-rw-r--r--tests/convtools/13_pwunconv_error_passwd_locked/config/etc/group42
-rw-r--r--tests/convtools/13_pwunconv_error_passwd_locked/config/etc/gshadow41
-rw-r--r--tests/convtools/13_pwunconv_error_passwd_locked/config/etc/passwd19
-rw-r--r--tests/convtools/13_pwunconv_error_passwd_locked/config/etc/shadow19
-rw-r--r--tests/convtools/13_pwunconv_error_passwd_locked/data/pwunconv.err2
-rwxr-xr-xtests/convtools/13_pwunconv_error_passwd_locked/pwunconv.test62
-rw-r--r--tests/convtools/14_pwunconv_error_shadow_locked/config.txt5
-rw-r--r--tests/convtools/14_pwunconv_error_shadow_locked/config/etc/group42
-rw-r--r--tests/convtools/14_pwunconv_error_shadow_locked/config/etc/gshadow41
-rw-r--r--tests/convtools/14_pwunconv_error_shadow_locked/config/etc/passwd19
-rw-r--r--tests/convtools/14_pwunconv_error_shadow_locked/config/etc/shadow19
-rw-r--r--tests/convtools/14_pwunconv_error_shadow_locked/data/pwunconv.err2
-rwxr-xr-xtests/convtools/14_pwunconv_error_shadow_locked/pwunconv.test62
-rw-r--r--tests/convtools/15_pwconv_remove_shadow_only_entries/config.txt2
-rw-r--r--tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/group42
-rw-r--r--tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/gshadow43
-rw-r--r--tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/passwd20
-rw-r--r--tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/shadow21
-rw-r--r--tests/convtools/15_pwconv_remove_shadow_only_entries/data/shadow20
-rwxr-xr-xtests/convtools/15_pwconv_remove_shadow_only_entries/pwconv.test39
-rw-r--r--tests/convtools/16_pwconv_copy_passwd/config.txt1
-rw-r--r--tests/convtools/16_pwconv_copy_passwd/config/etc/group42
-rw-r--r--tests/convtools/16_pwconv_copy_passwd/config/etc/gshadow41
-rw-r--r--tests/convtools/16_pwconv_copy_passwd/config/etc/passwd20
-rw-r--r--tests/convtools/16_pwconv_copy_passwd/config/etc/shadow20
-rw-r--r--tests/convtools/16_pwconv_copy_passwd/data/passwd20
-rw-r--r--tests/convtools/16_pwconv_copy_passwd/data/shadow20
-rwxr-xr-xtests/convtools/16_pwconv_copy_passwd/pwconv.test39
-rw-r--r--tests/convtools/17_pwunconv_no_shadow_file/config.txt6
-rw-r--r--tests/convtools/17_pwunconv_no_shadow_file/config/etc/group42
-rw-r--r--tests/convtools/17_pwunconv_no_shadow_file/config/etc/gshadow43
-rw-r--r--tests/convtools/17_pwunconv_no_shadow_file/config/etc/passwd20
-rw-r--r--tests/convtools/17_pwunconv_no_shadow_file/config/etc/shadow20
-rwxr-xr-xtests/convtools/17_pwunconv_no_shadow_file/pwunconv.test43
-rw-r--r--tests/convtools/18_pwunconv_user_not_in_shadow/config.txt1
-rw-r--r--tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/group42
-rw-r--r--tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/gshadow41
-rw-r--r--tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/passwd20
-rw-r--r--tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/shadow19
-rw-r--r--tests/convtools/18_pwunconv_user_not_in_shadow/data/passwd20
-rwxr-xr-xtests/convtools/18_pwunconv_user_not_in_shadow/pwunconv.test39
-rw-r--r--tests/convtools/19_pwconv_NIS/config.txt1
-rw-r--r--tests/convtools/19_pwconv_NIS/config/etc/group42
-rw-r--r--tests/convtools/19_pwconv_NIS/config/etc/gshadow41
-rw-r--r--tests/convtools/19_pwconv_NIS/config/etc/passwd22
-rw-r--r--tests/convtools/19_pwconv_NIS/config/etc/shadow20
-rw-r--r--tests/convtools/19_pwconv_NIS/data/passwd22
-rw-r--r--tests/convtools/19_pwconv_NIS/data/shadow20
-rwxr-xr-xtests/convtools/19_pwconv_NIS/pwconv.test43
-rw-r--r--tests/convtools/20_pwunconv_usage_option/config.txt10
-rw-r--r--tests/convtools/20_pwunconv_usage_option/config/etc/group41
-rw-r--r--tests/convtools/20_pwunconv_usage_option/config/etc/gshadow41
-rw-r--r--tests/convtools/20_pwunconv_usage_option/config/etc/passwd19
-rw-r--r--tests/convtools/20_pwunconv_usage_option/config/etc/shadow19
-rw-r--r--tests/convtools/20_pwunconv_usage_option/data/usage.out7
-rwxr-xr-xtests/convtools/20_pwunconv_usage_option/pwunconv.test54
-rw-r--r--tests/convtools/21_pwunconv_keep_passwd_password/config.txt1
-rw-r--r--tests/convtools/21_pwunconv_keep_passwd_password/config/etc/group42
-rw-r--r--tests/convtools/21_pwunconv_keep_passwd_password/config/etc/gshadow41
-rw-r--r--tests/convtools/21_pwunconv_keep_passwd_password/config/etc/passwd20
-rw-r--r--tests/convtools/21_pwunconv_keep_passwd_password/config/etc/shadow20
-rw-r--r--tests/convtools/21_pwunconv_keep_passwd_password/data/passwd20
-rwxr-xr-xtests/convtools/21_pwunconv_keep_passwd_password/pwunconv.test39
-rw-r--r--tests/convtools/22_grpunconv_usage_option/config.txt10
-rw-r--r--tests/convtools/22_grpunconv_usage_option/config/etc/group41
-rw-r--r--tests/convtools/22_grpunconv_usage_option/config/etc/gshadow41
-rw-r--r--tests/convtools/22_grpunconv_usage_option/config/etc/passwd19
-rw-r--r--tests/convtools/22_grpunconv_usage_option/config/etc/shadow19
-rw-r--r--tests/convtools/22_grpunconv_usage_option/data/usage.out7
-rwxr-xr-xtests/convtools/22_grpunconv_usage_option/grpunconv.test54
-rw-r--r--tests/convtools/23_grpunconv_keep_group_password/config.txt1
-rw-r--r--tests/convtools/23_grpunconv_keep_group_password/config/etc/group42
-rw-r--r--tests/convtools/23_grpunconv_keep_group_password/config/etc/gshadow42
-rw-r--r--tests/convtools/23_grpunconv_keep_group_password/config/etc/passwd20
-rw-r--r--tests/convtools/23_grpunconv_keep_group_password/config/etc/shadow20
-rw-r--r--tests/convtools/23_grpunconv_keep_group_password/data/group42
-rwxr-xr-xtests/convtools/23_grpunconv_keep_group_password/grpunconv.test39
-rw-r--r--tests/convtools/24_grpunconv_no_gshadow_entry/config.txt1
-rw-r--r--tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/group42
-rw-r--r--tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/gshadow41
-rw-r--r--tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/passwd20
-rw-r--r--tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/shadow20
-rw-r--r--tests/convtools/24_grpunconv_no_gshadow_entry/data/group42
-rwxr-xr-xtests/convtools/24_grpunconv_no_gshadow_entry/grpunconv.test39
-rw-r--r--tests/convtools/25_pwconv_usage_option/config.txt0
-rw-r--r--tests/convtools/25_pwconv_usage_option/config/etc/group0
-rw-r--r--tests/convtools/25_pwconv_usage_option/config/etc/gshadow0
-rw-r--r--tests/convtools/25_pwconv_usage_option/config/etc/passwd0
-rw-r--r--tests/convtools/25_pwconv_usage_option/config/etc/shadow0
-rw-r--r--tests/convtools/25_pwconv_usage_option/data/usage.out7
-rwxr-xr-xtests/convtools/25_pwconv_usage_option/pwconv.test54
-rw-r--r--tests/convtools/26_grpconv_usage_option/config.txt0
-rw-r--r--tests/convtools/26_grpconv_usage_option/config/etc/group0
-rw-r--r--tests/convtools/26_grpconv_usage_option/config/etc/gshadow0
-rw-r--r--tests/convtools/26_grpconv_usage_option/config/etc/passwd0
-rw-r--r--tests/convtools/26_grpconv_usage_option/config/etc/shadow0
-rw-r--r--tests/convtools/26_grpconv_usage_option/data/usage.out7
-rwxr-xr-xtests/convtools/26_grpconv_usage_option/grpconv.test54
-rw-r--r--tests/convtools/27_pwunconv_usage/config.txt10
-rw-r--r--tests/convtools/27_pwunconv_usage/config/etc/group41
-rw-r--r--tests/convtools/27_pwunconv_usage/config/etc/gshadow41
-rw-r--r--tests/convtools/27_pwunconv_usage/config/etc/passwd19
-rw-r--r--tests/convtools/27_pwunconv_usage/config/etc/shadow19
-rw-r--r--tests/convtools/27_pwunconv_usage/data/usage.out6
-rwxr-xr-xtests/convtools/27_pwunconv_usage/pwunconv.test48
-rw-r--r--tests/convtools/28_pwunconv_usage_extra_arg/config.txt10
-rw-r--r--tests/convtools/28_pwunconv_usage_extra_arg/config/etc/group41
-rw-r--r--tests/convtools/28_pwunconv_usage_extra_arg/config/etc/gshadow41
-rw-r--r--tests/convtools/28_pwunconv_usage_extra_arg/config/etc/passwd19
-rw-r--r--tests/convtools/28_pwunconv_usage_extra_arg/config/etc/shadow19
-rw-r--r--tests/convtools/28_pwunconv_usage_extra_arg/data/usage.out6
-rwxr-xr-xtests/convtools/28_pwunconv_usage_extra_arg/pwunconv.test54
-rw-r--r--tests/convtools/29_grpconv_usage/config.txt0
-rw-r--r--tests/convtools/29_grpconv_usage/config/etc/group0
-rw-r--r--tests/convtools/29_grpconv_usage/config/etc/gshadow0
-rw-r--r--tests/convtools/29_grpconv_usage/config/etc/passwd0
-rw-r--r--tests/convtools/29_grpconv_usage/config/etc/shadow0
-rw-r--r--tests/convtools/29_grpconv_usage/data/usage.out6
-rwxr-xr-xtests/convtools/29_grpconv_usage/grpconv.test48
-rw-r--r--tests/convtools/30_grpconv_usage_extra_arg/config.txt0
-rw-r--r--tests/convtools/30_grpconv_usage_extra_arg/config/etc/group0
-rw-r--r--tests/convtools/30_grpconv_usage_extra_arg/config/etc/gshadow0
-rw-r--r--tests/convtools/30_grpconv_usage_extra_arg/config/etc/passwd0
-rw-r--r--tests/convtools/30_grpconv_usage_extra_arg/config/etc/shadow0
-rw-r--r--tests/convtools/30_grpconv_usage_extra_arg/data/usage.out6
-rwxr-xr-xtests/convtools/30_grpconv_usage_extra_arg/grpconv.test54
-rw-r--r--tests/convtools/31_pwconv_usage/config.txt0
-rw-r--r--tests/convtools/31_pwconv_usage/config/etc/group0
-rw-r--r--tests/convtools/31_pwconv_usage/config/etc/gshadow0
-rw-r--r--tests/convtools/31_pwconv_usage/config/etc/passwd0
-rw-r--r--tests/convtools/31_pwconv_usage/config/etc/shadow0
-rw-r--r--tests/convtools/31_pwconv_usage/data/usage.out6
-rwxr-xr-xtests/convtools/31_pwconv_usage/pwconv.test48
-rw-r--r--tests/convtools/32_pwconv_usage_extra_arg/config.txt0
-rw-r--r--tests/convtools/32_pwconv_usage_extra_arg/config/etc/group0
-rw-r--r--tests/convtools/32_pwconv_usage_extra_arg/config/etc/gshadow0
-rw-r--r--tests/convtools/32_pwconv_usage_extra_arg/config/etc/passwd0
-rw-r--r--tests/convtools/32_pwconv_usage_extra_arg/config/etc/shadow0
-rw-r--r--tests/convtools/32_pwconv_usage_extra_arg/data/usage.out6
-rwxr-xr-xtests/convtools/32_pwconv_usage_extra_arg/pwconv.test54
-rw-r--r--tests/convtools/33_grpunconv_usage/config.txt10
-rw-r--r--tests/convtools/33_grpunconv_usage/config/etc/group41
-rw-r--r--tests/convtools/33_grpunconv_usage/config/etc/gshadow41
-rw-r--r--tests/convtools/33_grpunconv_usage/config/etc/passwd19
-rw-r--r--tests/convtools/33_grpunconv_usage/config/etc/shadow19
-rw-r--r--tests/convtools/33_grpunconv_usage/data/usage.out6
-rwxr-xr-xtests/convtools/33_grpunconv_usage/grpunconv.test48
-rw-r--r--tests/convtools/34_grpunconv_usage_extra_arg/config.txt10
-rw-r--r--tests/convtools/34_grpunconv_usage_extra_arg/config/etc/group41
-rw-r--r--tests/convtools/34_grpunconv_usage_extra_arg/config/etc/gshadow41
-rw-r--r--tests/convtools/34_grpunconv_usage_extra_arg/config/etc/passwd19
-rw-r--r--tests/convtools/34_grpunconv_usage_extra_arg/config/etc/shadow19
-rw-r--r--tests/convtools/34_grpunconv_usage_extra_arg/data/usage.out6
-rwxr-xr-xtests/convtools/34_grpunconv_usage_extra_arg/grpunconv.test54
-rwxr-xr-xtests/coverage.sh11
-rw-r--r--tests/cptools/01/data/group41
-rw-r--r--tests/cptools/01/data/group.new42
-rw-r--r--tests/cptools/01/data/gshadow41
-rw-r--r--tests/cptools/01/data/gshadow.new42
-rw-r--r--tests/cptools/01/data/passwd19
-rw-r--r--tests/cptools/01/data/passwd.new20
-rw-r--r--tests/cptools/01/data/shadow19
-rw-r--r--tests/cptools/01/data/shadow.new20
-rwxr-xr-xtests/cptools/01/run157
-rwxr-xr-xtests/cptools/01/run257
-rwxr-xr-xtests/cptools/01/run357
-rwxr-xr-xtests/cptools/01/run457
-rw-r--r--tests/cptools/02_cppw_usage/config.txt0
-rw-r--r--tests/cptools/02_cppw_usage/config/etc/group0
-rw-r--r--tests/cptools/02_cppw_usage/config/etc/gshadow0
-rw-r--r--tests/cptools/02_cppw_usage/config/etc/passwd0
-rw-r--r--tests/cptools/02_cppw_usage/config/etc/shadow0
-rwxr-xr-xtests/cptools/02_cppw_usage/cppw.test48
-rw-r--r--tests/cptools/02_cppw_usage/data/usage.out3
-rw-r--r--tests/cptools/03_cppw_usage_invalid_option/config.txt0
-rw-r--r--tests/cptools/03_cppw_usage_invalid_option/config/etc/group0
-rw-r--r--tests/cptools/03_cppw_usage_invalid_option/config/etc/gshadow0
-rw-r--r--tests/cptools/03_cppw_usage_invalid_option/config/etc/passwd0
-rw-r--r--tests/cptools/03_cppw_usage_invalid_option/config/etc/shadow0
-rwxr-xr-xtests/cptools/03_cppw_usage_invalid_option/cppw.test54
-rw-r--r--tests/cptools/03_cppw_usage_invalid_option/data/usage.out4
-rw-r--r--tests/cptools/04_cppw_no_file_argument/config.txt0
-rw-r--r--tests/cptools/04_cppw_no_file_argument/config/etc/group0
-rw-r--r--tests/cptools/04_cppw_no_file_argument/config/etc/gshadow0
-rw-r--r--tests/cptools/04_cppw_no_file_argument/config/etc/passwd0
-rw-r--r--tests/cptools/04_cppw_no_file_argument/config/etc/shadow0
-rwxr-xr-xtests/cptools/04_cppw_no_file_argument/cppw.test54
-rw-r--r--tests/cptools/04_cppw_no_file_argument/data/usage.out2
-rw-r--r--tests/cptools/05_cppw_2_files/config.txt0
-rw-r--r--tests/cptools/05_cppw_2_files/config/etc/group42
-rw-r--r--tests/cptools/05_cppw_2_files/config/etc/gshadow42
-rw-r--r--tests/cptools/05_cppw_2_files/config/etc/passwd21
-rw-r--r--tests/cptools/05_cppw_2_files/config/etc/shadow21
-rwxr-xr-xtests/cptools/05_cppw_2_files/cppw.test54
-rw-r--r--tests/cptools/05_cppw_2_files/data/passwd17
-rw-r--r--tests/cptools/05_cppw_2_files/data/usage.out2
-rw-r--r--tests/cptools/06_cppw_no_file/config.txt0
-rw-r--r--tests/cptools/06_cppw_no_file/config/etc/group0
-rw-r--r--tests/cptools/06_cppw_no_file/config/etc/gshadow0
-rw-r--r--tests/cptools/06_cppw_no_file/config/etc/passwd0
-rw-r--r--tests/cptools/06_cppw_no_file/config/etc/shadow0
-rwxr-xr-xtests/cptools/06_cppw_no_file/cppw.test54
-rw-r--r--tests/cptools/06_cppw_no_file/data/usage.out2
-rw-r--r--tests/cptools/07_cppw_locked_passwd/config.txt0
-rw-r--r--tests/cptools/07_cppw_locked_passwd/config/etc/group0
-rw-r--r--tests/cptools/07_cppw_locked_passwd/config/etc/gshadow0
-rw-r--r--tests/cptools/07_cppw_locked_passwd/config/etc/passwd0
-rw-r--r--tests/cptools/07_cppw_locked_passwd/config/etc/shadow0
-rwxr-xr-xtests/cptools/07_cppw_locked_passwd/cppw.test60
-rw-r--r--tests/cptools/07_cppw_locked_passwd/data/passwd0
-rw-r--r--tests/cptools/07_cppw_locked_passwd/data/usage.out3
-rw-r--r--tests/cptools/08_cppw-p/config.txt0
-rw-r--r--tests/cptools/08_cppw-p/config/etc/group0
-rw-r--r--tests/cptools/08_cppw-p/config/etc/gshadow0
-rw-r--r--tests/cptools/08_cppw-p/config/etc/passwd0
-rw-r--r--tests/cptools/08_cppw-p/config/etc/shadow0
-rwxr-xr-xtests/cptools/08_cppw-p/cppw.test39
-rw-r--r--tests/cptools/08_cppw-p/data/passwd0
-rw-r--r--tests/cptools/09_cppw-g/config.txt0
-rw-r--r--tests/cptools/09_cppw-g/config/etc/group42
-rw-r--r--tests/cptools/09_cppw-g/config/etc/gshadow42
-rw-r--r--tests/cptools/09_cppw-g/config/etc/passwd20
-rw-r--r--tests/cptools/09_cppw-g/config/etc/shadow20
-rwxr-xr-xtests/cptools/09_cppw-g/cppw.test39
-rw-r--r--tests/cptools/09_cppw-g/data/group39
-rw-r--r--tests/cptools/10_cppw-g-s/config.txt0
-rw-r--r--tests/cptools/10_cppw-g-s/config/etc/group42
-rw-r--r--tests/cptools/10_cppw-g-s/config/etc/gshadow42
-rw-r--r--tests/cptools/10_cppw-g-s/config/etc/passwd20
-rw-r--r--tests/cptools/10_cppw-g-s/config/etc/shadow20
-rwxr-xr-xtests/cptools/10_cppw-g-s/cppw.test39
-rw-r--r--tests/cptools/10_cppw-g-s/data/gshadow39
-rw-r--r--tests/cptools/11_cppw-p-s/config.txt0
-rw-r--r--tests/cptools/11_cppw-p-s/config/etc/group42
-rw-r--r--tests/cptools/11_cppw-p-s/config/etc/gshadow42
-rw-r--r--tests/cptools/11_cppw-p-s/config/etc/passwd20
-rw-r--r--tests/cptools/11_cppw-p-s/config/etc/shadow20
-rwxr-xr-xtests/cptools/11_cppw-p-s/cppw.test39
-rw-r--r--tests/cptools/11_cppw-p-s/data/shadow16
-rw-r--r--tests/cptools/12_cppw-s_no_shadow_file/config.txt0
-rw-r--r--tests/cptools/12_cppw-s_no_shadow_file/config/etc/group0
-rw-r--r--tests/cptools/12_cppw-s_no_shadow_file/config/etc/gshadow0
-rw-r--r--tests/cptools/12_cppw-s_no_shadow_file/config/etc/passwd0
-rw-r--r--tests/cptools/12_cppw-s_no_shadow_file/config/etc/shadow0
-rwxr-xr-xtests/cptools/12_cppw-s_no_shadow_file/cppw.test58
-rw-r--r--tests/cptools/12_cppw-s_no_shadow_file/data/cppw.err2
-rw-r--r--tests/cptools/12_cppw-s_no_shadow_file/data/shadow0
-rwxr-xr-xtests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test39
-rw-r--r--tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/group41
-rw-r--r--tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/passwd19
-rw-r--r--tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/shadow19
-rw-r--r--tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/group41
-rw-r--r--tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/gshadow41
-rw-r--r--tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/login.defs318
-rw-r--r--tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/passwd19
-rw-r--r--tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/01_chpasswd.test39
-rw-r--r--tests/crypt/login.defs_DES/01_chpasswd/group41
-rw-r--r--tests/crypt/login.defs_DES/01_chpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/01_chpasswd/passwd19
-rw-r--r--tests/crypt/login.defs_DES/01_chpasswd/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test39
-rw-r--r--tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/group41
-rw-r--r--tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd19
-rw-r--r--tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd.new19
-rw-r--r--tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test39
-rw-r--r--tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/group41
-rw-r--r--tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/passwd19
-rw-r--r--tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test39
-rw-r--r--tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/group41
-rw-r--r--tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/passwd19
-rw-r--r--tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/05_chpasswd-e.test39
-rw-r--r--tests/crypt/login.defs_DES/05_chpasswd-e/group41
-rw-r--r--tests/crypt/login.defs_DES/05_chpasswd-e/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/05_chpasswd-e/passwd19
-rw-r--r--tests/crypt/login.defs_DES/05_chpasswd-e/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/06_chpasswd-m.test39
-rw-r--r--tests/crypt/login.defs_DES/06_chpasswd-m/group41
-rw-r--r--tests/crypt/login.defs_DES/06_chpasswd-m/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/06_chpasswd-m/passwd19
-rw-r--r--tests/crypt/login.defs_DES/06_chpasswd-m/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/07_chgpasswd.test39
-rw-r--r--tests/crypt/login.defs_DES/07_chgpasswd/group41
-rw-r--r--tests/crypt/login.defs_DES/07_chgpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/07_chgpasswd/passwd19
-rw-r--r--tests/crypt/login.defs_DES/07_chgpasswd/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test39
-rw-r--r--tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/group41
-rw-r--r--tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/passwd19
-rw-r--r--tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test39
-rw-r--r--tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/group41
-rw-r--r--tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/passwd19
-rw-r--r--tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test39
-rw-r--r--tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/group41
-rw-r--r--tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/passwd19
-rw-r--r--tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/11_chgpasswd-e.test39
-rw-r--r--tests/crypt/login.defs_DES/11_chgpasswd-e/group41
-rw-r--r--tests/crypt/login.defs_DES/11_chgpasswd-e/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/11_chgpasswd-e/passwd19
-rw-r--r--tests/crypt/login.defs_DES/11_chgpasswd-e/shadow19
-rwxr-xr-xtests/crypt/login.defs_DES/12_chgpasswd-m.test39
-rw-r--r--tests/crypt/login.defs_DES/12_chgpasswd-m/group41
-rw-r--r--tests/crypt/login.defs_DES/12_chgpasswd-m/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/12_chgpasswd-m/passwd19
-rw-r--r--tests/crypt/login.defs_DES/12_chgpasswd-m/shadow19
-rw-r--r--tests/crypt/login.defs_DES/config/etc/group41
-rw-r--r--tests/crypt/login.defs_DES/config/etc/gshadow41
-rw-r--r--tests/crypt/login.defs_DES/config/etc/login.defs318
-rw-r--r--tests/crypt/login.defs_DES/config/etc/passwd19
-rw-r--r--tests/crypt/login.defs_DES/config/etc/shadow19
-rwxr-xr-xtests/crypt/login.defs_MD5/01_chpasswd.test39
-rw-r--r--tests/crypt/login.defs_MD5/01_chpasswd/group41
-rw-r--r--tests/crypt/login.defs_MD5/01_chpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_MD5/01_chpasswd/passwd19
-rw-r--r--tests/crypt/login.defs_MD5/01_chpasswd/shadow19
-rwxr-xr-xtests/crypt/login.defs_MD5/02_chgpasswd.test39
-rw-r--r--tests/crypt/login.defs_MD5/02_chgpasswd/group41
-rw-r--r--tests/crypt/login.defs_MD5/02_chgpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_MD5/02_chgpasswd/passwd19
-rw-r--r--tests/crypt/login.defs_MD5/02_chgpasswd/shadow19
-rw-r--r--tests/crypt/login.defs_MD5/config/etc/group41
-rw-r--r--tests/crypt/login.defs_MD5/config/etc/gshadow41
-rw-r--r--tests/crypt/login.defs_MD5/config/etc/login.defs318
-rw-r--r--tests/crypt/login.defs_MD5/config/etc/passwd19
-rw-r--r--tests/crypt/login.defs_MD5/config/etc/shadow19
-rwxr-xr-xtests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test39
-rw-r--r--tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd/shadow19
-rwxr-xr-xtests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test39
-rw-r--r--tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/group41
-rw-r--r--tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/gshadow41
-rw-r--r--tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/login.defs318
-rw-r--r--tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/passwd19
-rw-r--r--tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/shadow19
-rwxr-xr-xtests/crypt/login.defs_SHA256-round-max/01_chpasswd.test45
-rw-r--r--tests/crypt/login.defs_SHA256-round-max/01_chpasswd/shadow19
-rwxr-xr-xtests/crypt/login.defs_SHA256-round-max/02_chgpasswd.test45
-rw-r--r--tests/crypt/login.defs_SHA256-round-max/02_chgpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_SHA256-round-max/config/etc/group41
-rw-r--r--tests/crypt/login.defs_SHA256-round-max/config/etc/gshadow41
-rw-r--r--tests/crypt/login.defs_SHA256-round-max/config/etc/login.defs318
-rw-r--r--tests/crypt/login.defs_SHA256-round-max/config/etc/passwd19
-rw-r--r--tests/crypt/login.defs_SHA256-round-max/config/etc/shadow19
-rwxr-xr-xtests/crypt/login.defs_SHA256-round-min-max/01_chpasswd.test64
-rw-r--r--tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd/shadow19
-rwxr-xr-xtests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test64
-rw-r--r--tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_SHA256-round-min-max/config/etc/group41
-rw-r--r--tests/crypt/login.defs_SHA256-round-min-max/config/etc/gshadow41
-rw-r--r--tests/crypt/login.defs_SHA256-round-min-max/config/etc/login.defs318
-rw-r--r--tests/crypt/login.defs_SHA256-round-min-max/config/etc/passwd19
-rw-r--r--tests/crypt/login.defs_SHA256-round-min-max/config/etc/shadow19
-rwxr-xr-xtests/crypt/login.defs_SHA256-round-min/01_chpasswd.test45
-rw-r--r--tests/crypt/login.defs_SHA256-round-min/01_chpasswd/shadow19
-rwxr-xr-xtests/crypt/login.defs_SHA256-round-min/02_chgpasswd.test45
-rw-r--r--tests/crypt/login.defs_SHA256-round-min/02_chgpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_SHA256-round-min/config/etc/group41
-rw-r--r--tests/crypt/login.defs_SHA256-round-min/config/etc/gshadow41
-rw-r--r--tests/crypt/login.defs_SHA256-round-min/config/etc/login.defs318
-rw-r--r--tests/crypt/login.defs_SHA256-round-min/config/etc/passwd19
-rw-r--r--tests/crypt/login.defs_SHA256-round-min/config/etc/shadow19
-rwxr-xr-xtests/crypt/login.defs_SHA256/01_chpasswd.test39
-rw-r--r--tests/crypt/login.defs_SHA256/01_chpasswd/shadow19
-rwxr-xr-xtests/crypt/login.defs_SHA256/02_chgpasswd.test39
-rw-r--r--tests/crypt/login.defs_SHA256/02_chgpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_SHA256/config/etc/group41
-rw-r--r--tests/crypt/login.defs_SHA256/config/etc/gshadow41
-rw-r--r--tests/crypt/login.defs_SHA256/config/etc/login.defs318
-rw-r--r--tests/crypt/login.defs_SHA256/config/etc/passwd19
-rw-r--r--tests/crypt/login.defs_SHA256/config/etc/shadow19
-rwxr-xr-xtests/crypt/login.defs_SHA512/01_chpasswd.test39
-rw-r--r--tests/crypt/login.defs_SHA512/01_chpasswd/shadow19
-rwxr-xr-xtests/crypt/login.defs_SHA512/02_chgpasswd.test39
-rw-r--r--tests/crypt/login.defs_SHA512/02_chgpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_SHA512/config/etc/group41
-rw-r--r--tests/crypt/login.defs_SHA512/config/etc/gshadow41
-rw-r--r--tests/crypt/login.defs_SHA512/config/etc/login.defs318
-rw-r--r--tests/crypt/login.defs_SHA512/config/etc/passwd19
-rw-r--r--tests/crypt/login.defs_SHA512/config/etc/shadow19
-rwxr-xr-xtests/crypt/login.defs_none/01_chpasswd.test39
-rw-r--r--tests/crypt/login.defs_none/01_chpasswd/shadow19
-rwxr-xr-xtests/crypt/login.defs_none/02_chgpasswd.test39
-rw-r--r--tests/crypt/login.defs_none/02_chgpasswd/gshadow41
-rw-r--r--tests/crypt/login.defs_none/config/etc/group41
-rw-r--r--tests/crypt/login.defs_none/config/etc/gshadow41
-rw-r--r--tests/crypt/login.defs_none/config/etc/login.defs318
-rw-r--r--tests/crypt/login.defs_none/config/etc/passwd19
-rw-r--r--tests/crypt/login.defs_none/config/etc/shadow19
-rw-r--r--tests/debian/01/data/login_files296
-rw-r--r--tests/debian/01/data/passwd_files400
-rwxr-xr-xtests/debian/01/run33
-rwxr-xr-xtests/debian/02/run28
-rw-r--r--tests/expiry/01_expiry_-c_no_expiry/config/etc/group42
-rw-r--r--tests/expiry/01_expiry_-c_no_expiry/config/etc/gshadow42
-rw-r--r--tests/expiry/01_expiry_-c_no_expiry/config/etc/passwd20
-rw-r--r--tests/expiry/01_expiry_-c_no_expiry/config/etc/shadow20
-rwxr-xr-xtests/expiry/01_expiry_-c_no_expiry/expiry.exp17
-rwxr-xr-xtests/expiry/01_expiry_-c_no_expiry/expiry.test37
-rw-r--r--tests/expiry/02_expiry_-c_expired/config/etc/group42
-rw-r--r--tests/expiry/02_expiry_-c_expired/config/etc/gshadow42
-rw-r--r--tests/expiry/02_expiry_-c_expired/config/etc/passwd20
-rw-r--r--tests/expiry/02_expiry_-c_expired/config/etc/shadow20
-rwxr-xr-xtests/expiry/02_expiry_-c_expired/expiry.exp17
-rwxr-xr-xtests/expiry/02_expiry_-c_expired/expiry.test37
-rw-r--r--tests/expiry/03_expiry_-f_expired/config/etc/group42
-rw-r--r--tests/expiry/03_expiry_-f_expired/config/etc/gshadow42
-rw-r--r--tests/expiry/03_expiry_-f_expired/config/etc/pam.d/common-password33
-rw-r--r--tests/expiry/03_expiry_-f_expired/config/etc/passwd20
-rw-r--r--tests/expiry/03_expiry_-f_expired/config/etc/shadow20
-rw-r--r--tests/expiry/03_expiry_-f_expired/data/shadow20
-rwxr-xr-xtests/expiry/03_expiry_-f_expired/expiry.exp23
-rwxr-xr-xtests/expiry/03_expiry_-f_expired/expiry.test37
-rw-r--r--tests/expiry/04_expiry_no_options/config/etc/group42
-rw-r--r--tests/expiry/04_expiry_no_options/config/etc/gshadow42
-rw-r--r--tests/expiry/04_expiry_no_options/config/etc/passwd20
-rw-r--r--tests/expiry/04_expiry_no_options/config/etc/shadow20
-rw-r--r--tests/expiry/04_expiry_no_options/data/usage.out8
-rwxr-xr-xtests/expiry/04_expiry_no_options/expiry.test54
-rw-r--r--tests/expiry/05_expiry_-c_no_shadow_file/config/etc/group42
-rw-r--r--tests/expiry/05_expiry_-c_no_shadow_file/config/etc/gshadow42
-rw-r--r--tests/expiry/05_expiry_-c_no_shadow_file/config/etc/passwd20
-rw-r--r--tests/expiry/05_expiry_-c_no_shadow_file/config/etc/shadow20
-rwxr-xr-xtests/expiry/05_expiry_-c_no_shadow_file/expiry.exp17
-rwxr-xr-xtests/expiry/05_expiry_-c_no_shadow_file/expiry.test41
-rw-r--r--tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/group42
-rw-r--r--tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/shadow19
-rwxr-xr-xtests/expiry/06_expiry_-c_no_shadow_entry/expiry.exp17
-rwxr-xr-xtests/expiry/06_expiry_-c_no_shadow_entry/expiry.test37
-rw-r--r--tests/expiry/07_expiry_-c_expired_account/config/etc/group42
-rw-r--r--tests/expiry/07_expiry_-c_expired_account/config/etc/gshadow42
-rw-r--r--tests/expiry/07_expiry_-c_expired_account/config/etc/passwd20
-rw-r--r--tests/expiry/07_expiry_-c_expired_account/config/etc/shadow20
-rwxr-xr-xtests/expiry/07_expiry_-c_expired_account/expiry.exp17
-rwxr-xr-xtests/expiry/07_expiry_-c_expired_account/expiry.test37
-rw-r--r--tests/expiry/08_expiry_-c_expired_max+inact/config/etc/group42
-rw-r--r--tests/expiry/08_expiry_-c_expired_max+inact/config/etc/gshadow42
-rw-r--r--tests/expiry/08_expiry_-c_expired_max+inact/config/etc/passwd20
-rw-r--r--tests/expiry/08_expiry_-c_expired_max+inact/config/etc/shadow20
-rwxr-xr-xtests/expiry/08_expiry_-c_expired_max+inact/expiry.exp17
-rwxr-xr-xtests/expiry/08_expiry_-c_expired_max+inact/expiry.test37
-rw-r--r--tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/group42
-rw-r--r--tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/gshadow42
-rw-r--r--tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/passwd20
-rw-r--r--tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/shadow20
-rwxr-xr-xtests/expiry/09_expiry_-c_expired_not_inactive/expiry.exp17
-rwxr-xr-xtests/expiry/09_expiry_-c_expired_not_inactive/expiry.test37
-rw-r--r--tests/expiry/10_expiry_bad_option/config/etc/group42
-rw-r--r--tests/expiry/10_expiry_bad_option/config/etc/gshadow42
-rw-r--r--tests/expiry/10_expiry_bad_option/config/etc/passwd20
-rw-r--r--tests/expiry/10_expiry_bad_option/config/etc/shadow20
-rw-r--r--tests/expiry/10_expiry_bad_option/data/usage.out9
-rwxr-xr-xtests/expiry/10_expiry_bad_option/expiry.test53
-rw-r--r--tests/expiry/11_expiry_usage/config/etc/group42
-rw-r--r--tests/expiry/11_expiry_usage/config/etc/gshadow42
-rw-r--r--tests/expiry/11_expiry_usage/config/etc/passwd20
-rw-r--r--tests/expiry/11_expiry_usage/config/etc/shadow20
-rw-r--r--tests/expiry/11_expiry_usage/data/usage.out8
-rwxr-xr-xtests/expiry/11_expiry_usage/expiry.test47
-rw-r--r--tests/expiry/12_expiry_extra_arg/config/etc/group42
-rw-r--r--tests/expiry/12_expiry_extra_arg/config/etc/gshadow42
-rw-r--r--tests/expiry/12_expiry_extra_arg/config/etc/passwd20
-rw-r--r--tests/expiry/12_expiry_extra_arg/config/etc/shadow20
-rw-r--r--tests/expiry/12_expiry_extra_arg/data/usage.out9
-rwxr-xr-xtests/expiry/12_expiry_extra_arg/expiry.test53
-rw-r--r--tests/expiry/13_expiry_usage-c-f/config/etc/group42
-rw-r--r--tests/expiry/13_expiry_usage-c-f/config/etc/gshadow42
-rw-r--r--tests/expiry/13_expiry_usage-c-f/config/etc/passwd20
-rw-r--r--tests/expiry/13_expiry_usage-c-f/config/etc/shadow20
-rw-r--r--tests/expiry/13_expiry_usage-c-f/data/usage.out9
-rwxr-xr-xtests/expiry/13_expiry_usage-c-f/expiry.test53
-rwxr-xr-xtests/failures/chage/01_chage_openRW_passwd_failure/chage.test62
-rw-r--r--tests/failures/chage/01_chage_openRW_passwd_failure/config.txt1
-rw-r--r--tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/chage/01_chage_openRW_passwd_failure/data/chage.err2
-rwxr-xr-xtests/failures/chage/02_chage_openRO_passwd_failure/chage.test62
-rw-r--r--tests/failures/chage/02_chage_openRO_passwd_failure/config.txt1
-rw-r--r--tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/chage/02_chage_openRO_passwd_failure/data/chage.err2
-rwxr-xr-xtests/failures/chage/03_chage_openRW_shadow_failure/chage.test62
-rw-r--r--tests/failures/chage/03_chage_openRW_shadow_failure/config.txt1
-rw-r--r--tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/chage/03_chage_openRW_shadow_failure/data/chage.err2
-rwxr-xr-xtests/failures/chage/04_chage_openRO_shadow_failure/chage.test62
-rw-r--r--tests/failures/chage/04_chage_openRO_shadow_failure/config.txt1
-rw-r--r--tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/chage/04_chage_openRO_shadow_failure/data/chage.err2
-rwxr-xr-xtests/failures/chage/05_chage_rename_shadow_failure/chage.test62
-rw-r--r--tests/failures/chage/05_chage_rename_shadow_failure/config.txt1
-rw-r--r--tests/failures/chage/05_chage_rename_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/chage/05_chage_rename_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chage/05_chage_rename_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chage/05_chage_rename_shadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/chage/05_chage_rename_shadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/chage/05_chage_rename_shadow_failure/data/chage.err2
-rwxr-xr-xtests/failures/chage/06_chage_rename_passwd_failure/chage.test62
-rw-r--r--tests/failures/chage/06_chage_rename_passwd_failure/config.txt1
-rw-r--r--tests/failures/chage/06_chage_rename_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/chage/06_chage_rename_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chage/06_chage_rename_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chage/06_chage_rename_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/chage/06_chage_rename_passwd_failure/config/etc/shadow19
-rw-r--r--tests/failures/chage/06_chage_rename_passwd_failure/data/chage.err2
-rw-r--r--tests/failures/chage/06_chage_rename_passwd_failure/data/shadow20
-rwxr-xr-xtests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test55
-rw-r--r--tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config.txt1
-rw-r--r--tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/group42
-rw-r--r--tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/passwd20
-rw-r--r--tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/shadow20
-rw-r--r--tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/data/chgpasswd.err2
-rwxr-xr-xtests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test55
-rw-r--r--tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config.txt1
-rw-r--r--tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/group42
-rw-r--r--tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/data/chgpasswd.err2
-rwxr-xr-xtests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test55
-rw-r--r--tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config.txt1
-rw-r--r--tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/group42
-rw-r--r--tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/gshadow41
-rw-r--r--tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/passwd20
-rw-r--r--tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/shadow19
-rw-r--r--tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/chgpasswd.err2
-rw-r--r--tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/gshadow41
-rwxr-xr-xtests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test55
-rw-r--r--tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config.txt1
-rw-r--r--tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/group42
-rw-r--r--tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/shadow19
-rw-r--r--tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/data/chgpasswd.err2
-rwxr-xr-xtests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test55
-rw-r--r--tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config.txt1
-rw-r--r--tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/data/chpasswd.err2
-rwxr-xr-xtests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test55
-rw-r--r--tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config.txt1
-rw-r--r--tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/data/chpasswd.err2
-rwxr-xr-xtests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test55
-rw-r--r--tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config.txt1
-rw-r--r--tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/shadow19
-rw-r--r--tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/chpasswd.err2
-rw-r--r--tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/shadow19
-rwxr-xr-xtests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test55
-rw-r--r--tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config.txt1
-rw-r--r--tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/shadow19
-rw-r--r--tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/data/chpasswd.err2
-rwxr-xr-xtests/failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test40
-rw-r--r--tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config.txt2
-rw-r--r--tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/group42
-rw-r--r--tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/gshadow42
-rw-r--r--tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/passwd20
-rw-r--r--tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/shadow20
-rw-r--r--tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/data/shadow20
-rwxr-xr-xtests/failures/chsh/01_chsh_open_passwd_failure/chsh.test54
-rw-r--r--tests/failures/chsh/01_chsh_open_passwd_failure/config.txt1
-rw-r--r--tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/chsh/01_chsh_open_passwd_failure/data/chsh.err2
-rwxr-xr-xtests/failures/chsh/02_chsh_rename_passwd_failure/chsh.test54
-rw-r--r--tests/failures/chsh/02_chsh_rename_passwd_failure/config.txt1
-rw-r--r--tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/chsh/02_chsh_rename_passwd_failure/data/chsh.err2
-rw-r--r--tests/failures/chsh/02_chsh_rename_passwd_failure/data/shadow20
-rw-r--r--tests/failures/cppw/01_cppw_open_passwd_in_failure/config.txt1
-rw-r--r--tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/group42
-rw-r--r--tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/gshadow42
-rw-r--r--tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/login.defs315
-rw-r--r--tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/passwd20
-rw-r--r--tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/shadow20
-rwxr-xr-xtests/failures/cppw/01_cppw_open_passwd_in_failure/cppw.test54
-rw-r--r--tests/failures/cppw/01_cppw_open_passwd_in_failure/data/cppw.err3
-rw-r--r--tests/failures/cppw/01_cppw_open_passwd_in_failure/data/passwd17
-rw-r--r--tests/failures/cppw/02_cppw_open_passwd_backup_failure/config.txt1
-rw-r--r--tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/group42
-rw-r--r--tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/gshadow42
-rw-r--r--tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/login.defs315
-rw-r--r--tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/passwd20
-rw-r--r--tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/shadow20
-rwxr-xr-xtests/failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test54
-rw-r--r--tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/cppw.err3
-rw-r--r--tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/passwd17
-rw-r--r--tests/failures/cppw/03_cppw_rename_passwd_failure/config.txt1
-rw-r--r--tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/shadow20
-rwxr-xr-xtests/failures/cppw/03_cppw_rename_passwd_failure/cppw.test54
-rw-r--r--tests/failures/cppw/03_cppw_rename_passwd_failure/data/cppw.err3
-rw-r--r--tests/failures/cppw/03_cppw_rename_passwd_failure/data/passwd17
-rw-r--r--tests/failures/gpasswd/01_gpasswd_group_open_failure/config.txt1
-rw-r--r--tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/group42
-rw-r--r--tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/gpasswd/01_gpasswd_group_open_failure/data/gpasswd.err2
-rwxr-xr-xtests/failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test54
-rw-r--r--tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config.txt1
-rw-r--r--tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/group42
-rw-r--r--tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/data/gpasswd.err2
-rwxr-xr-xtests/failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test54
-rw-r--r--tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config.txt1
-rw-r--r--tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/group42
-rw-r--r--tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/gpasswd/03_gpasswd-a_group_open_failure/data/gpasswd.err2
-rwxr-xr-xtests/failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test54
-rw-r--r--tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config.txt1
-rw-r--r--tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/group42
-rw-r--r--tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/gpasswd/04_gpasswd-d_group_open_failure/data/gpasswd.err2
-rwxr-xr-xtests/failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test54
-rw-r--r--tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config.txt1
-rw-r--r--tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/group42
-rw-r--r--tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/gpasswd/05_gpasswd-r_group_open_failure/data/gpasswd.err2
-rwxr-xr-xtests/failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test54
-rw-r--r--tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config.txt1
-rw-r--r--tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/group42
-rw-r--r--tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/data/gpasswd.err2
-rwxr-xr-xtests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test54
-rw-r--r--tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config.txt1
-rw-r--r--tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/group42
-rw-r--r--tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/data/gpasswd.err2
-rwxr-xr-xtests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test54
-rw-r--r--tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config.txt1
-rw-r--r--tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/group42
-rw-r--r--tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/gshadow42
-rw-r--r--tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/login.defs315
-rw-r--r--tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/passwd19
-rw-r--r--tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/shadow19
-rw-r--r--tests/failures/gpasswd/08_gpasswd_group_openRO_failure/data/gpasswd.err2
-rwxr-xr-xtests/failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test54
-rw-r--r--tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config.txt1
-rw-r--r--tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/group42
-rw-r--r--tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/gshadow42
-rw-r--r--tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/login.defs315
-rw-r--r--tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/passwd19
-rw-r--r--tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/shadow19
-rw-r--r--tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/data/gpasswd.err2
-rwxr-xr-xtests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test54
-rw-r--r--tests/failures/gpasswd/10_gpasswd_group_rename_failure/config.txt1
-rw-r--r--tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/group42
-rw-r--r--tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/passwd19
-rw-r--r--tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/shadow19
-rw-r--r--tests/failures/gpasswd/10_gpasswd_group_rename_failure/data/gpasswd.err2
-rwxr-xr-xtests/failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test54
-rw-r--r--tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config.txt1
-rw-r--r--tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/group42
-rw-r--r--tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/passwd19
-rw-r--r--tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/shadow19
-rw-r--r--tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/gpasswd.err2
-rw-r--r--tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/group42
-rwxr-xr-xtests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test54
-rw-r--r--tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config.txt1
-rw-r--r--tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/group41
-rw-r--r--tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/gshadow41
-rw-r--r--tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/group42
-rw-r--r--tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/groupadd.err2
-rwxr-xr-xtests/failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test54
-rw-r--r--tests/failures/groupadd/02_groupadd_group_rename_failure/config.txt1
-rw-r--r--tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/group41
-rw-r--r--tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/gshadow41
-rw-r--r--tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupadd/02_groupadd_group_rename_failure/data/groupadd.err2
-rwxr-xr-xtests/failures/groupadd/02_groupadd_group_rename_failure/groupadd.test54
-rw-r--r--tests/failures/groupadd/03_groupadd_gshadow_open_failure/config.txt1
-rw-r--r--tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/group41
-rw-r--r--tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/gshadow41
-rw-r--r--tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupadd/03_groupadd_gshadow_open_failure/data/groupadd.err2
-rwxr-xr-xtests/failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test54
-rw-r--r--tests/failures/groupadd/04_groupadd_group_open_failure/config.txt1
-rw-r--r--tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/group41
-rw-r--r--tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/gshadow41
-rw-r--r--tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupadd/04_groupadd_group_open_failure/data/groupadd.err2
-rwxr-xr-xtests/failures/groupadd/04_groupadd_group_open_failure/groupadd.test54
-rw-r--r--tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config.txt1
-rw-r--r--tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/group42
-rw-r--r--tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/group41
-rw-r--r--tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/groupdel.err2
-rwxr-xr-xtests/failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test54
-rw-r--r--tests/failures/groupdel/02_groupdel_group_rename_failure/config.txt1
-rw-r--r--tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/group42
-rw-r--r--tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupdel/02_groupdel_group_rename_failure/data/groupdel.err2
-rwxr-xr-xtests/failures/groupdel/02_groupdel_group_rename_failure/groupdel.test54
-rw-r--r--tests/failures/groupdel/03_groupdel_gshadow_open_failure/config.txt1
-rw-r--r--tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/group42
-rw-r--r--tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupdel/03_groupdel_gshadow_open_failure/data/groupdel.err2
-rwxr-xr-xtests/failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test54
-rw-r--r--tests/failures/groupdel/04_groupdel_group_open_failure/config.txt1
-rw-r--r--tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/group42
-rw-r--r--tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupdel/04_groupdel_group_open_failure/data/groupdel.err2
-rwxr-xr-xtests/failures/groupdel/04_groupdel_group_open_failure/groupdel.test54
-rw-r--r--tests/failures/groupmems/01_groupmems_group_open_failure/config.txt1
-rw-r--r--tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/group42
-rw-r--r--tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupmems/01_groupmems_group_open_failure/data/groupmems.err2
-rwxr-xr-xtests/failures/groupmems/01_groupmems_group_open_failure/groupmems.test54
-rw-r--r--tests/failures/groupmems/02_groupmems_gshadow_open_failure/config.txt1
-rw-r--r--tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/group42
-rw-r--r--tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupmems/02_groupmems_gshadow_open_failure/data/groupmems.err2
-rwxr-xr-xtests/failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test54
-rw-r--r--tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config.txt1
-rw-r--r--tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/group42
-rw-r--r--tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/group42
-rw-r--r--tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/groupmod.err2
-rwxr-xr-xtests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test54
-rw-r--r--tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config.txt1
-rw-r--r--tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/group42
-rw-r--r--tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/group42
-rw-r--r--tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/groupmod.err2
-rwxr-xr-xtests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test54
-rw-r--r--tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config.txt1
-rw-r--r--tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/group42
-rw-r--r--tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/data/groupmod.err2
-rwxr-xr-xtests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test54
-rw-r--r--tests/failures/groupmod/04_groupmod_group_open_failure/config.txt1
-rw-r--r--tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/group42
-rw-r--r--tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupmod/04_groupmod_group_open_failure/data/groupmod.err2
-rwxr-xr-xtests/failures/groupmod/04_groupmod_group_open_failure/groupmod.test54
-rw-r--r--tests/failures/groupmod/05_groupmod_gshadow_open_failure/config.txt1
-rw-r--r--tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/group42
-rw-r--r--tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupmod/05_groupmod_gshadow_open_failure/data/groupmod.err2
-rwxr-xr-xtests/failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test54
-rw-r--r--tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config.txt1
-rw-r--r--tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/group42
-rw-r--r--tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/data/group42
-rwxr-xr-xtests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test39
-rw-r--r--tests/failures/groupmod/07_groupmod_passwd_open_failure/config.txt1
-rw-r--r--tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/group42
-rw-r--r--tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/passwd20
-rw-r--r--tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/shadow20
-rw-r--r--tests/failures/groupmod/07_groupmod_passwd_open_failure/data/groupmod.err2
-rwxr-xr-xtests/failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test54
-rw-r--r--tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config.txt1
-rw-r--r--tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/group42
-rw-r--r--tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/passwd20
-rw-r--r--tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/shadow20
-rwxr-xr-xtests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test39
-rw-r--r--tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config.txt1
-rw-r--r--tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/group42
-rw-r--r--tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/passwd20
-rw-r--r--tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/shadow20
-rw-r--r--tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/group42
-rw-r--r--tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/gshadow42
-rwxr-xr-xtests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test39
-rw-r--r--tests/failures/grpck/01_grpck_system_group_open_failure/config.txt1
-rw-r--r--tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/group42
-rw-r--r--tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/grpck/01_grpck_system_group_open_failure/data/grpck.err2
-rwxr-xr-xtests/failures/grpck/01_grpck_system_group_open_failure/grpck.test54
-rw-r--r--tests/failures/grpck/02_grpck_group_open_failure/config.txt1
-rw-r--r--tests/failures/grpck/02_grpck_group_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/grpck/02_grpck_group_open_failure/config/etc/group42
-rw-r--r--tests/failures/grpck/02_grpck_group_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpck/02_grpck_group_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpck/02_grpck_group_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/grpck/02_grpck_group_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/grpck/02_grpck_group_open_failure/data/grpck.err2
-rwxr-xr-xtests/failures/grpck/02_grpck_group_open_failure/grpck.test54
-rw-r--r--tests/failures/grpck/03_grpck_system_gshadow_open_failure/config.txt1
-rw-r--r--tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/group42
-rw-r--r--tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/grpck/03_grpck_system_gshadow_open_failure/data/grpck.err2
-rwxr-xr-xtests/failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test54
-rw-r--r--tests/failures/grpck/04_grpck_gshadow_open_failure/config.txt1
-rw-r--r--tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/group42
-rw-r--r--tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/grpck/04_grpck_gshadow_open_failure/data/group42
-rw-r--r--tests/failures/grpck/04_grpck_gshadow_open_failure/data/grpck.err2
-rw-r--r--tests/failures/grpck/04_grpck_gshadow_open_failure/data/gshadow42
-rwxr-xr-xtests/failures/grpck/04_grpck_gshadow_open_failure/grpck.test54
-rw-r--r--tests/failures/grpck/05_grpck_sort_group_rename_failure/config.txt1
-rw-r--r--tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/group42
-rw-r--r--tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/grpck/05_grpck_sort_group_rename_failure/data/grpck.err2
-rwxr-xr-xtests/failures/grpck/05_grpck_sort_group_rename_failure/grpck.test54
-rw-r--r--tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config.txt1
-rw-r--r--tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/group42
-rw-r--r--tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/group42
-rw-r--r--tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/grpck.err2
-rwxr-xr-xtests/failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test54
-rw-r--r--tests/failures/grpconv/01_grpconv_open_group_failure/config.txt1
-rw-r--r--tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/group42
-rw-r--r--tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/passwd20
-rw-r--r--tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/shadow20
-rw-r--r--tests/failures/grpconv/01_grpconv_open_group_failure/data/grpconv.err2
-rwxr-xr-xtests/failures/grpconv/01_grpconv_open_group_failure/grpconv.test58
-rw-r--r--tests/failures/grpconv/02_grpconv_open_gshadow_failure/config.txt1
-rw-r--r--tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/group42
-rw-r--r--tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/grpconv/02_grpconv_open_gshadow_failure/data/grpconv.err2
-rwxr-xr-xtests/failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test58
-rw-r--r--tests/failures/grpconv/03_grpconv_rename_group_failure/config.txt1
-rw-r--r--tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/group42
-rw-r--r--tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/passwd20
-rw-r--r--tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/shadow20
-rw-r--r--tests/failures/grpconv/03_grpconv_rename_group_failure/data/grpconv.err2
-rw-r--r--tests/failures/grpconv/03_grpconv_rename_group_failure/data/gshadow42
-rwxr-xr-xtests/failures/grpconv/03_grpconv_rename_group_failure/grpconv.test58
-rw-r--r--tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config.txt1
-rw-r--r--tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/group42
-rw-r--r--tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/grpconv/04_grpconv_rename_gshadow_failure/data/grpconv.err2
-rwxr-xr-xtests/failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test58
-rw-r--r--tests/failures/grpunconv/01_grpunconv_group_rename_failure/config.txt1
-rw-r--r--tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/group42
-rw-r--r--tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/grpunconv/01_grpunconv_group_rename_failure/data/grpunconv.err2
-rwxr-xr-xtests/failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test54
-rw-r--r--tests/failures/grpunconv/02_grpunconv_open_group_failure/config.txt1
-rw-r--r--tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/group42
-rw-r--r--tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/passwd20
-rw-r--r--tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/shadow20
-rw-r--r--tests/failures/grpunconv/02_grpunconv_open_group_failure/data/grpunconv.err2
-rwxr-xr-xtests/failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test54
-rw-r--r--tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config.txt1
-rw-r--r--tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/group42
-rw-r--r--tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/data/grpunconv.err2
-rwxr-xr-xtests/failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test54
-rw-r--r--tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config.txt1
-rw-r--r--tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/group42
-rw-r--r--tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/group42
-rw-r--r--tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/grpunconv.err2
-rwxr-xr-xtests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test54
-rw-r--r--tests/failures/newusers/01_newusers_open_passwd_failure/config.txt1
-rw-r--r--tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/group41
-rw-r--r--tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/gshadow41
-rw-r--r--tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/passwd19
-rw-r--r--tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/shadow19
-rw-r--r--tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.err2
-rw-r--r--tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.list1
-rwxr-xr-xtests/failures/newusers/01_newusers_open_passwd_failure/newusers.test54
-rw-r--r--tests/failures/newusers/02_newusers_open_shadow_failure/config.txt1
-rw-r--r--tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/group41
-rw-r--r--tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/gshadow41
-rw-r--r--tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/passwd19
-rw-r--r--tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/shadow19
-rw-r--r--tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.err2
-rw-r--r--tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.list1
-rwxr-xr-xtests/failures/newusers/02_newusers_open_shadow_failure/newusers.test54
-rw-r--r--tests/failures/newusers/03_newusers_open_group_failure/config.txt1
-rw-r--r--tests/failures/newusers/03_newusers_open_group_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/newusers/03_newusers_open_group_failure/config/etc/group41
-rw-r--r--tests/failures/newusers/03_newusers_open_group_failure/config/etc/gshadow41
-rw-r--r--tests/failures/newusers/03_newusers_open_group_failure/config/etc/login.defs315
-rw-r--r--tests/failures/newusers/03_newusers_open_group_failure/config/etc/passwd19
-rw-r--r--tests/failures/newusers/03_newusers_open_group_failure/config/etc/shadow19
-rw-r--r--tests/failures/newusers/03_newusers_open_group_failure/data/newusers.err2
-rw-r--r--tests/failures/newusers/03_newusers_open_group_failure/data/newusers.list1
-rwxr-xr-xtests/failures/newusers/03_newusers_open_group_failure/newusers.test54
-rw-r--r--tests/failures/newusers/04_newusers_open_gshadow_failure/config.txt1
-rw-r--r--tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/group41
-rw-r--r--tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/gshadow41
-rw-r--r--tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/passwd19
-rw-r--r--tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/shadow19
-rw-r--r--tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.err2
-rw-r--r--tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.list1
-rwxr-xr-xtests/failures/newusers/04_newusers_open_gshadow_failure/newusers.test54
-rw-r--r--tests/failures/newusers/05_newusers_rename_passwd_failure/config.txt1
-rw-r--r--tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.err2
-rw-r--r--tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.list1
-rwxr-xr-xtests/failures/newusers/05_newusers_rename_passwd_failure/newusers.test54
-rw-r--r--tests/failures/newusers/06_newusers_rename_shadow_failure/config.txt1
-rw-r--r--tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/passwd19
-rw-r--r--tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/shadow19
-rw-r--r--tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.err2
-rw-r--r--tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.list1
-rw-r--r--tests/failures/newusers/06_newusers_rename_shadow_failure/data/passwd20
-rwxr-xr-xtests/failures/newusers/06_newusers_rename_shadow_failure/newusers.test54
-rw-r--r--tests/failures/newusers/07_newusers_rename_group_failure/config.txt1
-rw-r--r--tests/failures/newusers/07_newusers_rename_group_failure/config/etc/group42
-rw-r--r--tests/failures/newusers/07_newusers_rename_group_failure/config/etc/gshadow42
-rw-r--r--tests/failures/newusers/07_newusers_rename_group_failure/config/etc/login.defs315
-rw-r--r--tests/failures/newusers/07_newusers_rename_group_failure/config/etc/passwd19
-rw-r--r--tests/failures/newusers/07_newusers_rename_group_failure/config/etc/shadow19
-rw-r--r--tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.err2
-rw-r--r--tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.list1
-rw-r--r--tests/failures/newusers/07_newusers_rename_group_failure/data/passwd20
-rw-r--r--tests/failures/newusers/07_newusers_rename_group_failure/data/shadow20
-rwxr-xr-xtests/failures/newusers/07_newusers_rename_group_failure/newusers.test54
-rw-r--r--tests/failures/newusers/08_newusers_rename_gshadow_failure/config.txt1
-rw-r--r--tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/group42
-rw-r--r--tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/passwd19
-rw-r--r--tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/shadow19
-rw-r--r--tests/failures/newusers/08_newusers_rename_gshadow_failure/data/group43
-rw-r--r--tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.err2
-rw-r--r--tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.list1
-rw-r--r--tests/failures/newusers/08_newusers_rename_gshadow_failure/data/passwd20
-rw-r--r--tests/failures/newusers/08_newusers_rename_gshadow_failure/data/shadow20
-rwxr-xr-xtests/failures/newusers/08_newusers_rename_gshadow_failure/newusers.test54
-rw-r--r--tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config.txt1
-rw-r--r--tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/group42
-rw-r--r--tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/gshadow42
-rw-r--r--tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/login.defs315
-rw-r--r--tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/passwd19
-rw-r--r--tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/shadow20
-rw-r--r--tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/group43
-rw-r--r--tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/gshadow43
-rw-r--r--tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.err4
-rw-r--r--tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.list1
-rw-r--r--tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/passwd20
-rwxr-xr-xtests/failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test54
-rw-r--r--tests/failures/newusers/10_newusers_time_0/config.txt2
-rw-r--r--tests/failures/newusers/10_newusers_time_0/config/etc/default/useradd36
-rw-r--r--tests/failures/newusers/10_newusers_time_0/config/etc/group41
-rw-r--r--tests/failures/newusers/10_newusers_time_0/config/etc/gshadow41
-rw-r--r--tests/failures/newusers/10_newusers_time_0/config/etc/pam.d/common-password33
-rw-r--r--tests/failures/newusers/10_newusers_time_0/config/etc/passwd19
-rw-r--r--tests/failures/newusers/10_newusers_time_0/config/etc/shadow19
-rw-r--r--tests/failures/newusers/10_newusers_time_0/data/group42
-rw-r--r--tests/failures/newusers/10_newusers_time_0/data/gshadow42
-rw-r--r--tests/failures/newusers/10_newusers_time_0/data/newusers.list1
-rw-r--r--tests/failures/newusers/10_newusers_time_0/data/passwd20
-rw-r--r--tests/failures/newusers/10_newusers_time_0/data/shadow20
-rwxr-xr-xtests/failures/newusers/10_newusers_time_0/newusers.test39
-rw-r--r--tests/failures/pwck/01_pwck_system_passwd_open_failure/config.txt1
-rw-r--r--tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/group42
-rw-r--r--tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/pwck/01_pwck_system_passwd_open_failure/data/pwck.err2
-rwxr-xr-xtests/failures/pwck/01_pwck_system_passwd_open_failure/pwck.test54
-rw-r--r--tests/failures/pwck/02_pwck_passwd_open_failure/config.txt1
-rw-r--r--tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/group42
-rw-r--r--tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/pwck/02_pwck_passwd_open_failure/data/pwck.err2
-rwxr-xr-xtests/failures/pwck/02_pwck_passwd_open_failure/pwck.test54
-rw-r--r--tests/failures/pwck/03_pwck_system_shadow_open_failure/config.txt1
-rw-r--r--tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/group42
-rw-r--r--tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/pwck/03_pwck_system_shadow_open_failure/data/pwck.err2
-rwxr-xr-xtests/failures/pwck/03_pwck_system_shadow_open_failure/pwck.test54
-rw-r--r--tests/failures/pwck/04_pwck_shadow_open_failure/config.txt1
-rw-r--r--tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/group42
-rw-r--r--tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/passwd19
-rw-r--r--tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/shadow19
-rw-r--r--tests/failures/pwck/04_pwck_shadow_open_failure/data/passwd19
-rw-r--r--tests/failures/pwck/04_pwck_shadow_open_failure/data/pwck.err2
-rwxr-xr-xtests/failures/pwck/04_pwck_shadow_open_failure/pwck.test54
-rw-r--r--tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config.txt1
-rw-r--r--tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/group42
-rw-r--r--tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/data/pwck.err2
-rwxr-xr-xtests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test54
-rw-r--r--tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config.txt1
-rw-r--r--tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/group42
-rw-r--r--tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/passwd20
-rw-r--r--tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/pwck.err2
-rwxr-xr-xtests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test54
-rw-r--r--tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config.txt1
-rw-r--r--tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/group42
-rw-r--r--tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/passwd20
-rw-r--r--tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/pwck.err2
-rwxr-xr-xtests/failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test59
-rw-r--r--tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config.txt1
-rw-r--r--tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/group42
-rw-r--r--tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd20
-rw-r--r--tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd.out20
-rw-r--r--tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/pwck.err2
-rw-r--r--tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/shadow20
-rwxr-xr-xtests/failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test59
-rw-r--r--tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config.txt2
-rw-r--r--tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/group42
-rw-r--r--tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/gshadow42
-rw-r--r--tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/passwd12
-rw-r--r--tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/shadow11
-rw-r--r--tests/failures/pwck/09_pwck_create_shadow_entry_time_0/data/shadow12
-rwxr-xr-xtests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.exp20
-rwxr-xr-xtests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test37
-rw-r--r--tests/failures/pwconv/01_pwconv_open_passwd_failure/config.txt1
-rw-r--r--tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwconv/01_pwconv_open_passwd_failure/data/pwconv.err2
-rwxr-xr-xtests/failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test58
-rw-r--r--tests/failures/pwconv/02_pwconv_open_shadow_failure/config.txt1
-rw-r--r--tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwconv/02_pwconv_open_shadow_failure/data/pwconv.err2
-rwxr-xr-xtests/failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test58
-rw-r--r--tests/failures/pwconv/03_pwconv_rename_passwd_failure/config.txt1
-rw-r--r--tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/pwconv.err2
-rw-r--r--tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/shadow20
-rwxr-xr-xtests/failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test58
-rw-r--r--tests/failures/pwconv/04_pwconv_rename_shadow_failure/config.txt1
-rw-r--r--tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwconv/04_pwconv_rename_shadow_failure/data/pwconv.err2
-rwxr-xr-xtests/failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test58
-rw-r--r--tests/failures/pwconv/05_pwconv_time_0/config.txt2
-rw-r--r--tests/failures/pwconv/05_pwconv_time_0/config/etc/group42
-rw-r--r--tests/failures/pwconv/05_pwconv_time_0/config/etc/gshadow42
-rw-r--r--tests/failures/pwconv/05_pwconv_time_0/config/etc/passwd20
-rw-r--r--tests/failures/pwconv/05_pwconv_time_0/config/etc/shadow20
-rw-r--r--tests/failures/pwconv/05_pwconv_time_0/data/passwd20
-rw-r--r--tests/failures/pwconv/05_pwconv_time_0/data/shadow20
-rwxr-xr-xtests/failures/pwconv/05_pwconv_time_0/pwconv.test43
-rw-r--r--tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config.txt1
-rw-r--r--tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/group42
-rw-r--r--tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/data/pwunconv.err2
-rwxr-xr-xtests/failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test54
-rw-r--r--tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config.txt1
-rw-r--r--tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwunconv/02_pwunconv_open_passwd_failure/data/pwunconv.err2
-rwxr-xr-xtests/failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test54
-rw-r--r--tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config.txt1
-rw-r--r--tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwunconv/03_pwunconv_open_shadow_failure/data/pwunconv.err2
-rwxr-xr-xtests/failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test54
-rw-r--r--tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config.txt1
-rw-r--r--tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/passwd20
-rw-r--r--tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/pwunconv.err2
-rwxr-xr-xtests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test54
-rw-r--r--tests/failures/useradd/01_useradd_open_passwd_failure/config.txt1
-rw-r--r--tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/01_useradd_open_passwd_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/01_useradd_open_passwd_failure/useradd.test54
-rw-r--r--tests/failures/useradd/02_useradd_open_shadow_failure/config.txt1
-rw-r--r--tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/02_useradd_open_shadow_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/02_useradd_open_shadow_failure/useradd.test54
-rw-r--r--tests/failures/useradd/03_useradd_open_group_failure/config.txt1
-rw-r--r--tests/failures/useradd/03_useradd_open_group_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/03_useradd_open_group_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/03_useradd_open_group_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/03_useradd_open_group_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/03_useradd_open_group_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/03_useradd_open_group_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/03_useradd_open_group_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/03_useradd_open_group_failure/useradd.test54
-rw-r--r--tests/failures/useradd/04_useradd_open_gshadow_failure/config.txt1
-rw-r--r--tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/04_useradd_open_gshadow_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/04_useradd_open_gshadow_failure/useradd.test54
-rw-r--r--tests/failures/useradd/05_useradd_rename_passwd_failure/config.txt1
-rw-r--r--tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/05_useradd_rename_passwd_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/05_useradd_rename_passwd_failure/useradd.test54
-rw-r--r--tests/failures/useradd/06_useradd_rename_shadow_failure/config.txt1
-rw-r--r--tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/06_useradd_rename_shadow_failure/data/passwd20
-rw-r--r--tests/failures/useradd/06_useradd_rename_shadow_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/06_useradd_rename_shadow_failure/useradd.test54
-rw-r--r--tests/failures/useradd/07_useradd_rename_group_failure/config.txt1
-rw-r--r--tests/failures/useradd/07_useradd_rename_group_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/07_useradd_rename_group_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/07_useradd_rename_group_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/07_useradd_rename_group_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/07_useradd_rename_group_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/07_useradd_rename_group_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/07_useradd_rename_group_failure/data/passwd20
-rw-r--r--tests/failures/useradd/07_useradd_rename_group_failure/data/shadow20
-rw-r--r--tests/failures/useradd/07_useradd_rename_group_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/07_useradd_rename_group_failure/useradd.test54
-rw-r--r--tests/failures/useradd/08_useradd_rename_gshadow_failure/config.txt1
-rw-r--r--tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/08_useradd_rename_gshadow_failure/data/group42
-rw-r--r--tests/failures/useradd/08_useradd_rename_gshadow_failure/data/passwd20
-rw-r--r--tests/failures/useradd/08_useradd_rename_gshadow_failure/data/shadow20
-rw-r--r--tests/failures/useradd/08_useradd_rename_gshadow_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/08_useradd_rename_gshadow_failure/useradd.test54
-rw-r--r--tests/failures/useradd/09_useradd_rename_defaults_failure/config.txt1
-rw-r--r--tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/09_useradd_rename_defaults_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/09_useradd_rename_defaults_failure/useradd.test55
-rw-r--r--tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config.txt1
-rw-r--r--tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/10_useradd_rename_defaults_backup_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test54
-rw-r--r--tests/failures/useradd/11_useradd_time_0/config.txt2
-rw-r--r--tests/failures/useradd/11_useradd_time_0/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/11_useradd_time_0/config/etc/group41
-rw-r--r--tests/failures/useradd/11_useradd_time_0/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/11_useradd_time_0/config/etc/pam.d/common-password33
-rw-r--r--tests/failures/useradd/11_useradd_time_0/config/etc/passwd19
-rw-r--r--tests/failures/useradd/11_useradd_time_0/config/etc/shadow19
-rw-r--r--tests/failures/useradd/11_useradd_time_0/data/group42
-rw-r--r--tests/failures/useradd/11_useradd_time_0/data/gshadow42
-rw-r--r--tests/failures/useradd/11_useradd_time_0/data/newusers.list1
-rw-r--r--tests/failures/useradd/11_useradd_time_0/data/passwd20
-rw-r--r--tests/failures/useradd/11_useradd_time_0/data/shadow20
-rwxr-xr-xtests/failures/useradd/11_useradd_time_0/useradd.test39
-rw-r--r--tests/failures/useradd/12_useradd_open_subuid_failure/config.txt1
-rw-r--r--tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subgid0
-rw-r--r--tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subuid0
-rw-r--r--tests/failures/useradd/12_useradd_open_subuid_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/12_useradd_open_subuid_failure/useradd.test60
-rw-r--r--tests/failures/useradd/13_useradd_open_subgid_failure/config.txt1
-rw-r--r--tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subgid0
-rw-r--r--tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subuid0
-rw-r--r--tests/failures/useradd/13_useradd_open_subgid_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/13_useradd_open_subgid_failure/useradd.test60
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/config.txt1
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subgid0
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subuid0
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/data/group42
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/data/gshadow42
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/data/passwd20
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/data/shadow20
-rw-r--r--tests/failures/useradd/14_username_rename_subuid_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/14_username_rename_subuid_failure/useradd.test60
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/config.txt1
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/config/etc/group41
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/config/etc/gshadow41
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/config/etc/passwd19
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/config/etc/shadow19
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subgid0
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subuid0
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/data/group42
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/data/gshadow42
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/data/passwd20
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/data/shadow20
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/data/subuid1
-rw-r--r--tests/failures/useradd/15_username_rename_subgid_failure/data/useradd.err2
-rwxr-xr-xtests/failures/useradd/15_username_rename_subgid_failure/useradd.test60
-rw-r--r--tests/failures/userdel/01_userdel_gshadow_rename_failure/config.txt1
-rw-r--r--tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/01_userdel_gshadow_rename_failure/data/group41
-rw-r--r--tests/failures/userdel/01_userdel_gshadow_rename_failure/data/passwd19
-rw-r--r--tests/failures/userdel/01_userdel_gshadow_rename_failure/data/shadow19
-rw-r--r--tests/failures/userdel/01_userdel_gshadow_rename_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/01_userdel_gshadow_rename_failure/userdel.test54
-rw-r--r--tests/failures/userdel/02_userdel_group_rename_failure/config.txt1
-rw-r--r--tests/failures/userdel/02_userdel_group_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/02_userdel_group_rename_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/02_userdel_group_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/02_userdel_group_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/02_userdel_group_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/02_userdel_group_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/02_userdel_group_rename_failure/data/passwd19
-rw-r--r--tests/failures/userdel/02_userdel_group_rename_failure/data/shadow19
-rw-r--r--tests/failures/userdel/02_userdel_group_rename_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/02_userdel_group_rename_failure/userdel.test54
-rw-r--r--tests/failures/userdel/03_userdel_shadow_rename_failure/config.txt1
-rw-r--r--tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/03_userdel_shadow_rename_failure/data/passwd19
-rw-r--r--tests/failures/userdel/03_userdel_shadow_rename_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/03_userdel_shadow_rename_failure/userdel.test54
-rw-r--r--tests/failures/userdel/04_userdel_passwd_rename_failure/config.txt1
-rw-r--r--tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/04_userdel_passwd_rename_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/04_userdel_passwd_rename_failure/userdel.test54
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/config.txt1
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/group42
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/passwd20
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/shadow20
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/config/var/mail/foo0
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/data/group41
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/data/gshadow41
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/data/passwd19
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/data/shadow19
-rw-r--r--tests/failures/userdel/05_userdel_failure_remove_mailbox/data/userdel.err3
-rwxr-xr-xtests/failures/userdel/05_userdel_failure_remove_mailbox/userdel.test58
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/config.txt1
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/group42
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/passwd20
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/shadow20
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/group41
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/gshadow41
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/passwd19
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/shadow19
-rw-r--r--tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/userdel.err3
-rwxr-xr-xtests/failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test64
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/config.txt1
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/group42
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/passwd20
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/shadow20
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/data/group41
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/data/gshadow41
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/data/passwd19
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/data/shadow19
-rw-r--r--tests/failures/userdel/07_userdel_failure_remove_homedir/data/userdel.err3
-rwxr-xr-xtests/failures/userdel/07_userdel_failure_remove_homedir/userdel.test64
-rw-r--r--tests/failures/userdel/08_userdel_open_passwd_failure/config.txt1
-rw-r--r--tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/08_userdel_open_passwd_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/08_userdel_open_passwd_failure/userdel.test54
-rw-r--r--tests/failures/userdel/09_userdel_open_shadow_failure/config.txt1
-rw-r--r--tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/09_userdel_open_shadow_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/09_userdel_open_shadow_failure/userdel.test54
-rw-r--r--tests/failures/userdel/10_userdel_open_group_failure/config.txt1
-rw-r--r--tests/failures/userdel/10_userdel_open_group_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/10_userdel_open_group_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/10_userdel_open_group_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/10_userdel_open_group_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/10_userdel_open_group_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/10_userdel_open_group_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/10_userdel_open_group_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/10_userdel_open_group_failure/userdel.test54
-rw-r--r--tests/failures/userdel/11_userdel_open_gshadow_failure/config.txt1
-rw-r--r--tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/11_userdel_open_gshadow_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/11_userdel_open_gshadow_failure/userdel.test54
-rw-r--r--tests/failures/userdel/12_userdel_open_subuid_failure/config.txt1
-rw-r--r--tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subgid0
-rw-r--r--tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subuid0
-rw-r--r--tests/failures/userdel/12_userdel_open_subuid_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/12_userdel_open_subuid_failure/userdel.test60
-rw-r--r--tests/failures/userdel/13_userdel_open_subgid_failure/config.txt1
-rw-r--r--tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subgid0
-rw-r--r--tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subuid0
-rw-r--r--tests/failures/userdel/13_userdel_open_subgid_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/13_userdel_open_subgid_failure/userdel.test60
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/config.txt1
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subgid1
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subuid1
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/data/group41
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/data/gshadow41
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/data/passwd19
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/data/shadow19
-rw-r--r--tests/failures/userdel/14_userdel_rename_subuid_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/14_userdel_rename_subuid_failure/usedel.test60
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/config.txt1
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/group42
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/gshadow42
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/passwd20
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/shadow20
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subgid1
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subuid2
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/data/group41
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/data/gshadow41
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/data/passwd19
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/data/shadow19
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/data/subuid1
-rw-r--r--tests/failures/userdel/15_userdel_rename_subgid_failure/data/userdel.err2
-rwxr-xr-xtests/failures/userdel/15_userdel_rename_subgid_failure/usedel.test60
-rw-r--r--tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config.txt1
-rw-r--r--tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/group42
-rw-r--r--tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/passwd20
-rw-r--r--tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/shadow20
-rw-r--r--tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test54
-rw-r--r--tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config.txt1
-rw-r--r--tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test54
-rw-r--r--tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config.txt1
-rw-r--r--tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/passwd20
-rw-r--r--tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/shadow20
-rw-r--r--tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test54
-rw-r--r--tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config.txt1
-rw-r--r--tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/passwd20
-rw-r--r--tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/shadow20
-rwxr-xr-xtests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test39
-rw-r--r--tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config.txt1
-rw-r--r--tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/passwd20
-rw-r--r--tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test54
-rw-r--r--tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config.txt1
-rw-r--r--tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test54
-rw-r--r--tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config.txt1
-rw-r--r--tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test54
-rw-r--r--tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config.txt1
-rw-r--r--tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/08_usermod_change_user_name_open_group_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test54
-rw-r--r--tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config.txt1
-rw-r--r--tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test54
-rw-r--r--tests/failures/usermod/10_usermod_-p_time_0/config.txt2
-rw-r--r--tests/failures/usermod/10_usermod_-p_time_0/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/10_usermod_-p_time_0/config/etc/group42
-rw-r--r--tests/failures/usermod/10_usermod_-p_time_0/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/10_usermod_-p_time_0/config/etc/passwd20
-rw-r--r--tests/failures/usermod/10_usermod_-p_time_0/config/etc/shadow20
-rw-r--r--tests/failures/usermod/10_usermod_-p_time_0/data/passwd20
-rw-r--r--tests/failures/usermod/10_usermod_-p_time_0/data/shadow20
-rwxr-xr-xtests/failures/usermod/10_usermod_-p_time_0/usermod.test39
-rw-r--r--tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config.txt2
-rw-r--r--tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/group42
-rw-r--r--tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/passwd20
-rw-r--r--tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/shadow19
-rw-r--r--tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/data/shadow20
-rwxr-xr-xtests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test39
-rw-r--r--tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config.txt1
-rw-r--r--tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test50
-rw-r--r--tests/failures/usermod/13_usermod_-v_open_subuid_failure/config.txt1
-rw-r--r--tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subgid0
-rw-r--r--tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subuid0
-rw-r--r--tests/failures/usermod/13_usermod_-v_open_subuid_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test60
-rw-r--r--tests/failures/usermod/14_usermod_-V_open_subuid_failure/config.txt1
-rw-r--r--tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subgid0
-rw-r--r--tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subuid0
-rw-r--r--tests/failures/usermod/14_usermod_-V_open_subuid_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test60
-rw-r--r--tests/failures/usermod/15_usermod_-w_open_subgid_failure/config.txt1
-rw-r--r--tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subgid0
-rw-r--r--tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subuid0
-rw-r--r--tests/failures/usermod/15_usermod_-w_open_subgid_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test60
-rw-r--r--tests/failures/usermod/16_usermod_-W_open_subgid_failure/config.txt1
-rw-r--r--tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subgid0
-rw-r--r--tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subuid0
-rw-r--r--tests/failures/usermod/16_usermod_-W_open_subgid_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test60
-rw-r--r--tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config.txt1
-rw-r--r--tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subgid0
-rw-r--r--tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subuid0
-rw-r--r--tests/failures/usermod/17_usermod_-v_rename_subuid_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test60
-rw-r--r--tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config.txt1
-rw-r--r--tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/default/useradd36
-rw-r--r--tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/group42
-rw-r--r--tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/gshadow42
-rw-r--r--tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/login.defs315
-rw-r--r--tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/passwd20
-rw-r--r--tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/shadow20
-rw-r--r--tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subgid0
-rw-r--r--tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subuid0
-rw-r--r--tests/failures/usermod/18_usermod_-w_rename_subgid_failure/data/usermod.err2
-rwxr-xr-xtests/failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test60
-rwxr-xr-xtests/grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test56
-rw-r--r--tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/login.defs318
-rw-r--r--tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/data/chgpasswd.err2
-rwxr-xr-xtests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test40
-rw-r--r--tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/login.defs318
-rw-r--r--tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test44
-rw-r--r--tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/login.defs318
-rw-r--r--tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/data/group41
-rwxr-xr-xtests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test40
-rw-r--r--tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/gshadow40
-rw-r--r--tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/login.defs318
-rw-r--r--tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/group41
-rw-r--r--tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test55
-rw-r--r--tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/login.defs318
-rw-r--r--tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/data/chgpasswd.err2
-rwxr-xr-xtests/grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test48
-rw-r--r--tests/grouptools/chgpasswd/06_chgpasswd_usage/config.txt10
-rw-r--r--tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/default/useradd36
-rw-r--r--tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/06_chgpasswd_usage/data/usage.out12
-rwxr-xr-xtests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test54
-rw-r--r--tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config.txt10
-rw-r--r--tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/default/useradd36
-rw-r--r--tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/data/usage.out13
-rwxr-xr-xtests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test54
-rw-r--r--tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config.txt10
-rw-r--r--tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/default/useradd36
-rw-r--r--tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/passwd20
-rw-r--r--tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/data/usage.out13
-rwxr-xr-xtests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test54
-rw-r--r--tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config.txt10
-rw-r--r--tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/default/useradd36
-rw-r--r--tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/passwd20
-rw-r--r--tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/data/usage.out13
-rwxr-xr-xtests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test54
-rw-r--r--tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config.txt10
-rw-r--r--tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/default/useradd36
-rw-r--r--tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/passwd20
-rw-r--r--tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/data/usage.out13
-rwxr-xr-xtests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test54
-rw-r--r--tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config.txt10
-rw-r--r--tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/default/useradd36
-rw-r--r--tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/passwd20
-rw-r--r--tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/data/usage.out13
-rwxr-xr-xtests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test54
-rw-r--r--tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config.txt10
-rw-r--r--tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/default/useradd36
-rw-r--r--tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/passwd20
-rw-r--r--tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/data/usage.out13
-rwxr-xr-xtests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test54
-rw-r--r--tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config.txt10
-rw-r--r--tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/default/useradd36
-rw-r--r--tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/passwd20
-rw-r--r--tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/data/usage.out13
-rwxr-xr-xtests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test40
-rw-r--r--tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test40
-rw-r--r--tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/15_chgpasswd_password_md5/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test40
-rw-r--r--tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test40
-rw-r--r--tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test40
-rw-r--r--tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/18_chgpasswd_password_DES/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test40
-rw-r--r--tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test41
-rw-r--r--tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test41
-rw-r--r--tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test40
-rw-r--r--tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test41
-rw-r--r--tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test41
-rw-r--r--tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test44
-rw-r--r--tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/data/group41
-rwxr-xr-xtests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test44
-rw-r--r--tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/shadow19
-rw-r--r--tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/data/group41
-rwxr-xr-xtests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test40
-rw-r--r--tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/group41
-rw-r--r--tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/gshadow40
-rw-r--r--tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/passwd19
-rw-r--r--tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/shadow18
-rw-r--r--tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/group41
-rw-r--r--tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/gshadow41
-rwxr-xr-xtests/grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test61
-rw-r--r--tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config.txt0
-rw-r--r--tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/group42
-rw-r--r--tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/passwd20
-rw-r--r--tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/shadow20
-rw-r--r--tests/grouptools/chgpasswd/30_chgpasswd_locked_group/data/chgpasswd.err2
-rwxr-xr-xtests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test61
-rw-r--r--tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config.txt0
-rw-r--r--tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/default/useradd36
-rw-r--r--tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/group42
-rw-r--r--tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/gshadow42
-rw-r--r--tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/passwd20
-rw-r--r--tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/shadow20
-rw-r--r--tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/data/chgpasswd.err2
-rwxr-xr-xtests/grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test56
-rw-r--r--tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config.txt0
-rw-r--r--tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/group42
-rw-r--r--tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/passwd20
-rw-r--r--tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/shadow20
-rw-r--r--tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/data/chgpasswd.err2
-rw-r--r--tests/grouptools/gpasswd/01_gpasswd_change_member_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/group42
-rw-r--r--tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/02_gpasswd_change_member_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/group42
-rw-r--r--tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/03_gpasswd_change_member_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/group42
-rw-r--r--tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/04_gpasswd_change_member_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/group42
-rw-r--r--tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/05_gpasswd_change_member_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/group42
-rw-r--r--tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/06_gpasswd_change_member_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/group42
-rw-r--r--tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test43
-rw-r--r--tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config.txt3
-rw-r--r--tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/login.defs335
-rw-r--r--tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.exp70
-rwxr-xr-xtests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config.txt3
-rw-r--r--tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/login.defs335
-rw-r--r--tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.exp70
-rwxr-xr-xtests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config.txt3
-rw-r--r--tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/login.defs335
-rw-r--r--tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.exp70
-rwxr-xr-xtests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test45
-rw-r--r--tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config.txt1
-rw-r--r--tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/login.defs335
-rw-r--r--tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/passwd21
-rw-r--r--tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/shadow21
-rw-r--r--tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.exp70
-rwxr-xr-xtests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config.txt1
-rw-r--r--tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/passwd21
-rw-r--r--tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/shadow21
-rwxr-xr-xtests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.exp60
-rwxr-xr-xtests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config.txt1
-rw-r--r--tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/passwd21
-rw-r--r--tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/shadow21
-rwxr-xr-xtests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.exp59
-rwxr-xr-xtests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test45
-rw-r--r--tests/grouptools/gpasswd/25_gpasswd_remove_password/config.txt5
-rw-r--r--tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/25_gpasswd_remove_password/data/group42
-rw-r--r--tests/grouptools/gpasswd/25_gpasswd_remove_password/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/28_gpasswd_lock_password/config.txt5
-rw-r--r--tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/28_gpasswd_lock_password/data/group42
-rw-r--r--tests/grouptools/gpasswd/28_gpasswd_lock_password/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test40
-rw-r--r--tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config.txt10
-rw-r--r--tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/data/gpasswd.err2
-rwxr-xr-xtests/grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test60
-rw-r--r--tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config.txt10
-rw-r--r--tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/data/gpasswd.err2
-rwxr-xr-xtests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test60
-rw-r--r--tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config.txt10
-rw-r--r--tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/data/gpasswd.err1
-rwxr-xr-xtests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test54
-rw-r--r--tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config.txt10
-rw-r--r--tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/data/gpasswd.err1
-rwxr-xr-xtests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test54
-rw-r--r--tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config.txt10
-rw-r--r--tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/data/gpasswd.err1
-rwxr-xr-xtests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test54
-rw-r--r--tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/48_gpasswd_change_admin_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/49_gpasswd_change_admin_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/50_gpasswd_change_admin_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/51_gpasswd_change_admin_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/52_gpasswd_change_admin_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config.txt5
-rw-r--r--tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/53_gpasswd_change_admin_list/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config.txt10
-rw-r--r--tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config.txt10
-rw-r--r--tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/data/gpasswd.err1
-rwxr-xr-xtests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test57
-rw-r--r--tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/shadow20
-rwxr-xr-xtests/grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config.txt5
-rw-r--r--tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/data/gpasswd.err1
-rwxr-xr-xtests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test54
-rw-r--r--tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config.txt5
-rw-r--r--tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/data/group42
-rwxr-xr-xtests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config.txt5
-rw-r--r--tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config.txt5
-rw-r--r--tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/group42
-rw-r--r--tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test39
-rw-r--r--tests/grouptools/gpasswd/61_gpasswd_usage/config.txt10
-rw-r--r--tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/group41
-rw-r--r--tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/passwd19
-rw-r--r--tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/shadow19
-rw-r--r--tests/grouptools/gpasswd/61_gpasswd_usage/data/usage.out13
-rwxr-xr-xtests/grouptools/gpasswd/61_gpasswd_usage/gpasswd.test49
-rw-r--r--tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config.txt10
-rw-r--r--tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/default/useradd36
-rw-r--r--tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/data/gpasswd.err1
-rwxr-xr-xtests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test54
-rw-r--r--tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config.txt10
-rw-r--r--tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/group41
-rw-r--r--tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/passwd19
-rw-r--r--tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/shadow19
-rw-r--r--tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/data/usage.out14
-rwxr-xr-xtests/grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test54
-rw-r--r--tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config.txt10
-rw-r--r--tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/group41
-rw-r--r--tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/passwd19
-rw-r--r--tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/shadow19
-rw-r--r--tests/grouptools/gpasswd/64_gpasswd_usage-a-d/data/usage.out13
-rwxr-xr-xtests/grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test54
-rw-r--r--tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config.txt10
-rw-r--r--tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/group41
-rw-r--r--tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/passwd19
-rw-r--r--tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/shadow19
-rw-r--r--tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/data/usage.out13
-rwxr-xr-xtests/grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test54
-rw-r--r--tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config.txt10
-rw-r--r--tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/group41
-rw-r--r--tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/gshadow41
-rw-r--r--tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/passwd19
-rw-r--r--tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/shadow19
-rw-r--r--tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/data/usage.out13
-rwxr-xr-xtests/grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test54
-rw-r--r--tests/grouptools/gpasswd/67_gpasswd-A_myuser/config.txt1
-rw-r--r--tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/passwd21
-rw-r--r--tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/shadow21
-rwxr-xr-xtests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.exp59
-rwxr-xr-xtests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/68_gpasswd-M_myuser/config.txt1
-rw-r--r--tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/passwd21
-rw-r--r--tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/shadow21
-rwxr-xr-xtests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.exp60
-rwxr-xr-xtests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config.txt1
-rw-r--r--tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/login.defs335
-rw-r--r--tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/passwd21
-rw-r--r--tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/shadow21
-rw-r--r--tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.exp87
-rwxr-xr-xtests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config.txt1
-rw-r--r--tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/login.defs335
-rw-r--r--tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/passwd21
-rw-r--r--tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/shadow21
-rw-r--r--tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.exp96
-rwxr-xr-xtests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config.txt1
-rw-r--r--tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/login.defs335
-rw-r--r--tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/passwd21
-rw-r--r--tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/shadow21
-rwxr-xr-xtests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.exp96
-rwxr-xr-xtests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test42
-rw-r--r--tests/grouptools/gpasswd/72_gpasswd-M-A/config.txt5
-rw-r--r--tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/group42
-rw-r--r--tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/gshadow42
-rw-r--r--tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/passwd20
-rw-r--r--tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/shadow20
-rw-r--r--tests/grouptools/gpasswd/72_gpasswd-M-A/data/group42
-rw-r--r--tests/grouptools/gpasswd/72_gpasswd-M-A/data/gshadow42
-rwxr-xr-xtests/grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test39
-rw-r--r--tests/grouptools/groupadd/01_groupadd_add_group/config.txt5
-rw-r--r--tests/grouptools/groupadd/01_groupadd_add_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/01_groupadd_add_group/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/01_groupadd_add_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/01_groupadd_add_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupadd/01_groupadd_add_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/01_groupadd_add_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/01_groupadd_add_group/data/group42
-rw-r--r--tests/grouptools/groupadd/01_groupadd_add_group/data/gshadow42
-rwxr-xr-xtests/grouptools/groupadd/01_groupadd_add_group/groupadd.test39
-rw-r--r--tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config.txt5
-rw-r--r--tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/group42
-rw-r--r--tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/gshadow42
-rwxr-xr-xtests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test39
-rw-r--r--tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config.txt5
-rw-r--r--tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/group42
-rw-r--r--tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/gshadow42
-rwxr-xr-xtests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test39
-rw-r--r--tests/grouptools/groupadd/04_groupadd_set_password/config.txt5
-rw-r--r--tests/grouptools/groupadd/04_groupadd_set_password/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/04_groupadd_set_password/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/04_groupadd_set_password/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/04_groupadd_set_password/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupadd/04_groupadd_set_password/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/04_groupadd_set_password/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/04_groupadd_set_password/data/group42
-rw-r--r--tests/grouptools/groupadd/04_groupadd_set_password/data/gshadow42
-rwxr-xr-xtests/grouptools/groupadd/04_groupadd_set_password/groupadd.test39
-rw-r--r--tests/grouptools/groupadd/05_groupadd_set_GID/config.txt5
-rw-r--r--tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/05_groupadd_set_GID/data/group42
-rw-r--r--tests/grouptools/groupadd/05_groupadd_set_GID/data/gshadow42
-rwxr-xr-xtests/grouptools/groupadd/05_groupadd_set_GID/groupadd.test39
-rw-r--r--tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config.txt5
-rw-r--r--tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/group42
-rw-r--r--tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/shadow19
-rwxr-xr-xtests/grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test39
-rw-r--r--tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config.txt5
-rw-r--r--tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/group42
-rw-r--r--tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/group43
-rw-r--r--tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/gshadow43
-rwxr-xr-xtests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test39
-rw-r--r--tests/grouptools/groupadd/08_groupadd_locked_group/config.txt10
-rw-r--r--tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/08_groupadd_locked_group/data/groupadd.err2
-rwxr-xr-xtests/grouptools/groupadd/08_groupadd_locked_group/groupadd.test60
-rw-r--r--tests/grouptools/groupadd/09_groupadd_locked_gshadow/config.txt10
-rw-r--r--tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/09_groupadd_locked_gshadow/data/groupadd.err2
-rwxr-xr-xtests/grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test60
-rw-r--r--tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config.txt5
-rw-r--r--tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/group42
-rw-r--r--tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/group43
-rw-r--r--tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/gshadow43
-rwxr-xr-xtests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test39
-rw-r--r--tests/grouptools/groupadd/11_groupadd_invalid_GID/config.txt10
-rw-r--r--tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/11_groupadd_invalid_GID/data/groupadd.err1
-rwxr-xr-xtests/grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/12_groupadd_negativ_GID/config.txt10
-rw-r--r--tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/12_groupadd_negativ_GID/data/groupadd.err1
-rwxr-xr-xtests/grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/13_groupadd_invalid_name/config.txt10
-rw-r--r--tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/13_groupadd_invalid_name/data/groupadd.err1
-rwxr-xr-xtests/grouptools/groupadd/13_groupadd_invalid_name/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config.txt10
-rw-r--r--tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/14_groupadd_invalid_-K_option/data/groupadd.err1
-rwxr-xr-xtests/grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config.txt10
-rw-r--r--tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/data/groupadd.err1
-rwxr-xr-xtests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/16_groupadd_existing_group/config.txt10
-rw-r--r--tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/group42
-rw-r--r--tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/16_groupadd_existing_group/data/groupadd.err1
-rwxr-xr-xtests/grouptools/groupadd/16_groupadd_existing_group/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/17_groupadd_add_systemgroup/config.txt5
-rw-r--r--tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/login.defs316
-rw-r--r--tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/group42
-rw-r--r--tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/gshadow42
-rwxr-xr-xtests/grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test39
-rw-r--r--tests/grouptools/groupadd/18_groupadd_no_more_GID/config.txt10
-rw-r--r--tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/group43
-rw-r--r--tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/18_groupadd_no_more_GID/data/groupadd.err1
-rwxr-xr-xtests/grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config.txt10
-rw-r--r--tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/group43
-rw-r--r--tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/login.defs317
-rw-r--r--tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/data/groupadd.err1
-rwxr-xr-xtests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/20_groupadd_add_existing_GID/config.txt10
-rw-r--r--tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/group42
-rw-r--r--tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/20_groupadd_add_existing_GID/data/groupadd.err1
-rwxr-xr-xtests/grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config.txt10
-rw-r--r--tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/data/groupadd.err1
-rwxr-xr-xtests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/22_groupadd_usage/config.txt10
-rw-r--r--tests/grouptools/groupadd/22_groupadd_usage/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/22_groupadd_usage/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/22_groupadd_usage/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/22_groupadd_usage/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/22_groupadd_usage/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/22_groupadd_usage/data/usage.out14
-rwxr-xr-xtests/grouptools/groupadd/22_groupadd_usage/groupadd.test49
-rw-r--r--tests/grouptools/groupadd/23_groupadd_no_groups/config.txt10
-rw-r--r--tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/23_groupadd_no_groups/data/groupadd.err14
-rwxr-xr-xtests/grouptools/groupadd/23_groupadd_no_groups/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/24_groupadd_2_groups/config.txt10
-rw-r--r--tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/24_groupadd_2_groups/data/groupadd.err14
-rwxr-xr-xtests/grouptools/groupadd/24_groupadd_2_groups/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/25_groupadd_no_gshadow/config.txt5
-rw-r--r--tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/25_groupadd_no_gshadow/data/group42
-rwxr-xr-xtests/grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test43
-rw-r--r--tests/grouptools/groupadd/26_groupadd_-o_without_-g/config.txt10
-rw-r--r--tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/26_groupadd_-o_without_-g/data/groupadd.err14
-rwxr-xr-xtests/grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test54
-rw-r--r--tests/grouptools/groupadd/27_groupadd_invalid_option/config.txt10
-rw-r--r--tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/group41
-rw-r--r--tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/passwd19
-rw-r--r--tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/shadow19
-rw-r--r--tests/grouptools/groupadd/27_groupadd_invalid_option/data/groupadd.err15
-rwxr-xr-xtests/grouptools/groupadd/27_groupadd_invalid_option/groupadd.test54
-rw-r--r--tests/grouptools/groupdel/01_groupdel_delete_group/config.txt5
-rw-r--r--tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/group42
-rw-r--r--tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupdel/01_groupdel_delete_group/data/group41
-rw-r--r--tests/grouptools/groupdel/01_groupdel_delete_group/data/gshadow41
-rwxr-xr-xtests/grouptools/groupdel/01_groupdel_delete_group/groupdel.test39
-rw-r--r--tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config.txt5
-rw-r--r--tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/group42
-rw-r--r--tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/data/group41
-rwxr-xr-xtests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test39
-rw-r--r--tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config.txt5
-rw-r--r--tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/passwd19
-rw-r--r--tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/shadow19
-rw-r--r--tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/data/group41
-rwxr-xr-xtests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test42
-rw-r--r--tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config.txt5
-rw-r--r--tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/group42
-rw-r--r--tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/passwd20
-rw-r--r--tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/shadow20
-rw-r--r--tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/data/groupdel.err1
-rwxr-xr-xtests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test54
-rw-r--r--tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config.txt5
-rw-r--r--tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/group42
-rw-r--r--tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/passwd20
-rw-r--r--tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/shadow20
-rw-r--r--tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/data/groupdel.err1
-rwxr-xr-xtests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test54
-rw-r--r--tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config.txt5
-rw-r--r--tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/group42
-rw-r--r--tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/data/groupdel.err2
-rwxr-xr-xtests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test60
-rw-r--r--tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config.txt5
-rw-r--r--tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/group42
-rw-r--r--tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/passwd19
-rw-r--r--tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/shadow19
-rw-r--r--tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/data/groupdel.err2
-rwxr-xr-xtests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test60
-rw-r--r--tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config.txt5
-rw-r--r--tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/group42
-rw-r--r--tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/passwd20
-rw-r--r--tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/shadow20
-rw-r--r--tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/data/groupdel.err6
-rwxr-xr-xtests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test54
-rw-r--r--tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config.txt5
-rw-r--r--tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/group42
-rw-r--r--tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/passwd20
-rw-r--r--tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/shadow20
-rw-r--r--tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/data/groupdel.err6
-rwxr-xr-xtests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test54
-rw-r--r--tests/grouptools/groupdel/10_groupdel_usage/config.txt5
-rw-r--r--tests/grouptools/groupdel/10_groupdel_usage/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupdel/10_groupdel_usage/config/etc/group42
-rw-r--r--tests/grouptools/groupdel/10_groupdel_usage/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupdel/10_groupdel_usage/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupdel/10_groupdel_usage/config/etc/passwd20
-rw-r--r--tests/grouptools/groupdel/10_groupdel_usage/config/etc/shadow20
-rw-r--r--tests/grouptools/groupdel/10_groupdel_usage/data/usage.out6
-rwxr-xr-xtests/grouptools/groupdel/10_groupdel_usage/groupdel.test48
-rw-r--r--tests/grouptools/groupdel/11_groupdel_invalid_option/config.txt5
-rw-r--r--tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/group42
-rw-r--r--tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/passwd20
-rw-r--r--tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/shadow20
-rw-r--r--tests/grouptools/groupdel/11_groupdel_invalid_option/data/groupdel.err7
-rwxr-xr-xtests/grouptools/groupdel/11_groupdel_invalid_option/groupdel.test54
-rw-r--r--tests/grouptools/groupmems/01_groupmems_root_add_user/config.txt2
-rw-r--r--tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmems/01_groupmems_root_add_user/data/group44
-rw-r--r--tests/grouptools/groupmems/01_groupmems_root_add_user/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/01_groupmems_root_add_user/groupmems.test39
-rw-r--r--tests/grouptools/groupmems/02_groupmems_root_del_user/config.txt2
-rw-r--r--tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmems/02_groupmems_root_del_user/data/group44
-rw-r--r--tests/grouptools/groupmems/02_groupmems_root_del_user/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/02_groupmems_root_del_user/groupmems.test39
-rw-r--r--tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config.txt2
-rw-r--r--tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/group44
-rw-r--r--tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test39
-rw-r--r--tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config.txt2
-rw-r--r--tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/group44
-rw-r--r--tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test39
-rw-r--r--tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config.txt2
-rw-r--r--tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/group44
-rw-r--r--tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test39
-rw-r--r--tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config.txt2
-rw-r--r--tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/group44
-rw-r--r--tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test39
-rw-r--r--tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config.txt2
-rw-r--r--tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/group44
-rw-r--r--tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test39
-rw-r--r--tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config.txt2
-rw-r--r--tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/group44
-rw-r--r--tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test39
-rw-r--r--tests/grouptools/groupmems/09_groupmems_root_purge_user/config.txt2
-rw-r--r--tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmems/09_groupmems_root_purge_user/data/group44
-rw-r--r--tests/grouptools/groupmems/09_groupmems_root_purge_user/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test39
-rw-r--r--tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config.txt2
-rw-r--r--tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/group44
-rw-r--r--tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test39
-rw-r--r--tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config.txt2
-rw-r--r--tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/group44
-rw-r--r--tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test39
-rw-r--r--tests/grouptools/groupmems/12_groupmems_user_add_user/config.txt1
-rw-r--r--tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/12_groupmems_user_add_user/data/group44
-rw-r--r--tests/grouptools/groupmems/12_groupmems_user_add_user/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/12_groupmems_user_add_user/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/12_groupmems_user_add_user/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/13_groupmems_user_del_user/config.txt1
-rw-r--r--tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/13_groupmems_user_del_user/data/group44
-rw-r--r--tests/grouptools/groupmems/13_groupmems_user_del_user/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/13_groupmems_user_del_user/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/13_groupmems_user_del_user/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config.txt1
-rw-r--r--tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/group44
-rw-r--r--tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/14_groupmems_user_del_user_admin/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config.txt1
-rw-r--r--tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/group44
-rw-r--r--tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config.txt1
-rw-r--r--tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/group44
-rw-r--r--tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config.txt1
-rw-r--r--tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/group44
-rw-r--r--tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config.txt1
-rw-r--r--tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/group44
-rw-r--r--tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config.txt1
-rw-r--r--tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/group44
-rw-r--r--tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/20_groupmems_user_purge_user/config.txt1
-rw-r--r--tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/20_groupmems_user_purge_user/data/group44
-rw-r--r--tests/grouptools/groupmems/20_groupmems_user_purge_user/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/20_groupmems_user_purge_user/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config.txt1
-rw-r--r--tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/group44
-rw-r--r--tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config.txt1
-rw-r--r--tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/group44
-rw-r--r--tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config.txt1
-rw-r--r--tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/run_groupmems.exp41
-rw-r--r--tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config.txt1
-rw-r--r--tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/group45
-rw-r--r--tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/gshadow45
-rw-r--r--tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/run_groupmems.exp42
-rw-r--r--tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config.txt1
-rw-r--r--tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/group45
-rw-r--r--tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/gshadow45
-rw-r--r--tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/run_groupmems.exp42
-rw-r--r--tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config.txt1
-rw-r--r--tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/26_groupmems_user_add_user-already_member/run_groupmems.exp50
-rw-r--r--tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config.txt1
-rw-r--r--tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/run_groupmems.exp50
-rw-r--r--tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config.txt1
-rw-r--r--tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/data/group44
-rwxr-xr-xtests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/run_groupmems.exp48
-rw-r--r--tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config.txt1
-rw-r--r--tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/run_groupmems.exp42
-rw-r--r--tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config.txt1
-rw-r--r--tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/gshadow43
-rw-r--r--tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/group44
-rw-r--r--tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config.txt1
-rw-r--r--tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/gshadow43
-rw-r--r--tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/data/group44
-rwxr-xr-xtests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test42
-rwxr-xr-xtests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config.txt1
-rw-r--r--tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/32_groupmems_user_del_user-not_member/run_groupmems.exp50
-rw-r--r--tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config.txt1
-rw-r--r--tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/data/group44
-rwxr-xr-xtests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/run_groupmems.exp48
-rw-r--r--tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config.txt1
-rw-r--r--tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/group44
-rw-r--r--tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/run_groupmems.exp48
-rw-r--r--tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config.txt1
-rw-r--r--tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/gshadow43
-rw-r--r--tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/group44
-rw-r--r--tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config.txt1
-rw-r--r--tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/data/group44
-rwxr-xr-xtests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test42
-rwxr-xr-xtests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config.txt1
-rw-r--r--tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config.txt1
-rw-r--r--tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/gshadow43
-rw-r--r--tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/group44
-rw-r--r--tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/gshadow44
-rwxr-xr-xtests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config.txt1
-rw-r--r--tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/data/group44
-rwxr-xr-xtests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test42
-rwxr-xr-xtests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/run_groupmems.exp49
-rw-r--r--tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config.txt1
-rw-r--r--tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/group45
-rw-r--r--tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/gshadow45
-rw-r--r--tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/run_groupmems.exp42
-rw-r--r--tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config.txt1
-rw-r--r--tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/group45
-rw-r--r--tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/gshadow45
-rw-r--r--tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/run_groupmems.exp42
-rw-r--r--tests/grouptools/groupmems/42_groupmems_user_list_users/config.txt1
-rw-r--r--tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/42_groupmems_user_list_users/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/42_groupmems_user_list_users/run_groupmems.exp42
-rw-r--r--tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config.txt1
-rw-r--r--tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/run_groupmems.exp42
-rw-r--r--tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config.txt1
-rw-r--r--tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/group45
-rw-r--r--tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/gshadow45
-rw-r--r--tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/44_groupmems_user_list_users-another_group/run_groupmems.exp42
-rw-r--r--tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config.txt1
-rw-r--r--tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test45
-rwxr-xr-xtests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/run_groupmems.exp42
-rw-r--r--tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config.txt1
-rw-r--r--tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test45
-rwxr-xr-xtests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/run_groupmems.exp42
-rw-r--r--tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config.txt1
-rw-r--r--tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test45
-rwxr-xr-xtests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/run_groupmems.exp50
-rw-r--r--tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config.txt1
-rw-r--r--tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test45
-rwxr-xr-xtests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/run_groupmems.exp50
-rw-r--r--tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config.txt1
-rw-r--r--tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test45
-rwxr-xr-xtests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/run_groupmems.exp50
-rw-r--r--tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config.txt1
-rw-r--r--tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test45
-rwxr-xr-xtests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/run_groupmems.exp50
-rw-r--r--tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config.txt1
-rw-r--r--tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test45
-rwxr-xr-xtests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/run_groupmems.exp50
-rw-r--r--tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config.txt1
-rw-r--r--tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/group44
-rw-r--r--tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/gshadow44
-rw-r--r--tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test45
-rwxr-xr-xtests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/run_groupmems.exp50
-rw-r--r--tests/grouptools/groupmems/53_groupmems_usage/config.txt10
-rw-r--r--tests/grouptools/groupmems/53_groupmems_usage/config/etc/group41
-rw-r--r--tests/grouptools/groupmems/53_groupmems_usage/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupmems/53_groupmems_usage/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmems/53_groupmems_usage/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmems/53_groupmems_usage/data/usage.out13
-rwxr-xr-xtests/grouptools/groupmems/53_groupmems_usage/groupmems.test49
-rw-r--r--tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config.txt1
-rw-r--r--tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/group42
-rw-r--r--tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmems/54_groupmems_usage_invalid_option/data/groupmems.err14
-rwxr-xr-xtests/grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test54
-rw-r--r--tests/grouptools/groupmems/55_groupmems_usage-a-d/config.txt1
-rw-r--r--tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/group42
-rw-r--r--tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmems/55_groupmems_usage-a-d/data/groupmems.err13
-rwxr-xr-xtests/grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test54
-rw-r--r--tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config.txt1
-rw-r--r--tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/group42
-rw-r--r--tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmems/56_groupmems_usage_extra_arg/data/groupmems.err13
-rwxr-xr-xtests/grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test54
-rw-r--r--tests/grouptools/groupmems/57_groupmems_authentication/config.txt1
-rw-r--r--tests/grouptools/groupmems/57_groupmems_authentication/config/etc/group45
-rw-r--r--tests/grouptools/groupmems/57_groupmems_authentication/config/etc/gshadow45
-rw-r--r--tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-account25
-rw-r--r--tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-auth25
-rw-r--r--tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/groupmems8
-rw-r--r--tests/grouptools/groupmems/57_groupmems_authentication/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/57_groupmems_authentication/config/etc/shadow21
-rw-r--r--tests/grouptools/groupmems/57_groupmems_authentication/data/group45
-rw-r--r--tests/grouptools/groupmems/57_groupmems_authentication/data/gshadow45
-rwxr-xr-xtests/grouptools/groupmems/57_groupmems_authentication/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/57_groupmems_authentication/run_groupmems.exp43
-rw-r--r--tests/grouptools/groupmems/58_groupmems_authentication_failure1/config.txt1
-rw-r--r--tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/group45
-rw-r--r--tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/gshadow45
-rw-r--r--tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-account25
-rw-r--r--tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-auth25
-rw-r--r--tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/groupmems8
-rw-r--r--tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/58_groupmems_authentication_failure1/run_groupmems.exp44
-rw-r--r--tests/grouptools/groupmems/59_groupmems_authentication_failure2/config.txt1
-rw-r--r--tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/group45
-rw-r--r--tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/gshadow45
-rw-r--r--tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-account1
-rw-r--r--tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-auth25
-rw-r--r--tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/groupmems8
-rw-r--r--tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test39
-rwxr-xr-xtests/grouptools/groupmems/59_groupmems_authentication_failure2/run_groupmems.exp44
-rw-r--r--tests/grouptools/groupmems/60_groupmems_authentication_failure3/config.txt1
-rw-r--r--tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/group45
-rw-r--r--tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/gshadow45
-rw-r--r--tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/groupmems1
-rw-r--r--tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/other1
-rw-r--r--tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/passwd21
-rw-r--r--tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/shadow21
-rwxr-xr-xtests/grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test43
-rwxr-xr-xtests/grouptools/groupmems/60_groupmems_authentication_failure3/run_groupmems.exp42
-rw-r--r--tests/grouptools/groupmod/01_groupmod_change_gid/config.txt1
-rw-r--r--tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/01_groupmod_change_gid/data/group42
-rwxr-xr-xtests/grouptools/groupmod/01_groupmod_change_gid/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config.txt1
-rw-r--r--tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/shadow20
-rw-r--r--tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/group42
-rw-r--r--tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/passwd20
-rwxr-xr-xtests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config.txt1
-rw-r--r--tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/data/group42
-rwxr-xr-xtests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config.txt1
-rw-r--r--tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test42
-rw-r--r--tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config.txt2
-rw-r--r--tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/group43
-rw-r--r--tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/gshadow43
-rw-r--r--tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/data/group43
-rwxr-xr-xtests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/06_groupmod_change_group_name/config.txt1
-rw-r--r--tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/06_groupmod_change_group_name/data/group42
-rw-r--r--tests/grouptools/groupmod/06_groupmod_change_group_name/data/gshadow42
-rwxr-xr-xtests/grouptools/groupmod/06_groupmod_change_group_name/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config.txt1
-rw-r--r--tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/data/group42
-rwxr-xr-xtests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config.txt1
-rw-r--r--tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test42
-rw-r--r--tests/grouptools/groupmod/09_groupmod_set_password/config.txt1
-rw-r--r--tests/grouptools/groupmod/09_groupmod_set_password/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/09_groupmod_set_password/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/09_groupmod_set_password/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/09_groupmod_set_password/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/09_groupmod_set_password/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/09_groupmod_set_password/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/09_groupmod_set_password/data/gshadow42
-rwxr-xr-xtests/grouptools/groupmod/09_groupmod_set_password/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config.txt1
-rw-r--r--tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config.txt1
-rw-r--r--tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/data/group42
-rwxr-xr-xtests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test42
-rw-r--r--tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config.txt1
-rw-r--r--tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/data/groupmod.err1
-rwxr-xr-xtests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test54
-rw-r--r--tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config.txt2
-rw-r--r--tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/group43
-rw-r--r--tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/gshadow43
-rw-r--r--tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/data/groupmod.err1
-rwxr-xr-xtests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test54
-rw-r--r--tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config.txt2
-rw-r--r--tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/group43
-rw-r--r--tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/gshadow43
-rw-r--r--tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/data/groupmod.err1
-rwxr-xr-xtests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test54
-rw-r--r--tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config.txt2
-rw-r--r--tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/group43
-rw-r--r--tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/gshadow43
-rw-r--r--tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/data/groupmod.err1
-rwxr-xr-xtests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test54
-rw-r--r--tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config.txt1
-rw-r--r--tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/shadow19
-rwxr-xr-xtests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config.txt1
-rw-r--r--tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/data/groupmod.err2
-rwxr-xr-xtests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test60
-rw-r--r--tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config.txt1
-rw-r--r--tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/data/group42
-rwxr-xr-xtests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test47
-rw-r--r--tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config.txt1
-rw-r--r--tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/data/groupmod.err1
-rwxr-xr-xtests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test54
-rw-r--r--tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config.txt1
-rw-r--r--tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/data/groupmod.err1
-rwxr-xr-xtests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test54
-rw-r--r--tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config.txt1
-rw-r--r--tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/data/groupmod.err11
-rwxr-xr-xtests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test60
-rw-r--r--tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/group42
-rw-r--r--tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/gshadow42
-rwxr-xr-xtests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/passwd20
-rw-r--r--tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/group42
-rw-r--r--tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/gshadow42
-rw-r--r--tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/passwd20
-rwxr-xr-xtests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/data/groupmod.err2
-rwxr-xr-xtests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test60
-rw-r--r--tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/data/groupmod.err2
-rwxr-xr-xtests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test60
-rw-r--r--tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/group42
-rw-r--r--tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/gshadow42
-rwxr-xr-xtests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test47
-rw-r--r--tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config.txt1
-rw-r--r--tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/data/groupmod.err1
-rwxr-xr-xtests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test54
-rw-r--r--tests/grouptools/groupmod/28_groupmod_usage/config.txt10
-rw-r--r--tests/grouptools/groupmod/28_groupmod_usage/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/28_groupmod_usage/config/etc/group41
-rw-r--r--tests/grouptools/groupmod/28_groupmod_usage/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupmod/28_groupmod_usage/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/28_groupmod_usage/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/28_groupmod_usage/data/usage.out11
-rwxr-xr-xtests/grouptools/groupmod/28_groupmod_usage/groupmod.test49
-rw-r--r--tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config.txt1
-rw-r--r--tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/group42
-rw-r--r--tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/gshadow42
-rwxr-xr-xtests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config.txt1
-rw-r--r--tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/shadow19
-rwxr-xr-xtests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/31_groupmod_-g_same_gid/config.txt1
-rw-r--r--tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/shadow19
-rwxr-xr-xtests/grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/32_groupmod_-o_without_-g/config.txt10
-rw-r--r--tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/group41
-rw-r--r--tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/32_groupmod_-o_without_-g/data/groupmod.err11
-rwxr-xr-xtests/grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test54
-rw-r--r--tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config.txt1
-rw-r--r--tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/data/group42
-rwxr-xr-xtests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test42
-rw-r--r--tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config.txt1
-rw-r--r--tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/group42
-rw-r--r--tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/gshadow42
-rwxr-xr-xtests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config.txt1
-rw-r--r--tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/data/group42
-rwxr-xr-xtests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config.txt1
-rw-r--r--tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/default/useradd36
-rw-r--r--tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/gshadow41
-rw-r--r--tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/data/gshadow42
-rwxr-xr-xtests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test39
-rw-r--r--tests/grouptools/groupmod/37_groupmod_invalid_option/config.txt1
-rw-r--r--tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/group42
-rw-r--r--tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/gshadow42
-rw-r--r--tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/login.defs315
-rw-r--r--tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/passwd19
-rw-r--r--tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/shadow19
-rw-r--r--tests/grouptools/groupmod/37_groupmod_invalid_option/data/groupmod.err12
-rwxr-xr-xtests/grouptools/groupmod/37_groupmod_invalid_option/groupmod.test54
-rw-r--r--tests/log/faillog/01_faillog_no_faillog/config.txt1
-rw-r--r--tests/log/faillog/01_faillog_no_faillog/config/etc/group42
-rw-r--r--tests/log/faillog/01_faillog_no_faillog/config/etc/gshadow42
-rw-r--r--tests/log/faillog/01_faillog_no_faillog/config/etc/passwd20
-rw-r--r--tests/log/faillog/01_faillog_no_faillog/config/etc/shadow20
-rw-r--r--tests/log/faillog/01_faillog_no_faillog/data/faillog.err1
-rwxr-xr-xtests/log/faillog/01_faillog_no_faillog/faillog.test51
-rw-r--r--tests/log/faillog/02_faillog_usage/config.txt10
-rw-r--r--tests/log/faillog/02_faillog_usage/config/etc/group41
-rw-r--r--tests/log/faillog/02_faillog_usage/config/etc/gshadow41
-rw-r--r--tests/log/faillog/02_faillog_usage/config/etc/passwd19
-rw-r--r--tests/log/faillog/02_faillog_usage/config/etc/shadow19
-rw-r--r--tests/log/faillog/02_faillog_usage/data/usage.out14
-rwxr-xr-xtests/log/faillog/02_faillog_usage/faillog.test35
-rw-r--r--tests/log/faillog/03_faillog_format/config.txt1
-rw-r--r--tests/log/faillog/03_faillog_format/config/etc/group42
-rw-r--r--tests/log/faillog/03_faillog_format/config/etc/gshadow42
-rw-r--r--tests/log/faillog/03_faillog_format/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/03_faillog_format/config/etc/passwd20
-rw-r--r--tests/log/faillog/03_faillog_format/config/etc/shadow20
-rw-r--r--tests/log/faillog/03_faillog_format/data/faillog.out2
-rw-r--r--tests/log/faillog/03_faillog_format/data/lastlog.out20
-rwxr-xr-xtests/log/faillog/03_faillog_format/faillog.test57
-rwxr-xr-xtests/log/faillog/03_faillog_format/login.exp17
-rw-r--r--tests/log/faillog/04_faillog_mulitple/config.txt1
-rw-r--r--tests/log/faillog/04_faillog_mulitple/config/etc/group42
-rw-r--r--tests/log/faillog/04_faillog_mulitple/config/etc/gshadow42
-rw-r--r--tests/log/faillog/04_faillog_mulitple/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/04_faillog_mulitple/config/etc/passwd22
-rw-r--r--tests/log/faillog/04_faillog_mulitple/config/etc/shadow22
-rw-r--r--tests/log/faillog/04_faillog_mulitple/data/faillog.list5
-rwxr-xr-xtests/log/faillog/04_faillog_mulitple/faillog.test52
-rwxr-xr-xtests/log/faillog/04_faillog_mulitple/login.exp26
-rw-r--r--tests/log/faillog/05_faillog-u_ID/config.txt1
-rw-r--r--tests/log/faillog/05_faillog-u_ID/config/etc/group42
-rw-r--r--tests/log/faillog/05_faillog-u_ID/config/etc/gshadow42
-rw-r--r--tests/log/faillog/05_faillog-u_ID/config/etc/passwd22
-rw-r--r--tests/log/faillog/05_faillog-u_ID/config/etc/shadow22
-rw-r--r--tests/log/faillog/05_faillog-u_ID/data/faillog.list3
-rwxr-xr-xtests/log/faillog/05_faillog-u_ID/faillog.test42
-rw-r--r--tests/log/faillog/06_faillog-u_name/config.txt1
-rw-r--r--tests/log/faillog/06_faillog-u_name/config/etc/group42
-rw-r--r--tests/log/faillog/06_faillog-u_name/config/etc/gshadow42
-rw-r--r--tests/log/faillog/06_faillog-u_name/config/etc/passwd22
-rw-r--r--tests/log/faillog/06_faillog-u_name/config/etc/shadow22
-rw-r--r--tests/log/faillog/06_faillog-u_name/data/faillog.list3
-rwxr-xr-xtests/log/faillog/06_faillog-u_name/faillog.test42
-rw-r--r--tests/log/faillog/07_faillog-u_ID_invalid/config.txt1
-rw-r--r--tests/log/faillog/07_faillog-u_ID_invalid/config/etc/group42
-rw-r--r--tests/log/faillog/07_faillog-u_ID_invalid/config/etc/gshadow42
-rw-r--r--tests/log/faillog/07_faillog-u_ID_invalid/config/etc/passwd22
-rw-r--r--tests/log/faillog/07_faillog-u_ID_invalid/config/etc/shadow22
-rw-r--r--tests/log/faillog/07_faillog-u_ID_invalid/data/faillog.list0
-rwxr-xr-xtests/log/faillog/07_faillog-u_ID_invalid/faillog.test41
-rw-r--r--tests/log/faillog/08_faillog-u_name_invalid/config.txt1
-rw-r--r--tests/log/faillog/08_faillog-u_name_invalid/config/etc/group42
-rw-r--r--tests/log/faillog/08_faillog-u_name_invalid/config/etc/gshadow42
-rw-r--r--tests/log/faillog/08_faillog-u_name_invalid/config/etc/passwd22
-rw-r--r--tests/log/faillog/08_faillog-u_name_invalid/config/etc/shadow22
-rw-r--r--tests/log/faillog/08_faillog-u_name_invalid/data/faillog.err1
-rwxr-xr-xtests/log/faillog/08_faillog-u_name_invalid/faillog.test45
-rw-r--r--tests/log/faillog/09_faillog-u_range/config.txt1
-rw-r--r--tests/log/faillog/09_faillog-u_range/config/etc/group42
-rw-r--r--tests/log/faillog/09_faillog-u_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/09_faillog-u_range/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/09_faillog-u_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/09_faillog-u_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/09_faillog-u_range/data/faillog.list4
-rwxr-xr-xtests/log/faillog/09_faillog-u_range/faillog.test50
-rwxr-xr-xtests/log/faillog/09_faillog-u_range/login.exp26
-rw-r--r--tests/log/faillog/10_faillog-u_open_range/config.txt1
-rw-r--r--tests/log/faillog/10_faillog-u_open_range/config/etc/group42
-rw-r--r--tests/log/faillog/10_faillog-u_open_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/10_faillog-u_open_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/10_faillog-u_open_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/10_faillog-u_open_range/data/faillog.list22
-rwxr-xr-xtests/log/faillog/10_faillog-u_open_range/faillog.test42
-rw-r--r--tests/log/faillog/11_faillog-u_range_open/config.txt1
-rw-r--r--tests/log/faillog/11_faillog-u_range_open/config/etc/group42
-rw-r--r--tests/log/faillog/11_faillog-u_range_open/config/etc/gshadow42
-rw-r--r--tests/log/faillog/11_faillog-u_range_open/config/etc/passwd22
-rw-r--r--tests/log/faillog/11_faillog-u_range_open/config/etc/shadow22
-rw-r--r--tests/log/faillog/11_faillog-u_range_open/data/faillog.list10
-rwxr-xr-xtests/log/faillog/11_faillog-u_range_open/faillog.test42
-rw-r--r--tests/log/faillog/12_faillog-u_range_invalid1/config.txt1
-rw-r--r--tests/log/faillog/12_faillog-u_range_invalid1/config/etc/group42
-rw-r--r--tests/log/faillog/12_faillog-u_range_invalid1/config/etc/gshadow42
-rw-r--r--tests/log/faillog/12_faillog-u_range_invalid1/config/etc/passwd22
-rw-r--r--tests/log/faillog/12_faillog-u_range_invalid1/config/etc/shadow22
-rw-r--r--tests/log/faillog/12_faillog-u_range_invalid1/data/faillog.err1
-rwxr-xr-xtests/log/faillog/12_faillog-u_range_invalid1/faillog.test45
-rw-r--r--tests/log/faillog/13_faillog-u_range_invalid2/config.txt1
-rw-r--r--tests/log/faillog/13_faillog-u_range_invalid2/config/etc/group42
-rw-r--r--tests/log/faillog/13_faillog-u_range_invalid2/config/etc/gshadow42
-rw-r--r--tests/log/faillog/13_faillog-u_range_invalid2/config/etc/passwd22
-rw-r--r--tests/log/faillog/13_faillog-u_range_invalid2/config/etc/shadow22
-rw-r--r--tests/log/faillog/13_faillog-u_range_invalid2/data/faillog.err1
-rwxr-xr-xtests/log/faillog/13_faillog-u_range_invalid2/faillog.test45
-rw-r--r--tests/log/faillog/14_faillog-u_range_invalid3/config.txt1
-rw-r--r--tests/log/faillog/14_faillog-u_range_invalid3/config/etc/group42
-rw-r--r--tests/log/faillog/14_faillog-u_range_invalid3/config/etc/gshadow42
-rw-r--r--tests/log/faillog/14_faillog-u_range_invalid3/config/etc/passwd22
-rw-r--r--tests/log/faillog/14_faillog-u_range_invalid3/config/etc/shadow22
-rw-r--r--tests/log/faillog/14_faillog-u_range_invalid3/data/faillog.err1
-rwxr-xr-xtests/log/faillog/14_faillog-u_range_invalid3/faillog.test45
-rw-r--r--tests/log/faillog/15_faillog_bad_option/config.txt10
-rw-r--r--tests/log/faillog/15_faillog_bad_option/config/etc/group41
-rw-r--r--tests/log/faillog/15_faillog_bad_option/config/etc/gshadow41
-rw-r--r--tests/log/faillog/15_faillog_bad_option/config/etc/passwd19
-rw-r--r--tests/log/faillog/15_faillog_bad_option/config/etc/shadow19
-rw-r--r--tests/log/faillog/15_faillog_bad_option/data/usage.out15
-rwxr-xr-xtests/log/faillog/15_faillog_bad_option/faillog.test41
-rw-r--r--tests/log/faillog/16_faillog_extra_arg/config.txt10
-rw-r--r--tests/log/faillog/16_faillog_extra_arg/config/etc/group41
-rw-r--r--tests/log/faillog/16_faillog_extra_arg/config/etc/gshadow41
-rw-r--r--tests/log/faillog/16_faillog_extra_arg/config/etc/passwd19
-rw-r--r--tests/log/faillog/16_faillog_extra_arg/config/etc/shadow19
-rw-r--r--tests/log/faillog/16_faillog_extra_arg/data/usage.out15
-rwxr-xr-xtests/log/faillog/16_faillog_extra_arg/faillog.test41
-rw-r--r--tests/log/faillog/17_faillog-t/config.txt1
-rw-r--r--tests/log/faillog/17_faillog-t/config/etc/group42
-rw-r--r--tests/log/faillog/17_faillog-t/config/etc/gshadow42
-rw-r--r--tests/log/faillog/17_faillog-t/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/17_faillog-t/config/etc/passwd22
-rw-r--r--tests/log/faillog/17_faillog-t/config/etc/shadow22
-rw-r--r--tests/log/faillog/17_faillog-t/data/faillog.list4
-rwxr-xr-xtests/log/faillog/17_faillog-t/faillog.test52
-rwxr-xr-xtests/log/faillog/17_faillog-t/login.exp26
-rw-r--r--tests/log/faillog/18_faillog-t_invalid/config.txt1
-rw-r--r--tests/log/faillog/18_faillog-t_invalid/config/etc/group42
-rw-r--r--tests/log/faillog/18_faillog-t_invalid/config/etc/gshadow42
-rw-r--r--tests/log/faillog/18_faillog-t_invalid/config/etc/passwd22
-rw-r--r--tests/log/faillog/18_faillog-t_invalid/config/etc/shadow22
-rw-r--r--tests/log/faillog/18_faillog-t_invalid/data/faillog.err1
-rwxr-xr-xtests/log/faillog/18_faillog-t_invalid/faillog.test45
-rw-r--r--tests/log/faillog/19_faillog_multiple_same_user/config.txt1
-rw-r--r--tests/log/faillog/19_faillog_multiple_same_user/config/etc/group42
-rw-r--r--tests/log/faillog/19_faillog_multiple_same_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/19_faillog_multiple_same_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/19_faillog_multiple_same_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/19_faillog_multiple_same_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/19_faillog_multiple_same_user/data/faillog.list5
-rwxr-xr-xtests/log/faillog/19_faillog_multiple_same_user/faillog.test55
-rwxr-xr-xtests/log/faillog/19_faillog_multiple_same_user/login.exp26
-rw-r--r--tests/log/faillog/20_faillog-r-u/config.txt1
-rw-r--r--tests/log/faillog/20_faillog-r-u/config/etc/group42
-rw-r--r--tests/log/faillog/20_faillog-r-u/config/etc/gshadow42
-rw-r--r--tests/log/faillog/20_faillog-r-u/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/20_faillog-r-u/config/etc/passwd22
-rw-r--r--tests/log/faillog/20_faillog-r-u/config/etc/shadow22
-rw-r--r--tests/log/faillog/20_faillog-r-u/data/faillog.list5
-rwxr-xr-xtests/log/faillog/20_faillog-r-u/faillog.test56
-rwxr-xr-xtests/log/faillog/20_faillog-r-u/login.exp26
-rw-r--r--tests/log/faillog/21_faillog-r-u_range/config.txt1
-rw-r--r--tests/log/faillog/21_faillog-r-u_range/config/etc/group42
-rw-r--r--tests/log/faillog/21_faillog-r-u_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/21_faillog-r-u_range/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/21_faillog-r-u_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/21_faillog-r-u_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/21_faillog-r-u_range/data/faillog.list5
-rwxr-xr-xtests/log/faillog/21_faillog-r-u_range/faillog.test56
-rwxr-xr-xtests/log/faillog/21_faillog-r-u_range/login.exp26
-rw-r--r--tests/log/faillog/22_faillog_removed_user/config.txt1
-rw-r--r--tests/log/faillog/22_faillog_removed_user/config/etc/group42
-rw-r--r--tests/log/faillog/22_faillog_removed_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/22_faillog_removed_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/22_faillog_removed_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/22_faillog_removed_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/22_faillog_removed_user/data/faillog.list4
-rwxr-xr-xtests/log/faillog/22_faillog_removed_user/faillog.test57
-rwxr-xr-xtests/log/faillog/22_faillog_removed_user/login.exp26
-rw-r--r--tests/log/faillog/23_faillog-a_removed_user/config.txt1
-rw-r--r--tests/log/faillog/23_faillog-a_removed_user/config/etc/group42
-rw-r--r--tests/log/faillog/23_faillog-a_removed_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/23_faillog-a_removed_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/23_faillog-a_removed_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/23_faillog-a_removed_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/23_faillog-a_removed_user/data/faillog.list23
-rwxr-xr-xtests/log/faillog/23_faillog-a_removed_user/faillog.test57
-rwxr-xr-xtests/log/faillog/23_faillog-a_removed_user/login.exp26
-rw-r--r--tests/log/faillog/24_faillog-u_removed_user/config.txt1
-rw-r--r--tests/log/faillog/24_faillog-u_removed_user/config/etc/group42
-rw-r--r--tests/log/faillog/24_faillog-u_removed_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/24_faillog-u_removed_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/24_faillog-u_removed_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/24_faillog-u_removed_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/24_faillog-u_removed_user/data/faillog.list0
-rwxr-xr-xtests/log/faillog/24_faillog-u_removed_user/faillog.test57
-rwxr-xr-xtests/log/faillog/24_faillog-u_removed_user/login.exp26
-rw-r--r--tests/log/faillog/25_faillog-r-u_removed_user/config.txt1
-rw-r--r--tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group42
-rw-r--r--tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list24
-rwxr-xr-xtests/log/faillog/25_faillog-r-u_removed_user/faillog.test60
-rwxr-xr-xtests/log/faillog/25_faillog-r-u_removed_user/login.exp26
-rw-r--r--tests/log/faillog/26_faillog-r-u_range_removed_user/config.txt1
-rw-r--r--tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/group42
-rw-r--r--tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/26_faillog-r-u_range_removed_user/data/faillog.list24
-rwxr-xr-xtests/log/faillog/26_faillog-r-u_range_removed_user/faillog.test60
-rwxr-xr-xtests/log/faillog/26_faillog-r-u_range_removed_user/login.exp26
-rw-r--r--tests/log/faillog/27_faillog-r-a-u_range_removed_user/config.txt1
-rw-r--r--tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/group42
-rw-r--r--tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/27_faillog-r-a-u_range_removed_user/data/faillog.list24
-rwxr-xr-xtests/log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test66
-rwxr-xr-xtests/log/faillog/27_faillog-r-a-u_range_removed_user/login.exp26
-rw-r--r--tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config.txt1
-rw-r--r--tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/group42
-rw-r--r--tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/data/faillog.list24
-rwxr-xr-xtests/log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test66
-rwxr-xr-xtests/log/faillog/28_faillog-r-a-u_open_range_removed_user/login.exp26
-rw-r--r--tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config.txt1
-rw-r--r--tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/group42
-rw-r--r--tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/data/faillog.list24
-rwxr-xr-xtests/log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test66
-rwxr-xr-xtests/log/faillog/29_faillog-r-a-u_range_open_removed_user/login.exp26
-rw-r--r--tests/log/faillog/30_faillog-r/config.txt1
-rw-r--r--tests/log/faillog/30_faillog-r/config/etc/group42
-rw-r--r--tests/log/faillog/30_faillog-r/config/etc/gshadow42
-rw-r--r--tests/log/faillog/30_faillog-r/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/30_faillog-r/config/etc/passwd22
-rw-r--r--tests/log/faillog/30_faillog-r/config/etc/shadow22
-rw-r--r--tests/log/faillog/30_faillog-r/data/faillog.list5
-rwxr-xr-xtests/log/faillog/30_faillog-r/faillog.test56
-rwxr-xr-xtests/log/faillog/30_faillog-r/login.exp26
-rw-r--r--tests/log/faillog/31_faillog-r-u_open_range/config.txt1
-rw-r--r--tests/log/faillog/31_faillog-r-u_open_range/config/etc/group42
-rw-r--r--tests/log/faillog/31_faillog-r-u_open_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/31_faillog-r-u_open_range/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/31_faillog-r-u_open_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/31_faillog-r-u_open_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/31_faillog-r-u_open_range/data/faillog.list5
-rwxr-xr-xtests/log/faillog/31_faillog-r-u_open_range/faillog.test56
-rwxr-xr-xtests/log/faillog/31_faillog-r-u_open_range/login.exp26
-rw-r--r--tests/log/faillog/32_faillog-l/config.txt1
-rw-r--r--tests/log/faillog/32_faillog-l/config/etc/group42
-rw-r--r--tests/log/faillog/32_faillog-l/config/etc/gshadow42
-rw-r--r--tests/log/faillog/32_faillog-l/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/32_faillog-l/config/etc/passwd22
-rw-r--r--tests/log/faillog/32_faillog-l/config/etc/shadow22
-rw-r--r--tests/log/faillog/32_faillog-l/data/faillog.list5
-rwxr-xr-xtests/log/faillog/32_faillog-l/faillog.test63
-rwxr-xr-xtests/log/faillog/32_faillog-l/login.exp26
-rw-r--r--tests/log/faillog/33_faillog-l-u_user/config.txt1
-rw-r--r--tests/log/faillog/33_faillog-l-u_user/config/etc/group42
-rw-r--r--tests/log/faillog/33_faillog-l-u_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/33_faillog-l-u_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/33_faillog-l-u_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/33_faillog-l-u_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/33_faillog-l-u_user/data/faillog.list1
-rwxr-xr-xtests/log/faillog/33_faillog-l-u_user/faillog.test60
-rwxr-xr-xtests/log/faillog/33_faillog-l-u_user/login.exp26
-rw-r--r--tests/log/faillog/34_faillog-l-u_range/config.txt1
-rw-r--r--tests/log/faillog/34_faillog-l-u_range/config/etc/group42
-rw-r--r--tests/log/faillog/34_faillog-l-u_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/34_faillog-l-u_range/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/34_faillog-l-u_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/34_faillog-l-u_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/34_faillog-l-u_range/data/faillog.list5
-rwxr-xr-xtests/log/faillog/34_faillog-l-u_range/faillog.test63
-rwxr-xr-xtests/log/faillog/34_faillog-l-u_range/login.exp26
-rw-r--r--tests/log/faillog/35_faillog-l-u_open_range/config.txt1
-rw-r--r--tests/log/faillog/35_faillog-l-u_open_range/config/etc/group42
-rw-r--r--tests/log/faillog/35_faillog-l-u_open_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/35_faillog-l-u_open_range/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/35_faillog-l-u_open_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/35_faillog-l-u_open_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/35_faillog-l-u_open_range/data/faillog.list5
-rwxr-xr-xtests/log/faillog/35_faillog-l-u_open_range/faillog.test63
-rwxr-xr-xtests/log/faillog/35_faillog-l-u_open_range/login.exp26
-rw-r--r--tests/log/faillog/36_faillog-l-u_range_open/config.txt1
-rw-r--r--tests/log/faillog/36_faillog-l-u_range_open/config/etc/group42
-rw-r--r--tests/log/faillog/36_faillog-l-u_range_open/config/etc/gshadow42
-rw-r--r--tests/log/faillog/36_faillog-l-u_range_open/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/36_faillog-l-u_range_open/config/etc/passwd22
-rw-r--r--tests/log/faillog/36_faillog-l-u_range_open/config/etc/shadow22
-rw-r--r--tests/log/faillog/36_faillog-l-u_range_open/data/faillog.list5
-rwxr-xr-xtests/log/faillog/36_faillog-l-u_range_open/faillog.test63
-rwxr-xr-xtests/log/faillog/36_faillog-l-u_range_open/login.exp26
-rw-r--r--tests/log/faillog/37_faillog-l-a-u_user/config.txt1
-rw-r--r--tests/log/faillog/37_faillog-l-a-u_user/config/etc/group42
-rw-r--r--tests/log/faillog/37_faillog-l-a-u_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/37_faillog-l-a-u_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/37_faillog-l-a-u_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/37_faillog-l-a-u_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/37_faillog-l-a-u_user/data/faillog.list1
-rwxr-xr-xtests/log/faillog/37_faillog-l-a-u_user/faillog.test70
-rwxr-xr-xtests/log/faillog/37_faillog-l-a-u_user/login.exp26
-rw-r--r--tests/log/faillog/38_faillog-l-a-u_range/config.txt1
-rw-r--r--tests/log/faillog/38_faillog-l-a-u_range/config/etc/group42
-rw-r--r--tests/log/faillog/38_faillog-l-a-u_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/38_faillog-l-a-u_range/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/38_faillog-l-a-u_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/38_faillog-l-a-u_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/38_faillog-l-a-u_range/data/faillog.list5
-rwxr-xr-xtests/log/faillog/38_faillog-l-a-u_range/faillog.test73
-rwxr-xr-xtests/log/faillog/38_faillog-l-a-u_range/login.exp26
-rw-r--r--tests/log/faillog/39_faillog-l-a-u_open_range/config.txt1
-rw-r--r--tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/group42
-rw-r--r--tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/39_faillog-l-a-u_open_range/data/faillog.list5
-rwxr-xr-xtests/log/faillog/39_faillog-l-a-u_open_range/faillog.test73
-rwxr-xr-xtests/log/faillog/39_faillog-l-a-u_open_range/login.exp26
-rw-r--r--tests/log/faillog/40_faillog-l-a-u_range_open/config.txt1
-rw-r--r--tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/group42
-rw-r--r--tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/gshadow42
-rw-r--r--tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/passwd22
-rw-r--r--tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/shadow22
-rw-r--r--tests/log/faillog/40_faillog-l-a-u_range_open/data/faillog.list5
-rwxr-xr-xtests/log/faillog/40_faillog-l-a-u_range_open/faillog.test73
-rwxr-xr-xtests/log/faillog/40_faillog-l-a-u_range_open/login.exp26
-rw-r--r--tests/log/faillog/41_faillog-l_invalid/config.txt1
-rw-r--r--tests/log/faillog/41_faillog-l_invalid/config/etc/group42
-rw-r--r--tests/log/faillog/41_faillog-l_invalid/config/etc/gshadow42
-rw-r--r--tests/log/faillog/41_faillog-l_invalid/config/etc/passwd22
-rw-r--r--tests/log/faillog/41_faillog-l_invalid/config/etc/shadow22
-rw-r--r--tests/log/faillog/41_faillog-l_invalid/data/faillog.err1
-rwxr-xr-xtests/log/faillog/41_faillog-l_invalid/faillog.test45
-rw-r--r--tests/log/faillog/42_faillog-m/config.txt1
-rw-r--r--tests/log/faillog/42_faillog-m/config/etc/group42
-rw-r--r--tests/log/faillog/42_faillog-m/config/etc/gshadow42
-rw-r--r--tests/log/faillog/42_faillog-m/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/42_faillog-m/config/etc/passwd22
-rw-r--r--tests/log/faillog/42_faillog-m/config/etc/shadow22
-rw-r--r--tests/log/faillog/42_faillog-m/data/faillog.list5
-rwxr-xr-xtests/log/faillog/42_faillog-m/faillog.test57
-rwxr-xr-xtests/log/faillog/42_faillog-m/login.exp26
-rw-r--r--tests/log/faillog/43_faillog-m-u_user/config.txt1
-rw-r--r--tests/log/faillog/43_faillog-m-u_user/config/etc/group42
-rw-r--r--tests/log/faillog/43_faillog-m-u_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/43_faillog-m-u_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/43_faillog-m-u_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/43_faillog-m-u_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/43_faillog-m-u_user/data/faillog.list5
-rwxr-xr-xtests/log/faillog/43_faillog-m-u_user/faillog.test57
-rwxr-xr-xtests/log/faillog/43_faillog-m-u_user/login.exp26
-rw-r--r--tests/log/faillog/44_faillog-m-u_range/config.txt1
-rw-r--r--tests/log/faillog/44_faillog-m-u_range/config/etc/group42
-rw-r--r--tests/log/faillog/44_faillog-m-u_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/44_faillog-m-u_range/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/44_faillog-m-u_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/44_faillog-m-u_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/44_faillog-m-u_range/data/faillog.list5
-rwxr-xr-xtests/log/faillog/44_faillog-m-u_range/faillog.test57
-rwxr-xr-xtests/log/faillog/44_faillog-m-u_range/login.exp26
-rw-r--r--tests/log/faillog/45_faillog-m-u_open_range/config.txt1
-rw-r--r--tests/log/faillog/45_faillog-m-u_open_range/config/etc/group42
-rw-r--r--tests/log/faillog/45_faillog-m-u_open_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/45_faillog-m-u_open_range/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/45_faillog-m-u_open_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/45_faillog-m-u_open_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/45_faillog-m-u_open_range/data/faillog.list5
-rwxr-xr-xtests/log/faillog/45_faillog-m-u_open_range/faillog.test57
-rwxr-xr-xtests/log/faillog/45_faillog-m-u_open_range/login.exp26
-rw-r--r--tests/log/faillog/46_faillog-m-u_range_open/config.txt1
-rw-r--r--tests/log/faillog/46_faillog-m-u_range_open/config/etc/group42
-rw-r--r--tests/log/faillog/46_faillog-m-u_range_open/config/etc/gshadow42
-rw-r--r--tests/log/faillog/46_faillog-m-u_range_open/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/46_faillog-m-u_range_open/config/etc/passwd22
-rw-r--r--tests/log/faillog/46_faillog-m-u_range_open/config/etc/shadow22
-rw-r--r--tests/log/faillog/46_faillog-m-u_range_open/data/faillog.list5
-rwxr-xr-xtests/log/faillog/46_faillog-m-u_range_open/faillog.test57
-rwxr-xr-xtests/log/faillog/46_faillog-m-u_range_open/login.exp26
-rw-r--r--tests/log/faillog/47_faillog-m-a-u_user/config.txt1
-rw-r--r--tests/log/faillog/47_faillog-m-a-u_user/config/etc/group42
-rw-r--r--tests/log/faillog/47_faillog-m-a-u_user/config/etc/gshadow42
-rw-r--r--tests/log/faillog/47_faillog-m-a-u_user/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/47_faillog-m-a-u_user/config/etc/passwd22
-rw-r--r--tests/log/faillog/47_faillog-m-a-u_user/config/etc/shadow22
-rw-r--r--tests/log/faillog/47_faillog-m-a-u_user/data/faillog.list5
-rwxr-xr-xtests/log/faillog/47_faillog-m-a-u_user/faillog.test67
-rwxr-xr-xtests/log/faillog/47_faillog-m-a-u_user/login.exp26
-rw-r--r--tests/log/faillog/48_faillog-m-a-u_range/config.txt1
-rw-r--r--tests/log/faillog/48_faillog-m-a-u_range/config/etc/group42
-rw-r--r--tests/log/faillog/48_faillog-m-a-u_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/48_faillog-m-a-u_range/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/48_faillog-m-a-u_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/48_faillog-m-a-u_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/48_faillog-m-a-u_range/data/faillog.list5
-rwxr-xr-xtests/log/faillog/48_faillog-m-a-u_range/faillog.test67
-rwxr-xr-xtests/log/faillog/48_faillog-m-a-u_range/login.exp26
-rw-r--r--tests/log/faillog/49_faillog-m-a-u_open_range/config.txt1
-rw-r--r--tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/group42
-rw-r--r--tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/gshadow42
-rw-r--r--tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/passwd22
-rw-r--r--tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/shadow22
-rw-r--r--tests/log/faillog/49_faillog-m-a-u_open_range/data/faillog.list5
-rwxr-xr-xtests/log/faillog/49_faillog-m-a-u_open_range/faillog.test67
-rwxr-xr-xtests/log/faillog/49_faillog-m-a-u_open_range/login.exp26
-rw-r--r--tests/log/faillog/50_faillog-m-a-u_range_open/config.txt1
-rw-r--r--tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/group42
-rw-r--r--tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/gshadow42
-rw-r--r--tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/passwd22
-rw-r--r--tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/shadow22
-rw-r--r--tests/log/faillog/50_faillog-m-a-u_range_open/data/faillog.list5
-rwxr-xr-xtests/log/faillog/50_faillog-m-a-u_range_open/faillog.test67
-rwxr-xr-xtests/log/faillog/50_faillog-m-a-u_range_open/login.exp26
-rw-r--r--tests/log/faillog/51_faillog-m_invalid/config.txt1
-rw-r--r--tests/log/faillog/51_faillog-m_invalid/config/etc/group42
-rw-r--r--tests/log/faillog/51_faillog-m_invalid/config/etc/gshadow42
-rw-r--r--tests/log/faillog/51_faillog-m_invalid/config/etc/passwd22
-rw-r--r--tests/log/faillog/51_faillog-m_invalid/config/etc/shadow22
-rw-r--r--tests/log/faillog/51_faillog-m_invalid/data/faillog.err1
-rwxr-xr-xtests/log/faillog/51_faillog-m_invalid/faillog.test45
-rw-r--r--tests/log/faillog/52_faillog-t-l_exclusive/config.txt10
-rw-r--r--tests/log/faillog/52_faillog-t-l_exclusive/config/etc/group41
-rw-r--r--tests/log/faillog/52_faillog-t-l_exclusive/config/etc/gshadow41
-rw-r--r--tests/log/faillog/52_faillog-t-l_exclusive/config/etc/passwd19
-rw-r--r--tests/log/faillog/52_faillog-t-l_exclusive/config/etc/shadow19
-rw-r--r--tests/log/faillog/52_faillog-t-l_exclusive/data/usage.out14
-rwxr-xr-xtests/log/faillog/52_faillog-t-l_exclusive/faillog.test41
-rw-r--r--tests/log/faillog/53_faillog-t-m_exclusive/config.txt10
-rw-r--r--tests/log/faillog/53_faillog-t-m_exclusive/config/etc/group41
-rw-r--r--tests/log/faillog/53_faillog-t-m_exclusive/config/etc/gshadow41
-rw-r--r--tests/log/faillog/53_faillog-t-m_exclusive/config/etc/passwd19
-rw-r--r--tests/log/faillog/53_faillog-t-m_exclusive/config/etc/shadow19
-rw-r--r--tests/log/faillog/53_faillog-t-m_exclusive/data/usage.out14
-rwxr-xr-xtests/log/faillog/53_faillog-t-m_exclusive/faillog.test41
-rw-r--r--tests/log/faillog/54_faillog-t-r_exclusive/config.txt10
-rw-r--r--tests/log/faillog/54_faillog-t-r_exclusive/config/etc/group41
-rw-r--r--tests/log/faillog/54_faillog-t-r_exclusive/config/etc/gshadow41
-rw-r--r--tests/log/faillog/54_faillog-t-r_exclusive/config/etc/passwd19
-rw-r--r--tests/log/faillog/54_faillog-t-r_exclusive/config/etc/shadow19
-rw-r--r--tests/log/faillog/54_faillog-t-r_exclusive/data/usage.out14
-rwxr-xr-xtests/log/faillog/54_faillog-t-r_exclusive/faillog.test41
-rw-r--r--tests/log/faillog/55_faillog_no_changes/config.txt1
-rw-r--r--tests/log/faillog/55_faillog_no_changes/config/etc/group42
-rw-r--r--tests/log/faillog/55_faillog_no_changes/config/etc/gshadow42
-rw-r--r--tests/log/faillog/55_faillog_no_changes/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/55_faillog_no_changes/config/etc/passwd22
-rw-r--r--tests/log/faillog/55_faillog_no_changes/config/etc/shadow22
-rw-r--r--tests/log/faillog/55_faillog_no_changes/data/faillog.stat1
-rwxr-xr-xtests/log/faillog/55_faillog_no_changes/faillog.test35
-rwxr-xr-xtests/log/faillog/55_faillog_no_changes/login.exp26
-rw-r--r--tests/log/faillog/56_faillog-l-m_empty_file/config.txt1
-rw-r--r--tests/log/faillog/56_faillog-l-m_empty_file/config/etc/group42
-rw-r--r--tests/log/faillog/56_faillog-l-m_empty_file/config/etc/gshadow42
-rw-r--r--tests/log/faillog/56_faillog-l-m_empty_file/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/56_faillog-l-m_empty_file/config/etc/passwd22
-rw-r--r--tests/log/faillog/56_faillog-l-m_empty_file/config/etc/shadow22
-rw-r--r--tests/log/faillog/56_faillog-l-m_empty_file/data/faillog.stat1
-rwxr-xr-xtests/log/faillog/56_faillog-l-m_empty_file/faillog.test35
-rw-r--r--tests/log/faillog/57_faillog-r_empty_file/config.txt1
-rw-r--r--tests/log/faillog/57_faillog-r_empty_file/config/etc/group42
-rw-r--r--tests/log/faillog/57_faillog-r_empty_file/config/etc/gshadow42
-rw-r--r--tests/log/faillog/57_faillog-r_empty_file/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/57_faillog-r_empty_file/config/etc/passwd22
-rw-r--r--tests/log/faillog/57_faillog-r_empty_file/config/etc/shadow22
-rw-r--r--tests/log/faillog/57_faillog-r_empty_file/data/faillog.stat1
-rwxr-xr-xtests/log/faillog/57_faillog-r_empty_file/faillog.test35
-rw-r--r--tests/log/faillog/58_faillog-l_no_failcount/config.txt1
-rw-r--r--tests/log/faillog/58_faillog-l_no_failcount/config/etc/group42
-rw-r--r--tests/log/faillog/58_faillog-l_no_failcount/config/etc/gshadow42
-rw-r--r--tests/log/faillog/58_faillog-l_no_failcount/config/etc/pam.d/login111
-rw-r--r--tests/log/faillog/58_faillog-l_no_failcount/config/etc/passwd22
-rw-r--r--tests/log/faillog/58_faillog-l_no_failcount/config/etc/shadow22
-rw-r--r--tests/log/faillog/58_faillog-l_no_failcount/data/faillog.list3
-rwxr-xr-xtests/log/faillog/58_faillog-l_no_failcount/faillog.test57
-rwxr-xr-xtests/log/faillog/58_faillog-l_no_failcount/login.exp26
-rw-r--r--tests/log/lastlog/01_lastlog_no_lastlog/config.txt1
-rw-r--r--tests/log/lastlog/01_lastlog_no_lastlog/config/etc/group42
-rw-r--r--tests/log/lastlog/01_lastlog_no_lastlog/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/01_lastlog_no_lastlog/config/etc/passwd20
-rw-r--r--tests/log/lastlog/01_lastlog_no_lastlog/config/etc/shadow20
-rw-r--r--tests/log/lastlog/01_lastlog_no_lastlog/data/lastlog.err1
-rwxr-xr-xtests/log/lastlog/01_lastlog_no_lastlog/lastlog.test51
-rw-r--r--tests/log/lastlog/02_lastlog_usage/config.txt10
-rw-r--r--tests/log/lastlog/02_lastlog_usage/config/etc/group41
-rw-r--r--tests/log/lastlog/02_lastlog_usage/config/etc/gshadow41
-rw-r--r--tests/log/lastlog/02_lastlog_usage/config/etc/passwd19
-rw-r--r--tests/log/lastlog/02_lastlog_usage/config/etc/shadow19
-rw-r--r--tests/log/lastlog/02_lastlog_usage/data/usage.out9
-rwxr-xr-xtests/log/lastlog/02_lastlog_usage/lastlog.test35
-rw-r--r--tests/log/lastlog/03_lastlog_format/config.txt1
-rw-r--r--tests/log/lastlog/03_lastlog_format/config/etc/group42
-rw-r--r--tests/log/lastlog/03_lastlog_format/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/03_lastlog_format/config/etc/passwd20
-rw-r--r--tests/log/lastlog/03_lastlog_format/config/etc/shadow20
-rw-r--r--tests/log/lastlog/03_lastlog_format/data/lastlog.out20
-rwxr-xr-xtests/log/lastlog/03_lastlog_format/lastlog.test60
-rwxr-xr-xtests/log/lastlog/03_lastlog_format/login.exp13
-rw-r--r--tests/log/lastlog/04_lastlog_mulitple/config.txt1
-rw-r--r--tests/log/lastlog/04_lastlog_mulitple/config/etc/group42
-rw-r--r--tests/log/lastlog/04_lastlog_mulitple/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/04_lastlog_mulitple/config/etc/passwd22
-rw-r--r--tests/log/lastlog/04_lastlog_mulitple/config/etc/shadow22
-rw-r--r--tests/log/lastlog/04_lastlog_mulitple/data/lastlog.list4
-rwxr-xr-xtests/log/lastlog/04_lastlog_mulitple/lastlog.test52
-rwxr-xr-xtests/log/lastlog/04_lastlog_mulitple/login.exp19
-rw-r--r--tests/log/lastlog/05_lastlog-u_ID/config.txt1
-rw-r--r--tests/log/lastlog/05_lastlog-u_ID/config/etc/group42
-rw-r--r--tests/log/lastlog/05_lastlog-u_ID/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/05_lastlog-u_ID/config/etc/passwd22
-rw-r--r--tests/log/lastlog/05_lastlog-u_ID/config/etc/shadow22
-rw-r--r--tests/log/lastlog/05_lastlog-u_ID/data/lastlog.list2
-rwxr-xr-xtests/log/lastlog/05_lastlog-u_ID/lastlog.test42
-rw-r--r--tests/log/lastlog/06_lastlog-u_name/config.txt1
-rw-r--r--tests/log/lastlog/06_lastlog-u_name/config/etc/group42
-rw-r--r--tests/log/lastlog/06_lastlog-u_name/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/06_lastlog-u_name/config/etc/passwd22
-rw-r--r--tests/log/lastlog/06_lastlog-u_name/config/etc/shadow22
-rw-r--r--tests/log/lastlog/06_lastlog-u_name/data/lastlog.list2
-rwxr-xr-xtests/log/lastlog/06_lastlog-u_name/lastlog.test42
-rw-r--r--tests/log/lastlog/07_lastlog-u_ID_invalid/config.txt1
-rw-r--r--tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/group42
-rw-r--r--tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/passwd22
-rw-r--r--tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/shadow22
-rw-r--r--tests/log/lastlog/07_lastlog-u_ID_invalid/data/lastlog.list0
-rwxr-xr-xtests/log/lastlog/07_lastlog-u_ID_invalid/lastlog.test41
-rw-r--r--tests/log/lastlog/08_lastlog-u_name_invalid/config.txt1
-rw-r--r--tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/group42
-rw-r--r--tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/passwd22
-rw-r--r--tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/shadow22
-rw-r--r--tests/log/lastlog/08_lastlog-u_name_invalid/data/lastlog.err1
-rwxr-xr-xtests/log/lastlog/08_lastlog-u_name_invalid/lastlog.test45
-rw-r--r--tests/log/lastlog/09_lastlog-u_range/config.txt1
-rw-r--r--tests/log/lastlog/09_lastlog-u_range/config/etc/group42
-rw-r--r--tests/log/lastlog/09_lastlog-u_range/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/09_lastlog-u_range/config/etc/passwd22
-rw-r--r--tests/log/lastlog/09_lastlog-u_range/config/etc/shadow22
-rw-r--r--tests/log/lastlog/09_lastlog-u_range/data/lastlog.list7
-rwxr-xr-xtests/log/lastlog/09_lastlog-u_range/lastlog.test42
-rw-r--r--tests/log/lastlog/10_lastlog-u_open_range/config.txt1
-rw-r--r--tests/log/lastlog/10_lastlog-u_open_range/config/etc/group42
-rw-r--r--tests/log/lastlog/10_lastlog-u_open_range/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/10_lastlog-u_open_range/config/etc/passwd22
-rw-r--r--tests/log/lastlog/10_lastlog-u_open_range/config/etc/shadow22
-rw-r--r--tests/log/lastlog/10_lastlog-u_open_range/data/lastlog.list21
-rwxr-xr-xtests/log/lastlog/10_lastlog-u_open_range/lastlog.test42
-rw-r--r--tests/log/lastlog/11_lastlog-u_range_open/config.txt1
-rw-r--r--tests/log/lastlog/11_lastlog-u_range_open/config/etc/group42
-rw-r--r--tests/log/lastlog/11_lastlog-u_range_open/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/11_lastlog-u_range_open/config/etc/passwd22
-rw-r--r--tests/log/lastlog/11_lastlog-u_range_open/config/etc/shadow22
-rw-r--r--tests/log/lastlog/11_lastlog-u_range_open/data/lastlog.list9
-rwxr-xr-xtests/log/lastlog/11_lastlog-u_range_open/lastlog.test42
-rw-r--r--tests/log/lastlog/12_lastlog-u_range_invalid1/config.txt1
-rw-r--r--tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/group42
-rw-r--r--tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/passwd22
-rw-r--r--tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/shadow22
-rw-r--r--tests/log/lastlog/12_lastlog-u_range_invalid1/data/lastlog.err1
-rwxr-xr-xtests/log/lastlog/12_lastlog-u_range_invalid1/lastlog.test45
-rw-r--r--tests/log/lastlog/13_lastlog-u_range_invalid2/config.txt1
-rw-r--r--tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/group42
-rw-r--r--tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/passwd22
-rw-r--r--tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/shadow22
-rw-r--r--tests/log/lastlog/13_lastlog-u_range_invalid2/data/lastlog.err1
-rwxr-xr-xtests/log/lastlog/13_lastlog-u_range_invalid2/lastlog.test45
-rw-r--r--tests/log/lastlog/14_lastlog-u_range_invalid3/config.txt1
-rw-r--r--tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/group42
-rw-r--r--tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/passwd22
-rw-r--r--tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/shadow22
-rw-r--r--tests/log/lastlog/14_lastlog-u_range_invalid3/data/lastlog.err1
-rwxr-xr-xtests/log/lastlog/14_lastlog-u_range_invalid3/lastlog.test45
-rw-r--r--tests/log/lastlog/15_lastlog_bad_option/config.txt10
-rw-r--r--tests/log/lastlog/15_lastlog_bad_option/config/etc/group41
-rw-r--r--tests/log/lastlog/15_lastlog_bad_option/config/etc/gshadow41
-rw-r--r--tests/log/lastlog/15_lastlog_bad_option/config/etc/passwd19
-rw-r--r--tests/log/lastlog/15_lastlog_bad_option/config/etc/shadow19
-rw-r--r--tests/log/lastlog/15_lastlog_bad_option/data/usage.out10
-rwxr-xr-xtests/log/lastlog/15_lastlog_bad_option/lastlog.test41
-rw-r--r--tests/log/lastlog/16_lastlog_extra_arg/config.txt10
-rw-r--r--tests/log/lastlog/16_lastlog_extra_arg/config/etc/group41
-rw-r--r--tests/log/lastlog/16_lastlog_extra_arg/config/etc/gshadow41
-rw-r--r--tests/log/lastlog/16_lastlog_extra_arg/config/etc/passwd19
-rw-r--r--tests/log/lastlog/16_lastlog_extra_arg/config/etc/shadow19
-rw-r--r--tests/log/lastlog/16_lastlog_extra_arg/data/usage.out10
-rwxr-xr-xtests/log/lastlog/16_lastlog_extra_arg/lastlog.test41
-rw-r--r--tests/log/lastlog/17_lastlog-t/config.txt1
-rw-r--r--tests/log/lastlog/17_lastlog-t/config/etc/group42
-rw-r--r--tests/log/lastlog/17_lastlog-t/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/17_lastlog-t/config/etc/passwd22
-rw-r--r--tests/log/lastlog/17_lastlog-t/config/etc/shadow22
-rw-r--r--tests/log/lastlog/17_lastlog-t/data/lastlog.list3
-rwxr-xr-xtests/log/lastlog/17_lastlog-t/lastlog.test52
-rwxr-xr-xtests/log/lastlog/17_lastlog-t/login.exp19
-rw-r--r--tests/log/lastlog/18_lastlog-b/config.txt1
-rw-r--r--tests/log/lastlog/18_lastlog-b/config/etc/group42
-rw-r--r--tests/log/lastlog/18_lastlog-b/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/18_lastlog-b/config/etc/passwd22
-rw-r--r--tests/log/lastlog/18_lastlog-b/config/etc/shadow22
-rw-r--r--tests/log/lastlog/18_lastlog-b/data/lastlog.list21
-rwxr-xr-xtests/log/lastlog/18_lastlog-b/lastlog.test52
-rwxr-xr-xtests/log/lastlog/18_lastlog-b/login.exp19
-rw-r--r--tests/log/lastlog/19_lastlog-t_invalid/config.txt1
-rw-r--r--tests/log/lastlog/19_lastlog-t_invalid/config/etc/group42
-rw-r--r--tests/log/lastlog/19_lastlog-t_invalid/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/19_lastlog-t_invalid/config/etc/passwd22
-rw-r--r--tests/log/lastlog/19_lastlog-t_invalid/config/etc/shadow22
-rw-r--r--tests/log/lastlog/19_lastlog-t_invalid/data/lastlog.err1
-rwxr-xr-xtests/log/lastlog/19_lastlog-t_invalid/lastlog.test45
-rw-r--r--tests/log/lastlog/20_lastlog-b_invalid/config.txt1
-rw-r--r--tests/log/lastlog/20_lastlog-b_invalid/config/etc/group42
-rw-r--r--tests/log/lastlog/20_lastlog-b_invalid/config/etc/gshadow42
-rw-r--r--tests/log/lastlog/20_lastlog-b_invalid/config/etc/passwd22
-rw-r--r--tests/log/lastlog/20_lastlog-b_invalid/config/etc/shadow22
-rw-r--r--tests/log/lastlog/20_lastlog-b_invalid/data/lastlog.err1
-rwxr-xr-xtests/log/lastlog/20_lastlog-b_invalid/lastlog.test45
-rw-r--r--tests/login/01_login_prompt/config.txt3
-rw-r--r--tests/login/01_login_prompt/config/etc/group42
-rw-r--r--tests/login/01_login_prompt/config/etc/gshadow42
-rw-r--r--tests/login/01_login_prompt/config/etc/login.defs315
-rw-r--r--tests/login/01_login_prompt/config/etc/passwd21
-rw-r--r--tests/login/01_login_prompt/config/etc/shadow20
-rwxr-xr-xtests/login/01_login_prompt/login.exp23
-rwxr-xr-xtests/login/01_login_prompt/login.test26
-rw-r--r--tests/login/02_login_user/config.txt3
-rw-r--r--tests/login/02_login_user/config/etc/group42
-rw-r--r--tests/login/02_login_user/config/etc/gshadow42
-rw-r--r--tests/login/02_login_user/config/etc/login.defs315
-rw-r--r--tests/login/02_login_user/config/etc/passwd21
-rw-r--r--tests/login/02_login_user/config/etc/shadow20
-rwxr-xr-xtests/login/02_login_user/login.exp20
-rwxr-xr-xtests/login/02_login_user/login.test26
-rw-r--r--tests/login/03_login_check_tty/config.txt3
-rw-r--r--tests/login/03_login_check_tty/config/etc/group42
-rw-r--r--tests/login/03_login_check_tty/config/etc/gshadow42
-rw-r--r--tests/login/03_login_check_tty/config/etc/login.defs315
-rw-r--r--tests/login/03_login_check_tty/config/etc/passwd21
-rw-r--r--tests/login/03_login_check_tty/config/etc/shadow20
-rwxr-xr-xtests/login/03_login_check_tty/login.exp22
-rwxr-xr-xtests/login/03_login_check_tty/login.test26
-rw-r--r--tests/newusers/01_create_user/config.txt0
-rw-r--r--tests/newusers/01_create_user/config/etc/group41
-rw-r--r--tests/newusers/01_create_user/config/etc/gshadow41
-rw-r--r--tests/newusers/01_create_user/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/01_create_user/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/01_create_user/config/etc/passwd19
-rw-r--r--tests/newusers/01_create_user/config/etc/shadow19
-rw-r--r--tests/newusers/01_create_user/data/group42
-rw-r--r--tests/newusers/01_create_user/data/gshadow42
-rw-r--r--tests/newusers/01_create_user/data/newusers.list1
-rw-r--r--tests/newusers/01_create_user/data/passwd20
-rw-r--r--tests/newusers/01_create_user/data/shadow20
-rwxr-xr-xtests/newusers/01_create_user/newusers.test37
-rw-r--r--tests/newusers/02_update_password/config.txt1
-rw-r--r--tests/newusers/02_update_password/config/etc/group42
-rw-r--r--tests/newusers/02_update_password/config/etc/gshadow41
-rw-r--r--tests/newusers/02_update_password/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/02_update_password/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/02_update_password/config/etc/passwd20
-rw-r--r--tests/newusers/02_update_password/config/etc/shadow20
-rw-r--r--tests/newusers/02_update_password/data/newusers.list1
-rw-r--r--tests/newusers/02_update_password/data/shadow20
-rwxr-xr-xtests/newusers/02_update_password/newusers.test37
-rw-r--r--tests/newusers/03_no_update_pid/config.txt1
-rw-r--r--tests/newusers/03_no_update_pid/config/etc/group42
-rw-r--r--tests/newusers/03_no_update_pid/config/etc/gshadow41
-rw-r--r--tests/newusers/03_no_update_pid/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/03_no_update_pid/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/03_no_update_pid/config/etc/passwd20
-rw-r--r--tests/newusers/03_no_update_pid/config/etc/shadow20
-rw-r--r--tests/newusers/03_no_update_pid/data/newusers.list1
-rw-r--r--tests/newusers/03_no_update_pid/data/shadow20
-rwxr-xr-xtests/newusers/03_no_update_pid/newusers.test37
-rw-r--r--tests/newusers/04_no_update_gid/config.txt1
-rw-r--r--tests/newusers/04_no_update_gid/config/etc/group42
-rw-r--r--tests/newusers/04_no_update_gid/config/etc/gshadow41
-rw-r--r--tests/newusers/04_no_update_gid/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/04_no_update_gid/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/04_no_update_gid/config/etc/passwd20
-rw-r--r--tests/newusers/04_no_update_gid/config/etc/shadow20
-rw-r--r--tests/newusers/04_no_update_gid/data/newusers.list1
-rw-r--r--tests/newusers/04_no_update_gid/data/shadow20
-rwxr-xr-xtests/newusers/04_no_update_gid/newusers.test37
-rw-r--r--tests/newusers/05_create_user_pid/config.txt0
-rw-r--r--tests/newusers/05_create_user_pid/config/etc/group41
-rw-r--r--tests/newusers/05_create_user_pid/config/etc/gshadow41
-rw-r--r--tests/newusers/05_create_user_pid/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/05_create_user_pid/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/05_create_user_pid/config/etc/passwd19
-rw-r--r--tests/newusers/05_create_user_pid/config/etc/shadow19
-rw-r--r--tests/newusers/05_create_user_pid/data/group42
-rw-r--r--tests/newusers/05_create_user_pid/data/gshadow42
-rw-r--r--tests/newusers/05_create_user_pid/data/newusers.list1
-rw-r--r--tests/newusers/05_create_user_pid/data/passwd20
-rw-r--r--tests/newusers/05_create_user_pid/data/shadow20
-rwxr-xr-xtests/newusers/05_create_user_pid/newusers.test37
-rw-r--r--tests/newusers/06_create_user_gid/config.txt0
-rw-r--r--tests/newusers/06_create_user_gid/config/etc/group41
-rw-r--r--tests/newusers/06_create_user_gid/config/etc/gshadow41
-rw-r--r--tests/newusers/06_create_user_gid/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/06_create_user_gid/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/06_create_user_gid/config/etc/passwd19
-rw-r--r--tests/newusers/06_create_user_gid/config/etc/shadow19
-rw-r--r--tests/newusers/06_create_user_gid/data/group42
-rw-r--r--tests/newusers/06_create_user_gid/data/gshadow42
-rw-r--r--tests/newusers/06_create_user_gid/data/newusers.list1
-rw-r--r--tests/newusers/06_create_user_gid/data/passwd20
-rw-r--r--tests/newusers/06_create_user_gid/data/shadow20
-rwxr-xr-xtests/newusers/06_create_user_gid/newusers.test37
-rw-r--r--tests/newusers/07_create_user_pid_gid/config.txt0
-rw-r--r--tests/newusers/07_create_user_pid_gid/config/etc/group41
-rw-r--r--tests/newusers/07_create_user_pid_gid/config/etc/gshadow41
-rw-r--r--tests/newusers/07_create_user_pid_gid/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/07_create_user_pid_gid/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/07_create_user_pid_gid/config/etc/passwd19
-rw-r--r--tests/newusers/07_create_user_pid_gid/config/etc/shadow19
-rw-r--r--tests/newusers/07_create_user_pid_gid/data/group42
-rw-r--r--tests/newusers/07_create_user_pid_gid/data/gshadow42
-rw-r--r--tests/newusers/07_create_user_pid_gid/data/newusers.list1
-rw-r--r--tests/newusers/07_create_user_pid_gid/data/passwd20
-rw-r--r--tests/newusers/07_create_user_pid_gid/data/shadow20
-rwxr-xr-xtests/newusers/07_create_user_pid_gid/newusers.test37
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/config.txt0
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/config/etc/group41
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/config/etc/gshadow41
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/config/etc/passwd19
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/config/etc/shadow19
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/data/group42
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/data/gshadow42
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/data/newusers.list1
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/data/passwd20
-rw-r--r--tests/newusers/08_create_user_pid_other-gid/data/shadow20
-rwxr-xr-xtests/newusers/08_create_user_pid_other-gid/newusers.test37
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/config.txt0
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/config/etc/group42
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/config/etc/gshadow42
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/config/etc/passwd20
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/config/etc/shadow20
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/data/group43
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/data/gshadow43
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/data/newusers.list1
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/data/passwd21
-rw-r--r--tests/newusers/09_create_user_pid-as-user-bar/data/shadow21
-rwxr-xr-xtests/newusers/09_create_user_pid-as-user-bar/newusers.test37
-rw-r--r--tests/newusers/10_create_user_gid-as-group-bar/config.txt0
-rw-r--r--tests/newusers/10_create_user_gid-as-group-bar/config/etc/group42
-rw-r--r--tests/newusers/10_create_user_gid-as-group-bar/config/etc/gshadow42
-rw-r--r--tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/10_create_user_gid-as-group-bar/config/etc/passwd20
-rw-r--r--tests/newusers/10_create_user_gid-as-group-bar/config/etc/shadow20
-rw-r--r--tests/newusers/10_create_user_gid-as-group-bar/data/newusers.list1
-rw-r--r--tests/newusers/10_create_user_gid-as-group-bar/data/passwd21
-rw-r--r--tests/newusers/10_create_user_gid-as-group-bar/data/shadow21
-rwxr-xr-xtests/newusers/10_create_user_gid-as-group-bar/newusers.test37
-rw-r--r--tests/newusers/11_update_gecos/config.txt1
-rw-r--r--tests/newusers/11_update_gecos/config/etc/group42
-rw-r--r--tests/newusers/11_update_gecos/config/etc/gshadow41
-rw-r--r--tests/newusers/11_update_gecos/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/11_update_gecos/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/11_update_gecos/config/etc/passwd20
-rw-r--r--tests/newusers/11_update_gecos/config/etc/shadow20
-rw-r--r--tests/newusers/11_update_gecos/data/newusers.list1
-rw-r--r--tests/newusers/11_update_gecos/data/passwd20
-rw-r--r--tests/newusers/11_update_gecos/data/shadow20
-rwxr-xr-xtests/newusers/11_update_gecos/newusers.test37
-rw-r--r--tests/newusers/12_update_shell/config.txt1
-rw-r--r--tests/newusers/12_update_shell/config/etc/group42
-rw-r--r--tests/newusers/12_update_shell/config/etc/gshadow41
-rw-r--r--tests/newusers/12_update_shell/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/12_update_shell/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/12_update_shell/config/etc/passwd20
-rw-r--r--tests/newusers/12_update_shell/config/etc/shadow20
-rw-r--r--tests/newusers/12_update_shell/data/newusers.list1
-rw-r--r--tests/newusers/12_update_shell/data/passwd20
-rw-r--r--tests/newusers/12_update_shell/data/shadow20
-rwxr-xr-xtests/newusers/12_update_shell/newusers.test37
-rw-r--r--tests/newusers/13_create_user_new-home/config.txt0
-rw-r--r--tests/newusers/13_create_user_new-home/config/etc/group41
-rw-r--r--tests/newusers/13_create_user_new-home/config/etc/gshadow41
-rw-r--r--tests/newusers/13_create_user_new-home/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/13_create_user_new-home/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/13_create_user_new-home/config/etc/passwd19
-rw-r--r--tests/newusers/13_create_user_new-home/config/etc/shadow19
-rw-r--r--tests/newusers/13_create_user_new-home/data/group42
-rw-r--r--tests/newusers/13_create_user_new-home/data/gshadow42
-rw-r--r--tests/newusers/13_create_user_new-home/data/home_ls-a2
-rw-r--r--tests/newusers/13_create_user_new-home/data/newusers.list1
-rw-r--r--tests/newusers/13_create_user_new-home/data/passwd20
-rw-r--r--tests/newusers/13_create_user_new-home/data/shadow20
-rwxr-xr-xtests/newusers/13_create_user_new-home/newusers.test59
-rw-r--r--tests/newusers/14_create_user_existing-home/config.txt0
-rw-r--r--tests/newusers/14_create_user_existing-home/config/etc/group41
-rw-r--r--tests/newusers/14_create_user_existing-home/config/etc/gshadow41
-rw-r--r--tests/newusers/14_create_user_existing-home/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/14_create_user_existing-home/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/14_create_user_existing-home/config/etc/passwd19
-rw-r--r--tests/newusers/14_create_user_existing-home/config/etc/shadow19
-rw-r--r--tests/newusers/14_create_user_existing-home/data/group42
-rw-r--r--tests/newusers/14_create_user_existing-home/data/gshadow42
-rw-r--r--tests/newusers/14_create_user_existing-home/data/home_ls-a2
-rw-r--r--tests/newusers/14_create_user_existing-home/data/newusers.list1
-rw-r--r--tests/newusers/14_create_user_existing-home/data/passwd20
-rw-r--r--tests/newusers/14_create_user_existing-home/data/shadow20
-rwxr-xr-xtests/newusers/14_create_user_existing-home/newusers.test61
-rw-r--r--tests/newusers/15_update_new-home/config.txt1
-rw-r--r--tests/newusers/15_update_new-home/config/etc/group42
-rw-r--r--tests/newusers/15_update_new-home/config/etc/gshadow41
-rw-r--r--tests/newusers/15_update_new-home/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/15_update_new-home/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/15_update_new-home/config/etc/passwd20
-rw-r--r--tests/newusers/15_update_new-home/config/etc/shadow20
-rw-r--r--tests/newusers/15_update_new-home/data/home_ls-a2
-rw-r--r--tests/newusers/15_update_new-home/data/newusers.list1
-rw-r--r--tests/newusers/15_update_new-home/data/passwd20
-rw-r--r--tests/newusers/15_update_new-home/data/shadow20
-rwxr-xr-xtests/newusers/15_update_new-home/newusers.test60
-rw-r--r--tests/newusers/16_update_existing-home/config.txt1
-rw-r--r--tests/newusers/16_update_existing-home/config/etc/group42
-rw-r--r--tests/newusers/16_update_existing-home/config/etc/gshadow41
-rw-r--r--tests/newusers/16_update_existing-home/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/16_update_existing-home/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/16_update_existing-home/config/etc/passwd20
-rw-r--r--tests/newusers/16_update_existing-home/config/etc/shadow20
-rw-r--r--tests/newusers/16_update_existing-home/data/home_ls-a2
-rw-r--r--tests/newusers/16_update_existing-home/data/newusers.list1
-rw-r--r--tests/newusers/16_update_existing-home/data/passwd20
-rw-r--r--tests/newusers/16_update_existing-home/data/shadow20
-rwxr-xr-xtests/newusers/16_update_existing-home/newusers.test60
-rw-r--r--tests/newusers/17_create_user_pid-already-used/config.txt0
-rw-r--r--tests/newusers/17_create_user_pid-already-used/config/etc/group42
-rw-r--r--tests/newusers/17_create_user_pid-already-used/config/etc/gshadow42
-rw-r--r--tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/17_create_user_pid-already-used/config/etc/passwd20
-rw-r--r--tests/newusers/17_create_user_pid-already-used/config/etc/shadow20
-rw-r--r--tests/newusers/17_create_user_pid-already-used/data/group43
-rw-r--r--tests/newusers/17_create_user_pid-already-used/data/gshadow43
-rw-r--r--tests/newusers/17_create_user_pid-already-used/data/newusers.list1
-rw-r--r--tests/newusers/17_create_user_pid-already-used/data/passwd21
-rw-r--r--tests/newusers/17_create_user_pid-already-used/data/shadow21
-rwxr-xr-xtests/newusers/17_create_user_pid-already-used/newusers.test37
-rw-r--r--tests/newusers/18_create_user_gid-already-used/config.txt0
-rw-r--r--tests/newusers/18_create_user_gid-already-used/config/etc/group42
-rw-r--r--tests/newusers/18_create_user_gid-already-used/config/etc/gshadow42
-rw-r--r--tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/18_create_user_gid-already-used/config/etc/passwd20
-rw-r--r--tests/newusers/18_create_user_gid-already-used/config/etc/shadow20
-rw-r--r--tests/newusers/18_create_user_gid-already-used/data/newusers.list1
-rw-r--r--tests/newusers/18_create_user_gid-already-used/data/passwd21
-rw-r--r--tests/newusers/18_create_user_gid-already-used/data/shadow21
-rwxr-xr-xtests/newusers/18_create_user_gid-already-used/newusers.test37
-rw-r--r--tests/newusers/19_update_keep-old-home/config.txt1
-rw-r--r--tests/newusers/19_update_keep-old-home/config/etc/group42
-rw-r--r--tests/newusers/19_update_keep-old-home/config/etc/gshadow41
-rw-r--r--tests/newusers/19_update_keep-old-home/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/19_update_keep-old-home/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/19_update_keep-old-home/config/etc/passwd20
-rw-r--r--tests/newusers/19_update_keep-old-home/config/etc/shadow20
-rw-r--r--tests/newusers/19_update_keep-old-home/data/home_ls-a2
-rw-r--r--tests/newusers/19_update_keep-old-home/data/home_ls-a.old3
-rw-r--r--tests/newusers/19_update_keep-old-home/data/newusers.list1
-rw-r--r--tests/newusers/19_update_keep-old-home/data/passwd20
-rw-r--r--tests/newusers/19_update_keep-old-home/data/shadow20
-rwxr-xr-xtests/newusers/19_update_keep-old-home/newusers.test69
-rw-r--r--tests/newusers/20_multiple_users/config.txt1
-rw-r--r--tests/newusers/20_multiple_users/config/etc/group42
-rw-r--r--tests/newusers/20_multiple_users/config/etc/gshadow41
-rw-r--r--tests/newusers/20_multiple_users/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/20_multiple_users/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/20_multiple_users/config/etc/passwd20
-rw-r--r--tests/newusers/20_multiple_users/config/etc/shadow20
-rw-r--r--tests/newusers/20_multiple_users/data/group58
-rw-r--r--tests/newusers/20_multiple_users/data/gshadow57
-rw-r--r--tests/newusers/20_multiple_users/data/newusers.list17
-rw-r--r--tests/newusers/20_multiple_users/data/passwd37
-rw-r--r--tests/newusers/20_multiple_users/data/shadow37
-rwxr-xr-xtests/newusers/20_multiple_users/newusers.test38
-rw-r--r--tests/newusers/21_create_user_UID_MAX/config.txt0
-rw-r--r--tests/newusers/21_create_user_UID_MAX/config/etc/group41
-rw-r--r--tests/newusers/21_create_user_UID_MAX/config/etc/gshadow41
-rw-r--r--tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/21_create_user_UID_MAX/config/etc/passwd19
-rw-r--r--tests/newusers/21_create_user_UID_MAX/config/etc/shadow19
-rw-r--r--tests/newusers/21_create_user_UID_MAX/data/group43
-rw-r--r--tests/newusers/21_create_user_UID_MAX/data/gshadow43
-rw-r--r--tests/newusers/21_create_user_UID_MAX/data/newusers.list2
-rw-r--r--tests/newusers/21_create_user_UID_MAX/data/passwd21
-rw-r--r--tests/newusers/21_create_user_UID_MAX/data/shadow21
-rwxr-xr-xtests/newusers/21_create_user_UID_MAX/newusers.test37
-rw-r--r--tests/newusers/22_create_user_GID_MAX/config.txt0
-rw-r--r--tests/newusers/22_create_user_GID_MAX/config/etc/group41
-rw-r--r--tests/newusers/22_create_user_GID_MAX/config/etc/gshadow41
-rw-r--r--tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/22_create_user_GID_MAX/config/etc/passwd19
-rw-r--r--tests/newusers/22_create_user_GID_MAX/config/etc/shadow19
-rw-r--r--tests/newusers/22_create_user_GID_MAX/data/group43
-rw-r--r--tests/newusers/22_create_user_GID_MAX/data/gshadow43
-rw-r--r--tests/newusers/22_create_user_GID_MAX/data/newusers.list2
-rw-r--r--tests/newusers/22_create_user_GID_MAX/data/passwd21
-rw-r--r--tests/newusers/22_create_user_GID_MAX/data/shadow21
-rwxr-xr-xtests/newusers/22_create_user_GID_MAX/newusers.test37
-rw-r--r--tests/newusers/23_create_user_error_negativ_UID/config.txt0
-rw-r--r--tests/newusers/23_create_user_error_negativ_UID/config/etc/group41
-rw-r--r--tests/newusers/23_create_user_error_negativ_UID/config/etc/gshadow41
-rw-r--r--tests/newusers/23_create_user_error_negativ_UID/config/etc/passwd19
-rw-r--r--tests/newusers/23_create_user_error_negativ_UID/config/etc/shadow19
-rw-r--r--tests/newusers/23_create_user_error_negativ_UID/data/newusers.err3
-rw-r--r--tests/newusers/23_create_user_error_negativ_UID/data/newusers.list1
-rwxr-xr-xtests/newusers/23_create_user_error_negativ_UID/newusers.test54
-rw-r--r--tests/newusers/24_create_user_error_invalid_UID/config.txt0
-rw-r--r--tests/newusers/24_create_user_error_invalid_UID/config/etc/group41
-rw-r--r--tests/newusers/24_create_user_error_invalid_UID/config/etc/gshadow41
-rw-r--r--tests/newusers/24_create_user_error_invalid_UID/config/etc/passwd19
-rw-r--r--tests/newusers/24_create_user_error_invalid_UID/config/etc/shadow19
-rw-r--r--tests/newusers/24_create_user_error_invalid_UID/data/newusers.err3
-rw-r--r--tests/newusers/24_create_user_error_invalid_UID/data/newusers.list1
-rwxr-xr-xtests/newusers/24_create_user_error_invalid_UID/newusers.test54
-rw-r--r--tests/newusers/25_create_user_error_no_remaining_UID/config.txt2
-rw-r--r--tests/newusers/25_create_user_error_no_remaining_UID/config/etc/group41
-rw-r--r--tests/newusers/25_create_user_error_no_remaining_UID/config/etc/gshadow41
-rw-r--r--tests/newusers/25_create_user_error_no_remaining_UID/config/etc/login.defs315
-rw-r--r--tests/newusers/25_create_user_error_no_remaining_UID/config/etc/passwd19
-rw-r--r--tests/newusers/25_create_user_error_no_remaining_UID/config/etc/shadow19
-rw-r--r--tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.err3
-rw-r--r--tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.list3
-rwxr-xr-xtests/newusers/25_create_user_error_no_remaining_UID/newusers.test55
-rw-r--r--tests/newusers/26_create_user_error_no_remaining_GID/config.txt4
-rw-r--r--tests/newusers/26_create_user_error_no_remaining_GID/config/etc/group41
-rw-r--r--tests/newusers/26_create_user_error_no_remaining_GID/config/etc/gshadow41
-rw-r--r--tests/newusers/26_create_user_error_no_remaining_GID/config/etc/login.defs315
-rw-r--r--tests/newusers/26_create_user_error_no_remaining_GID/config/etc/passwd19
-rw-r--r--tests/newusers/26_create_user_error_no_remaining_GID/config/etc/shadow19
-rw-r--r--tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.err3
-rw-r--r--tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.list3
-rwxr-xr-xtests/newusers/26_create_user_error_no_remaining_GID/newusers.test55
-rw-r--r--tests/newusers/27_create_user_error_invalid_username/config.txt0
-rw-r--r--tests/newusers/27_create_user_error_invalid_username/config/etc/group41
-rw-r--r--tests/newusers/27_create_user_error_invalid_username/config/etc/gshadow41
-rw-r--r--tests/newusers/27_create_user_error_invalid_username/config/etc/passwd19
-rw-r--r--tests/newusers/27_create_user_error_invalid_username/config/etc/shadow19
-rw-r--r--tests/newusers/27_create_user_error_invalid_username/data/newusers.err3
-rw-r--r--tests/newusers/27_create_user_error_invalid_username/data/newusers.list1
-rwxr-xr-xtests/newusers/27_create_user_error_invalid_username/newusers.test54
-rw-r--r--tests/newusers/28_create_user_error_invalid_groupname/config.txt0
-rw-r--r--tests/newusers/28_create_user_error_invalid_groupname/config/etc/group41
-rw-r--r--tests/newusers/28_create_user_error_invalid_groupname/config/etc/gshadow41
-rw-r--r--tests/newusers/28_create_user_error_invalid_groupname/config/etc/passwd19
-rw-r--r--tests/newusers/28_create_user_error_invalid_groupname/config/etc/shadow19
-rw-r--r--tests/newusers/28_create_user_error_invalid_groupname/data/newusers.err3
-rw-r--r--tests/newusers/28_create_user_error_invalid_groupname/data/newusers.list1
-rwxr-xr-xtests/newusers/28_create_user_error_invalid_groupname/newusers.test54
-rw-r--r--tests/newusers/29_create_user_error_invalid_username_valid_groupname/config.txt0
-rw-r--r--tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/group41
-rw-r--r--tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/gshadow41
-rw-r--r--tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/passwd19
-rw-r--r--tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/shadow19
-rw-r--r--tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.err3
-rw-r--r--tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.list1
-rwxr-xr-xtests/newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test54
-rw-r--r--tests/newusers/30_create_user_different_groupname/config.txt0
-rw-r--r--tests/newusers/30_create_user_different_groupname/config/etc/group41
-rw-r--r--tests/newusers/30_create_user_different_groupname/config/etc/gshadow41
-rw-r--r--tests/newusers/30_create_user_different_groupname/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/30_create_user_different_groupname/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/30_create_user_different_groupname/config/etc/passwd19
-rw-r--r--tests/newusers/30_create_user_different_groupname/config/etc/shadow19
-rw-r--r--tests/newusers/30_create_user_different_groupname/data/group42
-rw-r--r--tests/newusers/30_create_user_different_groupname/data/gshadow42
-rw-r--r--tests/newusers/30_create_user_different_groupname/data/newusers.list1
-rw-r--r--tests/newusers/30_create_user_different_groupname/data/passwd20
-rw-r--r--tests/newusers/30_create_user_different_groupname/data/shadow20
-rwxr-xr-xtests/newusers/30_create_user_different_groupname/newusers.test37
-rw-r--r--tests/newusers/31_create_user_error_invalid_GID/config.txt0
-rw-r--r--tests/newusers/31_create_user_error_invalid_GID/config/etc/group41
-rw-r--r--tests/newusers/31_create_user_error_invalid_GID/config/etc/gshadow41
-rw-r--r--tests/newusers/31_create_user_error_invalid_GID/config/etc/passwd19
-rw-r--r--tests/newusers/31_create_user_error_invalid_GID/config/etc/shadow19
-rw-r--r--tests/newusers/31_create_user_error_invalid_GID/data/newusers.err3
-rw-r--r--tests/newusers/31_create_user_error_invalid_GID/data/newusers.list1
-rwxr-xr-xtests/newusers/31_create_user_error_invalid_GID/newusers.test54
-rw-r--r--tests/newusers/32_create_user_error_gshadow_group_exists/config.txt1
-rw-r--r--tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/group41
-rw-r--r--tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/gshadow42
-rw-r--r--tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/passwd19
-rw-r--r--tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/shadow19
-rw-r--r--tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.err3
-rw-r--r--tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.list1
-rwxr-xr-xtests/newusers/32_create_user_error_gshadow_group_exists/newusers.test54
-rw-r--r--tests/newusers/33_update_password_no_shadow_password/config.txt2
-rw-r--r--tests/newusers/33_update_password_no_shadow_password/config/etc/group42
-rw-r--r--tests/newusers/33_update_password_no_shadow_password/config/etc/gshadow41
-rw-r--r--tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/33_update_password_no_shadow_password/config/etc/passwd20
-rw-r--r--tests/newusers/33_update_password_no_shadow_password/config/etc/shadow19
-rw-r--r--tests/newusers/33_update_password_no_shadow_password/data/newusers.list1
-rw-r--r--tests/newusers/33_update_password_no_shadow_password/data/passwd20
-rwxr-xr-xtests/newusers/33_update_password_no_shadow_password/newusers.test37
-rw-r--r--tests/newusers/34_update_password_no_shadow/config.txt2
-rw-r--r--tests/newusers/34_update_password_no_shadow/config/etc/group42
-rw-r--r--tests/newusers/34_update_password_no_shadow/config/etc/gshadow41
-rw-r--r--tests/newusers/34_update_password_no_shadow/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/34_update_password_no_shadow/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/34_update_password_no_shadow/config/etc/passwd20
-rw-r--r--tests/newusers/34_update_password_no_shadow/config/etc/shadow19
-rw-r--r--tests/newusers/34_update_password_no_shadow/data/newusers.list1
-rw-r--r--tests/newusers/34_update_password_no_shadow/data/passwd20
-rwxr-xr-xtests/newusers/34_update_password_no_shadow/newusers.test38
-rw-r--r--tests/newusers/35_read_from_stdin/config.txt0
-rw-r--r--tests/newusers/35_read_from_stdin/config/etc/group41
-rw-r--r--tests/newusers/35_read_from_stdin/config/etc/gshadow41
-rw-r--r--tests/newusers/35_read_from_stdin/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/35_read_from_stdin/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/35_read_from_stdin/config/etc/passwd19
-rw-r--r--tests/newusers/35_read_from_stdin/config/etc/shadow19
-rw-r--r--tests/newusers/35_read_from_stdin/data/group43
-rw-r--r--tests/newusers/35_read_from_stdin/data/gshadow43
-rw-r--r--tests/newusers/35_read_from_stdin/data/newusers.list2
-rw-r--r--tests/newusers/35_read_from_stdin/data/passwd21
-rw-r--r--tests/newusers/35_read_from_stdin/data/shadow21
-rwxr-xr-xtests/newusers/35_read_from_stdin/newusers.test37
-rw-r--r--tests/newusers/36_create_user_encrypted/config.txt0
-rw-r--r--tests/newusers/36_create_user_encrypted/config/etc/group41
-rw-r--r--tests/newusers/36_create_user_encrypted/config/etc/gshadow41
-rw-r--r--tests/newusers/36_create_user_encrypted/config/etc/passwd19
-rw-r--r--tests/newusers/36_create_user_encrypted/config/etc/shadow19
-rw-r--r--tests/newusers/36_create_user_encrypted/data/group42
-rw-r--r--tests/newusers/36_create_user_encrypted/data/gshadow42
-rw-r--r--tests/newusers/36_create_user_encrypted/data/newusers.list1
-rw-r--r--tests/newusers/36_create_user_encrypted/data/passwd20
-rw-r--r--tests/newusers/36_create_user_encrypted/data/shadow20
-rwxr-xr-xtests/newusers/36_create_user_encrypted/newusers.test37
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/config.txt0
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/group41
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/gshadow41
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/passwd19
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/shadow19
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/data/group42
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/data/gshadow42
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/data/newusers.list1
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/data/passwd20
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5-PAM/data/shadow20
-rwxr-xr-xtests/newusers/37_create_user_encrypt_MD5-PAM/newusers.test37
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5/config.txt0
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5/config/etc/group41
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5/config/etc/gshadow41
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5/config/etc/passwd19
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5/config/etc/shadow19
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5/data/group42
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5/data/gshadow42
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5/data/newusers.list1
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5/data/passwd20
-rw-r--r--tests/newusers/37_create_user_encrypt_MD5/data/shadow20
-rwxr-xr-xtests/newusers/37_create_user_encrypt_MD5/newusers.test37
-rw-r--r--tests/newusers/38_update_password_no_shadow_encrypted/config.txt2
-rw-r--r--tests/newusers/38_update_password_no_shadow_encrypted/config/etc/group42
-rw-r--r--tests/newusers/38_update_password_no_shadow_encrypted/config/etc/gshadow41
-rw-r--r--tests/newusers/38_update_password_no_shadow_encrypted/config/etc/passwd20
-rw-r--r--tests/newusers/38_update_password_no_shadow_encrypted/config/etc/shadow19
-rw-r--r--tests/newusers/38_update_password_no_shadow_encrypted/data/newusers.list1
-rw-r--r--tests/newusers/38_update_password_no_shadow_encrypted/data/passwd20
-rwxr-xr-xtests/newusers/38_update_password_no_shadow_encrypted/newusers.test38
-rw-r--r--tests/newusers/39_update_password_no_shadow_password_encrypted/config.txt2
-rw-r--r--tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/group42
-rw-r--r--tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/gshadow41
-rw-r--r--tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/passwd20
-rw-r--r--tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/shadow19
-rw-r--r--tests/newusers/39_update_password_no_shadow_password_encrypted/data/newusers.list1
-rw-r--r--tests/newusers/39_update_password_no_shadow_password_encrypted/data/passwd20
-rwxr-xr-xtests/newusers/39_update_password_no_shadow_password_encrypted/newusers.test37
-rw-r--r--tests/newusers/40_update_password_encrypted/config.txt1
-rw-r--r--tests/newusers/40_update_password_encrypted/config/etc/group42
-rw-r--r--tests/newusers/40_update_password_encrypted/config/etc/gshadow41
-rw-r--r--tests/newusers/40_update_password_encrypted/config/etc/passwd20
-rw-r--r--tests/newusers/40_update_password_encrypted/config/etc/shadow20
-rw-r--r--tests/newusers/40_update_password_encrypted/data/newusers.list1
-rw-r--r--tests/newusers/40_update_password_encrypted/data/shadow20
-rwxr-xr-xtests/newusers/40_update_password_encrypted/newusers.test37
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/config.txt0
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/group41
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/gshadow41
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/passwd19
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/shadow19
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/data/group42
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/data/gshadow42
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/data/newusers.list1
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/data/passwd20
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256-PAM/data/shadow20
-rwxr-xr-xtests/newusers/41_create_user_encrypt_SHA256-PAM/newusers.test37
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256/config.txt0
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256/config/etc/group41
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256/config/etc/gshadow41
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256/config/etc/passwd19
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256/config/etc/shadow19
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256/data/group42
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256/data/gshadow42
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256/data/newusers.list1
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256/data/passwd20
-rw-r--r--tests/newusers/41_create_user_encrypt_SHA256/data/shadow20
-rwxr-xr-xtests/newusers/41_create_user_encrypt_SHA256/newusers.test37
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/config.txt0
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/group41
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/gshadow41
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/passwd19
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/shadow19
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/data/group42
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/data/gshadow42
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/data/newusers.list1
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/data/passwd20
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512-PAM/data/shadow20
-rwxr-xr-xtests/newusers/42_create_user_encrypt_SHA512-PAM/newusers.test37
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512/config.txt0
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512/config/etc/group41
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512/config/etc/gshadow41
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512/config/etc/passwd19
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512/config/etc/shadow19
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512/data/group42
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512/data/gshadow42
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512/data/newusers.list1
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512/data/passwd20
-rw-r--r--tests/newusers/42_create_user_encrypt_SHA512/data/shadow20
-rwxr-xr-xtests/newusers/42_create_user_encrypt_SHA512/newusers.test37
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config.txt0
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/group41
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/gshadow41
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/passwd19
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/shadow19
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/group42
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/gshadow42
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/newusers.list1
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/passwd20
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/shadow20
-rwxr-xr-xtests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test47
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config.txt0
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/group41
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/gshadow41
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/passwd19
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/shadow19
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/group42
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/gshadow42
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/newusers.list1
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/passwd20
-rw-r--r--tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/shadow20
-rwxr-xr-xtests/newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test47
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config.txt0
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/group41
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/gshadow41
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/passwd19
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/shadow19
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/group42
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/gshadow42
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/newusers.list1
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/passwd20
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/shadow20
-rwxr-xr-xtests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test47
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config.txt0
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/group41
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/gshadow41
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/passwd19
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/shadow19
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/group42
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/gshadow42
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/newusers.list1
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/passwd20
-rw-r--r--tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/shadow20
-rwxr-xr-xtests/newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test47
-rw-r--r--tests/newusers/45_create_user_encrypt_rounds_3000/config.txt0
-rw-r--r--tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/group41
-rw-r--r--tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/gshadow41
-rw-r--r--tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/passwd19
-rw-r--r--tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/shadow19
-rw-r--r--tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.err8
-rw-r--r--tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.list1
-rwxr-xr-xtests/newusers/45_create_user_encrypt_rounds_3000/newusers.test54
-rw-r--r--tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config.txt0
-rw-r--r--tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/group41
-rw-r--r--tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/gshadow41
-rw-r--r--tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/passwd19
-rw-r--r--tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/shadow19
-rw-r--r--tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/group42
-rw-r--r--tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/gshadow42
-rw-r--r--tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/newusers.list1
-rw-r--r--tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/passwd20
-rw-r--r--tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/shadow20
-rwxr-xr-xtests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test38
-rw-r--r--tests/newusers/47_create_user_error_UID_4294967295/config.txt0
-rw-r--r--tests/newusers/47_create_user_error_UID_4294967295/config/etc/group41
-rw-r--r--tests/newusers/47_create_user_error_UID_4294967295/config/etc/gshadow41
-rw-r--r--tests/newusers/47_create_user_error_UID_4294967295/config/etc/passwd19
-rw-r--r--tests/newusers/47_create_user_error_UID_4294967295/config/etc/shadow19
-rw-r--r--tests/newusers/47_create_user_error_UID_4294967295/data/newusers.err3
-rw-r--r--tests/newusers/47_create_user_error_UID_4294967295/data/newusers.list1
-rwxr-xr-xtests/newusers/47_create_user_error_UID_4294967295/newusers.test54
-rw-r--r--tests/newusers/48_create_user_error_GID_4294967295/config.txt0
-rw-r--r--tests/newusers/48_create_user_error_GID_4294967295/config/etc/group41
-rw-r--r--tests/newusers/48_create_user_error_GID_4294967295/config/etc/gshadow41
-rw-r--r--tests/newusers/48_create_user_error_GID_4294967295/config/etc/passwd19
-rw-r--r--tests/newusers/48_create_user_error_GID_4294967295/config/etc/shadow19
-rw-r--r--tests/newusers/48_create_user_error_GID_4294967295/data/newusers.err3
-rw-r--r--tests/newusers/48_create_user_error_GID_4294967295/data/newusers.list1
-rwxr-xr-xtests/newusers/48_create_user_error_GID_4294967295/newusers.test54
-rw-r--r--tests/newusers/49_multiple_system_users/config.txt1
-rw-r--r--tests/newusers/49_multiple_system_users/config/etc/group43
-rw-r--r--tests/newusers/49_multiple_system_users/config/etc/gshadow43
-rw-r--r--tests/newusers/49_multiple_system_users/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/49_multiple_system_users/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/49_multiple_system_users/config/etc/passwd21
-rw-r--r--tests/newusers/49_multiple_system_users/config/etc/shadow21
-rw-r--r--tests/newusers/49_multiple_system_users/data/group59
-rw-r--r--tests/newusers/49_multiple_system_users/data/gshadow59
-rw-r--r--tests/newusers/49_multiple_system_users/data/newusers.list17
-rw-r--r--tests/newusers/49_multiple_system_users/data/passwd38
-rw-r--r--tests/newusers/49_multiple_system_users/data/shadow38
-rwxr-xr-xtests/newusers/49_multiple_system_users/newusers.test37
-rw-r--r--tests/newusers/50_usage/config.txt0
-rw-r--r--tests/newusers/50_usage/config/etc/group42
-rw-r--r--tests/newusers/50_usage/config/etc/gshadow42
-rw-r--r--tests/newusers/50_usage/config/etc/passwd26
-rw-r--r--tests/newusers/50_usage/config/etc/shadow26
-rw-r--r--tests/newusers/50_usage/data/usage.out7
-rwxr-xr-xtests/newusers/50_usage/newusers.test48
-rw-r--r--tests/newusers/51_usage_invalid_option/config.txt0
-rw-r--r--tests/newusers/51_usage_invalid_option/config/etc/group42
-rw-r--r--tests/newusers/51_usage_invalid_option/config/etc/gshadow42
-rw-r--r--tests/newusers/51_usage_invalid_option/config/etc/passwd26
-rw-r--r--tests/newusers/51_usage_invalid_option/config/etc/shadow26
-rw-r--r--tests/newusers/51_usage_invalid_option/data/usage.out8
-rwxr-xr-xtests/newusers/51_usage_invalid_option/newusers.test54
-rw-r--r--tests/newusers/52_usage_2_input_files/config.txt0
-rw-r--r--tests/newusers/52_usage_2_input_files/config/etc/group42
-rw-r--r--tests/newusers/52_usage_2_input_files/config/etc/gshadow42
-rw-r--r--tests/newusers/52_usage_2_input_files/config/etc/passwd26
-rw-r--r--tests/newusers/52_usage_2_input_files/config/etc/shadow26
-rw-r--r--tests/newusers/52_usage_2_input_files/data/usage.out7
-rwxr-xr-xtests/newusers/52_usage_2_input_files/newusers.test54
-rw-r--r--tests/newusers/53_locked_passwd/config.txt0
-rw-r--r--tests/newusers/53_locked_passwd/config/etc/group42
-rw-r--r--tests/newusers/53_locked_passwd/config/etc/gshadow42
-rw-r--r--tests/newusers/53_locked_passwd/config/etc/passwd26
-rw-r--r--tests/newusers/53_locked_passwd/config/etc/shadow26
-rw-r--r--tests/newusers/53_locked_passwd/data/newusers.list1
-rw-r--r--tests/newusers/53_locked_passwd/data/usage.out2
-rwxr-xr-xtests/newusers/53_locked_passwd/newusers.test59
-rw-r--r--tests/newusers/54_locked_shadow/config.txt0
-rw-r--r--tests/newusers/54_locked_shadow/config/etc/group42
-rw-r--r--tests/newusers/54_locked_shadow/config/etc/gshadow42
-rw-r--r--tests/newusers/54_locked_shadow/config/etc/passwd26
-rw-r--r--tests/newusers/54_locked_shadow/config/etc/shadow26
-rw-r--r--tests/newusers/54_locked_shadow/data/newusers.list1
-rw-r--r--tests/newusers/54_locked_shadow/data/usage.out2
-rwxr-xr-xtests/newusers/54_locked_shadow/newusers.test59
-rw-r--r--tests/newusers/55_locked_group/config.txt0
-rw-r--r--tests/newusers/55_locked_group/config/etc/group42
-rw-r--r--tests/newusers/55_locked_group/config/etc/gshadow42
-rw-r--r--tests/newusers/55_locked_group/config/etc/passwd26
-rw-r--r--tests/newusers/55_locked_group/config/etc/shadow26
-rw-r--r--tests/newusers/55_locked_group/data/newusers.list1
-rw-r--r--tests/newusers/55_locked_group/data/usage.out2
-rwxr-xr-xtests/newusers/55_locked_group/newusers.test59
-rw-r--r--tests/newusers/56_locked_gshadow/config.txt0
-rw-r--r--tests/newusers/56_locked_gshadow/config/etc/group42
-rw-r--r--tests/newusers/56_locked_gshadow/config/etc/gshadow42
-rw-r--r--tests/newusers/56_locked_gshadow/config/etc/passwd26
-rw-r--r--tests/newusers/56_locked_gshadow/config/etc/shadow26
-rw-r--r--tests/newusers/56_locked_gshadow/data/newusers.list1
-rw-r--r--tests/newusers/56_locked_gshadow/data/usage.out2
-rwxr-xr-xtests/newusers/56_locked_gshadow/newusers.test59
-rw-r--r--tests/newusers/57_missing_input_file/config.txt0
-rw-r--r--tests/newusers/57_missing_input_file/config/etc/group42
-rw-r--r--tests/newusers/57_missing_input_file/config/etc/gshadow42
-rw-r--r--tests/newusers/57_missing_input_file/config/etc/passwd26
-rw-r--r--tests/newusers/57_missing_input_file/config/etc/shadow26
-rw-r--r--tests/newusers/57_missing_input_file/data/usage.out1
-rwxr-xr-xtests/newusers/57_missing_input_file/newusers.test54
-rw-r--r--tests/newusers/58_invalid_input_file/config.txt0
-rw-r--r--tests/newusers/58_invalid_input_file/config/etc/group42
-rw-r--r--tests/newusers/58_invalid_input_file/config/etc/gshadow42
-rw-r--r--tests/newusers/58_invalid_input_file/config/etc/passwd26
-rw-r--r--tests/newusers/58_invalid_input_file/config/etc/shadow26
-rw-r--r--tests/newusers/58_invalid_input_file/data/newusers.err2
-rw-r--r--tests/newusers/58_invalid_input_file/data/newusers.list1
-rwxr-xr-xtests/newusers/58_invalid_input_file/newusers.test54
-rw-r--r--tests/newusers/59_no_gshadow_file/config.txt2
-rw-r--r--tests/newusers/59_no_gshadow_file/config/etc/group41
-rw-r--r--tests/newusers/59_no_gshadow_file/config/etc/gshadow41
-rw-r--r--tests/newusers/59_no_gshadow_file/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/59_no_gshadow_file/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/59_no_gshadow_file/config/etc/passwd19
-rw-r--r--tests/newusers/59_no_gshadow_file/config/etc/shadow19
-rw-r--r--tests/newusers/59_no_gshadow_file/data/group42
-rw-r--r--tests/newusers/59_no_gshadow_file/data/newusers.list1
-rw-r--r--tests/newusers/59_no_gshadow_file/data/passwd20
-rw-r--r--tests/newusers/59_no_gshadow_file/data/shadow20
-rwxr-xr-xtests/newusers/59_no_gshadow_file/newusers.test38
-rw-r--r--tests/newusers/60_update_no_gecos/config.txt1
-rw-r--r--tests/newusers/60_update_no_gecos/config/etc/group42
-rw-r--r--tests/newusers/60_update_no_gecos/config/etc/gshadow41
-rw-r--r--tests/newusers/60_update_no_gecos/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/60_update_no_gecos/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/60_update_no_gecos/config/etc/passwd20
-rw-r--r--tests/newusers/60_update_no_gecos/config/etc/shadow20
-rw-r--r--tests/newusers/60_update_no_gecos/data/newusers.list1
-rw-r--r--tests/newusers/60_update_no_gecos/data/passwd20
-rw-r--r--tests/newusers/60_update_no_gecos/data/shadow20
-rwxr-xr-xtests/newusers/60_update_no_gecos/newusers.test37
-rw-r--r--tests/newusers/61_update_no_shell/config.txt1
-rw-r--r--tests/newusers/61_update_no_shell/config/etc/group42
-rw-r--r--tests/newusers/61_update_no_shell/config/etc/gshadow41
-rw-r--r--tests/newusers/61_update_no_shell/config/etc/pam.d/common-password33
-rw-r--r--tests/newusers/61_update_no_shell/config/etc/pam.d/newusers6
-rw-r--r--tests/newusers/61_update_no_shell/config/etc/passwd20
-rw-r--r--tests/newusers/61_update_no_shell/config/etc/shadow20
-rw-r--r--tests/newusers/61_update_no_shell/data/newusers.list1
-rw-r--r--tests/newusers/61_update_no_shell/data/passwd20
-rw-r--r--tests/newusers/61_update_no_shell/data/shadow20
-rwxr-xr-xtests/newusers/61_update_no_shell/newusers.test37
-rw-r--r--tests/passwd/01_passwd_-S_root_locked_account/config/etc/group42
-rw-r--r--tests/passwd/01_passwd_-S_root_locked_account/config/etc/gshadow42
-rw-r--r--tests/passwd/01_passwd_-S_root_locked_account/config/etc/passwd20
-rw-r--r--tests/passwd/01_passwd_-S_root_locked_account/config/etc/shadow20
-rw-r--r--tests/passwd/01_passwd_-S_root_locked_account/data/passwd.out1
-rwxr-xr-xtests/passwd/01_passwd_-S_root_locked_account/passwd.test48
-rw-r--r--tests/passwd/02_passwd_-S_root_valid_account/config/etc/group42
-rw-r--r--tests/passwd/02_passwd_-S_root_valid_account/config/etc/gshadow42
-rw-r--r--tests/passwd/02_passwd_-S_root_valid_account/config/etc/passwd20
-rw-r--r--tests/passwd/02_passwd_-S_root_valid_account/config/etc/shadow20
-rw-r--r--tests/passwd/02_passwd_-S_root_valid_account/data/passwd.out1
-rwxr-xr-xtests/passwd/02_passwd_-S_root_valid_account/passwd.test48
-rw-r--r--tests/passwd/03_passwd_-S_root_empty_password/config/etc/group42
-rw-r--r--tests/passwd/03_passwd_-S_root_empty_password/config/etc/gshadow42
-rw-r--r--tests/passwd/03_passwd_-S_root_empty_password/config/etc/passwd20
-rw-r--r--tests/passwd/03_passwd_-S_root_empty_password/config/etc/shadow20
-rw-r--r--tests/passwd/03_passwd_-S_root_empty_password/data/passwd.out1
-rwxr-xr-xtests/passwd/03_passwd_-S_root_empty_password/passwd.test48
-rw-r--r--tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/group42
-rw-r--r--tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/gshadow42
-rw-r--r--tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/passwd20
-rw-r--r--tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/shadow20
-rw-r--r--tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/data/passwd.out1
-rwxr-xr-xtests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test52
-rw-r--r--tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/group42
-rw-r--r--tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/shadow19
-rw-r--r--tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/data/passwd.out1
-rwxr-xr-xtests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test48
-rw-r--r--tests/passwd/06_passwd_-l_root_lock_account/config/etc/group42
-rw-r--r--tests/passwd/06_passwd_-l_root_lock_account/config/etc/gshadow42
-rw-r--r--tests/passwd/06_passwd_-l_root_lock_account/config/etc/passwd20
-rw-r--r--tests/passwd/06_passwd_-l_root_lock_account/config/etc/shadow20
-rw-r--r--tests/passwd/06_passwd_-l_root_lock_account/data/passwd.out1
-rw-r--r--tests/passwd/06_passwd_-l_root_lock_account/data/shadow20
-rwxr-xr-xtests/passwd/06_passwd_-l_root_lock_account/passwd.test48
-rw-r--r--tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/group42
-rw-r--r--tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/shadow19
-rw-r--r--tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd20
-rw-r--r--tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd.out1
-rwxr-xr-xtests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test48
-rw-r--r--tests/passwd/08_passwd_-u_root_unlock_account/config/etc/group42
-rw-r--r--tests/passwd/08_passwd_-u_root_unlock_account/config/etc/gshadow42
-rw-r--r--tests/passwd/08_passwd_-u_root_unlock_account/config/etc/passwd20
-rw-r--r--tests/passwd/08_passwd_-u_root_unlock_account/config/etc/shadow20
-rw-r--r--tests/passwd/08_passwd_-u_root_unlock_account/data/passwd.out1
-rw-r--r--tests/passwd/08_passwd_-u_root_unlock_account/data/shadow20
-rwxr-xr-xtests/passwd/08_passwd_-u_root_unlock_account/passwd.test48
-rw-r--r--tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/group42
-rw-r--r--tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/gshadow42
-rw-r--r--tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/passwd20
-rw-r--r--tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/shadow20
-rw-r--r--tests/passwd/09_passwd_-u_root_unlock_to_empty/data/passwd.err2
-rwxr-xr-xtests/passwd/09_passwd_-u_root_unlock_to_empty/passwd.test54
-rw-r--r--tests/passwd/10_passwd_-d_root/config/etc/group42
-rw-r--r--tests/passwd/10_passwd_-d_root/config/etc/gshadow42
-rw-r--r--tests/passwd/10_passwd_-d_root/config/etc/passwd20
-rw-r--r--tests/passwd/10_passwd_-d_root/config/etc/shadow20
-rw-r--r--tests/passwd/10_passwd_-d_root/data/passwd.out1
-rw-r--r--tests/passwd/10_passwd_-d_root/data/shadow20
-rwxr-xr-xtests/passwd/10_passwd_-d_root/passwd.test48
-rw-r--r--tests/passwd/11_passwd_--mindays_root/config/etc/group42
-rw-r--r--tests/passwd/11_passwd_--mindays_root/config/etc/gshadow42
-rw-r--r--tests/passwd/11_passwd_--mindays_root/config/etc/passwd20
-rw-r--r--tests/passwd/11_passwd_--mindays_root/config/etc/shadow20
-rw-r--r--tests/passwd/11_passwd_--mindays_root/data/passwd.out1
-rw-r--r--tests/passwd/11_passwd_--mindays_root/data/shadow20
-rwxr-xr-xtests/passwd/11_passwd_--mindays_root/passwd.test48
-rw-r--r--tests/passwd/12_passwd_--maxdays_root/config/etc/group42
-rw-r--r--tests/passwd/12_passwd_--maxdays_root/config/etc/gshadow42
-rw-r--r--tests/passwd/12_passwd_--maxdays_root/config/etc/passwd20
-rw-r--r--tests/passwd/12_passwd_--maxdays_root/config/etc/shadow20
-rw-r--r--tests/passwd/12_passwd_--maxdays_root/data/passwd.out1
-rw-r--r--tests/passwd/12_passwd_--maxdays_root/data/shadow20
-rwxr-xr-xtests/passwd/12_passwd_--maxdays_root/passwd.test48
-rw-r--r--tests/passwd/13_passwd_--warndays_root/config/etc/group42
-rw-r--r--tests/passwd/13_passwd_--warndays_root/config/etc/gshadow42
-rw-r--r--tests/passwd/13_passwd_--warndays_root/config/etc/passwd20
-rw-r--r--tests/passwd/13_passwd_--warndays_root/config/etc/shadow20
-rw-r--r--tests/passwd/13_passwd_--warndays_root/data/passwd.out1
-rw-r--r--tests/passwd/13_passwd_--warndays_root/data/shadow20
-rwxr-xr-xtests/passwd/13_passwd_--warndays_root/passwd.test48
-rw-r--r--tests/passwd/14_passwd_--inactive_root/config/etc/group42
-rw-r--r--tests/passwd/14_passwd_--inactive_root/config/etc/gshadow42
-rw-r--r--tests/passwd/14_passwd_--inactive_root/config/etc/passwd20
-rw-r--r--tests/passwd/14_passwd_--inactive_root/config/etc/shadow20
-rw-r--r--tests/passwd/14_passwd_--inactive_root/data/passwd.out1
-rw-r--r--tests/passwd/14_passwd_--inactive_root/data/shadow20
-rwxr-xr-xtests/passwd/14_passwd_--inactive_root/passwd.test48
-rw-r--r--tests/passwd/15_passwd_--expire_root/config/etc/group42
-rw-r--r--tests/passwd/15_passwd_--expire_root/config/etc/gshadow42
-rw-r--r--tests/passwd/15_passwd_--expire_root/config/etc/passwd20
-rw-r--r--tests/passwd/15_passwd_--expire_root/config/etc/shadow20
-rw-r--r--tests/passwd/15_passwd_--expire_root/data/passwd.out1
-rw-r--r--tests/passwd/15_passwd_--expire_root/data/shadow20
-rwxr-xr-xtests/passwd/15_passwd_--expire_root/passwd.test48
-rw-r--r--tests/passwd/16_passwd_-S-a_root/config/etc/group42
-rw-r--r--tests/passwd/16_passwd_-S-a_root/config/etc/gshadow42
-rw-r--r--tests/passwd/16_passwd_-S-a_root/config/etc/passwd20
-rw-r--r--tests/passwd/16_passwd_-S-a_root/config/etc/shadow20
-rw-r--r--tests/passwd/16_passwd_-S-a_root/data/passwd.out20
-rwxr-xr-xtests/passwd/16_passwd_-S-a_root/passwd.test47
-rw-r--r--tests/passwd/17_passwd_root_change_password/config/etc/group42
-rw-r--r--tests/passwd/17_passwd_root_change_password/config/etc/gshadow42
-rw-r--r--tests/passwd/17_passwd_root_change_password/config/etc/pam.d/common-password33
-rw-r--r--tests/passwd/17_passwd_root_change_password/config/etc/passwd20
-rw-r--r--tests/passwd/17_passwd_root_change_password/config/etc/shadow20
-rw-r--r--tests/passwd/17_passwd_root_change_password/data/shadow20
-rwxr-xr-xtests/passwd/17_passwd_root_change_password/passwd.exp22
-rwxr-xr-xtests/passwd/17_passwd_root_change_password/passwd.test37
-rw-r--r--tests/passwd/18_passwd_root_change_password_user/config/etc/group42
-rw-r--r--tests/passwd/18_passwd_root_change_password_user/config/etc/gshadow42
-rw-r--r--tests/passwd/18_passwd_root_change_password_user/config/etc/pam.d/common-password33
-rw-r--r--tests/passwd/18_passwd_root_change_password_user/config/etc/passwd20
-rw-r--r--tests/passwd/18_passwd_root_change_password_user/config/etc/shadow20
-rw-r--r--tests/passwd/18_passwd_root_change_password_user/data/shadow20
-rwxr-xr-xtests/passwd/18_passwd_root_change_password_user/passwd.exp22
-rwxr-xr-xtests/passwd/18_passwd_root_change_password_user/passwd.test37
-rw-r--r--tests/passwd/19_passwd_user_change_password/config/etc/group42
-rw-r--r--tests/passwd/19_passwd_user_change_password/config/etc/gshadow42
-rw-r--r--tests/passwd/19_passwd_user_change_password/config/etc/pam.d/common-password33
-rw-r--r--tests/passwd/19_passwd_user_change_password/config/etc/passwd20
-rw-r--r--tests/passwd/19_passwd_user_change_password/config/etc/shadow20
-rw-r--r--tests/passwd/19_passwd_user_change_password/data/shadow20
-rwxr-xr-xtests/passwd/19_passwd_user_change_password/passwd.exp31
-rwxr-xr-xtests/passwd/19_passwd_user_change_password/passwd.test37
-rw-r--r--tests/passwd/20_passwd_user_change_password_same_user/config/etc/group42
-rw-r--r--tests/passwd/20_passwd_user_change_password_same_user/config/etc/gshadow42
-rw-r--r--tests/passwd/20_passwd_user_change_password_same_user/config/etc/pam.d/common-password33
-rw-r--r--tests/passwd/20_passwd_user_change_password_same_user/config/etc/passwd20
-rw-r--r--tests/passwd/20_passwd_user_change_password_same_user/config/etc/shadow20
-rw-r--r--tests/passwd/20_passwd_user_change_password_same_user/data/shadow20
-rwxr-xr-xtests/passwd/20_passwd_user_change_password_same_user/passwd.exp31
-rwxr-xr-xtests/passwd/20_passwd_user_change_password_same_user/passwd.test37
-rw-r--r--tests/passwd/21_passwd_user_change_password_other_user/config/etc/group43
-rw-r--r--tests/passwd/21_passwd_user_change_password_other_user/config/etc/gshadow43
-rw-r--r--tests/passwd/21_passwd_user_change_password_other_user/config/etc/passwd21
-rw-r--r--tests/passwd/21_passwd_user_change_password_other_user/config/etc/shadow21
-rw-r--r--tests/passwd/21_passwd_user_change_password_other_user/data/passwd.err1
-rwxr-xr-xtests/passwd/21_passwd_user_change_password_other_user/passwd.test53
-rw-r--r--tests/passwd/22_passwd_usage/config.txt10
-rw-r--r--tests/passwd/22_passwd_usage/config/etc/group41
-rw-r--r--tests/passwd/22_passwd_usage/config/etc/gshadow41
-rw-r--r--tests/passwd/22_passwd_usage/config/etc/passwd19
-rw-r--r--tests/passwd/22_passwd_usage/config/etc/shadow19
-rw-r--r--tests/passwd/22_passwd_usage/data/usage.out22
-rwxr-xr-xtests/passwd/22_passwd_usage/passwd.test47
-rwxr-xr-xtests/run_all1305
-rwxr-xr-xtests/run_all.coverage1324
-rw-r--r--tests/split_groups/01_useradd_split_group/config.txt5
-rw-r--r--tests/split_groups/01_useradd_split_group/config/etc/default/useradd36
-rw-r--r--tests/split_groups/01_useradd_split_group/config/etc/group44
-rw-r--r--tests/split_groups/01_useradd_split_group/config/etc/gshadow44
-rw-r--r--tests/split_groups/01_useradd_split_group/config/etc/login.defs317
-rw-r--r--tests/split_groups/01_useradd_split_group/config/etc/passwd21
-rw-r--r--tests/split_groups/01_useradd_split_group/config/etc/shadow21
-rw-r--r--tests/split_groups/01_useradd_split_group/data/group46
-rw-r--r--tests/split_groups/01_useradd_split_group/data/gshadow45
-rw-r--r--tests/split_groups/01_useradd_split_group/data/passwd22
-rw-r--r--tests/split_groups/01_useradd_split_group/data/shadow22
-rwxr-xr-xtests/split_groups/01_useradd_split_group/useradd.test39
-rw-r--r--tests/split_groups/02_useradd_no_split_group/config.txt5
-rw-r--r--tests/split_groups/02_useradd_no_split_group/config/etc/default/useradd36
-rw-r--r--tests/split_groups/02_useradd_no_split_group/config/etc/group44
-rw-r--r--tests/split_groups/02_useradd_no_split_group/config/etc/gshadow44
-rw-r--r--tests/split_groups/02_useradd_no_split_group/config/etc/login.defs317
-rw-r--r--tests/split_groups/02_useradd_no_split_group/config/etc/passwd21
-rw-r--r--tests/split_groups/02_useradd_no_split_group/config/etc/shadow21
-rw-r--r--tests/split_groups/02_useradd_no_split_group/data/group45
-rw-r--r--tests/split_groups/02_useradd_no_split_group/data/gshadow45
-rw-r--r--tests/split_groups/02_useradd_no_split_group/data/passwd22
-rw-r--r--tests/split_groups/02_useradd_no_split_group/data/shadow22
-rwxr-xr-xtests/split_groups/02_useradd_no_split_group/useradd.test39
-rw-r--r--tests/split_groups/03_useradd_split_group_already_split/config.txt5
-rw-r--r--tests/split_groups/03_useradd_split_group_already_split/config/etc/default/useradd36
-rw-r--r--tests/split_groups/03_useradd_split_group_already_split/config/etc/group46
-rw-r--r--tests/split_groups/03_useradd_split_group_already_split/config/etc/gshadow45
-rw-r--r--tests/split_groups/03_useradd_split_group_already_split/config/etc/login.defs317
-rw-r--r--tests/split_groups/03_useradd_split_group_already_split/config/etc/passwd22
-rw-r--r--tests/split_groups/03_useradd_split_group_already_split/config/etc/shadow22
-rw-r--r--tests/split_groups/03_useradd_split_group_already_split/data/group47
-rw-r--r--tests/split_groups/03_useradd_split_group_already_split/data/gshadow46
-rw-r--r--tests/split_groups/03_useradd_split_group_already_split/data/passwd23
-rw-r--r--tests/split_groups/03_useradd_split_group_already_split/data/shadow23
-rwxr-xr-xtests/split_groups/03_useradd_split_group_already_split/useradd.test39
-rw-r--r--tests/split_groups/04_useradd_split_group_already_full/config.txt5
-rw-r--r--tests/split_groups/04_useradd_split_group_already_full/config/etc/default/useradd36
-rw-r--r--tests/split_groups/04_useradd_split_group_already_full/config/etc/group45
-rw-r--r--tests/split_groups/04_useradd_split_group_already_full/config/etc/gshadow45
-rw-r--r--tests/split_groups/04_useradd_split_group_already_full/config/etc/login.defs317
-rw-r--r--tests/split_groups/04_useradd_split_group_already_full/config/etc/passwd22
-rw-r--r--tests/split_groups/04_useradd_split_group_already_full/config/etc/shadow22
-rw-r--r--tests/split_groups/04_useradd_split_group_already_full/data/group47
-rw-r--r--tests/split_groups/04_useradd_split_group_already_full/data/gshadow46
-rw-r--r--tests/split_groups/04_useradd_split_group_already_full/data/passwd23
-rw-r--r--tests/split_groups/04_useradd_split_group_already_full/data/shadow23
-rwxr-xr-xtests/split_groups/04_useradd_split_group_already_full/useradd.test39
-rw-r--r--tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config.txt5
-rw-r--r--tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/group46
-rw-r--r--tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/gshadow45
-rw-r--r--tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/login.defs317
-rw-r--r--tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/passwd22
-rw-r--r--tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/shadow22
-rw-r--r--tests/split_groups/05_useradd_split_group_already_split_passwd_differ/data/useradd.err2
-rwxr-xr-xtests/split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test54
-rw-r--r--tests/split_groups/06_useradd_split_group_already_split_GID_differ/config.txt5
-rw-r--r--tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/group46
-rw-r--r--tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/gshadow45
-rw-r--r--tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/login.defs317
-rw-r--r--tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/passwd22
-rw-r--r--tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/shadow22
-rw-r--r--tests/split_groups/06_useradd_split_group_already_split_GID_differ/data/useradd.err2
-rwxr-xr-xtests/split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test54
-rw-r--r--tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config.txt5
-rw-r--r--tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/default/useradd36
-rw-r--r--tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/group46
-rw-r--r--tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/gshadow45
-rw-r--r--tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/login.defs317
-rw-r--r--tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/passwd22
-rw-r--r--tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/shadow22
-rw-r--r--tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/group47
-rw-r--r--tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/gshadow46
-rw-r--r--tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/passwd23
-rw-r--r--tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/shadow23
-rwxr-xr-xtests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test39
-rw-r--r--tests/split_groups/08_useradd_no_split_group_already_split/config.txt5
-rw-r--r--tests/split_groups/08_useradd_no_split_group_already_split/config/etc/group46
-rw-r--r--tests/split_groups/08_useradd_no_split_group_already_split/config/etc/gshadow45
-rw-r--r--tests/split_groups/08_useradd_no_split_group_already_split/config/etc/login.defs317
-rw-r--r--tests/split_groups/08_useradd_no_split_group_already_split/config/etc/passwd22
-rw-r--r--tests/split_groups/08_useradd_no_split_group_already_split/config/etc/shadow22
-rw-r--r--tests/split_groups/08_useradd_no_split_group_already_split/data/useradd.err2
-rwxr-xr-xtests/split_groups/08_useradd_no_split_group_already_split/useradd.test54
-rw-r--r--tests/split_groups/09_groupdel_split_group_already_split/config.txt5
-rw-r--r--tests/split_groups/09_groupdel_split_group_already_split/config/etc/group46
-rw-r--r--tests/split_groups/09_groupdel_split_group_already_split/config/etc/gshadow45
-rw-r--r--tests/split_groups/09_groupdel_split_group_already_split/config/etc/login.defs317
-rw-r--r--tests/split_groups/09_groupdel_split_group_already_split/config/etc/passwd22
-rw-r--r--tests/split_groups/09_groupdel_split_group_already_split/config/etc/shadow22
-rw-r--r--tests/split_groups/09_groupdel_split_group_already_split/data/group44
-rw-r--r--tests/split_groups/09_groupdel_split_group_already_split/data/gshadow44
-rwxr-xr-xtests/split_groups/09_groupdel_split_group_already_split/groupdel.test39
-rw-r--r--tests/split_groups/10_groupdel_no_split_group_already_split/config.txt5
-rw-r--r--tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/group46
-rw-r--r--tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/gshadow45
-rw-r--r--tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/login.defs317
-rw-r--r--tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/passwd22
-rw-r--r--tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/shadow22
-rw-r--r--tests/split_groups/10_groupdel_no_split_group_already_split/data/groupdel.err2
-rwxr-xr-xtests/split_groups/10_groupdel_no_split_group_already_split/groupdel.test54
-rw-r--r--tests/su/01/config.txt3
-rw-r--r--tests/su/01/config/etc/group42
-rw-r--r--tests/su/01/config/etc/gshadow42
-rw-r--r--tests/su/01/config/etc/passwd21
-rw-r--r--tests/su/01/config/etc/shadow20
-rwxr-xr-xtests/su/01/run_su.exp73
-rwxr-xr-xtests/su/01/su_root.test25
-rwxr-xr-xtests/su/01/su_user.test25
-rw-r--r--tests/su/02/config.txt5
-rw-r--r--tests/su/02/config/etc/group42
-rw-r--r--tests/su/02/config/etc/gshadow42
-rw-r--r--tests/su/02/config/etc/passwd21
-rw-r--r--tests/su/02/config/etc/profile0
-rw-r--r--tests/su/02/config/etc/shadow20
l---------tests/su/02/env_FOO-options_1
l---------tests/su/02/env_FOO-options_-1
l---------tests/su/02/env_FOO-options_--login1
-rwxr-xr-xtests/su/02/env_FOO-options_--login.exp48
l---------tests/su/02/env_FOO-options_--login_bash1
l---------tests/su/02/env_FOO-options_--preserve-environment1
-rwxr-xr-xtests/su/02/env_FOO-options_--preserve-environment.exp48
l---------tests/su/02/env_FOO-options_--preserve-environment_bash1
-rwxr-xr-xtests/su/02/env_FOO-options_-.exp48
l---------tests/su/02/env_FOO-options_-_bash1
l---------tests/su/02/env_FOO-options_-l1
l---------tests/su/02/env_FOO-options_-l-m1
-rwxr-xr-xtests/su/02/env_FOO-options_-l-m.exp48
l---------tests/su/02/env_FOO-options_-l-m_bash1
-rwxr-xr-xtests/su/02/env_FOO-options_-l.exp48
l---------tests/su/02/env_FOO-options_-l_bash1
l---------tests/su/02/env_FOO-options_-m1
-rwxr-xr-xtests/su/02/env_FOO-options_-m.exp48
l---------tests/su/02/env_FOO-options_-m_bash1
l---------tests/su/02/env_FOO-options_-p1
l---------tests/su/02/env_FOO-options_-p-1
-rwxr-xr-xtests/su/02/env_FOO-options_-p-.exp48
l---------tests/su/02/env_FOO-options_-p-_bash1
-rwxr-xr-xtests/su/02/env_FOO-options_-p.exp48
l---------tests/su/02/env_FOO-options_-p_bash1
-rwxr-xr-xtests/su/02/env_FOO-options_.exp48
l---------tests/su/02/env_FOO-options__bash1
l---------tests/su/02/env_special-options_1
l---------tests/su/02/env_special-options_-l1
l---------tests/su/02/env_special-options_-l-p1
-rwxr-xr-xtests/su/02/env_special-options_-l-p.exp55
l---------tests/su/02/env_special-options_-l-p_bash1
-rwxr-xr-xtests/su/02/env_special-options_-l.exp54
l---------tests/su/02/env_special-options_-l_bash1
l---------tests/su/02/env_special-options_-p1
-rwxr-xr-xtests/su/02/env_special-options_-p.exp56
l---------tests/su/02/env_special-options_-p_bash1
-rwxr-xr-xtests/su/02/env_special-options_.exp55
l---------tests/su/02/env_special-options__bash1
l---------tests/su/02/env_special_root-options_1
l---------tests/su/02/env_special_root-options_-l1
l---------tests/su/02/env_special_root-options_-l-p1
-rwxr-xr-xtests/su/02/env_special_root-options_-l-p.exp57
l---------tests/su/02/env_special_root-options_-l-p_bash1
-rwxr-xr-xtests/su/02/env_special_root-options_-l.exp54
l---------tests/su/02/env_special_root-options_-l_bash1
l---------tests/su/02/env_special_root-options_-p1
-rwxr-xr-xtests/su/02/env_special_root-options_-p.exp56
l---------tests/su/02/env_special_root-options_-p_bash1
-rwxr-xr-xtests/su/02/env_special_root-options_.exp55
l---------tests/su/02/env_special_root-options__bash1
-rwxr-xr-xtests/su/02/run_env_test.sh38
-rw-r--r--tests/su/03/config/etc/group42
-rw-r--r--tests/su/03/config/etc/gshadow42
-rw-r--r--tests/su/03/config/etc/passwd21
-rw-r--r--tests/su/03/config/etc/shadow20
-rw-r--r--tests/su/03/data/ls.out1
-rwxr-xr-xtests/su/03/su_run_command01.test43
-rwxr-xr-xtests/su/03/su_run_command02.test36
-rwxr-xr-xtests/su/03/su_run_command03.test36
-rwxr-xr-xtests/su/03/su_run_command04.test36
-rwxr-xr-xtests/su/03/su_run_command05.test36
-rwxr-xr-xtests/su/03/su_run_command06.test45
-rwxr-xr-xtests/su/03/su_run_command07.test45
-rwxr-xr-xtests/su/03/su_run_command08.test45
-rwxr-xr-xtests/su/03/su_run_command09.test45
-rwxr-xr-xtests/su/03/su_run_command10.test45
-rwxr-xr-xtests/su/03/su_run_command11.test45
-rwxr-xr-xtests/su/03/su_run_command12.test45
-rwxr-xr-xtests/su/03/su_run_command13.test50
-rwxr-xr-xtests/su/03/su_run_command14.test45
-rwxr-xr-xtests/su/03/su_run_command15.test52
-rwxr-xr-xtests/su/03/su_run_command16.test45
-rwxr-xr-xtests/su/03/su_run_command17.test45
-rw-r--r--tests/su/04/config.txt3
-rw-r--r--tests/su/04/config/etc/group42
-rw-r--r--tests/su/04/config/etc/gshadow42
-rw-r--r--tests/su/04/config/etc/login.defs315
-rw-r--r--tests/su/04/config/etc/passwd21
-rw-r--r--tests/su/04/config/etc/shadow20
-rw-r--r--tests/su/04/config/var/log/auth.log0
-rw-r--r--tests/su/04/data/wrong_user.err1
-rwxr-xr-xtests/su/04/run_su_failed.exp58
-rwxr-xr-xtests/su/04/su_user_wrong_passwd.test24
-rwxr-xr-xtests/su/04/su_user_wrong_passwd_syslog.test40
-rwxr-xr-xtests/su/04/su_wrong_user.test47
-rw-r--r--tests/su/05/config.txt5
-rw-r--r--tests/su/05/config/etc/group42
-rw-r--r--tests/su/05/config/etc/gshadow42
-rw-r--r--tests/su/05/config/etc/login.defs315
-rw-r--r--tests/su/05/config/etc/passwd21
-rw-r--r--tests/su/05/config/etc/shadow20
-rw-r--r--tests/su/05/config/var/log/auth.log0
-rwxr-xr-xtests/su/05/run_su_failed.exp58
-rwxr-xr-xtests/su/05/su_user_wrong_passwd_syslog.test40
-rw-r--r--tests/su/06/config.txt3
-rw-r--r--tests/su/06/config/etc/group42
-rw-r--r--tests/su/06/config/etc/gshadow42
-rw-r--r--tests/su/06/config/etc/login.defs315
-rw-r--r--tests/su/06/config/etc/passwd21
-rw-r--r--tests/su/06/config/etc/shadow20
-rw-r--r--tests/su/06/config/var/log/auth.log0
-rwxr-xr-xtests/su/06/run_su.exp73
-rwxr-xr-xtests/su/06/su_user_syslog.test39
-rw-r--r--tests/su/07/config.txt3
-rw-r--r--tests/su/07/config/etc/group42
-rw-r--r--tests/su/07/config/etc/gshadow42
-rw-r--r--tests/su/07/config/etc/login.defs315
-rw-r--r--tests/su/07/config/etc/passwd21
-rw-r--r--tests/su/07/config/etc/shadow20
-rw-r--r--tests/su/07/config/var/log/auth.log0
-rwxr-xr-xtests/su/07/run_su.exp73
-rwxr-xr-xtests/su/07/su_user_syslog.test44
-rw-r--r--tests/su/08/config.txt0
-rw-r--r--tests/su/08/config/etc/group42
-rw-r--r--tests/su/08/config/etc/gshadow42
-rw-r--r--tests/su/08/config/etc/login.defs315
-rw-r--r--tests/su/08/config/etc/passwd21
-rw-r--r--tests/su/08/config/etc/shadow20
l---------tests/su/08/env_special-options_1
l---------tests/su/08/env_special-options_.exp1
l---------tests/su/08/env_special_root-options_1
l---------tests/su/08/env_special_root-options_.exp1
-rw-r--r--tests/su/09/config.txt3
-rw-r--r--tests/su/09/config/etc/group42
-rw-r--r--tests/su/09/config/etc/gshadow42
-rw-r--r--tests/su/09/config/etc/login.defs315
-rw-r--r--tests/su/09/config/etc/passwd21
-rw-r--r--tests/su/09/config/etc/shadow20
l---------tests/su/09/env_special-options_1
-rwxr-xr-xtests/su/09/env_special-options_.exp55
l---------tests/su/09/env_special_root-options_1
-rwxr-xr-xtests/su/09/env_special_root-options_.exp55
-rw-r--r--tests/su/10_su_sulog_success/config.txt3
-rw-r--r--tests/su/10_su_sulog_success/config/etc/group42
-rw-r--r--tests/su/10_su_sulog_success/config/etc/gshadow42
-rw-r--r--tests/su/10_su_sulog_success/config/etc/login.defs315
-rw-r--r--tests/su/10_su_sulog_success/config/etc/passwd21
-rw-r--r--tests/su/10_su_sulog_success/config/etc/shadow20
-rw-r--r--tests/su/10_su_sulog_success/config/var/log/sulog0
-rw-r--r--tests/su/10_su_sulog_success/data/sulog1
-rwxr-xr-xtests/su/10_su_sulog_success/run_su.exp73
-rwxr-xr-xtests/su/10_su_sulog_success/su.test40
-rw-r--r--tests/su/11_su_sulog_failure/config.txt3
-rw-r--r--tests/su/11_su_sulog_failure/config/etc/group42
-rw-r--r--tests/su/11_su_sulog_failure/config/etc/gshadow42
-rw-r--r--tests/su/11_su_sulog_failure/config/etc/login.defs315
-rw-r--r--tests/su/11_su_sulog_failure/config/etc/passwd21
-rw-r--r--tests/su/11_su_sulog_failure/config/etc/shadow20
-rw-r--r--tests/su/11_su_sulog_failure/config/var/log/sulog0
-rw-r--r--tests/su/11_su_sulog_failure/data/sulog1
-rwxr-xr-xtests/su/11_su_sulog_failure/run_su.exp67
-rwxr-xr-xtests/su/11_su_sulog_failure/su.test43
-rw-r--r--tests/su/12_su_child_failure/config.txt3
-rw-r--r--tests/su/12_su_child_failure/config/etc/group42
-rw-r--r--tests/su/12_su_child_failure/config/etc/gshadow42
-rw-r--r--tests/su/12_su_child_failure/config/etc/login.defs315
-rw-r--r--tests/su/12_su_child_failure/config/etc/passwd21
-rw-r--r--tests/su/12_su_child_failure/config/etc/shadow20
-rw-r--r--tests/su/12_su_child_failure/config/var/log/sulog0
-rwxr-xr-xtests/su/12_su_child_failure/su.test37
-rw-r--r--tests/su/13_su_child_success/config.txt3
-rw-r--r--tests/su/13_su_child_success/config/etc/group42
-rw-r--r--tests/su/13_su_child_success/config/etc/gshadow42
-rw-r--r--tests/su/13_su_child_success/config/etc/login.defs315
-rw-r--r--tests/su/13_su_child_success/config/etc/passwd21
-rw-r--r--tests/su/13_su_child_success/config/etc/shadow20
-rw-r--r--tests/su/13_su_child_success/config/var/log/sulog0
-rwxr-xr-xtests/su/13_su_child_success/su.test31
-rw-r--r--tests/subids/01_useradd_no_subids/config.txt0
-rw-r--r--tests/subids/01_useradd_no_subids/config/etc/default/useradd36
-rw-r--r--tests/subids/01_useradd_no_subids/config/etc/group41
-rw-r--r--tests/subids/01_useradd_no_subids/config/etc/gshadow41
-rw-r--r--tests/subids/01_useradd_no_subids/config/etc/passwd19
-rw-r--r--tests/subids/01_useradd_no_subids/config/etc/shadow19
-rw-r--r--tests/subids/01_useradd_no_subids/config/etc/subgid0
-rw-r--r--tests/subids/01_useradd_no_subids/config/etc/subuid0
-rw-r--r--tests/subids/01_useradd_no_subids/data/group42
-rw-r--r--tests/subids/01_useradd_no_subids/data/gshadow42
-rw-r--r--tests/subids/01_useradd_no_subids/data/passwd20
-rw-r--r--tests/subids/01_useradd_no_subids/data/shadow20
-rwxr-xr-xtests/subids/01_useradd_no_subids/useradd.test47
-rw-r--r--tests/subids/02_useradd_with_subids/config.txt0
-rw-r--r--tests/subids/02_useradd_with_subids/config/etc/default/useradd36
-rw-r--r--tests/subids/02_useradd_with_subids/config/etc/group41
-rw-r--r--tests/subids/02_useradd_with_subids/config/etc/gshadow41
-rw-r--r--tests/subids/02_useradd_with_subids/config/etc/passwd19
-rw-r--r--tests/subids/02_useradd_with_subids/config/etc/shadow19
-rw-r--r--tests/subids/02_useradd_with_subids/config/etc/subgid0
-rw-r--r--tests/subids/02_useradd_with_subids/config/etc/subuid0
-rw-r--r--tests/subids/02_useradd_with_subids/data/group42
-rw-r--r--tests/subids/02_useradd_with_subids/data/gshadow42
-rw-r--r--tests/subids/02_useradd_with_subids/data/passwd20
-rw-r--r--tests/subids/02_useradd_with_subids/data/shadow20
-rw-r--r--tests/subids/02_useradd_with_subids/data/subgid1
-rw-r--r--tests/subids/02_useradd_with_subids/data/subuid1
-rwxr-xr-xtests/subids/02_useradd_with_subids/useradd.test45
-rw-r--r--tests/subids/03_useradd_no_subgid/config.txt0
-rw-r--r--tests/subids/03_useradd_no_subgid/config/etc/default/useradd36
-rw-r--r--tests/subids/03_useradd_no_subgid/config/etc/group41
-rw-r--r--tests/subids/03_useradd_no_subgid/config/etc/gshadow41
-rw-r--r--tests/subids/03_useradd_no_subgid/config/etc/passwd19
-rw-r--r--tests/subids/03_useradd_no_subgid/config/etc/shadow19
-rw-r--r--tests/subids/03_useradd_no_subgid/config/etc/subgid0
-rw-r--r--tests/subids/03_useradd_no_subgid/config/etc/subuid0
-rw-r--r--tests/subids/03_useradd_no_subgid/data/group42
-rw-r--r--tests/subids/03_useradd_no_subgid/data/gshadow42
-rw-r--r--tests/subids/03_useradd_no_subgid/data/passwd20
-rw-r--r--tests/subids/03_useradd_no_subgid/data/shadow20
-rw-r--r--tests/subids/03_useradd_no_subgid/data/subuid1
-rwxr-xr-xtests/subids/03_useradd_no_subgid/useradd.test49
-rw-r--r--tests/subids/04_useradd_no_subuid/config.txt0
-rw-r--r--tests/subids/04_useradd_no_subuid/config/etc/default/useradd36
-rw-r--r--tests/subids/04_useradd_no_subuid/config/etc/group41
-rw-r--r--tests/subids/04_useradd_no_subuid/config/etc/gshadow41
-rw-r--r--tests/subids/04_useradd_no_subuid/config/etc/passwd19
-rw-r--r--tests/subids/04_useradd_no_subuid/config/etc/shadow19
-rw-r--r--tests/subids/04_useradd_no_subuid/config/etc/subgid0
-rw-r--r--tests/subids/04_useradd_no_subuid/config/etc/subuid0
-rw-r--r--tests/subids/04_useradd_no_subuid/data/group42
-rw-r--r--tests/subids/04_useradd_no_subuid/data/gshadow42
-rw-r--r--tests/subids/04_useradd_no_subuid/data/passwd20
-rw-r--r--tests/subids/04_useradd_no_subuid/data/shadow20
-rw-r--r--tests/subids/04_useradd_no_subuid/data/subgid1
-rwxr-xr-xtests/subids/04_useradd_no_subuid/useradd.test49
-rw-r--r--tests/subids/05_useradd_fill_gap_start/config.txt0
-rw-r--r--tests/subids/05_useradd_fill_gap_start/config/etc/default/useradd36
-rw-r--r--tests/subids/05_useradd_fill_gap_start/config/etc/group41
-rw-r--r--tests/subids/05_useradd_fill_gap_start/config/etc/gshadow41
-rw-r--r--tests/subids/05_useradd_fill_gap_start/config/etc/passwd19
-rw-r--r--tests/subids/05_useradd_fill_gap_start/config/etc/shadow19
-rw-r--r--tests/subids/05_useradd_fill_gap_start/config/etc/subgid1
-rw-r--r--tests/subids/05_useradd_fill_gap_start/config/etc/subuid1
-rw-r--r--tests/subids/05_useradd_fill_gap_start/data/group42
-rw-r--r--tests/subids/05_useradd_fill_gap_start/data/gshadow42
-rw-r--r--tests/subids/05_useradd_fill_gap_start/data/passwd20
-rw-r--r--tests/subids/05_useradd_fill_gap_start/data/shadow20
-rw-r--r--tests/subids/05_useradd_fill_gap_start/data/subgid2
-rw-r--r--tests/subids/05_useradd_fill_gap_start/data/subuid2
-rwxr-xr-xtests/subids/05_useradd_fill_gap_start/useradd.test45
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/config.txt0
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/config/etc/default/useradd36
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/config/etc/group41
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/config/etc/gshadow41
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/config/etc/passwd19
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/config/etc/shadow19
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/config/etc/subgid2
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/config/etc/subuid2
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/data/group42
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/data/gshadow42
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/data/passwd20
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/data/shadow20
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/data/subgid3
-rw-r--r--tests/subids/06_useradd_fill_gap_middle/data/subuid3
-rwxr-xr-xtests/subids/06_useradd_fill_gap_middle/useradd.test45
-rw-r--r--tests/subids/07_useradd_fill_gap_end/config.txt0
-rw-r--r--tests/subids/07_useradd_fill_gap_end/config/etc/default/useradd36
-rw-r--r--tests/subids/07_useradd_fill_gap_end/config/etc/group41
-rw-r--r--tests/subids/07_useradd_fill_gap_end/config/etc/gshadow41
-rw-r--r--tests/subids/07_useradd_fill_gap_end/config/etc/passwd19
-rw-r--r--tests/subids/07_useradd_fill_gap_end/config/etc/shadow19
-rw-r--r--tests/subids/07_useradd_fill_gap_end/config/etc/subgid1
-rw-r--r--tests/subids/07_useradd_fill_gap_end/config/etc/subuid1
-rw-r--r--tests/subids/07_useradd_fill_gap_end/data/group42
-rw-r--r--tests/subids/07_useradd_fill_gap_end/data/gshadow42
-rw-r--r--tests/subids/07_useradd_fill_gap_end/data/passwd20
-rw-r--r--tests/subids/07_useradd_fill_gap_end/data/shadow20
-rw-r--r--tests/subids/07_useradd_fill_gap_end/data/subgid2
-rw-r--r--tests/subids/07_useradd_fill_gap_end/data/subuid2
-rwxr-xr-xtests/subids/07_useradd_fill_gap_end/useradd.test45
-rw-r--r--tests/subids/08_useradd_no_more_subuids_start/config.txt0
-rw-r--r--tests/subids/08_useradd_no_more_subuids_start/config/etc/default/useradd36
-rw-r--r--tests/subids/08_useradd_no_more_subuids_start/config/etc/group41
-rw-r--r--tests/subids/08_useradd_no_more_subuids_start/config/etc/gshadow41
-rw-r--r--tests/subids/08_useradd_no_more_subuids_start/config/etc/passwd19
-rw-r--r--tests/subids/08_useradd_no_more_subuids_start/config/etc/shadow19
-rw-r--r--tests/subids/08_useradd_no_more_subuids_start/config/etc/subgid1
-rw-r--r--tests/subids/08_useradd_no_more_subuids_start/config/etc/subuid1
-rw-r--r--tests/subids/08_useradd_no_more_subuids_start/data/useradd.err2
-rwxr-xr-xtests/subids/08_useradd_no_more_subuids_start/useradd.test60
-rw-r--r--tests/subids/09_useradd_no_more_subgids_start/config.txt0
-rw-r--r--tests/subids/09_useradd_no_more_subgids_start/config/etc/default/useradd36
-rw-r--r--tests/subids/09_useradd_no_more_subgids_start/config/etc/group41
-rw-r--r--tests/subids/09_useradd_no_more_subgids_start/config/etc/gshadow41
-rw-r--r--tests/subids/09_useradd_no_more_subgids_start/config/etc/passwd19
-rw-r--r--tests/subids/09_useradd_no_more_subgids_start/config/etc/shadow19
-rw-r--r--tests/subids/09_useradd_no_more_subgids_start/config/etc/subgid1
-rw-r--r--tests/subids/09_useradd_no_more_subgids_start/config/etc/subuid1
-rw-r--r--tests/subids/09_useradd_no_more_subgids_start/data/useradd.err2
-rwxr-xr-xtests/subids/09_useradd_no_more_subgids_start/useradd.test60
-rw-r--r--tests/subids/10_useradd_no_more_subuids_end/config.txt0
-rw-r--r--tests/subids/10_useradd_no_more_subuids_end/config/etc/default/useradd36
-rw-r--r--tests/subids/10_useradd_no_more_subuids_end/config/etc/group41
-rw-r--r--tests/subids/10_useradd_no_more_subuids_end/config/etc/gshadow41
-rw-r--r--tests/subids/10_useradd_no_more_subuids_end/config/etc/passwd19
-rw-r--r--tests/subids/10_useradd_no_more_subuids_end/config/etc/shadow19
-rw-r--r--tests/subids/10_useradd_no_more_subuids_end/config/etc/subgid1
-rw-r--r--tests/subids/10_useradd_no_more_subuids_end/config/etc/subuid1
-rw-r--r--tests/subids/10_useradd_no_more_subuids_end/data/useradd.err2
-rwxr-xr-xtests/subids/10_useradd_no_more_subuids_end/useradd.test60
-rw-r--r--tests/subids/11_useradd_no_more_subgids_end/config.txt0
-rw-r--r--tests/subids/11_useradd_no_more_subgids_end/config/etc/default/useradd36
-rw-r--r--tests/subids/11_useradd_no_more_subgids_end/config/etc/group41
-rw-r--r--tests/subids/11_useradd_no_more_subgids_end/config/etc/gshadow41
-rw-r--r--tests/subids/11_useradd_no_more_subgids_end/config/etc/passwd19
-rw-r--r--tests/subids/11_useradd_no_more_subgids_end/config/etc/shadow19
-rw-r--r--tests/subids/11_useradd_no_more_subgids_end/config/etc/subgid1
-rw-r--r--tests/subids/11_useradd_no_more_subgids_end/config/etc/subuid1
-rw-r--r--tests/subids/11_useradd_no_more_subgids_end/data/useradd.err2
-rwxr-xr-xtests/subids/11_useradd_no_more_subgids_end/useradd.test60
-rw-r--r--tests/subids/12_useradd_invalid_subuid_configuration1/config.txt0
-rw-r--r--tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/default/useradd36
-rw-r--r--tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/group41
-rw-r--r--tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/gshadow41
-rw-r--r--tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/login.defs343
-rw-r--r--tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/passwd19
-rw-r--r--tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/shadow19
-rw-r--r--tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subgid0
-rw-r--r--tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subuid0
-rw-r--r--tests/subids/12_useradd_invalid_subuid_configuration1/data/useradd.err2
-rwxr-xr-xtests/subids/12_useradd_invalid_subuid_configuration1/useradd.test60
-rw-r--r--tests/subids/13_useradd_invalid_subuid_configuration2/config.txt0
-rw-r--r--tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/default/useradd36
-rw-r--r--tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/group41
-rw-r--r--tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/gshadow41
-rw-r--r--tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/login.defs343
-rw-r--r--tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/passwd19
-rw-r--r--tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/shadow19
-rw-r--r--tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subgid0
-rw-r--r--tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subuid0
-rw-r--r--tests/subids/13_useradd_invalid_subuid_configuration2/data/useradd.err2
-rwxr-xr-xtests/subids/13_useradd_invalid_subuid_configuration2/useradd.test60
-rw-r--r--tests/subids/14_useradd_invalid_subuid_configuration3/config.txt0
-rw-r--r--tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/default/useradd36
-rw-r--r--tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/group41
-rw-r--r--tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/gshadow41
-rw-r--r--tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/login.defs343
-rw-r--r--tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/passwd19
-rw-r--r--tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/shadow19
-rw-r--r--tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subgid0
-rw-r--r--tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subuid0
-rw-r--r--tests/subids/14_useradd_invalid_subuid_configuration3/data/useradd.err2
-rwxr-xr-xtests/subids/14_useradd_invalid_subuid_configuration3/useradd.test60
-rw-r--r--tests/subids/15_useradd_invalid_subgid_configuration1/config.txt0
-rw-r--r--tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/default/useradd36
-rw-r--r--tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/group41
-rw-r--r--tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/gshadow41
-rw-r--r--tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/login.defs343
-rw-r--r--tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/passwd19
-rw-r--r--tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/shadow19
-rw-r--r--tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subgid0
-rw-r--r--tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subuid0
-rw-r--r--tests/subids/15_useradd_invalid_subgid_configuration1/data/useradd.err2
-rwxr-xr-xtests/subids/15_useradd_invalid_subgid_configuration1/useradd.test60
-rw-r--r--tests/subids/16_useradd_invalid_subgid_configuration2/config.txt0
-rw-r--r--tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/default/useradd36
-rw-r--r--tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/group41
-rw-r--r--tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/gshadow41
-rw-r--r--tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/login.defs343
-rw-r--r--tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/passwd19
-rw-r--r--tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/shadow19
-rw-r--r--tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subgid0
-rw-r--r--tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subuid0
-rw-r--r--tests/subids/16_useradd_invalid_subgid_configuration2/data/useradd.err2
-rwxr-xr-xtests/subids/16_useradd_invalid_subgid_configuration2/useradd.test60
-rw-r--r--tests/subids/17_useradd_invalid_subgid_configuration3/config.txt0
-rw-r--r--tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/default/useradd36
-rw-r--r--tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/group41
-rw-r--r--tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/gshadow41
-rw-r--r--tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/login.defs343
-rw-r--r--tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/passwd19
-rw-r--r--tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/shadow19
-rw-r--r--tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subgid0
-rw-r--r--tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subuid0
-rw-r--r--tests/subids/17_useradd_invalid_subgid_configuration3/data/useradd.err2
-rwxr-xr-xtests/subids/17_useradd_invalid_subgid_configuration3/useradd.test60
-rw-r--r--tests/subids/18_useradd_min=max/config.txt0
-rw-r--r--tests/subids/18_useradd_min=max/config/etc/default/useradd36
-rw-r--r--tests/subids/18_useradd_min=max/config/etc/group41
-rw-r--r--tests/subids/18_useradd_min=max/config/etc/gshadow41
-rw-r--r--tests/subids/18_useradd_min=max/config/etc/login.defs343
-rw-r--r--tests/subids/18_useradd_min=max/config/etc/passwd19
-rw-r--r--tests/subids/18_useradd_min=max/config/etc/shadow19
-rw-r--r--tests/subids/18_useradd_min=max/config/etc/subgid0
-rw-r--r--tests/subids/18_useradd_min=max/config/etc/subuid0
-rw-r--r--tests/subids/18_useradd_min=max/data/group42
-rw-r--r--tests/subids/18_useradd_min=max/data/gshadow42
-rw-r--r--tests/subids/18_useradd_min=max/data/passwd20
-rw-r--r--tests/subids/18_useradd_min=max/data/shadow20
-rw-r--r--tests/subids/18_useradd_min=max/data/subgid1
-rw-r--r--tests/subids/18_useradd_min=max/data/subuid1
-rwxr-xr-xtests/subids/18_useradd_min=max/useradd.test45
-rw-r--r--tests/subids/19_useradd_locked_subuid/config.txt0
-rw-r--r--tests/subids/19_useradd_locked_subuid/config/etc/default/useradd36
-rw-r--r--tests/subids/19_useradd_locked_subuid/config/etc/group41
-rw-r--r--tests/subids/19_useradd_locked_subuid/config/etc/gshadow41
-rw-r--r--tests/subids/19_useradd_locked_subuid/config/etc/passwd19
-rw-r--r--tests/subids/19_useradd_locked_subuid/config/etc/shadow19
-rw-r--r--tests/subids/19_useradd_locked_subuid/config/etc/subgid0
-rw-r--r--tests/subids/19_useradd_locked_subuid/config/etc/subuid0
-rw-r--r--tests/subids/19_useradd_locked_subuid/data/useradd.err2
-rwxr-xr-xtests/subids/19_useradd_locked_subuid/useradd.test66
-rw-r--r--tests/subids/20_useradd_locked_subgid/config.txt0
-rw-r--r--tests/subids/20_useradd_locked_subgid/config/etc/default/useradd36
-rw-r--r--tests/subids/20_useradd_locked_subgid/config/etc/group41
-rw-r--r--tests/subids/20_useradd_locked_subgid/config/etc/gshadow41
-rw-r--r--tests/subids/20_useradd_locked_subgid/config/etc/passwd19
-rw-r--r--tests/subids/20_useradd_locked_subgid/config/etc/shadow19
-rw-r--r--tests/subids/20_useradd_locked_subgid/config/etc/subgid0
-rw-r--r--tests/subids/20_useradd_locked_subgid/config/etc/subuid0
-rw-r--r--tests/subids/20_useradd_locked_subgid/data/useradd.err2
-rwxr-xr-xtests/subids/20_useradd_locked_subgid/useradd.test66
-rw-r--r--tests/subids/21_usermod_create_subuid_range/config.txt6
-rw-r--r--tests/subids/21_usermod_create_subuid_range/config/etc/default/useradd36
-rw-r--r--tests/subids/21_usermod_create_subuid_range/config/etc/group42
-rw-r--r--tests/subids/21_usermod_create_subuid_range/config/etc/gshadow42
-rw-r--r--tests/subids/21_usermod_create_subuid_range/config/etc/passwd20
-rw-r--r--tests/subids/21_usermod_create_subuid_range/config/etc/shadow20
-rw-r--r--tests/subids/21_usermod_create_subuid_range/config/etc/subgid0
-rw-r--r--tests/subids/21_usermod_create_subuid_range/config/etc/subuid0
-rw-r--r--tests/subids/21_usermod_create_subuid_range/data/subuid1
-rwxr-xr-xtests/subids/21_usermod_create_subuid_range/usermod.test45
-rw-r--r--tests/subids/22_usermod_create_subgid_range/config.txt6
-rw-r--r--tests/subids/22_usermod_create_subgid_range/config/etc/default/useradd36
-rw-r--r--tests/subids/22_usermod_create_subgid_range/config/etc/group42
-rw-r--r--tests/subids/22_usermod_create_subgid_range/config/etc/gshadow42
-rw-r--r--tests/subids/22_usermod_create_subgid_range/config/etc/passwd20
-rw-r--r--tests/subids/22_usermod_create_subgid_range/config/etc/shadow20
-rw-r--r--tests/subids/22_usermod_create_subgid_range/config/etc/subgid0
-rw-r--r--tests/subids/22_usermod_create_subgid_range/config/etc/subuid0
-rw-r--r--tests/subids/22_usermod_create_subgid_range/data/subgid1
-rwxr-xr-xtests/subids/22_usermod_create_subgid_range/usermod.test45
-rw-r--r--tests/subids/23_usermod_create_subids_ranges/config.txt6
-rw-r--r--tests/subids/23_usermod_create_subids_ranges/config/etc/default/useradd36
-rw-r--r--tests/subids/23_usermod_create_subids_ranges/config/etc/group42
-rw-r--r--tests/subids/23_usermod_create_subids_ranges/config/etc/gshadow42
-rw-r--r--tests/subids/23_usermod_create_subids_ranges/config/etc/passwd20
-rw-r--r--tests/subids/23_usermod_create_subids_ranges/config/etc/shadow20
-rw-r--r--tests/subids/23_usermod_create_subids_ranges/config/etc/subgid0
-rw-r--r--tests/subids/23_usermod_create_subids_ranges/config/etc/subuid0
-rw-r--r--tests/subids/23_usermod_create_subids_ranges/data/subgid3
-rw-r--r--tests/subids/23_usermod_create_subids_ranges/data/subuid2
-rwxr-xr-xtests/subids/23_usermod_create_subids_ranges/usermod.test45
-rw-r--r--tests/subids/24_usermod_create_subids_overlapping_ranges/config.txt6
-rw-r--r--tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/default/useradd36
-rw-r--r--tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/group42
-rw-r--r--tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/gshadow42
-rw-r--r--tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/passwd20
-rw-r--r--tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/shadow20
-rw-r--r--tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subgid0
-rw-r--r--tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subuid0
-rw-r--r--tests/subids/24_usermod_create_subids_overlapping_ranges/data/subgid3
-rw-r--r--tests/subids/24_usermod_create_subids_overlapping_ranges/data/subuid4
-rwxr-xr-xtests/subids/24_usermod_create_subids_overlapping_ranges/usermod.test45
-rw-r--r--tests/subids/25_usermod_add_range/config.txt6
-rw-r--r--tests/subids/25_usermod_add_range/config/etc/default/useradd36
-rw-r--r--tests/subids/25_usermod_add_range/config/etc/group42
-rw-r--r--tests/subids/25_usermod_add_range/config/etc/gshadow42
-rw-r--r--tests/subids/25_usermod_add_range/config/etc/passwd20
-rw-r--r--tests/subids/25_usermod_add_range/config/etc/shadow20
-rw-r--r--tests/subids/25_usermod_add_range/config/etc/subgid1
-rw-r--r--tests/subids/25_usermod_add_range/config/etc/subuid1
-rw-r--r--tests/subids/25_usermod_add_range/data/subgid2
-rw-r--r--tests/subids/25_usermod_add_range/data/subuid2
-rwxr-xr-xtests/subids/25_usermod_add_range/usermod.test45
-rw-r--r--tests/subids/26_usermod_add_overlapping_ranges/config.txt6
-rw-r--r--tests/subids/26_usermod_add_overlapping_ranges/config/etc/default/useradd36
-rw-r--r--tests/subids/26_usermod_add_overlapping_ranges/config/etc/group42
-rw-r--r--tests/subids/26_usermod_add_overlapping_ranges/config/etc/gshadow42
-rw-r--r--tests/subids/26_usermod_add_overlapping_ranges/config/etc/passwd20
-rw-r--r--tests/subids/26_usermod_add_overlapping_ranges/config/etc/shadow20
-rw-r--r--tests/subids/26_usermod_add_overlapping_ranges/config/etc/subgid2
-rw-r--r--tests/subids/26_usermod_add_overlapping_ranges/config/etc/subuid2
-rw-r--r--tests/subids/26_usermod_add_overlapping_ranges/data/subgid3
-rw-r--r--tests/subids/26_usermod_add_overlapping_ranges/data/subuid3
-rwxr-xr-xtests/subids/26_usermod_add_overlapping_ranges/usermod.test45
-rw-r--r--tests/subids/27_usermod_remove_range_all/config.txt6
-rw-r--r--tests/subids/27_usermod_remove_range_all/config/etc/default/useradd36
-rw-r--r--tests/subids/27_usermod_remove_range_all/config/etc/group42
-rw-r--r--tests/subids/27_usermod_remove_range_all/config/etc/gshadow42
-rw-r--r--tests/subids/27_usermod_remove_range_all/config/etc/passwd20
-rw-r--r--tests/subids/27_usermod_remove_range_all/config/etc/shadow20
-rw-r--r--tests/subids/27_usermod_remove_range_all/config/etc/subgid1
-rw-r--r--tests/subids/27_usermod_remove_range_all/config/etc/subuid1
-rw-r--r--tests/subids/27_usermod_remove_range_all/data/subgid0
-rw-r--r--tests/subids/27_usermod_remove_range_all/data/subuid0
-rwxr-xr-xtests/subids/27_usermod_remove_range_all/usermod.test45
-rw-r--r--tests/subids/28_usermod_remove_range_partial_begin/config.txt6
-rw-r--r--tests/subids/28_usermod_remove_range_partial_begin/config/etc/default/useradd36
-rw-r--r--tests/subids/28_usermod_remove_range_partial_begin/config/etc/group42
-rw-r--r--tests/subids/28_usermod_remove_range_partial_begin/config/etc/gshadow42
-rw-r--r--tests/subids/28_usermod_remove_range_partial_begin/config/etc/passwd20
-rw-r--r--tests/subids/28_usermod_remove_range_partial_begin/config/etc/shadow20
-rw-r--r--tests/subids/28_usermod_remove_range_partial_begin/config/etc/subgid2
-rw-r--r--tests/subids/28_usermod_remove_range_partial_begin/config/etc/subuid2
-rw-r--r--tests/subids/28_usermod_remove_range_partial_begin/data/subgid2
-rw-r--r--tests/subids/28_usermod_remove_range_partial_begin/data/subuid2
-rwxr-xr-xtests/subids/28_usermod_remove_range_partial_begin/usermod.test45
-rw-r--r--tests/subids/29_usermod_remove_range_partial_middle/config.txt6
-rw-r--r--tests/subids/29_usermod_remove_range_partial_middle/config/etc/default/useradd36
-rw-r--r--tests/subids/29_usermod_remove_range_partial_middle/config/etc/group42
-rw-r--r--tests/subids/29_usermod_remove_range_partial_middle/config/etc/gshadow42
-rw-r--r--tests/subids/29_usermod_remove_range_partial_middle/config/etc/passwd20
-rw-r--r--tests/subids/29_usermod_remove_range_partial_middle/config/etc/shadow20
-rw-r--r--tests/subids/29_usermod_remove_range_partial_middle/config/etc/subgid1
-rw-r--r--tests/subids/29_usermod_remove_range_partial_middle/config/etc/subuid2
-rw-r--r--tests/subids/29_usermod_remove_range_partial_middle/data/subgid2
-rw-r--r--tests/subids/29_usermod_remove_range_partial_middle/data/subuid4
-rwxr-xr-xtests/subids/29_usermod_remove_range_partial_middle/usermod.test45
-rw-r--r--tests/subids/30_usermod_remove_range_partial_end/config.txt6
-rw-r--r--tests/subids/30_usermod_remove_range_partial_end/config/etc/default/useradd36
-rw-r--r--tests/subids/30_usermod_remove_range_partial_end/config/etc/group42
-rw-r--r--tests/subids/30_usermod_remove_range_partial_end/config/etc/gshadow42
-rw-r--r--tests/subids/30_usermod_remove_range_partial_end/config/etc/passwd20
-rw-r--r--tests/subids/30_usermod_remove_range_partial_end/config/etc/shadow20
-rw-r--r--tests/subids/30_usermod_remove_range_partial_end/config/etc/subgid1
-rw-r--r--tests/subids/30_usermod_remove_range_partial_end/config/etc/subuid2
-rw-r--r--tests/subids/30_usermod_remove_range_partial_end/data/subgid1
-rw-r--r--tests/subids/30_usermod_remove_range_partial_end/data/subuid2
-rwxr-xr-xtests/subids/30_usermod_remove_range_partial_end/usermod.test45
-rw-r--r--tests/subids/31_usermod_remove_outside_range/config.txt6
-rw-r--r--tests/subids/31_usermod_remove_outside_range/config/etc/default/useradd36
-rw-r--r--tests/subids/31_usermod_remove_outside_range/config/etc/group42
-rw-r--r--tests/subids/31_usermod_remove_outside_range/config/etc/gshadow42
-rw-r--r--tests/subids/31_usermod_remove_outside_range/config/etc/passwd20
-rw-r--r--tests/subids/31_usermod_remove_outside_range/config/etc/shadow20
-rw-r--r--tests/subids/31_usermod_remove_outside_range/config/etc/subgid2
-rw-r--r--tests/subids/31_usermod_remove_outside_range/config/etc/subuid2
-rw-r--r--tests/subids/31_usermod_remove_outside_range/data/subgid2
-rw-r--r--tests/subids/31_usermod_remove_outside_range/data/subuid2
-rwxr-xr-xtests/subids/31_usermod_remove_outside_range/usermod.test45
-rw-r--r--tests/subids/32_usermod_remove_overlapping_range_begin/config.txt6
-rw-r--r--tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/default/useradd36
-rw-r--r--tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/group42
-rw-r--r--tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/gshadow42
-rw-r--r--tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/passwd20
-rw-r--r--tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/shadow20
-rw-r--r--tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subgid1
-rw-r--r--tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subuid2
-rw-r--r--tests/subids/32_usermod_remove_overlapping_range_begin/data/subgid1
-rw-r--r--tests/subids/32_usermod_remove_overlapping_range_begin/data/subuid2
-rwxr-xr-xtests/subids/32_usermod_remove_overlapping_range_begin/usermod.test45
-rw-r--r--tests/subids/33_usermod_remove_overlapping_range_end/config.txt6
-rw-r--r--tests/subids/33_usermod_remove_overlapping_range_end/config/etc/default/useradd36
-rw-r--r--tests/subids/33_usermod_remove_overlapping_range_end/config/etc/group42
-rw-r--r--tests/subids/33_usermod_remove_overlapping_range_end/config/etc/gshadow42
-rw-r--r--tests/subids/33_usermod_remove_overlapping_range_end/config/etc/passwd20
-rw-r--r--tests/subids/33_usermod_remove_overlapping_range_end/config/etc/shadow20
-rw-r--r--tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subgid1
-rw-r--r--tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subuid2
-rw-r--r--tests/subids/33_usermod_remove_overlapping_range_end/data/subgid1
-rw-r--r--tests/subids/33_usermod_remove_overlapping_range_end/data/subuid2
-rwxr-xr-xtests/subids/33_usermod_remove_overlapping_range_end/usermod.test45
-rw-r--r--tests/subids/34_usermod_remove_overlapping_range_all/config.txt6
-rw-r--r--tests/subids/34_usermod_remove_overlapping_range_all/config/etc/default/useradd36
-rw-r--r--tests/subids/34_usermod_remove_overlapping_range_all/config/etc/group42
-rw-r--r--tests/subids/34_usermod_remove_overlapping_range_all/config/etc/gshadow42
-rw-r--r--tests/subids/34_usermod_remove_overlapping_range_all/config/etc/passwd20
-rw-r--r--tests/subids/34_usermod_remove_overlapping_range_all/config/etc/shadow20
-rw-r--r--tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subgid1
-rw-r--r--tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subuid2
-rw-r--r--tests/subids/34_usermod_remove_overlapping_range_all/data/subgid0
-rw-r--r--tests/subids/34_usermod_remove_overlapping_range_all/data/subuid1
-rwxr-xr-xtests/subids/34_usermod_remove_overlapping_range_all/usermod.test45
-rw-r--r--tests/subids/35_usermod_remove_only_user_ranges/config.txt6
-rw-r--r--tests/subids/35_usermod_remove_only_user_ranges/config/etc/default/useradd36
-rw-r--r--tests/subids/35_usermod_remove_only_user_ranges/config/etc/group42
-rw-r--r--tests/subids/35_usermod_remove_only_user_ranges/config/etc/gshadow42
-rw-r--r--tests/subids/35_usermod_remove_only_user_ranges/config/etc/passwd20
-rw-r--r--tests/subids/35_usermod_remove_only_user_ranges/config/etc/shadow20
-rw-r--r--tests/subids/35_usermod_remove_only_user_ranges/config/etc/subgid4
-rw-r--r--tests/subids/35_usermod_remove_only_user_ranges/config/etc/subuid4
-rw-r--r--tests/subids/35_usermod_remove_only_user_ranges/data/subgid2
-rw-r--r--tests/subids/35_usermod_remove_only_user_ranges/data/subuid2
-rwxr-xr-xtests/subids/35_usermod_remove_only_user_ranges/usermod.test45
-rw-r--r--tests/subids/36_usermod_remove_with_comment/config.txt6
-rw-r--r--tests/subids/36_usermod_remove_with_comment/config/etc/default/useradd36
-rw-r--r--tests/subids/36_usermod_remove_with_comment/config/etc/group42
-rw-r--r--tests/subids/36_usermod_remove_with_comment/config/etc/gshadow42
-rw-r--r--tests/subids/36_usermod_remove_with_comment/config/etc/passwd20
-rw-r--r--tests/subids/36_usermod_remove_with_comment/config/etc/shadow20
-rw-r--r--tests/subids/36_usermod_remove_with_comment/config/etc/subgid3
-rw-r--r--tests/subids/36_usermod_remove_with_comment/config/etc/subuid3
-rw-r--r--tests/subids/36_usermod_remove_with_comment/data/subgid1
-rw-r--r--tests/subids/36_usermod_remove_with_comment/data/subuid1
-rwxr-xr-xtests/subids/36_usermod_remove_with_comment/usermod.test45
-rw-r--r--tests/subids/37_usermod_-v_invalid_range/config.txt6
-rw-r--r--tests/subids/37_usermod_-v_invalid_range/config/etc/default/useradd36
-rw-r--r--tests/subids/37_usermod_-v_invalid_range/config/etc/group42
-rw-r--r--tests/subids/37_usermod_-v_invalid_range/config/etc/gshadow42
-rw-r--r--tests/subids/37_usermod_-v_invalid_range/config/etc/passwd20
-rw-r--r--tests/subids/37_usermod_-v_invalid_range/config/etc/shadow20
-rw-r--r--tests/subids/37_usermod_-v_invalid_range/config/etc/subgid1
-rw-r--r--tests/subids/37_usermod_-v_invalid_range/config/etc/subuid2
-rw-r--r--tests/subids/37_usermod_-v_invalid_range/data/usermod.err1
-rwxr-xr-xtests/subids/37_usermod_-v_invalid_range/usermod.test60
-rw-r--r--tests/subids/38_usermod_-V_invalid_range/config.txt6
-rw-r--r--tests/subids/38_usermod_-V_invalid_range/config/etc/default/useradd36
-rw-r--r--tests/subids/38_usermod_-V_invalid_range/config/etc/group42
-rw-r--r--tests/subids/38_usermod_-V_invalid_range/config/etc/gshadow42
-rw-r--r--tests/subids/38_usermod_-V_invalid_range/config/etc/passwd20
-rw-r--r--tests/subids/38_usermod_-V_invalid_range/config/etc/shadow20
-rw-r--r--tests/subids/38_usermod_-V_invalid_range/config/etc/subgid1
-rw-r--r--tests/subids/38_usermod_-V_invalid_range/config/etc/subuid2
-rw-r--r--tests/subids/38_usermod_-V_invalid_range/data/usermod.err1
-rwxr-xr-xtests/subids/38_usermod_-V_invalid_range/usermod.test60
-rw-r--r--tests/subids/39_usermod_-w_invalid_range/config.txt6
-rw-r--r--tests/subids/39_usermod_-w_invalid_range/config/etc/default/useradd36
-rw-r--r--tests/subids/39_usermod_-w_invalid_range/config/etc/group42
-rw-r--r--tests/subids/39_usermod_-w_invalid_range/config/etc/gshadow42
-rw-r--r--tests/subids/39_usermod_-w_invalid_range/config/etc/passwd20
-rw-r--r--tests/subids/39_usermod_-w_invalid_range/config/etc/shadow20
-rw-r--r--tests/subids/39_usermod_-w_invalid_range/config/etc/subgid1
-rw-r--r--tests/subids/39_usermod_-w_invalid_range/config/etc/subuid2
-rw-r--r--tests/subids/39_usermod_-w_invalid_range/data/usermod.err1
-rwxr-xr-xtests/subids/39_usermod_-w_invalid_range/usermod.test60
-rw-r--r--tests/subids/40_usermod_-W_invalid_range/config.txt6
-rw-r--r--tests/subids/40_usermod_-W_invalid_range/config/etc/default/useradd36
-rw-r--r--tests/subids/40_usermod_-W_invalid_range/config/etc/group42
-rw-r--r--tests/subids/40_usermod_-W_invalid_range/config/etc/gshadow42
-rw-r--r--tests/subids/40_usermod_-W_invalid_range/config/etc/passwd20
-rw-r--r--tests/subids/40_usermod_-W_invalid_range/config/etc/shadow20
-rw-r--r--tests/subids/40_usermod_-W_invalid_range/config/etc/subgid1
-rw-r--r--tests/subids/40_usermod_-W_invalid_range/config/etc/subuid2
-rw-r--r--tests/subids/40_usermod_-W_invalid_range/data/usermod.err1
-rwxr-xr-xtests/subids/40_usermod_-W_invalid_range/usermod.test60
-rw-r--r--tests/subids/41_usermod_locked_subuid/config.txt0
-rw-r--r--tests/subids/41_usermod_locked_subuid/config/etc/default/useradd36
-rw-r--r--tests/subids/41_usermod_locked_subuid/config/etc/group42
-rw-r--r--tests/subids/41_usermod_locked_subuid/config/etc/gshadow42
-rw-r--r--tests/subids/41_usermod_locked_subuid/config/etc/passwd20
-rw-r--r--tests/subids/41_usermod_locked_subuid/config/etc/shadow20
-rw-r--r--tests/subids/41_usermod_locked_subuid/config/etc/subgid0
-rw-r--r--tests/subids/41_usermod_locked_subuid/config/etc/subuid0
-rw-r--r--tests/subids/41_usermod_locked_subuid/data/usermod.err2
-rwxr-xr-xtests/subids/41_usermod_locked_subuid/usermod.test66
-rw-r--r--tests/subids/42_usermod_locked_subgid/config.txt0
-rw-r--r--tests/subids/42_usermod_locked_subgid/config/etc/default/useradd36
-rw-r--r--tests/subids/42_usermod_locked_subgid/config/etc/group42
-rw-r--r--tests/subids/42_usermod_locked_subgid/config/etc/gshadow42
-rw-r--r--tests/subids/42_usermod_locked_subgid/config/etc/passwd20
-rw-r--r--tests/subids/42_usermod_locked_subgid/config/etc/shadow20
-rw-r--r--tests/subids/42_usermod_locked_subgid/config/etc/subgid0
-rw-r--r--tests/subids/42_usermod_locked_subgid/config/etc/subuid0
-rw-r--r--tests/subids/42_usermod_locked_subgid/data/usermod.err2
-rwxr-xr-xtests/subids/42_usermod_locked_subgid/usermod.test66
-rw-r--r--tests/subids/43_usermod_-w_no_subgid/config.txt0
-rw-r--r--tests/subids/43_usermod_-w_no_subgid/config/etc/default/useradd36
-rw-r--r--tests/subids/43_usermod_-w_no_subgid/config/etc/group42
-rw-r--r--tests/subids/43_usermod_-w_no_subgid/config/etc/gshadow42
-rw-r--r--tests/subids/43_usermod_-w_no_subgid/config/etc/passwd20
-rw-r--r--tests/subids/43_usermod_-w_no_subgid/config/etc/shadow20
-rw-r--r--tests/subids/43_usermod_-w_no_subgid/config/etc/subgid0
-rw-r--r--tests/subids/43_usermod_-w_no_subgid/config/etc/subuid0
-rw-r--r--tests/subids/43_usermod_-w_no_subgid/data/usermod.err1
-rwxr-xr-xtests/subids/43_usermod_-w_no_subgid/usermod.test64
-rw-r--r--tests/subids/44_usermod_-W_no_subgid/config.txt0
-rw-r--r--tests/subids/44_usermod_-W_no_subgid/config/etc/default/useradd36
-rw-r--r--tests/subids/44_usermod_-W_no_subgid/config/etc/group42
-rw-r--r--tests/subids/44_usermod_-W_no_subgid/config/etc/gshadow42
-rw-r--r--tests/subids/44_usermod_-W_no_subgid/config/etc/passwd20
-rw-r--r--tests/subids/44_usermod_-W_no_subgid/config/etc/shadow20
-rw-r--r--tests/subids/44_usermod_-W_no_subgid/config/etc/subgid0
-rw-r--r--tests/subids/44_usermod_-W_no_subgid/config/etc/subuid0
-rw-r--r--tests/subids/44_usermod_-W_no_subgid/data/usermod.err1
-rwxr-xr-xtests/subids/44_usermod_-W_no_subgid/usermod.test64
-rw-r--r--tests/subids/45_usermod_-v_no_subgid/config.txt0
-rw-r--r--tests/subids/45_usermod_-v_no_subgid/config/etc/default/useradd36
-rw-r--r--tests/subids/45_usermod_-v_no_subgid/config/etc/group42
-rw-r--r--tests/subids/45_usermod_-v_no_subgid/config/etc/gshadow42
-rw-r--r--tests/subids/45_usermod_-v_no_subgid/config/etc/passwd20
-rw-r--r--tests/subids/45_usermod_-v_no_subgid/config/etc/shadow20
-rw-r--r--tests/subids/45_usermod_-v_no_subgid/config/etc/subgid0
-rw-r--r--tests/subids/45_usermod_-v_no_subgid/config/etc/subuid0
-rw-r--r--tests/subids/45_usermod_-v_no_subgid/data/usermod.err1
-rwxr-xr-xtests/subids/45_usermod_-v_no_subgid/usermod.test64
-rw-r--r--tests/subids/46_usermod_-V_no_subgid/config.txt0
-rw-r--r--tests/subids/46_usermod_-V_no_subgid/config/etc/default/useradd36
-rw-r--r--tests/subids/46_usermod_-V_no_subgid/config/etc/group42
-rw-r--r--tests/subids/46_usermod_-V_no_subgid/config/etc/gshadow42
-rw-r--r--tests/subids/46_usermod_-V_no_subgid/config/etc/passwd20
-rw-r--r--tests/subids/46_usermod_-V_no_subgid/config/etc/shadow20
-rw-r--r--tests/subids/46_usermod_-V_no_subgid/config/etc/subgid0
-rw-r--r--tests/subids/46_usermod_-V_no_subgid/config/etc/subuid0
-rw-r--r--tests/subids/46_usermod_-V_no_subgid/data/usermod.err1
-rwxr-xr-xtests/subids/46_usermod_-V_no_subgid/usermod.test64
-rw-r--r--tests/subids/47_usermod_-v_invalid_range2/config.txt6
-rw-r--r--tests/subids/47_usermod_-v_invalid_range2/config/etc/default/useradd36
-rw-r--r--tests/subids/47_usermod_-v_invalid_range2/config/etc/group42
-rw-r--r--tests/subids/47_usermod_-v_invalid_range2/config/etc/gshadow42
-rw-r--r--tests/subids/47_usermod_-v_invalid_range2/config/etc/passwd20
-rw-r--r--tests/subids/47_usermod_-v_invalid_range2/config/etc/shadow20
-rw-r--r--tests/subids/47_usermod_-v_invalid_range2/config/etc/subgid1
-rw-r--r--tests/subids/47_usermod_-v_invalid_range2/config/etc/subuid2
-rw-r--r--tests/subids/47_usermod_-v_invalid_range2/data/usermod.err1
-rwxr-xr-xtests/subids/47_usermod_-v_invalid_range2/usermod.test60
-rw-r--r--tests/subids/48_usermod_-v_invalid_range3/config.txt6
-rw-r--r--tests/subids/48_usermod_-v_invalid_range3/config/etc/default/useradd36
-rw-r--r--tests/subids/48_usermod_-v_invalid_range3/config/etc/group42
-rw-r--r--tests/subids/48_usermod_-v_invalid_range3/config/etc/gshadow42
-rw-r--r--tests/subids/48_usermod_-v_invalid_range3/config/etc/passwd20
-rw-r--r--tests/subids/48_usermod_-v_invalid_range3/config/etc/shadow20
-rw-r--r--tests/subids/48_usermod_-v_invalid_range3/config/etc/subgid1
-rw-r--r--tests/subids/48_usermod_-v_invalid_range3/config/etc/subuid2
-rw-r--r--tests/subids/48_usermod_-v_invalid_range3/data/usermod.err1
-rwxr-xr-xtests/subids/48_usermod_-v_invalid_range3/usermod.test60
-rw-r--r--tests/subids/49_usermod_-v_invalid_range4/config.txt6
-rw-r--r--tests/subids/49_usermod_-v_invalid_range4/config/etc/default/useradd36
-rw-r--r--tests/subids/49_usermod_-v_invalid_range4/config/etc/group42
-rw-r--r--tests/subids/49_usermod_-v_invalid_range4/config/etc/gshadow42
-rw-r--r--tests/subids/49_usermod_-v_invalid_range4/config/etc/passwd20
-rw-r--r--tests/subids/49_usermod_-v_invalid_range4/config/etc/shadow20
-rw-r--r--tests/subids/49_usermod_-v_invalid_range4/config/etc/subgid1
-rw-r--r--tests/subids/49_usermod_-v_invalid_range4/config/etc/subuid2
-rw-r--r--tests/subids/49_usermod_-v_invalid_range4/data/usermod.err1
-rwxr-xr-xtests/subids/49_usermod_-v_invalid_range4/usermod.test60
-rw-r--r--tests/subids/50_usermod_-v_invalid_range5/config.txt6
-rw-r--r--tests/subids/50_usermod_-v_invalid_range5/config/etc/default/useradd36
-rw-r--r--tests/subids/50_usermod_-v_invalid_range5/config/etc/group42
-rw-r--r--tests/subids/50_usermod_-v_invalid_range5/config/etc/gshadow42
-rw-r--r--tests/subids/50_usermod_-v_invalid_range5/config/etc/passwd20
-rw-r--r--tests/subids/50_usermod_-v_invalid_range5/config/etc/shadow20
-rw-r--r--tests/subids/50_usermod_-v_invalid_range5/config/etc/subgid1
-rw-r--r--tests/subids/50_usermod_-v_invalid_range5/config/etc/subuid2
-rw-r--r--tests/subids/50_usermod_-v_invalid_range5/data/usermod.err1
-rwxr-xr-xtests/subids/50_usermod_-v_invalid_range5/usermod.test60
-rw-r--r--tests/subids/51_usermod_-v_invalid_range6/config.txt6
-rw-r--r--tests/subids/51_usermod_-v_invalid_range6/config/etc/default/useradd36
-rw-r--r--tests/subids/51_usermod_-v_invalid_range6/config/etc/group42
-rw-r--r--tests/subids/51_usermod_-v_invalid_range6/config/etc/gshadow42
-rw-r--r--tests/subids/51_usermod_-v_invalid_range6/config/etc/passwd20
-rw-r--r--tests/subids/51_usermod_-v_invalid_range6/config/etc/shadow20
-rw-r--r--tests/subids/51_usermod_-v_invalid_range6/config/etc/subgid1
-rw-r--r--tests/subids/51_usermod_-v_invalid_range6/config/etc/subuid2
-rw-r--r--tests/subids/51_usermod_-v_invalid_range6/data/usermod.err1
-rwxr-xr-xtests/subids/51_usermod_-v_invalid_range6/usermod.test60
-rw-r--r--tests/subids/52_usermod_-v_invalid_range7/config.txt6
-rw-r--r--tests/subids/52_usermod_-v_invalid_range7/config/etc/default/useradd36
-rw-r--r--tests/subids/52_usermod_-v_invalid_range7/config/etc/group42
-rw-r--r--tests/subids/52_usermod_-v_invalid_range7/config/etc/gshadow42
-rw-r--r--tests/subids/52_usermod_-v_invalid_range7/config/etc/passwd20
-rw-r--r--tests/subids/52_usermod_-v_invalid_range7/config/etc/shadow20
-rw-r--r--tests/subids/52_usermod_-v_invalid_range7/config/etc/subgid1
-rw-r--r--tests/subids/52_usermod_-v_invalid_range7/config/etc/subuid2
-rw-r--r--tests/subids/52_usermod_-v_invalid_range7/data/usermod.err1
-rwxr-xr-xtests/subids/52_usermod_-v_invalid_range7/usermod.test60
-rw-r--r--tests/subids/53_userdel_one_subuid_range/config.txt6
-rw-r--r--tests/subids/53_userdel_one_subuid_range/config/etc/default/useradd36
-rw-r--r--tests/subids/53_userdel_one_subuid_range/config/etc/group42
-rw-r--r--tests/subids/53_userdel_one_subuid_range/config/etc/gshadow42
-rw-r--r--tests/subids/53_userdel_one_subuid_range/config/etc/passwd20
-rw-r--r--tests/subids/53_userdel_one_subuid_range/config/etc/shadow20
-rw-r--r--tests/subids/53_userdel_one_subuid_range/config/etc/subgid0
-rw-r--r--tests/subids/53_userdel_one_subuid_range/config/etc/subuid1
-rw-r--r--tests/subids/53_userdel_one_subuid_range/data/group41
-rw-r--r--tests/subids/53_userdel_one_subuid_range/data/gshadow41
-rw-r--r--tests/subids/53_userdel_one_subuid_range/data/passwd19
-rw-r--r--tests/subids/53_userdel_one_subuid_range/data/shadow19
-rw-r--r--tests/subids/53_userdel_one_subuid_range/data/subuid0
-rwxr-xr-xtests/subids/53_userdel_one_subuid_range/userdel.test45
-rw-r--r--tests/subids/54_userdel_one_subgid_range/config.txt6
-rw-r--r--tests/subids/54_userdel_one_subgid_range/config/etc/default/useradd36
-rw-r--r--tests/subids/54_userdel_one_subgid_range/config/etc/group42
-rw-r--r--tests/subids/54_userdel_one_subgid_range/config/etc/gshadow42
-rw-r--r--tests/subids/54_userdel_one_subgid_range/config/etc/passwd20
-rw-r--r--tests/subids/54_userdel_one_subgid_range/config/etc/shadow20
-rw-r--r--tests/subids/54_userdel_one_subgid_range/config/etc/subgid1
-rw-r--r--tests/subids/54_userdel_one_subgid_range/config/etc/subuid0
-rw-r--r--tests/subids/54_userdel_one_subgid_range/data/group41
-rw-r--r--tests/subids/54_userdel_one_subgid_range/data/gshadow41
-rw-r--r--tests/subids/54_userdel_one_subgid_range/data/passwd19
-rw-r--r--tests/subids/54_userdel_one_subgid_range/data/shadow19
-rw-r--r--tests/subids/54_userdel_one_subgid_range/data/subgid0
-rwxr-xr-xtests/subids/54_userdel_one_subgid_range/userdel.test45
-rw-r--r--tests/subids/55_userdel_no_subuid/config.txt6
-rw-r--r--tests/subids/55_userdel_no_subuid/config/etc/default/useradd36
-rw-r--r--tests/subids/55_userdel_no_subuid/config/etc/group42
-rw-r--r--tests/subids/55_userdel_no_subuid/config/etc/gshadow42
-rw-r--r--tests/subids/55_userdel_no_subuid/config/etc/passwd20
-rw-r--r--tests/subids/55_userdel_no_subuid/config/etc/shadow20
-rw-r--r--tests/subids/55_userdel_no_subuid/config/etc/subgid1
-rw-r--r--tests/subids/55_userdel_no_subuid/config/etc/subuid0
-rw-r--r--tests/subids/55_userdel_no_subuid/data/group41
-rw-r--r--tests/subids/55_userdel_no_subuid/data/gshadow41
-rw-r--r--tests/subids/55_userdel_no_subuid/data/passwd19
-rw-r--r--tests/subids/55_userdel_no_subuid/data/shadow19
-rw-r--r--tests/subids/55_userdel_no_subuid/data/subgid0
-rwxr-xr-xtests/subids/55_userdel_no_subuid/userdel.test49
-rw-r--r--tests/subids/56_userdel_no_subgid/config.txt6
-rw-r--r--tests/subids/56_userdel_no_subgid/config/etc/default/useradd36
-rw-r--r--tests/subids/56_userdel_no_subgid/config/etc/group42
-rw-r--r--tests/subids/56_userdel_no_subgid/config/etc/gshadow42
-rw-r--r--tests/subids/56_userdel_no_subgid/config/etc/passwd20
-rw-r--r--tests/subids/56_userdel_no_subgid/config/etc/shadow20
-rw-r--r--tests/subids/56_userdel_no_subgid/config/etc/subgid0
-rw-r--r--tests/subids/56_userdel_no_subgid/config/etc/subuid1
-rw-r--r--tests/subids/56_userdel_no_subgid/data/group41
-rw-r--r--tests/subids/56_userdel_no_subgid/data/gshadow41
-rw-r--r--tests/subids/56_userdel_no_subgid/data/passwd19
-rw-r--r--tests/subids/56_userdel_no_subgid/data/shadow19
-rw-r--r--tests/subids/56_userdel_no_subgid/data/subuid0
-rwxr-xr-xtests/subids/56_userdel_no_subgid/userdel.test49
-rw-r--r--tests/subids/57_userdel_multiple_ranges/config.txt6
-rw-r--r--tests/subids/57_userdel_multiple_ranges/config/etc/default/useradd36
-rw-r--r--tests/subids/57_userdel_multiple_ranges/config/etc/group42
-rw-r--r--tests/subids/57_userdel_multiple_ranges/config/etc/gshadow42
-rw-r--r--tests/subids/57_userdel_multiple_ranges/config/etc/passwd20
-rw-r--r--tests/subids/57_userdel_multiple_ranges/config/etc/shadow20
-rw-r--r--tests/subids/57_userdel_multiple_ranges/config/etc/subgid14
-rw-r--r--tests/subids/57_userdel_multiple_ranges/config/etc/subuid14
-rw-r--r--tests/subids/57_userdel_multiple_ranges/data/group41
-rw-r--r--tests/subids/57_userdel_multiple_ranges/data/gshadow41
-rw-r--r--tests/subids/57_userdel_multiple_ranges/data/passwd19
-rw-r--r--tests/subids/57_userdel_multiple_ranges/data/shadow19
-rw-r--r--tests/subids/57_userdel_multiple_ranges/data/subgid6
-rw-r--r--tests/subids/57_userdel_multiple_ranges/data/subuid6
-rwxr-xr-xtests/subids/57_userdel_multiple_ranges/userdel.test45
-rw-r--r--tests/subids/58_newusers_with_subids/config.txt0
-rw-r--r--tests/subids/58_newusers_with_subids/config/etc/group41
-rw-r--r--tests/subids/58_newusers_with_subids/config/etc/gshadow41
-rw-r--r--tests/subids/58_newusers_with_subids/config/etc/pam.d/common-password33
-rw-r--r--tests/subids/58_newusers_with_subids/config/etc/pam.d/newusers6
-rw-r--r--tests/subids/58_newusers_with_subids/config/etc/passwd19
-rw-r--r--tests/subids/58_newusers_with_subids/config/etc/shadow19
-rw-r--r--tests/subids/58_newusers_with_subids/config/etc/subgid0
-rw-r--r--tests/subids/58_newusers_with_subids/config/etc/subuid0
-rw-r--r--tests/subids/58_newusers_with_subids/data/group42
-rw-r--r--tests/subids/58_newusers_with_subids/data/gshadow42
-rw-r--r--tests/subids/58_newusers_with_subids/data/newusers.list1
-rw-r--r--tests/subids/58_newusers_with_subids/data/passwd20
-rw-r--r--tests/subids/58_newusers_with_subids/data/shadow20
-rw-r--r--tests/subids/58_newusers_with_subids/data/subgid1
-rw-r--r--tests/subids/58_newusers_with_subids/data/subuid1
-rwxr-xr-xtests/subids/58_newusers_with_subids/newusers.test43
-rw-r--r--tests/subids/59_newusers_no_subuid/config.txt0
-rw-r--r--tests/subids/59_newusers_no_subuid/config/etc/group41
-rw-r--r--tests/subids/59_newusers_no_subuid/config/etc/gshadow41
-rw-r--r--tests/subids/59_newusers_no_subuid/config/etc/pam.d/common-password33
-rw-r--r--tests/subids/59_newusers_no_subuid/config/etc/pam.d/newusers6
-rw-r--r--tests/subids/59_newusers_no_subuid/config/etc/passwd19
-rw-r--r--tests/subids/59_newusers_no_subuid/config/etc/shadow19
-rw-r--r--tests/subids/59_newusers_no_subuid/config/etc/subgid0
-rw-r--r--tests/subids/59_newusers_no_subuid/config/etc/subuid0
-rw-r--r--tests/subids/59_newusers_no_subuid/data/group42
-rw-r--r--tests/subids/59_newusers_no_subuid/data/gshadow42
-rw-r--r--tests/subids/59_newusers_no_subuid/data/newusers.list1
-rw-r--r--tests/subids/59_newusers_no_subuid/data/passwd20
-rw-r--r--tests/subids/59_newusers_no_subuid/data/shadow20
-rw-r--r--tests/subids/59_newusers_no_subuid/data/subgid1
-rwxr-xr-xtests/subids/59_newusers_no_subuid/newusers.test47
-rw-r--r--tests/subids/60_newusers_no_subgid/config.txt0
-rw-r--r--tests/subids/60_newusers_no_subgid/config/etc/group41
-rw-r--r--tests/subids/60_newusers_no_subgid/config/etc/gshadow41
-rw-r--r--tests/subids/60_newusers_no_subgid/config/etc/pam.d/common-password33
-rw-r--r--tests/subids/60_newusers_no_subgid/config/etc/pam.d/newusers6
-rw-r--r--tests/subids/60_newusers_no_subgid/config/etc/passwd19
-rw-r--r--tests/subids/60_newusers_no_subgid/config/etc/shadow19
-rw-r--r--tests/subids/60_newusers_no_subgid/config/etc/subgid0
-rw-r--r--tests/subids/60_newusers_no_subgid/config/etc/subuid0
-rw-r--r--tests/subids/60_newusers_no_subgid/data/group42
-rw-r--r--tests/subids/60_newusers_no_subgid/data/gshadow42
-rw-r--r--tests/subids/60_newusers_no_subgid/data/newusers.list1
-rw-r--r--tests/subids/60_newusers_no_subgid/data/passwd20
-rw-r--r--tests/subids/60_newusers_no_subgid/data/shadow20
-rw-r--r--tests/subids/60_newusers_no_subgid/data/subuid1
-rwxr-xr-xtests/subids/60_newusers_no_subgid/newusers.test47
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/config.txt0
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/config/etc/group42
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/config/etc/gshadow42
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/common-password33
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/newusers6
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/config/etc/passwd20
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/config/etc/shadow20
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/config/etc/subgid1
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/config/etc/subuid0
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/data/group42
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/data/gshadow42
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/data/newusers.list1
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/data/passwd20
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/data/shadow20
-rw-r--r--tests/subids/61_newusers_user_already_has_subgids/data/subuid1
-rwxr-xr-xtests/subids/61_newusers_user_already_has_subgids/newusers.test43
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/config.txt0
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/config/etc/group42
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/config/etc/gshadow42
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/common-password33
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/newusers6
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/config/etc/passwd20
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/config/etc/shadow20
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/config/etc/subgid0
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/config/etc/subuid2
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/data/group42
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/data/gshadow42
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/data/newusers.list1
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/data/passwd20
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/data/shadow20
-rw-r--r--tests/subids/62_newusers_user_already_has_subuids/data/subgid1
-rwxr-xr-xtests/subids/62_newusers_user_already_has_subuids/newusers.test43
-rw-r--r--tests/subids/63_useradd_fill_gap4/config.txt0
-rw-r--r--tests/subids/63_useradd_fill_gap4/config/etc/default/useradd36
-rw-r--r--tests/subids/63_useradd_fill_gap4/config/etc/group41
-rw-r--r--tests/subids/63_useradd_fill_gap4/config/etc/gshadow41
-rw-r--r--tests/subids/63_useradd_fill_gap4/config/etc/passwd19
-rw-r--r--tests/subids/63_useradd_fill_gap4/config/etc/shadow19
-rw-r--r--tests/subids/63_useradd_fill_gap4/config/etc/subgid1
-rw-r--r--tests/subids/63_useradd_fill_gap4/config/etc/subuid3
-rw-r--r--tests/subids/63_useradd_fill_gap4/data/group42
-rw-r--r--tests/subids/63_useradd_fill_gap4/data/gshadow42
-rw-r--r--tests/subids/63_useradd_fill_gap4/data/passwd20
-rw-r--r--tests/subids/63_useradd_fill_gap4/data/shadow20
-rw-r--r--tests/subids/63_useradd_fill_gap4/data/subgid2
-rw-r--r--tests/subids/63_useradd_fill_gap4/data/subuid4
-rwxr-xr-xtests/subids/63_useradd_fill_gap4/useradd.test45
-rw-r--r--tests/subids/64_useradd_fill_gap5/config.txt0
-rw-r--r--tests/subids/64_useradd_fill_gap5/config/etc/default/useradd36
-rw-r--r--tests/subids/64_useradd_fill_gap5/config/etc/group41
-rw-r--r--tests/subids/64_useradd_fill_gap5/config/etc/gshadow41
-rw-r--r--tests/subids/64_useradd_fill_gap5/config/etc/passwd19
-rw-r--r--tests/subids/64_useradd_fill_gap5/config/etc/shadow19
-rw-r--r--tests/subids/64_useradd_fill_gap5/config/etc/subgid1
-rw-r--r--tests/subids/64_useradd_fill_gap5/config/etc/subuid3
-rw-r--r--tests/subids/64_useradd_fill_gap5/data/group42
-rw-r--r--tests/subids/64_useradd_fill_gap5/data/gshadow42
-rw-r--r--tests/subids/64_useradd_fill_gap5/data/passwd20
-rw-r--r--tests/subids/64_useradd_fill_gap5/data/shadow20
-rw-r--r--tests/subids/64_useradd_fill_gap5/data/subgid2
-rw-r--r--tests/subids/64_useradd_fill_gap5/data/subuid4
-rwxr-xr-xtests/subids/64_useradd_fill_gap5/useradd.test45
-rw-r--r--tests/subids/65_useradd_fill_gap6/config.txt0
-rw-r--r--tests/subids/65_useradd_fill_gap6/config/etc/default/useradd36
-rw-r--r--tests/subids/65_useradd_fill_gap6/config/etc/group41
-rw-r--r--tests/subids/65_useradd_fill_gap6/config/etc/gshadow41
-rw-r--r--tests/subids/65_useradd_fill_gap6/config/etc/passwd19
-rw-r--r--tests/subids/65_useradd_fill_gap6/config/etc/shadow19
-rw-r--r--tests/subids/65_useradd_fill_gap6/config/etc/subgid1
-rw-r--r--tests/subids/65_useradd_fill_gap6/config/etc/subuid1
-rw-r--r--tests/subids/65_useradd_fill_gap6/data/group42
-rw-r--r--tests/subids/65_useradd_fill_gap6/data/gshadow42
-rw-r--r--tests/subids/65_useradd_fill_gap6/data/passwd20
-rw-r--r--tests/subids/65_useradd_fill_gap6/data/shadow20
-rw-r--r--tests/subids/65_useradd_fill_gap6/data/subgid2
-rw-r--r--tests/subids/65_useradd_fill_gap6/data/subuid2
-rwxr-xr-xtests/subids/65_useradd_fill_gap6/useradd.test45
-rw-r--r--tests/subids/66_subordinate_range_cmp/config.txt0
-rw-r--r--tests/subids/66_subordinate_range_cmp/config/etc/default/useradd36
-rw-r--r--tests/subids/66_subordinate_range_cmp/config/etc/group41
-rw-r--r--tests/subids/66_subordinate_range_cmp/config/etc/gshadow41
-rw-r--r--tests/subids/66_subordinate_range_cmp/config/etc/passwd19
-rw-r--r--tests/subids/66_subordinate_range_cmp/config/etc/shadow19
-rw-r--r--tests/subids/66_subordinate_range_cmp/config/etc/subgid1
-rw-r--r--tests/subids/66_subordinate_range_cmp/config/etc/subuid15
-rw-r--r--tests/subids/66_subordinate_range_cmp/data/group42
-rw-r--r--tests/subids/66_subordinate_range_cmp/data/gshadow42
-rw-r--r--tests/subids/66_subordinate_range_cmp/data/passwd20
-rw-r--r--tests/subids/66_subordinate_range_cmp/data/shadow20
-rw-r--r--tests/subids/66_subordinate_range_cmp/data/subgid2
-rw-r--r--tests/subids/66_subordinate_range_cmp/data/subuid16
-rwxr-xr-xtests/subids/66_subordinate_range_cmp/useradd.test45
-rw-r--r--tests/subids/67_invalid_subuid_file1/config.txt0
-rw-r--r--tests/subids/67_invalid_subuid_file1/config/etc/default/useradd36
-rw-r--r--tests/subids/67_invalid_subuid_file1/config/etc/group41
-rw-r--r--tests/subids/67_invalid_subuid_file1/config/etc/gshadow41
-rw-r--r--tests/subids/67_invalid_subuid_file1/config/etc/passwd19
-rw-r--r--tests/subids/67_invalid_subuid_file1/config/etc/shadow19
-rw-r--r--tests/subids/67_invalid_subuid_file1/config/etc/subgid1
-rw-r--r--tests/subids/67_invalid_subuid_file1/config/etc/subuid2
-rw-r--r--tests/subids/67_invalid_subuid_file1/data/group42
-rw-r--r--tests/subids/67_invalid_subuid_file1/data/gshadow42
-rw-r--r--tests/subids/67_invalid_subuid_file1/data/passwd20
-rw-r--r--tests/subids/67_invalid_subuid_file1/data/shadow20
-rw-r--r--tests/subids/67_invalid_subuid_file1/data/subgid2
-rw-r--r--tests/subids/67_invalid_subuid_file1/data/subuid3
-rwxr-xr-xtests/subids/67_invalid_subuid_file1/useradd.test45
-rw-r--r--tests/subids/68_invalid_subuid_file2/config.txt0
-rw-r--r--tests/subids/68_invalid_subuid_file2/config/etc/default/useradd36
-rw-r--r--tests/subids/68_invalid_subuid_file2/config/etc/group41
-rw-r--r--tests/subids/68_invalid_subuid_file2/config/etc/gshadow41
-rw-r--r--tests/subids/68_invalid_subuid_file2/config/etc/passwd19
-rw-r--r--tests/subids/68_invalid_subuid_file2/config/etc/shadow19
-rw-r--r--tests/subids/68_invalid_subuid_file2/config/etc/subgid1
-rw-r--r--tests/subids/68_invalid_subuid_file2/config/etc/subuid2
-rw-r--r--tests/subids/68_invalid_subuid_file2/data/group42
-rw-r--r--tests/subids/68_invalid_subuid_file2/data/gshadow42
-rw-r--r--tests/subids/68_invalid_subuid_file2/data/passwd20
-rw-r--r--tests/subids/68_invalid_subuid_file2/data/shadow20
-rw-r--r--tests/subids/68_invalid_subuid_file2/data/subgid2
-rw-r--r--tests/subids/68_invalid_subuid_file2/data/subuid3
-rwxr-xr-xtests/subids/68_invalid_subuid_file2/useradd.test45
-rw-r--r--tests/subids/69_invalid_subuid_file3/config.txt0
-rw-r--r--tests/subids/69_invalid_subuid_file3/config/etc/default/useradd36
-rw-r--r--tests/subids/69_invalid_subuid_file3/config/etc/group41
-rw-r--r--tests/subids/69_invalid_subuid_file3/config/etc/gshadow41
-rw-r--r--tests/subids/69_invalid_subuid_file3/config/etc/passwd19
-rw-r--r--tests/subids/69_invalid_subuid_file3/config/etc/shadow19
-rw-r--r--tests/subids/69_invalid_subuid_file3/config/etc/subgid1
-rw-r--r--tests/subids/69_invalid_subuid_file3/config/etc/subuid2
-rw-r--r--tests/subids/69_invalid_subuid_file3/data/group42
-rw-r--r--tests/subids/69_invalid_subuid_file3/data/gshadow42
-rw-r--r--tests/subids/69_invalid_subuid_file3/data/passwd20
-rw-r--r--tests/subids/69_invalid_subuid_file3/data/shadow20
-rw-r--r--tests/subids/69_invalid_subuid_file3/data/subgid2
-rw-r--r--tests/subids/69_invalid_subuid_file3/data/subuid3
-rwxr-xr-xtests/subids/69_invalid_subuid_file3/useradd.test45
-rw-r--r--tests/subids/70_invalid_subuid_file4/config.txt0
-rw-r--r--tests/subids/70_invalid_subuid_file4/config/etc/default/useradd36
-rw-r--r--tests/subids/70_invalid_subuid_file4/config/etc/group41
-rw-r--r--tests/subids/70_invalid_subuid_file4/config/etc/gshadow41
-rw-r--r--tests/subids/70_invalid_subuid_file4/config/etc/passwd19
-rw-r--r--tests/subids/70_invalid_subuid_file4/config/etc/shadow19
-rw-r--r--tests/subids/70_invalid_subuid_file4/config/etc/subgid1
-rw-r--r--tests/subids/70_invalid_subuid_file4/config/etc/subuid5
-rw-r--r--tests/subids/70_invalid_subuid_file4/data/group42
-rw-r--r--tests/subids/70_invalid_subuid_file4/data/gshadow42
-rw-r--r--tests/subids/70_invalid_subuid_file4/data/passwd20
-rw-r--r--tests/subids/70_invalid_subuid_file4/data/shadow20
-rw-r--r--tests/subids/70_invalid_subuid_file4/data/subgid2
-rw-r--r--tests/subids/70_invalid_subuid_file4/data/subuid6
-rwxr-xr-xtests/subids/70_invalid_subuid_file4/useradd.test45
-rwxr-xr-xtests/usertools/01/01_useradd_add_user.test42
-rw-r--r--tests/usertools/01/01_useradd_add_user/group42
-rw-r--r--tests/usertools/01/01_useradd_add_user/gshadow42
-rw-r--r--tests/usertools/01/01_useradd_add_user/passwd20
-rw-r--r--tests/usertools/01/01_useradd_add_user/shadow20
-rwxr-xr-xtests/usertools/01/01_userdel_delete_user.test45
-rwxr-xr-xtests/usertools/01/02_useradd_recreate_deleted_user.test48
-rw-r--r--tests/usertools/01/02_useradd_recreate_deleted_user/group42
-rw-r--r--tests/usertools/01/02_useradd_recreate_deleted_user/gshadow42
-rw-r--r--tests/usertools/01/02_useradd_recreate_deleted_user/passwd20
-rw-r--r--tests/usertools/01/02_useradd_recreate_deleted_user/shadow20
-rwxr-xr-xtests/usertools/01/03_useradd_additional_options.test50
-rw-r--r--tests/usertools/01/03_useradd_additional_options/group42
-rw-r--r--tests/usertools/01/03_useradd_additional_options/gshadow42
-rw-r--r--tests/usertools/01/03_useradd_additional_options/passwd20
-rw-r--r--tests/usertools/01/03_useradd_additional_options/shadow20
-rwxr-xr-xtests/usertools/01/04_useradd_add_user_with_existing_UID_fail.test60
-rw-r--r--tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/group42
-rw-r--r--tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/gshadow42
-rw-r--r--tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/passwd20
-rw-r--r--tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/shadow20
-rw-r--r--tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/useradd.err1
-rwxr-xr-xtests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test48
-rw-r--r--tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/group43
-rw-r--r--tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/gshadow43
-rw-r--r--tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/passwd21
-rw-r--r--tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/shadow21
-rwxr-xr-xtests/usertools/01/04_useradd_specified_UID.test42
-rw-r--r--tests/usertools/01/04_useradd_specified_UID/group42
-rw-r--r--tests/usertools/01/04_useradd_specified_UID/gshadow42
-rw-r--r--tests/usertools/01/04_useradd_specified_UID/passwd20
-rw-r--r--tests/usertools/01/04_useradd_specified_UID/shadow20
-rwxr-xr-xtests/usertools/01/04_useradd_specified_UID_and_GID.test48
-rw-r--r--tests/usertools/01/04_useradd_specified_UID_and_GID/group42
-rw-r--r--tests/usertools/01/04_useradd_specified_UID_and_GID/gshadow42
-rw-r--r--tests/usertools/01/04_useradd_specified_UID_and_GID/passwd21
-rw-r--r--tests/usertools/01/04_useradd_specified_UID_and_GID/shadow21
-rwxr-xr-xtests/usertools/01/04_userdel_delete_user_with_non_unique_UID.test51
-rw-r--r--tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/group42
-rw-r--r--tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/gshadow42
-rw-r--r--tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/passwd20
-rw-r--r--tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/shadow20
-rwxr-xr-xtests/usertools/01/05_useradd_invalid_numeric_primary_group.test58
-rw-r--r--tests/usertools/01/05_useradd_invalid_numeric_primary_group/useradd.err1
-rwxr-xr-xtests/usertools/01/06_useradd_invalid_named_primary_group.test58
-rw-r--r--tests/usertools/01/06_useradd_invalid_named_primary_group/useradd.err1
-rwxr-xr-xtests/usertools/01/07_useradd_numerical_primary_group.test42
-rw-r--r--tests/usertools/01/07_useradd_numerical_primary_group/group41
-rw-r--r--tests/usertools/01/07_useradd_numerical_primary_group/gshadow41
-rw-r--r--tests/usertools/01/07_useradd_numerical_primary_group/passwd20
-rw-r--r--tests/usertools/01/07_useradd_numerical_primary_group/shadow20
-rwxr-xr-xtests/usertools/01/08_useradd_named_primary_group.test42
-rw-r--r--tests/usertools/01/08_useradd_named_primary_group/group41
-rw-r--r--tests/usertools/01/08_useradd_named_primary_group/gshadow41
-rw-r--r--tests/usertools/01/08_useradd_named_primary_group/passwd20
-rw-r--r--tests/usertools/01/08_useradd_named_primary_group/shadow20
-rwxr-xr-xtests/usertools/01/09_usermod_change_user_info.test45
-rw-r--r--tests/usertools/01/09_usermod_change_user_info/group42
-rw-r--r--tests/usertools/01/09_usermod_change_user_info/gshadow42
-rw-r--r--tests/usertools/01/09_usermod_change_user_info/passwd20
-rw-r--r--tests/usertools/01/09_usermod_change_user_info/shadow20
-rwxr-xr-xtests/usertools/01/10_usermod_rename_user.test48
-rw-r--r--tests/usertools/01/10_usermod_rename_user/group42
-rw-r--r--tests/usertools/01/10_usermod_rename_user/gshadow42
-rw-r--r--tests/usertools/01/10_usermod_rename_user/passwd20
-rw-r--r--tests/usertools/01/10_usermod_rename_user/shadow20
-rwxr-xr-xtests/usertools/01/10_usermod_rename_user_in_group.test48
-rw-r--r--tests/usertools/01/10_usermod_rename_user_in_group/group42
-rw-r--r--tests/usertools/01/10_usermod_rename_user_in_group/gshadow42
-rw-r--r--tests/usertools/01/10_usermod_rename_user_in_group/passwd20
-rw-r--r--tests/usertools/01/10_usermod_rename_user_in_group/shadow20
-rwxr-xr-xtests/usertools/01/11_usermod_change_password.test46
-rw-r--r--tests/usertools/01/11_usermod_change_password/group42
-rw-r--r--tests/usertools/01/11_usermod_change_password/gshadow42
-rw-r--r--tests/usertools/01/11_usermod_change_password/passwd20
-rw-r--r--tests/usertools/01/11_usermod_change_password/shadow20
-rwxr-xr-xtests/usertools/01/11_usermod_lock_password.test49
-rw-r--r--tests/usertools/01/11_usermod_lock_password/group42
-rw-r--r--tests/usertools/01/11_usermod_lock_password/gshadow42
-rw-r--r--tests/usertools/01/11_usermod_lock_password/passwd20
-rw-r--r--tests/usertools/01/11_usermod_lock_password/shadow20
-rwxr-xr-xtests/usertools/01/11_usermod_unlock_empty_password.test54
-rw-r--r--tests/usertools/01/11_usermod_unlock_empty_password/group42
-rw-r--r--tests/usertools/01/11_usermod_unlock_empty_password/gshadow42
-rw-r--r--tests/usertools/01/11_usermod_unlock_empty_password/passwd20
-rw-r--r--tests/usertools/01/11_usermod_unlock_empty_password/shadow20
-rw-r--r--tests/usertools/01/11_usermod_unlock_empty_password/usermod.err2
-rwxr-xr-xtests/usertools/01/11_usermod_unlock_password.test52
-rw-r--r--tests/usertools/01/11_usermod_unlock_password/group42
-rw-r--r--tests/usertools/01/11_usermod_unlock_password/gshadow42
-rw-r--r--tests/usertools/01/11_usermod_unlock_password/passwd20
-rw-r--r--tests/usertools/01/11_usermod_unlock_password/shadow20
-rwxr-xr-xtests/usertools/01/12_usermod_change_gid_name.test45
-rw-r--r--tests/usertools/01/12_usermod_change_gid_name/group42
-rw-r--r--tests/usertools/01/12_usermod_change_gid_name/gshadow42
-rw-r--r--tests/usertools/01/12_usermod_change_gid_name/passwd20
-rw-r--r--tests/usertools/01/12_usermod_change_gid_name/shadow20
-rwxr-xr-xtests/usertools/01/12_usermod_change_gid_number.test45
-rw-r--r--tests/usertools/01/12_usermod_change_gid_number/group42
-rw-r--r--tests/usertools/01/12_usermod_change_gid_number/gshadow42
-rw-r--r--tests/usertools/01/12_usermod_change_gid_number/passwd20
-rw-r--r--tests/usertools/01/12_usermod_change_gid_number/shadow20
-rwxr-xr-xtests/usertools/01/13_useradd_negative_UID.test52
-rw-r--r--tests/usertools/01/13_useradd_negative_UID/group41
-rw-r--r--tests/usertools/01/13_useradd_negative_UID/gshadow41
-rw-r--r--tests/usertools/01/13_useradd_negative_UID/passwd19
-rw-r--r--tests/usertools/01/13_useradd_negative_UID/shadow19
-rwxr-xr-xtests/usertools/01/14_useradd_out_of_range_UID.test52
-rw-r--r--tests/usertools/01/14_useradd_out_of_range_UID/group41
-rw-r--r--tests/usertools/01/14_useradd_out_of_range_UID/gshadow41
-rw-r--r--tests/usertools/01/14_useradd_out_of_range_UID/passwd19
-rw-r--r--tests/usertools/01/14_useradd_out_of_range_UID/shadow19
-rwxr-xr-xtests/usertools/01/15_useradd_specified_large_UID.test42
-rw-r--r--tests/usertools/01/15_useradd_specified_large_UID/group42
-rw-r--r--tests/usertools/01/15_useradd_specified_large_UID/gshadow42
-rw-r--r--tests/usertools/01/15_useradd_specified_large_UID/passwd20
-rw-r--r--tests/usertools/01/15_useradd_specified_large_UID/shadow20
-rwxr-xr-xtests/usertools/01/16_useradd_add_user_to_multiple_groups.test42
-rw-r--r--tests/usertools/01/16_useradd_add_user_to_multiple_groups/group41
-rw-r--r--tests/usertools/01/16_useradd_add_user_to_multiple_groups/gshadow41
-rw-r--r--tests/usertools/01/16_useradd_add_user_to_multiple_groups/passwd20
-rw-r--r--tests/usertools/01/16_useradd_add_user_to_multiple_groups/shadow20
-rwxr-xr-xtests/usertools/01/16_useradd_add_user_to_one_group.test42
-rw-r--r--tests/usertools/01/16_useradd_add_user_to_one_group/group42
-rw-r--r--tests/usertools/01/16_useradd_add_user_to_one_group/gshadow42
-rw-r--r--tests/usertools/01/16_useradd_add_user_to_one_group/passwd20
-rw-r--r--tests/usertools/01/16_useradd_add_user_to_one_group/shadow20
-rwxr-xr-xtests/usertools/01/17_useradd_create_homedir.test46
-rw-r--r--tests/usertools/01/17_useradd_create_homedir/group42
-rw-r--r--tests/usertools/01/17_useradd_create_homedir/gshadow42
-rw-r--r--tests/usertools/01/17_useradd_create_homedir/passwd20
-rw-r--r--tests/usertools/01/17_useradd_create_homedir/shadow20
-rwxr-xr-xtests/usertools/01/18_userdel_remove_homedir.test54
-rw-r--r--tests/usertools/01/18_userdel_remove_homedir/group42
-rw-r--r--tests/usertools/01/18_userdel_remove_homedir/gshadow42
-rw-r--r--tests/usertools/01/18_userdel_remove_homedir/passwd20
-rw-r--r--tests/usertools/01/18_userdel_remove_homedir/shadow20
-rw-r--r--tests/usertools/01/18_userdel_remove_homedir/userdel.err1
-rwxr-xr-xtests/usertools/01/19_userdel_delete_user_in_group.test45
-rwxr-xr-xtests/usertools/01/20_usermod_change_homedir.test58
-rwxr-xr-xtests/usertools/01/21_usermod_change_and_move_homedir.test67
-rwxr-xr-xtests/usertools/01/22_usermod_new_groups.test45
-rw-r--r--tests/usertools/01/22_usermod_new_groups/group42
-rw-r--r--tests/usertools/01/22_usermod_new_groups/gshadow42
-rw-r--r--tests/usertools/01/22_usermod_new_groups/passwd20
-rw-r--r--tests/usertools/01/22_usermod_new_groups/shadow20
-rwxr-xr-xtests/usertools/01/23_usermod_add_groups.test45
-rw-r--r--tests/usertools/01/23_usermod_add_groups/group42
-rw-r--r--tests/usertools/01/23_usermod_add_groups/gshadow42
-rw-r--r--tests/usertools/01/23_usermod_add_groups/passwd20
-rw-r--r--tests/usertools/01/23_usermod_add_groups/shadow20
-rwxr-xr-xtests/usertools/01/24_usermod_new_groups_remove_old_groups.test45
-rw-r--r--tests/usertools/01/24_usermod_new_groups_remove_old_groups/group42
-rw-r--r--tests/usertools/01/24_usermod_new_groups_remove_old_groups/gshadow42
-rw-r--r--tests/usertools/01/24_usermod_new_groups_remove_old_groups/passwd20
-rw-r--r--tests/usertools/01/24_usermod_new_groups_remove_old_groups/shadow20
-rwxr-xr-xtests/usertools/01/25_useradd_specified_large_UID2.test42
-rw-r--r--tests/usertools/01/25_useradd_specified_large_UID2/group42
-rw-r--r--tests/usertools/01/25_useradd_specified_large_UID2/gshadow42
-rw-r--r--tests/usertools/01/25_useradd_specified_large_UID2/passwd20
-rw-r--r--tests/usertools/01/25_useradd_specified_large_UID2/shadow20
-rwxr-xr-xtests/usertools/01/26_useradd_UID_-1.test52
-rw-r--r--tests/usertools/01/26_useradd_UID_-1/group41
-rw-r--r--tests/usertools/01/26_useradd_UID_-1/gshadow41
-rw-r--r--tests/usertools/01/26_useradd_UID_-1/passwd19
-rw-r--r--tests/usertools/01/26_useradd_UID_-1/shadow19
-rw-r--r--tests/usertools/01/config/etc/default/useradd36
-rw-r--r--tests/usertools/01/config/etc/group41
-rw-r--r--tests/usertools/01/config/etc/gshadow41
-rw-r--r--tests/usertools/01/config/etc/passwd19
-rw-r--r--tests/usertools/01/config/etc/shadow19
-rw-r--r--tests/usertools/02/config.txt3
-rw-r--r--tests/usertools/02/config/etc/default/useradd37
-rw-r--r--tests/usertools/02/config/etc/group42
-rw-r--r--tests/usertools/02/config/etc/gshadow42
-rw-r--r--tests/usertools/02/config/etc/passwd21
-rw-r--r--tests/usertools/02/config/etc/shadow20
-rw-r--r--tests/usertools/02/data/useradd-D.out7
-rw-r--r--tests/usertools/02/data/useradd-D_default_values.out7
-rwxr-xr-xtests/usertools/02/useradd_change_default_EXPIRE.test30
-rw-r--r--tests/usertools/02/useradd_change_default_EXPIRE/useradd.default43
-rwxr-xr-xtests/usertools/02/useradd_change_default_GROUP.test30
-rw-r--r--tests/usertools/02/useradd_change_default_GROUP/useradd.default43
-rwxr-xr-xtests/usertools/02/useradd_change_default_HOME.test30
-rw-r--r--tests/usertools/02/useradd_change_default_HOME/useradd.default43
-rwxr-xr-xtests/usertools/02/useradd_change_default_INACTIVE.test30
-rw-r--r--tests/usertools/02/useradd_change_default_INACTIVE/useradd.default43
-rwxr-xr-xtests/usertools/02/useradd_change_default_SHELL.test30
-rw-r--r--tests/usertools/02/useradd_change_default_SHELL/useradd.default43
-rwxr-xr-xtests/usertools/02/useradd_change_defaults.test30
-rw-r--r--tests/usertools/02/useradd_change_defaults/useradd.default43
-rwxr-xr-xtests/usertools/02/useradd_default_default_values.test36
-rwxr-xr-xtests/usertools/02/useradd_get_default_values.test32
-rw-r--r--tests/usertools/03/config.txt3
-rw-r--r--tests/usertools/03/config/etc/default/useradd36
-rw-r--r--tests/usertools/03/config/etc/group42
-rw-r--r--tests/usertools/03/config/etc/gshadow42
-rw-r--r--tests/usertools/03/config/etc/passwd21
-rw-r--r--tests/usertools/03/config/etc/shadow20
-rwxr-xr-xtests/usertools/03/useradd_change_defaults.test30
-rw-r--r--tests/usertools/03/useradd_change_defaults/useradd.default37
-rwxr-xr-xtests/usertools/04/01_useradd_add_user.test45
-rw-r--r--tests/usertools/04/01_useradd_add_user/group42
-rw-r--r--tests/usertools/04/01_useradd_add_user/gshadow42
-rw-r--r--tests/usertools/04/01_useradd_add_user/passwd20
-rw-r--r--tests/usertools/04/01_useradd_add_user/shadow20
-rw-r--r--tests/usertools/04/config.txt3
-rw-r--r--tests/usertools/04/config/etc/default/useradd36
-rw-r--r--tests/usertools/04/config/etc/group41
-rw-r--r--tests/usertools/04/config/etc/gshadow41
-rw-r--r--tests/usertools/04/config/etc/passwd19
-rw-r--r--tests/usertools/04/config/etc/shadow19
-rw-r--r--tests/usertools/05_userdel_del_from_group_members/config.txt1
-rw-r--r--tests/usertools/05_userdel_del_from_group_members/config/etc/default/useradd36
-rw-r--r--tests/usertools/05_userdel_del_from_group_members/config/etc/group42
-rw-r--r--tests/usertools/05_userdel_del_from_group_members/config/etc/gshadow42
-rw-r--r--tests/usertools/05_userdel_del_from_group_members/config/etc/passwd20
-rw-r--r--tests/usertools/05_userdel_del_from_group_members/config/etc/shadow20
-rw-r--r--tests/usertools/05_userdel_del_from_group_members/data/group41
-rw-r--r--tests/usertools/05_userdel_del_from_group_members/data/gshadow41
-rw-r--r--tests/usertools/05_userdel_del_from_group_members/data/passwd19
-rw-r--r--tests/usertools/05_userdel_del_from_group_members/data/shadow19
-rwxr-xr-xtests/usertools/05_userdel_del_from_group_members/userdel.test39
-rw-r--r--tests/usertools/06_userdel_del_from_gshadow_members/config.txt1
-rw-r--r--tests/usertools/06_userdel_del_from_gshadow_members/config/etc/default/useradd36
-rw-r--r--tests/usertools/06_userdel_del_from_gshadow_members/config/etc/group42
-rw-r--r--tests/usertools/06_userdel_del_from_gshadow_members/config/etc/gshadow42
-rw-r--r--tests/usertools/06_userdel_del_from_gshadow_members/config/etc/passwd20
-rw-r--r--tests/usertools/06_userdel_del_from_gshadow_members/config/etc/shadow20
-rw-r--r--tests/usertools/06_userdel_del_from_gshadow_members/data/group41
-rw-r--r--tests/usertools/06_userdel_del_from_gshadow_members/data/gshadow41
-rw-r--r--tests/usertools/06_userdel_del_from_gshadow_members/data/passwd19
-rw-r--r--tests/usertools/06_userdel_del_from_gshadow_members/data/shadow19
-rwxr-xr-xtests/usertools/06_userdel_del_from_gshadow_members/userdel.test39
-rw-r--r--tests/usertools/07_userdel_del_from_gshadow_admins/config.txt2
-rw-r--r--tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/default/useradd36
-rw-r--r--tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/group42
-rw-r--r--tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/gshadow42
-rw-r--r--tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/passwd20
-rw-r--r--tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/shadow20
-rw-r--r--tests/usertools/07_userdel_del_from_gshadow_admins/data/group41
-rw-r--r--tests/usertools/07_userdel_del_from_gshadow_admins/data/gshadow41
-rw-r--r--tests/usertools/07_userdel_del_from_gshadow_admins/data/passwd19
-rw-r--r--tests/usertools/07_userdel_del_from_gshadow_admins/data/shadow19
-rwxr-xr-xtests/usertools/07_userdel_del_from_gshadow_admins/userdel.test39
-rw-r--r--tests/usertools/08_userdel_del_from_group_and_gshadow/config.txt4
-rw-r--r--tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/group42
-rw-r--r--tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/gshadow42
-rw-r--r--tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/passwd20
-rw-r--r--tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/shadow20
-rw-r--r--tests/usertools/08_userdel_del_from_group_and_gshadow/data/group41
-rw-r--r--tests/usertools/08_userdel_del_from_group_and_gshadow/data/gshadow41
-rw-r--r--tests/usertools/08_userdel_del_from_group_and_gshadow/data/passwd19
-rw-r--r--tests/usertools/08_userdel_del_from_group_and_gshadow/data/shadow19
-rwxr-xr-xtests/usertools/08_userdel_del_from_group_and_gshadow/userdel.test39
-rw-r--r--tests/usertools/09_userdel_del_homedir/config.txt1
-rw-r--r--tests/usertools/09_userdel_del_homedir/config/etc/default/useradd36
-rw-r--r--tests/usertools/09_userdel_del_homedir/config/etc/group42
-rw-r--r--tests/usertools/09_userdel_del_homedir/config/etc/gshadow42
-rw-r--r--tests/usertools/09_userdel_del_homedir/config/etc/passwd20
-rw-r--r--tests/usertools/09_userdel_del_homedir/config/etc/shadow20
-rw-r--r--tests/usertools/09_userdel_del_homedir/data/group41
-rw-r--r--tests/usertools/09_userdel_del_homedir/data/gshadow41
-rw-r--r--tests/usertools/09_userdel_del_homedir/data/passwd19
-rw-r--r--tests/usertools/09_userdel_del_homedir/data/shadow19
-rwxr-xr-xtests/usertools/09_userdel_del_homedir/userdel.test53
-rw-r--r--tests/usertools/10_userdel_del_homedir_wrong_owner/config.txt1
-rw-r--r--tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/default/useradd36
-rw-r--r--tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/group42
-rw-r--r--tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/gshadow42
-rw-r--r--tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/passwd20
-rw-r--r--tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/shadow20
-rw-r--r--tests/usertools/10_userdel_del_homedir_wrong_owner/data/group41
-rw-r--r--tests/usertools/10_userdel_del_homedir_wrong_owner/data/gshadow41
-rw-r--r--tests/usertools/10_userdel_del_homedir_wrong_owner/data/passwd19
-rw-r--r--tests/usertools/10_userdel_del_homedir_wrong_owner/data/shadow19
-rw-r--r--tests/usertools/10_userdel_del_homedir_wrong_owner/data/userdel.err1
-rwxr-xr-xtests/usertools/10_userdel_del_homedir_wrong_owner/userdel.test69
-rw-r--r--tests/usertools/11_usermod_move_homedir/config.txt1
-rw-r--r--tests/usertools/11_usermod_move_homedir/config/etc/default/useradd36
-rw-r--r--tests/usertools/11_usermod_move_homedir/config/etc/group42
-rw-r--r--tests/usertools/11_usermod_move_homedir/config/etc/gshadow42
-rw-r--r--tests/usertools/11_usermod_move_homedir/config/etc/passwd20
-rw-r--r--tests/usertools/11_usermod_move_homedir/config/etc/shadow20
-rw-r--r--tests/usertools/11_usermod_move_homedir/data/home_ls-a3
-rw-r--r--tests/usertools/11_usermod_move_homedir/data/passwd20
-rwxr-xr-xtests/usertools/11_usermod_move_homedir/usermod.test58
-rw-r--r--tests/usertools/12_usermod_move_homedir_dev_null/config.txt1
-rw-r--r--tests/usertools/12_usermod_move_homedir_dev_null/config/etc/default/useradd36
-rw-r--r--tests/usertools/12_usermod_move_homedir_dev_null/config/etc/group42
-rw-r--r--tests/usertools/12_usermod_move_homedir_dev_null/config/etc/gshadow42
-rw-r--r--tests/usertools/12_usermod_move_homedir_dev_null/config/etc/passwd20
-rw-r--r--tests/usertools/12_usermod_move_homedir_dev_null/config/etc/shadow20
-rw-r--r--tests/usertools/12_usermod_move_homedir_dev_null/data/passwd20
-rw-r--r--tests/usertools/12_usermod_move_homedir_dev_null/data/usermod.err1
-rwxr-xr-xtests/usertools/12_usermod_move_homedir_dev_null/usermod.test63
-rw-r--r--tests/usertools/13_usermod_move_homedir_file/config.txt1
-rw-r--r--tests/usertools/13_usermod_move_homedir_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/13_usermod_move_homedir_file/config/etc/group42
-rw-r--r--tests/usertools/13_usermod_move_homedir_file/config/etc/gshadow42
-rw-r--r--tests/usertools/13_usermod_move_homedir_file/config/etc/passwd20
-rw-r--r--tests/usertools/13_usermod_move_homedir_file/config/etc/shadow20
-rw-r--r--tests/usertools/13_usermod_move_homedir_file/data/passwd20
-rw-r--r--tests/usertools/13_usermod_move_homedir_file/data/usermod.err1
-rwxr-xr-xtests/usertools/13_usermod_move_homedir_file/usermod.test67
-rw-r--r--tests/usertools/14_usermod_move_homedir_other_device/config.txt5
-rw-r--r--tests/usertools/14_usermod_move_homedir_other_device/config/etc/default/useradd36
-rw-r--r--tests/usertools/14_usermod_move_homedir_other_device/config/etc/group42
-rw-r--r--tests/usertools/14_usermod_move_homedir_other_device/config/etc/gshadow42
-rw-r--r--tests/usertools/14_usermod_move_homedir_other_device/config/etc/passwd20
-rw-r--r--tests/usertools/14_usermod_move_homedir_other_device/config/etc/shadow20
-rw-r--r--tests/usertools/14_usermod_move_homedir_other_device/data/home_ls-a7
-rw-r--r--tests/usertools/14_usermod_move_homedir_other_device/data/passwd20
-rwxr-xr-xtests/usertools/14_usermod_move_homedir_other_device/usermod.test68
-rw-r--r--tests/usertools/15_usermod_change_supplementary_groups/config.txt6
-rw-r--r--tests/usertools/15_usermod_change_supplementary_groups/config/etc/default/useradd36
-rw-r--r--tests/usertools/15_usermod_change_supplementary_groups/config/etc/group42
-rw-r--r--tests/usertools/15_usermod_change_supplementary_groups/config/etc/gshadow42
-rw-r--r--tests/usertools/15_usermod_change_supplementary_groups/config/etc/passwd20
-rw-r--r--tests/usertools/15_usermod_change_supplementary_groups/config/etc/shadow20
-rw-r--r--tests/usertools/15_usermod_change_supplementary_groups/data/group42
-rw-r--r--tests/usertools/15_usermod_change_supplementary_groups/data/gshadow42
-rwxr-xr-xtests/usertools/15_usermod_change_supplementary_groups/usermod.test39
-rw-r--r--tests/usertools/16_usermod_remove_supplementary_groups/config.txt6
-rw-r--r--tests/usertools/16_usermod_remove_supplementary_groups/config/etc/default/useradd36
-rw-r--r--tests/usertools/16_usermod_remove_supplementary_groups/config/etc/group42
-rw-r--r--tests/usertools/16_usermod_remove_supplementary_groups/config/etc/gshadow42
-rw-r--r--tests/usertools/16_usermod_remove_supplementary_groups/config/etc/passwd20
-rw-r--r--tests/usertools/16_usermod_remove_supplementary_groups/config/etc/shadow20
-rw-r--r--tests/usertools/16_usermod_remove_supplementary_groups/data/group42
-rw-r--r--tests/usertools/16_usermod_remove_supplementary_groups/data/gshadow42
-rwxr-xr-xtests/usertools/16_usermod_remove_supplementary_groups/usermod.test39
-rw-r--r--tests/usertools/17_usermod_change_supplementary_groups_numerical/config.txt6
-rw-r--r--tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/default/useradd36
-rw-r--r--tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/group42
-rw-r--r--tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/gshadow42
-rw-r--r--tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/passwd20
-rw-r--r--tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/shadow20
-rw-r--r--tests/usertools/17_usermod_change_supplementary_groups_numerical/data/group42
-rw-r--r--tests/usertools/17_usermod_change_supplementary_groups_numerical/data/gshadow42
-rwxr-xr-xtests/usertools/17_usermod_change_supplementary_groups_numerical/usermod.test39
-rw-r--r--tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config.txt6
-rw-r--r--tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/default/useradd36
-rw-r--r--tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/group42
-rw-r--r--tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/gshadow42
-rw-r--r--tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/passwd20
-rw-r--r--tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/shadow20
-rw-r--r--tests/usertools/18_usermod_change_supplementary_groups-unknown_group/data/usermod.err1
-rwxr-xr-xtests/usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test54
-rw-r--r--tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config.txt6
-rw-r--r--tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/default/useradd36
-rw-r--r--tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/group42
-rw-r--r--tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/gshadow42
-rw-r--r--tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/passwd20
-rw-r--r--tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/shadow20
-rw-r--r--tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/data/usermod.err1
-rwxr-xr-xtests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test54
-rw-r--r--tests/usertools/20_usermod_rename_user_in_member_lists/config.txt6
-rw-r--r--tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/default/useradd36
-rw-r--r--tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/group42
-rw-r--r--tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/gshadow42
-rw-r--r--tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/passwd20
-rw-r--r--tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/shadow20
-rw-r--r--tests/usertools/20_usermod_rename_user_in_member_lists/data/group42
-rw-r--r--tests/usertools/20_usermod_rename_user_in_member_lists/data/gshadow42
-rw-r--r--tests/usertools/20_usermod_rename_user_in_member_lists/data/passwd20
-rw-r--r--tests/usertools/20_usermod_rename_user_in_member_lists/data/shadow20
-rwxr-xr-xtests/usertools/20_usermod_rename_user_in_member_lists/usermod.test39
-rw-r--r--tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config.txt10
-rw-r--r--tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/default/useradd36
-rw-r--r--tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/group42
-rw-r--r--tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/gshadow42
-rw-r--r--tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/passwd20
-rw-r--r--tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/shadow20
-rw-r--r--tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/group42
-rw-r--r--tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/gshadow42
-rw-r--r--tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/passwd20
-rw-r--r--tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/shadow20
-rwxr-xr-xtests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test39
-rw-r--r--tests/usertools/22_usermod-a_existing_supplementary_group/config.txt6
-rw-r--r--tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/default/useradd36
-rw-r--r--tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/group42
-rw-r--r--tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/gshadow42
-rw-r--r--tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/passwd20
-rw-r--r--tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/shadow20
-rw-r--r--tests/usertools/22_usermod-a_existing_supplementary_group/data/group42
-rw-r--r--tests/usertools/22_usermod-a_existing_supplementary_group/data/gshadow42
-rwxr-xr-xtests/usertools/22_usermod-a_existing_supplementary_group/usermod.test39
-rw-r--r--tests/usertools/23_usermod-a_existing_supplementary_group+rename/config.txt10
-rw-r--r--tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/default/useradd36
-rw-r--r--tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/group42
-rw-r--r--tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/gshadow42
-rw-r--r--tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/passwd20
-rw-r--r--tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/shadow20
-rw-r--r--tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/group42
-rw-r--r--tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/gshadow42
-rw-r--r--tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/passwd20
-rw-r--r--tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/shadow20
-rwxr-xr-xtests/usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test39
-rw-r--r--tests/usertools/24_usermod_locked_passwd/config.txt0
-rw-r--r--tests/usertools/24_usermod_locked_passwd/config/etc/default/useradd36
-rw-r--r--tests/usertools/24_usermod_locked_passwd/config/etc/group42
-rw-r--r--tests/usertools/24_usermod_locked_passwd/config/etc/gshadow42
-rw-r--r--tests/usertools/24_usermod_locked_passwd/config/etc/passwd20
-rw-r--r--tests/usertools/24_usermod_locked_passwd/config/etc/shadow20
-rw-r--r--tests/usertools/24_usermod_locked_passwd/data/usermod.err2
-rwxr-xr-xtests/usertools/24_usermod_locked_passwd/usermod.test60
-rw-r--r--tests/usertools/25_usermod-G_locked_group/config.txt0
-rw-r--r--tests/usertools/25_usermod-G_locked_group/config/etc/default/useradd36
-rw-r--r--tests/usertools/25_usermod-G_locked_group/config/etc/group42
-rw-r--r--tests/usertools/25_usermod-G_locked_group/config/etc/gshadow42
-rw-r--r--tests/usertools/25_usermod-G_locked_group/config/etc/passwd20
-rw-r--r--tests/usertools/25_usermod-G_locked_group/config/etc/shadow20
-rw-r--r--tests/usertools/25_usermod-G_locked_group/data/usermod.err2
-rwxr-xr-xtests/usertools/25_usermod-G_locked_group/usermod.test60
-rw-r--r--tests/usertools/26_usermod_locked_shadow/config.txt0
-rw-r--r--tests/usertools/26_usermod_locked_shadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/26_usermod_locked_shadow/config/etc/group42
-rw-r--r--tests/usertools/26_usermod_locked_shadow/config/etc/gshadow42
-rw-r--r--tests/usertools/26_usermod_locked_shadow/config/etc/passwd20
-rw-r--r--tests/usertools/26_usermod_locked_shadow/config/etc/shadow20
-rw-r--r--tests/usertools/26_usermod_locked_shadow/data/usermod.err2
-rwxr-xr-xtests/usertools/26_usermod_locked_shadow/usermod.test60
-rw-r--r--tests/usertools/27_usermod-G_locked_gshadow/config.txt0
-rw-r--r--tests/usertools/27_usermod-G_locked_gshadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/27_usermod-G_locked_gshadow/config/etc/group42
-rw-r--r--tests/usertools/27_usermod-G_locked_gshadow/config/etc/gshadow42
-rw-r--r--tests/usertools/27_usermod-G_locked_gshadow/config/etc/passwd20
-rw-r--r--tests/usertools/27_usermod-G_locked_gshadow/config/etc/shadow20
-rw-r--r--tests/usertools/27_usermod-G_locked_gshadow/data/usermod.err2
-rwxr-xr-xtests/usertools/27_usermod-G_locked_gshadow/usermod.test60
-rw-r--r--tests/usertools/28_usermod-c_locked_group/config.txt1
-rw-r--r--tests/usertools/28_usermod-c_locked_group/config/etc/default/useradd36
-rw-r--r--tests/usertools/28_usermod-c_locked_group/config/etc/group42
-rw-r--r--tests/usertools/28_usermod-c_locked_group/config/etc/gshadow42
-rw-r--r--tests/usertools/28_usermod-c_locked_group/config/etc/passwd20
-rw-r--r--tests/usertools/28_usermod-c_locked_group/config/etc/shadow20
-rw-r--r--tests/usertools/28_usermod-c_locked_group/data/passwd20
-rwxr-xr-xtests/usertools/28_usermod-c_locked_group/usermod.test45
-rw-r--r--tests/usertools/29_usermod-c_locked_gshadow/config.txt1
-rw-r--r--tests/usertools/29_usermod-c_locked_gshadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/29_usermod-c_locked_gshadow/config/etc/group42
-rw-r--r--tests/usertools/29_usermod-c_locked_gshadow/config/etc/gshadow42
-rw-r--r--tests/usertools/29_usermod-c_locked_gshadow/config/etc/passwd20
-rw-r--r--tests/usertools/29_usermod-c_locked_gshadow/config/etc/shadow20
-rw-r--r--tests/usertools/29_usermod-c_locked_gshadow/data/passwd20
-rwxr-xr-xtests/usertools/29_usermod-c_locked_gshadow/usermod.test45
-rw-r--r--tests/usertools/30_usermod-l_locked_group/config.txt1
-rw-r--r--tests/usertools/30_usermod-l_locked_group/config/etc/default/useradd36
-rw-r--r--tests/usertools/30_usermod-l_locked_group/config/etc/group42
-rw-r--r--tests/usertools/30_usermod-l_locked_group/config/etc/gshadow42
-rw-r--r--tests/usertools/30_usermod-l_locked_group/config/etc/passwd20
-rw-r--r--tests/usertools/30_usermod-l_locked_group/config/etc/shadow20
-rw-r--r--tests/usertools/30_usermod-l_locked_group/data/usermod.err2
-rwxr-xr-xtests/usertools/30_usermod-l_locked_group/usermod.test60
-rw-r--r--tests/usertools/31_usermod-l_locked_gshadow/config.txt1
-rw-r--r--tests/usertools/31_usermod-l_locked_gshadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/31_usermod-l_locked_gshadow/config/etc/group42
-rw-r--r--tests/usertools/31_usermod-l_locked_gshadow/config/etc/gshadow42
-rw-r--r--tests/usertools/31_usermod-l_locked_gshadow/config/etc/passwd20
-rw-r--r--tests/usertools/31_usermod-l_locked_gshadow/config/etc/shadow20
-rw-r--r--tests/usertools/31_usermod-l_locked_gshadow/data/usermod.err2
-rwxr-xr-xtests/usertools/31_usermod-l_locked_gshadow/usermod.test60
-rw-r--r--tests/usertools/32_usermod-u_new_UID/config.txt1
-rw-r--r--tests/usertools/32_usermod-u_new_UID/config/etc/default/useradd36
-rw-r--r--tests/usertools/32_usermod-u_new_UID/config/etc/group42
-rw-r--r--tests/usertools/32_usermod-u_new_UID/config/etc/gshadow42
-rw-r--r--tests/usertools/32_usermod-u_new_UID/config/etc/passwd20
-rw-r--r--tests/usertools/32_usermod-u_new_UID/config/etc/shadow20
-rw-r--r--tests/usertools/32_usermod-u_new_UID/data/passwd20
-rwxr-xr-xtests/usertools/32_usermod-u_new_UID/usermod.test39
-rw-r--r--tests/usertools/33_usermod-u_existing_UID/config.txt2
-rw-r--r--tests/usertools/33_usermod-u_existing_UID/config/etc/default/useradd36
-rw-r--r--tests/usertools/33_usermod-u_existing_UID/config/etc/group43
-rw-r--r--tests/usertools/33_usermod-u_existing_UID/config/etc/gshadow43
-rw-r--r--tests/usertools/33_usermod-u_existing_UID/config/etc/passwd21
-rw-r--r--tests/usertools/33_usermod-u_existing_UID/config/etc/shadow21
-rw-r--r--tests/usertools/33_usermod-u_existing_UID/data/usermod.err1
-rwxr-xr-xtests/usertools/33_usermod-u_existing_UID/usermod.test54
-rw-r--r--tests/usertools/34_usermod-u-o_existing_UID/config.txt10
-rw-r--r--tests/usertools/34_usermod-u-o_existing_UID/config/etc/default/useradd36
-rw-r--r--tests/usertools/34_usermod-u-o_existing_UID/config/etc/group43
-rw-r--r--tests/usertools/34_usermod-u-o_existing_UID/config/etc/gshadow43
-rw-r--r--tests/usertools/34_usermod-u-o_existing_UID/config/etc/passwd21
-rw-r--r--tests/usertools/34_usermod-u-o_existing_UID/config/etc/shadow21
-rw-r--r--tests/usertools/34_usermod-u-o_existing_UID/data/passwd21
-rwxr-xr-xtests/usertools/34_usermod-u-o_existing_UID/usermod.test39
-rw-r--r--tests/usertools/35_usermod-u_invalid_UID/config.txt1
-rw-r--r--tests/usertools/35_usermod-u_invalid_UID/config/etc/default/useradd36
-rw-r--r--tests/usertools/35_usermod-u_invalid_UID/config/etc/group43
-rw-r--r--tests/usertools/35_usermod-u_invalid_UID/config/etc/gshadow43
-rw-r--r--tests/usertools/35_usermod-u_invalid_UID/config/etc/passwd21
-rw-r--r--tests/usertools/35_usermod-u_invalid_UID/config/etc/shadow21
-rw-r--r--tests/usertools/35_usermod-u_invalid_UID/data/usermod.err1
-rwxr-xr-xtests/usertools/35_usermod-u_invalid_UID/usermod.test54
-rw-r--r--tests/usertools/36_usermod_change_uid+move_homedir_other_device/config.txt1
-rw-r--r--tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/default/useradd36
-rw-r--r--tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/group42
-rw-r--r--tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/gshadow42
-rw-r--r--tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/passwd20
-rw-r--r--tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/shadow20
-rw-r--r--tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/home_ls-a7
-rw-r--r--tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/passwd20
-rwxr-xr-xtests/usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test69
-rw-r--r--tests/usertools/37_Debian_Bug_470745/config.txt2
-rw-r--r--tests/usertools/37_Debian_Bug_470745/config/etc/default/useradd36
-rw-r--r--tests/usertools/37_Debian_Bug_470745/config/etc/group43
-rw-r--r--tests/usertools/37_Debian_Bug_470745/config/etc/gshadow43
-rw-r--r--tests/usertools/37_Debian_Bug_470745/config/etc/passwd21
-rw-r--r--tests/usertools/37_Debian_Bug_470745/config/etc/shadow21
-rw-r--r--tests/usertools/37_Debian_Bug_470745/data/group45
-rw-r--r--tests/usertools/37_Debian_Bug_470745/data/gshadow45
-rw-r--r--tests/usertools/37_Debian_Bug_470745/data/passwd22
-rw-r--r--tests/usertools/37_Debian_Bug_470745/data/shadow22
-rw-r--r--tests/usertools/37_Debian_Bug_470745/data/usermod.err2
-rwxr-xr-xtests/usertools/37_Debian_Bug_470745/usermod.test62
-rw-r--r--tests/usertools/38_usermod_invalid_user/config.txt1
-rw-r--r--tests/usertools/38_usermod_invalid_user/config/etc/default/useradd36
-rw-r--r--tests/usertools/38_usermod_invalid_user/config/etc/group43
-rw-r--r--tests/usertools/38_usermod_invalid_user/config/etc/gshadow43
-rw-r--r--tests/usertools/38_usermod_invalid_user/config/etc/passwd21
-rw-r--r--tests/usertools/38_usermod_invalid_user/config/etc/shadow21
-rw-r--r--tests/usertools/38_usermod_invalid_user/data/usermod.err1
-rwxr-xr-xtests/usertools/38_usermod_invalid_user/usermod.test54
-rw-r--r--tests/usertools/39_usermod_-c_invalid_comment/config.txt1
-rw-r--r--tests/usertools/39_usermod_-c_invalid_comment/config/etc/default/useradd36
-rw-r--r--tests/usertools/39_usermod_-c_invalid_comment/config/etc/group43
-rw-r--r--tests/usertools/39_usermod_-c_invalid_comment/config/etc/gshadow43
-rw-r--r--tests/usertools/39_usermod_-c_invalid_comment/config/etc/passwd21
-rw-r--r--tests/usertools/39_usermod_-c_invalid_comment/config/etc/shadow21
-rw-r--r--tests/usertools/39_usermod_-c_invalid_comment/data/usermod.err1
-rwxr-xr-xtests/usertools/39_usermod_-c_invalid_comment/usermod.test54
-rw-r--r--tests/usertools/40_usermod_-d_invalid_homedir/config.txt1
-rw-r--r--tests/usertools/40_usermod_-d_invalid_homedir/config/etc/default/useradd36
-rw-r--r--tests/usertools/40_usermod_-d_invalid_homedir/config/etc/group43
-rw-r--r--tests/usertools/40_usermod_-d_invalid_homedir/config/etc/gshadow43
-rw-r--r--tests/usertools/40_usermod_-d_invalid_homedir/config/etc/passwd21
-rw-r--r--tests/usertools/40_usermod_-d_invalid_homedir/config/etc/shadow21
-rw-r--r--tests/usertools/40_usermod_-d_invalid_homedir/data/usermod.err2
-rwxr-xr-xtests/usertools/40_usermod_-d_invalid_homedir/usermod.test56
-rw-r--r--tests/usertools/41_usermod_-d_invalid_shell/config.txt1
-rw-r--r--tests/usertools/41_usermod_-d_invalid_shell/config/etc/default/useradd36
-rw-r--r--tests/usertools/41_usermod_-d_invalid_shell/config/etc/group43
-rw-r--r--tests/usertools/41_usermod_-d_invalid_shell/config/etc/gshadow43
-rw-r--r--tests/usertools/41_usermod_-d_invalid_shell/config/etc/passwd21
-rw-r--r--tests/usertools/41_usermod_-d_invalid_shell/config/etc/shadow21
-rw-r--r--tests/usertools/41_usermod_-d_invalid_shell/data/usermod.err1
-rwxr-xr-xtests/usertools/41_usermod_-d_invalid_shell/usermod.test54
-rw-r--r--tests/usertools/42_usermod_-g_invalid_group_name/config.txt1
-rw-r--r--tests/usertools/42_usermod_-g_invalid_group_name/config/etc/default/useradd36
-rw-r--r--tests/usertools/42_usermod_-g_invalid_group_name/config/etc/group43
-rw-r--r--tests/usertools/42_usermod_-g_invalid_group_name/config/etc/gshadow43
-rw-r--r--tests/usertools/42_usermod_-g_invalid_group_name/config/etc/passwd21
-rw-r--r--tests/usertools/42_usermod_-g_invalid_group_name/config/etc/shadow21
-rw-r--r--tests/usertools/42_usermod_-g_invalid_group_name/data/usermod.err1
-rwxr-xr-xtests/usertools/42_usermod_-g_invalid_group_name/usermod.test54
-rw-r--r--tests/usertools/43_usermod_-g_invalid_group_ID/config.txt1
-rw-r--r--tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/default/useradd36
-rw-r--r--tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/group43
-rw-r--r--tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/gshadow43
-rw-r--r--tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/passwd21
-rw-r--r--tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/shadow21
-rw-r--r--tests/usertools/43_usermod_-g_invalid_group_ID/data/usermod.err1
-rwxr-xr-xtests/usertools/43_usermod_-g_invalid_group_ID/usermod.test54
-rw-r--r--tests/usertools/44_usermod-l_existing_username/config.txt2
-rw-r--r--tests/usertools/44_usermod-l_existing_username/config/etc/default/useradd36
-rw-r--r--tests/usertools/44_usermod-l_existing_username/config/etc/group43
-rw-r--r--tests/usertools/44_usermod-l_existing_username/config/etc/gshadow43
-rw-r--r--tests/usertools/44_usermod-l_existing_username/config/etc/passwd21
-rw-r--r--tests/usertools/44_usermod-l_existing_username/config/etc/shadow21
-rw-r--r--tests/usertools/44_usermod-l_existing_username/data/usermod.err1
-rwxr-xr-xtests/usertools/44_usermod-l_existing_username/usermod.test54
-rw-r--r--tests/usertools/45_usermod-l_existing_username_passwd/config.txt2
-rw-r--r--tests/usertools/45_usermod-l_existing_username_passwd/config/etc/default/useradd36
-rw-r--r--tests/usertools/45_usermod-l_existing_username_passwd/config/etc/group43
-rw-r--r--tests/usertools/45_usermod-l_existing_username_passwd/config/etc/gshadow43
-rw-r--r--tests/usertools/45_usermod-l_existing_username_passwd/config/etc/passwd21
-rw-r--r--tests/usertools/45_usermod-l_existing_username_passwd/config/etc/shadow21
-rw-r--r--tests/usertools/45_usermod-l_existing_username_passwd/data/usermod.err1
-rwxr-xr-xtests/usertools/45_usermod-l_existing_username_passwd/usermod.test54
-rw-r--r--tests/usertools/46_usermod-l_existing_username_shadow/config.txt2
-rw-r--r--tests/usertools/46_usermod-l_existing_username_shadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/46_usermod-l_existing_username_shadow/config/etc/group43
-rw-r--r--tests/usertools/46_usermod-l_existing_username_shadow/config/etc/gshadow43
-rw-r--r--tests/usertools/46_usermod-l_existing_username_shadow/config/etc/passwd21
-rw-r--r--tests/usertools/46_usermod-l_existing_username_shadow/config/etc/shadow21
-rw-r--r--tests/usertools/46_usermod-l_existing_username_shadow/data/usermod.err1
-rwxr-xr-xtests/usertools/46_usermod-l_existing_username_shadow/usermod.test54
-rw-r--r--tests/usertools/47_usermod-l_no_shadow_file/config.txt2
-rw-r--r--tests/usertools/47_usermod-l_no_shadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/47_usermod-l_no_shadow_file/config/etc/group42
-rw-r--r--tests/usertools/47_usermod-l_no_shadow_file/config/etc/gshadow42
-rw-r--r--tests/usertools/47_usermod-l_no_shadow_file/config/etc/passwd20
-rw-r--r--tests/usertools/47_usermod-l_no_shadow_file/config/etc/shadow20
-rw-r--r--tests/usertools/47_usermod-l_no_shadow_file/data/group42
-rw-r--r--tests/usertools/47_usermod-l_no_shadow_file/data/gshadow42
-rw-r--r--tests/usertools/47_usermod-l_no_shadow_file/data/passwd20
-rwxr-xr-xtests/usertools/47_usermod-l_no_shadow_file/usermod.test43
-rw-r--r--tests/usertools/48_userdel_keep_group_if_primary_other_user/config.txt1
-rw-r--r--tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/default/useradd36
-rw-r--r--tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/group42
-rw-r--r--tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/gshadow42
-rw-r--r--tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/passwd21
-rw-r--r--tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/shadow21
-rw-r--r--tests/usertools/48_userdel_keep_group_if_primary_other_user/data/group42
-rw-r--r--tests/usertools/48_userdel_keep_group_if_primary_other_user/data/passwd20
-rw-r--r--tests/usertools/48_userdel_keep_group_if_primary_other_user/data/shadow20
-rw-r--r--tests/usertools/48_userdel_keep_group_if_primary_other_user/data/userdel.err1
-rwxr-xr-xtests/usertools/48_userdel_keep_group_if_primary_other_user/userdel.test48
-rw-r--r--tests/usertools/49_userdel_delete_users_group/config.txt1
-rw-r--r--tests/usertools/49_userdel_delete_users_group/config/etc/default/useradd36
-rw-r--r--tests/usertools/49_userdel_delete_users_group/config/etc/group43
-rw-r--r--tests/usertools/49_userdel_delete_users_group/config/etc/gshadow43
-rw-r--r--tests/usertools/49_userdel_delete_users_group/config/etc/passwd21
-rw-r--r--tests/usertools/49_userdel_delete_users_group/config/etc/shadow21
-rw-r--r--tests/usertools/49_userdel_delete_users_group/data/group42
-rw-r--r--tests/usertools/49_userdel_delete_users_group/data/gshadow42
-rw-r--r--tests/usertools/49_userdel_delete_users_group/data/passwd20
-rw-r--r--tests/usertools/49_userdel_delete_users_group/data/shadow20
-rwxr-xr-xtests/usertools/49_userdel_delete_users_group/userdel.test39
-rw-r--r--tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config.txt1
-rw-r--r--tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/default/useradd36
-rw-r--r--tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/group43
-rw-r--r--tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/gshadow43
-rw-r--r--tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/passwd21
-rw-r--r--tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/shadow21
-rw-r--r--tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/group42
-rw-r--r--tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/passwd20
-rw-r--r--tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/shadow20
-rwxr-xr-xtests/usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test39
-rw-r--r--tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config.txt1
-rw-r--r--tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/group43
-rw-r--r--tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/gshadow43
-rw-r--r--tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/passwd21
-rw-r--r--tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/shadow21
-rw-r--r--tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/group42
-rw-r--r--tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/passwd20
-rw-r--r--tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/shadow20
-rwxr-xr-xtests/usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test44
-rw-r--r--tests/usertools/52_userdel_delete_user_no_shadow_entry/config.txt1
-rw-r--r--tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/default/useradd36
-rw-r--r--tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/group43
-rw-r--r--tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/gshadow43
-rw-r--r--tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/passwd21
-rw-r--r--tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/shadow21
-rw-r--r--tests/usertools/52_userdel_delete_user_no_shadow_entry/data/group42
-rw-r--r--tests/usertools/52_userdel_delete_user_no_shadow_entry/data/gshadow42
-rw-r--r--tests/usertools/52_userdel_delete_user_no_shadow_entry/data/passwd20
-rwxr-xr-xtests/usertools/52_userdel_delete_user_no_shadow_entry/userdel.test39
-rw-r--r--tests/usertools/53_userdel_delete_user_no_shadow_file/config.txt1
-rw-r--r--tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/group43
-rw-r--r--tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/gshadow43
-rw-r--r--tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/passwd21
-rw-r--r--tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/shadow21
-rw-r--r--tests/usertools/53_userdel_delete_user_no_shadow_file/data/group42
-rw-r--r--tests/usertools/53_userdel_delete_user_no_shadow_file/data/gshadow42
-rw-r--r--tests/usertools/53_userdel_delete_user_no_shadow_file/data/passwd20
-rwxr-xr-xtests/usertools/53_userdel_delete_user_no_shadow_file/userdel.test43
-rw-r--r--tests/usertools/54_usermod-u_invalid_UID_4294967295/config.txt1
-rw-r--r--tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/default/useradd36
-rw-r--r--tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/group43
-rw-r--r--tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/gshadow43
-rw-r--r--tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/passwd21
-rw-r--r--tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/shadow21
-rw-r--r--tests/usertools/54_usermod-u_invalid_UID_4294967295/data/usermod.err1
-rwxr-xr-xtests/usertools/54_usermod-u_invalid_UID_4294967295/usermod.test54
-rw-r--r--tests/usertools/55_userdel_busy_user/config.txt1
-rw-r--r--tests/usertools/55_userdel_busy_user/config/etc/default/useradd36
-rw-r--r--tests/usertools/55_userdel_busy_user/config/etc/group42
-rw-r--r--tests/usertools/55_userdel_busy_user/config/etc/gshadow42
-rw-r--r--tests/usertools/55_userdel_busy_user/config/etc/passwd20
-rw-r--r--tests/usertools/55_userdel_busy_user/config/etc/shadow20
-rw-r--r--tests/usertools/55_userdel_busy_user/data/userdel.err1
-rwxr-xr-xtests/usertools/55_userdel_busy_user/userdel.test68
-rw-r--r--tests/usertools/56_userdel_locked_passwd/config.txt0
-rw-r--r--tests/usertools/56_userdel_locked_passwd/config/etc/default/useradd36
-rw-r--r--tests/usertools/56_userdel_locked_passwd/config/etc/group42
-rw-r--r--tests/usertools/56_userdel_locked_passwd/config/etc/gshadow42
-rw-r--r--tests/usertools/56_userdel_locked_passwd/config/etc/passwd20
-rw-r--r--tests/usertools/56_userdel_locked_passwd/config/etc/shadow20
-rw-r--r--tests/usertools/56_userdel_locked_passwd/data/userdel.err2
-rwxr-xr-xtests/usertools/56_userdel_locked_passwd/userdel.test60
-rw-r--r--tests/usertools/57_userdel_locked_group/config.txt0
-rw-r--r--tests/usertools/57_userdel_locked_group/config/etc/default/useradd36
-rw-r--r--tests/usertools/57_userdel_locked_group/config/etc/group42
-rw-r--r--tests/usertools/57_userdel_locked_group/config/etc/gshadow42
-rw-r--r--tests/usertools/57_userdel_locked_group/config/etc/passwd20
-rw-r--r--tests/usertools/57_userdel_locked_group/config/etc/shadow20
-rw-r--r--tests/usertools/57_userdel_locked_group/data/userdel.err2
-rwxr-xr-xtests/usertools/57_userdel_locked_group/userdel.test60
-rw-r--r--tests/usertools/58_userdel_locked_shadow/config.txt0
-rw-r--r--tests/usertools/58_userdel_locked_shadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/58_userdel_locked_shadow/config/etc/group42
-rw-r--r--tests/usertools/58_userdel_locked_shadow/config/etc/gshadow42
-rw-r--r--tests/usertools/58_userdel_locked_shadow/config/etc/passwd20
-rw-r--r--tests/usertools/58_userdel_locked_shadow/config/etc/shadow20
-rw-r--r--tests/usertools/58_userdel_locked_shadow/data/userdel.err2
-rwxr-xr-xtests/usertools/58_userdel_locked_shadow/userdel.test60
-rw-r--r--tests/usertools/59_userdel_locked_gshadow/config.txt0
-rw-r--r--tests/usertools/59_userdel_locked_gshadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/59_userdel_locked_gshadow/config/etc/group42
-rw-r--r--tests/usertools/59_userdel_locked_gshadow/config/etc/gshadow42
-rw-r--r--tests/usertools/59_userdel_locked_gshadow/config/etc/passwd20
-rw-r--r--tests/usertools/59_userdel_locked_gshadow/config/etc/shadow20
-rw-r--r--tests/usertools/59_userdel_locked_gshadow/data/userdel.err2
-rwxr-xr-xtests/usertools/59_userdel_locked_gshadow/userdel.test60
-rw-r--r--tests/usertools/60_userdel_invalid_user/config.txt0
-rw-r--r--tests/usertools/60_userdel_invalid_user/config/etc/default/useradd36
-rw-r--r--tests/usertools/60_userdel_invalid_user/config/etc/group42
-rw-r--r--tests/usertools/60_userdel_invalid_user/config/etc/gshadow42
-rw-r--r--tests/usertools/60_userdel_invalid_user/config/etc/passwd20
-rw-r--r--tests/usertools/60_userdel_invalid_user/config/etc/shadow20
-rw-r--r--tests/usertools/60_userdel_invalid_user/data/userdel.err1
-rwxr-xr-xtests/usertools/60_userdel_invalid_user/userdel.test54
-rw-r--r--tests/usertools/61_userdel_del_homedir_with_symlinks/config.txt1
-rw-r--r--tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/default/useradd36
-rw-r--r--tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/group42
-rw-r--r--tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/gshadow42
-rw-r--r--tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/passwd20
-rw-r--r--tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/shadow20
-rw-r--r--tests/usertools/61_userdel_del_homedir_with_symlinks/data/group41
-rw-r--r--tests/usertools/61_userdel_del_homedir_with_symlinks/data/gshadow41
-rw-r--r--tests/usertools/61_userdel_del_homedir_with_symlinks/data/passwd19
-rw-r--r--tests/usertools/61_userdel_del_homedir_with_symlinks/data/shadow19
-rw-r--r--tests/usertools/61_userdel_del_homedir_with_symlinks/data/userdel.err1
-rwxr-xr-xtests/usertools/61_userdel_del_homedir_with_symlinks/userdel.test70
-rwxr-xr-xtests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test56
-rw-r--r--tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/chpasswd.err3
-rw-r--r--tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test40
-rw-r--r--tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test44
-rw-r--r--tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/data/passwd19
-rwxr-xr-xtests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test43
-rw-r--r--tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/gshadow40
-rw-r--r--tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/shadow18
-rw-r--r--tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test55
-rw-r--r--tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/chpasswd.err1
-rw-r--r--tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test48
-rw-r--r--tests/usertools/chpasswd-PAM/06_chpasswd_usage/config.txt10
-rw-r--r--tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/06_chpasswd_usage/data/usage.out12
-rwxr-xr-xtests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test54
-rw-r--r--tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config.txt10
-rw-r--r--tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/data/usage.out13
-rwxr-xr-xtests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test54
-rw-r--r--tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config.txt10
-rw-r--r--tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/passwd20
-rw-r--r--tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/data/usage.out13
-rwxr-xr-xtests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test54
-rw-r--r--tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config.txt10
-rw-r--r--tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/passwd20
-rw-r--r--tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/data/usage.out13
-rwxr-xr-xtests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test54
-rw-r--r--tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config.txt10
-rw-r--r--tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/passwd20
-rw-r--r--tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/data/usage.out13
-rwxr-xr-xtests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test54
-rw-r--r--tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config.txt10
-rw-r--r--tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/passwd20
-rw-r--r--tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/data/usage.out13
-rwxr-xr-xtests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test54
-rw-r--r--tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config.txt10
-rw-r--r--tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/passwd20
-rw-r--r--tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/data/usage.out13
-rwxr-xr-xtests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test54
-rw-r--r--tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config.txt10
-rw-r--r--tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/passwd20
-rw-r--r--tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/data/usage.out13
-rwxr-xr-xtests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test40
-rw-r--r--tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test40
-rw-r--r--tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test40
-rw-r--r--tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test40
-rw-r--r--tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test40
-rw-r--r--tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test40
-rw-r--r--tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test41
-rw-r--r--tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test41
-rw-r--r--tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test40
-rw-r--r--tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test41
-rw-r--r--tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test41
-rw-r--r--tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test44
-rw-r--r--tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/data/passwd19
-rwxr-xr-xtests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test59
-rw-r--r--tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/data/chpasswd.err6
-rwxr-xr-xtests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test59
-rw-r--r--tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/chpasswd.err3
-rw-r--r--tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/passwd19
-rwxr-xr-xtests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test59
-rw-r--r--tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/chpasswd.err3
-rw-r--r--tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/passwd19
-rwxr-xr-xtests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test43
-rw-r--r--tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/gshadow40
-rw-r--r--tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/shadow18
-rw-r--r--tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test61
-rw-r--r--tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config.txt0
-rw-r--r--tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/group42
-rw-r--r--tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/gshadow42
-rw-r--r--tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/passwd20
-rw-r--r--tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/shadow20
-rw-r--r--tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/data/chpasswd.err2
-rwxr-xr-xtests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test61
-rw-r--r--tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config.txt0
-rw-r--r--tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/group42
-rw-r--r--tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/gshadow42
-rw-r--r--tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/passwd20
-rw-r--r--tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/shadow20
-rw-r--r--tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/data/chpasswd.err2
-rwxr-xr-xtests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test56
-rw-r--r--tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config.txt0
-rw-r--r--tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/group42
-rw-r--r--tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/gshadow42
-rw-r--r--tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/passwd20
-rw-r--r--tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/shadow20
-rw-r--r--tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/chpasswd.err3
-rw-r--r--tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/shadow20
-rwxr-xr-xtests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test56
-rw-r--r--tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config.txt0
-rw-r--r--tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/default/useradd36
-rw-r--r--tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/group42
-rw-r--r--tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/gshadow42
-rw-r--r--tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/passwd20
-rw-r--r--tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/shadow20
-rw-r--r--tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/data/chpasswd.err2
-rwxr-xr-xtests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test40
-rw-r--r--tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/group41
-rw-r--r--tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/chpasswd6
-rw-r--r--tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/common-password33
-rw-r--r--tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/passwd19
-rw-r--r--tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test56
-rw-r--r--tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/group41
-rw-r--r--tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/login.defs318
-rw-r--r--tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd/01_chpasswd_invalid_user/data/chpasswd.err2
-rwxr-xr-xtests/usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test40
-rw-r--r--tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/group41
-rw-r--r--tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/login.defs318
-rw-r--r--tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd/02_chpasswd_multiple_users/data/shadow19
-rwxr-xr-xtests/usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test44
-rw-r--r--tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/group41
-rw-r--r--tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/login.defs318
-rw-r--r--tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd/03_chpasswd_no_shadow_file/data/passwd19
-rwxr-xr-xtests/usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test43
-rw-r--r--tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/group41
-rw-r--r--tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/gshadow40
-rw-r--r--tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/login.defs318
-rw-r--r--tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/shadow18
-rw-r--r--tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/passwd19
-rw-r--r--tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/shadow18
-rwxr-xr-xtests/usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test55
-rw-r--r--tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/group41
-rw-r--r--tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/gshadow41
-rw-r--r--tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/login.defs318
-rw-r--r--tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/passwd19
-rw-r--r--tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/shadow19
-rw-r--r--tests/usertools/chpasswd/05_chpasswd_error_no_password/data/chpasswd.err2
-rw-r--r--tests/usertools/useradd/01_useradd_usage/config.txt10
-rw-r--r--tests/usertools/useradd/01_useradd_usage/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/01_useradd_usage/config/etc/group41
-rw-r--r--tests/usertools/useradd/01_useradd_usage/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/01_useradd_usage/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/01_useradd_usage/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/01_useradd_usage/data/usage.out35
-rwxr-xr-xtests/usertools/useradd/01_useradd_usage/useradd.test48
-rw-r--r--tests/usertools/useradd/02_useradd_usage_invalid_option/config.txt10
-rw-r--r--tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/group41
-rw-r--r--tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/02_useradd_usage_invalid_option/data/usage.out36
-rwxr-xr-xtests/usertools/useradd/02_useradd_usage_invalid_option/useradd.test54
-rw-r--r--tests/usertools/useradd/03_useradd_usage_no_users/config.txt10
-rw-r--r--tests/usertools/useradd/03_useradd_usage_no_users/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/03_useradd_usage_no_users/config/etc/group41
-rw-r--r--tests/usertools/useradd/03_useradd_usage_no_users/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/03_useradd_usage_no_users/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/03_useradd_usage_no_users/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/03_useradd_usage_no_users/data/usage.out35
-rwxr-xr-xtests/usertools/useradd/03_useradd_usage_no_users/useradd.test54
-rw-r--r--tests/usertools/useradd/04_useradd_usage_2_users/config.txt10
-rw-r--r--tests/usertools/useradd/04_useradd_usage_2_users/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/04_useradd_usage_2_users/config/etc/group41
-rw-r--r--tests/usertools/useradd/04_useradd_usage_2_users/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/04_useradd_usage_2_users/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/04_useradd_usage_2_users/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/04_useradd_usage_2_users/data/usage.out35
-rwxr-xr-xtests/usertools/useradd/04_useradd_usage_2_users/useradd.test54
-rw-r--r--tests/usertools/useradd/05_useradd_usage-b_invalid1/config.txt10
-rw-r--r--tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/group41
-rw-r--r--tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/05_useradd_usage-b_invalid1/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/05_useradd_usage-b_invalid1/useradd.test54
-rw-r--r--tests/usertools/useradd/06_useradd_usage-b_invalid2/config.txt10
-rw-r--r--tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/group41
-rw-r--r--tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/06_useradd_usage-b_invalid2/data/usage.out2
-rwxr-xr-xtests/usertools/useradd/06_useradd_usage-b_invalid2/useradd.test56
-rw-r--r--tests/usertools/useradd/07_useradd_usage-b_invalid3/config.txt10
-rw-r--r--tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/group41
-rw-r--r--tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/07_useradd_usage-b_invalid3/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/07_useradd_usage-b_invalid3/useradd.test54
-rw-r--r--tests/usertools/useradd/08_useradd_usage-c_invalid1/config.txt10
-rw-r--r--tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/group41
-rw-r--r--tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/08_useradd_usage-c_invalid1/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/08_useradd_usage-c_invalid1/useradd.test54
-rw-r--r--tests/usertools/useradd/09_useradd_usage-c_invalid2/config.txt10
-rw-r--r--tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/group41
-rw-r--r--tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/09_useradd_usage-c_invalid2/data/usage.out2
-rwxr-xr-xtests/usertools/useradd/09_useradd_usage-c_invalid2/useradd.test56
-rw-r--r--tests/usertools/useradd/10_useradd_usage-d_invalid1/config.txt10
-rw-r--r--tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/group41
-rw-r--r--tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/10_useradd_usage-d_invalid1/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/10_useradd_usage-d_invalid1/useradd.test54
-rw-r--r--tests/usertools/useradd/11_useradd_usage-d_invalid2/config.txt10
-rw-r--r--tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/group41
-rw-r--r--tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/11_useradd_usage-d_invalid2/data/usage.out2
-rwxr-xr-xtests/usertools/useradd/11_useradd_usage-d_invalid2/useradd.test56
-rw-r--r--tests/usertools/useradd/12_useradd_usage-d_invalid3/config.txt10
-rw-r--r--tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/group41
-rw-r--r--tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/12_useradd_usage-d_invalid3/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/12_useradd_usage-d_invalid3/useradd.test54
-rw-r--r--tests/usertools/useradd/13_useradd_usage-e_invalid1/config.txt10
-rw-r--r--tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/group41
-rw-r--r--tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/13_useradd_usage-e_invalid1/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/13_useradd_usage-e_invalid1/useradd.test54
-rw-r--r--tests/usertools/useradd/14_useradd_usage-e_invalid2/config.txt10
-rw-r--r--tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/group41
-rw-r--r--tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/14_useradd_usage-e_invalid2/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/14_useradd_usage-e_invalid2/useradd.test54
-rw-r--r--tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config.txt10
-rw-r--r--tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/group41
-rw-r--r--tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test58
-rw-r--r--tests/usertools/useradd/16_useradd_usage-f_invalid1/config.txt10
-rw-r--r--tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/group41
-rw-r--r--tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/16_useradd_usage-f_invalid1/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/16_useradd_usage-f_invalid1/useradd.test54
-rw-r--r--tests/usertools/useradd/17_useradd_usage-f_invalid2/config.txt10
-rw-r--r--tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/group41
-rw-r--r--tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/17_useradd_usage-f_invalid2/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/17_useradd_usage-f_invalid2/useradd.test54
-rw-r--r--tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config.txt10
-rw-r--r--tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/group41
-rw-r--r--tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test58
-rw-r--r--tests/usertools/useradd/19_useradd_usage-K_invalid1/config.txt10
-rw-r--r--tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/group41
-rw-r--r--tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/19_useradd_usage-K_invalid1/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/19_useradd_usage-K_invalid1/useradd.test54
-rw-r--r--tests/usertools/useradd/20_useradd_usage-O_invalid2/config.txt10
-rw-r--r--tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/group41
-rw-r--r--tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/20_useradd_usage-O_invalid2/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/20_useradd_usage-O_invalid2/useradd.test54
-rw-r--r--tests/usertools/useradd/21_useradd_usage-p_invalid1/config.txt10
-rw-r--r--tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/group41
-rw-r--r--tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/21_useradd_usage-p_invalid1/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/21_useradd_usage-p_invalid1/useradd.test54
-rw-r--r--tests/usertools/useradd/22_useradd_usage-p_invalid2/config.txt10
-rw-r--r--tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/group41
-rw-r--r--tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/22_useradd_usage-p_invalid2/data/usage.out2
-rwxr-xr-xtests/usertools/useradd/22_useradd_usage-p_invalid2/useradd.test56
-rw-r--r--tests/usertools/useradd/23_useradd_usage-s_invalid1/config.txt10
-rw-r--r--tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/group41
-rw-r--r--tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/23_useradd_usage-s_invalid1/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/23_useradd_usage-s_invalid1/useradd.test54
-rw-r--r--tests/usertools/useradd/24_useradd_usage-s_invalid2/config.txt10
-rw-r--r--tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/group41
-rw-r--r--tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/24_useradd_usage-s_invalid2/data/usage.out2
-rwxr-xr-xtests/usertools/useradd/24_useradd_usage-s_invalid2/useradd.test56
-rw-r--r--tests/usertools/useradd/25_useradd_usage-s_invalid3/config.txt10
-rw-r--r--tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/group41
-rw-r--r--tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/25_useradd_usage-s_invalid3/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/25_useradd_usage-s_invalid3/useradd.test54
-rw-r--r--tests/usertools/useradd/26_useradd_usage-o_without-u/config.txt10
-rw-r--r--tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/group41
-rw-r--r--tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/passwd20
-rw-r--r--tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/26_useradd_usage-o_without-u/data/usage.out36
-rwxr-xr-xtests/usertools/useradd/26_useradd_usage-o_without-u/useradd.test55
-rw-r--r--tests/usertools/useradd/27_useradd_usage-k_without-m/config.txt10
-rw-r--r--tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/group41
-rw-r--r--tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/passwd20
-rw-r--r--tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/27_useradd_usage-k_without-m/data/usage.out36
-rwxr-xr-xtests/usertools/useradd/27_useradd_usage-k_without-m/useradd.test55
-rw-r--r--tests/usertools/useradd/28_useradd_usage-U_with-g/config.txt10
-rw-r--r--tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/group41
-rw-r--r--tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/passwd20
-rw-r--r--tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/28_useradd_usage-U_with-g/data/usage.out36
-rwxr-xr-xtests/usertools/useradd/28_useradd_usage-U_with-g/useradd.test55
-rw-r--r--tests/usertools/useradd/29_useradd_usage-U_with-N/config.txt10
-rw-r--r--tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/group41
-rw-r--r--tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/passwd20
-rw-r--r--tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/29_useradd_usage-U_with-N/data/usage.out36
-rwxr-xr-xtests/usertools/useradd/29_useradd_usage-U_with-N/useradd.test55
-rw-r--r--tests/usertools/useradd/30_useradd_usage-m_with-M/config.txt10
-rw-r--r--tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/group41
-rw-r--r--tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/passwd20
-rw-r--r--tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/30_useradd_usage-m_with-M/data/usage.out36
-rwxr-xr-xtests/usertools/useradd/30_useradd_usage-m_with-M/useradd.test55
-rw-r--r--tests/usertools/useradd/31_useradd_usage_user_with-D/config.txt10
-rw-r--r--tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/group41
-rw-r--r--tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/31_useradd_usage_user_with-D/data/usage.out35
-rwxr-xr-xtests/usertools/useradd/31_useradd_usage_user_with-D/useradd.test54
-rw-r--r--tests/usertools/useradd/32_useradd_usage-D_with_other/config.txt10
-rw-r--r--tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/group41
-rw-r--r--tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/passwd20
-rw-r--r--tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/32_useradd_usage-D_with_other/data/usage.out35
-rwxr-xr-xtests/usertools/useradd/32_useradd_usage-D_with_other/useradd.test58
-rw-r--r--tests/usertools/useradd/33_useradd_usage_invalid_username/config.txt10
-rw-r--r--tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/group41
-rw-r--r--tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/33_useradd_usage_invalid_username/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/33_useradd_usage_invalid_username/useradd.test54
-rw-r--r--tests/usertools/useradd/34_useradd_default_GROUP_GID/config.txt10
-rw-r--r--tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/group41
-rw-r--r--tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/34_useradd_default_GROUP_GID/data/passwd20
-rw-r--r--tests/usertools/useradd/34_useradd_default_GROUP_GID/data/shadow20
-rwxr-xr-xtests/usertools/useradd/34_useradd_default_GROUP_GID/useradd.test39
-rw-r--r--tests/usertools/useradd/35_useradd_default_GROUP_name/config.txt10
-rw-r--r--tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/group41
-rw-r--r--tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/35_useradd_default_GROUP_name/data/passwd20
-rw-r--r--tests/usertools/useradd/35_useradd_default_GROUP_name/data/shadow20
-rwxr-xr-xtests/usertools/useradd/35_useradd_default_GROUP_name/useradd.test39
-rw-r--r--tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config.txt10
-rw-r--r--tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/group41
-rw-r--r--tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/passwd20
-rw-r--r--tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/shadow20
-rw-r--r--tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/usage.out2
-rwxr-xr-xtests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test48
-rw-r--r--tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config.txt10
-rw-r--r--tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/group41
-rw-r--r--tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/passwd20
-rw-r--r--tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/shadow20
-rw-r--r--tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/usage.out2
-rwxr-xr-xtests/usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test48
-rw-r--r--tests/usertools/useradd/38_useradd_default_INACTIVE/config.txt10
-rw-r--r--tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/group41
-rw-r--r--tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/38_useradd_default_INACTIVE/data/passwd20
-rw-r--r--tests/usertools/useradd/38_useradd_default_INACTIVE/data/shadow20
-rwxr-xr-xtests/usertools/useradd/38_useradd_default_INACTIVE/useradd.test39
-rw-r--r--tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config.txt10
-rw-r--r--tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/group41
-rw-r--r--tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/passwd20
-rw-r--r--tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/shadow20
-rw-r--r--tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/usage.out2
-rwxr-xr-xtests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test48
-rw-r--r--tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config.txt10
-rw-r--r--tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/group41
-rw-r--r--tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/passwd20
-rw-r--r--tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/shadow20
-rw-r--r--tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/usage.out2
-rwxr-xr-xtests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test48
-rw-r--r--tests/usertools/useradd/41_useradd_default_default_SKEL/config.txt10
-rw-r--r--tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/group41
-rw-r--r--tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/41_useradd_default_default_SKEL/data/defaults7
-rwxr-xr-xtests/usertools/useradd/41_useradd_default_default_SKEL/useradd.test48
-rw-r--r--tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config.txt10
-rw-r--r--tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/group41
-rw-r--r--tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/data/defaults7
-rwxr-xr-xtests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test48
-rw-r--r--tests/usertools/useradd/43_useradd_default_no_final_eol/config.txt10
-rw-r--r--tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/default/useradd37
-rw-r--r--tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/group41
-rw-r--r--tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/43_useradd_default_no_final_eol/data/useradd38
-rwxr-xr-xtests/usertools/useradd/43_useradd_default_no_final_eol/useradd.test43
-rw-r--r--tests/usertools/useradd/44_useradd_default_no_file/config.txt10
-rw-r--r--tests/usertools/useradd/44_useradd_default_no_file/config/etc/default/useradd37
-rw-r--r--tests/usertools/useradd/44_useradd_default_no_file/config/etc/group41
-rw-r--r--tests/usertools/useradd/44_useradd_default_no_file/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/44_useradd_default_no_file/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/44_useradd_default_no_file/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/44_useradd_default_no_file/data/useradd8
-rwxr-xr-xtests/usertools/useradd/44_useradd_default_no_file/useradd.test47
-rw-r--r--tests/usertools/useradd/45_useradd-G_UID_name/config.txt10
-rw-r--r--tests/usertools/useradd/45_useradd-G_UID_name/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/45_useradd-G_UID_name/config/etc/group41
-rw-r--r--tests/usertools/useradd/45_useradd-G_UID_name/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/45_useradd-G_UID_name/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/45_useradd-G_UID_name/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/45_useradd-G_UID_name/data/group42
-rw-r--r--tests/usertools/useradd/45_useradd-G_UID_name/data/gshadow42
-rw-r--r--tests/usertools/useradd/45_useradd-G_UID_name/data/passwd20
-rw-r--r--tests/usertools/useradd/45_useradd-G_UID_name/data/shadow20
-rwxr-xr-xtests/usertools/useradd/45_useradd-G_UID_name/useradd.test39
-rw-r--r--tests/usertools/useradd/46_useradd-G_UID_duplicate/config.txt10
-rw-r--r--tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/group41
-rw-r--r--tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/46_useradd-G_UID_duplicate/data/group42
-rw-r--r--tests/usertools/useradd/46_useradd-G_UID_duplicate/data/gshadow42
-rw-r--r--tests/usertools/useradd/46_useradd-G_UID_duplicate/data/passwd20
-rw-r--r--tests/usertools/useradd/46_useradd-G_UID_duplicate/data/shadow20
-rwxr-xr-xtests/usertools/useradd/46_useradd-G_UID_duplicate/useradd.test39
-rw-r--r--tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config.txt10
-rw-r--r--tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/group41
-rw-r--r--tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/group42
-rw-r--r--tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/gshadow42
-rw-r--r--tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/passwd20
-rw-r--r--tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/shadow20
-rwxr-xr-xtests/usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test39
-rw-r--r--tests/usertools/useradd/48_useradd-G_name_duplicate/config.txt10
-rw-r--r--tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/group41
-rw-r--r--tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/48_useradd-G_name_duplicate/data/group42
-rw-r--r--tests/usertools/useradd/48_useradd-G_name_duplicate/data/gshadow42
-rw-r--r--tests/usertools/useradd/48_useradd-G_name_duplicate/data/passwd20
-rw-r--r--tests/usertools/useradd/48_useradd-G_name_duplicate/data/shadow20
-rwxr-xr-xtests/usertools/useradd/48_useradd-G_name_duplicate/useradd.test39
-rw-r--r--tests/usertools/useradd/49_useradd-G_invalid_group/config.txt10
-rw-r--r--tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/group41
-rw-r--r--tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/49_useradd-G_invalid_group/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/49_useradd-G_invalid_group/useradd.test54
-rw-r--r--tests/usertools/useradd/50_useradd-r/config.txt10
-rw-r--r--tests/usertools/useradd/50_useradd-r/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/50_useradd-r/config/etc/group41
-rw-r--r--tests/usertools/useradd/50_useradd-r/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/50_useradd-r/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/50_useradd-r/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/50_useradd-r/data/group42
-rw-r--r--tests/usertools/useradd/50_useradd-r/data/gshadow42
-rw-r--r--tests/usertools/useradd/50_useradd-r/data/passwd20
-rw-r--r--tests/usertools/useradd/50_useradd-r/data/shadow20
-rwxr-xr-xtests/usertools/useradd/50_useradd-r/useradd.test39
-rw-r--r--tests/usertools/useradd/51_useradd_already_exist/config.txt10
-rw-r--r--tests/usertools/useradd/51_useradd_already_exist/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/51_useradd_already_exist/config/etc/group42
-rw-r--r--tests/usertools/useradd/51_useradd_already_exist/config/etc/gshadow42
-rw-r--r--tests/usertools/useradd/51_useradd_already_exist/config/etc/passwd20
-rw-r--r--tests/usertools/useradd/51_useradd_already_exist/config/etc/shadow20
-rw-r--r--tests/usertools/useradd/51_useradd_already_exist/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/51_useradd_already_exist/useradd.test54
-rw-r--r--tests/usertools/useradd/52_useradd-U_group_already_exist/config.txt10
-rw-r--r--tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/group42
-rw-r--r--tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/gshadow42
-rw-r--r--tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/52_useradd-U_group_already_exist/data/usage.out1
-rwxr-xr-xtests/usertools/useradd/52_useradd-U_group_already_exist/useradd.test54
-rw-r--r--tests/usertools/useradd/53_useradd-G_empty/config.txt10
-rw-r--r--tests/usertools/useradd/53_useradd-G_empty/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/53_useradd-G_empty/config/etc/group41
-rw-r--r--tests/usertools/useradd/53_useradd-G_empty/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/53_useradd-G_empty/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/53_useradd-G_empty/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/53_useradd-G_empty/data/group42
-rw-r--r--tests/usertools/useradd/53_useradd-G_empty/data/gshadow42
-rw-r--r--tests/usertools/useradd/53_useradd-G_empty/data/passwd20
-rw-r--r--tests/usertools/useradd/53_useradd-G_empty/data/shadow20
-rwxr-xr-xtests/usertools/useradd/53_useradd-G_empty/useradd.test39
-rw-r--r--tests/usertools/useradd/54_useradd_no_shadow_file/config.txt10
-rw-r--r--tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/group41
-rw-r--r--tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/54_useradd_no_shadow_file/data/group42
-rw-r--r--tests/usertools/useradd/54_useradd_no_shadow_file/data/gshadow42
-rw-r--r--tests/usertools/useradd/54_useradd_no_shadow_file/data/passwd20
-rwxr-xr-xtests/usertools/useradd/54_useradd_no_shadow_file/useradd.test43
-rw-r--r--tests/usertools/useradd/55_useradd_no_gshadow_file/config.txt10
-rw-r--r--tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/group41
-rw-r--r--tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/55_useradd_no_gshadow_file/data/group42
-rw-r--r--tests/usertools/useradd/55_useradd_no_gshadow_file/data/passwd20
-rw-r--r--tests/usertools/useradd/55_useradd_no_gshadow_file/data/shadow20
-rwxr-xr-xtests/usertools/useradd/55_useradd_no_gshadow_file/useradd.test43
-rw-r--r--tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config.txt10
-rw-r--r--tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/group41
-rw-r--r--tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/gshadow42
-rw-r--r--tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/group42
-rw-r--r--tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/gshadow43
-rw-r--r--tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/passwd20
-rw-r--r--tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/shadow20
-rwxr-xr-xtests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test39
-rw-r--r--tests/usertools/useradd/57_useradd_usage-D_not_first_option/config.txt10
-rw-r--r--tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/group41
-rw-r--r--tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/57_useradd_usage-D_not_first_option/data/usage.out35
-rwxr-xr-xtests/usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test54
-rw-r--r--tests/usertools/useradd/58_useradd-e_empty/config.txt10
-rw-r--r--tests/usertools/useradd/58_useradd-e_empty/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/58_useradd-e_empty/config/etc/group41
-rw-r--r--tests/usertools/useradd/58_useradd-e_empty/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/58_useradd-e_empty/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/58_useradd-e_empty/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/58_useradd-e_empty/data/group42
-rw-r--r--tests/usertools/useradd/58_useradd-e_empty/data/gshadow42
-rw-r--r--tests/usertools/useradd/58_useradd-e_empty/data/passwd20
-rw-r--r--tests/usertools/useradd/58_useradd-e_empty/data/shadow20
-rwxr-xr-xtests/usertools/useradd/58_useradd-e_empty/useradd.test39
-rw-r--r--tests/usertools/useradd/59_useradd-e-1-f-1/config.txt10
-rw-r--r--tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/group41
-rw-r--r--tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/59_useradd-e-1-f-1/data/group42
-rw-r--r--tests/usertools/useradd/59_useradd-e-1-f-1/data/gshadow42
-rw-r--r--tests/usertools/useradd/59_useradd-e-1-f-1/data/passwd20
-rw-r--r--tests/usertools/useradd/59_useradd-e-1-f-1/data/shadow20
-rwxr-xr-xtests/usertools/useradd/59_useradd-e-1-f-1/useradd.test39
-rw-r--r--tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config.txt10
-rw-r--r--tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/group41
-rw-r--r--tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/group42
-rw-r--r--tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/gshadow42
-rw-r--r--tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/passwd20
-rwxr-xr-xtests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test43
-rw-r--r--tests/usertools/useradd/61_useradd-K/config.txt10
-rw-r--r--tests/usertools/useradd/61_useradd-K/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/61_useradd-K/config/etc/group41
-rw-r--r--tests/usertools/useradd/61_useradd-K/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/61_useradd-K/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/61_useradd-K/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/61_useradd-K/data/group42
-rw-r--r--tests/usertools/useradd/61_useradd-K/data/gshadow42
-rw-r--r--tests/usertools/useradd/61_useradd-K/data/passwd20
-rw-r--r--tests/usertools/useradd/61_useradd-K/data/shadow20
-rwxr-xr-xtests/usertools/useradd/61_useradd-K/useradd.test39
-rw-r--r--tests/usertools/useradd/62_useradd-p/config.txt10
-rw-r--r--tests/usertools/useradd/62_useradd-p/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/62_useradd-p/config/etc/group41
-rw-r--r--tests/usertools/useradd/62_useradd-p/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/62_useradd-p/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/62_useradd-p/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/62_useradd-p/data/group42
-rw-r--r--tests/usertools/useradd/62_useradd-p/data/gshadow42
-rw-r--r--tests/usertools/useradd/62_useradd-p/data/passwd20
-rw-r--r--tests/usertools/useradd/62_useradd-p/data/shadow20
-rwxr-xr-xtests/usertools/useradd/62_useradd-p/useradd.test39
-rw-r--r--tests/usertools/useradd/63_useradd-s/config.txt10
-rw-r--r--tests/usertools/useradd/63_useradd-s/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/63_useradd-s/config/etc/group41
-rw-r--r--tests/usertools/useradd/63_useradd-s/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/63_useradd-s/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/63_useradd-s/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/63_useradd-s/data/group42
-rw-r--r--tests/usertools/useradd/63_useradd-s/data/gshadow42
-rw-r--r--tests/usertools/useradd/63_useradd-s/data/passwd20
-rw-r--r--tests/usertools/useradd/63_useradd-s/data/shadow20
-rwxr-xr-xtests/usertools/useradd/63_useradd-s/useradd.test39
-rw-r--r--tests/usertools/useradd/64_useradd_locked_passwd/config.txt0
-rw-r--r--tests/usertools/useradd/64_useradd_locked_passwd/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/64_useradd_locked_passwd/config/etc/group41
-rw-r--r--tests/usertools/useradd/64_useradd_locked_passwd/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/64_useradd_locked_passwd/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/64_useradd_locked_passwd/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/64_useradd_locked_passwd/data/useradd.err2
-rwxr-xr-xtests/usertools/useradd/64_useradd_locked_passwd/useradd.test60
-rw-r--r--tests/usertools/useradd/65_useradd_locked_group/config.txt0
-rw-r--r--tests/usertools/useradd/65_useradd_locked_group/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/65_useradd_locked_group/config/etc/group41
-rw-r--r--tests/usertools/useradd/65_useradd_locked_group/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/65_useradd_locked_group/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/65_useradd_locked_group/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/65_useradd_locked_group/data/useradd.err2
-rwxr-xr-xtests/usertools/useradd/65_useradd_locked_group/useradd.test60
-rw-r--r--tests/usertools/useradd/66_useradd_locked_shadow/config.txt0
-rw-r--r--tests/usertools/useradd/66_useradd_locked_shadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/66_useradd_locked_shadow/config/etc/group41
-rw-r--r--tests/usertools/useradd/66_useradd_locked_shadow/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/66_useradd_locked_shadow/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/66_useradd_locked_shadow/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/66_useradd_locked_shadow/data/useradd.err2
-rwxr-xr-xtests/usertools/useradd/66_useradd_locked_shadow/useradd.test60
-rw-r--r--tests/usertools/useradd/67_useradd_locked_gshadow/config.txt0
-rw-r--r--tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/group41
-rw-r--r--tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/67_useradd_locked_gshadow/data/useradd.err2
-rwxr-xr-xtests/usertools/useradd/67_useradd_locked_gshadow/useradd.test60
-rw-r--r--tests/usertools/useradd/68_useradd-s_empty/config.txt10
-rw-r--r--tests/usertools/useradd/68_useradd-s_empty/config/etc/default/useradd36
-rw-r--r--tests/usertools/useradd/68_useradd-s_empty/config/etc/group41
-rw-r--r--tests/usertools/useradd/68_useradd-s_empty/config/etc/gshadow41
-rw-r--r--tests/usertools/useradd/68_useradd-s_empty/config/etc/passwd19
-rw-r--r--tests/usertools/useradd/68_useradd-s_empty/config/etc/shadow19
-rw-r--r--tests/usertools/useradd/68_useradd-s_empty/data/group42
-rw-r--r--tests/usertools/useradd/68_useradd-s_empty/data/gshadow42
-rw-r--r--tests/usertools/useradd/68_useradd-s_empty/data/passwd20
-rw-r--r--tests/usertools/useradd/68_useradd-s_empty/data/shadow20
-rwxr-xr-xtests/usertools/useradd/68_useradd-s_empty/useradd.test39
-rw-r--r--tests/usertools/userdel/01_userdel_usage/config.txt10
-rw-r--r--tests/usertools/userdel/01_userdel_usage/config/etc/default/useradd36
-rw-r--r--tests/usertools/userdel/01_userdel_usage/config/etc/group41
-rw-r--r--tests/usertools/userdel/01_userdel_usage/config/etc/gshadow41
-rw-r--r--tests/usertools/userdel/01_userdel_usage/config/etc/passwd19
-rw-r--r--tests/usertools/userdel/01_userdel_usage/config/etc/shadow19
-rw-r--r--tests/usertools/userdel/01_userdel_usage/data/usage.out10
-rwxr-xr-xtests/usertools/userdel/01_userdel_usage/userdel.test48
-rw-r--r--tests/usertools/userdel/02_userdel_usage_invalid_option/config.txt10
-rw-r--r--tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/default/useradd36
-rw-r--r--tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/group41
-rw-r--r--tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/gshadow41
-rw-r--r--tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/passwd19
-rw-r--r--tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/shadow19
-rw-r--r--tests/usertools/userdel/02_userdel_usage_invalid_option/data/usage.out11
-rwxr-xr-xtests/usertools/userdel/02_userdel_usage_invalid_option/userdel.test54
-rw-r--r--tests/usertools/userdel/03_userdel_usage_no_users/config.txt10
-rw-r--r--tests/usertools/userdel/03_userdel_usage_no_users/config/etc/default/useradd36
-rw-r--r--tests/usertools/userdel/03_userdel_usage_no_users/config/etc/group41
-rw-r--r--tests/usertools/userdel/03_userdel_usage_no_users/config/etc/gshadow41
-rw-r--r--tests/usertools/userdel/03_userdel_usage_no_users/config/etc/passwd19
-rw-r--r--tests/usertools/userdel/03_userdel_usage_no_users/config/etc/shadow19
-rw-r--r--tests/usertools/userdel/03_userdel_usage_no_users/data/usage.out10
-rwxr-xr-xtests/usertools/userdel/03_userdel_usage_no_users/userdel.test54
-rw-r--r--tests/usertools/userdel/04_userdel_usage_2_users/config.txt10
-rw-r--r--tests/usertools/userdel/04_userdel_usage_2_users/config/etc/default/useradd36
-rw-r--r--tests/usertools/userdel/04_userdel_usage_2_users/config/etc/group41
-rw-r--r--tests/usertools/userdel/04_userdel_usage_2_users/config/etc/gshadow41
-rw-r--r--tests/usertools/userdel/04_userdel_usage_2_users/config/etc/passwd19
-rw-r--r--tests/usertools/userdel/04_userdel_usage_2_users/config/etc/shadow19
-rw-r--r--tests/usertools/userdel/04_userdel_usage_2_users/data/usage.out10
-rwxr-xr-xtests/usertools/userdel/04_userdel_usage_2_users/userdel.test54
-rw-r--r--tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config.txt1
-rw-r--r--tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/default/useradd36
-rw-r--r--tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/group43
-rw-r--r--tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/gshadow43
-rw-r--r--tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/login.defs335
-rw-r--r--tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/passwd21
-rw-r--r--tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/shadow21
-rw-r--r--tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/group43
-rw-r--r--tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/gshadow43
-rw-r--r--tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/passwd20
-rw-r--r--tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/shadow20
-rwxr-xr-xtests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test39
-rw-r--r--tests/usertools/userdel/06_userdel_no_usergroup/config.txt1
-rw-r--r--tests/usertools/userdel/06_userdel_no_usergroup/config/etc/default/useradd36
-rw-r--r--tests/usertools/userdel/06_userdel_no_usergroup/config/etc/group43
-rw-r--r--tests/usertools/userdel/06_userdel_no_usergroup/config/etc/gshadow43
-rw-r--r--tests/usertools/userdel/06_userdel_no_usergroup/config/etc/login.defs335
-rw-r--r--tests/usertools/userdel/06_userdel_no_usergroup/config/etc/passwd21
-rw-r--r--tests/usertools/userdel/06_userdel_no_usergroup/config/etc/shadow21
-rw-r--r--tests/usertools/userdel/06_userdel_no_usergroup/data/group43
-rw-r--r--tests/usertools/userdel/06_userdel_no_usergroup/data/gshadow43
-rw-r--r--tests/usertools/userdel/06_userdel_no_usergroup/data/passwd20
-rw-r--r--tests/usertools/userdel/06_userdel_no_usergroup/data/shadow20
-rwxr-xr-xtests/usertools/userdel/06_userdel_no_usergroup/userdel.test39
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/config.txt1
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/default/useradd36
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/group44
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/gshadow44
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/login.defs335
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/passwd21
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/shadow21
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/data/group44
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/data/gshadow44
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/data/passwd20
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/data/shadow20
-rw-r--r--tests/usertools/userdel/07_userdel_usergroup_not_primary/data/userdel.out1
-rwxr-xr-xtests/usertools/userdel/07_userdel_usergroup_not_primary/userdel.test48
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/config.txt1
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/default/useradd36
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/group43
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/gshadow43
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/login.defs335
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/passwd21
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/shadow21
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/group43
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/gshadow43
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/passwd20
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/shadow20
-rw-r--r--tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/userdel.out1
-rwxr-xr-xtests/usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test48
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config.txt1
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/default/useradd36
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/group43
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/gshadow43
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/login.defs335
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/passwd21
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/shadow21
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/group43
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/gshadow43
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/passwd20
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/shadow20
-rw-r--r--tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/userdel.out1
-rwxr-xr-xtests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test48
-rw-r--r--tests/usertools/userdel/10_userdel_del_homedir_symlink/config.txt1
-rw-r--r--tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/default/useradd36
-rw-r--r--tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/group42
-rw-r--r--tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/gshadow42
-rw-r--r--tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/passwd20
-rw-r--r--tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/shadow20
-rw-r--r--tests/usertools/userdel/10_userdel_del_homedir_symlink/data/group41
-rw-r--r--tests/usertools/userdel/10_userdel_del_homedir_symlink/data/gshadow41
-rw-r--r--tests/usertools/userdel/10_userdel_del_homedir_symlink/data/passwd19
-rw-r--r--tests/usertools/userdel/10_userdel_del_homedir_symlink/data/shadow19
-rw-r--r--tests/usertools/userdel/10_userdel_del_homedir_symlink/data/userdel.err1
-rwxr-xr-xtests/usertools/userdel/10_userdel_del_homedir_symlink/userdel.test72
-rw-r--r--tests/usertools/usermod/01_usermod-p_no_shadow_file/config.txt2
-rw-r--r--tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/group42
-rw-r--r--tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/01_usermod-p_no_shadow_file/data/passwd20
-rwxr-xr-xtests/usertools/usermod/01_usermod-p_no_shadow_file/usermod.test43
-rw-r--r--tests/usertools/usermod/02_usermod-p_no_shadow_entry/config.txt2
-rw-r--r--tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/group42
-rw-r--r--tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/02_usermod-p_no_shadow_entry/data/passwd20
-rwxr-xr-xtests/usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test39
-rw-r--r--tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config.txt2
-rw-r--r--tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/group42
-rw-r--r--tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/data/shadow20
-rwxr-xr-xtests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test39
-rw-r--r--tests/usertools/usermod/04_usermod_lock_already_locked_password1/config.txt2
-rw-r--r--tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/group42
-rw-r--r--tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/shadow20
-rwxr-xr-xtests/usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test39
-rw-r--r--tests/usertools/usermod/05_usermod_lock_already_locked_password2/config.txt2
-rw-r--r--tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/group42
-rw-r--r--tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/05_usermod_lock_already_locked_password2/data/shadow20
-rwxr-xr-xtests/usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test39
-rw-r--r--tests/usertools/usermod/06_usermod_lock_already_locked_password3/config.txt2
-rw-r--r--tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/group42
-rw-r--r--tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/shadow19
-rwxr-xr-xtests/usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test39
-rw-r--r--tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config.txt2
-rw-r--r--tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/group42
-rw-r--r--tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/shadow20
-rwxr-xr-xtests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test39
-rw-r--r--tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config.txt2
-rw-r--r--tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/group42
-rw-r--r--tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/data/shadow20
-rwxr-xr-xtests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test39
-rw-r--r--tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config.txt2
-rw-r--r--tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/group42
-rw-r--r--tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/shadow19
-rwxr-xr-xtests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test39
-rw-r--r--tests/usertools/usermod/10_usermod_usage/config.txt10
-rw-r--r--tests/usertools/usermod/10_usermod_usage/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/10_usermod_usage/config/etc/group41
-rw-r--r--tests/usertools/usermod/10_usermod_usage/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/10_usermod_usage/config/etc/passwd19
-rw-r--r--tests/usertools/usermod/10_usermod_usage/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/10_usermod_usage/data/usage.out30
-rwxr-xr-xtests/usertools/usermod/10_usermod_usage/usermod.test48
-rw-r--r--tests/usertools/usermod/11_usermod_usage_bad_option/config.txt10
-rw-r--r--tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/group41
-rw-r--r--tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/passwd19
-rw-r--r--tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/11_usermod_usage_bad_option/data/usage.out31
-rwxr-xr-xtests/usertools/usermod/11_usermod_usage_bad_option/usermod.test54
-rw-r--r--tests/usertools/usermod/12_usermod_usage_bad-f/config.txt10
-rw-r--r--tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/group41
-rw-r--r--tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/passwd19
-rw-r--r--tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/12_usermod_usage_bad-f/data/usermod.err1
-rwxr-xr-xtests/usertools/usermod/12_usermod_usage_bad-f/usermod.test54
-rw-r--r--tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config.txt10
-rw-r--r--tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/group41
-rw-r--r--tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/passwd19
-rw-r--r--tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/13_usermod_usage_bad-f_negativ/data/usermod.err1
-rwxr-xr-xtests/usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test54
-rw-r--r--tests/usertools/usermod/14_usermod_usage_no_options/config.txt10
-rw-r--r--tests/usertools/usermod/14_usermod_usage_no_options/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/14_usermod_usage_no_options/config/etc/group41
-rw-r--r--tests/usertools/usermod/14_usermod_usage_no_options/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/14_usermod_usage_no_options/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/14_usermod_usage_no_options/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/14_usermod_usage_no_options/data/usage.out31
-rwxr-xr-xtests/usertools/usermod/14_usermod_usage_no_options/usermod.test54
-rw-r--r--tests/usertools/usermod/15_usermod_usage_no_user/config.txt10
-rw-r--r--tests/usertools/usermod/15_usermod_usage_no_user/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/15_usermod_usage_no_user/config/etc/group41
-rw-r--r--tests/usertools/usermod/15_usermod_usage_no_user/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/15_usermod_usage_no_user/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/15_usermod_usage_no_user/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/15_usermod_usage_no_user/data/usage.out30
-rwxr-xr-xtests/usertools/usermod/15_usermod_usage_no_user/usermod.test54
-rw-r--r--tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config.txt10
-rw-r--r--tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/group41
-rw-r--r--tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/data/usage.out1
-rwxr-xr-xtests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test58
-rw-r--r--tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config.txt10
-rw-r--r--tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/group41
-rw-r--r--tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/data/usage.out1
-rwxr-xr-xtests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test58
-rw-r--r--tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config.txt10
-rw-r--r--tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/group41
-rw-r--r--tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/18_usermod_usage-L-p_exclusive/data/usage.out31
-rwxr-xr-xtests/usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test54
-rw-r--r--tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config.txt10
-rw-r--r--tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/group41
-rw-r--r--tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/19_usermod_usage-L-U_exclusive/data/usage.out31
-rwxr-xr-xtests/usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test54
-rw-r--r--tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config.txt10
-rw-r--r--tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/group41
-rw-r--r--tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/20_usermod_usage-p-U_exclusive/data/usage.out31
-rwxr-xr-xtests/usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test54
-rw-r--r--tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config.txt6
-rw-r--r--tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/group42
-rw-r--r--tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/group42
-rw-r--r--tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/passwd20
-rw-r--r--tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/shadow20
-rwxr-xr-xtests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test43
-rw-r--r--tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config.txt10
-rw-r--r--tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/group41
-rw-r--r--tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/22_usermod_usage_rename_invalid_username/data/usage.out1
-rwxr-xr-xtests/usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test54
-rw-r--r--tests/usertools/usermod/23_usermod-e_date/config.txt2
-rw-r--r--tests/usertools/usermod/23_usermod-e_date/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/23_usermod-e_date/config/etc/group42
-rw-r--r--tests/usertools/usermod/23_usermod-e_date/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/23_usermod-e_date/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/23_usermod-e_date/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/23_usermod-e_date/data/shadow20
-rwxr-xr-xtests/usertools/usermod/23_usermod-e_date/usermod.test39
-rw-r--r--tests/usertools/usermod/24_usermod-e_date/config.txt2
-rw-r--r--tests/usertools/usermod/24_usermod-e_date/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/24_usermod-e_date/config/etc/group42
-rw-r--r--tests/usertools/usermod/24_usermod-e_date/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/24_usermod-e_date/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/24_usermod-e_date/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/24_usermod-e_date/data/shadow20
-rwxr-xr-xtests/usertools/usermod/24_usermod-e_date/usermod.test39
-rw-r--r--tests/usertools/usermod/25_usermod-e_empty_arg/config.txt2
-rw-r--r--tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/group42
-rw-r--r--tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/25_usermod-e_empty_arg/data/shadow20
-rwxr-xr-xtests/usertools/usermod/25_usermod-e_empty_arg/usermod.test39
-rw-r--r--tests/usertools/usermod/26_usermod-e-1/config.txt2
-rw-r--r--tests/usertools/usermod/26_usermod-e-1/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/26_usermod-e-1/config/etc/group42
-rw-r--r--tests/usertools/usermod/26_usermod-e-1/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/26_usermod-e-1/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/26_usermod-e-1/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/26_usermod-e-1/data/shadow20
-rwxr-xr-xtests/usertools/usermod/26_usermod-e-1/usermod.test39
-rw-r--r--tests/usertools/usermod/27_usermod-e_invalid1/config.txt2
-rw-r--r--tests/usertools/usermod/27_usermod-e_invalid1/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/27_usermod-e_invalid1/config/etc/group42
-rw-r--r--tests/usertools/usermod/27_usermod-e_invalid1/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/27_usermod-e_invalid1/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/27_usermod-e_invalid1/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/27_usermod-e_invalid1/data/usermod.err1
-rwxr-xr-xtests/usertools/usermod/27_usermod-e_invalid1/usermod.test54
-rw-r--r--tests/usertools/usermod/28_usermod-e_invalid2/config.txt2
-rw-r--r--tests/usertools/usermod/28_usermod-e_invalid2/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/28_usermod-e_invalid2/config/etc/group42
-rw-r--r--tests/usertools/usermod/28_usermod-e_invalid2/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/28_usermod-e_invalid2/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/28_usermod-e_invalid2/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/28_usermod-e_invalid2/data/usermod.err1
-rwxr-xr-xtests/usertools/usermod/28_usermod-e_invalid2/usermod.test54
-rw-r--r--tests/usertools/usermod/29_usermod_no_changes/config.txt10
-rw-r--r--tests/usertools/usermod/29_usermod_no_changes/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/29_usermod_no_changes/config/etc/group41
-rw-r--r--tests/usertools/usermod/29_usermod_no_changes/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/29_usermod_no_changes/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/29_usermod_no_changes/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/29_usermod_no_changes/data/usermod.err1
-rwxr-xr-xtests/usertools/usermod/29_usermod_no_changes/usermod.test48
-rw-r--r--tests/usertools/usermod/30_usermod_usage-a_without-G/config.txt10
-rw-r--r--tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/group41
-rw-r--r--tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/30_usermod_usage-a_without-G/data/usage.out31
-rwxr-xr-xtests/usertools/usermod/30_usermod_usage-a_without-G/usermod.test54
-rw-r--r--tests/usertools/usermod/31_usermod_usage-o_without-u/config.txt10
-rw-r--r--tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/group41
-rw-r--r--tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/31_usermod_usage-o_without-u/data/usage.out31
-rwxr-xr-xtests/usertools/usermod/31_usermod_usage-o_without-u/usermod.test55
-rw-r--r--tests/usertools/usermod/32_usermod_usage-m_without-d/config.txt10
-rw-r--r--tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/group41
-rw-r--r--tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/gshadow41
-rw-r--r--tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/32_usermod_usage-m_without-d/data/usage.out31
-rwxr-xr-xtests/usertools/usermod/32_usermod_usage-m_without-d/usermod.test54
-rw-r--r--tests/usertools/usermod/33_usermod_change_shell/config.txt2
-rw-r--r--tests/usertools/usermod/33_usermod_change_shell/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/33_usermod_change_shell/config/etc/group42
-rw-r--r--tests/usertools/usermod/33_usermod_change_shell/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/33_usermod_change_shell/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/33_usermod_change_shell/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/33_usermod_change_shell/data/passwd20
-rwxr-xr-xtests/usertools/usermod/33_usermod_change_shell/usermod.test39
-rw-r--r--tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config.txt2
-rw-r--r--tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/group42
-rw-r--r--tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/data/shadow20
-rwxr-xr-xtests/usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test39
-rw-r--r--tests/usertools/usermod/35_usermod-f_no_shadow_entry/config.txt2
-rw-r--r--tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/group42
-rw-r--r--tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/shadow19
-rw-r--r--tests/usertools/usermod/35_usermod-f_no_shadow_entry/data/shadow20
-rwxr-xr-xtests/usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test39
-rw-r--r--tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config.txt1
-rw-r--r--tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/group42
-rw-r--r--tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a3
-rw-r--r--tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a22
-rw-r--r--tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/passwd20
-rw-r--r--tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/usermod.err1
-rwxr-xr-xtests/usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test84
-rw-r--r--tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config.txt1
-rw-r--r--tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/group42
-rw-r--r--tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/37_usermod_move_nonexistent_homedir/data/passwd20
-rwxr-xr-xtests/usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test47
-rw-r--r--tests/usertools/usermod/38_usermod-u_lastlog_not_created/config.txt1
-rw-r--r--tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/group42
-rw-r--r--tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/38_usermod-u_lastlog_not_created/data/passwd20
-rwxr-xr-xtests/usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test48
-rw-r--r--tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config.txt1
-rw-r--r--tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/group42
-rw-r--r--tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/data/passwd20
-rwxr-xr-xtests/usertools/usermod/39_usermod-u_copy_lastlog_entry/login.exp13
-rwxr-xr-xtests/usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test66
-rw-r--r--tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config.txt1
-rw-r--r--tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/group43
-rw-r--r--tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/passwd21
-rw-r--r--tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/shadow21
-rw-r--r--tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/group42
-rw-r--r--tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/passwd20
-rw-r--r--tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/shadow20
-rwxr-xr-xtests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/login.exp13
-rwxr-xr-xtests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test74
-rw-r--r--tests/usertools/usermod/41_usermod-u_faillog_not_created/config.txt1
-rw-r--r--tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/group42
-rw-r--r--tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/41_usermod-u_faillog_not_created/data/passwd20
-rwxr-xr-xtests/usertools/usermod/41_usermod-u_faillog_not_created/usermod.test48
-rw-r--r--tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config.txt1
-rw-r--r--tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/group42
-rw-r--r--tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/pam.d/login111
-rw-r--r--tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/42_usermod-u_copy_faillog_entry/data/passwd20
-rwxr-xr-xtests/usertools/usermod/42_usermod-u_copy_faillog_entry/login.exp17
-rwxr-xr-xtests/usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test66
-rw-r--r--tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config.txt1
-rw-r--r--tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/group43
-rw-r--r--tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/pam.d/login111
-rw-r--r--tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/passwd21
-rw-r--r--tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/shadow21
-rw-r--r--tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/group42
-rw-r--r--tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/passwd20
-rw-r--r--tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/shadow20
-rwxr-xr-xtests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/login.exp17
-rwxr-xr-xtests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test75
-rw-r--r--tests/usertools/usermod/44_usermod-l_move_mailbox/config.txt1
-rw-r--r--tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/group42
-rw-r--r--tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/44_usermod-l_move_mailbox/data/mailbox.perms1
-rw-r--r--tests/usertools/usermod/44_usermod-l_move_mailbox/data/passwd20
-rw-r--r--tests/usertools/usermod/44_usermod-l_move_mailbox/data/shadow20
-rw-r--r--tests/usertools/usermod/44_usermod-l_move_mailbox/test1
-rwxr-xr-xtests/usertools/usermod/44_usermod-l_move_mailbox/usermod.test57
-rw-r--r--tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config.txt1
-rw-r--r--tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/group42
-rw-r--r--tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/mailbox.perms1
-rw-r--r--tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/passwd20
-rwxr-xr-xtests/usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test54
-rw-r--r--tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config.txt1
-rw-r--r--tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/group43
-rw-r--r--tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/gshadow43
-rw-r--r--tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/passwd21
-rw-r--r--tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/shadow21
-rw-r--r--tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/mailbox.perms1
-rw-r--r--tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/passwd21
-rw-r--r--tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/usermod.err1
-rwxr-xr-xtests/usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test63
-rw-r--r--tests/usertools/usermod/47_usermod-u_default_maildir/config.txt1
-rw-r--r--tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/group42
-rw-r--r--tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/login.defs335
-rw-r--r--tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/47_usermod-u_default_maildir/data/mailbox.perms1
-rw-r--r--tests/usertools/usermod/47_usermod-u_default_maildir/data/passwd20
-rwxr-xr-xtests/usertools/usermod/47_usermod-u_default_maildir/usermod.test54
-rw-r--r--tests/usertools/usermod/48_usermod-u_MAIL_FILE/config.txt1
-rw-r--r--tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/group42
-rw-r--r--tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/login.defs335
-rw-r--r--tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/mailbox.perms1
-rw-r--r--tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/passwd20
-rwxr-xr-xtests/usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test54
-rw-r--r--tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config.txt1
-rw-r--r--tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/group43
-rw-r--r--tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/gshadow43
-rw-r--r--tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/home_ls-a12
-rw-r--r--tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/passwd20
-rwxr-xr-xtests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test87
-rw-r--r--tests/usertools/usermod/50_usermod_change_uid+move_homedir/config.txt1
-rw-r--r--tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/group42
-rw-r--r--tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/home_ls-a5
-rw-r--r--tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/passwd20
-rwxr-xr-xtests/usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test62
-rw-r--r--tests/usertools/usermod/51_usermod_change_gid+move_homedir/config.txt1
-rw-r--r--tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/group43
-rw-r--r--tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/gshadow43
-rw-r--r--tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/home_ls-a3
-rw-r--r--tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/passwd20
-rwxr-xr-xtests/usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test58
-rw-r--r--tests/usertools/usermod/52_usermod_move_homedir_symlink/config.txt1
-rw-r--r--tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/default/useradd36
-rw-r--r--tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/group42
-rw-r--r--tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/gshadow42
-rw-r--r--tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/passwd20
-rw-r--r--tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/shadow20
-rw-r--r--tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a3
-rw-r--r--tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a22
-rw-r--r--tests/usertools/usermod/52_usermod_move_homedir_symlink/data/passwd20
-rw-r--r--tests/usertools/usermod/52_usermod_move_homedir_symlink/data/usermod.err1
-rwxr-xr-xtests/usertools/usermod/52_usermod_move_homedir_symlink/usermod.test75
10550 files changed, 693257 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..80cc16c
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,50 @@
+*~
+lib*.a
+*.o
+*.lo
+*.la
+*.gmo
+.deps
+.libs
+
+*.patch
+*.rej
+*.orig
+
+Makefile
+Makefile.in
+
+/ABOUT-NLS
+/aclocal.m4
+/autom4te.cache
+/compile
+/config.cache
+/config.guess
+/config.h
+/config.h.in
+/config.log
+/config.rpath
+/config.status
+/config.sub
+/configure
+/depcomp
+/install-sh
+/libtool
+/ltmain.sh
+/m4
+/missing
+/stamp-h1
+/ylwrap
+
+/po/*.header
+/po/*.sed
+/po/*.sin
+/po/Makefile.in.in
+/po/Makevars.template
+/po/POTFILES
+/po/Rules-quot
+/po/stamp-po
+
+/shadow.spec
+/shadow-*.tar.*
+/libmisc/getdate.c
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..4fe0ad2
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,20 @@
+sudo: false
+
+language: c
+
+compiler:
+ - gcc
+ - clang
+
+addons:
+ apt:
+ packages:
+ - autopoint
+ - xsltproc
+
+script:
+ - ./autogen.sh --without-selinux --disable-man
+ - grep ENABLE_ config.status
+ - make
+
+# vim:et:ts=2:sw=2
diff --git a/COPYING b/COPYING
new file mode 100644
index 0000000..88bd403
--- /dev/null
+++ b/COPYING
@@ -0,0 +1,118 @@
+NOTE:
+ This license has been obsoleted by the change to the BSD-style copyright.
+ You may continue to use this license if you wish, but you are under no
+ obligation to do so.
+
+(*
+This document is freely plagiarised from the 'Artistic Licence',
+distributed as part of the Perl v4.0 kit by Larry Wall, which is
+available from most major archive sites. I stole it from CrackLib.
+
+ $Id$
+*)
+
+This documents purpose is to state the conditions under which this
+Package (See definition below) viz: "Shadow", the Shadow Password Suite
+which is held by Julianne Frances Haugh, may be copied, such that the
+copyright holder maintains some semblance of artistic control over the
+development of the package, while giving the users of the package the
+right to use and distribute the Package in a more-or-less customary
+fashion, plus the right to make reasonable modifications.
+
+So there.
+
+***************************************************************************
+
+Definitions:
+
+
+A "Package" refers to the collection of files distributed by the
+Copyright Holder, and derivatives of that collection of files created
+through textual modification, or segments thereof.
+
+"Standard Version" refers to such a Package if it has not been modified,
+or has been modified in accordance with the wishes of the Copyright
+Holder.
+
+"Copyright Holder" is whoever is named in the copyright or copyrights
+for the package.
+
+"You" is you, if you're thinking about copying or distributing this
+Package.
+
+"Reasonable copying fee" is whatever you can justify on the basis of
+media cost, duplication charges, time of people involved, and so on.
+(You will not be required to justify it to the Copyright Holder, but
+only to the computing community at large as a market that must bear the
+fee.)
+
+"Freely Available" means that no fee is charged for the item itself,
+though there may be fees involved in handling the item. It also means
+that recipients of the item may redistribute it under the same
+conditions they received it.
+
+
+1. You may make and give away verbatim copies of the source form of the
+Standard Version of this Package without restriction, provided that you
+duplicate all of the original copyright notices and associated
+disclaimers.
+
+2. You may apply bug fixes, portability fixes and other modifications
+derived from the Public Domain or from the Copyright Holder. A Package
+modified in such a way shall still be considered the Standard Version.
+
+3. You may otherwise modify your copy of this Package in any way,
+provided that you insert a prominent notice in each changed file stating
+how and when AND WHY you changed that file, and provided that you do at
+least ONE of the following:
+
+a) place your modifications in the Public Domain or otherwise make them
+Freely Available, such as by posting said modifications to Usenet or an
+equivalent medium, or placing the modifications on a major archive site
+such as uunet.uu.net, or by allowing the Copyright Holder to include
+your modifications in the Standard Version of the Package.
+
+b) use the modified Package only within your corporation or organization.
+
+c) rename any non-standard executables so the names do not conflict with
+standard executables, which must also be provided, and provide separate
+documentation for each non-standard executable that clearly documents
+how it differs from the Standard Version.
+
+d) make other distribution arrangements with the Copyright Holder.
+
+4. You may distribute the programs of this Package in object code or
+executable form, provided that you do at least ONE of the following:
+
+a) distribute a Standard Version of the executables and library files,
+together with instructions (in the manual page or equivalent) on where
+to get the Standard Version.
+
+b) accompany the distribution with the machine-readable source of the
+Package with your modifications.
+
+c) accompany any non-standard executables with their corresponding
+Standard Version executables, giving the non-standard executables
+non-standard names, and clearly documenting the differences in manual
+pages (or equivalent), together with instructions on where to get the
+Standard Version.
+
+d) make other distribution arrangements with the Copyright Holder.
+
+5. You may charge a reasonable copying fee for any distribution of this
+Package. You may charge any fee you choose for support of this Package.
+YOU MAY NOT CHARGE A FEE FOR THIS PACKAGE ITSELF. However, you may
+distribute this Package in aggregate with other (possibly commercial)
+programs as part of a larger (possibly commercial) software distribution
+provided that YOU DO NOT ADVERTISE this package as a product of your
+own.
+
+6. The name of the Copyright Holder may not be used to endorse or
+promote products derived from this software without specific prior
+written permission.
+
+7. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+
+ The End
diff --git a/ChangeLog b/ChangeLog
new file mode 100644
index 0000000..f05a303
--- /dev/null
+++ b/ChangeLog
@@ -0,0 +1,15162 @@
+2016-05-17 Serge Hallyn <serge@hallyn.com>
+
+ * Release 4.5
+
+2016-05-17 Serge Hallyn <serge@hallyn.com>
+
+ * Patch from Tobias Stoeckmann fixing regression in previous CVE fix
+ preventing SIGTERM to su from being propagated to the job.
+ * Patch from Chris Lamb making sp_lstchg shadow field reproducible.
+ * Merge Russian translation updates from Yuri Kozlov
+ * Fix missing close of subuid file on error
+
+2016-02-23 Serge Hallyn <serge@hallyn.com>
+
+ * Merge patch by Tobias Stoeckmann <tobias@stoeckmann.org> to fix
+ the equivalent of util-linux CVE-2017-2616.
+
+2016-02-08 Serge Hallyn <serge@hallyn.com>
+
+ * Update Kazakh translations
+ * Consult configuration before calculating subuids
+ * Remove misplaced semicolon
+
+2016-01-29 Serge Hallyn <serge@hallyn.com>
+
+ * Patch from Fedora to improve performance with SSSD, Winbind,
+ or nss_ldap. (Tomas Mraz)
+ * Make sure knowndef_table is NULL-terminated. (Bernhard Rosenkränzer)
+
+2016-12-21 Serge Hallyn <serge@hallyn.com>
+
+ * Drop leading underscore from _COMMONIO_H and _SHADOWIO_H
+ * Fix readability in usermod error messages.
+ * Reset user in tallylog
+ * Add audit support to su
+
+2016-12-02 Serge Hallyn <serge@hallyn.com>
+
+ * changes since 4.4
+ - Use sizeof rather than hardcoding snprintf args
+ - Fix useradd improper default loading
+ - Update Vietnamese translations
+ - Update Polish translations
+ - Remove non-POSIX chmod option in Makefile
+ - Fix suidubins assignments
+ - Fix --add-subuids etc spelling in manpages
+ - Audit homedir ownership change.
+ - Print error on selinux file context update failure
+ - Keep original file perms when creating a backup
+
+ * (henceforth we'll update Changelog with each commit
+ and proper credit)
+
+2016-12-02 Serge Hallyn <serge@hallyn.com>
+
+ * Changes since 4.2.1:
+ - Documentation, error report and translations updates
+ - Replace path_max with 32
+ - User namespace support fixes/updates including:
+ - Correct sanity checks in newXidmap
+ - Fix building without subuid support
+ - Add /etc/subuid support for UID matching
+ - Support subuid for nonlocal users
+ - Default to 65536 subuid allocations
+ - Respect -r
+ - Check for range overflows
+ - Add tests from svn tree
+ - Use AC_CHECK_SIZEOF for uid_t size checks
+ - Accomodate missing /etc and login.defs
+ - Support FORCE_SHADOW
+ - Be more robust in hostile environment
+ - Allow removing a primary group
+ - Clear passwords on __pw_dup errors
+ - Memory leak fix in commonio_update and get_map_ranges
+ - Fix resource leak in syslog_sg
+ - Fix user busy error at userdel
+ - Support set/clear lastlog record via lastlog command
+ - Add --no-create-home as longopt for -M
+ - Fix signal races
+ - Reduce syslog priority of common usage events
+
+2013-08-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/vipw.c: After waitpid(), use errno only if waitpid returned
+ -1. Debian#688260
+ * src/vipw.c: Likewise for system().
+
+2013-08-23 victory <victory.deb@gmail.com>
+
+ * po/ja.po: Updated to 558t
+
+2013-08-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/shadow-man-pages.pot: Regenerated.
+ * man/po/*.po: Updated PO files.
+
+2013-08-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newgrp.1.xml: Fix encoding.
+ * man/sg.1.xml: Likewise.
+
+2013-08-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/da.po: Unfuzzy according to previous change.
+ * man/po/de.po: Likewise.
+ * man/po/fr.po: Likewise.
+ * man/po/it.po: Likewise.
+ * man/po/pl.po: Likewise.
+ * man/po/ru.po: Likewise.
+ * man/po/sv.po: Likewise.
+ * man/po/zh_CN.po: Likewise.
+
+2013-08-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/chage.1.xml: Add a non breaking space between options and
+ their parameter because xml2po removes those spaces. Alioth#314401
+ * man/chfn.1.xml: Likewise.
+ * man/chgpasswd.8.xml: Likewise.
+ * man/chpasswd.8.xml: Likewise.
+ * man/chsh.1.xml: Likewise.
+ * man/faillog.8.xml: Likewise.
+ * man/gpasswd.1.xml: Likewise.
+ * man/groupadd.8.xml: Likewise.
+ * man/groupdel.8.xml: Likewise.
+ * man/groupmems.8.xml: Likewise.
+ * man/groupmod.8.xml: Likewise.
+ * man/grpck.8.xml: Likewise.
+ * man/lastlog.8.xml: Likewise.
+ * man/newusers.8.xml: Likewise.
+ * man/passwd.1.xml: Likewise.
+ * man/pwck.8.xml: Likewise.
+ * man/pwconv.8.xml: Likewise.
+ * man/su.1.xml: Likewise.
+ * man/useradd.8.xml: Likewise.
+ * man/userdel.8.xml: Likewise.
+ * man/usermod.8.xml: Likewise.
+ * man/vipw.8.xml: Likewise.
+
+2013-08-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/shadow-man-pages.pot: Regenerated.
+ * man/po/*.po: Updated PO files.
+
+2013-08-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/de.po: Fix encoding.
+
+2013-08-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/subordinateio.c (subordinate_next): Fix return value.
+
+2013-08-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/idmapping.c: Include <stdio.h> needed for fprintf() and
+ stderr.
+
+2013-08-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/SUB_GID_COUNT.xml: Document newusers behavior
+ when the user already have subordinate group IDs.
+ * man/login.defs.d/SUB_UID_COUNT.xml: Likewise.
+ * man/login.defs.d/SUB_GID_COUNT.xml: Fix typo (MAX<->MIN).
+ * man/login.defs.d/SUB_UID_COUNT.xml: Likewise.
+
+2013-08-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Check early if /etc/subuid (/etc/subgid) exists
+ when option -v/-V (-w/-W) are provided.
+
+2013-08-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Fix parse of ranges. The hyphen might be followed
+ by a negative integer.
+
+2013-08-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/subordinateio.c (find_free_range): max is allowed for new
+ ranges.
+
+2013-08-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_sub_gids.c: Remove dead code.
+ find_new_sub_gids() is always called with *range_count set to 0.
+ It's more difficult to keep the subordinate GIDs and UIDs
+ synchronized, than for the user's UID/GId because the count of
+ subordinate IDs may differ.
+ * libmisc/find_new_sub_uids.c: Likewise.
+ * lib/subordinateio.h, lib/subordinateio.c: Remove APIs that are
+ no more needed: is_sub_uid_range_free(), is_sub_gid_range_free(),
+ is_range_free().
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Check if sizeof uid_t and gid_t is larger than 32
+ bit to support subordinate IDs.
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/subordinateio.c: Avoid dead branches.
+ * lib/subordinateio.c: Add schematics with ranges to help reviews.
+ * lib/subordinateio.c: Avoid implicit conversion of pointers and
+ integers to booleans.
+ * lib/subordinateio.c: Added brackets.
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/vipw.c: Fail in case arguments are provided after options.
+ Debian#677812
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/subordinateio.c: Fix count for ranges truncated in
+ remove_range().
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Terminate the child (if needed) before closing the PAM
+ session. This is probably more correct, and avoid reporting
+ termination from signals possibly sent by PAM modules (e.g. former
+ versions of pam_systemd). Debian#670132
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: When a SIGTSTP is caught, reset caught to 0. There is
+ no need to kill the child in such case after su is resumed. This
+ remove the "Session terminated, terminating shell...
+ ...terminated." messages in such case.
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newgidmap.1.xml: Document the checks performed before
+ setting the mapping in /proc.
+ * man/newuidmap.1.xml: Likewise.
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/idmapping.h: Document what the upper and lower fields
+ are in struct map_range.
+ * man/newgidmap.1.xml: Document when the gid, gidlower and count
+ argument are.
+ * man/newuidmap.1.xml: Likewise for uid, uidlower and count.
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c (shadow_random): Use long instead of size_t.
+ Compatibility with size_t is easier to check since it's used for
+ smaller numbers (salt size).
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupmem.c: Add splint annotations. The added memset makes
+ splint think data was allocated.
+ * lib/pwmem.c: Likewise.
+ * lib/sgroupio.c: Likewise.
+ * lib/shadowmem.c: Likewise.
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/SUB_GID_COUNT.xml: Document that the behavior
+ of useradd and newusers depends on the existence of /etc/subgid.
+ * man/login.defs.d/SUB_UID_COUNT.xml: Likewise for /etc/subuid.
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Change message in case of find_new_sub_uids /
+ find_new_sub_gids failure. This complements the messages already
+ provided by these APIs.
+
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/subordinateio.c: Fix handling of boundaries.
+ * libmisc/find_new_sub_uids.c: Likewise.
+ * libmisc/find_new_sub_gids.c: Likewise.
+
+2013-08-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/subordinateio.c: Fix removal of ranges. The database needs
+ to be marked as changed or commonio_close will discard any change.
+
+2013-08-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newusers.8.xml: Include documentation of SUB_GID_MIN,
+ SUB_GID_MAX, SUB_GID_COUNT, SUB_UID_MIN, SUB_UID_MAX,
+ SUB_UID_COUNT.
+ * man/useradd.8.xml: Likewise.
+ * man/usermod.8.xml: Likewise.
+ * man/newusers.8.xml: Document usage of /etc/subgid /etc/subuid.
+ * man/useradd.8.xml: Likewise.
+ * man/userdel.8.xml: Likewise.
+ * man/usermod.8.xml: Likewise.
+ * man/newusers.8.xml: Add references to subgid(5) and subuid(5).
+ * man/useradd.8.xml: Likewise.
+ * man/userdel.8.xml: Likewise.
+ * man/subgid.5.xml: Sort references alphabetically.
+ * man/subuid.5.xml: Likewise.
+ * man/subgid.5.xml: Add references to newusers(8), useradd(8),
+ userdel(8), usermod(8), user_namespaces(7).
+ * man/subuid.5.xml: Likewise.
+
+2013-08-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newgidmap.1.xml: Sort references alphabetically.
+ * man/newuidmap.1.xml: Likewise.
+
+2013-08-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Add configure options --enable-subordinate-ids /
+ --disable-subordinate-ids. Enabled by default.
+ * lib/prototypes.h: Include <config.h> before using its macros.
+ * lib/commonio.h, lib/commonio.c: Define commonio_append only when
+ ENABLE_SUBIDS is defined.
+ * lib/prototypes.h, libmisc/find_new_sub_gids.c,
+ libmisc/find_new_sub_uids.c: Likewise.
+ * lib/subordinateio.h, lib/subordinateio.c: Likewise.
+ * libmisc/user_busy.c: Only check if subordinate IDs are in use if
+ ENABLE_SUBIDS is defined.
+ * src/Makefile.am: Create newgidmap and newuidmap only if
+ ENABLE_SUBIDS is defined.
+ * src/newusers.c: Check for ENABLE_SUBIDS to enable support for
+ subordinate IDs.
+ * src/useradd.c: Likewise.
+ * src/userdel.c: Likewise.
+ * src/usermod.c: Likewise.
+ * man/Makefile.am: Install man1/newgidmap.1, man1/newuidmap.1,
+ man5/subgid.5, and man5/subuid.5 only if ENABLE_SUBIDS is defined.
+ * man/fr/Makefile.am: Install man1/newgidmap.1, man1/newuidmap.1,
+ man5/subgid.5, and man5/subuid.5 (not translated yet).
+ * man/generate_mans.mak: Add xsltproc conditionals
+ subids/no_subids.
+ * man/login.defs.d/SUB_GID_COUNT.xml: Add dependency on subids
+ condition.
+ * man/login.defs.d/SUB_UID_COUNT.xml: Likewise.
+ * man/usermod.8.xml: Document options for subordinate IDs and
+ reference subgid(5) / subuid(5) depending on the subids condition.
+
+2013-08-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c: Remove unused variable.
+
+2013-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c: Add include files needed for getaddrinfo().
+ See Alioth#314271
+
+2013-08-07 Mike Frysinger <vapier@gentoo.org>
+
+ * configure.in: Check at configure time whether libc supports
+ ruserok (support dropped by newer C libraries).
+
+2013-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/usermod.8.xml: Fix typos and wording.
+ * man/usermod.8.xml: Add references to subgid(5) and subuid(5).
+
+2013-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_sub_gids.c: Fix wording: secondary ->
+ subordinate.
+ * libmisc/find_new_sub_uids.c: Likewise.
+
+2013-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_sub_gids.c: Remove duplicate check (duplicate
+ at least in its intent).
+ * libmisc/find_new_sub_uids.c: Likewise.
+
+2013-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Fix typos.
+
+2013-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/subgid.5.xml: Reorder words.
+ * man/subuid.5.xml: Likewise.
+
+2013-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/subgid.5.xml: Fix typos.
+ * man/subuid.5.xml: Likewise.
+ * man/subgid.5.xml: Fix copy-paste errors from subuid.5.xml.
+
+2013-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newgidmap.1.xml: Remove copy-pasted NOTE.
+ * man/newuidmap.1.xml: Likewise.
+
+2013-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/subordinateio.c: Remove unused variables.
+
+2013-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/SUB_GID_COUNT.xml: Fix typo.
+ * man/login.defs.d/SUB_UID_COUNT.xml: Likewise.
+ * man/login.defs.d/SUB_UID_COUNT.xml: Fix copy-paste issue from
+ SUB_GID_COUNT.
+ * man/newgidmap.1.xml: Fix Typo.
+ * src/useradd.c: Fix typos.
+ * lib/subordinateio.c: Fix typos.
+
+2013-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ Fix Debian bug #675824
+ * lib/groupmem.c (__gr_dup): Support libc which define other
+ fields in struct group.
+ * lib/pwmem.c: Likewise for struct passwd.
+ * lib/shadowmem.c: Likewise for struct spwd.
+ * lib/sgroupio.c: Apply same logic, even if this structure is
+ defined internally.
+
+2013-08-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c: Revert change from 2013-07-29. The length of the
+ concatenated 2 lines was correct.
+
+2013-08-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c: random() max value is 2^31-1 (same as RAND_MAX
+ on GNU). As it is not clear whether on some systems the max value
+ can exceed this number and whether some systems have max values
+ which would be lower, we take this into account when defining the
+ salt size and number of rounds for SHA encrypted passwords. Higher
+ values are favored.
+
+2013-08-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/su.1.xml: With getopt, '-' does not need to be the last
+ option, but it is recommended for portability.
+ Closes https://bugs.launchpad.net/bugs/1100775
+
+2013-08-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: Add NEWS entries.
+
+2013-08-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/da.po: Fix translation (--home became --home-dir).
+ * man/po/de.po: Likewise.
+ * man/po/fr.po: Likewise.
+ * man/po/pl.po: Likewise.
+ * man/po/ru.po: Likewise.
+ * man/po/sv.po: Likewise.
+
+2013-08-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c (merge_group_entries): Do not allocate more than
+ necessary (sizeof char* instead of char).
+ Thanks for Tomáš Mráz (alioth#313962)
+ * lib/groupio.c (merge_group_entries): Document that new_members
+ is correctly NULL terminated. (alioth:#313940)
+
+2013-08-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * Changelog: Update documentation of 2013-07-28 mancha entry.
+ * lib/prototypes.h, lib/encrypt.c: Update splint marker,
+ pw_encrypt can return NULL.
+ * lib/encrypt.c: Fix outdated statement on GNU crypt.
+ * src/chgpasswd.c: Improve diagnostic to user when pw_encrypt
+ fails and use fail_exit() instead of exit().
+ * src/chpasswd.c: Likewise.
+ * src/newusers.c: Likewise.
+ * src/passwd.c: Likewise when new password is encrypted.
+ * src/newgrp.c: Improve diagnostic to user and syslog when
+ pw_encrypt fails. Do not apply 1s penalty as this is not an
+ invalid password issue.
+ * src/passwd.c: Likewise when password is checked.
+
+2013-08-02 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/setupenv.c: xstrdup the static char* temp_pw_dir /
+ temp_pw_shell. That way we can continue to use pw_free() without
+ segving. Thanks to Serge Hallyn for the patch.
+ * libmisc/setupenv.c: Free pw_dir and pw_shell before reallocating
+ them.
+
+2013-08-01 Yuri Kozlov <yuray@komyakino.ru>
+
+ * po/ru.po: completed translation
+ Closes: Debian#718356
+
+2013-07-29 Michael Scherer <misc-guest@alioth.debian.org>
+
+ * libmisc/root_flag.c: use chdir() before calling chroot() to
+ avoid potential security issue (see
+ http://www.bpfh.net/simes/computing/chroot-break.html)
+ Closes: alioth#313962
+
+2013-07-29 Christian Perrier <christian@perrier.eu.org>
+
+ * man/useradd.xml: use "--home-dir" instead of "--home"
+ Fix translations too.
+ Thanks to Ville Skyttä
+ Closes: alioth#313880
+
+2013-07-29 Ville Skyttä <scop-guest@alioth.debian.org>
+
+ * man/ja/man8/groupmod.8: Syntax fix
+ Closes: alioth#313785
+
+2013-07-29 Brad Hubbard <badone-guest@alioth.debian.org>
+
+ * lib/groupio.c: add newline char when two lines
+ are concatenated
+ Closes: alioth#313942
+ * lib/groupio.c: fix uninitialised memory in
+ merge_group_entries causes segfault in useradd by changing
+ a call to malloc to a call to calloc
+ Closes: alioth:#313940
+
+2013-07-28 Guido Trentalancia <guido@trentalancia.com>
+
+ * etc/login.defs: fix typographic errors and use a better format
+ Closes: Debian#685415
+
+2013-07-28 Simon Brandmair <sbrandmair@gmx.net>
+
+ * man/po/de.po: translation completed : 1203 translated messages
+ Closes: Debian#679152
+
+2013-07-28 mancha <mancha1@hush.com>
+
+ * lib/encrypt.c (pw_encrypt): crypt() in glibc/eglibc 2.17 now
+ fails if passed a salt that violates specs. On Linux, crypt() also
+ fails with DES/MD5 salts in FIPS140 mode. Rather than exit() on
+ NULL returns we send them back to the caller for appropriate
+ handling (instead of exiting). Closes: alioth#314234
+ * lib/pwauth.c: Handle NULL return from pw_crypt(), return non
+ zero (as in case of failure).
+ * libmisc/valid.c: Likewise.
+ * src/chgpasswd.c: Handle NULL return from pw_crypt(), report
+ crypt error to stderr and exit.
+ * src/chpasswd.c: Likewise.
+ * src/gpasswd.c: Likewise.
+ * src/newusers.c: Likewise.
+ * src/passwd.c: Likewise when new password is encrypted.
+ * src/newgrp.c: Handle NULL return from pw_crypt(), report crypt
+ error to stderr and syslog and return to report unchanged
+ password.
+ * src/passwd.c: Likewise when password is checked.
+
+2013-07-28 Christian Perrier <christian@perrier.eu.org>
+
+ * configure.in: Prepare for next point release 4.2.
+ * if using the static char* for pw_dir, strdup it so
+ pw_free() can be used. (Closes: Debian#691459, alioth#313957)
+ * Kill the child process group, rather than just the
+ immediate child; this is needed now that su no
+ longer starts a controlling terminal when not running an
+ interactive shell (closes: Debian#713979)
+ Thansk to Colin Watson for the patch.
+
+2012-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: Set release date.
+ * man/po/shadow-man-pages.pot: Regenerated.
+ * man/po/*.po: Updated PO files.
+
+2012-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/*.xml: Add author based on copyright statement.
+ * man/<ll>/*.[1358], man/<ll>/man[1358]/*.[1358],
+ man/<ll>/Makefile.am: Sort manpages per section as the generated
+ manpages.
+
+2012-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2012-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/Makefile.am, man/generate_mans.mak: Update clean targets,
+ due to the generation in separate sub folders.
+
+2012-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/su.1.xml: Document author to avoid warnings during
+ generation. This needs to be rolled out to other manpages.
+ * man/generate_mans.mak: Do not add a AUTHOR section in the man
+ pages.
+
+2012-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: non PAM enabled versions: do not fail if su is called
+ without a controlling terminal. Ignore ENXIO errors when opening
+ /dev/tty.
+
+2012-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Cleanup, return code 13 no more used.
+ * man/useradd.8.xml: Document return code 14, and remove return
+ code 13.
+
+2012-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, man/generate_mans.mak: Generate manpages in man1, man3,
+ man5, man8 subdirectories. This fix the generation of .so links
+ which did not point to a path relative to the top-level manual
+ hierarchy.
+ * man/generate_mans.mak: Update man paths accordingly.
+ * man/Makefile.am: Likewise.
+ * man/da/Makefile.am: Likewise.
+ * man/de/Makefile.am: Likewise.
+ * man/fr/Makefile.am: Likewise.
+ * man/it/Makefile.am: Likewise.
+ * man/pl/Makefile.am: Likewise.
+ * man/ru/Makefile.am: Likewise.
+ * man/sv/Makefile.am: Likewise.
+ * man/zh_CN/Makefile.am: Likewise.
+
+2012-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Prepare for next point release 4.1.5.1.
+
+2012-05-19 Nitin A Kamble <nitin.a.kamble@intel.com>
+
+ * configure.in: Remove deprecated AM_C_PROTOTYPES (no more
+ supported in automake 1.12).
+
+2012-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Keep the default file as much as possible to
+ avoid issue in case of crash. Use link instead of rename.
+
+2012-05-18 Peter Vrabec <pvrabec@redhat.com>
+
+ * lib/commonio.c: Fix labeling of /etc/{passwd,shadow,group,gshadow}.
+ It will basically label them with same context as
+ /etc/{passwd+,shadow+,group+,gshadow+}
+
+2012-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwunconv.c: Do not check spw_close() return value (file is
+ opened readonly).
+ * src/grpunconv.c: Do not check sgr_close() return value (file is
+ opened readonly).
+
+2012-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/userdel.c: Fix segfault when userdel removes the
+ user's group.
+
+2012-05-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/login.c: Log in utmp / utmpx / wtmp also when PAM is
+ enabled. This is not done by pam_lastlog. This was broken on
+ 2011-07-23.
+ * NEWS, libmisc/utmp.c: Do not log in wtmp when PAM is enabled.
+ This is done by pam_lastlog.
+
+2012-05-17 Christian Perrier <bubulle@Êebian.org>
+
+ * man/po/fr.po: French translation of manpages completed
+
+2012-05-17 Simon Brandmair <sbrandmair@gmx.net>
+
+ * man/po/de.po: German translation of manpages completed
+
+2012-02-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: New placeholder for the next release (4.1.5.1 expected)
+
+2012-04-15 Robert Luberda <robert@debian.org>
+
+ * man/po/pl.po: Complete translation of logoutd(8) in Polish.
+
+2012-02-13 Mike Frysinger <vapier@gentoo.org>
+
+ * src/passwd.c: (non PAM flavour) Report permission denied when
+ access to /etc/shadow fails with EACCES.
+
+2012-02-13 Mike Frysinger <vapier@gentoo.org>
+
+ * lib/nscd.c: Add missing newline to error message.
+ * lib/nscd.c: If nscd is installed but not in use, then running
+ `nscd -i` will exit(1). We shouldn't warn in this case since this
+ is not abnormal behavior.
+
+2012-02-13 Mike Frysinger <vapier@gentoo.org>
+
+ * man/.gitignore: Add generate_mans.deps
+
+2012-02-13 Mike Frysinger <vapier@gentoo.org>
+
+ * man/grpck.8.xml: Relocate space.
+
+2012-02-13 Mike Frysinger <vapier@gentoo.org>
+
+ * libmisc/copydir.c: Add missing #include <stdarg.h>
+
+2012-02-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: Set release date.
+
+2012-02-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2012-02-11 Giuseppe Sacco <eppesuig@debian.org>
+
+ * man/po/it.po: Updated after review.
+
+2012-02-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/it/Makefile.am: Activate all manpages.
+ * man/po/it.po: Fix formal issues (end of lines).
+
+2012-02-11 Giuseppe Sacco <eppesuig@debian.org>
+
+ * man/po/it.po: Updated to 1173t.
+
+2012-01-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/useradd.8.xml, man/su.1.xml, man/po/da.po, man/po/ru.po,
+ man/po/fr.po, man/po/de.po, man/po/sv.po, man/po/pl.po,
+ man/po/it.po, man/po/shadow-man-pages.pot, man/po/zh_CN.po: Fix
+ two typos. Thanks to Giuseppe Sacco. Unfuzzy translations
+ * po/kk.po, po/nb.po, po/el.po, po/ca.po, po/ja.po: Re-generate.
+ * man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml:
+ Fix typo.
+
+2012-01-28 Innocent De Marchi <tangram.peces@gmail.com>
+
+ * po/ca.po: Updated to 557t.
+
+2012-01-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, configure.in, man/da/Makefile.am, man/Makefile.am: Build
+ manpages with more than 50% translated messages.
+ * man/fr/Makefile.am: Add missing manpages: chgpasswd.8,
+ groupmems.8, nologin.8, sulogin.8.
+ * man/de/Makefile.am: Add missing manpages: chage.1, chgpasswd.8,
+ chpasswd.8, expiry.1, faillog.5, faillog.8, getspnam.3, gpasswd.1,
+ groupadd.8, groupdel.8, groupmems.8, groupmod.8, grpck.8,
+ grpconv.8, grpunconv.8, gshadow.5, lastlog.8, login.defs.5,
+ logoutd.8, newusers.8, nologin.8, pwck.8, pwconv.8, pwunconv.8,
+ sg.1, shadow.3, shadow.5, suauth.5, useradd.8, userdel.8,
+ usermod.8, limits.5, login.access.5, porttime.5, id.1, sulogin.8
+ * man/zh_CN/Makefile.am: Add missing manpages: chgpasswd.8,
+ groupmems.8, nologin.8, sulogin.8
+ * man/pl/Makefile.am, man/sv/Makefile.am, man/it/Makefile.am:
+ Translate only manpages with more than 50% translated messages.
+ * man/po/da.po: Do not translate names of manpages (newusers,
+ limits, groups)
+
+2012-01-28 Yuri Kozlov <yuray@komyakino.ru>
+
+ * man/po/ru.po: Updated to 1173t.
+
+2012-01-27 Thomas Blein <tblein@tblein.eu>
+
+ * po/fr.po: Updated to 557t.
+ * man/po/fr.po: Updated to 1173t.
+
+2012-01-26 Joe Hansen <joedalton2@yahoo.dk>
+
+ * po/da.po: Updated to 557t.
+ * man/po/da.po: Updated to 294t879u.
+
+2012-01-23 Thomas Vasileiou <thomas-v@wildmail.com>
+
+ * po/el.po: Updated to 553t.
+
+2012-01-22 Baurzhan Muftakhidinov <baurthefirst@gmail.com>
+
+ * po/kk.po: Updated to 557t.
+
+2012-01-21 Miguel Figueiredo <elmig@debianpt.org>
+
+ * po/pt.po: Updated to 557t.
+
+2012-01-19 Holger Wansing <linux@wansing-online.de>
+
+ * po/de.po: Updated to 557t.
+
+2012-01-18 Bjørn Steensrud <bjornst@skogkatt.homelinux.org>
+
+ * po/nb.po: Updated to 557t. Thanks also to Hans Fredrik Nordhaug.
+
+2012-01-16 NAKANO Takeo <nakano@webmasters.gr.jp>
+
+ * po/ja.po: Updated to 557t
+
+2012-01-16 Simon Brandmair <sbrandmair@gmx.net>
+
+ * man/po/de.po: Updated to 1173t.
+
+2012-01-14 YunQiang Su <wzssyqa@gmail.com>
+
+ * po/zh_CN.po: Updated to 551t2f4u
+ * man/po/zh_CN.po: Updated to 1026t15f132u
+
+2012-01-09 Yuri Kozlov <yuray@komyakino.ru>
+
+ * po/ru.po: Updated to 557t.
+
+2012-01-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2012-01-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: Cleanup.
+ * lib/selinux.c, lib/semanage.c: prototypes.h was not included.
+
+2011-12-09 Peter Vrabec <pvrabec@redhat.com>
+
+ * lib/prototypes.h, lib/Makefile.am, po/POTFILES.in,
+ libmisc/copydir.c, lib/selinux.c: Move set_selinux_file_context()
+ and reset_selinux_file_context() from libmisc/copydir.c to
+ lib/selinux.c.
+ * lib/commonio.c: Use set_selinux_file_context() and
+ reset_selinux_file_context() instead of using the existing
+ database SELinux context to set the context for the newly created
+ files.
+
+2011-12-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/vipw.c: Do not use a hardcoded program name in the usage
+ message.
+
+2011-12-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/ca.po, po/cs.po, po/da.po, po/de.po, po/es.po, po/eu.po,
+ po/fr.po, po/ja.po, po/kk.po, po/pt.po, po/pt_BR.po, po/ru.po,
+ po/sk.po, po/sv.po, po/vi.po, po/zh_CN.po: Quick unfuzzy.
+
+2011-12-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c, src/chpasswd.c, src/chgpasswd.c: Harmonize
+ usage messages.
+
+2011-12-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/Makefile.am, lib/prototypes.h, lib/selinux.c,
+ lib/semanage.c, po/POTFILES.in: Move lib/selinux.c to
+ lib/semanage.c.
+
+2011-11-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c, man/usermod.8.xml: usermod -Z "" removes the
+ SELinux user mapping for the modified user.
+ * src/useradd.c: Zflg is #defined as user_selinux non empty.
+
+2011-11-21 Peter Vrabec <pvrabec@redhat.com>
+
+ * libmisc/copydir.c: Ignore errors to copy ACLs if the operation
+ is not supported.
+
+2011-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/root_flag.c, src/gpasswd.c, src/chsh.c: Add splint
+ annotations.
+ * src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
+ Ignore return value of spw_rewind, pw_rewind, sgr_rewind, and
+ gr_rewind.
+ * lib/commonio.h: Both head and tail cannot be owned. Set tail as
+ dependent.
+ * src/expiry.c: Ignore return value of expire ().
+ * src/expiry.c: The catch_signals function does not use its sig
+ parameter.
+ * src/userdel.c: Last audit_logger parameter is a
+ shadow_audit_result, use SHADOW_AUDIT_FAILURE instead of 0.
+ * lib/selinux.c: vasprintf requires _GNU_SOURCE to be defined
+ before including stdio.h.
+ * src/chage.c: Cast 3rd date_to_str parameter to a time_t
+ * src/passwd.c: Add missing cast.
+ * lib/commonio.c: Avoid multiple statements per line.
+ * lib/commonio.c: Ignore fclose return value when the file was
+ open read only or was not changed, or if an error is already
+ reported.
+
+2011-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/faillog.c: The fail_max field is a short, use a short also
+ for the max argument of setmax / setmax_one.
+ * src/faillog.c: Fail with an error message when faillog fails to
+ write to the faillog database.
+
+2011-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/gpasswd.1.xml: Document the difference between the -r and -R
+ options.
+
+2011-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/useradd.8.xml, man/groupadd.8.xml, man/usermod.8.xml,
+ man/groupmod.8.xml: Avoid hardcoded values, and reference instead
+ the configuration options (e.g. UID_MIN)
+ * man/groupmod.8.xml, man/usermod.8.xml: Add missing reference to
+ login.defs
+ * man/login.defs.d/UID_MAX.xml, man/login.defs.d/SYS_UID_MAX.xml,
+ man/login.defs.d/GID_MAX.xml, man/login.defs.d/SYS_GID_MAX.xml:
+ Document the default values.
+
+2011-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: Change of group password enforces gshadow
+ password. Set /etc/group password to "x".
+
+2011-11-16 Peter Vrabec <pvrabec@redhat.com>
+
+ * NEWS, src/userdel.c, man/userdel.8.xml: Add option -Z/--selinux-user.
+ * libmisc/system.c, lib/prototypes.h, libmisc/Makefile.am: Removed
+ safe_system().
+ * lib/selinux.c, po/POTFILES.in, lib/prototypes.h,
+ lib/Makefile.am: Added helper functions for semanage.
+ * NEWS, README, src/useradd.c, src/usermod.c, src/userdel.c,
+ configure.in: Use libsemanage instead of semanage.
+
+2011-11-16 Peter Vrabec <pvrabec@redhat.com>
+
+ * src/Makefile.am: useradd may need the LIBATTR library.
+
+2011-11-16 Peter Vrabec <pvrabec@redhat.com>
+
+ * libmisc/copydir.c: Ignore perm_copy_file() errors with errno set
+ to ENOTSUP.
+
+2011-11-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Compilation fix when SHADOWGRP is not enabled.
+ * libmisc/root_flag.c: Add missing #include <stdio.h>
+
+2011-11-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2011-11-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
+ src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmems.c,
+ src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c,
+ src/usermod.c: Provide the PAM error
+ message instead of our own, and log error to syslog.
+ * src/groupmems.c: Exit with exit rather than fail_exit in usage().
+ * src/newusers.c: Check the number of arguments.
+ * src/newusers.c: Do not create the home directory when it is not
+ changed.
+ * src/useradd.c: Set the group password to "!" rather "x" if there
+ are no gshadow file.
+
+2011-11-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Removed pw_opened.
+ * src/pwck.c: optind cannot be greater than argc.
+ * src/pwck.c: If spw_opened, then is_shadow is implicitly set.
+ * src/pwck.c: Do not report passwd entry without x password and a
+ shadow entry in --quiet mode (no interaction with the caller)
+ * src/pwck.c: Do not check if the last password change is in the
+ future if the time is set to 0.
+
+2011-11-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/root_flag.c: Drop privileges before changing root. The
+ --root option should not be used by regular users for suid utils.
+ * libmisc/root_flag.c: Improve error messages.
+
+2011-11-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Compile fix for TCB.
+
+2011-11-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c: Avoid conflict with glibc. Rename error to
+ error_acl.
+
+2011-11-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newusers.8.xml: Document the optional file argument.
+ * man/newusers.8.xml: Fix the documentation of the inputs' format.
+
+2011-11-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupmod.8.xml: Document that the primary group of users may
+ be changed by groupmod -g.
+
+2011-11-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newusers.c, man/newusers.8.xml: Add --root option.
+
+2011-11-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/vipw.c: Remove unused variable a.
+
+2011-11-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/generate_mans.mak: The xml-config files do not depend on the
+ Makefile.
+
+2011-10-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c, src/chgpasswd.c, src/chpasswd.c, src/chsh.c,
+ src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c,
+ src/groupmems.c, src/groupmod.c, src/grpconv.c, src/grpunconv.c,
+ src/lastlog.c, src/newusers.c, src/passwd.c, src/pwconv.c,
+ src/pwunconv.c, src/su.c, src/useradd.c, src/userdel.c,
+ src/usermod.c, src/vipw.c: Align and sort options.
+
+2011-10-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/pwck.c, man/pwck.8.xm, src/grpck.c, man/grpck.8.xml:
+ Add --root option.
+
+2011-10-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/limits.5.xml, libmisc/limits.c: Sort limit identifiers.
+ * libmisc/limits.c: Fix support for the K limit identifier.
+ * libmisc/limits.c: Add missing default limit for L and U.
+
+2011-10-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c, man/pwck.8.xml: Add support for long options.
+ * src/pwck.c, man/pwck.8.xml: Add -h/--help option
+ * src/grpck.c, man/grpck.8.xml: Add support for long options.
+ * src/grpck.c, man/grpck.8.xml: Add -h/--help option
+
+2011-10-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/expiry.c, man/expiry.1.xml: Add support for long options.
+ * src/expiry.c, man/expiry.1.xml: Add -h/--help option
+
+2011-10-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chfn.c, man/chfn.1.xml: Add support for long options.
+ * src/chfn.c, man/chfn.1.xml: Add -u/--help option
+ * NEWS, src/chfn.c, man/chfn.1.xml: Add --root option.
+
+2011-10-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/vipw.c, man/vipw.8.xml: Add --root option.
+
+2011-10-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/faillog.c, man/faillog.8.xml: Add --root option.
+ * NEWS, src/lastlog.c, man/lastlog.8.xml: Likewise.
+ * src/faillog.c: Add Prog variable, and prefix error messages with
+ Prog rather than "faillog".
+ * src/lastlog.c: Likewise.
+ * src/lastlog.c: Split usage in smaller messages.
+
+2011-10-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/chage.c, man/chage.1.xml: Add --root option. Open
+ audit and syslog after the potential chroot. chage's usage split
+ in smaller messages.
+
+2011-10-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: re-indent.
+ * src/login.c: Fix support for sub-logins.
+
+2011-10-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/faillog.c, src/chage.c, src/newusers.c, src/su.c: The getopt
+ index of long options is not used.
+
+2011-10-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, libmisc/Makefile.am, libmisc/root_flag.c,
+ po/POTFILES.in: Add process_root_flag() to process the --root
+ option and chroot so that the chroot config is used and changes
+ are applied to the chroot.
+ * NEWS, src/useradd.c, man/useradd.8.xml: Add --root option. Open
+ audit after the potential chroot.
+ * NEWS, src/userdel.c, man/userdel.8.xml: Add --root option. Open
+ audit and syslog after the potential chroot. userdel's usage split
+ in smaller messages.
+ * NEWS, src/usermod.c, man/usermod.8.xml: Likewise
+ * NEWS, src/groupadd.c, man/groupadd.8.xml: Add --root option. Open
+ audit and syslog after the potential chroot.
+ * src/groupadd.c: Check atexit failures.
+ * src/groupadd.c: Return E_SUCCESS instead of exit'ing at the end
+ of main().
+ * NEWS, src/groupadd.c, man/groupadd.8.xml: Add --root option. Open
+ audit and syslog after the potential chroot.
+ * src/groupmod.c: The getopt index of long options is not used.
+ * src/groupdel.c: Add process_flags().
+ * src/groupdel.c, man/groupdel.8.xml: Add --help option.
+ * NEWS, src/groupdel.c, man/groupdel.8.xml: Add --root option. Open
+ audit and syslog after the potential chroot.
+ * src/groupdel.c: Check atexit failures.
+ * NEWS, src/pwconv.c, src/pwunconv.c, src/grpconv.c,
+ src/grpunconv.c, man/pwconv.8.xml: Add --root option.
+ * src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
+ Add --help option.
+ * src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
+ Add process_flags() and usage().
+ * NEWS, src/chpasswd.c, man/chpasswd.8.xml, src/chgpasswd.c,
+ man/chgpasswd.8.xml: Add --root option.
+ * src/chpasswd.c, src/chgpasswd.c: The getopt index of long
+ options is not used.
+ * NEWS, src/passwd.c, man/passwd.1.xml: Add --root option.
+ passwd's usage split in smaller messages.
+ * src/passwd.c: Call sanitize_env() before setting the locales.
+ * NEWS, src/groupmems.c, man/groupmems.8.xml: Add --root option.
+ Open syslog after the potential chroot.
+ * src/groupmems.c: The getopt index of long options is not used.
+ * NEWS, src/chsh.c, man/chsh.1.xml: Add --root option.
+ chsh's usage split in smaller messages.
+ * src/chsh.c: The getopt index of long options is not used.
+ * NEWS, src/gpasswd.c, man/gpasswd.1.xml: Add --root option.
+ * src/gpasswd.c: The getopt index of long options is not used.
+
+2011-10-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/ja/Makefile.am, man/fr/Makefile.am, man/ru/Makefile.am,
+ man/sv/Makefile.am, man/pl/Makefile.am, man/zh_CN/Makefile.am,
+ man/it/Makefile.am, man/Makefile.am: Include man_nopam in
+ EXTRA_DIST only when USE_PAM (they are already in man_MANS
+ otherwise).
+
+2011-10-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/su.1.xml: Document that su -c does not providea controlling
+ terminal.
+
+2011-10-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Fix typo.
+ * src/useradd.c: Likewise.
+ * lib/nscd.c: Remove unused variable.
+ * lib/prototypes.h, libmisc/cleanup.c, lib/spawn.c, src/chage.c:
+ Add splint annotations.
+ * src/sulogin.c (main): env is only used when USE_PAM is not set.
+
+2011-10-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/LOGIN_STRING.xml: Fix typo.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes, libmisc/basename.c (Basename): Input is a
+ constant string.
+ * lib/prototypes.h, lib/spawn.h, lib/spawn.c, src/userdel.c,
+ lib/nscd.c, lib/Makefile.am: Delete spawn.h. Move from spawn.h to
+ prototypes.h.
+ * src/userdel.c: Remove unused variables.
+ * lib/nscd.c: Remove unused header files.
+ * lib/nscd.c: Add the program name to error messages.
+ * lib/nscd.c: Indicate when nscd does not terminate normally (signal).
+ * lib/spawn.c: Updated header.
+ * lib/spawn.c: Flush stdout and stderr to avoid inheriting from
+ ongoing buffers.
+ * lib/spawn.c: Avoid implicit conversion of pointer to boolean.
+ * lib/spawn.c: Replace perror by a complete message.
+ * lib/spawn.c: Continue to wait for the child if another child
+ terminates.
+ * lib/prototypes.h: The name field from cleanup_info_mod is a
+ constant string. (username).
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/cleanup.c: Spawn children should no trigger cleanup
+ actions. Make sure only the parent (initial caller) perform the
+ cleanup actions.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c (SHA_salt_rounds): It is statically ensured that
+ the format fits in rounds_prefix.
+ * libmisc/loginprompt.c: Likewise.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpconv.c: Fail if not called correctly.
+ * src/grpconv.c: At the end of main, the passwd and shadow files
+ are locked. No need to check before unlocking. No need to set the
+ lock as false neither since there cannot be anymore failures.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c: EPOCH is not needed, it's converted to -1 by
+ strtoday(). But we need to support "-1" specifically.
+ * src/chage.c: Fix usage: LOGIN is mandatory.
+ * src/chage.c: Display disabled expiry or last change as "-1"
+ instead of 1969-12-31. 1969-12-31 is still supported as input from
+ the user.
+ * src/chage.c: Exit cleanly with fail_exit() (lock files were not
+ removed).
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Remove def_file. It was always set to
+ USER_DEFAULTS_FILE.
+ * src/useradd.c: Fix cut&paste issue causing bad warning when
+ the useradd.default file contains an invalid INACTIVE= value.
+ * src/useradd.c: Added missing end of line for rename errors.
+ * src/useradd.c: Added -D synopsis to the usage message.
+ * src/useradd.c: Do not scale_age(-1), just use -1.
+ * src/useradd.c: Added FIXME to be fixed later.
+ * src/useradd.c: Allow -e -1 when there is no shadow file.
+ * src/useradd.c: Fail, but do not print the usage message when the
+ -e argument is not valid.
+ * src/useradd.c: No need to check for oflg since uflg is
+ already checked.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Too much const were added on 2011-08-15. pw in
+ save_caller_context() is allocated and freed.
+ * src/su.c: Added missing #endif indication
+ * src/su.c (save_caller_context): password only needed if
+ SU_ACCESS and !USE_PAM.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: date_to_str() is always called with negativ set
+ to "never", remove this argument.
+ * src/usermod.c: Added missing cast for gr_free argument.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwconv.c: Fail if not called correctly.
+ * src/pwconv.c: At the end of main, the passwd and shadow files
+ are locked. No need to check before unlocking.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Initially set the passwd's password to '*'
+ instead of 'x'. Only when it is confirmed that a shadow entry is
+ (will be) added, set the passwd's password to 'x'.
+ * src/newusers.c: An invalid line is an error. A failure needs to
+ be reported.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: Remove log_gpasswd_success_gshadow(). Writing in
+ gshadow is the last sub-task.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chsh.c: No needto remove lines tarting with '#' from
+ /etc/shells. This is already done by getusershell() and these
+ shell would fail the access(X_OK) test.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/generate_mans.mak: Fix the generation of translated man
+ pages. xml2po removed the comment from empty headers and the
+ config was no more inserted.
+
+2011-09-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/chage.1.xml: The LOGIN argument is not optional.
+ * man/login.defs.d/QUOTAS_ENAB.xml: Document the dependency
+ between /etc/limits and QUOTAS_ENAB.
+
+2011-08-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/POTFILES.in: Added lib/spawn.c.
+
+2011-08-20 Jonathan Nieder <jrnieder@gmail.com>
+
+ * lib/Makefile.am: Added lib/spawn.c and lib/spawn.h.
+ * lib/nscd.c, lib/spawn.c, lib/spawn.h: It is not possible to
+ differentiate between an nscd failure, and a failure to execute
+ due to no nscd with posix_spawn. Use our own run_command routine.
+ * src/userdel.c: Use run_command()
+
+2011-08-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmod.c: Ignore return value from snprintf.
+ * src/groupmod.c: Add static qualifier to the cleanup structures.
+ * src/groupmod.c: Check atexit failures.
+
+2011-08-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Do not assign static to NULL.
+ * src/usermod.c (date_to_str): buf needs to be unique (e.g.
+ independent from negativ), and is an out buffer.
+ * src/usermod.c: Ignore return value from snprintf, and force
+ nul-termination of buffer.
+ * src/usermod.c: Improve memory management.
+ * src/usermod.c: An audit bloc was not reachable, moved above on
+ success to move the home directory.
+ * src/usermod.c: Ignore close() return value for the mailbox
+ (opened read only).
+
+2011-08-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Added const modifiers.
+ * lib/prototypes: Synchronize splint annotations.
+
+2011-08-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Add splint annotations.
+ * src/su.c: Set caller_on_console as boolean.
+ * src/su.c: Ignore return value from fputs (usage) / puts (prompt).
+ * src/su.c: Improved memory management.
+
+2011-08-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chgpasswd.c, src/chpasswd.c, src/newusers.c: Replace cflg by
+ a test on crypt_method.
+
+2011-08-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/chowndir.c: Add splint annotations.
+ * src/chgpasswd.c: Likewise.
+ * src/chpasswd.c: Likewise.
+ * src/newusers.c: Likewise.
+ * libmisc/salt.c, lib/prototypes.h (crypt_make_salt): Likewise.
+
+2011-08-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/gshadow_.h: Fix typo in comment.
+
+2011-08-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, libmisc/getgr_nam_gid.c: getgr_nam_gid()
+ returns an allocated structure.
+
+2011-08-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Add annotations to indicate that su_failure() does
+ not return.
+
+2011-07-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Display PID as unsigned long.
+
+2011-07-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Remove unused Zflg.
+
+2011-07-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chgpasswd.c: Fix typo sp -> sg. sg_namp -> sg_name
+ * src/chgpasswd.c: Always update the group file when SHADOWGRP is
+ not enabled.
+
+2011-07-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c: Fix typo in notreached annotation.
+
+2011-07-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Add annotations to indicate that fail_exit() does
+ not return.
+ * src/usermod.c: Fix typo in notreached annotation.
+
+2011-07-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_uid.c: free (used_uids) on return.
+ * libmisc/find_new_gid.c: free (used_gids) on return.
+
+2011-07-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Fix NIS commit from 2011-07-14.
+
+2011-07-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/chpasswd.c: Create a shadow entry if the password is
+ set to 'x' in passwd and there are no entry in shadow for the
+ user.
+ * NEWS, src/chgpasswd.c: Create a gshadow entry if the password is
+ set to 'x' in group and there are no entry in gshadow for the
+ group.
+
+2011-07-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwunconv.c: Exit after printing usage when arguments or
+ options are provided.
+ * src/pwunconv.c: Re-indent.
+ * src/pwunconv.c: Open the shadow file read only.
+ * src/grpunconv.c: Exit after printing usage when arguments or
+ options are provided.
+ * src/grpunconv.c: Open the gshadow file read only.
+
+2011-07-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chgpasswd.c: Fix typo.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/login.c: Do not log in utmp / utmpx / wtmp when PAM is
+ enabled. This is already done by pam_lastlog. Note that
+ pam_lastlog can only log the parent PID, not the PID of the
+ process forked by login.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chpasswd.c: Add annotations to indicate that usage() does
+ not return.
+ * src/chpasswd.c: Reindent.
+ * src/chpasswd.c: Remove dead code. No need to set crypt_method
+ to NULL when it is already NULL. sflg is only set if crypt_method
+ is not NULL.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/lastlog.c: Add annotations to indicate that usage() does not
+ return.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/faillog.c: Add annotations to indicate that usage() does not
+ return.
+ * src/faillog.c: Fix message: this is faillog, not lastlog.
+ * src/faillog.c: Check that there are no extra arguments after
+ parsing the options.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chgpasswd.c: Add annotations to indicate that usage() does
+ not return.
+ * src/chgpasswd.c: Split usage in smaller parts. Those parts are
+ already translated for chpasswd. Usage is now closer to
+ chpasswd's.
+ * src/chgpasswd.c: Remove dead code. No need to set crypt_method
+ to NULL when it is already NULL. sflg is only set if crypt_method
+ is not NULL.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/expiry.c: Remove dead code.
+ * src/expiry.c: Improve comments.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpck.c: Added comments.
+ * src/grpck.c: Avoid implicit conversion of pointer to boolean.
+ * src/grpck.c: Remove dead code. argc cannot be lower than optind.
+ Avoid checking twice in a row for NULL != list[i].
+
+2011-07-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Fail in case of
+ invalid configuration.
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Updated
+ comments.
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Be more strict
+ on the loop stop conditions. Stop if we passed the limit, even if
+ the limit itself was never noticed.
+
+2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Fix some spacing issues due to configuration
+ variants.
+
+2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Overflow when computing the number of days based
+ on the scaling. Use of long long needed.
+
+2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, lib/commonio.h, lib/commonio.c: Additional messages to
+ indicate why locking failed.
+ * NEWS, lib/commonio.c: Fix the sort algorithm in case of NIS. NIS
+ entries were dropped.
+ * lib/commonio.c: NIS entries can start by '+' or '-'.
+
+2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupmod.c: When the gshadow file exists but there are
+ no gshadow entries, an entry is created if the password is changed
+ and group requires a shadow entry.
+
+2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Fix typo in comment.
+ * src/usermod.c (move_home): It is always an error to use -m if
+ the new home directory already exist (independently from the
+ existence of the old home directory did not exist)
+ * src/usermod.c (process_flags): Report usage if no options are
+ provided. Update the error message.
+ * src/usermod.c (process_flags): Check option compatibility and
+ dependency before options are discarded when no changes are
+ requested.
+ * src/usermod.c (process_flags): Check for oflg is not needed to
+ check if changes are needed.
+ * src/usermod.c: usage() does not return. Add annotations.
+ * src/usermod.c (update_gshadow): is_member was computed twice.
+ * src/usermod.c (update_group, update_gshadow): Reduce complexity
+ and document checks. Some checks were always true/false within
+ their call context.
+ * NEWS, src/usermod.c; man/usermod.8.xml: When the shadow file
+ exists but there are no shadow entries, an entry has to be created
+ if the password is changed and passwd requires a shadow entry, or
+ if aging features are used (-e or -f). Document this and also that
+ -e and -f require a shadow file.
+ * man/usermod.8.xml: Document behavior of an empty EXPIRE_DATE.
+ * man/usermod.8.xml: Document that the mail spool might have to be
+ renamed (as for the homedir)
+ * src/usermod.c (new_pwent): Document that pw_locate will not fail
+ because getpwnam returned successfully.
+ * src/usermod.c (process_flags): Do not display the usage in case
+ of an invalid -f value (similar to -e).
+ * src/usermod.c (process_flags): Indicate that the user name is
+ invalid, instead of just a 'field'.
+
+2011-07-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupadd.c: Fix typo in comment.
+ * src/userdel.c: Fix typo from 2011-06-04. Report failure on the
+ mailfile instead of user_home.
+ * lib/fields.c: Fixed typo from 2010-02-15. field instead of cp
+ ought to be checked.
+ * src/vipw.c: Use Prog instead of progname. This is needed since
+ Prog is used in the library.
+ * configure.in: Fix typo. libcrack default is 'no'.
+ * src/groupmod.c: Avoid implicit conversion of pointer to boolean.
+ * src/groupmod.c: osgrp can be set only if pflg || nflg. No need
+ to check for pflg || nflg again
+
+2011-07-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/*.xml, man/config.xml.in: Add source and version
+ information. This reduce the amount of warnings during the
+ manpages generation.
+
+2011-06-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/passwd.1.xml: Added reference to chpasswd(8).
+ * man/po/ru.po: Add space between option and argument.
+
+2011-06-16 Francisco Javier Cuadrado <fcocuadrado@gmail.com>
+
+ * po/es.po: Spanish translation
+
+2011-06-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/isexpired.c: Added parenthesis.
+ * libmisc/env.c: Added comments.
+ * libmisc/env.c: Avoid implicit conversion of pointer to boolean.
+
+2011-06-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: environ is provided by <unistd.h>.
+ * src/su.c: Added function prototypes.
+ * src/su.c: Rename shellstr parameter to shellname to avoid
+ collision with static variable.
+ * NEWS, src/su.c: Added support for PAM modules which change
+ PAM_USER.
+
+2011-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c (prepare_pam_close_session): Extract the creation of a
+ child and listening for signal in the parent from run_shell().
+ prepare_pam_close_session() is now executed before the creation of
+ the pam session and before the UID is changed. This allows to
+ close the session as root.
+ * src/su.c: Also drop the controlling terminal when PAM is not
+ used.
+ * src/su.c: Remove run_shell().
+ * src/su.c: After prepare_pam_close_session() there is no need to
+ close the session in the child. Added pam_setcred to
+ prepare_pam_close_session().
+
+2011-06-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c (save_caller_context): Extract from main() the code
+ used to save the caller's context.
+ * src/su.c: Split check_perms() in to a PAM (check_perms_pam) and
+ a non-PAM (check_perms_nopam) version.
+ * src/su.c: Cleanup check_perms_nopam().
+ * src/su.c: Merge environment setting blocks after the creation of
+ the session.
+ * src/su.c: Close the password databases together with syslog.
+ * src/su.c: Extract command line processing from main().
+ * src/su.c: Extract export of environment from main().
+
+2011-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Group some of the environment processing blocks. The
+ definition of shellstr, PATH and IFS is not influenced (getenv,
+ getdef, restricted_shell) by and does not influence (addenv does
+ not change environ) the authentication. And the authentication
+ did not overwrite those definitions. This will ease an extraction
+ from the big main() function.
+ * src/su.c: Move definition of change_environment and shellstr
+ after the switch to the final subsystem. The previous architecture
+ forced to always change the environment (the shell starts with a
+ '*' and was thus restricted, and change_environment could not be
+ reset to false).
+ * src/su.c: No need to change the user's shell in case of
+ subsystem root. Update the comments.
+ * src/su.c: Define shellstr before the environment so that
+ restricted_shell is called only once. This will allow moving the
+ environment definition after the switch to the new user.
+ * src/su.c: Extract the authentication from the main function.
+ * lib/prototypes.h, src/suauth.c, src/su.c (check_su_auth): Do not
+ use the pwent global variable to communicate between APIs of
+ different files. Added boolean parameter su_to_root to
+ check_su_auth().
+ * src/su.c (check_perms): Return the passwd entry of the finally
+ authenticated user. Remove usage of the pwent variable.
+ * src/su.c: The password of the caller is the one from the
+ spwd structure only if the passwd's password is 'x'.
+ * src/su.c: Cleanup local variables.
+
+2011-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Updating pwent after expire() is not useful. Only the
+ password information may have changed and they are not used
+ anymore afterwards.
+ * src/su.c: No need to call expire() if there are no shadow entry.
+ No need to convert a passwd entry into an spwd entry in that case.
+
+2011-06-12 Thomas Blein <tblein@tblein.eu>
+
+ * man/po/fr.po: French manpages translation
+
+2011-06-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/su.c: Do not forward the controlling terminal to
+ commands executed with -c. This prevents tty hijacking which could
+ lead to execution with the caller's privileges. This required to
+ forward signals from the terminal (SIGINT, SIGQUIT, SIGTSTP) to
+ the executed command.
+
+2011-06-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/userdel.c: Do not remove a group with the same name as
+ the user (usergroup) if this group isn't the user's primary group.
+
+2011-06-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/userdel.c: Check the existence of the user's mail
+ spool before trying to remove it. If it does not exist, a warning
+ is issued, but no failure.
+
+2011-06-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/sulogin.c: Added Prog, needed because of the last xmalloc()
+ change.
+
+2011-06-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/zh_CN/, man/zh_CN/Makefile.am: Added directory, and zh_CN
+ Makefile.
+ * man/Makefile.am: Build zh_CN pages.
+ * man/generate_translations.mak: Add config.xml to CLEANFILES.
+ * man/po/zh_CN.po: limits, groups, faillog, expiry should not be
+ translated (command name, file name), also this broke the build
+ system as they are used to derive manpage names.
+
+2011-06-02 Peter Vrabec <pvrabec@redhat.com>
+
+ * src/lastlog.c, src/faillog.c: Fix underflows causing wrong entry
+ to be displayed.
+
+2011-06-02 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/xmalloc.c: Harmonize message.
+
+2011-06-02 Peter Vrabec <pvrabec@redhat.com>
+
+ * libmisc/find_new_uid.c, libmisc/find_new_gid.c: Add missing
+ memory allocation check.
+
+2011-06-02 Cal Peake <cp@absolutedigital.net>
+
+ * NEWS, libmisc/addgrps.c: Fix allocator loop. Continue to
+ getgroups() when getgroups fails (-1) with errno==EINVAL.
+
+2011-06-01 Simon Brandmair <sbrandmair@gmx.net>
+
+ * man/newusers.8.xml, man/suauth.5.xml, man/suauth.5.xml,
+ man/logoutd.8.xml, man/chgpasswd.8.xml, man/groups.1.xml,
+ man/faillog.5.xml, man/login.defs.d/MD5_CRYPT_ENAB.xml,
+ man/login.defs.d/DEFAULT_HOME.xml,
+ man/login.defs.d/LOGIN_RETRIES.xml,
+ man/login.defs.d/MD5_CRYPT_ENAB.xml,
+ man/login.defs.d/PORTTIME_CHECKS_ENAB.xml,
+ man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml:
+ Fix typos
+ * man/po/de.po: German translation of manpages completed
+
+2011-05-23 Innocent De Marchi <tangram.peces@gmail.com>
+
+ * po/ca.po: Catalan translation completed
+
+2011-04-22 Miguel Figueiredo <elmig@debianpt.org>
+
+ * po/pt.po: Portuguese translation completed
+
+2011-04-22 Thomas Blein <tblein@tblein.eu>
+
+ * po/fr.po: French translation completed
+
+2011-04-16 Holger Wansing <linux@wansing-online.de>
+
+ * po/de.po: German translation completed
+
+2011-04-15 Fred Maranhão <fred.maranhao@gmail.com>
+
+ * po/pt_BR.po: Brazilian Portuguese translation completed
+
+2011-04-10 Yuri Kozlov <yuray@komyakino.ru>
+
+ * po/ru.po: Russian translation completed
+
+2011-04-07 Daniel Nylander <po@danielnylander.se>
+
+ * po/sv.po: Swedish translation completed
+
+2011-04-07 Joe Dalton <joedalton2@yahoo.dk>
+
+ * po/da.po: Danish translation completed
+
+2011-04-05 Timur Birsh <taem@linukz.org>
+
+ * po/kk.po: Kazakh translation completed
+
+2011-04-05 NAKANO Takeo <nakano@st.seikei.ac.jp>
+
+ * po/ja.po: Japanese translation completed
+
+2011-03-30 YunQiang Su <wzssyqa@gmail.com>
+
+ * man/po/zh_CN.po: convert Simplified Chinese translation
+ of manpages to gettext
+ * po/zh_CN.po: Simplified Chinese translation completed
+
+2010-02-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/ru/Makefile.am: Remove double inclusion of $(man_nopam)
+
+2010-02-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/user_busy.c, src/userdel.c, src/usermod.c: Warn in
+ user_busy() rather than in src/userdel.c or src/usermod.c to
+ provide more accurate failure cause (user is logged in or user
+ still executes processes).
+
+2010-02-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c, lib/sgroupio.c, lib/shadowio.c, lib/pwio.c: Check
+ entry validity before commits to databases.
+ * libmisc/fields.c, libmisc/Makefile.am, lib/fields.c,
+ lib/Makefile.am, po/POTFILES.in: fields.c moved from libmisc to
+ lib.
+ * lib/fields.c: Fail if input pointer is NULL.
+
+2010-02-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/chfn.c, src/chsh.c: Fix CVE-2011-0721: forbid \n in
+ gecos or shell.
+
+2011-02-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * autogen.sh: Restore original autoreconf (see 2010-08-29's change
+ for autogen.sh)
+ * configure.in, man/po/Makefile.in.in, man/po/Makefile.in:
+ Makefile.in.in replaced by Makefile.in to avoid config.status
+ issues when there are multiple po directories.
+ * man/po/LINGUAS: Adapted to above change.
+ * man/po/POTFILES.in, man/po/XMLFILES: POTFILES.in replaced by
+ XMLFILES.
+ * man/Makefile.am: generate_mans.deps shall be included by make,
+ not automake.
+
+2010-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, libmisc/console.c: Fix CONSOLE parser. This caused login
+ to hang when CONSOLE was configured with a colon separated list of
+ TTYs. See http://bugs.gentoo.org/show_bug.cgi?id=324419
+
+2010-09-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ Integrate review comments from Julien Cristau
+ * libmisc/copydir.c: Missing parenthesis in comment.
+ * libmisc/chowndir.c: Fixed memory leak on failed realloc().
+ * libmisc/chowndir.c: Make sure the buffer for the path is large
+ enough.
+ * libmisc/remove_tree.c: Remove check for NULL before free().
+
+2010-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Fix 2 fuzzy strings.
+
+2010-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/usermod.c: Accept options in any order (username not
+ necessarily at the end)
+
+2010-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * autogen.sh: Expand autoreconf to avoid running autopoint.
+
+2010-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2010-08-28 Brian M. Carlson <sandals@crustytoothpaste.ath.cx>
+
+ * man/chsh.1.xml: Fix comma splice.
+
+2010-08-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
+ selinux_file_context renamed set_selinux_file_context.
+ * lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
+ Added reset_selinux_file_context.
+ * src/useradd.c: Check the return value of
+ set_selinux_file_context and reset_selinux_file_context.
+ * libmisc/copydir.c: Check the return value of
+ reset_selinux_file_context.
+
+2010-08-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Fix handling of environment variables when
+ the environment is not changed. In particular, this makes su
+ behave as documented regarding PATH and IFS (i.e. they are reset)
+ when -p is provided.
+
+2010-08-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/su.1.xml: Fix typo.
+
+2010-08-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
+ src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
+ src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
+ src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c,
+ src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/chage.c,
+ src/groupadd.c, src/login.c, src/grpconv.c, src/groups.c,
+ src/grpunconv.c, src/chsh.c: Prog changed to a constant string.
+
+2010-08-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/limits.c: Avoid implicit conversion of integer to
+ boolean.
+ * libmisc/basename.c: Avoid implicit conversion of pointer to
+ boolean.
+ * libmisc/basename.c, lib/prototypes.h (Basename): Return a
+ constant string.
+ * libmisc/basename.c, libmisc/obscure.c, lib/prototypes.h,
+ libmisc/xmalloc.c, libmisc/getdate.h, libmisc/system.c,
+ libmisc/getgr_nam_gid.c, libmisc/failure.c, libmisc/valid.c: Add
+ splint annotations.
+ * libmisc/chowndir.c: Avoid memory leak.
+ * libmisc/chowndir.c: Do not check *printf/*puts return value.
+ * libmisc/chowntty.c: Avoid implicit conversion between integer
+ types.
+ * libmisc/obscure.c: Return a bool when possible instead of int.
+ * libmisc/shell.c: Do not check *printf/*puts return value.
+ * libmisc/shell.c: Do not check execle return value.
+ * libmisc/setupenv.c: Avoid implicit conversion between integer
+ types.
+ * libmisc/xmalloc.c: size should not be zero to avoid returning
+ NULL pointers.
+ * libmisc/hushed.c: Do not check *printf/*puts return value.
+ * libmisc/system.c: Avoid implicit conversion of integer to
+ boolean. safe_system last argument is a boolean.
+ * libmisc/system.c: Check return value of dup2.
+ * libmisc/system.c: Do not check *printf/*puts return value.
+ * libmisc/system.c: Do not check execve return value.
+ * libmisc/salt.c: Do not check *printf/*puts return value.
+ * libmisc/loginprompt.c: Do not check gethostname return value.
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not check
+ gr_rewind/pw_rewind return value.
+ * libmisc/ttytype.c: Limit the number of parsed characters in the
+ sscanf format.
+ * libmisc/ttytype.c: Test if a type was really read.
+ * libmisc/sub.c: Do not check *printf/*puts return value.
+ * libmisc/sub.c: Avoid implicit conversion of integer to boolean.
+ * src/userdel.c: Fix typo in comment.
+ * src/userdel.c: Avoid implicit conversion of boolean to integer.
+ * src/userdel.c: safe_system last argument is a boolean.
+ * src/newusers.c: Avoid implicit conversion of boolean to integer.
+ * src/newusers.c: Avoid implicit conversion of integer to boolean.
+ * src/usermod.c: Add brackets.
+ * src/usermod.c: Avoid implicit conversion of characters or
+ integers to booleans.
+ * src/vipw.c: Avoid implicit conversion of integer to boolean.
+ * src/su.c: Avoid implicit conversion of integer to boolean.
+ * src/su.c: Add brackets.
+ * src/useradd.c: Avoid implicit conversion of characters or
+ integers to booleans.
+
+2010-08-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/obscure.c, lib/prototypes.h (obscure): Return a bool
+ instead of an int.
+ * libmisc/obscure.c, libmisc/tz.c, src/passwd.c, lib/encrypt.c,
+ libmisc/copydir.c, lib/prototypes.h: Add splint annotations.
+ * libmisc/tz.c: Fix some const issues.
+ * libmisc/tz.c: Avoid multi-statements lines.
+ * libmisc/tz.c: Add brackets.
+ * libmisc/copydir.c: Do not check *printf/*puts return value.
+ * libmisc/copydir.c: Fail if we cannot set or reset the SELinux
+ fscreate context.
+ * libmisc/copydir.c: Use xmalloc instead of malloc.
+ * libmisc/copydir.c: Do not check lutimes return value
+ * src/vipw.c: Avoid implicit conversion of integer to boolean.
+ * src/su.c (iswheel): Return a bool instead of an int.
+ * src/passwd.c: Remove insert_crypt_passwd(). Use xstrdup instead.
+ * src/passwd.c: Return constant strings when sufficient.
+ * src/passwd.c: Do not check *printf/*puts return value.
+ * src/passwd.c: Avoid implicit conversion of character to boolean.
+ * src/passwd.c: Do not check sleep return value.
+ * src/sulogin.c: Do not check *printf/*puts return value.
+ * lib/encrypt.c: Do not check fprintf return value.
+
+2010-08-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Fix a const issue.
+ * src/passwd.c: Avoid multi-statements lines.
+ * src/sulogin.c: Fix a const issue.
+
+2010-08-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c, lib/prototypes.h: Caller can choose not to
+ copy the extended attributes (the SELinux context is hence reset)
+ * src/usermod.c: Copy the extended attributes.
+ * src/useradd.c: Only reset the SELinux context.
+
+2010-08-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Fixed typo.
+
+2010-08-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/console.c, libmisc/motd.c, libmisc/setupenv.c,
+ libmisc/sulog.c, libmisc/hushed.c, libmisc/failure.c,
+ libmisc/loginprompt.c, libmisc/ttytype.c, libmisc/obscure.c,
+ libmisc/pam_pass_non_interractive.c, src/userdel.c, src/login.c,
+ lib/commonio.c, lib/commonio.h, libmisc/setugid.c,
+ libmisc/setupenv.c: Fix some const issues.
+ * libmisc/motd.c: Avoid multi-statements lines.
+ * libmisc/motd.c: Support long MOTD_FILE.
+ * libmisc/list.c, lib/prototypes.h: Revert previous change.
+ dup_list and is_on_list are used with members as defined for the
+ group structure, and thus even if the list is not modified, the
+ list elements cannot be constant strings.
+ * libmisc/system.c: Avoid C++ comments.
+ * src/vipw.c: WITH_TCB cannot be tested inside a gettextized
+ string. Split the Usage string.
+ * lib/commonio.h: Re-indent.
+
+2010-08-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/audit_help.c (audit_logger):pgname is not used. We let
+ audit find out the name of the program.
+ * libmisc/audit_help.c: Re-indent.
+
+2010-08-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c: Avoid implicit conversion from signed to unsigned.
+
+2010-08-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Make sure there are no NULL pointer dereference.
+
+2010-08-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/remove_tree.c: Ignore snprintf return value.
+
+2010-08-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, libmisc/list.c: dup_list() and is_on_list() do
+ not change the members of the list they receive. Added const
+ qualifiers.
+
+2010-08-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Re-indent.
+
+2010-08-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Avoid multi-statements lines.
+
+2010-08-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Fix a typo.
+
+2010-06-24 Baurzhan Muftakhidinov <baurthefirst@gmail.com>
+
+ * NEWS, po/kk.po: Updated Kazakh translation.
+
+2010-04-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Fix some typos. Minor updates: 886t70f187u.
+
+2010-04-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2010-04-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newusers.8.xml, man/useradd.8.xml, man/groupadd.8.xml,
+ man/login.defs.d/UMASK.xml, man/login.defs.d/CREATE_HOME.xml,
+ man/login.defs.d/LOGIN_RETRIES.xml: Fix typos: choosen, overriden,
+ bahavior.
+
+2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/usermod.8.xml: Document changes of ownerships.
+
+2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/vipw.8.xml: Fix formatting typo.
+ * man/vipw.8.xml: Document the login.defs parameters only when tcb
+ is enabled.
+
+2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: spool is a constant string.
+ * src/useradd.c: Set the new copy_tree's paramater 'copy_root' to false
+
+2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: move_home() is only called if mflg is set.
+ * src/usermod.c: Fail is -m is provided but the old home directory
+ is not a directory.
+ * src/usermod.c: Use the previous improvement of copy_tree to
+ provide better error diagnosis.
+ * src/usermod.c: When rename() is used, also change the ownership.
+ * src/usermod.c: Do not change the ownership of the root directory
+ twice.
+ * src/usermod.c: When -u is provided, only change the ownership of
+ the home directory if it is a directory.
+ * src/usermod.c: Also change ownerships when -g is used.
+
+2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, libmisc/copydir.c: Add the old UID and GID to
+ copy_tree to detect when ownership shall be changed.
+ * libmisc/copydir.c: Document the behavior when the IDs are set to
+ -1.
+ * lib/prototypes.h, libmisc/copydir.c (copy_tree): Add parameter
+ copy_root.
+ * libmisc/copydir.c: error() and ctx can be static.
+ * libmisc/copydir.c (copy_hardlink): Remove parameter src.
+
+2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/chowndir.c: Dynamically allocate memory to support
+ path longer than 1024 characters.
+ * libmisc/chowndir.c: Fix typos in documentation.
+ * libmisc/chowndir.c: Support and document the behavior when a old
+ or new ID is set to -1.
+ * libmisc/chowndir.c: Improved error detection when chown fails.
+ * libmisc/chowndir.c: Harmonize error handling strategy when an
+ error occurs: stop changing ownership as soon as an error was
+ detected.
+
+2010-04-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/hu/passwd.5: Fix formatting typo.
+ * man/id/login.1: Likewise.
+
+2010-03-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/vipw.8.xml: When TCB is enabled, vipw uses login.defs.
+
+2010-03-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, libmisc/copydir.c: When a hardlink is detected, the
+ original hardlink should not be removed.
+
+2010-03-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/POTFILES.in, libmisc/Makefile.am, lib/prototypes.h,
+ libmisc/remove_tree.c, libmisc/copydir.c: Split remove_tree()
+ outside of copydir.c to avoid linking against libacl or libattr.
+
+2010-03-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: shell's name must be -su when a su fakes a login.
+
+2010-03-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, configure.in, libmisc/copydir.c, man/useradd.8.xml,
+ man/usermod.8.xml, src/Makefile.am: Added support for ACLs and
+ Extended Attributes.
+
+2010-03-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c: Document the sections closed by #endif
+
+2010-03-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/vipw.8.xml: Add section ENVIRONMENT.
+
+2010-03-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * etc/login.defs: Updated description of UMASK to indicate its
+ usage by pam_umask.
+ * man/login.defs.d/UMASK.xml: Likewise.
+
+2010-03-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.1.xml: login does not check for new mails in PAM
+ enabled versions. This is done by pam_mail.
+
+2010-03-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/chpasswd.c, man/chpasswd.8.xml, man/login.defs.5.xml:
+ PAM enabled versions: restore the -e option to allow restoring
+ passwords without knowing those passwords. Restore together the -m
+ and -c options.
+
+2010-03-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c, src/vipw.c, src/newgrp.c: When the child is
+ interrupted, stop ourself with a SIGSTOP signal.
+
+2010-03-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c: Limit the scope of variable pid.
+ * src/login_nopam.c: Limit the scope of variables end, lineno, i,
+ str_len.
+ * src/logoutd.c: Limit the scope of variable c.
+ * src/vipw.c: Re-indent.
+ * src/vipw.c: Close the file after the creation of the backup.
+ * src/useradd.c (set_default): Close input file on failure.
+ * src/useradd.c: Limit the scope of variables spool, file, fd, gr,
+ gid, mode.
+ * src/passwd.c: Limit the scope of variables last and ok.
+ * src/chage.c: Fix typo (non breaking space).
+ * src/login.c: Limit the scope of variables erasechar killchar, c,
+ failed.
+ * src/groups.c: Limit the scope of variable ngroups, pri_grp, i.
+ * src/id.c: Limit the scope of variable i.
+
+2010-03-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/utent.c (getutline): Remove getutline(). This function is
+ no more used.
+ * lib/groupmem.c: Limit the scope of variable i.
+ * lib/shadow.c: Avoid implicit conversion of pointers and integers
+ to booleans.
+ * lib/shadow.c: Added brackets.
+ * libmisc/limits.c: Limit the scope of variable tmpmask.
+ * libmisc/copydir.c: Close opened file on failure.
+ * libmisc/loginprompt.c: Limit the scope of variable envc.
+ * libmisc/find_new_uid.c, libmisc/find_new_gid.c: Limit the scope
+ of variable id.
+
+2010-03-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Detect some
+ misconfigurations of UID_MIN, UID_MAX, SYS_UID_MIN, SYS_UID_MAX (and
+ the GID equivalents)
+
+2010-03-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, configure.in: Next version will be 4.1.5.
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2010-03-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/limits.c: Re-indent to make pmccabe happy.
+
+2010-03-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/generate_translations.mak, man/generate_mans.mak: Fix
+ distcheck. All manpages generation code shall be enclosed in
+ ENABLE_REGENERATE_MAN conditions.
+
+2010-03-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/useradd.8.xml: Do not document the features which are not
+ working.
+ * man/useradd.8.xml: Fix typo: -u was meant instead of -o.
+ * man/useradd.8.xml: Document that the default behavior depends on
+ CREATE_HOME.
+
+2010-03-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c: Fix memory management insplit_groups().
+
+2010-03-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/strtoday.c: Empty dates indicate a disabled date, this is
+ not an error.
+
+2010-03-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c, lib/commonio.c, po/POTFILES.in: Fix typos.
+ * libmisc/limits.c: Removed unused variable.
+
+2010-03-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Stop sorting entries when we reach the first
+ NIS line.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chsh.c: Even for root, warn if an invalid shell is
+ specified. Alioth#311305
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/limits.5.xml: Document the selection of the limits when
+ multiple lines match the user.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/limits.c: Re-indent.
+ * libmisc/limits.c: Reformat the documentation. Avoid personal
+ comments.
+ * man/limits.5.xml: Document the new features.
+
+2010-03-18 Thomas Orgis <thomas@orgis.org>
+
+ * NEWS, libmisc/limits.c: Fix parsing of limits.
+ * NEWS, libmisc/limits.c: Add support for infinite limits.
+ * NEWS, libmisc/limits.c: Add support for @group syntax.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/tcbfuncs.h: Re-indent.
+ * lib/tcbfuncs.h: Explicitly indicate function taking a void
+ parameter.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: When exiting because of a failure, warn if an
+ home directory created, but cannot be removed.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/chowndir.c: Re-indent.
+ * libmisc/chowndir.c: Avoid assignment in comparisons.
+ * libmisc/chowndir.c: Added brackets and parenthesis.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/strtoday.c: Add support for numerical dates, assuming
+ they are already specified in number of days since Epoch. Return
+ -2 in case of errors to support the specification of -1.
+ * src/usermod.c, src/useradd.c: Adapt to the new error value of
+ strtoday().
+ * src/chage.c: Remove isnum(). Adapt to the new error value of
+ strtoday(). Support for numerical dates is moved to strtoday().
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Harmonize name of parameters.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: Indicate which tools support TCB.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Unlock the password and shadow files when there is a
+ failure to prepare the update in memory.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Only log to SYSLOG when acting on system files.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Document the sections closed by #endif
+ * src/pwck.c, man/pwck.8.xml: No alternative shadow file can be
+ given when USE_TCB is enabled.
+ * src/pwck.c: Remove the -s option from the usage when USE_TCB is
+ enabled. The option is still supported, but has no effect, as
+ documented in the manpage.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Do not use pwd_file and spw_file. Always use the
+ dbname() functions.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Re-indent.
+
+2010-03-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c,
+ src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the
+ SHADOWTCB_FAILURE return code instead of 0 or implicit conversion
+ to booleans.
+
+2010-03-18 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
+
+ * src/pwck.c: Add support for TCB.
+ * src/pwck.c: Use spw_dbname() instead of spw_file since TCB
+ changes from a file to another depending on the user. Also use
+ pw_dbname() for consistency.
+
+2010-03-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/faillog.c: Re-indent.
+
+2010-03-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/tcbfuncs.h: Added type shadowtcb_status.
+ * lib/tcbfuncs.h, lib/tcbfuncs.c: Return a shadowtcb_status
+ instead of an int.
+ * lib/tcbfuncs.c: Do not return in OUT_OF_MEMORY.
+ * lib/tcbfuncs.c: Only FreeBSD specify that the returned buffer is
+ NULL in case of failure. The return value of asprintf shall be
+ checked.
+ * lib/tcbfuncs.c: Avoid implicit conversion of pointers or
+ integers to booleans.
+ * lib/tcbfuncs.c: Avoid assignments in comparisons.
+ * lib/tcbfuncs.c: Do not free path before its last use.
+ * lib/tcbfuncs.c: Include shadowio.h, needed for the
+ spw_setdbname's prototype.
+ * lib/tcbfuncs.c: Ignore fflush() return value.
+ * lib/tcbfuncs.c: Avoid implicit signed to unsigned conversions.
+ * lib/tcbfuncs.c: Avoid integer to char conversions.
+ * lib/tcbfuncs.c: Include prototypes.h for the definition of Prog.
+ * lib/tcbfuncs.c: Removed dead return.
+ * lib/tcbfuncs.c: move_dir() and shadowtcb_move() need a non NULL
+ stored_tcb_user.
+ * lib/tcbfuncs.c: Avoid implicit int to mode_t conversion.
+ * lib/tcbfuncs.c: Added brackets and parenthesis.
+ * lib/tcbfuncs.c: Re-indent.
+
+2010-03-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Avoid implicit conversion of pointers to
+ booleans.
+ * lib/commonio.c: Ignore the return value of close when a
+ failure is reported.
+
+2010-03-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/faillog.8.xml: Document the behavior in display mode of the
+ -a option.
+ * NEWS, man/faillog.8.xml, src/faillog.c: Extend the -a option to
+ the non-display mode. This changes the default behavior of the -l,
+ -m, -r, -t options when -a is not specified (restrict to existing
+ users).
+
+2010-03-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/chage.1.xml, man/login.defs.5.xml, man/pwck.8.xml,
+ man/pwconv.8.xml, man/useradd.8.xml, man/userdel.8.xml,
+ man/usermod.8.xml, man/vipw.8.xml: Document the usage of the
+ TCB_AUTH_GROUP, TCB_SYMLINKS, and USE_TCB configuration
+ parameters.
+ * man/pwconv.8.xml, man/pwck.8.xml: Document the behavior when
+ USE_TCB is enabled.
+
+2010-03-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/POTFILES.in, lib/tcbfuncs.c: Add more strings for
+ translation.
+ * lib/tcbfuncs.c: Indicate the name of the program in error
+ messages. Avoid perror.
+ * src/useradd.c: Re-indent.
+ * src/useradd.c: Add more strings for translation. Indicate the
+ name of the program in error messages.
+ * src/userdel.c: Re-indent.
+ * src/userdel.c: Add more strings for translation. Indicate the
+ name of the program in error messages.
+
+2010-03-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: user_newname and user_newid cannot be used to
+ test if the username or ID is changed. lflg and uflg should be
+ used instead.
+
+2010-03-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c: Avoid perror. Give more verbose warnings.
+
+2010-03-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/Makefile.am: Indicate that man/generate_mans.deps is
+ generated.
+
+2010-03-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Re-indent.
+ * lib/commonio.c: Document the sections closed by #endif
+ * lib/commonio.c: Added brackets.
+ * lib/commonio.c: Avoid implicit conversion of integer to
+ booleans.
+
+2010-03-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c: Re-indent.
+ * src/userdel.c: Added brackets.
+ * src/userdel.c: Avoid implicit conversion of pointers to
+ booleans.
+
+2010-03-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/shadowio.c: Re-indent.
+ * lib/shadowio.c: Added brackets and parenthesis.
+ * lib/shadowio.c: Document the sections closed by #endif
+ * lib/shadowio.c: Avoid negation of comparisons.
+ * lib/shadowio.c: Avoid implicit conversion of integer to booleans
+ and booleans to integers.
+
+2010-03-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Re-indent.
+ * src/useradd.c: Added brackets.
+ * src/useradd.c: Avoid implicit conversion of integers to
+ booleans.
+ * src/useradd.c: Harmonize error messages.
+
+2010-03-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/vipw.c: Document the sections closed by #endif
+ * src/vipw.c: Avoid implicit conversion of pointers or integers to
+ booleans.
+ * src/vipw.c: Added brackets and parenthesis.
+ * src/vipw.c: Limit the definition of some variables and macros to
+ the WITH_TCB scope.
+ * src/vipw.c: Avoid assignment in comparisons.
+ * src/vipw.c: Replace PASSWD_FILE (resp. GROUP_FILE and
+ SGROUP_FILE) by pw_dbname () (resp. gr_dbname () and sgr_dbname ()).
+ This is more consistent with the shadow file handling and may be
+ useful to allow edition of another partition's files.
+
+
+2010-03-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Re-indent.
+ * src/usermod.c: Avoid implicit conversion of pointers to
+ booleans.
+ * src/usermod.c: Added parenthesis.
+
+2010-03-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwunconv.c: Only check USE_TCB if configured WITH_TCB.
+
+2010-03-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c: Re-indent.
+ * src/userdel.c: Avoid implicit conversion of pointers to
+ booleans.
+ * src/userdel.c: Document the sections closed by #endif
+
+2010-03-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwconv.c: Only check USE_TCB if configured WITH_TCB.
+
+2010-03-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c: Added parenthesis.
+
+2010-02-14 Michael Bunk <mb@computer-leipzig.com>
+
+ * NEWS, lib/gshadow.c: Fix parsing of gshadow entries.
+
+2010-01-30 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
+
+ * NEWS: Add support for TCB.
+ * lib/tcbfuncs.h, lib/tcbfuncs.c, lib/Makefile.am: New library to
+ support TCB.
+ * lib/prototypes, libmisc/copydir.c (remove_tree): Add boolean
+ parameter remove_root.
+ * configure.in: Add conditional WITH_TCB.
+ * src/userdel.c, src/usermod.c: Add support for TCB. Update call to
+ remove_tree().
+ * src/pwconv.c, src/pwunconv.c: Should not be used with TCB enabled.
+ * src/vipw.c: Add support for TCB. Update call to remove_tree().
+ * src/useradd.c: Add support for TCB. Open the shadow file outside
+ of open_files().
+ * src/chage.c: Add support for TCB.
+ * src/Makefile.am: Install passwd sgid shadow when TCB is enabled.
+ * lib/getdefs.c, man/vipw.8.xml, man/login.defs.5.xml,
+ man/login.defs/TCB_AUTH_GROUP.xml, man/login.defs/USE_TCB.xml,
+ man/login.defs/TCB_SYMLINKS.xml, man/generate_mans.mak,
+ man/generate_mans.deps, man/Makefile.am: New configuration
+ parameters: TCB_AUTH_GROUP, TCB_SYMLINKS, USE_TCB.
+ * lib/shadowio.c, lib/commonio.c: Add support for TCB.
+
+2010-01-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/env.c: Fix sanitize_env() noslash support. This fixes
+ Alioth#311740.
+
+2010-01-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Do not sanitize the environment. This breaks
+ --preserve-environment. This sanitation was disabled on Debian
+ since quite some time with no reported issues, and sanitize_env()
+ documentation agrees that it should be useless as all modern
+ Unixes will handle setuid executables properly. This fixes
+ Alioth#312287.
+
+2010-01-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/setupenv.c: Fix typo from 2009-11-01.
+
+2010-01-24 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
+
+ * configure.in: Add support for TCB in configure.in. Actual TCB
+ support will follow.
+
+2009-11-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupmod.c: Fixed groupmod when configured with
+ --enable-account-tools-setuid.
+
+2009-11-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, man/login.defs.d/ENV_SUPATH.xml, libmisc/setupenv.c:
+ Harmonize other paths and documentation with previous
+ change.
+
+2009-11-01 Michel Hermier <michel.hermier@gmail.com>
+
+ * src/su.c: Set the default ENV_SUPATH to
+ /sbin:/bin:/usr/sbin:/usr/bin (i.e. PATH when no ENV_SUPATH is
+ specified).
+
+2009-10-15 Thorsten Kukuk <kukuk@suse.de>
+
+ * src/faillog.c, man/faillog.8.xml: Harmonize long option in code
+ and documentation. Use --lock-secs instead of --lock-time.
+
+2009-10-05 Miroslav Kure <kurem@upcase.inf.upol.cz>
+
+ * po/cs.po: updated to 412t
+
+2009-09-29 Clytie Siddall <clytie@riverland.net.au>
+
+ * po/vi.po: updated to 412t
+
+2009-09-27 Miroslav Kure <kurem@upcase.inf.upol.cz>
+
+ * po/cs.po: updated to 411t1f
+
+2009-09-24 Christian Perrier <bubulle@debian.org>
+
+ * man/po/fr.po: Updated French translation to 835t99f165
+
+2009-09-24 Clytie Siddall <clytie@riverland.net.au>
+
+ * po/vi.po: updated to 348t30f34u
+
+2009-09-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Avoid pre-decrement operator (--n). Add some
+ comments.
+ * libmisc/cleanup.c: Fix off by one in an assertion.
+
+2009-09-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Fix indentation.
+ * src/su.c: Add more messages for translation.
+ * src/su.c: Ignore kill() return value when sending the TERM
+ signal. If it fails, a KILL should be sent anyway.
+
+2009-09-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/su.c: When su receives a signal, wait for the child to
+ terminate (after sending a SIGTERM), and kill it only if it did
+ not terminate by itself. No delay will be enforced if the child
+ cooperates. See http://bugs.gentoo.org/282094
+ * NEWS, man/su.1.xml: Document su's exit values.
+
+2009-09-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: The default value for the CREATE_MAIL_SPOOL
+ variable (i.e. if CREATE_MAIL_SPOOL= is specified without any
+ values) is "no", not DCREATE_MAIL_SPOOL ("CREATE_MAIL_SPOOL=").
+
+2009-09-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Avoid redefinition of SHELL. Use DSHELL instead.
+ For consistency, change HOME, INACT, EXPIRE, SKEL, and
+ CREATE_MAIL_SPOOL to DHOME, DINACT, DEXPIRE, DSKEL, and
+ DCREATE_MAIL_SPOOL.
+
+2009-09-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Prefer #ifdef over #if.
+
+2009-09-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: We do not use SETPGRP_VOID, and already assume
+ that setpgrp has a void argument. Remove AC_FUNC_SETPGRP to ease
+ cross compiling.
+
+2009-09-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/generate_translations.mak, man/generate_mans.mak,
+ po/Makefile.in.in: Removing and restoring the config.xml file
+ broke parallel builds. Build the manpages based on *.xml-config
+ files instead of *.xml files. The *.xml do not include config.xml
+ anymore, which permits to run xml2po without needing to remove
+ config.xml. The config.xml is restored in the *.xml-config files.
+ * man/groupadd.8.xml: Implementation of the above.
+ * man/generate_mans.deps: Updated dependencies
+
+2009-09-07 Steve Grubb <sgrubb@redhat.com>
+
+ * libmisc/limits.c: Fix the format to match the unsigned long
+ variable in argument.
+ * libmisc/utmp.c: Fix tests. tmptty is a variable stack. ut_host
+ is an array of the ut structure. None of them can be NULL.
+
+2009-09-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/shadowmem.c: Only copy the required fields of the struct
+ spwd. (start with the primitive types)
+ * lib/shadowmem.c: Avoid memzero() on a possibly NULL pointer.
+ * lib/groupmem.c: Only copy the required fields of the struct
+ group. (start with the primitive types)
+ * lib/groupmem.c: Avoid memzero() on a possibly NULL pointer.
+ * lib/groupmem.c: Free gr_mem in addition to its elements.
+ * lib/sgroupio.c: The struct sgrp has no primitive types to be
+ copied initially.
+ * lib/sgroupio.c: Avoid memzero() on a possibly NULL pointer.
+ * lib/sgroupio.c: Free sg_mem and sg_add in addition to their
+ elements.
+ * lib/pwmem.c: Only copy the required fields of the struct
+ passwd. (start with the primitive types)
+
+2009-09-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/sgroupio.h: Harmonize splint annotations of sgr_locate()
+ prototype with the one used in its definition.
+
+2009-09-07 Steve Grubb <sgrubb@redhat.com>
+
+ * libmisc/copydir.c, lib/shadowmem.c, lib/groupmem.c, lib/pwmem.c:
+ Fix some memory leaks.
+
+2009-09-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c, src/lastlog.c, src/gpasswd.c, src/newusers.c,
+ src/chpasswd.c, src/groupmems.c, src/usermod.c, src/chgpasswd.c,
+ src/vipw.c, src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c,
+ src/groupadd.c, src/chage.c, src/faillog.c, src/chsh.c: Use
+ booleans for tests.
+ * src/userdel.c, src/gpasswd.c, src/groupmems.c, src/usermod.c,
+ src/groupmod.c, src/passwd.c: Use a break even after usage().
+
+2009-09-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c, src/groupmems.c: Split the groupmems and gpasswd
+ Usage string. It was changed anyway to add the --help option.
+
+2009-09-05 Mike Frysinger <vapier@gentoo.org>
+
+ * NEWS, src/userdel.c, src/lastlog.c, src/gpasswd.c,
+ src/newusers.c, src/chpasswd.c, src/groupmems.c, src/usermod.c,
+ src/chgpasswd.c, src/vipw.c, src/su.c, src/useradd.c,
+ src/groupmod.c, src/passwd.c, src/groupadd.c, src/chage.c,
+ src/faillog.c, src/chsh.c: If someone uses the -h/--help options,
+ the usage should not go to stderr nor should the utility exit with
+ non-zero status. All of the shadow utils do just this
+ unfortunately, so convert them over to sanity.
+ * man/groupmems.8.xml, man/gpasswd.1.xml: Added option -h/--help.
+
+2009-09-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Fixed wrong format string.
+ * lib/gshadow.c: Removed declaration of unused variable.
+
+2009-08-30 Mike Frysinger <vapier@gentoo.org>
+
+ * man/generate_mans.mak, man/generate_translations.mak: Provide an
+ useful error message when --enable-man is not enabled and the
+ translated manpages are not generated.
+
+2009-08-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/ENCRYPT_METHOD.xml: Avoid using sub-lists. They
+ break the groff formatting.
+
+2009-07-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/fr.po: Fix typos, based on reviews by the Debian French
+ translation team.
+
+2009-07-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, configure.in: Prepare for the next release 4.1.4.2.
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2009-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Fixed definition of the SHELL configuration.
+
+2009-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * etc/login.defs: SYS_GID_MIN /SYS_UID_MIN changed from 100 to
+ 101. GID 100 seems to be used statically.
+
+2009-07-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/shell.c, src/su.c: Execute the scripts with "sh -"
+ rather than "sh".
+
+2009-07-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in, libmisc/shell.c, libmisc/setupenv.c, src/newgrp.c,
+ src/su.c: Let the system shell be configurable.
+
+2009-07-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/su.c, libmisc/shell.c: Added support for shells being a
+ shell script without a shebang.
+
+2009-07-19 Jean-Louis Dupond <info@dupondje.be>
+
+ * po/nl.po: Fix obvious mistake in Dutch translation.
+
+2009-07-18 Peter Vrabec <pvrabec@redhat.com>
+
+ * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use
+ getpwent / getgrent for system accounts. Trying the low-IDs with
+ getpwuid / getgrgid should be more efficient on LDAP configured
+ systems with many accounts.
+ * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since
+ system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in
+ reverse order, accounts are packed close to SYS_?ID_MAX if
+ SYS_?ID_MIN is already used but there are still dome gaps.
+
+2009-07-05 Piarres Beobide <pi+debian@beobide.net>
+
+ * po/eu.po: Updated Basque translation.
+
+2009-06-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/fi/Makefile.am: Stop distributing the Finnish translation of
+ passwd.1 (outdated).
+
+2009-06-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/pwck.8.xml: The shadow file is optional.
+ * man/pwck.8.xml: Updated description of the checks. Added
+ description of the shadow checks.
+ * man/pwck.8.xml: Updated description of the checks.
+
+2009-06-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Fixed typo (forunis)
+
+2009-06-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/fputsx.c: Compare the result of fgets() with the provided
+ buffer instead of NULL.
+
+2009-06-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/gshadow.c: Removed limitation on the length of the gshadow
+ lines.
+ * lib/gshadow.c: Compare the result of fgetsx() with the provided
+ buffer instead of NULL.
+
+2009-06-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetgrnam.c,
+ libmisc/xgetpwuid.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c: Do
+ not limit the size of the buffer to hold the group or user
+ structure. It used to be limited to 16k, which caused issues with
+ groups having many users.
+
+2009-06-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c, man/su.1.xml: The default behavior (without -p or
+ --login) is to copy most of the environment variables. Revert a
+ previous change and update the documentation.
+
+2009-06-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/passwd.5.xml, man/shadow.5.xml: Document the passwd- and
+ shadow- files.
+
+2009-06-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/su.c: Preserve the DISPLAY and XAUTHORITY environment
+ variables, even with --login. This was not the case before in the
+ PAM version.
+
+2009-06-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c, src/groupmod.c, src/groupadd.c, src/faillog.c:
+ Fix typos. Take this opportunity to split the usage messages into
+ smaller messages (one per option).
+ * src/pwck.c: Fix typo.
+
+2009-06-05 Petri Koistinen <petri.koistinen@iki.fi>
+
+ * man/passwd.1.xml: The short option for --mindays is -n, not -m.
+
+2009-06-04 Mike Frysinger <vapier@gentoo.org>
+
+ * .gitignore, man/.gitignore, src/.gitignore: Added .gitignore
+ files.
+
+2009-06-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/su.1.xml: Use <option> for the login.defs options.
+ * man/su.1.xml: Improve the documentation of the su behavior
+ regarding environment variables.
+ * man/su.1.xml: Document that the login.defs file is used.
+
+2009-06-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.1.xml: Document that the login.defs file is used.
+
+2009-06-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/ENVIRON_FILE.xml: Document the format for
+ comments.
+
+2009-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/gpasswd.1.xml: Ease the translation of the refpurpose.
+ * man/gpasswd.1.xml: Fix typo, shorten sentences.
+
+2009-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/pwck.8.xml, man/grpck.8.xml: Move the SEE ALSO section at
+ the end.
+
+2009-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/vipw.c: Make sure opened files are closed.
+
+2009-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/chpasswd.8.xml, man/grpck.8.xml, man/newgrp.1.xml,
+ man/passwd.1.xml, man/sg.1.xml: Avoid a spurious comma.
+
+2009-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: New placeholder for the next release.
+
+2009-05-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/fr.po: Updated French translation.
+
+2009-05-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: Prepare the next release.
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2009-05-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/passwd.1.xml: passwd -u does not reset the expiry field.
+
+2009-05-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Updated some strings.
+
+2009-05-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newgrp.c: Return the exit status of the child. Thanks
+ to Lionel Elie Mamane.
+
+2009-05-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Added warnings for absolute symlinks which could
+ be broken by rename().
+
+2009-05-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/userdel.c: Report errors to remove the user's mailbox.
+ * NEWS, src/userdel.c: When USERGROUPS_ENAB is enabled, remove the
+ user's group when the user was the only member. This is still not
+ complete, as the user could have been specified twice in the
+ members.
+ * NEWS, src/userdel.c: Do not fail when -r is used and the home
+ directory does not exist.
+
+2009-05-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c: Added warning for relative symlinks.
+ * libmisc/copydir.c (remove_tree): There is no need to check if
+ the root argument exist. opendir() will report this.
+
+2009-05-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/faillog.8.xml: Minor updates.
+
+2009-05-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/faillog.5.xml: Split a long paragraph. Typo fixes.
+
+2009-05-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/gpasswd.1.xml: Minor updates.
+
+2009-05-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/gshadow.5.xml: Updated documentation.
+
+2009-05-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/usermod.8.xml, man/userdel.8.xml, man/useradd.8.xml:
+ Harmonize formatting of login.defs and default/useradd variables.
+ Use an <option> tag.
+ * man/usermod.8.xml: Added reference to gshadow(5).
+ * man/login.defs.d/USERDEL_CMD.xml: Shorten the lines of the
+ USERDEL_CMD example.
+
+2009-05-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Use a boolean instead of 0.
+
+2009-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/usermod.8.xml: Fixed typos.
+
+2009-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Next version will be 4.1.4.1.
+
+2009-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newusers.8.xml: Added notes regarding the ownership of
+ files.
+
+2009-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupmod.8.xml: Split the -g option description into smaller
+ paragraphs.
+
+2009-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/usermod.8.xml: Ownership of the mailbox is also changed with
+ the -u option.
+
+2009-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/useradd.8.xml: When no passwords are provided, the password
+ is disabled, not the account.
+
+2009-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newusers.8.xml, man/chpasswd.8.xml, man/useradd.8.xml,
+ man/groupadd.8.xml, man/usermod.8.xml, man/chgpasswd.8.xml,
+ man/groupmod.8.xml: Added warning: passwords set with these tools
+ may not respect the password policy.
+
+2009-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupadd.8.xml: Fixed formatting issue.
+
+2009-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/userdel.8.xml: Added warning for files that could remain
+ owner by the removed user.
+
+2009-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/useradd.8.xml: Fix formatting typo.
+
+2009-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupdel.8.xml: Move the warning on filesystems checks to
+ the CAVEAT section.
+
+2009-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/GID_MAX.xml: Fixed typo. useradd was specified
+ twice.
+
+2009-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupadd.8.xml, man/useradd.8.xml: names may also contain
+ digits.
+
+2009-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/shadow.5.xml: What is important in shadow is not the
+ encryption, but that the file is not world readable.
+
+2009-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Updated French translation. Thanks to ABBAS
+ Belkacem for the login.defs update.
+
+2009-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/usermod.8.xml: Split the CAVEAT section in paragraphs.
+ Updated information on the user_busy check.
+
+2009-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/userdel.8.xml: Document that -f may force the deletion of a
+ busy user.
+
+2009-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/usermod.c: Check if the user is busy when the user's
+ UID, name or home directory is changed.
+
+2009-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c, libmisc/user_busy.c, libmisc/Makefile.am,
+ lib/prototypes.h: Move user_busy() to libmisc/user_busy.c.
+ * NEWS, libmisc/user_busy.c: On Linux, do not check if an user is
+ logged in with utmp, but check if the user is running some
+ processes. If not on Linux, continue to search for an utmp record,
+ but make sure the process recorded in the utmp entry is still
+ running.
+
+2009-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/usermod.8.xml: Document the -m/--move-home option.
+
+2009-05-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c (user_busy): Check if the process registered in
+ utmp is still running. This avoids rejecting the removal of an
+ user when UTMP was not updated and indicate that the user is still
+ logged in.
+
+2009-05-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, libmisc/console.c (console): Remove the leading /dev/ from
+ the tty before comparing with the lines specified by CONSOLE.
+ * src/su.c: Do not remove the /dev/ prefix since it is done by
+ console().
+
+2009-05-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/CONSOLE.xml: Document the format of the CONSOLE
+ file.
+
+2009-05-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/login.c: Fix failure of non PAM enabled versions when
+ an empty username is entered after a first prompt.
+
+2009-05-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Added missing end of line at the end of success
+ messages.
+
+2009-05-16 sacha <sachall@infonie.fr>
+
+ * po/fr.po: Fixed typo in the vipw usage string.
+
+2009-05-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/shell.c: Removed invalid code that executed the user's
+ shell as a shell script when the direct execution of the user's
+ shell failed with ENOEXEC and the user's shell has a shebang. The
+ interpreter might not be the right one. Executing the user's
+ shell with sh -c might be better, but I'm not sure we should try
+ harder when there is a failure. Note: the removed code was only
+ included #ifndef __linux__.
+
+2009-05-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/userdel.8.xml: The USERGROUPS_ENAB group may not be removed
+ when the group is used by other users, not the user.
+
+2009-05-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c, man/login.defs.d/USERDEL_CMD.xml: Move the
+ USERDEL_CMD script example from the source code to the
+ documentation.
+
+2009-05-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newusers.8.xml: PAM enabled version: describe how passwords
+ are updated and how newusers behave in case of error.
+
+2009-05-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, configure.in: New release will be 4.1.4.
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2009-05-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c: Added prototype of readlink_malloc(), and
+ readlink_malloc() changed to static.
+
+2009-05-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Avoid redeclaration of root_pw.
+
+2009-05-10 NAKANO Takeo <nakano@webmasters.gr.jp>
+
+ * po/ja.po: Updated Japanese translation.
+
+2009-05-10 Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>
+
+ * po/fr.po: Updated French translation.
+
+2009-05-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Avoid PATH_MAX. On glibc, we can use realpath
+ with a NULL argument.
+ * src/useradd.c: Replace PATH_MAX by a fixed constant. The buffer
+ was not meant as a storage for a path.
+ * src/useradd.c, src/newusers.c, src/chpasswd.c: Better detection
+ of fgets errors. Lines shall end with a \n, unless we reached the
+ end of file.
+ * libmisc/copydir.c: Avoid PATH_MAX. Support file paths with any
+ length. Added readlink_malloc().
+
+2009-05-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Warn if an user has an entry in passwd and shadow,
+ and the password field in passwd is not 'x'.
+ * src/grpck.c: Warn if a group has an entry in group and gshadow,
+ and the password field in group is not 'x'.
+
+2009-05-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/ENCRYPT_METHOD.xml,
+ man/login.defs.d/MD5_CRYPT_ENAB.xml,
+ man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml: Updated note for PAM
+ enabled versions. These variables are only used for group
+ passwords in this case.
+
+2009-05-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/chpasswd.8.xml: Sorted options alphabetically.
+
+2009-05-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newusers.c, src/Makefile.am: Added support for
+ changing the passwords with PAM.
+ * src/newusers.c: Split the usage string in smaller parts to
+ allow enabling single parts.
+ * man/newusers.8.xml: Indicate the options and configuration
+ variables valid for PAM and non-PAM versions.
+ * man/newusers.8.xml: Added pointer to /etc/pam.d/chpasswd.
+
+2009-05-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c: Remove duplicate definitions of exit codes.
+
+2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/non_interactive_pam_conv.c,
+ libmisc/pam_pass_non_interractive.c, libmisc/Makefile.am: Renamed.
+ * libmisc/pam_pass_non_interractive.c, lib/prototypes.h:
+ non_interactive_password and non_interactive_pam_conv do not need
+ to be externally visible.
+ * libmisc/pam_pass_non_interractive.c: Added declaration of
+ ni_conv.
+ * libmisc/pam_pass_non_interractive.c: Only compile ifdef USE_PAM.
+ * libmisc/pam_pass_non_interractive.c, lib/prototypes.h:
+ Added do_pam_passwd_non_interractive().
+ * src/chpasswd.c: Use do_pam_passwd_non_interractive().
+
+2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/pam_pass.c: Removed comment regarding pam_misc. This is
+ checked by configure.in.
+
+2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.5.xml: PAM enabled chpasswd do not use any
+ configuration variable from login.defs.
+
+2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/passwd.1.xml: Differentiate the files used for PAM and
+ non-PAM versions.
+
+2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/chpasswd.8.xml: Describe how chpasswd behaves in case of error.
+ * man/chpasswd.8.xml: Describe the PAM enabled chpasswd behavior.
+ * man/chpasswd.8.xml: Differentiate the files and configurations
+ used for PAM and non-PAM versions.
+
+2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: failcount does not need to be signed.
+
+2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/Makefile.am: PAM enabled chpasswd now needs to be linked to
+ the PAM library, even if --enable-account-tools-setuid is not
+ used.
+
+2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chpasswd.c: Added the line number when an error is reported
+ instead of only the username.
+ * src/chpasswd.c: PAM enabled chpasswd may change the password
+ database (for the user where the password update succeeded) even
+ if there were a failure for one user. Do not indicate that changes
+ were ignored.
+
+2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Exit immediately when unlocking a password would
+ result in a passwordless account. This avoid printing a success
+ message after the warning.
+
+2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/nologin.c: Include <stdlib.h> to get EXIT_FAILURE.
+
+2009-05-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, configure.in: Fix build failure on non-PAM enabled system
+ when --without-pam is not specified.
+
+2009-04-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Ignore the return values of fclose() and
+ unlink() in case of failure of fopen_set_perms() or
+ create_backup().
+ * lib/commonio.c: Should the backup file be unlink'ed in case of
+ failure of create_backup()?
+
+2009-04-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/getulong.c: Added splint annotations.
+
+2009-04-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c, src/chfn.c, src/groupmems.c, src/usermod.c,
+ src/userdel.c, src/chpasswd.c, src/grpck.c, src/gpasswd.c,
+ src/groupdel.c, src/chgpasswd.c, src/vipw.c, src/useradd.c,
+ src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c,
+ src/groupadd.c, src/chage.c, src/login.c, src/faillog.c,
+ src/sulogin.c, src/chsh.c, src/pwconv.c: Added splint annotations.
+ * src/userdel.c, src/pwconv.c, src/lastlog.c, src/grpck.c,
+ src/vipw.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/login.c,
+ src/sulogin.c, src/usermod.c: Use return instead of exit at the
+ end of main().
+ * src/gpasswd.c, src/passwd.c, src/faillog.c: Use the exitcodes.h
+ exit codes.
+ * src/chpasswd.c: Added missing ||.
+ * src/nologin.c: Do not include exitcodes.h.
+ * src/nologin.c: Added brackets.
+ * src/nologin.c: Avoid assignments in comparisons.
+
+2009-04-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/getgr_nam_gid.c, lib/get_gid.c, lib/get_pid.c,
+ lib/get_uid.c: Added splint annotations.
+
+2009-04-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/exitcodes.h: Define E_SUCCESS as EXIT_SUCCESS. Added FIXMEs.
+ * libmisc/chowntty.c, libmisc/rlogin.c, libmisc/sub.c,
+ src/newusers.c, libmisc/sulog.c, libmisc/system.c, src/logoutd.c,
+ src/groups.c, src/id.c, lib/encrypt.c, libmisc/audit_help.c,
+ libmisc/limits.c: Return EXIT_FAILURE instead of 1, and
+ EXIT_SUCCESS instead of 0.
+ * libmisc/audit_help.c: Replace an fprintf() by fputs().
+ * libmisc/audit_help.c: Remove documentation of the audit_logger
+ returned values. The function returns void.
+ * libmisc/system.c: Only return status if waitpid succeeded.
+ Return -1 otherwise.
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/chpasswd.c: Added support for changing the passwords
+ with PAM.
+ * src/chpasswd.c: Split the usage string in smaller parts to
+ allow enabling single parts.
+ * src/chpasswd.c: Do not set a global lock on the password files.
+ This is done by PAM each time a password is updated.
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/defines.h: Include <utmpx.h> and <utmp.h> to define
+ USER_NAME_MAX_LENGTH.
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Change a snprintf() to strncpy(). There are no
+ format.
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Harmonize status report at the end of passwd.
+ Prefix the messages with "passwd: ", only indicate a password
+ change if the password was actually changed, and password
+ properties changed otherwise.
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chgpasswd.c, src/newusers.c: There is no need to test for 0
+ after getopt_long. No options have flag != NULL.
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: Replace #if by #ifdef
+ * libmisc/Makefile.am, lib/prototypes.h,
+ libmisc/non_interactive_pam_conv.c: Added
+ non_interactive_pam_conv() and non_interactive_password.
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c, src/userdel.c, src/logoutd.c: Replace #if by #ifdef
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/vipw.c: Harmonize messages.
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/lastlog.c: Replace atoi() by getulong().
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/failure.h: Replace HAVE_UTMPX_H by USE_UTMPX.
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/rlogin.c: Replace atoi() by getulong().
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/failure.c: Replace HAVE_UTMPX_H by USE_UTMPX.
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/chkname.c: Do not include <utmp.h> and <utmpx.h>. There
+ are no more needed.
+
+2009-04-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/limits.c: Replace strtol() by getlong().
+ * libmisc/limits.c: Replace HAVE_UTMPX_H by USE_UTMPX.
+
+2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupmod.8.xml, man/usermod.8.xml, man/groupadd.8.xml,
+ man/useradd.8.xml: Added note to warn about insecurity in using
+ --password.
+ * man/groupmod.8.xml: Removed not regarding default if --password
+ is not used. This was a cut&paste from groupadd.8.xml.
+ * man/passwd.1.xml: Split some paragraphs.
+ * man/passwd.1.xml: Recommend other encryption methods than DES.
+
+2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Move update_utmp() after the PID or session ID
+ changed in order to get more accurate data in UTMP. This also
+ fixes "exec login" when login in installed setuid.
+
+2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Reuse a string and avoid an untranslated message
+ "Login incorrect".
+
+2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Replace HAVE_UTMPX_H by USE_UTMPX.
+ * src/login.c: Avoid name clash between global variables and the
+ update_utmp() arguments.
+
+2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupadd.c, lib/commonio.c, lib/groupio.c: Added missing
+ include of <assert.h>
+
+2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: Replace HAVE_UTMPX_H by USE_UTMPX.
+ * lib/prototypes.h, libmisc/log.c: Added splint annotations.
+ * libmisc/log.c: Added SYSLOG warning when lseek fails (should not
+ happen).
+
+2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/mail.c, libmisc/copydir.c: Added missing include of
+ <assert.h>
+
+2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/env.c: Added assertions on the snprintf results.
+
+2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, configure.in: Added configure option --enable-utmpx,
+ disabled by default. This defines USE_UTMPX, which should be used
+ instead of HAVE_UTMPX_H.
+ * libmisc/utmp.c: Replace HAVE_UTMPX_H by USE_UTMPX.
+ * libmisc/utmp.c: Removed old comment on HAVE_STRUCT_UTMP_UT_ID
+ and UTMPX support.
+
+2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Fix typo.
+
+2009-04-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c: Close the databases before changing the UDI and
+ GID.
+
+2009-04-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/myname.c: Updated splint annotations.
+
+2009-04-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Added splint annotations.
+ * lib/commonio.c: old_context should be local to commonio_close(),
+ not global.
+
+2009-04-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Do not freecon strings duplicated with strdup.
+ Also avoid allocation of memory.
+ * src/passwd.c: Use SYSLOG instead of syslog.
+
+2009-04-25 Miroslav Kure <kurem@upcase.inf.upol.cz>
+
+ * po/cs.po: Updated to 352T7f8u
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.h, lib/commonio.c: Added splint annotations.
+ * lib/commonio.c: Do not assumes eptr is always notnull.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, po/pt.po: Updated Portuguese translation.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c: Added splint annotations.
+ * libmisc/copydir.c: Added assert to help splint.
+ * libmisc/copydir.c: Free allocated structures in cas of failure.
+ * libmisc/copydir.c: Avoid implicit conversion of pointers to
+ booleans.
+ * libmisc/copydir.c: Use buffers of size PATH_MAX instead of 1024
+ for filenames.
+ * libmisc/copydir.c: Use fchmod and fchown to change the mode of
+ the opened file.
+ * libmisc/copydir.c: Indicate the mode to open(), even if we chmod
+ later.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: Added prototypes of getulong() and get_pid().
+ * lib/prototypes.h: Added splint annotations.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Use get_pid() instead of strtol.
+ * lib/commonio.c: Replace an int by a size_t.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.h: Added splint annotations.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/sgroupio.c: Free allocated structures on failure.
+ * lib/sgroupio.c: Added splint annotations.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/Makefile.am, lib/get_pid.c, lib/getulong.c: Added get_pid()
+ and getulong().
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/getlong.c: Do not check for NULL string but empty string.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c: Updated splint annotations.
+ * lib/groupio.c: Added assert to help splint.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Check assumptions on snprintf().
+ * src/useradd.c: Replace peror by an strerror and avoid an
+ intermediate buffer.
+ * src/useradd.c: Save errno between the failure and the report by
+ perror/strerror.
+ * src/useradd.c: Prefer xmalloc to malloc.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/lastlog.c: Remove function calls from within assert().
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/obscure.c: Change some int to size_t.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/console.c: Use a less disturbing construct for splint.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/limits.c: Parse the limits, umask, nice, maxlogin, file
+ limit with getlog() / getulong(). This also means, in case of
+ non-PAM enabled systems, that the umask specified on the GECOS
+ fields should start with a 0 if specified in octal. (it used to be
+ force to octal). Do the appropriate cast and range checking.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c: In case gettimeofday() fails, get some entropy
+ from the PID.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/setupenv.c: Prefer snprintf to sprintf, even if a small
+ context indicates no issues.
+ * libmisc/setupenv.c: Avoid implicit conversion of pointers to
+ booleans.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/loginprompt.c: Prefer snprintf to sprintf, even if a
+ small context indicates no issues.
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/faillog.c: Remove function calls from within assert().
+
+2009-04-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/mail.c: Ignore the return value of puts().
+ * libmisc/mail.c: Prefer snprintf to sprintf, even if a small
+ context indicates no issues.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c, lib/commonio.h, lib/groupio.c, lib/groupio.h,
+ lib/pwio.c, lib/pwio.h, lib/shadowio.c, lib/shadowio.h: Added
+ splint annotations. The *_locate() and *_next() functions
+ currently return an observer. As the structure are often modified
+ by the caller, it could maybe be changed to exposed later. (and
+ non-const)
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/pwauth.c: Use a boolean for wipe_clear_pass and use_skey.
+ * lib/pwauth.c: Added splint annotations.
+ * lib/pwauth.c: Added brackets and parenthesis.
+ * lib/pwauth.c: Avoid assignments in comparisons.
+ * lib/pwauth.c: Avoid implicit conversion of pointers or
+ characters to booleans.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmod.c: Cast ID to ulongs and use ulong formats for IDs.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c: Added splint annotations.
+ * src/newgrp.c: audit_buf is only used in newgrp. Make it static.
+ * src/newgrp.c: Ignore the return value of fputs().
+ * src/newgrp.c: Use exit(EXIT_FAILURE) instead of exit(1).
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/pwdcheck.c (passwd_check): The progname is not used.
+ * libmisc/pwdcheck.c: Ignore the return value of sleep().
+ * libmisc/pwdcheck.c: Use exit(EXIT_FAILURE) instead of exit(1).
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/setupenv.c: Avoid assignments in comparisons.
+ * libmisc/setupenv.c: Added brackets and parenthesis.
+ * libmisc/setupenv.c: Ignore the return value of fclose (file
+ opened read-only)
+ * libmisc/setupenv.c: Ignore the return value of puts().
+ * libmisc/setupenv.c: Avoid implicit conversion of pointers to
+ booleans.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c,
+ libmisc/isexpired.c, src/groupadd.c, lib/pwauth.h, lib/groupmem.c,
+ lib/shadowmem.c, lib/pwmem.c, lib/prototypes.h: Added splint
+ annotations.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/loginprompt.c: Use exit(EXIT_FAILURE) instead of
+ exit(1).
+ * libmisc/loginprompt.c: Avoid implicit conversion of pointers to
+ booleans.
+ * libmisc/loginprompt.c: Ignore return value of putc().
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/env.c, libmisc/age.c: Added splint annotations.
+ * libmisc/age.c: Added brackets and parenthesis.
+ * libmisc/age.c: Ignore the return value of fclose (file opened
+ read-only)
+ * libmisc/age.c: Ignore puts() return value.
+ * libmisc/age.c: Use exit(EXIT_FAILURE) instead of exit(1).
+ * libmisc/age.c: Avoid assignments in comparisons.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/fputsx.c, lib/gshadow.c, lib/commonio.h: Added splint
+ annotations.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/get_gid.c: gidstr should not be NULL, but the check was
+ meant to make sure it is not empty.
+ * lib/get_uid.c: Likewise.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/getdef.c: Added splint annotations.
+ * lib/getdef.c: Ignore fputs() return value.
+ * lib/getdef.c: Use EXIT_FAILURE / EXIT_SUCCESS for exit()
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/faillog.c: Added splint annotations.
+ * src/faillog.c: Cast ID to ulongs and use ulong formats for IDs.
+ * src/faillog.c: Ignore fflush() return value.
+ * src/faillog.c: Added parenthesis.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpck.c: Ignore puts return value.
+ * src/grpck.c: Avoid variable format string.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/lastlog.c: Use EXIT_FAILURE / EXIT_SUCCESS for exit()
+ * src/lastlog.c: Added splint annotations.
+ * src/lastlog.c: Avoid global pwent.
+ * src/lastlog.c: Cast ID to ulongs and use ulong formats for IDs.
+ * src/lastlog.c: Avoid assignment in comparisons.
+ * src/lastlog.c: Ignore fclose() return value since the file is
+ only opened for reading.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c: Added assertion to guide splint (and me).
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_gid.c: Use booleans instead of char fo
+ used_gids.
+ * libmisc/find_new_gid.c: Use getdef_ulong and cast to git_t to
+ get GID values.
+ * libmisc/find_new_gid.c: Use UL as a prefix for ulong values.
+ * libmisc/find_new_uid.c: Likewise.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/yesno.c: Ignore the return value of puts.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/age.c: Use exit(EXIT_FAILURE) instead of exit(1).
+ * libmisc/age.c: The return value of execl() is not used.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/xgetXXbyYY.c, libmisc/myname.c, libmisc/getgr_nam_gid.c,
+ libmisc/salt.c, libmisc/list.c, libmisc/cleanup.c, src/login.c,
+ lib/getdef.h, lib/groupio.c, lib/getlong.c, lib/gshadow_.h,
+ lib/sgroupio.c, lib/shadowio.c, lib/pwio.c, lib/commonio.h,
+ lib/fputsx.c, lib/prototypes.h: Added splint annotations.
+ * lib/groupio.c: Avoid implicit conversion of pointers to
+ booleans.
+ * lib/groupio.c: Free allocated buffers in case of failure.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/defines.h: Added splint definitions to replace <locale.h>
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c, libmisc/age.c, libmisc/shell.c, lib/groupio.c,
+ lib/groupio.h, lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c,
+ lib/pwio.c, lib/commonio.c, lib/shadowio.h, lib/pwio.h,
+ lib/commonio.h, lib/prototypes.h: Added splint annotations.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c: Only set ut_time and ut_tv if gettimeofday()
+ succeeds.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c: Fix the check for empty host in prepare_utmp()
+ and prepare_utmpx().
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c: The ut argument of prepare_utmp() and
+ prepare_utmpx () might be NULL. ut_id needs to be forged in that
+ case.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c: Removed old documentation of setutmp().
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c: Use xmalloc() rather than malloc().
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c: The name returned by ttyame() needs to be copied
+ locally.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Added assert()s for NULL (or ! NULL) username, and
+ pwd. This helps splint.
+ * src/login.c: Added splint annotations.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: After login_prompt(), do not check for unset
+ username, but for empty username.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/defines.h: Define USER_NAME_MAX_LENGTH, based on utmp and
+ default to 32.
+ * libmisc/chkname.c: Use USER_NAME_MAX_LENGTH.
+ * src/login.c: Use USER_NAME_MAX_LENGTH instead of the default 32.
+ username also needs to be bigger than USER_NAME_MAX_LENGTH because
+ it has to be nul-terminated.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Use xmalloc() instead of malloc().
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Ignore the return value of puts(), fputs(),
+ strftime().
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: timeout, delay, and retries should be unsigned.
+ * src/login.c: Ignore the return value of alarm() and sleep().
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: If we cannot get the terminal configuration, do not
+ change the terminal configuration. setup_tty() is just a best
+ effort configuration of the terminal.
+ * src/login.c: Ignore failures when setting the terminal
+ configuration.
+ * src/login.c: Fail if the ERASECHAR or KILLCHAR configurations
+ are not compatible with a cc_t type.
+
+2009-04-22 Paul Szabo <psz@maths.usyd.edu.au>
+
+ * src/login.c: utent might be NULL after get_current_utmp().
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Removed temp_shell. No more used.
+ * src/login.c: lastlog is only used #ifndef USE_PAM
+ * src/login.c: Rename lastlog to ll to avoid name clash with the
+ lastlog type.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Added update_utmp() to group the prepare_utmp and
+ setutmp (and the utmpx versions).
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Do not include netdb.h. gethostbyname() is no more
+ called from within login.c. Also UT_ADDR does not exist anymore.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Check if login is run with effective root
+ privileges. This should be more helpful to users than a failure to
+ find an utmp entry or failure to access a file.
+
+2009-04-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c: Reworked. Get rid of Linux specific stuff. Get rid
+ of global utent/utxent variables. Only reuse the ut_id and maybe
+ the ut_host fields from utmp.
+ * lib/prototypes.h, libmisc/utmp.c: Removed checkutmp(),
+ setutmp(), setutmpx().
+ * lib/prototypes.h, libmisc/utmp.c: Added get_current_utmp(),
+ prepare_utmp(), prepare_utmpx(), setutmp(), setutmpx().
+ * libmisc/utmp.c (is_my_tty): Only compare the name of the utmp
+ line with ttyname(). (No stat of the two terminals to compare the
+ devices).
+ * libmisc/utmp.c: Use getaddrinfo() to get the address of the
+ host.
+ * configure.in: Check for getaddrinfo().
+ * configure.in: Use AC_CHECK_MEMBERS to check for the existence of
+ fields in the utmp/utmpx structures.
+ * configure.in: Reject systems with utmpx support but no ut_id
+ field in utmp. This could be fixed later if needed.
+ * src/login.c: Use the new utmp functions. This also simplifies
+ the failtmp() handling.
+ * src/login.c: passwd_free() renamed to pw_free() and
+ shadow_free() renamed to spw_free()
+
+2009-04-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, configure.in: Enable --enable-account-tools-setuid by
+ default for PAM builds, as it used to be before the introduction
+ of this option.
+
+2009-04-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * etc/pam.d/Makefile.am: Distribute all pam.d files, even if
+ ACCT_TOOLS_SETUID is not enabled.
+
+2009-04-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/shadowmem.c: Added spw_free().
+ * lib/shadowio.c: Use spw_free() for shadow_free().
+ * lib/groupmem.c: Added gr_free().
+ * lib/groupio.c: Use gr_free() for group_free().
+ * lib/pwmem.c: Include define.h before prototypes.h
+ * lib/pwmem.c: Added pw_free().
+ * lib/pwio.c: Use pw_free() for passwd_free().
+ * lib/sgroupio.c: Added sgr_free().
+ * lib/sgroupio.c: Use sgr_free() for gshadow_free().
+ * lib/prototypes.h: Added gr_free(), pw_free(), sgr_free(),
+ spw_free().
+
+2009-04-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/shell.c: Add brackets and parenthesis.
+ * libmisc/shell.c: Avoid assignments in comparisons.
+ * libmisc/shell.c: Re-indent.
+
+2009-04-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/defines.h: Added MIN and MAX macros.
+ * libmisc/salt.c: Removed MIN and MAX macros.
+
+2009-04-20 Sven Joachim <svenjoac@gmx.de>
+
+ * NEWS, src/lastlog.c: Fix regression causing empty reports.
+ Get the size of the file before printing the entries.
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Get rid of pwent. pwd is sufficient as long as it
+ is always coming from xgetpwnam. There is no need to copy pwd to
+ pwent, this was not a good idea anyway as the strings from pwd
+ were not duplicated.
+ * src/login.c: Always free the pwd and spwd structure when we
+ retrieve a new one. This will clear the password of the previous
+ user from the memory.
+ * src/login.c: user_passwd is used to keep point to the password
+ of the user being authenticated.
+ * src/login.c: (non PAM) Fail if the user's entry cannot be found
+ after the user updated her password (if expire() requested an
+ update).
+ * src/login.c: If the user does not exist on the system, there is
+ no need to build a pwd structure (with shell).
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: ttytype already checks for TTYTYPE_FILE and TERM.
+ Just call ttytype.
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Open the PAM session before pam_setcred and before
+ initgroups. This is more consistent with rfc86.0.
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Added helper functions get_pam_user() and
+ get_failent_user().
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Added parameter to check_nologin. This will help
+ getting rid of the global pwent variable.
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Added comments.
+ * src/login.c: Close the user and group files before dropping root
+ privileges.
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: We do not need to keep the old umask. Discard the
+ umask() return value.
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/hushed.c, lib/prototypes.h, src/login.c: Change the
+ hushed() prototype to take a username instead of a passwd
+ structure in argument. The passwd entry is retrieved withing
+ hushed().
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/setugid.c: Updated comments.
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/failure.h, libmisc/failure.c, src/login.c: Added
+ username as first parameter of failtmp to avoid issues with
+ non-null terminated ut_user, unavailability of ut_user, incomplete
+ username (that should not happen currently).
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/ttytype.c: Add brackets and parenthesis.
+ * libmisc/ttytype.c: Avoid assignments in comparisons.
+
+2009-04-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/pwio.c, lib/shadowio.c, lib/groupio.c, lib/sgroupio.c: Fill
+ the password fields with zeros before they are freed.
+
+2009-04-19 Changwoo Ryu <cwryu@debian.org>
+
+ * po/ko.po: Updated Korean translation.
+
+2009-04-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/login.c: Also check if the authentication token of the
+ user has to be updated in case the user was already authenticated.
+
+2009-04-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: fflg is already restricted to root. Move
+ pam_acct_mgmt(), in case of fflg, earlier. This is equivalent and
+ simplifies the code.
+
+2009-04-19 Paul Szabo <psz@maths.usyd.edu.au>
+
+ * libmisc/utmp.c: Always call endutent or endutxent when setutent
+ or setutxent were used.
+
+2009-04-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Added comment to make sure PAM_RHOST or PAM_TTY do
+ not get set to unsanitized values.
+
+2009-04-17 Paul Szabo <psz@maths.usyd.edu.au>
+
+ * NEWS, src/login.c: Do not trust the current utmp entry's ut_line
+ to set PAM_TTY.
+ * libmisc/utmp.c: Do not trust the current utmp entry's ut_line.
+ Always set ut_line based on ttyname(0).
+
+2009-04-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+ * configure.in: Updated version number.
+
+2009-04-15 Peter Vrabec <pvrabec@redhat.com>
+
+ * NEWS, src/userdel.c: Fixed SE Linux support. semanage should be
+ called at the end.
+ * src/useradd.c: Always call selinux_update_mapping() (i.e.
+ semanage), not only when -Z is used.
+
+2009-04-15 Peter Vrabec <pvrabec@redhat.com>
+
+ * NEWS, srclib/getlong.c: Fix parsing of octal numbers.
+
+2009-04-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/login.c: Fix segfault when no user is provided on the
+ command line.
+
+2009-04-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * README, libmisc/system.c: Was contributed by Dan Walsh.
+
+2009-04-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEW, src/vipw.c: SE Linux: Set the default context to the
+ context of the file being edited. This ensures that the backup
+ file inherit from the file's context.
+
+2009-04-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/usermod.8.xml: There are no default values for --inactive
+ and --gid. If the options are no provided, the original values are
+ not changed.
+
+2009-04-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2009-04-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: If there are no root account, or if the root account
+ has an UID != 0, default to the first UID 0 account.
+
+2009-04-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Restore the echoctl, echoke, onclr flags to the
+ terminal termio flags. Reset echoprt, noflsh, tostop. This
+ behavior seems to have change by mistake in earlier releases
+ (4.0.8, for no obvious reason).
+
+2009-04-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Fix the count of failures before login exits in
+ case of PAM enabled configurations.
+
+2009-04-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/passwd.1.xml: Document that passwd uses PAM to authenticate
+ and change passwords on PAM-enabled builds.
+
+2009-04-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Add more information to the mkdir and chown
+ failure messages.
+
+2009-04-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Updated some login.defs entries. Thanks to
+ Belkacem Abbas.
+
+2009-04-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml,
+ man/login.defs.d/CONSOLE_GROUPS.xml: Fix typos.
+
+2009-04-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/es/Makefile.am: Disable the distribution of Spanish
+ manpages. They are outdated. Please contact
+ pkg-shadow-devel@lists.alioth.debian.org if you wish to provide
+ updates.
+
+2009-04-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c, src/useraddd.c: Fix the usage string so that it
+ does not change depending on the configure option. Use a format.
+
+2009-04-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: Fix the usage of the unused macro.
+
+2009-04-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, libmisc/age.c, src/expiry.c, src/login.c: A
+ shadow entry is now sufficient for agecheck. Remove the first
+ passwd entry parameter.
+
+2009-04-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c, src/usermod.c: Only call selinux_update_mapping()
+ if Zflg is set.
+ * src/userdel.c: Rename argv to args to avoid nameclash with the
+ main() parameters.
+
+2009-04-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/getgr_nam_gid.c: Added support for NULL argument.
+ * libmisc/chowntty.c: Reuse getgr_nam_gid(), and get rid of atol().
+
+2009-04-11 Peter Vrabec <pvrabec@redhat.com>
+
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c: For system
+ accounts, return the first unused ID, starting from the max value.
+ This could be useful later to increase the static IDs range.
+
+2009-04-11 Peter Vrabec <pvrabec@redhat.com>
+
+ * NEWS, src/useradd.c, man/useradd.8.xml: add -Z option to map
+ SELinux user for user's login.
+ * NEWS, src/usermod.c, man/usermod.8.xml: Likewise.
+ * libmisc/system.c, libmisc/Makefile.am, lib/prototypes.h: Added
+ safe_system(). Used to run semanage.
+ * lib/prototypes.h, libmisc/copydir.c: Make a
+ selinux_file_context() an extern function.
+ * libmisc/copydir.c: Reset SELinux to create files with default
+ contexts at the end of copy_tree().
+ * NEWS, src/userdel.c: Delete the SELinux user mapping for user's
+ login.
+
+2009-04-11 Peter Vrabec <pvrabec@redhat.com>
+
+ * src/useradd.c (get_defaults): Close the default file after the
+ default values were read.
+
+2009-04-11 Christian Perrier <bubulle@debian.org>
+
+ * po/sk.po: Slovak translation updated. Thanks to Ivan Masár
+
+2009-04-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/Makefile.am, lib/prototypes.h: Added sgetspent.c.
+
+2009-04-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/POTFILES.in: Added missing files. Sorted.
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/getdef.c: Use getlong instead of strtol/strtoul.
+ * libmisc/getlong, lib/getlong.c, libmisc/Makefile.am,
+ lib/Makefile.am: getlong.c moved from libmisc/ to lib/.
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/shadow.c: Replace strtol() by getlong(). Also detect more
+ issues in a numerical shadow entry field.
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/sgetspent.c: Only compile ifndef HAVE_SGETSPENT
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/sgetspent.c: Replace strtol() by getlong(). Also detect more
+ issues in a numerical shadow entry field.
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c: More strtol() replaced by getlong().
+ * src/chage.c: expdays renamed to expdate. It is a date, even if
+ expressed in a number of days since Jan 1, 1970.
+ * src/chage.c: Likewise: lastday renamed to lstchgdate. Also fix
+ the --lastday documentation.
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: pwd_to_spwd() should be declared if USE_PAM is
+ NOT defined.
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Replace getnumber() by getlong(). This permits to
+ get rid of another strtol().
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/getlong.c: Include both <stdlib.h> and <errno.h> needed
+ for strtol and errno, and do not include "defines.h" (not needed).
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c, src/usermod.c, libmisc/getgr_nam_gid.c,
+ libmisc/Makefile.am, lib/prototypes.h: Moved getgr_nam_gid() from
+ src/useradd.c and src/usermod.c to libmisc/getgr_nam_gid.c.
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Re-indent.
+ * src/useradd.c: Use getlong instead of get_number.
+ * src/useradd.c: Get rid of strtol.
+ * src/useradd.c: Provide better warning in case a default GROUP or
+ INACTIVE value is not valid in /etc/default/useradd.
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Re-indent.
+ * src/usermod.c: Specifying a inactivity value < -1 is not valid.
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Prepare the next 4.1.3 release.
+ * po/*.po, man/po/*.po: Updated PO files.
+
+2009-04-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, libmisc/addgrps.c: restrict add_groups() to
+ ifndef USE_PAM.
+ * lib/prototypes.h: Remove the declaration of add_cons_grps(). The
+ function does not exist.
+ * libmisc/setugid.c libmisc/age.c (setup_uid_gid): is_console is
+ never set ifndef USE_PAM. Change the prototype of setup_uid_gid()
+ when USE_PAM is not defined. This permits to remove add_groups
+ from PAM builds. setup_uid_gid is already subject to
+ HAVE_INITGROUPS.
+ * libmisc/pwd2spwd.c (pwd_to_spwd): pwd_to_spwd() is not used in
+ PAM builds.
+
+2009-04-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: do_update_age is only used ifndef USE_PAM. Make it
+ more explicit.
+
+2009-04-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Set errno to 0 before calling strtol.
+
+2009-04-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/isexpired.c: If there are no shadow entry, there is no
+ need to convert the password entry to a shadow entry. The password
+ is valid.
+
+2009-04-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/usermod.8.xml: Split some paragraphs into smaller units.
+
+2009-04-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/shadow.5.xml: Rewrote to mention the meaning of special
+ values.
+
+2009-04-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/pwd2spwd.c, src/chpasswd.c, src/newusers.c,
+ src/passwd.c, src/pwck.c, src/pwconv.c, src/useradd.c,
+ src/usermod.c: On Jan 01, 1970, do not set the sp_lstchg field to
+ 0 (which means that the password shall be changed during the next
+ login), but use -1 (password aging disabled).
+ * src/passwd.c: Do not check sp_min if sp_lstchg is null or -1.
+
+2009-04-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c: When no shadow entry exist, the default sp_lstchg
+ value should be -1 (no aging) rather than 0 (password must be
+ changed).
+ * src/chage.c: For password expiration and inactivity, indicate
+ that the password must be changed when sp_lstchg is null rather
+ than indicating that expiration and inactivity are not enabled.
+
+2009-04-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/isexpired.c: Document the isexpired return value.
+
+2009-04-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/age.c: Return a specific message when sp_lstchg is null.
+
+2009-03-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/sgetpwent.c, lib/sgetgrent.c: Use get_uid and get_gid to
+ validate the UIDs or GIDs instead of atoi/strtol.
+
+2009-03-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/get_gid.c, libmisc/get_uid.c, libmisc/Makefile.am,
+ lib/get_gid.c, lib/get_uid.c, lib/Makefile.am: get_uid.c and
+ get_gid.c moved from libmisc/ to lib/.
+
+2009-03-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpck.c (check_members): When a member is removed, do not
+ increase the index.
+ * src/grpck.c: Fix typo in messages and comments.
+
+2009-03-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Call fsync before closing the backup file. This
+ ensures that the backup file is flushed to the storage medium.
+ * src/useradd.c: Likewise for the default file, faillog, lastlog,
+ and mail spool.
+ * src/usermod.c: Likewise for the faillog and lastlog file.
+ * src/vipw.c: Likewise for the backup file.
+ * libmisc/sulog.c: Likewise for the su log.
+
+2009-03-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmod.c: Embed gshadow related cleanup in #ifdef
+ SHADOWGRP.
+
+2009-03-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: get_number() replaced by getlong().
+ * src/usermod.c: When the user is renamed, make sure we do not
+ override an user with the same name (in passwd or shadow).
+
+2009-03-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: log_gpasswd_success_gshadow is in the cleanup
+ stack only when the shadow group file is present.
+
+2009-03-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/userdel.c: Make sure the user exists in the shadow
+ database before calling spw_remove().
+ * NEWS, src/userdel.c: When the user's group is removed, make sure
+ the group is in the gshadow database before calling sgr_remove().
+ * src/userdel.c: Improve warning's wording.
+
+2009-03-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/cleanup.c: Fix del_cleanup. The arguments were not
+ desynchronized with the cleanup functions.
+ * libmisc/cleanup.c: cleanup_function_args is an array of void
+ pointer, not strings.
+
+2009-03-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_gid.c: Fix find_new_gid() the current group
+ database was not taken into account.
+
+2009-03-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/addgrps.c: Fix compilation warnings.
+
+2009-03-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/Makefile.in.in: xml2po cannot exclude one entity for
+ expansion. Make sure config.xml does not exist when the POT file
+ is created in order to keep the configurations in the POT file
+ * man/generate_translations.mak: make sure config.xml does not
+ exist neither when the translated XML is generated. Add the
+ missing %config; (strip out by xml2po). and make sure config.xml
+ is present when the translated manpage is generated.
+ * man/generate_mans.mak: config.xml is needed for the generation
+ of manpages (already in the .deps for the English manpages, but
+ needed for the translations).
+ * man/Makefile.am: Added missing CREATE_HOME.xml.
+
+2009-03-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * etc/login.defs: Added note for PAM enabled configurations.
+
+2009-03-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/Makefile.am: Compute the dependencies for building the
+ manpages.
+ * man/generate_mans.deps: Added Makefile dependency rules.
+
+2009-03-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/addgrps.c: Fix warnings.
+
+2009-03-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Added missing space.
+
+2009-03-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/lastlog.8.xml: Document that there might be entries, for
+ deleted users, that are not displayed.
+
+2009-03-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/chgpasswd.8.xml, man/chpasswd.8.xml: Fix the man page in
+ case SHA crypt is not supported.
+
+2009-03-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/vipw.8.xml: MAX_MEMBERS_PER_GROUP is not used by vipw and
+ vigr.
+
+2009-03-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.5.xml: Indicate that sg uses the same variables
+ as newgrp.
+ * man/login.defs.5.xml: vipw does not use any variable.
+ * man/login.defs.5.xml: In PAM enabled configurations, login still
+ uses some login.defs variables.
+
+2009-03-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/usermod.8.xml: use a <replaceable> instead of a
+ <emphasis remap='I'>.
+
+2009-03-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newusers.8.xml: Document the behavior of newusers for each
+ field.
+ * man/newusers.8.xml: Do not add the note on PAM on non-PAM
+ enabled configurations.
+
+2009-03-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Make sure the SHA related variables are not
+ compiled when disabled at configuration time.
+ * src/newusers.c: Added FIXME
+ * src/chpasswd.c: Make sure the SHA related variables is not
+ compiled when disabled at configuration time.
+ * src/chgpasswd.c: Make sure the SHA related variables is not
+ compiled when disabled at configuration time.
+ * src/chgpasswd.c: Fix the test for getlong() failure.
+ * src/useradd.c, man/useradd.8.xml: Added long name for the -l
+ option: --no-log-init.
+ * src/faillog.c: Added support for the specification of a range of
+ users with -u.
+ * src/faillog.c: Do not call print_one() for users which do not
+ exist.
+ * src/faillog.c: Make sure the user's entry is not outside the
+ faillog file and initialize the faillog structure in that case.
+ * src/faillog.c: Move print_one() closer to print().
+ * src/faillog.c: reset(), setmax(), set_locktime() can also change
+ entries of user which do not exist.
+ * src/faillog.c: reset(), setmax() and set_locktime() shall not
+ create entries for users which have no entries if the value has to
+ be set to 0.
+ * src/faillog.c: reset(), setmax() and set_locktime(): better
+ handling of users whose entry is outside the faillog file.
+ * src/faillog.c: Improved option handling. Options can now be
+ specified in any order.
+ * src/faillog.c: Improved warnings when options are not
+ compatible or when the faillog cannot be open with the right mode.
+ * src/faillog.c: Only fstat the faillog file once.
+ * man/faillog.8.xml: Improved documentation.
+
+2009-03-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: Remove the documentation of options from the
+ main() documentation. It will always be outdated here.
+
+2009-03-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/lastlog.c: lastlog variable renamed to ll to avoid name
+ clash with the structure.
+ * src/lastlog.c: check the offset in print_one() so that it is
+ used for the display of one entry or a set of entries.
+ * src/lastlog.c: Do not loop over the whole user database when -u
+ is used with a single user.
+ * src/lastlog.c: Check the size of the lastlog file so that we
+ can identify failures to read.
+
+2009-03-13 Mike Frysinger <vapier@gentoo.org>
+
+ * libmisc/salt.c: Removed l64a prototype. The libc declaration is
+ non static, but the internal definition is static.
+
+2009-03-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: log_gpasswd_success_gshadow only exists ifdef
+ SHADOWGRP.
+
+2009-03-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/getlong.c: Make sure the getlong argument is not empty.
+ * libmisc/get_gid.c, libmisc/get_uid.c, libmisc/Makefile.am,
+ lib/prototypes.h: Added get_uid() and get_gid() to parse user and
+ group IDs.
+ * NEWS, src/grpck.c, src/pwck.c: Issue a warning if an ID is set
+ to -1.
+ * NEWS, src/newusers.c, src/usermod.c, src/useradd.c,
+ src/groupmod.c, src/groupadd.c: Make sure no user or group are
+ created with an ID set to -1.
+
+2009-03-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * contrib/adduser-old.c, contrib/adduser.c: Do not use the target
+ of snprintf in one of the format's parameters.
+
+2009-03-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupmems.8.xml: groupmems does not create new user.
+
+2009-03-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, po/LINGUAS, po/kk.po: Added Kazakh translation. Thanks to
+ Timur Birsh <taem@linukz.org>.
+
+2009-02-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Avoid calling
+ getgrent()/getpwent() after they return NULL. This caused LDAP to
+ return at the beginning of the group/user entries.
+
+2009-01-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/nologin.8.xml: Fix typo (HYSTORY -> HISTORY).
+
+2009-01-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/gpasswd.c: Only report success to audit and syslog
+ when the changes are committed to the system. Do not log failure
+ for on-memory changes to audit or syslog. Make sure failures and
+ inconsistencies will be reported in case of unexpected failures
+ (e.g. malloc failures). Only specify an audit message if it is not
+ implicitly implied by the type argument. Removed fail_exit
+ (replaced by atexit(do_cleanups)). Log failures in case of
+ permission denied.
+
+2009-01-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/UMASK.xml: Indicate how UMASK is used and
+ limitations.
+ * man/limits.5.xml: Remove space before an end of tag.
+ * man/useradd.8.xml, man/login.defs.d/CREATE_HOME.xml,
+ man/login.defs.5.xml: Document the CREATE_HOME variable.
+ * etc/login.defs: Improve the documentation of UMASK.
+
+2009-01-06 Sebastian Rick Rijkers <srrijkers@gmail.com>
+
+ * NEWS, src/su.c: Preserve COLORTERM in addition to TERM when su
+ is called with the -l option.
+
+2008-12-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/chkname.c: Use a bool when possible instead of integers.
+ * libmisc/chkname.c: Add brackets and parenthesis.
+
+2008-12-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupadd.8.xml, configure.in, man/config.xml.in: Use the
+ real group name length limit in the documentation.
+
+2008-12-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/Makefile.am: Only link with the needed library. When
+ compiled with PAM support, chfn, chsh, login, newgrp, passwd, and
+ su do not need the libcrypt library.
+
+2008-12-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/cleanup_group.c: Fix compilation when compiled without
+ shadow group support.
+
+2008-12-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupdel.c: Remove the fail_exit () declaration.
+
+2008-12-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: Fix the support for usernames with arbitrary
+ length.
+
+2008-12-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupadd.c, src/groupdel.c, src/groupmod.c: Re-indent.
+ * src/groupmod.c: Do not add the command synopsis to the main ()
+ documentation. This avoids outdated information.
+ * libmisc/chkname.c: Remove outdated comments.
+
+2008-12-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/audit_help.c: Added audit_logger_message() to log
+ messages not related to an account.
+ * lib/prototypes.h, libmisc/cleanup.c, libmisc/cleanup_group.c,
+ libmisc/cleanup_user.c, libmisc/Makefile.am: Added stack of
+ cleanup functions to be executed on exit.
+ * NEWS, src/groupadd.c, src/groupdel.c, src/groupmod.c: Only
+ report success to audit and syslog when the changes are committed
+ to the system. Do not log failure for on-memory changes to audit
+ or syslog. Make sure failures and inconsistencies will be reported
+ in case of unexpected failures (e.g. malloc failures). Only
+ specify an audit message if it is not implicitly implied by the
+ type argument. Removed fail_exit (replaced by atexit(do_cleanups)).
+
+2008-12-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/gpasswd.c: Added support usernames with arbitrary
+ length.
+
+2008-11-27 Mike Frysinger <vapier@gentoo.org>
+
+ * configure.in: Fix the "$enable_acct_tools_setuid" = "yes" test.
+
+2008-11-27 Mike Frysinger <vapier@gentoo.org>
+
+ * NEWS, configure.in, libmisc/chkname.c: make group max length a
+ configure option. The configure behavior encoded is:
+ <no option> -> default of 16 (like today);
+ --with-group-name-max-length -> default of 16;
+ --without-group-name-max-length -> no max length;
+ --with-group-name-max-length=n > max is set to n.
+
+2008-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: (!USE_PAM) Provide visible information indicating that
+ su was denied.
+
+2008-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/su.1.xml: Fix the su synopsis. username is referenced in the
+ manpage, not LOGIN.
+ * man/ja/login.1: Fix the path of the utmp and wtmp files.
+
+2008-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/chowntty.c: Improve the logs for fchown and fchmod
+ failures.
+ * libmisc/chowntty.c: Only closelog() when failure cause an exit.
+
+2008-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, libmisc/chowntty.c: Fix a race condition that could lead to
+ gaining ownership or changing mode of arbitrary files.
+ * NEWS, libmisc/chowntty.c, libmisc/utmp.c: is_my_tty() moved from
+ utmp.c to chowntty.c. checkutmp() now only uses an existing utmp
+ entry if the pid matches and ut_line matches with the current tty.
+ This fixes a possible DOS when entries can be forged in the utmp
+ file.
+ * libmisc/chowntty.c, src/login.c, lib/prototypes.h: Remove the
+ tty argument from chown_tty. chown_tty always changes stdin and
+ does not need this argument anymore.
+
+2008-10-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/gshadow.5.xml, man/shadow.5.xml, man/passwd.5.xml,
+ man/grpck.8.xml: Sorted SEE ALSO references.
+ * man/gshadow.5.xml: Added reference to grpck(8) and grpconv(8).
+ * man/pwck.8.xml: Added reference to grpck(8).
+ * man/shadow.5.xml: Added reference to pwck(8).
+ * man/passwd.5.xml: Added reference to pwck(8).
+ * man/grpck.8.xml: Added reference to pwck(8).
+
+2008-10-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/*.xml, man/login.defs.d/*.xml: Added copyright and licence
+ header.
+
+2008-09-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Always check the return value of the pam_* APIs.
+
+2008-09-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Use a dynamic buffer for usernames.
+ * src/login.c: Copy the name of the user authenticated by PAM to
+ username. This simplify later logging (avoid USE_PAM
+ conditional).
+ * src/login.c: Check that no username is specified with -r.
+ * src/login.c: Make sure a username is specified with -f.
+ * src/login.c: Explicitly tag the end of the #ifdef RLOGIN
+ sections.
+ * src/login.c: Erase the username later since it it used for the
+ fake password check (in case of empty password).
+ * src/login.c, man/login.1.xml: the username is not an optional
+ parameter of -f. Fix the getopt optstring, remove the parsing of
+ username in the -f processing block, and remove unnecessary checks
+ (username cannot be parsed twice anymore), better documentation of
+ the synopsis.
+
+2008-09-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Existence of pam_user was already checked. pwd was
+ already copied to pwent. Remove duplicated code.
+
+2008-09-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: check_flags() renamed process_flags(). All flag
+ processing blocs moved to process_flags().
+
+2008-09-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/logoutd.c, src/userdel.c: Re-indent. This helps pmccabe.
+
+2008-09-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Add missing closing }. This was probably never
+ noticed because UT_ADDR is never defined.
+ * src/login.c: Re-indent.
+
+2008-09-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Do not mix USE_PAM and !USE_PAM code.
+
+2008-09-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Use failent_user to log to audit. username is the
+ caller, not the user login tries to authenticate.
+ * src/login.c: Use pwd->pw_name instead of pwd->pw_uid. This might
+ be more precise (name must be unique, uid might not be).
+
+2008-09-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/passwd.1.xml: passwd cannot change the full name of the
+ user, the user's login shell; but it can change the account or
+ password validity period. Thanks to Reuben Thomas.
+
+2008-09-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Added missing declaration of Mflg.
+ * src/pwck.c: Only unlock files if they were locked before (e.g.
+ not in read-only mode).
+ * src/pwck.c: Quote the username in error messages (harmonization
+ with other messages).
+ * libmisc/find_new_gid.c: Fixed typo (s/grp->gr_gid/group_id/).
+ * libmisc/find_new_gid.c: Likewise.
+
+2008-09-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/setugid.c, src/login_nopam.c, src/suauth.c,
+ lib/getdef.c: Replace the %m format string by strerror(). This
+ avoids errno to be reset between the system call error and the
+ report function.
+
+2008-09-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Ignore the return value of umask() when the mask
+ is set to the old value.
+
+2008-09-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, etc/login.defs: New CREATE_HOME variable to tell useradd
+ to create a home directory for new users.
+ * src/useradd.c, man/useradd.8.xml: New -M/--no-create-home option
+ and CREATE_HOME usage. System accounts are not impacted by
+ CREATE_HOME.
+ * man/useradd.8.xml: Indicate that a new group is created by
+ default.
+ * src/useradd.c: Removed TODO item (moved to the TODO file).
+
+2008-09-11 Miroslav Kuře <kurem@debian.cz>
+
+ * po/cs.po: Updated Czech translation.
+
+2008-09-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/USERGROUPS_ENAB.xml: Fix typo: new <para> tag
+ before the previous one is closed. This caused a missng
+ explanation for USERGROUPS_ENAB.
+
+2008-09-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupadd.8.xml: Remove the list of (short) options from the
+ SYNOPSIS. Replaced with [options] for consistency with other tools
+ and maintainability.
+
+2008-09-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ From RedHat's patch shadow-4.1.2-sysAccountDownhill.patch
+ Thanks to Peter Vrabec.
+ * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Build an
+ index of used IDs to avoid a database request for each id in the
+ allowed range (when the highest allowed ID is already used).
+ This speedups the addition of users or groups when the highest
+ allowed ID is already used. The additional memory usage of the
+ tools should be acceptable when UID_MAX/SYS_UID_MAX are set to a
+ reasonable number.
+
+2008-09-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Fix the dependency of ACCT_TOOLS_SETUID on
+ USE_PAM. Build failed with --without-libpam.
+
+2008-09-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c, configure.in: Check for the presence of
+ st_mtim and st_mtimensec, as for st_atim and st_atimensec.
+ * libmisc/copydir.c: Call utimes() after closing the file.
+
+2008-09-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: Document the long options in the usage.
+
+2008-09-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: Added configure --enable-account-tools-setuid (default) /
+ --disable-account-tools-setuid options. This permits to disable
+ the PAM authentication of the caller for chage, chgpasswd,
+ chpasswd, groupadd, groupdel, groupmod, newusers, useradd,
+ userdel, and usermod. This authentication is not necessary when
+ these tools are not installed setuid root.
+ * configure.in: Added option --enable-account-tools-setuid to
+ enable/disable the usage of PAM to authenticate the callers of
+ account management tools: chage, chgpasswd, chpasswd, groupadd,
+ groupdel, groupmod, useradd, userdel, usermod.
+ * src/Makefile.am: Do not link the above tools with libpam if
+ account-tools-setuid is disabled.
+ * src/userdel.c, src/newusers.c, src/chpasswd.c, src/usermod.c,
+ src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/groupmod.c,
+ src/groupadd.c, src/chage.c: Implement ACCT_TOOLS_SETUID
+ (--enable-account-tools-setuid).
+ * etc/pam.d/Makefile.am: Install the pam service file for the
+ above tools only when needed.
+
+2008-09-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/tz.c: tz() is only used when USE_PAM is not defined.
+ * lib/prototypes.h: Indicate functions whose presence depends on
+ the USE_PAM flag.
+
+2008-09-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Call open_files() and close_files().
+ * src/groupmems.c: Always call check_perms(), which takes care of
+ checking if --list is used.
+
+2008-09-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/obscure.c: Compare characters to '\0', not NULL.
+
+2008-09-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/defines.h: Do not include <config.h>. This complicate
+ undefining some configuration macros when the file is included
+ multiple times.
+ * libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
+ libmisc/xgetgrgid.c, libmisc/xgetgrnam.c, libmisc/xgetspnam.c:
+ Include <config.h> from teh compiled C file, not the included
+ getXXbyYY.c.
+
+2008-09-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c, src/newusers.c, src/chpasswd.c, src/chfn.c,
+ src/groupmems.c, src/usermod.c, src/groupdel.c, src/chgpasswd.c,
+ src/useradd.c, src/groupmod.c, src/groupadd.c, src/chage.c,
+ src/chsh.c: Simplify the PAM error handling. Do not keep the pamh
+ handle, but terminate the PAM transaction as soon as possible if
+ there are no PAM session opened. If the username cannot be
+ determined, report it as such (not a PAM authentication failure).
+ * src/useradd.c, src/userdel.c, src/usermod.c: It is no more
+ needed to initialize retval to PAM_SUCCESS.
+
+2008-09-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
+ src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
+ src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
+ src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c,
+ src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c,
+ src/groupadd.c, src/chage.c, src/login.c, src/grpconv.c,
+ src/groups.c, src/grpunconv.c, src/chsh.c: Prog is now global (not
+ static to the file) so that it can be used by the helper functions
+ of libmisc.
+ * lib/prototypes.h: Added extern char *Prog.
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Indicate the
+ program name with the warning.
+
+2008-09-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Check if AUDIT_ADD_USER, AUDIT_DEL_USER,
+ AUDIT_ADD_GROUP, and AUDIT_DEL_GROUP are defined in <libaudit.h>.
+
+2008-09-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Fix comment of lflg: it is also used for faillog.
+
+2008-09-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupmems.c, man/groupmems.8.xml: Document the long
+ options.
+
+2008-09-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, libmisc/audit_help.c: Define new type
+ shadow_audit_result for the result argument of audit_logger().
+ This permits stronger type checking and a better readability of
+ the results (SHADOW_AUDIT_FAILURE/SHADOW_AUDIT_SUCCESS constants).
+ * src/groupadd.c, src/groupdel.c, src/useradd.c, src/userdel.c:
+ Use the SHADOW_AUDIT_FAILURE/SHADOW_AUDIT_SUCCESS results instead
+ of 0 or 1 in audit_logger().
+
+2008-09-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c: Log failures to remove the mailbox to syslog and
+ audit.
+ * src/userdel.c: Log successful removal of home directory to audit
+ only in case of success.
+ * src/userdel.c: Move the audit log of failure to remove the home
+ directory before the call to function that may exit.
+ * src/userdel.c: Document that errors is only used to count errors
+ during the removal of the home directory.
+
+2008-09-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Log errors to syslog in grp_update() since
+ changes have started to be reported to syslog.
+ * src/userdel.c: Fix some result parameters sent to
+ audit_logger().
+
+2008-09-02 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: Following changes from a patch contributed by Steve Grubb
+ <sgrubb@redhat.com>
+ * src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead
+ of AUDIT_USER_CHAUTHTOK.
+ * src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead
+ of AUDIT_USER_CHAUTHTOK.
+ * src/useradd.c: Log to audit with type AUDIT_ADD_USER /
+ AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of
+ AUDIT_USER_CHAUTHTOK.
+ * src/useradd.c: Add missing logs to audit.
+ * src/userdel.c: Log to audit with type AUDIT_DEL_USER /
+ AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK.
+ * src/userdel.c: Add missing logs to audit.
+
+2008-08-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Remove duplicated gr_open().
+
+2008-08-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/useradd.8.xml: Document the /etc/default/useradd variables.
+ * man/useradd.8.xml: Fix the documentation of the GROUP variable
+ (and -g/--gid option).
+ * man/useradd.8.xml: Document that -o is only valid with -u
+
+2008-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * shadow.spec.in: Fix the source (new FTP).
+
+2008-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Add brackets and parenthesis.
+ * src/su.c: Avoid implicit conversion of pointers to booleans.
+
+2008-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/list.c: Remove historical comment.
+ * libmisc/list.c: Added assertions for non NULL parameters.
+
+2008-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwconv.c, src/pwunconv.c: Fail if unexpected parameters are
+ provided.
+
+2008-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Add brackets and parenthesis.
+ * src/passwd.c: Avoid implicit conversion of pointers to booleans.
+ * src/passwd.c: Avoid assignments in comparisons.
+
+2008-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupmems.c, man/groupmems.8.xml: Added support for
+ shadow groups.
+ * src/groupmems.c: Use fail_exit() instead of exit().
+
+2008-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: The grp structure returned by gr_locate is a
+ const. Duplicate this structure before working on it.
+ * src/groupmems.c: Do not fail and do not display warnings if a
+ close failure happens with the --list option. (Files are opened
+ read-only).
+ * src/groupmems.c: Avoid mixed declarations and code.
+
+2008-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: Replace the 'valid' variable by is_valid to avoid
+ clashes with the valid() function.
+
+2008-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/obscure.c: Add brackets and parenthesis.
+ * libmisc/obscure.c: Avoid implicit conversion of pointers / chars to
+ booleans.
+ * libmisc/obscure.c: Simplify the list of if.
+
+2008-08-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Fix a typo in the Usage string.
+
+2008-08-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpconv.c, src/groups.c: Name the parameters in the
+ prototypes of the static functions.
+ * src/grpconv.c, src/grpunconv.c, src/logoutd.c: Fail if
+ unexpected parameters are provided.
+ * src/grpconv.c, src/grpunconv.c: Indicate that argc is not used
+ in the no SHADOWGRP version.
+
+2008-08-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chgpasswd.c, src/chpasswd.c: Removed variable ok, which is
+ no more used.
+
+2008-08-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c: Fix the format for long integers (from %ul to %lu).
+
+2008-08-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c: Mark the line and host arguments of setutmp() as
+ not used in the __linux__ version.
+
+2008-08-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/nscd.c: Avoid redefinition of _GNU_SOURCE.
+
+2008-08-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Indentation fix.
+ * configure.in, src/login.c: Do not use HAVE_PAM_FAIL_DELAY, but
+ HAS_PAM_FAIL_DELAY, to avoid a redefinition with Linux PAM.
+
+2008-08-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Added functions add_user(), remove_user(), and
+ purge_members() to ease the support of gshadow.
+
+2008-08-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/expiry.c: Use Basename for Prog.
+ * src/expiry.c: Added missing OPENLOG.
+
+2008-08-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/nscd.c: Make sure the file is not empty when configured
+ without nscd support.
+
+2008-08-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Remove the USE_NSCD AM_CONDITIONAL (USE_NSCD is
+ not used in any Makefile.am).
+ * configure.in: Make sure posix_spawn is present when configured
+ with nscd support.
+
+2008-08-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupmem.c, lib/pwmem.c, lib/shadowmem.c: Added brackets and
+ parenthesis.
+ * lib/groupmem.c, lib/pwmem.c, lib/shadowmem.c: Avoid assignments
+ in comparisons.
+
+2008-08-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/mail.c: Added brackets and parenthesis.
+ * libmisc/mail.c: Avoid assignments in comparisons.
+
+2008-08-26 Tobias Poschwatta <tp@fonz.de>
+
+ * NEWS: Added support for uclibc.
+ * configure.in, libmisc/copydir.c: futimes() and lutimes() are not
+ standard. Check if they are implemented before using them. Do not
+ set the time of links if lutimes() does not exist, and use
+ utimes() as a replacement for futimes().
+ * configure.in, lib/nscd.h, lib/nscd.c: Added --with-nscd and
+ --without-nscd flags to support systems without nscd.
+ * lib/groupio.h, lib/prototypes.h, lib/pwio.h, lib/sgetgrent.c:
+ Include <sys/types.h> before <pwd.h> and <grp.h>. It is necessary
+ for the definition of uid_t and gid_t.
+ * lib/pwmem.c: do not include <pwd.h>, "pwio.h" is sufficient
+ here.
+ * configure.in: Check if the stat structure has a st_atim or
+ st_atimensec field.
+ * libmisc/copydir.c: Conditionally use the stat's st_atim and
+ st_atimensec fields.
+
+2008-08-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Handle the options alphabetically.
+
+2008-08-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: When removing an user, check if deluser is on
+ the list, not adduser. This fixes a segmentation fault for every
+ call of groupmems -d.
+ * libmisc/list.c: Add assertions to help identifying these issues.
+ * libmisc/list.c: Avoid implicit conversion of pointers to
+ booleans.
+
+2008-08-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupmems.c: Use the "groupmems" PAM service name
+ instead of "groupmod".
+
+2008-08-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chfn.c: Merge some translated messages.
+ * src/groupmems.c, src/groupadd.c, src/gpasswd.c, src/chsh.c,
+ src/chfn.c: Harmonize *_update() failure messages.
+ * src/groupmems.c: Harmonize gr_close() failure messages.
+ * src/newgrp.c: Harmonize "unknown GID" messages.
+ * src/newusers.c: Move the pwd declaration to a inner block scope.
+
+2008-08-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Harmonize some error messages.
+ * src/userdel.c: Add log to syslog when the mail file could not be
+ removed.
+ * src/userdel.c: Give more context an error message (merge with
+ perror()).
+ * src/usermod.c: Harmonize some error messages.
+
+2008-08-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Check the return value of gr_update().
+ * src/chage.c, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
+ src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupmems.c,
+ src/groupmod.c, src/grpck.c, src/grpconv.c, src/grpunconv.c,
+ src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c,
+ src/useradd.c, src/userdel.c, src/usermod.c: Harmonize the error
+ message sent to stderr in case of *_update () failure.
+ * src/chage.c, src/chsh.c, src/groupadd.c, src/passwd.c: Do not
+ log to syslog when pw_update() or spw_update() fail.
+ * src/newusers.c: Do not log specific error message to stderr when
+ sgr_update() fails.
+ * src/pwconv.c: Remove duplicated definition of Prog.
+
+2008-08-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chfn.c, src/chsh.c, src/expiry.c, src/gpasswd.c,
+ src/newgrp.c, src/passwd.c, src/su.c: Use the same stderr and
+ syslog warnings when the username cannot be determined.
+ * src/newgrp.c: Reuse the same stderr message for groups which do
+ not exist in the system.
+
+2008-08-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Log errors while *_close to syslog.
+
+2008-08-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpconv.c: Use Basename for the definition of Prog. Prog
+ needs a file visibility.
+ * src/grpunconv.c: Likewise.
+
+2008-08-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chfn.c: Do not exit on pw_unlock failures.
+ * src/grpconv.c, src/grpunconv.c, src/pwconv.c, src/pwunconv.c,
+ src/vipw.c: Open syslog with the right identification name.
+ * src/vipw.c: Log unlock errors to syslog.
+ * src/vipw.c: Log edits to syslog.
+ * src/chage.c, src/chfn.c, src/chsh.c, src/gpasswd.c,
+ src/groupadd.c, src/groupdel.c, src/groupmod.c, src/grpconv.c,
+ src/grpunconv.c, src/passwd.c, src/pwck.c, src/pwunconv.c,
+ src/useradd.c, src/usermod.c: Harmonize the syslog levels. Failure
+ to close or unlock are errors. Failure to open files are warnings.
+
+2008-08-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Open syslog with the right identification name.
+ * src/newusers.c: Mark the files as locked only if they are really
+ locked (i.e. if shadow is not enabled, the files are not locked).
+
+2008-08-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/gpasswd.c: Use getopt_long instead of getopt. Added
+ support for long options --add (-a), --delete (-d),
+ --remove-password (-r), --restrict (-R), --administrators (-A),
+ and --members (-M)
+ * man/gpasswd.1.xml: Document the new long options.
+ * src/gpasswd.c: The sgrp structure is only used if SHADOWGRP is
+ defined.
+
+2008-08-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpck.c: Added function fail_exit(). Check failure to unlock
+ files. Report errors to stderr and syslog, but continue.
+ * src/grpconv.c: Check failure to unlock files. Report errors to
+ stderr and syslog, but continue.
+
+2008-08-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Check failure to unlock files. Report errors to
+ stderr and syslog, but continue.
+
+2008-08-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chfn.c, src/chgpasswd.c, src/chpasswd.c, src/gpasswd.c,
+ src/groupadd.c, src/groupdel.c, src/groupmems.c, src/groupmod.c,
+ src/grpconv.c, src/grpunconv.c, src/newusers.c, src/pwconv.c,
+ src/pwunconv.c, src/useradd.c, src/userdel.c: Harmonize the name
+ of the variables keeping the lock status, to match the shadow
+ library prefixes.
+
+2008-08-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c, src/chgpasswd.c, src/chpasswd.c, src/chsh.c,
+ src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmems.c,
+ src/groupmod.c, src/grpck.c, src/grpconv.c, src/grpunconv.c,
+ src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c,
+ src/pwunconv.c, src/useradd.c, src/userdel.c, src/usermod.c: In
+ case of a lock failure, indicate to the user that she can try
+ again later. Do not log to syslog.
+
+2008-08-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/passwd.c: For compatibility with other passwd version,
+ the --lock an --unlock options do not lock or unlock the user
+ account anymore. They only lock or unlock the user's password.
+ * man/passwd.1.xml: Document above change. Document how an account
+ can be locked and what a password lock means.
+
+2008-08-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupadd.8.xml: Fix the regular expression for group policy.
+ The final $ character is optional.
+ * man/groupadd.8.xml: Likewise.
+ * man/groupadd.8.xml: Indicate the maximum size of usernames.
+
+2008-08-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/pl.po: Fix typo in the Polish translation (see
+ http://bugs.debian.org/491460)
+
+2008-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/pl/Makefile.am: Do not build the Polish translation of
+ login.1 and su.1 (not enough translated). See
+ http://bugs.debian.org/491460
+
+2008-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/shadow.5.xml: Fix typo. The password must be changed before
+ the maximum number of days, not after.
+
+2008-08-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Harmonize the unlock failure messages.
+
+2008-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Added fail_exit().
+ * src/pwck.c: Report failure to unlock files to stderr and
+ syslog.
+ * src/pwck.c: Report failure to sort to stderr, and exit with
+ E_CANTSORT.
+ * man/pwck.8.xml: Document return code 6 (E_CANTSORT).
+
+2008-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/vipw.c: Report failures to remove files to stderr.
+ * src/vipw.c: Report failures to unlock files to stderr.
+
+2008-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupmems.c: Added syslog support.
+ * src/groupmems.c: members() renamed display_members() to
+ avoid name clash with its members argument.
+ * src/groupmems.c: Report failure to unlock to syslog.
+ * src/groupmems.c: Harmonize error messages.
+ * src/groupmems.c: Report failures to write the new group file to
+ syslog (gr_close() failure).
+ * src/groupmems.c: Don't use fail_exit for non-failure exit.
+
+2008-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chsh.c: Added fail_exit().
+ * src/chsh.c: Use fail_exit() instead of exit(), this avoid
+ calling closelog() every times.
+ * src/chsh.c: Ignore the return value or pam_end().
+ * src/chsh.c: Simplify the PAM error handling.
+ * src/chsh.c: Report failure to unlock files to stderr and
+ syslog.
+
+2008-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chpasswd.c: Added fail_exit().
+ * src/chpasswd.c: Added support for syslog.
+ * src/chpasswd.c: Report failure to unlock files to stderr and
+ syslog.
+ * src/chpasswd.c: Simplify the PAM error handling.
+ * src/chpasswd.c: Report failure during *_close() to syslog.
+ * src/chpasswd.c: Ignore the return value or pam_end().
+
+2008-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chgpasswd.c: Added fail_exit().
+ * src/chgpasswd.c: Added support for syslog.
+ * src/chgpasswd.c: Report failure to unlock files to stderr and
+ syslog.
+ * src/chgpasswd.c: Simplify the PAM error handling.
+ * src/chgpasswd.c: Report failure during *_close() to syslog.
+ * src/chgpasswd.c: Ignore the return value or pam_end().
+
+2008-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c: Report failure to remove entries from group or
+ gshadow to stderr.
+ * src/userdel.c: Fail in case of failure during the write of a
+ user or group database. Report errors to syslog.
+ * src/userdel.c: Do not unlock non locked files.
+ * src/userdel.c: Report failure to unlock the passwd or shadow
+ file to stderr and syslog.
+
+2008-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwunconv.c: Report failure to unlock the passwd or shadow
+ file to stderr and syslog.
+
+2008-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Report failure to unlock files to stderr and
+ syslog.
+
+2008-08-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Report failure to unlock files to stderr and
+ syslog.
+ * src/newusers.c: In case of error when files are open or closed,
+ indicate the failing file.
+ * src/newusers.c: Do not try to unlock the files manually since
+ this is done in fail_exit.
+
+2008-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c: Report failure to unlock the passwd or shadow file
+ to stderr and syslog.
+
+2008-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwconv.c: Report failure to unlock the passwd or shadow file
+ to stderr and syslog.
+ * src/pwconv.c: Report failure to chmod the backup file.
+
+2008-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpunconv.c: Report failure to unlock the group or gshadow
+ files to stderr and syslog.
+
+2008-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chfn.c: Added fail_exit(). Check if the passwd file is
+ locked. Report failures to unlock to stderr and syslog.
+ * src/chfn.c: Is case of failure, use fail_exit() rather than
+ exit().
+ * src/chfn.c: Ignore the return value of pam_end().
+
+2008-08-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c, lib/groupio.h, lib/pwio.c, lib/pwio.h,
+ lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h:
+ Added *_dbname() functions to retrieve the name of the databases.
+ * lib/groupio.c, lib/groupio.h, lib/pwio.c, lib/pwio.h,
+ lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h:
+ *_name() functions renamed *setname().
+ * src/grpck.c, src/pwck.c: Likewise.
+ * lib/groupio.h, lib/pwio.h, lib/sgroupio.h, lib/shadowio.h: Added
+ the name of the arguments to the prototypes.
+ * src/chage, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
+ src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c,
+ src/groupmod.c, src/grpck.c, src/grpconv.c, src/grpunconv.c,
+ src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c,
+ src/pwunconv.c, src/useradd.c, src/userdel.c, src/usermod.c:
+ Harmonize the error & syslog messages in case of failure of the
+ *_lock(), *_open(), *_close(), *_unlock(), *_remove() functions.
+ * src/chgpasswd.c, src/chpasswd.c, src/usermod.c: Avoid
+ capitalized messages.
+ * src/chpasswd.c, src/useradd.c, src/usermod.c: Harmonize messages
+ in case of inexistent entries.
+ * src/usermod.c: Harmonize messages in case of already existing
+ entries.
+ * src/newusers.c, src/useradd.c: Simplify PAM error handling.
+ * src/useradd.c: Report failures to unlock files (stderr, syslog,
+ and audit). But do not fail (continue).
+ * src/useradd.c (open_files): Do not report to syslog & audit
+ failures to lock or open the databases. This might be harmless,
+ and the logs were not already informed that a change was
+ requested.
+ * src/usermod.c: It's not the account which is unlocked, but its
+ password.
+
+2008-08-02 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupadd.c: Harmonize error & syslog messages.
+ * src/groupadd.c: Add logging to syslog & audit on lock/unlock
+ failures.
+ * src/groupadd.c: Only call gr_unlock() and sgr_unlock() in the
+ group or gshadow files were previously locked.
+ * src/groupadd.c: Make sure failures are reported to syslog/audit
+ after the change is mentioned.
+ * src/groupmod.c: Harmonize error & syslog messages.
+ * src/groupmod.c: Add logging to syslog & audit on lock/unlock
+ failures.
+ * src/groupmod.c: Make sure issues are reported to syslog or audit
+ after the change is mentioned.
+ * src/groupdel.c: Harmonize error & syslog messages.
+ * src/groupdel.c: Add logging to syslog & audit on lock/unlock
+ failures.
+ * src/groupdel.c: Only call gr_unlock() and sgr_unlock() in the
+ group or gshadow files were previously locked.
+ * src/groupdel.c: Simplify the handling of PAM errors.
+
+2008-08-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: Harmonize error & syslog messages.
+ * src/gpasswd.c: Warn and log to syslog and audit when group or
+ gshadow cannot be unlocked, but do not fail.
+
+2008-08-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chfn.c, src/chsh.c, src/groupdel.c, src/groupmems.c,
+ src/groupmod.c, src/grpck.c, src/login.c, src/logoutd.c,
+ src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c,
+ src/suauth.c, src/useradd.c, src/userdel.c, src/usermod.c,
+ src/vipw.c: Complete the switch from the `' quotation style to ''.
+ Do it also in SYSLOG messages. Quote some parameters. All this
+ permits to merge some messages.
+
+2008-07-30 Lukáš Kuklínek <lkukline@redhat.com>
+
+ * src/groupmems.c: Only check if the adduser user exists when an
+ user is specified with -a.
+
+2008-07-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Fix the groupmems' usage message. The -D option
+ is in fact -p.
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Replace an if test by an else.
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Ignore the return value of fputs().
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c (whoami): Make sure usr and grp are not NULL
+ before dereferencing them.
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Use xstrdup() rather than strdup().
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Add parenthesis.
+ * src/groupmems.c: Avoid implicit conversion of pointers / chars to
+ booleans.
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupmems.c: Allow everybody to list the users of a group.
+ This information is publicly available in /etc/group.
+ * NEWS, src/groupmems.c: Open /etc/group read only for the -l option.
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupmems.8.xml: Sort options alphabetically.
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c (check_perms): Simplify. Always call pam_end()
+ at the end of the authentication.
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Add fail_exit() to remove the group lock file
+ in case of failure. Replace the calls to exit() by fail_exit().
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Reduce the number of checks. Isolate the
+ parameters setting and permissions checking.
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Add functions process_flags() and check_perms()
+ from code of main().
+ * src/groupmems.c: Harmonize the failure message in case of PAM
+ failure with the other programs.
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Remove isgroup(), which always returns TRUE.
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Reuse the functions from libmisc/list.c to deal
+ with user lists. addtogroup() was broken when realloc() move the
+ memory area.
+ * src/groupmems.c: Report failures with the name of the program.
+
+2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: EXIT_READ_GROUP changed to EXIT_INVALID_GROUP.
+ * src/groupmems.c: EXIT_INVALID_USERNAME changed to EXIT_INVALID_USER.
+
+2008-07-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Really use booleans.
+ * src/groupmems.c: Change isroot() to a macro that returns a
+ boolean.
+
+2008-07-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/defines.h: Make sure the booleans are defined before using
+ them.
+
+2008-07-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Added Prog global variable to indicate the name
+ of the program in error messages.
+
+2008-07-22 Lukáš Kuklínek <lkukline@redhat.com>
+
+ * NEWS, src/groupmems.c: Check if the user added to group actually
+ exist. RedHat bug #455603
+ * NEWS, src/groupmems.c: Check if the group exists in the group
+ local database (/etc/group). RedHat bug #456088
+
+2008-07-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: Fix getrange prototype.
+
+2008-07-21 Seraphim Mellos <mellos@ceid.upatras.gr>
+
+ * README, NEWS, configure.in, lib/pam_defs.h, src/login.c: Add
+ support for OpenPAM.
+
+2008-07-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c: Ignore the return value of pam_end() before exiting.
+ * src/chage.c: Ignore return values of strftime(), snprintf(),
+ puts(), printf(), and fputs().
+ * src/chage.c: Check the return value of asctime().
+
+2008-07-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/gshadow.c: Avoid assignments in comparison.
+
+2008-07-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * ChangeLog, NEWS, src/login.c: Re-inject the changes from 4.1.2.1.
+
+2008-07-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Do not call usr_update() if it will have no
+ effects. This avoid checking if the user exists in the local passwd
+ file if not necessary, and thus allow to add LDAP users to local
+ groups. (The user is already checked against the system
+ configuration with getpwnam()). Thanks to Dan Kopecek.
+
+2008-07-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Split update_files() into update_lastlog() and
+ update_faillog(). Report errors (but don't fail) if the file
+ exist, but open(), lseek(), read(), write(), or close() fails.
+ * src/usermod.c: Add brackets and parenthesis.
+ * src/usermod.c: Ignore the return value of pam_end() before
+ exiting.
+ * src/usermod.c: Ignore the return value of strftime(),
+ snprintf(), and puts().
+ * src/usermod.c: Check the return value of gmtime() and asctime(),
+ and output the raw time_t on failures.
+
+2008-07-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/setugid.c: Add brackets.
+
+2008-06-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/env.c: Avoid implicit conversion of pointers / chars to
+ booleans.
+ * libmisc/env.c: Add brackets and parenthesis.
+ * libmisc/env.c: Ignore the return value of puts() and fputs().
+ * libmisc/env.c: Avoid multi-statements lines.
+
+2008-06-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c: Avoid implicit conversion of pointers / chars to
+ booleans.
+ * libmisc/utmp.c: Add brackets and parenthesis.
+ * libmisc/utmp.c: Exit with the EXIT_FAILURE status code in case
+ of failure.
+ * libmisc/utmp.c: Avoid assignments in comparisons.
+ * lib/prototypes.h, libmisc/utmp.c: Change setutmp()'s prototype
+ to return an int because pututline() and pututxline() may fail.
+
+2008-06-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/audit_help.c: Added one string for translation.
+ * po/POTFILES.in: Added libmisc/audit_help.c,
+ libmisc/find_new_gid.c, libmisc/find_new_uid.c, libmisc/getlong.c,
+ libmisc/getrange.c, libmisc/xgetXXbyYY.c, and libmisc/yesno.c.
+ Removed libmisc/find_new_ids.c
+
+2008-06-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: If the faillog file exist, warn in case of
+ failure when open(), lssek(), write() or close() fails when the
+ new user's faillog entry is reset.
+ * src/useradd.c: Ditto for the lastlog entry.
+
+2008-06-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/limits.c: Add brackets and parenthesis.
+ * libmisc/limits.c: Avoid implicit conversion of pointers /
+ integers to booleans.
+ * libmisc/limits.c: Ignore the return value of umask(). We will
+ never return to the original umask.
+ * libmisc/limits.c: Avoid multi-statements lines.
+ * libmisc/limits.c: Added default to a switch(). Report invalid
+ limit strings to syslog.
+ * libmisc/limits.c: Ignore the return value of fclose().
+ /etc/limits is open read-only.
+ * libmisc/limits.c: Ignore the return value of fputs() and
+ sleep().
+ * libmisc/limits.c: Check the return value of nice() and
+ set_filesize_limit(), and report errors to syslog.
+
+2008-06-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/ulimit.c, lib/prototypes.h: Return failures of
+ set_filesize_limit(). Change the prototype to return an int
+ instead of void.
+
+2008-06-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/failure.c: Try to close the open file if a failure
+ occured during lseek(), read() or write().
+
+2008-06-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/log.c: Check return values. If lseek() failed, avoid
+ reading or writing at an unspecified location. Log to syslog in
+ case of failure.
+ * libmisc/log.c: Use the right casts.
+
+2008-06-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_ids.c, libmisc/find_new_gid.c,
+ libmisc/find_new_uid.c, libmisc/Makefile.am, lib/prototypes.h:
+ Split find_new_ids.c into find_new_gid.c and find_new_uid.c to
+ ease the description of login.defs variables in the different
+ tools.
+
+2008-06-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/failure.c: Ignore the return value of strftime() and
+ printf().
+ * libmisc/failure.c: Fix syslog call. The UID is not available.
+ User the username specified in the utmp/utmpx entry.
+
+2008-06-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/defines.h: Avoid implicit conversion of pointers to
+ booleans.
+ * lib/defines.h: Ignore return values of setlocale() except the
+ first call.
+ * lib/defines.h: Fix a splint observer warning by using an
+ intermediate variable (old_locale).
+
+2008-06-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/failure.c: Check return values. If lseek() failed, avoid
+ reading or writing at an unspecified location. Log to syslog in
+ case of failure when reading a faillog entry or writing in
+ faillog or btmp.
+ * libmisc/failure.c: Check if the file exist before opening it.
+ * libmisc/failure.c: Log failures of open() and close() when
+ necessary.
+
+2008-06-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: Add the getrange() prototype.
+ * lib/prototypes.h: Fix the valid_field() prototype (does not
+ return an bool).
+ * lib/prototypes.h: Fix the valid() prototype (it does return a
+ bool).
+
+2008-06-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/getdef.c: Fix the getdef_ulong() prototype.
+ * lib/getdef.h: Fix the getdef_ulong() prototype.
+
+2008-06-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/lastlog.c: Use getrange to parse the range of users.
+ * src/lastlog.c: umin and umax do not need to be signed long. Use
+ an unsigned long which might be needed to parse a GID or UID. Add
+ the has_umin and has_umax to replace the -1 values.
+ * src/lastlog.c: Cast dates to time_t.
+ * src/lastlog.c: Prefix lastlog errors with "lastlog: ".
+
+2008-06-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/getlong.c: Reset errno before calling strtol().
+ Otherwise, errno could be already set to ERANGE.
+
+2008-06-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/Makefile.am, libmisc/getrange.c: Added function to parse
+ a range (useful for lastlog).
+
+2008-06-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chsh.c: <signal.h> is not needed.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: Define AUDIT_NO_ID to (unsigned int) -1. This
+ value should be used when the ID should not be considered.
+ * lib/prototypes.h: Fix the prototype of do_rlogin() according to
+ earlier changes.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/shadow.c: Use SHADOW_SP_FLAG_UNSET for the initial
+ value of spwd.sp_flag.
+ * lib/shadow.c: Add brackets.
+ * lib/shadow.c: Avoid implicit conversion of pointers to
+ booleans.
+ * lib/shadow.c: The size argument of fgets is an int, not a
+ size_t.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: len should be typed ssize_t as it is the return
+ of read(), and is compared to 0. Cast to size_t when necessary.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_ids.c: Use getdef_ulong to retrieve UIDs/GIDs
+ from login.defs. Type constants to long integers.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/gshadow.c: Use a bool when possible instead of int integers.
+ * lib/gshadow.c: Remove __setsgNIS() -never used).
+ * lib/gshadow.c: Avoid multi-statements lines.
+ * lib/gshadow.c: Avoid assignments in comparisons.
+ * lib/gshadow.c: ptr[nelem] is a string. Initialize it to NULL
+ instead of '\0'.
+ * lib/gshadow.c: Add brackets and parenthesis.
+ * lib/gshadow.c: The size argument of strncpy is a size_t and the
+ size argument of fgets is an int.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c: Add brackets.
+ * lib/groupio.c: Make sure malloc receives a size_t.
+ * lib/groupio.c: Avoid multi-statements lines.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/sgetspent.c: Use SHADOW_SP_FLAG_UNSET for the initial
+ value of spwd.sp_flag.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/getdef.h, lib/getdef.c: Add getdef_ulong().
+ * lib/getdef.c: Added TODOs because of lack of error checking.
+ * lib/getdef.c: The size argument of fgets is an int, not a
+ size_t.
+ * lib/getdef.c: Avoid multi-statements lines.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/id.c: Make sure malloc receives a size_t.
+ * src/id.c: Use a %lu format and cast group and user IDs to
+ unsigned long integers.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/sulogin.c: Ignore the return value of signal().
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groups.c: sys_ngroups is only used when HAVE_GETGROUPS is
+ defined.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/faillog.c: Ignore return value of time() when use with a
+ non NULL argument.
+ * src/faillog.c: Use a %lu format and cast number of days to
+ unsigned long integers.
+ * src/faillog.c: Cast dates to time_t.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Ignore the return value of signal().
+ * src/login.c: Use a %lu format and cast group and user IDs to
+ unsigned long integers.
+ * src/login.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c: Add the arguments' names in the functions
+ prototypes.
+ * src/chage.c: The ID argument of audit_logger is an unsigned
+ int. Use AUDIT_NO_ID instead of -1.
+ * src/chage.c: print_date() received a time_t.
+ * src/chage.c: Use SHADOW_SP_FLAG_UNSET for the initial
+ value of spwent.sp_flag.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupadd.c: The ID argument of audit_logger is an unsigned
+ int. Use AUDIT_NO_ID instead of -1.
+ * src/groupadd.c: Cast the parsed GID/UID to a gid_t/uid_t.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Use a %lu format and cast group and user IDs to
+ unsigned long integers.
+ * src/pwck.c: Cast number of days to a long integer.
+ * src/pwck.c: Use the SCALE macro instead of (24L * 3600L)
+ for the values to be set in /etc/shadow.
+ * src/pwck.c: Use SHADOW_SP_FLAG_UNSET for the initial
+ value of spent.sp_flag.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Ignore return value of time() when use with a
+ non NULL argument.
+ * src/passwd.c: Cast number of days to a long integer.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmod.c: The ID argument of audit_logger is an unsigned
+ int. Use AUDIT_NO_ID instead of -1.
+ * src/groupmod.c: Use a %lu format and cast group and user IDs to
+ unsigned long integers.
+ * src/groupmod.c: Cast the parsed GID/UID to a gid_t/uid_t.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: The ID argument of audit_logger is an unsigned
+ int. Use AUDIT_NO_ID instead of -1.
+ * src/useradd.c: Cast the parsed GID/UID to a gid_t/uid_t.
+ * src/useradd.c: The size argument of fgets is an int, not a
+ size_t.
+ * src/useradd.c: Cast number of days to a long integer.
+ * src/useradd.c: Use SHADOW_SP_FLAG_UNSET for the initial
+ value of spent.sp_flag.
+ * src/useradd.c: Use a %lu format and cast group and user IDs to
+ unsigned long integers.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: fork() and waitpid() return a pid_t, not an int.
+ * src/su.c: Add brackets and parenthesis.
+ * src/su.c: Ignore the return value of signal().
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupdel.c: The ID argument of audit_logger is an unsigned
+ int. Use AUDIT_NO_ID instead of -1.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/expiry.c: Ignore the return value of signal().
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Fix the check for GID/UID validity.
+ * src/newusers.c: Comment why we use both getgrgid() and
+ gr_locate_gid().
+ * src/newusers.c: Cast the parsed GID/UID to a gid_t/uid_t.
+ * src/newusers.c: Cast the number of days to a long integer.
+ * src/newusers.c: Use SHADOW_SP_FLAG_UNSET for the initial
+ value of spent.sp_flag.
+ * src/newusers.c: The size argument of fgets is an int, not a
+ size_t.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Cast dates to time_t, and number of days to a
+ long integer.
+ * src/usermod.c: Cast UIDs and GIDs to uid_t and gid_t after
+ checking the ranges.
+ * src/usermod.c: The ID argument of audit_logger is an unsigned
+ int.
+ * src/usermod.c: read() returns a ssize_t.
+ * src/usermod.c: Cast the return value of malloc and make sure it
+ receives a size_t.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/logoutd.c: Ignore return value of time() when use with a
+ non NULL argument.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwconv.c: Use SHADOW_SP_FLAG_UNSET for the initial
+ value of sp.sp_flag.
+ * src/pwconv.c: Cast number of days to a long integer.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: The ID argument of audit_logger is an unsigned
+ int.
+ * src/gpasswd.c: Ignore the return value of signal(). The signal
+ handlers are only changed for the last steps of gpasswd, and there
+ is no need to restore them.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c: The ID argument of audit_logger is an unsigned
+ int.
+ * src/userdel.c: fork() and wait() return a pid_t, not an int.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c: Use a %lu format and cast group and user IDs to
+ unsigned long integers.
+ * src/newgrp.c: The ID argument of audit_logger is an unsigned
+ int.
+ * src/newgrp.c: Ignore the return value of signal() (the signal
+ handlers are assumed to be the default one and are restored
+ later).
+ * src/newgrp.c: Do not checl if a pid_t is < 0, check if equal
+ to (pid_t)-1.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/isexpired.c: Cast number of days to a long integer.
+ * libmisc/isexpired.c: Add brackets and parenthesis.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c: Do not specify a size of arrays in the
+ prototypes.
+ * libmisc/copydir.c: Use a size_t for the length of strings.
+ * libmisc/copydir.c: Cast the return value of malloc().
+ * libmisc/copydir.c: The size argument of write() is a size_t.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/pwd2spwd.c: Cast number of days to a long integer.
+ * libmisc/pwd2spwd.c: Use SHADOW_SP_FLAG_UNSET for the initial
+ value of sp.sp_flag.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/defines.h: Include <config.h> since it uses the macro that
+ might be defined in this header file.
+ * lib/defines.h: Prefer checking if HAVE_LOCALE_H or ENABLE_NLS
+ are defined (rather than set to non 0).
+ * lib/defines.h: The dummy implementations of bindtextdomain() and
+ textdomain() should return a pointer. Return NULL instead of
+ /* empty */
+ * lib/defines.h: Define SHADOW_SP_FLAG_UNSET, to be used for the
+ initialization of sp_flag field of the shadow structures.
+ * lib/defines.h: Define LC_ALL, needed even if HAVE_LOCALE_H is
+ not defined.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/sulog.c: Ignore the return value of umask() when the
+ mask is restored.
+ * libmisc/sulog.c: Add brackets.
+ * libmisc/sulog.c: Ignore return value of time() when use with a
+ non NULL argument.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/log.c: Avoid assignments in comparisons.
+ * libmisc/log.c: Add brackets and parenthesis.
+ * libmisc/log.c: read() returns a ssize_t (note size_t).
+ * libmisc/log.c: Avoid implicit conversion of pointers to
+ booleans.
+ * libmisc/log.c: Ignore return value of time() when use with a
+ non NULL argument.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/strtoday.c: Avoid implicit conversion of pointers to
+ booleans.
+ * libmisc/strtoday.c: Add brackets and parenthesis.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c: Use a size_t for the size of strings instead of
+ unsigned int.
+ * libmisc/salt.c: Add brackets and parenthesis.
+ * libmisc/salt.c: Avoid assignments in comparisons.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/age.c: fork() and wait() return a pid_t, not an int.
+ * libmisc/age.c: Avoid implicit conversion of pointers to
+ booleans.
+ * libmisc/age.c: Avoid assignments in comparisons.
+ * libmisc/age.c: Ignore the return value of printf(), puts(),
+ fputs() and fflush().
+ * libmisc/age.c: Add brackets and parenthesis.
+ * libmisc/age.c: Cast the return value of time() to long and
+ converted to a date.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/rlogin.c: The size argument of read() is a size_t.
+ Propagate this time to the callers (the get_remote_string() and
+ do_rlogin() functions).
+ * libmisc/rlogin.c: Add brackets and parenthesis.
+ * libmisc/rlogin.c: Avoid multi-statements lines.
+ * libmisc/rlogin.c: Avoid assignments in comparisons.
+ * libmisc/rlogin.c: Avoid implicit conversion of pointers to
+ booleans.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/failure.c: Avoid assignments in comparisons.
+ * libmisc/failure.c: read() returns a ssize_t.
+ * libmisc/failure.c: Add brackets and parenthesis.
+ * libmisc/failure.c: Ignore return value of time() when use with a
+ non NULL argument.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/chowntty.c: Avoid assignments in comparisons.
+ * libmisc/chowntty.c: Avoid implicit conversion of pointers to
+ booleans.
+ * libmisc/chowntty.c: Add brackets and parenthesis.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/audit_help.c: Add brackets.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/addgrps.c: Avoid implicit conversion of pointers to
+ booleans.
+ * libmisc/addgrps.c: Add brackets.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c: Avoid implicit conversion of pointers to
+ booleans.
+
+2008-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/console.c, libmisc/hushed.c, libmisc/yesno.c,
+ libmisc/loginprompt.c, libmisc/ttytype.c, libmisc/tz.c,
+ src/login_nopam.c, src/chpasswd.c, src/chgpasswd.c, lib/port.c:
+ The size argument of fgets is an int, not a size_t.
+ * libmisc/loginprompt.c: Ignore the return value from signal()
+ when the signal handlers are restored.
+ * src/chpasswd.c: Cast the return value of time() to a long
+ integer.
+ * src/chpasswd.c: Use the SCALE macro instead of (24L * 3600L)
+ for the values to be set in /etc/shadow.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Use a bool when possible instead of int integers.
+ * src/pwck.c: Avoid implicit conversion of integers to booleans.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Use a bool when possible instead of int integers.
+ * src/su.c: Add brackets and parenthesis.
+ * src/su.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/su.c: Ignore the return value of pam_end() before
+ exiting.
+ * src/su.c: Avoid assignments in comparisons.
+ * src/su.c: Avoid multi-statements lines.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, libmisc/valid.c: Change the prototype of
+ valid() to return a bool.
+ * libmisc/valid.c: Add parenthesis.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Add brackets and parenthesis.
+ * lib/commonio.c: Check the result of fgets().
+ * lib/commonio.c: Avoid implicit conversion of pointers to
+ booleans.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: Fix the prototypes to match earlier changes.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/nscd.c: Include defines.h.
+ * lib/nscd.c: Always warn when the nscd cache cannot be flushed.
+ * lib/nscd.c: Avoid assignments in comparisons.
+ * lib/nscd.c: Ignore the return value of fputs() when printing
+ errors.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/port.c: Add brackets and parenthesis.
+ * lib/port.c: Change isttytime() prototype to return a bool.
+ * lib/port.c: Ignore the return value of fclose () (file open
+ read-only).
+ * lib/port.c: Avoid multi-statements lines.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/id.c: Ignore the return value of fputs(), puts(), putchar(),
+ and printf().
+ * src/id.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/id.c: Add brackets and parenthesis.
+ * src/id.c: Avoid implicit conversion of pointers / integers
+ to booleans.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chsh.c: Use a bool when possible instead of int integers.
+ * src/chsh.c: restricted_shell() renamed is_restricted_shell().
+ check_shell() renamed shell_is_listed().
+ * src/chsh.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/chsh.c: Avoid implicit conversion of pointers / integers
+ to booleans.
+ * src/chsh.c: Ignore the return value of pam_end() before
+ exiting.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpunconv.c: Use a bool when possible instead of int
+ integers.
+ * src/grpunconv.c: Add brackets and parenthesis.
+ * src/grpunconv.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/grpunconv.c: Avoid implicit conversion of pointers / integers
+ to booleans.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/sulogin.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/sulogin.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/sulogin.c: Avoid assignments in comparisons.
+ * src/sulogin.c: Ignore the return value of alarm().
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groups.c: Use a bool when possible instead of int integers.
+ * src/groups.c: Add brackets and parenthesis.
+ * src/groups.c: Avoid implicit conversion of pointers / integers
+ to booleans.
+ * src/groups.c: Avoid assignments in comparisons.
+ * src/groups.c: Ignore the return value of putchar(), printf()
+ * src/groups.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpconv.c: Use a bool when possible instead of int integers.
+ * src/grpconv.c: Add brackets and parenthesis.
+ * src/grpconv.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/grpconv.c: Avoid implicit conversion of pointers / integers
+ to booleans.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/faillog.c: Use a bool when possible instead of int integers.
+ * src/faillog.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/faillog.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/faillog.c: Add brackets and parenthesis.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Avoid multi-statements lines.
+ * src/login.c: Ignore the return value of pam_end() before
+ exiting.
+ * src/login.c: Use a bool when possible instead of int integers.
+ * src/login.c: Add brackets and parenthesis.
+ * src/login.c: Ignore the return values of fflush(), putchar(), puts().
+ * src/login.c: Ignore the return value of fclose() for read-only
+ files.
+ * src/login.c: Avoid assignments in comparisons.
+ * src/login.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/login.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c: Use a bool when possible instead of int integers.
+ * src/chage.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupadd.c: Use a bool when possible instead of int
+ integers.
+ * src/groupadd.c: Add brackets and parenthesis.
+ * src/groupadd.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/groupadd.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/groupadd.c: Ignore the return value of pam_end() before
+ exiting.
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Use a bool when possible instead of int integers.
+ * src/pwck.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Use a bool when possible instead of int integers.
+ * src/passwd.c: Avoid assignments in comparisons.
+ * src/passwd.c: Add brackets and parenthesis.
+ * src/passwd.c: Avoid implicit conversion of pointers / integers /
+ chars to booleans.
+ * src/passwd.c: Move the "context_t c" declaration at the
+ beginning check_selinux_access.
+ * src/passwd.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmod.c: Use a bool when possible instead of int
+ integers.
+ * src/groupmod.c: Avoid assignments in comparisons.
+ * src/groupmod.c: Add brackets and parenthesis.
+ * src/groupmod.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/groupmod.c: Use a %lu format to print GIDs, and cast the GID
+ to (unsigned long int).
+ * src/groupmod.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/groupmod.c: Ignore the return value of pam_end() before
+ exiting.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Use a bool when possible instead of int integers.
+ * src/useradd.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/useradd.c: Add brackets and parenthesis.
+ * src/useradd.c: Avoid assignments in comparisons.
+ * src/useradd.c: Ignore the return value of fclose() for read-only
+ files.
+ * src/useradd.c: Ignore the return value of fflush() before
+ closing the files.
+ * src/useradd.c: Avoid multi-statements lines.
+ * src/useradd.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/useradd.c: Ignore the return value of pam_end() before
+ exiting.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/vipw.c: Use a bool when possible instead of int integers.
+ * src/vipw.c: Ignore the return value of umask(), when the mask is
+ set again to the old value.
+ * src/vipw.c: Avoid implicit conversion of pointers / integers to
+ booleans.
+ * src/vipw.c: Add brackets and parenthesis.
+ * src/vipw.c: Avoid assignments in comparisons.
+ * src/vipw.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/vipw.c: Add missing termination of the longopts parameter
+ for getopt_long().
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chgpasswd.c: Use a bool when possible instead of int
+ integers.
+ * src/chgpasswd.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/chgpasswd.c: Avoid implicit conversion of integers to
+ booleans.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupdel.c: Use a bool when possible instead of int
+ integers.
+ * src/groupdel.c: Avoid implicit conversion of pointers / integers to
+ booleans.
+ * src/groupdel.c: Avoid assignments in comparisons.
+ * src/groupdel.c: Ignore the return value of pam_end() before
+ exiting.
+ * src/groupdel.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/expiry.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/expiry.c: Add brackets and parenthesis.
+ * src/expiry.c: Avoid assignments in comparisons.
+ * src/expiry.c: Avoid implicit conversion of pointers to booleans.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwunconv.c: Use a bool when possible instead of int
+ integers.
+ * src/pwunconv.c: Add brackets and parenthesis.
+ * src/pwunconv.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/pwunconv.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/pwunconv.c: Avoid assignments in comparisons.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Use a bool when possible instead of int integers.
+ * src/usermod.c: Add brackets and parenthesis.
+ * src/usermod.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/usermod.c: Avoid assignments in comparisons.
+ * src/usermod.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/usermod.c: Ignore the return value of pam_end() before
+ exiting.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmems.c: Move the declaration of option_index and
+ long_options before the blocks of code.
+ * src/groupmems.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/groupmems.c: Ignore the return value of pam_end() before
+ exiting.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chfn.c: Use a bool when possible instead of int integers.
+ * src/chfn.c: Avoid implicit conversion of integers / chars to
+ booleans.
+ * src/chfn.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/logoutd.c: Use a bool when possible instead of int integers.
+ * src/logoutd.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/logoutd.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/logoutd.c: Add brackets and parenthesis.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chpasswd.c: Use a bool when possible instead of int
+ integers.
+ * src/chpasswd.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/chpasswd.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwconv.c: Use a bool when possible instead of int integers.
+ * src/pwconv.c: Add brackets and parenthesis.
+ * src/pwconv.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/pwconv.c: Avoid implicit conversion of pointers / integers /
+ chars to booleans.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newusers.c: Implement the -r, --system option.
+ * src/newusers.c: Use a bool when possible instead of int
+ integers.
+ * src/newusers.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/newusers.c: Ignore the return value of pam_end() before
+ exiting.
+ * src/newusers.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/newusers.c: Avoid multi-statements lines.
+ * src/newusers.c: Add brackets and parenthesis.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: Use a bool when possible instead of int integers.
+ * src/gpasswd.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/gpasswd.c: Ignore the return value of putchar() and fflush()
+ before exiting.
+ * src/gpasswd.c: check_list() renamed is_valid_user_list(), and
+ return a bool.
+ * src/gpasswd.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpck.c: Use a bool when possible instead of int integers.
+ * src/grpck.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/lastlog.c: Use a bool when possible instead of int integers.
+ * src/lastlog.c: Avoid implicit conversion of pointers / integers
+ / chars to booleans.
+ * src/lastlog.c: Add brackets and parenthesis.
+ * src/lastlog.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c: Use a bool for the is_shadow_pwd, is_shadow_grp,
+ deleted_user_group, was_member, was_admin, and the
+ options' flags.
+ * src/userdel.c: Change path_prefix() prototype to return a bool.
+ * src/userdel.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/userdel.c: Ignore the return value from pam_end() since we
+ are exiting anyway just afterwards.
+ * src/userdel.c: Avoid implicit conversion of pointers /
+ integers / chars to booleans.
+ * src/userdel.c: Add brackets and parenthesis.
+ * src/userdel.c: Avoid assignments in comparisons.
+ * src/userdel.c: Do not ignore the return value of the *_unlock()
+ functions.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login_nopam.c: Do not use the YES and NO macros. Use the
+ booleans true and false instead. Change the prototypes of
+ list_match(), user_match(), from_match(), and string_match()
+ accordingly. Also use booleans internally.
+ * src/login_nopam.c: Add brackets and parenthesis.
+ * src/login_nopam.c: Avoid implicit conversion of pointers /
+ integers / chars to booleans.
+ * src/login_nopam.c: Avoid assignments in comparisons.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c: Use a bool for is_newgrp, notfound, needspasswd,
+ initflag, and cflag.
+ * src/newgrp.c: Add brackets and parenthesis.
+ * src/newgrp.c: Avoid implicit conversion of pointers / integers /
+ chars to booleans.
+ * src/newgrp.c: Avoid multi-statements lines.
+ * src/newgrp.c: Ignore return value of setlocale(),
+ bindtextdomain(), and textdomain().
+ * src/newgrp.c: Avoid assignments in comparisons.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/list.c: Change is_on_list() prototype to return a bool.
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_ids.c: Change find_new_uid() and find_new_gid()
+ prototypes to use a bool for their first argument (sys_user /
+ sys_group).
+
+2008-06-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/console.c: Change is_listed() prototype to return a bool.
+ The default parameter should also be a bool.
+ * libmisc/console.c: Add brackets and parenthesis.
+ * libmisc/console.c: Avoid assignments in comparisons.
+ * libmisc/console.c: Change console() prototype to return a bool.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/sgetspent.c: Add brackets and parenthesis.
+ * lib/sgetspent.c: Avoid assignments in comparisons.
+ * lib/sgetspent.c: Avoid implicit conversion of pointers / chars
+ to booleans.
+ * lib/sgetspent.c: Avoid multi-statements lines.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/sgetpwent.c: Avoid implicit conversion of pointers / chars to
+ booleans.
+ * lib/sgetpwent.c: Add brackets and parenthesis.
+ * lib/sgetpwent.c: Return NULL instead of 0.
+ * lib/sgetpwent.c: Do not check twice if fields[2] and fields[3]
+ are not empty.
+ * lib/sgetpwent.c: Avoid assignments in comparisons.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/getdate.y: abbrev is a bool.
+ * libmisc/getdate.y: Avoid implicit conversion of pointers / chars /
+ integers to booleans.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: Fix prototypes according to earlier changes
+ (usage of the bool type).
+ * lib/prototypes.h: Add the arguments' name to the prototypes.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.h: Add protection against multiple inclusions.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/pwio.h: Add protection against multiple inclusions.
+ * lib/pwio.c: The changed, isopen, locked, and readonly fields
+ of the db are booleans.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/shadowio.h, lib/shadowio.c: spw_file_present returns a bool.
+ * lib/shadowio.h: Add protection against multiple inclusions.
+ * lib/shadowio.c: The changed, isopen, locked, and readonly fields
+ of the db are booleans.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/sgroupio.c: Avoid assignments in comparisons.
+ * lib/sgroupio.c: Add brackets.
+ * lib/sgroupio.c: Avoid implicit conversion of pointers / integers
+ to booleans.
+ * lib/sgroupio.c: The changed, isopen, locked, and readonly fields
+ of the db are booleans.
+ * lib/sgroupio.h, lib/sgroupio.c: sgr_file_present returns a bool.
+ * lib/sgroupio.h: Add protection against multiple inclusions.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/gshadow.c: nis_used and nis_bound are booleans.
+ * lib/gshadow.c: Avoid implicit conversion of pointers / integers
+ to booleans.
+ * lib/gshadow.c: Avoid assignments in comparisons.
+ * lib/gshadow.c: Add brackets.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c: The changed, isopen, locked, and readonly fields
+ of the db are booleans.
+ * lib/groupio.h: Add protection against multiple inclusion.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/sgetgrent.c: Avoid implicit conversion of pointers / chars
+ to booleans.
+ * lib/sgetgrent.c: Avoid assignments in comparisons.
+ * lib/sgetgrent.c: Add brackets.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/encrypt.c: Avoid implicit conversion of pointers to
+ booleans.
+ * lib/encrypt.c: Add parenthesis.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/port.c: Avoid implicit conversion of pointers / integers /
+ chars to booleans.
+ * lib/port.c: Avoid multiple statement on the same line.
+ * lib/port.c: Add brackets and parenthesis.
+ * lib/port.c: Avoid assignments in comparisons.
+ * lib/port.c: Fix typo comparision -> comparison (in comment).
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/fputsx.c: Add brackets.
+ * lib/fputsx.c: Avoid assignments in comparisons.
+ * lib/fputsx.c: Avoid implicit conversion of pointers / integers /
+ chars to booleans.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.h: commonio_entry.changed, commonio_db.changed,
+ commonio_db.isopen, commonio_db.locked, and commonio_db.readonly
+ are no booleans.
+ * lib/commonio.h: Include defines.h to get the definition of bool.
+ * lib/commonio.h: commonio_present returns a bool
+ * lib/commonio.c: Implement above changes.
+ * lib/commonio.c: add argument names in prototypes.
+ * lib/commonio.c: name_is_nis returns a bool.
+ * lib/commonio.c: nscd_need_reload is a bool.
+ * lib/commonio.c: Improve types (use size_t / pid_t when needed
+ instead of int).
+ * lib/commonio.c: Avoid assignments in comparisons.
+ * lib/commonio.c: Add brackets and parenthesis.
+ * lib/commonio.c: Avoid implicit conversion of pointers / integers
+ to booleans
+ * lib/commonio.c: The return values of utime is not checked on
+ purpose.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/isexpired.c: ARGSUSED is no more needed (shadow is
+ always supported).
+ * libmisc/isexpired.c: Avoid implicit conversion of pointers to
+ booleans.
+ * libmisc/isexpired.c: Add brackets and parenthesis.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/sulog.c (sulog): The success argument is a bool.
+ * libmisc/sulog.c: The return values of fflush is not checked on
+ purpose.
+ * libmisc/sulog.c: Indicate that some return values should be
+ checked.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/ttytype.c: Avoid implicit conversion of pointers /
+ integers to booleans.
+ * libmisc/ttytype.c: Avoid assignments in comparisons.
+ * libmisc/ttytype.c: Add brackets and parenthesis.
+ * libmisc/ttytype.c: The return values of fclose is not checked on
+ purpose.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/mail.c: Avoid implicit conversion of pointers to
+ booleans.
+ * libmisc/mail.c: Avoid assignments in comparisons.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/loginprompt.c: Avoid implicit conversion of pointers /
+ chars to booleans.
+ * libmisc/loginprompt.c: Add brackets.
+ * libmisc/loginprompt.c: Avoid assignments in comparisons.
+ * libmisc/loginprompt.c: The return values of fclose and fflush
+ are not checked on purpose.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/setupenv.c: Avoid implicit conversion of chars to
+ booleans.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c: selinux_checked, selinux_enabled, and set_orig
+ are now booleans.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/setugid.c (setup_uid_gid): The is_console argument is now
+ a bool.
+ * libmisc/setugid.c: Avoid implicit conversion of integers /
+ pointers to booleans.
+ * libmisc/setugid.c: Add brackets.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/pam_pass.c (do_pam_passwd): The silent and
+ change_expired are no booleans instead of int.
+ * libmisc/pam_pass.c: The return value of pam_end is not checked
+ on purpose.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/getlong.c: Avoid implicit conversion of pointers / chars
+ to booleans.
+ * libmisc/getlong.c: Add brackets.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/valid.c: Avoid implicit conversion of pointers / chars
+ to booleans.
+ * libmisc/valid.c: Add brackets.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/yesno.c: yes_or_no returns a bool instead of int.
+ * libmisc/yesno.c: Avoid implicit conversion of pointers to
+ booleans.
+ * libmisc/yesno.c: The return value of fflush is not checked
+ on purpose.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/age.c: Avoid implicit conversion of integers to
+ booleans.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/rlogin.c: Avoid assignments in comparisons.
+ * libmisc/rlogin.c: Avoid implicit conversion of integers to
+ booleans.
+ * libmisc/rlogin.c: Add brackets.
+
+2008-05-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/failure.c (failcheck): The failed argument is a bool.
+ * libmisc/failure.h: Likewise.
+ * libmisc/failure.c (too_many_failures): too_many_failures returns
+ a bool.
+ * libmisc/failure.c: Add notes about unchecked return values.
+ * libmisc/failure.c: Avoid assignments in comparisons.
+ * libmisc/failure.c: Add brackets.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/myname.c: Avoid assignments in comparisons.
+ * libmisc/myname.c: Avoid implicit conversion of pointers / chars
+ to booleans.
+ * libmisc/myname.c: Add brackets.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/utmp.c (checkutmp): Change picky argument's type to
+ bool.
+ * libmisc/utmp.c: Use bool when possible (found_utmpx,
+ found_utmp).
+ * libmisc/utmp.c: Add note about unchecked return values.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/addgrps.c: Change type of added to bool.
+ * libmisc/addgrps.c: Avoid implicit conversion of pointers to
+ booleans.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/hushed.c: hushed returns a bool instead of int.
+ * libmisc/hushed.c: Avoid assignments in comparisons.
+ * libmisc/hushed.c (hushed): Change type of found to bool.
+ * libmisc/hushed.c: Add brackets.
+ * libmisc/hushed.c: Always check if the user or the shell is in
+ the file. Do not check the first character of the line first. This
+ is simpler and match better with the HUSHLOGIN_FILE documentation.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/getdef.h, lib/getdef.c: getdef_bool returns a bool instead
+ of int.
+ * lib/getdef.c: Change typo of def_loaded to bool.
+ * lib/getdef.c: Add brackets.
+ * lib/getdef.c: Avoid assignments in comparisons.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/chowntty.c: is_my_tty returns a bool.
+ * libmisc/chowntty.c: Avoid implicit conversion of integers to
+ booleans.
+ * libmisc/chowntty.c: Add brackets.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/chowndir.c: Avoid assignment in comparisons, implicit
+ comparison of integers to booleans.
+ * libmisc/chowndir.c: The return value of closedir is not checked
+ on purpose.
+ * libmisc/chowndir.c: Add brackets.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp.
+ check_user_name) renamed to is_valid_user_name (resp.
+ is_valid_group_name). is_valid_user_name and is_valid_group_name
+ return a bool.
+ * src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c,
+ src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name
+ and is_valid_group_name, following above change.
+ * libmisc/chkname.c: Avoid implicit conversion of chars to
+ booleans. Add brackets and parenthesis.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/xmalloc.c: Avoid implicit conversion of integers /
+ pointers to booleans.
+ * libmisc/xgetXXbyYY.c: Likewise.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in, lib/defines.h: Allow usage of booleans in the
+ source.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Allow --disable-man and --enable-man=no.
+
+2008-06-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Prepare the 4.1.2.1 release
+ * NEWS: set the release date.
+ * man/po/*.po, po/*.po: Updated PO files.
+ * configure.in: Set the version to 4.1.2.1.
+
+2008-06-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/login.c: Fix an "audit log injection" vulnerability in
+ login. This is similar to CVE-2008-1926 (util-linux-ng's login).
+ This vulnerability makes it easier for attackers to hide
+ activities by modifying portions of log events, e.g. by appending
+ an addr= statement to the login name.
+ * lib/prototypes.h: Added definition of AUDIT_NO_ID.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ Prepare the 4.1.2 release
+ * NEWS: set the release date.
+ * man/po/*.po, po/*.po: Updated PO files.
+ * configure.in: Set the version to 4.1.2.
+
+2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/Makevars, man/po/Makefile.in.in: Run msgmerge with
+ --previous. (This requires gettext >= 0.16)
+
+2008-05-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c (remove_tree): As we always use remove_tree
+ followed by rmdir to remove the directory itself, delete also the
+ root directory in remove_tree.
+ * src/userdel.c, src/usermod.c: Do not call rmdir after
+ remove_tree.
+
+2008-05-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c (remove_tree): Make sure unlink is successful
+ when removing files.
+
+2008-05-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/pwdcheck.c: Simply passwd_check since it's never used
+ when configured with PAM support.
+
+2008-05-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ Fix compiler warnings:
+ * libmisc/audit_help.c: Include prototypes.h to get the prototype
+ of audit_help_open.
+ * libmisc/salt.c: Use booleans instead of negating integers.
+ * src/passwd.c: Declare the check_selinux_access prototype and
+ avoid name clashes (change_user -> changed_user; change_uid ->
+ changed_uid; access -> requested_access)
+ * libmisc/list.c: Avoid assignments in comparisons, assignments
+ with post increments (x++), use of integers as booleans, and
+ explicitly mark blocks with brackets.
+ * libmisc/fields.c: Likewise.
+ * libmisc/copydir.c: Likewise.
+ * libmisc/fields.c: Add comments.
+ * libmisc/copydir.c: Mark function whose return value is not
+ checked as such.
+
+2008-05-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/pam_pass.c: Use fputs rather than fprintf for constant
+ strings.
+
+2008-05-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.1.xml: Indicate that login should be executed with
+ "exec login" if called from a shell.
+
+2008-05-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/passwd.1.xml: Remove the advices for the choice of a good
+ password (they are debatable). Point to
+ http://en.wikipedia.org/wiki/Password_strength instead.
+
+2008-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, libmisc/salt.c (SHA_salt_size): Seed the RNG, and fix a
+ overflow. These caused the SHA salt size to always be 8 bytes,
+ instead of being in the 8-16 range. Thanks to Peter Vrabec
+ pvrabec@redhat.com for noticing.
+ * NEWS, libmisc/salt.c (SHA_salt_rounds): Seed the RNG with
+ seedRNG instead of srand, and fix the same overflow. This caused
+ the number of rounds to always be the smallest one.
+
+2008-05-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newusers.8.xml man/groupmems.8.xml man/groupdel.8.xml
+ man/useradd.8.xml man/groupadd.8.xml man/newgrp.1.xml man/sg.1.xml
+ man/chgpasswd.8.xml man/groupmod.8.xml: Tag the section which
+ require --enable-shadowgrp accordingly.
+
+2008-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.5.xml: SHA_CRYPT_MAX_ROUNDS and
+ SHA_CRYPT_MIN_ROUNDS can only exist if configured with
+ --with-sha-crypt.
+
+2008-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, man/useradd.8.xml: Document the -k, --skel option, and
+ update the -m, --create-home documentation.
+
+2008-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/useradd.8.xml: Sort options.
+
+2008-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/getdef.c: SHA_CRYPT_MAX_ROUNDS and SHA_CRYPT_MIN_ROUNDS can
+ only exist if configured with --with-sha-crypt.
+ * man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml: Likewise.
+
+2008-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c: Document the section closed by #endif
+
+2008-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Fix formatting.
+
+2008-05-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, man/useradd.8.xml: Document the -r, --system option.
+ * NEWS, man/groupadd.8.xml: Document the -r, --system option.
+ * NEWS, man/newusers.8.xml: Document the -r, --system option.
+ * NEWS, man/newusers.8.xml: Document the -c, --crypt-method and
+ -s, --sha-rounds options.
+
+2008-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ Import Debian patch 487_passwd_chauthtok_failed_message
+ * libmisc/pam_pass.c: Be more verbose and indicate that the
+ password was not changed when pam_chauthtok fails (in addition to
+ the PAM error, which may not be comprehensible for the users).
+
+2008-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ Import Debian patch 434_login_stop_checking_args_after--
+ * NEWS, src/login.c (check_flags): Stop checking the arguments
+ after --. The later options will be sent to the shell, and do not
+ need to be checked.
+
+2008-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/vipw.c, src/su.c, src/newgrp.c: Harmonize the children's
+ SIGSTOP handling. Raise the signal which stopped the child instead
+ of always SIGSTOP.
+
+2008-05-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ Import Debian patch 406_vipw_resume_properly.
+ Thanks to Dean Gaudet.
+ * NEWS, src/vipw.c: Resume properly after ^Z.
+
+2008-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/getdef.c, lib/lockpw.c, lib/utent.c, lib/sgetgrent.c,
+ lib/getdef.h, lib/pwauth.c, lib/sgetspent.c, lib/pwauth.h,
+ lib/port.c, lib/encrypt.c, lib/groupio.c, lib/shadowmem.c,
+ lib/port.h, lib/groupio.h, lib/groupmem.c, lib/exitcodes.h,
+ lib/gshadow.c, lib/gshadow_.h, lib/sgroupio.c, lib/sgroupio.h,
+ lib/shadowio.c, lib/pwio.c, lib/sgetpwent.c, lib/commonio.c,
+ lib/faillog.h, lib/shadowio.h, lib/pwio.h, lib/pam_defs.h,
+ lib/pwmem.c, lib/commonio.h, lib/shadow.c, lib/fputsx.c,
+ lib/prototypes.h, libmisc/xmalloc.c, libmisc/limits.c,
+ libmisc/entry.c, libmisc/console.c, libmisc/ulimit.c,
+ libmisc/xgetXXbyYY.c, libmisc/chkname.c, libmisc/pwd2spwd.c,
+ libmisc/xgetpwnam.c, libmisc/basename.c, libmisc/chkname.h,
+ libmisc/chowndir.c, libmisc/audit_help.c, libmisc/chowntty.c,
+ libmisc/hushed.c, libmisc/xgetpwuid.c, libmisc/getdate.h,
+ libmisc/addgrps.c, libmisc/xgetgrgid.c, libmisc/utmp.c,
+ libmisc/myname.c, libmisc/failure.c, libmisc/find_new_ids.c,
+ libmisc/env.c, libmisc/rlogin.c, libmisc/age.c, libmisc/failure.h,
+ libmisc/xgetgrnam.c, libmisc/yesno.c, libmisc/valid.c,
+ libmisc/getlong.c, libmisc/obscure.c, libmisc/pam_pass.c,
+ libmisc/motd.c, libmisc/salt.c, libmisc/setugid.c,
+ libmisc/fields.c, libmisc/xgetspnam.c, libmisc/shell.c,
+ libmisc/copydir.c, libmisc/setupenv.c, libmisc/strtoday.c,
+ libmisc/loginprompt.c, libmisc/list.c, libmisc/pwd_init.c,
+ libmisc/log.c, libmisc/mail.c, libmisc/ttytype.c,
+ libmisc/pwdcheck.c, libmisc/sub.c, libmisc/sulog.c,
+ libmisc/isexpired.c, libmisc/tz.c, src/newgrp.c, src/userdel.c,
+ src/lastlog.c, src/grpck.c, src/gpasswd.c, src/newusers.c,
+ src/pwconv.c, src/chpasswd.c, src/logoutd.c, src/chfn.c,
+ src/groupmems.c, src/usermod.c, src/pwunconv.c, src/expiry.c,
+ src/groupdel.c, src/chgpasswd.c, src/vipw.c, src/useradd.c,
+ src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c,
+ src/groupadd.c, src/nologin.c, src/chage.c, src/login.c,
+ src/suauth.c, src/faillog.c, src/grpconv.c, src/groups.c,
+ src/sulogin.c, src/grpunconv.c, src/chsh.c, src/id.c: Make sure
+ every source files are distributed with a copyright and license.
+ Files with no license use the default 3-clauses BSD license. The
+ copyright were mostly not recorded; they were updated according to
+ the Changelog. "Julianne Frances Haugh and contributors" changed
+ to "copyright holders and contributors".
+
+2008-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, libmisc/sulog.c: If the SULOG_FILE does not exist when an
+ su session is logged, make sure the file is created with group
+ root, instead of using the group of the caller.
+
+2008-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, libmisc/fields.c, src/chfn.c, man/chfn.1.xml: Allow
+ non-US-ASCII characters in the GECOS fields ("name", "room
+ number", and "other info" fields).
+
+2008-04-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newgrp.c: Fix compilation failure when compiled with
+ audit support. Thanks to Mike Frysinger for reporting it.
+
+2008-04-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ Ensure that getpwent() is used in setpwent(), getpwent(),
+ endpwend() sequences (ditto for getgrent(), getspent(), and
+ getsgent()). The only real (minor) issue was in login, which kept
+ the passwd file open.
+ * libmisc/entry.c: Remove unneeded setspent() and endspent() (only
+ getspnam is called in the middle).
+ * libmisc/find_new_ids.c: Make sure to close the password and
+ group files with endpwent() and endgrent().
+ * libmisc/pwdcheck.c: Remove unneeded endspent() (only getspnam()
+ is called before).
+ * src/lastlog.c, src/passwd.c, src/groupmod.c, src/faillog.c,
+ src/groups.c: Make sure to close
+ the password file with endpwent().
+ * src/login.c: Remove unneeded setpwent() (only xgetpwnam is
+ called before).
+ * src/login.c, src/newgrp.c: Fix typos in comments.
+
+2008-04-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, configure.in: Fix the detection of the audit, pam, and
+ selinux. Fail if the feature is requested but the library (or
+ header file) could not be found. If nothing is specified, enable
+ the feature only if we can find the library (or header file).
+ * configure.in: Document --with-selinux as "yes if found" rather
+ than "autodetected" for consistency with other options.
+
+2008-04-04 Mark Rosenstand <mark@borkware.net>
+
+ * NEWS, etc/pam.d/Makefile.am: Add chfn, chsh, and userdel to
+ $(pamd_files). Remove the duplicate useradd. And sort
+ alphabetically.
+
+2008-04-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: Prepare next release, 4.1.2.
+
+2008-04-02 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, configure.in: Prepare release 4.1.1
+ * NEWS: Fix the release date of 4.1.0. Was in 2007, not 2008.
+
+2008-04-02 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/fr.po: Update according to the file under review.
+ Thanks to Jean-Luc Coulon.
+
+2008-04-01 Holger Wansing <linux@wansing-online.de>
+
+ * po/de.po: updated to 431t
+
+2008-03-31 Piarres Beobide <pi+debian@beobide.net>
+
+ * po/eu.po: updated to 431t
+
+2008-03-30 Leandro Azevedo <leorock182@gmail.com>
+
+ * po/pt_BR.po: updated to 360t71f
+
+2008-03-30 Mehmet Türker <mturker@innova.com.tr>
+
+ * po/tr.po: updated to 431t
+
+2008-03-30 Clytie Siddall <clytie@riverland.net.au>
+
+ * po/vi.po: updated to 431t
+
+2008-03-30 Daniel Nylander <yeager@ubuntu.com>
+
+ * po/sv.po: updated to 431t
+
+2008-03-29 helix84 <helix84@centrum.sk>
+
+ * po/sk.po: updated to 431t
+
+2008-03-27 Danilo Piazzalunga <danilopiazza@gmail.com>
+
+ * po/it.po: updated to 431t
+
+2008-03-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * TODO: Added entries regarding SE Linux.
+
+2008-03-26 Russell Coker <russell@coker.com.au>
+
+ * src/passwd.c, NEWS: Make SE Linux tests more strict, when the
+ real UID is 0 SE Linux checks will be performed.
+
+2008-03-24 Yuri Kozlov <kozlov.y@gmail.com>
+
+ * po/ru.po: updated to 431t
+
+2008-03-23 Miguel Figueiredo <elmig@debianpt.org>
+
+ * po/pt.po: updated to 431t
+
+2008-03-21 Changwoo Ryu <cwryu@debian.org>
+
+ * po/ko.po: updated to 431t
+
+2008-03-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.5.xml: Fix manpages generation. The SYS_GID_MAX
+ and SYS_UID_MAX entities were not defined.
+
+2008-03-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/faillog.c: Fix minor compilation warning (assignment used as
+ a comparison).
+
+2008-03-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, src/login.c: login_access() is used in
+ src/login.c, and defined in src/login_nopam.c (which lacks a
+ prototype). Move its prototype from src/login.c to
+ lib/prototypes.h.
+
+2008-03-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c, src/groupmod.c: Compilation fix. gshadow_locked
+ should only be used if SHADOWGRP is defined.
+
+2008-03-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpck.c: Fix some warnings. compare_members_lists() is only
+ used if SHADOWGRP is defined.
+
+2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupmod.c: Make sure the passwd, group, and gshadow
+ files are unlocked on exit. Unlock locked files in fail_exit().
+ Prefer fail_exit() over exit().
+ * NEWS, src/groupmod.c: When the GID of a group is changed, update
+ also the GID of the passwd entries of the users whose primary
+ group is the group being modified.
+
+2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c (commonio_remove): Fail when the name to be
+ removed is used by different entries (like commonio_update does).
+ * NEWS: This fix the behavior of groupdel when the system is not
+ configured to support split group but different group entries
+ have the name of the group to be deleted.
+
+2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/useradd.c: Make sure the passwd, group, shadow, and
+ gshadow files are unlocked on exit. Unlock locked files in
+ fail_exit(). Prefer fail_exit() over exit().
+
+2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupdel.c: Make sure the group, and gshadow files are
+ unlocked on exit. Add function fail_exit(). Use fail_exit()
+ instead of exit().
+ * src/groupdel.c: Fail immediately instead of increasing errors.
+ Better handling of error cases, like locked group or gshadow file.
+
+2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newusers.c: Make sure the passwd, group, shadow, and
+ gshadow files are unlocked on exit. Add function fail_exit(). Use
+ fail_exit() instead of exit().
+
+2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/gpasswd.c: Make sure the group and gshadow files are
+ unlocked on exit. Add function fail_exit(). Use fail_exit()
+ instead of exit().
+
+2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupdel.c: Do not rewrite the group and gshadow file
+ in case of error.
+
+2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupdel.c: Do not log that the group was deleted if an
+ error occurred.
+
+2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupdel.c: Do not raise an error if the group does
+ not exist in the gshadow file.
+
+2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * etc/login.defs: Document MAX_MEMBERS_PER_GROUP.
+
+2008-03-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c: Add missing end of line in message.
+ * src/newgrp.c: Add audit events for the authentication
+ (AUDIT_GRP_AUTH). Thansk to Peter Vrabec.
+
+2008-03-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/faillog.c: Only reset the entries of existing users
+ with faillog -r (not all numeric IDs starting from 0). Thanks to
+ Peter Vrabec.
+
+2008-03-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwunconv.c: Fix typo. One "can't open" message is a "can't
+ lock".
+
+2008-02-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: When a password is moved to the gshadow file, use
+ "x" instead of "!" to indicate that the password is shadowed
+ (consistency with grpconv).
+
+2008-02-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: Fix failures when the gshadow file is not present. Thanks
+ to Christian Henz (http://bugs.debian.org/467488)
+ * src/gpasswd.c (get_group): Do not fail if gshadow is not present. Just use
+ the group file and set the grent structure
+ * src/gpasswd.c (check_perms): The permissions should be checked
+ using both the gshadow and group file. Add a <struct group *>
+ parameter, and check if the gshadow file exists (is_shadowgrp).
+ * src/gpasswd.c (main): Do not use sgent.sg_mem or sgent.sg_adm if
+ the gshadow file is not present (sgent is not initialized in that
+ case). The fields of sgent can be set, but not used.
+
+2008-02-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c: Fix typo in comment.
+ * src/gpasswd.c: Move comment regarding FIRST_MEMBER_IS_ADMIN to
+ where it belongs.
+ * src/gpasswd.c: Indicate the end of the #ifdef FIRST_MEMBER_IS_ADMIN
+ section.
+
+2008-02-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/Makefile.in.in: Use --previous when merging PO files of
+ the manpages.
+
+2008-02-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/SYS_UID_MAX.xml, man/login.defs.d/SYS_GID_MAX.xml:
+ Document new variables.
+ * man/newusers.8.xml, man/login.defs.5.xml,
+ man/login.defs.d/GID_MAX.xml, man/login.defs.d/UID_MAX.xml:
+ newusers uses now the GID_MAX, GID_MIN, UID_MAX, UID_MIN,
+ SYS_GID_MAX, SYS_GID_MIN, SYS_UID_MAX, and SYS_UID_MIN variables.
+ * man/groupadd.8.xml, man/login.defs.5.xml: groupadd uses now the
+ SYS_GID_MAX, and SYS_GID_MIN variables.
+ * man/login.defs.5.xml: useradd uses now the SYS_GID_MAX,
+ SYS_GID_MIN, SYS_UID_MAX, and SYS_UID_MIN variables.
+ * man/Makefile.am: Add the new XML documentation files to EXTRA_DIST.
+
+2008-02-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/getdef.c: Added missing SYS_GID_MAX, SYS_GID_MIN,
+ SYS_UID_MAX, and SYS_UID_MIN.
+
+2008-02-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/useradd.c, man/useradd.8.xml: Added options
+ --user-group (-U, Uflg) and --no-user-group (-N, Nflg) to replace
+ nflg.
+ * man/login.defs.d/USERGROUPS_ENAB.xml: useradd now also uses
+ USERGROUPS_ENAB.
+
+2008-02-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupmod.c: Add missing 'p' to the getopt_long's optstring.
+
+2008-02-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupadd.c: Add missing 'p' to the getopt_long's optstring.
+ * src/groupadd.c: Fix --non-unique's has_arg field to no_argument
+ instead of required_argument.
+ * src/groupadd.c: Add missing -p, --password description to the
+ Usage message.
+
+2008-02-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, etc/login.defs: Set GID_MIN to the same value as UID_MIN
+ by default (1000).
+ * NEWS, etc/login.defs: Added variables SYS_UID_MIN (100),
+ SYS_UID_MAX (999), SYS_GID_MIN (100), SYS_GID_MAX (999) for system
+ accounts.
+ * libmisc/find_new_ids.c: Added support for system accounts in
+ find_new_uid() and find_new_gid().
+ * NEWS, src/newusers.c, src/useradd.c, src/groupadd.c: Added new
+ option -r, --system for system accounts in useradd, groupadd, and
+ newusers.
+
+2008-02-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupmems.c: Fix buffer overflow when adding an user
+ to a group. Thanks to Peter Vrabec.
+
+2008-02-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, etc/useradd: Change the default HOME directory in
+ /etc/default/useradd according FHS (/home instead of /home/users).
+ This fixes Alioth's bug #310559. Thanks to Dale E. Edmons.
+
+2008-02-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newgrp.c: Use the correct AUDIT_CHGRP_ID event instead of
+ AUDIT_USER_START, when changing the user space group ID with
+ newgrp or sg. Thanks to sgrubb@redhat.com for the patch.
+
+2008-02-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Reset oflg with uflg if the new UID is equal to
+ the old one.
+ * src/usermod.c: Reset mflg with dflg if the new home directory is
+ the same as the old one.
+
+2008-02-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/usermod.c: Fix the handling of -a when a user is being
+ renamed (with -l). The new name of the user was used for the new
+ supplementary groups, but not in the existing ones.
+
+2008-02-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Set the shadow's password instead of the
+ passwd's password. Fix wrong cut&paste.
+
+2008-02-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Use a function to convert the dates from
+ /etc/shadow to human readable dates.
+ * src/usermod.c: Really log the expiration date change as human
+ readable strings instead of integers.
+ * src/usermod.c: No need to check audit_fd, audit_logger() will
+ take care of this.
+
+2008-02-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Do not translate the fromhost variable. It is
+ always used for syslog messages.
+
+2008-02-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, lib/defines.h: Switch to the C locale before sending
+ messages to syslog. The messages sent by shadow were not
+ translated, but error messages from PAM returned by pam_strerror()
+ were translated in the users's locale.
+
+2008-02-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: newusers will behave more like useradd.
+ * src/newusers.c: The user's ID must be found before the group ID
+ to mimic useradd's behavior choices of UID and GID.
+ * src/newusers.c: Reuse the generic find_new_uid() and
+ find_new_gid() functions. This permits to respect the
+ UID_MIN/UID_MAX and GID_MIN/GID_MAX variables, should
+ * src/newusers.c: Check if the user or group exist using the
+ external databases (with the libc getpwnam/getgrnam functions).
+ Refuse to update an user which exist in an external database but
+ does not exist in the local database.
+ * src/newusers.c: Check the usernames and groupnames with
+ check_user_name() and check_group_name()
+ * src/newusers.c: Use isdigit() for readability.
+ * src/newusers.c: Check if numerical IDs are valid (no remaining
+ chars).
+
+2008-02-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newusers.c: Fix the support for the NONE crypt method.
+
+2008-02-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Fix shadow group support (the list of admins was
+ not defined; it is now set to an empty list).
+
+2008-02-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, libmisc/salt.c: Do not seed the random number generator
+ each time, and use the time in microseconds to avoid having the
+ same salt for different passwords generated in the same second.
+ This permits to avoid using the same salt for different passwords
+ in newusers.
+
+2008-02-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/pwio.c, lib/pwio.h: New function to find an user by
+ its UID on the local database.
+ * lib/groupio.c, lib/groupio.h: New function to find a group by
+ its GID on the local database.
+ * libmisc/find_new_ids.c, lib/prototypes.h: Add new generic
+ functions to find the next user or group ID available:
+ find_new_uid() and find_new_gid(). They work the same way as the
+ functions with the same name of useradd or groupadd, except that
+ they check in the local database to make sure an ID was not
+ reserved in an uncommitted change (this is needed to be used in
+ newusers), they report a status instead of calling exit(), and
+ they can receive a preferred ID. They should later support system
+ IDs. This should be a little bit slower, but not too much (if the
+ database is not open the checks against the local database will
+ exit immediately, and if it is already open, all the checks will be
+ done regarding the data in memory).
+ * po/POTFILES.in: The new libmisc/find_new_ids.c file contains
+ translatable strings.
+ * libmisc/Makefile.am: Add libmisc/find_new_ids.c to the sources
+ of the libmisc library.
+ * src/useradd.c, src/groupadd.c: Use the find_new_uid() and
+ find_new_gid() from the library instead of the local functions.
+
+2008-02-02 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/*.po: Updated PO files.
+ * libmisc/age.c, libmisc/yesno.c, src/lastlog.c, src/grpck.c,
+ src/chfn.c, src/passwd.c, src/chage.c, src/login.c, src/sulogin.c,
+ src/chsh.c: Fix call to puts (remove end of line, or use fputs).
+ * po/*.po: Unfuzzy PO files according to above change.
+
+2008-01-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Fix build failures with --disable-shadowgrp. Thanks to Jürgen
+ Daubert for the patch.
+ * libmisc/salt.c: Include <stdio.h>, needed for stderr and printf
+ functions.
+ * lib/encrypt.c: Include <stdio.h>, needed for perror, stderr and
+ printf functions
+ * src/usermod.c: sgr_locked exists only if SHADOWGRP is defined.
+ * src/chgpasswd.c: Only check is the gshadow file exists if
+ SHADOWGRP is defined.
+
+2008-01-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/gpasswd.c, src/chfn.c, src/chage.c, src/chsh.c, src/grpck.c,
+ src/vipw.c, src/pwck.c, src/sulogin.c, src/newgrp.c,
+ src/userdel.c, src/lastlog.c, src/groupmems.c, src/usermod.c,
+ src/expiry.c, src/groupdel.c, src/useradd.c, src/su.c,
+ src/groupmod.c, src/passwd.c, src/groupadd.c, src/login.c,
+ src/suauth.c, src/faillog.c, src/id.c, libmisc/limits.c,
+ libmisc/addgrps.c, libmisc/env.c, libmisc/age.c, libmisc/yesno.c,
+ lib/getdef.c: Replace printf by puts for fixed strings. This would
+ avoid issues caused by formats introduced in translated strings.
+
+2008-01-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Strings improvement s/can't get unique/no more
+ available/.
+
+2008-01-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/usermod.c: Check that the new fields set with -u, -s,
+ -l, -g, -f, -e, -d, and -c differ from the old ones. If a
+ requested new value is equal to the old one, no changes will
+ be performed for that field. If no fields are changed, usermod
+ will exist successfully with a warning. This avoids logging
+ changes to syslog when there are actually no changes.
+
+2008-01-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Always define user_newcomment, user_newshell,
+ user_newexpire, and user_newinactive. It is more simple to always
+ have user_<x> as the old field, and user_new<x> as the new field
+ (even if the field did not change) instead of changing the
+ algorithm depending on WITH_AUDIT.
+
+2008-01-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: user_newname can only be used in WITH_AUDIT code
+ or when lflg is set. This issue was introduced in the code
+ refactoring of usermod.
+
+2008-01-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupadd.c: Fix typo in comment: s/find_new_uid/find_new_gid/
+
+2008-01-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: s/gid/GID/ in message string.
+ * src/useradd.c: Set this string for translation.
+
+2008-01-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/grpck.8.xml: Fix typo. Remove "the" from "All entries in the
+ <filename></filename> are checked [...]"
+ * man/grpck.8.xml: Conditionally include the parts mentioning the
+ gshadow file (based on SHADOWGRP).
+ * man/grpck.8.xml: Add reference to the gshadow(5) manpage
+ (conditionally included).
+
+2008-01-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/grpck.8.xml, man/pwck.8.xml: Indicate that the shadow
+ parameter is optional (i.e. a passwd file can be specified without
+ a shadow file, and the group file can be specified without the
+ gshadow file).
+
+2008-01-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/grpck.8.xml: Document the options with a list of options,
+ as in the pwck(8) manpage.
+
+2008-01-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newgrp.c: Fix segfault when an user returns to an
+ unknown GID (either the user was deleted during the user's newgrp
+ session or the user's passwd entry referenced an invalid group).
+ Add a syslog warning in that case.
+ * src/newgrp.c: Add an end of line when reporting an invalid
+ password.
+
+2008-01-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/useradd.c: Fix the handling of the --defaults option
+ (it required an argument, but should behave as -D)
+ * NEWS, man/useradd.8.xml: Document the --defaults option, which
+ was already described in the useradd's Usage information.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Avoid setting the password to a const empty
+ string, but set the first char to \0. This avoids a warning.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c: Add prototype for l64a(), gensalt(),
+ SHA_salt_size(), and SHA_salt_rounds().
+ * libmisc/salt.c: l64a() and gensalt() are static.
+ * libmisc/salt.c: The `meth' parameter of crypt_make_salt() is a
+ const. (ditto for the method variable).
+ * libmisc/salt.c: SHA_salt_rounds returns a const string.
+ * libmisc/salt.c: Avoid warnings with cast of random() to double.
+ * libmisc/salt.c: Replace rand() by random().
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/Makefile.am: Do not link libshadow.la with the intl, crypt,
+ skey and md libraries...
+ * src/Makefile.am: ...Specify for each binary which library is
+ required. skey and md are required for the binaries with
+ authentication of the user (chfn, chsh, login, passwd, su). intl
+ is required for all. mcrypt is required for user (chfn, chsh,
+ login, passwd, su, sulogin) and group (newgrp, gpasswd)
+ authentication and for the creation of passwords (chpasswd,
+ chgpasswd, gpasswd, newusers, passwd).
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/nscd.c, lib/nscd.h: Set the service parameter of
+ nscd_flush_cache() to const. This avoids a lot of warnings.
+ * lib/nscd.c: Include "nscd.h" to avoid inconsistent prototypes.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/encrypt.c: Set the method string as a constant string.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/port.c: Assume <errno.h> declares errno.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Fix typo: s/rend compte indiqué/rend le compte
+ indiqué/
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/suauth.c: Remove prototype of check_su_auth(). It is
+ redundant with prototypes.h.
+ * src/suauth.c: isgrp() is static.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/obscure.c: Tag the `old' parameter of palindrome(),
+ similar(), and simple() as unused.
+ * libmisc/loginprompt.c: Tag the `sig' parameter of login_exit()
+ as unused.
+ * src/expiry.c: Tag the `sig' parameter of catch_signals() as
+ unused.
+ * src/su.c: Tag the `sig' parameter of catch_signals() as unused.
+ * src/su.c: Add int parameter to the prototype of oldsig().
+ * src/login.c: Tag the `sig' parameter of alarm_handler() as
+ unused.
+ * src/sulogin.c: Tag the `sig' parameter of catch_signals() as
+ unused.
+ * libmisc/getdate.y: Tag the `string' parameter of yyerror() as
+ unused.
+ * libmisc/getdate.y: The string provided to yyerror() is const.
+ * libmisc/getdate.y: Fix the prototypes of yylex() and yyerror().
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/defines.h: Remove teh macro definition of SETXXENT_TYPE,
+ SETXXENT_RET, and SETXXENT_TEST. They were used by the now
+ removed pwent.c and grent.c.
+ * lib/defines.h: Remove the definition of PASSWD_PAG_FILE,
+ GROUP_PAG_FILE, SHADOW_PAG_FILE, and SGROUP_PAG_FILE. They are
+ never used.
+ * lib/defines.h: Don't include "snprintf.h". The file does not
+ exist in shadow.
+ * lib/defines.h: Add new macro unused to tag unused parameters.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c, src/groupmems.c: Assume optarg and optind are
+ declared in <getopt.h>.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Remove the pw_name argument of new_pw_passwd. Use
+ the user_newname global variable instead. This avoid using a
+ parameter with the same name as a function.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c: Removed unused gid parameter of syslog_sg().
+ * src/newgrp.c: The loginname and tty buffers are never changed.
+ Add the const qualifier.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chpasswd.c, src/chgpasswd.c: The crypt_method string always
+ points to a constant string. Add the const qualifier.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwunconv.c: Remove prototype of l64a() (not used in
+ pwunconv).
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login_nopam.c: Use an ANSI prototype for resolve_hostname()
+ instead of K&R prototype.
+ * src/login_nopam.c: Fix the prototypes of list_match(),
+ user_match(), from_match(), string_match(). There were no
+ parameters in the prototypes.
+ * src/login_nopam.c: Fix the prototypes of the function parameter
+ match_fn of list_match().
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c: Remove the src parameter of copy_special().
+ The entry's information are taken from the stat structure.
+
+2008-01-06 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/console.c, libmisc/ulimit.c, lib/sgetgrent.c,
+ lib/sgetpwent.c: Include "prototypes.h" to make
+ sure the exported prototypes are the ones used for the definition
+ of functions.
+ * lib/prototypes.h: Added prototypes for __gr_del_entry(),
+ __gr_get_db(), __gr_get_head(), __gr_set_changed(), __gr_dup(),
+ __pw_del_entry(), __pw_get_db(), __pw_get_head(), __pw_dup(),
+ sgetgrent(), sgetpwent(), __sgr_del_entry(), __sgr_dup(),
+ __sgr_get_head(), __sgr_set_changed(), __spw_get_head(),
+ __spw_del_entry(), __spw_dup().
+ * lib/prototypes.h: Removed prototype for is_listed().
+ * lib/prototypes.h: Added name of the check_su_auth()'s parameters.
+ * lib/groupio.h: Removed prototypes for __gr_dup() and
+ __gr_set_changed().
+ * lib/sgroupio.c: Removed prototypes for putsgent(), sgetsgent(),
+ and __gr_get_db().
+ * lib/sgroupio.h: Removed prototypes for __sgr_dup() and
+ __sgr_set_changed().
+ * lib/shadowio.c: Removed prototype for __pw_get_db().
+ * lib/pwio.c: Removed prototype for sgetpwent() and putpwent().
+ * lib/shadowio.h: Removed prototypes for __spw_dup() and
+ __spw_set_changed().
+ * lib/pwio.h: Removed prototypes for __pw_dup() and
+ __pw_set_changed().
+ * lib/commonio.h: Add protection against multiple inclusions.
+ * lib/prototypes.h: Include commonio.h (needed for the
+ __xx_del_entry() functions).
+ * src/grpck.c: Remove prototypes for __gr_del_entry(),
+ __gr_get_head(), __sgr_del_entry(), and __sgr_get_head().
+ * src/pwck.c: Remove prototypes for __pw_del_entry(),
+ __pw_get_head(), __spw_del_entry(), and __spw_get_head().
+ * lib/groupio.c: Remove prototype for sgetgrent().
+ * lib/groupio.c: Add the name of the parameters for
+ merge_group_entries() and split_groups().
+ * lib/groupio.h: Remove prototypes for __gr_dup() and
+ __gr_set_changed().
+
+2008-01-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupadd.8.xml, man/groupmod.8.xml: Add documentation for
+ the new --password options.
+
+2008-01-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Fix find_new_gid() prototype. Add a void
+ parameter.
+
+2008-01-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: Add the dolastlog() prototype.
+ * lib/prototypes.h: Typo: login.c -> loginprompt.c
+ * src/login.c: Remove declaration of dolastlog().
+ * lib/prototypes.h: Include <lastlog.h> for the declaration of
+ struct lastlog.
+ * lib/prototypes.h: Remove old comments in the header.
+
+2008-01-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/pwdcheck.c: Do not include <pwd.h>. Include <shadow.h>
+ and "pwauth.h" only when compiled without PAM support.
+ * src/chfn.c, src/chsh.c: Do not include <shadow.h>
+ * lib/commonio.c: Do not include <shadow.h>. Do not include
+ <pwd.h>. Include "nscd.h" instead of <nscd.h>.
+
+2008-01-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Do not check if shadow.h exist, but make sure it
+ exists.
+ * libmisc/pwdcheck.c, src/chfn.c, src/chsh.c, lib/defines.h,
+ lib/shadowmem.c, lib/shadowio.c, lib/commonio.c:
+ HAVE_SHADOW_H is no more needed (shadow.h should always exist).
+
+2008-01-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c: Remove prototype of putgrent(), add parameter's
+ name of sgetgrent().
+ * lib/prototypes.h: Fix the do_pam_passwd() prototype (it returns
+ void).
+
+2008-01-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupmod.c, src/groupadd.c: Add option --password to
+ groupadd and groupmod (similar to useradd and usermod).
+
+2008-01-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h: grent.c does not exist anymore. Remove the
+ putgrent prototype.
+ * lib/prototypes.h: "shadowio.h" was included for the definition
+ of the spwd structure. Replace this include by <shadow.h>
+ * libmisc/xmalloc.c, libmisc/utmp.c, libmisc/strtoday.c,
+ libmisc/pwd_init.c, libmisc/tz.c, lib/port.c, lib/fputsx.c,
+ libmisc/pam_pass.c, libmisc/log.c: Include "prototypes.h" to make
+ sure the exported prototypes are the ones used for the definition
+ of functions.
+ * libmisc/console.c: Define is_listed() as static and add its
+ prototype.
+ * libmisc/xgetXXbyYY.c, libmisc/yesno.c: Include config.h as a
+ system include, as recommended by the autoconf documentation.
+ * src/chage.c: Define isnum() as static and add its prototype.
+ * libmisc/xgetspnam.c: Add missing include "shadowio.h". (This was
+ OK as long as prototypes.h included this file.)
+ * src/nologin.c: Make a proper prototype for the main() function
+ declaration. (add void)
+ * src/login.c: login_prompt is the name of a function, use
+ loginprompt for the internal variable.
+ * src/chsh.c: loginsh is a global variable, use newshell for the
+ update_shell()'s parameter.
+ * lib/gshadow.c: The prototypes of fgetsx() and fputsx() are
+ already defined in prototypes.h. Remove the declaration of these
+ functions.
+ * lib/gshdow.c: list() is an external function. DO not shadow it
+ with a static function. The internal list() was renamed
+ build_list().
+ * lib/commonio.c: stat shadows another stat variable. Remove this
+ variable, and directly check the result of getfscreatecon().
+ * libmisc/utmp.c: Remove the declaration of getutent(),
+ getutline(), setutent(), and endutent() which are declared in
+ <utmp.h>
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c: Remove duplicate logging to syslog.
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c: Avoid assignments in conditionals.
+ * src/newgrp.c: Split check_perms(), syslog_sg() out of main().
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/shadow.c: Avoid assignments in conditionals.
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c (split_groups): Test the pointer returned by malloc.
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c: Document add_one_entry_nis(), write_all(),
+ commonio_remove(), commonio_locate(), and commonio_rewind().
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Avoid implicit brackets.
+ * src/pwck.c: Avoid implicit conversions to booleans.
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpck.c: Avoid implicit brackets.
+ * src/grpck.c: Avoid implicit conversions to booleans.
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: No functional changes were introduced by the previous pwck
+ and grpck changes, except for the following bug fix: no syslog
+ logging if a passwd or group file was specified on the command
+ line without a shadowed database file, even if the system shadowed
+ database was changed).
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Fix typos in comments (gshadow/shadow).
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/pwck.c: Split process_flags(), open_files(), close_files()
+ check_pw_file(), and check_spw_file() out of main(). New global
+ variables is_shadow, sort_mode, use_system_pw_file, and
+ use_system_spw_file.
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/xgetXXbyYY.c: De-comment code (duplicate the entry when
+ the _R function is not present on the system).
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/lastlog.c: Remove statbuf, not used.
+ * src/lastlog.c: Fix types, cast umin and umax to uid_t.
+ * src/lastlog.c: (option -u) user needs to be a signed long, not
+ uid_t (to accept rangees like -<uid>
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Avoid ?: construct without the middle term.
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c, src/usermod.c, lib/prototypes.h: The uid and
+ gid parameters can be set to -1 to indicate that the original
+ owners must be kept. Change the types from uid_t/gid_t to a
+ long int (signed).
+ * libmisc/copydir.c: Change the copy_entry(), copy_dir(),
+ copy_symlink(), copy_special(), and copy_file() prototypes
+ accordingly.
+ * lib/prototypes.h: Add the parameters' name for the
+ libmisc/copydir.c functions.
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/limits.c, libmisc/obscure.c, src/login_nopam.c,
+ lib/pwauth.c: Avoid empty file when USE_PAM is set.
+ * libmisc/audit_help.c: Avoid empty file when WITH_AUDIT is not set.
+ * src/login_nopam.c: Fix warnings: resolve_hostname takes and
+ returns a constant string.
+
+2008-01-01 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpck.c: Split process_flags(), open_files(), and
+ close_files() out of main(). New global variables is_shadow,
+ sort_mode, use_system_grp_file, and use_system_sgr_file.
+ * src/grpck.c: Split check_grp_file() and check_sgr_file() out of
+ main().
+ * src/grpck.c: Split check_members() and compare_members_lists()
+ out of check_grp_file() and check_sgr_file().
+
+2007-12-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/Makefile.in.in: If remove-potcdate.sin does not exist,
+ use the one from teh po directory (it is not installed
+ automatically by autopoint.
+
+2007-12-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.h: Fix the type of the bitfields in the commonio_entry
+ and commonio_db structures to unsigned int (instead of int).
+
+2007-12-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chsh.c: Split process_flags(), check_perms(), and update_shell()
+ out of main().
+ * src/chsh.c: Before pam_end(), the return value of the previous
+ pam API was already checked. No need to validate it again.
+ * src/chsh.c: Avoid implicit brackets.
+ * src/chsh.c: Avoid assignments in comparisons.
+
+2007-12-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chfn.c: New function: process_flags() split out of main().
+ The flags variables are now global.
+ * src/chfn.c: New functions: check_perms(), update_gecos(),
+ get_old_fields(), and check_fields() split out of main().
+ * src/chfn.c: Before pam_end(), the return value of the previous
+ pam API was already checked. No need to validate it again.
+ * src/chfn.c: Avoid implicit brackets.
+ * src/chfn.c: Document may_change_field().
+ * src/chfn.c: Avoid implicit conversions to booleans.
+ * src/chfn.c: Avoid assignments in comparisons.
+
+2007-12-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Compilation fix for PAM support (pamh needs to be
+ global since the function split).
+ * src/chpasswd.c: Likewise.
+ * src/chgpasswd.c: Likewise.
+ * src/chpasswd.c: Avoid implicit conversions to booleans.
+
+2007-12-31 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c: Fix typo: s/maximim/maximum/
+ * src/chage.c: New function: fail_exit(). Change most of the exit()
+ to a fail_exit, which makes sure the files are unlocked (new global
+ variables: pw_locked, spw_locked), the PAM transaction is ended, and
+ the failure is logged to libaudit (use a global user_name and user_uid
+ for logging).
+ * src/chage.c: Compilation fix for PAM support (pamh needs to be
+ global since the function split).
+ * src/chage.c: Document process_flags(), check_flags(), check_perms(),
+ open_files(), and close_files().
+ * src/chage.c: Split update_age() and get_defaults() out of main()
+ * src/chage.c: Drop the privileges just after opening the files.
+ * src/chage.c: Do not log to audit only if the user has an entry in
+ the shadow file.
+ * NEWS, src/chage.c (open_files): Also open the password file for
+ writing. This fix chage when the user only has a password entry (and
+ no shadow entries).
+ * src/chage.c (get_defaults): Use default values that don't change the
+ behavior of the account for the fields that are not specified when the
+ user has no shadow entry.
+
+2007-12-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupadd.c: Compilation fix for PAM support (pamh needs to be
+ global since the function split).
+ * src/groupadd.c: End the PAM transaction in fail_exit().
+ * src/groupadd.c: Document check_flags().
+
+2007-12-30 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/vipw.c: Compilation fix for non-gshadow support.
+
+2007-12-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newusers.c: Added support for gshadow.
+
+2007-12-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newusers.c: Do not add the new user to the group's
+ members, because the group is already the primary group of the new
+ user.
+
+2007-12-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ newusers cleanups
+ * src/newusers.c: main() split in new functions: process_flags(),
+ check_flags(), check_perms(), open_files(), and close_files().
+ * src/newusers.c: Before pam_end(), the return value of the previous
+ pam API was already checked. No need to validate it again.
+ * src/newusers.c: Avoid implicit brackets.
+ * src/newusers.c: Avoid assignments in comparisons.
+ * src/newusers.c: Avoid variables with the name of a type.
+
+2007-12-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ chage cleanups
+ * src/chage.c: Before pam_end(), the return value of the previous
+ pam API was already checked. No need to validate it again.
+ * src/chage.c: main() split in new functions: process_flags(),
+ check_flags(), check_perms(), open_files(), and close_files().
+ * src/chage.c: Avoid using a variable with the same name as a type.
+ * src/chage.c: Remove dead code. It was probably put here to add more
+ information to the audit_logger.
+ * src/chage.c: Avoid implicit brackets.
+ * src/chage.c: Avoid implicit conversion to booleans.
+ * src/chage.c: Avoid assignments in comparisons.
+
+2007-12-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ Same changes for chgpasswd:
+ * src/chgpasswd.c: Before pam_end(), the return value of the previous
+ pam API was already checked. No need to validate it again.
+ * src/chgpasswd.c: main() split in process_flags(), check_flags(),
+ check_perms(), open_files(), and close_files().
+ * src/chgpasswd.c: Avoid assignments in comparisons.
+ * src/chgpasswd.c: Avoid implicit brackets.
+ * src/chgpasswd.c: Fix comments to match chgpasswd (group instead of
+ user's passwords are changed).
+
+2007-12-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chpasswd.c: Before pam_end(), the return value of the previous
+ pam API was already checked. No need to validate it again.
+ * src/chpasswd.c: New functions: process_flags(), check_flags(),
+ check_perms(). Split out of main().
+ * src/chpasswd.c: Other new functions: open_files(), close_files().
+ This force flushing the password database after the password file is
+ unlocked.
+ * src/chpasswd.c: Avoid assignments in comparisons.
+ * src/chpasswd.c: Avoid implicit brackets.
+
+2007-12-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupadd.c (find_new_gid): A group with the specified name
+ cannot exist at that time. Remove the check.
+ * src/groupadd.c (find_new_gid): If oflg is set, gflg is also set.
+ Use (!gflg), which is clearer than (!gflg || !oflg).
+ * src/groupadd.c (find_new_gid): find_new_gid is never called when an
+ GID is specified with -g. Simplify find_new_gid accordingly.
+ * src/groupadd.c (process_flags): prefer fail_exit to exit. This avoid
+ an explicit call to audit_logger().
+ * src/groupadd.c (main): Before pam_end(), the return value of the
+ previous pam API was already checked. No need to validate it again.
+ * src/groupadd.c (main, check_perms): New function check_perms().
+ Split the validation of the user's permissions out of main()
+
+2007-12-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ src/groupadd.c cleanup
+ * src/groupadd.c (fail_exit): When compiled without AUDIT support, if
+ the return code was E_SUCCESS, fail_exit() wouldn't have exited. Fix
+ the scope of #idef WITH_AUDIT.
+ * src/groupadd.c: Avoid implicit brackets.
+ * src/groupadd.c: Split the processing and checking of options out of
+ main() (process_flags).
+ * src/groupadd.c: New function check_flags(). Split the validation of
+ options and arguments out of process_flags.
+ * src/groupadd.c: Add the parameters' names in the prototypes.
+
+2007-12-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ libmisc/copydir.c cleanup
+ * libmisc/copydir.c: Split copy_tree() in more maintainable functions:
+ copy_entry(), copy_dir(), copy_symlink(), copy_hardlink(),
+ copy_special(), and copy_file().
+ * libmisc/copydir.c: -1 is used to indicate an error, directly set err
+ to -1, instead of incrementing it, and checking if not nul at the
+ end.
+ * libmisc/copydir.c: Avoid assignments in comparisons.
+ * libmisc/copydir.c: Document selinux_file_context.
+ * libmisc/copydir.c: Avoid implicit brackets.
+ * libmisc/copydir.c: Avoid implicit conversions to booleans.
+
+2007-12-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ gpasswd cleanup
+ * src/gpasswd.c: Add argument name to the internal function
+ prototypes.
+ * src/gpasswd.c: Document global variables.
+ * src/gpasswd.c: New function: process_flags(). Split the processing
+ of options out of main().
+ * src/gpasswd.c: New functions: open_files(), close_files(),
+ update_group(). Split out from main() to simplify this (too) big
+ function.
+ * src/gpasswd.c: New functions: check_perms(), get_group(),
+ change_passwd(), check_flags(). Split out of main() to simplify main().
+ * src/gpasswd.c: Avoid implicit brackets.
+ * src/gpasswd.c: Avoid assignments in comparisons.
+ * src/gpasswd.c: Avoid implicit conversions to booleans.
+
+2007-12-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ Merge Debian's patch 462_warn_to_edit_shadow
+ * NEW, src/vipw.c: Recommend editing the shadowed (resp. regular) file
+ if the regular (resp. shadowed) file was edited.
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Merge Debian's patch 451_login_PATH
+ * NEWS, libmisc/setupenv.c: Export PATH according to ENV_PATH and
+ ENV_SUPATH, as for su. This impacts login.
+ * man/login.1.xml: PATH and SUPATH are now used both when PAM support
+ is disabled and enabled.
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Merge Debian's patch 496_login_init_session
+ * src/login.c, src/sulogin.c: If started as init, start a new session.
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Merge Debian's patch 408_passwd_check_arguments
+ * NEWS, src/passwd.c: Make sure that no more than one username
+ argument was provided.
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Merge Debian's patch 412_lastlog_-u_numerical_range
+ * NEWS, src/lastlog.c, man/lastlog.8.xml: Accept numerical user, or
+ ranges with the -u option.
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Merge Debian's patch 466_fflush-prompt
+ * libmisc/Makefile.am, lib/prototypes.h, libmisc/yesno.c, src/grpck.c,
+ src/pwck.c: move yes_or_no() from grpck/pwck to a separate
+ libmisc/yesno.c (with a read_only argument).
+ * libmisc/fields.c, libmisc/yesno.c: Make sure stdout is flushed before
+ reading the user's answer.
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Merge Debian's patch 480_getopt_args_reorder
+ * NEWS, src/su.c: su's arguments are now reordered.
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Merge RedHat's patch shadow-4.0.18.1-mtime.patch:
+ * NEWS: Document that usermod will now preserve user's file modification
+ and access time.
+ * libmisc/copydir.c: Preserve the access and modification time of copied
+ files. This is important for usermod. This will also impact useradd, for
+ the skeleton files, but this is not important.
+ * libmisc/copydir.c: Stop and return an error if a file could not be
+ closed after during a copy.
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Cleanups:
+ * src/useradd.c (find_new_gid): Check that gflg is not set (assert).
+ * src/useradd.c (find_new_gid): Do not check the group name uniqueness
+ (already checked in main).
+ * src/useradd.c (find_new_gid): Avoid a "continue" in the loop.
+ * src/useradd.c (find_new_gid): Remove irrelevant comments.
+ * src/useradd.c (find_new_gid): Fix the function definition's comment.
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Merge RedHat's patch shadow-4.0.18.1-findNewUidOnce.patch:
+ * src/useradd.c (usr_update): Do not call find_new_uid(). The UID was
+ already either specified or found by another call to find_new_uid().
+ * src/useradd.c (find_new_uid): Always start with uid_min (find_new_uid()
+ is never called when user_id was already specified).
+ * src/useradd.c (find_new_uid): Fix the comments (find_new_uid() is not
+ called when the UID is specified (uflg)).
+ * src/useradd.c (main): Only call find_new_uid() if (!oflg) and (!uflg).
+ If uflg is set (but not oflg), check the UID uniqueness.
+ * src/useradd.c (find_new_uid): Don't check the uid and user name
+ uniqueness in find_new_uid(). The user name uniqueness is already checked
+ during the parameter validation. UID uniqueness is also checked (see
+ above).
+ * src/useradd.c (find_new_uid): Don't check uflg in find_new_uid().
+ * src/useradd.c (find_new_uid): Make sure that find_new_uid() is not
+ called when uflg is set (assert).
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Merge RedHat's patch shadow-4.1.0-lOption.patch
+ * NEWS, src/useradd.c, man/useradd.8.xml: Add option -l to avoid adding
+ the user to the lastlog and faillog databases.
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c, src/groupadd.c: NO_GETPWENT is no more supported. Remove
+ associated chunks of code.
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupadd.8.xml: Document the long options (--force, --gid, --key,
+ --non-unique).
+
+2007-12-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ Merge RedHat's patch shadow-4.0.3-noinst.patch
+ * NEWS, lib/Makefile.am: Do not install the shadow library per default.
+ lib_LTLIBRARIES changed to noinst_LTLIBRARIES.
+
+2007-12-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, configure.in: Prepare the 4.1.0 release.
+
+2007-12-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/chgpasswd.c: Use chgpasswd PAM policy file instead of
+ chpasswd's one.
+
+2007-12-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/pwconv.8.xml: Fix typos.
+ * man/chpasswd.8.xml, man/chgpasswd.8.xml: Document the NONE crypt
+ method.
+ * man/login.defs.d/MAIL_DIR.xml: Add comment regarding useradd not
+ using MAIL_FILE.
+ * man/login.defs.d/ERASECHAR.xml, man/login.defs.d/KILLCHAR.xml,
+ man/login.defs.d/CONSOLE_GROUPS.xml, man/login.defs.d/ENV_HZ.xml,
+ man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml:
+ These variables are also used by some tools when compiled with PAM
+ support.
+ * man/login.defs.d/ENV_HZ.xml: Add note that it is only used by
+ sulogin when compiled with PAM support.
+ * man/login.defs.d/ENV_SUPATH.xml: Typos: ENV_PATH -> ENV_SUPATH,
+ and mention sbin in the path.
+ * man/login.defs.d/LOGIN_STRING.xml: Fix typo: confition ->
+ condition.
+ * man/sg.1.xml: Add CONFIGURATION section (SYSLOG_SG_ENAB).
+ * man/su.1.xml: ENV_HZ, LOGIN_STRING, MAIL_DIR, USERGROUPS_ENAB
+ are only used when su is compiled without PAM support.
+ * man/login.defs.5.xml: Added variables: OBSCURE_CHECKS_ENAB
+ PASS_ALWAYS_WARN PASS_CHANGE_TRIES SULOG_FILE SU_NAME
+ SU_WHEEL_ONLY SYSLOG_SG_ENAB SYSLOG_SU_ENAB.
+ * man/login.defs.5.xml: ENVIRON_FILE is only used when compiled
+ without PAM support.
+ * man/login.defs.5.xml: sulogin uses variables even when compiled
+ with PAM support.
+ * man/login.1.xml: ENV_HZ ENV_PATH ENV_SUPATH MAIL_DIR UMASK are
+ only used when login is not compiled with PAM support.
+
+2007-12-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Make sure is_console is only defined when USE_PAM
+ is not defined.
+
+2007-12-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/pwd2spwd.c: Fix time() prototype.
+
+2007-12-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/CONSOLE_GROUPS.xml,
+ man/login.defs.d/CONSOLE.xml, man/login.defs.d/DEFAULT_HOME.xml,
+ man/login.defs.d/ENV_HZ.xml, man/login.defs.d/ENVIRON_FILE.xml,
+ man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml,
+ man/login.defs.d/ENV_TZ.xml, man/login.defs.d/ERASECHAR.xml,
+ man/login.defs.d/FAIL_DELAY.xml,
+ man/login.defs.d/FAILLOG_ENAB.xml,
+ man/login.defs.d/FAKE_SHELL.xml, man/login.defs.d/FTMP_FILE.xml,
+ man/login.defs.d/HUSHLOGIN_FILE.xml,
+ man/login.defs.d/ISSUE_FILE.xml, man/login.defs.d/KILLCHAR.xml,
+ man/login.defs.d/LASTLOG_ENAB.xml, man/login.defs.d/LOGIN_RETRIES.xml,
+ man/login.defs.d/LOGIN_TIMEOUT.xml, man/login.defs.d/LOG_OK_LOGINS.xml,
+ man/login.defs.d/LOG_UNKFAIL_ENAB.xml,
+ man/login.defs.d/MAIL_CHECK_ENAB.xml, man/login.defs.d/MOTD_FILE.xml,
+ man/login.defs.d/NOLOGINS_FILE.xml,
+ man/login.defs.d/OBSCURE_CHECKS_ENAB.xml,
+ man/login.defs.d/PASS_ALWAYS_WARN.xml,
+ man/login.defs.d/PASS_CHANGE_TRIES.xml,
+ man/login.defs.d/PASS_MAX_LEN.xml,
+ man/login.defs.d/PORTTIME_CHECKS_ENAB.xml,
+ man/login.defs.d/QUOTAS_ENAB.xml, man/login.defs.d/SULOG_FILE.xml,
+ man/login.defs.d/SU_NAME.xml, man/login.defs.d/SU_WHEEL_ONLY.xml,
+ man/login.defs.d/SYSLOG_SG_ENAB.xml,
+ man/login.defs.d/SYSLOG_SU_ENAB.xml,
+ man/login.defs.d/TTYGROUP.xml, man/login.defs.d/TTYTYPE_FILE.xml,
+ man/login.defs.d/ULIMIT.xml, man/login.defs.d/USERGROUPS_ENAB.xml:
+ New documentation of login.defs variables.
+ * man/login.defs.d/MAIL_DIR.xml: Updated. It now contains the
+ MAIL_FILE documentation.
+ * man/login.defs.d/LOGIN_STRING.xml: Updated. Mentions %s.
+ * man/pwconv.8.xml, man/groupmems.8.xml, man/groupdel.8.xml,
+ man/useradd.8.xml, man/pwck.8.xml, man/groupadd.8.xml,
+ man/sulogin.8.xml, man/newgrp.1.xml, man/usermod.8.xml,
+ man/su.1.xml, man/vipw.8.xml, man/passwd.1.xml,
+ man/groupmod.8.xml, man/login.1.xml, man/userdel.8.xml,
+ man/grpck.8.xml: Added CONFIGURATION section.
+ * man/generate_mans.mak: The generations of manpages depends on
+ the variables from the Makefiles. Add the dependency on Makefile.
+ * man/login.defs.5.xml: New login.defs variable documented.
+ * man/Makefile.am: Added XML variable documentation to the
+ distributed files.
+
+2007-12-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/gshadow.5.xml: Fix the newgrp section in the gshadow.5
+ manpage. Thanks to Andre Majorel <aym-naibed@teaser.fr>.
+
+2007-11-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/Makefile.am: Added the login.defs variables description to
+ the man's EXTRA_DIST.
+
+2007-11-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/chfn.1.xml: Uses CHFN_AUTH, CHFN_RESTRICT, LOGIN_STRING.
+ * man/chgpasswd.8.xml: Uses ENCRYPT_METHOD, MAX_MEMBERS_PER_GROUP,
+ MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS (SHA_CRYPT_MAX_ROUNDS).
+ * man/chpasswd.8.xml: Switch to using entities for ENCRYPT_METHOD,
+ MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS (SHA_CRYPT_MAX_ROUNDS).
+ * man/chsh.1.xml: Uses CHSH_AUTH, LOGIN_STRING.
+ * man/expiry.1.xml: Does not use any login.defs parameter.
+ * man/gpasswd.1.xml: Uses ENCRYPT_METHOD, MAX_MEMBERS_PER_GROUP,
+ MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS.
+ * man/login.defs.5.xml: Added CHSH_AUTH.
+ * man/login.defs.5.xml: Cross reference -> cross references.
+ * man/login.defs.5.xml: chfn only uses CHFN_AUTH when no_pam.
+ * man/login.defs.5.xml: chsh uses CHSH_AUTH, not CHFN_AUTH.
+ * man/login.defs.d/CHSH_AUTH.xml: Added.
+ * man/login.defs.5.xml: chsh uses parameters only when no_pam.
+ * man/login.defs.5.xml: expiry does not use CONSOLE_GROUPS, even
+ if linked in the binary.
+ * man/newusers.8.xml: Uses ENCRYPT_METHOD, MAX_MEMBERS_PER_GROUP,
+ MD5_CRYPT_ENAB, PASS_MAX_DAYS, PASS_MIN_DAYS, PASS_WARN_AGE,
+ SHA_CRYPT_MIN_ROUNDS, UMASK.
+
+2007-11-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/generate_translations.mak, man/po/Makefile.in.in: Add
+ --expand-all-entities to the call to xml2po to avoid translating
+ the external entities separately.
+
+2007-11-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.d/, man/login.defs.d/CHFN_RESTRICT.xml,
+ man/login.defs.d/MAIL_DIR.xml, man/login.defs.d/PASS_MAX_DAYS.xml,
+ man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml,
+ man/login.defs.d/CHFN_AUTH.xml, man/login.defs.d/MD5_CRYPT_ENAB.xml,
+ man/login.defs.d/PASS_WARN_AGE.xml, ·man/login.defs.d/UMASK.xml,
+ man/login.defs.d/PASS_MIN_DAYS.xml, man/login.defs.d/UID_MAX.xml,
+ man/login.defs.d/LOGIN_STRING.xml, man/login.defs.d/GID_MAX.xml,
+ man/login.defs.d/ENCRYPT_METHOD.xml, man/login.defs.d/USERDEL_CMD.xml,
+ man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml, man/login.defs.5.xml:
+ Put each variable description in an external entities. This will permit
+ to reference them in the various utils manpages.
+ * man/login.defs.5.xml: Describe the usage of variables by each
+ tools when compiled without PAM support.
+
+2007-11-26 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/stats: Do not generate gmo files.
+
+2007-11-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/LINGUAS: Added missing LINGUAS.
+ * man/po/de.po, man/po/fr.po, man/po/it.po, man/po/pl.po,
+ man/po/ru.po, man/po/sv.po: Updated.
+
+2007-11-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in, man/po/Makefile.in.in, man/po/Makevars,
+ man/po/POTFILES.in, man/Makefile.am: Generate the PO files for the
+ manpages in the man/po directory (instead of man/<lang>). Use a
+ Makefile.in.in based on gettext's one. This ensure that the PO are
+ generated before being used in the <lang> directories.
+ * man/generate_mans.mak, man/generate_translations.mak,
+ man/Makefile.am: New makefile for the generation of manpages from
+ XML (generate_mans.mak). This avoid duplicate chunks in
+ generate_translations.mak and Makefile.am
+ * man/de/de.po, man/fr/fr.po, man/it/it.po, man/pl/pl.po,
+ man/ru/ru.po, man/sv/sv.po: Moved to...
+ * man/po/de.po, man/po/fr.po, man/po/it.po, man/po/pl.po,
+ man/po/ru.po, man/po/sv.po: ... here.
+
+2007-11-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c, src/lastlog.c, src/newusers.c, src/chpasswd.c,
+ src/usermod.c, src/chgpasswd.c, src/vipw.c, src/useradd.c,
+ src/su.c, src/groupmod.c, src/passwd.c, src/groupadd.c,
+ src/chage.c, src/faillog.c, src/chsh.c: Do not use tabulations in
+ Usage strings.
+ * po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po,
+ po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/hu.po, po/id.po,
+ po/it.po, po/ja.po, po/nb.po, po/pl.po, po/pt_BR.po, po/pt.po,
+ po/ro.po, po/ru.po, po/sk.po, po/sv.po, po/tl.po, po/tr.po,
+ po/uk.po, po/vi.po: Unfuzzy previous changes.
+ * po/bs.po, po/he.po, po/nn.po, po/sq.po: No Usage string
+ translated. Just updated PO.
+ * po/dz.po, po/km.po, po/ko.po, po/ne.po, po/nl.po, po/zh_CN.po,
+ po/zh_TW.po: It would be too error prone for me to unfuzzy these
+ ones. Updated PO. (km and ne should be reviewed: options are
+ translated).
+
+2007-11-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/ne.po, po/bs.po, po/cs.po, po/pt_BR.po, po/km.po, po/es.po,
+ po/eu.po, po/ko.po, po/hu.po, po/sk.po, po/vi.po, po/uk.po,
+ po/ro.po, po/sq.po, po/ru.po, po/id.po, po/nb.po, po/el.po,
+ po/gl.po, po/fr.po, po/nl.po, po/pl.po, po/nn.po, po/it.po,
+ po/dz.po, po/tl.po, po/pt.po, po/ca.po, po/da.po, po/tr.po,
+ po/sv.po, po/de.po, po/ja.po, po/zh_TW.po, po/he.po, po/fi.po,
+ po/zh_CN.po: Run "make update-po" in the po directory.
+
+2007-11-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: New configure option: --with-sha-crypt enabled by
+ default. Keeping the feature enabled is safe. Disabling it permits
+ to disable the references to the SHA256 and SHA512 password
+ encryption algorithms from the usage help and manuals (in addition
+ to the support for these algorithms in the code).
+ * libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
+ src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is
+ always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT
+ preprocessor condition.
+ * libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
+ src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and
+ SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a
+ subset of the ENCRYPTMETHOD_SELECT sections).
+
+2007-11-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/encrypt.c: If we requested a non DES encryption, make sure
+ crypt returned a encrypted password longer than 13 chars. This
+ protects against the GNU crypt() which does not return NULL if the
+ algorithm is not supported, and return a DES encrypted password.
+
+2007-11-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c: Add missing #include "getdef.h"
+
+2007-11-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Provide the crypt method to all the
+ crypt_make_salt invocations.
+ * src/newusers.c: Tag the ENCRYPTMETHOD_SELECT dependent code
+ accordingly.
+
+2007-11-24 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c: Make sure method is not NULL, defaulting to DES.
+ Thanks to Dan Kopecek <dkopecek@redhat.com>.
+ * src/chpasswd.c, src/chgpasswd.c: Do not use DES by default, but
+ the system default define in /Etc/login.defs. Thanks to Dan
+ Kopecek <dkopecek@redhat.com>.
+ * NEWS, man/chpasswd.8.xml, man/chgpasswd.8.xml: Do not mention
+ DES as the default algorithm.
+ * src/chpasswd.c, src/chgpasswd.c: Tag the ENCRYPTMETHOD_SELECT
+ dependent code accordingly.
+
+2007-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c: Move the srandom call to gensalt.
+ * libmisc/salt.c (gensalt): Replace the test on salt_size by an
+ assert.
+
+2007-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ Patch contributed by Dan Kopecek <dkopecek@redhat.com>
+ * src/chpasswd.c, src/chgpasswd.c, src/newusers.c: Fix compilation
+ when ENCRYPTMETHOD_SELECT is not defined.
+ * libmisc/salt.c (MAGNUM): The nul char was put on (array)[2]
+ instead of (array)[3].
+ * libmisc/salt.c: MAGNUM should be defined even if
+ ENCRYPTMETHOD_SELECT is not defined.
+ * libmisc/salt.c: Use random instead of rand.
+ * libmisc/salt.c (gensalt): New function to generate a salt
+ (instead of using gettimeofday).
+
+2007-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newusers.c: New options -c/--crypt-method
+ -s/--sha-rounds.
+
+2007-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chpasswd.c: Added crypt method: NONE.
+ * src/chpasswd.c: Added --sha-rounds to the usage().
+ * libmisc/Makefile.am, libmisc/getlong.c, src/chgpasswd.c,
+ src/chpasswd.c, lib/prototypes.h: New getlong function. Replace
+ chpasswd's and chgpasswd's getnumber.
+
+2007-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c: Removed unused variable 'member'.
+
+2007-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/chpasswd.8.xml: Document the variables used by chpasswd.
+ The definitions are copied from login.defs. I should try to use a
+ less error prone process for this.
+
+2007-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/login.defs.5.xml: Use <replaceable> for the values set by
+ users. (was sometimes <emphasis remap='I'>)
+ * man/login.defs.5.xml: Use <option> vor the variable names. This
+ makes the manpage much more readable.
+ * man/login.defs.5.xml (ENCRYPT_METHOD, MD5_CRYPT_ENAB,
+ SHA_CRYPT_MIN_ROUNDS, SHA_CRYPT_MAX_ROUNDS): Mention that command
+ line option may supersede the system setting.
+ * man/login.defs.5.xml: Document the variables used by chpasswd
+ and chgpasswd.
+
+2007-11-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/shadowmem.c, lib/groupmem.c, lib/pwmem.c:
+ svn propset svn:keywords Id
+
+2007-11-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, lib/getdef.c, man/login.defs.5.xml: New login.defs
+ variable: MAX_MEMBERS_PER_GROUP. Used for the split groups support.
+ * lib/commonio.c, lib/commonio.h: Add an open_hook and close_hook
+ operation. They are called after the database is actually opened
+ and parse, or before it is closed.
+ * lib/groupio.c: Add an open_hook to merge split groups, and an
+ close group to split groups if MAX_MEMBERS_PER_GROUP is set.
+ This fixes gpasswd and chgpasswd when split groups are used.
+ * lib/sgroupio.c, lib/shadowio.c, lib/pwio.c: No open or close
+ hooks for these databases. (unsure about what should be the gshadow
+ behavior for split groups)
+
+2007-11-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/gpasswd.c: Read the group and shadow groups using
+ gr_locate and sgr_locate. gpasswd write in the file database. Thus
+ it should read information from the file database, not using
+ getgrnam. The change to sgr_locate is just for consistency. This
+ requires opening the group databases (read only) using
+ gr_open/sgr_open.
+
+2007-11-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: SHADOWGRP added to AM_CONDITIONAL for the
+ generation of manpages.
+ * man/generate_translations.mak: Added pam/no_pam condition (like
+ in man/Makefile.am).
+ * man/Makefile.am, man/generate_translations.mak: Added
+ gshadow/no_gshadow condition.
+ * man/gpasswd.1.xml: Use the gshadow/no_gshadow condition to
+ change the manpage depending on the shadow group support.
+ * NEWS: Indicate that manpages should be re-generated if configure
+ option are changed, due to conditions.
+
+2007-11-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/ru.po: Updated to 399t. Thanks to Yuri Kozlov <kozlov.y@gmail.com>.
+ * man/po/ru.po: Updated to 757t. Thanks also to Yuri Kozlov
+ <kozlov.y@gmail.com>.
+
+2007-11-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/Makefile.am: Add support for conditionally including
+ paragraphs. (e.g. to support the documentation of PAM and !PAM
+ features).
+
+2007-11-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newusers.8.xml: Added /etc/gshadow, /etc/group, /etc/shadow,
+ and /etc/passwd to section FILES.
+ * man/newusers.8.xml: Mentions that PAM is not used to set the
+ passwords.
+ * man/chpasswd.8.xml: Added section FILES (/etc/passwd,
+ /etc/shadow, /etc/login.defs).
+ * man/chpasswd.8.xml: Use the same paragraph as in newusers.8.xml
+ to indicate that PAM is not used.
+ * man/chgpasswd.8.xml: Added section FILES (/etc/group,
+ /etc/gshadow, /etc/login.defs).
+
+2007-11-21 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newusers.c: Try harder to get the GID equal to the UID.
+ This was not the case when the GID is not specified, and a GID
+ exist with an ID higher than the all the UIDs.
+ * src/newusers.c: Typo in comment: contrained -> constrained.
+
+2007-11-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chgpasswd.c: If the shadow group file is not present, do not
+ try to locate the group entry from /etc/gshadow, and set the
+ password in /etc/group.
+
+2007-11-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/obscure.c, libmisc/salt.c, src/passwd.c: Match DES, MD5,
+ SHA256, and SHA512 exactly (not only the first 3/6 chars).
+ * libmisc/salt.c (SHA_salt_rounds): Set rounds to the specified
+ prefered_rounds value, if specified.
+ * src/gpasswd.c, libmisc/salt.c: Fix compilation warnings (use
+ size_t for lengths).
+ * src/chpasswd.c, src/chgpasswd.c: Add missing parenthesis.
+
+2007-11-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/sv, man/de, man/fr, man/pl, man/ru, man/it: Ignore the
+ generated manpages. Add *.[1358] to the svn:ignore property.
+
+2007-11-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chgpasswd.c, src/chpasswd.c: The -c, -e, and -m options are
+ exclusives.
+
+2007-11-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/chpasswd.8.xml, man/chgpasswd.8.xml: Document how the
+ encryption algorithm is chosen for the passwords. Document the new
+ -c and -s options. Add a reference to login.defs(5).
+ * man/login.defs.5.xml: Document the ENCRYPT_METHOD,
+ MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS, and SHA_CRYPT_MAX_ROUNDS
+ variables.
+ * etc/login.defs: Indicate that MD5_CRYPT_ENAB is deprecated.
+ Document the relationship with PAM for MD5_CRYPT_ENAB and
+ ENCRYPT_METHOD.
+
+2007-11-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Increase the size of crypt_passwd from 128 to 256
+ to avoid overflow in case of SHA512 (161 should be sufficient).
+
+2007-11-20 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, libmisc/salt.c: Add parameters to
+ crypt_make_salt to force the crypt method and number of rounds.
+ * libmisc/salt.c: Add parameter to SHA_salt_rounds to force the
+ number of rounds.
+ * libmisc/salt.c, lib/getdef.c: ENCRYPT_METHOD and MD5_CRYPT_ENAB
+ are needed also when USE_PAM (e.g. for chpasswd).
+ * src/passwd.c, src/newusers.c, src/gpasswd.c: Use the new
+ crypt_make_salt prototype
+ * src/chpasswd.c, src/chgpasswd.c: Add option -c, --crypt-method
+ and -s, --sha-rounds to specify the crypt method and number of
+ rounds in case of one of the SHA methods. The new prototype of
+ crypt_make_salt simplifies the handling of -m, --md5.
+
+2007-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c: The salt has a random size (between 8 and 16
+ bytes).
+ * lib/getdef.c, etc/login.defs: Add definitions for
+ SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS.
+ * libmisc/salt.c: Use SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS
+ to add a random number of rounds if needed.
+
+2007-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c (MAGNUM): Terminate the array with nul (the array
+ is then used with strcat).
+ * libmisc/salt.c (crypt_make_salt): Initialize result[0] to nul at
+ the beginning (was not initialized when USE_PAM).
+ * libmisc/salt.c (crypt_make_salt): Check that ENCRYPT_METHOD is a
+ valid crypt method.
+
+2007-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, libmisc/obscure.c, libmisc/salt.c, src/passwd.c,
+ lib/getdef.c, etc/login.defs: Add support for SHA256 and SHA512
+ encrypt methods. Apply RedHat's patch shadow-4.0.18.1-sha256.patch.
+ Thanks to Peter Vrabec. Hardly no changes except re-indent and
+ changes related to recent modifications (max_salt_len in
+ crypt_make_salt). Changes in lib/defines.h not applied (definition
+ of ENCRYPTMETHOD_SELECT). I will add a configure check or flag.
+
+2007-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/de/Makefile.am: Add su.1 to the generated manpages.
+ * man/fr/Makefile.am: Add id.1 to EXTRA_DIST. It will be
+ generated.
+ * man/pl/Makefile.am: Add groupmems.8 to the generated manpages.
+ * man/it/Makefile.am: Add logoutd.8 to EXTRA_DIST. It will be
+ generated.
+ * man/de/su.1, man/fr/id.1, man/pl/groupmems.8, man/it/logoutd.8:
+ Removed, since auto-generated.
+
+2007-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ Fix some compilation warnings:
+ * src/login.c: "dereferencing type-punned pointer will break
+ strict-aliasing rules", add a variable indirection: ptr_pam_user.
+ * lib/commonio.c: do not initialize the sb stat structure.
+ * lib/pwio.c, lib/shadowio.c, lib/sgroupio.c, lib/groupio.c:
+ initialize the security context if WITH_SELINUX.
+ * lib/nscd.c: The service argument is not const (used in the exec*
+ parameters). This matches with the prototype definition.
+ * src/groupmems.c: Avoid ++i when i is also used in the same line.
+ * src/newusers.c: i is positive every time it is compared. Add
+ cast to unsigned int.
+ * src/nologin.c: Use a main() prototype with no arguments.
+ * libmisc/getdate.y: Initialize the type and value fields of the
+ terminating entry for each TABLE.
+ * libmisc/tz.c: Use "TZ=CST6CDT" as the default timezone.
+
+2007-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/pl/Makefile.am: Add getspnam.3 to EXTRA_DIST since it is
+ generated with shadow.3.
+ * man/generate_translations.mak: Clean all the manpages, based on
+ $(EXTRA_DIST), not $(man_MANS).
+
+2007-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/sv/getspnam.3, man/sv/faillog.5, man/sv/faillog.8,
+ man/sv/grpconv.8, man/sv/chsh.1, man/sv/shadow.3,
+ man/sv/grpunconv.8, man/sv/shadow.5, man/sv/newgrp.1,
+ man/sv/limits.5, man/sv/gpasswd.1, man/sv/sg.1, man/sv/userdel.8,
+ man/sv/lastlog.8, man/sv/login.access.5, man/sv/grpck.8,
+ man/sv/chfn.1, man/sv/expiry.1, man/sv/newusers.8,
+ man/sv/chpasswd.8, man/sv/pwconv.8, man/sv/logoutd.8,
+ man/sv/groupmems.8, man/sv/usermod.8, man/sv/pwunconv.8,
+ man/sv/su.1, man/sv/groupdel.8, man/sv/chgpasswd.8,
+ man/sv/login.defs.5, man/sv/vipw.8, man/sv/useradd.8,
+ man/sv/gshadow.5, man/sv/passwd.1, man/sv/groupmod.8,
+ man/sv/passwd.5, man/sv/chage.1, man/sv/porttime.5,
+ man/sv/login.1, man/sv/pwck.8, man/sv/nologin.8,
+ man/sv/groupadd.8, man/sv/suauth.5, man/sv/vigr.8,
+ man/sv/groups.1, man/de/passwd.1, man/de/newgrp.1, man/de/chsh.1,
+ man/de/passwd.5, man/de/login.1, man/de/vipw.8, man/de/chfn.1,
+ man/de/vigr.8, man/de/groups.1, man/fr/getspnam.3,
+ man/fr/faillog.5, man/fr/faillog.8, man/fr/grpconv.8,
+ man/fr/chsh.1, man/fr/shadow.3, man/fr/grpunconv.8,
+ man/fr/shadow.5, man/fr/newgrp.1, man/fr/limits.5,
+ man/fr/gpasswd.1, man/fr/sg.1, man/fr/userdel.8,
+ man/fr/login.access.5, man/fr/lastlog.8, man/fr/grpck.8,
+ man/fr/chfn.1, man/fr/expiry.1, man/fr/newusers.8,
+ man/fr/chpasswd.8, man/fr/pwconv.8, man/fr/logoutd.8,
+ man/fr/usermod.8, man/fr/pwunconv.8, man/fr/su.1,
+ man/fr/groupdel.8, man/fr/login.defs.5, man/fr/vipw.8,
+ man/fr/useradd.8, man/fr/gshadow.5, man/fr/passwd.1,
+ man/fr/groupmod.8, man/fr/passwd.5, man/fr/porttime.5,
+ man/fr/chage.1, man/fr/login.1, man/fr/pwck.8, man/fr/groupadd.8,
+ man/fr/suauth.5, man/fr/vigr.8, man/fr/groups.1, man/pl/faillog.5,
+ man/pl/faillog.8, man/pl/chsh.1, man/pl/grpconv.8,
+ man/pl/grpunconv.8, man/pl/shadow.5, man/pl/newgrp.1,
+ man/pl/limits.5, man/pl/gpasswd.1, man/pl/sg.1, man/pl/userdel.8,
+ man/pl/login.access.5, man/pl/lastlog.8, man/pl/grpck.8,
+ man/pl/chfn.1, man/pl/expiry.1, man/pl/newusers.8,
+ man/pl/pwconv.8, man/pl/chpasswd.8, man/pl/logoutd.8,
+ man/pl/usermod.8, man/pl/pwunconv.8, man/pl/su.1,
+ man/pl/groupdel.8, man/pl/vipw.8, man/pl/login.defs.5,
+ man/pl/useradd.8, man/pl/passwd.1, man/pl/groupmod.8,
+ man/pl/passwd.5, man/pl/porttime.5, man/pl/chage.1,
+ man/pl/login.1, man/pl/pwck.8, man/pl/groupadd.8, man/pl/suauth.5,
+ man/pl/vigr.8, man/pl/groups.1, man/ru/getspnam.3,
+ man/ru/faillog.5, man/ru/faillog.8, man/ru/grpconv.8,
+ man/ru/chsh.1, man/ru/shadow.3, man/ru/grpunconv.8,
+ man/ru/shadow.5, man/ru/newgrp.1, man/ru/limits.5,
+ man/ru/gpasswd.1, man/ru/sg.1, man/ru/userdel.8,
+ man/ru/login.access.5, man/ru/lastlog.8, man/ru/grpck.8,
+ man/ru/chfn.1, man/ru/expiry.1, man/ru/newusers.8,
+ man/ru/chpasswd.8, man/ru/pwconv.8, man/ru/logoutd.8,
+ man/ru/groupmems.8, man/ru/usermod.8, man/ru/pwunconv.8,
+ man/ru/su.1, man/ru/groupdel.8, man/ru/chgpasswd.8,
+ man/ru/login.defs.5, man/ru/vipw.8, man/ru/useradd.8,
+ man/ru/gshadow.5, man/ru/passwd.1, man/ru/groupmod.8,
+ man/ru/passwd.5, man/ru/chage.1, man/ru/porttime.5,
+ man/ru/login.1, man/ru/pwck.8, man/ru/nologin.8,
+ man/ru/groupadd.8, man/ru/suauth.5, man/ru/vigr.8,
+ man/ru/groups.1, man/it/getspnam.3, man/it/faillog.5,
+ man/it/faillog.8, man/it/grpconv.8, man/it/chsh.1,
+ man/it/shadow.3, man/it/grpunconv.8, man/it/shadow.5,
+ man/it/newgrp.1, man/it/gpasswd.1, man/it/sg.1, man/it/userdel.8,
+ man/it/lastlog.8, man/it/grpck.8, man/it/chfn.1, man/it/expiry.1,
+ man/it/newusers.8, man/it/chpasswd.8, man/it/pwconv.8,
+ man/it/usermod.8, man/it/pwunconv.8, man/it/su.1,
+ man/it/groupdel.8, man/it/vipw.8, man/it/useradd.8,
+ man/it/passwd.1, man/it/groupmod.8, man/it/passwd.5,
+ man/it/porttime.5, man/it/chage.1, man/it/login.1, man/it/pwck.8,
+ man/it/groupadd.8, man/it/vigr.8, man/it/groups.1,
+ man/pl/shadow.3, man/pl/sulogin.8, man/pl/id.1, man/ru/sulogin.8,
+ man/ru/id.1, man/it/id.1: Remove generated translated manpages.
+ They are still distributed with the shadow tarballs.
+
+2007-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/pl/chgpassw.8: Remove chgpassw.8 since the real manpage
+ should be named chgpasswd.8.
+
+2007-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/vigr.8.xml: Remove file. The vigr man page is generated from
+ the vipw XML file.
+
+2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, configure.in, libmisc/Makefile.am,
+ libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
+ libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
+ Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
+ xgetgrgid(), and xgetspnam(). They allocate memory for the
+ returned structure and are more robust to successive calls. They
+ are implemented with the libc's getxxyyy_r() functions if
+ available.
+ * NEWS, libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
+ libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
+ libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c, src/login.c,
+ src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
+ src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
+ src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
+ src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
+ src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
+ src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
+ usage of one of the getpwnam(), getpwuid(), getgrnam(),
+ getgrgid(), and getspnam() functions. It was noticed on
+ http://bugs.debian.org/341230 that chfn and chsh use a passwd
+ structure after calling a pam function, which result in using
+ information from the passwd structure requested by pam, not the
+ original one. It is much easier to use the new xget... functions
+ to avoid these issues. I've checked which call to the original
+ get... functions could be left (reducing the scope of the
+ structure if possible), and I've left comments to ease future
+ reviews (e.g. /* local, no need for xgetpwnam */).
+ Note: the getpwent/getgrent calls should probably be checked also.
+ * src/groupdel.c, src/expiry.c: Fix typos in comments.
+ * src/groupmod.c: Re-indent.
+ * lib/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
+ lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
+ functions (used by the xget... functions) from the <xx>io.c files
+ to the new <xx>mem.c files. This avoid linking some utils against
+ the SELinux library.
+
+2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/pl/pl.po: Fix typo: chgpassw -> chgpasswd.
+ * man/pl/Makefile.am: Fix typo: chgpassw -> chgpasswd.
+ * man/de/de.po: groups shall not be translated (for command,
+ refname, or refentrytitle).
+
+2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Fix typo introduced while fixing
+ http://bugs.debian.org/451521 (compile fix).
+
+2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/Makefile.am: Fix typo: EXTRA_DOST -> EXTRA_DIST.
+
+2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login_nopam.c: Fix a typo in a comment.
+
+2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Do not document the behavior compared to old
+ versions.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/usermod.8.xml: Document the differences between locking an
+ account and locking a password.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/usermod.c: Refuse to unlock an account when it would
+ result in a passwordless account. Based on Openwall's patch
+ shadow-4.0.4.1-owl-usermod-unlock.diff.
+ * NEWS, src/passwd.c: Likewise.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c (path_prefix): Make sure that the prefix is the
+ name of a directory (not only the beginning of a directory).
+ Openwall patch shadow-4.0.4.1-owl-userdel-path_prefix.diff.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newgrp.c: Do not give an indication that the group has no
+ password.
+ * src/newgrp.c: Do not only bail on syslog if the password is not
+ valid. Also give an indication to the user on stderr.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ Fixes from Openwall patch shadow-4.0.4.1-owl-chage-drop-priv.diff:
+ * src/chage.c: Remove cleanup(). pw_lock is never called. Replace
+ cleanup(2) by spw_unlock and remove the calls to cleanup(1).
+ * src/chage.c: Remove variable pwrw. It is always set to 0. The
+ password database is always read only.
+ * src/chage.c: Make chage -l also drop the saved GID.
+ * src/chage.c: Prefer setregid/setreuid to setgid/setuid.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ Fixes from Openwall patch shadow-4.0.4.1-alt-man.diff:
+ * man/useradd.8.xml: Indicate that the NIS caveats is also valid
+ for any external database as LDAP.
+ * man/groupadd.8.xml: Likewise.
+ * man/groupadd.8.xml: Reorder and reformat the caveats bullets.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS: Applied Debian patch 409_man_generate_from_PO to
+ automatically generate the translated manpages from the POs.
+ * man/Makefile.am: Replace the individual rules for the generation
+ of the manpages (from XML) by a generic Makefile rule an
+ dependencies for the linked manpages.
+ * man/generate_translations.mak: Generic rules for all the
+ generated translated manpages (if ENABLE_REGENERATE_MAN).
+ * man/Makefile.am: Removed rules for all the generated translated
+ manpages.
+ * man/sv/Makefile.am, man/de/Makefile.am, man/fr/Makefile.am,
+ man/pl/Makefile.am, man/ru/Makefile.am, man/it/Makefile.am:
+ Include generate_translations.mak to handle the generated
+ translations (XML and roff files).
+ * man/Makefile.am: Translated XML files moved from the CLEANFILES
+ variable of man/Makefile.am to the various languages Makefiles.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/chpasswd.8.xml: Document that chpasswd does not use PAM to
+ update the passwords. This fixes http://bugs.debian.org/396726.
+ Debian patch 411_chpasswd_document_no_pam.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/su.c: Avoid terminating the PAM library in the forked
+ child. This is done later in the parent after closing the PAM
+ session. This fixes http://bugs.debian.org/412061.
+ Debian patch 405_su_no_pam_end_before_exec.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newgrp.1.xml: Mention sg in the newgrp manpage.
+ This fixes http://bugs.debian.org/396690.
+ Debian patch 410_newgrp_man_mention_sg.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Fix typo: the warndays option was called warning.
+ This is now warndays, as documented in the manpage and usage.
+ This fixes http://bugs.debian.org/445481.
+ Debian patch 417_passwd_warndays.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/pwck.c: Remove the preprocessor check SHADOWPWD. The
+ variable is no more defined (and always assumed).
+ Debian patch 493_pwck_no_SHADOWPWD.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/passwd.c, man/passwd.1.xml: -l/-u options: edit the
+ shadow account expiry field *in addition* to editing the password
+ field. This fixes http://bugs.debian.org/389183.
+ Debian patch 494_passwd_lock.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newgrp.c: Do not request a password when a user uses
+ newgrp to switch to her primary group.
+ This fixes http://bugs.debian.org/396691.
+ Debian patch 497_newgrp_primary_group.
+ * src/newgrp.c: Remove a comment which states otherwise.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/login.c: Log an error if the password entry could not be
+ found (respect LOG_UNKFAIL_ENAB to avoid logging a password). This
+ fixes the Debian bug http://bugs.debian.org/451521
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/useradd.8.xml: -b documenation: Use the same notation for
+ the -d argument as in the -d documentation.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Allow the -b option even without the -D option.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Use the same error message for the below errors.
+ (option working ONLY if another is specified).
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Make usermod -o and -u work independently of the
+ argument order.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Validate that two of the -L, -p, and -U options
+ are not used at the same time after the parsing of options. -U
+ used to be allowed after -p or -L, but not before.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Make usermod -d and -m work independently of the
+ argument order. Thanks to Justin Pryzby <jpryzby+d@quoininc.com>
+ for the patch. This fixes http://bugs.debian.org/451518.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, lib/nscd.c: Execute nscd -i instead of using the private
+ glibc socket to flush the nscd tables. This comes from the RedHat
+ patch shadow-4.0.16-nscd.c.
+ * lib/commonio.c: Forbid inheritance of the passwd and group files
+ to the spawed processes (like nscd). This comes from the RedHat
+ patch shadow-4.0.17-notInheritFd.patch.
+ * lib/nscd.h: Update header.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c (fail_exit): Add static variables pw_locked,
+ spw_locked, gr_locked, and sgr_locked to indicate which files must
+ be unlocked.
+ * src/usermod.c (open_files, close_files): Open and close the
+ group files as well as the passwd files. This permit to check if
+ the group files modification are allowed before writing the passwd
+ files.
+ * src/usermod.c (grp_update, update_gshadow, update_group): Do not
+ return a status code, but call fail_exit() in case of error. The
+ group files are no more opened and closed in update_gshadow() and
+ update_group().
+ * src/usermod.c (main): move the call to grp_update between
+ open_files and close_files.
+ * src/usermod.c: Differentiate failure to add a group entry and
+ failure to add a shadow group entry.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c: Differentiate failure to update a group entry and
+ failure to update a shadow group entry.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/userdel.c, src/usermod.c, src/useradd.c: Inform the user if
+ out of memory while updating a group database.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/usermod.c: Update the group database before flushing
+ the nscd caches.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/userdel.c: Abort if an error is found while updating the
+ user or group database. No changes will be written in the
+ databases.
+
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: It is no more needed to check that the user's
+ groups are specified only once in the group file. This is checked
+ by gr_update().
+
+2007-11-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/commonio.c (next_entry_by_name): New function.
+ * NEWS, lib/commonio.c (commonio_update): When an entry is updated, make
+ sure that there are no other entry with the same name. This fixes
+ an infinite loop in userdel and usermod when an (erroneous) group
+ file contains two entries with the same name.
+ (https://bugzilla.redhat.com/show_bug.cgi?id=240915)
+
+2007-11-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/salt.c: Make sure the salt string is terminated at the
+ right place (either 8th, or 11th position).
+ * NEWS, src/chgpasswd.c, src/chpasswd.c: The protocol + salt does
+ not need 15 chars. No need for a temporary buffer.
+ This change the fix committed on 2007-11-10. The salt provided to
+ pw_encrypt could have been too long.
+
+2007-11-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/fr/fr.po: Fix typo: missing / in <placeholder-1/>. This
+ caused the gpasswd title to be incomplete in the French manpage.
+
+2007-11-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Check if the l64a function exists instead of a64l
+ which we do not use.
+ * libmisc/salt.c: Add support for uClibc with no l64a().
+
+2007-11-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Check if the netdb.h header file and the innetgr
+ function exist.
+ * src/login_nopam.c, NEWS: Add support for systems with no
+ innetgr(). On those systems, username with an @ will be treated
+ like any other username (i.e. lookup in the local database for an
+ user with an @). Thanks to Mike Frysinger for the patch.
+
+2007-11-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/useradd.c: Indentation fix.
+
+2007-11-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/newgrp.c, NEWS: Declare the child and pid variable at the
+ beginning of a block. This fixes a compilation issue with gcc 2.95.
+ The intent is the same as Gentoo's patch shadow-4.0.12-gcc2.patch.
+
+2007-11-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/Makefile, NEWS: Add a suidperms variable. This should ease
+ the change of permission of suid binaries for distributors (not
+ recommended).
+
+2007-11-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * ./, libmisc/, src/, contrib/, doc/, lib/, man/, man/sv/,
+ man/de/, man/ja/, man/fi/, man/pt_BR/, man/fr/, man/pl/, man/hu/,
+ man/tr/, man/ru/, man/zh_TW/, man/id/, man/zh_CN/, man/cs/,
+ man/es/, man/ko/, man/it/, etc/, etc/pam.d/, po/: Restore the
+ ignore patterns from the previous repository.
+
+ * libmisc/*.c, libmisc/*.h, libmisc/getdate.y, shadow.spec.in,
+ src/*.c, contrib/groupmems.shar, contrib/pwdauth.c,
+ doc/README.platforms, doc/WISHLIST, doc/console.c.spec.txt,
+ lib/*.c, lib/*.h, COPYING, man/*.xml, man/sv/*.[1358],
+ man/de/*.[1358], man/ja/*.[1358], man/fi/*.[1358],
+ man/fr/*.[1358], man/pt_BR/*.[1358], man/pl/*.[1358],
+ man/hu/*.[1358], man/tr/*.[1358], man/ru/*.[1358],
+ man/zh_TW/*.[1358], man/id/*.[1358], man/zh_CN/*.[1358],
+ man/cs/*.[1358], man/es/*.[1358], man/ko/*.[1358],
+ man/it/*.[1358], etc/login.access, etc/login.defs, NEWS: Added the
+ subversion svn:keywords property (Id) for proper identification.
+
+2007-11-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/sv/sv.po, man/de/de.po, man/fr/fr.po, man/pl/pl.po,
+ man/ru/ru.po, man/it/it.po: Run "make update-po" in the man
+ directory.
+
+ * po/ne.po, po/bs.po, po/cs.po, po/pt_BR.po, po/km.po, po/es.po,
+ po/eu.po, po/ko.po, po/hu.po, po/sk.po, po/vi.po, po/uk.po,
+ po/ro.po, po/sq.po, po/ru.po, po/id.po, po/nb.po, po/el.po,
+ po/gl.po, po/fr.po, po/nl.po, po/pl.po, po/nn.po, po/it.po,
+ po/dz.po, po/tl.po, po/pt.po, po/ca.po, po/da.po, po/tr.po,
+ po/sv.po, po/de.po, po/ja.po, po/zh_TW.po, po/he.po, po/fi.po,
+ po/zh_CN.po: Run "make update-po" in the po directory.
+
+2007-11-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/newgrp.c: Don't ask for a password if there are no
+ group passwords. Just directly give up. This comes from the
+ Fedora's patch shadow-4.0.13-newgrpPwd.patch, and seems to be the
+ only part with an effect.
+
+2007-11-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/chgpasswd.c, src/chpasswd.c: Fix chpasswd and
+ chgpasswd stack overflow. Based on Fedora's
+ shadow-4.0.18.1-overflow.patch.
+
+2007-11-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/useradd.c: Allow non numerical group identifier to be
+ specified with useradd's -g option. Applied Debian patch
+ 397_non_numerical_identifier. Thanks also to Greg Schafer
+ <gschafer@zip.com.au>.
+
+2007-10-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * configure.in: Prepare the next release: 4.0.18.2. The gettext
+ version used for the configuration will be 0.16.
+
+2007-10-28 Nicolas François <nicolas.francois@centraliens.net>
+
+ * po/ja.po: Remove a plural form. nplurals=1 for japanese.
+ Moreover, msgstr[0] was identical to msgstr[1].
+
+2007-10-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/limits.c, man/limits.5.xml, etc/limits: Apply patch sent
+ by Justin Bronder <jsbronder@gmail.com>. See Debian bug #442334.
+ This adds support to 2 new resource limits: max nice value, and
+ max real time priority. This is only used when shadow is not
+ compiled with PAM support.
+
+2007-10-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/gpasswd.1.xml: Describe the options separately in the
+ OPTIONS section. Simplify the synopsis.
+
+2007-10-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * README, po/Makevars: Update contact information.
+
+2007-10-27 Christian Perrier <bubulle@debian.org
+
+ * src/newgrp.c, src/passwd.c, src/su.c:
+ No longer 'apologize' to users when they use incorrect passwords
+ Remove "Sorry" from programs display
+ Imported from Debian's patch 413_no-sorry-in-passwd and
+ 102_de-fix-sorry
+ * man/fr/fr.po: fix translation errors. Imported from Debian's
+ patch 201_fix_man_su_fr and 416_man-fr_newgrp
+ * man/it/it.po, man/Makefile.am, man/it/Makefile.am:
+ Use gettext for the Italian man pages translation. Imported from
+ Debian's patch 202_it_man_uses_gettext. Thanks to Giuseppe
+ Sacco who contributed the Italian translation.
+ * man/de/de.po: (nearly) complete German translation of man pages
+ Imported from Debian's patch 203_de-man-update. Thanks to
+ Simon Brandmair
+ * src/usermod.c: Clarify the online help of usermod for "-a"
+ Imported from Debian's patch 402-clarify_usermod_usage
+ * man/shadow.5.xml: fix spelling error. Imported from Debian's
+ patch 433_shadow.5-typo_312430
+ * src/su.c: Be up front on the origin of su and mention the GNU
+ origin. Imported from Debian's patch 438_su_GNU_origin
+
+2007-10-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, po/zh_CN.po: Updated Chinese translation. Imported from
+ Debian's patch 105_zh_CN. Thanks to Ming Hua for the update.
+
+2007-10-13 Tommi Vainikainen <thv+debian@iki.fi>
+
+ * NEWS, po/fi.po: Updated Finish translation (400t).
+
+2007-10-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/su.c: If compiled without PAM support, enforce the
+ limits from /etc/limits when one of the -, -l, or --login options
+ is set, even if called by root. Thanks to Justin Bronder.
+
+2007-10-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, Changelog: Convert the Changelog and NEWS files to UTF-8
+ (it was partially ISO-8859-2).
+
+2007-02-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/groupadd.8.xml, man/groupmod.8.xml, man/login.1.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml:
+ groupadd.8, groupmod.8, login.1, useradd.8, userdel.8, usermod.8: grammar
+ mistakes and other correctstions (by Schulenberg <bensberg@justemail.net>).
+
+2007-01-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/usermod.c:
+ fixed handle -a option in usermod (by Benno Schulenberg <bensberg@justemail.net>).
+
+2006-12-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/sv/sv.po:
+ more UTF8 fixe (by Mikael Magnusson <mikma@users.sourceforge.net>).
+
+ * man/sv/sv.po:
+ UTF8 fixes (by Mikael Magnusson <mikma@users.sourceforge.net>).
+
+2006-11-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/Makefile.am, man/pl/chgpassw.8, man/pl/chpasswd.8, man/pl/pl.po:
+ translation chpasswd.8 and chgpassw.8 finished.
+
+2006-11-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/pl.po: resolve fuzzy entries.
+
+ * contrib/adduser.c, contrib/groupmems.shar, po/it.po, src/groupmems.c, src/usermod.c, man/chfn.1.xml, man/chsh.1.xml, man/de/de.po, man/fr/fr.po, man/groupmems.8.xml, man/passwd.1.xml, man/pl/pl.po, man/ru/ru.po, man/shadow.3.xml, man/su.1.xml, man/sv/sv.po:
+ spelling fixes 's/super user/superuser/' (by Benno Schulenberg <bensberg@justemail.net>).
+
+ * man/sv/sv.po, man/de/de.po, man/fr/fr.po, man/pl/pl.po, man/ru/ru.po:
+ run "make update-po".
+
+ * man/newusers.8.xml, man/su.1.xml:
+ fixed wrong word, a few typos, some grammar mistakes, and puts in a comma here
+ and there for clarity (by Benno Schulenberg <bensberg@justemail.net>).
+
+ * man/pl/groupmod.8, man/pl/chage.1, man/pl/chsh.1, man/pl/lastlog.8, man/pl/vipw.8:
+ regenerated.
+
+ * man/de/de.po: run "make update-po".
+
+ * man/Makefile.am:
+ added de to LINGUAS but man/de/de.po still need many work.
+
+2006-11-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/useradd.c: indent code.
+
+ * NEWS, src/useradd.c:
+ improved auditing support (https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=211659).
+
+2006-11-03 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+ run "make update-po".
+
+ * NEWS, po/nl.po:
+ updated (by cobaco (aka Bart Cornelis) <cobaco@skolelinux.no>).
+
+ * man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/sv/sv.po:
+ "make update-po".
+
+2006-11-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/su.1.xml:
+ added sg(1) to the SEE ALSO section (Debian Bug#396690).
+
+2006-10-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/newusers.8.xml: clarify pw_gid fileld content description.
+
+ * man/it/Makefile.am, man/sv/Makefile.am:
+ s/man_nonpam/man_nopam/ (merged 498_man_nonpam_undefined Debian patch).
+
+ * po/nl.po:
+ fixed https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212892
+
+2006-10-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/newusers.8.xml: there is no pw_age fileld in passwd.
+
+ * man/fr/fr.po:
+ Fix an error in the passwd.1 French translation (fixed Debian bug #395537).
+
+ * man/chfn.1.xml, man/chgpasswd.8.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/fr/fr.po, man/gpasswd.1.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/id.1.xml, man/login.1.xml, man/newgrp.1.xml, man/newusers.8.xml, man/nologin.8.xml, man/passwd.1.xml, man/pl/pl.po, man/pwck.8.xml, man/pwconv.8.xml, man/su.1.xml, man/sulogin.8.xml, man/sv/sv.po, man/vipw.8.xml:
+ cleanups on begin DESCRIPTION section.
+
+ * man/pl/pl.po: typos.
+
+2006-10-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po: cleanups.
+
+2006-10-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/pl.po: more translations.
+
+ * NEWS:
+ UTF-8 corrections (by Benno Schulenberg <bensberg@justemail.net>).
+
+2006-10-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/groupdel.8.xml: added description for exit code 6.
+
+2006-08-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/de/de.po: copy & paste some msgid to msgstr.
+
+ * man/de/de.po:
+ kill some fuzzy (by Nicolas François <nicolas.francois@centraliens.net>).
+
+2006-08-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/sv/sv.po, man/passwd.1.xml:
+ s/change password/password change/ in passwd(1) (by Simon Brandmair <sbrandmair@gmx.net>).
+
+ * man/de/de.po:
+ initial version based on partial translations only for passwd(1) by
+ Simon Brandmair <sbrandmair@gmx.net>.
+
+ * NEWS, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/useradd.c, src/userdel.c, src/usermod.c:
+ flush nscd cashes after close /etc/{group,passwd} files.
+
+2006-08-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/tl.po: updated (by Eric Pareja <xenos@upm.edu.ph>).
+
+2006-08-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/ja.po: updated (by Takeo Nakano <nakano@webmasters.gr.jp>).
+
+2006-08-03 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/fr/Makefile.am:
+ removed whitespaces following trailing backslashes.
+
+ * NEWS, configure.in: release 4.0.18.1.
+
+ * man/Makefile.am, man/fr/Makefile.am, man/it/Makefile.am, man/ja/Makefile.am, man/pl/Makefile.am, man/ru/Makefile.am, man/sv/Makefile.am, NEWS:
+ fixed missing man pages in dist tar ball necessary on build when PAM is disabled.
+
+ * NEWS, src/groupmems.c:
+ fixed groupmems compilation when PAM is disabled (by Johannes Winkelmann <jw@smts.ch>).
+
+ * configure.in:
+ typo s/followig/following/ (by Johannes Winkelmann <jw@smts.ch>).
+
+2006-08-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: release date corrected.
+
+ * NEWS, src/su.c:
+ fixed set enviroment too early when using PAM, so move it to !USE_PAM
+ (patch submitted by Mike Frysinger <vapier@gentoo.org>).
+
+2006-07-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/fr/chage.1, man/fr/chfn.1, man/fr/chpasswd.8, man/fr/chsh.1, man/fr/expiry.1, man/fr/faillog.5, man/fr/faillog.8, man/fr/gpasswd.1, man/fr/groupadd.8, man/fr/groupdel.8, man/fr/groupmod.8, man/fr/groups.1, man/fr/grpck.8, man/fr/gshadow.5, man/fr/lastlog.8, man/fr/limits.5, man/fr/login.1, man/fr/login.access.5, man/fr/login.defs.5, man/fr/logoutd.8, man/fr/newgrp.1, man/fr/newusers.8, man/fr/passwd.1, man/fr/passwd.5, man/fr/porttime.5, man/fr/pwck.8, man/fr/pwconv.8, man/fr/sg.1, man/fr/shadow.3, man/fr/shadow.5, man/fr/su.1, man/fr/suauth.5, man/fr/useradd.8, man/fr/userdel.8, man/fr/usermod.8, man/fr/vipw.8, NEWS:
+ fr man pages are now up to date.
+
+ * man/fr/fr.po:
+ more updates for 4.0.18 (by Nicolas François <nicolas.francois@centraliens.net>).
+
+ * man/fr/fr.po:
+ updated for 4.0.18 (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+2006-07-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po:
+ updated.
+
+ * src/useradd.c, src/usermod.c:
+ fixed UID/GID overflow (fixed http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198920).
+ Fixed expiredate/inactive/mindays/warndays/maxdays overflow (simillar to RH#198920).
+
+ * src/passwd.c:
+ fixed inactive/mindays/warndays/maxdays overflow (similar to RH#198920).
+
+ * src/groupadd.c, src/groupmod.c:
+ fixed GID overflow (fixed http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198920).
+
+2006-07-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/.cvsignore: groupmems added.
+
+2006-07-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fr.po:
+ updated for 4.0.18 (by ean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+ * po/uk.po: break lines longer than 80 cols and add missing \n.
+
+ * po/uk.po:
+ updated for 4.0.18 (by Eugeniy Meshcheryakov <eugen@univ.kiev.ua>).
+
+ * man/pl/pl.po, man/ru/ru.po, man/sv/sv.po, man/chgpasswd.8.xml, man/chpasswd.8.xml, man/fr/fr.po:
+ s/instead DES/instead of DES/
+
+ * NEWS: sv man pages are partially translated.
+
+2006-07-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/groupmems.c: fix compilation warnings.
+
+ * po/ko.po: use \t.
+
+ * po/nl.po: break lines longer than 80 cols and add missing \n.
+
+2006-07-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/ru/faillog.5: regenerated.
+
+ * po/ko.po: updated for 4.0.18 (by Changwoo Ryu <cwryu@debian.org>).
+
+2006-07-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/faillog.5.xml, man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/sv/sv.po:
+ added <refmiscinfo class="sectdesc"> tag for faillog.5.xml.
+
+ * man/sv/Attic/grupper.1: removed.
+
+ * man/sv/Makefile.am, man/sv/chage.1, man/sv/chfn.1, man/sv/chgpasswd.8, man/sv/chpasswd.8, man/sv/chsh.1, man/sv/expiry.1, man/sv/faillog.5, man/sv/faillog.8, man/sv/gpasswd.1, man/sv/groupadd.8, man/sv/groupdel.8, man/sv/groupmems.8, man/sv/groupmod.8, man/sv/groups.1, man/sv/grpck.8, man/sv/gshadow.5, man/sv/lastlog.8, man/sv/limits.5, man/sv/login.1, man/sv/login.access.5, man/sv/login.defs.5, man/sv/logoutd.8, man/sv/newgrp.1, man/sv/newusers.8, man/sv/nologin.8, man/sv/passwd.1, man/sv/passwd.5, man/sv/porttime.5, man/sv/pwck.8, man/sv/pwconv.8, man/sv/sg.1, man/sv/shadow.3, man/sv/shadow.5, man/sv/su.1, man/sv/suauth.5, man/sv/sv.po, man/sv/useradd.8, man/sv/userdel.8, man/sv/usermod.8, man/sv/vipw.8:
+ corrected text charset and other minor cleanups (by Daniel Nylander <info@danielnylander.se>).
+
+ * po/tr.po: break lines longer than 80 cols.
+
+ * po/tr.po:
+ updated for 4.0.18 (by Mehmet TURKER <mturker@innova.com.tr>).
+
+ * configure.in, man/Makefile.am, man/sv/Makefile.am:
+ fixes for "make {dist|distchec}" and sv man pages.
+
+ * man/sv/Attic/grupper.1, man/sv/groupmems.8, man/sv/groupmod.8, man/sv/grpck.8, man/sv/grpconv.8, man/sv/grpunconv.8, man/sv/gshadow.5, man/sv/lastlog.8, man/sv/limits.5, man/sv/login.1, man/sv/login.access.5, man/sv/login.defs.5, man/sv/logoutd.8, man/sv/newgrp.1, man/sv/newusers.8, man/sv/nologin.8, man/sv/passwd.1, man/sv/passwd.5, man/sv/porttime.5, man/sv/pwck.8, man/sv/pwconv.8, man/sv/pwunconv.8, man/sv/sg.1, man/sv/shadow.3, man/sv/shadow.5, man/sv/su.1, man/sv/suauth.5, man/sv/sv.po, man/sv/useradd.8, man/sv/userdel.8, man/sv/usermod.8, man/sv/vigr.8, man/sv/vipw.8, NEWS, man/Makefile.am, man/sv/Makefile.am, man/sv/chage.1, man/sv/chfn.1, man/sv/chgpasswd.8, man/sv/chpasswd.8, man/sv/chsh.1, man/sv/expiry.1, man/sv/faillog.5, man/sv/faillog.8, man/sv/getspnam.3, man/sv/gpasswd.1, man/sv/groupadd.8, man/sv/groupdel.8:
+ full sv man pages set added (by Daniel Nylander <info@danielnylander.se>).
+ This man pages are translated using new XML/xml2po/gettext infrastructure.
+
+ * po/pl.po: updated for 4.0.18.
+
+2006-07-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pt.po:
+ updated for 4.0.18 (by Miguel Figueiredo <mfigueiredo@gmail.com>).
+
+ * po/gl.po, NEWS:
+ updated for 4.0.18 (by Jacobo Tarrio <jacobo@tarrio.org>).
+
+ * NEWS, po/eu.po:
+ updated for 4.0.18 (by Piarres Beobide <pi@beobide.net>).
+
+ * man/ru/chsh.1, man/ru/faillog.5, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/ru.po, man/ru/su.1, man/ru/useradd.8, man/ru/usermod.8, man/ru/vipw.8, NEWS, po/ru.po:
+ updated for 4.0.18 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+ * po/vi.po, NEWS:
+ updated for 4.0.18 (by Clytie Siddall <clytie@riverland.net.au>).
+
+ * NEWS, po/cs.po:
+ updated for 4.0.18 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+ * NEWS, po/sv.po:
+ updated for 4.0.18 (by Daniel Nylander <info@danielnylander.se>).
+
+ * NEWS, po/ca.po:
+ updated for 4.0.18 (by Guillem Jover <guillem@debian.org>).
+
+2006-07-18 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/hu.po: cleanups.
+
+ * NEWS, po/da.po:
+ updated for 4.0.18 (by Claus Hindsgaul <claus.hindsgaul@gmail.com>).
+
+ * po/hu.po, NEWS: updated for 4.0.18 (by SZERVÃC Attila <sas@321.hu>).
+
+ * NEWS: typos.
+
+ * man/ru/ru.po, man/fr/fr.po, man/pl/pl.po: run "make update-po".
+
+ * man/su.1.xml: fixes in <refsynopsisdiv>.
+
+ * src/groupmems.c: indent soutrce code.
+
+ * src/groupmems.c: use shadow Copyright.
+
+ * po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/POTFILES.in, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po:
+ added src/groupmems.c to POTFILES.in.
+
+ * NEWS, etc/pam.d/Makefile.am, etc/pam.d/groupmems, man/Makefile.am, man/groupmems.8.xml, src/Makefile.am, src/groupmems.c:
+ groupmems rewrited for use PAM and getopt_long() nad now it is enabled
+ for build and install (patch by George Kraft <gk4@swbell.net>).
+
+ * NEWS, configure.in: start prepare for 4.0.18.
+
+2006-07-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+ run "make update-po" and some cleanups (added missing \n and use tabs instead spaces).
+
+ * src/su.c: s#[login]#[LOGIN]# in help message.
+
+ * man/useradd.8.xml:
+ added missing --<foo> long options names in "Changing the default values" section.
+
+ * po/tr.po: updated (by Murat Åženel <muratasenel@gmail.com>).
+
+2006-07-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/fr/fr.po, man/pl/pl.po, man/ru/ru.po: updated.
+
+ * man/useradd.8.xml: added newusers(8) to SEE ALSO section.
+
+ * etc/login.defs:
+ removed GETPASS_ASTERISKS (patch by Mike Frysinger <vapier@gentoo.org>).
+
+2006-07-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/pl/chsh.1, man/pl/pl.po: pl chage(1): translation finished.
+
+ * NEWS:
+ s#fix by Mike Frysinger <vapier@gentoo.org>)#(patch by Ulrich Mueller <ulm@kph.uni-mainz.de>; http://bugs.gentoo.org/139966#
+
+ * NEWS, configure.in:
+ S/Key: removed assign getpass() to libshadow_getpass() on autoconf level
+ (fix by Mike Frysinger <vapier@gentoo.org>).
+
+2006-07-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/vipw.8.xml: make options <replaceable> in SYNOPSIS.
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/groupadd.c:
+ s/group/GROUP/ in groupadd help message.
+
+ * src/su.c (main):
+ move **envcp declaration to #ifdef USE_PAM (fixed warning about unused
+ variable when shadow is builded with PAM didabled).
+
+ * man/pl/pl.po, NEWS, man/pl/chage.1: pl chage(1) translation finished.
+
+ * man/fr/fr.po, man/pl/pl.po, man/ru/ru.po: updated.
+
+ * man/chsh.1.xml: updated after rewrite chsh for use getopt_long().
+
+ * po/pl.po: kill fuzzy.
+
+2006-07-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/chsh.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po:
+ one \t more in help message.
+
+ * po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po:
+ updated.
+
+ * NEWS, src/chsh.c: chsh rewrited for use getopt_long().
+
+2006-07-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/groupmod.8, man/pl/pl.po: finish translation groupmod(8).
+
+ * man/fr/fr.po, man/groupmod.8.xml, man/pl/groupmod.8, man/pl/pl.po, man/ru/ru.po:
+ cleanups in groupmod(8).
+
+ * man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/usermod.8.xml, src/usermod.c, NEWS:
+ back to previouse usermod -a option sematics and clarify -a behavior
+ on documentation level (by Greg Schafer <gschafer@zip.com.au>).
+
+ * man/fr/fr.po, man/groupmod.8.xml, man/pl/pl.po, man/ru/ru.po:
+ updated groupmod man page.
+
+2006-07-11 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/groupmod.c: too many \t in help message.
+
+ * man/ru/chage.1, man/ru/passwd.1, man/ru/ru.po, man/chage.1.xml, man/fr/fr.po, man/passwd.1.xml, man/pl/pl.po:
+ updated.
+
+ * po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po:
+ run "make update-po".
+
+ * src/groupmod.c: cleunps in help message.
+
+ * src/chage.c: s/user/\[LOGIN\]/ in help message.
+
+ * src/passwd.c: s/\[login\]/\[LOGIN\]/ in help message.
+
+ * NEWS, src/groupmod.c: groupmod rewrited for use getopt_log().
+
+2006-07-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/sv.po:
+ added missing \n in help messages and few other minor cleanups.
+
+ * NEWS, po/sv.po:
+ updated for 4.0.17 (by Daniel Nylander <info@danielnylander.se>).
+
+ * NEWS: 4.0.17 release date i 10-07-2006.
+
+ * NEWS, libmisc/copydir.c:
+ fixed segfault usermod/userdel on remove home directory when it can't
+ be removed; for example when it is /dev/null (fixed http://bugs.gentoo.org/139148).
+
+ * src/login.c, src/logoutd.c, src/userdel.c, libmisc/limits.c:
+ remove USER_PROCESS conditionsi (code simplifications).
+
+2006-07-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/km.po: kill all fuzzy (Sokhem <khoemsokhem@khmeros.info>).
+
+2006-07-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/de.po: kill fuzzy (by Holger Wansing <linux@wansing-online.de>).
+
+2006-07-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Makefile.am: removed duplicated all target.
+
+ * NEWS, po/LINGUAS, po/ne.po:
+ new Nepali translation (by Paras Pradhan <pradhanparas@gmail.com>).
+
+ * NEWS, po/LINGUAS, po/dz.po: new Dzongkha translation.
+
+ * NEWS, po/de.po:
+ updated for 4.0.17 (by Holger Wansing <linux@wansing-online.de>).
+
+ * NEWS, po/nl.po:
+ updated for 4.0.17 (by "cobaco (aka Bart Cornelis)" <cobaco@skolelinux.no>)
+
+2006-06-25 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ko.po: cleanups (by darehanl <darehanl@gmail.com>).
+
+ * src/usermod.c: fixes in getopt_long() optstring: s/a/a:/ and added h.
+
+ * src/faillog.c:
+ fixed long_options[] entries: s/no_argument/required_argument/ for lock-secs,
+ maximum, time and user options.
+
+ * NEWS, configure.in:
+ improved SELinux detection on autoconf level (based on patch by
+ Dan Yefimov <dan@D00M.lightwave.net.ru>).
+
+ * po/ro.po, NEWS:
+ updated for 4.0.17 (by Sorin Batariuc <sorin@bonbon.net>).
+
+2006-06-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: cleanups.
+
+ * man/pl/pl.po: more translations for chage(1).
+
+ * TODO: remove done things.
+
+ * NEWS, lib/Attic/getpass.c, lib/Makefile.am, lib/getdef.c, lib/pwauth.c, po/POTFILES.in:
+ removed using private implementatuon getpass() libc function (now getpass() is
+ used also when S/KEY support is enabled).
+
+ * NEWS, src/Makefile.am: move nologin do $(sbindir).
+
+ * man/pl/pl.po: more work.
+
+ * man/pl/pl.po: more translations.
+
+ * po/pl.po: s/KEY=VALUE/KLUCZ=WARTOŚĆ/
+
+ * po/pl.po: s/SEC/SEK/
+
+ * src/chpasswd.c: added missing #include "exitcodes.h".
+
+ * src/chpasswd.c: s/exit (1)/exit (E_USAGE)/
+
+ * man/Makefile.am:
+ move all current i18n man pages automation inside "if ENABLE_REGENERATE_MAN .. endif".
+
+ * man/Makefile.am:
+ add an error message so people don't have to go digging through
+ source to find out what's up (by Mike Frysinger <vapier@gentoo.org>).
+
+ * NEWS, man/ru/chage.1, man/ru/chfn.1, man/ru/chgpasswd.8, man/ru/chpasswd.8, man/ru/chsh.1, man/ru/expiry.1, man/ru/faillog.5, man/ru/faillog.8, man/ru/gpasswd.1, man/ru/groupadd.8, man/ru/groupdel.8, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/groups.1, man/ru/grpck.8, man/ru/gshadow.5, man/ru/lastlog.8, man/ru/limits.5, man/ru/login.1, man/ru/login.access.5, man/ru/login.defs.5, man/ru/logoutd.8, man/ru/newgrp.1, man/ru/newusers.8, man/ru/nologin.8, man/ru/passwd.1, man/ru/passwd.5, man/ru/porttime.5, man/ru/pwck.8, man/ru/pwconv.8, man/ru/ru.po, man/ru/sg.1, man/ru/shadow.3, man/ru/shadow.5, man/ru/su.1, man/ru/suauth.5, man/ru/useradd.8, man/ru/userdel.8, man/ru/usermod.8, man/ru/vipw.8:
+ updated ru man pages (regenerated from man/ru/ru.po -> man/ru/*xml -> roff).
+
+ * NEWS, po/ru.po:
+ updated for 4.0.17 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+ * NEWS, po/LINGUAS, po/km.po:
+ new km translation (Sokhem <khoemsokhem@khmeros.info>).
+
+ * po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, src/groupadd.c:
+ cleanups in groupadd help message.
+
+ * NEWS, po/nb.po:
+ updated for 4.0.17 (by Bjørn Steensrud <bjornst@powertech.no>).
+
+ * NEWS, po/da.po:
+ updated for 4.0.17 (by Claus Hindsgaul <claus.hindsgaul@gmail.com>).
+
+ * po/pl.po:
+ s/twóş/twÄ‚Å‚rz/ (fix by MichaÅ‚ Åomnicki <michal.lomnicki@gmail.com>).
+
+ * NEWS, po/pt.po:
+ updated for 4.0.17 (by Miguel Figueiredo <mfigueiredo@gmail.com>).
+
+ * NEWS, po/vi.po:
+ updated for 4.0.17 (by Clytie Siddall <clytie@riverland.net.au>).
+
+ * NEWS, po/cs.po:
+ updated for 4.0.17 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+ * po/eu.po, po/fr.po, po/gl.po, po/pl.po:
+ Project-Id-Version: shadow 4.0.17
+
+ * NEWS, po/sk.po:
+ updated for 4.0.17 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+ * NEWS, po/ko.po:
+ updated for 4.0.17 (by Changwoo Ryu <cwryu@debian.org>).
+
+2006-06-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in: schedule release 40.17 on 26-06-2006.
+
+ * src/useradd.c:
+ adjust last fix for leave some fix mail spool creation after rewrite internal
+ configuration API.
+
+ * src/useradd.c, NEWS:
+ fixed mail spool file creation (bug cached by Frans Pop <elendil@planet.nl>,
+ fixed http://bugs.debian.org/374705).
+
+2006-06-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/chage.c, src/chgpasswd.c, src/chpasswd.c, src/faillog.c, src/groupadd.c, src/lastlog.c, src/passwd.c, src/su.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c:
+ better looking help messages output. Added one empty line at end of help message.
+
+ * po/ru.po, po/sk.po, po/sv.po, po/tl.po, po/uk.po, po/ro.po, po/pt_BR.po:
+ break help messages lines before col 80.
+
+ * man/pl/pl.po: more work on usermod.
+
+ * po/pl.po: cleanups.
+
+2006-06-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/vipw.8:
+ regenerated using fixed DocBook XSL Stylesheets v1.70.1 (I must submit my
+ fixes common/pl.xml do DocBook XSL Stylesheets mantainer).
+
+ * man/fr/fr.po, man/ru/ru.po: updated.
+
+ * man/pl/lastlog.8, man/pl/pl.po: finish translate lastlog(8).
+
+ * man/lastlog.8.xml: improved NOTE section content.
+
+ * po/pl.po: iprove lastlog help message.
+
+ * man/fr/fr.po, man/lastlog.8.xml, man/pl/pl.po, man/ru/ru.po:
+ Better lastlog short description. Now it is:
+ lastlog - reports the most recent login of all users or of a given user
+
+ * man/Makefile.am, man/fr/fr.po, man/lastlog.8.xml, man/pl/pl.po, man/ru/ru.po:
+ Fixed CAVEATS section (what the hell is mmdf ? :)
+
+ * man/ru/ru.po, NEWS, man/faillog.5.xml, man/fr/fr.po, man/pl/pl.po:
+ added missing information about fail_locktime element of faillog struct
+ in faillog(5) man page (by Thorsten Kukuk <kukuk@suse.de>).
+
+2006-06-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/ru/chage.1, man/ru/chfn.1, man/ru/chgpasswd.8, man/ru/chpasswd.8, man/ru/chsh.1, man/ru/expiry.1, man/ru/faillog.5, man/ru/faillog.8, man/ru/gpasswd.1, man/ru/groupadd.8, man/ru/groupdel.8, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/groups.1, man/ru/grpck.8, man/ru/gshadow.5, man/ru/lastlog.8, man/ru/limits.5, man/ru/login.1, man/ru/login.access.5, man/ru/login.defs.5, man/ru/logoutd.8, man/ru/newgrp.1, man/ru/newusers.8, man/ru/nologin.8, man/ru/passwd.1, man/ru/passwd.5, man/ru/porttime.5, man/ru/pwck.8, man/ru/pwconv.8, man/ru/sg.1, man/ru/shadow.3, man/ru/shadow.5, man/ru/su.1, man/ru/suauth.5, man/ru/useradd.8, man/ru/userdel.8, man/ru/usermod.8, man/ru/vipw.8:
+ fully regenerated man pages.
+
+ * man/Makefile.am:
+ hack for generate translated xml files with lang="<lang> in <refentry> tag.
+ Now is possible testing correctnes of XSLT sheets languages definition.
+
+2006-06-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/eu.po: updated (by Piarres Beobide <pi@beobide.net>).
+
+2006-06-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/zh_TW.po, po/da.po, po/el.po, po/es.po, po/eu.po, po/id.po, po/ja.po, po/ko.po, po/nb.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/tr.po, po/uk.po, po/zh_CN.po:
+ s/ \\n"/\\n"/ in translated strings.
+
+ * man/pl/pl.po: more translations for usermod.
+
+ * man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/usermod.8.xml:
+ added <command> tags for at and crontab.
+
+ * man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/usermod.8.xml:
+ remove /etc/login.defs from FILES section.
+
+ * po/gl.po: updated (by Jacobo Tarrio <jtarrio@trasno.net>).
+
+ * po/fr.po: updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+ * po/pl.po:
+ updated usermod help message and fixed few other things introduced during
+ copy&paset from useradd help message.
+
+ * po/vi.po, po/zh_CN.po, po/zh_TW.po, src/usermod.c, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/bs.po:
+ fixes in help message:
+ s/login/LOGIN/
+ s/new login directory/new home directory/
+ s/new initial login group/new primary group/
+ s/tlist of supplementary/new tlist of supplementary/
+ s/LOGIN/NEW_LOGIN/
+
+ * po/da.po, po/id.po, po/nb.po, po/nl.po, po/pl.po, po/pt.po, po/ro.po, po/sk.po, po/sv.po:
+ cleanups in usermod help message.
+
+ * po/es.po, po/eu.po, po/fi.po, po/tl.po: cleanups.
+
+ * po/nb.po, po/nl.po, po/pt.po, po/uk.po, po/cs.po, po/el.po, po/eu.po, po/fi.po, po/hu.po:
+ s/\\\t /\\\t/
+
+2006-06-11 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in, man/Makefile.am:
+ reverte using docbook.sourceforge.net in XSLT url.
+
+ * po/pl.po: cleanups.
+
+2006-06-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Makefile.am:
+ improved gen-xmls target: now this target generates only missing xml files.
+
+2006-06-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/sk.po:
+ updated for 4.0.16 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+ * NEWS, po/es.po:
+ updated for 4.0.16 (by Ruben Porras <nahoo82@gmail.com>).
+
+ * NEWS, po/fi.po:
+ updated for 4.0.16 (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+ * NEWS, man/cs/Makefile.am, man/cs/groupmems.8, man/cs/groupmod.8, man/cs/grpck.8, man/cs/gshadow.5:
+ new cs man pages: groupmems(8), groupmod(8), grpck(8), gshadow(5)
+ (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+ * NEWS, po/cs.po:
+ updated for 4.0.16 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+2006-06-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in, man/Makefile.am:
+ regenerate roff man pages using docbook-style-xsl-1.70.1.
+ This version uses new base URL: http://docbook.sf.net/release/xsl/current/
+
+ * man/.cvsignore: shadow-man-pages.pot added.
+
+ * man/Makefile.am:
+ added temporary gen-xmls targed and dependencies beetwen .pot and .po files.
+
+ * man/chgpasswd.8.xml: removed <!DOCTYPE> tag (isn't neccessary).
+
+2006-05-31 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/pl.po: chage(1) translation.
+
+ * man/pl/Attic/chage.1.xml: removed.
+
+ * man/chage.1.xml, man/fr/fr.po, man/pl/pl.po, man/ru/ru.po:
+ chage requires shadow access and can't work without this.
+
+ * po/da.po:
+ updated for 4.0.16 (by Claus Hindsgaul <claus.hindsgaul@gmail.com>).
+
+ * po/pl.po: s/_DAYS/_DNI/
+
+2006-05-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: s/OWL/Owl/
+
+ * NEWS: new release date for 4.0.16 is 05-06-2006.
+
+ * NEWS: fixed last usermod changes comment. Current is:
+ better fix for old CERT VU#312962 (which was fixed in shadow 4.0.8):
+ fixed forgoten checking of the return value from fchown() before
+ proceeding with the fchmod() (based on Owl patch prepared by
+ Rafal Wojtczuk <nergal@owl.openwall.com>)
+
+ * src/useradd.c (create_mail):
+ move checking create_mail_spool is "yes" on top function.
+
+ * man/pl/pl.po: cleanups.
+
+ * po/fr.po:
+ plugged fuzzy (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+ * po/fr.po:
+ updated (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+2006-05-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Makefile.am:
+ simplifications in update-po target and fixes in dist-po-files target.
+
+ * NEWS, po/eu.po:
+ updated for 4.0.16 (by Piarres Beobide <pi@beobide.net>).
+
+2006-05-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/ru/ru.po, NEWS, man/chfn.1.xml, man/faillog.8.xml, man/fr/fr.po, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupmems.8.xml, man/limits.5.xml, man/login.1.xml, man/login.defs.5.xml, man/newgrp.1.xml, man/passwd.1.xml, man/passwd.5.xml, man/pl/pl.po, man/su.1.xml:
+ bunch of cleanups in chfn(1), faillog(8), gpasswd(1), groupadd(8),
+ groupmems(8), limits(5), login(1), login.defs(5), newgrp(1), passwd(1),
+ passwd(5) and su(1) (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+ * man/Makefile.am, man/ru/ru.po: added ru to LINGUAS.
+
+ * po/ru.po: updated for 4.0.16 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2006-05-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/fr/fr.po, man/pl/pl.po, man/chage.1.xml, man/passwd.1.xml:
+ s/-n/-m/ in passwd(1). Improved -m, --mindays description in chage(1) and passwd(1).
+ More pl translations.
+
+ * po/vi.po: updated (by Clytie Siddall <clytie@riverland.net.au>).
+
+ * NEWS, po/hu.po:
+ updated for 4.0.16 (by Gabor Kelemen <kelemeng@gnome.hu>).
+
+2006-05-25 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/cs/Makefile.am, man/it/Makefile.am, man/ru/Makefile.am:
+ id and sulogin executables are not installed by "make install",
+ but a few translated man pages are still installed.
+ (patch by Lasse Collin <lasse.collin@tukaani.org>)
+
+2006-05-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/vi.po:
+ updates for 4.0.16 (by Clytie Siddall <clytie@riverland.net.au>).
+
+ * po/gl.po: updated for 4.0.16 (by Jacobo Tarrio <jtarrio@debian.org>).
+
+2006-05-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po: more cleanups.
+
+ * po/fr.po:
+ updated for 4.0.16 (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+ * man/chage.1.xml, man/chfn.1.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/fr/fr.po, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/login.1.xml, man/login.access.5.xml, man/logoutd.8.xml, man/newgrp.1.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/pl/pl.po, man/pl/vipw.8, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/sg.1.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml:
+ use common style in FILES sections.
+
+ * man/fr/fr.po, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/id.1.xml, man/limits.5.xml, man/login.access.5.xml, man/pl/pl.po, man/suauth.5.xml, man/userdel.8.xml, man/usermod.8.xml, man/faillog.5.xml:
+ begin <refpurpose> text from lowercase.
+
+ * man/fr/fr.po, man/pl/pl.po, man/pwconv.8.xml, man/vipw.8.xml:
+ remove "." from <refpurpose>.
+
+ * po/pl.po: cleanups.
+
+ * po/pl.po: typo.
+
+ * man/pl/.cvsignore, man/pt_BR/.cvsignore, man/ru/.cvsignore, man/tr/.cvsignore, man/zh_CN/.cvsignore, man/zh_TW/.cvsignore, man/cs/.cvsignore, man/de/.cvsignore, man/es/.cvsignore, man/fi/.cvsignore, man/fr/.cvsignore, man/hu/.cvsignore, man/id/.cvsignore, man/it/.cvsignore, man/ja/.cvsignore, man/ko/.cvsignore:
+ *.xml added.
+
+ * man/cs/.cvsignore, man/de/.cvsignore, man/es/.cvsignore, man/fi/.cvsignore, man/fr/.cvsignore, man/hu/.cvsignore, man/id/.cvsignore, man/it/.cvsignore, man/ja/.cvsignore, man/ko/.cvsignore, man/pl/.cvsignore, man/pt_BR/.cvsignore, man/ru/.cvsignore, man/tr/.cvsignore, man/zh_CN/.cvsignore, man/zh_TW/.cvsignore, man/.cvsignore:
+ .xml2po.mo added.
+
+ * NEWS, man/pl/vipw.8: update pl vipw(8) man page.
+
+ * src/useradd.c: s/mailbox/mailbox file/
+
+ * man/pl/pl.po: seems vipw finished.
+
+ * man/fr/fr.po, man/vipw.8.xml: s/Quiet mode database./Quiet mode./
+
+ * man/pl/pl.po: more entries.
+
+ * po/vi.po, po/zh_CN.po, po/zh_TW.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po:
+ /mailbox/mailbox file/
+
+ * man/pl/pl.po: fill few entries.
+
+ * man/Makefile.am: fixes in dist-po-files target.
+
+ * man/Makefile.am: pl added to Linguas. Some mprovements.
+
+ * man/fr/fr.po:
+ initial version based on ond version submited by Christian Perrier <bubulle@debian.org>.
+
+ * man/pl/pl.po: initial version.
+
+ * man/Makefile.am:
+ implemet update-po target and dist, dist-check hooks for put .po and
+ .pot files in dist tar ball.
+
+ * src/chgpasswd.c:
+ reverte struct group newgr declaration but use them only conditionaly (#ifndef SHADOWGRP).
+
+2006-05-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in: schedule release 4.0.16 to 29.05.06.
+
+ * po/pl.po: updated.
+
+ * po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po:
+ run "make update-po".
+
+ * NEWS, src/useradd.c:
+ fixed userdel CERT VU#312962: fixed forgoten checking of the return
+ value from fchown() before proceeding with the fchmod() (prepared
+ based on OWL fix submited by Solar Designer <solar@openwall.com>),
+ Use in userdel login.defs::MAIL_DIR instead hardcoded /var/mail on created
+ mailbox path (based on OWL fixes submited by Solar Designer <solar@openwall.com>).
+
+2006-05-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/.cvsignore: added *.[1358]
+
+ * NEWS, man/ru/Makefile.am, man/ru/chgpasswd.8:
+ added chgpasswd(8) ru man page (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+ * po/gl.po: updated (by Jacobo Tarrio <jtarrio@debian.org>).
+
+ * NEWS, man/ru/login.defs.5, man/ru/passwd.1, man/ru/userdel.8, man/ru/usermod.8:
+ updated ru login.defs(5), passwd(1), userdel(8), usermod(8) man pages
+ (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+ * NEWS, po/ru.po: updated (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+ * NEWS, po/pt.po: updated (by Miguel Figueiredo <elmig@debianpt.org>).
+
+2006-05-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/Makefile.am, man/ja/Attic/pw_auth.3, man/ja/Makefile.am, man/pl/Attic/pw_auth.3, man/pl/Makefile.am, man/ru/Attic/pw_auth.3, man/ru/Makefile.am:
+ pw_auth(3) man page removed (outdated).
+
+ * man/Makefile.am, man/fr/Makefile.am, man/it/Makefile.am, man/ja/Makefile.am, man/pl/Makefile.am, man/ru/Makefile.am, NEWS, autogen.sh:
+ install limits(5), login.access(5) and porttime(5) man pages only when
+ shadow is builded with PAM support disabled.
+
+ * NEWS: cleanups.
+
+ * autogen.sh:
+ by default in development enviroment use CFLAGS="-O2 -Wall".
+
+ * src/chgpasswd.c (main): remove two unused variables (newgr and now).
+
+ * src/userdel.c (main): removed unused arg variable.
+
+ * libmisc/setupenv.c (setup_env):
+ move *cp varable to #ifndef PAM part (fixed compilation
+ warning about unused variable).
+
+ * lib/getdef.c: now GETPASS_ASTERISKS is SKEY #define dependent.
+
+ * configure.in, NEWS, lib/Attic/getpass.c, lib/pwauth.c:
+ by default do not use libshadow_getpass() as getpass() replacemement.
+ Use libshadow_getpass() only when S/KEY support is enabled.
+ Current glibc getpass() handles correctly longer than 8 characters
+ passwords and libshadow_getpass() is used only because libc getpass()
+ do not handles password prompting with echo enabled.
+
+ * src/sulogin.c: break long line.
+
+ * lib/pwauth.c:
+ added #include <unistd.h> and remove localy defined getpass() prototype.
+
+2006-05-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Makefile.am: removed dupplicated sulogin.8.xml from EXTRA_DIST.
+
+ * man/Attic/pw_auth.3.xml, man/Makefile.am: remove pw_auth(3) man page.
+
+ * NEWS, lib/getdef.c: move login.defs::MD5_CRYPT_ENAB to non-PAM part.
+
+ * po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/userdel.c, po/bs.po:
+ typo (s/removel/removal/)
+
+2006-05-11 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/userdel.8.xml:
+ updated (after add getopt_log() support for userdel).
+
+ * po/pl.po: updated.
+
+ * po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/userdel.c, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po:
+ userdel rewrited for use getopt_log().
+
+ * po/pl.po: cleanups.
+
+ * etc/pam.d/Makefile.am, etc/pam.d/chgpasswd: new file.
+
+2006-05-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/da.po:
+ updated (by Claus Hindsgaul <claus.hindsgaul@gmail.com>).
+
+2006-05-08 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/sv.po: updated (by Daniel Nylander <yeager@lidkoping.net>).
+
+ * NEWS, configure.in, etc/Makefile.am, etc/pam.d/Makefile.am:
+ install default/template configuration files:
+ - if shadow is configured with use PAM install /etc/pam.d/* files,
+ - if shadow do not uses PAM install /etc/{limits,login.acces} files,
+ - install /etc/login.defs and /etc/default/useradd files.
+
+ COMMENT: it is possible to extend this for install above files for specified
+ distribution. For example: if exist /etc/fedora-release install Fedora specyfic
+ default configuration files and this files can be distributed in dist tar ball.
+
+ * NEWS, po/gl.po: updated (by Jacobo Tarrio <jtarrio@trasno.net>).
+
+2006-05-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/fr.po:
+ updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+ * NEWS, lib/commonio.c:
+ fixed handle relative symlinks too in lib/commonio.c (merge patch from Fedora).
+
+ * NEWS, lib/nscd.c: properly notify nscd to flush its cache
+ (https://bugzilla.redhat.com/bugzilla/186803).
+
+ * NEWS, libmisc/copydir.c (copy_tree):
+ fixes for verify return values mkdir() and chown()
+ on copy files (merge 482_libmisc_copydir_check_return_values Debian patch).
+
+ * po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/chfn.c, src/chsh.c, src/grpck.c, src/login.c, src/pwck.c, src/useradd.c, src/usermod.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po:
+ use '%s' cytation instead `%s'.
+
+ * NEWS, src/su.c:
+ reverte http://bugs.debian.org/276419 (this is Debian specyfic).
+
+ * libmisc/setupenv.c, libmisc/sub.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/chfn.c:
+ use '%s' cytation instead \"%s\".
+
+ * po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, src/grpck.c:
+ typo.
+
+ * po/pl.po: updated.
+
+ * NEWS, libmisc/setupenv.c (setup_env):
+ export MAIL only when MAIL_CHECK_ENAB is enabled
+ (Mike Frysinger <vapier@gentoo.org>).
+
+ * po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, src/grpck.c, src/pwck.c:
+ warn when the members of a group differ in /etc/groups and /etc/gshadow
+ (fixed http://bugs.debian.org/75181).
+
+ * NEWS, src/su.c:
+ concatenate the non-su arguments and provide them to the shell with
+ the -c option (fixes for http://bugs.debian.org/317264 and
+ http://bugs.debian.org/276419).
+
+2006-05-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/passwd.1.xml:
+ better document how password strength is checked (fixed http://bugs.debian.org/115380).
+
+2006-04-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/usermod.8.xml:
+ added missing -a option description (by Christian Perrier <bubulle@debian.org>).
+
+2006-04-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/hu/chsh.1, man/hu/login.1, man/hu/newgrp.1:
+ fixed typos (by Koblinger Egmont <egmont@uhulinux.hu>).
+
+2006-04-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/LINGUAS, po/hu.po:
+ new hu translation (by SZERVÃC Attila <sas@321.hu>).
+
+2006-04-08 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/userdel.8.xml:
+ minior fixes for the note under the -f option (Mike Frysinger <vapier@gentoo.org>).
+
+2006-04-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/id.po: updatd (by Parlin Imanuel <pimanuel@gmail.com>).
+
+2006-04-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/su.c: indent code.
+
+ * NEWS, src/su.c:
+ fixed exit with a status 0 when the invoked command is terminated
+ by a signal which was not catched
+ (fixed by Eero Häkkinen <eero17@bigfoot.com>)
+
+ * README:
+ simple patch to fixup grammar and Gentoo distfile URL (by Mike Frysinger <vapier@gentoo.org>).
+
+2006-03-31 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/pw_auth.3.xml, man/chage.1.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newgrp.1.xml, man/newusers.8.xml, man/nologin.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/sg.1.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml:
+ removed <!DOCTYPE> tag (require strict DocBook XML V4.3//EN DTD isn't neccessary).
+
+ * NEWS, src/login.c:
+ cancel login timeout after authentication so that patient people
+ timing out on network directory services can log in with local
+ accounts (http://bugs.debian.org/107148).
+
+ * man/fr/login.defs.5, man/ja/login.defs.5, man/pl/useradd.8, man/ru/login.defs.5:
+ remove CREATE_HOME.
+
+ * NEWS, man/login.defs.5.xml:
+ CREATE_HOME is not supported by useradd (patch by Mike Frysinger <vapier@gentoo.org>).
+
+2006-03-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/nl.po:
+ s/wachtwoord is mes succes aangepast/wachtwoord is met succes aangepast/
+ (typo reported by Wim De Smet <wdesmet@yucom.be>).
+
+2006-03-26 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/passwd.c:
+ removed GPASSWD_PROGRAM, CHFN_PROGRAM CHFN_PROGRAM #defines (not used now).
+
+ * NEWS, man/Makefile.am, man/chgpasswd.8.xml:
+ chgpasswd(8): new man page.
+
+2006-03-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/vigr.8, man/Attic/vipw.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/getspnam.3, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/grpconv.8, man/Attic/grpunconv.8, man/Attic/gshadow.5, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/nologin.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Attic/sg.1, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8:
+ remove english roff man pages from repo.
+
+2006-03-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/chgpasswd.c:
+ fixes for build correctly with --disable-shadowgrp
+ (patch by Johannes Winkelmann <jw@tks6.net>)
+
+2006-03-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/chage.1: fixed typo.
+
+2006-03-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/it.po:
+ updated for 4.0.15 (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+2006-03-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/nb.po:
+ updated for 4.0.15 (by Bjørn Steensrud <bjornst@powertech.no>).
+
+ * po/pt.po:
+ updated for 4.0.15 (by Miguel Figueiredo <mfigueiredo@gmail.com>).
+
+ * man/Makefile.am, NEWS, configure.in:
+ do not install translated man pages if shadow is configured with --disable-nls
+ (based patch submited by Mike Frysinger <vapier@gentoo.org>).
+
+ * NEWS, po/pt_BR.po:
+ updated for 4.0.15 (by Andre Luis Lopes <andrelop@debian.org>).
+
+ * po/fr.po:
+ updated for 4.0.15 (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+2006-03-11 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in, lib/pwauth.c:
+ added fixes for detect BSD's S/Key with updated the skeychallenge() function
+ for take a fourth argument in case BSD version
+ (patch submited by Mike Frysinger <vapier@gentoo.org>)
+
+ * README: added paragragraph about S/Key support.
+
+ * po/sk.po: updated for 4.0.15 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+ * NEWS: newgrp: do not link with libselinux.
+
+ * NEWS, po/zh_CN.po:
+ updated for 4.0.15 (by Carlos Z.F. Liu <carlosliu@users.sourceforge.net>).
+
+ * po/ru.po: updated for 4.0.15 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+ * src/Makefile.am:
+ removed $(LIBSELINUX) from newgrp_LDADD (newgrp does not need to be linked
+ with SELinux libraries).
+
+ * man/ru/Attic/pw_auth.3, man/ru/chsh.1, man/ru/expiry.1, man/ru/faillog.5, man/ru/faillog.8, man/ru/gpasswd.1, man/ru/groupadd.8, man/ru/groupdel.8, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/groups.1, man/ru/grpck.8, man/ru/gshadow.5, man/ru/id.1, man/ru/lastlog.8, man/ru/limits.5, man/ru/login.1, man/ru/login.access.5, man/ru/login.defs.5, man/ru/logoutd.8, man/ru/newgrp.1, man/ru/newusers.8, man/ru/nologin.8, man/ru/passwd.1, man/ru/passwd.5, man/ru/porttime.5, man/ru/pwck.8, man/ru/pwconv.8, man/ru/sg.1, man/ru/shadow.3, man/ru/shadow.5, man/ru/su.1, man/ru/suauth.5, man/ru/sulogin.8, man/ru/useradd.8, man/ru/userdel.8, man/ru/usermod.8, man/ru/vipw.8, NEWS, man/ru/Makefile.am, man/ru/chage.1, man/ru/chfn.1, man/ru/chpasswd.8:
+ ru man pages: added new nologin(8) and updated all other man pages
+ (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2006-03-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/nl.po:
+ updated for 4.0.15 (by cobaco (aka Bart Cornelis) <cobaco@linux.be>).
+
+ * po/vi.po:
+ updated for 4.0.15 (by Clytie Siddall <clytie@riverland.net.au>).
+
+ * po/sv.po:
+ updated for 4.0.15 (by Daniel Nylander <po@danielnylander.se>).
+
+2006-03-08 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/eu.po: updated for 4.0.15 (by pi <pi@beobide.net>).
+
+ * po/ro.po: cleanups.
+
+ * NEWS, po/tl.po:
+ updated for 4.0.15 (by Eric Pareja <xenos@upm.edu.ph>).
+
+ * po/ro.po: updated for 4.0.15 (by Sorin B. <sorin@bonbon.net>).
+
+ * NEWS, po/es.po:
+ updated for 4.0.15 (by Ruben Porras <nahoo82@gmail.com>).
+
+2006-03-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/da.po:
+ updated for 4.0.15 (by Claus Hindsgaul <claus.hindsgaul@gmail.com>).
+
+ * NEWS, man/fi/chsh.1, man/fi/su.1:
+ update fi chsh(1), su(1) man pages generated from XML files
+ (Tommi Vainikainen <thv+debian@iki.fi>).
+
+ * NEWS, po/fi.po:
+ updated for 4.0.15 (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+ * NEWS, po/cs.po:
+ updated for 4.0.15 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+ * NEWS, man/cs/Makefile.am, man/cs/expiry.1, man/cs/faillog.5, man/cs/faillog.8, man/cs/gpasswd.1, man/cs/groupadd.8, man/cs/groupdel.8, man/cs/logoutd.8, man/cs/nologin.8, man/cs/vipw.8:
+ added new cs man pages: expiry(1), faillog(5), faillog(8), gpasswd(1),
+ groupadd(8), groupdel(8), logoutd(8), nologin(8), vipw(8).
+
+ * NEWS: typo.
+
+ * src/useradd.c, NEWS, lib/getdef.h, man/Attic/login.defs.5, man/login.defs.5.xml, src/login.c, src/newusers.c:
+ default UMASK if not specified in login.defs is 022.
+
+2006-03-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po: updated for 4.0.15.
+
+ * NEWS, po/gl.po:
+ updated for 4.0.15 (by Jacobo Tarrio <jtarrio@trasno.net>).
+
+ * NEWS, configure.in: schedule release 4.0.15 to 13-03-2006.
+
+2006-03-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: typo (s/onas Meurer/Jonas Meurer/)
+
+ * src/.cvsignore: added chgpasswd.
+
+ * po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/Makefile.am, src/chgpasswd.c, NEWS, po/POTFILES.in, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po:
+ chgpasswd: new tool (by Jonas Meurer <mejo@debian.org>).
+
+ * src/lastlog.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+ s/Unexpected/unexpected/
+
+ * po/fr.po, po/gl.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/lastlog.c, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po:
+ print the usage and exit if an additional argument is profided to
+ lastlog (merge 488_laslog_verify_arguments Debian patch).
+
+2006-03-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/chpasswd.8, man/chpasswd.8.xml:
+ fixed CAVEATS section (by Justin Pryzby <justinpryzby@users.sourceforge.net>)
+
+2006-02-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/passwd.1, man/passwd.1.xml:
+ fixed SYNOPSIS section (http://bugs.debian.org/352136).
+
+2006-02-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ro.po: updated (by Sorin Batariuc <sorin@bonbon.net>).
+
+2006-02-21 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, lib/Makefile.am, src/Makefile.am:
+ login, nologin, su: do not link with libselinux
+ (merge 490_link_selinux_only_when_needed Debian patch).
+
+ * NEWS, src/chage.c, src/chfn.c, src/chsh.c, src/passwd.c:
+ fixed confusing error message if /proc is not mounted
+ (http://bugs.debian.org/352494
+ patch Nicolas François <nicolas.francois@centraliens.net>)
+
+ * po/ro.po:
+ updated (commited http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=347755).
+
+ * NEWS, po/ca.po: updated (by Jordi Mallach <jordi@debian.org>).
+
+2006-02-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/gpasswd.1.xml, man/passwd.1.xml, man/passwd.5.xml, man/pwck.8.xml, man/sg.1.xml, man/useradd.8.xml:
+ cleanups.
+
+ * po/gl.po: updated (Jacobo Tarrio <jtarrio@trasno.net>).
+
+ * NEWS, po/pt.po:
+ updated (by Miguel Figueiredo <mfigueiredo@gmail.com>).
+
+2006-02-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/it.po:
+ update (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+ * po/vi.po: update (by Clytie Siddall <clytie@riverland.net.au>).
+
+ * po/sv.po: updated (by Daniel Nylander <yeager@lidkoping.net>).
+
+2006-02-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fr.po: updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+ run "make update-po".
+
+ * po/pl.po: updated.
+
+ * po/sk.po: updated (by Peter Mann <Peter.Mann@tuke.sk>).
+
+ * po/eu.po: update (by ^pi^ <pi@beobide.net>).
+
+2006-02-08 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/login.c:
+ merge 433_login_more_LOG_UNKFAIL_ENAB Debian patch:
+ - TOO MANY LOGIN... logged if PAM_MAXTRIES or failcount >= retries
+ (was onl test PAM_MAXTRIES),
+ - print to stderr (in addition to syslog) in case of maximum number of
+ tries exceeded,
+ - always prints the number of tries in the syslog entry.
+ - add special handling for PAM_ABORT
+ - add an entry to failog, as when USE_PAM is not defined. (#53164)
+ - changed pam_end to PAM_END. This is certainly was a mistake.
+ PAM_END is pam_close_seesion + pam_end. Here, the session is still not
+ open, we don't have to close it.
+ - a HAVE_PAM_FAIL_DELAY is missing
+
+ * po/ro.po: kill one fuzzy.
+
+ * po/ro.po, NEWS: updated (by Sorin B. <sorin@bonbon.net>).
+
+ * src/gpasswd.c: s/die/catch_signals/
+
+ * src/expiry.c, src/sulogin.c: s/catch/catch_signals/
+
+ * src/su.c: /su_catch_sig/chatch_signals/
+
+2006-02-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/id.c, src/groups.c, libmisc/getdate.y: lint code using CC=g++.
+
+ * NEWS, src/su.c:
+ fixed pam session support (patch from Topi Miettinen; fixed #57526, #55873,
+ #57532 Debian bugs).
+
+ * NEWS:
+ fixed pam session support (patch from Topi Miettinen; fixed #57526,
+ #55873, #57532 Debian bugs).
+
+ * NEWS, src/userdel.c:
+ user's group is already removed by update_groups(). remove_group()
+ is not needed (bug introduced in 4.0.14 on merge FC fixes). Fixed by Nicolas
+ François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/useradd.c: allways remove group and gshadow databases lock,
+ Fixed by Nicolas François <nicolas.francois@centraliens.net>
+ (http://bugs.debian.org/348250)
+
+ * NEWS, src/userdel.c: fixed excess audit_logger() argument.
+
+ * NEWS, lib/prototypes.h:
+ corrected prototypes in lib/prototypes.h (thre is no audit_help_log(); added
+ audit_logger() prototype).
+
+ * src/login.c: fixed missing ";" in declaration.
+
+ * man/Attic/limits.5, man/limits.5.xml:
+ fixed example limits string (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2006-02-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/chage.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po:
+ added missing \n on display password status if password must be chaged.
+
+2006-02-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/useradd.c, NEWS:
+ fixed allow non-unique UID (http://bugs.debian.org/351281).
+
+2006-02-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/cs.po: updated (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+2006-01-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/vi.po:
+ updated (by Clytie Siddall <clytie@riverland.net.au>).
+
+2006-01-26 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fr.po:
+ typo (fixed by Christian Perrier <bubulle@kheops.frmug.org>).
+
+ * po/sk.po: updated (by Peter Mann <Peter.Mann@tuke.sk>).
+
+2006-01-25 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/grpck.8, man/pl/login.defs.5, man/pl/passwd.1, man/pl/pwck.8, man/de/passwd.1, man/es/login.1, man/es/vipw.8, man/fi/passwd.1, man/hu/passwd.1, man/id/login.1, man/it/grpck.8, man/it/pwck.8, man/ja/grpck.8, man/ja/passwd.1, man/ja/pwck.8, man/ko/login.1, man/ko/su.1:
+ fixes some issues that cause warnings when the manpages are
+ displayed (by Nicolas François <nicolas.francois@centraliens.net>).
+
+2006-01-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/eu.po: updated (by pi <pi@beobide.net>).
+
+ * libmisc/addgrps.c, libmisc/xmalloc.c, src/groups.c:
+ fixes after linting code using CC=g++: cast {m,re}alloc() return value to
+ proper type.
+
+2006-01-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/chage.1, man/Attic/passwd.5, man/Attic/su.1, man/Attic/useradd.8, man/chage.1.xml, man/passwd.5.xml, man/su.1.xml, man/useradd.8.xml:
+ uniformity and grammar fixes (by Christine Spang <spangarang@twcny.rr.com>).
+
+ * NEWS, po/ru.po: updated (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2006-01-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fr.po, NEWS:
+ updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+2006-01-18 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, libmisc/setupenv.c, src/chage.c, src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/login.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/usermod.c, src/vipw.c:
+ variouse code cleanups for make possible compilation of shadow with
+ -Wall -Werror (by Alexander Gattin <xrgtn@yandex.ru>).
+
+ * libmisc/age.c, libmisc/shell.c, src/login.c, src/newgrp.c, src/su.c, src/sulogin.c, src/userdel.c, NEWS, lib/prototypes.h:
+ move exit() outside libmisc/shell.c::shell() for handle shell() errors
+ on higher level (now is better visable where some programs exit with 126 and
+ 127 exit codes); added new shell() parameter (char *const envp[]) which allow
+ fix preserving enviloment in su on using -p.
+ (patch by Alexander Gattin <xrgtn@yandex.ru>)
+
+ * NEWS, po/el.po:
+ updated (by Konstantinos Margaritis <markos@debian.org>).
+
+2006-01-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/exitcodes.h: new #defines:
+ #define E_CMD_NOEXEC 126 /* can't run command/shell */
+ #define E_CMD_NOTFOUND 127 /* can't find command/shell to run */
+
+2006-01-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/passwd.1, man/passwd.1.xml:
+ fixes after reviewed for grammatical and other small errors that detract from the
+ polish of the content to native English speakers.
+ I also went ahead and changed all gender references to be a consistent
+ "his/her" (or equivalent) - the original had a mix of just "his", just
+ "her", and occasionally "his/her".
+ (by Christine Spang <spangarang@twcny.rr.com>).
+
+ * po/it.po: updated (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+2006-01-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: updated.
+
+ * libmisc/shell.c: remove DEBUG code.
+
+ * po/LINGUAS, po/gl.po, NEWS:
+ added new gl translation (by Jacobo Tarrio <jtarrio@trasno.net>).
+
+2006-01-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/eu.po: small update (by pi <pi@beobide.net>).
+
+2006-01-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/su.c: fixed compilation error.
+
+2006-01-08 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/sv.po: updated (by Daniel Nylander <yeager@lidkoping.net>)
+ http://bugs.debian.org/346449
+
+2006-01-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/Attic/useradd.8, man/useradd.8.xml:
+ better document useradd -d option: will not add the user's home directory
+ if it does not already exist (http://bugs.debian.org/154996)
+
+ * man/Attic/su.1, man/su.1.xml, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, src/su.c:
+ added handle -c,--command option for GNU su compliance (merge
+ 437_su_-c_option Debian Patch).
+
+ * man/Attic/login.1, man/Attic/passwd.1, man/Attic/su.1, man/login.1.xml, man/passwd.1.xml, man/su.1.xml:
+ man pages cleanups.
+ (http://bugs.debian.org/341489)
+
+ * NEWS, man/Attic/nologin.8, man/Makefile.am, man/nologin.8.xml:
+ nologin(8) man pages added (merge 478_nologin.8.xml Debian patch).
+
+ * po/sk.po: updated (by Peter Mann <Peter.Mann@tuke.sk>)
+ http://bugs.debian.org/346376
+
+2006-01-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/id.po: updated (by Parlin Imanuel <parlin_i@yahoo.com>)
+ http://bugs.debian.org/345514
+
+ * NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/login.c:
+ added translate login prompt string (suggested by Evgeniy Dushistov).
+
+2006-01-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in: start work on 4.1.0.
+
+ * po/sv.po: updated (by Daniel Nylander <yeager@lidkoping.net>).
+ http://bugs.debian.org/346017
+
+2006-01-03 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: correct 4.0.14 release date (03-01-2006).
+
+ * src/Makefile.am: reverte install nologin in sbindir and use usbindir.
+
+ * po/POTFILES.in: removed src/chsh_chkshell.c.
+
+ * lib/prototypes.h: remove grdbm.c prototypes.
+
+ * lib/prototypes.h, src/Attic/chsh_chkshell.c, src/Makefile.am, src/chsh.c:
+ move check_shell() from src/chsh_chkshell.c to src/chsh.c.
+
+ * configure.in:
+ s/libpam_misc is missing/libpam_misc is missing for enable PAM support/
+
+2006-01-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * etc/pam.d/.cvsignore: added.
+
+ * src/su.c: indent code.
+
+ * src/su.c:
+ without it, $(su - user -c "echo \$SHELL") wont return the good value, but
+ $(su user -c "echo \$SHELL") will.
+ I think LOGNAME can also be set (this is done in setup_env, in the
+ fakelogin case).
+ (by Nicolas François <nicolas.francois@centraliens.net>)
+
+ * src/su.c:
+ simplifies how -p is handled (at least for its documentation).
+ (by Nicolas François <nicolas.francois@centraliens.net>)
+
+ * src/su.c: fixes "su - -- root" or "su - root -- -c" (it is needed if
+ the second patch is applied).
+ (by Nicolas François <nicolas.francois@centraliens.net>)
+
+ * src/su.c:
+ This second patch changes the way options are handled by getopt. Once a
+ non-su option is found, the getopt processing is stopped.
+ Whithout this patch, "su root -c ls" won't work (getopt will complain that
+ -c is not an su option).
+ (by Nicolas François <nicolas.francois@centraliens.net>).
+
+ * etc/pam.d/chage, etc/pam.d/chfn, etc/pam.d/chpasswd, etc/pam.d/chsh, etc/pam.d/groupadd, etc/pam.d/groupdel, etc/pam.d/groupmod, etc/pam.d/login, etc/pam.d/newusers, etc/pam.d/passwd, etc/pam.d/su, etc/pam.d/useradd, etc/pam.d/userdel, etc/pam.d/usermod:
+ prepare for use on Fedora Core.
+
+ * po/cs.po, po/pl.po: run "make update-po".
+
+ * src/Makefile.am: move nologin to sbindir.
+
+ * man/Attic/groupadd.8, man/groupadd.8.xml: s/gid/GID/
+
+ * man/Attic/lastlog.8, man/Attic/useradd.8, man/lastlog.8.xml, man/useradd.8.xml:
+ s/uid/UID/
+
+2005-12-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/tl.po: updated for 4.0.14 (by Eric Pareja <xenos@upm.edu.ph>).
+
+2005-12-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/ca.po:
+ updated for 4.0.14 (by Guillem Jover <guillem@debian.org>).
+
+2005-12-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/el.po:
+ updated for 4.0.14 (by Konstantinos Margaritis <markos@debian.org>).
+
+2005-12-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * doc/.cvsignore, etc/.cvsignore, lib/.cvsignore, po/.cvsignore, src/.cvsignore, .cvsignore, contrib/.cvsignore:
+ added a lot of generated files they are not listed in .cvsignore files
+ (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+ * src/su.c:
+ fixed some comments and replace getuid() by !amroot. This removes a system
+ call and may be more readable (Nicolas François <nicolas.francois@centraliens.net>).
+
+ * man/Attic/su.1, man/su.1.xml:
+ added forgoten the SHELL argument description (by Nicolas François <nicolas.francois@centraliens.net>).
+
+ * man/Attic/useradd.8, man/useradd.8.xml:
+ s/group/user/ (cached by Nicolas François).
+
+2005-12-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/ko/vigr.8: added.
+
+ * po/it.po:
+ updated for 4.0.14 (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+2005-12-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/pt.po:
+ updated for 4.0.14 (by Miguel Figueiredo <mfigueiredo@gmail.com>).
+
+ * src/useradd.c:
+ s/grp_update/grp_add/ in comment (by Nicolas François <nicolas.francois@centraliens.net>).
+
+ * man/Attic/login.1, man/login.1.xml:
+ added use <envar></envar> tags instead <emphasis></emphasis>.
+
+ * man/Attic/su.1, man/su.1.xml: added use <envar></envar>.
+
+ * man/Attic/su.1, man/su.1.xml:
+ updated man page after change su for use getopt_long()
+ (by Nicolas François <nicolas.francois@centraliens.net>)
+
+2005-12-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/fi.po:
+ updated for 4.0.14 (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+ * po/ru.po: updated for 4.0.14 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+ * man/ru/login.1, man/ru/passwd.1, man/ru/pwck.8, man/ru/vipw.8:
+ updated (by Yuri Kozlov <kozlov.y@gmail.com>_.
+
+ * doc/Attic/README.linux, doc/Makefile.am: removed.
+
+ * README, doc/Attic/README.linux:
+ move contributors list from doc/README.linux to README.
+
+ * doc/Attic/LSM, doc/Attic/README, doc/Makefile.am:
+ removed (outdated content).
+
+ * NEWS, po/cs.po:
+ updated cs.po for 4.0.14 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+ * po/pl.po: updated.
+
+ * po/fr.po:
+ kill one fuzzy (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+ * NEWS, po/da.po:
+ updated da.po for 4.0.14 (by Claus Hindsgaul <claus_h@image.dk>).
+
+ * po/eu.po: updated for 4.0.14 (by pi <pi@beobide.net>).
+
+ * NEWS, po/vi.po:
+ updated vi.po fo 4.0.14 (by Clytie Siddall <clytie@riverland.net.au>).
+
+2005-12-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: set release day for 4.0.14 to 19-12-2005.
+
+ * src/login.c:
+ removed #include "libaudit.h" (it is conditionaly included in "defines.h").
+
+ * src/su.c:
+ replaced "shell" by "shellstr". "shell" is also the name of a function.
+ (Nicolas François <nicolas.francois@centraliens.net>).
+
+ * src/vipw.c: - added missing break in case 'q'.
+
+ * NEWS, man/es/Makefile.am, man/es/vigr.8, man/es/vipw.8, man/hu/Makefile.am, man/hu/lastlog.8, man/ko/Makefile.am, man/ko/vipw.8, man/zh_CN/Makefile.am, man/zh_CN/su.1, man/zh_TW/Makefile.am, man/zh_TW/chpasswd.8, man/zh_TW/su.1:
+ added es, ko vigr(8) and vipw(8), hu lastlog(8), ko vipw(8), zh_CN su(1),
+ zh_TW chpasswd(8) and su(1),
+
+2005-12-11 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * doc/Attic/LICENSE, doc/Makefile.am, COPYING:
+ move doc/LICENSE to COPYING.
+
+ * doc/WISHLIST: remove some outdated/finished things.
+
+ * doc/Attic/README.nls, doc/Attic/README.pam, doc/Makefile.am: removed.
+
+2005-12-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+ run "make update-po" (merge changes in su messages).
+
+ * NEWS, src/su.c:
+ added handle -s/--shell, -m/-p/preserve-environment options like GNU su
+ (based on patches from Debian submited by
+ Nicolas François <nicolas.francois@centraliens.net>)
+
+ * NEWS: updated.
+
+ * src/su.c:
+ added handle -s/--shell option like in GNU su (based on Debian patch sublmited
+ by Nicolas François <nicolas.francois@centraliens.net>).
+
+ * src/su.c:
+ make -, -l , --login option as no_argument (based on fix by Nicolas François).
+
+ * po/it.po:
+ cosmetic fixes (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+2005-12-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/es/Makefile.am: s/patches/passwd/
+
+2005-12-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in, man/Makefile.am, man/tr/.cvsignore, man/tr/Makefile.am, man/tr/chage.1, man/tr/chfn.1, man/tr/groupadd.8, man/tr/groupdel.8, man/tr/groupmod.8, man/tr/login.1, man/tr/passwd.1, man/tr/passwd.5, man/tr/shadow.5, man/tr/su.1, man/tr/useradd.8, man/tr/userdel.8, man/tr/usermod.8:
+ added tr man pages.
+
+ * man/pt_BR/Makefile.am, man/pt_BR/passwd.5, man/zh_CN/Makefile.am, man/zh_CN/passwd.5, man/zh_TW/Makefile.am, man/zh_TW/passwd.5, NEWS, man/es/Makefile.am, man/es/passwd.5, man/hu/Makefile.am, man/hu/passwd.5:
+ added es, hu, pt_BR, zh_CN zh_TW translations passwd(5).
+
+ * man/Attic/id.1, man/Attic/pw_auth.3, man/Attic/sulogin.8:
+ regenerated.
+
+ * man/ko/Makefile.am: added su.1 to man_MANS.
+
+ * man/Makefile.am: reverte incorrect commit.
+
+ * man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/vipw.8, man/Makefile.am, man/fr/Makefile.am, man/fr/chage.1, man/fr/chfn.1, man/fr/chpasswd.8, man/fr/chsh.1, man/fr/expiry.1, man/fr/faillog.5, man/fr/faillog.8, man/fr/getspnam.3, man/fr/gpasswd.1, man/fr/groupadd.8, man/fr/groupdel.8, man/fr/groupmod.8, man/fr/groups.1, man/fr/grpck.8, man/fr/grpconv.8, man/fr/grpunconv.8, man/fr/gshadow.5, man/fr/lastlog.8, man/fr/limits.5, man/fr/login.1, man/fr/login.access.5, man/fr/login.defs.5, man/fr/logoutd.8, man/fr/newgrp.1, man/fr/newusers.8, man/fr/passwd.1, man/fr/passwd.5, man/fr/porttime.5, man/fr/pwck.8, man/fr/pwconv.8, man/fr/pwunconv.8, man/fr/sg.1, man/fr/shadow.3, man/fr/shadow.5, man/fr/su.1, man/fr/suauth.5, man/fr/useradd.8, man/fr/userdel.8, man/fr/usermod.8, man/fr/vigr.8, man/fr/vipw.8, NEWS:
+ added full set (up to date) fr man pages (by Nicolas François <nicolas.francois@centraliens.net>).
+
+2005-12-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ca.po, po/cs.po, po/da.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/it.po, po/nl.po, po/ro.po, po/sk.po, po/sv.po:
+ cleanups.
+
+ * src/groupadd.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+ s/--force /--force/
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/useradd.c:
+ s/--skel SKEL_DIR /--skel SKEL_DIR/
+
+ * po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/passwd.c, po/bs.po, po/ca.po, po/cs.po, po/da.po:
+ s/--delete /--delete/
+
+ * NEWS, po/ru.po:
+ updated ru translatios for 4.0.14 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+ * po/eu.po: finish update for 4.0.14 (by pi <pi@beobide.net>).
+
+ * po/it.po:
+ updated for 4.0.14 (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+2005-12-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fr.po: updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+ * NEWS, po/eu.po: Basque translation updated (by pi <pi@beobide.net>).
+
+ * po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/su.c, src/usermod.c, po/bs.po:
+ s/LOGIN/login/ in usage() output.
+
+2005-12-03 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/vipw.c, NEWS, man/Attic/vipw.8, man/vipw.8.xml, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po:
+ rewrited vipw for use getopt_long().
+
+ * man/Attic/passwd.1, man/passwd.1.xml: cleanups.
+
+ * man/ko/Makefile.am: commented newgrp.1 (must be updated).
+
+2005-12-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Makefile.am: update-po target added.
+
+ * man/Attic/pwck.8, man/pwck.8.xml: document -q option.
+
+ * NEWS, lib/getdef.c:
+ $MAIL_FILE is used in userdel and usermod, $MD5_CRYPT_ENAB
+ is used by crypt_make_salt, which is used by chpasswd, gpasswd and newusers.
+ Both variables moved to PAM not dependent (447_missing_login.defs_variables
+ Debian patch).
+
+ * NEWS, src/su.c:
+ export $USER and $SHELL as well as $HOME (http://bugs.debian.org/11003 and
+ http://bugs.debian.org/11189).
+
+ * NEWS, man/Attic/login.1, man/login.1.xml:
+ document how to initiate a trusted path on linux
+ (http://bugs.debian.org/305600).
+
+ * NEWS, src/chage.c:
+ fix chage display when the last change field is set to 0.
+ This is consistent with PAM (merge 427_chage_expiry_0 Debian patch).
+
+2005-12-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in: added man/fi/Makefile to AC_CONFIG_FILES().
+
+ * man/zh_TW/chfn.1, man/zh_TW/chsh.1, man/zh_TW/groupadd.8, man/zh_TW/groupdel.8, man/zh_TW/groupmod.8, man/zh_TW/newgrp.1, man/zh_TW/useradd.8, man/zh_TW/userdel.8, man/zh_TW/usermod.8, man/pt_BR/gpasswd.1, man/pt_BR/groupadd.8, man/pt_BR/groupdel.8, man/pt_BR/groupmod.8, man/pt_BR/shadow.5, man/ru/Attic/pw_auth.3, man/ru/chage.1, man/ru/chfn.1, man/ru/chpasswd.8, man/ru/chsh.1, man/ru/expiry.1, man/ru/faillog.5, man/ru/faillog.8, man/ru/gpasswd.1, man/ru/groupadd.8, man/ru/groupdel.8, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/groups.1, man/ru/grpck.8, man/ru/gshadow.5, man/ru/id.1, man/ru/lastlog.8, man/ru/limits.5, man/ru/login.1, man/ru/login.access.5, man/ru/login.defs.5, man/ru/logoutd.8, man/ru/newgrp.1, man/ru/newusers.8, man/ru/passwd.1, man/ru/passwd.5, man/ru/porttime.5, man/ru/pwck.8, man/ru/pwconv.8, man/ru/sg.1, man/ru/shadow.3, man/ru/shadow.5, man/ru/su.1, man/ru/suauth.5, man/ru/sulogin.8, man/ru/useradd.8, man/ru/userdel.8, man/ru/usermod.8, man/ru/vipw.8, man/zh_CN/chfn.1, man/zh_CN/chpasswd.8, man/zh_CN/chsh.1, man/zh_CN/groupadd.8, man/zh_CN/groupdel.8, man/zh_CN/groupmod.8, man/zh_CN/newgrp.1, man/zh_CN/useradd.8, man/zh_CN/userdel.8, man/zh_CN/usermod.8, man/ko/chfn.1, man/ko/chsh.1, man/ko/groups.1, man/ko/id.1, man/ko/login.1, man/ko/newgrp.1, man/ko/passwd.5, man/ko/su.1, man/pl/Attic/pw_auth.3, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/expiry.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/gpasswd.1, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmems.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/limits.5, man/pl/login.1, man/pl/login.access.5, man/pl/login.defs.5, man/pl/logoutd.8, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/passwd.5, man/pl/porttime.5, man/pl/pwck.8, man/pl/pwconv.8, man/pl/shadow.3, man/pl/shadow.5, man/pl/su.1, man/pl/suauth.5, man/pl/sulogin.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, man/pl/vipw.8, man/it/chage.1, man/it/chfn.1, man/it/chpasswd.8, man/it/chsh.1, man/it/expiry.1, man/it/faillog.5, man/it/faillog.8, man/it/gpasswd.1, man/it/groupadd.8, man/it/groupdel.8, man/it/groupmod.8, man/it/groups.1, man/it/grpck.8, man/it/id.1, man/it/lastlog.8, man/it/login.1, man/it/newgrp.1, man/it/newusers.8, man/it/passwd.1, man/it/passwd.5, man/it/porttime.5, man/it/pwck.8, man/it/pwconv.8, man/it/shadow.3, man/it/shadow.5, man/it/su.1, man/it/useradd.8, man/it/userdel.8, man/it/usermod.8, man/ja/Attic/pw_auth.3, man/ja/chage.1, man/ja/chfn.1, man/ja/chpasswd.8, man/ja/chsh.1, man/ja/expiry.1, man/ja/faillog.5, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/groups.1, man/ja/grpck.8, man/ja/id.1, man/ja/lastlog.8, man/ja/limits.5, man/ja/login.1, man/ja/login.access.5, man/ja/login.defs.5, man/ja/logoutd.8, man/ja/newgrp.1, man/ja/newusers.8, man/ja/passwd.1, man/ja/passwd.5, man/ja/porttime.5, man/ja/pwck.8, man/ja/pwconv.8, man/ja/shadow.3, man/ja/shadow.5, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/vipw.8, man/de/chfn.1, man/de/chsh.1, man/de/groups.1, man/de/login.1, man/de/newgrp.1, man/de/passwd.1, man/de/passwd.5, man/de/su.1, man/de/vipw.8, man/es/login.1, man/es/newgrp.1, man/es/passwd.1, man/es/su.1, man/fi/chfn.1, man/fi/chsh.1, man/fi/passwd.1, man/fr/chage.1, man/fr/chpasswd.8, man/fr/chsh.1, man/fr/faillog.5, man/fr/gpasswd.1, man/fr/groups.1, man/fr/id.1, man/fr/newgrp.1, man/fr/passwd.1, man/fr/passwd.5, man/fr/shadow.5, man/fr/su.1, man/fr/useradd.8, man/fr/userdel.8, man/fr/usermod.8, man/hu/chfn.1, man/hu/chsh.1, man/hu/gpasswd.1, man/hu/groups.1, man/hu/id.1, man/hu/login.1, man/hu/newgrp.1, man/hu/passwd.1, man/hu/su.1, NEWS, man/cs/groups.1, man/cs/id.1, man/cs/lastlog.8, man/cs/passwd.5, man/cs/shadow.5, man/cs/su.1:
+ convert all translated man pages to UFT-8.
+
+ * NEWS, src/userdel.c:
+ fix incorrect audit record in userdel (https://bugzilla.redhat.com/bugzilla/174392).
+
+ * po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, src/passwd.c:
+ s/--all /--all/
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+ update by some informations about translators (by Christian Perrier) and run "make update-po".
+
+2005-11-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/su.c:
+ if an password is expired, su should propose to change this password
+ (fixed http://bugs.debian.org/321384).
+
+ * src/Makefile.am, src/login.c, NEWS:
+ added auditing support (based on Fedora patch for login from util-linux).
+
+ * src/useradd.c: remove use rflg.
+
+ * man/ru/Makefile.am: typo.
+
+ * po/pl.po: partialy updated.
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+ run "make update-po".
+
+ * NEWS, src/useradd.c: merge PUG fixes from RedHat patch.
+
+2005-11-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/it.po:
+ updated (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+ * man/ru/pwconv.8, man/ru/pwunconv.8, man/ru/sg.1, man/ru/shadow.3, man/ru/shadow.5, man/ru/su.1, man/ru/suauth.5, man/ru/sulogin.8, man/ru/useradd.8, man/ru/userdel.8, man/ru/usermod.8, man/ru/vigr.8, man/ru/vipw.8, NEWS, man/ru/Attic/pw_auth.3, man/ru/Makefile.am, man/ru/chage.1, man/ru/chfn.1, man/ru/chpasswd.8, man/ru/chsh.1, man/ru/expiry.1, man/ru/faillog.5, man/ru/faillog.8, man/ru/getspnam.3, man/ru/gpasswd.1, man/ru/groupadd.8, man/ru/groupdel.8, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/groups.1, man/ru/grpck.8, man/ru/grpconv.8, man/ru/grpunconv.8, man/ru/gshadow.5, man/ru/id.1, man/ru/lastlog.8, man/ru/limits.5, man/ru/login.1, man/ru/login.access.5, man/ru/login.defs.5, man/ru/logoutd.8, man/ru/newgrp.1, man/ru/newusers.8, man/ru/passwd.1, man/ru/passwd.5, man/ru/porttime.5, man/ru/pwck.8:
+ added full set of ru man pages (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2005-11-25 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/Makefile.am, src/nologin.c: added nologin program.
+
+ * NEWS, src/su.c: rewrited for use getopt_long().
+
+2005-11-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/zh_CN.po: updated (by Ming Hua <minghua@rice.edu>).
+
+2005-11-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/usermod.8, man/usermod.8.xml:
+ rewrited for document long options.
+
+ * NEWS, src/vipw.c:
+ added a "quiet" mode (http://bugs.debian.org/190252.
+
+ * po/de.po:
+ fixed wrong translation in german po file (http://bugs.debian.org/338373
+ by Nico Golde <nico@ngolde.de>).
+
+ * NEWS, man/Makefile.am, man/fi/.cvsignore, man/fi/Makefile.am, man/fi/chfn.1, man/fi/chsh.1, man/fi/passwd.1, man/fi/su.1:
+ added fi chfn(1), chsh(1), passwd(1), su(1).
+
+ * NEWS, man/it/Makefile.am, man/it/newusers.8: added it newusers(8).
+
+ * NEWS, po/fr.po:
+ updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+2005-11-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/Makefile.am, src/newgrp.c:
+ added auditing support for newgrp (by Steve Grubb <sgrubb@redhat.com>).
+
+ * NEWS, configure.in, libmisc/audit_help.c:
+ switch over to a new logging function (by Steve Grubb <sgrubb@redhat.com>).
+
+ * README: typo.
+
+2005-11-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ru.po: updated (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2005-11-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in:
+ s/logdir/shadow_cv_logdir/ fix wrong var name (by Mike Frysinger <vapier@gentoo.org>).
+
+ * man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3.xml, man/Attic/pwck.8, man/Attic/sg.1, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/sg.1.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, README, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/newgrp.1, man/chage.1.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newgrp.1.xml:
+ move information about all shadow man pages authors from man pages to README file.
+
+ * src/userdel.c: added two new error messages to translated phrases.
+
+ * NEWS, src/userdel.c:
+ remove the user's group unless it is not really a user-private group
+ (based on FC patch).
+
+2005-11-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/usermod.c: fix long name options name in long_options[].
+
+2005-11-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/userdel.c: indent source code.
+
+ * NEWS, src/userdel.c:
+ make the userdel -f option force the removal of the user's group (even if it
+ is the primary group of another user)
+ (merge 453_userdel_-f_removes_group Debian patch),
+
+ * NEWS, man/Attic/login.1, man/login.1.xml:
+ better explain the respective roles of login, init and getty with regards
+ to the utmp file (merge 440_manpages-login.1 Debian patch).
+
+ * man/Attic/userdel.8, man/userdel.8.xml:
+ aphabetic order options description.
+
+ * NEWS, man/Attic/userdel.8, man/userdel.8.xml:
+ document the -f option; document the group removal behavior (merge
+ 455_userdel.8.xml Debian patch).
+
+ * NEWS, man/Attic/groupadd.8, man/Attic/useradd.8, man/groupadd.8.xml, man/useradd.8.xml:
+ document that useradd/groupadd refuse adding entries already in an
+ external database (http://bugs.debian.org/282184).
+
+ * NEWS, libmisc/sulog.c:
+ log in successful/failed su through syslog (http://bugs.debian.org/190215).
+
+ * NEWS, man/it/groupdel.8, man/it/passwd.1, man/it/pwconv.8, man/it/useradd.8, man/it/userdel.8, man/it/usermod.8:
+ updated it groupdel(8), passwd(1), pwconv(8), useradd(8), userdel(8), usermod(8) man pages
+ (merge 205_it-manpages Debian patch).
+
+ * man/pt_BR/gpasswd.1: merge 204_pt_BR-manpages Debian patch.
+
+2005-10-31 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/porttime.5, man/Attic/pwck.8, man/Attic/shadow.3, man/porttime.5.xml, man/pwck.8.xml:
+ improvements by Yuri Kozlov <kozlov.y@gmail.com>.
+
+ * NEWS, po/tl.po: updated (by Eric Pareja <xenos@upm.edu.ph>).
+
+ * po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/su.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po:
+ remove "." from su message.
+
+ * po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po:
+ "make update-po".
+
+ * src/usermod.c: cleanups in usage() output.
+
+ * src/usermod.c: indent code.
+
+ * NEWS, src/usermod.c:
+ rewrited for use getopt_long() (Christian Perrier <bubulle@kheops.frmug.org>).
+
+2005-10-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/uk.po: updated (by Eugeniy Meshcheryakov <eugen@univ.kiev.ua>).
+
+2005-10-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/faillog.5, man/Attic/groupmems.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/chpasswd.8.xml, man/groupmems.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/Attic/chpasswd.8:
+ bunch of cleanups (Yuri Kozlov <kozlov.y@gmail.com>).
+
+2005-10-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/userdel.c, src/usermod.c, lib/pam_defs.h, libmisc/pam_pass.c, libmisc/pwdcheck.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/login.c, src/newusers.c, src/su.c, src/useradd.c:
+ Simplifications: move all per shadow tool declared struct pam_conv conv
+ from src/*c to lib/pam_defs.h. #include "pam_defs.h" instead <security/pam_appl.h>
+ and <security/pam_misc.h>.
+ Patch partialy based on openpam fixes by Rob Holland <rob@inversepath.com>.
+
+ * NEWS, lib/commonio.c:
+ fixed grpck segmentation fault on using -s when /etc/gshadow is empty (fix by
+ Tomasz Lemiech <szpajder@staszic.waw.pl>).
+
+2005-10-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/faillog.5, man/faillog.5.xml:
+ typos (by A Costa <agcosta@gis.net>).
+
+2005-10-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/chage.1, man/Attic/chpasswd.8, man/chage.1.xml, man/chpasswd.8.xml:
+ typos (by A Costa <agcosta@gis.net>).
+
+ * NEWS, po/sv.po: updated (by Daniel Nylander <yeager@lidkoping.net>).
+
+2005-10-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/de/newgrp.1, man/es/Makefile.am, man/es/newgrp.1, man/zh_CN/Makefile.am, man/zh_CN/newgrp.1, man/zh_TW/Makefile.am, man/zh_TW/newgrp.1, NEWS, man/de/Makefile.am:
+ newgrp(1): added de, es, zh_CN, zh_TW translations.
+
+2005-10-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/gpasswd.1, man/gpasswd.1.xml:
+ move "Notes about group passwords" section from passwd man page.
+
+ * src/passwd.c, NEWS, man/Attic/passwd.1, man/passwd.1.xml:
+ remove handle -f, -g and -s options in passwd.
+
+ * man/userdel.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/logoutd.8.xml, man/newgrp.1.xml, man/newusers.8.xml, man/pwconv.8.xml, man/sg.1.xml:
+ use locase in <refentrytitle>.
+
+ * man/Attic/pw_auth.3, man/Attic/pw_auth.3.xml, man/Attic/shadow.3, man/shadow.3.xml:
+ added refmiscinfo class="sectdesc">Library Calls</refmiscinfo> in <refmeta>.
+
+ * man/Attic/pwconv.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8, man/newusers.8.xml, man/pwconv.8.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml, man/Attic/chpasswd.8, man/Attic/faillog.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/grpck.8, man/Attic/lastlog.8, man/Attic/logoutd.8, man/Attic/newusers.8, man/chpasswd.8.xml, man/faillog.8.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/grpck.8.xml, man/lastlog.8.xml, man/logoutd.8.xml:
+ added <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ in <refmeta>.
+
+ * man/Attic/login.defs.5, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/shadow.5, man/Attic/suauth.5, man/login.defs.5.xml, man/passwd.5.xml, man/porttime.5.xml, man/shadow.5.xml, man/suauth.5.xml, man/Attic/login.access.5, man/limits.5.xml, man/login.access.5.xml, man/Attic/faillog.5, man/Attic/gshadow.5, man/Attic/limits.5, man/faillog.5.xml, man/gshadow.5.xml:
+ added <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+ in <refmeta>.
+
+ * man/Attic/pwconv.8, man/Attic/suauth.5, man/Attic/vipw.8, man/pwconv.8.xml, man/suauth.5.xml, man/vipw.8.xml:
+ remove <refentryinfo><date></date></refentryinfo> and <refmiscinfo class='date'> tags.
+
+ * man/Attic/newgrp.1, man/Attic/sg.1, man/newgrp.1.xml, man/sg.1.xml:
+ added <refmiscinfo class="sectdesc">User Commands</refmiscinfo> tag.
+
+2005-10-11 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in: start work on 4.0.14.
+
+2005-10-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: move release 4.0.13 date to 10-10-2005.
+
+ * NEWS: added infor about removed duplicated pam_start() in chage.
+
+ * NEWS: updated.
+
+ * man/Makefile.am: added sg.1.xml to man_XMANS.
+
+ * man/Attic/chage.1, man/chage.1.xml:
+ cleanups (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+ * man/Attic/newgrp.1, man/newgrp.1.xml:
+ use <filename> in few more places.
+
+ * man/Attic/newgrp.1, man/newgrp.1.xml:
+ better newgrp description (http://bugs.debian.org/325558).
+
+2005-10-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/chpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c, src/usermod.c:
+ remove using pam_chauthtok().
+
+ * src/chsh.c: finish PAM support using pam_start() & co.
+
+ * src/chage.c: remove using pam_chauthtok() on finish chage.
+
+ * src/chfn.c:
+ use E_NOPERM in more places. remove using pam_chauthtok() on finish chfn.
+
+ * src/chfn.c: cleanups.
+
+ * src/chage.c:
+ removed duplicaded not moved PAM code) was introduced during merge
+ shadow-4.0.4.1-owl-pam-auth.diff patch).
+
+ * src/chfn.c: finish PAM support.
+
+2005-10-03 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/chfn.1, man/Attic/chsh.1, man/chfn.1.xml, man/chsh.1.xml:
+ cleanups (by Alexander Gattin <xrgtn@yandex.ru>).
+
+2005-10-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/userdel.c:
+ userdel should not remove the group which is primary for someone else (fix
+ by Nicolas François <nicolas.francois@centraliens.net> http://bugs.debian.org/295416)
+
+2005-10-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/vipw.8.xml, man/Attic/chage.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/faillog.8, man/Attic/grpck.8, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/passwd.1, man/Attic/porttime.5, man/Attic/pw_auth.3.xml, man/Attic/shadow.3, man/Attic/su.1, man/Attic/suauth.5, man/chage.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/faillog.8.xml, man/groupmems.8.xml, man/grpck.8.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/passwd.1.xml, man/porttime.5.xml, man/shadow.3.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml:
+ s/<emphasis remap='B'>/<emphasis>/
+
+ * man/Attic/sg.1, man/sg.1.xml: use <command> instead <emphasis>.
+
+ * man/newgrp.1.xml, man/sg.1.xml, man/chage.1.xml, man/chsh.1.xml, man/login.defs.5.xml:
+ s/\. /\. /
+
+ * man/Attic/shadow.5, man/shadow.5.xml:
+ better document "!" and "*" fields in /etc/shadow
+ (based on 441_manpages-shadow.5 patch from Debian).
+
+ * man/Attic/newgrp.1, man/newgrp.1.xml:
+ SHADOWPWD was removed (always enabled)
+ (based on 446_newgrp.1_no_SHADOWPWD patch from Debian).
+
+ * po/ru.po: updated for 4.0.13 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2005-09-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: cleanups.
+
+ * man/Attic/vipw.8, man/vipw.8.xml, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pw_auth.3.xml, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/chage.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newgrp.1.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml:
+ next round of cleanups.
+
+ * man/Makefile.am: added rules for id.1, pw_auth.3 and sulogin.8.
+
+ * libmisc/setupenv.c:
+ during the changes on libmisc/setupenv.c, a piece of code was moved
+ without its comment (merge 449_comment_missplaced Debian patch).
+
+2005-09-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/chfn.1, man/Attic/chsh.1, man/Attic/groupadd.8, man/Attic/newusers.8, man/Attic/pwconv.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/chfn.1.xml, man/chsh.1.xml, man/groupadd.8.xml, man/newusers.8.xml, man/pwconv.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, NEWS:
+ added missing references to /etc/login.defs and login.defs(5)
+ (Christian Perrier <bubulle@kheops.frmug.org>).
+
+2005-09-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: s/XSL/XSLT/
+
+ * po/pl.po: few updates.
+
+ * man/Attic/passwd.1, man/passwd.1.xml:
+ -i option description is back (lost on rewrite and pointed by
+ Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+ * po/cs.po:
+ updated for 4.0.13 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+2005-09-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: updated.
+
+ * configure.in: fixes for correct handle --with{,out}-<feature>.
+
+ * configure.in:
+ use @<:@ @:>@ instead ( ) inside AC_HELP_STRING() and s/feactures/features/
+ (based on fixes by Mike Frysinger <vapier@gentoo.org>).
+
+ * po/da.po: updated for 4.0.13 (by Claus Hindsgaul <claus_h@image.dk>).
+
+ * po/es.po: updated for 4.0.13 (by Ruben Porras <nahoo@inicia.es>).
+
+2005-09-26 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, libmisc/failure.c:
+ use "%c" in strftime() output (based on patch from
+ http://bugs.debian.org/89902 by Christian Perrier <bubulle@debian.org>)
+
+ * man/Attic/getspnam.3, man/Attic/shadow.3, man/shadow.3.xml:
+ added <refname>getspnam</refname> to <refnamediv>.
+
+ * man/Attic/sg.1, man/sg.1.xml: fixed <cmdsynopsis>.
+
+ * man/Attic/sg.1, man/Makefile.am, man/sg.1.xml:
+ added separated sg(1) man page.
+
+2005-09-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/commonio.c, NEWS:
+ don't assume selinux is enabled if is_selinux_enabled() returns -1
+ (merge isSelinuxEnabled FC patch by Jeremy Katz <katzj@redhat.com>).
+
+ * po/ro.po: updated (by Sorin Batariuc <sorin@bonbon.net>).
+
+2005-09-21 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: schedule release 4.0.13 to 03-10-2005.
+
+2005-09-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8:
+ regenerate all roff man pages using DocBook XSL Stylesheets 1.69.1.
+
+ * man/logoutd.8.xml: fixed id inside <refentry>.
+
+ * man/login.1.xml, man/logoutd.8.xml, man/newgrp.1.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/chage.1.xml, man/chfn.1.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml:
+ added missing <para></para> inside <listitem> tags for pass correctly xmllint.
+
+ * man/Attic/login.access.5, man/login.access.5.xml:
+ rewrited FILES section.
+
+ * man/login.access.5.xml: cleanups.
+
+2005-09-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/Attic/passwd.5, man/passwd.5.xml:
+ rewrited based on work by Greg Wooledge <greg@wooledge.org>
+ http://bugs.debian.org/328113
+
+2005-09-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ro.po: updates (by Sorin Batariuc <sorin@bonbon.net>).
+
+2005-09-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/grpck.c, src/id.c, src/login.c, src/login_nopam.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/suauth.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c:
+ remove empty lines after comment.
+
+ * src/useradd.c: group all #include.
+
+ * po/fr.po:
+ updated (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+2005-09-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/gpasswd.c: remove exit(1) after failure().
+
+ * src/usermod.c: consolidate few #ifdef WITH_AUDIT .. #endif sections.
+
+2005-09-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/Makefile.am: added missing $(LDADD) in gpasswd_LDADD.
+
+ * NEWS, libmisc/limits.c:
+ fixed setup max address space limits (added missing break statement in case)
+ spoted by Lasse Collin <lasse.collin@tukaani.org>
+ (fix for non-PAM case)
+
+ * configure.in: try find and use by default feactures:
+ with_audit="yes"
+ with_libcrack="no"
+ with_libpam="yes"
+ with_libskey="no"
+ with_selinux="yes"
+ Report on finish also S/Key and CrackLib support.
+
+ * configure.in: cleanups.
+
+ * src/Makefile.am: sort *_LDADD.
+
+ * src/Makefile.am: added missing gpasswd_LDADD = $(LIBAUDIT).
+
+ * src/groupadd.c, src/groupdel.c, src/groupmod.c, src/useradd.c, src/userdel.c, src/usermod.c, lib/defines.h, lib/prototypes.h, src/chage.c, src/gpasswd.c:
+ indent code.
+
+ * libmisc/Makefile.am: sort libmisc_a_SOURCES elements.
+
+ * libmisc/audit_help.c: added shadow copyright text and indent file.
+
+ * libmisc/audit_help.c:
+ patr of auditing support not added on commiting audit changes.
+
+ * src/Makefile.am: s/AUDIT/LIBAUDIT/
+
+ * configure.in: added reporting on finish is auditing is enabled.
+ Change to use shared libaudit. Aded missing AC_SUBST(LIBAUDIT).
+ Break some to log lines.
+
+ * src/Makefile.am, src/chage.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/useradd.c, src/userdel.c, src/usermod.c, NEWS, configure.in, lib/defines.h, lib/prototypes.h, libmisc/Makefile.am:
+ auditing support added. Patch prepared by Peter Vrabec
+ <pvrabec@redhat.com> basing on work by Steve Grubb from
+ http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159215 Now auditing
+ support have commands: chage, gpasswd, groupadd, groupdel, groupmod,
+ useradd, userdel, usermod.
+
+ * po/pt.po: finish update (by Christian Perrier <bubulle@debian.org>).
+
+2005-09-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pt.po, NEWS: updated (by Miguel Figueiredo <elmig@debianpt.org>).
+
+2005-09-03 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/passwd.c:
+ fix warning (initialization makes pointer from integer without a cast) in
+ long_options[] entry.
+
+ * po/fr.po, NEWS:
+ partialy updated (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+2005-09-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/chage.c: indent source sode.
+
+ * src/chage.c, src/chfn.c, src/chsh.c, src/passwd.c, NEWS:
+ change to use new selinux API for selinux_check_passwd_access()
+ (patch from Fedora by Dan Walsh <dwalsh@redhat.com>).
+
+2005-09-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/newgrp.1, man/newgrp.1.xml: finished rewrite.
+
+ * etc/login.defs: moved from login.defs.linux.
+
+ * src/login_nopam.c: use #ident.
+
+ * etc/Attic/login.defs.hurd, etc/Attic/login.defs.linux, etc/Makefile.am:
+ remove login.defs.hurd and login.defs.linux.
+
+ * src/groupadd.c, src/useradd.c:
+ as same as in man pages to useradd and groupadd change to 1000 default
+ GID_MIN and UID_MIN (if not found in login.defs).
+
+ * etc/login.defs: s/chkpasswd/chpasswd/
+
+2005-08-31 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Makefile.am, man/chsh.1.xml, man/limits.5.xml, man/login.access.5.xml, man/newgrp.1.xml, man/newusers.8.xml:
+ fixed id= in <refentry>.
+
+ * man/Attic/gpasswd.1, man/gpasswd.1.xml:
+ fixed refentry id (must be 'gpasswd.1').
+
+ * man/Makefile.am, man/newgrp.1.xml:
+ raw version converted from roff using doclifter.
+
+ * lib/exitcodes.h: new exit codes:
+ #define E_PASSWD_NOTFOUND 14 /* not found password file */
+ #define E_GROUP_NOTFOUND 16 /* not found group file */
+ #define E_GSHADOW_NOTFOUND 17 /* not found shadow group file */
+
+ * man/Attic/chage.1, man/chage.1.xml, lib/exitcodes.h:
+ change to 15 (from 14) exit code in chage when shadow not found.
+
+ * src/Attic/chsh_chkshell.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/login_nopam.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c, libmisc/pwd_init.c, libmisc/pwdcheck.c, libmisc/rlogin.c, libmisc/salt.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/strtoday.c, libmisc/sub.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/tz.c, libmisc/ulimit.c, libmisc/utmp.c, libmisc/valid.c, libmisc/xmalloc.c, libmisc/addgrps.c, libmisc/age.c, libmisc/basename.c, libmisc/chkname.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, libmisc/copydir.c, libmisc/entry.c, libmisc/env.c, libmisc/failure.c, libmisc/fields.c, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/list.c, libmisc/log.c, libmisc/loginprompt.c, libmisc/mail.c, libmisc/motd.c, libmisc/myname.c, libmisc/obscure.c, libmisc/pam_pass.c, libmisc/pwd2spwd.c, NEWS, lib/Attic/getpass.c, lib/Attic/rcsid.h, lib/Makefile.am, lib/commonio.c, lib/encrypt.c, lib/fputsx.c, lib/getdef.c, lib/groupio.c, lib/gshadow.c, lib/lockpw.c, lib/port.c, lib/pwauth.c, lib/pwio.c, lib/sgetgrent.c, lib/sgetpwent.c, lib/sgetspent.c, lib/sgroupio.c, lib/shadow.c, lib/shadowio.c:
+ use #ident preprocesor directive istead RCID macro with content similar
+ to example described in ident(1) man page (modern compilers like latest GCC
+ removes not used functions by global optimization).
+ So "ident /usr/bin/passwd" will show again some useable informations.
+
+ * man/Makefile.am: added support for regenerate roff files from XML.
+ Added depeing shadow-man-pages.pot on $(man_XMANS).
+
+2005-08-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/login.1, man/login.1.xml, NEWS:
+ added securetty(5) to SEE ALSO section (fixed Debian bug http://bugs.debian.org/325773).
+
+ * po/pl.po: more updates.
+
+ * configure.in:
+ typo in handle --with-selinux. Fixes in xsltproc detection.
+
+ * autogen.sh:
+ added --enable-man and --enable-maintainer-mode to configure options.
+
+ * man/Attic/chage.1, man/chage.1.xml, NEWS:
+ added EXIT VALUES section (by Nicolas François <nicolas.francois@centraliens.net>).
+
+ * man/Attic/passwd.1, man/passwd.1.xml:
+ remove "Password expiry information" section (all options are described now
+ in OPTIONS section). Describe -a and -k options.
+
+ * NEWS, src/su.c:
+ fixed twice copy enviroment which causes auth problems (bug was introduced in 4.0.12;
+ fix by Nicolas François <nicolas.francois@centraliens.net>).
+
+ * src/passwd.c, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po:
+ s/Incorrect password for `%s'/Incorrect password for %s/ (one phrase for translate less).
+
+ * src/login.c, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po:
+ s/login: failure forking: %s/%s: failure forking: %s/ (one phrase for translate less).
+
+ * po/pl.po: partialy updated.
+
+2005-08-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/exitcodes.h, src/chage.c:
+ s/E_NOT_SHADOWED/E_SHADOW_NOTFOUND/ and change value of this exit code to 14.
+
+ * NEWS, lib/exitcodes.h, src/chage.c:
+ differentiate the different failure causes by the exit value
+ This will permit to adduser Debian script to detect if chage failed because the
+ system doesn't have shadowed passwords (fix for http://bugs.debian.org/317012)
+ Plain merge 443_chage_exit_values Debian patch.
+
+ * man/Attic/pw_auth.3.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml, man/chage.1.xml, man/chfn.1.xml:
+ use tabs in indentation (~10KB less in all xml files).
+
+ * po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po:
+ run "make update-po" and remove obsoleted strings.
+
+ * src/expiry.c, src/login.c: remove #if 0 .. #endif code.
+
+ * src/login.c: remove #if 1 .. #endif.
+
+ * libmisc/obscure.c, libmisc/utmp.c, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, src/chage.c, src/login.c, src/logoutd.c, src/newgrp.c, src/su.c, src/useradd.c, NEWS:
+ merge 010_more-i18ned-messages Debian patch which adds i18n support for few more messages
+ (orginaly patch was prepared by Guillem Jover <guillem@debian.org>).
+
+ * man/id/chsh.1:
+ fix .SH (fix merged from 207_id-manpages debian patch).
+
+2005-08-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * acinclude.m4: add aclocal macros (based on acinclude.m4 from glib):
+ JH_PATH_XML_CATALOG: checks the location of the XML Catalog,
+ JH_CHECK_XML_CATALOG: checks if a particular URI appears in the XML catalog.
+
+ * man/Attic/useradd.8, man/useradd.8.xml:
+ cleanups in "Changing the default values" section.
+
+ * man/useradd.8.xml:
+ replace <emphasis remap='I'></emphasis> by <replaceable></replaceable>.
+ Other minor cleanups.
+
+ * configure.in:
+ fixed missing )] in AC_ARG_WITH(skey, ..) (thank for fix to Yuri Kozlov <kozlov.y@gmail.com>).
+
+ * man/Attic/chsh.1, man/Attic/faillog.5, man/Attic/gshadow.5, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pw_auth.3.xml, man/Attic/shadow.3, man/Attic/suauth.5, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/chsh.1.xml, man/faillog.8.xml, man/groupadd.8.xml, man/gshadow.5.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/porttime.5.xml, man/shadow.3.xml, man/suauth.5.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml:
+ typos, and change some arguments so they do not match the name of a
+ command (fixes by Nicolas François <nicolas.francois@centraliens.net>).
+
+ * NEWS, libmisc/chkname.c, man/Attic/groupadd.8, man/Attic/useradd.8, man/groupadd.8.xml, man/useradd.8.xml:
+ fix regular expression describing alloved login/group names (pointed
+ by Nicolas François <nicolas.francois@centraliens.net>)
+ (correct is [a-z_][a-z0-9_-]*[$]).
+
+ * man/Attic/useradd.8, man/useradd.8.xml:
+ remove "Creating New Users" section and merge this directly in DESCRIPTION.
+ Add <option></option> for -o in EXIT VALUES section.
+
+ * po/ru.po, NEWS:
+ update ru translations (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2005-08-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/passwd.1, man/passwd.1.xml:
+ removed "Account maintenance" section.
+
+ * man/Attic/passwd.1, man/passwd.1.xml: partialy done rewrite.
+
+ * po/ro.po:
+ some fixes after review of the translation (by Sorin Batariuc <sorin@bonbon.net>).
+
+ * man/Attic/lastlog.8, man/lastlog.8.xml:
+ s/Print help message and exit./Display help message and exit./
+
+ * man/Attic/chage.1, man/chage.1.xml: document -h,--help option.
+
+ * man/Attic/groupadd.8, man/groupadd.8.xml:
+ document -h,--help option. added <option></option> for -o in EXIT VALUES.
+ Cleanups in SYNOPSIS section.
+
+ * man/Attic/chage.1, man/Attic/faillog.8, man/chage.1.xml, man/faillog.8.xml:
+ replace <emphasis remap='I'></emphasis> by <replaceable></replaceable>.
+
+ * man/Attic/lastlog.8, man/lastlog.8.xml:
+ document new -b,--before option.
+
+ * po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/it.po, po/ja.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/el.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, src/lastlog.c:
+ s/lastlog results/lastlog records/ in lastlog usage output.
+
+ * man/Attic/lastlog.8, man/lastlog.8.xml:
+ add "" aroud <command></command>.
+
+ * po/vi.po, po/zh_CN.po, po/zh_TW.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, src/lastlog.c:
+ alphabetic order options in lastlog usage output. Run "make -C po update-po".
+
+ * src/lastlog.c, NEWS:
+ added handle -b option which allow print only lastlog records older than
+ specified DAYS (fix by <miles@lubin.us>).
+
+ * libmisc/salt.c, NEWS:
+ fixed for use login.defs::MD5_CRYPT_ENAB only if PAM support
+ is disabled (fix by John Gatewood Ham <zappaman@buraphalinux.org>).
+
+2005-08-25 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in:
+ use AC_HELP_STRING() in AC_ARG_ENABLE() and AC_ARG_WITH().
+ Exit with error message if configure was runed --with-selinux
+ and libselinux not found.
+
+2005-08-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/chkname.c, NEWS, man/Attic/groupadd.8, man/Attic/useradd.8, man/groupadd.8.xml, man/useradd.8.xml:
+ documents in CAVEATS section the limitations shadow places on user and
+ group names (fix by Mike Frysinger <vapier@gentoo.org>).
+
+ * src/passwd.c, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po:
+ added missing -i, --inactive in usage() output.
+
+2005-08-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, src/passwd.c, NEWS:
+ passwd rewrited for use getopt_long().
+
+ * man/Attic/chage.1, man/chage.1.xml: /warndays/--warndays/
+
+ * man/Attic/pw_auth.3.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml, man/chage.1.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml:
+ remove trailing spaces.
+
+ * src/lastlog.c, src/login.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/suauth.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c, src/Attic/chsh_chkshell.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmems.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/id.c:
+ reorder #includes, indentations and minor cleanups.
+
+ * src/newgrp.c: indent code.
+
+ * NEWS, src/newgrp.c:
+ when newgrp process sits between parent and child shells, it should
+ propagate STOPs from child to parent and CONTs from parent to child,
+ otherwise e.g. bash's "suspend" command won't work.
+ Fixed Debian http://bugs.debian.org/314727
+
+2005-08-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in: typo.
+
+ * configure.in:
+ add display short summary information on finish autoconf script.
+
+ * NEWS, configure.in: start work on 4.0.13.
+
+2005-08-21 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ru.po: updated for 4.0.12 (by Yuri Kozlov <yuray@id.ru>).
+
+ * NEWS, po/sk.po:
+ updated for 4.0.12 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+2005-08-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/nl.po, NEWS:
+ updated for 4.0.12 (by cobaco (aka Bart Cornelis) <cobaco@linux.be>).
+
+2005-08-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/fi.po:
+ updated for 4.0.12 (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+ * NEWS, po/de.po:
+ updated for 4.0.12 (by Frank Schmid <frank@cs-schmid.de>).
+
+ * po/pt.po, NEWS:
+ updated for 4.0.12 (by Miguel Figueiredo <elmig@debianpt.org>).
+
+2005-08-11 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/cs.po:
+ updated for 4.0.12 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+ * src/chpasswd.c, src/groupdel.c, src/newusers.c, src/useradd.c, src/userdel.c, src/usermod.c:
+ remove duplicated #include <pwd.h>.
+
+ * po/pl.po: finished update for 4.0.12.
+
+ * src/useradd.c, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po:
+ s/Not copying any file into it./Not copying any file from skel directory into it./
+
+ * src/useradd.c, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po:
+ break warning message longer than 80 characters.
+
+ * po/pl.po: updated.
+
+ * src/groupadd.c, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po:
+ fixed missing \n in usage() output.
+
+ * lib/getdef.c, src/login.c, src/newgrp.c, NEWS:
+ remove using login.defs::CLOSE_SESSIONS variable and allways close PAM session.
+
+2005-08-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in:
+ realy enable shadow group support by default (pointed by
+ Greg Schafer <gschafer@zip.com.au> and Peter Vrabec <pvrabec@redhat.com>).
+ Indentations in --help output.
+
+ * man/Attic/chage.1, man/chage.1.xml:
+ s/occurrence/occurence/ (334_chage.1-typo Debian patch).
+
+ * man/Attic/chfn.1, man/chfn.1.xml:
+ s/may only change may only change/may only change/ (based on 336_chfn.1 Debian patch).
+
+ * man/it/Makefile.am: cleanups (443_man_it_Makefile.am Debian patch).
+
+ * man/Attic/userdel.8, man/userdel.8.xml: s/an NIS client/a NIS client/
+
+ * man/Attic/useradd.8, man/useradd.8.xml: s/an NIS group/a NIS group/
+
+ * man/Attic/lastlog.8, man/lastlog.8.xml:
+ s/you have an high UID/you have a high UID/
+
+ * man/Attic/lastlog.8, man/lastlog.8.xml:
+ added missing <para></para> in AUTHORS section (cached by Nicolas).
+
+ * po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po:
+ run "make update-po".
+
+ * po/POTFILES.in: added missing libmisc/pwdcheck.c. Sorted.
+
+2005-08-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: s/22-07-2005/22-08-2005/
+
+ * NEWS: schedule release 4.0.12 in 22-07-2005.
+
+ * libmisc/setupenv.c, man/pl/login.defs.5, NEWS, etc/Attic/login.defs.hurd, etc/Attic/login.defs.linux, lib/getdef.c:
+ removed handle login.defs::QMAIL_DIR variable.
+
+ * libmisc/chowntty.c, NEWS:
+ allow regular user to login on read-only root file system (not only for root).
+ Patch by Nicolas François <nicolas.francois@centraliens.net>
+ Fix for http://bugs.debian.org/52069
+
+ * NEWS, man/Attic/usermod.8, man/usermod.8.xml:
+ give the correct range for system users: 0-999 instead of 0-99
+ (http://bugs.debian.org/286258)
+
+ * man/Attic/chage.1, man/chage.1.xml: s/an password/a password/
+
+ * man/Attic/chage.1, man/chage.1.xml, src/chage.c, NEWS:
+ another maxdays fix based on 427_chage_expiry_0 Debian patch
+ (fix for http://bugs.debian.org/78961).
+ Better description -1 value passed in -E, -I and -M options.
+
+ * src/gpasswd.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, NEWS:
+ added flushing group nscd cache on exit.
+
+ * src/pwck.c, src/pwconv.c, NEWS:
+ added flushing passwd nscd cache on exit.
+
+ * NEWS, src/usermod.c:
+ fixed handle -p option (patch by Peter Vrabec <pvrabec@redhat.com>).
+ Indented.
+
+ * man/Attic/chage.1, man/chage.1.xml, NEWS, src/chage.c:
+ use -1 as value for disable password inactivity.
+ Patch by Peter Vrabec <pvrabec@redhat.com> which fixes:
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=109499
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=137498
+
+2005-08-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/useradd.c, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po:
+ do not copy files from skel directory if home directory exist and write
+ warning message about not copying skel files.
+ Patch by Peter Vrabec <pvrabec@redhat.com> which fixes:
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=143150
+ https://bugzilla.redhat.com/beta/show_bug.cgi?id=158574
+ https://bugzilla.redhat.com/beta/show_bug.cgi?id=80242
+
+ * po/pl.po: updated.
+
+2005-08-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/useradd.c:
+ s/spoll/spool/ (spoted by Nicolas François <nicolas.francois@centraliens.net>).
+
+2005-08-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/su.c:
+ ignore SIGINT while authenticating. A ^C could defeat the waiting
+ period and permit brute-force attacks (fixed http://bugs.debian.org/288827).
+
+2005-08-03 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/defines.h, NEWS, configure.in:
+ added require ngettext (added [need-ngettext] to AM_GNU_GETTEXT() parameters)
+ and stub prototype for ngettext() in lib/prototypes.h (neccessary if shadow
+ compiled with disabled NLS support)
+ Based on fixes by Martin Schlemmer <azarah@nosferatu.za.org>.
+
+ * src/faillog.c: start using exitcodes.h.
+
+ * NEWS, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8, man/logoutd.8.xml, man/shadow.3.xml, man/sulogin.8.xml:
+ regenerate all roff man pages using DocBook XSL Stylesheets 1.69.0.
+
+ * src/chage.c, src/chpasswd.c, src/newusers.c, src/passwd.c, src/pwunconv.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c, NEWS:
+ remove flushing shadow nscd cache (nscd do not caches shadow map).
+
+2005-08-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/groupadd.c, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, NEWS:
+ rewrited groupadd for use getopt_long().
+
+ * src/chage.c: indent.
+
+ * NEWS, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/userdel.c:
+ do OPENLOG() before pam_start().
+
+ * NEWS, src/groupadd.c: fixed double OPENLOG().
+
+ * src/passwd.c, src/vipw.c, src/userdel.c: reorder nscd_flush_cache().
+
+ * src/chfn.c, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po:
+ cleanups in printf() translated messages for make translators work easier.
+
+ * NEWS, src/chage.c: added flushing NSS shadow map on exit.
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/useradd.c:
+ s/the the/the/
+
+ * po/POTFILES.in: removed lib/{grpack,gspack,pwpack,sppack}.c.
+
+ * NEWS, src/newusers.c:
+ added flushing NSS passwd, shadow and group maps.
+
+ * NEWS, src/chpasswd.c, src/useradd.c:
+ added flushing NSS shadow map on exit.
+
+ * lib/prototypes.h: removed outdated prototypes for lib/gsdbm.c.
+
+ * NEWS, lib/Attic/grpack.c, lib/Attic/gspack.c, lib/Attic/pwpack.c, lib/Attic/sppack.c, lib/Makefile.am, lib/prototypes.h:
+ remove lib/{grpack,gspack,pwpack,sppack}.c and prototypes from lib/prototypes.h (outdated).
+
+ * lib/prototypes.h: removed outdated prototypes from lib/pwdbm.c.
+
+2005-07-31 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/usermod.c: added flushing NSS shadow map.
+
+2005-07-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/chage.1, man/chage.1.xml:
+ typo (s/passwordchanges/password changes/).
+
+2005-07-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/getdef.c, src/su.c:
+ ENV_SUPATH and ENV_PATH must be used independently to PAM.
+
+ * lib/exitcodes.h: added E_BAD_ARG.
+
+ * src/gpasswd.c: start use exitcodes.h.
+
+ * lib/getdef.c: remove ENV_ROOTPATH def_table[] (not used).
+
+2005-07-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/chsh.c: start use exitcodes.h.
+
+2005-07-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/Makevars, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po:
+ added --no-location to po/Makevars::XGETTEXT_OPTIONS: shorter .po files.
+
+ * NEWS, src/grpck.c, src/pwck.c:
+ pwck: now pwck OPENLOG with correct name ("pwck" instead "pwsk"),
+ pwck, grpck: replace all puts() with printf() - it fixes problems with extra blank
+ lines printed in some messages
+ (fixes by Alexander Gattin <arg@online.com.ua>)
+
+2005-07-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/Makevars: added:
+ MSGID_BUGS_ADDRESS = kloczek@pld.org.pl
+
+2005-07-21 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/chfn.c: start use #include "exitcodes.h",
+
+ * lib/exitcodes.h: cleanups.
+
+ * lib/Makefile.am, lib/exitcodes.h, src/chage.c:
+ start separate all E_* exit codes to lib/exitcodes.h.
+
+ * src/passwd.c, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po:
+ use separated message "Password set to expire." instead "Password changed."
+ on "passwd -e" (fix by Christian Perrier <bubulle@debian.org>).
+
+ * NEWS, po/fr.po:
+ updated (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+ * NEWS, configure.in: start work on 4.0.12.
+
+2005-07-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, configure.in, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po:
+ 4.0.11.1 will be released tmorrow (21-07-2005).
+
+ * configure.in, NEWS:
+ fixed configure.in: now is possible build shadow with enabled/disabled shadow group
+ support (thanks for report symptoms of the bug to Greg Schafer <gschafer@zip.com.au>).
+
+ * po/sv.po, NEWS: update finished (by Per Olofsson <pelle@dsv.su.se>)
+
+ * po/sv.po: partialy updated (by Per Olofsson <pelle@dsv.su.se>).
+
+2005-07-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in: start work on 4.0.12.
+
+2005-07-18 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/sub.c:
+ fixed compilation warning about incompatible implicit declaration of built-in
+ function printf: added "#include <stdio.h>".
+
+ * src/groupadd.c:
+ move #ifdef USE_PAM .. #endif #includes outside #ifdef SHADOWGRP .. #endif.
+
+ * libmisc/pwdcheck.c:
+ added missing "#include <stdio.h>" (fix compilation with PAM disabled).
+
+ * po/ro.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/pl.po, po/pt_BR.po, po/nl.po, po/nn.po, po/nb.po, po/ko.po, po/ja.po, po/it.po, po/he.po, po/id.po, po/fr.po, po/bs.po, po/ca.po, po/da.po, po/el.po, po/es.po, po/eu.po, po/fi.po:
+ run "make update-po".
+
+ * src/su.c:
+ move declaration of pamh nad caught variables to #ifdef USE_PAM .. #endif.
+
+ * po/pl.po, NEWS: updated pl translation.
+
+2005-07-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/sk.po:
+ updated for 4.0.11 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+2005-07-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/cs.po:
+ updated for 4.0.11 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+2005-07-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/de.po, NEWS:
+ updated for 4.0.11 (by Frank Schmid <frank@cs-schmid.de>).
+
+2005-07-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/pt.po:
+ updated for 4.0.11 (by Miguel Figueiredo <elmig@debianpt.org>).
+
+2005-07-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/stats: reorder gsub().
+
+ * po/ru.po: cleanups.
+
+ * po/ru.po, NEWS:
+ updated for 4.0.11 (by Yuri Kozlov <yucoz@yandex.ru>).
+
+2005-07-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/getdef.c:
+ move MAIL_DIR variable from def_table[] to part independent to USE_PAM
+ (still used in userdel/usermod).
+
+ * NEWS, man/Attic/pwck.8, man/pwck.8.xml:
+ document -q option (based on Debian patch for fix http://bugs.debian.org/309408)
+ Rewrited OPTIONS section and better SYNOPSIS.
+
+ * NEWS, po/da.po:
+ - updated for 4.0.11 (by Claus Hindsgaul <claus_h@image.dk>).
+
+ * NEWS, src/su.c:
+ ignore SIGINT while authenticating. A ^C could defeat the waiting period and
+ permit brute-force attacks. Also ignore SIGQUIT.
+ Fixed: http://bugs.debian.org/52372 and http://bugs.debian.org/288827
+
+ * po/fi.po, NEWS:
+ - updated for 4.0.11 (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+ * po/ro.po: - updated Project-Id-Version field.
+
+ * NEWS, po/ro.po:
+ - updated for 4.0.11 (by Sorin B. <sorin@bonbon.net>).
+
+2005-07-11 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/Attic/lastlog.8, man/lastlog.8.xml:
+ document that lastlog is a sparse file, and don't need to be rotated.
+ http://bugs.debian.org/219321
+
+ * src/chage.c: use E_USAGE=2 as usage() exit code.
+
+ * NEWS, po/es.po:
+ updated for 4.0.11 (by Ruben Porras <nahoo82@telefonica.net>).
+
+ * src/useradd.c: cleanups in usage() oyput.
+
+ * po/zh_TW.po, po/vi.po, po/zh_CN.po, po/uk.po, po/tl.po, po/tr.po, po/sv.po, po/sq.po, po/sk.po, po/ro.po, po/ru.po, po/pt.po, po/pt_BR.po, po/pl.po, po/nb.po, po/nl.po, po/nn.po, po/ko.po, po/it.po, po/ja.po, po/he.po, po/id.po, po/fr.po, po/eu.po, po/fi.po, po/es.po, po/da.po, po/de.po, po/el.po, po/bs.po, po/ca.po, po/cs.po:
+ cleanups in usage() output.
+
+ * NEWS: release 4.0.11 is sheduled to 18-06-2005.
+
+2005-07-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/login.1, man/login.1.xml, NEWS:
+ better explain the respective roles of login, init and getty with regards
+ to the utmp file (based on 441_manpages-shadow.5 Debian patch)
+
+ * man/Attic/su.1, man/groupdel.8.xml, man/su.1.xml, man/Attic/groupdel.8:
+ s/presense/presence/; s/filesystem/file system/
+ (sed on 440_manpages-login.1 Debian patch)
+
+ * man/pl/Attic/shadowconfig.8, man/pl/Makefile.am, man/ja/Attic/shadowconfig.8, man/ja/Makefile.am, man/it/Attic/shadowconfig.8, man/Attic/shadowconfig.8, man/Attic/shadowconfig.8.xml, man/Makefile.am, NEWS:
+ removed shadowconfig(8) man page (will be maintained in Debian shadow pkg repository).
+
+ * man/it/sg.1: added.
+
+ * man/it/Makefile.am: more files in man_MANS.
+
+ * man/it/Makefile.am: move pwunconv.8 to man_MANS.
+
+ * man/useradd.8.xml, man/Attic/useradd.8:
+ updated after rewrite for for getopt_long() in useradd (-D and -k options
+ idescription must be finished).
+
+ * src/useradd.c, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, NEWS:
+ rewrited for use getopt_long().
+
+ * po/stats: more gsub().
+
+2005-07-08 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/newgrp.c:
+ indent source code and use fix for handle splitted groups unconditionaly.
+
+ * lib/nscd.c: indent.
+
+ * NEWS, src/newgrp.c:
+ add fix for handle splitted NIS groups: extends the functionality that,
+ if the requested group is given, all groups of the same GID are tested for
+ membership of the requesting user.
+ (fix by Christian Mudra <C.Mudra@science-computing.de>
+
+ * lib/nscd.c, NEWS:
+ for some reason doing the INVALIDATE call with two write()'s fails.
+ Do one writev() call instead. http://bugs.gentoo.org/show_bug.cgi?id=80413
+ (submited by Martin Schlemmer <azarah@gentoo.org>)
+
+ * NEWS, lib/nscd.c:
+ merge nscd-socket-path patch from Fedora: newer glibc's have a different nscd socket
+ location (/var/run/nscd/socket instead /var/run/.nscd_socket).
+
+2005-07-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/stats: improved.
+
+ * man/Attic/groupadd.8, man/groupadd.8.xml, NEWS:
+ document -o option in groupadd(8).
+
+ * configure.in: s/'"$<foo>" != "no"'/'"$<foo>" = "yes"'/
+
+ * NEWS, configure.in, lib/Makefile.am, lib/pwauth.c:
+ S/Key support is back.
+
+ * po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po:
+ run "make update-po".
+
+ * po/pl.po: updated.
+
+ * src/useradd.c: s,key=value,KEY=VALUE,
+
+ * src/groupadd.c, NEWS, man/Attic/groupadd.8, man/groupadd.8.xml:
+ change -O option to -K and document it in man page.
+
+ * man/Attic/useradd.8, man/useradd.8.xml, src/useradd.c:
+ s/NAME=VALUE/KEY=VALUE/; s/key=value/KEY=VALUE/
+
+ * src/chfn.c, src/groupadd.c, src/groupmems.c, src/login.c, src/passwd.c, src/vipw.c:
+ sort cases in switch (flag) {}.
+
+ * src/gpasswd.c, src/groupadd.c, src/groupmems.c, src/groupmod.c, src/passwd.c, src/useradd.c, src/usermod.c:
+ sort getopt() optstring.
+
+ * src/useradd.c:
+ remove A: from getopt() optstring (the same bug as in usermod).
+
+ * src/usermod.c:
+ remove A: from getopt() optstring (it was for handle AUTH_METHODS code but now
+ it is not used option). Catched by Thorsten Kukuk <kukuk@suse.de>.
+
+ * src/usermod.c, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po:
+ indent source code. Added usermod error message about -a option usage to translated messages.
+
+ * po/POTFILES.in: mistake s,chage_chkshell.c,chsh_chkshell.c,
+
+ * po/POTFILES.in: s,libmisc/chkshell.c,src/chage_chkshell.c,
+
+ * man/Attic/usermod.8, man/usermod.8.xml, src/usermod.c, NEWS:
+ added -a option. This flag can only be used in conjunction with the -G
+ option. It cause usermod to append user to the current supplementary group list.
+ (patch by Peter Vrabec <pvrabec@redhat.com>)
+
+ * libmisc/Attic/chkshell.c, libmisc/Makefile.am, src/Attic/chsh_chkshell.c, src/Makefile.am:
+ move libmisc/chkshell.c to src/chsh_chkshell.c. check_shell() is used only by chsh.
+
+2005-07-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * Attic/acconfig.h, NEWS, configure.in:
+ finish move all autoheader templates from acconfig.h to configure.in.
+
+ * src/chage.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS:
+ added missing \n in chage error messages.
+
+ * po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/bs.po:
+ run "make update-po".
+
+ * src/usermod.c: move all #include in one place.
+
+ * src/useradd.c: s/-O/-K/
+
+ * man/Attic/useradd.8, man/useradd.8.xml:
+ cleanups in Note: in -K description.
+
+ * NEWS, man/Attic/useradd.8, man/useradd.8.xml, src/useradd.c:
+ change -O option to -K and document it in man page.
+
+ * man/Attic/useradd.8, man/useradd.8.xml:
+ added separated <cmdsynopsis></cmdsynopsis> for -D description and remove using </srb> tags from
+ <refsynopsisdiv id='synopsis'>.
+
+ * src/login.c:
+ replace #ifdef USE_PAM .. #endif #ifndef USE_PAN .. #endif by
+ #ifdef USE_PAM .. #else .. #endif.
+
+ * src/su.c: conditiona code reorganization.
+
+ * src/login.c: remove one #ifndef USE_PAM .. #endif.
+
+ * libmisc/setupenv.c: move setup $MAIL to !USE_PAM.
+
+ * libmisc/setupenv.c, src/su.c:
+ consolidate two sections of code #ifndef USE_PAM to one.
+
+ * src/su.c, src/sulogin.c, libmisc/setupenv.c, libmisc/tz.c, src/login.c, NEWS:
+ fixed erroneous warning messages about some login.defs variables when used with PAM
+ (fix by DJ Lucas <dj@linuxfromscratch.org>)
+
+2005-07-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in, libmisc/getdate.y, libmisc/utmp.c, src/logoutd.c:
+ remove non-USG code.
+
+ * Attic/acconfig.h, configure.in:
+ start moving all autoheader templates from acconfig.h to configure.in.
+
+ * configure.in: remove not used AC_DEFINE(HAVE_LIBCRYPT).
+
+ * Attic/acconfig.h, NEWS, configure.in:
+ stop with error message if crypt() not found. Remove --with{,out}-libcrypt switch.
+
+ * src/login.c: fixed use SYSLOG macro.
+
+2005-07-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/login_nopam.c: fixed use SYSLOG macro.
+
+2005-07-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/login.c:
+ setup limits and umask (using login.defs ULIMITS and UMASK variables) only when
+ PAM support is disabled (it is task for pam_limits and pam_umask modules).
+
+2005-06-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/sulogin.c, src/login.c, src/login_nopam.c, NEWS:
+ use SYSLOG macro instead syslog() which saves the locale, sets the locale to C,
+ sends the message and restores the locale (fix by Nicolas François <nicolas.francois@centraliens.net>).
+
+ * NEWS, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/userdel.8, man/Attic/usermod.8, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmod.8.xml, man/userdel.8.xml, man/usermod.8.xml:
+ in SEE ALLSO section added refer to gpasswd(8)
+ (suggested by Mike Frysinger <vapier@gentoo.org>)
+
+ * NEWS, configure.in: start work on 4.0.11.
+
+2005-06-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: +1 day release 4.0.10 date.
+
+ * po/pl.po: kill fuzzy.
+
+ * po/de.po: partial update by Frank Schmid <frank@cs-schmid.de>.
+
+2005-06-25 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ca.po: run "make update-po".
+
+ * po/sk.po: updated sk translation by Peter Mann <Peter.Mann@tuke.sk>.
+
+2005-06-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: typo.
+
+2005-06-21 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po: typo.
+
+ * po/pl.po: updated for 4.0.10.
+
+ * po/ru.po, NEWS: updated ru translation by maintainer.
+
+ * NEWS: added past releases dates. Cleanups.
+
+ * man/Attic/shadowconfig.8: merge version generated from XML file.
+
+ * po/ca.po, po/cs.po, po/da.po, po/fi.po, NEWS:
+ translations updated by maintainers.
+
+2005-06-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/chage.c, po/zh_TW.po, po/vi.po, po/zh_CN.po, po/tl.po, po/tr.po, po/uk.po, po/sk.po, po/sq.po, po/sv.po, po/ro.po, po/ru.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/eu.po, po/fi.po, po/fr.po, po/de.po, po/el.po, po/es.po, po/ca.po, po/cs.po, po/da.po, po/bs.po (usage):
+ s/EXPIRE/EXPIRE_DATE/.
+
+ * po/pl.po: start update for 4.0.10.
+
+ * src/usermod.c, src/useradd.c, src/userdel.c, src/id.c, src/newgrp.c, src/su.c, po/zh_TW.po, po/zh_CN.po, po/vi.po, po/uk.po, po/tr.po, po/tl.po, po/sv.po, po/sq.po, po/sk.po, po/ru.po, po/pt_BR.po, po/ro.po, po/pt.po, po/pl.po, po/nn.po, po/nl.po, po/nb.po, po/ko.po, po/ja.po, po/it.po, po/id.po, po/he.po, po/fr.po, po/eu.po, po/fi.po, po/es.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po:
+ s/uid/UID/ in all commnets and messages.
+
+ * libmisc/failure.c, libmisc/limits.c, lib/pwio.c:
+ s/uid/UID/ in comments.
+
+ * src/usermod.c, src/useradd.c, src/groupadd.c, src/groupmod.c, src/id.c, src/newgrp.c, po/zh_TW.po, po/zh_CN.po, po/vi.po, po/uk.po, po/tr.po, po/tl.po, po/sv.po, po/sq.po, po/sk.po, po/ru.po, po/ro.po, po/pt_BR.po, po/pt.po, po/pl.po, po/nn.po, po/nl.po, po/nb.po, po/ko.po, po/ja.po, po/it.po, po/he.po, po/id.po, po/fr.po, po/fi.po, po/eu.po, po/es.po, po/el.po, po/da.po, po/de.po, po/cs.po, po/bs.po, po/ca.po, libmisc/limits.c, lib/groupio.c:
+ s/gid/GID/ in all comments and messages.
+
+ * src/gpasswd.c, src/login.c, src/passwd.c, src/chage.c, src/chfn.c, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po:
+ one message in i18n messages less: use in all places "Permission denied" instead
+ "permission denied".
+
+ * libmisc/getdate.y:
+ remove extern for gmtime(), localtime() and mktime() and instead add #include <time.h>.
+
+ * libmisc/entry.c: removed extern for fgetpwent().
+
+ * NEWS, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/pw_auth.3, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8:
+ now most of the man pages now are generated from XML files so in case any submiting
+ any chages to this resources please make diff fies to XML files.
+
+ * man/Attic/pw_auth.3.xml: cleanups.
+
+ * man/grpck.8.xml, man/passwd.1.xml:
+ correctly code EXIT VALUES section using <variablelist>. Cleanups.
+
+ * man/shadow.3.xml: cleanups.
+
+2005-06-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/ja/Attic/mkpasswd.8, man/ja/Makefile.am, man/pl/Attic/mkpasswd.8, man/pl/Makefile.am:
+ remove ja and pl mkpasswd.8 man pages.
+
+2005-06-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pwck.8.xml, man/useradd.8.xml, man/userdel.8.xml:
+ correctly code EXIT VALUES section.
+
+ * Attic/acconfig.h: removed DES_RPC and OPIE templates.
+
+ * src/Attic/mkpasswd.c, src/Makefile.am, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, man/Attic/mkpasswd.8, man/Attic/mkpasswd.8.xml, man/Makefile.am, po/POTFILES.in, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po:
+ removed mkpasswd.
+
+ * man/Makefile.am: do not install mkpasswd(8) man page.
+
+ * src/Makefile.am: move mkpasswd.c to EXTRA_DIST.
+
+ * man/passwd.5.xml:
+ use <itemizedlist mark='bullet'> for describe passwd fields. Remove outdated
+ information about additional fields in comment field. Cleanups.
+
+ * man/newusers.8.xml: cleanups.
+
+ * man/gshadow.5.xml:
+ use <itemizedlist mark='bullet'> for gshadow fields desscription.
+
+ * man/shadow.5.xml: cleanups.
+
+ * man/shadow.5.xml:
+ use <itemizedlist mark='bullet'> for describe shadow fields.
+
+ * man/Attic/pw_auth.3.xml: cleanups.
+
+ * man/Attic/pw_auth.3.xml: use correct <refname>.
+
+ * man/Attic/pw_auth.3.xml: cleanups.
+
+ * man/groupdel.8.xml, man/groupmod.8.xml:
+ correctly code EXIT VALUES section.
+
+ * man/groupadd.8.xml: cleanups.
+
+ * man/Attic/mkpasswd.8.xml: added missing <variablelist> tag.
+
+ * man/usermod.8.xml: cleanups.
+
+ * man/usermod.8.xml: remove <sbr/> tags from SYNOPSIS section.
+
+ * man/faillog.8.xml: cleanups.
+
+ * man/faillog.5.xml:
+ put struct faillog definition in <programlisting></programlisting>.
+
+ * man/chsh.1.xml, man/chpasswd.8.xml: cleanups.
+
+ * man/groupadd.8.xml:
+ seems I found good way for code EXIT VALUES section.
+
+ * man/shadow.3.xml:
+ put meanings of each field spwd struct in <itemizedlist mark='bullet'>.
+
+ * man/shadow.3.xml:
+ place definition of struct spwd in <programlisting></programlisting>.
+
+ * NEWS, src/userdel.c:
+ userdel now deletes user groups from /etc/gshdow as well as /etc/group.
+ Fix by Nicolas François <nicolas.francois@centraliens.net>.
+ http://bugs.debian.org/99442
+
+ * src/usermod.c, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, NEWS, po/bs.po, po/ca.po, po/cs.po:
+ fixed bug in usermod ad run "make -C po update-po".
+ When relocating a user's home directory, don't fail and remove the new
+ home directory if we can't remove the old home directory for some
+ reason; the results can be spectularly poort if, for instance, only
+ the rmdir() fails. Patch prepared by Timo Lindfors <lindi-spamtrap@newmail.com>.
+ http://bugs.debian.org/166369
+
+2005-06-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/login.c: indent.
+
+ * man/Attic/pw_auth.3.xml, man/Attic/shadowconfig.8.xml, man/chage.1.xml, man/faillog.8.xml, man/groupmems.8.xml, man/gshadow.5.xml, man/login.1.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml:
+ cleanups.
+
+2005-06-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/chage.1.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/faillog.5.xml:
+ cleanups.
+
+ * man/login.1.xml: rewrited FILES section.
+
+ * man/id.1.xml, man/lastlog.8.xml, man/gshadow.5.xml: cleanups.
+
+ * man/groups.1.xml: typos.
+
+ * man/chfn.1.xml, man/expiry.1.xml, man/gpasswd.1.xml: cleanups.
+
+2005-06-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS:
+ last patch for UTMPX was submited by by Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/failure.c, libmisc/failure.h, NEWS:
+ use also UTMPX API instead UTMP on failure (login was by affected this when shadow
+ was builded without PAM support).
+
+ * NEWS, src/login.c:
+ the PAM session needs to be closed as root, thus before change_uid()
+ http://bugs.debian.org/53570 http://bugs.debian.org/195048 http://bugs.debian.org/211884
+
+ * man/Attic/passwd.1, man/passwd.1.xml:
+ s/compatiblity/compatibility/ (fix by Christian Perrier <bubulle@kheops.frmug.org>).
+
+2005-06-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/Attic/chfn.1, man/chfn.1.xml:
+ give more details about the influence of login.defs on what's allowed to
+ users (based on Debian patches).
+
+ * NEWS, src/su.c:
+ fix syslogs to be less ambiguous. Use old:new format instead of old-new
+ because '-' can appear in usernames.
+ http://bugs.debian.org/213592
+
+ * NEWS, src/login.c:
+ made login's -f option also able to use the username after -- if none
+ was passed as it's optarg
+ http://bugs.debian.org/53702
+
+ * po/POTFILES.in, NEWS, libmisc/Attic/setup.c, libmisc/Makefile.am:
+ not used now (removed).
+
+ * man/Attic/usermod.8, man/usermod.8.xml:
+ s/inactive_time/inactive_days/ in -f parameter in SYNOPSIS (fix by Christian
+ Perrier <bubulle@debian.org>).
+
+2005-06-08 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/grpck.8, man/grpck.8.xml:
+ typo: s/incorrectable/uncorrectable/ (by A Costa <agcosta@gis.net>).
+
+ * man/Attic/gshadow.5, man/gshadow.5.xml:
+ typos: s/folowing/following/; s/encryped/encrypted/; s/supercedes/supersedes/
+ (by A Costa <agcosta@gis.net>).
+
+ * man/Attic/shadow.5, man/shadow.5.xml:
+ typos: s/encryped/encrypted/; s/supercedes/supersedes/
+ (by A Costa <agcosta@gis.net>)
+
+2005-06-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/login.c, NEWS:
+ check for hushed login and pass PAM_SILENT if true.
+ http://bugs.debian.org/48002
+
+ * src/login.c, NEWS:
+ fixed loggin of username on succesful login (was using the normal username,
+ when it should have used pam_user) http://bugs.debian.org/47819
+
+2005-06-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/zh_TW.po: updated (by Tetralet <tetralet@pchome.com.tw>).
+
+ * NEWS, po/ca.po: updated (by Guillem Jover <guillem@debian.org>).
+
+ * man/de/passwd.1:
+ added small comment with marker usefull for translators.
+
+2005-05-25 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/Attic/mkpasswd.c, src/chpasswd.c, src/faillog.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/su.c, src/useradd.c, src/userdel.c, src/usermod.c, lib/encrypt.c, lib/getdef.c, lib/gshadow.c, lib/pwauth.h, lib/shadow.c, libmisc/failure.c, libmisc/isexpired.c, libmisc/salt.c:
+ indent all.
+
+ * src/chage.c, src/chpasswd.c, src/expiry.c, src/login.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, lib/Attic/sppack.c, lib/defines.h, lib/lockpw.c, lib/prototypes.h, lib/sgetspent.c, lib/shadow.c, lib/shadowio.c, libmisc/age.c, libmisc/entry.c, libmisc/isexpired.c, libmisc/pwd2spwd.c, libmisc/pwdcheck.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, Attic/acconfig.h, NEWS, configure.in:
+ remove using SHADOWPWD #define so now shadow is allways builded with shadow
+ password support.
+
+2005-05-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/chage.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, man/Attic/chage.1, man/chage.1.xml:
+ rewrite for use getopt_long().
+
+2005-05-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in: start working on 4.0.10.
+
+ * man/Makefile.am: remove shadow-man-pages.pot target from all.
+
+2005-05-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/encrypt.c, NEWS:
+ fixed passwd segfault in non-PAM connfiguration (submited by Greg Schafer <gschafer@zip.com.au>).
+
+ * po/sv.po: upsdate (by Christian Perrier <bubulle@debian.org>).
+
+ * NEWS, src/newgrp.c:
+ fixed NULL pointer dereference - getlogin() and ttyname() can
+ return NULL which is not checked (http://bugs.debian.org/162303).
+
+ * man/Attic/su.1, man/pwconv.8.xml, man/su.1.xml, man/Attic/pwconv.8:
+ fixed typo (s,similiar,similar,).
+
+2005-05-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/ro.po: updated by Sorin B. <sorin@bonbon.net>.
+
+ * po/ru.po, NEWS: updated by yu-koz <yu-koz@yandex.ru>.
+
+2005-05-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ro.po: few updates by Sorin Batariuc <sorin@bonbon.net>.
+
+2005-05-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ru.po: updated (by Yuri Kozlov <yuray@id.ru>).
+
+2005-05-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/vi.po:
+ completed translations for HEAD (by Clytie Siddall <clytie@riverland.net.au>).
+
+2005-05-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/LINGUAS, po/vi.po: added new vi translation.
+
+ * NEWS, lib/getdef.c:
+ leaves the table as it is, and changes from the binary search to
+ a sequential one (fix by Lucas Correia Villa Real <lucasvr@gobolinux.org>).
+
+ * man/Attic/passwd.1, man/passwd.1.xml:
+ make bold passwd and chfn commands.
+
+2005-04-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/usermod.8.xml, man/vipw.8.xml: cleanups.
+
+2005-04-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/shadowconfig.8.xml, man/gpasswd.1.xml, man/groups.1.xml, man/grpck.8.xml, man/login.defs.5.xml, man/passwd.1.xml, man/pwck.8.xml, man/sulogin.8.xml, man/useradd.8.xml:
+ replace <emphasis remap='B'></emphasis> by <command></command>.
+
+ * po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, src/lastlog.c:
+ fixed lastlog --help message (s,--login,--user,) http://bugs.debian.org/249611
+
+ * man/Attic/mkpasswd.8.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml:
+ use <varlistentry></varlistentry> in FILES section. Cleanups.
+
+ * man/expiry.1.xml, man/chsh.1.xml, man/chpasswd.8.xml, man/chfn.1.xml, man/porttime.5.xml, man/Attic/pw_auth.3.xml:
+ cleanups.
+
+ * man/Attic/vipw.8, man/vipw.8.xml:
+ small fix: s,vi,vi(1), (reported by Helge Kreutzmann <kreutzm@itp.uni-hannover.de> in
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=260636).
+ s,VISUAL,$VISUAL; s,EDITOR,$EDITOR,
+
+2005-04-26 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/login.1.xml: fixed bold (use <command></command>). Cleanups.
+
+ * man/Attic/login.1: fixed typo in bold.
+
+ * man/chage.1.xml: fixed italic. Cleanups.
+
+ * man/Attic/chage.1: fixed typo in italic.
+
+ * man/login.defs.5.xml:
+ fixed italic (use <filename></filename> istead italic). Cleanups.
+
+ * man/Attic/login.defs.5: fixed typo in italic.
+
+ * man/vipw.8.xml: fixed italic (use <filename></filename>).
+
+ * man/Attic/vipw.8: typo in italic.
+
+ * man/Makefile.am:
+ added target for generate shadow-man-pages.pot. List all now useable xml files
+ in man_XMANS variable.
+
+ * man/pwconv.8.xml:
+ fixed bold. Use in more places <command></command> istead bold.
+
+ * man/Attic/login.defs.5: typo in bold.
+
+ * man/su.1.xml:
+ removed comment. Use <variablelist></variablelist> in Files secstion.
+ Fixed bold.
+
+ * man/Attic/pwconv.8, man/Attic/su.1: typo in bold.
+
+2005-04-25 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in: start work on 4.0.9.
+
+ * po/nl.po: kill fuzzy.
+
+ * man/Attic/chage.1:
+ reverte last commit (by mistake commited experimental version generated from XML file).
+
+ * NEWS, po/nl.po:
+ updated for 4.0.8 (by "cobaco (aka Bart Cornelis)" <cobaco@linux.be>).
+
+ * po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po:
+ two typos (s,specyfied,specified,; s,maiximum,maximum,).
+
+ * NEWS, po/sk.po:
+ updated for 4.0.8 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+ * src/lastlog.c: typo (s,specyfied,specified,)
+
+ * src/faillog.c: typo (s,maiximum,maximum,).
+
+2005-04-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/chage.1.xml, man/chfn.1.xml, man/chsh.1.xml, man/expiry.1.xml, man/gpasswd.1.xml, man/groups.1.xml, man/id.1.xml, man/login.1.xml, man/passwd.1.xml, man/su.1.xml:
+ added <refmiscinfo class="sectdesc">User Commands</refmiscinfo> in <refmeta></refmeta>.
+
+ * man/Attic/mkpasswd.8.xml, man/Attic/pw_auth.3.xml, man/Attic/shadowconfig.8.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/vigr.8.xml:
+ Use encoding="UTF-8" and DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN".
+
+ * man/userdel.8.xml, man/usermod.8.xml, man/vigr.8.xml, man/vipw.8.xml, man/Attic/mkpasswd.8.xml, man/Attic/pw_auth.3.xml, man/Attic/shadowconfig.8.xml, man/chage.1.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml:
+ better formation using "xmlindent -l 80 -d 2".
+
+2005-04-21 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/it/Attic/shadowconfig.8, man/it/chsh.1, man/it/expiry.1, man/it/faillog.5, man/it/faillog.8, man/it/getspnam.3, man/it/groups.1, man/it/grpck.8, man/it/grpconv.8, man/it/grpunconv.8, man/it/id.1, man/it/lastlog.8, man/it/login.1, man/it/logoutd.8, man/it/newgrp.1, man/it/porttime.5, man/it/pwck.8, man/it/shadow.3, man/it/shadow.5, man/it/su.1, man/it/vipw.8, NEWS, man/it/Makefile.am, man/it/chage.1, man/it/chfn.1, man/it/chpasswd.8:
+ updated it man pages: chfn.1, chsh.1, groups.1, grpck.8, grpconv.8, grpunconv.8,
+ id.1, lastlog.8, login.1, newgrp.1, pwunconv.8, shadow.5, vigr.8, vipw.8.
+ new it man pages: chage.1, chpasswd.8, expiry.1, faillog.5, faillog.8,
+ getspnam.3, logoutd.8, porttime.5, pwck.8, shadow.3, shadowconfig.8, su.1.
+ (by Danilo Piazzalunga <danilopiazza@libero.it>)
+
+ * po/uk.po:
+ cleanups in plural forms (by Roman Festchook <roma@polesye.net>).
+
+ * man/Attic/chage.1, man/Attic/mkpasswd.8.xml, man/Attic/pw_auth.3.xml, man/Attic/shadowconfig.8.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml:
+ reformated using xemacs.
+
+2005-04-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fr.po, NEWS:
+ updated for 4.0.8 (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+ * NEWS, po/eu.po: updated for 4.0.8 (by ^pi^ <piarres@gmail.com>).
+
+ * NEWS, po/uk.po:
+ updated for 4.0.8 (by Roman Festchook <roma@polesye.net>).
+
+ * po/cs.po:
+ updated for 4.0.8 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+ * po/da.po, NEWS:
+ updated for 4.0.8 (by Claus Hindsgaul <claus_h@image.dk>).
+
+ * po/ko.po, NEWS:
+ updated for 4.0.8 (by Changwoo Ryu <cwryu@debian.org>).
+
+ * po/fi.po: kill one fuzzy (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+2005-04-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/chpasswd.8.xml: Rewrited by hand & xemacs.
+
+ * man/chfn.1.xml: cleanups in <refentry> tag.
+
+ * man/chfn.1.xml: Rewrited by hand & xemacs.
+
+ * NEWS, po/pt.po:
+ updated for 4.0.8 (by Miguel Figueiredo <elmig@debianpt.org>).
+
+ * po/es.po, NEWS: updated (by Ruben Porras <nahoo@inicia.es>).
+
+2005-04-18 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/useradd.8:
+ fixed typos in useadd syntax (in SYNOPSIS section) catched using doclifter.
+
+ * man/Attic/mkpasswd.8.xml, man/Attic/pw_auth.3.xml, man/Attic/shadowconfig.8.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/getspnam.3.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/grpconv.8.xml, man/grpunconv.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/pwunconv.8.xml, man/sg.1.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vigr.8.xml, man/vipw.8.xml:
+ raw version converted using doclifter.
+
+ * configure.in: remove handle --with-lib{opie,skey}.
+
+ * man/de/chsh.1:
+ synced with english version (by Simon Brandmair <sbrandmair@gmx.net>).
+
+ * man/Attic/usermod.8: improved -o description.
+
+ * man/de/passwd.1:
+ added translation EXIT VALUES section (by Simon Brandmair <sbrandmair@gmx.net>).
+
+ * NEWS, po/it.po:
+ updated it translation (by Danilo Piazzalunga <danilopiazza@libero.it>).
+
+2005-04-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po:
+ cleanups.
+
+ * po/pl.po: updated.
+
+ * src/usermod.c:
+ use the same error message ("%s: PAM authentication failed\n") on fail
+ authentication as in other tools.
+
+ * po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po:
+ run "make update-po".
+
+ * src/login.c, src/login_nopam.c:
+ fixed build with disabled PAM support: move bad_time_notify() and check_nologin()
+ back to src/login.c but use this functions #ifndef USE_PAM.
+
+ * NEWS, lib/Makefile.am, lib/pwauth.c:
+ remove not working OPIE and SKEY support.
+
+ * configure.in: typo (s,SELinuux,SELinux,).
+
+ * NEWS: typos.
+
+ * NEWS: chage, useradd, usermod: reduce multiple OPENLOG() calls.
+
+ * src/useradd.c, src/usermod.c: fix multiple OPENLOG() calls.
+
+ * src/chage.c: cleanups.
+
+ * src/chage.c: fix multiple OPENLOG() calls.
+
+ * src/chage.c:
+ use E_SUCCESS/E_NOPERM #defines instead 0/1 in exit() arguments.
+
+2005-04-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/passwd.c:
+ adjust also syslog message on usage -S option without permission.
+ Consolidate SELinix and non-SELinux code.
+
+ * po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, NEWS, src/passwd.c:
+ fix #61313 Debian bug: "passwd -S root" (as a normal user) should not
+ display "You may not change the password for root.
+
+ * NEWS, man/Attic/passwd.1:
+ fix #160477 Debian bug: improve -S output description.
+
+ * man/de/passwd.1:
+ new translation by Simon Brandmair <sbrandmair@gmx.net> with merged all
+ changes between revision 1.2 a 1.5.
+
+2005-04-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/passwd.1, man/pl/passwd.1: bold passwd and chage commands.
+
+ * NEWS, src/vipw.c:
+ fixed race condition in vipw (Debian #242407 bug; fix by Alexander Gattin
+ <arg@online.com.ua>).
+
+ * man/pl/Attic/chage.1.xml, man/pl/chage.1:
+ synced with english version.
+
+ * man/Attic/chage.1, man/chage.1.xml:
+ add info about what mean -1 passed n expiredate parameter (based on #304542
+ Debian bug; submited by Federico Grau <grauf@rfa.org>).
+
+2005-04-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fi.po, NEWS:
+ updated translation (by Tommi Vainikainen <tvainikan@cc.hut.fi>).
+
+ * man/hu/passwd.1, man/it/passwd.1, man/ja/passwd.1, man/pl/passwd.1, man/Attic/passwd.1, man/de/passwd.1, man/es/passwd.1:
+ cleanups and unifications in SEE ALSO section.
+
+2005-04-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in:
+ Info documentation says about AC_GNU_SOURCE: "should be called before any
+ macros that run the C compiler". So move this macro on top configure.in for
+ avoid autoconf warnings.
+
+ * configure.in:
+ AC_SYS_LARGEFILE() performs checking is fseeko() is avalaible so "fseeko" can
+ be removed from AC_CHECK_FUNCS() parameters.
+
+ * NEWS, configure.in: Remove using AC_PROG_GCC_TRADITIONAL macro.
+ Add using AC_GNU_SOURCE macro for kill compilation warnings about implicit
+ declaration of function `fseeko'.
+
+ * po/cs.po: killed fuzzy (by Miroslav Kure <kurem@debian.cz>).
+
+ * man/ja/newgrp.1, man/pl/newgrp.1, NEWS, man/Attic/newgrp.1, man/hu/newgrp.1:
+ newgrp uses /bin/sh (not bash).
+
+ * man/Attic/gpasswd.1, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/id.1, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/pwck.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8:
+ describe /etc/group in FILES section as "group account information".
+
+ * man/Attic/grpck.8:
+ describe /etc/passwd in FILES section as "user account information".
+
+ * po/stats: small script for generate translations statistics.
+
+ * NEWS, po/cs.po: Updated by Miroslav Kure <kurem@debian.cz>.
+
+ * man/chage.1.xml, man/Attic/chage.1, man/Attic/expiry.1, man/Attic/login.1, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/passwd.1, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/sulogin.8:
+ describe /etc/shadow in FILES section as "secure user account information".
+
+ * man/Attic/newgrp.1:
+ Reformated paragraph. s,Bourne shell,\fBbash\fR shell,
+
+ * NEWS, man/Attic/newgrp.1:
+ fix #251926, #166173, #113191 Debian bugs: explain why editing /etc/group
+ (without gshadow) doesn't permit to use newgrp.
+
+ * po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po:
+ added/fixed Plural-Forms: header entries. Run "make update-po".
+
+ * po/pl.po:
+ added Plural-Forms: header entry and updated for last change in
+ libmisc/failure.c.
+
+ * libmisc/failure.c:
+ break message text with failure login since last login.
+
+ * libmisc/failure.c:
+ Use ngettext instead of string concatenation and static number of cases.
+ Patch by Tommi Vainikainen <tvainika@cc.hut.fi>.
+
+2005-04-11 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/cs.po:
+ new translation maintainer: Miroslav Kure <kurem@debian.cz>.
+
+2005-04-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po: updated for 4.0.8.
+
+2005-04-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, src/faillog.c:
+ changed faillog records display format for allow fit in 80 columns all
+ faillog atributies.
+
+ * po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po:
+ run "make update-po". Updated pl.po.
+
+ * src/faillog.c (usage): typo (s,IDAYS,DAYS,).
+
+ * man/Attic/faillog.8, NEWS:
+ updated after rewrite faillog command for use getopt_long().
+
+ * src/faillog.c:
+ Add handle -h,--help option. Show in usage output information about
+ -t,--time option. Remove handle -p option.
+
+ * po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po:
+ run "make update-po".
+
+ * po/POTFILES.in: updated.
+
+ * man/Attic/gpasswd.1: typo (s,fB,\fB,).
+
+2005-04-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/ja/login.1:
+ updated ja man page for Debian #95213 bug (by Kenshi Muto <kmuto@debian.org>).
+
+ * src/chage.c, src/chfn.c, src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/grpck.c, src/passwd.c, src/pwck.c, src/useradd.c, src/userdel.c, src/usermod.c, NEWS, lib/Attic/grdbm.c, lib/Attic/gsdbm.c, lib/Attic/pwdbm.c, lib/Attic/spdbm.c, lib/Makefile.am, lib/gshadow.c, lib/shadow.c:
+ next round of cleanups: removed NDBM code (unused).
+
+ * src/login.c: consilidate some !USE_PAM lines.
+
+ * src/login.c, src/login_nopam.c:
+ move bad_time_notify() and check_nologin() to src/login_nopam.c.
+
+ * lib/prototypes.h: remove not used login_desrpc() prototype.
+
+ * lib/Attic/rad64.c, lib/encrypt.c, lib/prototypes.h, lib/Makefile.am:
+ remove lib/rad64 with not used c64i() and i64c() functions.
+
+ * lib/encrypt.c:
+ remove "#ifdef SW_CRYPT .. #endif" and "#ifdef DOUBLESIZE .. #endif" unused code.
+
+ * lib/encrypt.c: remove "#ifdef MD5_CRYPT .. #endif" unused code.
+
+ * libmisc/salt.c:
+ remove prototypes for *l64a() and add #include <stdlib.h>. Remove unused
+ now code (old style random salt generator).
+
+ * src/chage.c: cleanups.
+
+ * src/chpasswd.c:
+ remove prototypes for *l64a() and add #include <stdlib.h>.
+
+ * src/login.c: remove login_fbtab() prototype.
+
+ * src/chage.c:
+ remove prototypes for a64l() and *l64a() and add #include <stdlib.h>.
+
+2005-04-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/ru/passwd.5, man/zh_CN/chfn.1, man/zh_CN/chpasswd.8, man/zh_CN/chsh.1, man/zh_CN/groupadd.8, man/zh_CN/groupdel.8, man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/userdel.8, man/zh_CN/usermod.8, man/zh_TW/chfn.1, man/zh_TW/chsh.1, man/zh_TW/groupadd.8, man/zh_TW/groupdel.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/userdel.8, man/zh_TW/usermod.8, man/ko/chfn.1, man/ko/chsh.1, man/ko/groups.1, man/ko/id.1, man/ko/login.1, man/ko/passwd.5, man/ko/su.1, man/pt_BR/gpasswd.1, man/pt_BR/groupadd.8, man/pt_BR/groupdel.8, man/pt_BR/groupmod.8, man/pt_BR/shadow.5, man/ja/Attic/mkpasswd.8, man/ja/Attic/pw_auth.3, man/ja/chage.1, man/ja/chfn.1, man/ja/chpasswd.8, man/ja/chsh.1, man/ja/expiry.1, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupmod.8, man/ja/groups.1, man/ja/grpck.8, man/ja/id.1, man/ja/lastlog.8, man/ja/limits.5, man/ja/login.1, man/ja/login.access.5, man/ja/login.defs.5, man/ja/newgrp.1, man/ja/passwd.1, man/ja/porttime.5, man/ja/pwck.8, man/ja/shadow.3, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/vipw.8, man/hu/chfn.1, man/hu/chsh.1, man/hu/gpasswd.1, man/hu/groups.1, man/hu/id.1, man/hu/login.1, man/hu/newgrp.1, man/hu/passwd.1, man/hu/su.1, man/id/chsh.1, man/id/login.1, man/id/useradd.8, man/it/chfn.1, man/it/chsh.1, man/it/gpasswd.1, man/it/groupadd.8, man/it/groupdel.8, man/it/groupmod.8, man/it/groups.1, man/it/grpck.8, man/it/id.1, man/it/lastlog.8, man/it/login.1, man/it/passwd.5, man/it/shadow.5, man/it/useradd.8, man/it/userdel.8, man/it/usermod.8, man/it/vipw.8, man/de/chfn.1, man/de/chsh.1, man/de/login.1, man/de/passwd.1, man/de/passwd.5, man/de/su.1, man/de/vipw.8, man/es/login.1, man/es/passwd.1, man/es/su.1, man/fr/chage.1, man/fr/chpasswd.8, man/fr/chsh.1, man/fr/faillog.5, man/fr/gpasswd.1, man/fr/groups.1, man/fr/id.1, man/fr/passwd.1, man/fr/passwd.5, man/fr/shadow.5, man/fr/su.1, man/fr/useradd.8, man/fr/userdel.8, man/fr/usermod.8, man/cs/groups.1, man/cs/id.1, man/cs/lastlog.8, man/cs/passwd.5, man/cs/shadow.5, man/cs/su.1, man/pl/Attic/mkpasswd.8, man/pl/Attic/pw_auth.3, man/pl/Attic/shadowconfig.8, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/expiry.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/gpasswd.1, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmems.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/limits.5, man/pl/login.1, man/pl/login.access.5, man/pl/login.defs.5, man/pl/logoutd.8, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/passwd.5, man/pl/porttime.5, man/pl/pwck.8, man/pl/pwconv.8, man/pl/shadow.3, man/pl/shadow.5, man/pl/su.1, man/pl/suauth.5, man/pl/sulogin.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/vipw.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/expiry.1, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/grpck.8, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/newgrp.1, man/Attic/passwd.1, man/Attic/porttime.5, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/usermod.8, man/Attic/vipw.8:
+ more replaces "-" by "\-" (s,\\-,-,g; s,-,\\-,g).
+
+ * man/pl/usermod.8: finish sync with english version.
+
+ * man/hu/login.1, man/pl/login.1, NEWS, man/Attic/login.1, man/de/login.1:
+ removed fragment about abilities pass enviroment variables in login prompt.
+
+ * man/Attic/gpasswd.1, man/Attic/newgrp.1:
+ fixes by Nicolas Nicolas François <nicolas.francois@centraliens.net> (not all
+ commited).
+
+2005-04-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5:
+ replace all "-" by "\-" (s,\\-,-,; s,-,\\-,).
+
+ * man/cs/groups.1: cleanups.
+
+ * NEWS, src/su.c:
+ fixed use of SU_WHEEL_ONLY in su. Now su realy is avalaible for wheel group
+ members. Thanks to Mike Frysinger <vapier@gentoo.org> for report:
+ http://bugs.gentoo.org/show_bug.cgi?id=80345
+
+ * man/pl/Attic/chage.1.xml:
+ converted from roff using doclifter. Rewrited by hand. Probably will be
+ removed after prepare infrastructure for translate man pages using gettext
+ but temporary I need this for some experiments.
+
+ * src/login.c: remove unused #ifded LOGIN_FBTAB .. #endif code.
+
+ * configure.in, libmisc/Attic/login_access.c, libmisc/Makefile.am, src/Makefile.am, src/login.c, src/login_nopam.c:
+ move libmisc/login_access.c to src/login_mopam.c.
+ Remove using LOGIN_ACCESS #define. Now LOGIN_ACCESS is equal to !USE_PAM.
+ In src/login_nopam.c will be cumulated non-PAM specyfic login code.
+
+ * src/lastlog.c, src/login.c, src/useradd.c, src/usermod.c, libmisc/log.c:
+ cleanups: remove using #include "lastlog_.h".
+
+ * src/login.c: fixed build with PAM support disabled.
+
+ * src/login.c: remove "#ifdef HUP_MESG_FILE .. #endif" code.
+
+ * src/login.c: reindent using -l80.
+
+ * man/Attic/chage.1, man/chage.1.xml:
+ s/chage/chage command/ in DESCRIPTION.
+
+ * man/chage.1.xml:
+ converted from roff using doclifter. Rewrited by hand.
+
+ * man/Attic/chage.1, man/Attic/chfn.1, man/Attic/faillog.8, man/Attic/groupmod.8, man/Attic/pwconv.8, man/Attic/useradd.8, man/Attic/usermod.8:
+ cleanups.
+
+ * man/Attic/pwconv.8: fixed typo: s,fI,\fI,
+
+ * po/POTFILES.in: remove libmisc/login_{desrpc,krb}.c.
+
+ * lib/getdef.c, libmisc/Attic/login_desrpc.c, libmisc/Attic/login_krb.c, libmisc/Makefile.am, src/login.c, NEWS, autogen.sh, configure.in:
+ drop never finished kerberos and des_rpc support.
+
+ * man/it/chfn.1: cleanups.
+
+2005-04-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in:
+ fixed UTMP path detection (by Kelledin <kelledin@users.sf.net>).
+
+ * man/fr/chsh.1: typo.
+
+ * man/de/Makefile.am, man/de/passwd.5:
+ imported from Deutscher manpages.
+
+ * man/cs/Makefile.am, man/cs/groups.1, man/cs/lastlog.8, man/cs/su.1:
+ new files imported from Czech man-pages.
+
+ * man/pl/faillog.8, man/pl/groupmems.8, man/pl/id.1, man/pt_BR/groupadd.8, man/pt_BR/groupmod.8, man/zh_CN/groupadd.8, man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/usermod.8, man/zh_TW/groupadd.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/usermod.8, man/fr/chage.1, man/fr/chpasswd.8, man/fr/passwd.1, man/hu/chsh.1, man/it/groupadd.8, man/it/groupmod.8, man/it/usermod.8, man/ja/chage.1, man/ja/chfn.1, man/ja/chsh.1, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupmod.8, man/ja/login.1, man/ja/passwd.1, man/ja/useradd.8, man/ja/usermod.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chsh.1, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/id.1, man/Attic/login.1, man/Attic/passwd.1, man/Attic/useradd.8, man/de/chfn.1, man/de/chsh.1, man/de/login.1, man/de/passwd.1:
+ cleanups: aded missing \fR.
+
+ * man/Attic/gpasswd.1, man/Attic/gshadow.5, man/Makefile.am, NEWS:
+ added new file (by Nicolas Nicolas François <nicolas.francois@centraliens.net>).
+
+2005-03-31 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/chage.1, man/pl/chfn.1, man/pl/chsh.1, man/pl/gpasswd.1:
+ added missing \fR.
+
+ * man/pl/groupmod.8: typo: s,\fI,\fR,
+
+ * man/pl/login.1, man/pl/passwd.1: cleanups: aded missing \fR.
+
+ * man/pl/sulogin.8: cleanups.
+
+ * man/pl/useradd.8: cleanups: aded missing \fR.
+
+ * man/pl/usermod.8: partialy synced with english version.
+
+ * man/Attic/usermod.8: typo.
+
+ * NEWS, man/Attic/usermod.8:
+ fixed #302388 Debian bug: added separated -o option description.
+
+ * lib/getdef.c:
+ FAILLOG_ENAB, LOGIN_STRING moved to code "#ifndef USE_PAM" dependent.
+
+ * lib/pwauth.c, lib/pwauth.h: enable pw_auth() only #ifndef USE_PAM.
+
+ * src/userdel.c, src/usermod.c, src/vipw.c, src/Attic/mkpasswd.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmems.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/suauth.c, src/sulogin.c, src/useradd.c, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, libmisc/Attic/login_access.c, libmisc/Attic/login_krb.c, libmisc/addgrps.c, libmisc/age.c, libmisc/chkname.h, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/copydir.c, libmisc/env.c, libmisc/failure.c, libmisc/failure.h, libmisc/getdate.h, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/loginprompt.c, libmisc/motd.c, libmisc/pam_pass.c, libmisc/pwdcheck.c, libmisc/rlogin.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/strtoday.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/utmp.c, libmisc/xmalloc.c, NEWS, lib/Attic/getpass.c, lib/Attic/grdbm.c, lib/Attic/grpack.c, lib/Attic/gsdbm.c, lib/Attic/gspack.c, lib/Attic/pwdbm.c, lib/Attic/pwpack.c, lib/Attic/rad64.c, lib/Attic/rcsid.h, lib/Attic/spdbm.c, lib/Attic/sppack.c, lib/commonio.c, lib/commonio.h, lib/defines.h, lib/encrypt.c, lib/faillog.h, lib/fputsx.c, lib/getdef.c, lib/getdef.h, lib/groupio.c, lib/groupio.h, lib/gshadow.c, lib/gshadow_.h, lib/lockpw.c, lib/port.c, lib/port.h, lib/prototypes.h, lib/pwauth.c, lib/pwauth.h, lib/pwio.c, lib/pwio.h, lib/sgetgrent.c, lib/sgetpwent.c, lib/sgetspent.c, lib/sgroupio.c, lib/sgroupio.h, lib/shadow.c, lib/shadowio.c, lib/shadowio.h, lib/utent.c:
+ reindent all source code using -l80.
+
+ * libmisc/.indent.pro, src/.indent.pro, lib/.indent.pro: -l80 added.
+
+ * lib/gshadow.c, NEWS:
+ rewrited group count to dynamic (by John Newbigin <jnewbigin@ict.swin.edu.au >).
+
+ * po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po:
+ run "make update-po".
+
+ * src/login.c: use allways "\n%s login: " login prompt.
+
+ * src/login.c: removed radius support (even not compiles).
+
+ * doc/Attic/README.mirrors, doc/Makefile.am: removed.
+
+ * src/userdel.c (update_user): removed next redundant closing }.
+
+ * src/userdel.c: remove using unused NO_REMOVE_MAILBOX #define.
+
+ * src/userdel.c (update_user): removed redundant closing }.
+
+2005-03-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/getdef.c:
+ move PASS_MAX_DAYS, PASS_MIN_DAYS and PASS_WARN_AGE to part PAM not dependent
+ (used in useradd, pwconv).
+
+ * configure.in, src/Makefile.am:
+ move define LOCALEDIR using AC_DEFINE_UNQUOTED() to src/Makefile.am::AM_CPPFLAGS.
+
+ * man/Attic/pwconv.8: typo in bold.
+
+ * doc/Attic/INSTALL: removed.
+
+ * doc/Attic/README.sun4, doc/Makefile.am: removed outdated README.sun4.
+
+2005-03-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po: put mine data in Last-Translator: field.
+
+ * src/newusers.c:
+ use the same as in useradd default UMASK (022 instead 077) if diffrent not
+ defined in login.defs.
+
+ * NEWS, libmisc/copydir.c:
+ added SELinux changes (based on Fedora patch).
+
+ * NEWS: typo.
+
+ * man/Attic/login.defs.5: typo in bold.
+
+ * src/chfn.c, src/chsh.c, lib/getdef.c:
+ move CHFN_AUTH, CHSH_AUTH variables from login.defs to part !USE_PAM dependent.
+ Use "auth required pam_unix.so" in /etc/pam.d/{chfn,chsh} for force enter password
+ on use chfn/chsh.
+
+ * lib/getdef.c: added CHSH_AUTH variable in def_table[] table.
+
+ * src/chsh.c: s/CHFN_AUTH/CHSH_AUTH/
+
+ * man/Attic/shadow.5, man/Attic/passwd.5:
+ add more accurate information about what contains field with encrypted password in
+ each passwd/shadow line (reported by Mike Brodbelt).
+
+ * autogen.sh: reorder.
+
+ * lib/getdef.c:
+ CRACKLIB_DICTPATH, ENV_HZ, ENV_PATH, ENV_ROOTPATH, ENV_SUPATH, ENV_TZ,
+ ENVIRON_FILE, FTMP_FILE, ISSUE_FILE, LASTLOG_ENAB, MAIL_CHECK_ENAB, MAIL_DIR,
+ MAIL_FILE, MD5_CRYPT_ENAB, MOTD_FILE, NOLOGINS_FILE, OBSCURE_CHECKS_ENAB,
+ PASS_ALWAYS_WARN, PASS_CHANGE_TRIES, PASS_MAX_DAYS, PASS_MAX_LEN, PASS_MIN_DAYS,
+ PASS_MIN_LEN, PASS_WARN_AGE, PORTTIME_CHECKS_ENAB, SU_WHEEL_ONLY, QMAIL_DIR,
+ QUOTAS_ENAB, ULIMIT variables moved to code "#ifndef USE_PAM" dependent.
+
+ * configure.in:
+ fix importand typo: added missing ",". Now LOGIN_ACCESS realy is defined only
+ when PAM is not enabled.
+
+ * libmisc/obscure.c, libmisc/limits.c:
+ all functions from this file are "#ifndef USE_PAM" dependent.
+
+ * libmisc/setugid.c (change_uid):
+ removed dead code depndent on "#ifdef BSD".
+
+ * libmisc/ttytype.c (ttytype):
+ removed dead code depend on "defined(SUN) || defined(BSD) || defined(SUN4)".
+
+ * src/login.c (setup_tty): remove dead code.
+
+ * libmisc/rlogin.c:
+ fix compilation warning: replace #include <unistd.h> by #include <netdb.h>
+ where ruserok() is declared.
+
+2005-03-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po: kill one fuzzy entry.
+
+2005-03-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, libmisc/log.c:
+ fixed create lastlog entry fo users never loged in on non-PAM
+ variant of login (fix by <oracular@ziplip.com>).
+
+2005-03-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, etc/Attic/login.defs.linux, etc/login.defs, lib/getdef.c, man/pl/login.defs.5:
+ remove handle login.defs::NOLOGIN_STR (never used).
+
+2005-02-25 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/shadow.5:
+ added missing '\&' in line starting with '\.', which causes groff to skip
+ it entirely (fix submited by Danilo Piazzalunga <danilopiazza@libero.it>).
+
+ * TODO: cleanups.
+
+2005-02-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/useradd.c, NEWS:
+ useradd: fixes a potential security problem when mailbox is created in
+ useradd.
+ Patch and comment by Koblinger Egmont <egmont@uhulinux.hu>:
+ Only two arguments are passed to the open() call though it expects three
+ because O_CREAT is present. Hence the permission of the file first becomes
+ some random garbage found on the stack, and an attacker can perhaps open
+ this file and hold it open for reading or writing before the proper
+ fchmod() is executed. (Actually, we could also pass the final "mode" to
+ the open() call and then save the consequent fchmod().)
+
+2005-02-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/LINGUAS, po/tl.po:
+ added tl translation (fron Debian resources).
+
+2005-02-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/chage.c, src/chfn.c, src/chsh.c, src/passwd.c:
+ SELinux changes: added changes in chage, chfn, chsh, passwd for allow
+ construct more grained user password/accuunt properties on SELinux
+ policies level. Patch originally based on RH changes (submited by Chris
+ PeBenito <pebenito@gentoo.org>)
+
+2005-02-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fr.po, NEWS:
+ updated translation (by Jean-Luc Coulon <jean-luc.coulon@wanadoo.fr>) from
+ Debian resources.
+
+2005-01-26 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in: open work on 4.0.8.
+
+2005-01-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po:
+ "make update-po".
+
+2005-01-21 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, po/it.po:
+ updated it translations (by Danilo Piazzalunga <danilopiazza@libero.it>).
+
+2005-01-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/rlogin.c: remove ruserok() prototyle and #include <unistd.h>.
+
+ * lib/getdef.c: remove strtol() prototype (it comes with <stdlib.h>).
+
+ * po/da.po, po/es.po, po/nl.po, po/pl.po, po/pt.po:
+ "Project-Id-Version: shadow 4.0.7".
+
+ * NEWS, po/fi.po:
+ updated fi translation (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+2005-01-18 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/da.po, po/es.po, po/pl.po, po/pt.po: kill fuzzy entries.
+
+ * po/nl.po, NEWS:
+ updated nl translations (by cobaco (aka Bart Cornelis)" <cobaco@linux.be>).
+
+ * lib/Makefile.am (libshadow_la_LIBADD): removed snprintf.h.
+
+ * NEWS, po/LINGUAS, po/zh_TW.po:
+ added zh_TW translation (from Debian resources).
+
+ * po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po:
+ "make update-po".
+
+ * src/Attic/mkpasswd.c, src/passwd.c, src/userdel.c, src/chage.c, src/chfn.c, src/chsh.c, src/gpasswd.c, src/groups.c, src/login.c:
+ "less means better" added fixes which makes english texts more consistent
+ especially with capitalization issues. Based on fixes by Tommi Vainikainen
+ <thv+debian@iki.fi> (make all text begining from lower case .. not upper).
+ This patch cuts i18n entries in each po/*po file from 420 to 402.
+
+2005-01-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: added pt to updated translations.
+
+ * lib/defines.h: reverte last change (mistake).
+
+ * po/pt.po:
+ updated translation by Miguel Figueiredo <elmig@debianpt.org>.
+
+2005-01-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: typo.
+
+ * NEWS: update da, es and pl (100%) translations.
+
+ * po/pl.po: finish translations.
+
+ * po/da.po: updated translations by Claus Hindsgaul <claus_h@image.dk>.
+
+ * NEWS, TODO: Typos found by Claus Hindsgaul <claus_h@image.dk>.
+
+ * po/es.po: Updates from Ruben Porras <nahoo@inicia.es>.
+
+ * lib/defines.h: - remove usong shadow_.h.
+
+ * po/pl.po: kill fuzzy.
+
+ * NEWS, lib/Attic/grent.c, lib/Attic/lastlog_.h, lib/Attic/md5.c, lib/Attic/md5.h, lib/Attic/md5crypt.c, lib/Attic/mkdir.c, lib/Attic/putgrent.c, lib/Attic/putpwent.c, lib/Attic/putspent.c, lib/Attic/pwent.c, lib/Attic/rename.c, lib/Attic/rmdir.c, lib/Attic/shadow_.h, lib/Attic/snprintf.c, lib/Attic/snprintf.h, lib/Attic/strcasecmp.c, lib/Attic/strdup.c, lib/Attic/strerror.c, lib/Attic/strstr.c, lib/Makefile.am:
+ remove unused now files in lib/ directory.
+
+ * po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/POTFILES.in, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po:
+ Now correctly shadow passes "make distcheck".
+
+ * NEWS: typo.
+
+2005-01-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/faillog.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, NEWS:
+ switch faillog ro use getopt_long().
+
+ * etc/pam.d/su: aded line with "session required pam_env.so".
+
+2004-12-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/de/Makefile.am, man/de/vigr.8, man/de/vipw.8, NEWS:
+ added de vigr(8), vipw(8) man pages (from Debian resources).
+
+2004-12-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/LINGUAS, po/ro.po, po/sq.po, NEWS:
+ added ro, sq translations (from Debian resources).
+
+2004-12-20 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in:
+ added checing is fseeko() function is avalaibabe in system: added fseeko to
+ AC_CHECK_FUNCS parameters.
+
+ * lib/Makefile.am:
+ fixed warning message about incorrect try linking non-PIC code with shared
+ library: removed $(top_builddir)/libmisc/libmisc.a from libshadow_la_LIBADD.
+
+ * NEWS:
+ - final entry about fixed large file support in lastlog and faillog.
+
+ * src/vipw.c, lib/Attic/pwent.c, lib/Attic/grent.c:
+ use fseeko() instead fseek(). This not realuy neccessary because in this
+ cases fseek() was used for move to begin of file. This only for minimize
+ external functions count.
+
+ * src/faillog.c:
+ fixes for allow operate on large files by faillog: use fseeko() instead
+ fseek().
+
+ * src/lastlog.c:
+ fixes for allow operate lastlog on large files: use fseeko() instead fseek()
+ and do not casrt file offsets to unsigned long (based on large-file patch
+ from FC).
+
+ * src/faillog.c: fixed typo in usage().
+
+2004-12-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/newgrp.1: fixed typo in bold macro.
+
+2004-12-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/chpasswd.8: remove bold from NAZWA section.
+
+2004-12-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/faillog.c: remove using Prog variable.
+
+ * configure.in, NEWS:
+ fixed large file support: added AC_SYS_LARGEFILE macro to autoconf.
+
+ * man/Attic/groupmod.8, man/pl/groupmod.8: separate OPTIONS section.
+
+ * man/pl/chpasswd.8: sync with english version.
+
+ * man/Attic/chpasswd.8:
+ bold "chpasswd" command name in CAVEATS section.
+
+ * man/Attic/chpasswd.8: s/protect/protected/
+
+ * man/pl/lastlog.8: cleanups.
+
+ * man/Attic/chpasswd.8, man/Attic/lastlog.8, man/Attic/newusers.8:
+ remove bold from NAME section.
+
+ * man/it/groupadd.8, man/it/useradd.8: separate OPZIONI section.
+
+ * man/pl/groupmems.8: fixes in OPCJE section.
+
+ * man/Attic/chpasswd.8: more cleanups.
+
+2004-12-11 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/chage.1, man/Attic/chfn.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.5, man/Attic/pw_auth.3, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadowconfig.8, man/Attic/suauth.5, man/Attic/useradd.8:
+ Fixed varoiuse typos and misspeling based partialy on patch from Bug#141322
+ from Debian (submited by Christian Perrier <bubulle@debian.org>).
+
+ * man/Attic/chpasswd.8: more cleanups.
+
+ * man/pl/faillog.8, man/Attic/faillog.8, man/ja/faillog.8:
+ remove from OPTIONS section information about avalaibability on some systems
+ faillog database in other location thad listed in FILES section.
+
+ * man/Attic/chpasswd.8: updated.
+
+ * man/fr/faillog.5:
+ fixed FICHIERS secttion: corrected change to italic on /var/log/faillog.
+
+ * src/faillog.c:
+ move main() to the end of file and reorder rest functions. Now declararion
+ finction prototypes can be removed.
+
+2004-12-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: updated.
+
+ * man/pl/lastlog.8: synced with current english version.
+
+ * man/Attic/lastlog.8: use the same style as in chpasswd(8).
+
+ * po/uk.po, po/zh_CN.po, po/tr.po, po/sv.po, po/ru.po, po/sk.po, po/pt_BR.po, po/pt.po, po/pl.po, po/nn.po, po/nl.po, po/nb.po, po/ko.po, po/ja.po, po/he.po, po/id.po, po/it.po, po/fi.po, po/fr.po, po/es.po, po/eu.po, po/el.po, po/da.po, po/de.po, po/cs.po, po/ca.po, po/bs.po:
+ "make update-po" after rewrite lastlog.
+
+ * src/lastlog.c: Rewrite for use the same style as in chpasswd.c.
+ Move open lastlog file after commadline option parsing so now --help option
+ can be used by user without read access to lastlog file.
+
+ * src/chpasswd.c:
+ s/display this help and exit/display this help message and exit/ in ussage()
+ output.
+
+ * po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po:
+ "make update-po".
+
+ * src/chpasswd.c:
+ Added handle -h|--help option. Improved and updated ussage() output.
+
+2004-12-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/tr.po, po/uk.po, po/zh_CN.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/da.po, po/de.po, po/el.po, po/bs.po, po/ca.po, po/cs.po:
+ "make update-po" and resolve fuzzy with last change in src/chpasswd.c.
+
+ * src/chpasswd.c, NEWS:
+ switch chpasswd to use getopt_long() and adds a --md5 option
+ (by Ian Gulliver <ian@penguinhosting.net>).
+
+ * NEWS, configure.in: start work on 4.0.7.
+
+2004-11-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: cleanups.
+
+ * po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po, po/ca.po, po/cs.po, po/da.po:
+ removed not used translations.
+
+ * NEWS, src/su.c:
+ fix adding of pam_env env variables to enviroment (Martin Schlemmer <azarah@nosferatu.za.org>).
+
+ * NEWS, configure.in:
+ fixed filling MAIL_SPOOL_DIR and MAIL_SPOOL_FILE variables which was allways
+ empty (Gregorio Guidi <g.guidi@sns.it>)
+
+ * NEWS: updated.
+
+ * src/useradd.c, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po:
+ do not translate variable names from /etc/default/useradd during "useradd -D".
+
+2004-11-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/zh_CN/groupadd.8, man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/usermod.8, man/zh_TW/groupadd.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/usermod.8, man/it/groupadd.8, man/it/groupmod.8, man/it/useradd.8, man/it/usermod.8, man/ja/groupadd.8, man/ja/groupmod.8, man/ja/useradd.8, man/ja/usermod.8, man/pl/groupadd.8, man/pl/groupmod.8, man/pl/useradd.8, man/pl/usermod.8, man/pt_BR/groupadd.8, man/pt_BR/groupmod.8, man/Attic/groupadd.8, man/Attic/groupmod.8, man/Attic/useradd.8, man/fr/useradd.8, man/fr/usermod.8, man/id/useradd.8:
+ correction: groups/users with gid/uid 0 and 999 are reserved for system accounts.
+
+ * man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/usermod.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/usermod.8, man/id/useradd.8, man/it/groupadd.8, man/it/groupmod.8, man/it/useradd.8, man/it/usermod.8, man/ja/groupadd.8, man/ja/groupmod.8, man/ja/useradd.8, man/ja/usermod.8, man/pl/groupadd.8, man/pl/groupmod.8, man/pl/useradd.8, man/pl/usermod.8, man/pt_BR/groupmod.8, man/Attic/groupadd.8, man/Attic/groupmod.8, man/Attic/useradd.8, man/fr/useradd.8, man/fr/usermod.8:
+ zgroups/users with gid/uid 0 and 499 are typically reserved for system accounts.
+
+2004-11-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/Attic/mkpasswd.8, man/pl/chage.1, man/pl/chsh.1, man/pl/faillog.8, man/pl/groupadd.8, man/pl/groupmems.8, man/pl/groupmod.8, man/pl/lastlog.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, man/Attic/chage.1, man/Attic/chsh.1, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupmems.8, man/Attic/lastlog.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8:
+ separated OPTIONS section.
+
+ * lib/commonio.c: reverte last change.
+
+ * libmisc/pwdcheck.c:
+ one word fix .. ommited "else" was removed. Now security bug which allow
+ unauthorized account properties modification is realy closed.
+
+2004-10-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/commonio.c:
+ add matchpathcon to create the files correctly when they do not exist (based
+ on patch from FC).
+
+ * man/Attic/passwd.1: fixed two typos ("/" in incorrect place).
+
+2004-10-27 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * etc/pam.d/useradd: - added header
+
+ * etc/pam.d/chfn, etc/pam.d/chsh, etc/pam.d/userdel: - fixed header
+
+2004-10-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * etc/pam.d/chfn, etc/pam.d/chsh, etc/pam.d/userdel:
+ added missing template/example PAM service config files for chfn, chsh, userdel.
+
+ * NEWS, configure.in: start 4.0.6.
+
+2004-10-26 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/Attic/adduser.8, man/pl/Makefile.am, man/Attic/adduser.8, man/Makefile.am, man/fr/Attic/adduser.8, man/fr/Makefile.am, man/id/Attic/adduser.8, man/id/Makefile.am, man/it/Attic/adduser.8, man/it/Makefile.am, man/ja/Attic/adduser.8, man/ja/Makefile.am, NEWS:
+ remove adduser(8) roff include man page to useradd(8).
+
+ * lib/Makefile.am: more fixes for non-inst libmisc.
+
+ * libmisc/Makefile.am, src/Makefile.am, NEWS:
+ change libmisc to private static library.
+
+ * etc/pam.d/Makefile.am: typo.
+
+2004-10-24 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * po/pl.po: - more translation/formatting fixes
+
+ * po/pl.po: - updated translation
+
+ * po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po:
+ - make update-po, updated usage() translation
+
+ * src/useradd.c: - syntax fix for useradd in usage()
+
+ * po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po:
+ - usage() formatting and other fixes
+
+ * po/fi.po: - proper UTF
+
+ * po/pl.po: - pl translation fixes/updates by Jakub Bogusz
+
+2004-10-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * etc/pam.d/chage, etc/pam.d/chpasswd, etc/pam.d/groupadd, etc/pam.d/groupdel, etc/pam.d/groupmod, etc/pam.d/newusers, etc/pam.d/useradd, etc/pam.d/usermod:
+ use default path to PAM modules.
+
+ * etc/pam.d/Attic/shadow, etc/pam.d/Makefile.am, etc/pam.d/chage, etc/pam.d/chpasswd, etc/pam.d/groupadd, etc/pam.d/groupdel, etc/pam.d/groupmod, etc/pam.d/login, etc/pam.d/newusers, etc/pam.d/usermod:
+ Remove shadow PAM config file. Added PAM config files for: chage, chpasswd,
+ groupadd, groupdel, groupmod, login, newusers.
+
+ * po/zh_CN.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po:
+ "make update-po".
+
+ * configure.in: reverte previous incorrect commit.
+
+ * NEWS, src/su.c:
+ add pam_open_session() support. If builded without PAM support
+ propagate $DISPLAY and $XAUTHORITY enviroment variables.
+ Based on http://www.gentoo.org/cgi-bin/viewcvs.cgi/sys-apps/shadow/files/shadow-4.0.4.1-su-pam_open_session.patch?rev=1.1
+
+2004-10-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in: cleanups.
+
+ * lib/defines.h:
+ define syslog() depending on ENABLE_NLS (not on HAVE_SETLOCALE).
+
+2004-10-23 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * man/fr/Makefile.am: - killed non-existent manpage
+
+2004-10-18 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/copydir.c, NEWS:
+ when placing symlinks into /etc/skel copy_tree of libmisc/copydir.c will
+ properly create the symlink in the destination directory but not change the
+ ownership to the target user/group. This makes httpd Option
+ SymlinkIfOwnerMatch break for default weg pages including symlinks placed
+ into /etc/skel/public_html for example.
+ http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=66819
+
+2004-10-11 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/Makefile.am:
+ seems I foud CorrectWay(tm) for add some symlinks on install target.
+
+ * po/pl.po: more fixes.
+
+ * po/pl.po: added missing \n.
+
+ * src/chage.c, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po:
+ more verbose/human readable -l output. This output is much more beter for
+ send directly via email for each users as message with account status (for
+ example as message with warning about account/password expiration).
+
+ * configure.in: start prepare for 4.0.5.
+
+ * src/Makefile.am, libmisc/Makefile.am, lib/Makefile.am, configure.in:
+ move LOCALEDIR to autoheader variables. Remove redefining DEFS in
+ Makefile.am (not neccessary now).
+
+ * src/chage.c, src/chpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/grpck.c, src/logoutd.c, src/newusers.c, src/pwck.c, src/useradd.c, src/userdel.c, src/usermod.c, NEWS:
+ applied OWL shadow-4.0.4.1-owl-pam-auth.diff patch by Solar Designer
+ <solar@openwall.com>:
+ Moved the PAM authentication in user management commands after
+ command-line parsing, made it use separate service names for each command.
+ Use constant strings rather than argv[0] for syslog ident in the user
+ management commands.
+
+ * man/Attic/useradd.8:
+ reword the useradd manpage a little to make it more clear. Fix from:
+ http://www.gentoo.org/cgi-bin/viewcvs.cgi/sys-apps/shadow/files/shadow-4.0.4.1-useradd-manpage-update.patch?rev=1.1
+
+ * configure.in: added libselinux detection.
+
+ * lib/Makefile.am, lib/commonio.c, lib/commonio.h, NEWS, autogen.sh, configure.in:
+ added SELinux support (basing on patch from Gentoo).
+
+ * man/fr/Makefile.am (man_MANS): added getspnam.3.
+
+2004-10-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, src/groupadd.c, src/groupmod.c:
+ English grammar fix: s/is a not a valid group name/is not a valid group name/
+ (pointed by Mike Frysinger <vapier@gentoo.org>).
+
+2004-10-08 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/userdel.c:
+ When removing a user with userdel, userdel always exits 1 (fixed).
+ Based on http://bugs.gentoo.org/show_bug.cgi?id=66687.
+
+2004-08-21 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in:
+ Use AC_SEARCH_LIBS() for inet_ntoa(), socket(), gethostbyname() probing (instead AC_CHECK_FUNC()).
+
+2004-08-18 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Makefile.am: shadow(3) man page moved to man_MANS.
+
+ * libmisc/ttytype.c: Removed getenv() prototype (it is in <stdlib.h>).
+
+ * src/Attic/mkpasswd.c:
+ Removed fgetsx() prototype (it is in lib/prototypes.h).
+
+ * man/it/vigr.8: Fixed typo (s/wipw/vipw/).
+
+2004-08-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: Typo.
+
+ * po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po, po/cs.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nn.po, po/pl.po, po/pt.po, po/ru.po, po/sk.po, po/sv.po:
+ Run "make update-po".
+
+ * po/ca.po, po/da.po, po/nl.po, po/pt_BR.po: Converted to UTF-8.
+
+ * po/LINGUAS: Typo.
+
+ * po/nb.po, po/nl.po, po/nn.po, po/pt.po, po/pt_BR.po, po/tr.po, po/zh_CN.po, NEWS, po/LINGUAS, po/bs.po, po/ca.po, po/da.po, po/eu.po, po/he.po, po/id.po:
+ New translations: bs, ca, da, eu, he, id, nb, nl, nn, pt, pt_BR, tr,
+ zh_CN (stolen froM Debian)
+
+ * man/Attic/grpck.8, man/Attic/mkpasswd.8, man/Attic/pwck.8, man/pl/Attic/mkpasswd.8, man/pl/grpck.8, man/pl/pwck.8:
+ Corrected section number.
+
+2004-08-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/zh_TW/chfn.1, man/zh_TW/chsh.1, man/zh_TW/groupadd.8, man/id/chsh.1, man/id/login.1, man/it/chfn.1, man/pl/chage.1, man/pl/groupadd.8, man/pl/groupmems.8, man/pl/lastlog.8, man/pl/login.1, man/pt_BR/groupadd.8, man/zh_CN/chfn.1, man/zh_CN/chsh.1, man/de/login.1, man/de/su.1, man/fr/chsh.1, man/fr/passwd.1, man/fr/usermod.8, man/hu/chfn.1, man/Attic/chage.1, man/Attic/groupadd.8, man/Attic/groupmems.8, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/usermod.8:
+ Options description in alphabetical order.
+
+ * NEWS, src/login.c:
+ Applied 036_pam_access_with_preauth.patch Debian patch submited by Bjorn
+ Torkelsson <Bjorn.Torkelsson@hpc2n.umu.se>: add support for PAM account
+ management to restrict access using pam_access when login is invoked with -f.
+
+2004-06-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/getspnam.3: added roff link to shadow(3).
+
+ * man/Makefile.am (man_MANS): added getspnam.3.
+
+2004-06-03 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, lib/commonio.c, lib/getdef.c, src/vipw.c:
+ Applied OWL shadow-4.0.4.1-owl-check-reads.diff patch by Solar Designer.
+ Add checking for read errors in commonio and vipw/vigr (not doing so could
+ result in data loss when the records are written back).
+
+ * NEWS: Add note about apply shadow-4.0.4.1-owl-tmp.diff OWL patch.
+
+ * src/useradd.c, configure.in:
+ Remove looking for mkstemp() prototype and allways use mkstemp() (removed
+ using mktemp if mkstemp() not found).
+ Partialy based on tmp OWL patch by Solar Designer <solar@openwall.com>.
+
+ * NEWS, libmisc/pwdcheck.c:
+ Fixed securirty bug which allow unauthorized account properties modification.
+ Affected tools: chfn and chsh.
+ Bug was discovered by Martin Schulze <joey@infodrom.org>.
+
+2004-05-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: typo.
+
+ * NEWS, po/LINGUAS, po/it.po:
+ added it translation (by Danilo Piazzalunga <danilopiazza@libero.it>).
+
+2004-05-18 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: typos.
+
+ * po/sk.po: updated (by Peter Mann <Peter.Mann@tuke.sk>).
+
+2004-05-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/sk.po: run "make update-po".
+
+ * NEWS, po/LINGUAS, po/sk.po:
+ added sk translation (by Mann <Peter.Mann@tuke.sk>, submited by Christian
+ Perrier <bubulle@kheops.frmug.org>).
+
+2004-05-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in:
+ Use autoconf cache variables for file and directory location tests (by
+ Maciej W. Rozycki <macro@ds2.pg.gda.pl>).
+
+2004-05-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/passwd.5:
+ Correct path directory delimiters (by Maciej W. Rozycki <macro@ds2.pg.gda.pl>).
+
+ * libmisc/xmalloc.c (malloc):
+ Remove the declaration (by Maciej W. Rozycki <macro@ds2.pg.gda.pl>).
+
+2004-04-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/login.c, NEWS:
+ Fixed handle -f option: now it works correctly without specify "-h
+ <host>" if open login session localy is required (thanks for help
+ investigate bug for Krzysztof Kotlenga).
+
+ * po/es.po: Updated (by Ruben Porras <nahoo82@telefonica.net>).
+
+2004-04-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/cs.po, po/de.po, po/el.po, po/fi.po, po/fr.po, po/ja.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+ Run "update-po".
+
+2004-04-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/es.po: Updated to current (by run "update-po").
+
+ * po/es.po: Converted to utf-8.
+
+ * po/LINGUAS: Added es.
+
+ * po/es.po, NEWS:
+ Added es translation (by Ruben Porras <nahoo82@telefonica.net>).
+
+2004-04-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/ko.po, NEWS:
+ Updated ko translations (by Changwoo Ryu <cwryu@debian.org>).
+
+2004-04-02 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fi.po: iconv -f iso8859-9 -t utf8
+
+2004-03-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/age.c:
+ Use endsgent() conditionaly depending on SHADOWGRP (fix submited by Gabor Z.
+ Papp <gzp@papp.hu>).
+
+ * po/LINGUAS, po/fi.po, NEWS:
+ Added fi translation (by Tommi Vainikainen <thv@iki.fi>).
+
+ * README: Fixed shadow and shadow-commit lists on-line archives URLs.
+
+2004-01-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in, man/fr/Makefile.am, man/hu/Makefile.am, man/it/Makefile.am:
+ New version 4.0.4.1
+ bug fixes in automake files for generate correct tar ball on "make dist":
+ added midsiing "EXTRA_DIST = $(man_MANS)" in man/*/Makefile.am.
+
+ * man/ko/Makefile.am: New version 4.0.4.1
+ bug fixes in automake files for generate correct tar ball on "make dist":
+ added missing "EXTRA_DIST = $(man_MANS)" in man/*/Makefile.am.
+
+ * man/de/Makefile.am, man/es/Makefile.am: New version 4.0.4.1
+ bug fixes in automake files for generate correct tar ball on "make dist":
+ added midsiing "EXTRA_DIST = $(man_MANS)" in man/*/Makefile.am.
+
+ * configure.in: Fixed checking is avalaible st_rdev in struct stat.
+
+2004-01-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po: Typo.
+
+ * man/pl/useradd.8: Cleanups in SYNOPSIS.
+
+2004-01-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po: Cleanups.
+
+2004-01-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in: Cleanups after autoupdate.
+
+2004-01-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/groupadd.c, po/sv.po, po/uk.po, po/ru.po, po/ko.po, po/pl.po, po/fr.po, po/ja.po, po/el.po, po/cs.po, po/de.po, man/zh_TW/groupadd.8, man/zh_CN/groupadd.8, man/pt_BR/groupadd.8, man/pl/groupadd.8, man/ja/groupadd.8, man/it/groupadd.8, man/Attic/groupadd.8, NEWS:
+ Added missing information about -f options in groupadd usage mesage (document
+ this also in man page).
+
+2003-12-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/Attic/lastlog_.h, libmisc/log.c, libmisc/utmp.c, src/lastlog.c, src/login.c:
+ More time() or gettimeofday() prevention overwrite memory on 64bit arch
+ (partialy based on patch from MDK).
+
+ * po/sv.po, po/uk.po, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po:
+ Post remove TCFS support "make update-po".
+
+ * man/Makefile.am: Removed getspnam.3 from EXTRA_DIST.
+
+ * po/POTFILES.in: Removed lib/tcfsio.c.
+
+ * lib/Attic/tcfsio.c, lib/Attic/tcfsio.h, lib/Makefile.am, src/passwd.c, src/userdel.c, NEWS, configure.in, doc/Attic/README.pam:
+ Removed TCFS support (tcfs is dead).
+
+ * configure.in:
+ Added using AM_MAINTAINER_MODE. AC_INIT without parameters.
+
+ * Attic/acconfig.h, configure.in:
+ Cleanups on autoheadres level: use AC_DEFINE(VAR, VAL, [Comment]) for
+ USE_PAM, HAVE_TCFS and TCFS_GDBM_SUPPORT.
+
+ * src/newusers.c, src/useradd.c, Attic/acconfig.h, autogen.sh, lib/Attic/pwpack.c, NEWS:
+ Remove all old BSD_QUOTA dependent code.
+
+2003-12-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/Makefile.am, libmisc/Makefile.am, src/Makefile.am:
+ Removed -I$(top_srcdir) from INCLUDES (isn't neccessary becaus this is in
+ DEFAULT_INCLUDES) - slightly shorter compile output.
+
+ * Makefile.am, configure.in:
+ Added using AM_GNU_GETTEXT([external]) - removed intl SUBDIRS.
+ Added locale.h to AC_CHECK_HEADERS() - lib/defines.h have part which depends
+ on HAVE_LOCALE_H.
+
+ * lib/nscd.h: Added missing newline at end of file.
+
+ * Attic/acconfig.h: Remove unused (#un)defines.
+
+ * autogen.sh: Typo.
+
+ * autogen.sh: Much more simpler script - use autoreconf.
+
+ * po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+ "make update-po".
+
+2003-12-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/LINGUAS: Languages list for gettext 1.12.x.
+
+2003-10-26 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po: Kill fuzzy entries.
+
+2003-10-21 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/usermod.8:
+ Typo: missing "." on end of sentence (submited by Stepan Kasal <kasal@ucw.cz>).
+
+2003-09-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po, po/cs.po, po/de.po, po/el.po, NEWS:
+ convert all po/*.po files to utf-8.
+
+2003-09-05 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * po/ru.po: - fixed header
+
+2003-07-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po, po/ru.po, po/sv.po, po/uk.po, libmisc/pam_pass.c, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po:
+ Otput "passwd: password updated successfully\n" message on successfull
+ password change (based on Debian changes).
+
+ * src/newgrp.c: Remove work around for unsecure gettext.
+
+2003-06-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/useradd.c, src/usermod.c:
+ Added initializing memory in variables when get_groups() function is not called,
+ and memory allocated for user_groups is not initialized (in both useradd and
+ usermod when -G options is used and in usermod when -l option is used).
+ That causing segfaults sometimes.
+ This fix is importand but not critical because usermod and usermod aren't suid
+ root.
+ Problem reported and fixed by Alexey Voinov <voins@altlinux.ru>.
+
+2003-06-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/login.1: Fixed FILES section.
+
+ * src/chfn.c, src/chpasswd.c, src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/login.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/suauth.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c:
+ Indented.
+
+ * src/chage.c: Move *flg variables to global.
+
+ * Attic/acconfig.h: Comment for USG.
+
+2003-05-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/de/chfn.1, man/de/login.1:
+ Fixed section name (s/NAME/BEZEICHNUNG/).
+
+ * man/de/chfn.1, man/de/chsh.1: Sync FILES section with en version.
+
+ * man/Attic/login.1: Typo (s/avr/var/).
+
+ * man/de/login.1: Sync FILES section with en man version.
+
+ * man/de/chfn.1, man/de/chsh.1, man/de/login.1: Remove ^M from EOL.
+
+ * man/de/login.1, man/de/Makefile.am, man/de/chfn.1, man/de/chsh.1, NEWS:
+ Next round updates from Josef Spillner <josef@ggzgamingzone.org>: update
+ chsh(1), login(1) and added new chfn(1) german man pages.
+
+ * NEWS: Added info about remove d_passwd(5), dialups(5) man pags.
+
+2003-05-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, TODO, src/chfn.c, src/chpasswd.c, src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/passwd.c, src/pwunconv.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c:
+ One TODO entry gone: fix nscd flushing databases on change (use
+ per service flushing method instead HUPing nscd process).
+
+ * lib/Makefile.am, lib/commonio.c, lib/nscd.c, lib/nscd.h, libmisc/Attic/nscd.c, libmisc/Attic/nscd.h, libmisc/Makefile.am:
+ Move nscd.{c,h} from libmisc/ to lib/.
+ Fix warning about implicit declaration of function `nscd_flush_cache' in lib/commonio.c.
+
+ * lib/pwauth.h: Fix pw_auth() prototype.
+
+ * libmisc/Attic/nscd.c, libmisc/Attic/nscd.h, libmisc/Makefile.am:
+ Added header file for nscd communication functions.
+
+ * libmisc/chkname.c (good_name):
+ fixed warning about comparison between pointer and integer.
+
+ * po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+ "make update-po".
+
+ * src/useradd.c (main):
+ chain create_mail() and small fix in usage message.
+
+ * src/userdel.c: Removed AUTH_METHODS code.
+
+ * lib/pwauth.c: Fixed pw_auth() prototype.
+
+ * src/sulogin.c, src/usermod.c: Removed AUTH_METHODS code.
+
+ * po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+ "make update-po".
+
+ * src/useradd.c: Indent.
+
+ * man/ja/Attic/pwauth.8, man/ja/Makefile.am, man/pl/Attic/pwauth.8, man/pl/Makefile.am, src/passwd.c, src/useradd.c, NEWS, lib/pwauth.c, man/Attic/pwauth.8, man/Makefile.am:
+ Cleanups continuations: removed old AUTH_METHODS dependent code,
+ removed also pwauth(8) man page.
+
+ * man/pl/Makefile.am (man_MANS): remove d_passwd.5 man page.
+
+ * src/useradd.c, src/usermod.c, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+ Cleanups in usage messages.
+
+ * src/newgrp.c: Cleanups in comments.
+
+ * po/uk.po, po/sv.po, po/ru.po, po/pl.po, po/ko.po, po/ja.po, po/fr.po, po/el.po, po/de.po, po/cs.po:
+ "make update-po".
+
+ * lib/getdef.c (main): remove gettextize error messages from test code.
+
+ * NEWS: Cleanups.
+
+2003-05-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/useradd.c, man/pl/useradd.8, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po, NEWS, TODO, etc/useradd, man/Attic/useradd.8:
+ Added handle by useradd /etc/defaults/useradd::CREATE_MAIL_SPOOL={yes|no}.
+ Now on adding user account can be added also created empty user mail
+ spool. Curent code handle only mailbox.
+ TODO: add handle create user mail spool in maildir format.
+
+ * TODO: Typo.
+
+ * src/chage.c (usage): fix missing ")".
+ (main): updated commented description.
+
+ * src/useradd.c: Indent.
+
+ * man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8:
+ Minor cleanups.
+
+ * man/Attic/chage.1, man/pl/chage.1:
+ Rewrite for use claissic list form options descriptions.
+
+ * man/pl/groupadd.8:
+ s/Polecenie groupadd posiada opcje:/Polecenie groupadd posiada następujące opcje:/
+
+ * TODO: ALL:
+ move base passwd/shadow/group/gshadow operation to module for allow write
+ diffrent backend modules for db, NIS, LDAP and others. Default backend it
+ will be choose depending on /etc/nsswitch.conf and allow overrride this by
+ -r <repository> options (where the <repository> can be file, db, nis
+ nisplus, ldap .. like on /etc/nsswitch.conf in service column).
+ passwd have old piece of code with handling -r option and it will be good
+ finish this and propagate on other shadow tools for allow operate on other
+ user databases by well known tools.
+
+ useradd:
+ add handle /etc/defaults/useradd::CREATE_MAIL_SPOOL={yes,no} for allow
+ create empty mail spool for added user.
+
+ * man/pl/Attic/d_passwd.5, man/pl/Attic/dialups.5: Removed.
+
+ * man/Attic/groupmems.8: Close few \fB by add \fR.
+
+ * man/Attic/groupadd.8, man/Attic/groupmems.8: Minor cleanups.
+
+2003-05-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/grpconv.c, src/grpunconv.c, src/pwconv.c, src/pwunconv.c:
+ Move non-SHADOWPWD stub code to end of file (like in chage.c) and do not use
+ gettextized message.
+
+ * po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+ "make update-po".
+
+ * src/chage.c, NEWS:
+ Now all code depend on SHADOWPWD. If shadow will not be configured on
+ autoconf level for using shadow possword chage is olny stub which informs
+ "chage not configured for shadow password support."
+
+ * man/it/Makefile.am: Removed EXTRA_DIST (not neccessary).
+
+ * man/es/Makefile.am: Removed groups.1 (doen't exist es groups(1)).
+
+ * man/de/Makefile.am (man_MANS): added login.1.
+
+ * man/de/Makefile.am: Removed EXTRA_DIST (isn't neccessary now).
+
+ * man/hu/Makefile.am, man/ja/Makefile.am, man/ko/Makefile.am, man/pl/Makefile.am, man/de/Makefile.am, man/fr/Makefile.am, NEWS, man/Makefile.am:
+ Install groups(1) man page (moved from EXTRA_DIST to man_MANS).
+
+ * po/.cvsignore:
+ Added files generated by gettextize from gettext 0.11.5.
+
+ * po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+ Updated after removing dialup tools.
+
+ * po/POTFILES.in: Removed lib/{dialchk,dialup}.c and src/dpasswd.c.
+
+2003-05-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/shell.c (shell): do not gettexitize DEBUG message.
+
+ * src/chsh.c, src/grpconv.c, src/login.c, src/logoutd.c, src/sulogin.c, src/vipw.c, libmisc/Attic/login_access.c, libmisc/getdate.y, libmisc/limits.c, libmisc/obscure.c, libmisc/setupenv.c, lib/Attic/getpass.c, lib/pwauth.c:
+ Removed "#if 0 .. #endif" dead code.
+
+ * libmisc/utmp.c: Fixed unterminated #if.
+
+ * libmisc/Attic/login_access.c (resolve_hostname):
+ cleanup: removed #if 1 .. #endif.
+
+ * libmisc/.cvsignore: Added getdate.c.
+
+ * libmisc/Attic/getdate.c:
+ Removed - this file is generated by bison/yacc.
+
+ * configure.in:
+ Change file name passwd in AC_INIT argument from lib/dialchk.c to src/passwd.c.
+
+ * src/su.c:
+ Removed dead code (#if 0 .. #endif) with call motd() and mailcheck()
+ (was commnted because GNU su doesn't do this).
+
+2003-05-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/Attic/dpasswd.c, src/login.c, src/Makefile.am, man/pl/Attic/dpasswd.8, man/pl/Makefile.am, man/ja/Attic/dpasswd.8, man/ja/Makefile.am, man/Attic/dpasswd.8, man/Makefile.am, lib/Attic/dialchk.c, lib/Attic/dialchk.h, lib/Attic/dialup.c, lib/Attic/dialup.h, lib/Makefile.am, lib/getdef.c, etc/Attic/login.defs.linux, etc/login.defs, NEWS:
+ Removed old dpasswd and DIALUPS_CHECK_ENAB login.defs handling code from login.
+
+ * doc/Attic/ANNOUNCE, doc/Makefile.am, NEWS: Removed old doc/ANNOUNCE.
+
+ * src/login.c, lib/getdef.c, etc/Attic/login.defs.linux, NEWS:
+ Remove NO_PASSWORD_CONSOLE code.
+
+2003-05-03 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/pwd2spwd.c, libmisc/utmp.c, libmisc/entry.c, libmisc/isexpired.c, lib/sgetspent.c, lib/shadow.c, lib/Attic/putpwent.c, lib/Attic/pwent.c, lib/Attic/pwpack.c, lib/defines.h, lib/pwio.c, lib/sgetpwent.c, Attic/acconfig.h, configure.in:
+ Remove old SVR4, ATT_AGE, ATT_COMMENT dependent code.
+
+ * src/chage.c:
+ Remove some ageing code which was not used if SHADOWPWD isn't defined.
+ Now handling mindays, maxdays and lastday also depends on SHADOWPWD.
+
+2003-05-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/shadowconfig.8, man/Attic/su.1, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8:
+ Reformated.
+
+ * etc/login.defs:
+ Use FHS 2.x compliant paths to lastlog, sulog, mail spool and also change
+ ENV_SUPATH to PATH=/sbin:/bin:/usr/sbin:/usr/bin and
+ ENV_PATH to PATH=/bin:/usr/bin
+
+ * old/Attic/Makefile.am, old/Attic/Makefile.linux, old/Attic/Makefile.sun4, old/Attic/Makefile.svr4, old/Attic/Makefile.xenix, old/Attic/config.h.linux, old/Attic/config.h.sun4, old/Attic/config.h.svr4, old/Attic/config.h.xenix, old/Attic/orig-config.h, old/Attic/pwconv-old.8, old/Attic/pwconv-old.c, old/Attic/pwconv.8, old/Attic/pwd.h.m4, old/Attic/pwunconv-old.8, old/Attic/pwunconv-old.c, old/Attic/pwunconv.8, old/Attic/scologin.c, old/Attic/vipw.8:
+ Removed old stuff.
+
+2003-04-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po, po/ru.po, po/sv.po, po/uk.po, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po:
+ make update-po
+
+ * src/su.c: Remove not mached #endif after removing ATT_AGE code.
+
+ * man/ko/passwd.5: Remove ^M from end of line.
+
+ * src/chage.c, src/chpasswd.c, src/login.c, src/newusers.c, src/passwd.c, src/pwunconv.c, src/su.c, src/useradd.c, Attic/acconfig.h, NEWS, configure.in:
+ Removed old ATT_AGE (account ageing in passwd file) dependent code.
+
+ * po/pl.po: Fix chage and lastlog messages.
+
+2003-04-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/limits.c, src/logoutd.c:
+ More utmp/utmpx fixes: use endutend() or endutxend() depending on HAVE_UTMPX_H.
+
+ * po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+ Run "make update-po" after remove SVR4 code and fix duplicated entries in sv.po.
+
+ * NEWS, src/login.c, src/logoutd.c, src/useradd.c:
+ Remove old SVR4 and SVR4_SI86_EUA dependent code from login, useradd and
+ logoutd.
+
+2003-04-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/usermod.8: Remove "OD TÅUMACZA" section.
+
+ * man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/grpck.8, man/pl/passwd.1, man/pl/pwck.8, man/pl/useradd.8, man/pl/userdel.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/grpck.8, man/Attic/passwd.1, man/Attic/pwck.8, man/Attic/useradd.8, man/Attic/userdel.8:
+ Added EXIT VALUES section with full description exit codes.
+
+ * src/groupadd.c: Typo (s/nut/not/).
+
+ * man/Attic/shadowconfig.8: Merge changes from Debian.
+
+ * NEWS, man/Attic/passwd.5:
+ Remove text about password aging from passwd(5) (based on Debian changes).
+
+ * po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po, src/lastlog.c, man/Attic/lastlog.8, man/it/lastlog.8, man/ja/lastlog.8, man/pl/lastlog.8:
+ More unification in lastlog command syntax.
+
+ * man/Attic/lastlog.8, man/it/lastlog.8, man/ja/lastlog.8, man/pl/lastlog.8:
+ Unifications in SYNOPSIS.
+
+ * man/it/gpasswd.1, man/it/groupadd.8, man/it/groupdel.8, man/it/groupmod.8, man/it/grpck.8, man/it/lastlog.8, man/it/useradd.8, man/it/userdel.8, man/it/usermod.8:
+ Remove ^M from end of line.
+
+ * man/Attic/gpasswd.1, man/Attic/groupadd.8:
+ Indentation in FILES section.
+
+ * src/pwconv.c, src/useradd.c, src/userdel.c:
+ s/bad command syntax/invalid command syntax/
+
+ * src/userdel.c:
+ Indent by hand (seems indent have problems with complex conditions).
+
+ * man/ru/Makefile.am: man_MANS: s#passwd.1#passwd.5#
+
+ * po/pl.po: s/nie mogę/nie można/
+
+ * po/fr.po: Emoticon removed.
+
+ * NEWS, configure.in, man/Makefile.am, man/ru/.cvsignore, man/ru/Makefile.am, man/ru/passwd.5:
+ Added ru passwd(1) man page from KSI resources.
+
+ * man/zh_CN/Makefile.am, man/zh_CN/chfn.1, man/zh_CN/chsh.1, man/zh_TW/Makefile.am, man/zh_TW/chfn.1, man/zh_TW/chsh.1, man/ja/Attic/dpasswd.8, man/ja/Attic/mkpasswd.8, man/ja/Attic/pw_auth.3, man/ja/Attic/pwauth.8, man/ja/Attic/shadowconfig.8, man/ja/Makefile.am, man/ja/chage.1, man/ja/chfn.1, man/ja/chpasswd.8, man/ja/chsh.1, man/ja/expiry.1, man/ja/faillog.5, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/groups.1, man/ja/grpck.8, man/ja/id.1, man/ja/lastlog.8, man/ja/limits.5, man/ja/login.1, man/ja/login.access.5, man/ja/login.defs.5, man/ja/logoutd.8, man/ja/newgrp.1, man/ja/newusers.8, man/ja/passwd.1, man/ja/passwd.5, man/ja/porttime.5, man/ja/pwck.8, man/ja/pwconv.8, man/ja/shadow.3, man/ja/shadow.5, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/vipw.8, NEWS, man/cs/Makefile.am, man/cs/id.1:
+ Added chch(1), chfn(1) man pages from chinese man pages translation
+ project.
+ Added id(1) man page czech man pages translation project.
+ Updated ja man pages and added expiry(1).
+
+ * man/hu/groups.1, man/hu/login.1:
+ Remove info about $HOME/.profile from FILES section (this does not depends
+ stricte on shadow).
+
+ * configure.in, man/Makefile.am, man/es/Makefile.am:
+ Added es man pages to ac/am suit.
+
+ * man/es/.cvsignore, man/hu/.cvsignore, man/pt_BR/.cvsignore, man/zh_CN/.cvsignore, man/zh_TW/.cvsignore:
+ Added .cvsignore files.
+
+ * man/hu/Makefile.am, man/hu/su.1:
+ Added su(1) man page from hungarian man pages translation project.
+
+2003-04-26 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: Ready for gettext 0.11.5, automake 1.7.4, autoconf 2.57.
+ Many cleanups and unifications in man pages.
+
+ * man/pt_BR/gpasswd.1, man/pt_BR/groupadd.8, man/pt_BR/groupdel.8, man/pt_BR/groupmod.8, man/pt_BR/shadow.5, man/zh_CN/chpasswd.8, man/zh_CN/groupadd.8, man/zh_CN/groupdel.8, man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/userdel.8, man/zh_CN/usermod.8, man/zh_TW/groupadd.8, man/zh_TW/groupdel.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/userdel.8, man/zh_TW/usermod.8, man/ko/login.1, man/ko/su.1, man/pl/chage.1, man/pl/chfn.1, man/pl/chsh.1, man/pl/expiry.1, man/pl/gpasswd.1, man/pl/groupmems.8, man/pl/groups.1, man/pl/id.1, man/pl/lastlog.8, man/pl/login.1, man/pl/newgrp.1, man/pl/passwd.1, man/pl/su.1, man/pl/sulogin.8, man/pl/useradd.8, man/pl/usermod.8, man/ja/Attic/mkpasswd.8, man/ja/chage.1, man/ja/chfn.1, man/ja/chsh.1, man/ja/faillog.5, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/groups.1, man/ja/grpck.8, man/ja/id.1, man/ja/lastlog.8, man/ja/limits.5, man/ja/login.1, man/ja/login.access.5, man/ja/logoutd.8, man/ja/newgrp.1, man/ja/passwd.1, man/ja/passwd.5, man/ja/porttime.5, man/ja/pwck.8, man/ja/shadow.3, man/ja/shadow.5, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/hu/chsh.1, man/hu/gpasswd.1, man/hu/groups.1, man/hu/login.1, man/hu/newgrp.1, man/hu/passwd.1, man/it/gpasswd.1, man/it/groupadd.8, man/it/groupdel.8, man/it/groupmod.8, man/it/grpck.8, man/it/lastlog.8, man/it/shadow.5, man/it/useradd.8, man/it/userdel.8, man/it/usermod.8, man/cs/shadow.5, man/es/su.1, man/fr/chage.1, man/fr/faillog.5, man/fr/gpasswd.1, man/fr/shadow.5, man/fr/su.1, man/fr/userdel.8, man/fr/usermod.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8:
+ Fixes: correct utmp/wtmp paths.
+ Unifications: bold commnanda and italify other file names.
+ Other minor changes and cleanups and unifications.
+
+ * libmisc/limits.c: More utmpx/utmp fixes.
+
+ * src/chpasswd.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmems.c, src/groupmod.c, src/id.c, src/login.c, src/newgrp.c, src/passwd.c, src/useradd.c, src/userdel.c, src/usermod.c, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+ Usage help message unification (s/usage:/Usage:/).
+
+ * TODO: Missing "are".
+
+ * src/logoutd.c, src/userdel.c, NEWS:
+ Handle also utmpx if avalaile in userdel and logoutd.
+
+2003-04-25 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/sulogin.c: Remove unused utent declaration.
+
+ * src/sulogin.c, src/login.c:
+ Remove #include <utmp.h> and <utmpx.h>. This comes with #include "prototypes.h".
+
+ * lib/prototypes.h:
+ "#include <utmp.h>" or "#include <utmpx.h>" depending on HAVE_UTMPX_H.
+
+ * libmisc/failure.c:
+ Remove "#include <utmp.h>" (this is included in failure.h).
+
+ * configure.in:
+ On detect mail spool directory location try first /var/mail.
+
+2003-04-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/Attic/getdate.c, libmisc/Attic/login_access.c, libmisc/Attic/login_desrpc.c, libmisc/Attic/login_krb.c, libmisc/Attic/nscd.c, libmisc/Attic/setup.c, libmisc/entry.c, libmisc/env.c, libmisc/failure.c, libmisc/fields.c, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/list.c, libmisc/log.c, libmisc/loginprompt.c, libmisc/mail.c, libmisc/motd.c, libmisc/myname.c, libmisc/obscure.c, libmisc/pam_pass.c, libmisc/pwd2spwd.c, libmisc/pwd_init.c, libmisc/pwdcheck.c, libmisc/rlogin.c, libmisc/salt.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/strtoday.c, libmisc/sub.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/tz.c, libmisc/ulimit.c, libmisc/utmp.c, libmisc/valid.c, libmisc/xmalloc.c, libmisc/Attic/chkshell.c, libmisc/addgrps.c, libmisc/age.c, libmisc/basename.c, libmisc/chkname.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, libmisc/copydir.c:
+ Indent all using current .indent.pro settings.
+
+ * po/Makevars: New file neccessary for gettext >=0.11.5.
+
+ * man/Makefile.am: Removed getspnam.3 from man_MANS (dos not exist).
+
+ * po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po:
+ Fixes after filtering gettext 0.11.5 (missing headers elements, inforrect
+ format strings).
+
+2003-04-21 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, man/de/passwd.1:
+ updated german passwd(1) man page (by Josef Spillner <josef@ggzgamingzone.org>)
+
+2003-03-12 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * po/pl.po: - updated; terminology unification
+
+2003-02-28 Paweł Gołaszewski <blues@pld.org.pl>
+
+ * etc/login.defs: - missing "MD5_CRYPT_ENAB yes" added
+
+2003-01-20 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * configure.in: - added Makefiles for man/zh_{CN,TW}
+
+ * man/Makefile.am, man/zh_CN/Makefile.am, man/zh_CN/chpasswd.8, man/zh_CN/groupadd.8, man/zh_CN/groupdel.8, man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/userdel.8, man/zh_CN/usermod.8, man/zh_TW/Makefile.am, man/zh_TW/groupadd.8, man/zh_TW/groupdel.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/userdel.8, man/zh_TW/usermod.8:
+ - added zh man pages from MDK (2 x 6) and from cman (1)
+
+2003-01-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/ja/shadow.3, man/pl/shadow.3, man/Attic/shadow.3:
+ sync spwd structure declaration with current glibc declaration (tahnks for
+ point this bug to Michael Kerrisk <michael.kerrisk@gmx.net>).
+
+ * man/pl/faillog.5: s/konsolÄ™/terminal/
+
+2002-12-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/Makefile.am: typo (s/EXTRA_DOST/EXTRA_DIST/).
+
+2002-10-14 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/Makefile.am:
+ fixed making vigr symlink to vipw (not vipw to vigr) in install-exec-hook (fix submited by
+ Dimitar Zhekov <jimmy@is-vn.bg>).
+
+ * debian/Attic/login.copyright, debian/Attic/login.postinst, debian/Attic/login.postrm, debian/Attic/login.preinst, debian/Attic/login.prerm, debian/Attic/logoutd.init, debian/Attic/passwd.conffiles, debian/Attic/passwd.copyright, debian/Attic/passwd.cron, debian/Attic/passwd.init, debian/Attic/passwd.postinst, debian/Attic/passwd.postrm, debian/Attic/porttime, debian/Attic/rules, debian/Attic/secure-su.README, debian/Attic/secure-su.conffiles, debian/Attic/secure-su.copyright, debian/Attic/secure-su.postrm, debian/Attic/secure-su.preinst, debian/Attic/securetty, debian/Attic/shadowconfig.sh, debian/Attic/Makefile.am, debian/Attic/changelog, debian/Attic/checksums, debian/Attic/control, debian/Attic/control.gnu, debian/Attic/control.linux, debian/Attic/login.conffiles, Makefile.am, configure.in:
+ removed debian directory.
+
+2002-10-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, src/newgrp.c:
+ Use CLOSE_SESSIONS depending code only when USE_PAM.
+ The problem was reported by Mattias Webjorn Eriksson using Slackware
+ 8.1 and reproduced it using slackware-current (9.0beta) (fix submited by
+ Simon Williams <simon@no-dns-yet.org.uk>).
+
+2002-10-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/ja/login.1, man/ja/logoutd.8, man/pl/login.1, man/pl/logoutd.8, man/Attic/login.1, man/Attic/logoutd.8, man/hu/login.1:
+ changed utmp and wtmp files paths (s#/etc/utmp/#/var/run/utmp#; s#/etc/wtmp#/var/log/wtmp#)
+
+ * po/ru.po, configure.in: added ru translation (from KSI resources).
+
+2002-09-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, libmisc/failure.c:
+ libbmisc/failure.c (too_many_failures): incorrect if() condition in non-PAM
+ dependent code in fail login handling (fixed by Krzysztof Oledzki <ole@ans.pl>).
+
+2002-08-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/useradd.8, man/Attic/useradd.8, NEWS:
+ document useradd and groupadd -M option in en and pl man pages
+ (by Jakub Mikusek <mick3y@o.k.pl>).
+
+ * configure.in: start prepare 4.0.4.
+
+2002-03-18 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * man/ja/Attic/dpasswd.8, man/ja/Attic/shadowconfig.8, man/ja/chpasswd.8, man/ja/faillog.8, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/id.1, man/ja/lastlog.8, man/ja/login.defs.5, man/ja/newusers.8, man/ja/su.1, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/vipw.8:
+ - updated to man-pages-ja-20020315 (except cvs tags)
+
+2002-03-15 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * TODO: - remove already done pl man updates from the list
+
+2002-03-13 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/ko/.cvsignore, man/ko/Makefile.am, man/ko/chfn.1, man/ko/chsh.1, man/ko/groups.1, man/ko/id.1, man/ko/login.1, man/ko/newgrp.1, man/ko/passwd.5, man/ko/su.1:
+ added ko man pages.
+
+ * man/de/.cvsignore, man/de/Makefile.am:
+ automake files for de man pages.
+
+ * TODO: updated.
+
+ * man/it/.cvsignore, man/it/Makefile.am, man/id/.cvsignore, man/id/Attic/adduser.8, man/id/Makefile.am, man/id/useradd.8, man/Makefile.am, man/cs/.cvsignore, man/cs/Makefile.am, man/fr/.cvsignore, man/fr/Makefile.am, configure.in, NEWS:
+ added cs, de, fr, id, it, ko man pages to ac/am.
+
+2002-03-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/de.po, po/el.po:
+ "make update-po"
+
+ * po/de.po, NEWS, configure.in:
+ added de translation (by Frank Schmid <frank@cs-schmid.de>).
+
+ * NEWS: added info about Solar patch for man pages.
+
+2002-03-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/it/usermod.8, man/it/vigr.8, man/it/vipw.8, man/it/Attic/adduser.8, man/it/chfn.1, man/it/chsh.1, man/it/gpasswd.1, man/it/groupadd.8, man/it/groupdel.8, man/it/groupmod.8, man/it/groups.1, man/it/grpck.8, man/it/grpconv.8, man/it/grpunconv.8, man/it/id.1, man/it/lastlog.8, man/it/login.1, man/it/newgrp.1, man/it/passwd.1, man/it/passwd.5, man/it/pwconv.8, man/it/pwunconv.8, man/it/shadow.5, man/it/useradd.8, man/it/userdel.8, man/id/Attic/adduser.8, man/id/chsh.1, man/id/login.1, man/fr/Attic/adduser.8, man/fr/chage.1, man/fr/chpasswd.8, man/fr/chsh.1, man/fr/faillog.5, man/fr/gpasswd.1, man/fr/groups.1, man/fr/id.1, man/fr/newgrp.1, man/fr/passwd.1, man/fr/passwd.5, man/fr/shadow.5, man/fr/su.1, man/fr/useradd.8, man/fr/userdel.8, man/fr/usermod.8, man/es/login.1, man/es/passwd.1, man/es/su.1, man/de/chsh.1, man/de/groups.1, man/de/login.1, man/de/passwd.1, man/de/su.1, man/cs/passwd.5, man/cs/shadow.5:
+ added some raw cs, de, es, fr, id, it man pages from national
+ man pages translation projects (all man pages not yet added to Makefile.am
+ files because all need some work).
+
+ * man/hu/chfn.1, man/hu/id.1:
+ added id(1) chfn(1) from hu man pages translation project (it need some work
+ because this documents describes GNU version id and chfn from util-linux).
+
+ * man/hu/Makefile.am, man/hu/login.1:
+ added login(1) man page from hu man pages translation project.
+
+ * po/POTFILES.in: updated (suath.c moved to src/).
+
+ * src/Makefile.am: added su_SOURCES with "su.c suauth.c".
+
+ * libmisc/Makefile.am:
+ remove suauth.c from libmisc_la_SOURCES (varialbles and functions from
+ this file are usesd only in su).
+
+ * libmisc/Attic/suauth.c, src/suauth.c: move suauth.c o src/.
+
+ * libmisc/Attic/suauth.c:
+ move "struct passwd pwent" outside #ifdef SU_ACCESS.
+
+2002-03-09 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * man/pl/chage.1, man/pl/chfn.1, man/pl/chsh.1, man/pl/expiry.1, man/pl/gpasswd.1, man/pl/groups.1, man/pl/id.1, man/pl/login.1, man/pl/newgrp.1, man/pl/passwd.1, man/pl/su.1:
+ - sync with en versions
+
+ * man/Attic/login.1, man/Attic/newgrp.1, man/Attic/passwd.1, man/Attic/su.1, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/gpasswd.1, man/Attic/groups.1, man/Attic/id.1:
+ - update to chage.1; formatting/typo fixes
+
+2002-03-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/uk.po, po/ko.po, po/pl.po, po/sv.po, po/ja.po, po/cs.po, po/el.po, po/fr.po:
+ "make update-po"
+
+2002-03-09 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * man/pt_BR/groupadd.8, man/pt_BR/groupdel.8, man/pt_BR/groupmod.8, man/pt_BR/shadow.5, man/pl/userdel.8, man/pl/usermod.8, man/pl/sulogin.8, man/pl/useradd.8, man/pl/pwconv.8, man/pl/su.1, man/pl/Attic/mkpasswd.8, man/pl/Attic/pwauth.8, man/pl/newgrp.1, man/pl/passwd.5, man/pl/login.defs.5, man/pl/chpasswd.8, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmems.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/login.1, man/hu/groups.1, man/hu/newgrp.1, man/ja/Attic/mkpasswd.8, man/ja/Attic/pw_auth.3, man/ja/Attic/pwauth.8, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/groups.1, man/ja/grpck.8, man/ja/id.1, man/ja/lastlog.8, man/ja/login.1, man/ja/login.defs.5, man/ja/newgrp.1, man/ja/passwd.5, man/ja/pwck.8, man/ja/shadow.5, man/ja/su.1, man/ja/sulogin.8, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/vipw.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8:
+ - further "SEE ALSO" references sorting
+
+2002-03-08 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.5, man/Attic/su.1, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8, man/Attic/chpasswd.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.5, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Makefile.am:
+ merged shadow-4.0.0-owl-man.patch by Solar Designer <solar@openwall.com>.
+
+ * NEWS: updated for 4.0.3.
+
+ * libmisc/Attic/suauth.c, libmisc/utmp.c, src/login.c, src/su.c:
+ swapped utent dnd pwent efinition/extern and now shadow source can be configured
+ --with-shared (fix by Dimitar Zhekov <jimmy@is-vn.bg>).
+
+2002-03-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in: start prepare 4.0.3.
+
+ * src/Makefile.am:
+ use ln -sf instead ln -s in install-exec-hok (fix pointed by Dimitar Zhekov
+ <jimmy@is-vn.bg>).
+
+2002-03-02 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * man/pl/passwd.1: sync with en version
+
+ * man/Attic/passwd.1: - they -> his/her, user's
+ - typos
+ - fix sentence about "writing down"
+
+ * man/Attic/passwd.1: relocation by NAKANO Takeo
+
+2002-02-28 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * man/hu/passwd.1: missing "-"
+
+ * man/ja/Attic/shadowconfig.8, man/ja/passwd.5, man/ja/shadow.5:
+ - updated to man-pages-ja-20020215
+
+2002-02-23 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * po/cs.po, po/fr.po, po/pl.po, po/sv.po, po/uk.po, man/pl/useradd.8:
+ - typos in pl/useradd.8; commented out unsupported -r option description
+ - useradd "usage" formatting fixes
+ - fix translation in uk.po
+
+2002-02-18 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in: release 4.0.2.
+
+2002-02-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * Attic/shadow-utils.spec.in, Makefile.am, configure.in, shadow.spec.in:
+ rename spec file s/shadow-utils.spec/shadow.spec/
+
+ * po/cs.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/sv.po, po/uk.po:
+ update-po before release.
+
+ * po/ko.po, po/pl.po: cleanups.
+
+2002-02-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/Attic/adduser.8, man/pl/grpconv.8, man/pl/grpunconv.8, man/pl/pwunconv.8, man/pl/sg.1, man/pl/vigr.8, man/ja/Attic/adduser.8, man/ja/grpconv.8, man/ja/grpunconv.8, man/ja/pwunconv.8, man/ja/sg.1, man/ja/vigr.8, man/hu/sg.1, man/Attic/adduser.8, man/Attic/grpconv.8, man/Attic/grpunconv.8, man/Attic/pwunconv.8, man/Attic/sg.1, man/Attic/vigr.8:
+ placa ".so man<level>/<man_page>.<level>" in roff .so includes (seems some
+ man page viewers do not handles correctly man documents without subdirectory
+ name in roff .so incude).
+
+2002-01-31 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/el.po, NEWS:
+ resolve many fuzzy translations also all this which may cause problems on
+ displaing long uid/gid.
+
+ * src/id.c, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/el.po, po/fr.po, po/ja.po:
+ drop translate some messages in id output (about {,e}{u,g}id).
+
+2002-01-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * README: s#password: cvs#password: [empty password]#
+
+2002-01-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: two new entries.
+
+ * libmisc/chkname.c (good_name):
+ allow usernames ending with "$" for allow create machine
+ acounts for samba (thanks for point this problem in 4.0.1 by
+ Jerome Borsboom <borsboom@tch.fgg.eur.nl>).
+
+ * src/pwck.c, src/useradd.c, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/el.po, po/fr.po, po/ja.po, po/ko.po:
+ s/invalid user name `%s'/invalid user name '%s'/
+
+2002-01-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in:
+ fix in libpam_misc detection (removed one "," AC_CHECK_LIB()).
+ Thanks to Silvan Minghetti for report this.
+
+2002-01-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: start prepare to 4.0.2.
+
+ * po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po:
+ updated.
+
+ * configure.in: It is good time to release 4.0.1.
+
+ * libmisc/.indent.pro, lib/.indent.pro: added -pcs option.
+
+ * TODO: some things goes out other in.
+
+ * src/newgrp.c, NEWS:
+ added ability to log session closes in newgrp (look at long nice comments
+ inside source code :_) by Joseph Parmelee <jparmele@wildbear.com>.
+
+ * src/groupadd.c, src/useradd.c:
+ next part fixes for handle long UID/GID (by Thorsten Kukuk <kukuk@suse.de>).
+
+ * lib/getdef.c, lib/getdef.h:
+ adeded getdef_unum(): get unsigned numerical value from table of
+ definitions (Thorsten Kukuk <kukuk@suse.de>).
+
+ * NEWS: updated.
+
+ * libmisc/isexpired.c:
+ remove "#if defined(SHADOWPWD)" (not removed during remove AGING).
+
+ * etc/Makefile.am: useradd config file added to EXTRA_DIST.
+
+2002-01-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/sv.po, po/uk.po, po/cs.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po:
+ update.
+
+ * src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c, src/.indent.pro, src/Attic/dpasswd.c, src/Attic/mkpasswd.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupmems.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c:
+ Add -pcs to .indent.pro file and reindent all code.
+ Remove "\n" from all SYSLOG() messages.
+
+ * NEWS: s/SuSe/SuSE/
+
+2001-12-22 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/useradd.8, man/Attic/useradd.8: documment -o option.
+
+ * man/pl/usermod.8, man/pl/chfn.1, man/pl/chsh.1, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/id.1, man/pl/login.1, man/pl/newgrp.1, man/pl/passwd.1, man/pl/su.1, man/pl/useradd.8, man/pl/userdel.8:
+ correct package name (s/shadow-password/shadow/).
+
+ * src/chage.c, src/expiry.c, src/login.c, src/passwd.c, src/su.c, libmisc/age.c, libmisc/isexpired.c, NEWS, configure.in:
+ Finish integrate AGING code into SHADOWPW.
+ Remove handle old HAVE_USERSEC_H code.
+
+ * po/uk.po: typo.
+
+ * man/pl/passwd.1, man/ja/passwd.1, man/Attic/chpasswd.8, man/Attic/dpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1:
+ cleanups.
+
+ * src/Attic/dpasswd.c, src/Attic/mkpasswd.c, src/expiry.c, src/grpck.c, src/id.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/chfn.c, src/chsh.c, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/el.po, po/fr.po, man/Attic/useradd.8:
+ standarize usage messages syntax.
+
+ * man/pl/useradd.8, man/pl/usermod.8, man/pl/vipw.8, man/pl/userdel.8:
+ removed duplicated man page text.
+
+ * src/chage.c, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/el.po, po/fr.po:
+ standarize usage meissages syntax.
+
+ * src/chage.c, NEWS (main):
+ merge part Solar shadow-4.0.0-owl-pam-auth.diff patch with reorder
+ nitialize PAM and checkin is chage is runed by root or not - now chage can be
+ runed from non-root account for checking by user own accout information.
+
+ * src/pwck.c: indent source.
+
+ * src/pwck.c (main): remove old work around for Slackware bug.
+
+2001-12-20 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * man/ja/Attic/adduser.8, man/ja/Makefile.am, man/ja/limits.5, man/ja/pwconv.8:
+ - updated to man-pages-ja-20011215
+
+2001-11-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/grpck.c:
+ remove check for a Slackware bug (make sure GID is not -1; it was special
+ meaning for some syscalls).
+
+ * src/newgrp.c, src/pwck.c, src/su.c, src/useradd.c, src/usermod.c, src/groupadd.c, src/groupmod.c, src/id.c, NEWS:
+ fixes for handle/print correctly 32bit uid/gid (Thorsten Kukuk <kukuk@suse.de>).
+
+ * src/chage.c: - break usage vomment line.
+
+ * lib/defines.h:
+ removed bunch spaces on end line in conditionale #include <errno.h>
+ which in some cases dissallow compile correctly shadow (thanks for
+ Silvan Minghetti <bullet@users.sourceforge.net>).
+
+2001-11-17 Michał Moskal <malekith@pld.org.pl>
+
+ * NEWS:
+ - mention fix for SEGV when using pwck -s on /etc/passwd file with
+ empty lines in it
+
+ * lib/commonio.c:
+ - installed fix for SEGV when using pwck -s on /etc/passwd file with
+ empty lines in it
+
+2001-11-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/chkname.c, NEWS:
+ next merge from Solar patches (shadow-4.0.0-owl-check_names.diff) but only
+ part this patch with checking login name matching; checking is login
+ string isn't longer than possible probably it will be good prepare using
+ _POSIX_LOGIN_NAME_MAX from <bits/posix1_lim.h>
+
+2001-11-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: typos.
+
+ * NEWS: added info about new hu man pages.
+
+ * NEWS: updated.
+
+2001-11-16 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * man/ja/Attic/pw_auth.3, man/ja/Attic/pwauth.8, man/ja/passwd.5, man/ja/porttime.5, man/ja/pwck.8, man/ja/shadow.3, man/ja/shadow.5, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/Attic/dpasswd.8, man/ja/Attic/mkpasswd.8, man/ja/Makefile.am, man/ja/chage.1, man/ja/chfn.1, man/ja/chpasswd.8, man/ja/chsh.1, man/ja/faillog.5, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/grpck.8, man/ja/lastlog.8, man/ja/login.1, man/ja/login.access.5, man/ja/login.defs.5, man/ja/logoutd.8, man/ja/newgrp.1, man/ja/passwd.1:
+ - updated to man-pages-ja-20011115.tar.gz
+
+ * man/ja/groups.1: 3c26de91cfd359c0b7c36ca3cd3e170d groups.1
+
+ * man/ja/grpconv.8: 402190c04b8df45e20afd01e3acd0da4 grpconv.8
+
+ * man/ja/grpunconv.8: 402190c04b8df45e20afd01e3acd0da4 grpunconv.8
+
+ * man/ja/id.1: 3edc687b1c09bbdd170553f326a71711 id.1
+
+ * man/ja/newusers.8: c2ecaa6ddffe07de2c39be3aefb5bcae newusers.8
+
+ * man/ja/pwunconv.8: 402190c04b8df45e20afd01e3acd0da4 pwunconv.8
+
+ * man/ja/Attic/shadowconfig.8:
+ f79300c0db64fd961443177c88605087 shadowconfig.8
+
+ * man/ja/useradd.8: 3333b9a2e5a388a472fb05106d65a596 useradd.8
+
+ * man/ja/vigr.8: 42825938683e54e391897ea100001af1 vigr.8
+
+ * man/ja/vipw.8: 0cb8db0f1f19de7690f0ef9baeceb919 vipw.8
+
+2001-11-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/Attic/getpass.c:
+ one fix warning from Solar shadow-4.0.0-owl-warnings.diff.
+
+ * src/chage.c, lib/defines.h:
+ move "#include <errno.h>" to /lib/defines.h.
+
+ * configure.in: added AC_CHECK_HEADERS(errno.h)
+
+ * src/chage.c: apply shadow-4.0.0-owl-chage-drop-priv.diff and
+ shadow-4.0.0-owl-chage-ro-no-lock.diff by Solar Designer <solar@openwall.com>.
+ Added locks which are needed when doing r/w accesses, not when running as root.
+ If root does read-only, there's no lock needed. Added missing
+ "#include <errno.h>" for above.
+
+2001-11-14 Andrzej Krzysztofowicz <ankry@pld.org.pl>
+
+ * configure.in: - added hu directory antry
+
+ * man/Makefile.am: - groups.1 moved to EXTRA_DIST
+ - added hu directory entry
+
+ * man/ja/Makefile.am: - sorted
+ - shadow.3 moved to EXTRA_DIST
+
+ * man/pl/Makefile.am: - sorted
+ - added entries for new pages
+ - EXTRA_DIST synced with man/Makefile.am
+
+ * man/hu/Makefile.am, man/hu/chsh.1, man/hu/gpasswd.1, man/hu/groups.1, man/hu/newgrp.1, man/hu/passwd.1, man/hu/sg.1:
+ - man pages from Debian
+
+ * man/Attic/groupmems.8: - typo
+
+ * man/pl/expiry.1, man/pl/groupmems.8: - translated pages
+
+2001-11-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/Makefile.am:
+ fix building with cracklib enabled: $(LIBCRACK) added to libmisc_la_LIBADD.
+
+ * src/useradd.c: typo.
+
+2001-11-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/Attic/dpasswd.c, src/gpasswd.c, src/groupadd.c, src/groupmod.c, src/grpck.c, src/lastlog.c, src/login.c, src/passwd.c, src/pwck.c, src/userdel.c, src/usermod.c, src/chage.c, src/chfn.c, src/chsh.c, libmisc/utmp.c:
+ removed prototypes which are defined in libc header files
+ (Thorsten Kukuk <kukuk@suse.de>).
+
+ * libmisc/Attic/nscd.c, libmisc/Makefile.am, lib/commonio.c:
+ implemetn better reloading the nscd cache (per NSS map)
+ by Thorsten Kukuk <kukuk@suse.de>
+
+ * src/login.c, libmisc/setupenv.c:
+ fixed warnings "not used but defined" on compile using gcc 3.0.x
+ by bulletpr00ph <bullet@users.sourceforge.net>.
+
+2001-10-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: New entries for 4.0.1.
+
+ * po/pl.po: few more pl translations.
+
+ * po/cs.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po:
+ "make update-po".
+
+ * po/ja.po, po/ko.po, configure.in:
+ added ja, ko translations found in SuSe.
+
+2001-10-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/useradd.c: sort alphabetically *flg variables.
+
+ * debian/Attic/Makefile.am, debian/Attic/tar.c: removed.
+
+2001-10-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/ja/Makefile.am, man/ja/sg.1, man/pl/Makefile.am, man/pl/sg.1, man/pl/vigr.8, man/Attic/sg.1, man/Attic/vigr.8, man/Makefile.am:
+ added vigr(1) man page as roff .so link to vipw(1), - added sg(1) man page as roff .so link to newgrp(1).
+
+ * src/Makefile.am:
+ added install symlinks newgrp -> sg, vipw -> vigr in install-exec-hook target.
+
+2001-10-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * lib/Makefile.am (libshadow_la_SOURCES):
+ reverte last change and added rcsid.h,
+ (EXTRA_DIST): added missing "\".
+
+ * src/Makefile.am: (DEFS):
+ - fix -DLOCALEDIR in DEFS,
+ - added -DHAVE_CONFIG_H,
+ - removed @DEFS@.
+
+ * lib/Makefile.am:
+ added missing shadow_.h file to libshadow_la_SOURCES.
+
+2001-09-08 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * Makefile.am (AUTOMAKE_OPTIONS):
+ version changed to 1.5 and added dist-bzip2.
+
+ * lib/Makefile.am, libmisc/Makefile.am, src/Makefile.am:
+ add .indent.pro to EXTRA_DIST.
+
+ * etc/Makefile.am, etc/useradd: add example /etc/defaults/useradd.
+
+2001-09-07 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * TODO: last touch.
+
+ * TODO: more TODO.
+
+ * lib/commonio.c, NEWS:
+ Fix bug discovered and fixed by Marcel Ritter <Marcel.Ritter@rrze.uni-erlangen.de>
+ Due to a big buffer size in lib/commonio.c this error does only appear
+ if a line gets longer than 4096 bytes (there are probably very few people
+ stumbling across this).
+ Ths bug can be exposed by trashing /etc/groups file using useradd with script:
+ #!/bin/sh
+ typeset -i NUM
+ NUM=0
+ groupadd demogroup
+ while [ $NUM -le 1000 ]; do
+ useradd -g demogroup -G demogroup -p "NONE" user$NUM
+ NUM=$NUM+1
+ done
+
+2001-09-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/groups.c, src/id.c, src/newgrp.c, src/useradd.c, src/usermod.c, libmisc/addgrps.c, NEWS:
+ remove limit 32 to groups per user (the same user can belong to
+ more than 32 groups) by use sysconf(_SC_NGROUPS_MAX) instead constant
+ NGROUPS_MAX (patch by Radu Constantin Rendec <radu.rendec@ines.ro>)
+ NOTE: it probably need testing on other system for add some conditionals
+ for using sysconf(_SC_NGROUPS_MAX) or NGROUPS_MAX constant.
+
+2001-08-31 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * etc/pam.d/Makefile.am, etc/pam.d/useradd: added file for useradd.
+
+2001-08-24 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/useradd.c (set_defaults):
+ handle correctly error open/create useradd default config
+ filei (based on orginal post to bugtraq).
+
+ * TODO: documment in pt_BR, ja man pages -s {pw,grp}ck option.
+
+ * libmisc/sulog.c, NEWS:
+ remove limit to 6 chars logged tty name (apply 012_libmisc_sulog.c.diff Debian
+ patch).
+
+ * man/pl/Attic/shadowconfig.8, man/Attic/shadowconfig.8:
+ - aply 021_man_shadowconfig_usr_doc.diff debian patch.
+
+ * src/Makefile.am, lib/Makefile.am:
+ use $(top_builddir) in .la files paths (for allow correct compile if
+ $(top_builddir) isn't the same as $(top_srcdir)).
+
+ * po/.cvsignore, po/Attic/ChangeLog: removed ChangeLog.
+
+2001-08-18 Michał Moskal <malekith@pld.org.pl>
+
+ * src/grpck.c: - fixed getopt() call, thnx to arekm
+
+2001-08-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: - include last changes to list changes in version 4.0.0.
+
+2001-08-14 Michał Moskal <malekith@pld.org.pl>
+
+ * NEWS: - mention new -s options
+
+ * man/pl/grpck.8, man/pl/pwck.8, man/Attic/grpck.8, man/Attic/pwck.8:
+ - documented new -s options
+
+ * src/grpck.c, src/pwck.c: - added -s option to sort output files
+
+ * lib/groupio.c, lib/groupio.h, lib/pwio.c, lib/pwio.h, lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h:
+ - added pw_sort, gr_sort, sgr_sort and spw_sort functions
+
+ * lib/commonio.c, lib/commonio.h:
+ - added commonio_sort{,_wrt} functions
+
+2001-08-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/Attic/ChangeLog, po/uk.po, configure.in:
+ added uk translation (Roman Festchook <roma@polesye.net>).
+
+ * src/logoutd.c (mani):
+ s/ut->ut_libe/ut->ut_user/ on prepare strin with user name for syslog
+ line (reported by Roman Festchook <roma@polesye.net>).
+
+2001-07-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * Attic/acconfig.h: - added missing USG.
+
+2001-07-04 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * lib/commonio.c:
+ fix buffer overflow (not a security hole) in commonio_setname
+
+2001-06-28 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS: entry about dropping support one argument pam_strerror().
+
+ * libmisc/pam_pass.c, src/login.c, src/su.c, Attic/acconfig.h, configure.in, lib/defines.h, lib/pam_defs.h:
+ drop detecting is pam_strerror() need one or two arguments. Instead using
+ PAM_STRERROR() macro use directly pam_strerror() function with two arguments.
+ pam_strerror() with one argument is obsoleted.
+
+ * configure.in:
+ pass display error message if libpam_misc not found in correct argument
+ AC_CHECK_LIB().
+
+ * configure.in:
+ added checking for libpam_misc if libpam found and if libpam_misc is avalaible
+ add them to $LIBPAM. Othervise exit fron autoconf script with error message.
+ Now shadow compiles if pam support is enabled.
+
+2001-06-28 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * libmisc/copydir.c: fix overwriting existing file (add O_TRUNC)
+
+2001-06-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * configure.in: remove intl/po2tbl.sed from AC_OUTPUT().
+
+ * configure.in:
+ removed add md5.o md5crypt.o conditionaly to $LIBOBJS (this is obsoleted).
+ In current version ndling md5 functionality is included conditionaly
+ inside md5.c and md5crypt.c source files.
+
+ * lib/Attic/md5.c: added comments for #endif.
+
+ * configure.in: also do not use SU_ACCESS when PAM is used.
+
+ * configure.in:
+ - check pam directly by AC_CHECK_LIB() (PAM from PLD is now fixed an also other
+ PAM implementation must be fixed for this method checkin is libpam is avalaible;
+ sorry .. no way this is plain linking procedure bug),
+ - use AC_DEFINE(LOGIN_ACCES) only when PAM isn't used.
+
+2001-06-23 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/Makefile.am:
+ add LDADD for groupmod and usermod, as they use PAM too
+
+ * src/login.c, src/su.c: fix uninitialized variable failcount
+ skip '*' in pw_shell for subsystem root
+
+2001-06-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/login.c: use "extern int login_access()" only if !USE_PAM.
+
+ * src/Makefile.am:
+ added LDADD rules for programs which uses PAM and cracklib.
+
+2001-06-23 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * libmisc/chowntty.c:
+ allow root login even on read-only root filesystem
+
+ * libmisc/Makefile.am: add -DHAVE_CONFIG_H to DEFS
+
+2001-06-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * autogen.sh: run configure by default with --disable-desrpc,
+ fix: --with-libpam (not --with-pam).
+
+2001-06-23 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * libmisc/chowntty.c:
+ libmisc/chowntty.c (chown_tty): move perror() before syslog() call
+ which might change errno.
+
+ * man/pl/login.defs.5, man/Attic/login.defs.5:
+ (UMASK): Default value is 077, not 0 - see NEWS for shadow-3.3.2-951106.
+
+2001-06-23 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * NEWS, configure.in: prepare for release 4.0.0 version.
+
+ * configure.in: remove commented line.
+
+2001-06-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/pl.po: fixed charset (must be iso-8859-2).
+
+ * man/Makefile.am, man/ja/.cvsignore, man/ja/Attic/dpasswd.8, man/ja/Attic/mkpasswd.8, man/ja/Attic/pw_auth.3, man/ja/Attic/pwauth.8, man/ja/Makefile.am, man/ja/chage.1, man/ja/chfn.1, man/ja/chpasswd.8, man/ja/chsh.1, man/ja/faillog.5, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/grpck.8, man/ja/lastlog.8, man/ja/login.1, man/ja/login.access.5, man/ja/login.defs.5, man/ja/logoutd.8, man/ja/newgrp.1, man/ja/passwd.1, man/ja/passwd.5, man/ja/porttime.5, man/ja/pwck.8, man/ja/pwconv.8, man/ja/shadow.3, man/ja/shadow.5, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/userdel.8, man/ja/usermod.8, configure.in, NEWS:
+ added ja man pages.
+
+2001-05-30 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/Attic/shadowconfig.sh, src/Makefile.am, debian/Attic/Makefile.am, debian/Attic/shadowconfig.sh:
+ move shadowconfig.sh to debian/
+
+ * src/Makefile.am: added missing -I${top_srcdir} to INCLUDES.
+
+ * lib/Makefile.am: empty DEFS and INCLUDES="-I$(top_srcdir)".
+
+ * libmisc/Makefile.am:
+ empty DEFS and INCLUDES="-I$(top_srcdir) -I$(top_srcdir)/lib".
+
+2001-03-05 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/.indent.pro, lib/.indent.pro, libmisc/.indent.pro:
+ directory indent config file is -kr -i8 -bad (indent open this file and
+ read options if options not specyfied in commnad line).
+
+ * autogen.sh (conf_flags): added --with-pam.
+
+ * NEWS: start complette next release information.
+
+2001-02-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * shlib/Attic/Makefile.am, shlib/Attic/Makefile.in.saved: - removed.
+
+ * src/Makefile.am, libmisc/Makefile.am, lib/Makefile.am:
+ Rewrited automake suit for building lib, libmisc and src (now this look much
+ better). Also for all is now used libtool in proper way.
+
+ * configure.in:
+ - added useing AM_DISABLE_SHARED, AM_ENABLE_STATIC for disable compile shared
+ libraries and enable static,
+ - some cosmetics.
+
+ * Makefile.am (SUBDIRS): reorder libmisc must be before lib.
+
+2001-02-01 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pt_BR/Makefile.am: - added man_MANS to EXTRA_DIST.
+
+2001-01-31 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/Makefile.am, man/pt_BR/Makefile.am, man/pt_BR/gpasswd.1, man/pt_BR/groupadd.8, man/pt_BR/groupdel.8, man/pt_BR/groupmod.8, man/pt_BR/shadow.5, configure.in:
+ include pt_BR man pages for gpasswd(1), groupadd(1), groupdel(8),
+ groupmod(8), shadow(5).
+
+2001-01-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * TODO: - updated.
+
+ * man/pl/Attic/dpasswd.8, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/gpasswd.1, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/login.1, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/su.1, man/pl/useradd.8, man/pl/userdel.8, man/pl/vipw.8, man/Attic/dpasswd.8, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/su.1, man/Attic/useradd.8, man/Attic/usermod.8, man/Attic/vipw.8:
+ many small cleanups, fixes also removed commented obsoleted texts.
+
+2001-01-25 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * autogen.sh: add to conf_flags --disable-shared.
+
+ * man/pl/Attic/d_passwd.5, man/pl/Attic/dialups.5, man/pl/Attic/dpasswd.8, man/pl/Attic/mkpasswd.8, man/pl/Attic/pw_auth.3, man/pl/Attic/pwauth.8, man/pl/Attic/shadowconfig.8, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/gpasswd.1, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/limits.5, man/pl/login.1, man/pl/login.access.5, man/pl/login.defs.5, man/pl/logoutd.8, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/passwd.5, man/pl/porttime.5, man/pl/pwck.8, man/pl/pwconv.8, man/pl/shadow.3, man/pl/shadow.5, man/pl/su.1, man/pl/suauth.5, man/pl/sulogin.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, man/pl/vipw.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/shadowconfig.8, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8:
+ put or move to top cemmented Id cvs keyword,
+ (passwd.1): documment -e option (patch from Debian),
+ (userdel.1): remove commented obsoleted options.
+
+ * man/Makefile.am:
+ put all files in man_MANS and EXTRA_DIST in alphabethic order.
+
+ * src/chpasswd.c, src/pwunconv.c:
+ remove from comments program description and history logs.
+
+ * src/Makefile.am: move groups to bin_PROGRAMS.
+
+2000-12-19 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/su.c: Based on Debian modyfications:
+ (main): #endif /* USE_PAM */ #ifdef USE_PAM replaced by #else,
+ (main): removed some dead code (scoped by #if 0 .. #endif).
+ (main): call to re-establish SIGINT to right place.
+
+ * man/pl/passwd.1: Removed SEE ALSO to shadow(3) and passwd(3).
+
+ * man/pl/shadow.5, man/Attic/shadow.5: Removed SEE ALSO to shadow(3).
+
+ * man/Attic/passwd.1:
+ Removed SEE ALSO to passwd(3) and commented shadow(3).
+
+2000-12-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/useradd.c (main):
+ use "useradd" instead "shadow in pam_start() parameters - this
+ allow use separated pam config file for useradd (for example for allow
+ specified non-root user for add user).
+
+2000-11-29 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * TODO: remove write expiry(1) man page.
+
+ * man/Attic/expiry.1, man/Makefile.am:
+ added expiry(1) man page from Debian.
+
+ * man/pl/lastlog.8, man/Attic/lastlog.8:
+ updated man pages for whole dispaly syntax.
+
+ * src/lastlog.c (main): fixed command line syntax description.
+
+ * src/lastlog.c (main):
+ display correctly and full current commnad line lastlog syntax
+ and also output this string using gettext.
+
+ * src/lastlog.c (main):
+ merge src_lastlogin.c patch from debian with use getopt_long()
+ instead getopt() for add handling --help, --user, --time switches and
+ dipslay useage message on -h, --help and as default action.
+
+2000-11-17 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * src/groupmems.c, po/el.po, po/fr.po, po/pl.po, po/sv.po, po/POTFILES.in, po/cs.po:
+ added i18n support for src/groupmems.c.
+
+ * src/useradd.c:
+ * (set_defaults): use mkstemp() if avalaible. Othereise use mktemp().
+
+ * configure.in: * added checking for mkstemp().
+
+ * src/useradd.c: * (set_defaults): use mkstemp() instead mktemp(),
+ * (mani): fix compilation error in previouse RH patch (removed using nflg).
+
+2000-11-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * TODO: - groupmems need some work on add PAM and i18n support.
+
+ * src/groupmems.c, man/Attic/groupmems.8:
+ Added raw version groupmems program for administer members of a user's
+ primary group. groupmems was written by George Kraft IV <gk4@us.ibm.com>
+ and this tool have BSD license.
+
+ * src/Attic/patchlevel.h, src/Makefile.am:
+ patchlevel.h, Makefile.am: removed patchlevel.h file,
+ Makefile.am: removed bindir, sbindir (this comes with autoconf).
+
+2000-11-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * TODO: - write expire man page.
+
+2000-10-16 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * old/Attic/pwconv-old.8, old/Attic/pwconv.8, old/Attic/pwunconv-old.8, old/Attic/pwunconv.8, man/pl/Attic/mkpasswd.8, man/pl/Attic/pw_auth.3, man/pl/Attic/pwauth.8, man/pl/login.defs.5, man/pl/logoutd.8, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/porttime.5, man/pl/pwck.8, man/pl/shadow.3, man/pl/su.1, man/pl/sulogin.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, man/pl/Attic/dpasswd.8, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/login.1, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, debian/Attic/login.copyright, debian/Attic/passwd.copyright, debian/Attic/secure-su.copyright, doc/Attic/ANNOUNCE, doc/Attic/LSM, doc/Attic/README, doc/Attic/README.linux:
+ Julianne F. Haugh new contact adress.
+
+ * NEWS: - summary chanfes for 20001016.
+
+ * doc/Attic/README.shadow-paper, doc/Makefile.am:
+ - removed outdated README.shadow-paper.
+
+ * configure.in: - release 20001016.
+
+2000-10-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/Makefile.am, man/Makefile.am: fixes in man/{,po}/Makefile.am:
+ - $(man_MANS) added to EXTRA_DISTS,
+ - do not install by default groups.1, id.1, pw_auth.3, shadow.3, pwauth.8,
+ sulogin.8, dpasswd.8 (moved to EXTRA_DISTS),
+
+2000-10-15 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * lib/commonio.c (reload_nscd): Disable for now because not every
+ version of nscd can handle it, unless ENABLE_NSCD_SIGHUP defined.
+
+2000-10-15 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * libmisc/pwdcheck.c, libmisc/Makefile.am: - added missing pwdcheck.c.
+
+ * configure.in: - removed old/Makefile from AC_OUTPUT list.
+
+2000-10-12 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * README: - fixed information about RO cvs access.
+
+ * NEWS: - summary changes description for shadow-20001012.
+
+ * configure.in: - release changed to 20001012.
+
+ * etc/Makefile.am: - removed shells and suauth from EXTRA_DIST.
+
+ * doc/Makefile.am: - removed README.debian from EXTRA_DIST.
+
+ * libmisc/Makefile.am: - removed pwdcheck.c from libmisc_a_SOURCES.
+
+ * debian/Attic/Makefile.am: - removed FILES from EXTRA_DIST.
+
+ * contrib/Makefile.am: - s/udbachk.v012.tgz/udbachk.tgz/
+
+ * doc/Makefile.am: - removed CHANGES (this file was moved to ../NEWS).
+
+2000-10-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/Attic/ChangeLog: - add empty file (gettext requires this).
+
+2000-10-10 Arkadiusz Miśkiewicz <misiek@pld.org.pl>
+
+ * README: typos fixed
+
+2000-10-10 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * Makefile.am: - added shadow-utils.spec.in to EXTR_DIST.
+
+ * redhat/Attic/shadow-utils.spec.in: - obsoleted.
+
+ * Attic/stamp-h.in: - removed (this file is autogenerated by autoconf).
+
+ * po/pl.po, po/sv.po, po/cs.po, po/el.po, po/fr.po:
+ - update before release.
+
+ * doc/Attic/LSM: - new maintainer and new primary site.
+
+ * Makefile.am: - README added to EXTRA_DIST.
+
+ * README: - added README with all shadow sites and resources details.
+
+ * Attic/shadow-utils.spec.in: - partialy rewrited.
+
+ * configure.in: - change version to 20001010.
+
+ * Makefile.am: - added NEWS to EXTRA_DIST.
+
+ * Makefile.am, TODO: - added TODO.
+
+ * doc/Attic/CHANGES, NEWS: - rename doc/CHANGES -> NEWS.
+
+2000-10-09 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * redhat/Attic/Makefile.am, redhat/Attic/README, redhat/Attic/shadow-970616-fix.patch, redhat/Attic/shadow-970616-glibc.patch, redhat/Attic/shadow-970616-rh.patch, redhat/Attic/shadow-970616-utuser.patch, redhat/Attic/shadow-970616.login.defs, redhat/Attic/shadow-970616.useradd, redhat/Attic/shadow-utils-970616.spec, Attic/shadow-utils.spec.in, Makefile.am, configure.in:
+ - remove redhat/ directory with obsoleted files.
+
+ * po/.cvsignore, src/.cvsignore, man/.cvsignore, man/pl/.cvsignore, .cvsignore, libmisc/.cvsignore:
+ - shut up cvs.
+
+ * man/Makefile.am: - removed redundant ${man_MANS} from EXTRA_DIST.
+
+ * src/useradd.c:
+ - fix a security bug (adduser could overwrite previously existing
+ groups (shadow-19990827-group.patch from RH),
+
+ * po/cs.po, po/el.po, po/fr.po, po/pl.po, po/sv.po:
+ - "make updated-po".
+
+ * man/pl/Makefile.am, man/pl/grpconv.8, man/pl/grpunconv.8, man/pl/pwunconv.8, man/Attic/grpconv.8, man/Attic/grpunconv.8, man/Attic/pwunconv.8, man/Makefile.am:
+ - added man pages for grpconv(8), grpunconv(8), pwunconv(8) (.so link to
+ pwconv(8))
+
+ * man/pl/Attic/adduser.8, man/pl/Makefile.am, man/Attic/adduser.8, man/Makefile.am:
+ - added man page for adduser(8) (.so link to useradd(8)).
+
+ * po/Attic/doit:
+ - removed (in po/Makefile.in.in exist special update-po target).
+
+ * etc/pam.d/passwd, etc/pam.d/su: - cosmetics.
+
+ * etc/pam.d/Attic/shadow: - sample PAM config file for shadow utils.
+
+ * etc/pam.d/Makefile.am: - added shadow to EXTRA_DIST
+
+ * src/chpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c, src/usermod.c:
+ - bind to shadow PAM file instead userdb (mainly PAMimication all shadow
+ utils is used for proper updating db files but in real this can be used
+ for perform many other tasks).
+
+ * src/Makefile.am: - added linking with @LIBPAM@ all PAMified tools.
+
+ * src/chpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c, src/usermod.c:
+ - added PAM support (bind to common "userdb" PAM authentication description
+ file).
+
+ * src/chage.c: - added PAM support.
+
+2000-10-06 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * autogen.sh:
+ - added autogen.sh script which prepare raw source code from cvs to use.
+
+2000-10-04 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, man/pl/vipw.8:
+ - merged changes from PTM.
+
+ * man/pl/Makefile.am:
+ - simplified: use only man_MANS and remaped $(mandir) variable.
+
+2000-09-27 Tomasz KÅ‚oczko <kloczek@pld.org.pl>
+
+ * po/cs.po, configure.in:
+ - added cs translation (Jiri Pavlovsky <Jiri.Pavlovsky@ff.cuni.cz>).
+
+2000-09-05 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * man/pl/sulogin.8, man/pl/vipw.8, po/el.po, po/fr.po, po/pl.po, po/sv.po, man/pl/Attic/d_passwd.5, man/pl/Attic/dialups.5, man/pl/Attic/dpasswd.8, man/pl/Attic/mkpasswd.8, man/pl/Attic/pw_auth.3, man/pl/Attic/pwauth.8, man/pl/Attic/shadowconfig.8, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/gpasswd.1, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/limits.5, man/pl/login.1, man/pl/login.access.5, man/pl/login.defs.5, man/pl/logoutd.8, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/passwd.5, man/pl/porttime.5, man/pl/pwck.8, man/pl/pwconv.8, man/pl/shadow.3, man/pl/shadow.5, man/pl/su.1, man/pl/suauth.5:
+ *** empty log message ***
+
+2000-09-02 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/groupmod.c, src/grpck.c, src/login.c, src/logoutd.c, src/newgrp.c, src/passwd.c, src/pwck.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, lib/commonio.h, lib/defines.h, lib/groupio.c, lib/pwio.c, lib/sgroupio.c, lib/shadowio.c, man/Attic/usermod.8, po/el.po, po/fr.po, po/pl.po, po/sv.po, redhat/Attic/shadow-utils.spec.in, src/Attic/dpasswd.c, src/chage.c, src/chfn.c, src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, configure.in, debian/Attic/rules, doc/Attic/CHANGES, doc/Attic/LSM, lib/commonio.c:
+ *** empty log message ***
+
+2000-08-26 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * contrib/Makefile.am, contrib/groupmems.shar, doc/Attic/LSM, po/el.po, po/fr.po, po/pl.po, po/sv.po, doc/Attic/README.mirrors, src/vipw.c, src/Attic/dpasswd.c, src/Attic/mkpasswd.c, src/Makefile.am, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, lib/Attic/dialchk.h, lib/Attic/dialup.h, lib/Attic/rad64.c, lib/Attic/tcfsio.h, lib/Makefile.am, lib/commonio.c, lib/commonio.h, lib/defines.h, lib/encrypt.c, lib/getdef.c, lib/getdef.h, lib/groupio.c, lib/groupio.h, lib/prototypes.h, lib/pwauth.c, lib/pwio.c, lib/pwio.h, lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.h, libmisc/Attic/suauth.c, libmisc/chkname.h, libmisc/chowndir.c, libmisc/copydir.c, libmisc/entry.c, libmisc/failure.h, libmisc/getdate.h, libmisc/hushed.c, libmisc/loginprompt.c, libmisc/setupenv.c, libmisc/sulog.c, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Makefile.am, man/pl/Makefile.am, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, etc/Attic/login.defs.hurd, etc/Attic/login.defs.linux, doc/Attic/ANNOUNCE, doc/Attic/CHANGES, doc/Attic/README, doc/Attic/README.linux, doc/Attic/README.pam, doc/WISHLIST, debian/Attic/login.copyright, debian/Attic/passwd.copyright, debian/Attic/secure-su.copyright, Attic/mkinstalldirs, configure.in, Makefile.am:
+ *** empty log message ***
+
+1999-08-27 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * doc/Attic/LSM, po/el.po, po/fr.po, po/pl.po, po/sv.po, debian/Attic/passwd.postinst, lib/Attic/dialchk.c, lib/Attic/getpass.c, lib/getdef.c, lib/pwauth.c, libmisc/limits.c, libmisc/rlogin.c, man/Attic/limits.5, man/Attic/newgrp.1, src/Attic/dpasswd.c, src/chage.c, src/gpasswd.c, src/login.c, src/logoutd.c, src/newgrp.c, src/passwd.c, src/sulogin.c, Attic/acconfig.h, configure.in, debian/Attic/Makefile.am, debian/Attic/changelog, debian/Attic/control.gnu, debian/Attic/control.linux, debian/Attic/login.postrm, debian/Attic/logoutd, debian/Attic/logoutd.init, debian/Attic/passwd.conffiles, debian/Attic/passwd.cron, debian/Attic/passwd.init, debian/Attic/passwd.postrm, debian/Attic/rules, doc/Attic/CHANGES, doc/Attic/README.mirrors, doc/WISHLIST, etc/Attic/login.defs.hurd, etc/Attic/login.defs.linux, etc/Makefile.am, lib/defines.h:
+ *** empty log message ***
+
+1999-07-09 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * configure.in, contrib/Makefile.am, debian/Attic/changelog, doc/Attic/CHANGES, doc/Attic/LSM, doc/WISHLIST, lib/Attic/strcasecmp.c, lib/prototypes.h, libmisc/Makefile.am, man/Attic/faillog.8, po/el.po, po/pl.po, src/Makefile.am, src/chfn.c, src/chsh.c, src/faillog.c, src/groupmod.c, src/grpconv.c, src/grpunconv.c, src/newgrp.c, src/passwd.c, src/vipw.c:
+ *** empty log message ***
+
+1999-06-07 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * redhat/Attic/shadow-utils.spec.in, src/Attic/dpasswd.c, src/Attic/mkpasswd.c, src/Makefile.am, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, contrib/Makefile.am, contrib/README, contrib/udbachk.tgz, debian/Attic/changelog, debian/Attic/rules, doc/Attic/CHANGES, doc/Attic/LSM, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/README.platforms, doc/WISHLIST, lib/Attic/getpass.c, lib/Attic/rcsid.h, lib/Makefile.am, lib/fputsx.c, lib/pam_defs.h, lib/prototypes.h, libmisc/Attic/login_desrpc.c, libmisc/pam_pass.c, libmisc/utmp.c, man/Attic/login.1, po/el.po, po/pl.po, Attic/acconfig.h, configure.in:
+ *** empty log message ***
+
+1999-03-07 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * po/pl.po, po/el.po, doc/Attic/LSM, src/useradd.c, src/su.c, src/pwconv.c, src/pwck.c, src/passwd.c, src/newusers.c, src/newgrp.c, src/logoutd.c, src/login.c, src/grpconv.c, src/grpck.c, src/groupadd.c, src/gpasswd.c, src/Attic/dpasswd.c, src/chfn.c, src/chage.c, man/Attic/usermod.8, man/Attic/useradd.8, man/Attic/limits.5, man/Attic/chage.1, libmisc/valid.c, libmisc/sub.c, libmisc/strtoday.c, libmisc/setupenv.c, libmisc/obscure.c, libmisc/limits.c, libmisc/env.c, lib/Attic/snprintf.h, lib/getdef.c, lib/encrypt.c, lib/defines.h, etc/Attic/login.defs.linux, doc/WISHLIST, doc/Attic/README.nls, doc/Attic/README.pam, doc/README.platforms, doc/Attic/README.mirrors, doc/Attic/README.linux, doc/Makefile.am, doc/Attic/CHANGES, debian/Attic/tar.c, debian/Attic/rules, debian/Attic/logoutd, debian/Attic/control, debian/Attic/changelog, configure.in:
+ *** empty log message ***
+
+1998-12-28 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/usermod.c, src/userdel.c, src/useradd.c, src/sulogin.c, src/su.c, src/pwunconv.c, src/pwconv.c, src/pwck.c, src/passwd.c, src/newusers.c, src/newgrp.c, src/Attic/mkpasswd.c, src/logoutd.c, src/login.c, src/lastlog.c, src/id.c, src/grpunconv.c, src/grpconv.c, src/grpck.c, src/groups.c, src/groupmod.c, src/groupdel.c, src/groupadd.c, src/gpasswd.c, src/faillog.c, src/expiry.c, src/Attic/dpasswd.c, src/chsh.c, src/chpasswd.c, src/chfn.c, src/chage.c, po/Attic/doit, po/POTFILES.in, po/el.po, src/Makefile.am, man/Attic/usermod.8, man/Attic/userdel.8, man/Attic/useradd.8, man/Attic/sulogin.8, man/Attic/su.1, man/Attic/shadow.5, man/Attic/shadow.3, man/Attic/pwck.8, man/Attic/pwauth.8, man/Attic/pw_auth.3, man/Attic/porttime.5, man/Attic/passwd.5, man/Attic/passwd.1, man/Attic/newusers.8, man/Attic/newgrp.1, man/Attic/mkpasswd.8, man/Attic/logoutd.8, man/Attic/login.defs.5, man/Attic/login.1, man/Attic/lastlog.8, man/Attic/id.1, man/Attic/grpck.8, man/Attic/groups.1, man/Attic/groupmod.8, man/Attic/groupdel.8, man/Attic/groupadd.8, man/Attic/faillog.8, man/Attic/faillog.5, man/Attic/dpasswd.8, man/Attic/chsh.1, man/Attic/chpasswd.8, man/Attic/chfn.1, man/Attic/chage.1, libmisc/xmalloc.c, libmisc/sub.c, libmisc/Attic/suauth.c, libmisc/shell.c, libmisc/setupenv.c, libmisc/pam_pass.c, libmisc/obscure.c, libmisc/mail.c, libmisc/Attic/login_desrpc.c, libmisc/limits.c, libmisc/failure.c, libmisc/env.c, libmisc/console.c, libmisc/chowntty.c, libmisc/age.c, libmisc/addgrps.c, libmisc/Makefile.am, lib/Attic/strerror.c, lib/pwauth.c, lib/prototypes.h, lib/Attic/getpass.c, lib/getdef.c, lib/Attic/dialchk.c, lib/defines.h, lib/Makefile.am, doc/WISHLIST, doc/README.platforms, doc/Attic/README.mirrors, doc/Attic/README.linux, doc/Attic/README, doc/Attic/LSM, doc/Attic/CHANGES, debian/Attic/secure-su.copyright, debian/Attic/passwd.copyright, debian/Attic/login.copyright, debian/Attic/control, debian/Attic/changelog, configure.in, Attic/acconfig.h, Makefile.am:
+ *** empty log message ***
+
+1998-07-24 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/passwd.c, src/su.c, src/userdel.c, src/Makefile.am, src/chage.c, src/faillog.c, src/login.c, lib/Attic/tcfsio.c, lib/Attic/tcfsio.h, lib/pwauth.c, libmisc/chowntty.c, libmisc/pam_pass.c, libmisc/setugid.c, etc/pam.d/passwd, etc/pam.d/su, lib/Makefile.am, lib/commonio.c, lib/defines.h, lib/prototypes.h, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/Makefile.am, doc/README.platforms, doc/WISHLIST, etc/Makefile.am, etc/pam.d/Makefile.am, doc/Attic/CHANGES, debian/Attic/changelog, configure.in, Attic/acconfig.h:
+ *** empty log message ***
+
+1998-06-26 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/passwd.c, src/usermod.c, man/Attic/faillog.8, man/Attic/pwconv.8, src/logoutd.c, lib/Attic/getpass.c, libmisc/copydir.c, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/WISHLIST, lib/commonio.c, debian/Attic/changelog, doc/Attic/CHANGES, configure.in:
+ *** empty log message ***
+
+1998-05-29 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * man/Attic/lastlog.8, man/Attic/login.1, src/usermod.c, doc/Attic/CHANGES, doc/Attic/README.linux, etc/Attic/login.defs.linux, lib/defines.h, debian/Attic/changelog, debian/Attic/login.copyright, debian/Attic/login.postinst, debian/Attic/passwd.copyright, debian/Attic/rules, debian/Attic/secure-su.copyright, configure.in, contrib/Makefile.am, contrib/shadow-anonftp.patch:
+ *** empty log message ***
+
+1998-04-16 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/useradd.c, src/userdel.c, src/usermod.c, src/passwd.c, src/sulogin.c, src/groupdel.c, src/login.c, src/logoutd.c, src/newgrp.c, src/Attic/dpasswd.c, src/chage.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, redhat/Attic/shadow-970616-rh.patch, redhat/Attic/shadow-970616-utuser.patch, redhat/Attic/shadow-970616.login.defs, redhat/Attic/shadow-970616.useradd, redhat/Attic/shadow-utils-970616.spec, src/Makefile.am, libmisc/utmp.c, redhat/Attic/Makefile.am, redhat/Attic/README, redhat/Attic/shadow-970616-fix.patch, redhat/Attic/shadow-970616-glibc.patch, libmisc/Attic/login_desrpc.c, libmisc/limits.c, libmisc/log.c, libmisc/loginprompt.c, libmisc/obscure.c, libmisc/strtoday.c, libmisc/chkname.c, libmisc/chowndir.c, libmisc/copydir.c, libmisc/failure.c, lib/Attic/dialchk.c, lib/Attic/pwpack.c, lib/defines.h, lib/pwauth.c, doc/Attic/CHANGES, doc/Attic/README.linux, doc/WISHLIST, doc/cracklib26.diff, lib/commonio.c, Attic/acconfig.h, configure.in, debian/Attic/tar.c:
+ *** empty log message ***
+
+1998-04-02 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/groupmod.c, libmisc/sulog.c, lib/sgetspent.c, lib/sgetpwent.c, lib/sgetgrent.c, lib/Attic/putgrent.c, lib/gshadow.c, lib/getdef.c, lib/fputsx.c, lib/commonio.c, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/Attic/CHANGES, configure.in:
+ *** empty log message ***
+
+1998-01-30 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * Attic/install-sh, src/userdel.c, src/usermod.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/useradd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/groupmod.c, src/login.c, src/logoutd.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, redhat/Attic/README, redhat/Attic/shadow-utils.spec.in, src/Makefile.am, src/chage.c, man/Attic/login.defs.5, man/Attic/useradd.8, man/Attic/usermod.8, redhat/Attic/Makefile.am, libmisc/pam_pass.c, libmisc/strtoday.c, libmisc/tz.c, libmisc/Attic/login_access.c, libmisc/Attic/login_desrpc.c, libmisc/Attic/login_krb.c, libmisc/obscure.c, libmisc/age.c, libmisc/env.c, libmisc/limits.c, lib/Attic/strstr.c, lib/shadow.c, lib/shadowio.c, lib/shadowio.h, lib/utent.c, lib/Attic/rmdir.c, lib/pwio.c, lib/pwio.h, lib/sgetspent.c, lib/sgroupio.c, lib/Attic/mkdir.c, lib/Attic/putgrent.c, lib/prototypes.h, lib/pwauth.c, lib/Attic/md5crypt.c, lib/Attic/getpass.c, lib/groupio.c, lib/gshadow.c, lib/lockpw.c, lib/commonio.h, lib/defines.h, lib/encrypt.c, lib/getdef.c, lib/getdef.h, doc/Attic/README.mirrors, doc/Attic/automake-1.0.diff, doc/WISHLIST, lib/Makefile.am, lib/commonio.c, doc/Attic/ANNOUNCE, doc/Attic/CHANGES, doc/Attic/README.linux, doc/Makefile.am, doc/README.limits, debian/Attic/Makefile.am, debian/Attic/changelog, debian/Attic/login.copyright, debian/Attic/rules, Attic/mkinstalldirs, Attic/shadow-utils.spec, contrib/README, Attic/acconfig.h, Attic/aclocal.m4, configure.in, Makefile.am:
+ *** empty log message ***
+
+1998-01-25 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * Attic/acconfig.h: *** empty log message ***
+
+1997-12-14 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * doc/Attic/CHANGES, debian/Attic/checksums, debian/Attic/rules, debian/Attic/Makefile.am, src/Makefile.am, src/userdel.c, src/usermod.c, src/pwck.c, src/useradd.c, src/Attic/mkpasswd.c, src/gpasswd.c, src/grpck.c, src/login.c, src/chage.c, src/chfn.c, src/chsh.c, man/Attic/shadowconfig.8, man/Attic/vipw.8, old/Attic/Makefile.am, old/Attic/pwunconv.8, man/Attic/login.defs.5, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Makefile.am, libmisc/limits.c, libmisc/rlogin.c, lib/Attic/pwdbm.c, lib/Attic/pwent.c, lib/prototypes.h, lib/shadow.c, doc/Attic/LSM, doc/WISHLIST, etc/limits, lib/Attic/grent.c, Attic/shadow-utils.spec, debian/Attic/changelog, configure.in:
+ *** empty log message ***
+
+1997-12-08 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/userdel.c, src/usermod.c, src/Attic/shadowconfig.sh, src/su.c, src/sulogin.c, src/useradd.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/newgrp.c, src/newusers.c, src/Attic/mkpasswd.c, src/logoutd.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/grpck.c, src/Attic/dpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/Makefile.am, src/chage.c, src/chfn.c, src/chpasswd.c, old/Attic/Makefile.am, old/Attic/pwconv.8, old/Attic/vipw.8, man/Attic/limits.5, man/Attic/pwconv.8, man/Attic/shadowconfig.8, man/Attic/vipw.8, man/Makefile.am, libmisc/tz.c, libmisc/ulimit.c, libmisc/utmp.c, libmisc/valid.c, libmisc/xmalloc.c, libmisc/Attic/suauth.c, libmisc/strtoday.c, libmisc/sub.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/Attic/setup.c, libmisc/salt.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/rlogin.c, libmisc/motd.c, libmisc/myname.c, libmisc/obscure.c, libmisc/pam_pass.c, libmisc/pwd2spwd.c, libmisc/pwd_init.c, libmisc/Attic/login_access.c, libmisc/Attic/login_desrpc.c, libmisc/Attic/login_krb.c, libmisc/loginprompt.c, libmisc/mail.c, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/list.c, libmisc/log.c, libmisc/Attic/getdate.c, libmisc/failure.h, libmisc/fields.c, libmisc/getdate.h, libmisc/getdate.y, libmisc/entry.c, libmisc/env.c, libmisc/failure.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, libmisc/copydir.c, libmisc/Attic/chkshell.c, libmisc/age.c, libmisc/basename.c, libmisc/chkname.c, libmisc/chkname.h, lib/Attic/strdup.c, lib/Attic/strerror.c, lib/Attic/strstr.c, lib/utent.c, libmisc/Makefile.am, libmisc/addgrps.c, lib/Attic/spdbm.c, lib/Attic/sppack.c, lib/sgroupio.c, lib/shadow.c, lib/shadowio.c, lib/Attic/rename.c, lib/Attic/rmdir.c, lib/sgetgrent.c, lib/sgetpwent.c, lib/sgetspent.c, lib/Attic/rad64.c, lib/Attic/pwdbm.c, lib/Attic/pwent.c, lib/Attic/pwpack.c, lib/pwauth.c, lib/pwio.c, lib/Attic/mkdir.c, lib/Attic/putgrent.c, lib/Attic/putpwent.c, lib/Attic/putspent.c, lib/port.c, lib/prototypes.h, lib/Attic/gsdbm.c, lib/Attic/gspack.c, lib/Attic/md5.c, lib/Attic/md5crypt.c, lib/gshadow.c, lib/lockpw.c, lib/Attic/grdbm.c, lib/Attic/grent.c, lib/Attic/grpack.c, lib/groupio.c, lib/Attic/getpass.c, lib/Attic/dialup.c, lib/encrypt.c, lib/fputsx.c, lib/getdef.c, lib/Attic/dialchk.c, lib/Attic/dialchk.h, lib/commonio.c, lib/commonio.h, lib/defines.h, doc/Attic/automake-1.0.diff, etc/Attic/login.defs.linux, etc/limits, lib/Makefile.am, doc/Attic/CHANGES, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/WISHLIST, debian/Attic/login.conffiles, debian/Attic/login.postinst, debian/Attic/passwd.postinst, debian/Attic/porttime, debian/Attic/rules, debian/Attic/secure-su.README, debian/Attic/securetty, contrib/pwdauth.c, debian/Attic/changelog, debian/Attic/control, Attic/acconfig.h, Attic/aclocal.m4, Attic/shadow-utils.spec, configure.in, Makefile.am:
+ *** empty log message ***
+
+1997-10-01 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * debian/Attic/changelog, src/chpasswd.c, libmisc/Attic/login_access.c, lib/commonio.h, lib/sgroupio.c, lib/shadowio.c, etc/Attic/login.defs.linux, doc/Attic/CHANGES, doc/Attic/LSM, doc/Attic/README.mirrors, doc/WISHLIST, Attic/shadow-utils.spec:
+ *** empty log message ***
+
+1997-09-30 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/useradd.c, src/userdel.c, src/usermod.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/newusers.c, src/passwd.c, src/pwck.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/login.c, src/groupmod.c, src/Attic/dpasswd.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/Makefile.am, old/Attic/install-sh, old/Attic/pwconv-old.8, old/Attic/pwunconv-old.8, old/Attic/Makefile.am, man/Attic/pwconv.8, man/Attic/pwunconv.8, libmisc/setugid.c, libmisc/shell.c, libmisc/utmp.c, libmisc/mail.c, libmisc/obscure.c, libmisc/pam_pass.c, libmisc/salt.c, libmisc/Attic/login_access.c, libmisc/isexpired.c, libmisc/env.c, libmisc/fields.c, libmisc/addgrps.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, libmisc/copydir.c, lib/Attic/strerror.c, lib/Attic/snprintf.c, lib/Attic/snprintf.h, lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h, lib/Attic/putgrent.c, lib/Attic/pwent.c, lib/pwauth.c, lib/Attic/getpass.c, lib/Attic/grent.c, lib/prototypes.h, lib/commonio.c, lib/commonio.h, lib/defines.h, lib/encrypt.c, lib/getdef.c, lib/Makefile.am, etc/Attic/login.defs.linux, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/WISHLIST, doc/Attic/CHANGES, doc/Attic/LSM, doc/Makefile.am, debian/Attic/rules, debian/Attic/changelog, contrib/adduser.c, configure.in, Attic/acconfig.h:
+ *** empty log message ***
+
+1997-09-29 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * man/Attic/chpasswd.8, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Attic/su.1, man/Makefile.am:
+ *** empty log message ***
+
+1997-06-16 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * doc/Attic/console.c.spec, doc/Makefile.am, doc/WISHLIST, doc/console.c.spec.txt, doc/Attic/CHANGES, debian/Attic/changelog, src/Attic/shadowconfig.sh, redhat/Attic/Makefile.am, redhat/Attic/README, redhat/Attic/shadow-970502-config.patch, redhat/Attic/shadow-utils.spec, doc/Attic/README.mirrors, doc/Attic/README.shadow-paper, doc/Attic/README.linux, debian/Attic/login.copyright, debian/Attic/passwd.copyright, debian/Attic/secure-su.copyright, Attic/shadow-utils.spec, Makefile.am, configure.in:
+ *** empty log message ***
+
+1997-06-01 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * debian/Attic/changelog, src/userdel.c, src/usermod.c, src/pwck.c, src/pwunconv.c, src/useradd.c, src/grpunconv.c, src/newusers.c, src/passwd.c, src/expiry.c, src/grpconv.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/Makefile.am, redhat/Attic/Makefile.am, redhat/Attic/README, redhat/Attic/shadow-970502-config.patch, redhat/Attic/shadow-utils.spec, libmisc/mail.c, libmisc/Attic/login_desrpc.c, lib/pwio.h, lib/shadowio.c, lib/shadowio.h, lib/prototypes.h, lib/pwauth.c, lib/pwio.c, lib/commonio.c, lib/defines.h, doc/Attic/README.linux, doc/WISHLIST, doc/Attic/CHANGES, doc/Attic/INSTALL, Attic/install-sh, Attic/mkinstalldirs, Attic/acconfig.h, Makefile.am, configure.in:
+ *** empty log message ***
+
+1997-05-02 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/Attic/shadowconfig.sh, src/Makefile.am, man/Makefile.am, libmisc/mail.c, libmisc/salt.c, lib/sgroupio.c, lib/shadowio.c, lib/groupio.c, lib/pwio.c, etc/Makefile.am, doc/WISHLIST, doc/Attic/CHANGES, debian/Attic/shadowconfig, debian/Attic/Makefile.am, debian/Attic/changelog, debian/Attic/control, debian/Attic/rules, configure.in, Attic/configure, shlib/Attic/Makefile.in, man/Attic/Makefile.in, libmisc/Attic/Makefile.in, lib/Attic/Makefile.in, etc/Attic/Makefile.in, doc/Attic/Makefile.in, contrib/Attic/Makefile.in, Attic/Makefile.in, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/shadow.5, man/Attic/su.1, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Attic/shadow.3, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/limits.5, man/Attic/login.1, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, libmisc/valid.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/tz.c, libmisc/utmp.c, libmisc/Attic/setup.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/strtoday.c, libmisc/sub.c, libmisc/setugid.c, libmisc/obscure.c, libmisc/pwd2spwd.c, libmisc/rlogin.c, libmisc/Attic/login_access.c, libmisc/loginprompt.c, libmisc/motd.c, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/list.c, libmisc/log.c, libmisc/copydir.c, libmisc/entry.c, libmisc/env.c, libmisc/failure.c, libmisc/fields.c, libmisc/age.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, lib/utent.c, lib/Attic/shadow_.h, lib/Attic/spdbm.c, lib/Attic/sppack.c, lib/Attic/strstr.c, lib/shadow.c, lib/sgetpwent.c, lib/sgetspent.c, lib/Attic/pwpack.c, lib/Attic/rad64.c, lib/Attic/rename.c, lib/Attic/rmdir.c, lib/sgetgrent.c, lib/Attic/pwdbm.c, lib/Attic/pwent.c, lib/pwauth.h, lib/Attic/putgrent.c, lib/Attic/putpwent.c, lib/Attic/putspent.c, lib/port.h, lib/pwauth.c, lib/Attic/lastlog_.h, lib/Attic/mkdir.c, lib/lockpw.c, lib/port.c, lib/Attic/grpack.c, lib/Attic/gsdbm.c, lib/Attic/gspack.c, lib/gshadow.c, lib/gshadow_.h, lib/Attic/getpass.c, lib/Attic/grdbm.c, lib/Attic/grent.c, lib/getdef.c, lib/Attic/dialup.h, lib/encrypt.c, lib/faillog.h, lib/fputsx.c, lib/Attic/dialchk.c, lib/Attic/dialup.c, lib/commonio.c, lib/defines.h, etc/Attic/login.defs.linux, etc/login.defs, doc/Attic/README.linux, doc/Attic/LICENSE, doc/Attic/README, doc/Makefile.am, doc/HOWTO, doc/Attic/ANNOUNCE, debian/Attic/secure-su.README, debian/Attic/secure-su.conffiles, debian/Attic/secure-su.copyright, debian/Attic/secure-su.postrm, debian/Attic/secure-su.preinst, debian/Attic/securetty, debian/Attic/passwd.conffiles, debian/Attic/passwd.copyright, debian/Attic/passwd.postinst, debian/Attic/porttime, debian/Attic/login.conffiles, debian/Attic/login.copyright, debian/Attic/login.postinst, debian/Attic/login.postrm, debian/Attic/login.preinst, debian/Attic/login.prerm, debian/Attic/logoutd, Attic/acconfig.h, Attic/config.h.in, Makefile.am, old/Attic/Makefile.in, old/Attic/scologin.c, old/Attic/orig-config.h, old/Attic/pwconv-old.c, old/Attic/pwd.h.m4, old/Attic/pwunconv-old.c, old/Attic/config.h.sun4, old/Attic/config.h.svr4, old/Attic/config.h.xenix, old/Attic/config.h.linux, old/Attic/Makefile.sun4, old/Attic/Makefile.svr4, old/Attic/Makefile.xenix, old/Attic/Makefile.am, old/Attic/Makefile.linux, src/Attic/Makefile.in, src/pwconv.c, src/userdel.c, src/usermod.c, src/useradd.c, src/su.c, src/sulogin.c, src/Attic/pwconv5.c, src/Attic/scologin.c, src/pwck.c, src/pwunconv.c, src/Attic/patchlevel.h, src/newusers.c, src/passwd.c, src/Attic/mkpasswd.c, src/logoutd.c, src/newgrp.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/grpck.c, src/grpconv.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/Attic/dpasswd.c, src/chsh.c, src/expiry.c, src/chfn.c, src/chpasswd.c, src/chage.c:
+ *** empty log message ***
+
+1997-02-11 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/groupadd.c, src/useradd.c, libmisc/setupenv.c, lib/sgroupio.c, lib/shadowio.c, lib/groupio.c, lib/pwio.c, lib/Makefile.am, lib/commonio.c, doc/Attic/CHANGES, doc/HOWTO, README, configure.in:
+ *** empty log message ***
+
+1997-01-08 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/groupadd.c, lib/commonio.c, README, src/useradd.c, src/userdel.c, src/usermod.c, src/Attic/pwconv5.c, src/pwconv.c, src/su.c, src/passwd.c, src/pwck.c, src/grpunconv.c, src/login.c, src/logoutd.c, src/newgrp.c, src/grpck.c, src/grpconv.c, src/faillog.c, src/gpasswd.c, src/groupmod.c, src/chage.c, src/chfn.c, src/chsh.c, src/expiry.c, libmisc/ttytype.c, libmisc/utmp.c, libmisc/Attic/suauth.c, libmisc/strtoday.c, libmisc/shell.c, libmisc/failure.c, libmisc/log.c, libmisc/loginprompt.c, libmisc/myname.c, lib/shadowio.h, libmisc/Makefile.am, libmisc/chkname.c, lib/sgetpwent.c, lib/sgroupio.c, lib/sgroupio.h, lib/shadow.c, lib/shadowio.c, lib/Attic/pwent.c, lib/pwio.c, lib/pwio.h, lib/Attic/putgrent.c, lib/groupio.c, lib/groupio.h, lib/gshadow.c, lib/prototypes.h, lib/defines.h, lib/faillog.h, lib/getdef.c, doc/Attic/README.linux, doc/WISHLIST, etc/Attic/login.defs.linux, lib/Makefile.am, doc/Attic/CHANGES, doc/HOWTO, Attic/acconfig.h, configure.in:
+ *** empty log message ***
+
+1996-10-27 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/usermod.c, src/grpck.c, src/useradd.c, src/userdel.c, src/chsh.c, src/gpasswd.c, libmisc/isexpired.c, libmisc/limits.c, lib/sgroupio.c, lib/shadowio.c, lib/commonio.c, lib/groupio.c, lib/pwio.c, doc/Attic/CHANGES, doc/Attic/README.linux, doc/WISHLIST, Attic/configure, configure.in:
+ *** empty log message ***
+
+1996-09-25 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/usermod.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/su.c, src/Attic/pwconv5.c, src/newgrp.c, src/passwd.c, src/pwck.c, src/grpck.c, src/login.c, src/logoutd.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/chfn.c, src/chsh.c, src/chage.c, libmisc/strtoday.c, libmisc/env.c, libmisc/fields.c, libmisc/isexpired.c, libmisc/setupenv.c, lib/Attic/rad64.c, lib/getdef.c, lib/prototypes.h, lib/defines.h, etc/Attic/login.defs.linux, doc/Attic/README.linux, doc/WISHLIST, doc/Attic/CHANGES, Attic/configure, configure.in, Attic/config.h.in:
+ *** empty log message ***
+
+1996-09-20 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/usermod.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/newusers.c, src/passwd.c, src/pwck.c, src/grpck.c, src/login.c, src/logoutd.c, src/newgrp.c, src/groupdel.c, src/groupmod.c, src/Attic/dpasswd.c, src/chsh.c, src/gpasswd.c, src/groupadd.c, src/Attic/Makefile.in, src/chage.c, src/chfn.c, src/Makefile.am, libmisc/Attic/suauth.c, libmisc/shell.c, libmisc/sub.c, libmisc/ttytype.c, libmisc/env.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/chowntty.c, lib/prototypes.h, lib/getdef.c, doc/Attic/CHANGES, doc/WISHLIST:
+ *** empty log message ***
+
+1996-09-10 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * src/su.c, src/sulogin.c, src/usermod.c, src/logoutd.c, src/newgrp.c, src/passwd.c, src/pwconv.c, src/Attic/Makefile.in, src/chfn.c, src/chsh.c, src/grpunconv.c, src/login.c, src/Makefile.am, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.access.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/faillog.5, libmisc/isexpired.c, libmisc/obscure.c, libmisc/setupenv.c, libmisc/utmp.c, libmisc/age.c, lib/Attic/getpass.c, lib/defines.h, lib/getdef.c, etc/Attic/login.defs.linux, etc/limits, etc/login.access, doc/Attic/CHANGES, doc/Attic/README.linux, doc/WISHLIST, contrib/Attic/Makefile.in, contrib/Makefile.am, Attic/configure, configure.in:
+ *** empty log message ***
+
+1996-08-10 Marek Michałkiewicz <marekm@pld.org.pl>
+
+ * old/Attic/Makefile.am, old/Attic/Makefile.linux, old/Attic/Makefile.sun4, old/Attic/Makefile.svr4, old/Attic/Makefile.xenix, old/Attic/config.h.linux, old/Attic/config.h.sun4, old/Attic/config.h.svr4, old/Attic/config.h.xenix, old/Attic/install-sh, old/Attic/orig-config.h, old/Attic/pwd.h.m4, shlib/Attic/Makefile.am, shlib/Attic/Makefile.in, shlib/Attic/Makefile.in.saved:
+ New file.
+
+ * contrib/adduser-old.c, contrib/adduser.sh, contrib/adduser2.sh, contrib/atudel:
+ 960810 - first version under cvs
+
+ * contrib/Attic/Makefile.in, contrib/Makefile.am, contrib/README, contrib/adduser.c, contrib/pwdauth.c, doc/Attic/ANNOUNCE, doc/Attic/CHANGES, doc/Attic/LICENSE, doc/Attic/Makefile.in, doc/Attic/README, doc/Attic/README.linux, doc/Attic/README.sun4, doc/Attic/automake-1.0.diff, doc/Attic/console.c.spec, doc/HOWTO, doc/Makefile.am, doc/README.limits, doc/WISHLIST, etc/Attic/Makefile.in, etc/Attic/login.defs.linux, etc/Makefile.am, etc/login.access, etc/login.defs, old/Attic/Makefile.in, src/Attic/patchlevel.h, src/Attic/pwconv5.c, src/Attic/scologin.c, src/chage.c, src/chfn.c, src/chsh.c, src/expiry.c, src/gpasswd.c, src/groups.c, src/grpconv.c, src/id.c, src/login.c, src/newgrp.c, src/passwd.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/sulogin.c, lib/Attic/dialup.h, lib/Attic/grdbm.c, lib/Attic/grent.c, lib/Attic/grpack.c, lib/Attic/gsdbm.c, lib/Attic/gspack.c, lib/Attic/lastlog_.h, lib/Attic/md5.c, lib/Attic/md5.h, lib/Attic/md5crypt.c, lib/Attic/mkdir.c, lib/Attic/putgrent.c, lib/Attic/putpwent.c, lib/Attic/putspent.c, lib/Attic/pwdbm.c, lib/Attic/pwent.c, lib/Attic/pwpack.c, lib/Attic/rcsid.h, lib/Attic/rename.c, lib/Attic/rmdir.c, lib/Attic/shadow_.h, lib/Attic/spdbm.c, lib/Attic/sppack.c, lib/Attic/strdup.c, lib/Attic/strstr.c, lib/defines.h, lib/faillog.h, lib/getdef.h, lib/groupio.h, lib/gshadow_.h, lib/port.h, lib/prototypes.h, lib/pwauth.h, lib/pwio.h, lib/sgetgrent.c, lib/sgetpwent.c, lib/sgetspent.c, lib/sgroupio.h, lib/shadow.c, lib/shadowio.c, lib/shadowio.h, lib/utent.c, src/Attic/Makefile.in, src/Attic/dpasswd.c, src/Attic/mkpasswd.c, src/Makefile.am, src/chpasswd.c, src/faillog.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/grpck.c, src/lastlog.c, src/logoutd.c, src/newusers.c, src/pwck.c, src/useradd.c, src/userdel.c, src/usermod.c, lib/Attic/Makefile.in, lib/Attic/dialchk.c, lib/Attic/dialup.c, lib/Attic/getpass.c, lib/Attic/rad64.c, lib/Makefile.am, lib/commonio.c, lib/encrypt.c, lib/fputsx.c, lib/getdef.c, lib/groupio.c, lib/gshadow.c, lib/lockpw.c, lib/port.c, lib/pwauth.c, lib/pwio.c, lib/sgroupio.c, libmisc/Attic/login_access.c, libmisc/Attic/login_desrpc.c, libmisc/Attic/login_krb.c, libmisc/Attic/setup.c, libmisc/Attic/suauth.c, libmisc/age.c, libmisc/basename.c, libmisc/chkname.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, libmisc/copydir.c, libmisc/entry.c, libmisc/env.c, libmisc/failure.c, libmisc/fields.c, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/list.c, libmisc/log.c, libmisc/loginprompt.c, libmisc/mail.c, libmisc/motd.c, libmisc/obscure.c, libmisc/pwd2spwd.c, libmisc/rlogin.c, libmisc/salt.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/strtoday.c, libmisc/sub.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/tz.c, libmisc/ulimit.c, libmisc/utmp.c, libmisc/valid.c, libmisc/xmalloc.c, man/Attic/Makefile.in, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Makefile.am, Attic/Makefile.in, Attic/acconfig.h, Attic/aclocal.m4, Attic/config.h.in, Attic/configure, Attic/install-sh, Attic/mkinstalldirs, Attic/stamp-h.in, Makefile.am, README, configure.in, libmisc/Attic/Makefile.in, libmisc/Makefile.am, libmisc/addgrps.c:
+ New file.
+
diff --git a/Makefile.am b/Makefile.am
new file mode 100644
index 0000000..8851f5d
--- /dev/null
+++ b/Makefile.am
@@ -0,0 +1,6 @@
+## Process this file with automake to produce Makefile.in
+
+EXTRA_DIST = NEWS README TODO shadow.spec.in
+
+SUBDIRS = po man libmisc lib src \
+ contrib doc etc
diff --git a/NEWS b/NEWS
new file mode 100644
index 0000000..21557ed
--- /dev/null
+++ b/NEWS
@@ -0,0 +1,2166 @@
+$Id$
+
+shadow-4.1.5.1 -> shadow-4.2 UNRELEASED
+
+*** general
+ * Handle libc whose crypt() returns NULL when passed a salt that
+ violates specs or system requirements (e.g. FIPS140). This is needed
+ with glibc/eglibc 2.17 for tools checking passwords (passwd (non PAM
+ enabled) or newgrp), and for tools generating encrypted passwords
+ (chgpasswd, chpasswd, or gpasswd when non PAM enabled or when a fixed
+ crypt method is requested on the command line, and newusers, or passwd
+ in their non PAM enabled versions)
+ * Fix segfault when reading groups split on multiple lines. This impacts
+ most user/group management tools when MAX_MEMBERS_PER_GROUP is set.
+
+- su
+ * When su receives a signal (SIGTERM, or SIGINT/SIGQUIT in non
+ interactive mode), kill the child process group, rather than just the
+ immediate child.
+ * Fix segmentation faults for users without a proper home or shell in
+ their passwd entries.
+
+- login
+ * Fix segmentation faults for users without a proper home or shell in
+ their passwd entries.
+
+*** documentation
+ * Fixed useradd man page (--home-dir option, instead of --home).
+
+*** translation
+ * Updated Russian translation.
+ * Updated German man pages translation.
+ * Fixed gshadow Japanese man page translation.
+
+shadow-4.1.5 -> shadow-4.1.5.1 2012-05-25
+
+- login
+ * Log into utmp(x) when PAM is enabled, but do not log into wtmp.
+ This complete pam_lastlog which logs into wtmp and in into utmp(x).
+- su
+ * non PAM enabled versions: do not fail if su is called without a
+ controlling terminal.
+- userdel
+ * Fix segfault when userdel removes the user's group.
+
+*** documentation
+ * .so links now point to paths relative to the top-level manual hierarchy
+
+*** translation
+ * Updated French man pages translation.
+ * Updated German man pages translation.
+ * Updated Polish man pages translation. (logoutd.8)
+
+shadow-4.1.4.3 -> shadow-4.1.5 2012-02-12
+
+*** security
+ * su -c could be abused by the executed command to invoke commands with
+ the caller privileges. See below. (CVE-2005-4890)
+
+*** general
+ * report usage error to stderr, but report usage help to stdout (and return
+ zero) when explicitly requested (e.g. with --help).
+ * initial support for tcb (http://openwall.com/tcb/) for useradd,
+ userdel, usermod, chage, pwck, vipw.
+ * Added support for ACLs and Extended Attributes in useradd and usermod.
+ Support shall be enabled with the new --with-acl or --with-attr
+ configure options.
+ * Added diagnosis for lock failures.
+ * use libsemanage instead of the semanage tool.
+
+- chage
+ * Add --root option.
+- chfn
+ * Add --root option.
+- chgpasswd
+ * When the gshadow file exists but there are no gshadow entries, an entry
+ is created if the password is changed and group requires a
+ shadow entry.
+ * Add --root option.
+- chpasswd
+ * PAM enabled versions: restore the -e option to allow restoring
+ passwords without knowing those passwords. Restore together the -m
+ and -c options. (These options were removed in shadow-4.1.4 on PAM
+ enabled versions)
+ * When the shadow file exists but there are no shadow entries, an entry
+ is created if the password is changed and passwd requires a
+ shadow entry.
+ * Add --root option.
+- chsh
+ * Add --root option.
+- faillog
+ * The -l, -m, -r, -t options only act on the existing users, unless -a is
+ specified.
+ * Add --root option.
+- gpasswd
+ * Add --root option.
+- groupadd
+ * Add --root option.
+- groupdel
+ * Add --root option.
+- groupmems
+ * Fix parsing of gshadow entries.
+ * Add --root option.
+- groupmod
+ * Fixed groupmod when configured with --enable-account-tools-setuid.
+ * When the gshadow file exists but there are no gshadow entries, an entry
+ is created if the password is changed and group requires a
+ shadow entry.
+ * Add --root option.
+- grpck
+ * Add --root option.
+ * NIS entries were dropped by -s (sort).
+- grpconv
+ * Add --root option.
+- grpunconv
+ * Add --root option.
+- lastlog
+ * Add --root option.
+- login
+ * Fixed limits support (non PAM enabled versions only)
+ * Added support for infinite limits and group based limits (non PAM
+ enabled versions only)
+ * Fixed infinite loop when CONSOLE is configured with a colon-separated
+ list of TTYs.
+ * Fixed warning and support for CONSOLE_GROUPS for users member of more
+ than 16 groups.
+ * Do not log into utmp(x) or wtmp when PAM is enabled. This is done by
+ pam_lastlog.
+- newgrp, sg
+ * Fix parsing of gshadow entries.
+- newusers
+ * Add --root option.
+- passwd
+ * Add --root option.
+- pwpck
+ * NIS entries were dropped by -s (sort).
+ * Add --root option.
+- pwconv
+ * Add --root option.
+- pwunconv
+ * Add --root option.
+- useradd
+ * If the skeleton directory contained hardlinked files, copies of the
+ hardlink were removed from the skeleton directory.
+ * Add --root option.
+- userdel
+ * Check the existence of the user's mail spool before trying to remove
+ it. If it does not exist, a warning is issued, but no failure.
+ * Do not remove a group with the same name as the user (usergroup) if
+ this group isn't the user's primary group.
+ * Add --root option.
+ * Add --selinux-user option.
+- usermod
+ * Accept options in any order (username not necessarily at the end)
+ * When the shadow file exists but there are no shadow entries, an entry
+ is created if the password is changed and passwd requires a
+ shadow entry, or if aging features are used (-e or -f).
+ * Add --root option.
+- su
+ * Document the su exit values.
+ * When su receives a signal, wait for the child to terminate (after
+ sending a SIGTERM), and kill it only if it did not terminate by itself.
+ No delay will be enforced if the child cooperates.
+ * Default ENV_SUPATH is /sbin:/bin:/usr/sbin:/usr/bin
+ * Fixed infinite loop when CONSOLE is configured with a colon-separated
+ list of TTYs.
+ * Fixed warning and support for CONSOLE_GROUPS for users member of more
+ than 16 groups.
+ * Do not forward the controlling terminal to commands executed with -c.
+ This prevents tty hijacking which could lead to execution with the
+ caller's privileges.
+ * Close PAM sessions as root. This will be more friendly to PAM modules
+ like pam_mount or pam_systemd.
+ * Added support for PAM modules which change PAM_USER.
+
+*** translation
+ * Updated Brazilian Portuguese translation.
+ * Updated Catalan translation.
+ * Updated Czech translation.
+ * Updated Danish translation.
+ * New Danish man pages translation.
+ * Updated French translation.
+ * Updated French man pages translation.
+ * Updated German translation.
+ * Updated German man pages translation.
+ * Updated Greek translation.
+ * Updated Italian man pages translation.
+ * Updated Japanese translation.
+ * Updated Kazakh translation.
+ * Updated Norwegian Bokmål translation.
+ * Updated Portuguese translation.
+ * Updated Russian translation.
+ * Updated Simplified Chinese translation.
+ * Updated Simplified Chinese man pages translation.
+ * Updated Swedish translation.
+ * Updated Vietnamese translation.
+
+shadow-4.1.4.2 -> shadow-4.1.4.3 2011-02-15
+
+*** security
+- CVE-2011-0721: An insufficient input sanitation in chfn can be exploited
+ to create users or groups in a NIS environment.
+
+shadow-4.1.4.1 -> shadow-4.1.4.2 2009-07-24
+
+- general
+ * Improved support for large groups (impacts most user/group management
+ tools).
+
+- addition of system users or groups
+ * Speed improvement. This should be noticeable in case of LDAP configured
+ systems. This should impact useradd, groupadd, and newusers
+ * Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in
+ reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN
+ is already used but there are still dome gaps.
+
+- login
+ * Add support for shells being a shell script without a shebang.
+- su
+ * Preserve the DISPLAY and XAUTHORITY environment variables. This was
+ only the case in the non PAM enabled versions.
+ * Add support for shells being a shell script without a shebang.
+
+*** translation
+ * The Finnish translation of passwd(1) was outdated and is no more
+ distributed.
+
+shadow-4.1.4 -> shadow-4.1.4.1 2009-05-22
+
+- login
+ * Fix failures with empty usernames on non PAM versions.
+ * Fix CONSOLE (securetty) support on non PAM versions.
+- newgrp
+ * Return the exit status of the child.
+- userdel
+ * On Linux, do not check if an user is logged in with utmp, but check if
+ the user is running some processes.
+ * If not on Linux, continue to search for an utmp record, but make sure
+ the process recorded in the utmp entry is still running.
+ * Report failures to remove the user's mailbox
+ * When USERGROUPS_ENAB is enabled, remove the user's group when the
+ user was the only member.
+ * Do not fail when -r is used and the home directory does not exist.
+- usermod
+ * Check if the user is busy when the user's UID, name or home directory
+ is changed.
+
+shadow-4.1.3.1 -> shadow-4.1.4 2009-05-10
+
+- packaging
+ * Enable --enable-account-tools-setuid by default for PAM builds.
+ * Add configure option --enable-utmpx, disabled by default to mimic
+ the previous behavior on Linux (where utmp and utmpx are identical).
+ * Fix build failure on non-PAM systems when --without-pam is not
+ specified.
+
+- chpasswd
+ * Change the passwords using PAM. This permits to define the password
+ policy in a central place. The -c/--crypt-method, -e/--encrypted,
+ -m/--md5 and -s/--sha-rounds options are no more supported on PAM
+ enabled systems.
+- grpck
+ * Warn if a group has an entry in group and gshadow, and the password
+ field in group is not 'x'.
+- login
+ * Do not trust the current utmp entry's ut_line to set PAM_TTY. This could
+ lead to DOS attacks.
+ * (PAM) Even if the user was already authenticated (-f flag), ask the
+ user to update his authentication token if needed.
+- lastlog
+ * Fix regression causing empty reports.
+- newusers
+ * Change the passwords using PAM. This permits to define the password
+ policy in a central place. The -c/--crypt-method and -s/--sha-rounds
+ options are no more supported on PAM enabled systems.
+- pwck
+ * Warn if an user has an entry in passwd and shadow, and the password
+ field in passwd is not 'x'.
+
+*** translation
+ - Updated Czech translation
+ - Updated French translation
+ - Updated German translation
+ - Updated Japanese translation
+ - Updated Korean translation
+ - Updated Portuguese translation
+ - Updated Russian translation
+
+shadow-4.1.3 -> shadow-4.1.3.1 2009-04-15
+
+*** security:
+- Due to bad parsing of octal permissions, the permissions on tty (login)
+ but also UMASK were set wrongly (and weirdly). Only shadow-4.1.3 was
+ affected.
+
+*** general
+- login
+ * Fix regression when no user is specified on the command line.
+- userdel
+ * Fixed SE Linux support
+- vipw
+ * SE Linux: Set the default context to the context of the file being
+ edited. This ensures that the backup file inherit from the file's
+ context.
+
+*** translation
+ - Updated Norwegian Bokmål translation
+
+shadow-4.1.2.2 -> shadow-4.1.3 2009-04-12
+
+*** general:
+- packaging
+ * Fixed support for OpenPAM.
+ * Fixed support for uclibc.
+ * Added configure --enable-account-tools-setuid (default) /
+ --disable-account-tools-setuid options. This permits to disable the
+ PAM authentication of the caller for chage, chgpasswd, chpasswd,
+ groupadd, groupdel, groupmod, newusers, useradd, userdel, and usermod.
+ This authentication is not necessary when these tools are not
+ installed setuid root.
+ * Added configure --with-group-name-max-length (default) /
+ --without-group-name-max-length options. This permits to configure the maximum length allowed for group names:
+ <no option> -> default of 16 (like today)
+ --with-group-name-max-length -> default of 16
+ --without-group-name-max-length -> no max length
+ --with-group-name-max-length=n > max is set to n
+ No sanity checking is performed on n so people could do
+ something neat like --with-group-name-max-length=MAX_INT
+- addition of users or groups
+ * Speed improvement in case UID_MAX/SYS_UID_MAX/GID_MAX/SYS_GID_MAX is
+ used for an user/group. This should be noticeable in case of LDAP
+ configured systems. This should impact useradd, groupadd, and newusers
+- error handling improvement
+ * Make sure errors and incomplete changes are reported to syslog and
+ audit in case of unexpected failures.
+ * Report system inconsistencies to syslog and audit.
+ * Only report success to syslog and audit if the changes are really
+ performed in the system databases.
+ This is still not complete.
+- /etc/login.defs
+ * New CREATE_HOME variable to tell useradd to create a home directory by
+ default.
+- Translations
+ * New Kazakh translation.
+ * Spanish manpages are no more distributed. They are outdated. Please
+ contact pkg-shadow-devel@lists.alioth.debian.org if you wish to
+ provide updates.
+
+- faillog
+ * Accept users specified as a numerical UID, or ranges of users (-user,
+ user-, user1-user2).
+ * -l, -m, and -r now apply not only to existing users, but to all the
+ specified UIDs.
+ * Options can be specified in any order.
+- gpasswd
+ * Added support for long options --add (-a), --delete (-d),
+ --remove-password (-r), --restrict (-R), --administrators (-A), and
+ --members (-M).
+ * Added support for usernames with arbitrary length.
+ * audit logging improvements.
+ * error handling improvement (see above).
+ * Log permission denied to syslog and audit.
+- groupadd
+ * audit logging improvements.
+ * error handling improvement (see above).
+ * Speedup (see "addition of users or groups" above).
+ * do not create groups with GID set to (gid_t)-1.
+ * Allocate system group GIDs in reverse order. This could be useful
+ later to increase the static IDs range.
+- groupdel
+ * audit logging improvements.
+ * error handling improvement (see above).
+- groupmems
+ * Check if user exist before they are added to groups.
+ * Avoid segfault in case the specified group does not exist in /etc/group.
+ * Everybody is allowed to list the users of a group.
+ * /etc/group is open readonly when one just wants to list the users of a
+ group.
+ * Added syslog support.
+ * Use the groupmems PAM service name instead of groupmod.
+ * Fix segmentation faults when adding or removing users from a group.
+ * Added support for shadow groups.
+ * Added support long options --add (-a), --delete (-d), --purge (-p),
+ --list (-l), --group (-g).
+- groupmod
+ * audit logging improvements.
+ * error handling improvement (see above).
+ * do not create groups with GID set to (gid_t)-1.
+- grpck
+ * warn for groups with GID set to (gid_t)-1.
+- login
+ * Restore the echoctl, echoke, onclr flags to the terminal termio flags.
+ Reset echoprt, noflsh, tostop. This behavior seems to have change by
+ mistake in earlier releases (4.0.8, for no obvious reason).
+- newusers
+ * Implement the -r, --system option.
+ * Speedup (see "addition of users or groups" above).
+ * do not create users with UID set to (gid_t)-1.
+ * do not create groups with GID set to (gid_t)-1.
+ * Allocate system account UIDs/GIDs in reverse order. This could be useful
+ later to increase the static IDs range.
+- passwd
+ * For compatibility with other passwd version, the --lock an --unlock
+ options do not lock or unlock the user account anymore. They only
+ lock or unlock the user's password.
+- pwck
+ * warn for users with UID set to (uid_t)-1.
+- su
+ * Preserve COLORTERM in addition to TERM when su is called with the -l
+ option.
+- useradd
+ * audit logging improvements.
+ * Speedup (see "addition of users or groups" above).
+ * See CREATE_HOME above.
+ * New -M/--no-create-home option to disable CREATE_HOME.
+ * do not create users with UID set to (gid_t)-1.
+ * Added -Z option to map SELinux user for user's login.
+ * Allocate system user UIDs in reverse order. This could be useful
+ later to increase the static IDs range.
+- userdel
+ * audit logging improvements.
+ * Do not fail if the removed user is not in the shadow database.
+ * When the user's group shall be removed, do not fail if this group is
+ not in the gshadow file.
+ * Delete the SELinux user mapping for user's login.
+- usermod
+ * Allow adding LDAP users (or any user not present in the local passwd
+ file) to local groups
+ * do not create users with UID set to (gid_t)-1.
+ * Added -Z option to map SELinux user for user's login.
+
+shadow-4.1.2.1 -> shadow-4.1.2.2 23-11-2008
+
+*** security
+- Fix a race condition in login that could lead to gaining ownership or
+ changing mode of arbitrary files.
+- Fix a possible login DOS, which could be caused by injecting forged
+ entries in utmp.
+
+shadow-4.1.2 -> shadow-4.1.2.1 26-06-2008
+
+*** security
+- Fix an "audit log injection" vulnerability in login.
+ This vulnerability makes it easier for attackers to hide activities by
+ modifying portions of log events, e.g. by appending an addr= statement
+ to the login name.
+
+shadow-4.1.1 -> shadow-4.1.2 25-05-2008
+
+*** security:
+- generation of SHA encrypted passwords (chpasswd, gpasswd, newusers,
+ chgpasswd; and also passwd if configured without PAM support).
+ The number of rounds and number of salt bytes was fixed to their lower
+ allowed values (resp. configurable and 8), hence voiding some of the
+ advantages of this encryption method. Dictionary attacks with
+ precomputed tables were easier than expected, but still harder than with
+ the MD5 (or DES) methods.
+
+*** general:
+- packaging
+ * Distribute the chfn, chsh, and userdel PAM configuration file.
+ * Fix the detection of the audit, pam, and selinux library and header
+ file; and fail if the feature is requested but not present on the
+ system.
+ * Fix build failure when configured with audit support.
+- chfn
+ * Allow non-US-ASCII characters in the GECOS fields ("name", "room
+ number", and "other info" fields).
+- login
+ * Do not fail if a shell option, specified after --, has more than 2
+ letters.
+- su
+ * If the SULOG_FILE does not exist when an su session is logged, make
+ sure the file is created with group root, instead of using the group
+ of the caller.
+- vipw
+ * Resume properly after ^Z.
+
+*** documentation:
+- Document the -r, --system option in the useradd, groupadd, and newusers
+ manpages.
+- Document the -c, --crypt-method and -s, --sha-rounds options in the
+ newusers manpage.
+- Document the -k, --skel option in the useradd manpage.
+- Tag the section which require --enable-shadowgrp or --with-sha-crypt
+ accordingly.
+
+shadow-4.1.0 -> shadow-4.1.1 02-04-2008
+
+*** general:
+- security
+ * Do not seed the random number generator each time, and use the time in
+ microseconds to avoid having the same salt for different passwords
+ generated in the same second.
+- packaging
+ * Do not install the shadow library per default.
+- general
+ * Do not translate the messages sent to syslog. This avoids logging
+ PAM error messages in the users's locale.
+- etc/login.defs
+ * Set GID_MIN to the same value as UID_MIN by default (1000).
+ * Added variables SYS_UID_MIN (100), SYS_UID_MAX (999), SYS_GID_MIN (100),
+ SYS_GID_MAX (999) for system accounts.
+- etc/useradd
+ * /etc/default/useradd now defines HOME as /home to match FHS.
+- chage
+ * Fix bug which forbid to set the aging information of an account with a
+ passwd entry, but no shadow entry.
+- faillog
+ * faillog -r now only reset the entries of existing users. This makes
+ faillog faster.
+- gpasswd
+ * Fix failures when the gshadow file is not present.
+ * When a password is moved to the gshadow file, use "x" instead of "!"
+ to indicate that the password is shadowed (consistency with grpconv).
+ * Make sure the group and gshadow files are unlocked on exit.
+- groupadd
+ * New option -p/--password to specify an encrypted password.
+ * New option -r, --system for system accounts.
+- groupdel
+ * Do not fail if the group does not exist in the gshadow file.
+ * Do not rewrite the group or gshadow file in case of error.
+ * Make sure the group and gshadow files are unlocked on exit.
+ * Fail if the system is not configured to support split groups and
+ different group entries have the name of the group to be deleted.
+- groupmems
+ * Fix buffer overflow when adding an user to a group. Thanks to Peter Vrabec.
+- groupmod
+ * New option -p/--password to specify an encrypted password.
+ * Make sure the group and gshadow files are unlocked on exit.
+ * When the GID of a group is changed, update also the GID of the passwd
+ entries of the users whose primary group is the group being modified.
+- grpck
+ * Fix logging of changes to syslog when a group file is provided,
+ without a gshadow file.
+- lastlog
+ * Accept users specified as a numerical UID, or ranges of users (-user,
+ user-, user1-user2).
+- login
+ * Use PATH and SUPATH to set the PATH environment variable, even when
+ support for PAM is enabled.
+ * If started as init, start a new session.
+- newgrp
+ * Fix segfault when an user returns to an unknown GID (either the user
+ was deleted during the user's newgrp session or the user's passwd
+ entry referenced an invalid group). Add a syslog warning in that case.
+ * Use the correct AUDIT_CHGRP_ID event instead of AUDIT_USER_START, when
+ changing the user space group ID with newgrp or sg.
+- newusers
+ * The new users are no more added to the list of members of their groups
+ because the membership is already set by their primary group.
+ * Added support for gshadow.
+ * Avoid using the same salt for different passwords.
+ * Fix support for the NONE crypt method.
+ * newusers will behave more like useradd regarding the choice of UID or
+ GID or regarding the validity of user and group names.
+ * New option -r, --system for system accounts.
+ * Make sure the passwd, group, shadow, and gshadow files are unlocked on
+ exit.
+- passwd
+ * Make sure that no more than one username argument was provided.
+ * Make SE Linux tests more strict, when the real UID is 0 SE Linux
+ checks will be performed.
+- pwck
+ * Fix logging of changes to syslog when a passwd file is provided,
+ without a shadow file.
+- su
+ * su's arguments are now reordered. If needed, use -- to separate su's
+ options from the shell's options.
+- sulogin
+ * If started as init, start a new session.
+- useradd
+ * New option -l to avoid adding the user to the lastlog and faillog databases.
+ * Fix the handling of the --defaults option (it required an argument,
+ but should behave as -D)
+ * Document the --defaults option, which was already described in the
+ useradd's Usage information.
+ * New option -r, --system for system accounts.
+ * New options -U, --user-group and -N, --no-user-group. These options
+ should replace nflg from the previous versions. Please set any -n
+ option to deprecated because its meaning differs from one distribution
+ to the other.
+ * Make sure the passwd, group, shadow, and gshadow files are unlocked on
+ exit.
+- usermod
+ * Keep the access and modification time of files when moving an user's home
+ directory.
+ * Check that the new fields set with -u, -s, -l, -g, -f, -e, -d, and -c
+ differ from the old ones. If a requested new value is equal to the old
+ one, no changes will be performed for that field. If no fields are
+ changed, usermod will exist successfully with a warning. This avoids
+ logging changes to syslog when there are actually no changes.
+ * Fix the handling of -a when a user is being renamed (with -l)
+- vipw/vigr
+ * Recommend editing the shadowed (resp. regular) file if the regular (resp.
+ shadowed) file was edited.
+
+shadow-4.0.18.2 -> shadow-4.1.0 09-12-2007
+
+*** security:
+- chgpasswd
+ When compiled with PAM support, it used the chpasswd policy file instead
+ of the chgpasswd policy file. If an administrator added some restriction
+ to the chgpasswd policy file, they were not taken into account.
+
+*** general:
+- Add support for SHA256 and SHA512 encrypt methods (supported by new
+ libc).
+- useradd: Allow non numerical group identifier to be specified with
+ useradd's -g option.
+- chgpasswd, chpasswd: Fix chpasswd and chgpasswd stack overflow.
+- newgrp: Do not give an indication that the group has no password. Ask
+ for the password, as if there were a password.
+- The permissions of the suid binaries is now configurable in
+ src/Makefile.am. Note that changing the permissions is not recommended.
+- newgrp.c: Declare the child and pid variable at the beginning of a block.
+ This fixes a compilation issue with gcc 2.95.
+- login_nopam: Add support for systems with no innetgr(). On those
+ systems, username with an @ will be treated like any other username
+ (i.e. lookup in the local database for an user with an @). Thanks to
+ Mike Frysinger for the patch.
+- Add support for uClibc with no l64a().
+- userdel, usermod: Fix infinite loop caused by erroneous group file
+ containing two entries with the same name. (The fix strategy differs
+ from
+ (https://bugzilla.redhat.com/show_bug.cgi?id=240915)
+- userdel: Abort if an error is detected while updating the passwd or group
+ databases. The passwd or group files will not be written.
+- usermod: Update the group database before flushing the nscd caches.
+- usermod: Make sure the group modifications will be allowed before
+ writing the passwd files.
+- Flush the nscd tables using nscd -i instead of the private glibc socket.
+- usermod: Make usermod options independent of the argument order.
+- newgrp: Do not request a password when a user uses newgrp to switch to
+ her primary group.
+- passwd: -l/-u options: edit the shadow account expiry field *in
+ addition* to editing the password field.
+- pwck: Remove the SHADOWPWD preprocessor check. Some check for /etc/shadow
+ were always missing.
+- su: Avoid terminating the PAM library in the forked child. This is done
+ later in the parent after closing the PAM session.
+- userdel: Fix the homedir prefix checking.
+- passwd, usermod: Refuse to unlock an account when it would result in a
+ passwordless account.
+- Full review of the usage of getpwnam(), getpwuid(), getgrnam(),
+ getgrgid(), and getspnam(). There should be no functional changes.
+- gpasswd: Only read information from the local file group database. It
+ writes the changes in /etc/group and/or /etc/gshadow, but used to read
+ information from getgrnam (hence possibly from another group database).
+- New login.defs variable: MAX_MEMBERS_PER_GROUP. It should provide a
+ better support for split groups. Be careful when using this variable:
+ not all tools support well split groups (in or out of the shadow
+ tool suite). It fixes gpasswd and chgpasswd when split groups are used.
+- Use MD5_CRYPT_ENAB, ENCRYPT_METHOD, SHA_CRYPT_MIN_ROUNDS, and
+ SHA_CRYPT_MAX_ROUNDS to define the default encryption algorithm for the
+ passwords.
+- chpaswd, chgpasswd, newusers: New options -c/--crypt-method and
+ -s/--sha-rounds to supersede the system default encryption algorithm.
+- chpaswd, chgpasswd, newusers: DES is no more the default algorithm. They
+ will respect the system default configured in /etc/login.defs
+
+*** documentation:
+- Generate the translated manpages from PO at build time.
+- The generated manpages will change depending on the configure options.
+ If you use different options than the one used for the distributed
+ archive, you should re-generate the manpages.
+- login.defs should now describe all the variables.
+- The tools' documentation details the login.defs variables they use.
+
+shadow-4.0.18.1 -> shadow-4.0.18.2 28-10-2007
+
+*** general:
+- usermod: fixed handle -a option (by Benno Schulenberg
+ <bensberg@justemail.net>),
+- useradd: improved auditing support
+ (https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=211659),
+- groupadd, groupdel, groupmod, useradd, userdel, usermod: flush nscd cashes
+ after close /etc/{group,passwd} files,
+- su: If compiled without PAM support, enforce the limits from /etc/limits
+ when one of the -, -l, or --login options is set, even if called by root.
+- limits: Support for 2 new resource limits: max nice value, and max real
+ time priority. The resource limits are not used when compiled with PAM.
+*** documentation:
+- updated translations: fi, ja, nl, tl, zh_CN.
+- groupadd.8, groupmod.8, login.1, useradd.8, userdel.8, usermod.8: grammar
+ mistakes and other corrections (by Schulenberg <bensberg@justemail.net>),
+
+shadow-4.0.18 -> shadow-4.0.18.1 03-08-2006
+
+*** general:
+- groupmems: fixed compilation when PAM is disabled
+ (by Johannes Winkelmann <jw@smts.ch>),
+- fixed missing man pages in dist tar ball necessary on build when
+ PAM is disabled.
+
+shadow-4.0.17 -> shadow-4.0.18 01-08-2006
+
+*** general:
+- su: fixed set enviroment too early when using PAM, so move it to !USE_PAM
+ (patch submitted by Mike Frysinger <vapier@gentoo.org>),
+- groupadd, groupmod, useradd, usermod: fixed UID/GID overflow (fixed
+ http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198920)
+- passwd, useradd, usermod: fixed inactive/mindays/warndays/maxdays overflow
+ (simillar to RH#198920),
+- groupmems: rewrited for use PAM and getopt_long() and now it is enabled
+ for build and install (patch by George Kraft <gk4@swbell.net>),
+- S/Key: removed assign getpass() to libshadow_getpass() on autoconf level
+ (patch by Ulrich Mueller <ulm@kph.uni-mainz.de>; http://bugs.gentoo.org/139966),
+- usermod: back to previous -a option semantics and clarify -a behavior
+ on documentation level (by Greg Schafer <gschafer@zip.com.au>),
+- chsh, groupmod: rewrited for use getopt_long().
+- updated translations: ca, cs, da, eu, fr, gl, hu, ko, pl, pt, ru, sv, tr, uk, vi.
+*** documentation:
+- fr and ru man pages are up to date,
+- partially translated sv man pages set added
+ (by Daniel Nylander <info@danielnylander.se>),
+- pl chage(1), chsh(1), groupmod(8): translation finished.
+
+shadow-4.0.16 -> shadow-4.0.17 10-07-2006
+
+*** general:
+- userdel, usermod: fixed segfault on remove home directory when it can't
+ be removed; for example when it is /dev/null (fixed http://bugs.gentoo.org/139148),
+- improved SELinux detection on autoconf level (based on patch by
+ Dan Yefimov <dan@D00M.lightwave.net.ru>),
+- removed using private implementation getpass() libc function
+ (now getpass() is used also when S/KEY support is enabled),
+- move nologin do $(sbindir),
+- useradd: fixed mail spool file creation (bug cached by Frans Pop
+ <elendil@planet.nl>;
+ fixed http://bugs.debian.org/374705),
+- updated translations: cs, da, de, ko, nb, nl, pt, ro, ru, sk, sv, vi,
+- new translations: dz, km, ne.
+*** documentation:
+- ru man pages up to date,
+- lastlog(8): updated pl translation,
+- faillog(5): added missing information about fail_locktime element of
+ faillog struct (by Thorsten Kukuk <kukuk@suse.de>),
+- updated translations: eu, fr, pl.
+- reverted using docbook.sourceforge.net in XSL url.
+
+shadow-4.0.15 -> shadow-4.0.16 05-06-2006
+
+*** general:
+- userdel: better fix for old CERT VU#312962 (which was fixed in shadow 4.0.8):
+ fixed forgoten checking of the return value from fchown() before
+ proceeding with the fchmod() (based on Owl patch prepared by
+ Rafal Wojtczuk <nergal@owl.openwall.com>),
+- userdel: use login.defs::MAIL_DIR instead hardcoded /var/mail in created
+ mailbox path (based on Owl fixes submited
+ by Solar Designer <solar@openwall.com>),
+- by default do not use libshadow_getpass() as getpass() replacemement.
+ Use libshadow_getpass() only when S/KEY support is enabled.
+ Current glibc getpass() handles correctly longer than 8 characters
+ passwords and libshadow_getpass() is used only because libc getpass()
+ do not handles password prompting with echo enabled,
+- move login.defs::MD5_CRYPT_ENAB to non-PAM part,
+- userdel: rewrited for use getopt_log(),
+- install default/template configuration files:
+-- if shadow is configured with use PAM install /etc/pam.d/* files,
+-- if shadow do not uses PAM install /etc/{limits,login.acces} files,
+-- install /etc/login.defs and /etc/default/useradd files,
+- fixed handle relative symlinks too in lib/commonio.c
+ (merge patch from Fedora),
+- properly notify nscd to flush its cache
+ (https://bugzilla.redhat.com/bugzilla/186803),
+- useradd, usermod: fixes for verify return values mkdir() and chown()
+ on copy files (merge 482_libmisc_copydir_check_return_values Debian
+ patch),
+- login, su (non-PAM variant): export MAIL only when MAIL_CHECK_ENAB
+ is enabled (Mike Frysinger <vapier@gentoo.org>),
+- pgck, grpck: warn when the members of a group differ in /etc/groups
+ and /etc/gshadow (fixed http://bugs.debian.org/75181),
+- su: fixed exit with a status 0 when the invoked command is terminated
+ by a signal which was not catched
+ (fixed by Eero Häkkinen <eero17@bigfoot.com>),
+- login: cancel login timeout after authentication so that patient people
+ timing out on network directory services can log in with local
+ accounts (http://bugs.debian.org/107148),
+- chgpasswd: fixes for build correctly with --disable-shadowgrp
+ (patch by Johannes Winkelmann <jw@tks6.net>).
+- updated translations: cs, da, es, eu, fi, fr, gl, hu, id, pt, ru, sk, sv, vi.
+- new translations: hu.
+*** documentation:
+- new cs man pages: groupmems(8), groupmod(8), grpck(8), gshadow(5)
+ (by Miroslav Kure <kurem@upcase.inf.upol.cz>),
+- regenerate roff man pages using docbook-style-xsl-1.70.1,
+- bunch of cleanups in chfn(1), faillog(8), gpasswd(1), groupadd(8),
+ groupmems(8), limits(5), login(1), login.defs(5), newgrp(1), passwd(1),
+ passwd(5) and su(1) (by Yuri Kozlov <kozlov.y@gmail.com>),
+- update pl vipw(8) man page,
+- added chgpasswd(8) ru man page,
+- updated ru login.defs(5), passwd(1), userdel(8), usermod(8) man pages,
+- pw_auth(3) man page removed (outdated),
+- install limits(5), login.access(5) and porttime(5) man pages only when
+ shadow is builded with PAM support disabled,
+- passwd(1): better document how password strength is checked
+ (fixed http://bugs.debian.org/115380),
+- usermod(8): added missing -a option description
+ (by Christian Perrier <bubulle@debian.org>),
+- hu chsh(1), lugin(1), newgrp(1): fixed typos
+ (by Koblinger Egmont <egmont@uhulinux.hu>),
+- login.defs(5): remove information about CREATE_HOME (patch by
+ Mike Frysinger <vapier@gentoo.org>),
+- chgpasswd(8): new man page.
+
+shadow-4.0.14 -> shadow-4.0.15 13-03-2006
+
+*** general:
+- do not install translated man pages if shadow is configured with
+ --disable-nls
+ (based patch submited by Mike Frysinger <vapier@gentoo.org>),
+- added fixes for detect BSD's S/Key with updated the skeychallenge()
+ function for take a fourth argument in case BSD version (patch submited by
+ Mike Frysinger <vapier@gentoo.org>),
+- login: default UMASK if not specified in login.defs is 022 (pointed by
+ Peter Vrabec <pvrabec@redhat.com>),
+- chgpasswd: new tool (by Jonas Meurer <mejo@debian.org>),
+- lastlog: print the usage and exit if an additional argument is profided to
+ lastlog (merge 488_laslog_verify_arguments Debian patch),
+- login, newgrp, nologin, su: do not link with libselinux (merge
+ 490_link_selinux_only_when_needed Debian patch),
+- chage, chfn, chsh, passwd: fixed confusing error message if /proc is not
+ mounted (http://bugs.debian.org/352494 patch Nicolas François
+ <nicolas.francois@centraliens.net>),
+- login (merge 433_login_more_LOG_UNKFAIL_ENAB Debian patch):
+ - TOO MANY LOGIN... logged if PAM_MAXTRIES or failcount >= retries (was
+ onl test PAM_MAXTRIES),
+ - print to stderr (in addition to syslog) in case of maximum number of
+ tries exceeded,
+ - always prints the number of tries in the syslog entry.
+ - add special handling for PAM_ABORT
+ - add an entry to failog, as when USE_PAM is not defined. (#53164)
+ - changed pam_end to PAM_END. This is certainly was a mistake. PAM_END is
+ pam_close_seesion + pam_end. Here, the session is still not open, we
+ don't have to close it.
+ - a HAVE_PAM_FAIL_DELAY is missing,
+- su: fixed pam session support (patch from Topi Miettinen; fixed #57526,
+ #55873, 57532 Debian bugs),
+- userdel: user's group is already removed by update_groups().
+ remove_group() is not needed (bug introduced in 4.0.14 on merge FC fixes).
+ Fixed by Nicolas François <nicolas.francois@centraliens.net>,
+- useradd: allways remove group and gshadow databases lock, Fixed by Nicolas
+ François <nicolas.francois@centraliens.net>
+ (http://bugs.debian.org/348250)
+- auditing fixes:
+ - corrected prototypes in lib/prototypes.h (thre is no audit_help_log();
+ added audit_logger() prototype),
+ - useradd: fixed excess audit_logger() argument,
+- chage: added missing \n on display password status if password must be
+ chaged,
+- useradd: fixed allow non-unique UID (http://bugs.debian.org/351281),
+- variouse code cleanups for make possible compilation of shadow with -Wall
+ -Werror (by Alexander Gattin <xrgtn@yandex.ru>),
+- su: move exit() outside libmisc/shell.c::shell() for handle shell() errors
+ on higher level (now is better visable where some programs exit with 126
+ and 127 exit codes); added new shell() parameter (char *const envp[])
+ which allow fix preserving enviloment in su on using -p, (patch by
+ Alexander Gattin <xrgtn@yandex.ru>),
+- su: added handle -c,--command option for GNU su compliance (merge
+ 437_su_-c_option Debian patch),
+- login: added translate login prompt string (suggested by Evgeniy
+ Dushistov),
+- updated translations: ca, cs, da, el, es, eu, gl, fi, fr, it, nb, nl, pt,
+ pt_BR, ro, ru, sk, sv, tl, vi, zh_CN,
+- new translations: gl.
+*** documentation:
+- ru man pages: added new nologin(8) and updated all other man pages (by
+ Yuri Kozlov <kozlov.y@gmail.com>),
+- chsh(1), su(1): update fi translations generated from XML files
+ (Tommi Vainikainen <thv+debian@iki.fi>),
+- expiry(1), faillog(5), faillog(8), gpasswd(1), groupadd(8), groupdel(8),
+ logoutd(8), nologin(8), vipw(8): added new cs man pages, (by Miroslav Kure
+ <kurem@upcase.inf.upol.cz>)
+- login.defs(5): default UMASK if not specified in login.defs is 022
+ (pointed by Peter Vrabec <pvrabec@redhat.com>),
+- useradd(8): better document that -d will not add the user's home directory
+ if it does not already exist (http://bugs.debian.org/154996),
+- nologin(8) man pages added (merge 478_nologin.8.xml Debian patch).
+
+shadow-4.0.13 -> shadow-4.0.14 03-01-2006
+
+*** general:
+- fixes in handling login.defs: $MAIL_FILE is used in userdel and usermod,
+ $MD5_CRYPT_ENAB is used by crypt_make_salt, which is used by chpasswd,
+ gpasswd and newusers.
+ Both variables moved to PAM not dependent (447_missing_login.defs_variables
+ Debian patch),
+- chage: fix chage display when the last change field is set to 0.
+ This is consistent with PAM (merge 427_chage_expiry_0 Debian patch),
+- su: if an password is expired, su should propose to change this password
+ (fixed http://bugs.debian.org/321384),
+- login: added auditing support (based on Fedora patch for login from util-linux),
+- useradd: merge PUG fixes from RedHat patch,
+- nologin: new program,
+- vipw: added a "quiet" mode (http://bugs.debian.org/190252),
+- newgrp: added auditing support (by Steve Grubb <sgrubb@redhat.com>),
+- switch over to a new logging function (by Steve Grubb <sgrubb@redhat.com>),
+- userdel: fix incorrect audit record in userdel
+ (https://bugzilla.redhat.com/bugzilla/174392),
+- userdel: remove the user's group unless it is not really a user-private group
+ for better PUG support (based on FC patch),
+- userdel: make the -f option force the removal of the user's group (even if it
+ is the primary group of another user)
+ (merge 453_userdel_-f_removes_group Debian patch),
+- usermod: rewrited for use getopt_long() (Christian Perrier <bubulle@kheops.frmug.org>),
+- grpck: fixed segmentation fault on using -s when /etc/gshadow is empty (fix by
+ Tomasz Lemiech <szpajder@staszic.waw.pl>),
+- passwd: remove handle -f, -g and -s options.
+- added handle -s/--shell, -m/-p/preserve-environment options like GNU su
+ (based on patches from Debian submited by
+ Nicolas François <nicolas.francois@centraliens.net>)
+- su: export $USER and $SHELL as well as $HOME (http://bugs.debian.org/11003 and
+ http://bugs.debian.org/11189),
+- su, vipw: rewrited for use getopt_long(),
+- su: log successful/failed through syslog (http://bugs.debian.org/190215),
+- updated translations: ca, cs, da, eu, fi, fr, it, pl, pt, ru, sv, tl, vi,
+- new translations: gl.
+*** documentation:
+- added es, ko vigr(8) and vipw(8), hu lastlog(8), ko vipw(8), zh_CN su(1),
+ zh_TW chpasswd(8) and su(1),
+- added tr man pages: chage(1), chfn(1), groupadd(8), groupdel(8), groupmod(8),
+ login(1), passwd(1), passwd(5), shadow(5), su(1) useradd(8), userdel(8),
+ usermod(8),
+- passwd5): added es, hu, pt_BR, zh_CN zh_TW translations,
+- added full set (up to date) fr man pages
+ (by Nicolas François <nicolas.francois@centraliens.net>),
+- pwck(1): document -q option,
+- WARNING: all translated man pages are now in UFT-8,
+- added full set of ru man pages (by Yuri Kozlov <kozlov.y@gmail.com>),
+- login(1): better explain the respective roles of login, init and getty with regards
+ to the utmp file (merge 440_manpages-login.1 Debian patch),
+- login(1): document how to initiate a trusted path on linux
+ (http://bugs.debian.org/305600),
+- userdel(8): document the -f option; document the group removal behavior (merge
+ 455_userdel.8.xml Debian patch),
+- groupadd(8), useradd(8): document that useradd/groupadd refuse adding entries already in an
+ external database (http://bugs.debian.org/282184),
+- updated it groupdel(8), passwd(1), pwconv(8), useradd(8), userdel(8), usermod(8) man pages
+ (merge 205_it-manpages Debian patch),
+- added fi chfn(1), chsh(1), passwd(1), su(1),
+- newusers(8): added it translation,
+- newgrp(1): added de, es, zh_CN, zh_TW translations.
+
+shadow-4.0.12 -> shadow-4.0.13 10-10-2005
+
+*** general:
+- chage: removed duplicated pam_start(),
+- chfn, chsh: finished PAM support usin pam_start() and co.,
+- userdel: userdel should not remove the group which is primary for someone else
+ (fix by Nicolas François <nicolas.francois@centraliens.net>
+ http://bugs.debian.org/295416),
+- login: use "%c" in strftime() output (based on patch from
+ http://bugs.debian.org/89902 by Christian Perrier <bubulle@debian.org>),
+- fixedlib/commonio.c: don't assume selinux is enabled if is_selinux_enabled()
+ returns -1 (merge isSelinuxEnabled FC patch by Jeremy Katz <katzj@redhat.com>),
+- login, su (non-PAM case): fixed setup max address space limits (added missing break
+ statement in case) spoted by Lasse Collin <lasse.collin@tukaani.org>,
+- auditing support added. Patch prepared by Peter Vrabec <pvrabec@redhat.com> basing
+ on work by Steve Grubb from http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159215
+ Now auditing support have commands: chage, gpasswd, groupadd, groupdel, groupmod,
+ useradd, userdel, usermod.
+- chage, chfn, chsh, passwd: change to use new selinux API for
+ selinux_check_passwd_access() (patch from Fedora by Dan Walsh <dwalsh@redhat.com>),
+- use #ident preprocesor directive istead RCID macro with content similar
+ to example described in ident(1) man page (modern compilers like latest GCC
+ removes not used functions by global optimization).
+ So "ident /usr/bin/passwd" will show again some useable informations
+- su: fixed twice copy enviroment which causes auth problems
+ (bug was introduced in 4.0.12; fix by Nicolas François <nicolas.francois@centraliens.net>),
+- chage: differentiate the different failure causes by the exit value
+ This will permit to adduser Debian script to detect if chage failed because the
+ system doesn't have shadowed passwords (fix for http://bugs.debian.org/317012),
+- merge 010_more-i18ned-messages Debian patch which adds i18n support for few
+ more messages (orginaly patch was prepared by Guillem Jover <guillem@debian.org>),
+- lastlog: added handle -b option which allow print only lastlog records older than
+ specified DAYS (fix by <miles@lubin.us>),
+- chpasswd, gpasswd, newusers: fixed libmisc/salt.c for use login.defs::MD5_CRYPT_ENAB
+ only if PAM support is disabled (fix by John Gatewood Ham <zappaman@buraphalinux.org>),
+- passwd: rewrited for use getopt_long(),
+- newgrp: when newgrp process sits between parent and child shells, it should
+ propagate STOPs from child to parent and CONTs from parent to child,
+ otherwise e.g. bash's "suspend" command won't work
+ Fixed Debian http://bugs.debian.org/314727
+- updated translations: da, es, fr, pt, ro, ru.
+*** documentation:
+- chsh(1), groupadd(8), newusers(8), pwconv(8), useradd(8), userdel(8), usermod(8):
+ added missing references to /etc/login.defs and login.defs(5)
+ (Christian Perrier <bubulle@kheops.frmug.org>),
+- passwd(5): rewrited based on work by Greg Wooledge <greg@wooledge.org>
+ http://bugs.debian.org/328113
+- login(1): added securetty(5) to SEE ALSO section
+ (fixed Debian bug http://bugs.debian.org/325773),
+- groupadd(8), useradd(8): fix regular expression describing alloved login/group
+ names (pointed by Nicolas François <nicolas.francois@centraliens.net>)
+ (correct is [a-z_][a-z0-9_-]*[$]),
+- groupadd(8), useradd(8): documents in CAVEATS section the limitations shadow
+ places on user and group names (fix by Mike Frysinger <vapier@gentoo.org>).
+- chage(1), groupadd(8): document -h,--help option.
+
+shadow-4.0.11.1 -> shadow-4.0.12 22-08-2005
+
+*** general:
+- newgrp, login: remove using login.defs::CLOSE_SESSIONS variable and allways
+ close PAM session,
+- fixed configure.in: realy enable shadow group support by default (pointed by
+ Greg Schafer <gschafer@zip.com.au> and Peter Vrabec <pvrabec@redhat.com>),
+- login.defs: removed handle QMAIL_DIR variable,
+- login: allow regular user to login on read-only root file system (not only for root)
+ Patch by Nicolas François <nicolas.francois@centraliens.net>
+ Fix for http://bugs.debian.org/52069
+- gpasswd, grpck, grpconv, grpuconv: added flushing group nscd cache,
+- pwck, pwconv: added flushing passwd nscd cache,
+- usermod: fixed handle -p option (patch by Peter Vrabec <pvrabec@redhat.com>),
+- chage: use -1 as value for disable password inactivity, expiration date and
+ checking an password validation.
+ Based on patch by Peter Vrabec <pvrabec@redhat.com> which fixes:
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=109499
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=137498
+ and on 427_chage_expiry_0 Debian patch (fix for http://bugs.debian.org/78961)
+- useradd: do not copy files from skel directory if home directory exist and write
+ warning message about not copying skel files
+ Patch by Peter Vrabec <pvrabec@redhat.com> which fixes:
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=143150
+ https://bugzilla.redhat.com/beta/show_bug.cgi?id=158574
+ https://bugzilla.redhat.com/beta/show_bug.cgi?id=80242
+- su: ignore SIGINT while authenticating. A ^C could defeat the waiting
+ period and permit brute-force attacks (fixed http://bugs.debian.org/288827),
+- uClibc fixes (by Martin Schlemmer <azarah@nosferatu.za.org>):
+ added require ngettext (added [need-ngettext] to AM_GNU_GETTEXT() parameters)
+ and stub prototype for ngettext() in lib/prototypes.h (neccessary if shadow
+ compiled with disabled NLS support)
+- groupadd: rewrited for use getopt_long(),
+- groupadd, groupdel, groupmod, userdel: do OPENLOG() before pam_start(),
+- groupadd: fixed double OPENLOG(),
+- removed lib/{grpack,gspack,pwpack,sppack}.c and prototypes from lib/prototypes.h
+ (outdated),
+- newusers: added flushing passwd and group nscd caches,
+- passwd, pwunconv, userdel, vipw: remove flushing shadow nscd cache (nscd do not caches
+ shadow map),
+- pwck: now pwck OPENLOG with correct name ("pwck" instead "pwsk")
+ (fix by Alexander Gattin <arg@online.com.ua>),
+- pwck, grpck: replace all puts() with printf() - it fixes problems with extra blank
+ lines printed in some messages
+ (fix by Alexander Gattin <arg@online.com.ua>),
+- passwd: use separated message "Password set to expire." instead "Password changed."
+ on "passwd -e" (fix by Christian Perrier <bubulle@debian.org),
+- updated translations: cs, de, fi, fr, nl, pl, pt, ru, sk.
+*** documentation:
+- regenerate all roff man pages using DocBook XSLT Stylesheets 1.69.1,
+- usermod(8): give the correct range for system users (0-999 instead of 0-99),
+ (http://bugs.debian.org/286258)
+- chage(8): better description -1 value passwd in -E, -I and -M options,
+- regenerate all roff man pages using DocBook XSLT Stylesheets 1.69.0.
+
+shadow-4.0.11 -> shadow-4.0.11.1 21-07-2005
+
+*** general:
+- fixed configure.in: now is possible build shadow with enabled/disabled shadow group
+ support (thanks for report symptoms of the bug to Greg Schafer <gschafer@zip.com.au>),
+- updated translations: sv.
+
+shadow-4.0.10 -> shadow-4.0.11 18-07-2005
+
+*** general:
+- su: ignore SIGINT while authenticating. A ^C could defeat the waiting period and
+ permit brute-force attacks. Also ignore SIGQUIT.
+ Fixed: http://bugs.debian.org/52372 and http://bugs.debian.org/288827
+- useradd: rewrited for use getopt_long(),
+- newgrp: add fix for handle splitted NIS groups: extends the functionality that,
+ if the requested group is given, all groups of the same GID are tested for
+ membership of the requesting user.
+ (fix by Christian Mudra <C.Mudra@science-computing.de>)
+- fix nscd_flush_cache(): for some reason doing the INVALIDATE call with two
+ write()'s fails. Do one writev() call instead.
+ http://bugs.gentoo.org/show_bug.cgi?id=80413
+ (submited by Martin Schlemmer <azarah@gentoo.org>)
+- merge nscd-socket-path patch from Fedora: newer glibc's have a different nscd socket
+ location (/var/run/nscd/socket instead /var/run/.nscd_socket),
+- S/Key support is back,
+- usermod: added -a option. This flag can only be used in conjunction with the -G
+ option. It cause usermod to append user to the current supplementary group list.
+ (patch by Peter Vrabec <pvrabec@redhat.com>)
+- chage: added missing \n in error messages,
+- useradd, groupadd: change -O option to -K and document it in man page,
+- su, sulogin, login: fixed erroneous warning messages when used with PAM about some
+ login.defs variables (fix by DJ Lucas <dj@linuxfromscratch.org>),
+- autoconf:
+-- stop with error message if crypt() not found,
+-- remove --with{,out}-libcrypt switch,
+-- move all autoheader templates from acconfig.h to configure.in,
+- login: setup limits and umask (using login.defs ULIMITS and UMASK variables) only when
+ PAM support is disabled (it is task for pam_limits and pam_umask modules),
+- sulogin, login: use SYSLOG macro instead syslog() which saves the locale, sets the
+ locale to C, sends the message and restores the locale
+ (fix by Nicolas François <nicolas.francois@centraliens.net>).
+- updated translations: cs, da, de, es, fi, pl, pt, ro, ru, sk.
+*** documentation:
+- pwck(8): document -q option (based on Debian patch for fix http://bugs.debian.org/309408)
+- pwck(8): rewrited OPTIONS section and better SYNOPSIS,
+- lastlog(8): document that lastlog is a sparse file, and don't need to be rotated
+ http://bugs.debian.org/219321
+- login(8): better explain the respective roles of login, init and getty with regards
+ to the utmp file (based on 441_manpages-shadow.5 Debian patch),
+- shadowconfig(8): removed (will be maintained in Debian shadow pkg repository),
+- groupadd(8): document -o option,
+- in SEE ALLSO section in groupadd(8), groupdel(8), groupmod(8), userdel(8), usermod(8)
+ added refer to gpasswd(8) (suggested by Mike Frysinger <vapier@gentoo.org>).
+
+shadow-4.0.9 -> shadow-4.0.10 28-06-2005
+
+*** general:
+- mkpasswd: removed,
+- userdel: now deletes user groups from /etc/gshdow as well as /etc/group.
+ Fix by Nicolas François <nicolas.francois@centraliens.net>.
+ http://bugs.debian.org/99442
+- usermod: when relocating a user's home directory, don't fail and remove the new
+ home directory if we can't remove the old home directory for some
+ reason; the results can be spectularly poort if, for instance, only
+ the rmdir() fails. Patch prepared by Timo Lindfors <lindi-spamtrap@newmail.com>.
+ http://bugs.debian.org/166369
+- su: fix syslogs to be less ambiguous. Use old:new format instead of old-new
+ because '-' can appear in usernames
+ http://bugs.debian.org/213592
+- removed not used now libmisc/setup.c,
+- login: use also UTMPX API instead UTMP on failure (login was affected for this
+ when shadow was builded without PAM support)
+ patch by Nicolas François <nicolas.francois@centraliens.net>
+- login: the PAM session needs to be closed as root, thus before change_uid()
+ http://bugs.debian.org/53570 http://bugs.debian.org/195048 http://bugs.debian.org/211884
+- login: made login's -f option also able to use the username after -- if none
+ was passed as it's optarg
+ http://bugs.debian.org/53702
+- login: check for hushed login and pass PAM_SILENT if true,
+ http://bugs.debian.org/48002
+- login: fixed username on succesful login (was using the normal username,
+ when it should have used pam_user) http://bugs.debian.org/47819
+- remove using SHADOWPWD #define so now shadow is allways builded with shadow
+ passwowd support,
+- chage: rewrited for use getopt_long(),
+- updated translations: ca, cs, da, fi, pl, ru, zh_TW.
+*** documentation:
+- most of the man pages now are generated from XML files so in case submiting any
+ chages to this resources please make diff to XML files,
+- chfn: give more details about the influence of login.defs on what's allowed to
+ users.
+
+shadow-4.0.8 -> shadow-4.0.9 23-05-2005
+
+*** general:
+- passwd: fixed segfault in non-PAM connfiguration
+ (submited by Greg Schafer <gschafer@zip.com.au>),
+- newgrp: fixed NULL pointer dereference - getlogin() and ttyname() can
+ return NULL which is not checked (http://bugs.debian.org/162303),
+- updated translations: ro, ru,
+- added new translations: vi,
+- lib/getdef.c: leaves the table as it is, and changes from the binary search to
+ a sequential one (Lucas Correia Villa Real <lucasvr@gobolinux.org>),
+- lastlog: fixed --help message (s,--login,--user,) http://bugs.debian.org/249611.
+
+shadow-4.0.7 -> shadow-4.0.8 26-04-2005
+
+*** general:
+- remove not working OPIE and SKEY support,
+- chage, useradd, usermod: reduce multiple OPENLOG() calls,
+- passwd: fix #61313 Debian bug: "passwd -S root" (as a normal user) should not
+ display "You may not change the password for root.",
+- vipw: fixed race condition (Debian #242407 bug; fix by Alexander Gattin
+ <arg@online.com.ua>),
+- configure.in: add using AC_GNU_SOURCE macro for kill compilation warnings about
+ implicit declaration of function `fseeko',
+- faillog: changed faillog record display format for allow fit in 80 columns all
+ faillog atributies,
+- removed NDBM code (unused),
+- fixed use of SU_WHEEL_ONLY in su. Now su realy is avalaible for wheel group
+ members. Thanks to Mike Frysinger <vapier@gentoo.org> for report:
+ http://bugs.gentoo.org/show_bug.cgi?id=80345
+- drop never finished kerberos and des_rpc support (for kerberos support back firs
+ must be prepared modularization),
+- fixed UTMP path detection (by Kelledin <kelledin@users.sf.net>),
+- useradd: rewrited group count to dynamic (by John Newbigin
+ <jnewbigin@ict.swin.edu.au>),
+- login: fixed create lastlog entry fo users never loged in on non-PAM
+ variant of login (fix by <oracular@ziplip.com>),
+- remove handle login.defs::NOLOGIN_STR (never used),
+- useradd: fixes a potential security problem when mailbox is created in
+ useradd.
+ Patch and comment by Koblinger Egmont <egmont@uhulinux.hu>:
+ Only two arguments are passed to the open() call though it expects three
+ because O_CREAT is present. Hence the permission of the file first becomes
+ some random garbage found on the stack, and an attacker can perhaps open
+ this file and hold it open for reading or writing before the proper
+ fchmod() is executed. (Actually, we could also pass the final "mode" to
+ the open() call and then save the consequent fchmod().)
+- SELinux changes: added changes in chage, chfn, chsh, passwd for allow
+ construct more grained user password/accuunt properties on SELinux
+ policies level. Patch originally based on RH changes (submited by Chris
+ PeBenito <pebenito@gentoo.org>),
+- added SELinux changes: in libmisc/copydir.c (based on Fedora patch),
+- updated translations: cs, da, es, eu, fi, fr, it, ko, nl, pl, pt, sk, uk,
+- added new translations: tl,
+- reindent all source code using -l80,
+*** documentation:
+- it man pages (by Danilo Piazzalunga <danilopiazza@libero.it>):
+-- updated: chfn.1, chsh.1, groups.1, grpck.8, grpconv.8,
+ grpunconv.8, id.1, lastlog.8, login.1, newgrp.1, pwunconv.8, shadow.5,
+ vigr.8, vipw.8,
+-- new: chage.1, chpasswd.8, expiry.1, faillog.5, faillog.8, getspnam.3,
+ logoutd.8, porttime.5, pwck.8, shadow.3, shadowconfig.8, su.1,
+- passwd(1): fix #160477 Debian bug: improve -S output description,
+- newgrp(1): fix #251926, #166173, #113191 Debian bugs: explain why editing /etc/group
+ (without gshadow) doesn't permit to use newgrp,
+- newgrp(1): newgrp uses /bin/sh (not bash),
+- faillog(8): updated after rewrited faillog command for use getopt_long(),
+- login(1): removed fragment about abilities pass enviroment variables in login prompt,
+- gshadow(5): new file (by Nicolas Nicolas François <nicolas.francois@centraliens.net>),
+- usermod(8): fixed #302388 Debian bug: added separated -o option description,
+
+shadow-4.0.6 -> shadow-4.0.7 26-01-2005
+
+- updated translations: da, es, fi, it, nl, pl, pt,
+- added zh_TW translation (from Debian resources),
+- remove unused now files in lib/ directory,
+- switch faillog to use getopt_long(),
+- added de vigr(8), vipw(8) man pages (from Debian resources),
+- added ro, sq translations (from Debian resources),
+- fixed large file support in lastlog and faillog:
+-- added AC_SYS_LARGEFILE macro to autoconf,
+-- use fseeko() instead fseek() and remove casting file offsets to unsigned
+ long.
+- lastlog:
+-- rewrited source code using the same style as in chpasswd.c,
+-- open lastlog file after finish parse comman line optiomns
+ (now --help otput can be displayd for users without lastlog
+ file read permission),
+-- cleanups in lastlog(8) man page using the same style as in
+ chpasswd(8).
+- chpasswd:
+-- switch chpasswd to use getopt_long() and adds a --md5 option
+ (by Ian Gulliver <ian@penguinhosting.net>),
+-- rewrited chpasswd(8) man page.
+
+shadow-4.0.5 -> shadow-4.0.6 08-11-2004
+
+- su: fixed adding of pam_env env variables to enviroment
+ (Martin Schlemmer <azarah@nosferatu.za.org>),
+- autoconf: fixed filling MAIL_SPOOL_DIR and MAIL_SPOOL_FILE variables
+ which was allways empty (Gregorio Guidi <g.guidi@sns.it>),
+- realuy closse security bug in libmisc/pwdcheck.c,
+- added missing template/example PAM service config files for chfn, chsh and
+ userdel,
+- do not translate variable names from /etc/default/useradd during
+ "useradd -D".
+
+shadow-4.0.4.1 -> shadow-4.0.5 27-10-2004
+
+- change libmisc to private static library,
+- added SELinux support (basing on patch from Gentoo),
+- chage: more verbose/human readable -l output. This output is much more
+ beter for send directly via email for each users as message with account
+ status (for example as message with warning about account/password expiration),
+- login: fixed handle -f option: now it works correctly without specify "-h
+ <host>" if open login session localy is required (thanks for help
+ investigate bug for Krzysztof Kotlenga),
+- userdel: when removing a user with userdel, userdel was always exits with 1 (fixed).
+ Based on http://bugs.gentoo.org/show_bug.cgi?id=66687,
+- useradd: added handle /etc/defaults/useradd::CREATE_MAIL_SPOOL={yes|no}.
+ Now on adding user account can be also created empty user mail spool.
+ Curent code handle only mailbox.
+ TODO: add handle create user mail spool in maildir format.
+- useradd: when placing symlinks into /etc/skel copy_tree of
+ libmisc/copydir.c will properly create the symlink in the destination
+ directory but not change the ownership to the target user/group. This
+ makes httpd Option SymlinkIfOwnerMatch break for default weg pages
+ including symlinks placed into /etc/skel/public_html for example.
+ http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=66819
+- su: add pam_open_session() support. If builded without PAM support
+ propagate $DISPLAY and $XAUTHORITY enviroment variables.
+ Based on http://www.gentoo.org/cgi-bin/viewcvs.cgi/sys-apps/shadow/files/shadow-4.0.4.1-su-pam_open_session.patch?rev=1.1
+- applied 036_pam_access_with_preauth.patch Debian patch submited by Bjorn
+ Torkelsson <Bjorn.Torkelsson@hpc2n.umu.se>: add support for PAM account
+ management to restrict access using pam_access when login is invoked with -f.
+- applied Owl patches by Solar Designer <solar@openwall.com>:
+ shadow-4.0.4.1-owl-pam-auth.diff:
+ Moved the PAM authentication in user management commands after
+ command-line parsing, made it use separate service names for each command.
+ Use constant strings rather than argv[0] for syslog ident in the user
+ management commands,
+ shadow-4.0.4.1-owl-tmp.diff:
+ Remove using mktemp() if mkstemp() prototype not found (use allways mkstemp()),
+ shadow-4.0.4.1-owl-check-reads.diff:
+ Add checking for read errors in commonio and vipw/vigr (not doing so could
+ result in data loss when the records are written back),
+- fixed securirty bug in libmisc/pwdcheck.c which allow unauthorized
+ account properties modification.
+ Affected tools: chfn and chsh.
+ Bug was discovered by Martin Schulze <joey@infodrom.org>.
+- added it translation (by Danilo Piazzalunga <danilopiazza@libero.it>),
+- added sk translation (by Peter Mann <Peter.Mann@tuke.sk>, submited by Christian
+ Perrier <bubulle@kheops.frmug.org>),
+- added es translation (by Ruben Porras <nahoo82@telefonica.net>),
+- updated ko translation (by Changwoo Ryu <cwryu@debian.org>),
+- added fi translation (by Tommi Vainikainen <thv@iki.fi>),
+- new translations: bs, ca, da, eu, he, id, nb, nl, nn, pt, pt_BR, tr,
+ zh_CN (stolen from Debian),
+- remove adduser(8) roff include man page to useradd(8).
+
+shadow-4.0.4 => shadow-4.0.4.1 14-01-2004
+- bug fixes in automake files for generate correct tar ball on "make dist":
+ added mising "EXTRA_DIST = $(man_MANS)" in man/*/Makefile.am.
+
+shadow-4.0.3 => shadow-4.0.4 14-01-2004
+
+*** general:
+- added missing information about -f options in groupadd usage mesage
+ (document this also in man page),
+- removed TCFS support (tcfs is dead),
+- convert all po/*.po files to utf-8,
+- one TODO entry gone: fix nscd flushing databases on change (use
+ per service flushing method instead HUPing nscd process),
+- removed old AUTH_METHODS dependent code,
+- chage: now all code depend on SHADOWPWD. If shadow will not be configured
+ on autoconf level for using shadow possword chage is olny stub which
+ informs "chage not configured for shadow password support."
+- dpasswd: removed,
+- login: remove handle login.defs::DIALUPS_CHECK_ENAB code,
+- login: remove handle login.defs::NO_PASSWORD_CONSOLE code,
+- ALL tools, libraries: remove old SVR4, SVR4_SI86_EUA BSD_QUOTA and ATT_AGE
+ dependent code,
+- ALL: ready for gettext 0.11.5, automake 1.7.4, autoconf 2.57,
+- logoutd, userd: handle also utmpx if avalaile,
+- newgrp: fix for non-PAM version
+ Use CLOSE_SESSIONS depending code only when USE_PAM.
+ The problem was reported by Mattias Webjorn Eriksson using Slackware
+ 8.1 and reproduced it using slackware-current (9.0beta) (fix submited by
+ Simon Williams <simon@no-dns-yet.org.uk>),
+- fix in too_many_failures() function: incorrect if() condition in non-PAM
+ dependent code in fail login handling (fixed by Krzysztof
+ Oledzki <ole@ans.pl>),
+*** documentation:
+- install groups(1) man page (moved from EXTRA_DIST to man_MANS),
+- removed pwauth(8), d_passwd(5), dialups(5) man pages,
+- remove text about password aging from passwd(5) (based on Debian changes),
+- document useradd and groupadd -M option in en and pl man pages
+ (by Jakub Mikusek <mick3y@o.k.pl>).
+- added ru passwd(1) man page from KSI resources,
+- added es man pages found in Conectiva distribution resources,
+- added chch(1), chfn(1) man pages from chinese man pages translation
+ project,
+- added id(1) man page czech man pages translation project,
+- updated ja man pages and added expiry(1),
+- removed old doc/ANNOUNCE,
+- updated german passwd(1), chsh(1) and login(1) man page and added chfn(1)
+ (by Josef Spillner <josef@ggzgamingzone.org>),
+- many other cleanups and unifications in man pages.
+
+shadow-4.0.2 => shadow-4.0.3 13-03-2002
+
+- added variouse cs, de, fr, id, it, ko man pages found mainly in national
+ man pages translations projects (this documents are not synced with
+ current en version but you know .. "Documentations is lik sex. When it is
+ good it very very good. Whet it is bad it is better than nothing."). Any
+ changes for syncing this are welcome and for anyone who will want maintain
+ this documents directly I can give cvs write access to project resources.
+- added new de translation (by Frank Schmid <frank@cs-schmid.de>).
+- fixed building --with-shared: swapped utent (in src/login.c and
+ libmisc/utmp.c) and pwent (in libmisc/suauth.c and src/su.c)
+ definition/extern (by Dimitar Zhekov <jimmy@is-vn.bg>).
+- minor changes and updates in man pages (also merged
+ shadow-4.0.0-owl-man.patch by Solar Designer <solar@openwall.com>).
+
+shadow-4.0.1 => shadow-4.0.2 17-02-2002
+
+- resolve many fuzzy translations also all this which may cause problems on
+ displaing long uid/gid,
+- allow use "$" on ending in cereated by useradd usermname accounts for allow
+ create machine acounts for samba (thanks to Jerome Borsboom
+ <borsboom@tch.fgg.eur.nl> for point this problem in 4.0.1),
+- fix small but ugly bug in configure.in in libpam_mics library detection.
+
+shadow-4.0.0 => shadow-4.0.1
+
+- added ability to log session closes in newgrp
+ (Joseph Parmelee <jparmele@wildbear.com>),
+- add -pcs to .indent.pro file and reindent all code in src/,
+- remove "\n" from all SYSLOG() messages,
+- finish integrate AGING code into SHADOWPW,
+- remove handle old HAVE_USERSEC_H code,
+- updated ja and added hu man pages,
+- applied patches by Solar Designer <solar@openwall.com>:
+ shadow-4.0.0-owl-chage-drop-priv.diffd
+ shadow-4.0.0-owl-chage-ro-no-lock.diff:
+ Added locks which are needed when doing r/w accesses, not when running
+ as root. If root does read-only, there's no lock needed. Added missing
+ "#include <errno.h>" for above (me).
+ shadow-4.0.0-owl-warnings.diff
+ Olny one fix from this patch was aplayd because other was fixed few days
+ before :)
+ shadow-4.0.0-owl-check_names.diff
+ Merge only prat this patch with checking login name matching; checking
+ is login string isn't longer than possible it will be good prepare using
+ probably _POSIX_LOGIN_NAME_MAX from <bits/posix1_lim.h>,
+ shadow-4.0.0-owl-chage-drop-priv.diff
+ shadow-4.0.0-owl-pam-auth.diff
+ Merge part with reorder initialize PAM and checkin is chage is runed by
+ root or not - now chage can be runed from non-root account for checking
+ by user own account information (if PAM enabled).
+- fixes for handle/print correctly 32bit uid/gid (Thorsten Kukuk <kukuk@suse.de>),
+- implemented functions for better reloading the nscd cache (per NSS map)
+ (Thorsten Kukuk <kukuk@suse.de>),
+- fixed warnings "not used but defined" on compile using gcc 3.0.x
+ (bulletpr00ph <bullet@users.sourceforge.net>),
+- added ja, ko translations found in SuSE,
+- added symlinks: newgrp -> sg, vipw -> vigr,
+- added vigr(1) man page as roff .so link to vipw(1),
+- added sg(1) man page as roff .so link to newgrp(1),
+- installed fix for SEGV when using pwck -s on /etc/passwd file with
+ empty lines in it.
+
+shadow-20001016 => shadow-4.0.0 06-01-2002
+
+- fix bug discovered and fixed by Marcel Ritter
+ <Marcel.Ritter@rrze.uni-erlangen.de>
+ Due to a big buffer size in lib/commonio.c this error does only appear
+ if a line gets longer than 4096 bytes (there are probably very few people
+ stumbling across this).
+ Ths bug can be exposed by trashing /etc/groups file using useradd with script:
+ #!/bin/sh
+ typeset -i NUM
+ NUM=0
+ groupadd demogroup
+ while [ $NUM -le 1000 ]; do
+ useradd -g demogroup -G demogroup -p "NONE" user$NUM
+ NUM=$NUM+1
+ done
+- remove limit 32 to groups per user by (the same user can belong to
+ more than 32 groups) by use sysconf(_SC_NGROUPS_MAX) instead constant
+ NGROUPS_MAX (patch by Radu Constantin Rendec <radu.rendec@ines.ro>)
+ NOTE: it probably need testing on other system for add
+ some condition for using sysconf(_SC_NGROUPS_MAX) or NGROUPS_MAX constant,
+- added -s option to {pw,grp}ck to sort checked files by UID/GID,
+- drop detecting is pam_strerror() need one or two arguments. Instead using
+ PAM_STRERROR() macro use directly pam_strerror() function with two
+ arguments. pam_strerror() with one argument is obsoleted,
+- adde ja man pages (probably some man pages need update),
+- much better automake support,
+- added pt_BR man pages for gpasswd(1), groupadd(8), groupdel(8),
+ groupmod(8), shadow(5) (man pages for other nations also are welcome),
+- mamny small fixes and updates nad improvements in man pages,
+- aplayed Debian patch to man pages for shadowconfig,
+- remove limit to 6 chars logged tty name (012_libmisc_sulog.c.diff Debian
+ patch).
+
+shadow-20001012 -> shadow-20001016:
+- conditionaly disabled body reload_nscd() because not every
+ version of nscd can handle it (this can be enabled by define
+ ENABLE_NSCD_SIGHUP) (Marek Michałkiewicz <marekm@linux.org.pl>)
+- fixes on autoconf/automake level for dist target,
+- Julianne F. Haugh new contact adress.
+
+shadow-20000902 => shadow-20001012
+
+- removed /redhat directory with obsoleted files (partialy rewrited spec
+ file is now in root directory),
+- aplayed shadow-19990827-group.patch patch from RH wich prevents adduser
+ overwrite previously existing groups in adduser,
+- added PAM support for chage (bind to "chage" PAM config file) also
+ added PAM support for all other small tools like chpasswd, groupadd,
+ groupdel, groupmod, newusers, useradd, userdel, usermod (bind to common
+ "shadow" PAM config file) - this modificaytions mainly based on
+ modifications prepared by Janek Rękojarski <baggins@pld.org.pl>,
+- many small fixes and improvments in automake (mow "make dist"
+ works correctly),
+- added cs translation (Jiri Pavlovsky <Jiri.Pavlovsky@ff.cuni.cz>).
+
+shadow-20000826 => shadow-20000902
+
+This is probably the last release from me.
+Tomasz Kloczko <kloczek@rudy.mif.pg.gda.pl> is the new maintainer.
+Good luck!
+
+(I'm still interested to know what is going on with this package,
+which is fairly important to many Linux distributions, so please
+Cc: marekm@linux.org.pl in any related discussions - just don't
+expect me to respond quickly...)
+
+Previous warning still applies - be careful!
+
+- applied some of the Red Hat patches (revised slightly), thanks to
+ Bernhard Rosenkraenzer <bero@redhat.de>: fix for truncated long
+ lines (>8K) in /etc/group, send SIGHUP to nscd (caching daemon
+ in glibc 2.1.x) after changing anything, add usermod -L and -U
+ options, remove LOG_CONS from openlog(), chage -d and -E handles
+ dates in yyyy-mm-dd format ('/' is not required)
+- various cleanups
+
+shadow-19990827 => shadow-20000826
+
+WARNING: this release is not tested (other than that it compiles for me),
+please be careful. Previous release was a year ago, so it is really time
+to release something and start looking for a new, better maintainer...
+(I've been extremely busy recently. Credit for most of the real work,
+such as complete PAM support, should go to Ben Collins <bcollins@debian.org>
+who maintains this package for Debian.)
+
+- merged most of the changes from Debian (not all of them yet, PAM support
+ should be complete but is not tested - need to upgrade to potato first)
+- added Polish translations of manual pages from PLD
+- change sulog() to not depend on global variables oldname, name
+- try to not follow symbolic links when deleting files recursively
+ in userdel (still not perfect, safest to do it in single user mode)
+- removed workarounds for ancient (pre-ANSI) C compilers - use gcc!
+ (a few ANSI C constructs were used already, and no one complained)
+- updated author's e-mail address (jfh@bga.com -> jfh@austin.ibm.com)
+
+shadow-19990709 => shadow-19990827
+
+- upgrade to autoconf-2.13, automake-1.4, libtool-1.3.3
+- i18n: added French translation by Vincent Renardias <vincent@ldsol.com>
+- i18n: added Swedish translation by Kristoffer Brånemyr <ztion@swipnet.se>
+- logoutd no longer reads /etc/logoutd.mesg at startup - instead, read
+ it when sending to luser's tty (no need to reload with SIGHUP)
+- added support for "usergroups" feature often found in Linux distributions
+ (if USERGROUPS_ENAB in login.defs set to "yes", uid != 0, uid == gid, and
+ username == groupname, then set umask to 002 instead of 022)
+- Debian: pwck and grpck are now run from a daily cron job (root will
+ receive an e-mail if something is wrong), and at system startup
+- added support for setting umask in /etc/limits
+- when using OPIE, re-prompt with echo on after empty password was entered
+- GETPASS_ASTERISKS now run time configurable (login.defs)
+- getpass() now uses stdin and stderr (not stdout) if it can't open /dev/tty
+- getpass() allows all input to be erased using Control-U, and beeps when
+ too many characters are entered
+- removed obsolete sgtty support, in 1999 everyone should have termios :)
+- Debian: tar wrapper no longer needed to build packages as non-root user
+ (install libtricks, and use "dpkg-buildpackage -rfakeroot" instead)
+- Debian: changes for GNU Hurd by Marcus Brinkmann <brinkmd@debian.org>:
+ dpkg-architecture, cross compilation, only build passwd, add
+ etc/login.defs.hurd conffile, conditionalize CBAUD
+- newgrp sets $HOME before running the new shell
+- both "sg group command" (usage message) and "sg group -c command"
+ (man page) work, updated both the usage message and the man page :)
+- i18n: added missing _() for some translatable strings
+
+shadow-19990607 => shadow-19990709
+
+- added PAM support to chfn and chsh (thanks to Thorsten Kukuk)
+- fixed a bug in newgrp if the user is in >= 17 groups
+- added @LIBSKEY@ to LDADD for all programs (for some reason,
+ almost all programs need it if skey/opie support is enabled)
+- changed grpconv/grpunconv to compile with --disable-shadowgrp
+- changed faillog to do something (assume -p) with no options specified
+- updated version of the udbachk passwd/shadow/group file integrity
+ checker (contrib/udbachk.v012.tgz)
+
+shadow-19990307 => shadow-19990607
+
+- upgraded to libtool-1.2, latest config.{guess,sub}
+- added missing #include "defines.h" in libmisc/login_desrpc.c - thanks
+ to almost everyone for reporting it :-)
+- moved PAM-related defines to pam_defs.h
+- added some braces to if/else to avoid egcs warnings
+- started adding PAM support to login (based on util-linux, not finished yet)
+- changed "!" to "x" for pw_passwd in src/newusers.c
+- a few more Y2K fixes
+- added contrib/udbachk.tgz (passwd/shadow/group file integrity checker),
+ thanks to Sami Kerola
+- Debian: made /etc/{limits,login.access,login.defs,porttime,securetty}
+ files all mode 0600 (Bug#38729 - login: /etc/limits is world readable)
+- updated mailing list information (moved again, now hosted by SuSE),
+ updated README.mirrors, other minor documentation updates
+- made getpass work with redirected stdin
+- new readpass echoing asterisks disabled by default by popular demand
+ (can be enabled at compile time: ./configure --enable-readpass)
+- the random number of asterisks in readpass is now more random
+ (random number generator initialization was missing)
+- commented out --enable-md5crypt (obsolete) in configure.in
+- when checking for libskey, link with -lcrypt if libcrypt is available
+ (otherwise the configure test for libskey fails - libskey needs libcrypt)
+- added Package/Version ident strings (so you can use the RCS "ident"
+ command to check any binary, which version of shadow it comes from)
+
+shadow-981228 => shadow-19990307
+
+- added support for setting process priority in /etc/limits
+- i18n: updated Greek translation
+- i18n: added Polish translation by Arkadiusz Miskiewicz
+- documented the -p option in useradd.8 and usermod.8 man pages
+- some "const" gcc warning fixes
+- attempt to fix lib/snprintf.c compilation problems
+- added restart/reload/force-reload to /etc/init.d/logoutd (found by lintian)
+- always require password for root logins (even with NO_PASSWORD_CONSOLE)
+- workaround for RedHat's CREATE_HOME feature in /etc/login.defs
+- changed to Y2K compatible version numbering
+- more Y2K fixes, use the ISO 8601 date format (yyyy-mm-dd) for default
+ values of user-entered dates (you can still enter dates in any format
+ supported by GNU date)
+- oops, added doc/README.nls to list of files to distribute
+- added missing sanitize_env() call to src/login.c
+- debian/rules installs /bin/login non-setuid by default, just in case...
+- build Debian packages with cracklib support (depends on cracklib-runtime)
+
+shadow-980724 => shadow-981228
+
+- login now clears the username in argv[] (in case someone types the
+ password instead of username, by mistake)
+- i18n support, Greek translation (Nikos Mavroyanopoulos), see README.nls
+- updated author's e-mail address (jfh@tab.com -> jfh@bga.com)
+- new getpass() replacement that displays *'s (Pavel Machek)
+- no password required when logging in from ttys listed under
+ NO_PASSWORD_CONSOLE in login.defs (Pavel Machek)
+- fixed limits code so RLIMIT_AS should work
+- upgraded to Debian 2.0
+- built a new machine (P2 350MHz, 64MB RAM) so the thing can be compiled
+ in reasonable time again
+- upgraded to automake-1.3, libtool-1.0h (also new config.guess and
+ config.sub that work on i686)
+- usermod fixed to handle group names starting with digits (not recommended)
+
+shadow-980626 => shadow-980724
+
+- security: login no longer gives you a root shell if setgid()
+ or initgroups() or setuid() fails for any reason, discovered
+ by Ted Hickman <thickman@sy.net>
+- remove libshadow.so -> libshadow.so.x.x symlink after install
+- a few int -> uid_t type cleanups
+- fail immediately (don't retry) in *_lock() if euid != 0
+- added sample PAM config files etc/pam.d/{passwd,su}
+- preliminary PAM support in su (untested - use at your own risk,
+ comments and patches welcome!)
+- cleanup and more comments in OPIE code (Algis Rudys)
+- added support for TCFS (Transparent Cryptographic File System)
+ (use ./configure --with-libtcfs, see http://tcfs.dia.unisa.it/
+ for more info), thanks to Aniello Del Sorbo
+
+shadow-980529 => shadow-980626
+
+- fixed bug in commonio_lock() (infinite recursion if lckpwdf() not
+ used and database cannot be locked), thanks to Jonathan Hankins
+- fixed bug in copy_tree() (NUL-terminate readlink() results),
+ thanks to Lutz Schwalowsky
+- no need to press Enter after Ctrl-C to interrupt password prompt
+- removed a few harmless gcc warnings
+- secure RPC login disabled if <rpc/key_prot.h> not found (glibc 2.0)
+- faillog.8: changed /usr/adm -> /var/log
+- pwconv.8: documented that it may fail on invalid password files
+
+shadow-980417 => shadow-980529
+
+- fixed "interesting" strzero() bug introduced by me in 980417:
+ strzero(cp) didn't work as intended (the macro used a local
+ variable called "cp" - oops...); Leonard N. Zubkoff was the
+ first person to report it - thanks!
+- fixed usermod -e to accept empty argument (like useradd),
+ thanks to Martin Bene
+- several changes from Debian 980403-0.2, see debian/changelog
+- added contrib/shadow-anonftp.patch (not yet merged, sorry...)
+ thanks to Calle Karlsson
+
+shadow-980403 => shadow-980417
+
+- fixed login session limits (again - broken since 980130)
+- more symbolic constants for exit status values
+- fixed logoutd to work with 8-character usernames in utmp
+ (no room for terminating NUL!)
+- various fixes to make the code more glibc2-friendly
+- updated doc/cracklib26.diff (fix for empty gecos, etc.)
+- updated the files in redhat/ from shadow-utils-970616-11.src.rpm
+ (RH 5.0 updates)
+
+shadow-980130 => shadow-980403
+
+- security: su now creates the sulog file (if enabled and doesn't
+ already exist) with umask 077
+- hopefully removed arbitrary group size limits (not yet for
+ shadow groups though - sgetsgent() still needs a rewrite,
+ but I don't want to delay this release any longer...)
+- fixed NULL dereference in groupmod -n
+
+shadow-971215 => shadow-980130
+
+- Debian binary packages can be built without root privileges
+ (tar wrapper - debian/tar.c)
+- new subdir "redhat" (needs more work, see redhat/README)
+- in several places, exit(127) if exec fails with ENOENT, and
+ exit(126) on other errors (as in ksh and bash)
+- renamed getpass() and md5_crypt() to libshadow_* to avoid name
+ conflicts with libc functions - md5_crypt() is also in libcrypt.a
+ on Linux/PPC, thanks to Anton Gluck <gluc@midway.uchicago.edu>
+- handle crypt() returning NULL (possible according to Single Unix
+ Spec) more gracefully (exit instead of SIGSEGV)
+- fixed bug in putgrent() that showed up when realloc() moved the
+ buffer while expanding it, thanks to Floody <flood@evcom.net>
+- fixed bug in login session limits (with a limit set to N logins,
+ only N-1 logins were allowed), thanks to Floody <flood@evcom.net>
+- upgraded to libtool-1.0h (now recognizes GNU ld on Debian 1.3.1)
+- newer config.guess and config.sub (should work on x86 for x > 5)
+- removed doc/automake-1.0.diff (obsoleted by automake-1.2)
+- added doc/cracklib26.diff (some patches for cracklib-2.6)
+- documented more (not all yet) login.defs(5) settings
+- replaced more exit status numeric values with #defines
+- shadow-utils.spec now generated from shadow-utils.spec.in
+ (so I don't have to edit version numbers for every new release)
+- groupadd -f option, based on RedHat's shadow-utils-970616-9 patch
+ ("force" - exit(0) if the group already exists); other RedHat-
+ specific options not added yet (best done in a perl script that
+ runs useradd/usermod/groupadd - see Debian's adduser-3.x)
+- added -O option (override login.defs values) to useradd and groupadd
+- if usermod can't update the group file(s), exit(10) but update the
+ password file(s) anyway (as documented by Solaris man page)
+- useradd should no longer set sp_expire to the current date (oops)
+- configure.in: added --enable-desrpc, check for gethostbyname in libc
+ before trying libnsl (necessary for Solaris; not for Linux or Irix,
+ even though libnsl may be present), fixed pw_age/pw_comment/pw_quota
+ detection, setpgrp vs. setpgid, other minor tweaks
+- various */Makefile.am tweaks
+- login.defs: added FAKE_SHELL - program to run instead of the login
+ shell, with the real shell in argv[0] (Frank Denis)
+- login.defs: ignore case in yes/no settings
+- more E_* defines instead of hardcoded numbers for exit()
+- added sanitize_env() for setuid programs
+- login_desrpc() checks for getnetname() errors
+- new password is not "too similar" if it is long enough
+- replacement strstr() was static, no one noticed :-)
+- {pw,spw}_lock() and {pw,spw}_unlock() track the lock count and call
+ lckpwdf() and ulckpwdf() as needed, *_lock_first() hack removed
+- login sets $REMOTEHOST for remote logins
+- added newgrp -l option (Single Unix Spec, same as "-")
+- EXPERIMENTAL shared lib support using libtool (libshadow.so saves about
+ 200K of disk space on Linux/x86), enabled by default if supported by
+ the system, use ./configure --disable-shared if it causes any problems.
+ Warning: libshadow.so is intended for internal use by this package
+ only - binary compatibility with future releases is not guaranteed.
+ There should be no need to link any other programs with libshadow.so -
+ the libshadow.so -> libshadow.so.x.x symlink is unnecessary.
+- pam_strerror() takes one or two arguments, depending on the Linux-PAM
+ version (!) - added check to configure; fixed do_pam_passwd prototype
+- libmisc/login_access.c should compile on Linux/PPC and Solaris
+- added information about the new ftp site to doc/README.mirrors
+
+shadow-971001 => shadow-971215
+
+- added workaround for NYS libc 5.3.12 (RedHat 4.2) bug to grpck
+- updated the RPM .spec file
+- renamed rlogin() to do_rlogin() to avoid Linux/PPC build problem
+ (glibc defines something else named "rlogin" in utmpbits.h ?)
+- added MD5 checksums in Debian packages
+- added -p and -g options to vipw (edit the password or group file
+ respectively, regardless of the command name in argv[0])
+- removed old DBM support (NDBM code is still there)
+- fixed a bug in gpasswd: current username was incorrectly identified as
+ "root" because of setuid(0) done too early. It may be a security hole
+ when using shadow groups - if "root" is listed as a group administrator,
+ any user can add/remove members in that group. Thanks to Jesse Thilo.
+- gpasswd now logs which user (root or group admin) made the changes
+- passwd now uses $PATH to search for the chfn, chsh, gpasswd commands
+- newgrp and add_groups() allocate supplementary group lists dynamically
+- moved check_shell() from src/chsh.c to libmisc/chkshell.c
+- CHFN_RESTRICT in login.defs can now specify exactly which fields may be
+ changed by regular users (any combination of letters "frwh")
+- fixed contrib/pwdauth.c segfault with non-existent usernames
+- minor change in lib/getdef.c to handle quotes better (Juergen Heinzl)
+- new date parsing code (from GNU date) used by useradd, usermod, chage
+- upgraded to automake-1.2, added libtool-0.7 (no libshadow.so yet)
+- converted code to ANSI C, added ansi2knr (untested - use gcc!)
+- fixed useradd -G segfault (one '*' that shouldn't be there)
+- allow 8-bit characters in chfn
+- added support for RLIMIT_AS (max address space) in libmisc/limits.c
+- changed the handling of NIS plus entries in password files
+- some more tweaking in various debian/* files
+- logoutd uses getutent() instead of reading utmp file directly
+- fixed lckpwdf() called twice (and failing) when changing password
+ if the user is not listed in /etc/shadow (Mike Pakovic)
+- erase and kill characters left unchanged if not defined in login.defs
+
+shadow-970616 => shadow-971001
+
+- Debian: mkpasswd no longer installed (dbm files not supported)
+- chpasswd checks for shadow/non-shadow at run time, too
+- added chpasswd -e (input file with encrypted passwords) - Jay Soffian
+- changed libmisc/login_access.c as suggested by Dave Hagewood
+- replaced sprintf() with snprintf() in several places
+- added lib/snprintf.[ch] (from XFree86) for systems without snprintf()
+- minor tweaks in contrib/adduser.c (/usr/local -> /usr)
+- non-root users can only run su with a terminal on stdin
+- temporarily disabled DES_RPC because getsecretkey() causes login to hang
+ for 5 minutes on at least one RH 4.0 system. Not sure if this is a bug
+ in libc, or system misconfiguration. Needs further investigation.
+- check for strerror() and -lrpcsvc (should compile on SunOS again)
+- fixed free() called twice in libmisc/mail.c
+- added information about mirror sites (doc/README.mirrors)
+- updated pwconv.8 and pwunconv.8 man pages
+- "make install" now installs pwconv, pwunconv, grpconv, grpunconv
+- pwauth.8 no longer installed (AUTH_METHODS not supported by default)
+- corrected su.1 man page ($SHELL not used)
+- no need for --with-md5crypt if the MD5-based crypt() is already in libc
+ (or another library specified in /etc/ld.so.preload - Linux ld.so 1.8.0+)
+- cleaned up PASS_MAX in getpass() (127 always assumed)
+- default editor for vipw changed from /bin/ae to a real editor :)
+
+shadow-970601 => shadow-970616
+
+- fixed execlp call (missing NULL) in src/vipw.c
+- vipw now preserves permissions on edited files
+- commented out the xdm-shadow hack in shadowconfig
+- improved RedHat spec file (Timo Karjalainen)
+- updated mailing list information
+- added information about the shadow paper (doc/README.shadow-paper)
+- renamed doc/console.c.spec (confused RPM)
+
+shadow-970502-2 => shadow-970601
+
+- fixed a typo in libmisc/mail.c causing login to segfault
+ if MAIL_CHECK_ENAB=yes (sorry!)
+- patches for OPIE support (Algis Rudys) (untested)
+- programs that modify /etc/passwd or /etc/shadow will use
+ lckpwdf() if available
+- now compiles with PAM support! (still untested)
+- cosmetic error message changes (prefixed by argv[0]:)
+
+shadow-970216 => shadow-970502-2
+
+- shadow group support fixes (grpconv didn't work - for some
+ reason, putsgent() returns 1 instead of 0 on success;
+ now -1 = failure, anything else = success)
+- upgraded to autoconf-2.12
+- pwconv and pwunconv now follow other UN*X systems and SVID3
+ (modify files in place), original versions moved to "old"
+- scologin.c moved to "old" (it was only for SCO Xenix) so
+ people stop sending patches for scologin.c gcc warnings :)
+- don't use the MD5* functions in libmisc/salt.c (glibc has
+ the new md5 crypt(), but no <md5.h> and MD5* functions!)
+- support for MkLinux, Solaris, JIS, Qmail (Frank Denis)
+- "passwd -S -a" now really works
+- support for Debian, vipw, a few fixes (Guy Maor)
+- src/login.c radius bug fix (Rafal Maszkowski)
+- ISSUE_FILE_ENAB -> ISSUE_FILE in the sample /etc/login.defs
+- fixes for glibc and DES_RPC (Thorsten Kukuk)
+- limits.5 man page (Luca Berra)
+- expiry will work setgid shadow too, removed euid 0 check
+- added check for a64l() to configure (glibc)
+
+shadow-961025 => shadow-970216
+
+- major rewrite of *io.c (no more 4 copies of almost identical code)
+- use fsync() (if available) instead of sync() when updating password files
+- use fchmod() and fchown() if available
+- keep the NIS "plus on a line by itself" entries at end of passwd/group
+- configure checks location of passwd/chfn/chsh programs (/usr/bin or /bin)
+- passwd -S -a: list information about all users (root only)
+- passwd -k: change only expired passwords
+- passwd -q: quiet mode
+- first attempt at PAM support in passwd
+- passwd updates the non-shadow password if /etc/shadow exists but the
+ user has no shadow password
+- passwd logs who changed the password, added hook to allow non-root
+ administrators who can change passwords (not implemented yet)
+- su sets $HOME even without the "-" option (suggested by Joey Hess)
+- added -p (set encrypted password) option to useradd and usermod
+ (idea from hpux10 - undocumented option used internally by SAM)
+- useradd -D -e does the right thing (set default expiration date)
+- USERDEL_CMD in login.defs instead of hardcoded {ATRM,CRONTAB}_COMMAND
+ because there are just too many systems that need different commands
+- removed #ifdef FAILLOG_LOCKTIME (now always enabled), warning: the
+ faillog file format has been changed (somewhere between 960129 and
+ 960810), please truncate the old file (if any) to zero length
+- ISSUE_FILE (may be different from /etc/issue) instead of ISSUE_FILE_ENAB
+- wtmp, lastlog, faillog file location guessed by configure
+- separate checks for invalid user and group names, max username length
+ based on struct utmp (it's not always 8 characters)
+- pwck and grpck now check for invalid user/group names
+- pwck -q (quiet, report only serious problems) option added
+- separate cleaner sgetpwent() without the NIS magic
+- NIS entries ignored (never changed) by *io.c, pwck, grpck
+- various code cleanups
+- new get_my_pwent() function for getting my own username, uid etc.
+- faillog opens the file read-write if possible (even if not root)
+- passwd -S allowed for normal users (for their own uid only)
+- handle the case of login denied to passwordless accounts better
+ ("Login incorrect" without "Password:" prompt looks strange)
+- corrected author information and removed a copyright restriction
+
+shadow-960925 => shadow-961025
+
+- fixed a few typos in shadow group code
+- don't check for names starting with 'r' to determine if the shell
+ is restricted, use /etc/shells instead (for the "rc" shell)
+- removed extra definition of LASTLOG_FILE in configure.in
+- expiry no longer segfaults if no /etc/shadow
+- userdel -r "can't remove mailbox" warning no longer printed on success
+- useradd exit codes changed to match hpux10 man page
+- fixed possible fd leak etc. in file locking code (lib/commonio.c)
+
+shadow-960920 => shadow-960925
+
+- bug fixes to the new environment code using malloc
+- use hardcoded names instead of basename(argv[0]) for openlog() in programs
+ that users can run (chage, chfn, chsh, gpasswd, login, newgrp, passwd, su)
+- small fix to isexpired(), and use it in passwd as well
+- use strftime() and strptime() if available
+- added chmod 600 /etc/passwd- at the end of pwconv5 (backup file may
+ contain encrypted passwords!)
+- pass size to change_field (chage, chfn, chsh) instead of assuming BUFSIZ
+ (nothing bad happened yet, just a cleanup)
+- gpasswd should work with both shadow and non-shadow group passwords
+- detect unsupported options if no shadow (gpasswd, useradd, usermod)
+- passwd -e for sunos4 (ATT_AGE), untested
+- read environment from file (ENVIRON_FILE in login.defs), idea from ssh
+- small fix to l64a()
+- passwd prints a message after password successfully changed (for things
+ like poppassd which run passwd and expect some output)
+- passwd logs if password was changed by root (as opposed to a luser)
+- passwd uses current uid if no username argument and getlogin() fails
+
+shadow-960910 => shadow-960920
+
+- use malloc for environment variables, no more MAXENV (Juergen Heinzl)
+- newusers should work with both shadow and non-shadow passwords
+ (still left to do: chpasswd, gpasswd)
+- login-static no longer compiled by default
+- more SYSLOG() macros
+
+shadow-960810 => shadow-960910
+
+- updated README.linux to point to the new ftp site
+- chfn and chsh optionally (CHFN_AUTH) prompt for password like util-linux
+- man pages now closer to LDP standards (Ivan Nejgebauer)
+- newgrp uses SYSLOG_SG_ENAB (not SU) as in the /etc/login.defs comments
+- obscure.c fixed to compile with HAVE_LIBCRACK
+- cosmetic message changes in age.c
+- utmp open error check fixed in utmp.c
+- grpunconv added (Michael Meskes)
+- login reports invalid login time, not "Login incorrect" (Ivan Nejgebauer)
+- logoutd sets OPOST before writing to the tty (Ivan Nejgebauer)
+- sulogin: don't use syslog(), other minor changes (Ivan Nejgebauer)
+- passwords can be changed if sp_max == -1 (now considered infinity)
+- usermod: don't use sizeof(struct lastlog) when writing to faillog (ugh)
+- started replacing lots of #ifdef USE_SYSLOG with cleaner macros
+- contrib/rpasswd.c added (Joshua Cowan)
+- PASS_MAX is 127 with MD5_CRYPT (not just for Linux - sunos4 too...)
+- workarounds for a RedHat NYS libc getspnam() bug (if /etc/shadow
+ doesn't exist, it succeeds and returns sp_lstchg==0 instead of -1).
+
+shadow-960129 => shadow-960810
+
+- automake, configure checks for libcrypt and libcrack (Janos Farkas)
+- added --enable-shadowgrp to configure (shadow groups disabled by default)
+- should compile on SunOS 4.1.x - but it does NOT mean that it works :-)
+- login sets HUSHLOGIN=TRUE or FALSE (for shell startup scripts etc.)
+- hopefully removed all the rcsid warnings
+- contrib/atudel perl script to remove at jobs (thanks to Brian Gaeke)
+- resource limits (Cristian Gafton)
+- workaround for buggy init/getty(?) leaving junk in ut_host on RedHat
+- more fixes in man pages
+- pwck and grpck no longer suggest to run mkpasswd if *DBM not compiled in
+- most programs (groupadd, groupdel, groupmod, grpck, login, passwd, pwck,
+ su, useradd, userdel, usermod) should now work with both shadow and
+ non-shadow passwords/groups (check for /etc/shadow and /etc/gshadow at
+ run time); a few programs still left to do
+- mailbox mv/chown/rm in usermod/userdel (suggested by Cristian Gafton)
+- new contrib/adduser.c from Chris Evans
+- lots of other minor changes
+- source tree reorganization, GNU autoconf, portability cleanups
+- basename() renamed to Basename() to avoid name space confusion
+- new programs to create /etc/shadow and /etc/gshadow: pwconv5, grpconv
+- newgrp cleanup and a few fixes
+- useradd uses PASS_MAX_DAYS, PASS_MIN_DAYS and PASS_WARN_AGE
+- don't make the first group member the group admin by default
+ (define FIRST_MEMBER_IS_ADMIN to get the old gpasswd behaviour)
+- password aging constants, NGROUPS_MAX and syslog stuff in only one
+ place (defines.h) instead of repeating it in all source files...
+- added userdel -r safety check (refuse to remove the home directory
+ if it would result in removing some other user's home directory)
+- usermod -u now correctly checks for non-unique uid (unless -o)
+- sync() after updating password files, just to be more safe
+- "make install" should install /etc/login.defs if it doesn't exist
+- new option to control what happens if we can't cd to the home directory
+ (DEFAULT_HOME in /etc/login.defs)
+- enter the home directory as the user, not as root (for NFS etc.)
+- added check for Slackware bugs (nobody UID -1) in pwck and grpck
+- new CONSOLE_GROUPS feature (thanks to pacman@tardis.mars.net), it is
+ possible to add specified groups (floppy etc.) for console logins
+- new faillog feature: lock account for specified (per-user) time since
+ the last failure after exceeding the failure limit
+- new man pages (gpasswd.1, login.access.5, suauth.5)
+- fixes in man pages, renamed *.4 to *.5
+- new "contrib" directory (two adduser programs)
+- changed some "system" to "feature" #ifdefs (autoconf someday...)
+- sulogin no longer requires to be run from init, should work from rc
+ scripts too
+- changes to prevent unshadowing with libc SHADOW_COMPAT (get info
+ using xx_locate(), modify it and call xx_update(), don't write back
+ anything returned by getpwnam() etc.)
+- stupid bug fixed in lastlog.c
+- don't move non-directories in "usermod -m"
+- don't log unknown usernames (passwords mistyped for usernames) (lmain.c)
+- macros to get around ancient compilers which don't like prototypes
+- make more use of "const" (not everywhere yet)
+- added #ifdef AUTH_METHODS - very few people use administrator defined
+ authentication methods because many programs are not aware of them;
+ not supporting them makes the code simpler
+- new "save" and "restore" Makefile targets, thanks to Rafal Maszkowski
+- sgetgrent() in libshadow.a is optional, some versions of libc have it,
+ see HAVE_SGETGRENT in config.h (grent.c)
+- don't use continued lines in /etc/group, the standard getgr*() functions
+ don't support that (grent.c)
+- removed the third main() argument (according to libc docs, not allowed by
+ POSIX.1 - use environ instead) (lmain.c, smain.c, newgrp.c, sulogin.c)
+- login access control (lmain.c, login_access.c)
+- added copyright notice to login_access.c (from logdaemon-5.0)
+- detailed su access control (smain.c, suauth.c) - thanks to Chris Evans
+- added closelog() in su before executing the shell (smain.c)
+- getting current user name changed (smain.c)
+- "x" instead of "*" in pw_passwd, consistent with pwconv (useradd.c)
+- getpass() shouldn't return NULL except on errors (getpass.c)
+- moved isexpired() to isexpired.c (now part of libshadow.a) from age.c
+- SunOS4-like passwd -e (force change on next login) (isexpired.c, passwd.c)
+- can use shadow support in new versions of Linux libc instead of libshadow.a,
+ see HAVE_SHADOWPWD, HAVE_SHADOWGRP in config.h.linux (shadow.c, gshadow.c)
+- "no shadow password" not logged, the same /bin/login should work with both
+ shadow and non-shadow passwords (lmain.c)
+- some cleanup in various places (lmain.c, passwd.c)
+- new program to verify username/password pairs, for xlock etc.; it is not
+ installed by default, read the comments first (pwdauth.c)
+- authentication programs run with empty environment for safety (pwauth.c)
+- added missing fstat error checks (faillog.c, lastlog.c, setup.c, *io.c)
+- common code separated from *io.c (commonio.c)
+- ownership and permissions on password files are now preserved (we may try
+ to make more use of setgid and setuid non-root programs in the future)
+- added (untested) MD5-based crypt() from FreeBSD (md5crypt.c), see
+ MD5_CRYPT in config.h.linux and MD5_CRYPT_ENAB in login.defs.linux
+- termios/termio/sgtty macros cleaned up a bit
+
+shadow-951218 => shadow-960129
+
+Emergency bug fix release - no new features since 951218. There are many
+new changes, but this bug really can't wait until they are tested.
+
+Probably all previous versions of the shadow suite have a serious bug which
+makes it possible to overwrite the stack by entering very long username at
+the login prompt. This can give root access to any remote user!
+
+Changed the maximum size in login.c from BUFSIZ (1024) to 32 (to match
+size of the array in lmain.c). Aaargh!!!
+
+shadow-951203 => shadow-951218
+
+Changes:
+- Linux utmp handling fixes (utmp.c)
+- last failure date printing fixes (failure.c)
+- minor fix to compile with USE_CRACKLIB (obscure.c)
+- eliminated the use of snprintf (env.c, lmain.c, login.c, shell.c, smain.c)
+- basename.c added, replacing duplicated code in various places
+- "su -" runs the shell with '-' in argv[0] again (smain.c)
+- removing at/cron jobs cleaned up (userdel.c)
+- /etc/gshadow should not be world-readable (sgroupio.c)
+- if fflush() failed, files were not closed (*io.c)
+- login prompt is now "hostname login: " on Linux (lmain.c, login.c)
+- "save" and "restore" targets commented out (don't work) (Makefile.linux)
+- some minor cleanups for gcc -Wall (unused variables etc.)
+- removed README.FIRST (copyrights are OK now)
+- updated ANNOUNCE, README.linux, WISHLIST
+- as suggested, converted to RCS
+
+shadow-3.3.2-951127 => shadow-951203-jfh
+
+Changes:
+- Added the BSD-style copyright to all of the files. Any files with the
+ old copyright have multiple copyright holders and need to be cleanroomed
+ to produce BSD-style copyrightable files, or I need to get the consent
+ of the others to change the copyright.
+- Changed the ANNOUNCE file to not refer to the README.FIRST file. Now
+ that all of the files should have the correct copyright there is no need
+ to refer to that e-mail message.
+- Changes SCCS strings to "%W% %U% %G%". Marek needs to either convert to
+ RCS or check into SCCS and then checkout. I'd suggest using RCS ;-)
+
+ jfh@rpp386.cactus.org
+
+shadow-3.3.2-951106 => shadow-951127
+
+Note: for now this code only supports Linux. All the #ifdef's are there
+(and will be; support for at least SunOS 4.1.x would be nice) but:
+- I had to fix some potential security problems resulting from sloppy
+ coding (no bounds checking), and it was easier for me to use snprintf()
+ (not available on many systems, unfortunately), I'll fix that later.
+ Old versions of Linux libc don't have snprintf() either, and the one
+ in libbsd.a ignores the max size - don't use it! (libc-4.6.27 is OK)
+- I am lazy and only updated Makefile.linux and config.h.linux this time
+- I don't have root access to non-Linux systems (this means no testing)
+- this code needs some major reorganization, which will (hopefully)
+ make porting easier
+
+Changes:
+- some code cleanup, prototypes.h, defines.h, Makefile and config.h changes
+- login can be statically linked (not that I think it's a good idea, better
+ fix the telnetd, but paranoid people will like it :-)
+- login is installed non-setuid by default
+- check for NULL from getpass()
+- wipe cleartext password from getpass() when no longer needed (pwauth.c)
+- use standard "Password: " prompt by default (pwauth.c)
+- hopefully fixed bogus sigaction() stuff (Linux only) (getpass.c)
+- oops, setrlimit wants bytes, ulimit wants 512-byte units (lmain.c)
+- Linux has <lastlog.h>
+- print ll_host on Linux too (lmain.c)
+- size checking in various places (setuid root programs, argh!)
+- preserve TERM from getty (lmain.c)
+- don't ignore SIGHUP (lmain.c)
+- :%s/setenv/set_env/g (setenv(3) conflict) (env.c, lmain.c, login.c)
+- remove LD_xxx (env.c)
+- use bzero() instead of memset() for BSD portability and less #ifdef's
+ (if the system has no bzero(), implement it as a macro using memset())
+- the above fixes wrong order of memset() parameters (log.c)
+- use getutent/pututline instead of doing it by hand (utmp.c)
+- added the new settings to login.defs.linux
+- added login_access.c to the distribution (not used yet)
+
+==========
+
+shadow-3.3.2 => shadow-3.3.2-951106
+
+- added dummy pad.c and #ifdef'ed out references to pad_auth (pwauth.c)
+- malloc/strdup error checking, hopefully no more core dumps...
+- define HAVE_RLIMIT instead of HAVE_ULIMIT for Linux (config.h.linux)
+- changed pathnames on Linux to conform to new FSSTND (/var/log etc.)
+- larger buffer for cipher, for md5 crypt() if and when (encrypt.c, passwd.c)
+- use POSIX termios whenever possible on Linux
+- list.c, removed add_list/del_list from gpmain.c, user{add,del,mod}.c
+- strtoday.c, removed duplicates from chage.c, useradd.c, usermod.c
+- login -h only for root (lmain.c)
+- login -r not needed for Linux (lmain.c)
+- sample login.defs modified for Linux (login.defs.linux)
+- swapped chfn USAGE and ADMUSAGE (chfn.c)
+- added -u to passwd usage (passwd.c)
+- no #! check necessary for Linux (shell.c)
+- define OLD_CRON for some old incompatible Linux distributions (userdel.c)
+- PASS_MAX is now 127 (not 8) for Linux (getpass.c)
+- LOGIN_RETRIES, LOGIN_TIMEOUT, PASS_CHANGE_TRIES are no longer compiled in,
+ can now be set in login.defs, old values are used as defaults (lmain.c)
+- unique uid/gid selection now more robust (useradd.c, groupadd.c)
+- UID_MIN, UID_MAX, GID_MIN, GID_MAX in login.defs (useradd.c, groupadd.c)
+- CRACKLIB_DICTPATH no longer compiled in, can be set in login.defs (passwd.c)
+- PASS_ALWAYS_WARN: warn about weak passwords even for root (passwd.c)
+- PASS_MAX_LEN, check truncated passwords again (obscure.c)
+- check for weak passwords too if previous password was empty (obscure.c)
+- CHFN_RESTRICT: don't let users change their full names (chfn.c)
+- Linux has getusershell(), use it (chsh.c)
+- check if the new shell is executable by the user (chsh.c)
+- sleep before printing "Login incorrect", not the other way around (lmain.c)
+- don't be picky about utmp only if any of -rfh flags given (lmain.c)
+- do "wheel group" more like BSD does (smain.c)
+- use getlogin() in su (smain.c)
+- UMASK from login.defs defaults to 077, not 0 (lmain.c, newusers.c)
+- #undef HAS_ATRM for Linux until atrm can do what we need (config.h.linux)
+- Linux has most commands in /usr/bin, not /bin (age.c, passwd.c, userdel.c)
+- ULIMIT from login.defs works on systems using setrlimit() too (lmain.c)
+- LOGIN_STRING should work now (pwauth.c, getdef.c)
+- kludge to avoid conflict with Linux <shadow.h> (gshadow.h)
+- mv Makefile Makefile.xenix ; mv config.h config.h.xenix - so that they are
+ not lost when you copy the right ones to Makefile and config.h
+
+==========
+
+shadow-3.3.2
+
+Original version, received directly from the author.
diff --git a/README b/README
new file mode 100644
index 0000000..09f2393
--- /dev/null
+++ b/README
@@ -0,0 +1,122 @@
+Shadow SITES
+============
+
+Homepage
+ http://pkg-shadow.alioth.debian.org/
+
+FTP site
+ ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow
+
+SVN repository
+ anonymous read only access: svn://svn.debian.org/pkg-shadow/upstream
+
+SVN web interface
+ http://svn.debian.org/wsvn/pkg-shadow/upstream
+ or
+ http://svn.debian.org/viewsvn/pkg-shadow/upstream
+
+Mailing lists
+ for general discuss: pkg-shadow-devel@lists.alioth.debian.org
+ commit list: pkg-shadow-commits@lists.alioth.debian.org
+
+Mailing lists subscription
+ http://lists.alioth.debian.org/mailman/listinfo/pkg-shadow-devel
+ http://lists.alioth.debian.org/mailman/listinfo/pkg-shadow-commits
+
+Mailing lists archives:
+ http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/
+ http://lists.alioth.debian.org/pipermail/pkg-shadow-commits/
+
+S/Key support:
+ Shadow can be built with S/Key support using the S/Key package from:
+
+ http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libskey/
+ or
+ http://gentoo.osuosl.org/distfiles/skey-1.1.5.tar.bz2
+
+Authors and contributors
+========================
+
+Thanks to at least the following people for sending patches, bug
+reports and various comments. This list may be incomplete, I received
+a lot of mail...
+
+
+Adam Rudnicki <adam@v-lo.krakow.pl>
+Alan Curry <pacman@tardis.mars.net>
+Alexander O. Yuriev <alex@bach.cis.temple.edu>
+Algis Rudys <arudys@rice.edu>
+Andreas Jaeger <aj@arthur.rhein-neckar.de>
+Aniello Del Sorbo <anidel@edu-gw.dia.unisa.it>
+Anton Gluck <gluc@midway.uchicago.edu>
+Arkadiusz Miskiewicz <misiek@pld.org.pl>
+Ben Collins <bcollins@debian.org>
+Brian R. Gaeke <brg@dgate.org>
+Calle Karlsson <ckn@kash.se>
+Chip Rosenthal <chip@unicom.com>
+Chris Evans <lady0110@sable.ox.ac.uk>
+Cristian Gafton <gafton@sorosis.ro>
+Dan Walsh <dwalsh@redhat.com>
+Darcy Boese <possum@chardonnay.niagara.com>
+Dave Hagewood <admin@arrowweb.com>
+David A. Holland <dholland@hcs.harvard.edu>
+David Frey <David.Frey@lugs.ch>
+Ed Carp <ecarp@netcom.com>
+Floody <flood@evcom.net>
+Frank Denis <j@4u.net>
+George Kraft IV <gk4@us.ibm.com>
+Greg Mortensen <loki@world.std.com>
+Guido van Rooij
+Guy Maor <maor@debian.org>
+Hrvoje Dogan <hdogan@bjesomar.srce.hr>
+Jakub Hrozek <jhrozek@redhat.com>
+Janos Farkas <chexum@bankinf.banki.hu>
+Jay Soffian <jay@lw.net>
+Jesse Thilo <Jesse.Thilo@pobox.com>
+Joey Hess <joey@kite.ml.org>
+John Adelsberger <jja@umr.edu>
+Jonathan Hankins <jhankins@mailserv.homewood.k12.al.us>
+Jon Lewis <jlewis@lewis.org>
+Joshua Cowan <jcowan@hermit.reslife.okstate.edu>
+Judd Bourgeois <shagboy@bluesky.net>
+Juergen Heinzl <unicorn@noris.net>
+Juha Virtanen <jiivee@iki.fi>
+Julian Pidancet <julian.pidancet@gmail.com>
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
+Leonard N. Zubkoff <lnz@dandelion.com>
+Luca Berra <bluca@www.polimi.it>
+Lukáš Kuklínek <lkukline@redhat.com>
+Lutz Schwalowsky <schwalow@mineralogie.uni-hamburg.de>
+Marc Ewing <marc@redhat.com>
+Martin Bene <mb@sime.com>
+Martin Mares <mj@gts.cz>
+Michael Meskes <meskes@topsystem.de>
+Michael Talbot-Wilson <mike@calypso.bns.com.au>
+Mike Frysinger <vapier@gentoo.org>
+Mike Pakovic <mpakovic@users.southeast.net>
+Nicolas François <nicolas.francois@centraliens.net>
+Nikos Mavroyanopoulos <nmav@i-net.paiko.gr>
+Pavel Machek <pavel@bug.ucw.cz>
+Peter Vrabec <pvrabec@redhat.com>
+Phillip Street
+Rafał Maszkowski <rzm@icm.edu.pl>
+Rani Chouha <ranibey@smartec.com>
+Sami Kerola <kerolasa@rocketmail.com>
+Scott Garman <scott.a.garman@intel.com>
+Sebastian Rick Rijkers <srrijkers@gmail.com>
+Seraphim Mellos <mellos@ceid.upatras.gr>
+Shane Watts <shane@nexus.mlckew.edu.au>
+Steve M. Robbins <steve@nyongwa.montreal.qc.ca>
+Thorsten Kukuk <kukuk@suse.de>
+Tim Hockin <thockin@eagle.ais.net>
+Timo Karjalainen <timok@iki.fi>
+Ulisses Alonso Camaro <ulisses@pusa.eleinf.uv.es>
+Werner Fink <werner@suse.de>
+
+Maintainers
+===========
+
+Tomasz KÅ‚oczko <kloczek@pld.org.pl> (2000-2007)
+Nicolas François <nicolas.francois@centraliens.net> (2007-2014)
+Serge E. Hallyn <serge@hallyn.com> (2014-now)
+
diff --git a/TODO b/TODO
new file mode 100644
index 0000000..5cfa252
--- /dev/null
+++ b/TODO
@@ -0,0 +1,127 @@
+ * Create a common usage function that'd take the array of
+ long options and an array of descriptions and output that so things would
+ be standardized across the utils.
+ Usage strings should be normalized and split first.
+ Investigate optparse.
+
+
+/etc/default/useradd
+ * GROUP=1000 should accept a group name.
+
+Check when RLOGIN is enabled if ruserok() exists
+
+Move selinux_file_context out of libmisc/copydir.c
+
+Review hardcoded root account?
+
+review all call to strto
+
+libmisc/cleanup_user.c
+ cleanup needed (cleanup_report_add_user* not used)
+
+
+libxcrypt support
+ * http://wiki.linuxfromscratch.org/patches/browser/trunk/shadow/shadow-4.0.18.1-owl_blowfish-1.patch
+
+implement getlong, getulong.
+ avoid atoi, atol, atoul, strtol, strtoul, ...
+
+manpages: comment the RLOGIN parts
+
+Replace build_list (in lib/gshadow.c) and list (in lib/sgetgrent.c) by
+comma_to_list()
+
+Revert the modified files if all files could not be changed.
+ * or warn and indicate which files were modified and which were not.
+ * check the order the files are modified.
+
+report nscd_flush_cache failures?
+call nscd from the programs or from lib (commonio?)
+
+PAM: check if a non-interactive conversation function could be used to set
+the password in chpasswd and newusers
+
+WITH_SELINUX
+ - review all tools to check that the strategies are consistent
+
+chage, chfn, chsh: same change needed as in passwd.
+ - probably need moving check_selinux_access to a separate file.
+
+testsuite
+ - newgrp
+ - test with unknown user's GID
+
+newusers
+ - add logging to SYSLOG & AUDIT
+ - use CREATE_HOME
+ - Add a -Z option (see useradd / usermod)
+
+Document when/where option appeared, document whether an option is standard
+or not.
+
+Check all the expiry semantics
+
+ALL:
+- move base passwd/shadow/group/gshadow operation to module for allow write
+ different backend modules for db, NIS, LDAP and others. Default backend it
+ will be goot if will be chosen depending on /etc/nsswitch.conf and allow
+ override this by -r <repository> options (where the <repository> can be
+ file, db, nis nisplus, ldap .. like on /etc/nsswitch.conf in service column).
+ passwd have old piece of code with handling -r option and it will be good
+ finish this and propagate on other shadow tools for allow operate on other
+ user databases by well known tools.
+- Protect against signals. Register do_cleanups in a signal handler.
+
+- login.defs
+ - generate depending on configuration
+
+- useradd:
+ - add handle create user mail spool in maildir format.
+ - Add support for -k in -D mode
+ - Add support for -K in -D mode
+ - Add option to create or not the mail spool (and set the default in -D
+ mode)
+ - Change -l to reset the entry if an entry was already there
+ - set the mask in mkdir?
+
+- userdel:
+ - add backup option for the removal of user resources,
+ - user_busy: check that the user is not running any processes.
+ - missing "deleting group" FAILED
+ - home dir removed, but userdel may fail and may leave the user
+ => warning needed
+
+- usermod
+ - add an option equivalent to useradd's -l (only when uid is changed)
+ - the mode of new home directories should be set according to the
+ original mode. Does copy_tree does this?
+ - user renamed, order is not kept in /etc/group (see
+ 47_usermod-l_no_shadow_file). This is a problem when the first user is
+ considered as the admin.
+ - see mail "user ID change" on April, 15
+ + fix call to chown (combination of -m and -u/-g)
+ + add tests
+
+- passwd:
+ - check combination of options (e.g. -u/-l)
+ - when -u refuse to unlock because it would create an empty password, it
+ should not display "Password changed."
+ exit instead?
+
+- newgrp: check the USE_PAM section.
+
+- pwck
+ - Add check to move passwd passwords to shadow if there is a shadow
+ entry (with a password).
+ - Add check to move passwd passwords to shadow if there is a shadow
+ file.
+ - Support an alternative /etc/tcb directory as second parameter.
+ - add options -g / -G to specify alternative group / gshadow files
+
+- su
+ - add a login.defs configuration parameter to add variables to keep in
+ the environment with "su -l" (TERM/TERMCOLOR/...)
+
+- vipw
+ - set ACLs and XATTRs on the temporary file (and backups?)
+ - vipw + selinux -> use lib/selinux.c
diff --git a/acinclude.m4 b/acinclude.m4
new file mode 100644
index 0000000..dd01f16
--- /dev/null
+++ b/acinclude.m4
@@ -0,0 +1,54 @@
+# Checks the location of the XML Catalog
+# Usage:
+# JH_PATH_XML_CATALOG([ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
+# Defines XMLCATALOG and XML_CATALOG_FILE substitutions
+AC_DEFUN([JH_PATH_XML_CATALOG],
+[
+ # check for the presence of the XML catalog
+ AC_ARG_WITH([xml-catalog],
+ AC_HELP_STRING([--with-xml-catalog=CATALOG],
+ [path to xml catalog to use]),,
+ [with_xml_catalog=/etc/xml/catalog])
+ jh_found_xmlcatalog=true
+ XML_CATALOG_FILE="$with_xml_catalog"
+ AC_SUBST([XML_CATALOG_FILE])
+ AC_MSG_CHECKING([for XML catalog ($XML_CATALOG_FILE)])
+ if test -f "$XML_CATALOG_FILE"; then
+ AC_MSG_RESULT([found])
+ else
+ jh_found_xmlcatalog=false
+ AC_MSG_RESULT([not found])
+ fi
+
+ # check for the xmlcatalog program
+ AC_PATH_PROG(XMLCATALOG, xmlcatalog, no)
+ if test "x$XMLCATALOG" = xno; then
+ jh_found_xmlcatalog=false
+ fi
+
+ if $jh_found_xmlcatalog; then
+ ifelse([$1],,[:],[$1])
+ else
+ ifelse([$2],,[AC_MSG_ERROR([could not find XML catalog])],[$2])
+ fi
+])
+
+# Checks if a particular URI appears in the XML catalog
+# Usage:
+# JH_CHECK_XML_CATALOG(URI, [FRIENDLY-NAME], [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
+AC_DEFUN([JH_CHECK_XML_CATALOG],
+[
+ AC_REQUIRE([JH_PATH_XML_CATALOG],[JH_PATH_XML_CATALOG(,[:])])dnl
+ AC_MSG_CHECKING([for ifelse([$2],,[$1],[$2]) in XML catalog])
+ if $jh_found_xmlcatalog && \
+ AC_RUN_LOG([$XMLCATALOG --noout "$XML_CATALOG_FILE" "$1" >&2]); then
+ AC_MSG_RESULT([found])
+ ifelse([$3],,,[$3
+])dnl
+ else
+ AC_MSG_RESULT([not found])
+ ifelse([$4],,
+ [AC_MSG_ERROR([could not find ifelse([$2],,[$1],[$2]) in XML catalog])],
+ [$4])
+ fi
+])
diff --git a/autogen.sh b/autogen.sh
new file mode 100755
index 0000000..336463c
--- /dev/null
+++ b/autogen.sh
@@ -0,0 +1,12 @@
+#! /bin/sh
+
+autoreconf -v -f --install || exit 1
+
+./configure \
+ CFLAGS="-O2 -Wall" \
+ --enable-man \
+ --enable-maintainer-mode \
+ --disable-shared \
+ --without-libpam \
+ --with-selinux \
+ "$@"
diff --git a/configure.ac b/configure.ac
new file mode 100644
index 0000000..2dcf966
--- /dev/null
+++ b/configure.ac
@@ -0,0 +1,682 @@
+dnl Process this file with autoconf to produce a configure script.
+AC_PREREQ([2.64])
+AC_INIT([shadow], [4.5], [pkg-shadow-devel@lists.alioth.debian.org], [],
+ [https://github.com/shadow-maint/shadow])
+AM_INIT_AUTOMAKE([1.11 foreign dist-xz])
+AM_SILENT_RULES([yes])
+AC_CONFIG_HEADERS([config.h])
+
+dnl Some hacks...
+test "$prefix" = "NONE" && prefix="/usr"
+test "$prefix" = "/usr" && exec_prefix=""
+
+AC_GNU_SOURCE
+
+AM_DISABLE_SHARED
+AM_ENABLE_STATIC
+
+AM_MAINTAINER_MODE
+
+dnl Checks for programs.
+AC_PROG_CC
+AC_ISC_POSIX
+AC_PROG_LN_S
+AC_PROG_YACC
+AM_PROG_LIBTOOL
+
+dnl Checks for libraries.
+
+dnl Checks for header files.
+AC_HEADER_DIRENT
+AC_HEADER_STDC
+AC_HEADER_SYS_WAIT
+AC_HEADER_STDBOOL
+
+AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
+ utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
+ utime.h ulimit.h sys/resource.h gshadow.h lastlog.h \
+ locale.h rpc/key_prot.h netdb.h acl/libacl.h attr/libattr.h \
+ attr/error_context.h)
+
+dnl shadow now uses the libc's shadow implementation
+AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
+
+AC_CHECK_FUNCS(l64a fchmod fchown fsync futimes getgroups gethostname getspnam \
+ gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
+ lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \
+ getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo \
+ ruserok)
+AC_SYS_LARGEFILE
+
+dnl Checks for typedefs, structures, and compiler characteristics.
+AC_C_CONST
+AC_TYPE_UID_T
+AC_TYPE_OFF_T
+AC_TYPE_PID_T
+AC_TYPE_MODE_T
+AC_HEADER_STAT
+AC_CHECK_MEMBERS([struct stat.st_rdev])
+AC_CHECK_MEMBERS([struct stat.st_atim])
+AC_CHECK_MEMBERS([struct stat.st_atimensec])
+AC_CHECK_MEMBERS([struct stat.st_mtim])
+AC_CHECK_MEMBERS([struct stat.st_mtimensec])
+AC_HEADER_TIME
+AC_STRUCT_TM
+
+AC_CHECK_MEMBERS([struct utmp.ut_type,
+ struct utmp.ut_id,
+ struct utmp.ut_name,
+ struct utmp.ut_user,
+ struct utmp.ut_host,
+ struct utmp.ut_syslen,
+ struct utmp.ut_addr,
+ struct utmp.ut_addr_v6,
+ struct utmp.ut_time,
+ struct utmp.ut_xtime,
+ struct utmp.ut_tv],,,[[#include <utmp.h>]])
+dnl There are dependencies:
+dnl If UTMPX has to be used, the utmp structure shall have a ut_id field.
+if test "$ac_cv_header_utmpx_h" = "yes" &&
+ test "$ac_cv_member_struct_utmp_ut_id" != "yes"; then
+ AC_MSG_ERROR(Systems with UTMPX and no ut_id field in the utmp structure are not supported)
+fi
+
+AC_CHECK_MEMBERS([struct utmpx.ut_name,
+ struct utmpx.ut_host,
+ struct utmpx.ut_syslen,
+ struct utmpx.ut_addr,
+ struct utmpx.ut_addr_v6,
+ struct utmpx.ut_time,
+ struct utmpx.ut_xtime],,,[[#include <utmpx.h>]])
+
+if test "$ac_cv_header_lastlog_h" = "yes"; then
+ AC_CACHE_CHECK(for ll_host in struct lastlog,
+ ac_cv_struct_lastlog_ll_host,
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <lastlog.h>],
+ [struct lastlog ll; char *cp = ll.ll_host;]
+ )],
+ [ac_cv_struct_lastlog_ll_host=yes],
+ [ac_cv_struct_lastlog_ll_host=no]
+ )
+ )
+
+ if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then
+ AC_DEFINE(HAVE_LL_HOST, 1,
+ [Define if struct lastlog has ll_host])
+ fi
+fi
+
+dnl Checks for library functions.
+AC_TYPE_GETGROUPS
+AC_TYPE_SIGNAL
+AC_FUNC_UTIME_NULL
+AC_FUNC_STRFTIME
+AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir)
+AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent)
+AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr)
+
+AC_CHECK_FUNC(setpgrp)
+
+if test "$ac_cv_header_shadow_h" = "yes"; then
+ AC_CACHE_CHECK(for working shadow group support,
+ ac_cv_libc_shadowgrp,
+ AC_RUN_IFELSE([AC_LANG_SOURCE([
+ #include <shadow.h>
+ main()
+ {
+ struct sgrp *sg = sgetsgent("test:x::");
+ /* NYS libc on Red Hat 3.0.3 has broken shadow group support */
+ return !sg || !sg->sg_adm || !sg->sg_mem;
+ }]
+ )],
+ [ac_cv_libc_shadowgrp=yes],
+ [ac_cv_libc_shadowgrp=no],
+ [ac_cv_libc_shadowgrp=no]
+ )
+ )
+
+ if test "$ac_cv_libc_shadowgrp" = "yes"; then
+ AC_DEFINE(HAVE_SHADOWGRP, 1, [Have working shadow group support in libc])
+ fi
+fi
+
+AC_CACHE_CHECK([location of shared mail directory], shadow_cv_maildir,
+[for shadow_cv_maildir in /var/mail /var/spool/mail /usr/spool/mail /usr/mail none; do
+ if test -d $shadow_cv_maildir; then
+ break
+ fi
+done])
+if test $shadow_cv_maildir != none; then
+ AC_DEFINE_UNQUOTED(MAIL_SPOOL_DIR, "$shadow_cv_maildir",
+ [Location of system mail spool directory.])
+fi
+
+AC_CACHE_CHECK([location of user mail file], shadow_cv_mailfile,
+[for shadow_cv_mailfile in Mailbox mailbox Mail mail .mail none; do
+ if test -f $HOME/$shadow_cv_mailfile; then
+ break
+ fi
+done])
+if test $shadow_cv_mailfile != none; then
+ AC_DEFINE_UNQUOTED(MAIL_SPOOL_FILE, "$shadow_cv_mailfile",
+ [Name of user's mail spool file if stored in user's home directory.])
+fi
+
+AC_CACHE_CHECK([location of utmp], shadow_cv_utmpdir,
+[for shadow_cv_utmpdir in /var/run /var/adm /usr/adm /etc none; do
+ if test -f $shadow_cv_utmpdir/utmp; then
+ break
+ fi
+done])
+if test "$shadow_cv_utmpdir" = "none"; then
+ AC_MSG_WARN(utmp file not found)
+fi
+AC_DEFINE_UNQUOTED(_UTMP_FILE, "$shadow_cv_utmpdir/utmp",
+ [Path for utmp file.])
+
+AC_CACHE_CHECK([location of faillog/lastlog/wtmp], shadow_cv_logdir,
+[for shadow_cv_logdir in /var/log /var/adm /usr/adm /etc; do
+ if test -d $shadow_cv_logdir; then
+ break
+ fi
+done])
+AC_DEFINE_UNQUOTED(_WTMP_FILE, "$shadow_cv_logdir/wtmp",
+ [Path for wtmp file.])
+AC_DEFINE_UNQUOTED(LASTLOG_FILE, "$shadow_cv_logdir/lastlog",
+ [Path for lastlog file.])
+AC_DEFINE_UNQUOTED(FAILLOG_FILE, "$shadow_cv_logdir/faillog",
+ [Path for faillog file.])
+
+AC_CACHE_CHECK([location of the passwd program], shadow_cv_passwd_dir,
+[if test -f /usr/bin/passwd; then
+ shadow_cv_passwd_dir=/usr/bin
+else
+ shadow_cv_passwd_dir=/bin
+fi])
+AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
+ [Path to passwd program.])
+
+dnl XXX - quick hack, should disappear before anyone notices :).
+AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
+if test "$ac_cv_func_ruserok" = "yes"; then
+ AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
+ AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
+fi
+
+AC_ARG_ENABLE(shadowgrp,
+ [AC_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
+ [case "${enableval}" in
+ yes) enable_shadowgrp="yes" ;;
+ no) enable_shadowgrp="no" ;;
+ *) AC_MSG_ERROR(bad value ${enableval} for --enable-shadowgrp) ;;
+ esac],
+ [enable_shadowgrp="yes"]
+)
+
+AC_ARG_ENABLE(man,
+ [AC_HELP_STRING([--enable-man],
+ [regenerate roff man pages from Docbook @<:@default=no@:>@])],
+ [enable_man="${enableval}"],
+ [enable_man="no"]
+)
+
+AC_ARG_ENABLE(account-tools-setuid,
+ [AC_HELP_STRING([--enable-account-tools-setuid],
+ [Install the user and group management tools setuid and authenticate the callers. This requires --with-pam.])],
+ [case "${enableval}" in
+ yes) enable_acct_tools_setuid="yes" ;;
+ no) enable_acct_tools_setuid="no" ;;
+ *) AC_MSG_ERROR(bad value ${enableval} for --enable-account-tools-setuid)
+ ;;
+ esac],
+ [enable_acct_tools_setuid="maybe"]
+)
+
+AC_ARG_ENABLE(utmpx,
+ [AC_HELP_STRING([--enable-utmpx],
+ [enable loggin in utmpx / wtmpx @<:@default=no@:>@])],
+ [case "${enableval}" in
+ yes) enable_utmpx="yes" ;;
+ no) enable_utmpx="no" ;;
+ *) AC_MSG_ERROR(bad value ${enableval} for --enable-utmpx) ;;
+ esac],
+ [enable_utmpx="no"]
+)
+
+AC_ARG_ENABLE(subordinate-ids,
+ [AC_HELP_STRING([--enable-subordinate-ids],
+ [support subordinate ids @<:@default=yes@:>@])],
+ [enable_subids="${enableval}"],
+ [enable_subids="maybe"]
+)
+
+AC_ARG_WITH(audit,
+ [AC_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])],
+ [with_audit=$withval], [with_audit=maybe])
+AC_ARG_WITH(libpam,
+ [AC_HELP_STRING([--with-libpam], [use libpam for PAM support @<:@default=yes if found@:>@])],
+ [with_libpam=$withval], [with_libpam=maybe])
+AC_ARG_WITH(selinux,
+ [AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=yes if found@:>@])],
+ [with_selinux=$withval], [with_selinux=maybe])
+AC_ARG_WITH(acl,
+ [AC_HELP_STRING([--with-acl], [use ACL support @<:@default=yes if found@:>@])],
+ [with_acl=$withval], [with_acl=maybe])
+AC_ARG_WITH(attr,
+ [AC_HELP_STRING([--with-attr], [use Extended Attribute support @<:@default=yes if found@:>@])],
+ [with_attr=$withval], [with_attr=maybe])
+AC_ARG_WITH(skey,
+ [AC_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])],
+ [with_skey=$withval], [with_skey=no])
+AC_ARG_WITH(tcb,
+ [AC_HELP_STRING([--with-tcb], [use tcb support (incomplete) @<:@default=yes if found@:>@])],
+ [with_tcb=$withval], [with_tcb=maybe])
+AC_ARG_WITH(libcrack,
+ [AC_HELP_STRING([--with-libcrack], [use libcrack @<:@default=no@:>@])],
+ [with_libcrack=$withval], [with_libcrack=no])
+AC_ARG_WITH(sha-crypt,
+ [AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
+ [with_sha_crypt=$withval], [with_sha_crypt=yes])
+AC_ARG_WITH(nscd,
+ [AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
+ [with_nscd=$withval], [with_nscd=yes])
+AC_ARG_WITH(group-name-max-length,
+ [AC_HELP_STRING([--with-group-name-max-length], [set max group name length @<:@default=16@:>@])],
+ [with_group_name_max_length=$withval], [with_group_name_max_length=yes])
+
+if test "$with_group_name_max_length" = "no" ; then
+ with_group_name_max_length=0
+elif test "$with_group_name_max_length" = "yes" ; then
+ with_group_name_max_length=16
+fi
+AC_DEFINE_UNQUOTED(GROUP_NAME_MAX_LENGTH, $with_group_name_max_length, [max group name length])
+AC_SUBST(GROUP_NAME_MAX_LENGTH)
+GROUP_NAME_MAX_LENGTH="$with_group_name_max_length"
+
+AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes")
+if test "$with_sha_crypt" = "yes"; then
+ AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
+fi
+
+if test "$with_nscd" = "yes"; then
+ AC_CHECK_FUNC(posix_spawn,
+ [AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])],
+ [AC_MSG_ERROR([posix_spawn is needed for nscd support])])
+fi
+
+dnl Check for some functions in libc first, only if not found check for
+dnl other libraries. This should prevent linking libnsl if not really
+dnl needed (Linux glibc, Irix), but still link it if needed (Solaris).
+
+AC_SEARCH_LIBS(inet_ntoa, inet)
+AC_SEARCH_LIBS(socket, socket)
+AC_SEARCH_LIBS(gethostbyname, nsl)
+
+if test "$enable_shadowgrp" = "yes"; then
+ AC_DEFINE(SHADOWGRP, 1, [Define to support the shadow group file.])
+fi
+AM_CONDITIONAL(SHADOWGRP, test "x$enable_shadowgrp" = "xyes")
+
+if test "$enable_man" = "yes"; then
+ dnl
+ dnl Check for xsltproc
+ dnl
+ AC_PATH_PROG([XSLTPROC], [xsltproc])
+ if test -z "$XSLTPROC"; then
+ enable_man=no
+ fi
+
+ dnl check for DocBook DTD and stylesheets in the local catalog.
+ JH_CHECK_XML_CATALOG([-//OASIS//DTD DocBook XML V4.1.2//EN],
+ [DocBook XML DTD V4.1.2], [], enable_man=no)
+ JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl],
+ [DocBook XSL Stylesheets >= 1.70.1], [], enable_man=no)
+fi
+AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test "x$enable_man" != "xno")
+
+if test "$enable_subids" != "no"; then
+ dnl
+ dnl FIXME: check if 32 bit UIDs/GIDs are supported by libc
+ dnl
+ AC_CHECK_SIZEOF([uid_t],, [#include "sys/types.h"])
+ AC_CHECK_SIZEOF([gid_t],, [#include "sys/types.h"])
+
+ if test "$ac_cv_sizeof_uid_t" -ge 4 && test "$ac_cv_sizeof_gid_t" -ge 4; then
+ AC_DEFINE(ENABLE_SUBIDS, 1, [Define to support the subordinate IDs.])
+ enable_subids="yes"
+ else
+ if test "x$enable_subids" = "xyes"; then
+ AC_MSG_ERROR([Cannot enable support the subordinate IDs on systems where gid_t or uid_t has less than 32 bits])
+ fi
+ enable_subids="no"
+ fi
+fi
+AM_CONDITIONAL(ENABLE_SUBIDS, test "x$enable_subids" != "xno")
+
+AC_SUBST(LIBCRYPT)
+AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt],
+ [AC_MSG_ERROR([crypt() not found])])
+
+AC_SUBST(LIBACL)
+if test "$with_acl" != "no"; then
+ AC_CHECK_HEADERS(acl/libacl.h attr/error_context.h, [acl_header="yes"], [acl_header="no"])
+ if test "$acl_header$with_acl" = "noyes" ; then
+ AC_MSG_ERROR([acl/libacl.h or attr/error_context.h is missing])
+ elif test "$acl_header" = "yes" ; then
+ AC_CHECK_LIB(acl, perm_copy_file,
+ [AC_CHECK_LIB(acl, perm_copy_fd,
+ [acl_lib="yes"],
+ [acl_lib="no"])],
+ [acl_lib="no"])
+ if test "$acl_lib$with_acl" = "noyes" ; then
+ AC_MSG_ERROR([libacl not found])
+ elif test "$acl_lib" = "no" ; then
+ with_acl="no"
+ else
+ AC_DEFINE(WITH_ACL, 1,
+ [Build shadow with ACL support])
+ LIBACL="-lacl"
+ with_acl="yes"
+ fi
+ else
+ with_acl="no"
+ fi
+fi
+
+AC_SUBST(LIBATTR)
+if test "$with_attr" != "no"; then
+ AC_CHECK_HEADERS(attr/libattr.h attr/error_context.h, [attr_header="yes"], [attr_header="no"])
+ if test "$attr_header$with_attr" = "noyes" ; then
+ AC_MSG_ERROR([attr/libattr.h or attr/error_context.h is missing])
+ elif test "$attr_header" = "yes" ; then
+ AC_CHECK_LIB(attr, attr_copy_file,
+ [AC_CHECK_LIB(attr, attr_copy_fd,
+ [attr_lib="yes"],
+ [attr_lib="no"])],
+ [attr_lib="no"])
+ if test "$attr_lib$with_attr" = "noyes" ; then
+ AC_MSG_ERROR([libattr not found])
+ elif test "$attr_lib" = "no" ; then
+ with_attr="no"
+ else
+ AC_DEFINE(WITH_ATTR, 1,
+ [Build shadow with Extended Attributes support])
+ LIBATTR="-lattr"
+ with_attr="yes"
+ fi
+ else
+ with_attr="no"
+ fi
+fi
+
+AC_SUBST(LIBAUDIT)
+if test "$with_audit" != "no"; then
+ AC_CHECK_HEADER(libaudit.h, [audit_header="yes"], [audit_header="no"])
+ if test "$audit_header$with_audit" = "noyes" ; then
+ AC_MSG_ERROR([libaudit.h is missing])
+ elif test "$audit_header" = "yes"; then
+ AC_CHECK_DECL(AUDIT_ADD_USER,,[audit_header="no"],[#include <libaudit.h>])
+ AC_CHECK_DECL(AUDIT_DEL_USER,,[audit_header="no"],[#include <libaudit.h>])
+ AC_CHECK_DECL(AUDIT_ADD_GROUP,,[audit_header="no"],[#include <libaudit.h>])
+ AC_CHECK_DECL(AUDIT_DEL_GROUP,,[audit_header="no"],[#include <libaudit.h>])
+ if test "$audit_header$with_audit" = "noyes" ; then
+ AC_MSG_ERROR([AUDIT_ADD_USER AUDIT_DEL_USER AUDIT_ADD_GROUP or AUDIT_DEL_GROUP missing from libaudit.h])
+ fi
+ fi
+ if test "$audit_header" = "yes"; then
+ AC_CHECK_LIB(audit, audit_log_acct_message,
+ [audit_lib="yes"], [audit_lib="no"])
+ if test "$audit_lib$with_audit" = "noyes" ; then
+ AC_MSG_ERROR([libaudit not found])
+ elif test "$audit_lib" = "no" ; then
+ with_audit="no"
+ else
+ AC_DEFINE(WITH_AUDIT, 1,
+ [Define if you want to enable Audit messages])
+ LIBAUDIT="-laudit"
+ with_audit="yes"
+ fi
+ else
+ with_audit="no"
+ fi
+fi
+
+AC_SUBST(LIBCRACK)
+if test "$with_libcrack" = "yes"; then
+ echo "checking cracklib flavour, don't be surprised by the results"
+ AC_CHECK_LIB(crack, FascistCheck,
+ [LIBCRACK=-lcrack AC_DEFINE(HAVE_LIBCRACK, 1, [Defined if you have libcrack.])])
+ AC_CHECK_LIB(crack, FascistHistory,
+ AC_DEFINE(HAVE_LIBCRACK_HIST, 1, [Defined if you have the ts&szs cracklib.]))
+ AC_CHECK_LIB(crack, FascistHistoryPw,
+ AC_DEFINE(HAVE_LIBCRACK_PW, 1, [Defined if it includes *Pw functions.]))
+fi
+
+AC_SUBST(LIBSELINUX)
+AC_SUBST(LIBSEMANAGE)
+if test "$with_selinux" != "no"; then
+ AC_CHECK_HEADERS(selinux/selinux.h, [selinux_header="yes"], [selinux_header="no"])
+ if test "$selinux_header$with_selinux" = "noyes" ; then
+ AC_MSG_ERROR([selinux/selinux.h is missing])
+ fi
+
+ AC_CHECK_HEADERS(semanage/semanage.h, [semanage_header="yes"], [semanage_header="no"])
+ if test "$semanage_header$with_selinux" = "noyes" ; then
+ AC_MSG_ERROR([semanage/semanage.h is missing])
+ fi
+
+ if test "$selinux_header$semanage_header" = "yesyes" ; then
+ AC_CHECK_LIB(selinux, is_selinux_enabled, [selinux_lib="yes"], [selinux_lib="no"])
+ if test "$selinux_lib$with_selinux" = "noyes" ; then
+ AC_MSG_ERROR([libselinux not found])
+ fi
+
+ AC_CHECK_LIB(semanage, semanage_connect, [semanage_lib="yes"], [semanage_lib="no"])
+ if test "$semanage_lib$with_selinux" = "noyes" ; then
+ AC_MSG_ERROR([libsemanage not found])
+ fi
+
+ if test "$selinux_lib$semanage_lib" == "yesyes" ; then
+ AC_DEFINE(WITH_SELINUX, 1,
+ [Build shadow with SELinux support])
+ LIBSELINUX="-lselinux"
+ LIBSEMANAGE="-lsemanage"
+ with_selinux="yes"
+ else
+ with_selinux="no"
+ fi
+ else
+ with_selinux="no"
+ fi
+fi
+
+AC_SUBST(LIBTCB)
+if test "$with_tcb" != "no"; then
+ AC_CHECK_HEADERS(tcb.h, [tcb_header="yes"], [tcb_header="no"])
+ if test "$tcb_header$with_tcb" = "noyes" ; then
+ AC_MSG_ERROR([tcb.h is missing])
+ elif test "$tcb_header" = "yes" ; then
+ AC_CHECK_LIB(tcb, tcb_is_suspect, [tcb_lib="yes"], [tcb_lib="no"])
+ if test "$tcb_lib$with_tcb" = "noyes" ; then
+ AC_MSG_ERROR([libtcb not found])
+ elif test "$tcb_lib" = "no" ; then
+ with_tcb="no"
+ else
+ AC_DEFINE(WITH_TCB, 1, [Build shadow with tcb support (incomplete)])
+ LIBTCB="-ltcb"
+ with_tcb="yes"
+ fi
+ else
+ with_tcb="no"
+ fi
+fi
+AM_CONDITIONAL(WITH_TCB, test x$with_tcb = xyes)
+
+AC_SUBST(LIBPAM)
+if test "$with_libpam" != "no"; then
+ AC_CHECK_LIB(pam, pam_start,
+ [pam_lib="yes"], [pam_lib="no"])
+ if test "$pam_lib$with_libpam" = "noyes" ; then
+ AC_MSG_ERROR(libpam not found)
+ fi
+
+ LIBPAM="-lpam"
+ pam_conv_function="no"
+
+ AC_CHECK_LIB(pam, openpam_ttyconv,
+ [pam_conv_function="openpam_ttyconv"],
+ AC_CHECK_LIB(pam_misc, misc_conv,
+ [pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc"])
+ )
+
+ if test "$pam_conv_function$with_libpam" = "noyes" ; then
+ AC_MSG_ERROR(PAM conversation function not found)
+ fi
+
+ pam_headers_found=no
+ AC_CHECK_HEADERS( [security/openpam.h security/pam_misc.h],
+ [ pam_headers_found=yes ; break ], [],
+ [ #include <security/pam_appl.h> ] )
+ if test "$pam_headers_found$with_libpam" = "noyes" ; then
+ AC_MSG_ERROR(PAM headers not found)
+ fi
+
+
+ if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then
+ with_libpam="yes"
+ else
+ with_libpam="no"
+ unset LIBPAM
+ fi
+fi
+dnl Now with_libpam is either yes or no
+if test "$with_libpam" = "yes"; then
+ AC_CHECK_DECLS([PAM_ESTABLISH_CRED,
+ PAM_DELETE_CRED,
+ PAM_NEW_AUTHTOK_REQD,
+ PAM_DATA_SILENT],
+ [], [], [#include <security/pam_appl.h>])
+
+
+ save_libs=$LIBS
+ LIBS="$LIBS $LIBPAM"
+ # We do not use AC_CHECK_FUNCS to avoid duplicated definition with
+ # Linux PAM.
+ AC_CHECK_FUNC(pam_fail_delay, [AC_DEFINE(HAS_PAM_FAIL_DELAY, 1, [Define to 1 if you have the declaration of 'pam_fail_delay'])])
+ LIBS=$save_libs
+
+ AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules])
+ AC_DEFINE_UNQUOTED(SHADOW_PAM_CONVERSATION, [$pam_conv_function],[PAM converstation to use])
+ AM_CONDITIONAL(USE_PAM, [true])
+
+ AC_MSG_CHECKING(use login and su access checking if PAM not used)
+ AC_MSG_RESULT(no)
+else
+ AC_DEFINE(SU_ACCESS, 1, [Define to support /etc/suauth su access control.])
+ AM_CONDITIONAL(USE_PAM, [false])
+ AC_MSG_CHECKING(use login and su access checking if PAM not used)
+ AC_MSG_RESULT(yes)
+fi
+
+if test "$enable_acct_tools_setuid" != "no"; then
+ if test "$with_libpam" != "yes"; then
+ if test "$enable_acct_tools_setuid" = "yes"; then
+ AC_MSG_ERROR(PAM support is required for --enable-account-tools-setuid)
+ else
+ enable_acct_tools_setuid="no"
+ fi
+ else
+ enable_acct_tools_setuid="yes"
+ fi
+ if test "$enable_acct_tools_setuid" = "yes"; then
+ AC_DEFINE(ACCT_TOOLS_SETUID,
+ 1,
+ [Define if account management tools should be installed setuid and authenticate the callers])
+ fi
+fi
+AM_CONDITIONAL(ACCT_TOOLS_SETUID, test "x$enable_acct_tools_setuid" = "xyes")
+
+AC_SUBST(LIBSKEY)
+AC_SUBST(LIBMD)
+if test "$with_skey" = "yes"; then
+ AC_CHECK_LIB(md, MD5Init, [LIBMD=-lmd])
+ AC_CHECK_LIB(skey, skeychallenge, [LIBSKEY=-lskey],
+ [AC_MSG_ERROR([liskey missing. You can download S/Key source code from http://rsync1.it.gentoo.org/gentoo/distfiles/skey-1.1.5.tar.bz2])])
+ AC_DEFINE(SKEY, 1, [Define to support S/Key logins.])
+ AC_TRY_COMPILE([
+ #include <stdio.h>
+ #include <skey.h>
+ ],[
+ skeychallenge((void*)0, (void*)0, (void*)0, 0);
+ ],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])])
+fi
+
+if test "$enable_utmpx" = "yes"; then
+ if test "$ac_cv_header_utmpx_h" != "yes"; then
+ AC_MSG_ERROR([The utmpx.h header file is required for utmpx support.])
+ fi
+ AC_DEFINE(USE_UTMPX,
+ 1,
+ [Define if utmpx should be used])
+fi
+
+AC_DEFINE_UNQUOTED(SHELL, ["$SHELL"], [The default shell.])
+
+AM_GNU_GETTEXT_VERSION(0.16)
+AM_GNU_GETTEXT([external], [need-ngettext])
+AM_CONDITIONAL(USE_NLS, test "x$USE_NLS" = "xyes")
+
+AC_CONFIG_FILES([
+ Makefile
+ po/Makefile.in
+ doc/Makefile
+ man/Makefile
+ man/config.xml
+ man/po/Makefile
+ man/cs/Makefile
+ man/da/Makefile
+ man/de/Makefile
+ man/es/Makefile
+ man/fi/Makefile
+ man/fr/Makefile
+ man/hu/Makefile
+ man/id/Makefile
+ man/it/Makefile
+ man/ja/Makefile
+ man/ko/Makefile
+ man/pl/Makefile
+ man/pt_BR/Makefile
+ man/ru/Makefile
+ man/sv/Makefile
+ man/tr/Makefile
+ man/zh_CN/Makefile
+ man/zh_TW/Makefile
+ libmisc/Makefile
+ lib/Makefile
+ src/Makefile
+ contrib/Makefile
+ etc/Makefile
+ etc/pam.d/Makefile
+ shadow.spec
+])
+AC_OUTPUT
+
+echo
+echo "shadow will be compiled with the following features:"
+echo
+echo " auditing support: $with_audit"
+echo " CrackLib support: $with_libcrack"
+echo " PAM support: $with_libpam"
+if test "$with_libpam" = "yes"; then
+echo " suid account management tools: $enable_acct_tools_setuid"
+fi
+echo " SELinux support: $with_selinux"
+echo " ACL support: $with_acl"
+echo " Extended Attributes support: $with_attr"
+echo " tcb support (incomplete): $with_tcb"
+echo " shadow group support: $enable_shadowgrp"
+echo " S/Key support: $with_skey"
+echo " SHA passwords encryption: $with_sha_crypt"
+echo " nscd support: $with_nscd"
+echo " subordinate IDs support: $enable_subids"
+echo
diff --git a/contrib/Makefile.am b/contrib/Makefile.am
new file mode 100644
index 0000000..2c3160e
--- /dev/null
+++ b/contrib/Makefile.am
@@ -0,0 +1,6 @@
+# This is a dummy Makefile.am to get automake work flawlessly,
+# and also cooperate to make a distribution for `make dist'
+
+EXTRA_DIST = README adduser.c adduser-old.c adduser.sh adduser2.sh \
+ atudel groupmems.shar pwdauth.c shadow-anonftp.patch \
+ udbachk.tgz
diff --git a/contrib/README b/contrib/README
new file mode 100644
index 0000000..c4d1bc0
--- /dev/null
+++ b/contrib/README
@@ -0,0 +1,10 @@
+People keep sending various adduser programs and scripts... They are
+all in this directory. I haven't tested them, use at your own risk.
+Anyway, the best one I've seen so far is adduser-3.x from Debian.
+
+atudel is a perl script to remove at jobs owned by the specified user
+(atrm in at-2.9 for Linux can't do that).
+
+udbachk.tgz is a passwd/group/shadow file integrity checker.
+
+--marekm
diff --git a/contrib/adduser-old.c b/contrib/adduser-old.c
new file mode 100644
index 0000000..0b2080e
--- /dev/null
+++ b/contrib/adduser-old.c
@@ -0,0 +1,300 @@
+/****
+** 03/17/96
+** hacked a bit more, removed unused code, cleaned up for gcc -Wall.
+** --marekm
+**
+** 02/26/96
+** modified to call shadow utils (useradd,chage,passwd) on shadowed
+** systems - Cristian Gafton, gafton@sorosis.ro
+**
+** 6/27/95
+** shadow-adduser 1.4:
+**
+** now it copies the /etc/skel dir into the person's dir,
+** makes the mail folders, changed some defaults and made a 'make
+** install' just for the hell of it.
+**
+** Greg Gallagher
+** CIN.Net
+**
+** 1/28/95
+** shadow-adduser 1.3:
+**
+** Basically a bug-fix on my additions in 1.2. Thanx to Terry Stewart
+** (stew@texas.net) for pointing out one of the many idiotic bugs I introduced.
+** It was such a stupid bug that I would have never seen it myself.
+**
+** Brandon
+*****
+** 01/27/95
+**
+** shadow-adduser 1.2:
+** I took the C source from adduser-shadow (credits are below) and made
+** it a little more worthwhile. Many small changes... Here's
+** the ones I can remember:
+**
+** Removed support for non-shadowed systems (if you don't have shadow,
+** use the original adduser, don't get this shadow version!)
+** Added support for the correct /etc/shadow fields (Min days before
+** password change, max days before password change, Warning days,
+** and how many days from expiry date does the account go invalid)
+** The previous version just left all of those fields blank.
+** There is still one field left (expiry date for the account, period)
+** which I have left blank because I do not use it and didn't want to
+** spend any more time on this. I'm sure someone will put it in and
+** tack another plethora of credits on here. :)
+** Added in the password date field, which should always reflect the last
+** date the password was changed, for expiry purposes. "passwd" always
+** updates this field, so the adduser program should set it up right
+** initially (or a user could keep thier initial password forever ;)
+** The number is in days since Jan 1st, 1970.
+**
+** Have fun with it, and someone please make
+** a real version(this is still just a hack)
+** for us all to use (and Email it to me???)
+**
+** Brandon
+** photon@usis.com
+**
+*****
+** adduser 1.0: add a new user account (For systems not using shadow)
+** With a nice little interface and a will to do all the work for you.
+**
+** Craig Hagan
+** hagan@opine.cs.umass.edu
+**
+** Modified to really work, look clean, and find unused uid by Chris Cappuccio
+** chris@slinky.cs.umass.edu
+**
+*****
+**
+** 01/19/95
+**
+** FURTHER modifications to enable shadow passwd support (kludged, but
+** no more so than the original) by Dan Crowson - dcrowson@mo.net
+**
+** Search on DAN for all changes...
+**
+*****
+**
+** cc -O -o adduser adduser.c
+** Use gcc if you have it... (political reasons beyond my control) (chris)
+**
+** I've gotten this program to work with success under Linux (without
+** shadow) and SunOS 4.1.3. I would assume it should work pretty well
+** on any system that uses no shadow. (chris)
+**
+** If you have no crypt() then try
+** cc -DNO_CRYPT -O -o adduser adduser.c xfdes.c
+** I'm not sure how login operates with no crypt()... I guess
+** the same way we're doing it here.
+*/
+
+#include <pwd.h>
+#include <grp.h>
+#include <ctype.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/timeb.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+
+#define DEFAULT_SHELL "/bin/bash" /* because BASH is your friend */
+#define DEFAULT_HOME "/home"
+#define USERADD_PATH "/usr/sbin/useradd"
+#define CHAGE_PATH "/usr/sbin/chage"
+#define PASSWD_PATH "/usr/bin/passwd"
+#define DEFAULT_GROUP 100
+
+#define DEFAULT_MAX_PASS 60
+#define DEFAULT_WARN_PASS 10
+/* if you use this feature, you will get a lot of complaints from users
+ who rarely use their accounts :) (something like 3 months would be
+ more reasonable) --marekm */
+#define DEFAULT_USER_DIE /* 10 */ 0
+
+void main()
+{
+ char foo[32];
+ char uname[9],person[32],dir[32],shell[32];
+ unsigned int group,min_pass,max_pass,warn_pass,user_die;
+ /* the group and uid of the new user */
+ int bad=0,done=0,correct=0,gets_warning=0;
+ char cmd[255];
+ struct group *grp;
+
+ /* flags, in order:
+ * bad to see if the username is in /etc/passwd, or if strange stuff has
+ * been typed if the user might be put in group 0
+ * done allows the program to exit when a user has been added
+ * correct loops until a password is found that isn't in /etc/passwd
+ * gets_warning allows the fflush to be skipped for the first gets
+ * so that output is still legible
+ */
+
+ /* The real program starts HERE! */
+
+ if(geteuid()!=0)
+ {
+ printf("It seems you don't have access to add a new user. Try\n");
+ printf("logging in as root or su root to gain super-user access.\n");
+ exit(1);
+ }
+
+ /* Sanity checks
+ */
+
+ if (!(grp=getgrgid(DEFAULT_GROUP))){
+ printf("Error: the default group %d does not exist on this system!\n",
+ DEFAULT_GROUP);
+ printf("adduser must be recompiled.\n");
+ exit(1);
+ };
+
+ while(!correct) { /* loop until a "good" uname is chosen */
+ while(!done) {
+ printf("\nLogin to add (^C to quit): ");
+ if(gets_warning) /* if the warning was already shown */
+ fflush(stdout); /* fflush stdout, otherwise set the flag */
+ else
+ gets_warning=1;
+
+ gets(uname);
+ if(!strlen(uname)) {
+ printf("Empty input.\n");
+ done=0;
+ continue;
+ };
+
+ /* what I saw here before made me think maybe I was running DOS */
+ /* might this be a solution? (chris) */
+ if (getpwnam(uname) != NULL) {
+ printf("That name is in use, choose another.\n");
+ done=0;
+ } else
+ done=1;
+ }; /* done, we have a valid new user name */
+
+ /* all set, get the rest of the stuff */
+ printf("\nEditing information for new user [%s]\n",uname);
+
+ printf("\nFull Name [%s]: ",uname);
+ gets(person);
+ if (!strlen(person)) {
+ bzero(person,sizeof(person));
+ strcpy(person,uname);
+ };
+
+ do {
+ bad=0;
+ printf("GID [%d]: ",DEFAULT_GROUP);
+ gets(foo);
+ if (!strlen(foo))
+ group=DEFAULT_GROUP;
+ else
+ if (isdigit (*foo)) {
+ group = atoi(foo);
+ if (! (grp = getgrgid (group))) {
+ printf("unknown gid %s\n",foo);
+ group=DEFAULT_GROUP;
+ bad=1;
+ };
+ } else
+ if ((grp = getgrnam (foo)))
+ group = grp->gr_gid;
+ else {
+ printf("unknown group %s\n",foo);
+ group=DEFAULT_GROUP;
+ bad=1;
+ }
+ if (group==0){ /* You're not allowed to make root group users! */
+ printf("Creation of root group users not allowed (must be done by hand)\n");
+ group=DEFAULT_GROUP;
+ bad=1;
+ };
+ } while(bad);
+
+
+ fflush(stdin);
+
+ printf("\nIf home dir ends with a / then [%s] will be appended to it\n",uname);
+ printf("Home Directory [%s/%s]: ",DEFAULT_HOME,uname);
+ fflush(stdout);
+ gets(dir);
+ if (!strlen(dir)) { /* hit return */
+ sprintf(dir,"%s/%s",DEFAULT_HOME,uname);
+ fflush(stdin);
+ } else
+ if (dir[strlen(dir)-1]=='/')
+ sprintf(dir+strlen(dir),"%s",uname);
+
+ printf("\nShell [%s]: ",DEFAULT_SHELL);
+ fflush(stdout);
+ gets(shell);
+ if (!strlen(shell))
+ sprintf(shell,"%s",DEFAULT_SHELL);
+
+ printf("\nMin. Password Change Days [0]: ");
+ gets(foo);
+ min_pass=atoi(foo);
+
+ printf("Max. Password Change Days [%d]: ",DEFAULT_MAX_PASS);
+ gets(foo);
+ if (strlen(foo) > 1)
+ max_pass = atoi(foo);
+ else
+ max_pass = DEFAULT_MAX_PASS;
+
+ printf("Password Warning Days [%d]: ",DEFAULT_WARN_PASS);
+ gets(foo);
+ warn_pass = atoi(foo);
+ if (warn_pass==0)
+ warn_pass = DEFAULT_WARN_PASS;
+
+ printf("Days after Password Expiry for Account Locking [%d]: ",DEFAULT_USER_DIE);
+ gets(foo);
+ user_die = atoi(foo);
+ if (user_die == 0)
+ user_die = DEFAULT_USER_DIE;
+
+ printf("\nInformation for new user [%s] [%s]:\n",uname,person);
+ printf("Home directory: [%s] Shell: [%s]\n",dir,shell);
+ printf("GID: [%d]\n",group);
+ printf("MinPass: [%d] MaxPass: [%d] WarnPass: [%d] UserExpire: [%d]\n",
+ min_pass,max_pass,warn_pass,user_die);
+ printf("\nIs this correct? [y/N]: ");
+ fflush(stdout);
+ gets(foo);
+
+ done=bad=correct=(foo[0]=='y'||foo[0]=='Y');
+
+ if(bad!=1)
+ printf("\nUser [%s] not added\n",uname);
+ }
+
+ bzero(cmd,sizeof(cmd));
+ sprintf(cmd,"%s -g %d -d %s -s %s -c \"%s\" -m -k /etc/skel %s",
+ USERADD_PATH,group,dir,shell,person,uname);
+ printf("Calling useradd to add new user:\n%s\n",cmd);
+ if(system(cmd)){
+ printf("User add failed!\n");
+ exit(errno);
+ };
+ bzero(cmd,sizeof(cmd));
+ sprintf(cmd,"%s -m %d -M %d -W %d -I %d %s", CHAGE_PATH,
+ min_pass,max_pass,warn_pass,user_die,uname);
+ printf("%s\n",cmd);
+ if(system(cmd)){
+ printf("There was an error setting password expire values\n");
+ exit(errno);
+ };
+ bzero(cmd,sizeof(cmd));
+ sprintf(cmd,"%s %s",PASSWD_PATH,uname);
+ system(cmd);
+ printf("\nDone.\n");
+}
+
diff --git a/contrib/adduser.c b/contrib/adduser.c
new file mode 100644
index 0000000..88596b0
--- /dev/null
+++ b/contrib/adduser.c
@@ -0,0 +1,502 @@
+/****
+** 04/21/96
+** hacked even more, replaced gets() with something slightly harder to buffer
+** overflow. Added support for setting a default quota on new account, with
+** edquota -p. Other cleanups for security, I let some users run adduser suid
+** root to add new accounts. (overflow checks, clobber environment, valid
+** shell checks, restrictions on gid + home dir settings).
+
+** Added max. username length. Used syslog() a bit for important events.
+** Support to immediately expire account with passwd -e.
+
+** Called it version 2.0! Because I felt like it!
+
+** -- Chris, chris@ferret.lmh.ox.ac.uk
+
+** 03/17/96
+** hacked a bit more, removed unused code, cleaned up for gcc -Wall.
+** --marekm
+**
+** 02/26/96
+** modified to call shadow utils (useradd,chage,passwd) on shadowed
+** systems - Cristian Gafton, gafton@sorosis.ro
+**
+** 6/27/95
+** shadow-adduser 1.4:
+**
+** now it copies the /etc/skel dir into the person's dir,
+** makes the mail folders, changed some defaults and made a 'make
+** install' just for the hell of it.
+**
+** Greg Gallagher
+** CIN.Net
+**
+** 1/28/95
+** shadow-adduser 1.3:
+**
+** Basically a bug-fix on my additions in 1.2. Thanx to Terry Stewart
+** (stew@texas.net) for pointing out one of the many idiotic bugs I introduced.
+** It was such a stupid bug that I would have never seen it myself.
+**
+** Brandon
+*****
+** 01/27/95
+**
+** shadow-adduser 1.2:
+** I took the C source from adduser-shadow (credits are below) and made
+** it a little more worthwhile. Many small changes... Here's
+** the ones I can remember:
+**
+** Removed support for non-shadowed systems (if you don't have shadow,
+** use the original adduser, don't get this shadow version!)
+** Added support for the correct /etc/shadow fields (Min days before
+** password change, max days before password change, Warning days,
+** and how many days from expiry date does the account go invalid)
+** The previous version just left all of those fields blank.
+** There is still one field left (expiry date for the account, period)
+** which I have left blank because I do not use it and didn't want to
+** spend any more time on this. I'm sure someone will put it in and
+** tack another plethora of credits on here. :)
+** Added in the password date field, which should always reflect the last
+** date the password was changed, for expiry purposes. "passwd" always
+** updates this field, so the adduser program should set it up right
+** initially (or a user could keep thier initial password forever ;)
+** The number is in days since Jan 1st, 1970.
+**
+** Have fun with it, and someone please make
+** a real version(this is still just a hack)
+** for us all to use (and Email it to me???)
+**
+** Brandon
+** photon@usis.com
+**
+*****
+** adduser 1.0: add a new user account (For systems not using shadow)
+** With a nice little interface and a will to do all the work for you.
+**
+** Craig Hagan
+** hagan@opine.cs.umass.edu
+**
+** Modified to really work, look clean, and find unused uid by Chris Cappuccio
+** chris@slinky.cs.umass.edu
+**
+*****
+**
+** 01/19/95
+**
+** FURTHER modifications to enable shadow passwd support (kludged, but
+** no more so than the original) by Dan Crowson - dcrowson@mo.net
+**
+** Search on DAN for all changes...
+**
+*****
+**
+** cc -O -o adduser adduser.c
+** Use gcc if you have it... (political reasons beyond my control) (chris)
+**
+** I've gotten this program to work with success under Linux (without
+** shadow) and SunOS 4.1.3. I would assume it should work pretty well
+** on any system that uses no shadow. (chris)
+**
+** If you have no crypt() then try
+** cc -DNO_CRYPT -O -o adduser adduser.c xfdes.c
+** I'm not sure how login operates with no crypt()... I guess
+** the same way we're doing it here.
+*/
+
+#include <unistd.h>
+#include <stdlib.h>
+#include <pwd.h>
+#include <grp.h>
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/timeb.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+#include <syslog.h>
+
+#define IMMEDIATE_CHANGE /* Expire newly created password, must be changed
+ * immediately upon next login */
+#define HAVE_QUOTAS /* Obvious */
+#define EXPIRE_VALS_SET /* If defined, 'normal' users can't change
+ * password expiry values (if running suid root) */
+
+#define HAVE_GETUSERSHELL /* FIXME: Isn't this defined in config.h too? */
+#define LOGGING /* If we want to log various things to syslog */
+#define MAX_USRNAME 8 /* Longer usernames seem to work on my system....
+ * But they're probably a poor idea */
+
+
+#define DEFAULT_SHELL "/bin/bash" /* because BASH is your friend */
+#define DEFAULT_HOME "/home"
+#define USERADD_PATH "/usr/sbin/useradd"
+#define CHAGE_PATH "/usr/bin/chage"
+#define PASSWD_PATH "/usr/bin/passwd"
+#define EDQUOTA_PATH "/usr/sbin/edquota"
+#define QUOTA_DEFAULT "defuser"
+#define DEFAULT_GROUP 100
+
+#define DEFAULT_MIN_PASS 0
+#define DEFAULT_MAX_PASS 100
+#define DEFAULT_WARN_PASS 14
+#define DEFAULT_USER_DIE 366
+
+void safeget (char *, int);
+
+void
+main (void)
+{
+ char foo[32];
+ char usrname[32], person[32], dir[32], shell[32];
+ unsigned int group, min_pass, max_pass, warn_pass, user_die;
+ /* the group and uid of the new user */
+ int bad = 0, done = 0, correct = 0, olduid;
+ char cmd[255];
+ struct group *grp;
+
+ /* flags, in order:
+ * bad to see if the username is in /etc/passwd, or if strange stuff has
+ * been typed if the user might be put in group 0
+ * done allows the program to exit when a user has been added
+ * correct loops until a username is found that isn't in /etc/passwd
+ */
+
+ /* The real program starts HERE! */
+
+ if (geteuid () != 0)
+ {
+ printf ("It seems you don't have access to add a new user. Try\n");
+ printf ("logging in as root or su root to gain superuser access.\n");
+ exit (1);
+ }
+
+ /* Sanity checks
+ */
+
+#ifdef LOGGING
+ openlog ("adduser", LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH);
+ syslog (LOG_INFO, "invoked by user %s\n", getpwuid (getuid ())->pw_name);
+#endif
+
+ if (!(grp = getgrgid (DEFAULT_GROUP)))
+ {
+ printf ("Error: the default group %d does not exist on this system!\n",
+ DEFAULT_GROUP);
+ printf ("adduser must be recompiled.\n");
+#ifdef LOGGING
+ syslog (LOG_ERR, "warning: failed. no such default group\n");
+ closelog ();
+#endif
+ exit (1);
+ };
+
+ while (!correct)
+ { /* loop until a "good" usrname is chosen */
+ while (!done)
+ {
+ printf ("\nLogin to add (^C to quit): ");
+ fflush (stdout);
+
+ safeget (usrname, sizeof (usrname));
+
+ if (!strlen (usrname))
+ {
+ printf ("Empty input.\n");
+ done = 0;
+ continue;
+ };
+
+ /* what I saw here before made me think maybe I was running DOS */
+ /* might this be a solution? (chris) */
+ if (strlen (usrname) > MAX_USRNAME)
+ {
+ printf ("That name is longer than the maximum of %d characters. Choose another.\n", MAX_USRNAME);
+ done = 0;
+ }
+ else if (getpwnam (usrname) != NULL)
+ {
+ printf ("That name is in use, choose another.\n");
+ done = 0;
+ }
+ else if (strchr (usrname, ' ') != NULL)
+ {
+ printf ("No spaces in username!!\n");
+ done = 0;
+ }
+ else
+ done = 1;
+ }; /* done, we have a valid new user name */
+
+ /* all set, get the rest of the stuff */
+ printf ("\nEditing information for new user [%s]\n", usrname);
+
+ printf ("\nFull Name [%s]: ", usrname);
+ fflush (stdout);
+ safeget (person, sizeof (person));
+ if (!strlen (person))
+ {
+ bzero (person, sizeof (person));
+ strcpy (person, usrname);
+ };
+
+ if (getuid () == 0)
+ {
+ do
+ {
+ bad = 0;
+ printf ("GID [%d]: ", DEFAULT_GROUP);
+ fflush (stdout);
+ safeget (foo, sizeof (foo));
+ if (!strlen (foo))
+ group = DEFAULT_GROUP;
+ else if (isdigit (*foo))
+ {
+ group = atoi (foo);
+ if (!(grp = getgrgid (group)))
+ {
+ printf ("unknown gid %s\n", foo);
+ group = DEFAULT_GROUP;
+ bad = 1;
+ };
+ }
+ else if ((grp = getgrnam (foo)))
+ group = grp->gr_gid;
+ else
+ {
+ printf ("unknown group %s\n", foo);
+ group = DEFAULT_GROUP;
+ bad = 1;
+ }
+ if (group == 0)
+ { /* You're not allowed to make root group users! */
+ printf ("Creation of root group users not allowed (must be done by hand)\n");
+ group = DEFAULT_GROUP;
+ bad = 1;
+ };
+ }
+ while (bad);
+ }
+ else
+ {
+ printf ("Group will be default of: %d\n", DEFAULT_GROUP);
+ group = DEFAULT_GROUP;
+ }
+
+ if (getuid () == 0)
+ {
+ printf ("\nIf home dir ends with a / then '%s' will be appended to it\n", usrname);
+ printf ("Home Directory [%s/%s]: ", DEFAULT_HOME, usrname);
+ fflush (stdout);
+ safeget (dir, sizeof (dir));
+ if (!strlen (dir))
+ { /* hit return */
+ sprintf (dir, "%s/%s", DEFAULT_HOME, usrname);
+ }
+ else if (dir[strlen (dir) - 1] == '/')
+ sprintf (dir+strlen(dir), "%s", usrname);
+ }
+ else
+ {
+ printf ("\nHome directory will be %s/%s\n", DEFAULT_HOME, usrname);
+ sprintf (dir, "%s/%s", DEFAULT_HOME, usrname);
+ }
+
+ printf ("\nShell [%s]: ", DEFAULT_SHELL);
+ fflush (stdout);
+ safeget (shell, sizeof (shell));
+ if (!strlen (shell))
+ sprintf (shell, "%s", DEFAULT_SHELL);
+ else
+ {
+ char *sh;
+ int ok = 0;
+#ifdef HAVE_GETUSERSHELL
+ setusershell ();
+ while ((sh = getusershell ()) != NULL)
+ if (!strcmp (shell, sh))
+ ok = 1;
+ endusershell ();
+#endif
+ if (!ok)
+ {
+ if (getuid () == 0)
+ printf ("Warning: root allowed non standard shell\n");
+ else
+ {
+ printf ("Shell NOT in /etc/shells, DEFAULT used\n");
+ sprintf (shell, "%s", DEFAULT_SHELL);
+ }
+ }
+ }
+
+#ifdef EXPIRE_VALS_SET
+ if (getuid () == 0)
+ {
+#endif
+ printf ("\nMin. Password Change Days [%d]: ", DEFAULT_MIN_PASS);
+ fflush (stdout);
+ safeget (foo, sizeof (foo));
+ if (strlen (foo) > 1)
+ min_pass = DEFAULT_MIN_PASS;
+ else
+ min_pass = atoi (foo);
+
+ printf ("Max. Password Change Days [%d]: ", DEFAULT_MAX_PASS);
+ fflush (stdout);
+ safeget (foo, sizeof (foo));
+ if (strlen (foo) > 1)
+ max_pass = atoi (foo);
+ else
+ max_pass = DEFAULT_MAX_PASS;
+
+ printf ("Password Warning Days [%d]: ", DEFAULT_WARN_PASS);
+ fflush (stdout);
+ safeget (foo, sizeof (foo));
+ warn_pass = atoi (foo);
+ if (warn_pass == 0)
+
+ warn_pass = DEFAULT_WARN_PASS;
+
+ printf ("Days after Password Expiry for Account Locking [%d]: ", DEFAULT_USER_DIE);
+ fflush (stdout);
+ safeget (foo, sizeof (foo));
+ user_die = atoi (foo);
+ if (user_die == 0)
+ user_die = DEFAULT_USER_DIE;
+
+#ifdef EXPIRE_VALS_SET
+ }
+ else
+ {
+ printf ("\nSorry, account expiry values are set.\n");
+ user_die = DEFAULT_USER_DIE;
+ warn_pass = DEFAULT_WARN_PASS;
+ max_pass = DEFAULT_MAX_PASS;
+ min_pass = DEFAULT_MIN_PASS;
+ }
+#endif
+
+ printf ("\nInformation for new user [%s] [%s]:\n", usrname, person);
+ printf ("Home directory: [%s] Shell: [%s]\n", dir, shell);
+ printf ("GID: [%d]\n", group);
+ printf ("MinPass: [%d] MaxPass: [%d] WarnPass: [%d] UserExpire: [%d]\n",
+ min_pass, max_pass, warn_pass, user_die);
+ printf ("\nIs this correct? [y/N]: ");
+ fflush (stdout);
+ safeget (foo, sizeof (foo));
+
+ done = bad = correct = (foo[0] == 'y' || foo[0] == 'Y');
+
+ if (bad != 1)
+ printf ("\nUser [%s] not added\n", usrname);
+ }
+
+ /* Clobber the environment, I run this suid root sometimes to let
+ * non root privileged accounts add users --chris */
+
+ *environ = NULL;
+
+ bzero (cmd, sizeof (cmd));
+ sprintf (cmd, "%s -g %d -d %s -s %s -c \"%s\" -m -k /etc/skel %s",
+ USERADD_PATH, group, dir, shell, person, usrname);
+ printf ("Calling useradd to add new user:\n%s\n", cmd);
+ if (system (cmd))
+ {
+ printf ("User add failed!\n");
+#ifdef LOGGING
+ syslog (LOG_ERR, "could not add new user\n");
+ closelog ();
+#endif
+ exit (errno);
+ };
+
+ olduid = getuid (); /* chage, passwd, edquota etc. require ruid = root
+ */
+ setuid (0);
+
+ bzero (cmd, sizeof (cmd));
+
+ /* Chage runs suid root. => we need ruid root to run it with
+ * anything other than chage -l
+ */
+
+ sprintf (cmd, "%s -m %d -M %d -W %d -I %d %s", CHAGE_PATH,
+ min_pass, max_pass, warn_pass, user_die, usrname);
+ printf ("%s\n", cmd);
+ if (system (cmd))
+ {
+ printf ("There was an error setting password expire values\n");
+#ifdef LOGGING
+ syslog (LOG_ERR, "password expire values could not be set\n");
+#endif
+ };
+
+ /* I want to add a user completely with one easy command --chris */
+
+#ifdef HAVE_QUOTAS
+ bzero (cmd, sizeof (cmd));
+ sprintf (cmd, "%s -p %s -u %s", EDQUOTA_PATH, QUOTA_DEFAULT, usrname);
+ printf ("%s\n", cmd);
+ if (system (cmd))
+ {
+ printf ("\nWarning: error setting quota\n");
+#ifdef LOGGING
+ syslog (LOG_ERR, "warning: account created but NO quotas set!\n");
+#endif /* LOGGING */
+ }
+ else
+ printf ("\nDefault quota set.\n");
+#endif /* HAVE_QUOTAS */
+
+ bzero (cmd, sizeof (cmd));
+ sprintf (cmd, "%s %s", PASSWD_PATH, usrname);
+ if (system (cmd))
+ {
+ printf ("\nWarning: error setting password\n");
+#ifdef LOGGING
+ syslog (LOG_ERR, "warning: password set failed!\n");
+#endif
+ }
+#ifdef IMMEDIATE_CHANGE
+ bzero (cmd, sizeof (cmd));
+ sprintf (cmd, "%s -e %s", PASSWD_PATH, usrname);
+ if (system (cmd))
+ {
+ printf ("\nWarning: error expiring password\n");
+#ifdef LOGGING
+ syslog (LOG_ERR, "warning: password expire failed!\n");
+#endif /* LOGGING */
+ }
+#endif /* IMMEDIATE_CHANGE */
+
+ setuid (olduid);
+
+#ifdef LOGGING
+ closelog ();
+#endif
+
+ printf ("\nDone.\n");
+}
+
+void
+safeget (char *buf, int maxlen)
+{
+ int c, i = 0, bad = 0;
+ char *bstart = buf;
+ while ((c = getc (stdin)) != EOF && (c != '\n') && (++i < maxlen))
+ {
+ bad = (!isalnum (c) && (c != '_') && (c != ' '));
+ *(buf++) = (char) c;
+ }
+ *buf = '\0';
+
+ if (bad)
+ {
+ printf ("\nString contained banned character. Please stick to alphanumerics.\n");
+ *bstart = '\0';
+ }
+}
+
diff --git a/contrib/adduser.sh b/contrib/adduser.sh
new file mode 100755
index 0000000..0efb27a
--- /dev/null
+++ b/contrib/adduser.sh
@@ -0,0 +1,90 @@
+#!/bin/sh
+# adduser script for use with shadow passwords and useradd command.
+# by Hrvoje Dogan <hdogan@student.math.hr>, Dec 1995.
+
+echo -n "Login name for new user []:"
+read LOGIN
+if [ -z $LOGIN ]
+then echo "Come on, man, you can't leave the login field empty...";exit
+fi
+echo
+echo -n "User id for $LOGIN [ defaults to next available]:"
+read ID
+GUID="-u $ID"
+if [ -z $ID ]
+then GUID=""
+fi
+
+echo
+echo -n "Initial group for $LOGIN [users]:"
+read GID
+GGID="-g $GID"
+if [ -z $GID ]
+then GGID=""
+fi
+
+echo
+echo -n "Additional groups for $LOGIN []:"
+read AGID
+GAGID="-G $AGID"
+if [ -z $AGID ]
+then GAGID=""
+fi
+
+echo
+echo -n "$LOGIN's home directory [/home/$LOGIN]:"
+read HME
+GHME="-d $HME"
+if [ -z $HME ]
+then GHME=""
+fi
+
+echo
+echo -n "$LOGIN's shell [/bin/bash]:"
+read SHL
+GSHL="-s $SHL"
+if [ -z $SHL ]
+then GSHL=""
+fi
+
+echo
+echo -n "$LOGIN's account expiry date (MM/DD/YY) []:"
+read EXP
+GEXP="-e $EXP"
+if [ -z $EXP ]
+then GEXP=""
+fi
+echo
+echo OK, I'm about to make a new account. Here's what you entered so far:
+echo New login name: $LOGIN
+if [ -z $GUID ]
+then echo New UID: [Next available]
+else echo New UID: $UID
+fi
+if [ -z $GGID ]
+then echo Initial group: users
+else echo Initial group: $GID
+fi
+if [ -z $GAGID ]
+then echo Additional groups: [none]
+else echo Additional groups: $AGID
+fi
+if [ -z $GHME ]
+then echo Home directory: /home/$LOGIN
+else echo Home directory: $HME
+fi
+if [ -z $GSHL ]
+then echo Shell: /bin/bash
+else echo Shell: $SHL
+fi
+if [ -z $GEXP ]
+then echo Expiry date: [no expiration]
+else echo Expiry date: $EXP
+fi
+echo "This is it... if you want to bail out, you'd better do it now."
+read FOO
+echo Making new account...
+/usr/sbin/useradd $GHME -m $GEXP $GGID $GAGID $GSHL $GUID $LOGIN
+/usr/bin/chfn $LOGIN
+/usr/bin/passwd $LOGIN
+echo "Done..."
diff --git a/contrib/adduser2.sh b/contrib/adduser2.sh
new file mode 100755
index 0000000..a2b36b2
--- /dev/null
+++ b/contrib/adduser2.sh
@@ -0,0 +1,743 @@
+#!/bin/bash
+#
+# adduser Interactive user adding program.
+#
+# Copyright (C) 1996 Petri Mattila, Prihateam Networks
+# petri@prihateam.fi
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# Changes:
+# 220496 v0.01 Initial version
+# 230496 v0.02 More checks, embolden summary
+# 240496 Even more checks
+# 250496 Help with ?
+# 040596 v0.03 Cleanups
+# 050596 v0.04 Bug fixes, expire date checks
+# 070596 v0.05 Iso-latin-1 names
+#
+
+## Defaults
+
+# default groups
+def_group="users"
+def_other_groups=""
+
+# default home directory
+def_home_dir=/home/users
+
+# default shell
+def_shell=/bin/tcsh
+
+# Defaul expiration date (mm/dd/yy)
+def_expire=""
+
+# default dates
+def_pwd_min=0
+def_pwd_max=90
+def_pwd_warn=14
+def_pwd_iact=14
+
+
+# possible UIDs
+uid_low=1000
+uid_high=64000
+
+# skel directory
+skel=/etc/skel
+
+# default mode for home directory
+def_mode=711
+
+# Regex, that the login name must meet, only ANSI characters
+login_regex='^[0-9a-zA-Z_-]*$'
+
+# Regex, that the user name must meet
+# ANSI version
+##name_regex='^[0-9a-zA-Z_-\ ]*$'
+# ISO-LATIN-1 version
+name_regex='^[0-9a-zA-ZÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöùúûüýþÿ_-\ ]*$'
+
+# set PATH
+export PATH="/bin:/sbin:/usr/bin:/usr/sbin"
+
+# Some special characters
+case "$TERM" in
+ vt*|ansi*|con*|xterm*|linux*)
+ S='' # start embolden
+ E='' # end embolden
+ ;;
+ *)
+ S=''
+ E=''
+ ;;
+esac
+
+
+## Functions
+
+check_root() {
+ if test "$EUID" -ne 0
+ then
+ echo "You must be root to run this program."
+ exit 1
+ fi
+}
+
+check_user() {
+ local usr pwd uid gid name home sh
+
+ cat /etc/passwd | (
+ while IFS=":" read usr pwd uid gid name home sh
+ do
+ if test "$1" = "${usr}"
+ then
+ return 1
+ fi
+ done
+ return 0
+ )
+}
+
+check_group() {
+ local read grp pwd gid members
+
+ cat /etc/group | (
+ while IFS=":" read grp pwd gid members
+ do
+ if test "$1" = "${grp}"
+ then
+ return 1
+ fi
+ done
+ return 0
+ )
+}
+
+check_other_groups() {
+ local grp check IFS
+
+ check="$1"
+ IFS=","
+
+ set ${check}
+ for grp
+ do
+ if check_group "${grp}"
+ then
+ echo "Group ${grp} does not exist."
+ return 1
+ fi
+ done
+ return 0
+}
+
+check_uid() {
+ local usr pwd uid gid name home sh
+
+ cat /etc/passwd | (
+ while IFS=":" read usr pwd uid gid name home sh
+ do
+ if test "$1" = "${uid}"
+ then
+ return 1
+ fi
+ done
+ return 0
+ )
+}
+
+read_yn() {
+ local ans ynd
+
+ ynd="$1"
+
+ while :
+ do
+ read ans
+ case "${ans}" in
+ "") return ${ynd} ;;
+ [nN]) return 1 ;;
+ [yY]) return 0 ;;
+ *) echo -n "Y or N, please ? " ;;
+ esac
+ done
+}
+
+read_login() {
+ echo
+ while :
+ do
+ echo -n "Login: ${def_login:+[${def_login}] }"
+ read login
+
+ if test "${login}" = '?'
+ then
+ less /etc/passwd
+ echo
+ continue
+ fi
+
+ if test -z "${login}" -a -n "${def_login}"
+ then
+ login="${def_login}"
+ echo "Using ${login}"
+ return
+ fi
+
+ if test "${#login}" -gt 8
+ then
+ echo "Login must be at most 8 characters long"
+ continue
+ fi
+
+ if test "${#login}" -lt 2
+ then
+ echo "Login must be at least 2 characters long"
+ continue
+ fi
+
+ if ! expr "${login}" : "${login_regex}" &> /dev/null
+ then
+ echo "Please use letters, numbers and special characters _-,."
+ continue
+ fi
+
+ if ! check_user "${login}"
+ then
+ echo "Username ${login} is already in use"
+ continue
+ fi
+
+ def_login="${login}"
+ return
+ done
+}
+
+read_name () {
+ echo
+ while :
+ do
+ echo -n "Real name: ${def_name:+[${def_name}] }"
+ read name
+
+ if test "${name}" = '?'
+ then
+ less /etc/passwd
+ echo
+ continue
+ fi
+
+ if test -z "${name}" -a -n "${def_name}"
+ then
+ name="${def_name}"
+ echo "Using ${name}"
+ fi
+
+ if test "${#name}" -gt 32
+ then
+ echo "Name should be at most 32 characters long"
+ continue
+ fi
+
+ if ! expr "${name}" : "${name_regex}" &> /dev/null
+ then
+ echo "Please use letters, numbers, spaces and special characters ,._-"
+ continue
+ fi
+
+ def_name="${name}"
+ return
+ done
+}
+
+read_home() {
+ local x
+
+ echo
+ while :
+ do
+ echo -n "Home Directory: [${def_home_dir}/${login}] "
+ read home
+
+ if test -z "${home}"
+ then
+ home="${def_home_dir}/${login}"
+ echo "Using ${home}"
+ fi
+
+ if ! expr "${home}" : '^[0-9a-zA-Z,._-\/]*$' &> /dev/null
+ then
+ echo "Please use letters, numbers, spaces and special characters ,._-/"
+ continue
+ fi
+
+ x="$(basename ${home})"
+ if test "${x}" != "${login}"
+ then
+ echo "Warning: you are about to use different login name and home directory."
+ fi
+
+ x="$(dirname ${home})"
+ if ! test -d "${x}"
+ then
+ echo "Directory ${x} does not exist."
+ echo "If you still want to use it, please make it manually."
+ continue
+ fi
+
+ def_home_dir="${x}"
+ return
+ done
+}
+
+read_shell () {
+ local x
+
+ echo
+ while :
+ do
+ echo -n "Shell: [${def_shell}] "
+ read shell
+
+ if test -z "${shell}"
+ then
+ shell="${def_shell}"
+ echo "Using ${shell}"
+ fi
+
+ for x in $(cat /etc/shells)
+ do
+ if test "${x}" = "${shell}"
+ then
+ def_shell="${shell}"
+ return
+ fi
+ done
+
+ echo "Possible shells are:"
+ cat /etc/shells
+ done
+}
+
+read_group () {
+ echo
+ while :
+ do
+ echo -n "Group: [${def_group}] "
+ read group
+
+ if test -z "${group}"
+ then
+ group="${def_group}"
+ echo "Using ${group}"
+ fi
+
+ if test "${group}" = '?'
+ then
+ less /etc/group
+ echo
+ continue
+ fi
+
+ if check_group "${group}"
+ then
+ echo "Group ${group} does not exist."
+ continue
+ fi
+
+ def_group="${group}"
+ return
+ done
+}
+
+read_other_groups () {
+ echo
+ while :
+ do
+ echo -n "Other groups: [${def_og:-none}] "
+ read other_groups
+
+ if test "${other_groups}" = '?'
+ then
+ less /etc/group
+ echo
+ continue
+ fi
+
+ if test -z "${other_groups}"
+ then
+ if test -n "${def_og}"
+ then
+ other_groups="${def_og}"
+ echo "Using ${other_groups}"
+ else
+ echo "No other groups"
+ return
+ fi
+ fi
+
+
+ if ! check_other_groups "${other_groups}"
+ then
+ continue
+ fi
+
+ def_og="${other_groups}"
+ return
+ done
+}
+
+read_uid () {
+ echo
+ while :
+ do
+ echo -n "uid: [first free] "
+ read uid
+
+ if test -z "${uid}"
+ then
+ echo "Using first free UID."
+ return
+ fi
+
+ if test "${uid}" = '?'
+ then
+ less /etc/passwd
+ echo
+ continue
+ fi
+
+ if ! expr "${uid}" : '^[0-9]+$' &> /dev/null
+ then
+ echo "Please use numbers only."
+ continue
+ fi
+ if test "${uid}" -lt "${uid_low}"
+ then
+ echo "UID must be greater than ${uid_low}"
+ continue
+ fi
+ if test "${uid}" -gt "${uid_high}"
+ then
+ echo "UID must be smaller than ${uid_high}"
+ continue
+ fi
+ if ! check_uid "${uid}"
+ then
+ echo "UID ${uid} is already in use"
+ continue
+ fi
+
+ return
+ done
+}
+
+read_max_valid_days() {
+ echo
+ while :
+ do
+ echo -en "Maximum days between password changes: [${def_pwd_max}] "
+ read max_days
+
+ if test -z "${max_days}"
+ then
+ max_days="${def_pwd_max}"
+ echo "Using ${max_days}"
+ return
+ fi
+
+ if ! expr "${max_days}" : '^[0-9]+$' &> /dev/null
+ then
+ echo "Please use numbers only."
+ continue
+ fi
+ if test "${max_days}" -lt 7
+ then
+ echo "Warning: you are using a value shorter than a week."
+ fi
+
+ def_pwd_max="${max_days}"
+ return
+ done
+}
+
+read_min_valid_days() {
+ echo
+ while :
+ do
+ echo -en "Minimum days between password changes: [${def_pwd_min}] "
+ read min_days
+
+ if test -z "${min_days}"
+ then
+ min_days="${def_pwd_min}"
+ echo "Using ${min_days}"
+ return
+ fi
+
+ if ! expr "${min_days}" : '^[0-9]+$' &> /dev/null
+ then
+ echo "Please use numbers only."
+ continue
+ fi
+ if test "${min_days}" -gt 7
+ then
+ echo "Warning: you are using a value longer than a week."
+ fi
+
+ def_pwd_min="${min_days}"
+ return
+ done
+}
+
+read_warning_days() {
+ echo
+ while :
+ do
+ echo -en "Number of warning days before password expires: [${def_pwd_warn}] "
+ read warn_days
+
+ if test -z "${warn_days}"
+ then
+ warn_days="${def_pwd_warn}"
+ echo "Using ${warn_days}"
+ fi
+
+ if ! expr "${warn_days}" : '^[0-9]+$' &> /dev/null
+ then
+ echo "Please use numbers only."
+ continue
+ fi
+ if test "${warn_days}" -gt 14
+ then
+ echo "Warning: you are using a value longer than two week."
+ fi
+
+ def_pwd_warn="${warn_days}"
+ return
+ done
+}
+
+
+read_inactive_days() {
+ echo
+ while :
+ do
+ echo -en "Number of usable days after expiration: [${def_pwd_iact}] "
+ read iact_days
+
+ if test -z "${iact_days}"
+ then
+ iact_days="${def_pwd_iact}"
+ echo "Using ${iact_days}"
+ return
+ fi
+ if ! expr "${iact_days}" : '^[0-9]+$' &> /dev/null
+ then
+ echo "Please use numbers only."
+ continue
+ fi
+ if test "${iact_days}" -gt 14
+ then
+ echo "Warning: you are using a value that is more than two weeks."
+ fi
+
+ def_pwd_iact="${iact_days}"
+ return
+ done
+}
+
+read_expire_date() {
+ local ans
+
+ echo
+ while :
+ do
+ echo -en "Expire date of this account (mm/dd/yy): [${def_expire:-never}] "
+ read ans
+
+ if test -z "${ans}"
+ then
+ if test -z "${def_expire}"
+ then
+ ans="never"
+ else
+ ans="${def_expire}"
+ echo "Using ${def_expire}"
+ fi
+ fi
+
+ if test "${ans}" = "never"
+ then
+ echo "Account will never expire."
+ def_expire=""
+ expire=""
+ return
+ fi
+
+ if ! expr "${ans}" : '^[0-9][0-9]/[0-9][0-9]/[0-9][0-9]$' &> /dev/null
+ then
+ echo "Please use format mm/dd/yy"
+ continue
+ fi
+
+ if ! expire_date="$(date -d ${ans} '+%A, %B %d %Y')"
+ then
+ continue
+ fi
+
+ def_expire="${expire}"
+ return
+ done
+}
+
+read_passwd_yn() {
+ echo -en "\nDo you want to set password [Y/n] ? "
+ if read_yn 0
+ then
+ set_pwd="YES"
+ else
+ set_pwd=""
+ fi
+}
+
+
+print_values() {
+
+clear
+cat << EOM
+
+Login: ${S}${login}${E}
+Group: ${S}${group}${E}
+Other groups: ${S}${other_groups:-[none]}${E}
+
+Real Name: ${S}${name}${E}
+
+uid: ${S}${uid:-[first free]}${E}
+home: ${S}${home}${E}
+shell: ${S}${shell}${E}
+
+Account expiration date: ${S}${expire_date:-never}${E}
+Minimum days between password changes: ${S}${min_days}${E}
+Maximum days between password changes: ${S}${max_days}${E}
+Number of usable days after expiration: ${S}${iact_days}${E}
+Number of warning days before expiration: ${S}${warn_days}${E}
+
+${S}${set_pwd:+Set password for this account.}${E}
+
+EOM
+}
+
+set_user() {
+ if ! useradd \
+ -c "${name}" \
+ -d "${home}" \
+ -g "${group}" \
+ -s "${shell}" \
+ ${expire:+-e ${expire}} \
+ ${uid:+-u ${uid}} \
+ ${other_groups:+-G ${other_groups}} \
+ ${login}
+ then
+ echo "Error ($?) in useradd...exiting..."
+ exit 1
+ fi
+}
+
+set_aging() {
+ if ! passwd \
+ -x ${max_days} \
+ -n ${min_days} \
+ -w ${warn_days} \
+ -i ${iact_days} \
+ ${login}
+ then
+ echo "Error ($?) in setting password aging...exiting..."
+ exit 1
+ fi
+}
+
+set_password() {
+ if test -n "${set_pwd}"
+ then
+ echo
+ passwd ${login}
+ echo
+ fi
+}
+
+set_system() {
+ if test -d "${home}"
+ then
+ echo "Directory ${home} already exists."
+ echo "Skeleton files not copied."
+ return
+ fi
+
+ echo -n "Copying skeleton files..."
+ (
+ mkdir ${home}
+ cd ${skel} && cp -af . ${home}
+ chmod ${def_mode} ${home}
+ chown -R ${login}:${group} ${home}
+ )
+ echo "done."
+
+ ## Add your own stuff here:
+ echo -n "Setting up other files..."
+ (
+ mailbox="/var/spool/mail/${login}"
+ touch ${mailbox}
+ chown "${login}:mail" ${mailbox}
+ chmod 600 ${mailbox}
+ )
+ echo "done."
+}
+
+
+read_values() {
+ clear
+ echo -e "\nPlease answer the following questions about the new user to be added."
+
+ while :
+ do
+ read_login
+ read_name
+ read_group
+ read_other_groups
+ read_home
+ read_shell
+ read_uid
+ read_expire_date
+ read_max_valid_days
+ read_min_valid_days
+ read_warning_days
+ read_inactive_days
+ read_passwd_yn
+
+ print_values
+
+ echo -n "Is this correct [N/y] ? "
+ read_yn 1 && return
+ done
+}
+
+
+main() {
+ check_root
+ read_values
+ set_user
+ set_aging
+ set_system
+ set_password
+}
+
+
+## Run it 8-)
+main
+
+# End.
diff --git a/contrib/atudel b/contrib/atudel
new file mode 100755
index 0000000..0ca8783
--- /dev/null
+++ b/contrib/atudel
@@ -0,0 +1,85 @@
+#!/usr/bin/perl
+#
+# Copyright (c) 1996 Brian R. Gaeke
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# 3. All advertising materials mentioning features or use of this software
+# must display the following acknowledgement:
+# This product includes software developed by Brian R. Gaeke.
+# 4. The name of the author, Brian R. Gaeke, may not be used to endorse
+# or promote products derived from this software without specific
+# prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY BRIAN R. GAEKE ``AS IS'' AND ANY EXPRESS
+# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL BRIAN R. GAEKE BE LIABLE FOR ANY DIRECT,
+# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+# Additionally:
+#
+# This software is provided without support and without any obligation
+# on the part of Brian R. Gaeke to assist in its use, correction,
+# modification or enhancement.
+#
+#######################################################################
+#
+# this is atudel, version 2, by Brian R. Gaeke <brg@dgate.org>
+#
+
+require "getopts.pl";
+&Getopts('v');
+$username = shift(@ARGV);
+&usage unless $username;
+
+sub usage
+{
+ print STDERR "atudel - remove all at jobs owned by a user\n";
+ print STDERR "usage: $0 [-v] username\n";
+ exit(1);
+}
+
+# odd. unless getpwnam($uname) doesn't seem to work for $uname eq "root" on
+# my linux system. but this does.
+die "user $username does not exist; stopping"
+ unless defined(getpwnam($username));
+
+print "searching for at jobs owned by user $username ..." if $opt_v;
+
+chdir "/var/spool/atjobs" ||
+ die "can't chdir to /var/spool/atjobs: $!\nstopping";
+opendir(DIR,".") || die "can't opendir(/var/spool/atjobs): $!\nstopping";
+@files = grep(!/^\./,grep(-f,readdir(DIR)));
+closedir DIR;
+
+foreach $x (@files)
+{
+ $owner = (getpwuid((stat($x))[4]))[0];
+ push(@nuke_bait,$x) if $owner eq $username;
+}
+
+if (@nuke_bait)
+{
+ print "removed jobIDs: @{nuke_bait}.\n" if $opt_v;
+ unlink @nuke_bait;
+}
+elsif ($opt_v)
+{
+ print "\n";
+}
+
+exit 0;
diff --git a/contrib/groupmems.shar b/contrib/groupmems.shar
new file mode 100644
index 0000000..b2d2547
--- /dev/null
+++ b/contrib/groupmems.shar
@@ -0,0 +1,546 @@
+#!/bin/sh
+# This is a shell archive (produced by GNU sharutils 4.2.1).
+# To extract the files from this archive, save it to some FILE, remove
+# everything before the `!/bin/sh' line above, then type `sh FILE'.
+#
+# Made on 2000-05-25 14:41 CDT by <gk4@gnu.austin.ibm.com>.
+# Source directory was `/home/gk4/src/groupmem'.
+#
+# Existing files will *not* be overwritten unless `-c' is specified.
+#
+# This shar contains:
+# length mode name
+# ------ ---------- ------------------------------------------
+# 1960 -rw-r--r-- Makefile
+# 6348 -rw-r--r-- groupmems.c
+# 3372 -rw------- groupmems.8
+#
+save_IFS="${IFS}"
+IFS="${IFS}:"
+gettext_dir=FAILED
+locale_dir=FAILED
+first_param="$1"
+for dir in $PATH
+do
+ if test "$gettext_dir" = FAILED && test -f $dir/gettext \
+ && ($dir/gettext --version >/dev/null 2>&1)
+ then
+ set `$dir/gettext --version 2>&1`
+ if test "$3" = GNU
+ then
+ gettext_dir=$dir
+ fi
+ fi
+ if test "$locale_dir" = FAILED && test -f $dir/shar \
+ && ($dir/shar --print-text-domain-dir >/dev/null 2>&1)
+ then
+ locale_dir=`$dir/shar --print-text-domain-dir`
+ fi
+done
+IFS="$save_IFS"
+if test "$locale_dir" = FAILED || test "$gettext_dir" = FAILED
+then
+ echo=echo
+else
+ TEXTDOMAINDIR=$locale_dir
+ export TEXTDOMAINDIR
+ TEXTDOMAIN=sharutils
+ export TEXTDOMAIN
+ echo="$gettext_dir/gettext -s"
+fi
+if touch -am -t 200112312359.59 $$.touch >/dev/null 2>&1 && test ! -f 200112312359.59 -a -f $$.touch; then
+ shar_touch='touch -am -t $1$2$3$4$5$6.$7 "$8"'
+elif touch -am 123123592001.59 $$.touch >/dev/null 2>&1 && test ! -f 123123592001.59 -a ! -f 123123592001.5 -a -f $$.touch; then
+ shar_touch='touch -am $3$4$5$6$1$2.$7 "$8"'
+elif touch -am 1231235901 $$.touch >/dev/null 2>&1 && test ! -f 1231235901 -a -f $$.touch; then
+ shar_touch='touch -am $3$4$5$6$2 "$8"'
+else
+ shar_touch=:
+ echo
+ $echo 'WARNING: not restoring timestamps. Consider getting and'
+ $echo "installing GNU \`touch', distributed in GNU File Utilities..."
+ echo
+fi
+rm -f 200112312359.59 123123592001.59 123123592001.5 1231235901 $$.touch
+#
+if mkdir _sh10937; then
+ $echo 'x -' 'creating lock directory'
+else
+ $echo 'failed to create lock directory'
+ exit 1
+fi
+# ============= Makefile ==============
+if test -f 'Makefile' && test "$first_param" != -c; then
+ $echo 'x -' SKIPPING 'Makefile' '(file already exists)'
+else
+ $echo 'x -' extracting 'Makefile' '(text)'
+ sed 's/^X//' << 'SHAR_EOF' > 'Makefile' &&
+/*
+# Copyright 2000, International Business Machines, Inc.
+# All rights reserved.
+#
+# original author: George Kraft IV, gk4@us.ibm.com
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# 3. Neither the name of International Business Machines, Inc., nor the
+# names of its contributors may be used to endorse or promote products
+# derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
+# CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
+# BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+# INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+X
+all: groupmems
+X
+groupmems: groupmems.c
+X cc -g -o groupmems groupmems.c -L. -lshadow
+X
+install: groupmems
+X -/usr/sbin/groupadd groups
+X install -o root -g groups -m 4770 groupmems /usr/bin
+X
+install.man: groupmems.8
+X install -o root -g root -m 644 groupmems.8 /usr/man/man8
+X
+SHAR_EOF
+ (set 20 00 05 25 14 40 28 'Makefile'; eval "$shar_touch") &&
+ chmod 0644 'Makefile' ||
+ $echo 'restore of' 'Makefile' 'failed'
+ if ( md5sum --help 2>&1 | grep 'sage: md5sum \[' ) >/dev/null 2>&1 \
+ && ( md5sum --version 2>&1 | grep -v 'textutils 1.12' ) >/dev/null; then
+ md5sum -c << SHAR_EOF >/dev/null 2>&1 \
+ || $echo 'Makefile:' 'MD5 check failed'
+b46cf7ef8d59149093c011ced3f3103c Makefile
+SHAR_EOF
+ else
+ shar_count="`LC_ALL= LC_CTYPE= LANG= wc -c < 'Makefile'`"
+ test 1960 -eq "$shar_count" ||
+ $echo 'Makefile:' 'original size' '1960,' 'current size' "$shar_count!"
+ fi
+fi
+# ============= groupmems.c ==============
+if test -f 'groupmems.c' && test "$first_param" != -c; then
+ $echo 'x -' SKIPPING 'groupmems.c' '(file already exists)'
+else
+ $echo 'x -' extracting 'groupmems.c' '(text)'
+ sed 's/^X//' << 'SHAR_EOF' > 'groupmems.c' &&
+/*
+X * Copyright 2000, International Business Machines, Inc.
+X * All rights reserved.
+X *
+X * original author: George Kraft IV, gk4@us.ibm.com
+X *
+X * Redistribution and use in source and binary forms, with or without
+X * modification, are permitted provided that the following conditions
+X * are met:
+X *
+X * 1. Redistributions of source code must retain the above copyright
+X * notice, this list of conditions and the following disclaimer.
+X * 2. Redistributions in binary form must reproduce the above copyright
+X * notice, this list of conditions and the following disclaimer in the
+X * documentation and/or other materials provided with the distribution.
+X * 3. Neither the name of International Business Machines, Inc., nor the
+X * names of its contributors may be used to endorse or promote products
+X * derived from this software without specific prior written permission.
+X *
+X * THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
+X * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
+X * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+X * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+X * INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
+X * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+X * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+X * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+X * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+X * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+X * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+X * SUCH DAMAGE.
+X */
+/*
+**
+** Utility "groupmem" adds and deletes members from a user's group.
+**
+** Setup (as "root"):
+**
+** groupadd -r groups
+** chmod 2770 groupmems
+** chown root.groups groupmems
+** groupmems -g groups -a gk4
+**
+** Usage (as "gk4"):
+**
+** groupmems -a olive
+** groupmems -a jordan
+** groupmems -a meghan
+** groupmems -a morgan
+** groupmems -a jake
+** groupmems -l
+** groupmems -d jake
+** groupmems -l
+*/
+X
+#include <stdio.h>
+#include <pwd.h>
+#include <grp.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include "defines.h"
+#include "groupio.h"
+X
+/* Exit Status Values */
+X
+#define EXIT_SUCCESS 0 /* success */
+#define EXIT_USAGE 1 /* invalid command syntax */
+#define EXIT_GROUP_FILE 2 /* group file access problems */
+#define EXIT_NOT_ROOT 3 /* not superuser */
+#define EXIT_NOT_EROOT 4 /* not effective superuser */
+#define EXIT_NOT_PRIMARY 5 /* not primary owner of group */
+#define EXIT_NOT_MEMBER 6 /* member of group does not exist */
+#define EXIT_MEMBER_EXISTS 7 /* member of group already exists */
+X
+#define TRUE 1
+#define FALSE 0
+X
+/* Globals */
+X
+extern int optind;
+extern char *optarg;
+static char *adduser = NULL;
+static char *deluser = NULL;
+static char *thisgroup = NULL;
+static int purge = FALSE;
+static int list = FALSE;
+static int exclusive = 0;
+X
+static int isroot(void) {
+X return getuid() ? FALSE : TRUE;
+}
+X
+static int isgroup(void) {
+X gid_t g = getgid();
+X struct group *grp = getgrgid(g);
+X
+X return TRUE;
+}
+X
+static char *whoami(void) {
+X struct group *grp = getgrgid(getgid());
+X struct passwd *usr = getpwuid(getuid());
+X
+X if (0 == strcmp(usr->pw_name, grp->gr_name)) {
+X return (char *)strdup(usr->pw_name);
+X } else {
+X return NULL;
+X }
+}
+X
+static void
+addtogroup(char *user, char **members) {
+X int i;
+X char **pmembers;
+X
+X for (i = 0; NULL != members[i]; i++ ) {
+X if (0 == strcmp(user, members[i])) {
+X fprintf(stderr, "Member already exists\n");
+X exit(EXIT_MEMBER_EXISTS);
+X }
+X }
+X
+X if (0 == i) {
+X pmembers = (char **)calloc(2, sizeof(char *));
+X } else {
+X pmembers = (char **)realloc(members, sizeof(char *)*(i+1));
+X }
+X
+X *members = *pmembers;
+X members[i] = user;
+X members[i+1] = NULL;
+}
+X
+static void
+rmfromgroup(char *user, char **members) {
+X int i;
+X int found = FALSE;
+X
+X i = 0;
+X while (!found && NULL != members[i]) {
+X if (0 == strcmp(user, members[i])) {
+X found = TRUE;
+X } else {
+X i++;
+X }
+X }
+X
+X while (found && NULL != members[i]) {
+X members[i] = members[++i];
+X }
+X
+X if (!found) {
+X fprintf(stderr, "Member to remove could not be found\n");
+X exit(EXIT_NOT_MEMBER);
+X }
+}
+X
+static void
+nomembers(char **members) {
+X int i;
+X
+X for (i = 0; NULL != members[i]; i++ ) {
+X members[i] = NULL;
+X }
+}
+X
+static void
+members(char **members) {
+X int i;
+X
+X for (i = 0; NULL != members[i]; i++ ) {
+X printf("%s ", members[i]);
+X
+X if (NULL == members[i+1]) {
+X printf("\n");
+X } else {
+X printf(" ");
+X }
+X }
+}
+X
+static void usage(void) {
+X fprintf(stderr, "usage: groupmems -a username | -d username | -D | -l [-g groupname]\n");
+X exit(EXIT_USAGE);
+}
+X
+main(int argc, char **argv) {
+X int arg, i;
+X char *name;
+X struct group *grp;
+X
+X while ((arg = getopt(argc, argv, "a:d:g:Dl")) != EOF) {
+X switch (arg) {
+X case 'a':
+X adduser = strdup(optarg);
+X ++exclusive;
+X break;
+X case 'd':
+X deluser = strdup(optarg);
+X ++exclusive;
+X break;
+X case 'g':
+X thisgroup = strdup(optarg);
+X break;
+X case 'D':
+X purge = TRUE;
+X ++exclusive;
+X break;
+X case 'l':
+X list = TRUE;
+X ++exclusive;
+X break;
+X default:
+X usage();
+X }
+X }
+X
+X if (exclusive > 1 || optind < argc) {
+X usage();
+X }
+X
+X if (!isroot() && NULL != thisgroup) {
+X fprintf(stderr, "Only root can add members to different groups\n");
+X exit(EXIT_NOT_ROOT);
+X } else if (isroot() && NULL != thisgroup) {
+X name = thisgroup;
+X } else if (!isgroup()) {
+X fprintf(stderr, "Group access is required\n");
+X exit(EXIT_NOT_EROOT);
+X } else if (NULL == (name = whoami())) {
+X fprintf(stderr, "Not primary owner of current group\n");
+X exit(EXIT_NOT_PRIMARY);
+X }
+X
+X if (!gr_lock()) {
+X fprintf(stderr, "Unable to lock group file\n");
+X exit(EXIT_GROUP_FILE);
+X }
+X
+X if (!gr_open(O_RDWR)) {
+X fprintf(stderr, "Unable to open group file\n");
+X exit(EXIT_GROUP_FILE);
+X }
+X
+X grp = (struct group *)gr_locate(name);
+X
+X if (NULL != adduser) {
+X addtogroup(adduser, grp->gr_mem);
+X gr_update(grp);
+X } else if (NULL != deluser) {
+X rmfromgroup(deluser, grp->gr_mem);
+X gr_update(grp);
+X } else if (purge) {
+X nomembers(grp->gr_mem);
+X gr_update(grp);
+X } else if (list) {
+X members(grp->gr_mem);
+X }
+X
+X if (!gr_close()) {
+X fprintf(stderr, "Cannot close group file\n");
+X exit(EXIT_GROUP_FILE);
+X }
+X
+X gr_unlock();
+X
+X exit(EXIT_SUCCESS);
+}
+X
+/* EOF */
+SHAR_EOF
+ (set 20 00 05 25 14 36 38 'groupmems.c'; eval "$shar_touch") &&
+ chmod 0644 'groupmems.c' ||
+ $echo 'restore of' 'groupmems.c' 'failed'
+ if ( md5sum --help 2>&1 | grep 'sage: md5sum \[' ) >/dev/null 2>&1 \
+ && ( md5sum --version 2>&1 | grep -v 'textutils 1.12' ) >/dev/null; then
+ md5sum -c << SHAR_EOF >/dev/null 2>&1 \
+ || $echo 'groupmems.c:' 'MD5 check failed'
+f0dd68f8d762d89d24d3ce1f4141f981 groupmems.c
+SHAR_EOF
+ else
+ shar_count="`LC_ALL= LC_CTYPE= LANG= wc -c < 'groupmems.c'`"
+ test 6348 -eq "$shar_count" ||
+ $echo 'groupmems.c:' 'original size' '6348,' 'current size' "$shar_count!"
+ fi
+fi
+# ============= groupmems.8 ==============
+if test -f 'groupmems.8' && test "$first_param" != -c; then
+ $echo 'x -' SKIPPING 'groupmems.8' '(file already exists)'
+else
+ $echo 'x -' extracting 'groupmems.8' '(text)'
+ sed 's/^X//' << 'SHAR_EOF' > 'groupmems.8' &&
+X.\"
+X.\" Copyright 2000, International Business Machines, Inc.
+X.\" All rights reserved.
+X.\"
+X.\" original author: George Kraft IV, gk4@us.ibm.com
+X.\"
+X.\" Redistribution and use in source and binary forms, with or without
+X.\" modification, are permitted provided that the following conditions
+X.\" are met:
+X.\"
+X.\" 1. Redistributions of source code must retain the above copyright
+X.\" notice, this list of conditions and the following disclaimer.
+X.\" 2. Redistributions in binary form must reproduce the above copyright
+X.\" notice, this list of conditions and the following disclaimer in the
+X.\" documentation and/or other materials provided with the distribution.
+X.\" 3. Neither the name of International Business Machines, Inc., nor the
+X.\" names of its contributors may be used to endorse or promote products
+X.\" derived from this software without specific prior written permission.
+X.\"
+X.\" THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
+X.\" CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
+X.\" BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+X.\" FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+X.\" INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
+X.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+X.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+X.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+X.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+X.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+X.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+X.\" SUCH DAMAGE.
+X.\"
+X.\" $Id$
+X.\"
+X.TH GROUPMEMS 8
+X.SH NAME
+groupmems \- Administer members of a user's primary group
+X.SH SYNOPSIS
+X.B groupmems
+\fB-a\fI user_name \fR |
+\fB-d\fI user_name \fR |
+\fB-l\fR |
+\fB-D\fR |
+[\fB-g\fI group_name \fR]
+X.SH DESCRIPTION
+The \fBgroupmems\fR utility allows a user to administer his/her own
+group membership list without the requirement of superuser privileges.
+The \fBgroupmems\fR utility is for systems that configure its users to
+be in their own name sake primary group (i.e., guest / guest).
+X.P
+Only the superuser, as administrator, can use \fBgroupmems\fR to alter
+the memberships of other groups.
+X.IP "\fB-a \fIuser_name\fR"
+Add a new user to the group membership list.
+X.IP "\fB-d \fIuser_name\fR"
+Delete a user from the group membership list.
+X.IP "\fB-l\fR"
+List the group membership list.
+X.IP "\fB-D\fR"
+Delete all users from the group membership list.
+X.IP "\fB-g \fIgroup_name\fR"
+The superuser can specify which group membership list to modify.
+X.SH SETUP
+The \fBgroupmems\fR executable should be in mode \fB2770\fR as user \fBroot\fR
+and in group \fBgroups\fR. The system administrator can add users to
+group groups to allow or disallow them using the \fBgroupmems\fR utility
+to manager their own group membership list.
+X.P
+X $ groupadd -r groups
+X.br
+X $ chmod 2770 groupmems
+X.br
+X $ chown root.groups groupmems
+X.br
+X $ groupmems -g groups -a gk4
+X.SH FILES
+/etc/group
+X.br
+/etc/gshadow
+X.SH SEE ALSO
+X.BR chfn (1),
+X.BR chsh (1),
+X.BR useradd (8),
+X.BR userdel (8),
+X.BR usermod (8),
+X.BR passwd (1),
+X.BR groupadd (8),
+X.BR groupdel (8)
+X.SH AUTHOR
+George Kraft IV (gk4@us.ibm.com)
+X.\" EOF
+SHAR_EOF
+ (set 20 00 05 25 14 38 23 'groupmems.8'; eval "$shar_touch") &&
+ chmod 0600 'groupmems.8' ||
+ $echo 'restore of' 'groupmems.8' 'failed'
+ if ( md5sum --help 2>&1 | grep 'sage: md5sum \[' ) >/dev/null 2>&1 \
+ && ( md5sum --version 2>&1 | grep -v 'textutils 1.12' ) >/dev/null; then
+ md5sum -c << SHAR_EOF >/dev/null 2>&1 \
+ || $echo 'groupmems.8:' 'MD5 check failed'
+181e6cd3a3c9d3df320197fa2cde2b4a groupmems.8
+SHAR_EOF
+ else
+ shar_count="`LC_ALL= LC_CTYPE= LANG= wc -c < 'groupmems.8'`"
+ test 3372 -eq "$shar_count" ||
+ $echo 'groupmems.8:' 'original size' '3372,' 'current size' "$shar_count!"
+ fi
+fi
+rm -fr _sh10937
+exit 0
diff --git a/contrib/pwdauth.c b/contrib/pwdauth.c
new file mode 100644
index 0000000..ca15495
--- /dev/null
+++ b/contrib/pwdauth.c
@@ -0,0 +1,308 @@
+/*
+ * pwdauth.c - program to verify a given username/password pair.
+ *
+ * Run it with username in argv[1] (may be omitted - default is the
+ * current user), and send it the password over a pipe on stdin.
+ * Exit status: 0 - correct password, 1 - wrong password, >1 - other
+ * errors. For use with shadow passwords, this program should be
+ * installed setuid root.
+ *
+ * This can be used, for example, by xlock - you don't have to install
+ * this large and complex (== possibly insecure) program setuid root,
+ * just modify it to run this simple program to do the authentication.
+ *
+ * Recent versions (xlockmore-3.9) are cleaner, and drop privileges as
+ * soon as possible after getting the user's encrypted password.
+ * Using this program probably doesn't make it more secure, and has one
+ * disadvantage: since we don't get the encrypted user's password at
+ * startup (but at the time the user is authenticated), it is not clear
+ * how we should handle errors (like getpwnam() returning NULL).
+ * - fail the authentication? Problem: no way to unlock (other than kill
+ * the process from somewhere else) if the NIS server stops responding.
+ * - succeed and unlock? Problem: it's too easy to unlock by unplugging
+ * the box from the network and waiting until NIS times out...
+ *
+ * This program is Copyright (C) 1996 Marek Michalkiewicz
+ * <marekm@i17linuxb.ists.pwr.wroc.pl>.
+ *
+ * It may be used and distributed freely for any purposes. There is no
+ * warranty - use at your own risk. I am not liable for any damages etc.
+ * If you improve it, please send me your changes.
+ */
+
+static char rcsid[] = "$Id$";
+
+/*
+ * Define USE_SYSLOG to use syslog() to log successful and failed
+ * authentication. This should be safe even if your system has
+ * the infamous syslog buffer overrun security problem...
+ */
+#define USE_SYSLOG
+
+/*
+ * Define HAVE_GETSPNAM to get shadow passwords using getspnam().
+ * Some systems don't have getspnam(), but getpwnam() returns
+ * encrypted passwords only if running as root.
+ *
+ * According to the xlock source (not tested, except Linux) -
+ * define: Linux, Solaris 2.x, SVR4, ...
+ * undef: HP-UX with Secured Passwords, FreeBSD, NetBSD, QNX.
+ * Known not supported (yet): Ultrix, OSF/1, SCO.
+ */
+#define HAVE_GETSPNAM
+
+/*
+ * Define HAVE_PW_ENCRYPT to use pw_encrypt() instead of crypt().
+ * pw_encrypt() is like the standard crypt(), except that it may
+ * support better password hashing algorithms.
+ *
+ * Define if linking with libshadow.a from the shadow password
+ * suite (Linux, SunOS 4.x?).
+ */
+#undef HAVE_PW_ENCRYPT
+
+/*
+ * Define HAVE_AUTH_METHODS to support the shadow suite specific
+ * extension: the encrypted password field contains a list of
+ * administrator defined authentication methods, separated by
+ * semicolons. This program only supports the standard password
+ * authentication method (a string that doesn't start with '@').
+ */
+#undef HAVE_AUTH_METHODS
+
+/*
+ * FAIL_DELAY - number of seconds to sleep before exiting if the
+ * password was wrong, to slow down password guessing attempts.
+ */
+#define FAIL_DELAY 2
+
+/* No user-serviceable parts below :-). */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+#include <pwd.h>
+
+#ifdef USE_SYSLOG
+#include <syslog.h>
+#ifndef LOG_AUTHPRIV
+#define LOG_AUTHPRIV LOG_AUTH
+#endif
+#endif
+
+#ifdef HAVE_GETSPNAM
+#include <shadow.h>
+#endif
+
+#ifdef HAVE_PW_ENCRYPT
+extern char *pw_encrypt();
+#define crypt pw_encrypt
+#endif
+
+/*
+ * Read the password (one line) from fp. We don't turn off echo
+ * because we expect input from a pipe.
+ */
+static char *
+get_line(fp)
+ FILE *fp;
+{
+ static char buf[128];
+ char *cp;
+ int ch;
+
+ cp = buf;
+ while ((ch = getc(fp)) != EOF && ch != '\0' && ch != '\n') {
+ if (cp >= buf + sizeof buf - 1)
+ break;
+ *cp++ = ch;
+ }
+ *cp = '\0';
+ return buf;
+}
+
+/*
+ * Get the password file entry for the current user. If the name
+ * returned by getlogin() is correct (matches the current real uid),
+ * return the entry for that user. Otherwise, return the entry (if
+ * any) matching the current real uid. Return NULL on failure.
+ */
+static struct passwd *
+get_my_pwent()
+{
+ uid_t uid = getuid();
+ char *name = getlogin();
+
+ if (name && *name) {
+ struct passwd *pw = getpwnam(name);
+
+ if (pw && pw->pw_uid == uid)
+ return pw;
+ }
+ return getpwuid(uid);
+}
+
+/*
+ * Verify the password. The system-dependent shadow support is here.
+ */
+static int
+password_auth_ok(pw, pass)
+ const struct passwd *pw;
+ const char *pass;
+{
+ int result;
+ char *cp;
+#ifdef HAVE_AUTH_METHODS
+ char *buf;
+#endif
+#ifdef HAVE_GETSPNAM
+ struct spwd *sp;
+#endif
+
+ if (pw) {
+#ifdef HAVE_GETSPNAM
+ sp = getspnam(pw->pw_name);
+ if (sp)
+ cp = sp->sp_pwdp;
+ else
+#endif
+ cp = pw->pw_passwd;
+ } else
+ cp = "xx";
+
+#ifdef HAVE_AUTH_METHODS
+ buf = strdup(cp); /* will be modified by strtok() */
+ if (!buf) {
+ fprintf(stderr, "Out of memory.\n");
+ exit(13);
+ }
+ cp = strtok(buf, ";");
+ while (cp && *cp == '@')
+ cp = strtok(NULL, ";");
+
+ /* fail if no password authentication for this user */
+ if (!cp)
+ cp = "xx";
+#endif
+
+ if (*pass || *cp)
+ result = (strcmp(crypt(pass, cp), cp) == 0);
+ else
+ result = 1; /* user with no password */
+
+#ifdef HAVE_AUTH_METHODS
+ free(buf);
+#endif
+ return result;
+}
+
+/*
+ * Main program.
+ */
+int
+main(argc, argv)
+ int argc;
+ char **argv;
+{
+ struct passwd *pw;
+ char *pass, *name;
+ char myname[32];
+
+#ifdef USE_SYSLOG
+ openlog("pwdauth", LOG_PID | LOG_CONS, LOG_AUTHPRIV);
+#endif
+ pw = get_my_pwent();
+ if (!pw) {
+#ifdef USE_SYSLOG
+ syslog(LOG_ERR, "can't get login name for uid %d.\n",
+ (int) getuid());
+#endif
+ fprintf(stderr, "Who are you?\n");
+ exit(2);
+ }
+ strncpy(myname, pw->pw_name, sizeof myname - 1);
+ myname[sizeof myname - 1] = '\0';
+ name = myname;
+
+ if (argc > 1) {
+ name = argv[1];
+ pw = getpwnam(name);
+ }
+
+ pass = get_line(stdin);
+ if (password_auth_ok(pw, pass)) {
+#ifdef USE_SYSLOG
+ syslog(pw->pw_uid ? LOG_INFO : LOG_NOTICE,
+ "user `%s' entered correct password for `%.32s'.\n",
+ myname, name);
+#endif
+ exit(0);
+ }
+#ifdef USE_SYSLOG
+ /* be careful not to overrun the syslog buffer */
+ syslog((!pw || pw->pw_uid) ? LOG_NOTICE : LOG_WARNING,
+ "user `%s' entered incorrect password for `%.32s'.\n",
+ myname, name);
+#endif
+#ifdef FAIL_DELAY
+ sleep(FAIL_DELAY);
+#endif
+ fprintf(stderr, "Wrong password.\n");
+ exit(1);
+}
+
+#if 0
+/*
+ * You can use code similar to the following to run this program.
+ * Return values: >=0 - program exit status (use the <sys/wait.h>
+ * macros to get the exit code, it is shifted left by 8 bits),
+ * -1 - check errno.
+ */
+int
+verify_password(const char *username, const char *password)
+{
+ int pipe_fd[2];
+ int pid, wpid, status;
+
+ if (pipe(pipe_fd))
+ return -1;
+
+ if ((pid = fork()) == 0) {
+ char *arg[3];
+ char *env[1];
+
+ /* child */
+ close(pipe_fd[1]);
+ if (pipe_fd[0] != 0) {
+ if (dup2(pipe_fd[0], 0) != 0)
+ _exit(127);
+ close(pipe_fd[0]);
+ }
+ arg[0] = "/usr/bin/pwdauth";
+ arg[1] = username;
+ arg[2] = NULL;
+ env[0] = NULL;
+ execve(arg[0], arg, env);
+ _exit(127);
+ } else if (pid == -1) {
+ /* error */
+ close(pipe_fd[0]);
+ close(pipe_fd[1]);
+ return -1;
+ }
+ /* parent */
+ close(pipe_fd[0]);
+ write(pipe_fd[1], password, strlen(password));
+ write(pipe_fd[1], "\n", 1);
+ close(pipe_fd[1]);
+
+ while ((wpid = wait(&status)) != pid) {
+ if (wpid == -1)
+ return -1;
+ }
+ return status;
+}
+#endif
diff --git a/contrib/shadow-anonftp.patch b/contrib/shadow-anonftp.patch
new file mode 100644
index 0000000..6938fe4
--- /dev/null
+++ b/contrib/shadow-anonftp.patch
@@ -0,0 +1,147 @@
+Hello Marek,
+
+I have created a diffile against the 980403 release that adds
+functionality to newusers for automatic handling of users with only
+anonomous ftp login (using the guestgroup feature in ftpaccess, which
+means that the users home directory looks like '/home/user/./'). It also
+adds a commandline argument to specify an initial directory structure
+for such users, with a tarball normally containing the bin,lib,etc
+directories used in the chrooted environment.
+
+I am using it to automatically create chunks of users with only ftp
+access for a webserver.
+
+I have tried to follow your coding standards and I believe it is bug
+free but.. well, who knows. :) It's not much code however.
+
+I hope you find it useful. Do what you like with it, feel free to ask if
+anything is unclear.
+
+Best rgds,
+ Calle Karlsson
+ ckn@kash.se
+
+diff -uNr shadow-980403.orig/src/newusers.c shadow-980403/src/newusers.c
+--- shadow-980403.orig/src/newusers.c Fri Jan 30 00:22:43 1998
++++ shadow-980403/src/newusers.c Fri Apr 17 16:55:33 1998
+@@ -76,11 +76,35 @@
+ static void
+ usage(void)
+ {
+- fprintf(stderr, "Usage: %s [ input ]\n", Prog);
++ fprintf (stderr, "Usage: %s [-p prototype tarfile] [ input ]\n", Prog);
++ fprintf (stderr, "The prototype tarfile is only used for users\n");
++ fprintf (stderr, "marked as anonymous ftp users. It must be a full pathname.\n");
+ exit(1);
+ }
+
+ /*
++ * createuserdir - create a directory and chmod it
++ */
++
++static int
++createuserdir (char * dir, int uid, int gid, int line)
++{
++ if (mkdir (dir, 0777 & ~getdef_num("UMASK", 077))) {
++ fprintf (stderr, "%s: line %d: mkdir %s failed\n",
++ Prog, line, dir);
++ return -1;
++ }
++
++ if (chown (dir, uid, gid)) {
++ fprintf (stderr, "%s: line %d: chown %s failed\n",
++ Prog, line, dir);
++ return -1;
++ }
++
++ return 0;
++}
++
++/*
+ * add_group - create a new group or add a user to an existing group
+ */
+
+@@ -328,6 +352,8 @@
+ main(int argc, char **argv)
+ {
+ char buf[BUFSIZ];
++ char anonproto[BUFSIZ];
++ int flag;
+ char *fields[8];
+ int nfields;
+ char *cp;
+@@ -340,12 +366,23 @@
+
+ Prog = Basename(argv[0]);
+
+- if (argc > 1 && argv[1][0] == '-')
+- usage ();
++ * anonproto = '\0';
++
++ while ((flag = getopt (argc, argv, "p:h")) != EOF) {
++ switch (flag) {
++ case 'p':
++ STRFCPY(anonproto, optarg);
++ break;
++ case 'h':
++ default:
++ usage ();
++ break;
++ }
++ }
+
+- if (argc == 2) {
+- if (! freopen (argv[1], "r", stdin)) {
+- snprintf(buf, sizeof buf, "%s: %s", Prog, argv[1]);
++ if (optind < argc) {
++ if (! freopen (argv[optind], "r", stdin)) {
++ snprintf(buf, sizeof buf, "%s: %s", Prog, argv[optind]);
+ perror (buf);
+ exit (1);
+ }
+@@ -499,15 +536,36 @@
+ if (fields[6][0])
+ newpw.pw_shell = fields[6];
+
+- if (newpw.pw_dir[0] && access(newpw.pw_dir, F_OK)) {
+- if (mkdir (newpw.pw_dir,
+- 0777 & ~getdef_num("UMASK", 077)))
+- fprintf (stderr, "%s: line %d: mkdir failed\n",
+- Prog, line);
+- else if (chown (newpw.pw_dir,
+- newpw.pw_uid, newpw.pw_gid))
+- fprintf (stderr, "%s: line %d: chown failed\n",
+- Prog, line);
++ if (newpw.pw_dir[0]) {
++ char * userdir = strdup (newpw.pw_dir);
++ char * anonpart;
++ int rc;
++
++ if ((anonpart = strstr (userdir, "/./"))) {
++ * anonpart = '\0';
++ anonpart += 2;
++ }
++
++ if (access(userdir, F_OK))
++ rc = createuserdir (userdir, newpw.pw_uid, newpw.pw_gid, line);
++ else
++ rc = 0;
++
++ if (rc == 0 && anonpart) {
++ if (* anonproto) {
++ char cmdbuf [BUFSIZ];
++ snprintf(cmdbuf, sizeof cmdbuf,
++ "cd %s; tar xf %s",
++ userdir, anonproto);
++ system (cmdbuf);
++ }
++ if (strlen (anonpart) > 1) {
++ strcat (userdir, anonpart);
++ if (access (userdir, F_OK))
++ createuserdir (userdir, newpw.pw_uid, newpw.pw_gid, line);
++ }
++ }
++ free (userdir);
+ }
+
+ /*
diff --git a/contrib/udbachk.tgz b/contrib/udbachk.tgz
new file mode 100644
index 0000000..605ad63
--- /dev/null
+++ b/contrib/udbachk.tgz
Binary files differ
diff --git a/doc/HOWTO b/doc/HOWTO
new file mode 100644
index 0000000..01a90ed
--- /dev/null
+++ b/doc/HOWTO
@@ -0,0 +1,1918 @@
+[ Note: the installation instructions in this document are somewhat
+ out of date - the package now uses GNU autoconf and is configured
+ just like most GNU packages: run ./configure then make. --marekm ]
+
+ Linux Shadow Password HOWTO
+ Michael H. Jackson, mhjack@tscnet.com
+ v1.3, 3 April 1996
+
+ This document aims to describe how to obtain, install, and configure
+ the Linux password Shadow Suite. It also discusses obtaining, and
+ reinstalling other software and network daemons that require access to
+ user passwords. This other software is not actually part of the
+ Shadow Suite, but these programs will need to be recompiled to support
+ the Shadow Suite. This document also contains a programming example
+ for adding shadow support to a program. Answers to some of the more
+ frequently asked questions are included near the end of this document.
+
+ 1. Introduction.
+
+ This is the Linux Shadow-Password-HOWTO. This document describes why
+ and how to add shadow password support on a Linux system. Some
+ examples of how to use some of the Shadow Suite's features is also
+ included.
+
+ When installing the Shadow Suite and when using many of the utility
+ programs, you must be logged in as root. When installing the Shadow
+ Suite you will be making changes to system software, and it is highly
+ recommended that you make backup copies of programs as indicated. I
+ also recommend that you read and understand all the instructions
+ before you begin.
+
+ 1.1. Changes from the previous release.
+
+ Additions:
+ Added a sub-section on why you might not want to install shadow
+ Added a sub-section on updating the xdm program
+ Added a section on how to put Shadow Suite features to work
+ Added a section containing frequently asked questions
+
+ Corrections/Updates:
+ Corrected html references on Sunsite
+ Corrected section on wu-ftp to reflect adding -lshadow to the Makefile
+ Corrected minor spelling and verbiage errors
+ Changed section on wu-ftpd to support ELF
+ Updated to reflect security problems in various login programs
+ Updated to recommend the Linux Shadow Suite by Marek Michalkiewicz
+
+ 1.2. New versions of this document.
+
+ The latest released version of this document can always be retrieved
+ by anonymous FTP from:
+
+ sunsite.unc.edu
+
+ /pub/Linux/docs/HOWTO/Shadow-Password-HOWTO
+
+ or:
+
+ /pub/Linux/docs/HOWTO/other-formats/Shadow-Password-HOWTO{-html.tar,ps,dvi}.gz
+
+ or via the World Wide Web from the Linux Documentation Project Web
+ Server <http://sunsite.unc.edu/mdw/linux.html>, at page: Shadow-
+ Password-HOWTO <http://sunsite.unc.edu/linux/HOWTO/Shadow-Password-
+ HOWTO.html> or directly from me, <mhjack@tscnet.com>. It will also be
+ posted to the newsgroup: comp.os.linux.answers
+
+ This document is now packaged with the Shadow-YYDDMM packages.
+
+ 1.3. Feedback.
+
+ Please send any comments, updates, or suggestions to me: Michael H.
+ Jackson <mhjack@tscnet.com> The sooner I get feedback, the sooner I
+ can update and correct this document. If you find any problems with
+ it, please mail me directly as I very rarely stay up-to-date on the
+ newsgroups.
+
+ 2. Why shadow your passwd file?
+
+ By default, most current Linux distributions do not contain the Shadow
+ Suite installed. This includes Slackware 2.3, Slackware 3.0, and
+ other popular distributions. One of the reasons for this is that the
+ copyright notices in the original Shadow Suite were not clear on
+ redistribution if a fee was charged. Linux uses a GNU Copyright
+ (sometimes refereed to as a Copyleft) that allows people to package it
+ into a convenient package (like a CD-ROM distribution) and charge a
+ fee for it.
+
+ The current maintainer of the Shadow Suite, Marek Michalkiewicz
+ <marekm@i17linuxb.ists.pwr.wroc.pl> received the source code from the
+ original author under a BSD style copyright that allowed
+ redistribution. Now that the copyright issues are resolved, it is
+ expected that future distributions will contain password shadowing by
+ default. Until then, you will need to install it yourself.
+
+ If you installed your distribution from a CD-ROM, you may find that,
+ even though the distribution did not have the Shadow Suite installed,
+ some of the files you need to install the Shadow Suite may be on the
+ CD-ROM.
+
+ However, Shadow Suite versions 3.3.1, 3.3.1-2, and shadow-mk all have
+ security problems with their login program and several other suid root
+ programs that came with them, and should no longer be used.
+
+ All of the necessary files may be obtained via anonymous FTP or
+ through the World Wide Web.
+
+ On a Linux system without the Shadow Suite installed, user information
+ including passwords is stored in the /etc/passwd file. The password
+ is stored in an encrypted format. If you ask a cryptography expert,
+ however, he or she will tell you that the password is actually in an
+ encoded rather than encrypted format because when using crypt(3), the
+ text is set to null and the password is the key. Therefore, from here
+ on, I will use the term encoded in this document.
+
+ The algorithm used to encode the password field is technically
+ referred to as a one way hash function. This is an algorithm that is
+ easy to compute in one direction, but very difficult to calculate in
+ the reverse direction. More about the actual algorithm used can be
+ found in section 2.4 or your crypt(3) manual page.
+
+ When a user picks or is assigned a password, it is encoded with a
+ randomly generated value called the salt. This means that any
+ particular password could be stored in 4096 different ways. The salt
+ value is then stored with the encoded password.
+
+ When a user logs in and supplies a password, the salt is first
+ retrieved from the stored encoded password. Then the supplied
+ password is encoded with the salt value, and then compared with the
+ encoded password. If there is a match, then the user is
+ authenticated.
+
+ It is computationally difficult (but not impossible) to take a
+ randomly encoded password and recover the original password. However,
+ on any system with more than just a few users, at least some of the
+ passwords will be common words (or simple variations of common words).
+
+ System crackers know all this, and will simply encrypt a dictionary of
+ words and common passwords using all possible 4096 salt values. Then
+ they will compare the encoded passwords in your /etc/passwd file with
+ their database. Once they have found a match, they have the password
+ for another account. This is referred to as a dictionary attack, and
+ is one of the most common methods for gaining or expanding
+ unauthorized access to a system.
+
+ If you think about it, an 8 character password encodes to 4096 * 13
+ character strings. So a dictionary of say 400,000 common words,
+ names, passwords, and simple variations would easily fit on a 4GB hard
+ drive. The attacker need only sort them, and then check for matches.
+ Since a 4GB hard drive can be had for under $1000.00, this is well
+ within the means of most system crackers.
+
+ Also, if a cracker obtains your /etc/passwd file first, they only need
+ to encode the dictionary with the salt values actually contained in
+ your /etc/passwd file. This method is usable by your average teenager
+ with a couple of hundred spare Megabytes and a 486 class computer.
+
+ Even without lots of drive space, utilities like crack(1) can usually
+ break at least a couple of passwords on a system with enough users
+ (assuming the users of the system are allowed to pick their own
+ passwords).
+
+ The /etc/passwd file also contains information like user ID's and
+ group ID's that are used by many system programs. Therefore, the
+ /etc/passwd file must remain world readable. If you were to change
+ the /etc/passwd file so that nobody can read it, the first thing that
+ you would notice is that the ls -l command now displays user ID's
+ instead of names!
+
+ The Shadow Suite solves the problem by relocating the passwords to
+ another file (usually /etc/shadow). The /etc/shadow file is set so
+ that it cannot be read by just anyone. Only root will be able to read
+ and write to the /etc/shadow file. Some programs (like xlock) don't
+ need to be able to change passwords, they only need to be able to
+ verify them. These programs can either be run suid root or you can
+ set up a group shadow that is allowed read only access to the
+ /etc/shadow file. Then the program can be run sgid shadow.
+
+ By moving the passwords to the /etc/shadow file, we are effectively
+ keeping the attacker from having access to the encoded passwords with
+ which to perform a dictionary attack.
+
+ Additionally, the Shadow Suite adds lots of other nice features:
+
+ · A configuration file to set login defaults (/etc/login.defs)
+
+ · Utilities for adding, modifying, and deleting user accounts and
+ groups
+
+ · Password aging and expiration
+
+ · Account expiration and locking
+
+ · Shadowed group passwords (optional)
+
+ · Double length passwords (16 character passwords) NOT RECOMMENDED
+
+ · Better control over user's password selection
+
+ · Dial-up passwords
+
+ · Secondary authentication programs NOT RECOMMENDED
+
+ Installing the Shadow Suite contributes toward a more secure system,
+ but there are many other things that can also be done to improve the
+ security of a Linux system, and there will eventually be a series of
+ Linux Security HOWTO's that will discuss other security measures and
+ related issues.
+
+ For current information on other Linux security issues, including
+ warnings on known vulnerabilities see the Linux Security home page.
+ <http://bach.cis.temple.edu/linux/linux-security/>
+
+ 2.1. Why you might NOT want to shadow your passwd file.
+
+ There are a few circumstances and configurations in which installing
+ the Shadow Suite would NOT be a good idea:
+
+ · The machine does not contain user accounts.
+
+ · Your machine is running on a LAN and is using NIS (Network
+ Information Services) to get or supply user names and passwords to
+ other machines on the network. (This can actually be done, but is
+ beyond the scope of this document, and really won't increase
+ security much anyway)
+
+ · Your machine is being used by terminal servers to verify users via
+ NFS (Network File System), NIS, or some other method.
+
+ · Your machine runs other software that validates users, and there is
+ no shadow version available, and you don't have the source code.
+
+ 2.2. Format of the /etc/passwd file
+
+ A non-shadowed /etc/passwd file has the following format:
+
+ username:passwd:UID:GID:full_name:directory:shell
+
+ Where:
+
+ username
+ The user (login) name
+
+ passwd
+ The encoded password
+
+ UID
+ Numerical user ID
+
+ GID
+ Numerical default group ID
+
+ full_name
+ The user's full name - Actually this field is called the GECOS
+ (General Electric Comprehensive Operating System) field and can
+ store information other than just the full name. The Shadow
+ commands and manual pages refer to this field as the comment
+ field.
+
+ directory
+ User's home directory (Full pathname)
+
+ shell
+ User's login shell (Full Pathname)
+
+ For example:
+
+ username:Npge08pfz4wuk:503:100:Full Name:/home/username:/bin/sh
+
+ Where Np is the salt and ge08pfz4wuk is the encoded password. The
+ encoded salt/password could just as easily have been kbeMVnZM0oL7I and
+ the two are exactly the same password. There are 4096 possible encod­
+ ings for the same password. (The example password in this case is
+ 'password', a really bad password).
+
+ Once the shadow suite is installed, the /etc/passwd file would instead
+ contain:
+
+ username:x:503:100:Full Name:/home/username:/bin/sh
+
+ The x in the second field in this case is now just a place holder.
+ The format of the /etc/passwd file really didn't change, it just no
+ longer contains the encoded password. This means that any program
+ that reads the /etc/passwd file but does not actually need to verify
+ passwords will still operate correctly.
+
+ The passwords are now relocated to the shadow file (usually
+ /etc/shadow file).
+
+ 2.3. Format of the shadow file
+
+ The /etc/shadow file contains the following information:
+
+ username:passwd:last:may:must:warn:expire:disable:reserved
+
+ Where:
+
+ username
+ The User Name
+
+ passwd
+ The Encoded password
+ last
+ Days since Jan 1, 1970 that password was last changed
+
+ may
+ Days before password may be changed
+
+ must
+ Days after which password must be changed
+
+ warn
+ Days before password is to expire that user is warned
+
+ expire
+ Days after password expires that account is disabled
+
+ disable
+ Days since Jan 1, 1970 that account is disabled
+
+ reserved
+ A reserved field
+
+ The previous example might then be:
+
+ username:Npge08pfz4wuk:9479:0:10000::::
+
+ 2.4. Review of crypt(3).
+
+ From the crypt(3) manual page:
+
+ "crypt is the password encryption function. It is based on the Data
+ Encryption Standard algorithm with variations intended (among other
+ things) to discourage use of hardware implementations of a key search.
+
+ The key is a user's typed password. The encoded string is all NULLs
+
+ The salt is a two-character string chosen from the set a-zA-Z0-9./.
+ This string is used to perturb the algorithm in one of 4096 different
+ ways.
+
+ By taking the lowest 7 bits of each character of the key, a 56-bit key
+ is obtained. This 56-bit key is used to encrypt repeatedly a constant
+ string (usually a string consisting of all zeros). The returned value
+ points to the encrypted password, a series of 13 printable ASCII
+ characters (the first two characters represent the salt itself). The
+ return value points to static data whose content is overwritten by
+ each call.
+
+ Warning: The key space consists of 2**56 equal 7.2e16 possible values.
+ Exhaustive searches of this key space are possible using massively
+ parallel computers. Software, such as crack(1), is available which
+ will search the portion of this key space that is generally used by
+ humans for passwords. Hence, password selection should, at minimum,
+ avoid common words and names. The use of a passwd(1) program that
+ checks for crackable passwords during the selection process is
+ recommended.
+
+ The DES algorithm itself has a few quirks which make the use of the
+ crypt(3) interface a very poor choice for anything other than password
+ authentication. If you are planning on using the crypt(3) interface
+ for a cryptography project, don't do it: get a good book on encryption
+ and one of the widely available DES libraries."
+
+ Most Shadow Suites contain code for doubling the length of the
+ password to 16 characters. Experts in des recommend against this, as
+ the encoding is simply applied first to the left half and then to the
+ right half of the longer password. Because of the way crypt works,
+ this may make for a less secure encoded password then if double length
+ passwords were not used in the first place. Additionally, it is less
+ likely that a user will be able to remember a 16 character password.
+
+ There is development work under way that would allow the
+ authentication algorithm to be replaced with something more secure and
+ with support for longer passwords (specifically the MD5 algorithm) and
+ retain compatibility with the crypt method.
+
+ If you are looking for a good book on encryption, I recommend:
+
+ "Applied Cryptography: Protocols, Algorithms, and Source Code in C"
+ by Bruce Schneier <schneier@chinet.com>
+ ISBN: 0-471-59756-2
+
+ 3. Getting the Shadow Suite.
+
+ 3.1. History of the Shadow Suite for Linux
+
+ DO NOT USE THE PACKAGES IN THIS SECTION, THEY HAVE SECURITY PROBLEMS
+
+ The original Shadow Suite was written by Julianne F. Haugh
+
+ There are several versions that have been used on Linux systems:
+
+ · shadow-3.3.1 is the original.
+
+ · shadow-3.3.1-2 is Linux specific patch made by Florian La Roche
+ <flla@stud.uni-sb.de> and contains some further enhancements.
+
+ · shadow-mk was specifically packaged for Linux.
+
+ The shadow-mk package contains the shadow-3.3.1 package distributed by
+ Julianne F. Haugh with the shadow-3.3.1-2 patch installed, a few fixes
+ made by Mohan Kokal <magnus@texas.net> that make installation a lot
+ easier, a patch by Joseph R.M. Zbiciak for login1.c (login.secure)
+ that eliminates the -f, -h security holes in /bin/login, and some
+ other miscellaneous patches.
+
+ The shadow.mk package was the previously recommended package, but
+ should be replaced due to a security problem with the login program.
+
+ There are security problems with Shadow versions 3.3.1, 3.3.1-2, and
+ shadow-mk involving the login program. This login bug involves not
+ checking the length of a login name. This causes the buffer to
+ overflow causing crashes or worse. It has been rumored that this
+ buffer overflow can allow someone with an account on the system to use
+ this bug and the shared libraries to gain root access. I won't
+ discuss exactly how this is possible because there are a lot of Linux
+ systems that are affected, but systems with these Shadow Suites
+ installed, and most pre-ELF distributions without the Shadow Suite are
+ vulnerable!
+
+ For more information on this and other Linux security issues, see the
+ Linux Security home page (Shared Libraries and login Program
+ Vulnerability) <http://bach.cis.temple.edu/linux/linux-security/Linux-
+ Security-FAQ/Linux-telnetd.html>
+
+ 3.2. Where to get the Shadow Suite.
+
+ The only recommended Shadow Suite is still in BETA testing, however
+ the latest versions are safe in a production environment and don't
+ contain a vulnerable login program.
+
+ The package uses the following naming convention:
+
+ shadow-YYMMDD.tar.gz
+
+ where YYMMDD is the issue date of the Suite.
+
+ This version will eventually be Version 3.3.3 when it is released from
+ Beta testing, and is maintained by Marek Michalkiewicz
+ <marekm@i17linuxb.ists.pwr.wroc.pl>. It's available as: shadow-
+ current.tar.gz
+ <ftp://i17linuxb.ists.pwr.wroc.pl/pub/linux/shadow/shadow-
+ current.tar.gz>.
+
+ The following mirror sites have also been established:
+
+ · ftp://ftp.icm.edu.pl/pub/Linux/shadow/shadow-current.tar.gz
+
+ · ftp://iguana.hut.fi/pub/linux/shadow/shadow-current.tar.gz
+
+ · ftp://ftp.cin.net/usr/ggallag/shadow/shadow-current.tar.gz
+
+ · ftp://ftp.netural.com/pub/linux/shadow/shadow-current.tar.gz
+
+ You should use the currently available version.
+
+ You should NOT use a version older than shadow-960129 as they also
+ have the login security problem discussed above.
+
+ When this document refers to the Shadow Suite I am referring to the
+ this package. It is assumed that this is the package that you are
+ using.
+
+ For reference, I used shadow-960129 to make these installation
+ instructions.
+
+ If you were previously using shadow-mk, you should upgrade to this
+ version and rebuild everything that you originally compiled.
+
+ 3.3. What is included with the Shadow Suite.
+
+ The Shadow Suite contains replacement programs for:
+
+ su, login, passwd, newgrp, chfn, chsh, and id
+
+ The package also contains the new programs:
+
+ chage, newusers, dpasswd, gpasswd, useradd, userdel, usermod,
+ groupadd, groupdel, groupmod, groups, pwck, grpck, lastlog, pwconv,
+ and pwunconv
+
+ Additionally, the library: libshadow.a is included for writing and/or
+ compiling programs that need to access user passwords.
+
+ Also, manual pages for the programs are also included.
+
+ There is also a configuration file for the login program which will be
+ installed as /etc/login.defs.
+
+ 4. Compiling the programs.
+
+ 4.1. Unpacking the archive.
+
+ The first step after retrieving the package is unpacking it. The
+ package is in the tar (tape archive) format and compressed using gzip,
+ so first move it to /usr/src, then type:
+
+ tar -xzvf shadow-current.tar.gz
+
+ This will unpack it into the directory: /usr/src/shadow-YYMMDD
+
+ 4.2. Configuring with the config.h file
+
+ The first thing that you need to do is to copy over the Makefile and
+ the config.h file:
+
+ cd /usr/src/shadow-YYMMDD
+ cp Makefile.linux Makefile
+ cp config.h.linux config.h
+
+ You should then take a look at the config.h file. This file contains
+ definitions for some of the configuration options. If you are using
+ the recommended package, I recommend that you disable group shadow
+ support for your first time around.
+
+ By default shadowed group passwords are enabled. To disable these
+ edit the config.h file, and change the #define SHADOWGRP to #undef
+ SHADOWGRP. I recommend that you disable them to start with, and then
+ if you really want group passwords and group administrators that you
+ enable it later and recompile. If you leave it enabled, you must
+ create the file /etc/gshadow.
+
+ Enabling the long passwords option is NOT recommended as discussed
+ above.
+
+ Do NOT change the setting: #undef AUTOSHADOW
+
+ The AUTOSHADOW option was originally designed so that programs that
+ were shadow ignorant would still function. This sounds good in
+ theory, but does not work correctly. If you enable this option, and
+ the program runs as root, it may call getpwnam() as root, and later
+ write the modified entry back to the /etc/passwd file (with the no-
+ longer-shadowed password). Such programs include chfn and chsh. (You
+ can't get around this by swapping real and effective uid before
+ calling getpwnam() because root may use chfn and chsh too.)
+
+ The same warning is also valid if you are building libc, it has a
+ SHADOW_COMPAT option which does the same thing. It should NOT be
+ used! If you start getting encoded passwords back in your /etc/passwd
+ file, this is the problem.
+
+ If you are using a libc version prior to 4.6.27, you will need to make
+ a couple more changes to config.h and the Makefile. To config.h edit
+ and change:
+
+ #define HAVE_BASENAME
+
+ to:
+
+ #undef HAVE_BASENAME
+
+ And then in the Makefile, change:
+
+ SOBJS = smain.o env.o entry.o susetup.o shell.o \
+ sub.o mail.o motd.o sulog.o age.o tz.o hushed.o
+
+ SSRCS = smain.c env.c entry.c setup.c shell.c \
+ pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
+ tz.c hushed.c
+
+ SOBJS = smain.o env.o entry.o susetup.o shell.o \
+ sub.o mail.o motd.o sulog.o age.o tz.o hushed.o basename.o
+
+ SSRCS = smain.c env.c entry.c setup.c shell.c \
+ pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
+ tz.c hushed.c basename.c
+
+ These changes add the code contained in basename.c which is contained
+ in libc 4.6.27 and later.
+
+ 4.3. Making backup copies of your original programs.
+
+ It would also be a good idea to track down and make backup copies of
+ the programs that the shadow suite will replace. On a Slackware 3.0
+ system these are:
+
+ · /bin/su
+
+ · /bin/login
+
+ · /usr/bin/passwd
+
+ · /usr/bin/newgrp
+
+ · /usr/bin/chfn
+
+ · /usr/bin/chsh
+
+ · /usr/bin/id
+
+ The BETA package has a save target in the Makefile, but it's commented
+ out because different distributions place the programs in different
+ places.
+
+ You should also make a backup copy of your /etc/passwd file, but be
+ careful to name it something else if you place it in the same
+ directory so you don't overwrite the passwd command.
+
+ 4.4. Running make
+
+ You need to be logged as root to do most of the installation.
+
+ Run make to compile the executables in the package:
+
+ make all
+
+ You may see the warning: rcsid defined but not used. This is fine, it
+ just happens because the author is using a version control package.
+
+ 5. Installing
+
+ 5.1. Have a boot disk handy in case you break anything.
+
+ If something goes terribly wrong, it would be handy to have a boot
+ disk. If you have a boot/root combination from your installation,
+ that will work, otherwise see the Bootdisk-HOWTO
+ <http://sunsite.unc.edu/mdw/HOWTO/Bootdisk-HOWTO.html>, which
+ describes how to make a bootable disk.
+
+ 5.2. Removing duplicate man pages
+
+ You should also move the manual pages that are about to be replaced.
+ Even if you are brave enough install the Shadow Suite without making
+ backups, you will still want to remove the old manual pages. The new
+ manual pages won't normally overwrite the old ones because the old
+ ones are probably compressed.
+
+ You can use a combination of: man -aW command and locate command to
+ locate the manual pages that need to be (re)moved. It's generally
+ easier to figure out which are the older pages before you run make
+ install.
+
+ If you are using the Slackware 3.0 distribution, then the manual pages
+ you want to remove are:
+
+ · /usr/man/man1/chfn.1.gz
+
+ · /usr/man/man1/chsh.1.gz
+
+ · /usr/man/man1/id.1.gz
+
+ · /usr/man/man1/login.1.gz
+
+ · /usr/man/man1/passwd.1.gz
+
+ · /usr/man/man1/su.1.gz
+
+ · /usr/man/man5/passwd.5.gz
+
+ There may also be man pages of the same name in the /var/man/cat[1-9]
+ subdirectories that should also be deleted.
+
+ 5.3. Running make install
+
+ You are now ready to type: (do this as root)
+
+ make install
+
+ This will install the new and replacement programs and fix-up the file
+ permissions. It will also install the man pages.
+
+ This also takes care of installing the Shadow Suite include files in
+ the correct places in /usr/include/shadow.
+
+ Using the BETA package you must manually copy the file login.defs to
+ the /etc subdirectory and make sure that only root can make changes to
+ it.
+
+ cp login.defs /etc
+ chmod 700 /etc/login.defs
+
+ This file is the configuration file for the login program. You should
+ review and make changes to this file for your particular system. This
+ is where you decide which tty's root can login from, and set other
+ security policy settings (like password expiration defaults).
+
+ 5.4. Running pwconv
+
+ The next step is to run pwconv. This must also be done as root, and
+ is best done from the /etc subdirectory:
+
+ cd /etc
+ /usr/sbin/pwconv
+
+ pwconv takes your /etc/passwd file and strips out the fields to create
+ two files: /etc/npasswd and /etc/nshadow.
+
+ A pwunconv program is also provided if you need to make a normal
+ /etc/passwd file out of an /etc/passwd and /etc/shadow combination.
+
+ 5.5. Renaming npasswd and nshadow
+
+ Now that you have run pwconv you have created the files /etc/npasswd
+ and /etc/nshadow. These need to be copied over to /etc/passwd and
+ /etc/shadow. We also want to make a backup copy of the original
+ /etc/passwd file, and make sure only root can read it. We'll put the
+ backup in root's home directory:
+
+ cd /etc
+ cp passwd ~passwd
+ chmod 600 ~passwd
+ mv npasswd passwd
+ mv nshadow shadow
+
+ You should also ensure that the file ownerships and permissions are
+ correct. If you are going to be using X-Windows, the xlock and xdm
+ programs need to be able to read the shadow file (but not write it).
+
+ There are two ways that this can be done. You can set xlock to suid
+ root (xdm is usually run as root anyway). Or you can make the shadow
+ file owned by root with a group of shadow, but before you do this,
+ make sure that you have a shadow group (look in /etc/group). None of
+ the users on the system should actually be in the shadow group.
+
+ chown root.root passwd
+ chown root.shadow shadow
+ chmod 0644 passwd
+ chmod 0640 shadow
+
+ Your system now has the password file shadowed. You should now pop
+ over to another virtual terminal and verify that you can login.
+
+ Really, do this now!
+
+ If you can't, then something is wrong! To get back to a non-shadowed
+ state, do the following the following:
+
+ cd /etc
+ cp ~passwd passwd
+ chmod 644 passwd
+
+ You would then restore the files that you saved earlier to their
+ proper locations.
+
+ 6. Other programs you may need to upgrade or patch
+
+ Even though the shadow suite contains replacement programs for most
+ programs that need to access passwords, there are a few additional
+ programs on most systems that require access to passwords.
+
+ If you are running a Debian Distribution (or even if you are not), you
+ can obtain Debian sources for the programs that need to be rebuild
+ from: ftp://ftp.debian.org/debian/stable/source/
+
+ The remainder of this section discusses how to upgrade adduser,
+ wu_ftpd, ftpd, pop3d, xlock, xdm and sudo so that they support the
+ shadow suite.
+
+ See the section ``Adding Shadow Support to a C program'' for a
+ discussion on how to put shadow support into any other program that
+ needs it (although the program must then be run SUID root or SGID
+ shadow to be able to actually access the shadow file).
+
+ 6.1. Slackware adduser program
+
+ Slackware distributions (and possibly some others) contain a
+ interactive program for adding users called /sbin/adduser. A shadow
+ version of this program can be obtained from
+ ftp://sunsite.unc.edu/pub/Linux/
+ system/Admin/accounts/adduser.shadow-1.4.tar.gz.
+
+ I would encourage you to use the programs that are supplied with the
+ Shadow Suite (useradd, usermod, and userdel) instead of the slackware
+ adduser program. They take a little time to learn how to use, but
+ it's well worth the effort because you have much more control and they
+ perform proper file locking on the /etc/passwd and /etc/shadow file
+ (adduser doesn't).
+
+ See the section on ``Putting the Shadow Suite to use'' for more
+ information.
+
+ But if you gotta have it, here is what you do:
+
+ tar -xzvf adduser.shadow-1.4.tar.gz
+ cd adduser
+ make clean
+ make adduser
+ chmod 700 adduser
+ cp adduser /sbin
+
+ 6.2. The wu_ftpd Server
+
+ Most Linux systems some with the wu_ftpd server. If your distribution
+ does not come with shadow installed, then your wu_ftpd will not be
+ compiled for shadow. wu_ftpd is launched from inetd/tcpd as a root
+ process. If you are running an old wu_ftpd daemon, you will want to
+ upgrade it anyway because older ones had a bug that would allow the
+ root account to be compromised (For more info see the Linux security
+ home page <http://bach.cis.temple.edu/linux/linux-security/Linux-
+ Security-FAQ/Linux-wu.ftpd-2.4-Update.html>).
+
+ Fortunately, you only need to get the source code and recompile it
+ with shadow enabled.
+
+ If you are not running an ELF system, The wu_ftp server can be found
+ on Sunsite as wu-ftp-2.4-fixed.tar.gz
+ <ftp://sunsite.unc.edu/pub/Linux/system/Network/file-transfer/wu-
+ ftpd-2.4-fixed.tar.gz>
+
+ Once you retrieve the server, put it in /usr/src, then type:
+
+ cd /usr/src
+ tar -xzvf wu-ftpd-2.4-fixed.tar.gz
+ cd wu-ftpd-2.4-fixed
+ cp ./src/config/config.lnx.shadow ./src/config/config.lnx
+
+ Then edit ./src/makefiles/Makefile.lnx, and change the line:
+
+ LIBES = -lbsd -support
+
+ to:
+
+ LIBES = -lbsd -support -lshadow
+
+ Now you are ready to run the build script and install:
+
+ cd /usr/src/wu-ftpd-2.4-fixed
+ /usr/src/wu-ftp-2.4.fixed/build lnx
+ cp /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd.old
+ cp ./bin/ftpd /usr/sbin/wu.ftpd
+
+ This uses the Linux shadow configuration file, compiles and installs
+ the server.
+
+ On my Slackware 2.3 system I also had to do the following before
+ running build:
+
+ cd /usr/include/netinet
+ ln -s in_systm.h in_system.h
+ cd -
+
+ Problems have been reported compiling this package under ELF systems,
+ but the Beta version of the next release works fine. It can be found
+ as wu-ftp-2.4.2-beta-10.tar.gz
+ <ftp://tscnet.com/pub/linux/network/ftp/wu-ftpd-2.4.2-beta-10.tar.gz>
+
+ Once you retrieve the server, put it in /usr/src, then type:
+
+ cd /usr/src
+ tar -xzvf wu-ftpd-2.4.2-beta-9.tar.gz
+ cd wu-ftpd-beta-9
+ cd ./src/config
+
+ Then edit config.lnx, and change:
+
+ #undef SHADOW.PASSWORD
+
+ to:
+
+ #define SHADOW.PASSWORD
+
+ Then,
+
+ cd ../Makefiles
+
+ and edit the file Makefile.lnx and change:
+
+ LIBES = -lsupport -lbsd # -lshadow
+
+ to:
+
+ LIBES = -lsupport -lbsd -lshadow
+
+ Then build and install:
+
+ cd ..
+ build lnx
+ cp /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd.old
+ cp ./bin/ftpd /usr/sbin/wu.ftpd
+
+ Note that you should check your /etc/inetd.conf file to make sure that
+ this is where your wu.ftpd server really lives. It has been reported
+ that some distributions place the server daemons in different places,
+ and then wu.ftpd in particular may be named something else.
+
+ 6.3. Standard ftpd
+
+ If you are running the standard ftpd server, I would recommend that
+ you upgrade to the wu_ftpd server. Aside from the known bug discussed
+ above, it's generally thought to be more secure.
+
+ If you insist on the standard one, or you need NIS support, Sunsite
+ has ftpd-shadow-nis.tgz
+ <ftp://sunsite.unc.edu/pub/Linux/system/Network/file-transfer/ftpd-
+ shadow-nis.tgz>
+
+ 6.4. pop3d (Post Office Protocol 3)
+
+ If you need to support the third Post Office Protocol (POP3), you will
+ need to recompile a pop3d program. pop3d is normally run by
+ inetd/tcpd as root.
+
+ There are two versions available from Sunsite:
+ pop3d-1.00.4.linux.shadow.tar.gz
+ <ftp://sunsite.unc.edu/pub/Linux/system/Mail/pop/pop3d-1.00.4.linux.shadow.tar.gz>
+ and pop3d+shadow+elf.tar.gz
+ <ftp://sunsite.unc.edu/pub/Linux/system/Mail/pop/pop3d+shadow+elf.tar.gz>
+
+ Both of these are fairly straight forward to install.
+
+ 6.5. xlock
+
+ If you install the shadow suite, and then run X Windows System and
+ lock the screen without upgrading your xlock, you will have to use
+ CNTL-ALT-Fx to switch to another tty, login, and kill the xlock
+ process (or use CNTL-ALT-BS to kill the X server). Fortunately it's
+ fairly easy to upgrade your xlock program.
+
+ If you are running XFree86 Versions 3.x.x, you are probably using
+ xlockmore (which is a great screen-saver in addition to a lock). This
+ package supports shadow with a recompile. If you have an older xlock,
+ I recommend that you upgrade to this one.
+
+ xlockmore-3.5.tgz is available at:
+ <ftp://sunsite.unc.edu/pub/Linux/X11/xutils/screensavers/xlockmore-3.7.tgz>
+
+ Basically, this is what you need to do:
+
+ Get the xlockmore-3.7.tgz file and put it in /usr/src unpack it:
+
+ tar -xzvf xlockmore-3.7.tgz
+
+ Edit the file: /usr/X11R6/lib/X11/config/linux.cf, and change the
+ line:
+
+ #define HasShadowPasswd NO
+
+ to
+
+ #define HasShadowPasswd YES
+
+ Then build the executables:
+
+ cd /usr/src/xlockmore
+ xmkmf
+ make depend
+ make
+
+ Then move everything into place and update file ownerships and
+ permissions:
+
+ cp xlock /usr/X11R6/bin/
+ cp XLock /var/X11R6/lib/app-defaults/
+ chown root.shadow /usr/X11R6/bin/xlock
+ chmod 2755 /usr/X11R6/bin/xlock
+ chown root.shadow /etc/shadow
+ chmod 640 /etc/shadow
+
+ Your xlock will now work correctly.
+
+ 6.6. xdm
+
+ xdm is a program that presents a login screen for X-Windows. Some
+ systems start xdm when the system is told to goto a specified run
+ level (see /etc/inittab.
+
+ With the Shadow Suite install, xdm will need to be updated.
+ Fortunately it's fairly easy to upgrade your xdm program.
+
+ xdm.tar.gz is available at:
+ <ftp://sunsite.unc.edu/pub/Linux/X11/xutils/xdm.tar.gz>
+
+ Get the xdm.tar.gz file and put it in /usr/src, then to unpack it:
+
+ tar -xzvf xdm.tar.gz
+
+ Edit the file: /usr/X11R6/lib/X11/config/linux.cf, and change the
+ line:
+
+ #define HasShadowPasswd NO
+
+ to
+
+ #define HasShadowPasswd YES
+
+ Then build the executables:
+
+ cd /usr/src/xdm
+ xmkmf
+ make depend
+ make
+
+ Then move everything into place:
+
+ cp xdm /usr/X11R6/bin/
+
+ xdm is run as root so you don't need to change it file permissions.
+
+ 6.7. sudo
+
+ The program sudo allows a system administrator to let users run
+ programs that would normally require root access. This is handy
+ because it lets the administrator limit access to the root account
+ itself while still allowing users to do things like mounting drives.
+
+ sudo needs to read passwords because it verifies the users password
+ when it's invoked. sudo already runs SUID root, so accessing the
+ /etc/shadow file is not a problem.
+
+ sudo for the shadow suite, is available as at:
+ <ftp://sunsite.unc.edu/pub/Linux/system/Admin/sudo-1.2-shadow.tgz>
+
+ Warning: When you install sudo your /etc/sudoers file will be replaced
+ with a default one, so you need to make a backup of it if you have
+ added anything to the default one. (you could also edit the Makefile
+ and remove the line that copies the default file to /etc).
+
+ The package is already setup for shadow, so all that's required is to
+ recompile the package (put it in /usr/src):
+
+ cd /usr/src
+ tar -xzvf sudo-1.2-shadow.tgz
+ cd sudo-1.2-shadow
+ make all
+ make install
+
+ 6.8. imapd (E-Mail pine package)
+
+ imapd is an e-mail server similar to pop3d. imapd comes with the Pine
+ E-mail package. The documentation that comes with the package states
+ that the default for Linux systems is to include support for shadow.
+ However, I have found that this is not true. Furthermore, the build
+ script / Makefile combination on this package is makes it very
+ difficult to add the libshadow.a library at compile time, so I was
+ unable to add shadow support for imapd.
+
+ If anyone has this figured out, please E-mail me, and I'll include the
+ solution here.
+
+ 6.9. pppd (Point-to-Point Protocol Server)
+
+ The pppd server can be setup to use several types of authentication:
+ Password Authentication Protocol (PAP) and Cryptographic Handshake
+ Authentication Protocol (CHAP). The pppd server usually reads the
+ password strings that it uses from /etc/ppp/chap-secrets and/or
+ /etc/ppp/pap-secrets. If you are using this default behavior of pppd,
+ it is not necessary to reinstall pppd.
+
+ pppd also allows you to use the login parameter (either on the command
+ line, or in the configuration or options file). If the login option
+ is given, then pppd will use the /etc/passwd file for the username and
+ passwords for the PAP. This, of course, will no longer work now that
+ our password file is shadowed. For pppd-1.2.1d this requires adding
+ code for shadow support.
+
+ The example given in the next section is adding shadow support to
+ pppd-1.2.1d (an older version of pppd).
+
+ pppd-2.2.0 already contains shadow support.
+
+ 7. Putting the Shadow Suite to use.
+
+ This section discusses some of the things that you will want to know
+ now that you have the Shadow Suite installed on your system. More
+ information is contained in the manual pages for each command.
+
+ 7.1. Adding, Modifying, and deleting users
+
+ The Shadow Suite added the following command line oriented commands
+ for adding, modifying, and deleting users. You may also have
+ installed the adduser program.
+
+ 7.1.1. useradd
+
+ The useradd command can be used to add users to the system. You also
+ invoke this command to change the default settings.
+
+ The first thing that you should do is to examine the default settings
+ and make changes specific to your system:
+
+ useradd -D
+
+ ______________________________________________________________________
+ GROUP=1
+ HOME=/home
+ INACTIVE=0
+ EXPIRE=0
+ SHELL=
+ SKEL=/etc/skel
+ ______________________________________________________________________
+
+ The defaults are probably not what you want, so if you started adding
+ users now you would have to specify all the information for each user.
+ However, we can and should change the default values.
+
+ On my system:
+
+ · I want the default group to be 100
+
+ · I want passwords to expire every 60 days
+
+ · I don't want to lock an account because the password is expired
+
+ · I want to default shell to be /bin/bash
+
+ To make these changes I would use:
+
+ useradd -D -g100 -e60 -f0 -s/bin/bash
+
+ Now running useradd -D will give:
+
+ ______________________________________________________________________
+ GROUP=100
+ HOME=/home
+ INACTIVE=0
+ EXPIRE=60
+ SHELL=/bin/bash
+ SKEL=/etc/skel
+ ______________________________________________________________________
+
+ Just in case you wanted to know, these defaults are stored in the file
+ /etc/default/useradd.
+
+ Now you can use useradd to add users to the system. For example, to
+ add the user fred, using the defaults, you would use the following:
+
+ useradd -m -c "Fred Flintstone" fred
+
+ This will create the following entry in the /etc/passwd file:
+
+ fred:*:505:100:Fred Flintstone:/home/fred:/bin/bash
+
+ And the following entry in the /etc/shadow file:
+
+ fred:!:0:0:60:0:0:0:0
+
+ fred's home directory will be created and the contents of /etc/skel
+ will be copied there because of the -m switch.
+
+ Also, since we did not specify a UID, the next available one was used.
+
+ fred's account is created, but fred still won't be able to login until
+ we unlock the account. We do this by changing the password.
+
+ passwd fred
+
+ ______________________________________________________________________
+ Changing password for fred
+ Enter the new password (minimum of 5 characters)
+ Please use a combination of upper and lower case letters and numbers.
+ New Password: *******
+ Re-enter new password: *******
+ ______________________________________________________________________
+
+ Now the /etc/shadow will contain:
+
+ fred:J0C.WDR1amIt6:9559:0:60:0:0:0:0
+
+ And fred will now be able to login and use the system. The nice thing
+ about useradd and the other programs that come with the Shadow Suite
+ is that they make changes to the /etc/passwd and /etc/shadow files
+ atomically. So if you are adding a user, and another user is changing
+ their password at the same time, both operations will be performed
+ correctly.
+
+ You should use the supplied commands rather than directly editing
+ /etc/passwd and /etc/shadow. If you were editing the /etc/shadow
+ file, and a user were to change his password while you are editing,
+ and then you were to save the file you were editing, the user's
+ password change would be lost.
+
+ Here is a small interactive script that adds users using useradd and
+ passwd:
+
+ ______________________________________________________________________
+ #!/bin/bash
+ #
+ # /sbin/newuser - A script to add users to the system using the Shadow
+ # Suite's useradd and passwd commands.
+ #
+ # Written my Mike Jackson <mhjack@tscnet.com> as an example for the Linux
+ # Shadow Password Howto. Permission to use and modify is expressly granted.
+ #
+ # This could be modified to show the defaults and allow modification similar
+ # to the Slackware Adduser program. It could also be modified to disallow
+ # stupid entries. (i.e. better error checking).
+ #
+ ##
+ # Defaults for the useradd command
+ ##
+ GROUP=100 # Default Group
+ HOME=/home # Home directory location (/home/username)
+ SKEL=/etc/skel # Skeleton Directory
+ INACTIVE=0 # Days after password expires to disable account (0=never)
+ EXPIRE=60 # Days that a passwords lasts
+ SHELL=/bin/bash # Default Shell (full path)
+ ##
+ # Defaults for the passwd command
+ ##
+ PASSMIN=0 # Days between password changes
+ PASSWARN=14 # Days before password expires that a warning is given
+ ##
+ # Ensure that root is running the script.
+ ##
+ WHOAMI=`/usr/bin/whoami`
+ if [ $WHOAMI != "root" ]; then
+ echo "You must be root to add news users!"
+ exit 1
+ fi
+ ##
+ # Ask for username and fullname.
+ ##
+ echo ""
+ echo -n "Username: "
+ read USERNAME
+ echo -n "Full name: "
+ read FULLNAME
+ #
+ echo "Adding user: $USERNAME."
+ #
+ # Note that the "" around $FULLNAME is required because this field is
+ # almost always going to contain at least on space, and without the "'s
+ # the useradd command would think that you we moving on to the next
+ # parameter when it reached the SPACE character.
+ #
+ /usr/sbin/useradd -c"$FULLNAME" -d$HOME/$USERNAME -e$EXPIRE \
+ -f$INACTIVE -g$GROUP -m -k$SKEL -s$SHELL $USERNAME
+ ##
+ # Set password defaults
+ ##
+ /bin/passwd -n $PASSMIN -w $PASSWARN $USERNAME >/dev/null 2>&1
+ ##
+ # Let the passwd command actually ask for password (twice)
+ ##
+ /bin/passwd $USERNAME
+ ##
+ # Show what was done.
+ ##
+ echo ""
+ echo "Entry from /etc/passwd:"
+ echo -n " "
+ grep "$USERNAME:" /etc/passwd
+ echo "Entry from /etc/shadow:"
+ echo -n " "
+ grep "$USERNAME:" /etc/shadow
+ echo "Summary output of the passwd command:"
+ echo -n " "
+ passwd -S $USERNAME
+ echo ""
+ ______________________________________________________________________
+
+ Using a script to add new users is really much more preferable than
+ editing the /etc/passwd or /etc/shadow files directly or using a
+ program like the Slackware adduser program. Feel free to use and
+ modify this script for your particular system.
+
+ For more information on the useradd see the online manual page.
+
+ 7.1.2. usermod
+
+ The usermod program is used to modify the information on a user. The
+ switches are similar to the useradd program.
+
+ Let's say that you want to change fred's shell, you would do the
+ following:
+
+ usermod -s /bin/tcsh fred
+
+ Now fred's /etc/passwd file entry would be change to this:
+
+ fred:*:505:100:Fred Flintstone:/home/fred:/bin/tcsh
+
+ Let's make fred's account expire on 09/15/97:
+
+ usermod -e 09/15/97 fred
+
+ Now fred's entry in /etc/shadow becomes:
+
+ fred:J0C.WDR1amIt6:9559:0:60:0:0:10119:0
+
+ For more information on the usermod command see the online manual
+ page.
+
+ 7.1.3. userdel
+
+ userdel does just what you would expect, it deletes the user's
+ account. You simply use:
+
+ userdel -r username
+
+ The -r causes all files in the user's home directory to be removed
+ along with the home directory itself. Files located in other file
+ system will have to be searched for and deleted manually.
+
+ If you want to simply lock the account rather than delete it, use the
+ passwd command instead.
+
+ 7.2. The passwd command and passwd aging.
+
+ The passwd command has the obvious use of changing passwords.
+ Additionally, it is used by the root user to:
+
+ · Lock and unlock accounts (-l and -u)
+
+ · Set the maximum number of days that a password remains valid (-x)
+
+ · Set the minimum days between password changes (-n)
+
+ · Sets the number of days of warning that a password is about to
+ expire (-w)
+
+ · Sets the number of days after the password expires before the
+ account is locked (-i)
+
+ · Allow viewing of account information in a clearer format (-S)
+
+ For example, let look again at fred
+
+ passwd -S fred
+ fred P 03/04/96 0 60 0 0
+
+ This means that fred's password is valid, it was last changed on
+ 03/04/96, it can be changed at any time, it expires after 60 days,
+ fred will not be warned, and and the account won't be disabled when
+ the password expires.
+
+ This simply means that if fred logs in after the password expires, he
+ will be prompted for a new password at login.
+
+ If we decide that we want to warn fred 14 days before his password
+ expires and make his account inactive 14 days after he lets it expire,
+ we would need to do the following:
+
+ passwd -w14 -i14 fred
+
+ Now fred is changed to:
+ fred P 03/04/96 0 60 14 14
+
+ For more information on the passwd command see the online manual page.
+
+ 7.3. The login.defs file.
+
+ The file /etc/login is the configuration file for the login program
+ and also for the Shadow Suite as a whole.
+
+ /etc/login contains settings from what the prompts will look like to
+ what the default expiration will be when a user changes his password.
+
+ The /etc/login.defs file is quite well documented just by the comments
+ that are contained within it. However, there are a few things to
+ note:
+
+ · It contains flags that can be turned on or off that determine the
+ amount of logging that takes place.
+
+ · It contains pointers to other configuration files.
+
+ · It contains defaults assignments for things like password aging.
+
+ From the above list you can see that this is a rather important file,
+ and you should make sure that it is present, and that the settings are
+ what you desire for your system.
+
+ 7.4. Group passwords.
+
+ The /etc/groups file may contain passwords that permit a user to
+ become a member of a particular group. This function is enabled if
+ you define the constant SHADOWGRP in the /usr/src/shadow-
+ YYMMDD/config.h file.
+
+ If you define this constant and then compile, you must create an
+ /etc/gshadow file to hold the group passwords and the group
+ administrator information.
+
+ When you created the /etc/shadow, you used a program called pwconv,
+ there no equivalent program to create the /etc/gshadow file, but it
+ really doesn't matter, it takes care of itself.
+
+ To create the initial /etc/gshadow file do the following:
+
+ touch /etc/gshadow
+ chown root.root /etc/gshadow
+ chmod 700 /etc/gshadow
+
+ Once you create new groups, they will be added to the /etc/group and
+ the /etc/gshadow files. If you modify a group by adding or removing
+ users or changing the group password, the /etc/gshadow file will be
+ changed.
+
+ The programs groups, groupadd, groupmod, and groupdel are provided as
+ part of the Shadow Suite to modify groups.
+
+ The format of the /etc/group file is as follows:
+
+ groupname:!:GID:member,member,...
+
+ Where:
+
+ groupname
+ The name of the group
+
+ ! The field that normally holds the password, but that is now
+ relocated to the /etc/gshadow file.
+
+ GID
+ The numerical group ID number
+
+ member
+ List of group members
+
+ The format of the /etc/gshadow file is as follows:
+
+ groupname:password:admin,admin,...:member,member,...
+
+ Where:
+
+ groupname
+ The name of the group
+
+ password
+ The encoded group password.
+
+ admin
+ List of group administrators
+
+ member
+ List of group members
+
+ The command gpasswd is used only for adding or removing administrators
+ and members to or from a group. root or someone in the list of
+ administrators may add or remove group members.
+
+ The groups password can be changed using the passwd command by root or
+ anyone listed as an administrator for the group.
+
+ Despite the fact that there is not currently a manual page for
+ gpasswd, typing gpasswd without any parameters gives a listing of
+ options. It's fairly easy to grasp how it all works once you
+ understand the file formats and the concepts.
+
+ 7.5. Consistency checking programs
+
+ 7.5.1. pwck
+
+ The program pwck is provided to provide a consistency check on the
+ /etc/passwd and /etc/shadow files. It will check each username and
+ verify that it has the following:
+
+ · the correct number of fields
+
+ · unique user name
+
+ · valid user and group identifier
+
+ · valid primary group
+
+ · valid home directory
+
+ · valid login shell
+
+ It will also warn of any account that has no password.
+
+ It's a good idea to run pwck after installing the Shadow Suite. It's
+ also a good idea to run it periodically, perhaps weekly or monthly.
+ If you use the -r option, you can use cron to run it on a regular
+ basis and have the report mailed to you.
+
+ 7.5.2. grpck
+
+ grpck is the consistency checking program for the /etc/group and
+ /etc/gshadow files. It performs the following checks:
+
+ · the correct number of fields
+
+ · unique group name
+
+ · valid list of members and administrators
+
+ It also has the -r option for automated reports.
+
+ 7.6. Dial-up passwords.
+
+ Dial-up passwords are another optional line of defense for systems
+ that allow dial-in access. If you have a system that allows many
+ people to connect locally or via a network, but you want to limit who
+ can dial in and connect, then dial-up passwords are for you. To
+ enable dial-up passwords, you must edit the file /etc/login.defs and
+ ensure that DIALUPS_CHECK_ENAB is set to yes.
+
+ Two files contain the dial-up information, /etc/dialups which contains
+ the ttys (one per line, with the leading "/dev/" removed). If a tty
+ is listed then dial-up checks are performed.
+
+ The second file is the /etc/d_passwd file. This file contains the
+ fully qualified path name of a shell, followed by an optional
+ password.
+
+ If a user logs into a line that is listed in /etc/dialups, and his
+ shell is listed in the file /etc/d_passwd he will be allowed access
+ only by suppling the correct password.
+
+ Another useful purpose for using dial-up passwords might be to setup a
+ line that only allows a certain type of connect (perhaps a PPP or UUCP
+ connection). If a user tries to get another type of connection (i.e.
+ a list of shells), he must know a password to use the line.
+
+ Before you can use the dial-up feature, you must create the files.
+
+ The command dpasswd is provided to assign passwords to the shells in
+ the /etc/d_passwd file. See the manual page for more information.
+ 8. Adding shadow support to a C program
+
+ Adding shadow support to a program is actually fairly straightforward.
+ The only problem is that the program must be run by root (or SUID
+ root) in order for the the program to be able to access the
+ /etc/shadow file.
+
+ This presents one big problem: very careful programming practices must
+ be followed when creating SUID programs. For instance, if a program
+ has a shell escape, this must not occur as root if the program is SUID
+ root.
+
+ For adding shadow support to a program so that it can check passwords,
+ but otherwise does need to run as root, it's a lot safer to run the
+ program SUID shadow instead. The xlock program is an example of this.
+
+ In the example given below, pppd-1.2.1d already runs SUID as root, so
+ adding shadow support should not make the program any more vulnerable.
+
+ 8.1. Header files
+
+ The header files should reside in /usr/include/shadow. There should
+ also be a /usr/include/shadow.h, but it will be a symbolic link to
+ /usr/include/shadow/shadow.h.
+
+ To add shadow support to a program, you need to include the header
+ files:
+
+ #include <shadow/shadow.h>
+ #include <shadow/pwauth.h>
+
+ It might be a good idea to use compiler directives to conditionally
+ compile the shadow code (I do in the example below).
+
+ 8.2. libshadow.a library
+
+ When you installed the Shadow Suite the libshadow.a file was created
+ and installed in /usr/lib.
+
+ When compiling shadow support into a program, the linker needs to be
+ told to include the libshadow.a library into the link.
+
+ This is done by:
+
+ gcc program.c -o program -lshadow
+
+ However, as we will see in the example below, most large programs use
+ a Makefile, and usually have a variable called LIBS=... that we will
+ modify.
+
+ 8.3. Shadow Structure
+
+ The libshadow.a library uses a structure called spwd for the
+ information it retrieves from the /etc/shadow file. This is the
+ definition of the spwd structure from the /usr/include/shadow/shadow.h
+ header file:
+
+ ______________________________________________________________________
+ struct spwd
+ {
+ char *sp_namp; /* login name */
+ char *sp_pwdp; /* encrypted password */
+ sptime sp_lstchg; /* date of last change */
+ sptime sp_min; /* minimum number of days between changes */
+ sptime sp_max; /* maximum number of days between changes */
+ sptime sp_warn; /* number of days of warning before password
+ expires */
+ sptime sp_inact; /* number of days after password expires
+ until the account becomes unusable. */
+ sptime sp_expire; /* days since 1/1/70 until account expires
+ */
+ unsigned long sp_flag; /* reserved for future use */
+ };
+ ______________________________________________________________________
+
+ The Shadow Suite can put things into the sp_pwdp field besides just
+ the encoded passwd. The password field could contain:
+
+ username:Npge08pfz4wuk;@/sbin/extra:9479:0:10000::::
+
+ This means that in addition to the password, the program /sbin/extra
+ should be called for further authentication. The program called will
+ get passed the username and a switch that indicates why it's being
+ called. See the file /usr/include/shadow/pwauth.h and the source code
+ for pwauth.c for more information.
+
+ What this means is that we should use the function pwauth to perform
+ the actual authentication, as it will take care of the secondary
+ authentication as well. The example below does this.
+
+ The author of the Shadow Suite indicates that since most programs in
+ existence don't do this, and that it may be removed or changed in
+ future versions of the Shadow Suite.
+
+ 8.4. Shadow Functions
+
+ The shadow.h file also contains the function prototypes for the
+ functions contained in the libshadow.a library:
+
+ ______________________________________________________________________
+ extern void setspent __P ((void));
+ extern void endspent __P ((void));
+ extern struct spwd *sgetspent __P ((__const char *__string));
+ extern struct spwd *fgetspent __P ((FILE *__fp));
+ extern struct spwd *getspent __P ((void));
+ extern struct spwd *getspnam __P ((__const char *__name));
+ extern int putspent __P ((__const struct spwd *__sp, FILE *__fp));
+ ______________________________________________________________________
+
+ The function that we are going to use in the example is: getspnam
+ which will retrieve for us a spwd structure for the supplied name.
+
+ 8.5. Example
+
+ This is an example of adding shadow support to a program that needs
+ it, but does not have it by default.
+
+ This example uses the Point-to-Point Protocol Server (pppd-1.2.1d),
+ which has a mode in which it performs PAP authentication using user
+ names and passwords from the /etc/passwd file instead of the PAP or
+ CHAP files. You would not need to add this code to pppd-2.2.0 because
+ it's already there.
+
+ This feature of pppd probably isn't used very much, but if you
+ installed the Shadow Suite, it won't work anymore because the
+ passwords are no longer stored in /etc/passwd.
+
+ The code for authenticating users under pppd-1.2.1d is located in the
+ /usr/src/pppd-1.2.1d/pppd/auth.c file.
+
+ The following code needs to be added to the top of the file where all
+ the other #include directives are. We have surrounded the #includes
+ with conditional directives (i.e. only include if we are compiling for
+ shadow support).
+
+ ______________________________________________________________________
+ #ifdef HAS_SHADOW
+ #include <shadow.h>
+ #include <shadow/pwauth.h>
+ #endif
+ ______________________________________________________________________
+
+ The next thing to do is to modify the actual code. We are still
+ making changes to the auth.c file.
+
+ Function auth.c before modifications:
+
+ ______________________________________________________________________
+ /*
+ * login - Check the user name and password against the system
+ * password database, and login the user if OK.
+ *
+ * returns:
+ * UPAP_AUTHNAK: Login failed.
+ * UPAP_AUTHACK: Login succeeded.
+ * In either case, msg points to an appropriate message.
+ */
+ static int
+ login(user, passwd, msg, msglen)
+ char *user;
+ char *passwd;
+ char **msg;
+ int *msglen;
+ {
+ struct passwd *pw;
+ char *epasswd;
+ char *tty;
+
+ if ((pw = getpwnam(user)) == NULL) {
+ return (UPAP_AUTHNAK);
+ }
+ /*
+ * XXX If no passwd, let them login without one.
+ */
+ if (pw->pw_passwd == '\0') {
+ return (UPAP_AUTHACK);
+ }
+
+ epasswd = crypt(passwd, pw->pw_passwd);
+ if (strcmp(epasswd, pw->pw_passwd)) {
+ return (UPAP_AUTHNAK);
+ }
+
+ syslog(LOG_INFO, "user %s logged in", user);
+
+ /*
+ * Write a wtmp entry for this user.
+ */
+ tty = strrchr(devname, '/');
+ if (tty == NULL)
+ tty = devname;
+ else
+ tty++;
+ logwtmp(tty, user, ""); /* Add wtmp login entry */
+ logged_in = TRUE;
+
+ return (UPAP_AUTHACK);
+ }
+ ______________________________________________________________________
+
+ The user's password is placed into pw->pw_passwd, so all we really
+ need to do is add the function getspnam. This will put the password
+ into spwd->sp_pwdp.
+
+ We will add the function pwauth to perform the actual authentication.
+ This will automatically perform secondary authentication if the shadow
+ file is setup for it.
+
+ Function auth.c after modifications to support shadow:
+
+ ______________________________________________________________________
+ /*
+ * login - Check the user name and password against the system
+ * password database, and login the user if OK.
+ *
+ * This function has been modified to support the Linux Shadow Password
+ * Suite if USE_SHADOW is defined.
+ *
+ * returns:
+ * UPAP_AUTHNAK: Login failed.
+ * UPAP_AUTHACK: Login succeeded.
+ * In either case, msg points to an appropriate message.
+ */
+ static int
+ login(user, passwd, msg, msglen)
+ char *user;
+ char *passwd;
+ char **msg;
+ int *msglen;
+ {
+ struct passwd *pw;
+ char *epasswd;
+ char *tty;
+
+ #ifdef USE_SHADOW
+ struct spwd *spwd;
+ struct spwd *getspnam();
+ #endif
+
+ if ((pw = getpwnam(user)) == NULL) {
+ return (UPAP_AUTHNAK);
+ }
+
+ #ifdef USE_SHADOW
+ spwd = getspnam(user);
+ if (spwd)
+ pw->pw_passwd = spwd->sp-pwdp;
+ #endif
+
+ /*
+ * XXX If no passwd, let NOT them login without one.
+ */
+ if (pw->pw_passwd == '\0') {
+ return (UPAP_AUTHNAK);
+ }
+ #ifdef HAS_SHADOW
+ if ((pw->pw_passwd && pw->pw_passwd[0] == '@'
+ && pw_auth (pw->pw_passwd+1, pw->pw_name, PW_LOGIN, NULL))
+ || !valid (passwd, pw)) {
+ return (UPAP_AUTHNAK);
+ }
+ #else
+ epasswd = crypt(passwd, pw->pw_passwd);
+ if (strcmp(epasswd, pw->pw_passwd)) {
+ return (UPAP_AUTHNAK);
+ }
+ #endif
+
+ syslog(LOG_INFO, "user %s logged in", user);
+
+ /*
+ * Write a wtmp entry for this user.
+ */
+ tty = strrchr(devname, '/');
+ if (tty == NULL)
+ tty = devname;
+ else
+ tty++;
+ logwtmp(tty, user, ""); /* Add wtmp login entry */
+ logged_in = TRUE;
+
+ return (UPAP_AUTHACK);
+ }
+ ______________________________________________________________________
+
+ Careful examination will reveal that we made another change as well.
+ The original version allowed access (returned UPAP_AUTHACK if there
+ was NO password in the /etc/passwd file. This is not good, because a
+ common use of this login feature is to use one account to allow access
+ to the PPP process and then check the username and password supplied
+ by PAP with the username in the /etc/passwd file and the password in
+ the /etc/shadow file.
+
+ So if we had set the original version up to run as the shell for a
+ user i.e. ppp, then anyone could get a ppp connection by setting
+ their PAP to user ppp and a password of null.
+
+ We fixed this also by returning UPAP_AUTHNAK instead of UPAP_AUTHACK
+ if the password field was empty.
+
+ Interestingly enough, pppd-2.2.0 has the same problem.
+
+ Next we need to modify the Makefile so that two things occur:
+ USE_SHADOW must be defined, and libshadow.a needs to be added to the
+ linking process.
+
+ Edit the Makefile, and add:
+
+ LIBS = -lshadow
+
+ Then we find the line:
+
+ COMPILE_FLAGS = -I.. -D_linux_=1 -DGIDSET_TYPE=gid_t
+
+ And change it to:
+
+ COMPILE_FLAGS = -I.. -D_linux_=1 -DGIDSET_TYPE=gid_t -DUSE_SHADOW
+
+ Now make and install.
+
+ 9. Frequently Asked Questions.
+
+ Q: I used to control which tty's root could log into using the file
+ /etc/securettys, but it doesn't seem to work anymore, what's going on?
+
+ A: The file /etc/securettys does absolutely nothing now that the
+ Shadow Suite is installed. The tty's that root can use are now
+ located in the login configuration file /etc/login.defs. The entry in
+ this file may point to another file.
+
+ Q: I installed the Shadow Suite, but now I can't login, what did I
+ miss?
+
+ A: You probably installed the Shadow programs, but didn't run pwconv
+ or you forgot to copy /etc/npasswd to /etc/passwd and /etc/nshadow to
+ /etc/shadow. Also, you may need to copy login.defs to /etc.
+
+ Q: In the section on xlock, it said to change the group ownership of
+ the /etc/shadow file to shadow. I don't have a shadow group, what do
+ I do?
+
+ A: You can add one. Simply edit the /etc/group file, and insert a
+ line for the shadow group. You need to ensure that the group number
+ is not used by another group, and you need to insert it before the
+ nogroup entry. Or you can simply suid xlock to root.
+
+ Q: Is there a mailing list for the Linux Shadow Password Suite?
+
+ A: Yes, but it's for the development and beta testing of the next
+ Shadow Suite for Linux. You can get added to the list by mailing to:
+ shadow-list-request@neptune.cin.net with a subject of: subscribe. The
+ list is actually for discussions of the Linux shadow-YYMMSS series of
+ releases. You should join if you want to get involved in further
+ development or if you install the Suite on your system and want to get
+ information on newer releases.
+
+ Q: I installed the Shadow Suite, but when I use the userdel command, I
+ get "userdel: cannot open shadow group file", what did I do wrong?
+
+ A: You compiled the Shadow Suite with the SHADOWGRP option enabled,
+ but you don't have an /etc/gshadow file. You need to either edit the
+ config.h file and recompile, or create an /etc/group file. See the
+ section on shadow groups.
+
+ Q: I installed the Shadow Suite but now I'm getting encoded passwords
+ back in my /etc/passwd file, what's wrong?
+
+ A: You either enabled the AUTOSHADOW option in the Shadow config.h
+ file, or your libc was compiled with the SAHDOW_COMPAT option. You
+ need to determine which is the problem, and recompile.
+
+ 10. Copyright Message.
+
+ The Linux Shadow Password HOWTO is Copyright (c) 1996 Michael H.
+ Jackson.
+
+ Permission is granted to make and distribute verbatim copies of this
+ document provided the copyright notice and this permission notice are
+ preserved on all copies.
+
+ Permission is granted to copy and distribute modified versions of this
+ document under the conditions for verbatim copies above, provided a
+ notice clearly stating that the document is a modified version is also
+ included in the modified document.
+
+ Permission is granted to copy and distribute translations of this
+ document into another language, under the conditions specified above
+ for modified versions.
+
+ Permission is granted to convert this document into another media
+ under the conditions specified above for modified versions provided
+ the requirement to acknowledge the source document is fulfilled by
+ inclusion of an obvious reference to the source document in the new
+ media. Where there is any doubt as to what defines 'obvious' the
+ copyright owner reserves the right to decide.
+
+ 11. Miscellaneous and Acknowledgments.
+
+ The code examples for auth.c are taken from pppd-1.2.1d and
+ ppp-2.1.0e, Copyright (c) 1993 and The Australian National University
+ and Copyright (c) 1989 Carnegie Mellon University.
+
+ Thanks to Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl> for
+ writing and maintaining the Shadow Suite for Linux, and for his review
+ and comments on this document.
+
+ Thanks to Ron Tidd <rtidd@tscnet.com> for his helpful review and
+ testing.
+
+ Thanks to everyone who has sent me feedback to help improve this
+ document.
+
+ Please, if you have any comments or suggestions then mail them to me.
+
+ regards
+
+ Michael H. Jackson <mhjack@tscnet.com>
+
diff --git a/doc/Makefile.am b/doc/Makefile.am
new file mode 100644
index 0000000..85f2248
--- /dev/null
+++ b/doc/Makefile.am
@@ -0,0 +1,5 @@
+# This is a dummy Makefile.am to get automake work flawlessly,
+# and also cooperate to make a distribution for `make dist'
+
+EXTRA_DIST = HOWTO README.limits \
+ README.platforms WISHLIST console.c.spec.txt cracklib26.diff
diff --git a/doc/README.limits b/doc/README.limits
new file mode 100644
index 0000000..6551ad7
--- /dev/null
+++ b/doc/README.limits
@@ -0,0 +1,66 @@
+
+ABOUT shadow-login limits:
+
+This code is merged into shadow login program from the original LShell 2.01
+written by Joel Katz. The port and some additional features have been added
+by Cristian Gafton (gafton@sorosis.ro).
+
+
+Changes:
+ - 96/04/16
+ - {spaces,tabs} allowed within limits string
+ - Warn via syslog multiple default limits
+ - added few paragraphs to the login man page
+ - 96/04/14
+ - code merged into lmain.c --cristiang
+
+TODO: - support groups in the limits file
+ (only usernames are supported at this momment :-( )
+
+Setting user limits for shadow login program
+
+First, make a root-only-readable file (/etc/limits by default or LIMITS_FILE
+defined config.h) that describes the resource limits you wish to impose. By
+default no quotas are imposed on 'root'. In fact, there is no way to impose
+limits via this procedure to root-equiv accounts (accounts with UID 0).
+
+Each line describes a limit for a user in the form:
+
+ user LIMITS_STRING
+
+The LIMITS_STRING is a string of a concatenated list of resource limits.
+Each limit consists of a letter identifier followed by a numerical limit.
+The valid identifiers are:
+
+ A: max address space (KB)
+ C: max core file size (KB)
+ D: max data size (KB)
+ F: maximum filesize (KB)
+ M: max locked-in-memory address space (KB)
+ N: max number of open files
+ R: max resident set size (KB)
+ S: max stack size (KB)
+ T: max CPU time (MIN)
+ U: max number of processes
+ L: max number of logins for this user
+
+For example, L2D2048N5 is a valid LIMITS_STRING. For reading convenience,
+the following entries are equivalent:
+
+username L2D2048N5
+username L2 D2048 N5
+
+Be aware that after <username> the rest of the line is considered a limit
+string, thus comments are not allowed. A invalid limits string will be
+rejected (not considered) by the login program.
+
+The default entry is denoted by username '*'. If you have multiple 'default'
+entries in your LIMITS_FILE, then the last one will be used as the default
+entry.
+
+To completely disable limits for a user, a single dash (-) will do.
+
+Also, please note that all limit settings are set PER LOGIN. They are
+not global, nor are they permanent. Perhaps global limits will come, but
+for now this will have to do ;)
+
diff --git a/doc/README.platforms b/doc/README.platforms
new file mode 100644
index 0000000..295d125
--- /dev/null
+++ b/doc/README.platforms
@@ -0,0 +1,33 @@
+# $Id$
+#
+# This is the current (still incomplete) list of platforms this
+# package has been verified to work on. Additions (preferably
+# in the format as described below) are welcome. Thanks!
+#
+# V: last version reported to work
+# H: host type
+# L: Linux libc version
+# D: Linux distribution, or other OS name and version
+# C: changes (if any)
+# R: reported by
+
+V: 980529
+H: sparc-unknown-linux-gnu
+L: glibc-2.0.7
+D: Ultrapenguin-1.0.9
+C: had to explicitly disable desrpc.
+R: Bjorn Christianson <bjorn@cascade.psychology.mcmaster.ca>
+
+V: 980724
+H: i486-pc-linux-gnulibc1
+L: libc-5.4.33
+D: Debian-1.3.1.r6
+C: none (use dpkg-buildpackage)
+R: Marek Michalkiewicz <marekm@linux.org.pl>
+
+V: current
+H: i686-pc-linux-gnu
+L: glibc-2.0.7.19981211
+D: Debian-2.1
+C: none (use dpkg-buildpackage)
+R: Marek Michalkiewicz <marekm@linux.org.pl>
diff --git a/doc/WISHLIST b/doc/WISHLIST
new file mode 100644
index 0000000..61390bd
--- /dev/null
+++ b/doc/WISHLIST
@@ -0,0 +1,40 @@
+$Id$
+
+This is my wishlist for the shadow suite, in no particular order. Feel
+free to do anything from this list and mail me the diffs :-).
+
+Patches in diff -u format, against the latest version (sometimes in the
+"beta" directory) are preferred and make my job easier. Please, no
+MIME, base64, quoted-printable, or HTML. For very big patches, or if
+your mailer can corrupt them, please use gzip and uuencode. Thanks!
+
+New ideas to add to this list are welcome, too. --marekm
+
+- fix all the bugs, of course
+- implement "su only" accounts (no logins, only su from other account)
+- rewrite getdef.c to be more general? (no hardcoded names)
+- patch for rlogind/telnetd to create utmp entry and fill in ut_addr
+- option to specify encrypted password in passwd (for yppasswdd, so it
+ doesn't need to know about shadow/non-shadow); should probably use a pipe
+ (less insecure than command line arguments)
+- add support for changing NIS passwords
+- add option to check passwords by piping them to external programs
+- add functionality of the contrib/rpasswd.c wrapper to passwd
+- option to generate pronounceable passwords (like on SCO), external program?
+- poppassd (remote password change for eudora etc.)
+- add support for passwd/shadow db files (glibc)
+- vipw: check password files for errors after editing
+- add "maximum time users allowed to stay logged in" limit option to logoutd
+- handle quotes in /etc/environment like the shell does (but sshd doesn't...)
+- better utmpx support (logoutd, ...)
+- better OPIE support (report number of logins left, etc.)
+- new option for /etc/suauth: don't load user's environment (force "su -")
+ suggested by Ulisses Alonso Camaro
+- find out why recent releases won't compile on Solaris
+- newusers should be able to copy /etc/skel to the new home directory
+ (like useradd)
+- add directories where other packages can add hooks for package-specific
+ per-user configuration, to be executed with run-parts. Some hooks should
+ be executed at package install time for existing users, likewise for
+ package removal and possibly modification. (Debian Bug#36019)
+
diff --git a/doc/console.c.spec.txt b/doc/console.c.spec.txt
new file mode 100644
index 0000000..b7c0d0d
--- /dev/null
+++ b/doc/console.c.spec.txt
@@ -0,0 +1,36 @@
+$Id$
+
+Specification for console.c source file --
+
+input values --
+ tty -- character pointer to device name with leading "/dev/"
+ removed.
+
+return values --
+ 0 -- false
+ 1 -- true
+
+int console (char * tty)
+ if "CONSOLE" string value is not present in login.defs
+ return true
+
+ if the first character of "CONSOLE" string value is not "/"
+ treat the string as a ":" delimited list of device
+ names and search for the value of tty in that
+ tokenized list.
+
+ if a match is found
+ return true
+
+ return false
+
+ if the file named by "CONSOLE" cannot be opened
+ return true
+
+ scan the file looking for a match between the input line
+ and the value of tty
+
+ if a match is found
+ return true
+
+ return false
diff --git a/doc/cracklib26.diff b/doc/cracklib26.diff
new file mode 100644
index 0000000..09160b8
--- /dev/null
+++ b/doc/cracklib26.diff
@@ -0,0 +1,340 @@
+diff -ur orig/cracklib26_small/cracklib/fascist.c cracklib26_small/cracklib/fascist.c
+--- orig/cracklib26_small/cracklib/fascist.c Mon Dec 15 02:56:55 1997
++++ cracklib26_small/cracklib/fascist.c Sat Apr 4 22:14:45 1998
+@@ -12,6 +12,7 @@
+ #include <ctype.h>
+ #include <sys/types.h>
+ #include <pwd.h>
++#include <string.h>
+
+ #define ISSKIP(x) (isspace(x) || ispunct(x))
+
+@@ -460,28 +461,27 @@
+ }
+
+ char *
+-FascistGecos(password, uid)
++FascistGecosPw(password, pwd)
+ char *password;
+- int uid;
++ struct passwd *pwd;
+ {
+ int i;
+ int j;
+ int wc;
+ char *ptr;
+- struct passwd *pwp;
+ char gbuffer[STRINGSIZE];
+ char tbuffer[STRINGSIZE];
+ char *uwords[STRINGSIZE];
+ char longbuffer[STRINGSIZE * 2];
+
+- if (!(pwp = getpwuid(uid)))
++ if (!pwd)
+ {
+ return ("you are not registered in the password file");
+ }
+
+ /* lets get really paranoid and assume a dangerously long gecos entry */
+
+- strncpy(tbuffer, pwp->pw_name, STRINGSIZE);
++ strncpy(tbuffer, pwd->pw_name, STRINGSIZE);
+ tbuffer[STRINGSIZE-1] = '\0';
+ if (GTry(tbuffer, password))
+ {
+@@ -490,12 +490,13 @@
+
+ /* it never used to be that you got passwd strings > 1024 chars, but now... */
+
+- strncpy(tbuffer, pwp->pw_gecos, STRINGSIZE);
++ strncpy(tbuffer, pwd->pw_gecos, STRINGSIZE);
+ tbuffer[STRINGSIZE-1] = '\0';
+ strcpy(gbuffer, Lowercase(tbuffer));
+
+ wc = 0;
+ ptr = gbuffer;
++ uwords[0] = (char *) 0;
+
+ while (*ptr)
+ {
+@@ -530,6 +531,8 @@
+ *(ptr++) = '\0';
+ }
+ }
++ if (!uwords[0])
++ return ((char *) 0); /* empty gecos */
+ #ifdef DEBUG
+ for (i = 0; uwords[i]; i++)
+ {
+@@ -586,9 +589,10 @@
+ }
+
+ char *
+-FascistLook(pwp, instring)
++FascistLookPw(pwp, instring, pwd)
+ PWDICT *pwp;
+ char *instring;
++ struct passwd *pwd;
+ {
+ int i;
+ char *ptr;
+@@ -667,7 +671,7 @@
+ return ("it looks like a National Insurance number.");
+ }
+
+- if (ptr = FascistGecos(password, getuid()))
++ if (ptr = FascistGecosPw(password, pwd ? pwd : getpwuid(getuid())))
+ {
+ return (ptr);
+ }
+@@ -715,9 +719,10 @@
+ }
+
+ char *
+-FascistCheck(password, path)
++FascistCheckPw(password, path, pwd)
+ char *password;
+ char *path;
++ struct passwd *pwd;
+ {
+ static char lastpath[STRINGSIZE];
+ static PWDICT *pwp;
+@@ -750,5 +755,29 @@
+ strncpy(lastpath, path, STRINGSIZE);
+ }
+
+- return (FascistLook(pwp, pwtrunced));
++ return (FascistLookPw(pwp, pwtrunced, pwd));
++}
++
++char *
++FascistGecos(password, uid)
++ char *password;
++ int uid;
++{
++ return (FascistGecosPw(password, getpwuid(uid)));
++}
++
++char *
++FascistLook(pwp, instring)
++ PWDICT *pwp;
++ char *instring;
++{
++ return (FascistLookPw(pwp, instring, (char *) 0));
++}
++
++char *
++FascistCheck(password, path)
++ char *password;
++ char *path;
++{
++ return (FascistCheckPw(password, path, (char *) 0));
+ }
+diff -ur orig/cracklib26_small/cracklib/packer.h cracklib26_small/cracklib/packer.h
+--- orig/cracklib26_small/cracklib/packer.h Mon Dec 15 00:09:30 1997
++++ cracklib26_small/cracklib/packer.h Sat Jan 10 22:13:46 1998
+@@ -34,6 +34,7 @@
+ FILE *dfp;
+ FILE *wfp;
+
++ int canfree;
+ int32 flags;
+ #define PFOR_WRITE 0x0001
+ #define PFOR_FLUSH 0x0002
+diff -ur orig/cracklib26_small/cracklib/packlib.c cracklib26_small/cracklib/packlib.c
+--- orig/cracklib26_small/cracklib/packlib.c Fri Jul 9 22:22:58 1993
++++ cracklib26_small/cracklib/packlib.c Sat Jan 10 22:28:49 1998
+@@ -16,7 +16,7 @@
+ char *mode;
+ {
+ int32 i;
+- static PWDICT pdesc;
++ PWDICT *pdesc;
+ char iname[STRINGSIZE];
+ char dname[STRINGSIZE];
+ char wname[STRINGSIZE];
+@@ -25,92 +25,94 @@
+ FILE *ifp;
+ FILE *wfp;
+
+- if (pdesc.header.pih_magic == PIH_MAGIC)
+- {
+- fprintf(stderr, "%s: another dictionary already open\n", prefix);
++ if ((pdesc = (PWDICT *) malloc(sizeof(PWDICT))) == 0)
+ return ((PWDICT *) 0);
+- }
+
+- memset(&pdesc, '\0', sizeof(pdesc));
++ memset(pdesc, '\0', sizeof(*pdesc));
+
+ sprintf(iname, "%s.pwi", prefix);
+ sprintf(dname, "%s.pwd", prefix);
+ sprintf(wname, "%s.hwm", prefix);
+
+- if (!(pdesc.dfp = fopen(dname, mode)))
++ if (!(pdesc->dfp = fopen(dname, mode)))
+ {
+ perror(dname);
++ free(pdesc);
+ return ((PWDICT *) 0);
+ }
+
+- if (!(pdesc.ifp = fopen(iname, mode)))
++ if (!(pdesc->ifp = fopen(iname, mode)))
+ {
+- fclose(pdesc.dfp);
++ fclose(pdesc->dfp);
+ perror(iname);
++ free(pdesc);
+ return ((PWDICT *) 0);
+ }
+
+- if (pdesc.wfp = fopen(wname, mode))
++ if (pdesc->wfp = fopen(wname, mode))
+ {
+- pdesc.flags |= PFOR_USEHWMS;
++ pdesc->flags |= PFOR_USEHWMS;
+ }
+
+- ifp = pdesc.ifp;
+- dfp = pdesc.dfp;
+- wfp = pdesc.wfp;
++ ifp = pdesc->ifp;
++ dfp = pdesc->dfp;
++ wfp = pdesc->wfp;
+
+ if (mode[0] == 'w')
+ {
+- pdesc.flags |= PFOR_WRITE;
+- pdesc.header.pih_magic = PIH_MAGIC;
+- pdesc.header.pih_blocklen = NUMWORDS;
+- pdesc.header.pih_numwords = 0;
++ pdesc->flags |= PFOR_WRITE;
++ pdesc->header.pih_magic = PIH_MAGIC;
++ pdesc->header.pih_blocklen = NUMWORDS;
++ pdesc->header.pih_numwords = 0;
+
+- fwrite((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp);
++ fwrite((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp);
+ } else
+ {
+- pdesc.flags &= ~PFOR_WRITE;
++ pdesc->flags &= ~PFOR_WRITE;
+
+- if (!fread((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp))
++ if (!fread((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp))
+ {
+ fprintf(stderr, "%s: error reading header\n", prefix);
+
+- pdesc.header.pih_magic = 0;
++ pdesc->header.pih_magic = 0;
+ fclose(ifp);
+ fclose(dfp);
++ free(pdesc);
+ return ((PWDICT *) 0);
+ }
+
+- if (pdesc.header.pih_magic != PIH_MAGIC)
++ if (pdesc->header.pih_magic != PIH_MAGIC)
+ {
+ fprintf(stderr, "%s: magic mismatch\n", prefix);
+
+- pdesc.header.pih_magic = 0;
++ pdesc->header.pih_magic = 0;
+ fclose(ifp);
+ fclose(dfp);
++ free(pdesc);
+ return ((PWDICT *) 0);
+ }
+
+- if (pdesc.header.pih_blocklen != NUMWORDS)
++ if (pdesc->header.pih_blocklen != NUMWORDS)
+ {
+ fprintf(stderr, "%s: size mismatch\n", prefix);
+
+- pdesc.header.pih_magic = 0;
++ pdesc->header.pih_magic = 0;
+ fclose(ifp);
+ fclose(dfp);
++ free(pdesc);
+ return ((PWDICT *) 0);
+ }
+
+- if (pdesc.flags & PFOR_USEHWMS)
++ if (pdesc->flags & PFOR_USEHWMS)
+ {
+- if (fread(pdesc.hwms, 1, sizeof(pdesc.hwms), wfp) != sizeof(pdesc.hwms))
++ if (fread(pdesc->hwms, 1, sizeof(pdesc->hwms), wfp) != sizeof(pdesc->hwms))
+ {
+- pdesc.flags &= ~PFOR_USEHWMS;
++ pdesc->flags &= ~PFOR_USEHWMS;
+ }
+ }
+ }
+-
+- return (&pdesc);
++ pdesc->canfree = 1;
++ return (pdesc);
+ }
+
+ int
+@@ -159,8 +161,13 @@
+
+ fclose(pwp->ifp);
+ fclose(pwp->dfp);
++ if (pwp->wfp)
++ fclose(pwp->wfp);
+
+- pwp->header.pih_magic = 0;
++ if (pwp->canfree)
++ free(pwp);
++ else
++ pwp->header.pih_magic = 0;
+
+ return (0);
+ }
+@@ -307,6 +314,11 @@
+ register char *this;
+ int idx;
+
++/*
++ * comment in npasswd-2.0beta4 says this:
++ * This does not work under all circumstances, so don't bother
++ */
++#if 0
+ if (pwp->flags & PFOR_USEHWMS)
+ {
+ idx = string[0] & 0xff;
+@@ -317,6 +329,10 @@
+ lwm = 0;
+ hwm = PW_WORDS(pwp) - 1;
+ }
++#else
++ lwm = 0;
++ hwm = PW_WORDS(pwp);
++#endif
+
+ #ifdef DEBUG
+ printf("---- %lu, %lu ----\n", lwm, hwm);
+diff -ur orig/cracklib26_small/util/mkdict cracklib26_small/util/mkdict
+--- orig/cracklib26_small/util/mkdict Fri Jul 9 22:23:03 1993
++++ cracklib26_small/util/mkdict Sat Apr 4 22:31:45 1998
+@@ -14,9 +14,16 @@
+ SORT="sort"
+ ###SORT="sort -T /tmp"
+
+-cat $* |
++### Use zcat to read compressed (as well as uncompressed) dictionaries.
++### Compressed dictionaries can save quite a lot of disk space.
++
++CAT="gzip -cdf"
++###CAT="zcat"
++###CAT="cat"
++
++$CAT $* |
+ tr '[A-Z]' '[a-z]' |
+- tr -cd '[\012a-z0-9]' |
++ tr -cd '\012[a-z][0-9]' |
+ $SORT |
+ uniq |
+ grep -v '^#' |
diff --git a/etc/Makefile.am b/etc/Makefile.am
new file mode 100644
index 0000000..cc31c60
--- /dev/null
+++ b/etc/Makefile.am
@@ -0,0 +1,24 @@
+# This is a dummy Makefile.am to get automake work flawlessly,
+# and also cooperate to make a distribution for `make dist'
+
+sysconf_DATA = login.defs
+
+defaultdir = $(sysconfdir)/default
+default_DATA = \
+ useradd
+
+nonpam_files = \
+ limits \
+ login.access
+
+if !USE_PAM
+nonpamdir = $(sysconfdir)
+nonpam_DATA = $(nonpam_files)
+endif
+
+EXTRA_DIST = \
+ $(nonpam_files) \
+ $(sysconf_DATA) \
+ $(default_DATA)
+
+SUBDIRS = pam.d
diff --git a/etc/limits b/etc/limits
new file mode 100644
index 0000000..d39f2d5
--- /dev/null
+++ b/etc/limits
@@ -0,0 +1,30 @@
+# /etc/limits contains user resource limits.
+# See limits(5).
+#
+# Format:
+# <username> <limits-string>
+#
+# default entry is '*' for username
+#
+# Valid flags are:
+# A: max address space (KB)
+# C: max core file size (KB)
+# D: max data size (KB)
+# F: maximum filesize (KB)
+# M: max locked-in-memory address space (KB) [only for root on Linux 2.0.x]
+# N: max number of open files
+# R: max resident set size (KB) [no effect on Linux 2.0.x]
+# S: max stack size (KB)
+# T: max CPU time (MIN)
+# U: max number of processes
+# L: max number of logins for this user
+# I: max nice value (0..39 translates to 20..-19)
+# O: max real time priority (0..MAX_RT_PRIO)
+#
+# Examples:
+# the default entry
+#* L2 D6144 R2048 S2048 U32 N32 F16384 T5 C0 I20 O0
+# another way of suspending a user login
+#guest L0
+# this account has no limits
+#sysadm -
diff --git a/etc/login.access b/etc/login.access
new file mode 100644
index 0000000..3ed3688
--- /dev/null
+++ b/etc/login.access
@@ -0,0 +1,54 @@
+# $Id$
+#
+# Login access control table.
+#
+# When someone logs in, the table is scanned for the first entry that
+# matches the (user, host) combination, or, in case of non-networked
+# logins, the first entry that matches the (user, tty) combination. The
+# permissions field of that table entry determines whether the login will
+# be accepted or refused.
+#
+# Format of the login access control table is three fields separated by a
+# ":" character:
+#
+# permission : users : origins
+#
+# The first field should be a "+" (access granted) or "-" (access denied)
+# character.
+#
+# The second field should be a list of one or more login names, group
+# names, or ALL (always matches). A pattern of the form user@host is
+# matched when the login name matches the "user" part, and when the
+# "host" part matches the local machine name.
+#
+# The third field should be a list of one or more tty names (for
+# non-networked logins), host names, domain names (begin with "."), host
+# addresses, internet network numbers (end with "."), ALL (always
+# matches) or LOCAL (matches any string that does not contain a "."
+# character).
+#
+# If you run NIS you can use @netgroupname in host or user patterns; this
+# even works for @usergroup@@hostgroup patterns. Weird.
+#
+# The EXCEPT operator makes it possible to write very compact rules.
+#
+# The group file is searched only when a name does not match that of the
+# logged-in user. Only groups are matched in which users are explicitly
+# listed: the program does not look at a user's primary group id value.
+#
+##############################################################################
+#
+# Disallow console logins to all but a few accounts.
+#
+#-:ALL EXCEPT wheel shutdown sync:console
+#
+# Disallow non-local logins to privileged accounts (group wheel).
+#
+#-:wheel:ALL EXCEPT LOCAL .win.tue.nl
+#
+# Some accounts are not allowed to login from anywhere:
+#
+#-:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL
+#
+# All other accounts are allowed to login from anywhere.
+#
diff --git a/etc/login.defs b/etc/login.defs
new file mode 100644
index 0000000..ca660a9
--- /dev/null
+++ b/etc/login.defs
@@ -0,0 +1,400 @@
+#
+# /etc/login.defs - Configuration control definitions for the shadow package.
+#
+# $Id$
+#
+
+#
+# Delay in seconds before being allowed another attempt after a login failure
+# Note: When PAM is used, some modules may enforce a minimum delay (e.g.
+# pam_unix(8) enforces a 2s delay)
+#
+FAIL_DELAY 3
+
+#
+# Enable logging and display of /var/log/faillog login(1) failure info.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login(1) failures are recorded.
+#
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable logging and display of /var/log/lastlog login(1) time info.
+#
+LASTLOG_ENAB yes
+
+#
+# Enable checking and display of mailbox status upon login.
+#
+# Disable if the shell startup files already check for mail
+# ("mailx -e" or equivalent).
+#
+MAIL_CHECK_ENAB yes
+
+#
+# Enable additional checks upon password changes.
+#
+OBSCURE_CHECKS_ENAB yes
+
+#
+# Enable checking of time restrictions specified in /etc/porttime.
+#
+PORTTIME_CHECKS_ENAB yes
+
+#
+# Enable setting of ulimit, umask, and niceness from passwd(5) gecos field.
+#
+QUOTAS_ENAB yes
+
+#
+# Enable "syslog" logging of su(1) activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp(1) and sg(1).
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# from these devices.
+#
+CONSOLE /etc/securetty
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# If defined, all su(1) activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, ":" delimited list of "message of the day" files to
+# be displayed upon login.
+#
+MOTD_FILE /etc/motd
+#MOTD_FILE /etc/motd:/usr/lib/news/news-motd
+
+#
+# If defined, this file will be output before each login(1) prompt.
+#
+#ISSUE_FILE /etc/issue
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format similar to "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login(1) failures will be logged here in a utmp format.
+# last(1), when invoked as lastb(1), will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, name of file whose presence will inhibit non-root
+# logins. The content of this file should be a message indicating
+# why logins are inhibited.
+#
+NOLOGINS_FILE /etc/nologin
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then ps(1) will display the
+# command as "-su". If not defined, then ps(1) will display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# *REQUIRED*
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define both, MAIL_DIR takes precedence.
+#
+MAIL_DIR /var/spool/mail
+#MAIL_FILE .mail
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# If defined, either a TZ environment parameter spec or the
+# fully-rooted pathname of a file containing such a spec.
+#
+#ENV_TZ TZ=CST6CDT
+#ENV_TZ /etc/tzname
+
+#
+# If defined, an HZ environment parameter spec.
+#
+# for Linux/x86
+ENV_HZ HZ=100
+# For Linux/Alpha...
+#ENV_HZ HZ=1024
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin
+ENV_PATH PATH=/bin:/usr/bin
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a write(1) program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP as the number of such group
+# and TTYPERM as 0620. Otherwise leave TTYGROUP commented out and
+# set TTYPERM to either 622 or 600.
+#
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# ULIMIT Default "ulimit" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# The ULIMIT is used only if the system supports it.
+# (now it works with setrlimit too; ulimit is in 512-byte units)
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+#ULIMIT 2097152
+
+# Default initial "umask" value used by login(1) on non-PAM enabled systems.
+# Default "umask" value for pam_umask(8) on PAM enabled systems.
+# UMASK is also used by useradd(8) and newusers(8) to set the mode for new
+# home directories.
+# 022 is the default value, but 027, or even 077, could be considered
+# for increased privacy. There is no One True Answer here: each sysadmin
+# must make up his/her mind.
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_MIN_LEN Minimum acceptable password length.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_MIN_LEN 5
+PASS_WARN_AGE 7
+
+#
+# If "yes", the user must be listed as a member of the first gid 0 group
+# in /etc/group (called "root" on most Linux systems) to be able to "su"
+# to uid 0 accounts. If the group doesn't exist or is empty, no one
+# will be able to "su" to uid 0.
+#
+SU_WHEEL_ONLY no
+
+#
+# If compiled with cracklib support, sets the path to the dictionaries
+#
+CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict
+
+#
+# Min/max values for automatic uid selection in useradd(8)
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+SYS_UID_MIN 101
+SYS_UID_MAX 999
+# Extra per user uids
+SUB_UID_MIN 100000
+SUB_UID_MAX 600100000
+SUB_UID_COUNT 65536
+
+#
+# Min/max values for automatic gid selection in groupadd(8)
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+SYS_GID_MIN 101
+SYS_GID_MAX 999
+# Extra per user group ids
+SUB_GID_MIN 100000
+SUB_GID_MAX 600100000
+SUB_GID_COUNT 65536
+
+#
+# Max number of login(1) retries if password is bad
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login(1)
+#
+LOGIN_TIMEOUT 60
+
+#
+# Maximum number of attempts to change password if rejected (too easy)
+#
+PASS_CHANGE_TRIES 5
+
+#
+# Warn about weak passwords (but still allow them) if you are root.
+#
+PASS_ALWAYS_WARN yes
+
+#
+# Number of significant characters in the password for crypt().
+# Default is 8, don't change unless your crypt() is better.
+# Ignored if MD5_CRYPT_ENAB set to "yes".
+#
+#PASS_MAX_LEN 8
+
+#
+# Require password before chfn(1)/chsh(1) can make any changes.
+#
+CHFN_AUTH yes
+
+#
+# Which fields may be changed by regular users using chfn(1) - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Password prompt (%s will be replaced by user name).
+#
+# XXX - it doesn't work correctly yet, for now leave it commented out
+# to use the default which is just "Password: ".
+#LOGIN_STRING "%s's Password: "
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# Note: If you use PAM, it is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD instead.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# Only works if compiled with ENCRYPTMETHOD_SELECT defined:
+# If set to MD5, MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: If you use PAM, it is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute-force the password.
+# However, more CPU resources will be needed to authenticate users if
+# this value is increased.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be within the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in from the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in from the console.
+# How to do it is left as an exercise for the reader...
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default is no.
+#
+DEFAULT_HOME yes
+
+#
+# If this file exists and is readable, login environment will be
+# read from it. Every line should be in the form name=value.
+#
+ENVIRON_FILE /etc/environment
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# Enable setting of the umask group bits to be the same as owner bits
+# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
+# the same as gid, and username is the same as the primary group name.
+#
+# This also enables userdel(8) to remove user groups if no members exist.
+#
+USERGROUPS_ENAB yes
+
+#
+# If set to a non-zero number, the shadow utilities will make sure that
+# groups never have more than this number of users on one line.
+# This permits to support split groups (groups split into multiple lines,
+# with the same group ID, to avoid limitation of the line length in the
+# group file).
+#
+# 0 is the default value and disables this feature.
+#
+#MAX_MEMBERS_PER_GROUP 0
+
+#
+# If useradd(8) should create home directories for users by default (non
+# system users only).
+# This option is overridden with the -M or -m flags on the useradd(8)
+# command-line.
+#
+#CREATE_HOME yes
+
+#
+# Force use shadow, even if shadow passwd & shadow group files are
+# missing.
+#
+#FORCE_SHADOW yes
diff --git a/etc/pam.d/Makefile.am b/etc/pam.d/Makefile.am
new file mode 100644
index 0000000..d967eb9
--- /dev/null
+++ b/etc/pam.d/Makefile.am
@@ -0,0 +1,32 @@
+# This is a dummy Makefile.am to get automake work flawlessly,
+# and also cooperate to make a distribution for `make dist'
+
+pamd_files = \
+ chfn \
+ chsh \
+ groupmems \
+ login \
+ passwd \
+ su
+
+pamd_acct_tools_files = \
+ chage \
+ chgpasswd \
+ chpasswd \
+ groupadd \
+ groupdel \
+ groupmod \
+ newusers \
+ useradd \
+ userdel \
+ usermod
+
+if USE_PAM
+pamddir = $(sysconfdir)/pam.d
+pamd_DATA = $(pamd_files)
+if ACCT_TOOLS_SETUID
+pamd_DATA += $(pamd_acct_tools_files)
+endif
+endif
+
+EXTRA_DIST = $(pamd_files) $(pamd_acct_tools_files)
diff --git a/etc/pam.d/chage b/etc/pam.d/chage
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/chage
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/chfn b/etc/pam.d/chfn
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/chfn
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/chgpasswd b/etc/pam.d/chgpasswd
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/chgpasswd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/chpasswd b/etc/pam.d/chpasswd
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/chpasswd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/chsh b/etc/pam.d/chsh
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/chsh
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/groupadd b/etc/pam.d/groupadd
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/groupadd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/groupdel b/etc/pam.d/groupdel
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/groupdel
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/groupmems b/etc/pam.d/groupmems
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/groupmems
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/groupmod b/etc/pam.d/groupmod
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/groupmod
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/login b/etc/pam.d/login
new file mode 100644
index 0000000..5a64806
--- /dev/null
+++ b/etc/pam.d/login
@@ -0,0 +1,11 @@
+#%PAM-1.0
+auth required pam_securetty.so
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
+password include system-auth
+session required pam_selinux.so close
+session include system-auth
+session required pam_loginuid.so
+session optional pam_console.so
+session required pam_selinux.so open
diff --git a/etc/pam.d/newusers b/etc/pam.d/newusers
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/newusers
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/passwd b/etc/pam.d/passwd
new file mode 100644
index 0000000..731c0d3
--- /dev/null
+++ b/etc/pam.d/passwd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth include system-auth
+account include system-auth
+password include system-auth
diff --git a/etc/pam.d/su b/etc/pam.d/su
new file mode 100644
index 0000000..7ef7134
--- /dev/null
+++ b/etc/pam.d/su
@@ -0,0 +1,13 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+# Uncomment the following line to implicitly trust users in the "wheel" group.
+#auth sufficient pam_wheel.so trust use_uid
+# Uncomment the following line to require a user to be in the "wheel" group.
+auth required pam_wheel.so use_uid
+auth include system-auth
+account include system-auth
+password include system-auth
+session required pam_selinux.so close
+session include system-auth
+session required pam_selinux.so open multiple
+session optional pam_xauth.so
diff --git a/etc/pam.d/useradd b/etc/pam.d/useradd
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/useradd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/userdel b/etc/pam.d/userdel
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/userdel
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/pam.d/usermod b/etc/pam.d/usermod
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/usermod
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/etc/useradd b/etc/useradd
new file mode 100644
index 0000000..b77dd85
--- /dev/null
+++ b/etc/useradd
@@ -0,0 +1,8 @@
+# useradd defaults file
+GROUP=1000
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=/bin/bash
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=yes
diff --git a/lib/.indent.pro b/lib/.indent.pro
new file mode 100644
index 0000000..fe572bb
--- /dev/null
+++ b/lib/.indent.pro
@@ -0,0 +1,5 @@
+-kr
+-i8
+-bad
+-pcs
+-l80
diff --git a/lib/Makefile.am b/lib/Makefile.am
new file mode 100644
index 0000000..6db86cd
--- /dev/null
+++ b/lib/Makefile.am
@@ -0,0 +1,69 @@
+
+AUTOMAKE_OPTIONS = 1.0 foreign
+
+DEFS =
+
+noinst_LTLIBRARIES = libshadow.la
+
+libshadow_la_LDFLAGS = -version-info 0:0:0
+
+libshadow_la_SOURCES = \
+ commonio.c \
+ commonio.h \
+ defines.h \
+ encrypt.c \
+ exitcodes.h \
+ faillog.h \
+ fields.c \
+ fputsx.c \
+ getdef.c \
+ getdef.h \
+ get_gid.c \
+ getlong.c \
+ get_pid.c \
+ get_uid.c \
+ getulong.c \
+ groupio.c \
+ groupmem.c \
+ groupio.h \
+ gshadow.c \
+ lockpw.c \
+ nscd.c \
+ nscd.h \
+ pam_defs.h \
+ port.c \
+ port.h \
+ prototypes.h \
+ pwauth.c \
+ pwauth.h \
+ pwio.c \
+ pwio.h \
+ pwmem.c \
+ subordinateio.h \
+ subordinateio.c \
+ selinux.c \
+ semanage.c \
+ sgetgrent.c \
+ sgetpwent.c \
+ sgetspent.c \
+ sgroupio.c \
+ sgroupio.h\
+ shadow.c \
+ shadowio.c \
+ shadowio.h \
+ shadowmem.c \
+ spawn.c \
+ utent.c
+
+if WITH_TCB
+libshadow_la_SOURCES += tcbfuncs.c tcbfuncs.h
+endif
+
+# These files are unneeded for some reason, listed in
+# order of appearance:
+#
+# sources for dbm support (not yet used)
+
+EXTRA_DIST = \
+ .indent.pro \
+ gshadow_.h
diff --git a/lib/commonio.c b/lib/commonio.c
new file mode 100644
index 0000000..31edbaa
--- /dev/null
+++ b/lib/commonio.c
@@ -0,0 +1,1271 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2001, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "defines.h"
+#include <assert.h>
+#include <sys/stat.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <utime.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <stdio.h>
+#include <signal.h>
+#include "nscd.h"
+#ifdef WITH_TCB
+#include <tcb.h>
+#endif /* WITH_TCB */
+#include "prototypes.h"
+#include "commonio.h"
+
+/* local function prototypes */
+static int lrename (const char *, const char *);
+static int check_link_count (const char *file);
+static int do_lock_file (const char *file, const char *lock, bool log);
+static /*@null@*/ /*@dependent@*/FILE *fopen_set_perms (
+ const char *name,
+ const char *mode,
+ const struct stat *sb);
+static int create_backup (const char *, FILE *);
+static void free_linked_list (struct commonio_db *);
+static void add_one_entry (
+ struct commonio_db *db,
+ /*@owned@*/struct commonio_entry *p);
+static bool name_is_nis (const char *name);
+static int write_all (const struct commonio_db *);
+static /*@dependent@*/ /*@null@*/struct commonio_entry *find_entry_by_name (
+ struct commonio_db *,
+ const char *);
+static /*@dependent@*/ /*@null@*/struct commonio_entry *next_entry_by_name (
+ struct commonio_db *,
+ /*@null@*/struct commonio_entry *pos,
+ const char *);
+
+static int lock_count = 0;
+static bool nscd_need_reload = false;
+
+/*
+ * Simple rename(P) alternative that attempts to rename to symlink
+ * target.
+ */
+int lrename (const char *old, const char *new)
+{
+ int res;
+ char *r = NULL;
+
+#if defined(S_ISLNK)
+#ifndef __GLIBC__
+ char resolved_path[PATH_MAX];
+#endif /* !__GLIBC__ */
+ struct stat sb;
+ if (lstat (new, &sb) == 0 && S_ISLNK (sb.st_mode)) {
+#ifdef __GLIBC__ /* now a POSIX.1-2008 feature */
+ r = realpath (new, NULL);
+#else /* !__GLIBC__ */
+ r = realpath (new, resolved_path);
+#endif /* !__GLIBC__ */
+ if (NULL == r) {
+ perror ("realpath in lrename()");
+ } else {
+ new = r;
+ }
+ }
+#endif /* S_ISLNK */
+
+ res = rename (old, new);
+
+#ifdef __GLIBC__
+ if (NULL != r) {
+ free (r);
+ }
+#endif /* __GLIBC__ */
+
+ return res;
+}
+
+static int check_link_count (const char *file)
+{
+ struct stat sb;
+
+ if (stat (file, &sb) != 0) {
+ return 0;
+ }
+
+ if (sb.st_nlink != 2) {
+ return 0;
+ }
+
+ return 1;
+}
+
+
+static int do_lock_file (const char *file, const char *lock, bool log)
+{
+ int fd;
+ pid_t pid;
+ ssize_t len;
+ int retval;
+ char buf[32];
+
+ fd = open (file, O_CREAT | O_EXCL | O_WRONLY, 0600);
+ if (-1 == fd) {
+ if (log) {
+ (void) fprintf (stderr,
+ "%s: %s: %s\n",
+ Prog, file, strerror (errno));
+ }
+ return 0;
+ }
+
+ pid = getpid ();
+ snprintf (buf, sizeof buf, "%lu", (unsigned long) pid);
+ len = (ssize_t) strlen (buf) + 1;
+ if (write (fd, buf, (size_t) len) != len) {
+ if (log) {
+ (void) fprintf (stderr,
+ "%s: %s: %s\n",
+ Prog, file, strerror (errno));
+ }
+ (void) close (fd);
+ unlink (file);
+ return 0;
+ }
+ close (fd);
+
+ if (link (file, lock) == 0) {
+ retval = check_link_count (file);
+ if ((0==retval) && log) {
+ (void) fprintf (stderr,
+ "%s: %s: lock file already used\n",
+ Prog, file);
+ }
+ unlink (file);
+ return retval;
+ }
+
+ fd = open (lock, O_RDWR);
+ if (-1 == fd) {
+ if (log) {
+ (void) fprintf (stderr,
+ "%s: %s: %s\n",
+ Prog, lock, strerror (errno));
+ }
+ unlink (file);
+ errno = EINVAL;
+ return 0;
+ }
+ len = read (fd, buf, sizeof (buf) - 1);
+ close (fd);
+ if (len <= 0) {
+ if (log) {
+ (void) fprintf (stderr,
+ "%s: existing lock file %s without a PID\n",
+ Prog, lock);
+ }
+ unlink (file);
+ errno = EINVAL;
+ return 0;
+ }
+ buf[len] = '\0';
+ if (get_pid (buf, &pid) == 0) {
+ if (log) {
+ (void) fprintf (stderr,
+ "%s: existing lock file %s with an invalid PID '%s'\n",
+ Prog, lock, buf);
+ }
+ unlink (file);
+ errno = EINVAL;
+ return 0;
+ }
+ if (kill (pid, 0) == 0) {
+ if (log) {
+ (void) fprintf (stderr,
+ "%s: lock %s already used by PID %lu\n",
+ Prog, lock, (unsigned long) pid);
+ }
+ unlink (file);
+ errno = EEXIST;
+ return 0;
+ }
+ if (unlink (lock) != 0) {
+ if (log) {
+ (void) fprintf (stderr,
+ "%s: cannot get lock %s: %s\n",
+ Prog, lock, strerror (errno));
+ }
+ unlink (file);
+ return 0;
+ }
+
+ retval = 0;
+ if (link (file, lock) == 0) {
+ retval = check_link_count (file);
+ if ((0==retval) && log) {
+ (void) fprintf (stderr,
+ "%s: %s: lock file already used\n",
+ Prog, file);
+ }
+ } else {
+ if (log) {
+ (void) fprintf (stderr,
+ "%s: cannot get lock %s: %s\n",
+ Prog, lock, strerror (errno));
+ }
+ }
+
+ unlink (file);
+ return retval;
+}
+
+
+static /*@null@*/ /*@dependent@*/FILE *fopen_set_perms (
+ const char *name,
+ const char *mode,
+ const struct stat *sb)
+{
+ FILE *fp;
+ mode_t mask;
+
+ mask = umask (0777);
+ fp = fopen (name, mode);
+ (void) umask (mask);
+ if (NULL == fp) {
+ return NULL;
+ }
+
+#ifdef HAVE_FCHOWN
+ if (fchown (fileno (fp), sb->st_uid, sb->st_gid) != 0) {
+ goto fail;
+ }
+#else /* !HAVE_FCHOWN */
+ if (chown (name, sb->st_mode) != 0) {
+ goto fail;
+ }
+#endif /* !HAVE_FCHOWN */
+
+#ifdef HAVE_FCHMOD
+ if (fchmod (fileno (fp), sb->st_mode & 0664) != 0) {
+ goto fail;
+ }
+#else /* !HAVE_FCHMOD */
+ if (chmod (name, sb->st_mode & 0664) != 0) {
+ goto fail;
+ }
+#endif /* !HAVE_FCHMOD */
+ return fp;
+
+ fail:
+ (void) fclose (fp);
+ /* fopen_set_perms is used for intermediate files */
+ (void) unlink (name);
+ return NULL;
+}
+
+
+static int create_backup (const char *backup, FILE * fp)
+{
+ struct stat sb;
+ struct utimbuf ub;
+ FILE *bkfp;
+ int c;
+
+ if (fstat (fileno (fp), &sb) != 0) {
+ return -1;
+ }
+
+ bkfp = fopen_set_perms (backup, "w", &sb);
+ if (NULL == bkfp) {
+ return -1;
+ }
+
+ /* TODO: faster copy, not one-char-at-a-time. --marekm */
+ c = 0;
+ if (fseek (fp, 0, SEEK_SET) == 0) {
+ while ((c = getc (fp)) != EOF) {
+ if (putc (c, bkfp) == EOF) {
+ break;
+ }
+ }
+ }
+ if ((c != EOF) || (ferror (fp) != 0) || (fflush (bkfp) != 0)) {
+ (void) fclose (bkfp);
+ /* FIXME: unlink the backup file? */
+ return -1;
+ }
+ if ( (fsync (fileno (bkfp)) != 0)
+ || (fclose (bkfp) != 0)) {
+ /* FIXME: unlink the backup file? */
+ return -1;
+ }
+
+ ub.actime = sb.st_atime;
+ ub.modtime = sb.st_mtime;
+ (void) utime (backup, &ub);
+ return 0;
+}
+
+
+static void free_linked_list (struct commonio_db *db)
+{
+ struct commonio_entry *p;
+
+ while (NULL != db->head) {
+ p = db->head;
+ db->head = p->next;
+
+ if (NULL != p->line) {
+ free (p->line);
+ }
+
+ if (NULL != p->eptr) {
+ db->ops->free (p->eptr);
+ }
+
+ free (p);
+ }
+ db->tail = NULL;
+}
+
+
+int commonio_setname (struct commonio_db *db, const char *name)
+{
+ snprintf (db->filename, sizeof (db->filename), "%s", name);
+ return 1;
+}
+
+
+bool commonio_present (const struct commonio_db *db)
+{
+ return (access (db->filename, F_OK) == 0);
+}
+
+
+int commonio_lock_nowait (struct commonio_db *db, bool log)
+{
+ char file[1024];
+ char lock[1024];
+
+ if (db->locked) {
+ return 1;
+ }
+
+ snprintf (file, sizeof file, "%s.%lu",
+ db->filename, (unsigned long) getpid ());
+ snprintf (lock, sizeof lock, "%s.lock", db->filename);
+ if (do_lock_file (file, lock, log) != 0) {
+ db->locked = true;
+ lock_count++;
+ return 1;
+ }
+ return 0;
+}
+
+
+int commonio_lock (struct commonio_db *db)
+{
+#ifdef HAVE_LCKPWDF
+ /*
+ * only if the system libc has a real lckpwdf() - the one from
+ * lockpw.c calls us and would cause infinite recursion!
+ */
+
+ /*
+ * Call lckpwdf() on the first lock.
+ * If it succeeds, call *_lock() only once
+ * (no retries, it should always succeed).
+ */
+ if (0 == lock_count) {
+ if (lckpwdf () == -1) {
+ if (geteuid () != 0) {
+ (void) fprintf (stderr,
+ "%s: Permission denied.\n",
+ Prog);
+ }
+ return 0; /* failure */
+ }
+ }
+
+ if (commonio_lock_nowait (db, true) != 0) {
+ return 1; /* success */
+ }
+
+ ulckpwdf ();
+ return 0; /* failure */
+#else /* !HAVE_LCKPWDF */
+ int i;
+
+ /*
+ * lckpwdf() not used - do it the old way.
+ */
+#ifndef LOCK_TRIES
+#define LOCK_TRIES 15
+#endif
+
+#ifndef LOCK_SLEEP
+#define LOCK_SLEEP 1
+#endif
+ for (i = 0; i < LOCK_TRIES; i++) {
+ if (i > 0) {
+ sleep (LOCK_SLEEP); /* delay between retries */
+ }
+ if (commonio_lock_nowait (db, i==LOCK_TRIES-1) != 0) {
+ return 1; /* success */
+ }
+ /* no unnecessary retries on "permission denied" errors */
+ if (geteuid () != 0) {
+ (void) fprintf (stderr, "%s: Permission denied.\n",
+ Prog);
+ return 0;
+ }
+ }
+ return 0; /* failure */
+#endif /* !HAVE_LCKPWDF */
+}
+
+static void dec_lock_count (void)
+{
+ if (lock_count > 0) {
+ lock_count--;
+ if (lock_count == 0) {
+ /* Tell nscd when lock count goes to zero,
+ if any of the files were changed. */
+ if (nscd_need_reload) {
+ nscd_flush_cache ("passwd");
+ nscd_flush_cache ("group");
+ nscd_need_reload = false;
+ }
+#ifdef HAVE_LCKPWDF
+ ulckpwdf ();
+#endif /* HAVE_LCKPWDF */
+ }
+ }
+}
+
+
+int commonio_unlock (struct commonio_db *db)
+{
+ char lock[1024];
+
+ if (db->isopen) {
+ db->readonly = true;
+ if (commonio_close (db) == 0) {
+ if (db->locked) {
+ dec_lock_count ();
+ }
+ return 0;
+ }
+ }
+ if (db->locked) {
+ /*
+ * Unlock in reverse order: remove the lock file,
+ * then call ulckpwdf() (if used) on last unlock.
+ */
+ db->locked = false;
+ snprintf (lock, sizeof lock, "%s.lock", db->filename);
+ unlink (lock);
+ dec_lock_count ();
+ return 1;
+ }
+ return 0;
+}
+
+
+/*
+ * Add an entry at the end.
+ *
+ * defines p->next, p->prev
+ * (unfortunately, owned special are not supported)
+ */
+static void add_one_entry (struct commonio_db *db,
+ /*@owned@*/struct commonio_entry *p)
+{
+ /*@-mustfreeonly@*/
+ p->next = NULL;
+ p->prev = db->tail;
+ /*@=mustfreeonly@*/
+ if (NULL == db->head) {
+ db->head = p;
+ }
+ if (NULL != db->tail) {
+ db->tail->next = p;
+ }
+ db->tail = p;
+}
+
+
+static bool name_is_nis (const char *name)
+{
+ return (('+' == name[0]) || ('-' == name[0]));
+}
+
+
+/*
+ * New entries are inserted before the first NIS entry. Order is preserved
+ * when db is written out.
+ */
+#ifndef KEEP_NIS_AT_END
+#define KEEP_NIS_AT_END 1
+#endif
+
+#if KEEP_NIS_AT_END
+static void add_one_entry_nis (struct commonio_db *db,
+ /*@owned@*/struct commonio_entry *newp);
+
+/*
+ * Insert an entry between the regular entries, and the NIS entries.
+ *
+ * defines newp->next, newp->prev
+ * (unfortunately, owned special are not supported)
+ */
+static void add_one_entry_nis (struct commonio_db *db,
+ /*@owned@*/struct commonio_entry *newp)
+{
+ struct commonio_entry *p;
+
+ for (p = db->head; NULL != p; p = p->next) {
+ if (name_is_nis (p->eptr ? db->ops->getname (p->eptr)
+ : p->line)) {
+ /*@-mustfreeonly@*/
+ newp->next = p;
+ newp->prev = p->prev;
+ /*@=mustfreeonly@*/
+ if (NULL != p->prev) {
+ p->prev->next = newp;
+ } else {
+ db->head = newp;
+ }
+ p->prev = newp;
+ return;
+ }
+ }
+ add_one_entry (db, newp);
+}
+#endif /* KEEP_NIS_AT_END */
+
+/* Initial buffer size, as well as increment if not sufficient
+ (for reading very long lines in group files). */
+#define BUFLEN 4096
+
+int commonio_open (struct commonio_db *db, int mode)
+{
+ char *buf;
+ char *cp;
+ char *line;
+ struct commonio_entry *p;
+ void *eptr = NULL;
+ int flags = mode;
+ size_t buflen;
+ int fd;
+ int saved_errno;
+
+ mode &= ~O_CREAT;
+
+ if ( db->isopen
+ || ( (O_RDONLY != mode)
+ && (O_RDWR != mode))) {
+ errno = EINVAL;
+ return 0;
+ }
+ db->readonly = (mode == O_RDONLY);
+ if (!db->readonly && !db->locked) {
+ errno = EACCES;
+ return 0;
+ }
+
+ db->head = NULL;
+ db->tail = NULL;
+ db->cursor = NULL;
+ db->changed = false;
+
+ fd = open (db->filename,
+ (db->readonly ? O_RDONLY : O_RDWR)
+ | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW);
+ saved_errno = errno;
+ db->fp = NULL;
+ if (fd >= 0) {
+#ifdef WITH_TCB
+ if (tcb_is_suspect (fd) != 0) {
+ (void) close (fd);
+ errno = EINVAL;
+ return 0;
+ }
+#endif /* WITH_TCB */
+ db->fp = fdopen (fd, db->readonly ? "r" : "r+");
+ saved_errno = errno;
+ if (NULL == db->fp) {
+ (void) close (fd);
+ }
+ }
+ errno = saved_errno;
+
+ /*
+ * If O_CREAT was specified and the file didn't exist, it will be
+ * created by commonio_close(). We have no entries to read yet. --marekm
+ */
+ if (NULL == db->fp) {
+ if (((flags & O_CREAT) != 0) && (ENOENT == errno)) {
+ db->isopen = true;
+ return 1;
+ }
+ return 0;
+ }
+
+ /* Do not inherit fd in spawned processes (e.g. nscd) */
+ fcntl (fileno (db->fp), F_SETFD, FD_CLOEXEC);
+
+ buflen = BUFLEN;
+ buf = (char *) malloc (buflen);
+ if (NULL == buf) {
+ goto cleanup_ENOMEM;
+ }
+
+ while (db->ops->fgets (buf, (int) buflen, db->fp) == buf) {
+ while ( ((cp = strrchr (buf, '\n')) == NULL)
+ && (feof (db->fp) == 0)) {
+ size_t len;
+
+ buflen += BUFLEN;
+ cp = (char *) realloc (buf, buflen);
+ if (NULL == cp) {
+ goto cleanup_buf;
+ }
+ buf = cp;
+ len = strlen (buf);
+ if (db->ops->fgets (buf + len,
+ (int) (buflen - len),
+ db->fp) == NULL) {
+ goto cleanup_buf;
+ }
+ }
+ cp = strrchr (buf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ }
+
+ line = strdup (buf);
+ if (NULL == line) {
+ goto cleanup_buf;
+ }
+
+ if (name_is_nis (line)) {
+ eptr = NULL;
+ } else {
+ eptr = db->ops->parse (line);
+ if (NULL != eptr) {
+ eptr = db->ops->dup (eptr);
+ if (NULL == eptr) {
+ goto cleanup_line;
+ }
+ }
+ }
+
+ p = (struct commonio_entry *) malloc (sizeof *p);
+ if (NULL == p) {
+ goto cleanup_entry;
+ }
+
+ p->eptr = eptr;
+ p->line = line;
+ p->changed = false;
+
+ add_one_entry (db, p);
+ }
+
+ free (buf);
+
+ if (ferror (db->fp) != 0) {
+ goto cleanup_errno;
+ }
+
+ if ((NULL != db->ops->open_hook) && (db->ops->open_hook () == 0)) {
+ goto cleanup_errno;
+ }
+
+ db->isopen = true;
+ return 1;
+
+ cleanup_entry:
+ if (NULL != eptr) {
+ db->ops->free (eptr);
+ }
+ cleanup_line:
+ free (line);
+ cleanup_buf:
+ free (buf);
+ cleanup_ENOMEM:
+ errno = ENOMEM;
+ cleanup_errno:
+ saved_errno = errno;
+ free_linked_list (db);
+ fclose (db->fp);
+ db->fp = NULL;
+ errno = saved_errno;
+ return 0;
+}
+
+/*
+ * Sort given db according to cmp function (usually compares uids)
+ */
+int
+commonio_sort (struct commonio_db *db, int (*cmp) (const void *, const void *))
+{
+ struct commonio_entry **entries, *ptr;
+ size_t n = 0, i;
+#if KEEP_NIS_AT_END
+ struct commonio_entry *nis = NULL;
+#endif
+
+ for (ptr = db->head;
+ (NULL != ptr)
+#if KEEP_NIS_AT_END
+ && ((NULL == ptr->line)
+ || (('+' != ptr->line[0])
+ && ('-' != ptr->line[0])))
+#endif
+ ;
+ ptr = ptr->next) {
+ n++;
+ }
+#if KEEP_NIS_AT_END
+ if (NULL != ptr) {
+ nis = ptr;
+ }
+#endif
+
+ if (n <= 1) {
+ return 0;
+ }
+
+ entries = malloc (n * sizeof (struct commonio_entry *));
+ if (entries == NULL) {
+ return -1;
+ }
+
+ n = 0;
+ for (ptr = db->head;
+#if KEEP_NIS_AT_END
+ nis != ptr;
+#else
+ NULL != ptr;
+#endif
+/*@ -nullderef @*/
+ ptr = ptr->next
+/*@ +nullderef @*/
+ ) {
+ entries[n] = ptr;
+ n++;
+ }
+ qsort (entries, n, sizeof (struct commonio_entry *), cmp);
+
+ /* Take care of the head and tail separately */
+ db->head = entries[0];
+ n--;
+#if KEEP_NIS_AT_END
+ if (NULL == nis)
+#endif
+ {
+ db->tail = entries[n];
+ }
+ db->head->prev = NULL;
+ db->head->next = entries[1];
+ entries[n]->prev = entries[n - 1];
+#if KEEP_NIS_AT_END
+ entries[n]->next = nis;
+#else
+ entries[n]->next = NULL;
+#endif
+
+ /* Now other elements have prev and next entries */
+ for (i = 1; i < n; i++) {
+ entries[i]->prev = entries[i - 1];
+ entries[i]->next = entries[i + 1];
+ }
+
+ free (entries);
+ db->changed = true;
+
+ return 0;
+}
+
+/*
+ * Sort entries in db according to order in another.
+ */
+int commonio_sort_wrt (struct commonio_db *shadow,
+ const struct commonio_db *passwd)
+{
+ struct commonio_entry *head = NULL, *pw_ptr, *spw_ptr;
+ const char *name;
+
+ if ((NULL == shadow) || (NULL == shadow->head)) {
+ return 0;
+ }
+
+ for (pw_ptr = passwd->head; NULL != pw_ptr; pw_ptr = pw_ptr->next) {
+ if (NULL == pw_ptr->eptr) {
+ continue;
+ }
+ name = passwd->ops->getname (pw_ptr->eptr);
+ for (spw_ptr = shadow->head;
+ NULL != spw_ptr;
+ spw_ptr = spw_ptr->next) {
+ if (NULL == spw_ptr->eptr) {
+ continue;
+ }
+ if (strcmp (name, shadow->ops->getname (spw_ptr->eptr))
+ == 0) {
+ break;
+ }
+ }
+ if (NULL == spw_ptr) {
+ continue;
+ }
+ commonio_del_entry (shadow, spw_ptr);
+ spw_ptr->next = head;
+ head = spw_ptr;
+ }
+
+ for (spw_ptr = head; NULL != spw_ptr; spw_ptr = head) {
+ head = head->next;
+
+ if (NULL != shadow->head) {
+ shadow->head->prev = spw_ptr;
+ }
+ spw_ptr->next = shadow->head;
+ shadow->head = spw_ptr;
+ }
+
+ shadow->head->prev = NULL;
+ shadow->changed = true;
+
+ return 0;
+}
+
+/*
+ * write_all - Write the database to its file.
+ *
+ * It returns 0 if all the entries could be written correctly.
+ */
+static int write_all (const struct commonio_db *db)
+ /*@requires notnull db->fp@*/
+{
+ const struct commonio_entry *p;
+ void *eptr;
+
+ for (p = db->head; NULL != p; p = p->next) {
+ if (p->changed) {
+ eptr = p->eptr;
+ assert (NULL != eptr);
+ if (db->ops->put (eptr, db->fp) != 0) {
+ return -1;
+ }
+ } else if (NULL != p->line) {
+ if (db->ops->fputs (p->line, db->fp) == EOF) {
+ return -1;
+ }
+ if (putc ('\n', db->fp) == EOF) {
+ return -1;
+ }
+ }
+ }
+ return 0;
+}
+
+
+int commonio_close (struct commonio_db *db)
+ /*@requires notnull db->fp@*/
+{
+ char buf[1024];
+ int errors = 0;
+ struct stat sb;
+
+ if (!db->isopen) {
+ errno = EINVAL;
+ return 0;
+ }
+ db->isopen = false;
+
+ if (!db->changed || db->readonly) {
+ (void) fclose (db->fp);
+ db->fp = NULL;
+ goto success;
+ }
+
+ if ((NULL != db->ops->close_hook) && (db->ops->close_hook () == 0)) {
+ goto fail;
+ }
+
+ memzero (&sb, sizeof sb);
+ if (NULL != db->fp) {
+ if (fstat (fileno (db->fp), &sb) != 0) {
+ (void) fclose (db->fp);
+ db->fp = NULL;
+ goto fail;
+ }
+
+ /*
+ * Create backup file.
+ */
+ snprintf (buf, sizeof buf, "%s-", db->filename);
+
+#ifdef WITH_SELINUX
+ if (set_selinux_file_context (buf) != 0) {
+ errors++;
+ }
+#endif
+ if (create_backup (buf, db->fp) != 0) {
+ errors++;
+ }
+
+ if (fclose (db->fp) != 0) {
+ errors++;
+ }
+
+#ifdef WITH_SELINUX
+ if (reset_selinux_file_context () != 0) {
+ errors++;
+ }
+#endif
+ if (errors != 0) {
+ db->fp = NULL;
+ goto fail;
+ }
+ } else {
+ /*
+ * Default permissions for new [g]shadow files.
+ */
+ sb.st_mode = db->st_mode;
+ sb.st_uid = db->st_uid;
+ sb.st_gid = db->st_gid;
+ }
+
+ snprintf (buf, sizeof buf, "%s+", db->filename);
+
+#ifdef WITH_SELINUX
+ if (set_selinux_file_context (buf) != 0) {
+ errors++;
+ }
+#endif
+
+ db->fp = fopen_set_perms (buf, "w", &sb);
+ if (NULL == db->fp) {
+ goto fail;
+ }
+
+ if (write_all (db) != 0) {
+ errors++;
+ }
+
+ if (fflush (db->fp) != 0) {
+ errors++;
+ }
+#ifdef HAVE_FSYNC
+ if (fsync (fileno (db->fp)) != 0) {
+ errors++;
+ }
+#else /* !HAVE_FSYNC */
+ sync ();
+#endif /* !HAVE_FSYNC */
+ if (fclose (db->fp) != 0) {
+ errors++;
+ }
+
+ db->fp = NULL;
+
+ if (errors != 0) {
+ unlink (buf);
+ goto fail;
+ }
+
+ if (lrename (buf, db->filename) != 0) {
+ goto fail;
+ }
+
+#ifdef WITH_SELINUX
+ if (reset_selinux_file_context () != 0) {
+ goto fail;
+ }
+#endif
+
+ nscd_need_reload = true;
+ goto success;
+ fail:
+ errors++;
+ success:
+
+ free_linked_list (db);
+ return errors == 0;
+}
+
+static /*@dependent@*/ /*@null@*/struct commonio_entry *next_entry_by_name (
+ struct commonio_db *db,
+ /*@null@*/struct commonio_entry *pos,
+ const char *name)
+{
+ struct commonio_entry *p;
+ void *ep;
+
+ if (NULL == pos) {
+ return NULL;
+ }
+
+ for (p = pos; NULL != p; p = p->next) {
+ ep = p->eptr;
+ if ( (NULL != ep)
+ && (strcmp (db->ops->getname (ep), name) == 0)) {
+ break;
+ }
+ }
+ return p;
+}
+
+static /*@dependent@*/ /*@null@*/struct commonio_entry *find_entry_by_name (
+ struct commonio_db *db,
+ const char *name)
+{
+ return next_entry_by_name (db, db->head, name);
+}
+
+
+int commonio_update (struct commonio_db *db, const void *eptr)
+{
+ struct commonio_entry *p;
+ void *nentry;
+
+ if (!db->isopen || db->readonly) {
+ errno = EINVAL;
+ return 0;
+ }
+ nentry = db->ops->dup (eptr);
+ if (NULL == nentry) {
+ errno = ENOMEM;
+ return 0;
+ }
+ p = find_entry_by_name (db, db->ops->getname (eptr));
+ if (NULL != p) {
+ if (next_entry_by_name (db, p->next, db->ops->getname (eptr)) != NULL) {
+ fprintf (stderr, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), db->ops->getname (eptr), db->filename);
+ db->ops->free (nentry);
+ return 0;
+ }
+ db->ops->free (p->eptr);
+ p->eptr = nentry;
+ p->changed = true;
+ db->cursor = p;
+
+ db->changed = true;
+ return 1;
+ }
+ /* not found, new entry */
+ p = (struct commonio_entry *) malloc (sizeof *p);
+ if (NULL == p) {
+ db->ops->free (nentry);
+ errno = ENOMEM;
+ return 0;
+ }
+
+ p->eptr = nentry;
+ p->line = NULL;
+ p->changed = true;
+
+#if KEEP_NIS_AT_END
+ add_one_entry_nis (db, p);
+#else /* !KEEP_NIS_AT_END */
+ add_one_entry (db, p);
+#endif /* !KEEP_NIS_AT_END */
+
+ db->changed = true;
+ return 1;
+}
+
+#ifdef ENABLE_SUBIDS
+int commonio_append (struct commonio_db *db, const void *eptr)
+{
+ struct commonio_entry *p;
+ void *nentry;
+
+ if (!db->isopen || db->readonly) {
+ errno = EINVAL;
+ return 0;
+ }
+ nentry = db->ops->dup (eptr);
+ if (NULL == nentry) {
+ errno = ENOMEM;
+ return 0;
+ }
+ /* new entry */
+ p = (struct commonio_entry *) malloc (sizeof *p);
+ if (NULL == p) {
+ db->ops->free (nentry);
+ errno = ENOMEM;
+ return 0;
+ }
+
+ p->eptr = nentry;
+ p->line = NULL;
+ p->changed = true;
+ add_one_entry (db, p);
+
+ db->changed = true;
+ return 1;
+}
+#endif /* ENABLE_SUBIDS */
+
+void commonio_del_entry (struct commonio_db *db, const struct commonio_entry *p)
+{
+ if (p == db->cursor) {
+ db->cursor = p->next;
+ }
+
+ if (NULL != p->prev) {
+ p->prev->next = p->next;
+ } else {
+ db->head = p->next;
+ }
+
+ if (NULL != p->next) {
+ p->next->prev = p->prev;
+ } else {
+ db->tail = p->prev;
+ }
+
+ db->changed = true;
+}
+
+/*
+ * commonio_remove - Remove the entry of the given name from the database.
+ */
+int commonio_remove (struct commonio_db *db, const char *name)
+{
+ struct commonio_entry *p;
+
+ if (!db->isopen || db->readonly) {
+ errno = EINVAL;
+ return 0;
+ }
+ p = find_entry_by_name (db, name);
+ if (NULL == p) {
+ errno = ENOENT;
+ return 0;
+ }
+ if (next_entry_by_name (db, p->next, name) != NULL) {
+ fprintf (stderr, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), name, db->filename);
+ return 0;
+ }
+
+ commonio_del_entry (db, p);
+
+ if (NULL != p->line) {
+ free (p->line);
+ }
+
+ if (NULL != p->eptr) {
+ db->ops->free (p->eptr);
+ }
+
+ return 1;
+}
+
+/*
+ * commonio_locate - Find the first entry with the specified name in
+ * the database.
+ *
+ * If found, it returns the entry and set the cursor of the database to
+ * that entry.
+ *
+ * Otherwise, it returns NULL.
+ */
+/*@observer@*/ /*@null@*/const void *commonio_locate (struct commonio_db *db, const char *name)
+{
+ struct commonio_entry *p;
+
+ if (!db->isopen) {
+ errno = EINVAL;
+ return NULL;
+ }
+ p = find_entry_by_name (db, name);
+ if (NULL == p) {
+ errno = ENOENT;
+ return NULL;
+ }
+ db->cursor = p;
+ return p->eptr;
+}
+
+/*
+ * commonio_rewind - Restore the database cursor to the first entry.
+ *
+ * It returns 0 on error, 1 on success.
+ */
+int commonio_rewind (struct commonio_db *db)
+{
+ if (!db->isopen) {
+ errno = EINVAL;
+ return 0;
+ }
+ db->cursor = NULL;
+ return 1;
+}
+
+/*
+ * commonio_next - Return the next entry of the specified database
+ *
+ * It returns the next entry, or NULL if no other entries could be found.
+ */
+/*@observer@*/ /*@null@*/const void *commonio_next (struct commonio_db *db)
+{
+ void *eptr;
+
+ if (!db->isopen) {
+ errno = EINVAL;
+ return 0;
+ }
+ if (NULL == db->cursor) {
+ db->cursor = db->head;
+ } else {
+ db->cursor = db->cursor->next;
+ }
+
+ while (NULL != db->cursor) {
+ eptr = db->cursor->eptr;
+ if (NULL != eptr) {
+ return eptr;
+ }
+
+ db->cursor = db->cursor->next;
+ }
+ return NULL;
+}
+
diff --git a/lib/commonio.h b/lib/commonio.h
new file mode 100644
index 0000000..40e5708
--- /dev/null
+++ b/lib/commonio.h
@@ -0,0 +1,170 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef COMMONIO_H
+#define COMMONIO_H
+
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#endif
+
+#include "defines.h" /* bool */
+
+/*
+ * Linked list entry.
+ */
+struct commonio_entry {
+ /*@null@*/char *line;
+ /*@null@*/void *eptr; /* struct passwd, struct spwd, ... */
+ /*@dependent@*/ /*@null@*/struct commonio_entry *prev;
+ /*@owned@*/ /*@null@*/struct commonio_entry *next;
+ bool changed:1;
+};
+
+/*
+ * Operations depending on database type: passwd, group, shadow etc.
+ */
+struct commonio_ops {
+ /*
+ * Make a copy of the object (for example, struct passwd)
+ * and all strings pointed by it, in malloced memory.
+ */
+ /*@null@*/ /*@only@*/void *(*dup) (const void *);
+
+ /*
+ * free() the object including any strings pointed by it.
+ */
+ void (*free) (/*@out@*/ /*@only@*/void *);
+
+ /*
+ * Return the name of the object (for example, pw_name
+ * for struct passwd).
+ */
+ const char *(*getname) (const void *);
+
+ /*
+ * Parse a string, return object (in static area -
+ * should be copied using the dup operation above).
+ */
+ void *(*parse) (const char *);
+
+ /*
+ * Write the object to the file (this calls putpwent()
+ * for struct passwd, for example).
+ */
+ int (*put) (const void *, FILE *);
+
+ /*
+ * fgets and fputs (can be replaced by versions that
+ * understand line continuation conventions).
+ */
+ /*@null@*/char *(*fgets) (/*@returned@*/ /*@out@*/char *s, int n, FILE *stream);
+ int (*fputs) (const char *, FILE *);
+
+ /*
+ * open_hook and close_hook.
+ * If non NULL, these functions will be called after the database
+ * is open or before it is closed.
+ * They return 0 on failure and 1 on success.
+ */
+ /*@null@*/int (*open_hook) (void);
+ /*@null@*/int (*close_hook) (void);
+};
+
+/*
+ * Database structure.
+ */
+struct commonio_db {
+ /*
+ * Name of the data file.
+ */
+ char filename[1024];
+
+ /*
+ * Operations from above.
+ */
+ /*@observer@*/const struct commonio_ops *ops;
+
+ /*
+ * Currently open file stream.
+ */
+ /*@dependent@*/ /*@null@*/FILE *fp;
+
+#ifdef WITH_SELINUX
+ /*@null@*/security_context_t scontext;
+#endif
+ /*
+ * Default permissions and owner for newly created data file.
+ */
+ mode_t st_mode;
+ uid_t st_uid;
+ gid_t st_gid;
+ /*
+ * Head, tail, current position in linked list.
+ */
+ /*@owned@*/ /*@null@*/struct commonio_entry *head;
+ /*@dependent@*/ /*@null@*/struct commonio_entry *tail;
+ /*@dependent@*/ /*@null@*/struct commonio_entry *cursor;
+
+ /*
+ * Various flags.
+ */
+ bool changed:1;
+ bool isopen:1;
+ bool locked:1;
+ bool readonly:1;
+};
+
+extern int commonio_setname (struct commonio_db *, const char *);
+extern bool commonio_present (const struct commonio_db *db);
+extern int commonio_lock (struct commonio_db *);
+extern int commonio_lock_nowait (struct commonio_db *, bool log);
+extern int commonio_open (struct commonio_db *, int);
+extern /*@observer@*/ /*@null@*/const void *commonio_locate (struct commonio_db *, const char *);
+extern int commonio_update (struct commonio_db *, const void *);
+#ifdef ENABLE_SUBIDS
+extern int commonio_append (struct commonio_db *, const void *);
+#endif /* ENABLE_SUBIDS */
+extern int commonio_remove (struct commonio_db *, const char *);
+extern int commonio_rewind (struct commonio_db *);
+extern /*@observer@*/ /*@null@*/const void *commonio_next (struct commonio_db *);
+extern int commonio_close (struct commonio_db *);
+extern int commonio_unlock (struct commonio_db *);
+extern void commonio_del_entry (struct commonio_db *,
+ const struct commonio_entry *);
+extern int commonio_sort_wrt (struct commonio_db *shadow,
+ const struct commonio_db *passwd);
+extern int commonio_sort (struct commonio_db *db,
+ int (*cmp) (const void *, const void *));
+
+#endif
diff --git a/lib/defines.h b/lib/defines.h
new file mode 100644
index 0000000..62bd73e
--- /dev/null
+++ b/lib/defines.h
@@ -0,0 +1,385 @@
+/* $Id$ */
+/* some useful defines */
+
+#ifndef _DEFINES_H_
+#define _DEFINES_H_
+
+#if HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# if ! HAVE__BOOL
+# ifdef __cplusplus
+typedef bool _Bool;
+# else
+typedef unsigned char _Bool;
+# endif
+# endif
+# define bool _Bool
+# define false (0)
+# define true (1)
+# define __bool_true_false_are_defined 1
+#endif
+
+#define ISDIGIT_LOCALE(c) (IN_CTYPE_DOMAIN (c) && isdigit (c))
+
+/* Take care of NLS matters. */
+#ifdef S_SPLINT_S
+extern char *setlocale(int categorie, const char *locale);
+# define LC_ALL (6)
+extern char * bindtextdomain (const char * domainname, const char * dirname);
+extern char * textdomain (const char * domainname);
+# define _(Text) Text
+# define ngettext(Msgid1, Msgid2, N) \
+ ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
+#else
+#ifdef HAVE_LOCALE_H
+# include <locale.h>
+#else
+# undef setlocale
+# define setlocale(category, locale) (NULL)
+# ifndef LC_ALL
+# define LC_ALL 6
+# endif
+#endif
+
+#define gettext_noop(String) (String)
+/* #define gettext_def(String) "#define String" */
+
+#ifdef ENABLE_NLS
+# include <libintl.h>
+# define _(Text) gettext (Text)
+#else
+# undef bindtextdomain
+# define bindtextdomain(Domain, Directory) (NULL)
+# undef textdomain
+# define textdomain(Domain) (NULL)
+# define _(Text) Text
+# define ngettext(Msgid1, Msgid2, N) \
+ ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
+#endif
+#endif
+
+#if STDC_HEADERS
+# include <stdlib.h>
+# include <string.h>
+#else /* not STDC_HEADERS */
+# ifndef HAVE_STRCHR
+# define strchr index
+# define strrchr rindex
+# endif
+char *strchr (), *strrchr (), *strtok ();
+
+# ifndef HAVE_MEMCPY
+# define memcpy(d, s, n) bcopy((s), (d), (n))
+# endif
+#endif /* not STDC_HEADERS */
+
+#if HAVE_ERRNO_H
+# include <errno.h>
+#endif
+
+#include <sys/stat.h>
+#include <sys/types.h>
+#if HAVE_SYS_WAIT_H
+# include <sys/wait.h>
+#endif
+#ifndef WEXITSTATUS
+# define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
+#endif
+#ifndef WIFEXITED
+# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
+#endif
+
+#if HAVE_UNISTD_H
+# include <unistd.h>
+#endif
+
+#if TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#else /* not TIME_WITH_SYS_TIME */
+# if HAVE_SYS_TIME_H
+# include <sys/time.h>
+# else
+# include <time.h>
+# endif
+#endif /* not TIME_WITH_SYS_TIME */
+
+#ifdef HAVE_MEMSET
+# define memzero(ptr, size) memset((void *)(ptr), 0, (size))
+#else
+# define memzero(ptr, size) bzero((char *)(ptr), (size))
+#endif
+#define strzero(s) memzero(s, strlen(s)) /* warning: evaluates twice */
+
+#ifdef HAVE_DIRENT_H /* DIR_SYSV */
+# include <dirent.h>
+# define DIRECT dirent
+#else
+# ifdef HAVE_SYS_NDIR_H /* DIR_XENIX */
+# include <sys/ndir.h>
+# endif
+# ifdef HAVE_SYS_DIR_H /* DIR_??? */
+# include <sys/dir.h>
+# endif
+# ifdef HAVE_NDIR_H /* DIR_BSD */
+# include <ndir.h>
+# endif
+# define DIRECT direct
+#endif
+
+/*
+ * Possible cases:
+ * - /usr/include/shadow.h exists and includes the shadow group stuff.
+ * - /usr/include/shadow.h exists, but we use our own gshadow.h.
+ */
+#include <shadow.h>
+#if defined(SHADOWGRP) && !defined(GSHADOW)
+#include "gshadow_.h"
+#endif
+
+#include <limits.h>
+
+#ifndef NGROUPS_MAX
+#ifdef NGROUPS
+#define NGROUPS_MAX NGROUPS
+#else
+#define NGROUPS_MAX 64
+#endif
+#endif
+
+#ifdef USE_SYSLOG
+#include <syslog.h>
+
+#ifndef LOG_WARN
+#define LOG_WARN LOG_WARNING
+#endif
+
+/* LOG_NOWAIT is deprecated */
+#ifndef LOG_NOWAIT
+#define LOG_NOWAIT 0
+#endif
+
+/* LOG_AUTH is deprecated, use LOG_AUTHPRIV instead */
+#ifndef LOG_AUTHPRIV
+#define LOG_AUTHPRIV LOG_AUTH
+#endif
+
+/* cleaner than lots of #ifdefs everywhere - use this as follows:
+ SYSLOG((LOG_CRIT, "user %s cracked root", user)); */
+#ifdef ENABLE_NLS
+/* Temporarily set LC_TIME to "C" to avoid strange dates in syslog.
+ This is a workaround for a more general syslog(d) design problem -
+ syslogd should log the current system time for each event, and not
+ trust the formatted time received from the unix domain (or worse,
+ UDP) socket. -MM */
+/* Avoid translated PAM error messages: Set LC_ALL to "C".
+ * --Nekral */
+#define SYSLOG(x) \
+ do { \
+ char *old_locale = setlocale (LC_ALL, NULL); \
+ char *saved_locale = NULL; \
+ if (NULL != old_locale) { \
+ saved_locale = strdup (old_locale); \
+ } \
+ if (NULL != saved_locale) { \
+ (void) setlocale (LC_ALL, "C"); \
+ } \
+ syslog x ; \
+ if (NULL != saved_locale) { \
+ (void) setlocale (LC_ALL, saved_locale); \
+ free (saved_locale); \
+ } \
+ } while (false)
+#else /* !ENABLE_NLS */
+#define SYSLOG(x) syslog x
+#endif /* !ENABLE_NLS */
+
+#else /* !USE_SYSLOG */
+
+#define SYSLOG(x) /* empty */
+#define openlog(a,b,c) /* empty */
+#define closelog() /* empty */
+
+#endif /* !USE_SYSLOG */
+
+/* The default syslog settings can now be changed here,
+ in just one place. */
+
+#ifndef SYSLOG_OPTIONS
+/* #define SYSLOG_OPTIONS (LOG_PID | LOG_CONS | LOG_NOWAIT) */
+#define SYSLOG_OPTIONS (LOG_PID)
+#endif
+
+#ifndef SYSLOG_FACILITY
+#define SYSLOG_FACILITY LOG_AUTHPRIV
+#endif
+
+#define OPENLOG(progname) openlog(progname, SYSLOG_OPTIONS, SYSLOG_FACILITY)
+
+#ifndef F_OK
+# define F_OK 0
+# define X_OK 1
+# define W_OK 2
+# define R_OK 4
+#endif
+
+#ifndef SEEK_SET
+# define SEEK_SET 0
+# define SEEK_CUR 1
+# define SEEK_END 2
+#endif
+
+#ifdef STAT_MACROS_BROKEN
+# define S_ISDIR(x) ((x) & S_IFMT) == S_IFDIR)
+# define S_ISREG(x) ((x) & S_IFMT) == S_IFREG)
+# ifdef S_IFLNK
+# define S_ISLNK(x) ((x) & S_IFMT) == S_IFLNK)
+# endif
+#endif
+
+#ifndef S_ISLNK
+#define S_ISLNK(x) (0)
+#endif
+
+#if HAVE_LCHOWN
+#define LCHOWN lchown
+#else
+#define LCHOWN chown
+#endif
+
+#if HAVE_LSTAT
+#define LSTAT lstat
+#else
+#define LSTAT stat
+#endif
+
+#if HAVE_TERMIOS_H
+# include <termios.h>
+# define STTY(fd, termio) tcsetattr(fd, TCSANOW, termio)
+# define GTTY(fd, termio) tcgetattr(fd, termio)
+# define TERMIO struct termios
+# define USE_TERMIOS
+#else /* assumed HAVE_TERMIO_H */
+# include <sys/ioctl.h>
+# include <termio.h>
+# define STTY(fd, termio) ioctl(fd, TCSETA, termio)
+# define GTTY(fd, termio) ioctl(fd, TCGETA, termio)
+# define TEMRIO struct termio
+# define USE_TERMIO
+#endif
+
+/*
+ * Password aging constants
+ *
+ * DAY - seconds / day
+ * WEEK - seconds / week
+ * SCALE - seconds / aging unit
+ */
+
+/* Solaris defines this in shadow.h */
+#ifndef DAY
+#define DAY (24L*3600L)
+#endif
+
+#define WEEK (7*DAY)
+
+#ifdef ITI_AGING
+#define SCALE 1
+#else
+#define SCALE DAY
+#endif
+
+/* Copy string pointed by B to array A with size checking. It was originally
+ in lmain.c but is _very_ useful elsewhere. Some setuid root programs with
+ very sloppy coding used to assume that BUFSIZ will always be enough... */
+
+ /* danger - side effects */
+#define STRFCPY(A,B) \
+ (strncpy((A), (B), sizeof(A) - 1), (A)[sizeof(A) - 1] = '\0')
+
+#ifndef PASSWD_FILE
+#define PASSWD_FILE "/etc/passwd"
+#endif
+
+#ifndef GROUP_FILE
+#define GROUP_FILE "/etc/group"
+#endif
+
+#ifndef SHADOW_FILE
+#define SHADOW_FILE "/etc/shadow"
+#endif
+
+#ifdef SHADOWGRP
+#ifndef SGROUP_FILE
+#define SGROUP_FILE "/etc/gshadow"
+#endif
+#endif
+
+#ifndef NULL
+#define NULL ((void *) 0)
+#endif
+
+#ifdef sun /* hacks for compiling on SunOS */
+# ifndef SOLARIS
+extern int fputs ();
+extern char *strdup ();
+extern char *strerror ();
+# endif
+#endif
+
+/*
+ * string to use for the pw_passwd field in /etc/passwd when using
+ * shadow passwords - most systems use "x" but there are a few
+ * exceptions, so it can be changed here if necessary. --marekm
+ */
+#ifndef SHADOW_PASSWD_STRING
+#define SHADOW_PASSWD_STRING "x"
+#endif
+
+#define SHADOW_SP_FLAG_UNSET ((unsigned long int)-1)
+
+#ifdef WITH_AUDIT
+#ifdef __u8 /* in case we use pam < 0.80 */
+#undef __u8
+#endif
+#ifdef __u32
+#undef __u32
+#endif
+
+#include <libaudit.h>
+#endif
+
+/* To be used for verified unused parameters */
+#if defined(__GNUC__) && !defined(__STRICT_ANSI__)
+# define unused __attribute__((unused))
+#else
+# define unused
+#endif
+
+/* ! Arguments evaluated twice ! */
+#ifndef MIN
+#define MIN(a,b) (((a) < (b)) ? (a) : (b))
+#endif
+#ifndef MAX
+#define MAX(x,y) (((x) > (y)) ? (x) : (y))
+#endif
+
+/* Maximum length of usernames */
+#ifdef HAVE_UTMPX_H
+# include <utmpx.h>
+# define USER_NAME_MAX_LENGTH (sizeof (((struct utmpx *)NULL)->ut_user))
+#else
+# include <utmp.h>
+# ifdef HAVE_STRUCT_UTMP_UT_USER
+# define USER_NAME_MAX_LENGTH (sizeof (((struct utmp *)NULL)->ut_user))
+# else
+# ifdef HAVE_STRUCT_UTMP_UT_NAME
+# define USER_NAME_MAX_LENGTH (sizeof (((struct utmp *)NULL)->ut_name))
+# else
+# define USER_NAME_MAX_LENGTH 32
+# endif
+# endif
+#endif
+
+#endif /* _DEFINES_H_ */
diff --git a/lib/encrypt.c b/lib/encrypt.c
new file mode 100644
index 0000000..53c99c9
--- /dev/null
+++ b/lib/encrypt.c
@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 1990 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <unistd.h>
+#include <stdio.h>
+
+#include "prototypes.h"
+#include "defines.h"
+
+/*@exposed@*//*@null@*/char *pw_encrypt (const char *clear, const char *salt)
+{
+ static char cipher[128];
+ char *cp;
+
+ cp = crypt (clear, salt);
+ if (NULL == cp) {
+ /*
+ * Single Unix Spec: crypt() may return a null pointer,
+ * and set errno to indicate an error. In this case return
+ * the NULL so the caller can handle appropriately.
+ */
+ return NULL;
+ }
+
+ /* Some crypt() do not return NULL if the algorithm is not
+ * supported, and return a DES encrypted password. */
+ if ((NULL != salt) && (salt[0] == '$') && (strlen (cp) <= 13))
+ {
+ /*@observer@*/const char *method;
+ switch (salt[1])
+ {
+ case '1':
+ method = "MD5";
+ break;
+ case '5':
+ method = "SHA256";
+ break;
+ case '6':
+ method = "SHA512";
+ break;
+ default:
+ {
+ static char nummethod[4] = "$x$";
+ nummethod[1] = salt[1];
+ method = &nummethod[0];
+ }
+ }
+ (void) fprintf (stderr,
+ _("crypt method not supported by libcrypt? (%s)\n"),
+ method);
+ exit (EXIT_FAILURE);
+ }
+
+ if (strlen (cp) != 13) {
+ return cp; /* nonstandard crypt() in libc, better bail out */
+ }
+
+ strcpy (cipher, cp);
+
+ return cipher;
+}
+
diff --git a/lib/exitcodes.h b/lib/exitcodes.h
new file mode 100644
index 0000000..96b2340
--- /dev/null
+++ b/lib/exitcodes.h
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2005 - 2006, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+/*
+ * Exit codes used by shadow programs
+ */
+#define E_SUCCESS EXIT_SUCCESS /* success */
+/*
+ * FIXME: other values should differ from EXIT_FAILURE (and EXIT_SUCCESS).
+ *
+ * FIXME: reserve EXIT_FAILURE for internal failures.
+ */
+#define E_NOPERM 1 /* permission denied */
+#define E_USAGE 2 /* invalid command syntax */
+#define E_BAD_ARG 3 /* invalid argument to option */
+#define E_PASSWD_NOTFOUND 14 /* not found password file */
+#define E_SHADOW_NOTFOUND 15 /* not found shadow password file */
+#define E_GROUP_NOTFOUND 16 /* not found group file */
+#define E_GSHADOW_NOTFOUND 17 /* not found shadow group file */
+#define E_CMD_NOEXEC 126 /* can't run command/shell */
+#define E_CMD_NOTFOUND 127 /* can't find command/shell to run */
diff --git a/lib/faillog.h b/lib/faillog.h
new file mode 100644
index 0000000..a0a95b3
--- /dev/null
+++ b/lib/faillog.h
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * faillog.h - login failure logging file format
+ *
+ * $Id$
+ *
+ * The login failure file is maintained by login(1) and faillog(8)
+ * Each record in the file represents a separate UID and the file
+ * is indexed in that fashion.
+ */
+
+#ifndef _FAILLOG_H
+#define _FAILLOG_H
+
+struct faillog {
+ short fail_cnt; /* failures since last success */
+ short fail_max; /* failures before turning account off */
+ char fail_line[12]; /* last failure occured here */
+ time_t fail_time; /* last failure occured then */
+ /*
+ * If nonzero, the account will be re-enabled if there are no
+ * failures for fail_locktime seconds since last failure.
+ */
+ long fail_locktime;
+};
+
+#endif
diff --git a/lib/fields.c b/lib/fields.c
new file mode 100644
index 0000000..649fae1
--- /dev/null
+++ b/lib/fields.c
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 1990 , Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <string.h>
+#include <stdio.h>
+#include "prototypes.h"
+
+/*
+ * valid_field - insure that a field contains all legal characters
+ *
+ * The supplied field is scanned for non-printable and other illegal
+ * characters.
+ * + -1 is returned if an illegal character is present.
+ * + 1 is returned if no illegal characters are present, but the field
+ * contains a non-printable character.
+ * + 0 is returned otherwise.
+ */
+int valid_field (const char *field, const char *illegal)
+{
+ const char *cp;
+ int err = 0;
+
+ if (NULL == field) {
+ return -1;
+ }
+
+ /* For each character of field, search if it appears in the list
+ * of illegal characters. */
+ for (cp = field; '\0' != *cp; cp++) {
+ if (strchr (illegal, *cp) != NULL) {
+ err = -1;
+ break;
+ }
+ }
+
+ if (0 == err) {
+ /* Search if there are some non-printable characters */
+ for (cp = field; '\0' != *cp; cp++) {
+ if (!isprint (*cp)) {
+ err = 1;
+ break;
+ }
+ }
+ }
+
+ return err;
+}
+
+/*
+ * change_field - change a single field if a new value is given.
+ *
+ * prompt the user with the name of the field being changed and the
+ * current value.
+ */
+void change_field (char *buf, size_t maxsize, const char *prompt)
+{
+ char newf[200];
+ char *cp;
+
+ if (maxsize > sizeof (newf)) {
+ maxsize = sizeof (newf);
+ }
+
+ printf ("\t%s [%s]: ", prompt, buf);
+ (void) fflush (stdout);
+ if (fgets (newf, (int) maxsize, stdin) != newf) {
+ return;
+ }
+
+ cp = strchr (newf, '\n');
+ if (NULL == cp) {
+ return;
+ }
+ *cp = '\0';
+
+ if ('\0' != newf[0]) {
+ /*
+ * Remove leading and trailing whitespace. This also
+ * makes it possible to change the field to empty, by
+ * entering a space. --marekm
+ */
+
+ while (--cp >= newf && isspace (*cp));
+ cp++;
+ *cp = '\0';
+
+ cp = newf;
+ while (('\0' != *cp) && isspace (*cp)) {
+ cp++;
+ }
+
+ strncpy (buf, cp, maxsize - 1);
+ buf[maxsize - 1] = '\0';
+ }
+}
+
diff --git a/lib/fputsx.c b/lib/fputsx.c
new file mode 100644
index 0000000..c42b40b
--- /dev/null
+++ b/lib/fputsx.c
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include "defines.h"
+#include "prototypes.h"
+
+#ident "$Id$"
+
+
+/*@null@*/char *fgetsx (/*@returned@*/ /*@out@*/char *buf, int cnt, FILE * f)
+{
+ char *cp = buf;
+ char *ep;
+
+ while (cnt > 0) {
+ if (fgets (cp, cnt, f) != cp) {
+ if (cp == buf) {
+ return 0;
+ } else {
+ break;
+ }
+ }
+ ep = strrchr (cp, '\\');
+ if ((NULL != ep) && (*(ep + 1) == '\n')) {
+ cnt -= ep - cp;
+ if (cnt > 0) {
+ cp = ep;
+ *cp = '\0';
+ }
+ } else {
+ break;
+ }
+ }
+ return buf;
+}
+
+int fputsx (const char *s, FILE * stream)
+{
+ int i;
+
+ for (i = 0; '\0' != *s; i++, s++) {
+ if (putc (*s, stream) == EOF) {
+ return EOF;
+ }
+
+#if 0 /* The standard getgr*() can't handle that. --marekm */
+ if (i > (BUFSIZ / 2)) {
+ if (putc ('\\', stream) == EOF ||
+ putc ('\n', stream) == EOF)
+ return EOF;
+
+ i = 0;
+ }
+#endif
+ }
+ return 0;
+}
+
diff --git a/lib/get_gid.c b/lib/get_gid.c
new file mode 100644
index 0000000..6fb31ff
--- /dev/null
+++ b/lib/get_gid.c
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2009 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+
+int get_gid (const char *gidstr, gid_t *gid)
+{
+ long long int val;
+ char *endptr;
+
+ errno = 0;
+ val = strtoll (gidstr, &endptr, 10);
+ if ( ('\0' == *gidstr)
+ || ('\0' != *endptr)
+ || (ERANGE == errno)
+ || (/*@+longintegral@*/val != (gid_t)val)/*@=longintegral@*/) {
+ return 0;
+ }
+
+ *gid = (gid_t)val;
+ return 1;
+}
+
diff --git a/lib/get_pid.c b/lib/get_pid.c
new file mode 100644
index 0000000..e2b47ce
--- /dev/null
+++ b/lib/get_pid.c
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2009 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+
+int get_pid (const char *pidstr, pid_t *pid)
+{
+ long long int val;
+ char *endptr;
+
+ errno = 0;
+ val = strtoll (pidstr, &endptr, 10);
+ if ( ('\0' == *pidstr)
+ || ('\0' != *endptr)
+ || (ERANGE == errno)
+ || (/*@+longintegral@*/val != (pid_t)val)/*@=longintegral@*/) {
+ return 0;
+ }
+
+ *pid = (pid_t)val;
+ return 1;
+}
+
diff --git a/lib/get_uid.c b/lib/get_uid.c
new file mode 100644
index 0000000..ac0f2df
--- /dev/null
+++ b/lib/get_uid.c
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2009 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+
+int get_uid (const char *uidstr, uid_t *uid)
+{
+ long long int val;
+ char *endptr;
+
+ errno = 0;
+ val = strtoll (uidstr, &endptr, 10);
+ if ( ('\0' == *uidstr)
+ || ('\0' != *endptr)
+ || (ERANGE == errno)
+ || (/*@+longintegral@*/val != (uid_t)val)/*@=longintegral@*/) {
+ return 0;
+ }
+
+ *uid = (uid_t)val;
+ return 1;
+}
+
diff --git a/lib/getdef.c b/lib/getdef.c
new file mode 100644
index 0000000..a181cc2
--- /dev/null
+++ b/lib/getdef.c
@@ -0,0 +1,539 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <errno.h>
+#include "getdef.h"
+/*
+ * A configuration item definition.
+ */
+struct itemdef {
+ /*@null@*/const char *name; /* name of the item */
+ /*@null@*/char *value; /* value given, or NULL if no value */
+};
+
+#define PAMDEFS \
+ {"CHFN_AUTH", NULL}, \
+ {"CHSH_AUTH", NULL}, \
+ {"CRACKLIB_DICTPATH", NULL}, \
+ {"ENV_HZ", NULL}, \
+ {"ENVIRON_FILE", NULL}, \
+ {"ENV_TZ", NULL}, \
+ {"FAILLOG_ENAB", NULL}, \
+ {"FTMP_FILE", NULL}, \
+ {"ISSUE_FILE", NULL}, \
+ {"LASTLOG_ENAB", NULL}, \
+ {"LOGIN_STRING", NULL}, \
+ {"MAIL_CHECK_ENAB", NULL}, \
+ {"MOTD_FILE", NULL}, \
+ {"NOLOGINS_FILE", NULL}, \
+ {"OBSCURE_CHECKS_ENAB", NULL}, \
+ {"PASS_ALWAYS_WARN", NULL}, \
+ {"PASS_CHANGE_TRIES", NULL}, \
+ {"PASS_MAX_LEN", NULL}, \
+ {"PASS_MIN_LEN", NULL}, \
+ {"PORTTIME_CHECKS_ENAB", NULL}, \
+ {"QUOTAS_ENAB", NULL}, \
+ {"SU_WHEEL_ONLY", NULL}, \
+ {"ULIMIT", NULL},
+
+
+#define NUMDEFS (sizeof(def_table)/sizeof(def_table[0]))
+static struct itemdef def_table[] = {
+ {"CHFN_RESTRICT", NULL},
+ {"CONSOLE_GROUPS", NULL},
+ {"CONSOLE", NULL},
+ {"CREATE_HOME", NULL},
+ {"DEFAULT_HOME", NULL},
+ {"ENCRYPT_METHOD", NULL},
+ {"ENV_PATH", NULL},
+ {"ENV_SUPATH", NULL},
+ {"ERASECHAR", NULL},
+ {"FAIL_DELAY", NULL},
+ {"FAKE_SHELL", NULL},
+ {"GID_MAX", NULL},
+ {"GID_MIN", NULL},
+ {"HUSHLOGIN_FILE", NULL},
+ {"KILLCHAR", NULL},
+ {"LOGIN_RETRIES", NULL},
+ {"LOGIN_TIMEOUT", NULL},
+ {"LOG_OK_LOGINS", NULL},
+ {"LOG_UNKFAIL_ENAB", NULL},
+ {"MAIL_DIR", NULL},
+ {"MAIL_FILE", NULL},
+ {"MAX_MEMBERS_PER_GROUP", NULL},
+ {"MD5_CRYPT_ENAB", NULL},
+ {"PASS_MAX_DAYS", NULL},
+ {"PASS_MIN_DAYS", NULL},
+ {"PASS_WARN_AGE", NULL},
+#ifdef USE_SHA_CRYPT
+ {"SHA_CRYPT_MAX_ROUNDS", NULL},
+ {"SHA_CRYPT_MIN_ROUNDS", NULL},
+#endif
+ {"SUB_GID_COUNT", NULL},
+ {"SUB_GID_MAX", NULL},
+ {"SUB_GID_MIN", NULL},
+ {"SUB_UID_COUNT", NULL},
+ {"SUB_UID_MAX", NULL},
+ {"SUB_UID_MIN", NULL},
+ {"SULOG_FILE", NULL},
+ {"SU_NAME", NULL},
+ {"SYS_GID_MAX", NULL},
+ {"SYS_GID_MIN", NULL},
+ {"SYS_UID_MAX", NULL},
+ {"SYS_UID_MIN", NULL},
+ {"TTYGROUP", NULL},
+ {"TTYPERM", NULL},
+ {"TTYTYPE_FILE", NULL},
+ {"UID_MAX", NULL},
+ {"UID_MIN", NULL},
+ {"UMASK", NULL},
+ {"USERDEL_CMD", NULL},
+ {"USERGROUPS_ENAB", NULL},
+#ifndef USE_PAM
+ PAMDEFS
+#endif
+#ifdef USE_SYSLOG
+ {"SYSLOG_SG_ENAB", NULL},
+ {"SYSLOG_SU_ENAB", NULL},
+#endif
+#ifdef WITH_TCB
+ {"TCB_AUTH_GROUP", NULL},
+ {"TCB_SYMLINKS", NULL},
+ {"USE_TCB", NULL},
+#endif
+ {"FORCE_SHADOW", NULL},
+ {NULL, NULL}
+};
+
+#define NUMKNOWNDEFS (sizeof(knowndef_table)/sizeof(knowndef_table[0]))
+static struct itemdef knowndef_table[] = {
+#ifdef USE_PAM
+ PAMDEFS
+#endif
+ {NULL, NULL}
+};
+
+#ifndef LOGINDEFS
+#define LOGINDEFS "/etc/login.defs"
+#endif
+
+static char def_fname[] = LOGINDEFS; /* login config defs file */
+static bool def_loaded = false; /* are defs already loaded? */
+
+/* local function prototypes */
+static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *);
+static void def_load (void);
+
+
+/*
+ * getdef_str - get string value from table of definitions.
+ *
+ * Return point to static data for specified item, or NULL if item is not
+ * defined. First time invoked, will load definitions from the file.
+ */
+
+/*@observer@*/ /*@null@*/const char *getdef_str (const char *item)
+{
+ struct itemdef *d;
+
+ if (!def_loaded) {
+ def_load ();
+ }
+
+ d = def_find (item);
+ return ((NULL == d)? (const char *) NULL : d->value);
+}
+
+
+/*
+ * getdef_bool - get boolean value from table of definitions.
+ *
+ * Return TRUE if specified item is defined as "yes", else FALSE.
+ */
+
+bool getdef_bool (const char *item)
+{
+ struct itemdef *d;
+
+ if (!def_loaded) {
+ def_load ();
+ }
+
+ d = def_find (item);
+ if ((NULL == d) || (NULL == d->value)) {
+ return false;
+ }
+
+ return (strcasecmp (d->value, "yes") == 0);
+}
+
+
+/*
+ * getdef_num - get numerical value from table of definitions
+ *
+ * Returns numeric value of specified item, else the "dflt" value if
+ * the item is not defined. Octal (leading "0") and hex (leading "0x")
+ * values are handled.
+ */
+
+int getdef_num (const char *item, int dflt)
+{
+ struct itemdef *d;
+ long val;
+
+ if (!def_loaded) {
+ def_load ();
+ }
+
+ d = def_find (item);
+ if ((NULL == d) || (NULL == d->value)) {
+ return dflt;
+ }
+
+ if ( (getlong (d->value, &val) == 0)
+ || (val > INT_MAX)
+ || (val < INT_MIN)) {
+ fprintf (stderr,
+ _("configuration error - cannot parse %s value: '%s'"),
+ item, d->value);
+ return dflt;
+ }
+
+ return (int) val;
+}
+
+
+/*
+ * getdef_unum - get unsigned numerical value from table of definitions
+ *
+ * Returns numeric value of specified item, else the "dflt" value if
+ * the item is not defined. Octal (leading "0") and hex (leading "0x")
+ * values are handled.
+ */
+
+unsigned int getdef_unum (const char *item, unsigned int dflt)
+{
+ struct itemdef *d;
+ long val;
+
+ if (!def_loaded) {
+ def_load ();
+ }
+
+ d = def_find (item);
+ if ((NULL == d) || (NULL == d->value)) {
+ return dflt;
+ }
+
+ if ( (getlong (d->value, &val) == 0)
+ || (val < 0)
+ || (val > INT_MAX)) {
+ fprintf (stderr,
+ _("configuration error - cannot parse %s value: '%s'"),
+ item, d->value);
+ return dflt;
+ }
+
+ return (unsigned int) val;
+}
+
+
+/*
+ * getdef_long - get long integer value from table of definitions
+ *
+ * Returns numeric value of specified item, else the "dflt" value if
+ * the item is not defined. Octal (leading "0") and hex (leading "0x")
+ * values are handled.
+ */
+
+long getdef_long (const char *item, long dflt)
+{
+ struct itemdef *d;
+ long val;
+
+ if (!def_loaded) {
+ def_load ();
+ }
+
+ d = def_find (item);
+ if ((NULL == d) || (NULL == d->value)) {
+ return dflt;
+ }
+
+ if (getlong (d->value, &val) == 0) {
+ fprintf (stderr,
+ _("configuration error - cannot parse %s value: '%s'"),
+ item, d->value);
+ return dflt;
+ }
+
+ return val;
+}
+
+/*
+ * getdef_ulong - get unsigned long numerical value from table of definitions
+ *
+ * Returns numeric value of specified item, else the "dflt" value if
+ * the item is not defined. Octal (leading "0") and hex (leading "0x")
+ * values are handled.
+ */
+
+unsigned long getdef_ulong (const char *item, unsigned long dflt)
+{
+ struct itemdef *d;
+ unsigned long val;
+
+ if (!def_loaded) {
+ def_load ();
+ }
+
+ d = def_find (item);
+ if ((NULL == d) || (NULL == d->value)) {
+ return dflt;
+ }
+
+ if (getulong (d->value, &val) == 0) {
+ /* FIXME: we should have a getulong */
+ fprintf (stderr,
+ _("configuration error - cannot parse %s value: '%s'"),
+ item, d->value);
+ return dflt;
+ }
+
+ return val;
+}
+
+/*
+ * putdef_str - override the value read from /etc/login.defs
+ * (also used when loading the initial defaults)
+ */
+
+int putdef_str (const char *name, const char *value)
+{
+ struct itemdef *d;
+ char *cp;
+
+ if (!def_loaded) {
+ def_load ();
+ }
+
+ /*
+ * Locate the slot to save the value. If this parameter
+ * is unknown then "def_find" will print an err message.
+ */
+ d = def_find (name);
+ if (NULL == d) {
+ return -1;
+ }
+
+ /*
+ * Save off the value.
+ */
+ cp = strdup (value);
+ if (NULL == cp) {
+ (void) fputs (_("Could not allocate space for config info.\n"),
+ stderr);
+ SYSLOG ((LOG_ERR, "could not allocate space for config info"));
+ return -1;
+ }
+
+ if (NULL != d->value) {
+ free (d->value);
+ }
+
+ d->value = cp;
+ return 0;
+}
+
+
+/*
+ * def_find - locate named item in table
+ *
+ * Search through a table of configurable items to locate the
+ * specified configuration option.
+ */
+
+static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
+{
+ struct itemdef *ptr;
+
+
+ /*
+ * Search into the table.
+ */
+
+ for (ptr = def_table; NULL != ptr->name; ptr++) {
+ if (strcmp (ptr->name, name) == 0) {
+ return ptr;
+ }
+ }
+
+ /*
+ * Item was never found.
+ */
+
+ for (ptr = knowndef_table; NULL != ptr->name; ptr++) {
+ if (strcmp (ptr->name, name) == 0) {
+ goto out;
+ }
+ }
+ fprintf (stderr,
+ _("configuration error - unknown item '%s' (notify administrator)\n"),
+ name);
+ SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name));
+
+out:
+ return (struct itemdef *) NULL;
+}
+
+/*
+ * def_load - load configuration table
+ *
+ * Loads the user-configured options from the default configuration file
+ */
+
+static void def_load (void)
+{
+ int i;
+ FILE *fp;
+ char buf[1024], *name, *value, *s;
+
+ /*
+ * Set the initialized flag.
+ * (do it early to prevent recursion in putdef_str())
+ */
+ def_loaded = true;
+
+ /*
+ * Open the configuration definitions file.
+ */
+ fp = fopen (def_fname, "r");
+ if (NULL == fp) {
+ if (errno == ENOENT)
+ return;
+
+ int err = errno;
+ SYSLOG ((LOG_CRIT, "cannot open login definitions %s [%s]",
+ def_fname, strerror (err)));
+ exit (EXIT_FAILURE);
+ }
+
+ /*
+ * Go through all of the lines in the file.
+ */
+ while (fgets (buf, (int) sizeof (buf), fp) != NULL) {
+
+ /*
+ * Trim trailing whitespace.
+ */
+ for (i = (int) strlen (buf) - 1; i >= 0; --i) {
+ if (!isspace (buf[i])) {
+ break;
+ }
+ }
+ i++;
+ buf[i] = '\0';
+
+ /*
+ * Break the line into two fields.
+ */
+ name = buf + strspn (buf, " \t"); /* first nonwhite */
+ if (*name == '\0' || *name == '#')
+ continue; /* comment or empty */
+
+ s = name + strcspn (name, " \t"); /* end of field */
+ if (*s == '\0')
+ continue; /* only 1 field?? */
+
+ *s++ = '\0';
+ value = s + strspn (s, " \"\t"); /* next nonwhite */
+ *(value + strcspn (value, "\"")) = '\0';
+
+ /*
+ * Store the value in def_table.
+ *
+ * Ignore failures to load the login.defs file.
+ * The error was already reported to the user and to
+ * syslog. The tools will just use their default values.
+ */
+ (void)putdef_str (name, value);
+ }
+
+ if (ferror (fp) != 0) {
+ int err = errno;
+ SYSLOG ((LOG_CRIT, "cannot read login definitions %s [%s]",
+ def_fname, strerror (err)));
+ exit (EXIT_FAILURE);
+ }
+
+ (void) fclose (fp);
+}
+
+
+#ifdef CKDEFS
+int main (int argc, char **argv)
+{
+ int i;
+ char *cp;
+ struct itemdef *d;
+
+ def_load ();
+
+ for (i = 0; i < NUMDEFS; ++i) {
+ d = def_find (def_table[i].name);
+ if (NULL == d) {
+ printf ("error - lookup '%s' failed\n",
+ def_table[i].name);
+ } else {
+ printf ("%4d %-24s %s\n", i + 1, d->name, d->value);
+ }
+ }
+ for (i = 1; i < argc; i++) {
+ cp = getdef_str (argv[1]);
+ if (NULL != cp) {
+ printf ("%s `%s'\n", argv[1], cp);
+ } else {
+ printf ("%s not found\n", argv[1]);
+ }
+ }
+ exit (EXIT_SUCCESS);
+}
+#endif
diff --git a/lib/getdef.h b/lib/getdef.h
new file mode 100644
index 0000000..15e35ff
--- /dev/null
+++ b/lib/getdef.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef _GETDEF_H
+#define _GETDEF_H
+
+/* getdef.c */
+extern bool getdef_bool (const char *);
+extern long getdef_long (const char *, long);
+extern int getdef_num (const char *, int);
+extern unsigned long getdef_ulong (const char *, unsigned long);
+extern unsigned int getdef_unum (const char *, unsigned int);
+extern /*@observer@*/ /*@null@*/const char *getdef_str (const char *);
+extern int putdef_str (const char *, const char *);
+
+/* default UMASK value if not specified in /etc/login.defs */
+#define GETDEF_DEFAULT_UMASK 022
+
+#endif /* _GETDEF_H */
diff --git a/lib/getlong.c b/lib/getlong.c
new file mode 100644
index 0000000..47c3a60
--- /dev/null
+++ b/lib/getlong.c
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdlib.h>
+#include <errno.h>
+#include "prototypes.h"
+
+/*
+ * getlong - extract a long integer provided by the numstr string in *result
+ *
+ * It supports decimal, hexadecimal or octal representations.
+ *
+ * Returns 0 on failure, 1 on success.
+ */
+int getlong (const char *numstr, /*@out@*/long int *result)
+{
+ long val;
+ char *endptr;
+
+ errno = 0;
+ val = strtol (numstr, &endptr, 0);
+ if (('\0' == *numstr) || ('\0' != *endptr) || (ERANGE == errno)) {
+ return 0;
+ }
+
+ *result = val;
+ return 1;
+}
+
diff --git a/lib/getulong.c b/lib/getulong.c
new file mode 100644
index 0000000..08d2c1a
--- /dev/null
+++ b/lib/getulong.c
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id: getlong.c 2763 2009-04-23 09:57:03Z nekral-guest $"
+
+#include <stdlib.h>
+#include <errno.h>
+#include "prototypes.h"
+
+/*
+ * getulong - extract an unsigned long integer provided by the numstr string in *result
+ *
+ * It supports decimal, hexadecimal or octal representations.
+ *
+ * Returns 0 on failure, 1 on success.
+ */
+int getulong (const char *numstr, /*@out@*/unsigned long int *result)
+{
+ unsigned long int val;
+ char *endptr;
+
+ errno = 0;
+ val = strtoul (numstr, &endptr, 0);
+ if ( ('\0' == *numstr)
+ || ('\0' != *endptr)
+ || (ERANGE == errno)
+ ) {
+ return 0;
+ }
+
+ *result = val;
+ return 1;
+}
+
diff --git a/lib/groupio.c b/lib/groupio.c
new file mode 100644
index 0000000..ae2302b
--- /dev/null
+++ b/lib/groupio.c
@@ -0,0 +1,462 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 , Michał Moskal
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <stdio.h>
+
+#include "prototypes.h"
+#include "defines.h"
+#include "commonio.h"
+#include "getdef.h"
+#include "groupio.h"
+
+static /*@null@*/struct commonio_entry *merge_group_entries (
+ /*@null@*/ /*@returned@*/struct commonio_entry *gr1,
+ /*@null@*/struct commonio_entry *gr2);
+static int split_groups (unsigned int max_members);
+static int group_open_hook (void);
+
+static /*@null@*/ /*@only@*/void *group_dup (const void *ent)
+{
+ const struct group *gr = ent;
+
+ return __gr_dup (gr);
+}
+
+static void group_free (/*@out@*/ /*@only@*/void *ent)
+{
+ struct group *gr = ent;
+
+ gr_free (gr);
+}
+
+static const char *group_getname (const void *ent)
+{
+ const struct group *gr = ent;
+
+ return gr->gr_name;
+}
+
+static void *group_parse (const char *line)
+{
+ return (void *) sgetgrent (line);
+}
+
+static int group_put (const void *ent, FILE * file)
+{
+ const struct group *gr = ent;
+
+ if ( (NULL == gr)
+ || (valid_field (gr->gr_name, ":\n") == -1)
+ || (valid_field (gr->gr_passwd, ":\n") == -1)
+ || (gr->gr_gid == (gid_t)-1)) {
+ return -1;
+ }
+
+ /* FIXME: fail also if gr->gr_mem == NULL ?*/
+ if (NULL != gr->gr_mem) {
+ size_t i;
+ for (i = 0; NULL != gr->gr_mem[i]; i++) {
+ if (valid_field (gr->gr_mem[i], ",:\n") == -1) {
+ return -1;
+ }
+ }
+ }
+
+ return (putgrent (gr, file) == -1) ? -1 : 0;
+}
+
+static int group_close_hook (void)
+{
+ unsigned int max_members = getdef_unum("MAX_MEMBERS_PER_GROUP", 0);
+
+ if (0 == max_members) {
+ return 1;
+ }
+
+ return split_groups (max_members);
+}
+
+static struct commonio_ops group_ops = {
+ group_dup,
+ group_free,
+ group_getname,
+ group_parse,
+ group_put,
+ fgetsx,
+ fputsx,
+ group_open_hook,
+ group_close_hook
+};
+
+static /*@owned@*/struct commonio_db group_db = {
+ GROUP_FILE, /* filename */
+ &group_ops, /* ops */
+ NULL, /* fp */
+#ifdef WITH_SELINUX
+ NULL, /* scontext */
+#endif
+ 0644, /* st_mode */
+ 0, /* st_uid */
+ 0, /* st_gid */
+ NULL, /* head */
+ NULL, /* tail */
+ NULL, /* cursor */
+ false, /* changed */
+ false, /* isopen */
+ false, /* locked */
+ false /* readonly */
+};
+
+int gr_setdbname (const char *filename)
+{
+ return commonio_setname (&group_db, filename);
+}
+
+/*@observer@*/const char *gr_dbname (void)
+{
+ return group_db.filename;
+}
+
+int gr_lock (void)
+{
+ return commonio_lock (&group_db);
+}
+
+int gr_open (int mode)
+{
+ return commonio_open (&group_db, mode);
+}
+
+/*@observer@*/ /*@null@*/const struct group *gr_locate (const char *name)
+{
+ return commonio_locate (&group_db, name);
+}
+
+/*@observer@*/ /*@null@*/const struct group *gr_locate_gid (gid_t gid)
+{
+ const struct group *grp;
+
+ gr_rewind ();
+ while ( ((grp = gr_next ()) != NULL)
+ && (grp->gr_gid != gid)) {
+ }
+
+ return grp;
+}
+
+int gr_update (const struct group *gr)
+{
+ return commonio_update (&group_db, (const void *) gr);
+}
+
+int gr_remove (const char *name)
+{
+ return commonio_remove (&group_db, name);
+}
+
+int gr_rewind (void)
+{
+ return commonio_rewind (&group_db);
+}
+
+/*@observer@*/ /*@null@*/const struct group *gr_next (void)
+{
+ return commonio_next (&group_db);
+}
+
+int gr_close (void)
+{
+ return commonio_close (&group_db);
+}
+
+int gr_unlock (void)
+{
+ return commonio_unlock (&group_db);
+}
+
+void __gr_set_changed (void)
+{
+ group_db.changed = true;
+}
+
+/*@dependent@*/ /*@null@*/struct commonio_entry *__gr_get_head (void)
+{
+ return group_db.head;
+}
+
+/*@observer@*/const struct commonio_db *__gr_get_db (void)
+{
+ return &group_db;
+}
+
+void __gr_del_entry (const struct commonio_entry *ent)
+{
+ commonio_del_entry (&group_db, ent);
+}
+
+static int gr_cmp (const void *p1, const void *p2)
+{
+ gid_t u1, u2;
+
+ if ((*(struct commonio_entry **) p1)->eptr == NULL) {
+ return 1;
+ }
+ if ((*(struct commonio_entry **) p2)->eptr == NULL) {
+ return -1;
+ }
+
+ u1 = ((struct group *) (*(struct commonio_entry **) p1)->eptr)->gr_gid;
+ u2 = ((struct group *) (*(struct commonio_entry **) p2)->eptr)->gr_gid;
+
+ if (u1 < u2) {
+ return -1;
+ } else if (u1 > u2) {
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+/* Sort entries by GID */
+int gr_sort ()
+{
+ return commonio_sort (&group_db, gr_cmp);
+}
+
+static int group_open_hook (void)
+{
+ unsigned int max_members = getdef_unum("MAX_MEMBERS_PER_GROUP", 0);
+ struct commonio_entry *gr1, *gr2;
+
+ if (0 == max_members) {
+ return 1;
+ }
+
+ for (gr1 = group_db.head; NULL != gr1; gr1 = gr1->next) {
+ for (gr2 = gr1->next; NULL != gr2; gr2 = gr2->next) {
+ struct group *g1 = (struct group *)gr1->eptr;
+ struct group *g2 = (struct group *)gr2->eptr;
+ if (NULL != g1 &&
+ NULL != g2 &&
+ 0 == strcmp (g1->gr_name, g2->gr_name) &&
+ 0 == strcmp (g1->gr_passwd, g2->gr_passwd) &&
+ g1->gr_gid == g2->gr_gid) {
+ /* Both group entries refer to the same
+ * group. It is a split group. Merge the
+ * members. */
+ gr1 = merge_group_entries (gr1, gr2);
+ if (NULL == gr1)
+ return 0;
+ /* Unlink gr2 */
+ if (NULL != gr2->next) {
+ gr2->next->prev = gr2->prev;
+ }
+ /* gr2 does not start with head */
+ assert (NULL != gr2->prev);
+ gr2->prev->next = gr2->next;
+ }
+ }
+ assert (NULL != gr1);
+ }
+
+ return 1;
+}
+
+/*
+ * Merge the list of members of the two group entries.
+ *
+ * The commonio_entry arguments shall be group entries.
+ *
+ * You should not merge the members of two groups if they don't have the
+ * same name, password and gid.
+ *
+ * It merge the members of the second entry in the first one, and return
+ * the modified first entry on success, or NULL on failure (with errno
+ * set).
+ */
+static /*@null@*/struct commonio_entry *merge_group_entries (
+ /*@null@*/ /*@returned@*/struct commonio_entry *gr1,
+ /*@null@*/struct commonio_entry *gr2)
+{
+ struct group *gptr1;
+ struct group *gptr2;
+ char **new_members;
+ size_t members = 0;
+ char *new_line;
+ size_t new_line_len, i;
+ if (NULL == gr2 || NULL == gr1) {
+ errno = EINVAL;
+ return NULL;
+ }
+
+ gptr1 = (struct group *)gr1->eptr;
+ gptr2 = (struct group *)gr2->eptr;
+ if (NULL == gptr2 || NULL == gptr1) {
+ errno = EINVAL;
+ return NULL;
+ }
+
+ /* Concatenate the 2 lines */
+ new_line_len = strlen (gr1->line) + strlen (gr2->line) +1;
+ new_line = (char *)malloc (new_line_len + 1);
+ if (NULL == new_line) {
+ errno = ENOMEM;
+ return NULL;
+ }
+ snprintf(new_line, new_line_len + 1, "%s\n%s", gr1->line, gr2->line);
+
+ /* Concatenate the 2 list of members */
+ for (i=0; NULL != gptr1->gr_mem[i]; i++);
+ members += i;
+ for (i=0; NULL != gptr2->gr_mem[i]; i++) {
+ char **pmember = gptr1->gr_mem;
+ while (NULL != *pmember) {
+ if (0 == strcmp(*pmember, gptr2->gr_mem[i])) {
+ break;
+ }
+ pmember++;
+ }
+ if (NULL == *pmember) {
+ members++;
+ }
+ }
+ new_members = (char **)calloc ( (members+1), sizeof(char*) );
+ if (NULL == new_members) {
+ free (new_line);
+ errno = ENOMEM;
+ return NULL;
+ }
+ for (i=0; NULL != gptr1->gr_mem[i]; i++) {
+ new_members[i] = gptr1->gr_mem[i];
+ }
+ /* NULL termination enforced by above calloc */
+
+ members = i;
+ for (i=0; NULL != gptr2->gr_mem[i]; i++) {
+ char **pmember = new_members;
+ while (NULL != *pmember) {
+ if (0 == strcmp(*pmember, gptr2->gr_mem[i])) {
+ break;
+ }
+ pmember++;
+ }
+ if (NULL == *pmember) {
+ new_members[members] = gptr2->gr_mem[i];
+ members++;
+ new_members[members] = NULL;
+ }
+ }
+
+ gr1->line = new_line;
+ gptr1->gr_mem = new_members;
+
+ return gr1;
+}
+
+/*
+ * Scan the group database and split the groups which have more members
+ * than specified, if this is the result from a current change.
+ *
+ * Return 0 on failure (errno set) and 1 on success.
+ */
+static int split_groups (unsigned int max_members)
+{
+ struct commonio_entry *gr;
+
+ for (gr = group_db.head; NULL != gr; gr = gr->next) {
+ struct group *gptr = (struct group *)gr->eptr;
+ struct commonio_entry *new;
+ struct group *new_gptr;
+ unsigned int members = 0;
+ unsigned int i;
+
+ /* Check if this group must be split */
+ if (!gr->changed) {
+ continue;
+ }
+ if (NULL == gptr) {
+ continue;
+ }
+ for (members = 0; NULL != gptr->gr_mem[members]; members++);
+ if (members <= max_members) {
+ continue;
+ }
+
+ new = (struct commonio_entry *) malloc (sizeof *new);
+ if (NULL == new) {
+ errno = ENOMEM;
+ return 0;
+ }
+ new->eptr = group_dup(gr->eptr);
+ if (NULL == new->eptr) {
+ free (new);
+ errno = ENOMEM;
+ return 0;
+ }
+ new_gptr = (struct group *)new->eptr;
+ new->line = NULL;
+ new->changed = true;
+
+ /* Enforce the maximum number of members on gptr */
+ for (i = max_members; NULL != gptr->gr_mem[i]; i++) {
+ free (gptr->gr_mem[i]);
+ gptr->gr_mem[i] = NULL;
+ }
+ /* Shift all the members */
+ /* The number of members in new_gptr will be check later */
+ for (i = 0; NULL != new_gptr->gr_mem[i + max_members]; i++) {
+ if (NULL != new_gptr->gr_mem[i]) {
+ free (new_gptr->gr_mem[i]);
+ }
+ new_gptr->gr_mem[i] = new_gptr->gr_mem[i + max_members];
+ new_gptr->gr_mem[i + max_members] = NULL;
+ }
+ for (; NULL != new_gptr->gr_mem[i]; i++) {
+ free (new_gptr->gr_mem[i]);
+ new_gptr->gr_mem[i] = NULL;
+ }
+
+ /* insert the new entry in the list */
+ new->prev = gr;
+ new->next = gr->next;
+ gr->next = new;
+ }
+
+ return 1;
+}
+
diff --git a/lib/groupio.h b/lib/groupio.h
new file mode 100644
index 0000000..e1f1b02
--- /dev/null
+++ b/lib/groupio.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 , Michał Moskal
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef _GROUPIO_H
+#define _GROUPIO_H
+
+#include <sys/types.h>
+#include <grp.h>
+
+extern int gr_close (void);
+extern /*@observer@*/ /*@null@*/const struct group *gr_locate (const char *name);
+extern /*@observer@*/ /*@null@*/const struct group *gr_locate_gid (gid_t gid);
+extern int gr_lock (void);
+extern int gr_setdbname (const char *filename);
+extern /*@observer@*/const char *gr_dbname (void);
+extern /*@observer@*/ /*@null@*/const struct group *gr_next (void);
+extern int gr_open (int mode);
+extern int gr_remove (const char *name);
+extern int gr_rewind (void);
+extern int gr_unlock (void);
+extern int gr_update (const struct group *gr);
+extern int gr_sort (void);
+
+#endif
diff --git a/lib/groupmem.c b/lib/groupmem.c
new file mode 100644
index 0000000..1fd1c13
--- /dev/null
+++ b/lib/groupmem.c
@@ -0,0 +1,106 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 , Michał Moskal
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2013, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include "groupio.h"
+
+/*@null@*/ /*@only@*/struct group *__gr_dup (const struct group *grent)
+{
+ struct group *gr;
+ int i;
+
+ gr = (struct group *) malloc (sizeof *gr);
+ if (NULL == gr) {
+ return NULL;
+ }
+ /* The libc might define other fields. They won't be copied. */
+ memset (gr, 0, sizeof *gr);
+ gr->gr_gid = grent->gr_gid;
+ /*@-mustfreeonly@*/
+ gr->gr_name = strdup (grent->gr_name);
+ /*@=mustfreeonly@*/
+ if (NULL == gr->gr_name) {
+ gr_free(gr);
+ return NULL;
+ }
+ /*@-mustfreeonly@*/
+ gr->gr_passwd = strdup (grent->gr_passwd);
+ /*@=mustfreeonly@*/
+ if (NULL == gr->gr_passwd) {
+ gr_free(gr);
+ return NULL;
+ }
+
+ for (i = 0; grent->gr_mem[i]; i++);
+
+ /*@-mustfreeonly@*/
+ gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *));
+ /*@=mustfreeonly@*/
+ if (NULL == gr->gr_mem) {
+ gr_free(gr);
+ return NULL;
+ }
+ for (i = 0; grent->gr_mem[i]; i++) {
+ gr->gr_mem[i] = strdup (grent->gr_mem[i]);
+ if (NULL == gr->gr_mem[i]) {
+ gr_free(gr);
+ return NULL;
+ }
+ }
+ gr->gr_mem[i] = NULL;
+
+ return gr;
+}
+
+void gr_free (/*@out@*/ /*@only@*/struct group *grent)
+{
+ free (grent->gr_name);
+ if (NULL != grent->gr_passwd) {
+ memzero (grent->gr_passwd, strlen (grent->gr_passwd));
+ free (grent->gr_passwd);
+ }
+ if (NULL != grent->gr_mem) {
+ size_t i;
+ for (i = 0; NULL != grent->gr_mem[i]; i++) {
+ free (grent->gr_mem[i]);
+ }
+ free (grent->gr_mem);
+ }
+ free (grent);
+}
+
diff --git a/lib/gshadow.c b/lib/gshadow.c
new file mode 100644
index 0000000..e5a0f61
--- /dev/null
+++ b/lib/gshadow.c
@@ -0,0 +1,529 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+/* Newer versions of Linux libc already have shadow support. */
+#if defined(SHADOWGRP) && !defined(HAVE_SHADOWGRP) /*{ */
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+static /*@null@*/FILE *shadow;
+static /*@null@*//*@only@*/char **members = NULL;
+static size_t nmembers = 0;
+static /*@null@*//*@only@*/char **admins = NULL;
+static size_t nadmins = 0;
+static struct sgrp sgroup;
+
+#define FIELDS 4
+
+#ifdef USE_NIS
+static bool nis_used;
+static bool nis_ignore;
+static enum { native, start, middle, native2 } nis_state;
+static bool nis_bound;
+static char *nis_domain;
+static char *nis_key;
+static int nis_keylen;
+static char *nis_val;
+static int nis_vallen;
+
+#define IS_NISCHAR(c) ((c)=='+')
+#endif
+
+#ifdef USE_NIS
+/*
+ * bind_nis - bind to NIS server
+ */
+
+static int bind_nis (void)
+{
+ if (yp_get_default_domain (&nis_domain))
+ return -1;
+
+ nis_bound = true;
+ return 0;
+}
+#endif
+
+static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
+{
+ char **ptr = *list;
+ size_t nelem = *nlist, size;
+
+ while (s != NULL && *s != '\0') {
+ size = (nelem + 1) * sizeof (ptr);
+ ptr = realloc (*list, size);
+ if (NULL != ptr) {
+ ptr[nelem] = s;
+ nelem++;
+ *list = ptr;
+ *nlist = nelem;
+ s = strchr (s, ',');
+ if (NULL != s) {
+ *s = '\0';
+ s++;
+ }
+ }
+ }
+ size = (nelem + 1) * sizeof (ptr);
+ ptr = realloc (*list, size);
+ if (NULL != ptr) {
+ ptr[nelem] = NULL;
+ *list = ptr;
+ }
+ return ptr;
+}
+
+void setsgent (void)
+{
+#ifdef USE_NIS
+ nis_state = native;
+#endif
+ if (NULL != shadow) {
+ rewind (shadow);
+ } else {
+ shadow = fopen (SGROUP_FILE, "r");
+ }
+}
+
+void endsgent (void)
+{
+ if (NULL != shadow) {
+ (void) fclose (shadow);
+ }
+
+ shadow = (FILE *) 0;
+}
+
+/*@observer@*//*@null@*/struct sgrp *sgetsgent (const char *string)
+{
+ static char *sgrbuf = NULL;
+ static size_t sgrbuflen = 0;
+
+ char *fields[FIELDS];
+ char *cp;
+ int i;
+ size_t len = strlen (string) + 1;
+
+ if (len > sgrbuflen) {
+ char *buf = (char *) realloc (sgrbuf, sizeof (char) * len);
+ if (NULL == buf) {
+ return NULL;
+ }
+ sgrbuf = buf;
+ sgrbuflen = len;
+ }
+
+ strncpy (sgrbuf, string, len);
+ sgrbuf[len-1] = '\0';
+
+ cp = strrchr (sgrbuf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ }
+
+ /*
+ * There should be exactly 4 colon separated fields. Find
+ * all 4 of them and save the starting addresses in fields[].
+ */
+
+ for (cp = sgrbuf, i = 0; (i < FIELDS) && (NULL != cp); i++) {
+ fields[i] = cp;
+ cp = strchr (cp, ':');
+ if (NULL != cp) {
+ *cp++ = '\0';
+ }
+ }
+
+ /*
+ * If there was an extra field somehow, or perhaps not enough,
+ * the line is invalid.
+ */
+
+ if ((NULL != cp) || (i != FIELDS)) {
+#ifdef USE_NIS
+ if (!IS_NISCHAR (fields[0][0])) {
+ return 0;
+ } else {
+ nis_used = true;
+ }
+#else
+ return 0;
+#endif
+ }
+
+ sgroup.sg_name = fields[0];
+ sgroup.sg_passwd = fields[1];
+ if (0 != nadmins) {
+ nadmins = 0;
+ free (admins);
+ admins = NULL;
+ }
+ if (0 != nmembers) {
+ nmembers = 0;
+ free (members);
+ members = NULL;
+ }
+ sgroup.sg_adm = build_list (fields[2], &admins, &nadmins);
+ sgroup.sg_mem = build_list (fields[3], &members, &nmembers);
+
+ return &sgroup;
+}
+
+/*
+ * fgetsgent - convert next line in stream to (struct sgrp)
+ *
+ * fgetsgent() reads the next line from the provided stream and
+ * converts it to a (struct sgrp). NULL is returned on EOF.
+ */
+
+/*@observer@*//*@null@*/struct sgrp *fgetsgent (/*@null@*/FILE * fp)
+{
+ static size_t buflen = 0;
+ static char *buf = NULL;
+
+ char *cp;
+
+ if (0 == buflen) {
+ buf = (char *) malloc (BUFSIZ);
+ if (NULL == buf) {
+ return NULL;
+ }
+ buflen = BUFSIZ;
+ }
+
+ if (NULL == fp) {
+ return NULL;
+ }
+
+#ifdef USE_NIS
+ while (fgetsx (buf, (int) buflen, fp) == buf)
+#else
+ if (fgetsx (buf, (int) buflen, fp) == buf)
+#endif
+ {
+ while ( ((cp = strrchr (buf, '\n')) == NULL)
+ && (feof (fp) == 0)) {
+ size_t len;
+
+ cp = (char *) realloc (buf, buflen*2);
+ if (NULL == cp) {
+ return NULL;
+ }
+ buf = cp;
+ buflen *= 2;
+
+ len = strlen (buf);
+ if (fgetsx (&buf[len],
+ (int) (buflen - len),
+ fp) != &buf[len]) {
+ return NULL;
+ }
+ }
+ cp = strrchr (buf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ }
+#ifdef USE_NIS
+ if (nis_ignore && IS_NISCHAR (buf[0])) {
+ continue;
+ }
+#endif
+ return (sgetsgent (buf));
+ }
+ return NULL;
+}
+
+/*
+ * getsgent - get a single shadow group entry
+ */
+
+/*@observer@*//*@null@*/struct sgrp *getsgent (void)
+{
+#ifdef USE_NIS
+ bool nis_1_group = false;
+ struct sgrp *val;
+#endif
+ if (NULL == shadow) {
+ setsgent ();
+ }
+
+#ifdef USE_NIS
+ again:
+ /*
+ * See if we are reading from the local file.
+ */
+
+ if (nis_state == native || nis_state == native2) {
+
+ /*
+ * Get the next entry from the shadow group file. Return
+ * NULL right away if there is none.
+ */
+
+ val = fgetsgent (shadow);
+ if (NULL == val) {
+ return 0;
+ }
+
+ /*
+ * If this entry began with a NIS escape character, we have
+ * to see if this is just a single group, or if the entire
+ * map is being asked for.
+ */
+
+ if (IS_NISCHAR (val->sg_name[0])) {
+ if ('\0' != val->sg_name[1]) {
+ nis_1_group = true;
+ } else {
+ nis_state = start;
+ }
+ }
+
+ /*
+ * If this isn't a NIS group and this isn't an escape to go
+ * use a NIS map, it must be a regular local group.
+ */
+
+ if (!nis_1_group && (nis_state != start)) {
+ return val;
+ }
+
+ /*
+ * If this is an escape to use an NIS map, switch over to
+ * that bunch of code.
+ */
+
+ if (nis_state == start) {
+ goto again;
+ }
+
+ /*
+ * NEEDSWORK. Here we substitute pieces-parts of this entry.
+ */
+
+ return 0;
+ } else {
+ if (!nis_bound) {
+ if (bind_nis ()) {
+ nis_state = native2;
+ goto again;
+ }
+ }
+ if (nis_state == start) {
+ if (yp_first (nis_domain, "gshadow.byname", &nis_key,
+ &nis_keylen, &nis_val, &nis_vallen)) {
+ nis_state = native2;
+ goto again;
+ }
+ nis_state = middle;
+ } else if (nis_state == middle) {
+ if (yp_next (nis_domain, "gshadow.byname", nis_key,
+ nis_keylen, &nis_key, &nis_keylen,
+ &nis_val, &nis_vallen)) {
+ nis_state = native2;
+ goto again;
+ }
+ }
+ return sgetsgent (nis_val);
+ }
+#else
+ return (fgetsgent (shadow));
+#endif
+}
+
+/*
+ * getsgnam - get a shadow group entry by name
+ */
+
+/*@observer@*//*@null@*/struct sgrp *getsgnam (const char *name)
+{
+ struct sgrp *sgrp;
+
+#ifdef USE_NIS
+ static char save_name[16];
+ int nis_disabled = 0;
+#endif
+
+ setsgent ();
+
+#ifdef USE_NIS
+ if (nis_used) {
+ again:
+
+ /*
+ * Search the gshadow.byname map for this group.
+ */
+
+ if (!nis_bound) {
+ bind_nis ();
+ }
+
+ if (nis_bound) {
+ char *cp;
+
+ if (yp_match (nis_domain, "gshadow.byname", name,
+ strlen (name), &nis_val,
+ &nis_vallen) == 0) {
+ cp = strchr (nis_val, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ }
+
+ nis_state = middle;
+ sgrp = sgetsgent (nis_val);
+ if (NULL != sgrp) {
+ strcpy (save_name, sgrp->sg_name);
+ nis_key = save_name;
+ nis_keylen = strlen (save_name);
+ }
+ return sgrp;
+ }
+ }
+ nis_state = native2;
+ }
+#endif
+#ifdef USE_NIS
+ if (nis_used) {
+ nis_ignore = true;
+ nis_disabled = true;
+ }
+#endif
+ while ((sgrp = getsgent ()) != (struct sgrp *) 0) {
+ if (strcmp (name, sgrp->sg_name) == 0) {
+ break;
+ }
+ }
+#ifdef USE_NIS
+ nis_ignore = false;
+#endif
+ return sgrp;
+}
+
+/*
+ * putsgent - output shadow group entry in text form
+ *
+ * putsgent() converts the contents of a (struct sgrp) to text and
+ * writes the result to the given stream. This is the logical
+ * opposite of fgetsgent.
+ */
+
+int putsgent (const struct sgrp *sgrp, FILE * fp)
+{
+ char *buf, *cp;
+ int i;
+ size_t size;
+
+ if ((NULL == fp) || (NULL == sgrp)) {
+ return -1;
+ }
+
+ /* calculate the required buffer size */
+ size = strlen (sgrp->sg_name) + strlen (sgrp->sg_passwd) + 10;
+ for (i = 0; (NULL != sgrp->sg_adm) && (NULL != sgrp->sg_adm[i]); i++) {
+ size += strlen (sgrp->sg_adm[i]) + 1;
+ }
+ for (i = 0; (NULL != sgrp->sg_mem) && (NULL != sgrp->sg_mem[i]); i++) {
+ size += strlen (sgrp->sg_mem[i]) + 1;
+ }
+
+ buf = malloc (size);
+ if (NULL == buf) {
+ return -1;
+ }
+ cp = buf;
+
+ /*
+ * Copy the group name and passwd.
+ */
+
+ strcpy (cp, sgrp->sg_name);
+ cp += strlen (cp);
+ *cp++ = ':';
+
+ strcpy (cp, sgrp->sg_passwd);
+ cp += strlen (cp);
+ *cp++ = ':';
+
+ /*
+ * Copy the administrators, separating each from the other
+ * with a ",".
+ */
+
+ for (i = 0; NULL != sgrp->sg_adm[i]; i++) {
+ if (i > 0) {
+ *cp++ = ',';
+ }
+
+ strcpy (cp, sgrp->sg_adm[i]);
+ cp += strlen (cp);
+ }
+ *cp = ':';
+ cp++;
+
+ /*
+ * Now do likewise with the group members.
+ */
+
+ for (i = 0; NULL != sgrp->sg_mem[i]; i++) {
+ if (i > 0) {
+ *cp = ',';
+ cp++;
+ }
+
+ strcpy (cp, sgrp->sg_mem[i]);
+ cp += strlen (cp);
+ }
+ *cp = '\n';
+ cp++;
+ *cp = '\0';
+
+ /*
+ * Output using the function which understands the line
+ * continuation conventions.
+ */
+
+ if (fputsx (buf, fp) == EOF) {
+ free (buf);
+ return -1;
+ }
+
+ free (buf);
+ return 0;
+}
+#else
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /*} SHADOWGRP */
diff --git a/lib/gshadow_.h b/lib/gshadow_.h
new file mode 100644
index 0000000..7959c5a
--- /dev/null
+++ b/lib/gshadow_.h
@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 1988 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * $Id$
+ */
+
+#ifndef _H_GSHADOW
+#define _H_GSHADOW
+
+/*
+ * Shadow group security file structure
+ */
+
+struct sgrp {
+ char *sg_name; /* group name */
+ char *sg_passwd; /* group password */
+ char **sg_adm; /* group administrator list */
+ char **sg_mem; /* group membership list */
+};
+
+/*
+ * Shadow group security file functions.
+ */
+
+#include <stdio.h> /* for FILE */
+
+#if __STDC__
+/*@observer@*//*@null@*/struct sgrp *getsgent (void);
+/*@observer@*//*@null@*/struct sgrp *getsgnam (const char *);
+/*@observer@*//*@null@*/struct sgrp *sgetsgent (const char *);
+/*@observer@*//*@null@*/struct sgrp *fgetsgent (/*@null@*/FILE *);
+void setsgent (void);
+void endsgent (void);
+int putsgent (const struct sgrp *, FILE *);
+#else
+/*@observer@*//*@null@*/struct sgrp *getsgent ();
+/*@observer@*//*@null@*/struct sgrp *getsgnam ();
+/*@observer@*//*@null@*/struct sgrp *sgetsgent ();
+/*@observer@*//*@null@*/struct sgrp *fgetsgent ();
+void setsgent ();
+void endsgent ();
+int putsgent ();
+#endif
+
+#define GSHADOW "/etc/gshadow"
+#endif /* ifndef _H_GSHADOW */
diff --git a/lib/lockpw.c b/lib/lockpw.c
new file mode 100644
index 0000000..0bcf195
--- /dev/null
+++ b/lib/lockpw.c
@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) 1992 , Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifndef HAVE_LCKPWDF
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include "pwio.h"
+#include "shadowio.h"
+/*
+ * lckpwdf - lock the password files
+ */
+int lckpwdf (void)
+{
+ int i;
+
+ /*
+ * We have 15 seconds to lock the whole mess
+ */
+
+ for (i = 0; i < 15; i++)
+ if (pw_lock ())
+ break;
+ else
+ sleep (1);
+
+ /*
+ * Did we run out of time?
+ */
+
+ if (i == 15)
+ return -1;
+
+ /*
+ * Nope, use any remaining time to lock the shadow password
+ * file.
+ */
+
+ for (; i < 15; i++)
+ if (spw_lock ())
+ break;
+ else
+ sleep (1);
+
+ /*
+ * Out of time yet?
+ */
+
+ if (i == 15) {
+ pw_unlock ();
+ return -1;
+ }
+
+ /*
+ * Nope - and both files are now locked.
+ */
+
+ return 0;
+}
+
+/*
+ * ulckpwdf - unlock the password files
+ */
+
+int ulckpwdf (void)
+{
+
+ /*
+ * Unlock both files.
+ */
+
+ return (pw_unlock () && spw_unlock ())? 0 : -1;
+}
+#else
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif
diff --git a/lib/nscd.c b/lib/nscd.c
new file mode 100644
index 0000000..7adb58f
--- /dev/null
+++ b/lib/nscd.c
@@ -0,0 +1,57 @@
+/* Author: Peter Vrabec <pvrabec@redhat.com> */
+
+#include <config.h>
+#ifdef USE_NSCD
+
+#include <stdio.h>
+#include <sys/wait.h>
+#include <sys/types.h>
+#include "exitcodes.h"
+#include "defines.h"
+#include "prototypes.h"
+#include "nscd.h"
+
+#define MSG_NSCD_FLUSH_CACHE_FAILED "%s: Failed to flush the nscd cache.\n"
+
+/*
+ * nscd_flush_cache - flush specified service buffer in nscd cache
+ */
+int nscd_flush_cache (const char *service)
+{
+ int status, code;
+ const char *cmd = "/usr/sbin/nscd";
+ const char *spawnedArgs[] = {"nscd", "-i", service, NULL};
+ const char *spawnedEnv[] = {NULL};
+
+ if (run_command (cmd, spawnedArgs, spawnedEnv, &status) != 0) {
+ /* run_command writes its own more detailed message. */
+ (void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+ return -1;
+ }
+
+ code = WEXITSTATUS (status);
+ if (!WIFEXITED (status)) {
+ (void) fprintf (stderr,
+ _("%s: nscd did not terminate normally (signal %d)\n"),
+ Prog, WTERMSIG (status));
+ return -1;
+ } else if (code == E_CMD_NOTFOUND) {
+ /* nscd is not installed, or it is installed but uses an
+ interpreter that is missing. Probably the former. */
+ return 0;
+ } else if (code == 1) {
+ /* nscd is installed, but it isn't active. */
+ return 0;
+ } else if (code != 0) {
+ (void) fprintf (stderr, _("%s: nscd exited with status %d\n"),
+ Prog, code);
+ (void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+ return -1;
+ }
+
+ return 0;
+}
+#else /* USE_NSCD */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* USE_NSCD */
+
diff --git a/lib/nscd.h b/lib/nscd.h
new file mode 100644
index 0000000..a430b00
--- /dev/null
+++ b/lib/nscd.h
@@ -0,0 +1,13 @@
+#ifndef _NSCD_H_
+#define _NSCD_H_
+
+/*
+ * nscd_flush_cache - flush specified service buffer in nscd cache
+ */
+#ifdef USE_NSCD
+extern int nscd_flush_cache (const char *service);
+#else
+#define nscd_flush_cache(service) (0)
+#endif
+
+#endif
diff --git a/lib/pam_defs.h b/lib/pam_defs.h
new file mode 100644
index 0000000..343fbb4
--- /dev/null
+++ b/lib/pam_defs.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 1999 , Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include <security/pam_appl.h>
+#ifdef HAVE_SECURITY_PAM_MISC_H
+# include <security/pam_misc.h>
+#endif
+#ifdef HAVE_SECURITY_OPENPAM_H
+# include <security/openpam.h>
+#endif
+
+
+static struct pam_conv conv = {
+ SHADOW_PAM_CONVERSATION,
+ NULL
+};
+
+/* compatibility with different versions of Linux-PAM */
+#if !HAVE_DECL_PAM_ESTABLISH_CRED
+#define PAM_ESTABLISH_CRED PAM_CRED_ESTABLISH
+#endif
+#if !HAVE_DECL_PAM_DELETE_CRED
+#define PAM_DELETE_CRED PAM_CRED_DELETE
+#endif
+#if !HAVE_DECL_PAM_NEW_AUTHTOK_REQD
+#define PAM_NEW_AUTHTOK_REQD PAM_AUTHTOKEN_REQD
+#endif
+#if !HAVE_DECL_PAM_DATA_SILENT
+#define PAM_DATA_SILENT 0
+#endif
diff --git a/lib/port.c b/lib/port.c
new file mode 100644
index 0000000..438879c
--- /dev/null
+++ b/lib/port.c
@@ -0,0 +1,477 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <ctype.h>
+#include <errno.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "port.h"
+
+static FILE *ports;
+
+/*
+ * portcmp - compare the name of a port to a /etc/porttime entry
+ *
+ * portcmp works like strcmp, except that if the last character
+ * in a failing match is a '*', the match is considered to have
+ * passed. The "*" match is suppressed whenever the port is "SU",
+ * which is the token the "su" command uses to validate access.
+ * A match returns 0, failure returns non-zero.
+ */
+
+static int portcmp (const char *pattern, const char *port)
+{
+ const char *orig = port;
+
+ while (('\0' != *pattern) && (*pattern == *port)) {
+ pattern++;
+ port++;
+ }
+
+ if (('\0' == *pattern) && ('\0' == *port)) {
+ return 0;
+ }
+ if (('S' == orig[0]) && ('U' == orig[1]) && ('\0' == orig[2])) {
+ return 1;
+ }
+
+ return (*pattern == '*') ? 0 : 1;
+}
+
+/*
+ * setportent - open /etc/porttime file or rewind
+ *
+ * the /etc/porttime file is rewound if already open, or
+ * opened for reading.
+ */
+
+static void setportent (void)
+{
+ if (NULL != ports) {
+ rewind (ports);
+ } else {
+ ports = fopen (PORTS, "r");
+ }
+}
+
+/*
+ * endportent - close the /etc/porttime file
+ *
+ * the /etc/porttime file is closed and the ports variable set
+ * to NULL to indicate that the /etc/porttime file is no longer
+ * open.
+ */
+
+static void endportent (void)
+{
+ if (NULL != ports) {
+ (void) fclose (ports);
+ }
+
+ ports = (FILE *) 0;
+}
+
+/*
+ * getportent - read a single entry from /etc/porttime
+ *
+ * the next line in /etc/porttime is converted to a (struct port)
+ * and a pointer to a static (struct port) is returned to the
+ * invoker. NULL is returned on either EOF or error. errno is
+ * set to EINVAL on error to distinguish the two conditions.
+ */
+
+static struct port *getportent (void)
+{
+ static struct port port; /* static struct to point to */
+ static char buf[BUFSIZ]; /* some space for stuff */
+ static char *ttys[PORT_TTY + 1]; /* some pointers to tty names */
+ static char *users[PORT_IDS + 1]; /* some pointers to user ids */
+ static struct pt_time ptimes[PORT_TIMES + 1]; /* time ranges */
+ char *cp; /* pointer into line */
+ int dtime; /* scratch time of day */
+ int i, j;
+ int saveerr = errno; /* errno value on entry */
+
+ /*
+ * If the ports file is not open, open the file. Do not rewind
+ * since we want to search from the beginning each time.
+ */
+
+ if (NULL == ports) {
+ setportent ();
+ }
+
+ if (NULL == ports) {
+ errno = saveerr;
+ return 0;
+ }
+
+ /*
+ * Common point for beginning a new line -
+ *
+ * - read a line, and NUL terminate
+ * - skip lines which begin with '#'
+ * - parse off the tty names
+ * - parse off a list of user names
+ * - parse off a list of days and times
+ */
+
+ again:
+
+ /*
+ * Get the next line and remove the last character, which
+ * is a '\n'. Lines which begin with '#' are all ignored.
+ */
+
+ if (fgets (buf, (int) sizeof buf, ports) == 0) {
+ errno = saveerr;
+ return 0;
+ }
+ if ('#' == buf[0]) {
+ goto again;
+ }
+
+ /*
+ * Get the name of the TTY device. It is the first colon
+ * separated field, and is the name of the TTY with no
+ * leading "/dev". The entry '*' is used to specify all
+ * TTY devices.
+ */
+
+ buf[strlen (buf) - 1] = 0;
+
+ port.pt_names = ttys;
+ for (cp = buf, j = 0; j < PORT_TTY; j++) {
+ port.pt_names[j] = cp;
+ while (('\0' != *cp) && (':' != *cp) && (',' != *cp)) {
+ cp++;
+ }
+
+ if ('\0' == *cp) {
+ goto again; /* line format error */
+ }
+
+ if (':' == *cp) { /* end of tty name list */
+ break;
+ }
+
+ if (',' == *cp) { /* end of current tty name */
+ *cp++ = '\0';
+ }
+ }
+ *cp = '\0';
+ cp++;
+ port.pt_names[j + 1] = (char *) 0;
+
+ /*
+ * Get the list of user names. It is the second colon
+ * separated field, and is a comma separated list of user
+ * names. The entry '*' is used to specify all usernames.
+ * The last entry in the list is a (char *) 0 pointer.
+ */
+
+ if (':' != *cp) {
+ port.pt_users = users;
+ port.pt_users[0] = cp;
+
+ for (j = 1; ':' != *cp; cp++) {
+ if ((',' == *cp) && (j < PORT_IDS)) {
+ *cp = '\0';
+ cp++;
+ port.pt_users[j] = cp;
+ j++;
+ }
+ }
+ port.pt_users[j] = 0;
+ } else {
+ port.pt_users = 0;
+ }
+
+ if (':' != *cp) {
+ goto again;
+ }
+
+ *cp = '\0';
+ cp++;
+
+ /*
+ * Get the list of valid times. The times field is the third
+ * colon separated field and is a list of days of the week and
+ * times during which this port may be used by this user. The
+ * valid days are 'Su', 'Mo', 'Tu', 'We', 'Th', 'Fr', and 'Sa'.
+ *
+ * In addition, the value 'Al' represents all 7 days, and 'Wk'
+ * represents the 5 weekdays.
+ *
+ * Times are given as HHMM-HHMM. The ending time may be before
+ * the starting time. Days are presumed to wrap at 0000.
+ */
+
+ if ('\0' == *cp) {
+ port.pt_times = 0;
+ return &port;
+ }
+
+ port.pt_times = ptimes;
+
+ /*
+ * Get the next comma separated entry
+ */
+
+ for (j = 0; ('\0' != *cp) && (j < PORT_TIMES); j++) {
+
+ /*
+ * Start off with no days of the week
+ */
+
+ port.pt_times[j].t_days = 0;
+
+ /*
+ * Check each two letter sequence to see if it is
+ * one of the abbreviations for the days of the
+ * week or the other two values.
+ */
+
+ for (i = 0;
+ ('\0' != cp[i]) && ('\0' != cp[i + 1]) && isalpha (cp[i]);
+ i += 2) {
+ switch ((cp[i] << 8) | (cp[i + 1])) {
+ case ('S' << 8) | 'u':
+ port.pt_times[j].t_days |= 01;
+ break;
+ case ('M' << 8) | 'o':
+ port.pt_times[j].t_days |= 02;
+ break;
+ case ('T' << 8) | 'u':
+ port.pt_times[j].t_days |= 04;
+ break;
+ case ('W' << 8) | 'e':
+ port.pt_times[j].t_days |= 010;
+ break;
+ case ('T' << 8) | 'h':
+ port.pt_times[j].t_days |= 020;
+ break;
+ case ('F' << 8) | 'r':
+ port.pt_times[j].t_days |= 040;
+ break;
+ case ('S' << 8) | 'a':
+ port.pt_times[j].t_days |= 0100;
+ break;
+ case ('W' << 8) | 'k':
+ port.pt_times[j].t_days |= 076;
+ break;
+ case ('A' << 8) | 'l':
+ port.pt_times[j].t_days |= 0177;
+ break;
+ default:
+ errno = EINVAL;
+ return 0;
+ }
+ }
+
+ /*
+ * The default is 'Al' if no days were seen.
+ */
+
+ if (0 == i) {
+ port.pt_times[j].t_days = 0177;
+ }
+
+ /*
+ * The start and end times are separated from each
+ * other by a '-'. The times are four digit numbers
+ * representing the times of day.
+ */
+
+ for (dtime = 0; ('\0' != cp[i]) && isdigit (cp[i]); i++) {
+ dtime = dtime * 10 + cp[i] - '0';
+ }
+
+ if (('-' != cp[i]) || (dtime > 2400) || ((dtime % 100) > 59)) {
+ goto again;
+ }
+ port.pt_times[j].t_start = dtime;
+ cp = cp + i + 1;
+
+ for (dtime = 0, i = 0;
+ ('\0' != cp[i]) && isdigit (cp[i]);
+ i++) {
+ dtime = dtime * 10 + cp[i] - '0';
+ }
+
+ if ( ((',' != cp[i]) && ('\0' != cp[i]))
+ || (dtime > 2400)
+ || ((dtime % 100) > 59)) {
+ goto again;
+ }
+
+ port.pt_times[j].t_end = dtime;
+ cp = cp + i + 1;
+ }
+
+ /*
+ * The end of the list is indicated by a pair of -1's for the
+ * start and end times.
+ */
+
+ port.pt_times[j].t_start = port.pt_times[j].t_end = -1;
+
+ return &port;
+}
+
+/*
+ * getttyuser - get ports information for user and tty
+ *
+ * getttyuser() searches the ports file for an entry with a TTY
+ * and user field both of which match the supplied TTY and
+ * user name. The file is searched from the beginning, so the
+ * entries are treated as an ordered list.
+ */
+
+static struct port *getttyuser (const char *tty, const char *user)
+{
+ int i, j;
+ struct port *port;
+
+ setportent ();
+
+ while ((port = getportent ()) != NULL) {
+ if ( (0 == port->pt_names)
+ || (0 == port->pt_users)) {
+ continue;
+ }
+
+ for (i = 0; NULL != port->pt_names[i]; i++) {
+ if (portcmp (port->pt_names[i], tty) == 0) {
+ break;
+ }
+ }
+
+ if (port->pt_names[i] == 0) {
+ continue;
+ }
+
+ for (j = 0; NULL != port->pt_users[j]; j++) {
+ if ( (strcmp (user, port->pt_users[j]) == 0)
+ || (strcmp (port->pt_users[j], "*") == 0)) {
+ break;
+ }
+ }
+
+ if (port->pt_users[j] != 0) {
+ break;
+ }
+ }
+ endportent ();
+ return port;
+}
+
+/*
+ * isttytime - tell if a given user may login at a particular time
+ *
+ * isttytime searches the ports file for an entry which matches
+ * the user name and TTY given.
+ */
+
+bool isttytime (const char *id, const char *port, time_t when)
+{
+ int i;
+ int dtime;
+ struct port *pp;
+ struct tm *tm;
+
+ /*
+ * Try to find a matching entry for this user. Default to
+ * letting the user in - there are plenty of ways to have an
+ * entry to match all users.
+ */
+
+ pp = getttyuser (port, id);
+ if (NULL == pp) {
+ return true;
+ }
+
+ /*
+ * The entry is there, but has no time entries - don't
+ * ever let them login.
+ */
+
+ if (0 == pp->pt_times) {
+ return false;
+ }
+
+ /*
+ * The current time is converted to HHMM format for
+ * comparison against the time values in the TTY entry.
+ */
+
+ tm = localtime (&when);
+ dtime = tm->tm_hour * 100 + tm->tm_min;
+
+ /*
+ * Each time entry is compared against the current
+ * time. For entries with the start after the end time,
+ * the comparison is made so that the time is between
+ * midnight and either the start or end time.
+ */
+
+ for (i = 0; pp->pt_times[i].t_start != -1; i++) {
+ if (!(pp->pt_times[i].t_days & PORT_DAY (tm->tm_wday))) {
+ continue;
+ }
+
+ if (pp->pt_times[i].t_start <= pp->pt_times[i].t_end) {
+ if ( (dtime >= pp->pt_times[i].t_start)
+ && (dtime <= pp->pt_times[i].t_end)) {
+ return true;
+ }
+ } else {
+ if ( (dtime >= pp->pt_times[i].t_start)
+ || (dtime <= pp->pt_times[i].t_end)) {
+ return true;
+ }
+ }
+ }
+
+ /*
+ * No matching time entry was found, user shouldn't
+ * be let in right now.
+ */
+
+ return false;
+}
+
diff --git a/lib/port.h b/lib/port.h
new file mode 100644
index 0000000..2da56b2
--- /dev/null
+++ b/lib/port.h
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 1989 - 1991, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * port.h - structure of /etc/porttime
+ *
+ * $Id$
+ *
+ * Each entry in /etc/porttime consists of a TTY device
+ * name or "*" to indicate all TTY devices, followed by
+ * a list of 1 or more user IDs or "*" to indicate all
+ * user names, followed by a list of zero or more valid
+ * login times. Login time entries consist of zero or
+ * more day names (Su, Mo, Tu, We, Th, Fr, Sa, Wk, Al)
+ * followed by a pair of time values in HHMM format
+ * separated by a "-".
+ */
+
+/*
+ * PORTS - Name of system port access time file.
+ * PORT_IDS - Allowable number of IDs per entry.
+ * PORT_TTY - Allowable number of TTYs per entry.
+ * PORT_TIMES - Allowable number of time entries per entry.
+ * PORT_DAY - Day of the week to a bit value (0 = Sunday).
+ */
+
+#define PORTS "/etc/porttime"
+#define PORT_IDS 64
+#define PORT_TTY 64
+#define PORT_TIMES 24
+#define PORT_DAY(day) (1<<(day))
+
+/*
+ * pt_names - pointer to array of device names in /dev/
+ * pt_users - pointer to array of applicable user IDs.
+ * pt_times - pointer to list of allowable time periods.
+ */
+
+struct port {
+ char **pt_names;
+ char **pt_users;
+ struct pt_time *pt_times;
+};
+
+/*
+ * t_days - bit array for each day of the week (0 = Sunday)
+ * t_start - starting time for this entry
+ * t_end - ending time for this entry
+ */
+
+struct pt_time {
+ short t_days;
+ short t_start;
+ short t_end;
+};
diff --git a/lib/prototypes.h b/lib/prototypes.h
new file mode 100644
index 0000000..4808d5d
--- /dev/null
+++ b/lib/prototypes.h
@@ -0,0 +1,440 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * prototypes.h
+ *
+ * prototypes of libmisc functions, and private lib functions.
+ *
+ * $Id$
+ *
+ */
+
+#ifndef _PROTOTYPES_H
+#define _PROTOTYPES_H
+
+#include <config.h>
+
+#include <sys/stat.h>
+#ifdef USE_UTMPX
+#include <utmpx.h>
+#else
+#include <utmp.h>
+#endif
+#include <sys/types.h>
+#include <pwd.h>
+#include <grp.h>
+#include <shadow.h>
+#include <lastlog.h>
+
+#include "defines.h"
+#include "commonio.h"
+
+extern /*@observer@*/ const char *Prog;
+
+/* addgrps.c */
+#if defined (HAVE_SETGROUPS) && ! defined (USE_PAM)
+extern int add_groups (const char *);
+#endif
+
+/* age.c */
+extern void agecheck (/*@null@*/const struct spwd *);
+extern int expire (const struct passwd *, /*@null@*/const struct spwd *);
+/* isexpired.c */
+extern int isexpired (const struct passwd *, /*@null@*/const struct spwd *);
+
+/* basename() renamed to Basename() to avoid libc name space confusion */
+/* basename.c */
+extern /*@observer@*/const char *Basename (const char *str);
+
+/* chowndir.c */
+extern int chown_tree (const char *root,
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid);
+
+/* chowntty.c */
+extern void chown_tty (const struct passwd *);
+
+/* cleanup.c */
+typedef /*@null@*/void (*cleanup_function) (/*@null@*/void *arg);
+void add_cleanup (/*@notnull@*/cleanup_function pcf, /*@null@*/void *arg);
+void del_cleanup (/*@notnull@*/cleanup_function pcf);
+void do_cleanups (void);
+
+/* cleanup_group.c */
+struct cleanup_info_mod {
+ char *audit_msg;
+ char *action;
+ /*@observer@*/const char *name;
+};
+void cleanup_report_add_group (void *group_name);
+void cleanup_report_add_group_group (void *group_name);
+#ifdef SHADOWGRP
+void cleanup_report_add_group_gshadow (void *group_name);
+#endif
+void cleanup_report_del_group (void *group_name);
+void cleanup_report_del_group_group (void *group_name);
+#ifdef SHADOWGRP
+void cleanup_report_del_group_gshadow (void *group_name);
+#endif
+void cleanup_report_mod_passwd (void *cleanup_info);
+void cleanup_report_mod_group (void *cleanup_info);
+void cleanup_report_mod_gshadow (void *cleanup_info);
+void cleanup_unlock_group (/*@null@*/void *unused);
+#ifdef SHADOWGRP
+void cleanup_unlock_gshadow (/*@null@*/void *unused);
+#endif
+void cleanup_unlock_passwd (/*@null@*/void *unused);
+
+/* console.c */
+extern bool console (const char *);
+
+/* copydir.c */
+extern int copy_tree (const char *src_root, const char *dst_root,
+ bool copy_root,
+ bool reset_selinux,
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid);
+
+/* encrypt.c */
+extern /*@exposed@*//*@null@*/char *pw_encrypt (const char *, const char *);
+
+/* entry.c */
+extern void pw_entry (const char *, struct passwd *);
+
+/* env.c */
+extern void addenv (const char *, /*@null@*/const char *);
+extern void initenv (void);
+extern void set_env (int, char *const *);
+extern void sanitize_env (void);
+
+/* fields.c */
+extern void change_field (char *, size_t, const char *);
+extern int valid_field (const char *, const char *);
+
+/* find_new_gid.c */
+extern int find_new_gid (bool sys_group,
+ gid_t *gid,
+ /*@null@*/gid_t const *preferred_gid);
+
+/* find_new_uid.c */
+extern int find_new_uid (bool sys_user,
+ uid_t *uid,
+ /*@null@*/uid_t const *preferred_uid);
+
+#ifdef ENABLE_SUBIDS
+/* find_new_sub_gids.c */
+extern int find_new_sub_gids (const char *owner,
+ gid_t *range_start, unsigned long *range_count);
+
+/* find_new_sub_uids.c */
+extern int find_new_sub_uids (const char *owner,
+ uid_t *range_start, unsigned long *range_count);
+#endif /* ENABLE_SUBIDS */
+
+
+/* get_gid.c */
+extern int get_gid (const char *gidstr, gid_t *gid);
+
+/* getgr_nam_gid.c */
+extern /*@only@*//*@null@*/struct group *getgr_nam_gid (/*@null@*/const char *grname);
+
+/* getlong.c */
+extern int getlong (const char *numstr, /*@out@*/long int *result);
+
+/* get_pid.c */
+extern int get_pid (const char *pidstr, pid_t *pid);
+
+/* getrange */
+extern int getrange (char *range,
+ unsigned long *min, bool *has_min,
+ unsigned long *max, bool *has_max);
+
+/* gettime.c */
+extern time_t gettime ();
+
+/* get_uid.c */
+extern int get_uid (const char *uidstr, uid_t *uid);
+
+/* getulong.c */
+extern int getulong (const char *numstr, /*@out@*/unsigned long int *result);
+
+/* fputsx.c */
+extern /*@null@*/char *fgetsx (/*@returned@*/ /*@out@*/char *, int, FILE *);
+extern int fputsx (const char *, FILE *);
+
+/* groupio.c */
+extern void __gr_del_entry (const struct commonio_entry *ent);
+extern /*@observer@*/const struct commonio_db *__gr_get_db (void);
+extern /*@dependent@*/ /*@null@*/struct commonio_entry *__gr_get_head (void);
+extern void __gr_set_changed (void);
+
+/* groupmem.c */
+extern /*@null@*/ /*@only@*/struct group *__gr_dup (const struct group *grent);
+extern void gr_free (/*@out@*/ /*@only@*/struct group *grent);
+
+/* hushed.c */
+extern bool hushed (const char *username);
+
+/* audit_help.c */
+#ifdef WITH_AUDIT
+extern int audit_fd;
+extern void audit_help_open (void);
+/* Use AUDIT_NO_ID when a name is provided to audit_logger instead of an ID */
+#define AUDIT_NO_ID ((unsigned int) -1)
+typedef enum {
+ SHADOW_AUDIT_FAILURE = 0,
+ SHADOW_AUDIT_SUCCESS = 1} shadow_audit_result;
+extern void audit_logger (int type, const char *pgname, const char *op,
+ const char *name, unsigned int id,
+ shadow_audit_result result);
+void audit_logger_message (const char *message, shadow_audit_result result);
+#endif
+
+/* limits.c */
+#ifndef USE_PAM
+extern void setup_limits (const struct passwd *);
+#endif
+
+/* list.c */
+extern /*@only@*/ /*@out@*/char **add_list (/*@returned@*/ /*@only@*/char **, const char *);
+extern /*@only@*/ /*@out@*/char **del_list (/*@returned@*/ /*@only@*/char **, const char *);
+extern /*@only@*/ /*@out@*/char **dup_list (char *const *);
+extern bool is_on_list (char *const *list, const char *member);
+extern /*@only@*/char **comma_to_list (const char *);
+
+/* log.c */
+extern void dolastlog (
+ struct lastlog *ll,
+ const struct passwd *pw,
+ /*@unique@*/const char *line,
+ /*@unique@*/const char *host);
+
+/* login_nopam.c */
+extern int login_access (const char *user, const char *from);
+
+/* loginprompt.c */
+extern void login_prompt (const char *, char *, int);
+
+/* mail.c */
+extern void mailcheck (void);
+
+/* motd.c */
+extern void motd (void);
+
+/* myname.c */
+extern /*@null@*//*@only@*/struct passwd *get_my_pwent (void);
+
+/* pam_pass_non_interractive.c */
+#ifdef USE_PAM
+extern int do_pam_passwd_non_interractive (const char *pam_service,
+ const char *username,
+ const char* password);
+#endif /* USE_PAM */
+
+/* obscure.c */
+#ifndef USE_PAM
+extern bool obscure (const char *, const char *, const struct passwd *);
+#endif
+
+/* pam_pass.c */
+#ifdef USE_PAM
+extern void do_pam_passwd (const char *user, bool silent, bool change_expired);
+#endif
+
+/* port.c */
+extern bool isttytime (const char *, const char *, time_t);
+
+/* pwd2spwd.c */
+#ifndef USE_PAM
+extern struct spwd *pwd_to_spwd (const struct passwd *);
+#endif
+
+/* pwdcheck.c */
+#ifndef USE_PAM
+extern void passwd_check (const char *, const char *, const char *);
+#endif
+
+/* pwd_init.c */
+extern void pwd_init (void);
+
+/* pwio.c */
+extern void __pw_del_entry (const struct commonio_entry *ent);
+extern struct commonio_db *__pw_get_db (void);
+extern /*@dependent@*/ /*@null@*/struct commonio_entry *__pw_get_head (void);
+
+/* pwmem.c */
+extern /*@null@*/ /*@only@*/struct passwd *__pw_dup (const struct passwd *pwent);
+extern void pw_free (/*@out@*/ /*@only@*/struct passwd *pwent);
+
+/* remove_tree.c */
+extern int remove_tree (const char *root, bool remove_root);
+
+/* rlogin.c */
+extern int do_rlogin (const char *remote_host, char *name, size_t namelen,
+ char *term, size_t termlen);
+
+/* root_flag.c */
+extern void process_root_flag (const char* short_opt, int argc, char **argv);
+
+/* salt.c */
+extern /*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const char *meth, /*@null@*/void *arg);
+
+/* selinux.c */
+#ifdef WITH_SELINUX
+extern int set_selinux_file_context (const char *dst_name);
+extern int reset_selinux_file_context (void);
+#endif
+
+/* semanage.c */
+#ifdef WITH_SELINUX
+extern int set_seuser(const char *login_name, const char *seuser_name);
+extern int del_seuser(const char *login_name);
+#endif
+
+/* setugid.c */
+extern int setup_groups (const struct passwd *info);
+extern int change_uid (const struct passwd *info);
+#if (defined HAVE_INITGROUPS) && (! defined USE_PAM)
+extern int setup_uid_gid (const struct passwd *info, bool is_console);
+#else
+extern int setup_uid_gid (const struct passwd *info);
+#endif
+
+/* setup.c */
+extern void setup (struct passwd *);
+
+/* setupenv.c */
+extern void setup_env (struct passwd *);
+
+/* sgetgrent.c */
+extern struct group *sgetgrent (const char *buf);
+
+/* sgetpwent.c */
+extern struct passwd *sgetpwent (const char *buf);
+
+/* sgetspent.c */
+#ifndef HAVE_SGETSPENT
+extern struct spwd *sgetspent (const char *string);
+#endif
+
+/* sgroupio.c */
+extern void __sgr_del_entry (const struct commonio_entry *ent);
+extern /*@null@*/ /*@only@*/struct sgrp *__sgr_dup (const struct sgrp *sgent);
+extern void sgr_free (/*@out@*/ /*@only@*/struct sgrp *sgent);
+extern /*@dependent@*/ /*@null@*/struct commonio_entry *__sgr_get_head (void);
+extern void __sgr_set_changed (void);
+
+/* shadowio.c */
+extern /*@dependent@*/ /*@null@*/struct commonio_entry *__spw_get_head (void);
+extern void __spw_del_entry (const struct commonio_entry *ent);
+
+/* shadowmem.c */
+extern /*@null@*/ /*@only@*/struct spwd *__spw_dup (const struct spwd *spent);
+extern void spw_free (/*@out@*/ /*@only@*/struct spwd *spent);
+
+/* shell.c */
+extern int shell (const char *file, /*@null@*/const char *arg, char *const envp[]);
+
+/* spawn.c */
+extern int run_command (const char *cmd, const char *argv[],
+ /*@null@*/const char *envp[], /*@out@*/int *status);
+
+/* strtoday.c */
+extern long strtoday (const char *);
+
+/* suauth.c */
+extern int check_su_auth (const char *actual_id,
+ const char *wanted_id,
+ bool su_to_root);
+
+/* sulog.c */
+extern void sulog (const char *tty,
+ bool success,
+ const char *oldname,
+ const char *name);
+
+/* sub.c */
+extern void subsystem (const struct passwd *);
+
+/* ttytype.c */
+extern void ttytype (const char *);
+
+/* tz.c */
+#ifndef USE_PAM
+extern /*@observer@*/const char *tz (const char *);
+#endif
+
+/* ulimit.c */
+extern int set_filesize_limit (int blocks);
+
+/* user_busy.c */
+extern int user_busy (const char *name, uid_t uid);
+
+/* utmp.c */
+extern /*@null@*/struct utmp *get_current_utmp (void);
+extern struct utmp *prepare_utmp (const char *name,
+ const char *line,
+ const char *host,
+ /*@null@*/const struct utmp *ut);
+extern int setutmp (struct utmp *ut);
+#ifdef USE_UTMPX
+extern struct utmpx *prepare_utmpx (const char *name,
+ const char *line,
+ const char *host,
+ /*@null@*/const struct utmp *ut);
+extern int setutmpx (struct utmpx *utx);
+#endif /* USE_UTMPX */
+
+/* valid.c */
+extern bool valid (const char *, const struct passwd *);
+
+/* xmalloc.c */
+extern /*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/char *xmalloc (size_t size)
+ /*@ensures MaxSet(result) == (size - 1); @*/;
+extern /*@maynotreturn@*/ /*@only@*//*@notnull@*/char *xstrdup (const char *);
+
+/* xgetpwnam.c */
+extern /*@null@*/ /*@only@*/struct passwd *xgetpwnam (const char *);
+/* xgetpwuid.c */
+extern /*@null@*/ /*@only@*/struct passwd *xgetpwuid (uid_t);
+/* xgetgrnam.c */
+extern /*@null@*/ /*@only@*/struct group *xgetgrnam (const char *);
+/* xgetgrgid.c */
+extern /*@null@*/ /*@only@*/struct group *xgetgrgid (gid_t);
+/* xgetspnam.c */
+extern /*@null@*/ /*@only@*/struct spwd *xgetspnam(const char *);
+
+/* yesno.c */
+extern bool yes_or_no (bool read_only);
+
+#endif /* _PROTOTYPES_H */
diff --git a/lib/pwauth.c b/lib/pwauth.c
new file mode 100644
index 0000000..9e24fbf
--- /dev/null
+++ b/lib/pwauth.c
@@ -0,0 +1,234 @@
+/*
+ * Copyright (c) 1992 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifndef USE_PAM
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "pwauth.h"
+#include "getdef.h"
+#ifdef SKEY
+#include <skey.h>
+#endif
+#ifdef __linux__ /* standard password prompt by default */
+static const char *PROMPT = gettext_noop ("Password: ");
+#else
+static const char *PROMPT = gettext_noop ("%s's Password: ");
+#endif
+
+bool wipe_clear_pass = true;
+/*@null@*/char *clear_pass = NULL;
+
+/*
+ * pw_auth - perform getpass/crypt authentication
+ *
+ * pw_auth gets the user's cleartext password and encrypts it
+ * using the salt in the encrypted password. The results are
+ * compared.
+ */
+
+int pw_auth (const char *cipher,
+ const char *user,
+ int reason,
+ /*@null@*/const char *input)
+{
+ char prompt[1024];
+ char *clear = NULL;
+ const char *cp;
+ const char *encrypted;
+ int retval;
+
+#ifdef SKEY
+ bool use_skey = false;
+ char challenge_info[40];
+ struct skey skey;
+#endif
+
+ /*
+ * There are programs for adding and deleting authentication data.
+ */
+
+ if ((PW_ADD == reason) || (PW_DELETE == reason)) {
+ return 0;
+ }
+
+ /*
+ * There are even programs for changing the user name ...
+ */
+
+ if ((PW_CHANGE == reason) && (NULL != input)) {
+ return 0;
+ }
+
+ /*
+ * WARNING:
+ *
+ * When we change a password and we are root, we don't prompt.
+ * This is so root can change any password without having to
+ * know it. This is a policy decision that might have to be
+ * revisited.
+ */
+
+ if ((PW_CHANGE == reason) && (getuid () == 0)) {
+ return 0;
+ }
+
+ /*
+ * WARNING:
+ *
+ * When we are logging in a user with no ciphertext password,
+ * we don't prompt for the password or anything. In reality
+ * the user could just hit <ENTER>, so it doesn't really
+ * matter.
+ */
+
+ if ((NULL == cipher) || ('\0' == *cipher)) {
+ return 0;
+ }
+
+#ifdef SKEY
+ /*
+ * If the user has an S/KEY entry show them the pertinent info
+ * and then we can try validating the created cyphertext and the SKEY.
+ * If there is no SKEY information we default to not using SKEY.
+ */
+
+# ifdef SKEY_BSD_STYLE
+ /*
+ * Some BSD updates to the S/KEY API adds a fourth parameter; the
+ * sizeof of the challenge info buffer.
+ */
+# define skeychallenge(s,u,c) skeychallenge(s,u,c,sizeof(c))
+# endif
+
+ if (skeychallenge (&skey, user, challenge_info) == 0) {
+ use_skey = true;
+ }
+#endif
+
+ /*
+ * Prompt for the password as required. FTPD and REXECD both
+ * get the cleartext password for us.
+ */
+
+ if ((PW_FTP != reason) && (PW_REXEC != reason) && (NULL == input)) {
+ cp = getdef_str ("LOGIN_STRING");
+ if (NULL == cp) {
+ cp = _(PROMPT);
+ }
+#ifdef SKEY
+ if (use_skey) {
+ printf ("[%s]\n", challenge_info);
+ }
+#endif
+
+ snprintf (prompt, sizeof prompt, cp, user);
+ clear = getpass (prompt);
+ if (NULL == clear) {
+ static char c[1];
+
+ c[0] = '\0';
+ clear = c;
+ }
+ input = clear;
+ }
+
+ /*
+ * Convert the cleartext password into a ciphertext string.
+ * If the two match, the return value will be zero, which is
+ * SUCCESS. Otherwise we see if SKEY is being used and check
+ * the results there as well.
+ */
+
+ encrypted = pw_encrypt (input, cipher);
+ if (NULL != encrypted) {
+ retval = strcmp (encrypted, cipher);
+ } else {
+ retval = -1;
+ }
+
+#ifdef SKEY
+ /*
+ * If (1) The password fails to match, and
+ * (2) The password is empty and
+ * (3) We are using OPIE or S/Key, then
+ * ...Re-prompt, with echo on.
+ * -- AR 8/22/1999
+ */
+ if ((0 != retval) && ('\0' == input[0]) && use_skey) {
+ clear = getpass (prompt);
+ if (NULL == clear) {
+ static char c[1];
+
+ c[0] = '\0';
+ clear = c;
+ }
+ input = clear;
+ }
+
+ if ((0 != retval) && use_skey) {
+ int passcheck = -1;
+
+ if (skeyverify (&skey, input) == 0) {
+ passcheck = skey.n;
+ }
+ if (passcheck > 0) {
+ retval = 0;
+ }
+ }
+#endif
+
+ /*
+ * Things like RADIUS authentication may need the password -
+ * if the external variable wipe_clear_pass is zero, we will
+ * not wipe it (the caller should wipe clear_pass when it is
+ * no longer needed). --marekm
+ */
+
+ clear_pass = clear;
+ if (wipe_clear_pass && (NULL != clear) && ('\0' != *clear)) {
+ strzero (clear);
+ }
+ return retval;
+}
+#else /* !USE_PAM */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !USE_PAM */
diff --git a/lib/pwauth.h b/lib/pwauth.h
new file mode 100644
index 0000000..d6c71dd
--- /dev/null
+++ b/lib/pwauth.h
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 1992 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2009 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * $Id$
+ */
+
+#ifndef USE_PAM
+int pw_auth (const char *cipher,
+ const char *user,
+ int flag,
+ /*@null@*/const char *input);
+#endif /* !USE_PAM */
+
+/*
+ * Local access
+ */
+
+#define PW_SU 1
+#define PW_LOGIN 2
+
+/*
+ * Administrative functions
+ */
+
+#define PW_ADD 101
+#define PW_CHANGE 102
+#define PW_DELETE 103
+
+/*
+ * Network access
+ */
+
+#define PW_TELNET 201
+#define PW_RLOGIN 202
+#define PW_FTP 203
+#define PW_REXEC 204
diff --git a/lib/pwio.c b/lib/pwio.c
new file mode 100644
index 0000000..7ee8537
--- /dev/null
+++ b/lib/pwio.c
@@ -0,0 +1,226 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 , Michał Moskal
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include <stdio.h>
+#include "commonio.h"
+#include "pwio.h"
+
+static /*@null@*/ /*@only@*/void *passwd_dup (const void *ent)
+{
+ const struct passwd *pw = ent;
+
+ return __pw_dup (pw);
+}
+
+static void passwd_free (/*@out@*/ /*@only@*/void *ent)
+{
+ struct passwd *pw = ent;
+
+ pw_free (pw);
+}
+
+static const char *passwd_getname (const void *ent)
+{
+ const struct passwd *pw = ent;
+
+ return pw->pw_name;
+}
+
+static void *passwd_parse (const char *line)
+{
+ return (void *) sgetpwent (line);
+}
+
+static int passwd_put (const void *ent, FILE * file)
+{
+ const struct passwd *pw = ent;
+
+ if ( (NULL == pw)
+ || (valid_field (pw->pw_name, ":\n") == -1)
+ || (valid_field (pw->pw_passwd, ":\n") == -1)
+ || (pw->pw_uid == (uid_t)-1)
+ || (pw->pw_gid == (gid_t)-1)
+ || (valid_field (pw->pw_gecos, ":\n") == -1)
+ || (valid_field (pw->pw_dir, ":\n") == -1)
+ || (valid_field (pw->pw_shell, ":\n") == -1)) {
+ return -1;
+ }
+
+ return (putpwent (pw, file) == -1) ? -1 : 0;
+}
+
+static struct commonio_ops passwd_ops = {
+ passwd_dup,
+ passwd_free,
+ passwd_getname,
+ passwd_parse,
+ passwd_put,
+ fgets,
+ fputs,
+ NULL, /* open_hook */
+ NULL /* close_hook */
+};
+
+static struct commonio_db passwd_db = {
+ PASSWD_FILE, /* filename */
+ &passwd_ops, /* ops */
+ NULL, /* fp */
+#ifdef WITH_SELINUX
+ NULL, /* scontext */
+#endif
+ 0644, /* st_mode */
+ 0, /* st_uid */
+ 0, /* st_gid */
+ NULL, /* head */
+ NULL, /* tail */
+ NULL, /* cursor */
+ false, /* changed */
+ false, /* isopen */
+ false, /* locked */
+ false /* readonly */
+};
+
+int pw_setdbname (const char *filename)
+{
+ return commonio_setname (&passwd_db, filename);
+}
+
+/*@observer@*/const char *pw_dbname (void)
+{
+ return passwd_db.filename;
+}
+
+int pw_lock (void)
+{
+ return commonio_lock (&passwd_db);
+}
+
+int pw_open (int mode)
+{
+ return commonio_open (&passwd_db, mode);
+}
+
+/*@observer@*/ /*@null@*/const struct passwd *pw_locate (const char *name)
+{
+ return commonio_locate (&passwd_db, name);
+}
+
+/*@observer@*/ /*@null@*/const struct passwd *pw_locate_uid (uid_t uid)
+{
+ const struct passwd *pwd;
+
+ pw_rewind ();
+ while ( ((pwd = pw_next ()) != NULL)
+ && (pwd->pw_uid != uid)) {
+ }
+
+ return pwd;
+}
+
+int pw_update (const struct passwd *pw)
+{
+ return commonio_update (&passwd_db, (const void *) pw);
+}
+
+int pw_remove (const char *name)
+{
+ return commonio_remove (&passwd_db, name);
+}
+
+int pw_rewind (void)
+{
+ return commonio_rewind (&passwd_db);
+}
+
+/*@observer@*/ /*@null@*/const struct passwd *pw_next (void)
+{
+ return commonio_next (&passwd_db);
+}
+
+int pw_close (void)
+{
+ return commonio_close (&passwd_db);
+}
+
+int pw_unlock (void)
+{
+ return commonio_unlock (&passwd_db);
+}
+
+/*@null@*/struct commonio_entry *__pw_get_head (void)
+{
+ return passwd_db.head;
+}
+
+void __pw_del_entry (const struct commonio_entry *ent)
+{
+ commonio_del_entry (&passwd_db, ent);
+}
+
+struct commonio_db *__pw_get_db (void)
+{
+ return &passwd_db;
+}
+
+static int pw_cmp (const void *p1, const void *p2)
+{
+ uid_t u1, u2;
+
+ if ((*(struct commonio_entry **) p1)->eptr == NULL)
+ return 1;
+ if ((*(struct commonio_entry **) p2)->eptr == NULL)
+ return -1;
+
+ u1 = ((struct passwd *) (*(struct commonio_entry **) p1)->eptr)->pw_uid;
+ u2 = ((struct passwd *) (*(struct commonio_entry **) p2)->eptr)->pw_uid;
+
+ if (u1 < u2)
+ return -1;
+ else if (u1 > u2)
+ return 1;
+ else
+ return 0;
+}
+
+/* Sort entries by UID */
+int pw_sort ()
+{
+ return commonio_sort (&passwd_db, pw_cmp);
+}
diff --git a/lib/pwio.h b/lib/pwio.h
new file mode 100644
index 0000000..2db85e0
--- /dev/null
+++ b/lib/pwio.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2005 , Michał Moskal
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef _PWIO_H
+#define _PWIO_H
+
+#include <sys/types.h>
+#include <pwd.h>
+
+extern int pw_close (void);
+extern /*@observer@*/ /*@null@*/const struct passwd *pw_locate (const char *name);
+extern /*@observer@*/ /*@null@*/const struct passwd *pw_locate_uid (uid_t uid);
+extern int pw_lock (void);
+extern int pw_setdbname (const char *filename);
+extern /*@observer@*/const char *pw_dbname (void);
+extern /*@observer@*/ /*@null@*/const struct passwd *pw_next (void);
+extern int pw_open (int mode);
+extern int pw_remove (const char *name);
+extern int pw_rewind (void);
+extern int pw_unlock (void);
+extern int pw_update (const struct passwd *pw);
+extern int pw_sort (void);
+
+#endif
diff --git a/lib/pwmem.c b/lib/pwmem.c
new file mode 100644
index 0000000..17d2eb2
--- /dev/null
+++ b/lib/pwmem.c
@@ -0,0 +1,106 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 , Michał Moskal
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2013, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "pwio.h"
+
+/*@null@*/ /*@only@*/struct passwd *__pw_dup (const struct passwd *pwent)
+{
+ struct passwd *pw;
+
+ pw = (struct passwd *) malloc (sizeof *pw);
+ if (NULL == pw) {
+ return NULL;
+ }
+ /* The libc might define other fields. They won't be copied. */
+ memset (pw, 0, sizeof *pw);
+ pw->pw_uid = pwent->pw_uid;
+ pw->pw_gid = pwent->pw_gid;
+ /*@-mustfreeonly@*/
+ pw->pw_name = strdup (pwent->pw_name);
+ /*@=mustfreeonly@*/
+ if (NULL == pw->pw_name) {
+ pw_free(pw);
+ return NULL;
+ }
+ /*@-mustfreeonly@*/
+ pw->pw_passwd = strdup (pwent->pw_passwd);
+ /*@=mustfreeonly@*/
+ if (NULL == pw->pw_passwd) {
+ pw_free(pw);
+ return NULL;
+ }
+ /*@-mustfreeonly@*/
+ pw->pw_gecos = strdup (pwent->pw_gecos);
+ /*@=mustfreeonly@*/
+ if (NULL == pw->pw_gecos) {
+ pw_free(pw);
+ return NULL;
+ }
+ /*@-mustfreeonly@*/
+ pw->pw_dir = strdup (pwent->pw_dir);
+ /*@=mustfreeonly@*/
+ if (NULL == pw->pw_dir) {
+ pw_free(pw);
+ return NULL;
+ }
+ /*@-mustfreeonly@*/
+ pw->pw_shell = strdup (pwent->pw_shell);
+ /*@=mustfreeonly@*/
+ if (NULL == pw->pw_shell) {
+ pw_free(pw);
+ return NULL;
+ }
+
+ return pw;
+}
+
+void pw_free (/*@out@*/ /*@only@*/struct passwd *pwent)
+{
+ free (pwent->pw_name);
+ if (pwent->pw_passwd) {
+ memzero (pwent->pw_passwd, strlen (pwent->pw_passwd));
+ free (pwent->pw_passwd);
+ }
+ free (pwent->pw_gecos);
+ free (pwent->pw_dir);
+ free (pwent->pw_shell);
+ free (pwent);
+}
+
diff --git a/lib/selinux.c b/lib/selinux.c
new file mode 100644
index 0000000..d751329
--- /dev/null
+++ b/lib/selinux.c
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 2011 , Peter Vrabec <pvrabec@redhat.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef WITH_SELINUX
+
+#include "defines.h"
+
+#include <selinux/selinux.h>
+#include "prototypes.h"
+
+
+static bool selinux_checked = false;
+static bool selinux_enabled;
+
+/*
+ * set_selinux_file_context - Set the security context before any file or
+ * directory creation.
+ *
+ * set_selinux_file_context () should be called before any creation
+ * of file, symlink, directory, ...
+ *
+ * Callers may have to Reset SELinux to create files with default
+ * contexts with reset_selinux_file_context
+ */
+int set_selinux_file_context (const char *dst_name)
+{
+ /*@null@*/security_context_t scontext = NULL;
+
+ if (!selinux_checked) {
+ selinux_enabled = is_selinux_enabled () > 0;
+ selinux_checked = true;
+ }
+
+ if (selinux_enabled) {
+ /* Get the default security context for this file */
+ if (matchpathcon (dst_name, 0, &scontext) < 0) {
+ if (security_getenforce () != 0) {
+ return 1;
+ }
+ }
+ /* Set the security context for the next created file */
+ if (setfscreatecon (scontext) < 0) {
+ if (security_getenforce () != 0) {
+ return 1;
+ }
+ }
+ freecon (scontext);
+ }
+ return 0;
+}
+
+/*
+ * reset_selinux_file_context - Reset the security context to the default
+ * policy behavior
+ *
+ * reset_selinux_file_context () should be called after the context
+ * was changed with set_selinux_file_context ()
+ */
+int reset_selinux_file_context (void)
+{
+ if (!selinux_checked) {
+ selinux_enabled = is_selinux_enabled () > 0;
+ selinux_checked = true;
+ }
+ if (selinux_enabled) {
+ if (setfscreatecon (NULL) != 0) {
+ return 1;
+ }
+ }
+ return 0;
+}
+
+#else /* !WITH_SELINUX */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !WITH_SELINUX */
diff --git a/lib/semanage.c b/lib/semanage.c
new file mode 100644
index 0000000..e983f5f
--- /dev/null
+++ b/lib/semanage.c
@@ -0,0 +1,378 @@
+/*
+ * Copyright (c) 2010 , Jakub Hrozek <jhrozek@redhat.com>
+ * Copyright (c) 2011 , Peter Vrabec <pvrabec@redhat.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef WITH_SELINUX
+
+#include "defines.h"
+
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE
+#endif
+#include <stdio.h>
+#include <stdarg.h>
+#include <selinux/selinux.h>
+#include <semanage/semanage.h>
+#include "prototypes.h"
+
+
+#ifndef DEFAULT_SERANGE
+#define DEFAULT_SERANGE "s0"
+#endif
+
+
+static void semanage_error_callback (unused void *varg,
+ semanage_handle_t *handle,
+ const char *fmt, ...)
+{
+ int ret;
+ char * message = NULL;
+ va_list ap;
+
+
+ va_start (ap, fmt);
+ ret = vasprintf (&message, fmt, ap);
+ va_end (ap);
+ if (ret < 0) {
+ /* ENOMEM */
+ return;
+ }
+
+ switch (semanage_msg_get_level (handle)) {
+ case SEMANAGE_MSG_ERR:
+ case SEMANAGE_MSG_WARN:
+ fprintf (stderr, _("[libsemanage]: %s\n"), message);
+ break;
+ case SEMANAGE_MSG_INFO:
+ /* nop */
+ break;
+ }
+
+ free (message);
+}
+
+
+static semanage_handle_t *semanage_init (void)
+{
+ int ret;
+ semanage_handle_t *handle = NULL;
+
+ handle = semanage_handle_create ();
+ if (NULL == handle) {
+ fprintf (stderr,
+ _("Cannot create SELinux management handle\n"));
+ return NULL;
+ }
+
+ semanage_msg_set_callback (handle, semanage_error_callback, NULL);
+
+ ret = semanage_is_managed (handle);
+ if (ret != 1) {
+ fprintf (stderr, _("SELinux policy not managed\n"));
+ goto fail;
+ }
+
+ ret = semanage_access_check (handle);
+ if (ret < SEMANAGE_CAN_READ) {
+ fprintf (stderr, _("Cannot read SELinux policy store\n"));
+ goto fail;
+ }
+
+ ret = semanage_connect (handle);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Cannot establish SELinux management connection\n"));
+ goto fail;
+ }
+
+ ret = semanage_begin_transaction (handle);
+ if (ret != 0) {
+ fprintf (stderr, _("Cannot begin SELinux transaction\n"));
+ goto fail;
+ }
+
+ return handle;
+
+fail:
+ semanage_handle_destroy (handle);
+ return NULL;
+}
+
+
+static int semanage_user_mod (semanage_handle_t *handle,
+ semanage_seuser_key_t *key,
+ const char *login_name,
+ const char *seuser_name)
+{
+ int ret;
+ semanage_seuser_t *seuser = NULL;
+
+ semanage_seuser_query (handle, key, &seuser);
+ if (NULL == seuser) {
+ fprintf (stderr,
+ _("Could not query seuser for %s\n"), login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not set serange for %s\n"), login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not set sename for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_modify_local (handle, key, seuser);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not modify login mapping for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = 0;
+done:
+ semanage_seuser_free (seuser);
+ return ret;
+}
+
+
+static int semanage_user_add (semanage_handle_t *handle,
+ semanage_seuser_key_t *key,
+ const char *login_name,
+ const char *seuser_name)
+{
+ int ret;
+ semanage_seuser_t *seuser = NULL;
+
+ ret = semanage_seuser_create (handle, &seuser);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Cannot create SELinux login mapping for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_set_name (handle, seuser, login_name);
+ if (ret != 0) {
+ fprintf (stderr, _("Could not set name for %s\n"), login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not set serange for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not set SELinux user for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_modify_local (handle, key, seuser);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not add login mapping for %s\n"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = 0;
+done:
+ semanage_seuser_free (seuser);
+ return ret;
+}
+
+
+int set_seuser (const char *login_name, const char *seuser_name)
+{
+ semanage_handle_t *handle = NULL;
+ semanage_seuser_key_t *key = NULL;
+ int ret;
+ int seuser_exists = 0;
+
+ if (NULL == seuser_name) {
+ /* don't care, just let system pick the defaults */
+ return 0;
+ }
+
+ handle = semanage_init ();
+ if (NULL == handle) {
+ fprintf (stderr, _("Cannot init SELinux management\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_key_create (handle, login_name, &key);
+ if (ret != 0) {
+ fprintf (stderr, _("Cannot create SELinux user key\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_exists (handle, key, &seuser_exists);
+ if (ret < 0) {
+ fprintf (stderr, _("Cannot verify the SELinux user\n"));
+ ret = 1;
+ goto done;
+ }
+
+ if (0 != seuser_exists) {
+ ret = semanage_user_mod (handle, key, login_name, seuser_name);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Cannot modify SELinux user mapping\n"));
+ ret = 1;
+ goto done;
+ }
+ } else {
+ ret = semanage_user_add (handle, key, login_name, seuser_name);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Cannot add SELinux user mapping\n"));
+ ret = 1;
+ goto done;
+ }
+ }
+
+ ret = semanage_commit (handle);
+ if (ret < 0) {
+ fprintf (stderr, _("Cannot commit SELinux transaction\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = 0;
+
+done:
+ semanage_seuser_key_free (key);
+ semanage_handle_destroy (handle);
+ return ret;
+}
+
+
+int del_seuser (const char *login_name)
+{
+ semanage_handle_t *handle = NULL;
+ semanage_seuser_key_t *key = NULL;
+ int ret;
+ int exists = 0;
+
+ handle = semanage_init ();
+ if (NULL == handle) {
+ fprintf (stderr, _("Cannot init SELinux management\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_key_create (handle, login_name, &key);
+ if (ret != 0) {
+ fprintf (stderr, _("Cannot create SELinux user key\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_seuser_exists (handle, key, &exists);
+ if (ret < 0) {
+ fprintf (stderr, _("Cannot verify the SELinux user\n"));
+ ret = 1;
+ goto done;
+ }
+
+ if (0 == exists) {
+ fprintf (stderr,
+ _("Login mapping for %s is not defined, OK if default mapping was used\n"),
+ login_name);
+ ret = 0; /* probably default mapping */
+ goto done;
+ }
+
+ ret = semanage_seuser_exists_local (handle, key, &exists);
+ if (ret < 0) {
+ fprintf (stderr, _("Cannot verify the SELinux user\n"));
+ ret = 1;
+ goto done;
+ }
+
+ if (0 == exists) {
+ fprintf (stderr,
+ _("Login mapping for %s is defined in policy, cannot be deleted\n"),
+ login_name);
+ ret = 0; /* Login mapping defined in policy can't be deleted */
+ goto done;
+ }
+
+ ret = semanage_seuser_del_local (handle, key);
+ if (ret != 0) {
+ fprintf (stderr,
+ _("Could not delete login mapping for %s"),
+ login_name);
+ ret = 1;
+ goto done;
+ }
+
+ ret = semanage_commit (handle);
+ if (ret < 0) {
+ fprintf (stderr, _("Cannot commit SELinux transaction\n"));
+ ret = 1;
+ goto done;
+ }
+
+ ret = 0;
+done:
+ semanage_handle_destroy (handle);
+ return ret;
+}
+#else /* !WITH_SELINUX */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !WITH_SELINUX */
diff --git a/lib/sgetgrent.c b/lib/sgetgrent.c
new file mode 100644
index 0000000..206f1c5
--- /dev/null
+++ b/lib/sgetgrent.c
@@ -0,0 +1,154 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <grp.h>
+#include "defines.h"
+#include "prototypes.h"
+
+#define NFIELDS 4
+
+/*
+ * list - turn a comma-separated string into an array of (char *)'s
+ *
+ * list() converts the comma-separated list of member names into
+ * an array of character pointers.
+ *
+ * WARNING: I profiled this once with and without strchr() calls
+ * and found that using a register variable and an explicit loop
+ * works best. For large /etc/group files, this is a major win.
+ *
+ * FINALLY added dynamic allocation. Still need to fix sgetsgent().
+ * --marekm
+ */
+static char **list (char *s)
+{
+ static char **members = 0;
+ static int size = 0; /* max members + 1 */
+ int i;
+ char **rbuf;
+
+ i = 0;
+ for (;;) {
+ /* check if there is room for another pointer (to a group
+ member name, or terminating NULL). */
+ if (i >= size) {
+ size = i + 100; /* at least: i + 1 */
+ if (members) {
+ rbuf =
+ realloc (members, size * sizeof (char *));
+ } else {
+ /* for old (before ANSI C) implementations of
+ realloc() that don't handle NULL properly */
+ rbuf = malloc (size * sizeof (char *));
+ }
+ if (!rbuf) {
+ if (members)
+ free (members);
+ members = 0;
+ size = 0;
+ return (char **) 0;
+ }
+ members = rbuf;
+ }
+ if (!s || s[0] == '\0')
+ break;
+ members[i++] = s;
+ while (('\0' != *s) && (',' != *s)) {
+ s++;
+ }
+ if ('\0' != *s) {
+ *s++ = '\0';
+ }
+ }
+ members[i] = (char *) 0;
+ return members;
+}
+
+
+struct group *sgetgrent (const char *buf)
+{
+ static char *grpbuf = 0;
+ static size_t size = 0;
+ static char *grpfields[NFIELDS];
+ static struct group grent;
+ int i;
+ char *cp;
+
+ if (strlen (buf) + 1 > size) {
+ /* no need to use realloc() here - just free it and
+ allocate a larger block */
+ if (grpbuf)
+ free (grpbuf);
+ size = strlen (buf) + 1000; /* at least: strlen(buf) + 1 */
+ grpbuf = malloc (size);
+ if (!grpbuf) {
+ size = 0;
+ return 0;
+ }
+ }
+ strcpy (grpbuf, buf);
+
+ cp = strrchr (grpbuf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ }
+
+ for (cp = grpbuf, i = 0; (i < NFIELDS) && (NULL != cp); i++) {
+ grpfields[i] = cp;
+ cp = strchr (cp, ':');
+ if (NULL != cp) {
+ *cp = '\0';
+ cp++;
+ }
+ }
+ if (i < (NFIELDS - 1) || *grpfields[2] == '\0') {
+ return (struct group *) 0;
+ }
+ grent.gr_name = grpfields[0];
+ grent.gr_passwd = grpfields[1];
+ if (get_gid (grpfields[2], &grent.gr_gid) == 0) {
+ return (struct group *) 0;
+ }
+ grent.gr_mem = list (grpfields[3]);
+ if (NULL == grent.gr_mem) {
+ return (struct group *) 0; /* out of memory */
+ }
+
+ return &grent;
+}
+
diff --git a/lib/sgetpwent.c b/lib/sgetpwent.c
new file mode 100644
index 0000000..293aabe
--- /dev/null
+++ b/lib/sgetpwent.c
@@ -0,0 +1,122 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include "defines.h"
+#include <stdio.h>
+#include <pwd.h>
+#include "prototypes.h"
+
+#define NFIELDS 7
+
+/*
+ * sgetpwent - convert a string to a (struct passwd)
+ *
+ * sgetpwent() parses a string into the parts required for a password
+ * structure. Strict checking is made for the UID and GID fields and
+ * presence of the correct number of colons. Any failing tests result
+ * in a NULL pointer being returned.
+ *
+ * NOTE: This function uses hard-coded string scanning functions for
+ * performance reasons. I am going to come up with some conditional
+ * compilation glarp to improve on this in the future.
+ */
+struct passwd *sgetpwent (const char *buf)
+{
+ static struct passwd pwent;
+ static char pwdbuf[1024];
+ register int i;
+ register char *cp;
+ char *fields[NFIELDS];
+
+ /*
+ * Copy the string to a static buffer so the pointers into
+ * the password structure remain valid.
+ */
+
+ if (strlen (buf) >= sizeof pwdbuf)
+ return 0; /* fail if too long */
+ strcpy (pwdbuf, buf);
+
+ /*
+ * Save a pointer to the start of each colon separated
+ * field. The fields are converted into NUL terminated strings.
+ */
+
+ for (cp = pwdbuf, i = 0; (i < NFIELDS) && (NULL != cp); i++) {
+ fields[i] = cp;
+ while (('\0' != *cp) && (':' != *cp)) {
+ cp++;
+ }
+
+ if ('\0' != *cp) {
+ *cp = '\0';
+ cp++;
+ } else {
+ cp = NULL;
+ }
+ }
+
+ /*
+ * There must be exactly NFIELDS colon separated fields or
+ * the entry is invalid. Also, the UID and GID must be non-blank.
+ */
+
+ if (i != NFIELDS || *fields[2] == '\0' || *fields[3] == '\0')
+ return NULL;
+
+ /*
+ * Each of the fields is converted the appropriate data type
+ * and the result assigned to the password structure. If the
+ * UID or GID does not convert to an integer value, a NULL
+ * pointer is returned.
+ */
+
+ pwent.pw_name = fields[0];
+ pwent.pw_passwd = fields[1];
+ if (get_uid (fields[2], &pwent.pw_uid) == 0) {
+ return NULL;
+ }
+ if (get_gid (fields[3], &pwent.pw_gid) == 0) {
+ return NULL;
+ }
+ pwent.pw_gecos = fields[4];
+ pwent.pw_dir = fields[5];
+ pwent.pw_shell = fields[6];
+
+ return &pwent;
+}
+
diff --git a/lib/sgetspent.c b/lib/sgetspent.c
new file mode 100644
index 0000000..20531eb
--- /dev/null
+++ b/lib/sgetspent.c
@@ -0,0 +1,208 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2009 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+/* Newer versions of Linux libc already have shadow support. */
+#ifndef HAVE_SGETSPENT
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <stdio.h>
+#define FIELDS 9
+#define OFIELDS 5
+/*
+ * sgetspent - convert string in shadow file format to (struct spwd *)
+ */
+struct spwd *sgetspent (const char *string)
+{
+ static char spwbuf[1024];
+ static struct spwd spwd;
+ char *fields[FIELDS];
+ char *cp;
+ char *cpp;
+ int i;
+
+ /*
+ * Copy string to local buffer. It has to be tokenized and we
+ * have to do that to our private copy.
+ */
+
+ if (strlen (string) >= sizeof spwbuf) {
+ return 0; /* fail if too long */
+ }
+ strcpy (spwbuf, string);
+
+ cp = strrchr (spwbuf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ }
+
+ /*
+ * Tokenize the string into colon separated fields. Allow up to
+ * FIELDS different fields.
+ */
+
+ for (cp = spwbuf, i = 0; ('\0' != *cp) && (i < FIELDS); i++) {
+ fields[i] = cp;
+ while (('\0' != *cp) && (':' != *cp)) {
+ cp++;
+ }
+
+ if ('\0' != *cp) {
+ *cp = '\0';
+ cp++;
+ }
+ }
+
+ if (i == (FIELDS - 1)) {
+ fields[i++] = cp;
+ }
+
+ if ( ((NULL != cp) && ('\0' != *cp)) ||
+ ((i != FIELDS) && (i != OFIELDS)) ) {
+ return 0;
+ }
+
+ /*
+ * Start populating the structure. The fields are all in
+ * static storage, as is the structure we pass back.
+ */
+
+ spwd.sp_namp = fields[0];
+ spwd.sp_pwdp = fields[1];
+
+ /*
+ * Get the last changed date. For all of the integer fields,
+ * we check for proper format. It is an error to have an
+ * incorrectly formatted number.
+ */
+
+ if (fields[2][0] == '\0') {
+ spwd.sp_lstchg = -1;
+ } else if ( (getlong (fields[2], &spwd.sp_lstchg) == 0)
+ || (spwd.sp_lstchg < 0)) {
+ return 0;
+ }
+
+ /*
+ * Get the minimum period between password changes.
+ */
+
+ if (fields[3][0] == '\0') {
+ spwd.sp_min = -1;
+ } else if ( (getlong (fields[3], &spwd.sp_min) == 0)
+ || (spwd.sp_min < 0)) {
+ return 0;
+ }
+
+ /*
+ * Get the maximum number of days a password is valid.
+ */
+
+ if (fields[4][0] == '\0') {
+ spwd.sp_max = -1;
+ } else if ( (getlong (fields[4], &spwd.sp_max) == 0)
+ || (spwd.sp_max < 0)) {
+ return 0;
+ }
+
+ /*
+ * If there are only OFIELDS fields (this is a SVR3.2 /etc/shadow
+ * formatted file), initialize the other field members to -1.
+ */
+
+ if (i == OFIELDS) {
+ spwd.sp_warn = -1;
+ spwd.sp_inact = -1;
+ spwd.sp_expire = -1;
+ spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
+
+ return &spwd;
+ }
+
+ /*
+ * Get the number of days of password expiry warning.
+ */
+
+ if (fields[5][0] == '\0') {
+ spwd.sp_warn = -1;
+ } else if ( (getlong (fields[5], &spwd.sp_warn) == 0)
+ || (spwd.sp_warn < 0)) {
+ return 0;
+ }
+
+ /*
+ * Get the number of days of inactivity before an account is
+ * disabled.
+ */
+
+ if (fields[6][0] == '\0') {
+ spwd.sp_inact = -1;
+ } else if ( (getlong (fields[6], &spwd.sp_inact) == 0)
+ || (spwd.sp_inact < 0)) {
+ return 0;
+ }
+
+ /*
+ * Get the number of days after the epoch before the account is
+ * set to expire.
+ */
+
+ if (fields[7][0] == '\0') {
+ spwd.sp_expire = -1;
+ } else if ( (getlong (fields[7], &spwd.sp_expire) == 0)
+ || (spwd.sp_expire < 0)) {
+ return 0;
+ }
+
+ /*
+ * This field is reserved for future use. But it isn't supposed
+ * to have anything other than a valid integer in it.
+ */
+
+ if (fields[8][0] == '\0') {
+ spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
+ } else if (getlong (fields[8], &spwd.sp_flag) == 0) {
+ /* FIXME: add a getulong function */
+ return 0;
+ }
+
+ return (&spwd);
+}
+#else
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif
+
diff --git a/lib/sgroupio.c b/lib/sgroupio.c
new file mode 100644
index 0000000..5423626
--- /dev/null
+++ b/lib/sgroupio.c
@@ -0,0 +1,328 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 , Michał Moskal
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2013, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef SHADOWGRP
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include "commonio.h"
+#include "getdef.h"
+#include "sgroupio.h"
+
+/*@null@*/ /*@only@*/struct sgrp *__sgr_dup (const struct sgrp *sgent)
+{
+ struct sgrp *sg;
+ int i;
+
+ sg = (struct sgrp *) malloc (sizeof *sg);
+ if (NULL == sg) {
+ return NULL;
+ }
+ /* Do the same as the other _dup function, even if we know the
+ * structure. */
+ memset (sg, 0, sizeof *sg);
+ /*@-mustfreeonly@*/
+ sg->sg_name = strdup (sgent->sg_name);
+ /*@=mustfreeonly@*/
+ if (NULL == sg->sg_name) {
+ free (sg);
+ return NULL;
+ }
+ /*@-mustfreeonly@*/
+ sg->sg_passwd = strdup (sgent->sg_passwd);
+ /*@=mustfreeonly@*/
+ if (NULL == sg->sg_passwd) {
+ free (sg->sg_name);
+ free (sg);
+ return NULL;
+ }
+
+ for (i = 0; NULL != sgent->sg_adm[i]; i++);
+ /*@-mustfreeonly@*/
+ sg->sg_adm = (char **) malloc ((i + 1) * sizeof (char *));
+ /*@=mustfreeonly@*/
+ if (NULL == sg->sg_adm) {
+ free (sg->sg_passwd);
+ free (sg->sg_name);
+ free (sg);
+ return NULL;
+ }
+ for (i = 0; NULL != sgent->sg_adm[i]; i++) {
+ sg->sg_adm[i] = strdup (sgent->sg_adm[i]);
+ if (NULL == sg->sg_adm[i]) {
+ for (i = 0; NULL != sg->sg_adm[i]; i++) {
+ free (sg->sg_adm[i]);
+ }
+ free (sg->sg_adm);
+ free (sg->sg_passwd);
+ free (sg->sg_name);
+ free (sg);
+ return NULL;
+ }
+ }
+ sg->sg_adm[i] = NULL;
+
+ for (i = 0; NULL != sgent->sg_mem[i]; i++);
+ /*@-mustfreeonly@*/
+ sg->sg_mem = (char **) malloc ((i + 1) * sizeof (char *));
+ /*@=mustfreeonly@*/
+ if (NULL == sg->sg_mem) {
+ for (i = 0; NULL != sg->sg_adm[i]; i++) {
+ free (sg->sg_adm[i]);
+ }
+ free (sg->sg_adm);
+ free (sg->sg_passwd);
+ free (sg->sg_name);
+ free (sg);
+ return NULL;
+ }
+ for (i = 0; NULL != sgent->sg_mem[i]; i++) {
+ sg->sg_mem[i] = strdup (sgent->sg_mem[i]);
+ if (NULL == sg->sg_mem[i]) {
+ for (i = 0; NULL != sg->sg_mem[i]; i++) {
+ free (sg->sg_mem[i]);
+ }
+ free (sg->sg_mem);
+ for (i = 0; NULL != sg->sg_adm[i]; i++) {
+ free (sg->sg_adm[i]);
+ }
+ free (sg->sg_adm);
+ free (sg->sg_passwd);
+ free (sg->sg_name);
+ free (sg);
+ return NULL;
+ }
+ }
+ sg->sg_mem[i] = NULL;
+
+ return sg;
+}
+
+static /*@null@*/ /*@only@*/void *gshadow_dup (const void *ent)
+{
+ const struct sgrp *sg = ent;
+
+ return __sgr_dup (sg);
+}
+
+static void gshadow_free (/*@out@*/ /*@only@*/void *ent)
+{
+ struct sgrp *sg = ent;
+
+ sgr_free (sg);
+}
+
+void sgr_free (/*@out@*/ /*@only@*/struct sgrp *sgent)
+{
+ size_t i;
+ free (sgent->sg_name);
+ if (NULL != sgent->sg_passwd) {
+ memzero (sgent->sg_passwd, strlen (sgent->sg_passwd));
+ free (sgent->sg_passwd);
+ }
+ for (i = 0; NULL != sgent->sg_adm[i]; i++) {
+ free (sgent->sg_adm[i]);
+ }
+ free (sgent->sg_adm);
+ for (i = 0; NULL != sgent->sg_mem[i]; i++) {
+ free (sgent->sg_mem[i]);
+ }
+ free (sgent->sg_mem);
+ free (sgent);
+}
+
+static const char *gshadow_getname (const void *ent)
+{
+ const struct sgrp *gr = ent;
+
+ return gr->sg_name;
+}
+
+static void *gshadow_parse (const char *line)
+{
+ return (void *) sgetsgent (line);
+}
+
+static int gshadow_put (const void *ent, FILE * file)
+{
+ const struct sgrp *sg = ent;
+
+ if ( (NULL == sg)
+ || (valid_field (sg->sg_name, ":\n") == -1)
+ || (valid_field (sg->sg_passwd, ":\n") == -1)) {
+ return -1;
+ }
+
+ /* FIXME: fail also if sg->sg_adm == NULL ?*/
+ if (NULL != sg->sg_adm) {
+ size_t i;
+ for (i = 0; NULL != sg->sg_adm[i]; i++) {
+ if (valid_field (sg->sg_adm[i], ",:\n") == -1) {
+ return -1;
+ }
+ }
+ }
+
+ /* FIXME: fail also if sg->sg_mem == NULL ?*/
+ if (NULL != sg->sg_mem) {
+ size_t i;
+ for (i = 0; NULL != sg->sg_mem[i]; i++) {
+ if (valid_field (sg->sg_mem[i], ",:\n") == -1) {
+ return -1;
+ }
+ }
+ }
+
+ return (putsgent (sg, file) == -1) ? -1 : 0;
+}
+
+static struct commonio_ops gshadow_ops = {
+ gshadow_dup,
+ gshadow_free,
+ gshadow_getname,
+ gshadow_parse,
+ gshadow_put,
+ fgetsx,
+ fputsx,
+ NULL, /* open_hook */
+ NULL /* close_hook */
+};
+
+static struct commonio_db gshadow_db = {
+ SGROUP_FILE, /* filename */
+ &gshadow_ops, /* ops */
+ NULL, /* fp */
+#ifdef WITH_SELINUX
+ NULL, /* scontext */
+#endif
+ 0400, /* st_mode */
+ 0, /* st_uid */
+ 0, /* st_gid */
+ NULL, /* head */
+ NULL, /* tail */
+ NULL, /* cursor */
+ false, /* changed */
+ false, /* isopen */
+ false, /* locked */
+ false /* readonly */
+};
+
+int sgr_setdbname (const char *filename)
+{
+ return commonio_setname (&gshadow_db, filename);
+}
+
+/*@observer@*/const char *sgr_dbname (void)
+{
+ return gshadow_db.filename;
+}
+
+bool sgr_file_present (void)
+{
+ if (getdef_bool ("FORCE_SHADOW"))
+ return true;
+ return commonio_present (&gshadow_db);
+}
+
+int sgr_lock (void)
+{
+ return commonio_lock (&gshadow_db);
+}
+
+int sgr_open (int mode)
+{
+ return commonio_open (&gshadow_db, mode);
+}
+
+/*@observer@*/ /*@null@*/const struct sgrp *sgr_locate (const char *name)
+{
+ return commonio_locate (&gshadow_db, name);
+}
+
+int sgr_update (const struct sgrp *sg)
+{
+ return commonio_update (&gshadow_db, (const void *) sg);
+}
+
+int sgr_remove (const char *name)
+{
+ return commonio_remove (&gshadow_db, name);
+}
+
+int sgr_rewind (void)
+{
+ return commonio_rewind (&gshadow_db);
+}
+
+/*@null@*/const struct sgrp *sgr_next (void)
+{
+ return commonio_next (&gshadow_db);
+}
+
+int sgr_close (void)
+{
+ return commonio_close (&gshadow_db);
+}
+
+int sgr_unlock (void)
+{
+ return commonio_unlock (&gshadow_db);
+}
+
+void __sgr_set_changed (void)
+{
+ gshadow_db.changed = true;
+}
+
+/*@dependent@*/ /*@null@*/struct commonio_entry *__sgr_get_head (void)
+{
+ return gshadow_db.head;
+}
+
+void __sgr_del_entry (const struct commonio_entry *ent)
+{
+ commonio_del_entry (&gshadow_db, ent);
+}
+
+/* Sort with respect to group ordering. */
+int sgr_sort ()
+{
+ return commonio_sort_wrt (&gshadow_db, __gr_get_db ());
+}
+#else
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif
diff --git a/lib/sgroupio.h b/lib/sgroupio.h
new file mode 100644
index 0000000..163243a
--- /dev/null
+++ b/lib/sgroupio.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 , Michał Moskal
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef _SGROUPIO_H
+#define _SGROUPIO_H
+
+extern int sgr_close (void);
+extern bool sgr_file_present (void);
+extern /*@observer@*/ /*@null@*/const struct sgrp *sgr_locate (const char *name);
+extern int sgr_lock (void);
+extern int sgr_setdbname (const char *filename);
+extern /*@observer@*/const char *sgr_dbname (void);
+extern /*@null@*/const struct sgrp *sgr_next (void);
+extern int sgr_open (int mode);
+extern int sgr_remove (const char *name);
+extern int sgr_rewind (void);
+extern int sgr_unlock (void);
+extern int sgr_update (const struct sgrp *sg);
+extern int sgr_sort (void);
+
+#endif
diff --git a/lib/shadow.c b/lib/shadow.c
new file mode 100644
index 0000000..05cb0e4
--- /dev/null
+++ b/lib/shadow.c
@@ -0,0 +1,557 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2009 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+/* Newer versions of Linux libc already have shadow support. */
+#ifndef HAVE_GETSPNAM
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <stdio.h>
+#ifdef USE_NIS
+static bool nis_used;
+static bool nis_ignore;
+static enum { native, start, middle, native2 } nis_state;
+static bool nis_bound;
+static char *nis_domain;
+static char *nis_key;
+static int nis_keylen;
+static char *nis_val;
+static int nis_vallen;
+
+#define IS_NISCHAR(c) ((c)=='+')
+#endif
+
+static FILE *shadow;
+
+#define FIELDS 9
+#define OFIELDS 5
+
+#ifdef USE_NIS
+
+/*
+ * __setspNIS - turn on or off NIS searches
+ */
+
+void __setspNIS (bool flag)
+{
+ nis_ignore = !flag;
+
+ if (nis_ignore) {
+ nis_used = false;
+ }
+}
+
+/*
+ * bind_nis - bind to NIS server
+ */
+
+static int bind_nis (void)
+{
+ if (yp_get_default_domain (&nis_domain)) {
+ return -1;
+ }
+
+ nis_bound = true;
+ return 0;
+}
+#endif
+
+/*
+ * setspent - initialize access to shadow text and DBM files
+ */
+
+void setspent (void)
+{
+ if (NULL != shadow) {
+ rewind (shadow);
+ }else {
+ shadow = fopen (SHADOW_FILE, "r");
+ }
+
+#ifdef USE_NIS
+ nis_state = native;
+#endif
+}
+
+/*
+ * endspent - terminate access to shadow text and DBM files
+ */
+
+void endspent (void)
+{
+ if (NULL != shadow) {
+ (void) fclose (shadow);
+ }
+
+ shadow = (FILE *) 0;
+}
+
+/*
+ * my_sgetspent - convert string in shadow file format to (struct spwd *)
+ */
+
+static struct spwd *my_sgetspent (const char *string)
+{
+ static char spwbuf[BUFSIZ];
+ static struct spwd spwd;
+ char *fields[FIELDS];
+ char *cp;
+ char *cpp;
+ int i;
+
+ /*
+ * Copy string to local buffer. It has to be tokenized and we
+ * have to do that to our private copy.
+ */
+
+ if (strlen (string) >= sizeof spwbuf)
+ return 0;
+ strcpy (spwbuf, string);
+
+ cp = strrchr (spwbuf, '\n');
+ if (NULL != cp)
+ *cp = '\0';
+
+ /*
+ * Tokenize the string into colon separated fields. Allow up to
+ * FIELDS different fields.
+ */
+
+ for (cp = spwbuf, i = 0; *cp && i < FIELDS; i++) {
+ fields[i] = cp;
+ while (*cp && *cp != ':')
+ cp++;
+
+ if (*cp)
+ *cp++ = '\0';
+ }
+
+ if (i == (FIELDS - 1))
+ fields[i++] = cp;
+
+ if ((cp && *cp) || (i != FIELDS && i != OFIELDS))
+ return 0;
+
+ /*
+ * Start populating the structure. The fields are all in
+ * static storage, as is the structure we pass back. If we
+ * ever see a name with '+' as the first character, we try
+ * to turn on NIS processing.
+ */
+
+ spwd.sp_namp = fields[0];
+#ifdef USE_NIS
+ if (IS_NISCHAR (fields[0][0])) {
+ nis_used = true;
+ }
+#endif
+ spwd.sp_pwdp = fields[1];
+
+ /*
+ * Get the last changed date. For all of the integer fields,
+ * we check for proper format. It is an error to have an
+ * incorrectly formatted number, unless we are using NIS.
+ */
+
+ if (fields[2][0] == '\0') {
+ spwd.sp_lstchg = -1;
+ } else {
+ if (getlong (fields[2], &spwd.sp_lstchg) == 0) {
+#ifdef USE_NIS
+ if (nis_used) {
+ spwd.sp_lstchg = -1;
+ } else
+#endif
+ return 0;
+ } else if (spwd.sp_lstchg < 0) {
+ return 0;
+ }
+ }
+
+ /*
+ * Get the minimum period between password changes.
+ */
+
+ if (fields[3][0] == '\0') {
+ spwd.sp_min = -1;
+ } else {
+ if (getlong (fields[3], &spwd.sp_min) == 0) {
+#ifdef USE_NIS
+ if (nis_used) {
+ spwd.sp_min = -1;
+ } else
+#endif
+ {
+ return 0;
+ }
+ } else if (spwd.sp_min < 0) {
+ return 0;
+ }
+ }
+
+ /*
+ * Get the maximum number of days a password is valid.
+ */
+
+ if (fields[4][0] == '\0') {
+ spwd.sp_max = -1;
+ } else {
+ if (getlong (fields[4], &spwd.sp_max) == 0) {
+#ifdef USE_NIS
+ if (nis_used) {
+ spwd.sp_max = -1;
+ } else
+#endif
+ return 0;
+ } else if (spwd.sp_max < 0) {
+ return 0;
+ }
+ }
+
+ /*
+ * If there are only OFIELDS fields (this is a SVR3.2 /etc/shadow
+ * formatted file), initialize the other field members to -1.
+ */
+
+ if (i == OFIELDS) {
+ spwd.sp_warn = -1;
+ spwd.sp_inact = -1;
+ spwd.sp_expire = -1;
+ spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
+
+ return &spwd;
+ }
+
+ /*
+ * Get the number of days of password expiry warning.
+ */
+
+ if (fields[5][0] == '\0') {
+ spwd.sp_warn = -1;
+ } else {
+ if (getlong (fields[5], &spwd.sp_warn) == 0) {
+#ifdef USE_NIS
+ if (nis_used) {
+ spwd.sp_warn = -1;
+ } else
+#endif
+ {
+ return 0;
+ }
+ } else if (spwd.sp_warn < 0) {
+ return 0;
+ }
+ }
+
+ /*
+ * Get the number of days of inactivity before an account is
+ * disabled.
+ */
+
+ if (fields[6][0] == '\0') {
+ spwd.sp_inact = -1;
+ } else {
+ if (getlong (fields[6], &spwd.sp_inact) == 0) {
+#ifdef USE_NIS
+ if (nis_used) {
+ spwd.sp_inact = -1;
+ } else
+#endif
+ {
+ return 0;
+ }
+ } else if (spwd.sp_inact < 0) {
+ return 0;
+ }
+ }
+
+ /*
+ * Get the number of days after the epoch before the account is
+ * set to expire.
+ */
+
+ if (fields[7][0] == '\0') {
+ spwd.sp_expire = -1;
+ } else {
+ if (getlong (fields[7], &spwd.sp_expire) == 0) {
+#ifdef USE_NIS
+ if (nis_used) {
+ spwd.sp_expire = -1;
+ } else
+#endif
+ {
+ return 0;
+ }
+ } else if (spwd.sp_expire < 0) {
+ return 0;
+ }
+ }
+
+ /*
+ * This field is reserved for future use. But it isn't supposed
+ * to have anything other than a valid integer in it.
+ */
+
+ if (fields[8][0] == '\0') {
+ spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
+ } else {
+ if (getlong (fields[8], &spwd.sp_flag) == 0) {
+ /* FIXME: add a getulong function */
+#ifdef USE_NIS
+ if (nis_used) {
+ spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
+ } else
+#endif
+ {
+ return 0;
+ }
+ } else if (spwd.sp_flag < 0) {
+ return 0;
+ }
+ }
+
+ return (&spwd);
+}
+
+/*
+ * fgetspent - get an entry from a /etc/shadow formatted stream
+ */
+
+struct spwd *fgetspent (FILE * fp)
+{
+ char buf[BUFSIZ];
+ char *cp;
+
+ if (NULL == fp) {
+ return (0);
+ }
+
+#ifdef USE_NIS
+ while (fgets (buf, (int) sizeof buf, fp) != (char *) 0)
+#else
+ if (fgets (buf, (int) sizeof buf, fp) != (char *) 0)
+#endif
+ {
+ cp = strchr (buf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ }
+#ifdef USE_NIS
+ if (nis_ignore && IS_NISCHAR (buf[0])) {
+ continue;
+ }
+#endif
+ return my_sgetspent (buf);
+ }
+ return 0;
+}
+
+/*
+ * getspent - get a (struct spwd *) from the current shadow file
+ */
+
+struct spwd *getspent (void)
+{
+#ifdef USE_NIS
+ int nis_1_user = 0;
+ struct spwd *val;
+ char buf[BUFSIZ];
+#endif
+ if (NULL == shadow) {
+ setspent ();
+ }
+
+#ifdef USE_NIS
+ again:
+ /*
+ * See if we are reading from the local file.
+ */
+
+ if (nis_state == native || nis_state == native2) {
+
+ /*
+ * Get the next entry from the shadow file. Return NULL
+ * right away if there is none.
+ */
+
+ val = fgetspent (shadow);
+ if (NULL == val)
+ return 0;
+
+ /*
+ * If this entry began with a NIS escape character, we have
+ * to see if this is just a single user, or if the entire
+ * map is being asked for.
+ */
+
+ if (IS_NISCHAR (val->sp_namp[0])) {
+ if (val->sp_namp[1])
+ nis_1_user = 1;
+ else
+ nis_state = start;
+ }
+
+ /*
+ * If this isn't a NIS user and this isn't an escape to go
+ * use a NIS map, it must be a regular local user.
+ */
+
+ if (nis_1_user == 0 && nis_state != start)
+ return val;
+
+ /*
+ * If this is an escape to use an NIS map, switch over to
+ * that bunch of code.
+ */
+
+ if (nis_state == start)
+ goto again;
+
+ /*
+ * NEEDSWORK. Here we substitute pieces-parts of this entry.
+ */
+
+ return 0;
+ } else {
+ if (!nis_bound) {
+ if (bind_nis ()) {
+ nis_state = native2;
+ goto again;
+ }
+ }
+ if (nis_state == start) {
+ if (yp_first (nis_domain, "shadow.bynam", &nis_key,
+ &nis_keylen, &nis_val, &nis_vallen)) {
+ nis_state = native2;
+ goto again;
+ }
+ nis_state = middle;
+ } else if (nis_state == middle) {
+ if (yp_next (nis_domain, "shadow.bynam", nis_key,
+ nis_keylen, &nis_key, &nis_keylen,
+ &nis_val, &nis_vallen)) {
+ nis_state = native2;
+ goto again;
+ }
+ }
+ return my_sgetspent (nis_val);
+ }
+#else
+ return (fgetspent (shadow));
+#endif
+}
+
+/*
+ * getspnam - get a shadow entry by name
+ */
+
+struct spwd *getspnam (const char *name)
+{
+ struct spwd *sp;
+
+#ifdef USE_NIS
+ char buf[BUFSIZ];
+ static char save_name[16];
+ bool nis_disabled = false;
+#endif
+
+ setspent ();
+
+#ifdef USE_NIS
+ /*
+ * Search the shadow.byname map for this user.
+ */
+
+ if (!nis_ignore && !nis_bound) {
+ bind_nis ();
+ }
+
+ if (!nis_ignore && nis_bound) {
+ char *cp;
+
+ if (yp_match (nis_domain, "shadow.byname", name,
+ strlen (name), &nis_val, &nis_vallen) == 0) {
+
+ cp = strchr (nis_val, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ }
+
+ nis_state = middle;
+ sp = my_sgetspent (nis_val);
+ if (NULL != sp) {
+ strcpy (save_name, sp->sp_namp);
+ nis_key = save_name;
+ nis_keylen = strlen (save_name);
+ }
+ endspent ();
+ return sp;
+ } else {
+ nis_state = native2;
+ }
+ }
+#endif
+#ifdef USE_NIS
+ /*
+ * NEEDSWORK -- this is a mess, and it is the same mess in the
+ * other three files. I can't just blindly turn off NIS because
+ * this might be the first pass through the local files. In
+ * that case, I never discover that NIS is present.
+ */
+
+ if (nis_used) {
+ nis_ignore = true;
+ nis_disabled = true;
+ }
+#endif
+ while ((sp = getspent ()) != (struct spwd *) 0) {
+ if (strcmp (name, sp->sp_namp) == 0) {
+ break;
+ }
+ }
+#ifdef USE_NIS
+ if (nis_disabled) {
+ nis_ignore = false;
+ }
+#endif
+ endspent ();
+ return (sp);
+}
+#else
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif
+
diff --git a/lib/shadowio.c b/lib/shadowio.c
new file mode 100644
index 0000000..5fa3d31
--- /dev/null
+++ b/lib/shadowio.c
@@ -0,0 +1,267 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 , Michał Moskal
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include <shadow.h>
+#include <stdio.h>
+#include "commonio.h"
+#include "getdef.h"
+#include "shadowio.h"
+#ifdef WITH_TCB
+#include <tcb.h>
+#include "tcbfuncs.h"
+#endif /* WITH_TCB */
+
+static /*@null@*/ /*@only@*/void *shadow_dup (const void *ent)
+{
+ const struct spwd *sp = ent;
+
+ return __spw_dup (sp);
+}
+
+static void shadow_free (/*@out@*//*@only@*/void *ent)
+{
+ struct spwd *sp = ent;
+
+ spw_free (sp);
+}
+
+static const char *shadow_getname (const void *ent)
+{
+ const struct spwd *sp = ent;
+
+ return sp->sp_namp;
+}
+
+static void *shadow_parse (const char *line)
+{
+ return (void *) sgetspent (line);
+}
+
+static int shadow_put (const void *ent, FILE * file)
+{
+ const struct spwd *sp = ent;
+
+ if ( (NULL == sp)
+ || (valid_field (sp->sp_namp, ":\n") == -1)
+ || (valid_field (sp->sp_pwdp, ":\n") == -1)) {
+ return -1;
+ }
+
+ return (putspent (sp, file) == -1) ? -1 : 0;
+}
+
+static struct commonio_ops shadow_ops = {
+ shadow_dup,
+ shadow_free,
+ shadow_getname,
+ shadow_parse,
+ shadow_put,
+ fgets,
+ fputs,
+ NULL, /* open_hook */
+ NULL /* close_hook */
+};
+
+static struct commonio_db shadow_db = {
+ SHADOW_FILE, /* filename */
+ &shadow_ops, /* ops */
+ NULL, /* fp */
+#ifdef WITH_SELINUX
+ NULL, /* scontext */
+#endif /* WITH_SELINUX */
+ 0400, /* st_mode */
+ 0, /* st_uid */
+ 0, /* st_gid */
+ NULL, /* head */
+ NULL, /* tail */
+ NULL, /* cursor */
+ false, /* changed */
+ false, /* isopen */
+ false, /* locked */
+ false /* readonly */
+};
+
+int spw_setdbname (const char *filename)
+{
+ return commonio_setname (&shadow_db, filename);
+}
+
+/*@observer@*/const char *spw_dbname (void)
+{
+ return shadow_db.filename;
+}
+
+bool spw_file_present (void)
+{
+ if (getdef_bool ("FORCE_SHADOW"))
+ return true;
+ return commonio_present (&shadow_db);
+}
+
+int spw_lock (void)
+{
+#ifdef WITH_TCB
+ int retval = 0;
+
+ if (!getdef_bool ("USE_TCB")) {
+#endif /* WITH_TCB */
+ return commonio_lock (&shadow_db);
+#ifdef WITH_TCB
+ }
+ if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
+ return 0;
+ }
+ if (lckpwdf_tcb (shadow_db.filename) == 0) {
+ shadow_db.locked = 1;
+ retval = 1;
+ }
+ if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) {
+ return 0;
+ }
+ return retval;
+#endif /* WITH_TCB */
+}
+
+int spw_open (int mode)
+{
+ int retval = 0;
+#ifdef WITH_TCB
+ bool use_tcb = getdef_bool ("USE_TCB");
+
+ if (use_tcb && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) {
+ return 0;
+ }
+#endif /* WITH_TCB */
+ retval = commonio_open (&shadow_db, mode);
+#ifdef WITH_TCB
+ if (use_tcb && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) {
+ return 0;
+ }
+#endif /* WITH_TCB */
+ return retval;
+}
+
+/*@observer@*/ /*@null@*/const struct spwd *spw_locate (const char *name)
+{
+ return commonio_locate (&shadow_db, name);
+}
+
+int spw_update (const struct spwd *sp)
+{
+ return commonio_update (&shadow_db, (const void *) sp);
+}
+
+int spw_remove (const char *name)
+{
+ return commonio_remove (&shadow_db, name);
+}
+
+int spw_rewind (void)
+{
+ return commonio_rewind (&shadow_db);
+}
+
+/*@observer@*/ /*@null@*/const struct spwd *spw_next (void)
+{
+ return commonio_next (&shadow_db);
+}
+
+int spw_close (void)
+{
+ int retval = 0;
+#ifdef WITH_TCB
+ bool use_tcb = getdef_bool ("USE_TCB");
+
+ if (use_tcb && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) {
+ return 0;
+ }
+#endif /* WITH_TCB */
+ retval = commonio_close (&shadow_db);
+#ifdef WITH_TCB
+ if (use_tcb && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) {
+ return 0;
+ }
+#endif /* WITH_TCB */
+ return retval;
+}
+
+int spw_unlock (void)
+{
+#ifdef WITH_TCB
+ int retval = 0;
+
+ if (!getdef_bool ("USE_TCB")) {
+#endif /* WITH_TCB */
+ return commonio_unlock (&shadow_db);
+#ifdef WITH_TCB
+ }
+ if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
+ return 0;
+ }
+ if (ulckpwdf_tcb () == 0) {
+ shadow_db.locked = 0;
+ retval = 1;
+ }
+ if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) {
+ return 0;
+ }
+ return retval;
+#endif /* WITH_TCB */
+}
+
+struct commonio_entry *__spw_get_head (void)
+{
+ return shadow_db.head;
+}
+
+void __spw_del_entry (const struct commonio_entry *ent)
+{
+ commonio_del_entry (&shadow_db, ent);
+}
+
+/* Sort with respect to passwd ordering. */
+int spw_sort ()
+{
+#ifdef WITH_TCB
+ if (getdef_bool ("USE_TCB")) {
+ return 0;
+ }
+#endif /* WITH_TCB */
+ return commonio_sort_wrt (&shadow_db, __pw_get_db ());
+}
diff --git a/lib/shadowio.h b/lib/shadowio.h
new file mode 100644
index 0000000..5384b1d
--- /dev/null
+++ b/lib/shadowio.h
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef SHADOWIO_H
+#define SHADOWIO_H
+
+#include "defines.h"
+
+extern int spw_close (void);
+extern bool spw_file_present (void);
+extern /*@observer@*/ /*@null@*/const struct spwd *spw_locate (const char *name);
+extern int spw_lock (void);
+extern int spw_setdbname (const char *filename);
+extern /*@observer@*/const char *spw_dbname (void);
+extern /*@observer@*/ /*@null@*/const struct spwd *spw_next (void);
+extern int spw_open (int mode);
+extern int spw_remove (const char *name);
+extern int spw_rewind (void);
+extern int spw_unlock (void);
+extern int spw_update (const struct spwd *sp);
+extern int spw_sort (void);
+
+#endif
diff --git a/lib/shadowmem.c b/lib/shadowmem.c
new file mode 100644
index 0000000..8989598
--- /dev/null
+++ b/lib/shadowmem.c
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 , Michał Moskal
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2013, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include <shadow.h>
+#include <stdio.h>
+#include "shadowio.h"
+
+/*@null@*/ /*@only@*/struct spwd *__spw_dup (const struct spwd *spent)
+{
+ struct spwd *sp;
+
+ sp = (struct spwd *) malloc (sizeof *sp);
+ if (NULL == sp) {
+ return NULL;
+ }
+ /* The libc might define other fields. They won't be copied. */
+ memset (sp, 0, sizeof *sp);
+ sp->sp_lstchg = spent->sp_lstchg;
+ sp->sp_min = spent->sp_min;
+ sp->sp_max = spent->sp_max;
+ sp->sp_warn = spent->sp_warn;
+ sp->sp_inact = spent->sp_inact;
+ sp->sp_expire = spent->sp_expire;
+ sp->sp_flag = spent->sp_flag;
+ /*@-mustfreeonly@*/
+ sp->sp_namp = strdup (spent->sp_namp);
+ /*@=mustfreeonly@*/
+ if (NULL == sp->sp_namp) {
+ free(sp);
+ return NULL;
+ }
+ /*@-mustfreeonly@*/
+ sp->sp_pwdp = strdup (spent->sp_pwdp);
+ /*@=mustfreeonly@*/
+ if (NULL == sp->sp_pwdp) {
+ free(sp->sp_namp);
+ free(sp);
+ return NULL;
+ }
+
+ return sp;
+}
+
+void spw_free (/*@out@*/ /*@only@*/struct spwd *spent)
+{
+ free (spent->sp_namp);
+ if (NULL != spent->sp_pwdp) {
+ memzero (spent->sp_pwdp, strlen (spent->sp_pwdp));
+ free (spent->sp_pwdp);
+ }
+ free (spent);
+}
+
diff --git a/lib/spawn.c b/lib/spawn.c
new file mode 100644
index 0000000..da98401
--- /dev/null
+++ b/lib/spawn.c
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2011 , Jonathan Nieder
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+#include "exitcodes.h"
+#include "prototypes.h"
+
+int run_command (const char *cmd, const char *argv[],
+ /*@null@*/const char *envp[], /*@out@*/int *status)
+{
+ pid_t pid, wpid;
+
+ if (NULL == envp) {
+ envp = (const char **)environ;
+ }
+
+ (void) fflush (stdout);
+ (void) fflush (stderr);
+
+ pid = fork ();
+ if (0 == pid) {
+ (void) execve (cmd, (char * const *) argv,
+ (char * const *) envp);
+ if (ENOENT == errno) {
+ exit (E_CMD_NOTFOUND);
+ }
+ fprintf (stderr, "%s: cannot execute %s: %s\n",
+ Prog, cmd, strerror (errno));
+ exit (E_CMD_NOEXEC);
+ } else if ((pid_t)-1 == pid) {
+ fprintf (stderr, "%s: cannot execute %s: %s\n",
+ Prog, cmd, strerror (errno));
+ return -1;
+ }
+
+ do {
+ wpid = waitpid (pid, status, 0);
+ } while ( ((pid_t)-1 == wpid && errno == EINTR)
+ || (wpid != pid));
+
+ if ((pid_t)-1 == wpid) {
+ fprintf (stderr, "%s: waitpid (status: %d): %s\n",
+ Prog, *status, strerror (errno));
+ return -1;
+ }
+
+ return 0;
+}
+
diff --git a/lib/subordinateio.c b/lib/subordinateio.c
new file mode 100644
index 0000000..0d64a91
--- /dev/null
+++ b/lib/subordinateio.c
@@ -0,0 +1,701 @@
+/*
+ * Copyright (c) 2012 - Eric Biederman
+ */
+
+#include <config.h>
+
+#ifdef ENABLE_SUBIDS
+
+#include "prototypes.h"
+#include "defines.h"
+#include <stdio.h>
+#include "commonio.h"
+#include "subordinateio.h"
+#include <sys/types.h>
+#include <pwd.h>
+
+struct subordinate_range {
+ const char *owner;
+ unsigned long start;
+ unsigned long count;
+};
+
+#define NFIELDS 3
+
+/*
+ * subordinate_dup: create a duplicate range
+ *
+ * @ent: a pointer to a subordinate_range struct
+ *
+ * Returns a pointer to a newly allocated duplicate subordinate_range struct
+ * or NULL on failure
+ */
+static /*@null@*/ /*@only@*/void *subordinate_dup (const void *ent)
+{
+ const struct subordinate_range *rangeent = ent;
+ struct subordinate_range *range;
+
+ range = (struct subordinate_range *) malloc (sizeof *range);
+ if (NULL == range) {
+ return NULL;
+ }
+ range->owner = strdup (rangeent->owner);
+ if (NULL == range->owner) {
+ free(range);
+ return NULL;
+ }
+ range->start = rangeent->start;
+ range->count = rangeent->count;
+
+ return range;
+}
+
+/*
+ * subordinate_free: free a subordinate_range struct
+ *
+ * @ent: pointer to a subordinate_range struct to free.
+ */
+static void subordinate_free (/*@out@*/ /*@only@*/void *ent)
+{
+ struct subordinate_range *rangeent = ent;
+
+ free ((void *)(rangeent->owner));
+ free (rangeent);
+}
+
+/*
+ * subordinate_parse:
+ *
+ * @line: a line to parse
+ *
+ * Returns a pointer to a subordinate_range struct representing the values
+ * in @line, or NULL on failure. Note that the returned value should not
+ * be freed by the caller.
+ */
+static void *subordinate_parse (const char *line)
+{
+ static struct subordinate_range range;
+ static char rangebuf[1024];
+ int i;
+ char *cp;
+ char *fields[NFIELDS];
+
+ /*
+ * Copy the string to a temporary buffer so the substrings can
+ * be modified to be NULL terminated.
+ */
+ if (strlen (line) >= sizeof rangebuf)
+ return NULL; /* fail if too long */
+ strcpy (rangebuf, line);
+
+ /*
+ * Save a pointer to the start of each colon separated
+ * field. The fields are converted into NUL terminated strings.
+ */
+
+ for (cp = rangebuf, i = 0; (i < NFIELDS) && (NULL != cp); i++) {
+ fields[i] = cp;
+ while (('\0' != *cp) && (':' != *cp)) {
+ cp++;
+ }
+
+ if ('\0' != *cp) {
+ *cp = '\0';
+ cp++;
+ } else {
+ cp = NULL;
+ }
+ }
+
+ /*
+ * There must be exactly NFIELDS colon separated fields or
+ * the entry is invalid. Also, fields must be non-blank.
+ */
+ if (i != NFIELDS || *fields[0] == '\0' || *fields[1] == '\0' || *fields[2] == '\0')
+ return NULL;
+ range.owner = fields[0];
+ if (getulong (fields[1], &range.start) == 0)
+ return NULL;
+ if (getulong (fields[2], &range.count) == 0)
+ return NULL;
+
+ return &range;
+}
+
+/*
+ * subordinate_put: print a subordinate_range value to a file
+ *
+ * @ent: a pointer to a subordinate_range struct to print out.
+ * @file: file to which to print.
+ *
+ * Returns 0 on success, -1 on error.
+ */
+static int subordinate_put (const void *ent, FILE * file)
+{
+ const struct subordinate_range *range = ent;
+
+ return fprintf(file, "%s:%lu:%lu\n",
+ range->owner,
+ range->start,
+ range->count) < 0 ? -1 : 0;
+}
+
+static struct commonio_ops subordinate_ops = {
+ subordinate_dup, /* dup */
+ subordinate_free, /* free */
+ NULL, /* getname */
+ subordinate_parse, /* parse */
+ subordinate_put, /* put */
+ fgets, /* fgets */
+ fputs, /* fputs */
+ NULL, /* open_hook */
+ NULL, /* close_hook */
+};
+
+static /*@observer@*/ /*@null*/const struct subordinate_range *subordinate_next(struct commonio_db *db)
+{
+ return (const struct subordinate_range *)commonio_next (db);
+}
+
+/*
+ * range_exists: Check whether @owner owns any ranges
+ *
+ * @db: database to query
+ * @owner: owner being queried
+ *
+ * Returns true if @owner owns any subuid ranges, false otherwise.
+ */
+static const bool range_exists(struct commonio_db *db, const char *owner)
+{
+ const struct subordinate_range *range;
+ commonio_rewind(db);
+ while ((range = commonio_next(db)) != NULL) {
+ if (0 == strcmp(range->owner, owner))
+ return true;
+ }
+ return false;
+}
+
+/*
+ * find_range: find a range which @owner is authorized to use which includes
+ * subuid @val.
+ *
+ * @db: database to query
+ * @owner: owning uid being queuried
+ * @val: subuid being searched for.
+ *
+ * Returns a range of subuids belonging to @owner and including the subuid
+ * @val, or NULL if no such range exists.
+ */
+static const struct subordinate_range *find_range(struct commonio_db *db,
+ const char *owner, unsigned long val)
+{
+ const struct subordinate_range *range;
+
+ /*
+ * Search for exact username/group specification
+ *
+ * This is the original method - go fast through the db, doing only
+ * exact username/group string comparison. Therefore we leave it as-is
+ * for the time being, in order to keep it equally fast as it was
+ * before.
+ */
+ commonio_rewind(db);
+ while ((range = commonio_next(db)) != NULL) {
+ unsigned long first = range->start;
+ unsigned long last = first + range->count - 1;
+
+ if (0 != strcmp(range->owner, owner))
+ continue;
+
+ if ((val >= first) && (val <= last))
+ return range;
+ }
+
+
+ /*
+ * We only do special handling for these two files
+ */
+ if ((0 != strcmp(db->filename, "/etc/subuid")) && (0 != strcmp(db->filename, "/etc/subgid")))
+ return NULL;
+
+ /*
+ * Search loop above did not produce any result. Let's rerun it,
+ * but this time try to matcha actual UIDs. The first entry that
+ * matches is considered a success.
+ * (It may be specified as literal UID or as another username which
+ * has the same UID as the username we are looking for.)
+ */
+ struct passwd *pwd;
+ uid_t owner_uid;
+ char owner_uid_string[33] = "";
+
+
+ /* Get UID of the username we are looking for */
+ pwd = getpwnam(owner);
+ if (NULL == pwd) {
+ /* Username not defined in /etc/passwd, or error occured during lookup */
+ return NULL;
+ }
+ owner_uid = pwd->pw_uid;
+ sprintf(owner_uid_string, "%lu", (unsigned long int)owner_uid);
+
+ commonio_rewind(db);
+ while ((range = commonio_next(db)) != NULL) {
+ unsigned long first = range->start;
+ unsigned long last = first + range->count - 1;
+
+ /* For performance reasons check range before using getpwnam() */
+ if ((val < first) || (val > last)) {
+ continue;
+ }
+
+ /*
+ * Range matches. Check if range owner is specified
+ * as numeric UID and if it matches.
+ */
+ if (0 == strcmp(range->owner, owner_uid_string)) {
+ return range;
+ }
+
+ /*
+ * Ok, this range owner is not specified as numeric UID
+ * we are looking for. It may be specified as another
+ * UID or as a literal username.
+ *
+ * If specified as another UID, the call to getpwnam()
+ * will return NULL.
+ *
+ * If specified as literal username, we will get its
+ * UID and compare that to UID we are looking for.
+ */
+ const struct passwd *range_owner_pwd;
+
+ range_owner_pwd = getpwnam(range->owner);
+ if (NULL == range_owner_pwd) {
+ continue;
+ }
+
+ if (owner_uid == range_owner_pwd->pw_uid) {
+ return range;
+ }
+ }
+
+ return NULL;
+}
+
+/*
+ * have_range: check whether @owner is authorized to use the range
+ * (@start .. @start+@count-1).
+ * @db: database to check
+ * @owner: owning uid being queried
+ * @start: start of range
+ * @count: number of uids in range
+ *
+ * Returns true if @owner is authorized to use the range, false otherwise.
+ */
+static bool have_range(struct commonio_db *db,
+ const char *owner, unsigned long start, unsigned long count)
+{
+ const struct subordinate_range *range;
+ unsigned long end;
+
+ if (count == 0)
+ return false;
+
+ end = start + count - 1;
+ range = find_range (db, owner, start);
+ while (range) {
+ unsigned long last;
+
+ last = range->start + range->count - 1;
+ if (last >= (start + count - 1))
+ return true;
+
+ count = end - last;
+ start = last + 1;
+ range = find_range(db, owner, start);
+ }
+ return false;
+}
+
+/*
+ * subordinate_range_cmp: compare uid ranges
+ *
+ * @p1: pointer to a commonio_entry struct to compare
+ * @p2: pointer to second commonio_entry struct to compare
+ *
+ * Returns 0 if the entries are the same. Otherwise return -1
+ * if the range in p1 is lower than that in p2, or (if the ranges are
+ * equal) if the owning uid in p1 is lower than p2's. Return 1 if p1's
+ * range or owning uid is great than p2's.
+ */
+static int subordinate_range_cmp (const void *p1, const void *p2)
+{
+ struct subordinate_range *range1, *range2;
+
+ if ((*(struct commonio_entry **) p1)->eptr == NULL)
+ return 1;
+ if ((*(struct commonio_entry **) p2)->eptr == NULL)
+ return -1;
+
+ range1 = ((struct subordinate_range *) (*(struct commonio_entry **) p1)->eptr);
+ range2 = ((struct subordinate_range *) (*(struct commonio_entry **) p2)->eptr);
+
+ if (range1->start < range2->start)
+ return -1;
+ else if (range1->start > range2->start)
+ return 1;
+ else if (range1->count < range2->count)
+ return -1;
+ else if (range1->count > range2->count)
+ return 1;
+ else
+ return strcmp(range1->owner, range2->owner);
+}
+
+/*
+ * find_free_range: find an unused consecutive sequence of ids to allocate
+ * to a user.
+ * @db: database to search
+ * @min: the first uid in the range to find
+ * @max: the highest uid to find
+ * @count: the number of uids needed
+ *
+ * Return the lowest new uid, or ULONG_MAX on failure.
+ */
+static unsigned long find_free_range(struct commonio_db *db,
+ unsigned long min, unsigned long max,
+ unsigned long count)
+{
+ const struct subordinate_range *range;
+ unsigned long low, high;
+
+ /* When given invalid parameters fail */
+ if ((count == 0) || (max < min))
+ goto fail;
+
+ /* Sort by range then by owner */
+ commonio_sort (db, subordinate_range_cmp);
+ commonio_rewind(db);
+
+ low = min;
+ while ((range = commonio_next(db)) != NULL) {
+ unsigned long first = range->start;
+ unsigned long last = first + range->count - 1;
+
+ /* Find the top end of the hole before this range */
+ high = first;
+
+ /* Don't allocate IDs after max (included) */
+ if (high > max + 1) {
+ high = max + 1;
+ }
+
+ /* Is the hole before this range large enough? */
+ if ((high > low) && ((high - low) >= count))
+ return low;
+
+ /* Compute the low end of the next hole */
+ if (low < (last + 1))
+ low = last + 1;
+ if (low > max)
+ goto fail;
+ }
+
+ /* Is the remaining unclaimed area large enough? */
+ if (((max - low) + 1) >= count)
+ return low;
+fail:
+ return ULONG_MAX;
+}
+
+/*
+ * add_range: add a subuid range to an owning uid's list of authorized
+ * subuids.
+ * @db: database to which to add
+ * @owner: uid which owns the subuid
+ * @start: the first uid in the owned range
+ * @count: the number of uids in the range
+ *
+ * Return 1 if the range is already present or on succcess. On error
+ * return 0 and set errno appropriately.
+ */
+static int add_range(struct commonio_db *db,
+ const char *owner, unsigned long start, unsigned long count)
+{
+ struct subordinate_range range;
+ range.owner = owner;
+ range.start = start;
+ range.count = count;
+
+ /* See if the range is already present */
+ if (have_range(db, owner, start, count))
+ return 1;
+
+ /* Otherwise append the range */
+ return commonio_append(db, &range);
+}
+
+/*
+ * remove_range: remove a range of subuids from an owning uid's list
+ * of authorized subuids.
+ * @db: database to work on
+ * @owner: owning uid whose range is being removed
+ * @start: start of the range to be removed
+ * @count: number of uids in the range.
+ *
+ * Returns 0 on failure, 1 on success. Failure means that we needed to
+ * create a new range to represent the new limits, and failed doing so.
+ */
+static int remove_range (struct commonio_db *db,
+ const char *owner,
+ unsigned long start, unsigned long count)
+{
+ struct commonio_entry *ent;
+ unsigned long end;
+
+ if (count == 0) {
+ return 1;
+ }
+
+ end = start + count - 1;
+ for (ent = db->head; NULL != ent; ent = ent->next) {
+ struct subordinate_range *range = ent->eptr;
+ unsigned long first;
+ unsigned long last;
+
+ /* Skip unparsed entries */
+ if (NULL == range) {
+ continue;
+ }
+
+ first = range->start;
+ last = first + range->count - 1;
+
+ /* Skip entries with a different owner */
+ if (0 != strcmp (range->owner, owner)) {
+ continue;
+ }
+
+ /* Skip entries outside of the range to remove */
+ if ((end < first) || (start > last)) {
+ continue;
+ }
+
+ if (start <= first) {
+ if (end >= last) {
+ /* to be removed: [start, end]
+ * range: [first, last] */
+ /* entry completely contained in the
+ * range to remove */
+ commonio_del_entry (db, ent);
+ } else {
+ /* to be removed: [start, end]
+ * range: [first, last] */
+ /* Remove only the start of the entry */
+ range->start = end + 1;
+ range->count = (last - range->start) + 1;
+
+ ent->changed = true;
+ db->changed = true;
+ }
+ } else {
+ if (end >= last) {
+ /* to be removed: [start, end]
+ * range: [first, last] */
+ /* Remove only the end of the entry */
+ range->count = start - range->start;
+
+ ent->changed = true;
+ db->changed = true;
+ } else {
+ /* to be removed: [start, end]
+ * range: [first, last] */
+ /* Remove the middle of the range
+ * This requires to create a new range */
+ struct subordinate_range tail;
+ tail.owner = range->owner;
+ tail.start = end + 1;
+ tail.count = (last - tail.start) + 1;
+
+ if (commonio_append (db, &tail) == 0) {
+ return 0;
+ }
+
+ range->count = start - range->start;
+
+ ent->changed = true;
+ db->changed = true;
+ }
+ }
+ }
+
+ return 1;
+}
+
+static struct commonio_db subordinate_uid_db = {
+ "/etc/subuid", /* filename */
+ &subordinate_ops, /* ops */
+ NULL, /* fp */
+#ifdef WITH_SELINUX
+ NULL, /* scontext */
+#endif
+ 0644, /* st_mode */
+ 0, /* st_uid */
+ 0, /* st_gid */
+ NULL, /* head */
+ NULL, /* tail */
+ NULL, /* cursor */
+ false, /* changed */
+ false, /* isopen */
+ false, /* locked */
+ false /* readonly */
+};
+
+int sub_uid_setdbname (const char *filename)
+{
+ return commonio_setname (&subordinate_uid_db, filename);
+}
+
+/*@observer@*/const char *sub_uid_dbname (void)
+{
+ return subordinate_uid_db.filename;
+}
+
+bool sub_uid_file_present (void)
+{
+ return commonio_present (&subordinate_uid_db);
+}
+
+int sub_uid_lock (void)
+{
+ return commonio_lock (&subordinate_uid_db);
+}
+
+int sub_uid_open (int mode)
+{
+ return commonio_open (&subordinate_uid_db, mode);
+}
+
+bool sub_uid_assigned(const char *owner)
+{
+ return range_exists (&subordinate_uid_db, owner);
+}
+
+bool have_sub_uids(const char *owner, uid_t start, unsigned long count)
+{
+ return have_range (&subordinate_uid_db, owner, start, count);
+}
+
+int sub_uid_add (const char *owner, uid_t start, unsigned long count)
+{
+ return add_range (&subordinate_uid_db, owner, start, count);
+}
+
+int sub_uid_remove (const char *owner, uid_t start, unsigned long count)
+{
+ return remove_range (&subordinate_uid_db, owner, start, count);
+}
+
+int sub_uid_close (void)
+{
+ return commonio_close (&subordinate_uid_db);
+}
+
+int sub_uid_unlock (void)
+{
+ return commonio_unlock (&subordinate_uid_db);
+}
+
+uid_t sub_uid_find_free_range(uid_t min, uid_t max, unsigned long count)
+{
+ unsigned long start;
+ start = find_free_range (&subordinate_uid_db, min, max, count);
+ return start == ULONG_MAX ? (uid_t) -1 : start;
+}
+
+static struct commonio_db subordinate_gid_db = {
+ "/etc/subgid", /* filename */
+ &subordinate_ops, /* ops */
+ NULL, /* fp */
+#ifdef WITH_SELINUX
+ NULL, /* scontext */
+#endif
+ 0644, /* st_mode */
+ 0, /* st_uid */
+ 0, /* st_gid */
+ NULL, /* head */
+ NULL, /* tail */
+ NULL, /* cursor */
+ false, /* changed */
+ false, /* isopen */
+ false, /* locked */
+ false /* readonly */
+};
+
+int sub_gid_setdbname (const char *filename)
+{
+ return commonio_setname (&subordinate_gid_db, filename);
+}
+
+/*@observer@*/const char *sub_gid_dbname (void)
+{
+ return subordinate_gid_db.filename;
+}
+
+bool sub_gid_file_present (void)
+{
+ return commonio_present (&subordinate_gid_db);
+}
+
+int sub_gid_lock (void)
+{
+ return commonio_lock (&subordinate_gid_db);
+}
+
+int sub_gid_open (int mode)
+{
+ return commonio_open (&subordinate_gid_db, mode);
+}
+
+bool have_sub_gids(const char *owner, gid_t start, unsigned long count)
+{
+ return have_range(&subordinate_gid_db, owner, start, count);
+}
+
+bool sub_gid_assigned(const char *owner)
+{
+ return range_exists (&subordinate_gid_db, owner);
+}
+
+int sub_gid_add (const char *owner, gid_t start, unsigned long count)
+{
+ return add_range (&subordinate_gid_db, owner, start, count);
+}
+
+int sub_gid_remove (const char *owner, gid_t start, unsigned long count)
+{
+ return remove_range (&subordinate_gid_db, owner, start, count);
+}
+
+int sub_gid_close (void)
+{
+ return commonio_close (&subordinate_gid_db);
+}
+
+int sub_gid_unlock (void)
+{
+ return commonio_unlock (&subordinate_gid_db);
+}
+
+gid_t sub_gid_find_free_range(gid_t min, gid_t max, unsigned long count)
+{
+ unsigned long start;
+ start = find_free_range (&subordinate_gid_db, min, max, count);
+ return start == ULONG_MAX ? (gid_t) -1 : start;
+}
+#else /* !ENABLE_SUBIDS */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !ENABLE_SUBIDS */
+
diff --git a/lib/subordinateio.h b/lib/subordinateio.h
new file mode 100644
index 0000000..a21d72b
--- /dev/null
+++ b/lib/subordinateio.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2012- Eric W. Biederman
+ */
+
+#ifndef _SUBORDINATEIO_H
+#define _SUBORDINATEIO_H
+
+#include <config.h>
+
+#ifdef ENABLE_SUBIDS
+
+#include <sys/types.h>
+
+extern int sub_uid_close(void);
+extern bool have_sub_uids(const char *owner, uid_t start, unsigned long count);
+extern bool sub_uid_file_present (void);
+extern bool sub_uid_assigned(const char *owner);
+extern int sub_uid_lock (void);
+extern int sub_uid_setdbname (const char *filename);
+extern /*@observer@*/const char *sub_uid_dbname (void);
+extern int sub_uid_open (int mode);
+extern int sub_uid_unlock (void);
+extern int sub_uid_add (const char *owner, uid_t start, unsigned long count);
+extern int sub_uid_remove (const char *owner, uid_t start, unsigned long count);
+extern uid_t sub_uid_find_free_range(uid_t min, uid_t max, unsigned long count);
+
+extern int sub_gid_close(void);
+extern bool have_sub_gids(const char *owner, gid_t start, unsigned long count);
+extern bool sub_gid_file_present (void);
+extern bool sub_gid_assigned(const char *owner);
+extern int sub_gid_lock (void);
+extern int sub_gid_setdbname (const char *filename);
+extern /*@observer@*/const char *sub_gid_dbname (void);
+extern int sub_gid_open (int mode);
+extern int sub_gid_unlock (void);
+extern int sub_gid_add (const char *owner, gid_t start, unsigned long count);
+extern int sub_gid_remove (const char *owner, gid_t start, unsigned long count);
+extern uid_t sub_gid_find_free_range(gid_t min, gid_t max, unsigned long count);
+#endif /* ENABLE_SUBIDS */
+
+#endif
diff --git a/lib/tcbfuncs.c b/lib/tcbfuncs.c
new file mode 100644
index 0000000..2f694bd
--- /dev/null
+++ b/lib/tcbfuncs.c
@@ -0,0 +1,613 @@
+/*
+ * Copyright (c) 2001 Rafal Wojtczuk, Solar Designer
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#define _GNU_SOURCE
+
+#include <errno.h>
+#include <fcntl.h>
+#include <grp.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <tcb.h>
+#include <unistd.h>
+
+#include "config.h"
+
+#include "defines.h"
+#include "prototypes.h"
+#include "getdef.h"
+#include "shadowio.h"
+#include "tcbfuncs.h"
+
+#define SHADOWTCB_HASH_BY 1000
+#define SHADOWTCB_LOCK_SUFFIX ".lock"
+
+static /*@null@*//*@only@*/char *stored_tcb_user = NULL;
+
+shadowtcb_status shadowtcb_drop_priv (void)
+{
+ if (!getdef_bool ("USE_TCB")) {
+ return SHADOWTCB_SUCCESS;
+ }
+
+ if (NULL != stored_tcb_user) {
+ if (tcb_drop_priv (stored_tcb_user) == 0) {
+ return SHADOWTCB_SUCCESS;
+ }
+ }
+
+ return SHADOWTCB_FAILURE;
+}
+
+shadowtcb_status shadowtcb_gain_priv (void)
+{
+ if (!getdef_bool ("USE_TCB")) {
+ return SHADOWTCB_SUCCESS;
+ }
+
+ return (tcb_gain_priv () == 0) ? SHADOWTCB_SUCCESS : SHADOWTCB_FAILURE;
+}
+
+/* In case something goes wrong, we return immediately, not polluting the
+ * code with free(). All errors are fatal, so the application is expected
+ * to exit soon.
+ */
+#define OUT_OF_MEMORY do { \
+ fprintf (stderr, _("%s: out of memory\n"), Prog); \
+ (void) fflush (stderr); \
+} while (false)
+
+/* Returns user's tcb directory path relative to TCB_DIR. */
+static /*@null@*/ char *shadowtcb_path_rel (const char *name, uid_t uid)
+{
+ char *ret;
+
+ if (!getdef_bool ("TCB_SYMLINKS") || uid < SHADOWTCB_HASH_BY) {
+ if (asprintf (&ret, "%s", name) == -1) {
+ OUT_OF_MEMORY;
+ return NULL;
+ }
+ } else if (uid < SHADOWTCB_HASH_BY * SHADOWTCB_HASH_BY) {
+ if (asprintf (&ret, ":%dK/%s",
+ uid / SHADOWTCB_HASH_BY, name) == -1) {
+ OUT_OF_MEMORY;
+ return NULL;
+ }
+ } else {
+ if (asprintf (&ret, ":%dM/:%dK/%s",
+ uid / (SHADOWTCB_HASH_BY * SHADOWTCB_HASH_BY),
+ (uid % (SHADOWTCB_HASH_BY * SHADOWTCB_HASH_BY)) / SHADOWTCB_HASH_BY,
+ name) == -1) {
+ OUT_OF_MEMORY;
+ return NULL;
+ }
+ }
+ return ret;
+}
+
+static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
+{
+ char *path, *rval;
+ struct stat st;
+ char link[8192];
+ ssize_t ret;
+
+ if (asprintf (&path, TCB_DIR "/%s", name) == -1) {
+ OUT_OF_MEMORY;
+ return NULL;
+ }
+ if (lstat (path, &st) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot stat %s: %s\n"),
+ Prog, path, strerror (errno));
+ free (path);
+ return NULL;
+ }
+ if (S_ISDIR (st.st_mode)) {
+ free (path);
+ rval = strdup (name);
+ if (NULL == rval) {
+ OUT_OF_MEMORY;
+ return NULL;
+ }
+ return rval;
+ }
+ if (!S_ISLNK (st.st_mode)) {
+ fprintf (stderr,
+ _("%s: %s is neither a directory, nor a symlink.\n"),
+ Prog, path);
+ free (path);
+ return NULL;
+ }
+ ret = readlink (path, link, sizeof (link) - 1);
+ if (-1 == ret) {
+ fprintf (stderr,
+ _("%s: Cannot read symbolic link %s: %s\n"),
+ Prog, path, strerror (errno));
+ free (path);
+ return NULL;
+ }
+ free (path);
+ if ((size_t)ret >= sizeof(link) - 1) {
+ link[sizeof(link) - 1] = '\0';
+ fprintf (stderr,
+ _("%s: Suspiciously long symlink: %s\n"),
+ Prog, link);
+ return NULL;
+ }
+ link[(size_t)ret] = '\0';
+ rval = strdup (link);
+ if (NULL == rval) {
+ OUT_OF_MEMORY;
+ return NULL;
+ }
+ return rval;
+}
+
+static /*@null@*/ char *shadowtcb_path (const char *name, uid_t uid)
+{
+ char *ret, *rel;
+
+ rel = shadowtcb_path_rel (name, uid);
+ if (NULL == rel) {
+ return NULL;
+ }
+ if (asprintf (&ret, TCB_DIR "/%s", rel) == -1) {
+ OUT_OF_MEMORY;
+ free (rel);
+ return NULL;
+ }
+ free (rel);
+ return ret;
+}
+
+static /*@null@*/ char *shadowtcb_path_existing (const char *name)
+{
+ char *ret, *rel;
+
+ rel = shadowtcb_path_rel_existing (name);
+ if (NULL == rel) {
+ return NULL;
+ }
+ if (asprintf (&ret, TCB_DIR "/%s", rel) == -1) {
+ OUT_OF_MEMORY;
+ free (rel);
+ return NULL;
+ }
+ free (rel);
+ return ret;
+}
+
+static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
+{
+ char *ind, *dir, *ptr, *path = shadowtcb_path_rel (name, uid);
+ struct stat st;
+
+ if (NULL == path) {
+ return SHADOWTCB_FAILURE;
+ }
+ ptr = path;
+ if (stat (TCB_DIR, &st) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot stat %s: %s\n"),
+ Prog, TCB_DIR, strerror (errno));
+ goto out_free_path;
+ }
+ while ((ind = strchr (ptr, '/'))) {
+ *ind = '\0';
+ if (asprintf (&dir, TCB_DIR "/%s", path) == -1) {
+ OUT_OF_MEMORY;
+ return SHADOWTCB_FAILURE;
+ }
+ if ((mkdir (dir, 0700) != 0) && (errno != EEXIST)) {
+ fprintf (stderr,
+ _("%s: Cannot create directory %s: %s\n"),
+ Prog, dir, strerror (errno));
+ goto out_free_dir;
+ }
+ if (chown (dir, 0, st.st_gid) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot change owner of %s: %s\n"),
+ Prog, dir, strerror (errno));
+ goto out_free_dir;
+ }
+ if (chmod (dir, 0711) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot change mode of %s: %s\n"),
+ Prog, dir, strerror (errno));
+ goto out_free_dir;
+ }
+ free (dir);
+ *ind = '/';
+ ptr = ind + 1;
+ }
+ free (path);
+ return SHADOWTCB_SUCCESS;
+out_free_dir:
+ free (dir);
+out_free_path:
+ free (path);
+ return SHADOWTCB_FAILURE;
+}
+
+static shadowtcb_status unlink_suffs (const char *user)
+{
+ static char *suffs[] = { "+", "-", SHADOWTCB_LOCK_SUFFIX };
+ char *tmp;
+ int i;
+
+ for (i = 0; i < 3; i++) {
+ if (asprintf (&tmp, TCB_FMT "%s", user, suffs[i]) == -1) {
+ OUT_OF_MEMORY;
+ return SHADOWTCB_FAILURE;
+ }
+ if ((unlink (tmp) != 0) && (errno != ENOENT)) {
+ fprintf (stderr,
+ _("%s: unlink: %s: %s\n"),
+ Prog, tmp, strerror (errno));
+ free (tmp);
+ return SHADOWTCB_FAILURE;
+ }
+ free (tmp);
+ }
+
+ return SHADOWTCB_SUCCESS;
+}
+
+/* path should be a relative existing tcb directory */
+static shadowtcb_status rmdir_leading (char *path)
+{
+ char *ind, *dir;
+ shadowtcb_status ret = SHADOWTCB_SUCCESS;
+ while ((ind = strrchr (path, '/'))) {
+ *ind = '\0';
+ if (asprintf (&dir, TCB_DIR "/%s", path) == -1) {
+ OUT_OF_MEMORY;
+ return SHADOWTCB_FAILURE;
+ }
+ if (rmdir (dir) != 0) {
+ if (errno != ENOTEMPTY) {
+ fprintf (stderr,
+ _("%s: Cannot remove directory %s: %s\n"),
+ Prog, dir, strerror (errno));
+ ret = SHADOWTCB_FAILURE;
+ }
+ free (dir);
+ break;
+ }
+ free (dir);
+ }
+ return ret;
+}
+
+static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
+{
+ char *olddir = NULL, *newdir = NULL;
+ char *real_old_dir = NULL, *real_new_dir = NULL;
+ char *real_old_dir_rel = NULL, *real_new_dir_rel = NULL;
+ uid_t old_uid, the_newid;
+ struct stat oldmode;
+ shadowtcb_status ret = SHADOWTCB_FAILURE;
+
+ if (NULL == stored_tcb_user) {
+ return SHADOWTCB_FAILURE;
+ }
+ if (asprintf (&olddir, TCB_DIR "/%s", stored_tcb_user) == -1) {
+ goto out_free_nomem;
+ }
+ if (stat (olddir, &oldmode) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot stat %s: %s\n"),
+ Prog, olddir, strerror (errno));
+ goto out_free;
+ }
+ old_uid = oldmode.st_uid;
+ the_newid = (user_newid == -1) ? old_uid : user_newid;
+ real_old_dir = shadowtcb_path_existing (stored_tcb_user);
+ if (NULL == real_old_dir) {
+ goto out_free;
+ }
+ real_new_dir = shadowtcb_path (user_newname, the_newid);
+ if (NULL == real_new_dir) {
+ goto out_free;
+ }
+ if (strcmp (real_old_dir, real_new_dir) == 0) {
+ ret = SHADOWTCB_SUCCESS;
+ goto out_free;
+ }
+ real_old_dir_rel = shadowtcb_path_rel_existing (stored_tcb_user);
+ if (NULL == real_old_dir_rel) {
+ goto out_free;
+ }
+ if (mkdir_leading (user_newname, the_newid) == SHADOWTCB_FAILURE) {
+ goto out_free;
+ }
+ if (rename (real_old_dir, real_new_dir) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot rename %s to %s: %s\n"),
+ Prog, real_old_dir, real_new_dir, strerror (errno));
+ goto out_free;
+ }
+ if (rmdir_leading (real_old_dir_rel) == SHADOWTCB_FAILURE) {
+ goto out_free;
+ }
+ if ((unlink (olddir) != 0) && (errno != ENOENT)) {
+ fprintf (stderr,
+ _("%s: Cannot remove %s: %s\n"),
+ Prog, olddir, strerror (errno));
+ goto out_free;
+ }
+ if (asprintf (&newdir, TCB_DIR "/%s", user_newname) == -1) {
+ goto out_free_nomem;
+ }
+ real_new_dir_rel = shadowtcb_path_rel (user_newname, the_newid);
+ if (NULL == real_new_dir_rel) {
+ goto out_free;
+ }
+ if ( (strcmp (real_new_dir, newdir) != 0)
+ && (symlink (real_new_dir_rel, newdir) != 0)) {
+ fprintf (stderr,
+ _("%s: Cannot create symbolic link %s: %s\n"),
+ Prog, real_new_dir_rel, strerror (errno));
+ goto out_free;
+ }
+ ret = SHADOWTCB_SUCCESS;
+ goto out_free;
+out_free_nomem:
+ OUT_OF_MEMORY;
+out_free:
+ free (olddir);
+ free (newdir);
+ free (real_old_dir);
+ free (real_new_dir);
+ free (real_old_dir_rel);
+ free (real_new_dir_rel);
+ return ret;
+}
+
+shadowtcb_status shadowtcb_set_user (const char* name)
+{
+ char *buf;
+ shadowtcb_status retval;
+
+ if (!getdef_bool ("USE_TCB")) {
+ return SHADOWTCB_SUCCESS;
+ }
+
+ if (NULL != stored_tcb_user) {
+ free (stored_tcb_user);
+ }
+
+ stored_tcb_user = strdup (name);
+ if (NULL == stored_tcb_user) {
+ OUT_OF_MEMORY;
+ return SHADOWTCB_FAILURE;
+ }
+ if (asprintf (&buf, TCB_FMT, name) == -1) {
+ OUT_OF_MEMORY;
+ return SHADOWTCB_FAILURE;
+ }
+
+ retval = (spw_setdbname (buf) != 0) ? SHADOWTCB_SUCCESS : SHADOWTCB_FAILURE;
+ free (buf);
+ return retval;
+}
+
+/* tcb directory must be empty before shadowtcb_remove is called. */
+shadowtcb_status shadowtcb_remove (const char *name)
+{
+ shadowtcb_status ret = SHADOWTCB_SUCCESS;
+ char *path = shadowtcb_path_existing (name);
+ char *rel = shadowtcb_path_rel_existing (name);
+ if ((NULL == path) || (NULL == rel) || (rmdir (path) != 0)) {
+ return SHADOWTCB_FAILURE;
+ }
+ if (rmdir_leading (rel) == SHADOWTCB_FAILURE) {
+ return SHADOWTCB_FAILURE;
+ }
+ free (path);
+ free (rel);
+ if (asprintf (&path, TCB_DIR "/%s", name) == -1) {
+ OUT_OF_MEMORY;
+ return SHADOWTCB_FAILURE;
+ }
+ if ((unlink (path) != 0) && (errno != ENOENT)) {
+ ret = SHADOWTCB_FAILURE;
+ }
+ free (path);
+ return ret;
+}
+
+shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_newid)
+{
+ struct stat dirmode, filemode;
+ char *tcbdir, *shadow;
+ shadowtcb_status ret = SHADOWTCB_FAILURE;
+
+ if (!getdef_bool ("USE_TCB")) {
+ return SHADOWTCB_SUCCESS;
+ }
+ if (NULL == stored_tcb_user) {
+ return SHADOWTCB_FAILURE;
+ }
+ if (NULL == user_newname) {
+ user_newname = stored_tcb_user;
+ }
+ if (move_dir (user_newname, user_newid) == SHADOWTCB_FAILURE) {
+ return SHADOWTCB_FAILURE;
+ }
+ if (-1 == user_newid) {
+ return SHADOWTCB_SUCCESS;
+ }
+ if ( (asprintf (&tcbdir, TCB_DIR "/%s", user_newname) == -1)
+ || (asprintf (&shadow, TCB_FMT, user_newname) == -1)) {
+ OUT_OF_MEMORY;
+ return SHADOWTCB_FAILURE;
+ }
+ if (stat (tcbdir, &dirmode) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot stat %s: %s\n"),
+ Prog, tcbdir, strerror (errno));
+ goto out_free;
+ }
+ if (chown (tcbdir, 0, 0) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot change owners of %s: %s\n"),
+ Prog, tcbdir, strerror (errno));
+ goto out_free;
+ }
+ if (chmod (tcbdir, 0700) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot change mode of %s: %s\n"),
+ Prog, tcbdir, strerror (errno));
+ goto out_free;
+ }
+ if (lstat (shadow, &filemode) != 0) {
+ if (errno != ENOENT) {
+ fprintf (stderr,
+ _("%s: Cannot lstat %s: %s\n"),
+ Prog, shadow, strerror (errno));
+ goto out_free;
+ }
+ fprintf (stderr,
+ _("%s: Warning, user %s has no tcb shadow file.\n"),
+ Prog, user_newname);
+ } else {
+ if (!S_ISREG (filemode.st_mode) ||
+ filemode.st_nlink != 1) {
+ fprintf (stderr,
+ _("%s: Emergency: %s's tcb shadow is not a "
+ "regular file with st_nlink=1.\n"
+ "The account is left locked.\n"),
+ Prog, user_newname);
+ goto out_free;
+ }
+ if (chown (shadow, user_newid, filemode.st_gid) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot change owner of %s: %s\n"),
+ Prog, shadow, strerror (errno));
+ goto out_free;
+ }
+ if (chmod (shadow, filemode.st_mode & 07777) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot change mode of %s: %s\n"),
+ Prog, shadow, strerror (errno));
+ goto out_free;
+ }
+ }
+ if (unlink_suffs (user_newname) == SHADOWTCB_FAILURE) {
+ goto out_free;
+ }
+ if (chown (tcbdir, user_newid, dirmode.st_gid) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot change owner of %s: %s\n"),
+ Prog, tcbdir, strerror (errno));
+ goto out_free;
+ }
+ ret = SHADOWTCB_SUCCESS;
+out_free:
+ free (tcbdir);
+ free (shadow);
+ return ret;
+}
+
+shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
+{
+ char *dir, *shadow;
+ struct stat tcbdir_stat;
+ gid_t shadowgid, authgid;
+ struct group *gr;
+ int fd;
+ shadowtcb_status ret = SHADOWTCB_FAILURE;
+
+ if (!getdef_bool ("USE_TCB")) {
+ return SHADOWTCB_SUCCESS;
+ }
+ if (stat (TCB_DIR, &tcbdir_stat) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot stat %s: %s\n"),
+ Prog, TCB_DIR, strerror (errno));
+ return SHADOWTCB_FAILURE;
+ }
+ shadowgid = tcbdir_stat.st_gid;
+ authgid = shadowgid;
+ if (getdef_bool ("TCB_AUTH_GROUP")) {
+ gr = getgrnam ("auth");
+ if (NULL != gr) {
+ authgid = gr->gr_gid;
+ }
+ }
+
+ if ( (asprintf (&dir, TCB_DIR "/%s", name) == -1)
+ || (asprintf (&shadow, TCB_FMT, name) == -1)) {
+ OUT_OF_MEMORY;
+ return SHADOWTCB_FAILURE;
+ }
+ if (mkdir (dir, 0700) != 0) {
+ fprintf (stderr,
+ _("%s: mkdir: %s: %s\n"),
+ Prog, dir, strerror (errno));
+ goto out_free;
+ }
+ fd = open (shadow, O_RDWR | O_CREAT | O_TRUNC, 0600);
+ if (fd < 0) {
+ fprintf (stderr,
+ _("%s: Cannot open %s: %s\n"),
+ Prog, shadow, strerror (errno));
+ goto out_free;
+ }
+ close (fd);
+ if (chown (shadow, 0, authgid) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot change owner of %s: %s\n"),
+ Prog, shadow, strerror (errno));
+ goto out_free;
+ }
+ if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot change mode of %s: %s\n"),
+ Prog, shadow, strerror (errno));
+ goto out_free;
+ }
+ if (chown (dir, 0, authgid) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot change owner of %s: %s\n"),
+ Prog, dir, strerror (errno));
+ goto out_free;
+ }
+ if (chmod (dir, (mode_t) ((authgid == shadowgid) ? 02700 : 02710)) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot change mode of %s: %s\n"),
+ Prog, dir, strerror (errno));
+ goto out_free;
+ }
+ if ( (shadowtcb_set_user (name) == SHADOWTCB_FAILURE)
+ || (shadowtcb_move (NULL, uid) == SHADOWTCB_FAILURE)) {
+ goto out_free;
+ }
+ ret = SHADOWTCB_SUCCESS;
+out_free:
+ free (dir);
+ free (shadow);
+ return ret;
+}
+
diff --git a/lib/tcbfuncs.h b/lib/tcbfuncs.h
new file mode 100644
index 0000000..6324bc1
--- /dev/null
+++ b/lib/tcbfuncs.h
@@ -0,0 +1,19 @@
+#ifndef _TCBFUNCS_H
+#define _TCBFUNCS_H
+
+#include <sys/types.h>
+
+typedef enum {
+ SHADOWTCB_FAILURE = 0,
+ SHADOWTCB_SUCCESS = 1
+} shadowtcb_status;
+
+extern shadowtcb_status shadowtcb_drop_priv (void);
+extern shadowtcb_status shadowtcb_gain_priv (void);
+extern shadowtcb_status shadowtcb_set_user (const char *name);
+extern shadowtcb_status shadowtcb_remove (const char *name);
+extern shadowtcb_status shadowtcb_move (/*@null@*/const char *user_newname,
+ uid_t user_newid);
+extern shadowtcb_status shadowtcb_create (const char *name, uid_t uid);
+
+#endif
diff --git a/lib/utent.c b/lib/utent.c
new file mode 100644
index 0000000..45af260
--- /dev/null
+++ b/lib/utent.c
@@ -0,0 +1,93 @@
+/*
+ * Copyright (c) 1993 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifndef HAVE_GETUTENT
+
+#include "defines.h"
+#include <stdio.h>
+#include <fcntl.h>
+#include <utmp.h>
+
+#ifndef lint
+static char rcsid[] = "$Id$";
+#endif
+
+static int utmp_fd = -1;
+static struct utmp utmp_buf;
+
+/*
+ * setutent - open or rewind the utmp file
+ */
+
+void setutent (void)
+{
+ if (utmp_fd == -1)
+ if ((utmp_fd = open (_UTMP_FILE, O_RDWR)) == -1)
+ utmp_fd = open (_UTMP_FILE, O_RDONLY);
+
+ if (utmp_fd != -1)
+ lseek (utmp_fd, (off_t) 0L, SEEK_SET);
+}
+
+/*
+ * endutent - close the utmp file
+ */
+
+void endutent (void)
+{
+ if (utmp_fd != -1)
+ close (utmp_fd);
+
+ utmp_fd = -1;
+}
+
+/*
+ * getutent - get the next record from the utmp file
+ */
+
+struct utmp *getutent (void)
+{
+ if (utmp_fd == -1)
+ setutent ();
+
+ if (utmp_fd == -1)
+ return 0;
+
+ if (read (utmp_fd, &utmp_buf, sizeof utmp_buf) != sizeof utmp_buf)
+ return 0;
+
+ return &utmp_buf;
+}
+#else
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif
diff --git a/libmisc/.indent.pro b/libmisc/.indent.pro
new file mode 100644
index 0000000..fe572bb
--- /dev/null
+++ b/libmisc/.indent.pro
@@ -0,0 +1,5 @@
+-kr
+-i8
+-bad
+-pcs
+-l80
diff --git a/libmisc/Makefile.am b/libmisc/Makefile.am
new file mode 100644
index 0000000..4a62049
--- /dev/null
+++ b/libmisc/Makefile.am
@@ -0,0 +1,73 @@
+
+EXTRA_DIST = .indent.pro xgetXXbyYY.c
+
+AM_CPPFLAGS = -I$(top_srcdir)/lib
+
+noinst_LIBRARIES = libmisc.a
+
+libmisc_a_SOURCES = \
+ addgrps.c \
+ age.c \
+ audit_help.c \
+ basename.c \
+ chkname.c \
+ chkname.h \
+ chowndir.c \
+ chowntty.c \
+ cleanup.c \
+ cleanup_group.c \
+ cleanup_user.c \
+ console.c \
+ copydir.c \
+ entry.c \
+ env.c \
+ failure.c \
+ failure.h \
+ find_new_gid.c \
+ find_new_uid.c \
+ find_new_sub_gids.c \
+ find_new_sub_uids.c \
+ getdate.h \
+ getdate.y \
+ getgr_nam_gid.c \
+ getrange.c \
+ gettime.c \
+ hushed.c \
+ idmapping.h \
+ idmapping.c \
+ isexpired.c \
+ limits.c \
+ list.c log.c \
+ loginprompt.c \
+ mail.c \
+ motd.c \
+ myname.c \
+ obscure.c \
+ pam_pass.c \
+ pam_pass_non_interractive.c \
+ pwd2spwd.c \
+ pwdcheck.c \
+ pwd_init.c \
+ remove_tree.c \
+ rlogin.c \
+ root_flag.c \
+ salt.c \
+ setugid.c \
+ setupenv.c \
+ shell.c \
+ strtoday.c \
+ sub.c \
+ sulog.c \
+ ttytype.c \
+ tz.c \
+ ulimit.c \
+ user_busy.c \
+ utmp.c \
+ valid.c \
+ xgetpwnam.c \
+ xgetpwuid.c \
+ xgetgrnam.c \
+ xgetgrgid.c \
+ xgetspnam.c \
+ xmalloc.c \
+ yesno.c
diff --git a/libmisc/addgrps.c b/libmisc/addgrps.c
new file mode 100644
index 0000000..40fad99
--- /dev/null
+++ b/libmisc/addgrps.c
@@ -0,0 +1,131 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#if defined (HAVE_SETGROUPS) && ! defined (USE_PAM)
+
+#include "prototypes.h"
+#include "defines.h"
+
+#include <stdio.h>
+#include <grp.h>
+#include <errno.h>
+
+#ident "$Id$"
+
+#define SEP ",:"
+/*
+ * Add groups with names from LIST (separated by commas or colons)
+ * to the supplementary group set. Silently ignore groups which are
+ * already there. Warning: uses strtok().
+ */
+int add_groups (const char *list)
+{
+ GETGROUPS_T *grouplist, *tmp;
+ size_t i;
+ int ngroups;
+ bool added;
+ char *token;
+ char buf[1024];
+
+ if (strlen (list) >= sizeof (buf)) {
+ errno = EINVAL;
+ return -1;
+ }
+ strcpy (buf, list);
+
+ i = 16;
+ for (;;) {
+ grouplist = (gid_t *) malloc (i * sizeof (GETGROUPS_T));
+ if (NULL == grouplist) {
+ return -1;
+ }
+ ngroups = getgroups (i, grouplist);
+ if ( ( (-1 == ngroups)
+ && (EINVAL != errno))
+ || (i > (size_t)ngroups)) {
+ /* Unexpected failure of getgroups or successful
+ * reception of the groups */
+ break;
+ }
+ /* not enough room, so try allocating a larger buffer */
+ free (grouplist);
+ i *= 2;
+ }
+ if (ngroups < 0) {
+ free (grouplist);
+ return -1;
+ }
+
+ added = false;
+ for (token = strtok (buf, SEP); NULL != token; token = strtok (NULL, SEP)) {
+ struct group *grp;
+
+ grp = getgrnam (token); /* local, no need for xgetgrnam */
+ if (NULL == grp) {
+ fprintf (stderr, _("Warning: unknown group %s\n"),
+ token);
+ continue;
+ }
+
+ for (i = 0; i < (size_t)ngroups && grouplist[i] != grp->gr_gid; i++);
+
+ if (i < (size_t)ngroups) {
+ continue;
+ }
+
+ if (ngroups >= sysconf (_SC_NGROUPS_MAX)) {
+ fputs (_("Warning: too many groups\n"), stderr);
+ break;
+ }
+ tmp = (gid_t *) realloc (grouplist, (size_t)(ngroups + 1) * sizeof (GETGROUPS_T));
+ if (NULL == tmp) {
+ free (grouplist);
+ return -1;
+ }
+ tmp[ngroups] = grp->gr_gid;
+ ngroups++;
+ grouplist = tmp;
+ added = true;
+ }
+
+ if (added) {
+ return setgroups ((size_t)ngroups, grouplist);
+ }
+
+ return 0;
+}
+#else /* HAVE_SETGROUPS && !USE_PAM */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* HAVE_SETGROUPS && !USE_PAM */
+
diff --git a/libmisc/age.c b/libmisc/age.c
new file mode 100644
index 0000000..12e6036
--- /dev/null
+++ b/libmisc/age.c
@@ -0,0 +1,201 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "exitcodes.h"
+#include <pwd.h>
+#include <grp.h>
+
+#ident "$Id$"
+
+#ifndef PASSWD_PROGRAM
+#define PASSWD_PROGRAM "/bin/passwd"
+#endif
+/*
+ * expire - force password change if password expired
+ *
+ * expire() calls /bin/passwd to change the user's password
+ * if it has expired.
+ */
+int expire (const struct passwd *pw, /*@null@*/const struct spwd *sp)
+{
+ int status;
+ pid_t child;
+ pid_t pid;
+
+ if (NULL == sp) {
+ return 0;
+ }
+
+ /*
+ * See if the user's password has expired, and if so
+ * force them to change their password.
+ */
+
+ status = isexpired (pw, sp);
+ switch (status) {
+ case 0:
+ return 0;
+ case 1:
+ (void) fputs (_("Your password has expired."), stdout);
+ break;
+ case 2:
+ (void) fputs (_("Your password is inactive."), stdout);
+ break;
+ case 3:
+ (void) fputs (_("Your login has expired."), stdout);
+ break;
+ }
+
+ /*
+ * Setting the maximum valid period to less than the minimum
+ * valid period means that the minimum period will never
+ * occur while the password is valid, so the user can never
+ * change that password.
+ */
+
+ if ((status > 1) || (sp->sp_max < sp->sp_min)) {
+ (void) puts (_(" Contact the system administrator."));
+ exit (EXIT_FAILURE);
+ }
+ (void) puts (_(" Choose a new password."));
+ (void) fflush (stdout);
+
+ /*
+ * Close all the files so that unauthorized access won't
+ * occur. This needs to be done anyway because those files
+ * might become stale after "passwd" is executed.
+ */
+
+ endspent ();
+ endpwent ();
+#ifdef SHADOWGRP
+ endsgent ();
+#endif
+ endgrent ();
+
+ /*
+ * Execute the /bin/passwd command. The exit status will be
+ * examined to see what the result is. If there are any
+ * errors the routine will exit. This forces the user to
+ * change their password before being able to use the account.
+ */
+
+ pid = fork ();
+ if (0 == pid) {
+ int err;
+
+ /*
+ * Set the UID to be that of the user. This causes
+ * passwd to work just like it would had they executed
+ * it from the command line while logged in.
+ */
+#if defined(HAVE_INITGROUPS) && ! defined(USE_PAM)
+ if (setup_uid_gid (pw, false) != 0)
+#else
+ if (setup_uid_gid (pw) != 0)
+#endif
+ {
+ _exit (126);
+ }
+
+ (void) execl (PASSWD_PROGRAM, PASSWD_PROGRAM, pw->pw_name, (char *) 0);
+ err = errno;
+ perror ("Can't execute " PASSWD_PROGRAM);
+ _exit ((ENOENT == err) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+ } else if ((pid_t) -1 == pid) {
+ perror ("fork");
+ exit (EXIT_FAILURE);
+ }
+
+ while (((child = wait (&status)) != pid) && (child != (pid_t)-1));
+
+ if ((child == pid) && (0 == status)) {
+ return 1;
+ }
+
+ exit (EXIT_FAILURE);
+ /*@notreached@*/}
+
+/*
+ * agecheck - see if warning is needed for password expiration
+ *
+ * agecheck sees how many days until the user's password is going
+ * to expire and warns the user of the pending password expiration.
+ */
+
+void agecheck (/*@null@*/const struct spwd *sp)
+{
+ long now = (long) time ((time_t *) 0) / SCALE;
+ long remain;
+
+ if (NULL == sp) {
+ return;
+ }
+
+ /*
+ * The last, max, and warn fields must be supported or the
+ * warning period cannot be calculated.
+ */
+
+ if ( (-1 == sp->sp_lstchg)
+ || (-1 == sp->sp_max)
+ || (-1 == sp->sp_warn)) {
+ return;
+ }
+
+ if (0 == sp->sp_lstchg) {
+ (void) puts (_("You must change your password."));
+ return;
+ }
+
+ remain = sp->sp_lstchg + sp->sp_max - now;
+ if (remain <= sp->sp_warn) {
+ remain /= DAY / SCALE;
+ if (remain > 1) {
+ (void) printf (_("Your password will expire in %ld days.\n"),
+ remain);
+ } else if (1 == remain) {
+ (void) puts (_("Your password will expire tomorrow."));
+ } else if (remain == 0) {
+ (void) puts (_("Your password will expire today."));
+ }
+ }
+}
+
diff --git a/libmisc/audit_help.c b/libmisc/audit_help.c
new file mode 100644
index 0000000..1aadaa3
--- /dev/null
+++ b/libmisc/audit_help.c
@@ -0,0 +1,109 @@
+/*
+ * Copyright (c) 2005 , Red Hat, Inc.
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Audit helper functions used throughout shadow
+ *
+ */
+
+#include <config.h>
+
+#ifdef WITH_AUDIT
+
+#include <stdlib.h>
+#include <syslog.h>
+#include <stdarg.h>
+#include <libaudit.h>
+#include <errno.h>
+#include <stdio.h>
+#include "prototypes.h"
+int audit_fd;
+
+void audit_help_open (void)
+{
+ audit_fd = audit_open ();
+ if (audit_fd < 0) {
+ /* You get these only when the kernel doesn't have
+ * audit compiled in. */
+ if ( (errno == EINVAL)
+ || (errno == EPROTONOSUPPORT)
+ || (errno == EAFNOSUPPORT)) {
+ return;
+ }
+ (void) fputs (_("Cannot open audit interface - aborting.\n"),
+ stderr);
+ exit (EXIT_FAILURE);
+ }
+}
+
+/*
+ * This function will log a message to the audit system using a predefined
+ * message format. Parameter usage is as follows:
+ *
+ * type - type of message: AUDIT_USER_CHAUTHTOK for changing any account
+ * attributes.
+ * pgname - program's name
+ * op - operation. "adding user", "changing finger info", "deleting group"
+ * name - user's account or group name. If not available use NULL.
+ * id - uid or gid that the operation is being performed on. This is used
+ * only when user is NULL.
+ */
+void audit_logger (int type, unused const char *pgname, const char *op,
+ const char *name, unsigned int id,
+ shadow_audit_result result)
+{
+ if (audit_fd < 0) {
+ return;
+ } else {
+ audit_log_acct_message (audit_fd, type, NULL, op, name, id,
+ NULL, NULL, NULL, (int) result);
+ }
+}
+
+void audit_logger_message (const char *message, shadow_audit_result result)
+{
+ if (audit_fd < 0) {
+ return;
+ } else {
+ audit_log_user_message (audit_fd,
+ AUDIT_USYS_CONFIG,
+ message,
+ NULL, /* hostname */
+ NULL, /* addr */
+ NULL, /* tty */
+ (int) result);
+ }
+}
+
+#else /* WITH_AUDIT */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* WITH_AUDIT */
+
diff --git a/libmisc/basename.c b/libmisc/basename.c
new file mode 100644
index 0000000..1525169
--- /dev/null
+++ b/libmisc/basename.c
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * basename.c - not worth copyrighting :-). Some versions of Linux libc
+ * already have basename(), other versions don't. To avoid confusion,
+ * we will not use the function from libc and use a different name here.
+ * --marekm
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "defines.h"
+#include "prototypes.h"
+/*@observer@*/const char *Basename (const char *str)
+{
+ char *cp = strrchr (str, '/');
+
+ return (NULL != cp) ? cp + 1 : str;
+}
diff --git a/libmisc/chkname.c b/libmisc/chkname.c
new file mode 100644
index 0000000..64f5580
--- /dev/null
+++ b/libmisc/chkname.c
@@ -0,0 +1,99 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2005 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * is_valid_user_name(), is_valid_group_name() - check the new user/group
+ * name for validity;
+ * return values:
+ * true - OK
+ * false - bad name
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include "defines.h"
+#include "chkname.h"
+
+static bool is_valid_name (const char *name)
+{
+ /*
+ * User/group names must match [a-z_][a-z0-9_-]*[$]
+ */
+ if (('\0' == *name) ||
+ !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
+ return false;
+ }
+
+ while ('\0' != *++name) {
+ if (!(( ('a' <= *name) && ('z' >= *name) ) ||
+ ( ('0' <= *name) && ('9' >= *name) ) ||
+ ('_' == *name) ||
+ ('-' == *name) ||
+ ( ('$' == *name) && ('\0' == *(name + 1)) )
+ )) {
+ return false;
+ }
+ }
+
+ return true;
+}
+
+bool is_valid_user_name (const char *name)
+{
+ /*
+ * User names are limited by whatever utmp can
+ * handle.
+ */
+ if (strlen (name) > USER_NAME_MAX_LENGTH) {
+ return false;
+ }
+
+ return is_valid_name (name);
+}
+
+bool is_valid_group_name (const char *name)
+{
+ /*
+ * Arbitrary limit for group names.
+ * HP-UX 10 limits to 16 characters
+ */
+ if ( (GROUP_NAME_MAX_LENGTH > 0)
+ && (strlen (name) > GROUP_NAME_MAX_LENGTH)) {
+ return false;
+ }
+
+ return is_valid_name (name);
+}
+
diff --git a/libmisc/chkname.h b/libmisc/chkname.h
new file mode 100644
index 0000000..06e0dee
--- /dev/null
+++ b/libmisc/chkname.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1997 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef _CHKNAME_H_
+#define _CHKNAME_H_
+
+/*
+ * is_valid_user_name(), is_valid_group_name() - check the new user/group
+ * name for validity;
+ * return values:
+ * true - OK
+ * false - bad name
+ */
+
+#include "defines.h"
+
+extern bool is_valid_user_name (const char *name);
+extern bool is_valid_group_name (const char *name);
+
+#endif
diff --git a/libmisc/chowndir.c b/libmisc/chowndir.c
new file mode 100644
index 0000000..c4c504a
--- /dev/null
+++ b/libmisc/chowndir.c
@@ -0,0 +1,201 @@
+/*
+ * Copyright (c) 1992 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2010 - , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <fcntl.h>
+#include <stdio.h>
+/*
+ * chown_tree - change ownership of files in a directory tree
+ *
+ * chown_dir() walks a directory tree and changes the ownership
+ * of all files owned by the provided user ID.
+ *
+ * Only files owned (resp. group-owned) by old_uid (resp. by old_gid)
+ * will have their ownership (resp. group-ownership) modified, unless
+ * old_uid (resp. old_gid) is set to -1.
+ *
+ * new_uid and new_gid can be set to -1 to indicate that no owner or
+ * group-owner shall be changed.
+ */
+int chown_tree (const char *root,
+ uid_t old_uid,
+ uid_t new_uid,
+ gid_t old_gid,
+ gid_t new_gid)
+{
+ char *new_name;
+ size_t new_name_len;
+ int rc = 0;
+ struct DIRECT *ent;
+ struct stat sb;
+ DIR *dir;
+
+ new_name = malloc (1024);
+ if (NULL == new_name) {
+ return -1;
+ }
+ new_name_len = 1024;
+
+ /*
+ * Make certain the directory exists. This routine is called
+ * directly by the invoker, or recursively.
+ */
+
+ if (access (root, F_OK) != 0) {
+ free (new_name);
+ return -1;
+ }
+
+ /*
+ * Open the directory and read each entry. Every entry is tested
+ * to see if it is a directory, and if so this routine is called
+ * recursively. If not, it is checked to see if an ownership
+ * shall be changed.
+ */
+
+ dir = opendir (root);
+ if (NULL == dir) {
+ free (new_name);
+ return -1;
+ }
+
+ while ((ent = readdir (dir))) {
+ size_t ent_name_len;
+ uid_t tmpuid = (uid_t) -1;
+ gid_t tmpgid = (gid_t) -1;
+
+ /*
+ * Skip the "." and ".." entries
+ */
+
+ if ( (strcmp (ent->d_name, ".") == 0)
+ || (strcmp (ent->d_name, "..") == 0)) {
+ continue;
+ }
+
+ /*
+ * Make the filename for both the source and the
+ * destination files.
+ */
+
+ ent_name_len = strlen (root) + strlen (ent->d_name) + 2;
+ if (ent_name_len > new_name_len) {
+ /*@only@*/char *tmp = realloc (new_name, ent_name_len);
+ if (NULL == tmp) {
+ rc = -1;
+ break;
+ }
+ new_name = tmp;
+ new_name_len = ent_name_len;
+ }
+
+ (void) snprintf (new_name, new_name_len, "%s/%s", root, ent->d_name);
+
+ /* Don't follow symbolic links! */
+ if (LSTAT (new_name, &sb) == -1) {
+ continue;
+ }
+
+ if (S_ISDIR (sb.st_mode) && !S_ISLNK (sb.st_mode)) {
+
+ /*
+ * Do the entire subdirectory.
+ */
+
+ rc = chown_tree (new_name, old_uid, new_uid,
+ old_gid, new_gid);
+ if (0 != rc) {
+ break;
+ }
+ }
+#ifndef HAVE_LCHOWN
+ /* don't use chown (follows symbolic links!) */
+ if (S_ISLNK (sb.st_mode)) {
+ continue;
+ }
+#endif
+ /*
+ * By default, the IDs are not changed (-1).
+ *
+ * If the file is not owned by the user, the owner is not
+ * changed.
+ *
+ * If the file is not group-owned by the group, the
+ * group-owner is not changed.
+ */
+ if (((uid_t) -1 == old_uid) || (sb.st_uid == old_uid)) {
+ tmpuid = new_uid;
+ }
+ if (((gid_t) -1 == old_gid) || (sb.st_gid == old_gid)) {
+ tmpgid = new_gid;
+ }
+ if (((uid_t) -1 != tmpuid) || ((gid_t) -1 != tmpgid)) {
+ rc = LCHOWN (new_name, tmpuid, tmpgid);
+ if (0 != rc) {
+ break;
+ }
+ }
+ }
+
+ free (new_name);
+ (void) closedir (dir);
+
+ /*
+ * Now do the root of the tree
+ */
+
+ if ((0 == rc) && (stat (root, &sb) == 0)) {
+ uid_t tmpuid = (uid_t) -1;
+ gid_t tmpgid = (gid_t) -1;
+ if (((uid_t) -1 == old_uid) || (sb.st_uid == old_uid)) {
+ tmpuid = new_uid;
+ }
+ if (((gid_t) -1 == old_gid) || (sb.st_gid == old_gid)) {
+ tmpgid = new_gid;
+ }
+ if (((uid_t) -1 != tmpuid) || ((gid_t) -1 != tmpgid)) {
+ rc = LCHOWN (root, tmpuid, tmpgid);
+ }
+ } else {
+ rc = -1;
+ }
+
+ return rc;
+}
+
diff --git a/libmisc/chowntty.c b/libmisc/chowntty.c
new file mode 100644
index 0000000..f6f5dbc
--- /dev/null
+++ b/libmisc/chowntty.c
@@ -0,0 +1,99 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2001, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <errno.h>
+#include <grp.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include "getdef.h"
+
+/*
+ * chown_tty() sets the login tty to be owned by the new user ID
+ * with TTYPERM modes
+ */
+
+void chown_tty (const struct passwd *info)
+{
+ struct group *grent;
+ gid_t gid;
+
+ /*
+ * See if login.defs has some value configured for the port group
+ * ID. Otherwise, use the user's primary group ID.
+ */
+
+ grent = getgr_nam_gid (getdef_str ("TTYGROUP"));
+ if (NULL != grent) {
+ gid = grent->gr_gid;
+ } else {
+ gid = info->pw_gid;
+ }
+
+ /*
+ * Change the permissions on the TTY to be owned by the user with
+ * the group as determined above.
+ */
+
+ if ( (fchown (STDIN_FILENO, info->pw_uid, gid) != 0)
+ || (fchmod (STDIN_FILENO, (mode_t)getdef_num ("TTYPERM", 0600)) != 0)) {
+ int err = errno;
+
+ fprintf (stderr,
+ _("Unable to change owner or mode of tty stdin: %s"),
+ strerror (err));
+ SYSLOG ((LOG_WARN,
+ "unable to change owner or mode of tty stdin for user `%s': %s\n",
+ info->pw_name, strerror (err)));
+ if (EROFS != err) {
+ closelog ();
+ exit (EXIT_FAILURE);
+ }
+ }
+#ifdef __linux__
+ /*
+ * Please don't add code to chown /dev/vcs* to the user logging in -
+ * it's a potential security hole. I wouldn't like the previous user
+ * to hold the file descriptor open and watch my screen. We don't
+ * have the *BSD revoke() system call yet, and vhangup() only works
+ * for tty devices (which vcs* is not). --marekm
+ */
+#endif
+}
+
diff --git a/libmisc/cleanup.c b/libmisc/cleanup.c
new file mode 100644
index 0000000..bd83a23
--- /dev/null
+++ b/libmisc/cleanup.c
@@ -0,0 +1,144 @@
+/*
+ * Copyright (c) 2008 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+
+#include "prototypes.h"
+
+/*
+ * The cleanup_functions stack.
+ */
+#define CLEANUP_FUNCTIONS 10
+
+typedef /*@null@*/void * parg_t;
+
+static cleanup_function cleanup_functions[CLEANUP_FUNCTIONS];
+static parg_t cleanup_function_args[CLEANUP_FUNCTIONS];
+static pid_t cleanup_pid = 0;
+
+/*
+ * - Cleanup functions shall not fail.
+ * - You should register do_cleanups with atexit.
+ * - You should add cleanup functions to the stack with add_cleanup when
+ * an operation is expected to be executed later, and remove it from the
+ * stack with del_cleanup when it has been executed.
+ *
+ **/
+
+/*
+ * do_cleanups - perform the actions stored in the cleanup_functions stack.
+ *
+ * Cleanup action are not executed on exit of the processes started by the
+ * parent (first caller of add_cleanup).
+ *
+ * It is intended to be used as:
+ * atexit (do_cleanups);
+ */
+void do_cleanups (void)
+{
+ unsigned int i;
+
+ /* Make sure there were no overflow */
+ assert (NULL == cleanup_functions[CLEANUP_FUNCTIONS-1]);
+
+ if (getpid () != cleanup_pid) {
+ return;
+ }
+
+ i = CLEANUP_FUNCTIONS;
+ do {
+ i--;
+ if (cleanup_functions[i] != NULL) {
+ cleanup_functions[i] (cleanup_function_args[i]);
+ }
+ } while (i>0);
+}
+
+/*
+ * add_cleanup - Add a cleanup_function to the cleanup_functions stack.
+ */
+void add_cleanup (/*@notnull@*/cleanup_function pcf, /*@null@*/void *arg)
+{
+ unsigned int i;
+ assert (NULL != pcf);
+
+ assert (NULL == cleanup_functions[CLEANUP_FUNCTIONS-2]);
+
+ if (0 == cleanup_pid) {
+ cleanup_pid = getpid ();
+ }
+
+ /* Add the cleanup_function at the end of the stack */
+ for (i=0; NULL != cleanup_functions[i]; i++);
+ cleanup_functions[i] = pcf;
+ cleanup_function_args[i] = arg;
+}
+
+/*
+ * del_cleanup - Remove a cleanup_function from the cleanup_functions stack.
+ */
+void del_cleanup (/*@notnull@*/cleanup_function pcf)
+{
+ unsigned int i;
+ assert (NULL != pcf);
+
+ /* Find the pcf cleanup function */
+ for (i=0; i<CLEANUP_FUNCTIONS; i++) {
+ if (cleanup_functions[i] == pcf) {
+ break;
+ }
+ }
+
+ /* Make sure the cleanup function was found */
+ assert (i<CLEANUP_FUNCTIONS);
+
+ /* Move the rest of the cleanup functions */
+ for (; i<CLEANUP_FUNCTIONS; i++) {
+ /* Make sure the cleanup function was specified only once */
+ assert ( (i == (CLEANUP_FUNCTIONS -1))
+ || (cleanup_functions[i+1] != pcf));
+
+ if (i == (CLEANUP_FUNCTIONS -1)) {
+ cleanup_functions[i] = NULL;
+ cleanup_function_args[i] = NULL;
+ } else {
+ cleanup_functions[i] = cleanup_functions[i+1];
+ cleanup_function_args[i] = cleanup_function_args[i+1];
+ }
+
+ /* A NULL indicates the end of the stack */
+ if (NULL == cleanup_functions[i]) {
+ break;
+ }
+ }
+}
+
diff --git a/libmisc/cleanup_group.c b/libmisc/cleanup_group.c
new file mode 100644
index 0000000..d07adc7
--- /dev/null
+++ b/libmisc/cleanup_group.c
@@ -0,0 +1,237 @@
+/*
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+
+#include "defines.h"
+#include "groupio.h"
+#include "sgroupio.h"
+#include "prototypes.h"
+
+/*
+ * cleanup_report_add_group - Report failure to add a group to the system
+ *
+ * It should be registered when it is decided to add a group to the system.
+ */
+void cleanup_report_add_group (void *group_name)
+{
+ const char *name = (const char *)group_name;
+
+ SYSLOG ((LOG_ERR, "failed to add group %s", name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+/*
+ * cleanup_report_del_group - Report failure to remove a group from the system
+ *
+ * It should be registered when it is decided to remove a group from the system.
+ */
+void cleanup_report_del_group (void *group_name)
+{
+ const char *name = (const char *)group_name;
+
+ SYSLOG ((LOG_ERR, "failed to remove group %s", name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_GROUP, Prog,
+ "",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+void cleanup_report_mod_group (void *cleanup_info)
+{
+ const struct cleanup_info_mod *info;
+ info = (const struct cleanup_info_mod *)cleanup_info;
+
+ SYSLOG ((LOG_ERR,
+ "failed to change %s (%s)",
+ gr_dbname (),
+ info->action));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ info->audit_msg,
+ info->name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+#ifdef SHADOWGRP
+void cleanup_report_mod_gshadow (void *cleanup_info)
+{
+ const struct cleanup_info_mod *info;
+ info = (const struct cleanup_info_mod *)cleanup_info;
+
+ SYSLOG ((LOG_ERR,
+ "failed to change %s (%s)",
+ sgr_dbname (),
+ info->action));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ info->audit_msg,
+ info->name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+#endif
+
+/*
+ * cleanup_report_add_group_group - Report failure to add a group to group
+ *
+ * It should be registered when it is decided to add a group to the
+ * group database.
+ */
+void cleanup_report_add_group_group (void *group_name)
+{
+ const char *name = (const char *)group_name;
+
+ SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, gr_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "adding group to /etc/group",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+#ifdef SHADOWGRP
+/*
+ * cleanup_report_add_group_gshadow - Report failure to add a group to gshadow
+ *
+ * It should be registered when it is decided to add a group to the
+ * gshadow database.
+ */
+void cleanup_report_add_group_gshadow (void *group_name)
+{
+ const char *name = (const char *)group_name;
+
+ SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, sgr_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "adding group to /etc/gshadow",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+#endif
+
+/*
+ * cleanup_report_del_group_group - Report failure to remove a group from the
+ * regular group database
+ *
+ * It should be registered when it is decided to remove a group from the
+ * regular group database.
+ */
+void cleanup_report_del_group_group (void *group_name)
+{
+ const char *name = (const char *)group_name;
+
+ SYSLOG ((LOG_ERR,
+ "failed to remove group %s from %s",
+ name, gr_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "removing group from /etc/group",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+#ifdef SHADOWGRP
+/*
+ * cleanup_report_del_group_gshadow - Report failure to remove a group from
+ * gshadow
+ *
+ * It should be registered when it is decided to remove a group from the
+ * gshadow database.
+ */
+void cleanup_report_del_group_gshadow (void *group_name)
+{
+ const char *name = (const char *)group_name;
+
+ SYSLOG ((LOG_ERR,
+ "failed to remove group %s from %s",
+ name, sgr_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "removing group from /etc/gshadow",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+#endif
+
+/*
+ * cleanup_unlock_group - Unlock the group file
+ *
+ * It should be registered after the group file is successfully locked.
+ */
+void cleanup_unlock_group (unused void *arg)
+{
+ if (gr_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger_message ("unlocking group file",
+ SHADOW_AUDIT_FAILURE);
+#endif
+ }
+}
+
+#ifdef SHADOWGRP
+/*
+ * cleanup_unlock_gshadow - Unlock the gshadow file
+ *
+ * It should be registered after the gshadow file is successfully locked.
+ */
+void cleanup_unlock_gshadow (unused void *arg)
+{
+ if (sgr_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger_message ("unlocking gshadow file",
+ SHADOW_AUDIT_FAILURE);
+#endif
+ }
+}
+#endif
+
diff --git a/libmisc/cleanup_user.c b/libmisc/cleanup_user.c
new file mode 100644
index 0000000..6e49751
--- /dev/null
+++ b/libmisc/cleanup_user.c
@@ -0,0 +1,152 @@
+/*
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+
+#include "defines.h"
+#include "pwio.h"
+#include "shadowio.h"
+#include "prototypes.h"
+
+/*
+ * cleanup_report_add_user - Report failure to add an user to the system
+ *
+ * It should be registered when it is decided to add an user to the system.
+ */
+void cleanup_report_add_user (void *user_name)
+{
+ const char *name = (const char *)user_name;
+
+ SYSLOG ((LOG_ERR, "failed to add user %s", name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+void cleanup_report_mod_passwd (void *cleanup_info)
+{
+ const struct cleanup_info_mod *info;
+ info = (const struct cleanup_info_mod *)cleanup_info;
+
+ SYSLOG ((LOG_ERR,
+ "failed to change %s (%s)",
+ pw_dbname (),
+ info->action));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ info->audit_msg,
+ info->name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+/*
+ * cleanup_report_add_user_passwd - Report failure to add an user to
+ * /etc/passwd
+ *
+ * It should be registered when it is decided to add an user to the
+ * /etc/passwd database.
+ */
+void cleanup_report_add_user_passwd (void *user_name)
+{
+ const char *name = (const char *)user_name;
+
+ SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to /etc/passwd",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+/*
+ * cleanup_report_add_user_shadow - Report failure to add an user to
+ * /etc/shadow
+ *
+ * It should be registered when it is decided to add an user to the
+ * /etc/shadow database.
+ */
+void cleanup_report_add_user_shadow (void *user_name)
+{
+ const char *name = (const char *)user_name;
+
+ SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to /etc/shadow",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+/*
+ * cleanup_unlock_passwd - Unlock the /etc/passwd database
+ *
+ * It should be registered after the passwd database is successfully locked.
+ */
+void cleanup_unlock_passwd (unused void *arg)
+{
+ if (pw_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger_message ("unlocking passwd file",
+ SHADOW_AUDIT_FAILURE);
+#endif
+ }
+}
+
+/*
+ * cleanup_unlock_shadow - Unlock the /etc/shadow database
+ *
+ * It should be registered after the shadow database is successfully locked.
+ */
+void cleanup_unlock_shadow (unused void *arg)
+{
+ if (spw_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger_message ("unlocking shadow file",
+ SHADOW_AUDIT_FAILURE);
+#endif
+ }
+}
+
diff --git a/libmisc/console.c b/libmisc/console.c
new file mode 100644
index 0000000..70d1390
--- /dev/null
+++ b/libmisc/console.c
@@ -0,0 +1,133 @@
+/*
+ * Copyright (c) 1991 , Julianne Frances Haugh
+ * Copyright (c) 1991 , Chip Rosenthal
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include "defines.h"
+#include <stdio.h>
+#include "getdef.h"
+#include "prototypes.h"
+
+#ident "$Id$"
+
+/* local function prototypes */
+static bool is_listed (const char *cfgin, const char *tty, bool def);
+
+/*
+ * This is now rather generic function which decides if "tty" is listed
+ * under "cfgin" in config (directly or indirectly). Fallback to default if
+ * something is bad.
+ */
+static bool is_listed (const char *cfgin, const char *tty, bool def)
+{
+ FILE *fp;
+ char buf[200], *s;
+ const char *cons;
+
+ /*
+ * If the CONSOLE configuration definition isn't given,
+ * fallback to default.
+ */
+
+ cons = getdef_str (cfgin);
+ if (NULL == cons) {
+ return def;
+ }
+
+ /*
+ * If this isn't a filename, then it is a ":" delimited list of
+ * console devices upon which root logins are allowed.
+ */
+
+ if (*cons != '/') {
+ char *pbuf;
+ strcpy (buf, cons);
+ pbuf = &buf[0];
+ while ((s = strtok (pbuf, ":")) != NULL) {
+ if (strcmp (s, tty) == 0) {
+ return true;
+ }
+
+ pbuf = NULL;
+ }
+ return false;
+ }
+
+ /*
+ * If we can't open the console list, then call everything a
+ * console - otherwise root will never be allowed to login.
+ */
+
+ fp = fopen (cons, "r");
+ if (NULL == fp) {
+ return def;
+ }
+
+ /*
+ * See if this tty is listed in the console file.
+ */
+
+ while (fgets (buf, (int) sizeof (buf), fp) != NULL) {
+ buf[strlen (buf) - 1] = '\0';
+ if (strcmp (buf, tty) == 0) {
+ (void) fclose (fp);
+ return true;
+ }
+ }
+
+ /*
+ * This tty isn't a console.
+ */
+
+ (void) fclose (fp);
+ return false;
+}
+
+/*
+ * console - return 1 if the "tty" is a console device, else 0.
+ *
+ * Note - we need to take extreme care here to avoid locking out root logins
+ * if something goes awry. That's why we do things like call everything a
+ * console if the consoles file can't be opened. Because of this, we must
+ * warn the user to protect against the remove of the consoles file since
+ * that would allow an unauthorized root login.
+ */
+
+bool console (const char *tty)
+{
+ if (strncmp (tty, "/dev/", 5) == 0) {
+ tty += 5;
+ }
+
+ return is_listed ("CONSOLE", tty, true);
+}
+
diff --git a/libmisc/copydir.c b/libmisc/copydir.c
new file mode 100644
index 0000000..e6aac6e
--- /dev/null
+++ b/libmisc/copydir.c
@@ -0,0 +1,839 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2001, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/time.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#endif /* WITH_SELINUX */
+#if defined(WITH_ACL) || defined(WITH_ATTR)
+#include <stdarg.h>
+#include <attr/error_context.h>
+#endif /* WITH_ACL || WITH_ATTR */
+#ifdef WITH_ACL
+#include <acl/libacl.h>
+#endif /* WITH_ACL */
+#ifdef WITH_ATTR
+#include <attr/libattr.h>
+#endif /* WITH_ATTR */
+
+
+static /*@null@*/const char *src_orig;
+static /*@null@*/const char *dst_orig;
+
+struct link_name {
+ dev_t ln_dev;
+ ino_t ln_ino;
+ nlink_t ln_count;
+ char *ln_name;
+ /*@dependent@*/struct link_name *ln_next;
+};
+static /*@exposed@*/struct link_name *links;
+
+static int copy_entry (const char *src, const char *dst,
+ bool reset_selinux,
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid);
+static int copy_dir (const char *src, const char *dst,
+ bool reset_selinux,
+ const struct stat *statp, const struct timeval mt[],
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid);
+#ifdef S_IFLNK
+static /*@null@*/char *readlink_malloc (const char *filename);
+static int copy_symlink (const char *src, const char *dst,
+ unused bool reset_selinux,
+ const struct stat *statp, const struct timeval mt[],
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid);
+#endif /* S_IFLNK */
+static int copy_hardlink (const char *dst,
+ unused bool reset_selinux,
+ struct link_name *lp);
+static int copy_special (const char *src, const char *dst,
+ bool reset_selinux,
+ const struct stat *statp, const struct timeval mt[],
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid);
+static int copy_file (const char *src, const char *dst,
+ bool reset_selinux,
+ const struct stat *statp, const struct timeval mt[],
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid);
+static int chown_if_needed (const char *dst, const struct stat *statp,
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid);
+static int lchown_if_needed (const char *dst, const struct stat *statp,
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid);
+static int fchown_if_needed (int fdst, const struct stat *statp,
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid);
+
+#if defined(WITH_ACL) || defined(WITH_ATTR)
+/*
+ * error_acl - format the error messages for the ACL and EQ libraries.
+ */
+static void error_acl (struct error_context *ctx, const char *fmt, ...)
+{
+ va_list ap;
+
+ /* ignore the case when destination does not support ACLs
+ * or extended attributes */
+ if (ENOTSUP == errno) {
+ errno = 0;
+ return;
+ }
+
+ va_start (ap, fmt);
+ (void) fprintf (stderr, _("%s: "), Prog);
+ if (vfprintf (stderr, fmt, ap) != 0) {
+ (void) fputs (_(": "), stderr);
+ }
+ (void) fprintf (stderr, "%s\n", strerror (errno));
+ va_end (ap);
+}
+
+static struct error_context ctx = {
+ error_acl
+};
+#endif /* WITH_ACL || WITH_ATTR */
+
+/*
+ * remove_link - delete a link from the linked list
+ */
+static void remove_link (/*@only@*/struct link_name *ln)
+{
+ struct link_name *lp;
+
+ if (links == ln) {
+ links = ln->ln_next;
+ free (ln->ln_name);
+ free (ln);
+ return;
+ }
+ for (lp = links; NULL !=lp; lp = lp->ln_next) {
+ if (lp->ln_next == ln) {
+ break;
+ }
+ }
+
+ if (NULL == lp) {
+ free (ln->ln_name);
+ free (ln);
+ return;
+ }
+
+ lp->ln_next = lp->ln_next->ln_next;
+ free (ln->ln_name);
+ free (ln);
+}
+
+/*
+ * check_link - see if a file is really a link
+ */
+
+static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, const struct stat *sb)
+{
+ struct link_name *lp;
+ size_t src_len;
+ size_t dst_len;
+ size_t name_len;
+ size_t len;
+
+ /* copy_tree () must be the entry point */
+ assert (NULL != src_orig);
+ assert (NULL != dst_orig);
+
+ for (lp = links; NULL != lp; lp = lp->ln_next) {
+ if ((lp->ln_dev == sb->st_dev) && (lp->ln_ino == sb->st_ino)) {
+ return lp;
+ }
+ }
+
+ if (sb->st_nlink == 1) {
+ return NULL;
+ }
+
+ lp = (struct link_name *) xmalloc (sizeof *lp);
+ src_len = strlen (src_orig);
+ dst_len = strlen (dst_orig);
+ name_len = strlen (name);
+ lp->ln_dev = sb->st_dev;
+ lp->ln_ino = sb->st_ino;
+ lp->ln_count = sb->st_nlink;
+ len = name_len - src_len + dst_len + 1;
+ lp->ln_name = (char *) xmalloc (len);
+ (void) snprintf (lp->ln_name, len, "%s%s", dst_orig, name + src_len);
+ lp->ln_next = links;
+ links = lp;
+
+ return NULL;
+}
+
+/*
+ * copy_tree - copy files in a directory tree
+ *
+ * copy_tree() walks a directory tree and copies ordinary files
+ * as it goes.
+ *
+ * When reset_selinux is enabled, extended attributes (and thus
+ * SELinux attributes) are not copied.
+ *
+ * old_uid and new_uid are used to set the ownership of the copied
+ * files. Unless old_uid is set to -1, only the files owned by
+ * old_uid have their ownership changed to new_uid. In addition, if
+ * new_uid is set to -1, no ownership will be changed.
+ *
+ * The same logic applies for the group-ownership and
+ * old_gid/new_gid.
+ */
+int copy_tree (const char *src_root, const char *dst_root,
+ bool copy_root, bool reset_selinux,
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid)
+{
+ int err = 0;
+ bool set_orig = false;
+ struct DIRECT *ent;
+ DIR *dir;
+
+ if (copy_root) {
+ struct stat sb;
+ if (access (dst_root, F_OK) == 0) {
+ return -1;
+ }
+
+ if (LSTAT (src_root, &sb) == -1) {
+ return -1;
+ }
+
+ if (!S_ISDIR (sb.st_mode)) {
+ fprintf (stderr,
+ "%s: %s is not a directory",
+ Prog, src_root);
+ return -1;
+ }
+
+ return copy_entry (src_root, dst_root, reset_selinux,
+ old_uid, new_uid, old_gid, new_gid);
+ }
+
+ /*
+ * Make certain both directories exist. This routine is called
+ * after the home directory is created, or recursively after the
+ * target is created. It assumes the target directory exists.
+ */
+
+ if ( (access (src_root, F_OK) != 0)
+ || (access (dst_root, F_OK) != 0)) {
+ return -1;
+ }
+
+ /*
+ * Open the source directory and read each entry. Every file
+ * entry in the directory is copied with the UID and GID set
+ * to the provided values. As an added security feature only
+ * regular files (and directories ...) are copied, and no file
+ * is made set-ID.
+ */
+ dir = opendir (src_root);
+ if (NULL == dir) {
+ return -1;
+ }
+
+ if (src_orig == NULL) {
+ src_orig = src_root;
+ dst_orig = dst_root;
+ set_orig = true;
+ }
+ while ((0 == err) && (ent = readdir (dir)) != NULL) {
+ /*
+ * Skip the "." and ".." entries
+ */
+ if ((strcmp (ent->d_name, ".") != 0) &&
+ (strcmp (ent->d_name, "..") != 0)) {
+ char *src_name;
+ char *dst_name;
+ size_t src_len = strlen (ent->d_name) + 2;
+ size_t dst_len = strlen (ent->d_name) + 2;
+ src_len += strlen (src_root);
+ dst_len += strlen (dst_root);
+
+ src_name = (char *) malloc (src_len);
+ dst_name = (char *) malloc (dst_len);
+
+ if ((NULL == src_name) || (NULL == dst_name)) {
+ err = -1;
+ } else {
+ /*
+ * Build the filename for both the source and
+ * the destination files.
+ */
+ (void) snprintf (src_name, src_len, "%s/%s",
+ src_root, ent->d_name);
+ (void) snprintf (dst_name, dst_len, "%s/%s",
+ dst_root, ent->d_name);
+
+ err = copy_entry (src_name, dst_name,
+ reset_selinux,
+ old_uid, new_uid,
+ old_gid, new_gid);
+ }
+ if (NULL != src_name) {
+ free (src_name);
+ }
+ if (NULL != dst_name) {
+ free (dst_name);
+ }
+ }
+ }
+ (void) closedir (dir);
+
+ if (set_orig) {
+ src_orig = NULL;
+ dst_orig = NULL;
+ /* FIXME: clean links
+ * Since there can be hardlinks elsewhere on the device,
+ * we cannot check that all the hardlinks were found:
+ assert (NULL == links);
+ */
+ }
+
+#ifdef WITH_SELINUX
+ /* Reset SELinux to create files with default contexts.
+ * Note that the context is only reset on exit of copy_tree (it is
+ * assumed that the program would quit without needing a restored
+ * context if copy_tree failed previously), and that copy_tree can
+ * be called recursively (hence the context is set on the
+ * sub-functions of copy_entry).
+ */
+ if (reset_selinux_file_context () != 0) {
+ err = -1;
+ }
+#endif /* WITH_SELINUX */
+
+ return err;
+}
+
+/*
+ * copy_entry - copy the entry of a directory
+ *
+ * Copy the entry src to dst.
+ * Depending on the type of entry, this function will forward the
+ * request to copy_dir(), copy_symlink(), copy_hardlink(),
+ * copy_special(), or copy_file().
+ *
+ * The access and modification time will not be modified.
+ *
+ * The permissions will be set to new_uid/new_gid.
+ *
+ * If new_uid (resp. new_gid) is equal to -1, the user (resp. group) will
+ * not be modified.
+ *
+ * Only the files owned (resp. group-owned) by old_uid (resp.
+ * old_gid) will be modified, unless old_uid (resp. old_gid) is set
+ * to -1.
+ */
+static int copy_entry (const char *src, const char *dst,
+ bool reset_selinux,
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid)
+{
+ int err = 0;
+ struct stat sb;
+ struct link_name *lp;
+ struct timeval mt[2];
+
+ if (LSTAT (src, &sb) == -1) {
+ /* If we cannot stat the file, do not care. */
+ } else {
+#ifdef HAVE_STRUCT_STAT_ST_ATIM
+ mt[0].tv_sec = sb.st_atim.tv_sec;
+ mt[0].tv_usec = sb.st_atim.tv_nsec / 1000;
+#else /* !HAVE_STRUCT_STAT_ST_ATIM */
+ mt[0].tv_sec = sb.st_atime;
+# ifdef HAVE_STRUCT_STAT_ST_ATIMENSEC
+ mt[0].tv_usec = sb.st_atimensec / 1000;
+# else /* !HAVE_STRUCT_STAT_ST_ATIMENSEC */
+ mt[0].tv_usec = 0;
+# endif /* !HAVE_STRUCT_STAT_ST_ATIMENSEC */
+#endif /* !HAVE_STRUCT_STAT_ST_ATIM */
+
+#ifdef HAVE_STRUCT_STAT_ST_MTIM
+ mt[1].tv_sec = sb.st_mtim.tv_sec;
+ mt[1].tv_usec = sb.st_mtim.tv_nsec / 1000;
+#else /* !HAVE_STRUCT_STAT_ST_MTIM */
+ mt[1].tv_sec = sb.st_mtime;
+# ifdef HAVE_STRUCT_STAT_ST_MTIMENSEC
+ mt[1].tv_usec = sb.st_mtimensec / 1000;
+# else /* !HAVE_STRUCT_STAT_ST_MTIMENSEC */
+ mt[1].tv_usec = 0;
+# endif /* !HAVE_STRUCT_STAT_ST_MTIMENSEC */
+#endif /* !HAVE_STRUCT_STAT_ST_MTIM */
+
+ if (S_ISDIR (sb.st_mode)) {
+ err = copy_dir (src, dst, reset_selinux, &sb, mt,
+ old_uid, new_uid, old_gid, new_gid);
+ }
+
+#ifdef S_IFLNK
+ /*
+ * Copy any symbolic links
+ */
+
+ else if (S_ISLNK (sb.st_mode)) {
+ err = copy_symlink (src, dst, reset_selinux, &sb, mt,
+ old_uid, new_uid, old_gid, new_gid);
+ }
+#endif /* S_IFLNK */
+
+ /*
+ * See if this is a previously copied link
+ */
+
+ else if ((lp = check_link (src, &sb)) != NULL) {
+ err = copy_hardlink (dst, reset_selinux, lp);
+ }
+
+ /*
+ * Deal with FIFOs and special files. The user really
+ * shouldn't have any of these, but it seems like it
+ * would be nice to copy everything ...
+ */
+
+ else if (!S_ISREG (sb.st_mode)) {
+ err = copy_special (src, dst, reset_selinux, &sb, mt,
+ old_uid, new_uid, old_gid, new_gid);
+ }
+
+ /*
+ * Create the new file and copy the contents. The new
+ * file will be owned by the provided UID and GID values.
+ */
+
+ else {
+ err = copy_file (src, dst, reset_selinux, &sb, mt,
+ old_uid, new_uid, old_gid, new_gid);
+ }
+ }
+
+ return err;
+}
+
+/*
+ * copy_dir - copy a directory
+ *
+ * Copy a directory (recursively) from src to dst.
+ *
+ * statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set
+ * the access and modification and the access rights.
+ *
+ * Return 0 on success, -1 on error.
+ */
+static int copy_dir (const char *src, const char *dst,
+ bool reset_selinux,
+ const struct stat *statp, const struct timeval mt[],
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid)
+{
+ int err = 0;
+
+ /*
+ * Create a new target directory, make it owned by
+ * the user and then recursively copy that directory.
+ */
+
+#ifdef WITH_SELINUX
+ if (set_selinux_file_context (dst) != 0) {
+ return -1;
+ }
+#endif /* WITH_SELINUX */
+ if ( (mkdir (dst, statp->st_mode) != 0)
+ || (chown_if_needed (dst, statp,
+ old_uid, new_uid, old_gid, new_gid) != 0)
+#ifdef WITH_ACL
+ || ( (perm_copy_file (src, dst, &ctx) != 0)
+ && (errno != 0))
+#else /* !WITH_ACL */
+ || (chmod (dst, statp->st_mode) != 0)
+#endif /* !WITH_ACL */
+#ifdef WITH_ATTR
+ /*
+ * If the third parameter is NULL, all extended attributes
+ * except those that define Access Control Lists are copied.
+ * ACLs are excluded by default because copying them between
+ * file systems with and without ACL support needs some
+ * additional logic so that no unexpected permissions result.
+ */
+ || ( !reset_selinux
+ && (attr_copy_file (src, dst, NULL, &ctx) != 0)
+ && (errno != 0))
+#endif /* WITH_ATTR */
+ || (copy_tree (src, dst, false, reset_selinux,
+ old_uid, new_uid, old_gid, new_gid) != 0)
+ || (utimes (dst, mt) != 0)) {
+ err = -1;
+ }
+
+ return err;
+}
+
+#ifdef S_IFLNK
+/*
+ * readlink_malloc - wrapper for readlink
+ *
+ * return NULL on error.
+ * The return string shall be freed by the caller.
+ */
+static /*@null@*/char *readlink_malloc (const char *filename)
+{
+ size_t size = 1024;
+
+ while (true) {
+ ssize_t nchars;
+ char *buffer = (char *) malloc (size);
+ if (NULL == buffer) {
+ return NULL;
+ }
+
+ nchars = readlink (filename, buffer, size);
+
+ if (nchars < 0) {
+ free(buffer);
+ return NULL;
+ }
+
+ if ((size_t) nchars < size) { /* The buffer was large enough */
+ /* readlink does not nul-terminate */
+ buffer[nchars] = '\0';
+ return buffer;
+ }
+
+ /* Try again with a bigger buffer */
+ free (buffer);
+ size *= 2;
+ }
+}
+
+/*
+ * copy_symlink - copy a symlink
+ *
+ * Copy a symlink from src to dst.
+ *
+ * statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set
+ * the access and modification and the access rights.
+ *
+ * Return 0 on success, -1 on error.
+ */
+static int copy_symlink (const char *src, const char *dst,
+ unused bool reset_selinux,
+ const struct stat *statp, const struct timeval mt[],
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid)
+{
+ char *oldlink;
+
+ /* copy_tree () must be the entry point */
+ assert (NULL != src_orig);
+ assert (NULL != dst_orig);
+
+ /*
+ * Get the name of the file which the link points
+ * to. If that name begins with the original
+ * source directory name, that part of the link
+ * name will be replaced with the original
+ * destination directory name.
+ */
+
+ oldlink = readlink_malloc (src);
+ if (NULL == oldlink) {
+ return -1;
+ }
+
+ /* If src was a link to an entry of the src_orig directory itself,
+ * create a link to the corresponding entry in the dst_orig
+ * directory.
+ */
+ if (strncmp (oldlink, src_orig, strlen (src_orig)) == 0) {
+ size_t len = strlen (dst_orig) + strlen (oldlink) - strlen (src_orig) + 1;
+ char *dummy = (char *) xmalloc (len);
+ (void) snprintf (dummy, len, "%s%s",
+ dst_orig,
+ oldlink + strlen (src_orig));
+ free (oldlink);
+ oldlink = dummy;
+ }
+
+#ifdef WITH_SELINUX
+ if (set_selinux_file_context (dst) != 0) {
+ free (oldlink);
+ return -1;
+ }
+#endif /* WITH_SELINUX */
+ if ( (symlink (oldlink, dst) != 0)
+ || (lchown_if_needed (dst, statp,
+ old_uid, new_uid, old_gid, new_gid) != 0)) {
+ /* FIXME: there are no modes on symlinks, right?
+ * ACL could be copied, but this would be much more
+ * complex than calling perm_copy_file.
+ * Ditto for Extended Attributes.
+ * We currently only document that ACL and Extended
+ * Attributes are not copied.
+ */
+ free (oldlink);
+ return -1;
+ }
+ free (oldlink);
+
+#ifdef HAVE_LUTIMES
+ /* 2007-10-18: We don't care about
+ * exit status of lutimes because
+ * it returns ENOSYS on many system
+ * - not implemented
+ */
+ (void) lutimes (dst, mt);
+#endif /* HAVE_LUTIMES */
+
+ return 0;
+}
+#endif /* S_IFLNK */
+
+/*
+ * copy_hardlink - copy a hardlink
+ *
+ * Copy a hardlink from src to dst.
+ *
+ * Return 0 on success, -1 on error.
+ */
+static int copy_hardlink (const char *dst,
+ unused bool reset_selinux,
+ struct link_name *lp)
+{
+ /* FIXME: selinux, ACL, Extended Attributes needed? */
+
+ if (link (lp->ln_name, dst) != 0) {
+ return -1;
+ }
+
+ /* If the file could be unlinked, decrement the links counter,
+ * and forget about this link if it was the last reference */
+ lp->ln_count--;
+ if (lp->ln_count <= 0) {
+ remove_link (lp);
+ }
+
+ return 0;
+}
+
+/*
+ * copy_special - copy a special file
+ *
+ * Copy a special file from src to dst.
+ *
+ * statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set
+ * the access and modification and the access rights.
+ *
+ * Return 0 on success, -1 on error.
+ */
+static int copy_special (const char *src, const char *dst,
+ bool reset_selinux,
+ const struct stat *statp, const struct timeval mt[],
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid)
+{
+ int err = 0;
+
+#ifdef WITH_SELINUX
+ if (set_selinux_file_context (dst) != 0) {
+ return -1;
+ }
+#endif /* WITH_SELINUX */
+
+ if ( (mknod (dst, statp->st_mode & ~07777, statp->st_rdev) != 0)
+ || (chown_if_needed (dst, statp,
+ old_uid, new_uid, old_gid, new_gid) != 0)
+#ifdef WITH_ACL
+ || ( (perm_copy_file (src, dst, &ctx) != 0)
+ && (errno != 0))
+#else /* !WITH_ACL */
+ || (chmod (dst, statp->st_mode & 07777) != 0)
+#endif /* !WITH_ACL */
+#ifdef WITH_ATTR
+ /*
+ * If the third parameter is NULL, all extended attributes
+ * except those that define Access Control Lists are copied.
+ * ACLs are excluded by default because copying them between
+ * file systems with and without ACL support needs some
+ * additional logic so that no unexpected permissions result.
+ */
+ || ( !reset_selinux
+ && (attr_copy_file (src, dst, NULL, &ctx) != 0)
+ && (errno != 0))
+#endif /* WITH_ATTR */
+ || (utimes (dst, mt) != 0)) {
+ err = -1;
+ }
+
+ return err;
+}
+
+/*
+ * copy_file - copy a file
+ *
+ * Copy a file from src to dst.
+ *
+ * statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set
+ * the access and modification and the access rights.
+ *
+ * Return 0 on success, -1 on error.
+ */
+static int copy_file (const char *src, const char *dst,
+ bool reset_selinux,
+ const struct stat *statp, const struct timeval mt[],
+ uid_t old_uid, uid_t new_uid,
+ gid_t old_gid, gid_t new_gid)
+{
+ int err = 0;
+ int ifd;
+ int ofd;
+ char buf[1024];
+ ssize_t cnt;
+
+ ifd = open (src, O_RDONLY);
+ if (ifd < 0) {
+ return -1;
+ }
+#ifdef WITH_SELINUX
+ if (set_selinux_file_context (dst) != 0) {
+ return -1;
+ }
+#endif /* WITH_SELINUX */
+ ofd = open (dst, O_WRONLY | O_CREAT | O_TRUNC, statp->st_mode & 07777);
+ if ( (ofd < 0)
+ || (fchown_if_needed (ofd, statp,
+ old_uid, new_uid, old_gid, new_gid) != 0)
+#ifdef WITH_ACL
+ || ( (perm_copy_fd (src, ifd, dst, ofd, &ctx) != 0)
+ && (errno != 0))
+#else /* !WITH_ACL */
+ || (fchmod (ofd, statp->st_mode & 07777) != 0)
+#endif /* !WITH_ACL */
+#ifdef WITH_ATTR
+ /*
+ * If the third parameter is NULL, all extended attributes
+ * except those that define Access Control Lists are copied.
+ * ACLs are excluded by default because copying them between
+ * file systems with and without ACL support needs some
+ * additional logic so that no unexpected permissions result.
+ */
+ || ( !reset_selinux
+ && (attr_copy_fd (src, ifd, dst, ofd, NULL, &ctx) != 0)
+ && (errno != 0))
+#endif /* WITH_ATTR */
+ ) {
+ (void) close (ifd);
+ return -1;
+ }
+
+ while ((cnt = read (ifd, buf, sizeof buf)) > 0) {
+ if (write (ofd, buf, (size_t)cnt) != cnt) {
+ (void) close (ifd);
+ return -1;
+ }
+ }
+
+ (void) close (ifd);
+
+#ifdef HAVE_FUTIMES
+ if (futimes (ofd, mt) != 0) {
+ return -1;
+ }
+#endif /* HAVE_FUTIMES */
+
+ if (close (ofd) != 0) {
+ return -1;
+ }
+
+#ifndef HAVE_FUTIMES
+ if (utimes(dst, mt) != 0) {
+ return -1;
+ }
+#endif /* !HAVE_FUTIMES */
+
+ return err;
+}
+
+#define def_chown_if_needed(chown_function, type_dst) \
+static int chown_function ## _if_needed (type_dst dst, \
+ const struct stat *statp, \
+ uid_t old_uid, uid_t new_uid, \
+ gid_t old_gid, gid_t new_gid) \
+{ \
+ uid_t tmpuid = (uid_t) -1; \
+ gid_t tmpgid = (gid_t) -1; \
+ \
+ /* Use new_uid if old_uid is set to -1 or if the file was \
+ * owned by the user. */ \
+ if (((uid_t) -1 == old_uid) || (statp->st_uid == old_uid)) { \
+ tmpuid = new_uid; \
+ } \
+ /* Otherwise, or if new_uid was set to -1, we keep the same \
+ * owner. */ \
+ if ((uid_t) -1 == tmpuid) { \
+ tmpuid = statp->st_uid; \
+ } \
+ \
+ if (((gid_t) -1 == old_gid) || (statp->st_gid == old_gid)) { \
+ tmpgid = new_gid; \
+ } \
+ if ((gid_t) -1 == tmpgid) { \
+ tmpgid = statp->st_gid; \
+ } \
+ \
+ return chown_function (dst, tmpuid, tmpgid); \
+}
+
+def_chown_if_needed (chown, const char *)
+def_chown_if_needed (lchown, const char *)
+def_chown_if_needed (fchown, int)
+
diff --git a/libmisc/entry.c b/libmisc/entry.c
new file mode 100644
index 0000000..f195fdf
--- /dev/null
+++ b/libmisc/entry.c
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+
+void pw_entry (const char *name, struct passwd *pwent)
+{
+ struct passwd *passwd;
+
+ struct spwd *spwd;
+
+ if (!(passwd = getpwnam (name))) { /* local, no need for xgetpwnam */
+ pwent->pw_name = (char *) 0;
+ return;
+ } else {
+ pwent->pw_name = xstrdup (passwd->pw_name);
+ pwent->pw_uid = passwd->pw_uid;
+ pwent->pw_gid = passwd->pw_gid;
+ pwent->pw_gecos = xstrdup (passwd->pw_gecos);
+ pwent->pw_dir = xstrdup (passwd->pw_dir);
+ pwent->pw_shell = xstrdup (passwd->pw_shell);
+#if !defined(AUTOSHADOW)
+ /* local, no need for xgetspnam */
+ if ((spwd = getspnam (name))) {
+ pwent->pw_passwd = xstrdup (spwd->sp_pwdp);
+ return;
+ }
+#endif
+ pwent->pw_passwd = xstrdup (passwd->pw_passwd);
+ }
+}
diff --git a/libmisc/env.c b/libmisc/env.c
new file mode 100644
index 0000000..0b7c148
--- /dev/null
+++ b/libmisc/env.c
@@ -0,0 +1,275 @@
+/*
+ * Copyright (c) 1989 - 1992, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "prototypes.h"
+#include "defines.h"
+/*
+ * NEWENVP_STEP must be a power of two. This is the number
+ * of (char *) pointers to allocate at a time, to avoid using
+ * realloc() too often.
+ */
+#define NEWENVP_STEP 16
+size_t newenvc = 0;
+/*@null@*/char **newenvp = NULL;
+extern char **environ;
+
+static const char *forbid[] = {
+ "_RLD_=",
+ "BASH_ENV=", /* GNU creeping featurism strikes again... */
+ "ENV=",
+ "HOME=",
+ "IFS=",
+ "KRB_CONF=",
+ "LD_", /* anything with the LD_ prefix */
+ "LIBPATH=",
+ "MAIL=",
+ "NLSPATH=",
+ "PATH=",
+ "SHELL=",
+ "SHLIB_PATH=",
+ (char *) 0
+};
+
+/* these are allowed, but with no slashes inside
+ (to work around security problems in GNU gettext) */
+static const char *noslash[] = {
+ "LANG=",
+ "LANGUAGE=",
+ "LC_", /* anything with the LC_ prefix */
+ (char *) 0
+};
+
+/*
+ * initenv() must be called once before using addenv().
+ */
+void initenv (void)
+{
+ newenvp = (char **) xmalloc (NEWENVP_STEP * sizeof (char *));
+ *newenvp = NULL;
+}
+
+
+void addenv (const char *string, /*@null@*/const char *value)
+{
+ char *cp, *newstring;
+ size_t i;
+ size_t n;
+
+ if (NULL != value) {
+ size_t len = strlen (string) + strlen (value) + 2;
+ int wlen;
+ newstring = xmalloc (len);
+ wlen = snprintf (newstring, len, "%s=%s", string, value);
+ assert (wlen == (int) len -1);
+ } else {
+ newstring = xstrdup (string);
+ }
+
+ /*
+ * Search for a '=' character within the string and if none is found
+ * just ignore the whole string.
+ */
+
+ cp = strchr (newstring, '=');
+ if (NULL == cp) {
+ free (newstring);
+ return;
+ }
+
+ n = (size_t) (cp - newstring);
+
+ /*
+ * If this environment variable is already set, change its value.
+ */
+ for (i = 0; i < newenvc; i++) {
+ if ( (strncmp (newstring, newenvp[i], n) == 0)
+ && (('=' == newenvp[i][n]) || ('\0' == newenvp[i][n]))) {
+ break;
+ }
+ }
+
+ if (i < newenvc) {
+ free (newenvp[i]);
+ newenvp[i] = newstring;
+ return;
+ }
+
+ /*
+ * Otherwise, save the new environment variable
+ */
+ newenvp[newenvc++] = newstring;
+
+ /*
+ * And extend the environment if needed.
+ */
+
+ /*
+ * Check whether newenvc is a multiple of NEWENVP_STEP.
+ * If so we have to resize the vector.
+ * the expression (newenvc & (NEWENVP_STEP - 1)) == 0
+ * is equal to (newenvc % NEWENVP_STEP) == 0
+ * as long as NEWENVP_STEP is a power of 2.
+ */
+
+ if ((newenvc & (NEWENVP_STEP - 1)) == 0) {
+ char **__newenvp;
+ size_t newsize;
+
+ /*
+ * If the resize operation succeeds we can
+ * happily go on, else print a message.
+ */
+
+ newsize = (newenvc + NEWENVP_STEP) * sizeof (char *);
+ __newenvp = (char **) realloc (newenvp, newsize);
+
+ if (NULL != __newenvp) {
+ /*
+ * If this is our current environment, update
+ * environ so that it doesn't point to some
+ * free memory area (realloc() could move it).
+ */
+ if (environ == newenvp) {
+ environ = __newenvp;
+ }
+ newenvp = __newenvp;
+ } else {
+ (void) fputs (_("Environment overflow\n"), stderr);
+ newenvc--;
+ free (newenvp[newenvc]);
+ }
+ }
+
+ /*
+ * The last entry of newenvp must be NULL
+ */
+
+ newenvp[newenvc] = NULL;
+}
+
+
+/*
+ * set_env - copy command line arguments into the environment
+ */
+void set_env (int argc, char *const *argv)
+{
+ int noname = 1;
+ char variable[1024];
+ char *cp;
+
+ for (; argc > 0; argc--, argv++) {
+ if (strlen (*argv) >= sizeof variable) {
+ continue; /* ignore long entries */
+ }
+
+ cp = strchr (*argv, '=');
+ if (NULL == cp) {
+ int wlen;
+ wlen = snprintf (variable, sizeof variable, "L%d", noname);
+ assert (wlen < (int) sizeof(variable));
+ noname++;
+ addenv (variable, *argv);
+ } else {
+ const char **p;
+
+ for (p = forbid; NULL != *p; p++) {
+ if (strncmp (*argv, *p, strlen (*p)) == 0) {
+ break;
+ }
+ }
+
+ if (NULL != *p) {
+ strncpy (variable, *argv, (size_t)(cp - *argv));
+ variable[cp - *argv] = '\0';
+ printf (_("You may not change $%s\n"),
+ variable);
+ continue;
+ }
+
+ addenv (*argv, NULL);
+ }
+ }
+}
+
+/*
+ * sanitize_env - remove some nasty environment variables
+ * If you fall into a total paranoia, you should call this
+ * function for any root-setuid program or anything the user
+ * might change the environment with. 99% useless as almost
+ * all modern Unixes will handle setuid executables properly,
+ * but... I feel better with that silly precaution. -j.
+ */
+
+void sanitize_env (void)
+{
+ char **envp = environ;
+ const char **bad;
+ char **cur;
+ char **move;
+
+ for (cur = envp; NULL != *cur; cur++) {
+ for (bad = forbid; NULL != *bad; bad++) {
+ if (strncmp (*cur, *bad, strlen (*bad)) == 0) {
+ for (move = cur; NULL != *move; move++) {
+ *move = *(move + 1);
+ }
+ cur--;
+ break;
+ }
+ }
+ }
+
+ for (cur = envp; NULL != *cur; cur++) {
+ for (bad = noslash; NULL != *bad; bad++) {
+ if (strncmp (*cur, *bad, strlen (*bad)) != 0) {
+ continue;
+ }
+ if (strchr (*cur, '/') == NULL) {
+ continue; /* OK */
+ }
+ for (move = cur; NULL != *move; move++) {
+ *move = *(move + 1);
+ }
+ cur--;
+ break;
+ }
+ }
+}
+
diff --git a/libmisc/failure.c b/libmisc/failure.c
new file mode 100644
index 0000000..f6390a7
--- /dev/null
+++ b/libmisc/failure.c
@@ -0,0 +1,343 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <stdio.h>
+#include <unistd.h>
+#include "defines.h"
+#include "faillog.h"
+#include "getdef.h"
+#include "failure.h"
+#define YEAR (365L*DAY)
+/*
+ * failure - make failure entry
+ *
+ * failure() creates a new (struct faillog) entry or updates an
+ * existing one with the current failed login information.
+ */
+void failure (uid_t uid, const char *tty, struct faillog *fl)
+{
+ int fd;
+ off_t offset_uid = (off_t) (sizeof *fl) * uid;
+
+ /*
+ * Don't do anything if failure logging isn't set up.
+ */
+
+ if (access (FAILLOG_FILE, F_OK) != 0) {
+ return;
+ }
+
+ fd = open (FAILLOG_FILE, O_RDWR);
+ if (fd < 0) {
+ SYSLOG ((LOG_WARN,
+ "Can't write faillog entry for UID %lu in %s.",
+ (unsigned long) uid, FAILLOG_FILE));
+ return;
+ }
+
+ /*
+ * The file is indexed by UID value meaning that shared UID's
+ * share failure log records. That's OK since they really
+ * share just about everything else ...
+ */
+
+ if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+ || (read (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
+ /* This is not necessarily a failure. The file is
+ * initially zero length.
+ *
+ * If lseek() or read() failed for any other reason, this
+ * might reset the counter. But the new failure will be
+ * logged.
+ */
+ memzero (fl, sizeof *fl);
+ }
+
+ /*
+ * Update the record. We increment the failure count to log the
+ * latest failure. The only concern here is overflow, and we'll
+ * check for that. The line name and time of day are both
+ * updated as well.
+ */
+
+ if (fl->fail_cnt + 1 > 0) {
+ fl->fail_cnt++;
+ }
+
+ strncpy (fl->fail_line, tty, sizeof fl->fail_line);
+ (void) time (&fl->fail_time);
+
+ /*
+ * Seek back to the correct position in the file and write the
+ * record out. Ideally we should lock the file in case the same
+ * account is being logged simultaneously. But the risk doesn't
+ * seem that great.
+ */
+
+ if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+ || (write (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)
+ || (close (fd) != 0)) {
+ SYSLOG ((LOG_WARN,
+ "Can't write faillog entry for UID %lu in %s.",
+ (unsigned long) uid, FAILLOG_FILE));
+ (void) close (fd);
+ }
+}
+
+static bool too_many_failures (const struct faillog *fl)
+{
+ time_t now;
+
+ if ((0 == fl->fail_max) || (fl->fail_cnt < fl->fail_max)) {
+ return false;
+ }
+
+ if (0 == fl->fail_locktime) {
+ return true; /* locked until reset manually */
+ }
+
+ (void) time (&now);
+ if ((fl->fail_time + fl->fail_locktime) < now) {
+ return false; /* enough time since last failure */
+ }
+
+ return true;
+}
+
+/*
+ * failcheck - check for failures > allowable
+ *
+ * failcheck() is called AFTER the password has been validated. If the
+ * account has been "attacked" with too many login failures, failcheck()
+ * returns 0 to indicate that the login should be denied even though
+ * the password is valid.
+ *
+ * failed indicates if the login failed AFTER the password has been
+ * validated.
+ */
+
+int failcheck (uid_t uid, struct faillog *fl, bool failed)
+{
+ int fd;
+ struct faillog fail;
+ off_t offset_uid = (off_t) (sizeof *fl) * uid;
+
+ /*
+ * Suppress the check if the log file isn't there.
+ */
+
+ if (access (FAILLOG_FILE, F_OK) != 0) {
+ return 1;
+ }
+
+ fd = open (FAILLOG_FILE, failed?O_RDONLY:O_RDWR);
+ if (fd < 0) {
+ SYSLOG ((LOG_WARN,
+ "Can't open the faillog file (%s) to check UID %lu. "
+ "User access authorized.",
+ FAILLOG_FILE, (unsigned long) uid));
+ return 1;
+ }
+
+ /*
+ * Get the record from the file and determine if the user has
+ * exceeded the failure limit. If "max" is zero, any number
+ * of failures are permitted. Only when "max" is non-zero and
+ * "cnt" is greater than or equal to "max" is the account
+ * considered to be locked.
+ *
+ * If read fails, there is no record for this user yet (the
+ * file is initially zero length and extended by writes), so
+ * no need to reset the count.
+ */
+
+ if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+ || (read (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
+ (void) close (fd);
+ return 1;
+ }
+
+ if (too_many_failures (fl)) {
+ (void) close (fd);
+ return 0;
+ }
+
+ /*
+ * The record is updated if this is not a failure. The count will
+ * be reset to zero, but the rest of the information will be left
+ * in the record in case someone wants to see where the failed
+ * login originated.
+ */
+
+ if (!failed) {
+ fail = *fl;
+ fail.fail_cnt = 0;
+
+ if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+ || (write (fd, (const void *) &fail, sizeof fail) != (ssize_t) sizeof fail)
+ || (close (fd) != 0)) {
+ SYSLOG ((LOG_WARN,
+ "Can't reset faillog entry for UID %lu in %s.",
+ (unsigned long) uid, FAILLOG_FILE));
+ (void) close (fd);
+ }
+ } else {
+ (void) close (fd);
+ }
+
+ return 1;
+}
+
+/*
+ * failprint - print line of failure information
+ *
+ * failprint takes a (struct faillog) entry and formats it into a
+ * message which is displayed at login time.
+ */
+
+void failprint (const struct faillog *fail)
+{
+ struct tm *tp;
+
+#if HAVE_STRFTIME
+ char lasttimeb[256];
+ char *lasttime = lasttimeb;
+#else
+ char *lasttime;
+#endif
+ time_t NOW;
+
+ if (0 == fail->fail_cnt) {
+ return;
+ }
+
+ tp = localtime (&(fail->fail_time));
+ (void) time (&NOW);
+
+#if HAVE_STRFTIME
+ /*
+ * Print all information we have.
+ */
+ (void) strftime (lasttimeb, sizeof lasttimeb, "%c", tp);
+#else
+
+ /*
+ * Do the same thing, but don't use strftime since it
+ * probably doesn't exist on this system
+ */
+ lasttime = asctime (tp);
+ lasttime[24] = '\0';
+
+ if ((NOW - fail->fail_time) < YEAR) {
+ lasttime[19] = '\0';
+ }
+ if ((NOW - fail->fail_time) < DAY) {
+ lasttime = lasttime + 11;
+ }
+
+ if (' ' == *lasttime) {
+ lasttime++;
+ }
+#endif
+ /*@-formatconst@*/
+ (void) printf (ngettext ("%d failure since last login.\n"
+ "Last was %s on %s.\n",
+ "%d failures since last login.\n"
+ "Last was %s on %s.\n",
+ (unsigned long) fail->fail_cnt),
+ fail->fail_cnt, lasttime, fail->fail_line);
+ /*@=formatconst@*/
+}
+
+/*
+ * failtmp - update the cumulative failure log
+ *
+ * failtmp updates the (struct utmp) formatted failure log which
+ * maintains a record of all login failures.
+ */
+
+void failtmp (const char *username,
+#ifdef USE_UTMPX
+ const struct utmpx *failent
+#else /* !USE_UTMPX */
+ const struct utmp *failent
+#endif /* !USE_UTMPX */
+ )
+{
+ const char *ftmp;
+ int fd;
+
+ /*
+ * Get the name of the failure file. If no file has been defined
+ * in login.defs, don't do this.
+ */
+
+ ftmp = getdef_str ("FTMP_FILE");
+ if (NULL == ftmp) {
+ return;
+ }
+
+ /*
+ * Open the file for append. It must already exist for this
+ * feature to be used.
+ */
+
+ if (access (ftmp, F_OK) != 0) {
+ return;
+ }
+
+ fd = open (ftmp, O_WRONLY | O_APPEND);
+ if (-1 == fd) {
+ SYSLOG ((LOG_WARN,
+ "Can't append failure of user %s to %s.",
+ username, ftmp));
+ return;
+ }
+
+ /*
+ * Append the new failure record and close the log file.
+ */
+
+ if ( (write (fd, (const void *) failent, sizeof *failent) != (ssize_t) sizeof *failent)
+ || (close (fd) != 0)) {
+ SYSLOG ((LOG_WARN,
+ "Can't append failure of user %s to %s.",
+ username, ftmp));
+ (void) close (fd);
+ }
+}
+
diff --git a/libmisc/failure.h b/libmisc/failure.h
new file mode 100644
index 0000000..13187a4
--- /dev/null
+++ b/libmisc/failure.h
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1997 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef _FAILURE_H_
+#define _FAILURE_H_
+
+#include "defines.h"
+#include "faillog.h"
+#ifdef USE_UTMPX
+#include <utmpx.h>
+#else /* !USE_UTMPX */
+#include <utmp.h>
+#endif /* !USE_UTMPX */
+
+/*
+ * failure - make failure entry
+ *
+ * failure() creates a new (struct faillog) entry or updates an
+ * existing one with the current failed login information.
+ */
+extern void failure (uid_t, const char *, struct faillog *);
+
+/*
+ * failcheck - check for failures > allowable
+ *
+ * failcheck() is called AFTER the password has been validated. If the
+ * account has been "attacked" with too many login failures, failcheck()
+ * returns FALSE to indicate that the login should be denied even though
+ * the password is valid.
+ */
+extern int failcheck (uid_t uid, struct faillog *fl, bool failed);
+
+/*
+ * failprint - print line of failure information
+ *
+ * failprint takes a (struct faillog) entry and formats it into a
+ * message which is displayed at login time.
+ */
+extern void failprint (const struct faillog *);
+
+/*
+ * failtmp - update the cummulative failure log
+ *
+ * failtmp updates the (struct utmp) formatted failure log which
+ * maintains a record of all login failures.
+ */
+#ifdef USE_UTMPX
+extern void failtmp (const char *username, const struct utmpx *);
+#else /* !USE_UTMPX */
+extern void failtmp (const char *username, const struct utmp *);
+#endif /* !USE_UTMPX */
+
+#endif
+
diff --git a/libmisc/find_new_gid.c b/libmisc/find_new_gid.c
new file mode 100644
index 0000000..2fe6a2a
--- /dev/null
+++ b/libmisc/find_new_gid.c
@@ -0,0 +1,498 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 2008 - 2011, Nicolas François
+ * Copyright (c) 2014, Red Hat, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+#include <errno.h>
+
+#include "prototypes.h"
+#include "groupio.h"
+#include "getdef.h"
+
+/*
+ * get_ranges - Get the minimum and maximum ID ranges for the search
+ *
+ * This function will return the minimum and maximum ranges for IDs
+ *
+ * 0: The function completed successfully
+ * EINVAL: The provided ranges are impossible (such as maximum < minimum)
+ *
+ * preferred_min: The special-case minimum value for a specifically-
+ * requested ID, which may be lower than the standard min_id
+ */
+static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
+ gid_t *preferred_min)
+{
+ gid_t gid_def_max = 0;
+
+ if (sys_group) {
+ /* System groups */
+
+ /* A requested ID is allowed to be below the autoselect range */
+ *preferred_min = (gid_t) 1;
+
+ /* Get the minimum ID range from login.defs or default to 101 */
+ *min_id = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL);
+
+ /*
+ * If SYS_GID_MAX is unspecified, we should assume it to be one
+ * less than the GID_MIN (which is reserved for non-system accounts)
+ */
+ gid_def_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1;
+ *max_id = (gid_t) getdef_ulong ("SYS_GID_MAX",
+ (unsigned long) gid_def_max);
+
+ /* Check that the ranges make sense */
+ if (*max_id < *min_id) {
+ (void) fprintf (stderr,
+ _("%s: Invalid configuration: SYS_GID_MIN (%lu), "
+ "GID_MIN (%lu), SYS_GID_MAX (%lu)\n"),
+ Prog, (unsigned long) *min_id,
+ getdef_ulong ("GID_MIN", 1000UL),
+ (unsigned long) *max_id);
+ return EINVAL;
+ }
+ } else {
+ /* Non-system groups */
+
+ /* Get the values from login.defs or use reasonable defaults */
+ *min_id = (gid_t) getdef_ulong ("GID_MIN", 1000UL);
+ *max_id = (gid_t) getdef_ulong ("GID_MAX", 60000UL);
+
+ /*
+ * The preferred minimum should match the standard ID minimum
+ * for non-system groups.
+ */
+ *preferred_min = *min_id;
+
+ /* Check that the ranges make sense */
+ if (*max_id < *min_id) {
+ (void) fprintf (stderr,
+ _("%s: Invalid configuration: GID_MIN (%lu), "
+ "GID_MAX (%lu)\n"),
+ Prog, (unsigned long) *min_id,
+ (unsigned long) *max_id);
+ return EINVAL;
+ }
+ }
+
+ return 0;
+}
+
+/*
+ * check_gid - See if the requested GID is available
+ *
+ * On success, return 0
+ * If the ID is in use, return EEXIST
+ * If the ID is outside the range, return ERANGE
+ * In other cases, return errno from getgrgid()
+ */
+static int check_gid (const gid_t gid,
+ const gid_t gid_min,
+ const gid_t gid_max,
+ bool *used_gids)
+{
+ /* First test that the preferred ID is in the range */
+ if (gid < gid_min || gid > gid_max) {
+ return ERANGE;
+ }
+
+ /*
+ * Check whether we already detected this GID
+ * using the gr_next() loop
+ */
+ if (used_gids != NULL && used_gids[gid]) {
+ return EEXIST;
+ }
+ /* Check if the GID exists according to NSS */
+ errno = 0;
+ if (getgrgid (gid) != NULL) {
+ return EEXIST;
+ } else {
+ /* getgrgid() was NULL
+ * we have to ignore errors as temporary
+ * failures of remote user identity services
+ * would completely block user/group creation
+ */
+ }
+
+ /* If we've made it here, the GID must be available */
+ return 0;
+}
+
+/*
+ * find_new_gid - Find a new unused GID.
+ *
+ * If successful, find_new_gid provides an unused group ID in the
+ * [GID_MIN:GID_MAX] range.
+ * This ID should be higher than all the used GID, but if not possible,
+ * the lowest unused ID in the range will be returned.
+ *
+ * Return 0 on success, -1 if no unused GIDs are available.
+ */
+int find_new_gid (bool sys_group,
+ gid_t *gid,
+ /*@null@*/gid_t const *preferred_gid)
+{
+ bool *used_gids;
+ const struct group *grp;
+ gid_t gid_min, gid_max, preferred_min;
+ gid_t group_id, id;
+ gid_t lowest_found, highest_found;
+ int result;
+ int nospam = 0;
+
+ assert(gid != NULL);
+
+ /*
+ * First, figure out what ID range is appropriate for
+ * automatic assignment
+ */
+ result = get_ranges (sys_group, &gid_min, &gid_max, &preferred_min);
+ if (result == EINVAL) {
+ return -1;
+ }
+
+ /* Check if the preferred GID is available */
+ if (preferred_gid) {
+ result = check_gid (*preferred_gid, preferred_min, gid_max, NULL);
+ if (result == 0) {
+ /*
+ * Make sure the GID isn't queued for use already
+ */
+ if (gr_locate_gid (*preferred_gid) == NULL) {
+ *gid = *preferred_gid;
+ return 0;
+ }
+ /*
+ * gr_locate_gid() found the GID in an as-yet uncommitted
+ * entry. We'll proceed below and auto-set a GID.
+ */
+ } else if (result == EEXIST || result == ERANGE) {
+ /*
+ * Continue on below. At this time, we won't
+ * treat these two cases differently.
+ */
+ } else {
+ /*
+ * An unexpected error occurred. We should report
+ * this and fail the group creation.
+ * This differs from the automatic creation
+ * behavior below, since if a specific GID was
+ * requested and generated an error, the user is
+ * more likely to want to stop and address the
+ * issue.
+ */
+ fprintf (stderr,
+ _("%s: Encountered error attempting to use "
+ "preferred GID: %s\n"),
+ Prog, strerror (result));
+ return -1;
+ }
+ }
+
+ /*
+ * Search the entire group file,
+ * looking for the next unused value.
+ *
+ * We first check the local database with gr_rewind/gr_next to find
+ * all local values that are in use.
+ *
+ * We then compare the next free value to all databases (local and
+ * remote) and iterate until we find a free one. If there are free
+ * values beyond the lowest (system groups) or highest (non-system
+ * groups), we will prefer those and avoid potentially reclaiming a
+ * deleted group (which can be a security issue, since it may grant
+ * access to files belonging to that former group).
+ *
+ * If there are no GIDs available at the end of the search, we will
+ * have no choice but to iterate through the range looking for gaps.
+ *
+ */
+
+ /* Create an array to hold all of the discovered GIDs */
+ used_gids = malloc (sizeof (bool) * (gid_max +1));
+ if (NULL == used_gids) {
+ fprintf (stderr,
+ _("%s: failed to allocate memory: %s\n"),
+ Prog, strerror (errno));
+ return -1;
+ }
+ memset (used_gids, false, sizeof (bool) * (gid_max + 1));
+
+ /* First look for the lowest and highest value in the local database */
+ (void) gr_rewind ();
+ highest_found = gid_min;
+ lowest_found = gid_max;
+ while ((grp = gr_next ()) != NULL) {
+ /*
+ * Does this entry have a lower GID than the lowest we've found
+ * so far?
+ */
+ if ((grp->gr_gid <= lowest_found) && (grp->gr_gid >= gid_min)) {
+ lowest_found = grp->gr_gid - 1;
+ }
+
+ /*
+ * Does this entry have a higher GID than the highest we've found
+ * so far?
+ */
+ if ((grp->gr_gid >= highest_found) && (grp->gr_gid <= gid_max)) {
+ highest_found = grp->gr_gid + 1;
+ }
+
+ /* create index of used GIDs */
+ if (grp->gr_gid >= gid_min
+ && grp->gr_gid <= gid_max) {
+
+ used_gids[grp->gr_gid] = true;
+ }
+ }
+
+ if (sys_group) {
+ /*
+ * For system groups, we want to start from the
+ * top of the range and work downwards.
+ */
+
+ /*
+ * At the conclusion of the gr_next() search, we will either
+ * have a presumed-free GID or we will be at GID_MIN - 1.
+ */
+ if (lowest_found < gid_min) {
+ /*
+ * In this case, a GID is in use at GID_MIN.
+ *
+ * We will reset the search to GID_MAX and proceed down
+ * through all the GIDs (skipping those we detected with
+ * used_gids) for a free one. It is a known issue that
+ * this may result in reusing a previously-deleted GID,
+ * so administrators should be instructed to use this
+ * auto-detection with care (and prefer to assign GIDs
+ * explicitly).
+ */
+ lowest_found = gid_max;
+ }
+
+ /* Search through all of the IDs in the range */
+ for (id = lowest_found; id >= gid_min; id--) {
+ result = check_gid (id, gid_min, gid_max, used_gids);
+ if (result == 0) {
+ /* This GID is available. Return it. */
+ *gid = id;
+ free (used_gids);
+ return 0;
+ } else if (result == EEXIST) {
+ /* This GID is in use, we'll continue to the next */
+ } else {
+ /*
+ * An unexpected error occurred.
+ *
+ * Only report it the first time to avoid spamming
+ * the logs
+ *
+ */
+ if (!nospam) {
+ fprintf (stderr,
+ _("%s: Can't get unique system GID (%s). "
+ "Suppressing additional messages.\n"),
+ Prog, strerror (result));
+ SYSLOG ((LOG_ERR,
+ "Error checking available GIDs: %s",
+ strerror (result)));
+ nospam = 1;
+ }
+ /*
+ * We will continue anyway. Hopefully a later GID
+ * will work properly.
+ */
+ }
+ }
+
+ /*
+ * If we get all the way through the loop, try again from GID_MAX,
+ * unless that was where we previously started. (NOTE: the worst-case
+ * scenario here is that we will run through (GID_MAX - GID_MIN - 1)
+ * cycles *again* if we fall into this case with lowest_found as
+ * GID_MAX - 1, all groups in the range in use and maintained by
+ * network services such as LDAP.)
+ */
+ if (lowest_found != gid_max) {
+ for (id = gid_max; id >= gid_min; id--) {
+ result = check_gid (id, gid_min, gid_max, used_gids);
+ if (result == 0) {
+ /* This GID is available. Return it. */
+ *gid = id;
+ free (used_gids);
+ return 0;
+ } else if (result == EEXIST) {
+ /* This GID is in use, we'll continue to the next */
+ } else {
+ /*
+ * An unexpected error occurred.
+ *
+ * Only report it the first time to avoid spamming
+ * the logs
+ *
+ */
+ if (!nospam) {
+ fprintf (stderr,
+ _("%s: Can't get unique system GID (%s). "
+ "Suppressing additional messages.\n"),
+ Prog, strerror (result));
+ SYSLOG ((LOG_ERR,
+ "Error checking available GIDs: %s",
+ strerror (result)));
+ nospam = 1;
+ }
+ /*
+ * We will continue anyway. Hopefully a later GID
+ * will work properly.
+ */
+ }
+ }
+ }
+ } else { /* !sys_group */
+ /*
+ * For non-system groups, we want to start from the
+ * bottom of the range and work upwards.
+ */
+
+ /*
+ * At the conclusion of the gr_next() search, we will either
+ * have a presumed-free GID or we will be at GID_MAX + 1.
+ */
+ if (highest_found > gid_max) {
+ /*
+ * In this case, a GID is in use at GID_MAX.
+ *
+ * We will reset the search to GID_MIN and proceed up
+ * through all the GIDs (skipping those we detected with
+ * used_gids) for a free one. It is a known issue that
+ * this may result in reusing a previously-deleted GID,
+ * so administrators should be instructed to use this
+ * auto-detection with care (and prefer to assign GIDs
+ * explicitly).
+ */
+ highest_found = gid_min;
+ }
+
+ /* Search through all of the IDs in the range */
+ for (id = highest_found; id <= gid_max; id++) {
+ result = check_gid (id, gid_min, gid_max, used_gids);
+ if (result == 0) {
+ /* This GID is available. Return it. */
+ *gid = id;
+ free (used_gids);
+ return 0;
+ } else if (result == EEXIST) {
+ /* This GID is in use, we'll continue to the next */
+ } else {
+ /*
+ * An unexpected error occurred.
+ *
+ * Only report it the first time to avoid spamming
+ * the logs
+ *
+ */
+ if (!nospam) {
+ fprintf (stderr,
+ _("%s: Can't get unique GID (%s). "
+ "Suppressing additional messages.\n"),
+ Prog, strerror (result));
+ SYSLOG ((LOG_ERR,
+ "Error checking available GIDs: %s",
+ strerror (result)));
+ nospam = 1;
+ }
+ /*
+ * We will continue anyway. Hopefully a later GID
+ * will work properly.
+ */
+ }
+ }
+
+ /*
+ * If we get all the way through the loop, try again from GID_MIN,
+ * unless that was where we previously started. (NOTE: the worst-case
+ * scenario here is that we will run through (GID_MAX - GID_MIN - 1)
+ * cycles *again* if we fall into this case with highest_found as
+ * GID_MIN + 1, all groups in the range in use and maintained by
+ * network services such as LDAP.)
+ */
+ if (highest_found != gid_min) {
+ for (id = gid_min; id <= gid_max; id++) {
+ result = check_gid (id, gid_min, gid_max, used_gids);
+ if (result == 0) {
+ /* This GID is available. Return it. */
+ *gid = id;
+ free (used_gids);
+ return 0;
+ } else if (result == EEXIST) {
+ /* This GID is in use, we'll continue to the next */
+ } else {
+ /*
+ * An unexpected error occurred.
+ *
+ * Only report it the first time to avoid spamming
+ * the logs
+ *
+ */
+ if (!nospam) {
+ fprintf (stderr,
+ _("%s: Can't get unique GID (%s). "
+ "Suppressing additional messages.\n"),
+ Prog, strerror (result));
+ SYSLOG ((LOG_ERR,
+ "Error checking available GIDs: %s",
+ strerror (result)));
+ nospam = 1;
+ }
+ /*
+ * We will continue anyway. Hopefully a later GID
+ * will work properly.
+ */
+ }
+ }
+ }
+ }
+
+ /* The code reached here and found no available IDs in the range */
+ fprintf (stderr,
+ _("%s: Can't get unique GID (no more available GIDs)\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "no more available GIDs on the system"));
+ free (used_gids);
+ return -1;
+}
+
diff --git a/libmisc/find_new_sub_gids.c b/libmisc/find_new_sub_gids.c
new file mode 100644
index 0000000..ae8a937
--- /dev/null
+++ b/libmisc/find_new_sub_gids.c
@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) 2012 Eric Biederman
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef ENABLE_SUBIDS
+
+#include <assert.h>
+#include <stdio.h>
+#include <errno.h>
+
+#include "prototypes.h"
+#include "subordinateio.h"
+#include "getdef.h"
+
+/*
+ * find_new_sub_gids - Find a new unused range of GIDs.
+ *
+ * If successful, find_new_sub_gids provides a range of unused
+ * user IDs in the [SUB_GID_MIN:SUB_GID_MAX] range.
+ *
+ * Return 0 on success, -1 if no unused GIDs are available.
+ */
+int find_new_sub_gids (const char *owner,
+ gid_t *range_start, unsigned long *range_count)
+{
+ unsigned long min, max;
+ unsigned long count;
+ gid_t start;
+
+ assert (range_start != NULL);
+ assert (range_count != NULL);
+
+ min = getdef_ulong ("SUB_GID_MIN", 100000UL);
+ max = getdef_ulong ("SUB_GID_MAX", 600100000UL);
+ count = getdef_ulong ("SUB_GID_COUNT", 65536);
+
+ if (min > max || count >= max || (min + count - 1) > max) {
+ (void) fprintf (stderr,
+ _("%s: Invalid configuration: SUB_GID_MIN (%lu),"
+ " SUB_GID_MAX (%lu), SUB_GID_COUNT (%lu)\n"),
+ Prog, min, max, count);
+ return -1;
+ }
+
+ start = sub_gid_find_free_range(min, max, count);
+ if (start == (gid_t)-1) {
+ fprintf (stderr,
+ _("%s: Can't get unique subordinate GID range\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "no more available subordinate GIDs on the system"));
+ return -1;
+ }
+ *range_start = start;
+ *range_count = count;
+ return 0;
+}
+#else /* !ENABLE_SUBIDS */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !ENABLE_SUBIDS */
+
diff --git a/libmisc/find_new_sub_uids.c b/libmisc/find_new_sub_uids.c
new file mode 100644
index 0000000..12cb2d2
--- /dev/null
+++ b/libmisc/find_new_sub_uids.c
@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) 2012 Eric Biederman
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef ENABLE_SUBIDS
+
+#include <assert.h>
+#include <stdio.h>
+#include <errno.h>
+
+#include "prototypes.h"
+#include "subordinateio.h"
+#include "getdef.h"
+
+/*
+ * find_new_sub_uids - Find a new unused range of UIDs.
+ *
+ * If successful, find_new_sub_uids provides a range of unused
+ * user IDs in the [SUB_UID_MIN:SUB_UID_MAX] range.
+ *
+ * Return 0 on success, -1 if no unused UIDs are available.
+ */
+int find_new_sub_uids (const char *owner,
+ uid_t *range_start, unsigned long *range_count)
+{
+ unsigned long min, max;
+ unsigned long count;
+ uid_t start;
+
+ assert (range_start != NULL);
+ assert (range_count != NULL);
+
+ min = getdef_ulong ("SUB_UID_MIN", 100000UL);
+ max = getdef_ulong ("SUB_UID_MAX", 600100000UL);
+ count = getdef_ulong ("SUB_UID_COUNT", 65536);
+
+ if (min > max || count >= max || (min + count - 1) > max) {
+ (void) fprintf (stderr,
+ _("%s: Invalid configuration: SUB_UID_MIN (%lu),"
+ " SUB_UID_MAX (%lu), SUB_UID_COUNT (%lu)\n"),
+ Prog, min, max, count);
+ return -1;
+ }
+
+ start = sub_uid_find_free_range(min, max, count);
+ if (start == (uid_t)-1) {
+ fprintf (stderr,
+ _("%s: Can't get unique subordinate UID range\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "no more available subordinate UIDs on the system"));
+ return -1;
+ }
+ *range_start = start;
+ *range_count = count;
+ return 0;
+}
+#else /* !ENABLE_SUBIDS */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !ENABLE_SUBIDS */
+
diff --git a/libmisc/find_new_uid.c b/libmisc/find_new_uid.c
new file mode 100644
index 0000000..b314313
--- /dev/null
+++ b/libmisc/find_new_uid.c
@@ -0,0 +1,498 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 2008 - 2011, Nicolas François
+ * Copyright (c) 2014, Red Hat, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+#include <errno.h>
+
+#include "prototypes.h"
+#include "pwio.h"
+#include "getdef.h"
+
+/*
+ * get_ranges - Get the minimum and maximum ID ranges for the search
+ *
+ * This function will return the minimum and maximum ranges for IDs
+ *
+ * 0: The function completed successfully
+ * EINVAL: The provided ranges are impossible (such as maximum < minimum)
+ *
+ * preferred_min: The special-case minimum value for a specifically-
+ * requested ID, which may be lower than the standard min_id
+ */
+static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
+ uid_t *preferred_min)
+{
+ uid_t uid_def_max = 0;
+
+ if (sys_user) {
+ /* System users */
+
+ /* A requested ID is allowed to be below the autoselect range */
+ *preferred_min = (uid_t) 1;
+
+ /* Get the minimum ID range from login.defs or default to 101 */
+ *min_id = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL);
+
+ /*
+ * If SYS_UID_MAX is unspecified, we should assume it to be one
+ * less than the UID_MIN (which is reserved for non-system accounts)
+ */
+ uid_def_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1;
+ *max_id = (uid_t) getdef_ulong ("SYS_UID_MAX",
+ (unsigned long) uid_def_max);
+
+ /* Check that the ranges make sense */
+ if (*max_id < *min_id) {
+ (void) fprintf (stderr,
+ _("%s: Invalid configuration: SYS_UID_MIN (%lu), "
+ "UID_MIN (%lu), SYS_UID_MAX (%lu)\n"),
+ Prog, (unsigned long) *min_id,
+ getdef_ulong ("UID_MIN", 1000UL),
+ (unsigned long) *max_id);
+ return EINVAL;
+ }
+ } else {
+ /* Non-system users */
+
+ /* Get the values from login.defs or use reasonable defaults */
+ *min_id = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
+ *max_id = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+
+ /*
+ * The preferred minimum should match the standard ID minimum
+ * for non-system users.
+ */
+ *preferred_min = *min_id;
+
+ /* Check that the ranges make sense */
+ if (*max_id < *min_id) {
+ (void) fprintf (stderr,
+ _("%s: Invalid configuration: UID_MIN (%lu), "
+ "UID_MAX (%lu)\n"),
+ Prog, (unsigned long) *min_id,
+ (unsigned long) *max_id);
+ return EINVAL;
+ }
+ }
+
+ return 0;
+}
+
+/*
+ * check_uid - See if the requested UID is available
+ *
+ * On success, return 0
+ * If the ID is in use, return EEXIST
+ * If the ID is outside the range, return ERANGE
+ * In other cases, return errno from getpwuid()
+ */
+static int check_uid(const uid_t uid,
+ const uid_t uid_min,
+ const uid_t uid_max,
+ bool *used_uids)
+{
+ /* First test that the preferred ID is in the range */
+ if (uid < uid_min || uid > uid_max) {
+ return ERANGE;
+ }
+
+ /*
+ * Check whether we already detected this UID
+ * using the pw_next() loop
+ */
+ if (used_uids != NULL && used_uids[uid]) {
+ return EEXIST;
+ }
+ /* Check if the UID exists according to NSS */
+ errno = 0;
+ if (getpwuid(uid) != NULL) {
+ return EEXIST;
+ } else {
+ /* getpwuid() was NULL
+ * we have to ignore errors as temporary
+ * failures of remote user identity services
+ * would completely block user/group creation
+ */
+ }
+
+ /* If we've made it here, the UID must be available */
+ return 0;
+}
+
+/*
+ * find_new_uid - Find a new unused UID.
+ *
+ * If successful, find_new_uid provides an unused user ID in the
+ * [UID_MIN:UID_MAX] range.
+ * This ID should be higher than all the used UID, but if not possible,
+ * the lowest unused ID in the range will be returned.
+ *
+ * Return 0 on success, -1 if no unused UIDs are available.
+ */
+int find_new_uid(bool sys_user,
+ uid_t *uid,
+ /*@null@*/uid_t const *preferred_uid)
+{
+ bool *used_uids;
+ const struct passwd *pwd;
+ uid_t uid_min, uid_max, preferred_min;
+ uid_t user_id, id;
+ uid_t lowest_found, highest_found;
+ int result;
+ int nospam = 0;
+
+ assert (uid != NULL);
+
+ /*
+ * First, figure out what ID range is appropriate for
+ * automatic assignment
+ */
+ result = get_ranges (sys_user, &uid_min, &uid_max, &preferred_min);
+ if (result == EINVAL) {
+ return -1;
+ }
+
+ /* Check if the preferred UID is available */
+ if (preferred_uid) {
+ result = check_uid (*preferred_uid, preferred_min, uid_max, NULL);
+ if (result == 0) {
+ /*
+ * Make sure the UID isn't queued for use already
+ */
+ if (pw_locate_uid (*preferred_uid) == NULL) {
+ *uid = *preferred_uid;
+ return 0;
+ }
+ /*
+ * pw_locate_uid() found the UID in an as-yet uncommitted
+ * entry. We'll proceed below and auto-set an UID.
+ */
+ } else if (result == EEXIST || result == ERANGE) {
+ /*
+ * Continue on below. At this time, we won't
+ * treat these two cases differently.
+ */
+ } else {
+ /*
+ * An unexpected error occurred. We should report
+ * this and fail the user creation.
+ * This differs from the automatic creation
+ * behavior below, since if a specific UID was
+ * requested and generated an error, the user is
+ * more likely to want to stop and address the
+ * issue.
+ */
+ fprintf (stderr,
+ _("%s: Encountered error attempting to use "
+ "preferred UID: %s\n"),
+ Prog, strerror (result));
+ return -1;
+ }
+ }
+
+ /*
+ * Search the entire passwd file,
+ * looking for the next unused value.
+ *
+ * We first check the local database with pw_rewind/pw_next to find
+ * all local values that are in use.
+ *
+ * We then compare the next free value to all databases (local and
+ * remote) and iterate until we find a free one. If there are free
+ * values beyond the lowest (system users) or highest (non-system
+ * users), we will prefer those and avoid potentially reclaiming a
+ * deleted user (which can be a security issue, since it may grant
+ * access to files belonging to that former user).
+ *
+ * If there are no UIDs available at the end of the search, we will
+ * have no choice but to iterate through the range looking for gaps.
+ *
+ */
+
+ /* Create an array to hold all of the discovered UIDs */
+ used_uids = malloc (sizeof (bool) * (uid_max +1));
+ if (NULL == used_uids) {
+ fprintf (stderr,
+ _("%s: failed to allocate memory: %s\n"),
+ Prog, strerror (errno));
+ return -1;
+ }
+ memset (used_uids, false, sizeof (bool) * (uid_max + 1));
+
+ /* First look for the lowest and highest value in the local database */
+ (void) pw_rewind ();
+ highest_found = uid_min;
+ lowest_found = uid_max;
+ while ((pwd = pw_next ()) != NULL) {
+ /*
+ * Does this entry have a lower UID than the lowest we've found
+ * so far?
+ */
+ if ((pwd->pw_uid <= lowest_found) && (pwd->pw_uid >= uid_min)) {
+ lowest_found = pwd->pw_uid - 1;
+ }
+
+ /*
+ * Does this entry have a higher UID than the highest we've found
+ * so far?
+ */
+ if ((pwd->pw_uid >= highest_found) && (pwd->pw_uid <= uid_max)) {
+ highest_found = pwd->pw_uid + 1;
+ }
+
+ /* create index of used UIDs */
+ if (pwd->pw_uid >= uid_min
+ && pwd->pw_uid <= uid_max) {
+
+ used_uids[pwd->pw_uid] = true;
+ }
+ }
+
+ if (sys_user) {
+ /*
+ * For system users, we want to start from the
+ * top of the range and work downwards.
+ */
+
+ /*
+ * At the conclusion of the pw_next() search, we will either
+ * have a presumed-free UID or we will be at UID_MIN - 1.
+ */
+ if (lowest_found < uid_min) {
+ /*
+ * In this case, an UID is in use at UID_MIN.
+ *
+ * We will reset the search to UID_MAX and proceed down
+ * through all the UIDs (skipping those we detected with
+ * used_uids) for a free one. It is a known issue that
+ * this may result in reusing a previously-deleted UID,
+ * so administrators should be instructed to use this
+ * auto-detection with care (and prefer to assign UIDs
+ * explicitly).
+ */
+ lowest_found = uid_max;
+ }
+
+ /* Search through all of the IDs in the range */
+ for (id = lowest_found; id >= uid_min; id--) {
+ result = check_uid (id, uid_min, uid_max, used_uids);
+ if (result == 0) {
+ /* This UID is available. Return it. */
+ *uid = id;
+ free (used_uids);
+ return 0;
+ } else if (result == EEXIST) {
+ /* This UID is in use, we'll continue to the next */
+ } else {
+ /*
+ * An unexpected error occurred.
+ *
+ * Only report it the first time to avoid spamming
+ * the logs
+ *
+ */
+ if (!nospam) {
+ fprintf (stderr,
+ _("%s: Can't get unique system UID (%s). "
+ "Suppressing additional messages.\n"),
+ Prog, strerror (result));
+ SYSLOG ((LOG_ERR,
+ "Error checking available UIDs: %s",
+ strerror (result)));
+ nospam = 1;
+ }
+ /*
+ * We will continue anyway. Hopefully a later UID
+ * will work properly.
+ */
+ }
+ }
+
+ /*
+ * If we get all the way through the loop, try again from UID_MAX,
+ * unless that was where we previously started. (NOTE: the worst-case
+ * scenario here is that we will run through (UID_MAX - UID_MIN - 1)
+ * cycles *again* if we fall into this case with lowest_found as
+ * UID_MAX - 1, all users in the range in use and maintained by
+ * network services such as LDAP.)
+ */
+ if (lowest_found != uid_max) {
+ for (id = uid_max; id >= uid_min; id--) {
+ result = check_uid (id, uid_min, uid_max, used_uids);
+ if (result == 0) {
+ /* This UID is available. Return it. */
+ *uid = id;
+ free (used_uids);
+ return 0;
+ } else if (result == EEXIST) {
+ /* This UID is in use, we'll continue to the next */
+ } else {
+ /*
+ * An unexpected error occurred.
+ *
+ * Only report it the first time to avoid spamming
+ * the logs
+ *
+ */
+ if (!nospam) {
+ fprintf (stderr,
+ _("%s: Can't get unique system UID (%s). "
+ "Suppressing additional messages.\n"),
+ Prog, strerror (result));
+ SYSLOG((LOG_ERR,
+ "Error checking available UIDs: %s",
+ strerror (result)));
+ nospam = 1;
+ }
+ /*
+ * We will continue anyway. Hopefully a later UID
+ * will work properly.
+ */
+ }
+ }
+ }
+ } else { /* !sys_user */
+ /*
+ * For non-system users, we want to start from the
+ * bottom of the range and work upwards.
+ */
+
+ /*
+ * At the conclusion of the pw_next() search, we will either
+ * have a presumed-free UID or we will be at UID_MAX + 1.
+ */
+ if (highest_found > uid_max) {
+ /*
+ * In this case, a UID is in use at UID_MAX.
+ *
+ * We will reset the search to UID_MIN and proceed up
+ * through all the UIDs (skipping those we detected with
+ * used_uids) for a free one. It is a known issue that
+ * this may result in reusing a previously-deleted UID,
+ * so administrators should be instructed to use this
+ * auto-detection with care (and prefer to assign UIDs
+ * explicitly).
+ */
+ highest_found = uid_min;
+ }
+
+ /* Search through all of the IDs in the range */
+ for (id = highest_found; id <= uid_max; id++) {
+ result = check_uid (id, uid_min, uid_max, used_uids);
+ if (result == 0) {
+ /* This UID is available. Return it. */
+ *uid = id;
+ free (used_uids);
+ return 0;
+ } else if (result == EEXIST) {
+ /* This UID is in use, we'll continue to the next */
+ } else {
+ /*
+ * An unexpected error occurred.
+ *
+ * Only report it the first time to avoid spamming
+ * the logs
+ *
+ */
+ if (!nospam) {
+ fprintf (stderr,
+ _("%s: Can't get unique UID (%s). "
+ "Suppressing additional messages.\n"),
+ Prog, strerror (result));
+ SYSLOG ((LOG_ERR,
+ "Error checking available UIDs: %s",
+ strerror (result)));
+ nospam = 1;
+ }
+ /*
+ * We will continue anyway. Hopefully a later UID
+ * will work properly.
+ */
+ }
+ }
+
+ /*
+ * If we get all the way through the loop, try again from UID_MIN,
+ * unless that was where we previously started. (NOTE: the worst-case
+ * scenario here is that we will run through (UID_MAX - UID_MIN - 1)
+ * cycles *again* if we fall into this case with highest_found as
+ * UID_MIN + 1, all users in the range in use and maintained by
+ * network services such as LDAP.)
+ */
+ if (highest_found != uid_min) {
+ for (id = uid_min; id <= uid_max; id++) {
+ result = check_uid (id, uid_min, uid_max, used_uids);
+ if (result == 0) {
+ /* This UID is available. Return it. */
+ *uid = id;
+ free (used_uids);
+ return 0;
+ } else if (result == EEXIST) {
+ /* This UID is in use, we'll continue to the next */
+ } else {
+ /*
+ * An unexpected error occurred.
+ *
+ * Only report it the first time to avoid spamming
+ * the logs
+ *
+ */
+ if (!nospam) {
+ fprintf (stderr,
+ _("%s: Can't get unique UID (%s). "
+ "Suppressing additional messages.\n"),
+ Prog, strerror (result));
+ SYSLOG ((LOG_ERR,
+ "Error checking available UIDs: %s",
+ strerror (result)));
+ nospam = 1;
+ }
+ /*
+ * We will continue anyway. Hopefully a later UID
+ * will work properly.
+ */
+ }
+ }
+ }
+ }
+
+ /* The code reached here and found no available IDs in the range */
+ fprintf (stderr,
+ _("%s: Can't get unique UID (no more available UIDs)\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "no more available UIDs on the system"));
+ free (used_uids);
+ return -1;
+}
+
diff --git a/libmisc/getdate.h b/libmisc/getdate.h
new file mode 100644
index 0000000..d1bb176
--- /dev/null
+++ b/libmisc/getdate.h
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1997 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2005 , Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _GETDATE_H_
+#define _GETDATE_H_
+
+#include <config.h>
+#include "defines.h"
+
+time_t get_date (const char *p, /*@null@*/const time_t *now);
+#endif
diff --git a/libmisc/getdate.y b/libmisc/getdate.y
new file mode 100644
index 0000000..ee00ca5
--- /dev/null
+++ b/libmisc/getdate.y
@@ -0,0 +1,977 @@
+%{
+/*
+** Originally written by Steven M. Bellovin <smb@research.att.com> while
+** at the University of North Carolina at Chapel Hill. Later tweaked by
+** a couple of people on Usenet. Completely overhauled by Rich $alz
+** <rsalz@bbn.com> and Jim Berets <jberets@bbn.com> in August, 1990;
+**
+** This grammar has 13 shift/reduce conflicts.
+**
+** This code is in the public domain and has no copyright.
+*/
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+# ifdef FORCE_ALLOCA_H
+# include <alloca.h>
+# endif
+#endif
+
+/* Since the code of getdate.y is not included in the Emacs executable
+ itself, there is no need to #define static in this file. Even if
+ the code were included in the Emacs executable, it probably
+ wouldn't do any harm to #undef it here; this will only cause
+ problems if we try to write to a static variable, which I don't
+ think this code needs to do. */
+#ifdef emacs
+# undef static
+#endif
+
+#include <stdio.h>
+#include <ctype.h>
+#include <time.h>
+
+#if defined (STDC_HEADERS) || (!defined (isascii) && !defined (HAVE_ISASCII))
+# define IN_CTYPE_DOMAIN(c) 1
+#else
+# define IN_CTYPE_DOMAIN(c) isascii(c)
+#endif
+
+#define ISSPACE(c) (IN_CTYPE_DOMAIN (c) && isspace (c))
+#define ISALPHA(c) (IN_CTYPE_DOMAIN (c) && isalpha (c))
+#define ISUPPER(c) (IN_CTYPE_DOMAIN (c) && isupper (c))
+#define ISDIGIT_LOCALE(c) (IN_CTYPE_DOMAIN (c) && isdigit (c))
+
+/* ISDIGIT differs from ISDIGIT_LOCALE, as follows:
+ - Its arg may be any int or unsigned int; it need not be an unsigned char.
+ - It's guaranteed to evaluate its argument exactly once.
+ - It's typically faster.
+ Posix 1003.2-1992 section 2.5.2.1 page 50 lines 1556-1558 says that
+ only '0' through '9' are digits. Prefer ISDIGIT to ISDIGIT_LOCALE unless
+ it's important to use the locale's definition of `digit' even when the
+ host does not conform to Posix. */
+#define ISDIGIT(c) ((unsigned) (c) - '0' <= 9)
+
+#include "getdate.h"
+
+#if defined (STDC_HEADERS)
+# include <string.h>
+#endif
+
+/* Some old versions of bison generate parsers that use bcopy.
+ That loses on systems that don't provide the function, so we have
+ to redefine it here. */
+#if !defined (HAVE_BCOPY) && defined (HAVE_MEMCPY) && !defined (bcopy)
+# define bcopy(from, to, len) memcpy ((to), (from), (len))
+#endif
+
+/* Remap normal yacc parser interface names (yyparse, yylex, yyerror, etc),
+ as well as gratuitiously global symbol names, so we can have multiple
+ yacc generated parsers in the same program. Note that these are only
+ the variables produced by yacc. If other parser generators (bison,
+ byacc, etc) produce additional global names that conflict at link time,
+ then those parser generators need to be fixed instead of adding those
+ names to this list. */
+
+#define yymaxdepth gd_maxdepth
+#define yyparse gd_parse
+#define yylex gd_lex
+#define yyerror gd_error
+#define yylval gd_lval
+#define yychar gd_char
+#define yydebug gd_debug
+#define yypact gd_pact
+#define yyr1 gd_r1
+#define yyr2 gd_r2
+#define yydef gd_def
+#define yychk gd_chk
+#define yypgo gd_pgo
+#define yyact gd_act
+#define yyexca gd_exca
+#define yyerrflag gd_errflag
+#define yynerrs gd_nerrs
+#define yyps gd_ps
+#define yypv gd_pv
+#define yys gd_s
+#define yy_yys gd_yys
+#define yystate gd_state
+#define yytmp gd_tmp
+#define yyv gd_v
+#define yy_yyv gd_yyv
+#define yyval gd_val
+#define yylloc gd_lloc
+#define yyreds gd_reds /* With YYDEBUG defined */
+#define yytoks gd_toks /* With YYDEBUG defined */
+#define yylhs gd_yylhs
+#define yylen gd_yylen
+#define yydefred gd_yydefred
+#define yydgoto gd_yydgoto
+#define yysindex gd_yysindex
+#define yyrindex gd_yyrindex
+#define yygindex gd_yygindex
+#define yytable gd_yytable
+#define yycheck gd_yycheck
+
+static int yylex (void);
+static int yyerror (const char *s);
+
+#define EPOCH 1970
+#define HOUR(x) ((x) * 60)
+
+#define MAX_BUFF_LEN 128 /* size of buffer to read the date into */
+
+/*
+** An entry in the lexical lookup table.
+*/
+typedef struct _TABLE {
+ const char *name;
+ int type;
+ int value;
+} TABLE;
+
+
+/*
+** Meridian: am, pm, or 24-hour style.
+*/
+typedef enum _MERIDIAN {
+ MERam, MERpm, MER24
+} MERIDIAN;
+
+
+/*
+** Global variables. We could get rid of most of these by using a good
+** union as the yacc stack. (This routine was originally written before
+** yacc had the %union construct.) Maybe someday; right now we only use
+** the %union very rarely.
+*/
+static const char *yyInput;
+static int yyDayOrdinal;
+static int yyDayNumber;
+static int yyHaveDate;
+static int yyHaveDay;
+static int yyHaveRel;
+static int yyHaveTime;
+static int yyHaveZone;
+static int yyTimezone;
+static int yyDay;
+static int yyHour;
+static int yyMinutes;
+static int yyMonth;
+static int yySeconds;
+static int yyYear;
+static MERIDIAN yyMeridian;
+static int yyRelDay;
+static int yyRelHour;
+static int yyRelMinutes;
+static int yyRelMonth;
+static int yyRelSeconds;
+static int yyRelYear;
+
+%}
+
+%union {
+ int Number;
+ enum _MERIDIAN Meridian;
+}
+
+%token tAGO tDAY tDAY_UNIT tDAYZONE tDST tHOUR_UNIT tID
+%token tMERIDIAN tMINUTE_UNIT tMONTH tMONTH_UNIT
+%token tSEC_UNIT tSNUMBER tUNUMBER tYEAR_UNIT tZONE
+
+%type <Number> tDAY tDAY_UNIT tDAYZONE tHOUR_UNIT tMINUTE_UNIT
+%type <Number> tMONTH tMONTH_UNIT
+%type <Number> tSEC_UNIT tSNUMBER tUNUMBER tYEAR_UNIT tZONE
+%type <Meridian> tMERIDIAN o_merid
+
+%%
+
+spec : /* NULL */
+ | spec item
+ ;
+
+item : time {
+ yyHaveTime++;
+ }
+ | zone {
+ yyHaveZone++;
+ }
+ | date {
+ yyHaveDate++;
+ }
+ | day {
+ yyHaveDay++;
+ }
+ | rel {
+ yyHaveRel++;
+ }
+ | number
+ ;
+
+time : tUNUMBER tMERIDIAN {
+ yyHour = $1;
+ yyMinutes = 0;
+ yySeconds = 0;
+ yyMeridian = $2;
+ }
+ | tUNUMBER ':' tUNUMBER o_merid {
+ yyHour = $1;
+ yyMinutes = $3;
+ yySeconds = 0;
+ yyMeridian = $4;
+ }
+ | tUNUMBER ':' tUNUMBER tSNUMBER {
+ yyHour = $1;
+ yyMinutes = $3;
+ yyMeridian = MER24;
+ yyHaveZone++;
+ yyTimezone = ($4 < 0
+ ? -$4 % 100 + (-$4 / 100) * 60
+ : - ($4 % 100 + ($4 / 100) * 60));
+ }
+ | tUNUMBER ':' tUNUMBER ':' tUNUMBER o_merid {
+ yyHour = $1;
+ yyMinutes = $3;
+ yySeconds = $5;
+ yyMeridian = $6;
+ }
+ | tUNUMBER ':' tUNUMBER ':' tUNUMBER tSNUMBER {
+ yyHour = $1;
+ yyMinutes = $3;
+ yySeconds = $5;
+ yyMeridian = MER24;
+ yyHaveZone++;
+ yyTimezone = ($6 < 0
+ ? -$6 % 100 + (-$6 / 100) * 60
+ : - ($6 % 100 + ($6 / 100) * 60));
+ }
+ ;
+
+zone : tZONE {
+ yyTimezone = $1;
+ }
+ | tDAYZONE {
+ yyTimezone = $1 - 60;
+ }
+ |
+ tZONE tDST {
+ yyTimezone = $1 - 60;
+ }
+ ;
+
+day : tDAY {
+ yyDayOrdinal = 1;
+ yyDayNumber = $1;
+ }
+ | tDAY ',' {
+ yyDayOrdinal = 1;
+ yyDayNumber = $1;
+ }
+ | tUNUMBER tDAY {
+ yyDayOrdinal = $1;
+ yyDayNumber = $2;
+ }
+ ;
+
+date : tUNUMBER '/' tUNUMBER {
+ yyMonth = $1;
+ yyDay = $3;
+ }
+ | tUNUMBER '/' tUNUMBER '/' tUNUMBER {
+ /* Interpret as YYYY/MM/DD if $1 >= 1000, otherwise as MM/DD/YY.
+ The goal in recognizing YYYY/MM/DD is solely to support legacy
+ machine-generated dates like those in an RCS log listing. If
+ you want portability, use the ISO 8601 format. */
+ if ($1 >= 1000)
+ {
+ yyYear = $1;
+ yyMonth = $3;
+ yyDay = $5;
+ }
+ else
+ {
+ yyMonth = $1;
+ yyDay = $3;
+ yyYear = $5;
+ }
+ }
+ | tUNUMBER tSNUMBER tSNUMBER {
+ /* ISO 8601 format. yyyy-mm-dd. */
+ yyYear = $1;
+ yyMonth = -$2;
+ yyDay = -$3;
+ }
+ | tUNUMBER tMONTH tSNUMBER {
+ /* e.g. 17-JUN-1992. */
+ yyDay = $1;
+ yyMonth = $2;
+ yyYear = -$3;
+ }
+ | tMONTH tUNUMBER {
+ yyMonth = $1;
+ yyDay = $2;
+ }
+ | tMONTH tUNUMBER ',' tUNUMBER {
+ yyMonth = $1;
+ yyDay = $2;
+ yyYear = $4;
+ }
+ | tUNUMBER tMONTH {
+ yyMonth = $2;
+ yyDay = $1;
+ }
+ | tUNUMBER tMONTH tUNUMBER {
+ yyMonth = $2;
+ yyDay = $1;
+ yyYear = $3;
+ }
+ ;
+
+rel : relunit tAGO {
+ yyRelSeconds = -yyRelSeconds;
+ yyRelMinutes = -yyRelMinutes;
+ yyRelHour = -yyRelHour;
+ yyRelDay = -yyRelDay;
+ yyRelMonth = -yyRelMonth;
+ yyRelYear = -yyRelYear;
+ }
+ | relunit
+ ;
+
+relunit : tUNUMBER tYEAR_UNIT {
+ yyRelYear += $1 * $2;
+ }
+ | tSNUMBER tYEAR_UNIT {
+ yyRelYear += $1 * $2;
+ }
+ | tYEAR_UNIT {
+ yyRelYear++;
+ }
+ | tUNUMBER tMONTH_UNIT {
+ yyRelMonth += $1 * $2;
+ }
+ | tSNUMBER tMONTH_UNIT {
+ yyRelMonth += $1 * $2;
+ }
+ | tMONTH_UNIT {
+ yyRelMonth++;
+ }
+ | tUNUMBER tDAY_UNIT {
+ yyRelDay += $1 * $2;
+ }
+ | tSNUMBER tDAY_UNIT {
+ yyRelDay += $1 * $2;
+ }
+ | tDAY_UNIT {
+ yyRelDay++;
+ }
+ | tUNUMBER tHOUR_UNIT {
+ yyRelHour += $1 * $2;
+ }
+ | tSNUMBER tHOUR_UNIT {
+ yyRelHour += $1 * $2;
+ }
+ | tHOUR_UNIT {
+ yyRelHour++;
+ }
+ | tUNUMBER tMINUTE_UNIT {
+ yyRelMinutes += $1 * $2;
+ }
+ | tSNUMBER tMINUTE_UNIT {
+ yyRelMinutes += $1 * $2;
+ }
+ | tMINUTE_UNIT {
+ yyRelMinutes++;
+ }
+ | tUNUMBER tSEC_UNIT {
+ yyRelSeconds += $1 * $2;
+ }
+ | tSNUMBER tSEC_UNIT {
+ yyRelSeconds += $1 * $2;
+ }
+ | tSEC_UNIT {
+ yyRelSeconds++;
+ }
+ ;
+
+number : tUNUMBER
+ {
+ if ((yyHaveTime != 0) && (yyHaveDate != 0) && (yyHaveRel == 0))
+ yyYear = $1;
+ else
+ {
+ if ($1>10000)
+ {
+ yyHaveDate++;
+ yyDay= ($1)%100;
+ yyMonth= ($1/100)%100;
+ yyYear = $1/10000;
+ }
+ else
+ {
+ yyHaveTime++;
+ if ($1 < 100)
+ {
+ yyHour = $1;
+ yyMinutes = 0;
+ }
+ else
+ {
+ yyHour = $1 / 100;
+ yyMinutes = $1 % 100;
+ }
+ yySeconds = 0;
+ yyMeridian = MER24;
+ }
+ }
+ }
+ ;
+
+o_merid : /* NULL */
+ {
+ $$ = MER24;
+ }
+ | tMERIDIAN
+ {
+ $$ = $1;
+ }
+ ;
+
+%%
+
+/* Month and day table. */
+static TABLE const MonthDayTable[] = {
+ { "january", tMONTH, 1 },
+ { "february", tMONTH, 2 },
+ { "march", tMONTH, 3 },
+ { "april", tMONTH, 4 },
+ { "may", tMONTH, 5 },
+ { "june", tMONTH, 6 },
+ { "july", tMONTH, 7 },
+ { "august", tMONTH, 8 },
+ { "september", tMONTH, 9 },
+ { "sept", tMONTH, 9 },
+ { "october", tMONTH, 10 },
+ { "november", tMONTH, 11 },
+ { "december", tMONTH, 12 },
+ { "sunday", tDAY, 0 },
+ { "monday", tDAY, 1 },
+ { "tuesday", tDAY, 2 },
+ { "tues", tDAY, 2 },
+ { "wednesday", tDAY, 3 },
+ { "wednes", tDAY, 3 },
+ { "thursday", tDAY, 4 },
+ { "thur", tDAY, 4 },
+ { "thurs", tDAY, 4 },
+ { "friday", tDAY, 5 },
+ { "saturday", tDAY, 6 },
+ { NULL, 0, 0 }
+};
+
+/* Time units table. */
+static TABLE const UnitsTable[] = {
+ { "year", tYEAR_UNIT, 1 },
+ { "month", tMONTH_UNIT, 1 },
+ { "fortnight", tDAY_UNIT, 14 },
+ { "week", tDAY_UNIT, 7 },
+ { "day", tDAY_UNIT, 1 },
+ { "hour", tHOUR_UNIT, 1 },
+ { "minute", tMINUTE_UNIT, 1 },
+ { "min", tMINUTE_UNIT, 1 },
+ { "second", tSEC_UNIT, 1 },
+ { "sec", tSEC_UNIT, 1 },
+ { NULL, 0, 0 }
+};
+
+/* Assorted relative-time words. */
+static TABLE const OtherTable[] = {
+ { "tomorrow", tMINUTE_UNIT, 1 * 24 * 60 },
+ { "yesterday", tMINUTE_UNIT, -1 * 24 * 60 },
+ { "today", tMINUTE_UNIT, 0 },
+ { "now", tMINUTE_UNIT, 0 },
+ { "last", tUNUMBER, -1 },
+ { "this", tMINUTE_UNIT, 0 },
+ { "next", tUNUMBER, 2 },
+ { "first", tUNUMBER, 1 },
+/* { "second", tUNUMBER, 2 }, */
+ { "third", tUNUMBER, 3 },
+ { "fourth", tUNUMBER, 4 },
+ { "fifth", tUNUMBER, 5 },
+ { "sixth", tUNUMBER, 6 },
+ { "seventh", tUNUMBER, 7 },
+ { "eighth", tUNUMBER, 8 },
+ { "ninth", tUNUMBER, 9 },
+ { "tenth", tUNUMBER, 10 },
+ { "eleventh", tUNUMBER, 11 },
+ { "twelfth", tUNUMBER, 12 },
+ { "ago", tAGO, 1 },
+ { NULL, 0, 0 }
+};
+
+/* The timezone table. */
+static TABLE const TimezoneTable[] = {
+ { "gmt", tZONE, HOUR ( 0) }, /* Greenwich Mean */
+ { "ut", tZONE, HOUR ( 0) }, /* Universal (Coordinated) */
+ { "utc", tZONE, HOUR ( 0) },
+ { "wet", tZONE, HOUR ( 0) }, /* Western European */
+ { "bst", tDAYZONE, HOUR ( 0) }, /* British Summer */
+ { "wat", tZONE, HOUR ( 1) }, /* West Africa */
+ { "at", tZONE, HOUR ( 2) }, /* Azores */
+ { "ast", tZONE, HOUR ( 4) }, /* Atlantic Standard */
+ { "adt", tDAYZONE, HOUR ( 4) }, /* Atlantic Daylight */
+ { "est", tZONE, HOUR ( 5) }, /* Eastern Standard */
+ { "edt", tDAYZONE, HOUR ( 5) }, /* Eastern Daylight */
+ { "cst", tZONE, HOUR ( 6) }, /* Central Standard */
+ { "cdt", tDAYZONE, HOUR ( 6) }, /* Central Daylight */
+ { "mst", tZONE, HOUR ( 7) }, /* Mountain Standard */
+ { "mdt", tDAYZONE, HOUR ( 7) }, /* Mountain Daylight */
+ { "pst", tZONE, HOUR ( 8) }, /* Pacific Standard */
+ { "pdt", tDAYZONE, HOUR ( 8) }, /* Pacific Daylight */
+ { "yst", tZONE, HOUR ( 9) }, /* Yukon Standard */
+ { "ydt", tDAYZONE, HOUR ( 9) }, /* Yukon Daylight */
+ { "hst", tZONE, HOUR (10) }, /* Hawaii Standard */
+ { "hdt", tDAYZONE, HOUR (10) }, /* Hawaii Daylight */
+ { "cat", tZONE, HOUR (10) }, /* Central Alaska */
+ { "ahst", tZONE, HOUR (10) }, /* Alaska-Hawaii Standard */
+ { "nt", tZONE, HOUR (11) }, /* Nome */
+ { "idlw", tZONE, HOUR (12) }, /* International Date Line West */
+ { "cet", tZONE, -HOUR (1) }, /* Central European */
+ { "met", tZONE, -HOUR (1) }, /* Middle European */
+ { "mewt", tZONE, -HOUR (1) }, /* Middle European Winter */
+ { "mest", tDAYZONE, -HOUR (1) }, /* Middle European Summer */
+ { "mesz", tDAYZONE, -HOUR (1) }, /* Middle European Summer */
+ { "swt", tZONE, -HOUR (1) }, /* Swedish Winter */
+ { "sst", tDAYZONE, -HOUR (1) }, /* Swedish Summer */
+ { "fwt", tZONE, -HOUR (1) }, /* French Winter */
+ { "fst", tDAYZONE, -HOUR (1) }, /* French Summer */
+ { "eet", tZONE, -HOUR (2) }, /* Eastern Europe, USSR Zone 1 */
+ { "bt", tZONE, -HOUR (3) }, /* Baghdad, USSR Zone 2 */
+ { "zp4", tZONE, -HOUR (4) }, /* USSR Zone 3 */
+ { "zp5", tZONE, -HOUR (5) }, /* USSR Zone 4 */
+ { "zp6", tZONE, -HOUR (6) }, /* USSR Zone 5 */
+ { "wast", tZONE, -HOUR (7) }, /* West Australian Standard */
+ { "wadt", tDAYZONE, -HOUR (7) }, /* West Australian Daylight */
+ { "cct", tZONE, -HOUR (8) }, /* China Coast, USSR Zone 7 */
+ { "jst", tZONE, -HOUR (9) }, /* Japan Standard, USSR Zone 8 */
+ { "east", tZONE, -HOUR (10) }, /* Eastern Australian Standard */
+ { "eadt", tDAYZONE, -HOUR (10) }, /* Eastern Australian Daylight */
+ { "gst", tZONE, -HOUR (10) }, /* Guam Standard, USSR Zone 9 */
+ { "nzt", tZONE, -HOUR (12) }, /* New Zealand */
+ { "nzst", tZONE, -HOUR (12) }, /* New Zealand Standard */
+ { "nzdt", tDAYZONE, -HOUR (12) }, /* New Zealand Daylight */
+ { "idle", tZONE, -HOUR (12) }, /* International Date Line East */
+ { NULL, 0, 0 }
+};
+
+/* Military timezone table. */
+static TABLE const MilitaryTable[] = {
+ { "a", tZONE, HOUR ( 1) },
+ { "b", tZONE, HOUR ( 2) },
+ { "c", tZONE, HOUR ( 3) },
+ { "d", tZONE, HOUR ( 4) },
+ { "e", tZONE, HOUR ( 5) },
+ { "f", tZONE, HOUR ( 6) },
+ { "g", tZONE, HOUR ( 7) },
+ { "h", tZONE, HOUR ( 8) },
+ { "i", tZONE, HOUR ( 9) },
+ { "k", tZONE, HOUR ( 10) },
+ { "l", tZONE, HOUR ( 11) },
+ { "m", tZONE, HOUR ( 12) },
+ { "n", tZONE, HOUR (- 1) },
+ { "o", tZONE, HOUR (- 2) },
+ { "p", tZONE, HOUR (- 3) },
+ { "q", tZONE, HOUR (- 4) },
+ { "r", tZONE, HOUR (- 5) },
+ { "s", tZONE, HOUR (- 6) },
+ { "t", tZONE, HOUR (- 7) },
+ { "u", tZONE, HOUR (- 8) },
+ { "v", tZONE, HOUR (- 9) },
+ { "w", tZONE, HOUR (-10) },
+ { "x", tZONE, HOUR (-11) },
+ { "y", tZONE, HOUR (-12) },
+ { "z", tZONE, HOUR ( 0) },
+ { NULL, 0, 0 }
+};
+
+
+
+
+static int yyerror (unused const char *s)
+{
+ return 0;
+}
+
+static int ToHour (int Hours, MERIDIAN Meridian)
+{
+ switch (Meridian)
+ {
+ case MER24:
+ if (Hours < 0 || Hours > 23)
+ return -1;
+ return Hours;
+ case MERam:
+ if (Hours < 1 || Hours > 12)
+ return -1;
+ if (Hours == 12)
+ Hours = 0;
+ return Hours;
+ case MERpm:
+ if (Hours < 1 || Hours > 12)
+ return -1;
+ if (Hours == 12)
+ Hours = 0;
+ return Hours + 12;
+ default:
+ abort ();
+ }
+ /* NOTREACHED */
+}
+
+static int ToYear (int Year)
+{
+ if (Year < 0)
+ Year = -Year;
+
+ /* XPG4 suggests that years 00-68 map to 2000-2068, and
+ years 69-99 map to 1969-1999. */
+ if (Year < 69)
+ Year += 2000;
+ else if (Year < 100)
+ Year += 1900;
+
+ return Year;
+}
+
+static int LookupWord (char *buff)
+{
+ register char *p;
+ register char *q;
+ register const TABLE *tp;
+ int i;
+ bool abbrev;
+
+ /* Make it lowercase. */
+ for (p = buff; '\0' != *p; p++)
+ if (ISUPPER (*p))
+ *p = tolower (*p);
+
+ if (strcmp (buff, "am") == 0 || strcmp (buff, "a.m.") == 0)
+ {
+ yylval.Meridian = MERam;
+ return tMERIDIAN;
+ }
+ if (strcmp (buff, "pm") == 0 || strcmp (buff, "p.m.") == 0)
+ {
+ yylval.Meridian = MERpm;
+ return tMERIDIAN;
+ }
+
+ /* See if we have an abbreviation for a month. */
+ if (strlen (buff) == 3)
+ abbrev = true;
+ else if (strlen (buff) == 4 && buff[3] == '.')
+ {
+ abbrev = true;
+ buff[3] = '\0';
+ }
+ else
+ abbrev = false;
+
+ for (tp = MonthDayTable; tp->name; tp++)
+ {
+ if (abbrev)
+ {
+ if (strncmp (buff, tp->name, 3) == 0)
+ {
+ yylval.Number = tp->value;
+ return tp->type;
+ }
+ }
+ else if (strcmp (buff, tp->name) == 0)
+ {
+ yylval.Number = tp->value;
+ return tp->type;
+ }
+ }
+
+ for (tp = TimezoneTable; tp->name; tp++)
+ if (strcmp (buff, tp->name) == 0)
+ {
+ yylval.Number = tp->value;
+ return tp->type;
+ }
+
+ if (strcmp (buff, "dst") == 0)
+ return tDST;
+
+ for (tp = UnitsTable; tp->name; tp++)
+ if (strcmp (buff, tp->name) == 0)
+ {
+ yylval.Number = tp->value;
+ return tp->type;
+ }
+
+ /* Strip off any plural and try the units table again. */
+ i = strlen (buff) - 1;
+ if (buff[i] == 's')
+ {
+ buff[i] = '\0';
+ for (tp = UnitsTable; tp->name; tp++)
+ if (strcmp (buff, tp->name) == 0)
+ {
+ yylval.Number = tp->value;
+ return tp->type;
+ }
+ buff[i] = 's'; /* Put back for "this" in OtherTable. */
+ }
+
+ for (tp = OtherTable; tp->name; tp++)
+ if (strcmp (buff, tp->name) == 0)
+ {
+ yylval.Number = tp->value;
+ return tp->type;
+ }
+
+ /* Military timezones. */
+ if (buff[1] == '\0' && ISALPHA (*buff))
+ {
+ for (tp = MilitaryTable; tp->name; tp++)
+ if (strcmp (buff, tp->name) == 0)
+ {
+ yylval.Number = tp->value;
+ return tp->type;
+ }
+ }
+
+ /* Drop out any periods and try the timezone table again. */
+ for (i = 0, p = q = buff; '\0' != *q; q++)
+ if (*q != '.')
+ *p++ = *q;
+ else
+ i++;
+ *p = '\0';
+ if (0 != i)
+ for (tp = TimezoneTable; NULL != tp->name; tp++)
+ if (strcmp (buff, tp->name) == 0)
+ {
+ yylval.Number = tp->value;
+ return tp->type;
+ }
+
+ return tID;
+}
+
+static int
+yylex (void)
+{
+ register char c;
+ register char *p;
+ char buff[20];
+ int Count;
+ int sign;
+
+ for (;;)
+ {
+ while (ISSPACE (*yyInput))
+ yyInput++;
+
+ if (ISDIGIT (c = *yyInput) || c == '-' || c == '+')
+ {
+ if (c == '-' || c == '+')
+ {
+ sign = c == '-' ? -1 : 1;
+ if (!ISDIGIT (*++yyInput))
+ /* skip the '-' sign */
+ continue;
+ }
+ else
+ sign = 0;
+ for (yylval.Number = 0; ISDIGIT (c = *yyInput++);)
+ yylval.Number = 10 * yylval.Number + c - '0';
+ yyInput--;
+ if (sign < 0)
+ yylval.Number = -yylval.Number;
+ return (0 != sign) ? tSNUMBER : tUNUMBER;
+ }
+ if (ISALPHA (c))
+ {
+ for (p = buff; (c = *yyInput++, ISALPHA (c)) || c == '.';)
+ if (p < &buff[sizeof buff - 1])
+ *p++ = c;
+ *p = '\0';
+ yyInput--;
+ return LookupWord (buff);
+ }
+ if (c != '(')
+ return *yyInput++;
+ Count = 0;
+ do
+ {
+ c = *yyInput++;
+ if (c == '\0')
+ return c;
+ if (c == '(')
+ Count++;
+ else if (c == ')')
+ Count--;
+ }
+ while (Count > 0);
+ }
+}
+
+#define TM_YEAR_ORIGIN 1900
+
+/* Yield A - B, measured in seconds. */
+static long difftm (struct tm *a, struct tm *b)
+{
+ int ay = a->tm_year + (TM_YEAR_ORIGIN - 1);
+ int by = b->tm_year + (TM_YEAR_ORIGIN - 1);
+ long days = (
+ /* difference in day of year */
+ a->tm_yday - b->tm_yday
+ /* + intervening leap days */
+ + ((ay >> 2) - (by >> 2))
+ - (ay / 100 - by / 100)
+ + ((ay / 100 >> 2) - (by / 100 >> 2))
+ /* + difference in years * 365 */
+ + (long) (ay - by) * 365
+ );
+ return (60 * (60 * (24 * days + (a->tm_hour - b->tm_hour))
+ + (a->tm_min - b->tm_min))
+ + (a->tm_sec - b->tm_sec));
+}
+
+time_t get_date (const char *p, const time_t *now)
+{
+ struct tm tm, tm0, *tmp;
+ time_t Start;
+
+ yyInput = p;
+ Start = now ? *now : time ((time_t *) NULL);
+ tmp = localtime (&Start);
+ yyYear = tmp->tm_year + TM_YEAR_ORIGIN;
+ yyMonth = tmp->tm_mon + 1;
+ yyDay = tmp->tm_mday;
+ yyHour = tmp->tm_hour;
+ yyMinutes = tmp->tm_min;
+ yySeconds = tmp->tm_sec;
+ yyMeridian = MER24;
+ yyRelSeconds = 0;
+ yyRelMinutes = 0;
+ yyRelHour = 0;
+ yyRelDay = 0;
+ yyRelMonth = 0;
+ yyRelYear = 0;
+ yyHaveDate = 0;
+ yyHaveDay = 0;
+ yyHaveRel = 0;
+ yyHaveTime = 0;
+ yyHaveZone = 0;
+
+ if (yyparse ()
+ || yyHaveTime > 1 || yyHaveZone > 1 || yyHaveDate > 1 || yyHaveDay > 1)
+ return -1;
+
+ tm.tm_year = ToYear (yyYear) - TM_YEAR_ORIGIN + yyRelYear;
+ tm.tm_mon = yyMonth - 1 + yyRelMonth;
+ tm.tm_mday = yyDay + yyRelDay;
+ if ((yyHaveTime != 0) ||
+ ( (yyHaveRel != 0) && (yyHaveDate == 0) && (yyHaveDay == 0) ))
+ {
+ tm.tm_hour = ToHour (yyHour, yyMeridian);
+ if (tm.tm_hour < 0)
+ return -1;
+ tm.tm_min = yyMinutes;
+ tm.tm_sec = yySeconds;
+ }
+ else
+ {
+ tm.tm_hour = tm.tm_min = tm.tm_sec = 0;
+ }
+ tm.tm_hour += yyRelHour;
+ tm.tm_min += yyRelMinutes;
+ tm.tm_sec += yyRelSeconds;
+ tm.tm_isdst = -1;
+ tm0 = tm;
+
+ Start = mktime (&tm);
+
+ if (Start == (time_t) -1)
+ {
+
+ /* Guard against falsely reporting errors near the time_t boundaries
+ when parsing times in other time zones. For example, if the min
+ time_t value is 1970-01-01 00:00:00 UTC and we are 8 hours ahead
+ of UTC, then the min localtime value is 1970-01-01 08:00:00; if
+ we apply mktime to 1970-01-01 00:00:00 we will get an error, so
+ we apply mktime to 1970-01-02 08:00:00 instead and adjust the time
+ zone by 24 hours to compensate. This algorithm assumes that
+ there is no DST transition within a day of the time_t boundaries. */
+ if (yyHaveZone)
+ {
+ tm = tm0;
+ if (tm.tm_year <= EPOCH - TM_YEAR_ORIGIN)
+ {
+ tm.tm_mday++;
+ yyTimezone -= 24 * 60;
+ }
+ else
+ {
+ tm.tm_mday--;
+ yyTimezone += 24 * 60;
+ }
+ Start = mktime (&tm);
+ }
+
+ if (Start == (time_t) -1)
+ return Start;
+ }
+
+ if (yyHaveDay && !yyHaveDate)
+ {
+ tm.tm_mday += ((yyDayNumber - tm.tm_wday + 7) % 7
+ + 7 * (yyDayOrdinal - (0 < yyDayOrdinal)));
+ Start = mktime (&tm);
+ if (Start == (time_t) -1)
+ return Start;
+ }
+
+ if (yyHaveZone)
+ {
+ long delta = yyTimezone * 60L + difftm (&tm, gmtime (&Start));
+ if ((Start + delta < Start) != (delta < 0))
+ return -1; /* time_t overflow */
+ Start += delta;
+ }
+
+ return Start;
+}
+
+#if defined (TEST)
+
+/* ARGSUSED */
+int
+main (ac, av)
+ int ac;
+ char *av[];
+{
+ char buff[MAX_BUFF_LEN + 1];
+ time_t d;
+
+ (void) printf ("Enter date, or blank line to exit.\n\t> ");
+ (void) fflush (stdout);
+
+ buff[MAX_BUFF_LEN] = 0;
+ while (fgets (buff, MAX_BUFF_LEN, stdin) && buff[0])
+ {
+ d = get_date (buff, (time_t *) NULL);
+ if (d == -1)
+ (void) printf ("Bad format - couldn't convert.\n");
+ else
+ (void) printf ("%s", ctime (&d));
+ (void) printf ("\t> ");
+ (void) fflush (stdout);
+ }
+ exit (0);
+ /* NOTREACHED */
+}
+#endif /* defined (TEST) */
diff --git a/libmisc/getgr_nam_gid.c b/libmisc/getgr_nam_gid.c
new file mode 100644
index 0000000..027280a
--- /dev/null
+++ b/libmisc/getgr_nam_gid.c
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdlib.h>
+#include <errno.h>
+#include <grp.h>
+#include "prototypes.h"
+
+/*
+ * getgr_nam_gid - Return a pointer to the group specified by a string.
+ * The string may be a valid GID or a valid groupname.
+ * If the group does not exist on the system, NULL is returned.
+ */
+extern /*@only@*//*@null@*/struct group *getgr_nam_gid (/*@null@*/const char *grname)
+{
+ long long int gid;
+ char *endptr;
+
+ if (NULL == grname) {
+ return NULL;
+ }
+
+ errno = 0;
+ gid = strtoll (grname, &endptr, 10);
+ if ( ('\0' != *grname)
+ && ('\0' == *endptr)
+ && (ERANGE != errno)
+ && (/*@+longintegral@*/gid == (gid_t)gid)/*@=longintegral@*/) {
+ return xgetgrgid ((gid_t) gid);
+ }
+ return xgetgrnam (grname);
+}
+
diff --git a/libmisc/getrange.c b/libmisc/getrange.c
new file mode 100644
index 0000000..9b5e611
--- /dev/null
+++ b/libmisc/getrange.c
@@ -0,0 +1,124 @@
+/*
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id: $"
+
+#include <ctype.h>
+#include <stdlib.h>
+
+#include "defines.h"
+#include "prototypes.h"
+
+/*
+ * Parse a range and indicate if the range is valid.
+ * Valid ranges are in the form:
+ * <long> -> min=max=long has_min has_max
+ * -<long> -> max=long !has_min has_max
+ * <long>- -> min=long has_min !has_max
+ * <long1>-<long2> -> min=long1 max=long2 has_min has_max
+ *
+ * If the range is valid, getrange returns 1.
+ * If the range is not valid, getrange returns 0.
+ */
+int getrange (char *range,
+ unsigned long *min, bool *has_min,
+ unsigned long *max, bool *has_max)
+{
+ char *endptr;
+ unsigned long n;
+
+ if (NULL == range) {
+ return 0;
+ }
+
+ if ('-' == range[0]) {
+ if (!isdigit(range[1])) {
+ /* invalid */
+ return 0;
+ }
+ errno = 0;
+ n = strtoul (&range[1], &endptr, 10);
+ if (('\0' != *endptr) || (ERANGE == errno)) {
+ /* invalid */
+ return 0;
+ }
+ /* -<long> */
+ *has_min = false;
+ *has_max = true;
+ *max = n;
+ } else {
+ errno = 0;
+ n = strtoul (range, &endptr, 10);
+ if (ERANGE == errno) {
+ /* invalid */
+ return 0;
+ }
+ switch (*endptr) {
+ case '\0':
+ /* <long> */
+ *has_min = true;
+ *has_max = true;
+ *min = n;
+ *max = n;
+ break;
+ case '-':
+ endptr++;
+ if ('\0' == *endptr) {
+ /* <long>- */
+ *has_min = true;
+ *has_max = false;
+ *min = n;
+ } else if (!isdigit (*endptr)) {
+ /* invalid */
+ return 0;
+ } else {
+ *has_min = true;
+ *min = n;
+ errno = 0;
+ n = strtoul (endptr, &endptr, 10);
+ if ( ('\0' != *endptr)
+ || (ERANGE == errno)) {
+ /* invalid */
+ return 0;
+ }
+ /* <long>-<long> */
+ *has_max = true;
+ *max = n;
+ }
+ break;
+ default:
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
diff --git a/libmisc/gettime.c b/libmisc/gettime.c
new file mode 100644
index 0000000..53eaf51
--- /dev/null
+++ b/libmisc/gettime.c
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2017, Chris Lamb
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <limits.h>
+#include <stdio.h>
+#include "defines.h"
+#include "prototypes.h"
+
+/*
+ * gettime() returns the time as the number of seconds since the Epoch
+ *
+ * Like time(), gettime() returns the time as the number of seconds since the
+ * Epoch, 1970-01-01 00:00:00 +0000 (UTC), except that if the SOURCE_DATE_EPOCH
+ * environment variable is exported it will use that instead.
+ */
+/*@observer@*/time_t gettime ()
+{
+ char *endptr;
+ char *source_date_epoch;
+ time_t fallback;
+ unsigned long long epoch;
+
+ fallback = time (NULL);
+ source_date_epoch = getenv ("SOURCE_DATE_EPOCH");
+
+ if (!source_date_epoch)
+ return fallback;
+
+ errno = 0;
+ epoch = strtoull (source_date_epoch, &endptr, 10);
+ if ((errno == ERANGE && (epoch == ULLONG_MAX || epoch == 0))
+ || (errno != 0 && epoch == 0)) {
+ fprintf (stderr,
+ _("Environment variable $SOURCE_DATE_EPOCH: strtoull: %s\n"),
+ strerror(errno));
+ } else if (endptr == source_date_epoch) {
+ fprintf (stderr,
+ _("Environment variable $SOURCE_DATE_EPOCH: No digits were found: %s\n"),
+ endptr);
+ } else if (*endptr != '\0') {
+ fprintf (stderr,
+ _("Environment variable $SOURCE_DATE_EPOCH: Trailing garbage: %s\n"),
+ endptr);
+ } else if (epoch > ULONG_MAX) {
+ fprintf (stderr,
+ _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to %lu but was found to be: %llu\n"),
+ ULONG_MAX, epoch);
+ } else if (epoch > fallback) {
+ fprintf (stderr,
+ _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to the current time (%lu) but was found to be: %llu\n"),
+ fallback, epoch);
+ } else {
+ /* Valid */
+ return (time_t)epoch;
+ }
+
+ return fallback;
+}
diff --git a/libmisc/hushed.c b/libmisc/hushed.c
new file mode 100644
index 0000000..b71b99c
--- /dev/null
+++ b/libmisc/hushed.c
@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1991 - 1993, Chip Rosenthal
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <pwd.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "getdef.h"
+/*
+ * hushed - determine if a user receives login messages
+ *
+ * Look in the hushed-logins file (or user's home directory) to see
+ * if the user is to receive the login-time messages.
+ */
+bool hushed (const char *username)
+{
+ struct passwd *pw;
+ const char *hushfile;
+ char buf[BUFSIZ];
+ bool found;
+ FILE *fp;
+
+ /*
+ * Get the name of the file to use. If this option is not
+ * defined, default to a noisy login.
+ */
+
+ hushfile = getdef_str ("HUSHLOGIN_FILE");
+ if (NULL == hushfile) {
+ return false;
+ }
+
+ pw = getpwnam (username);
+ if (NULL == pw) {
+ return false;
+ }
+
+ /*
+ * If this is not a fully rooted path then see if the
+ * file exists in the user's home directory.
+ */
+
+ if (hushfile[0] != '/') {
+ (void) snprintf (buf, sizeof (buf), "%s/%s", pw->pw_dir, hushfile);
+ return (access (buf, F_OK) == 0);
+ }
+
+ /*
+ * If this is a fully rooted path then go through the file
+ * and see if this user, or its shell is in there.
+ */
+
+ fp = fopen (hushfile, "r");
+ if (NULL == fp) {
+ return false;
+ }
+ for (found = false; !found && (fgets (buf, (int) sizeof buf, fp) == buf);) {
+ buf[strlen (buf) - 1] = '\0';
+ found = (strcmp (buf, pw->pw_shell) == 0) ||
+ (strcmp (buf, pw->pw_name) == 0);
+ }
+ (void) fclose (fp);
+ return found;
+}
+
diff --git a/libmisc/idmapping.c b/libmisc/idmapping.c
new file mode 100644
index 0000000..db254fc
--- /dev/null
+++ b/libmisc/idmapping.c
@@ -0,0 +1,164 @@
+/*
+ * Copyright (c) 2013 Eric Biederman
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include "prototypes.h"
+#include "idmapping.h"
+
+struct map_range *get_map_ranges(int ranges, int argc, char **argv)
+{
+ struct map_range *mappings, *mapping;
+ int idx, argidx;
+
+ if (ranges < 0 || argc < 0) {
+ fprintf(stderr, "%s: error calculating number of arguments\n", Prog);
+ return NULL;
+ }
+
+ if (ranges != ((argc + 2) / 3)) {
+ fprintf(stderr, "%s: ranges: %u is wrong for argc: %d\n", Prog, ranges, argc);
+ return NULL;
+ }
+
+ if ((ranges * 3) > argc) {
+ fprintf(stderr, "ranges: %u argc: %d\n",
+ ranges, argc);
+ fprintf(stderr,
+ _( "%s: Not enough arguments to form %u mappings\n"),
+ Prog, ranges);
+ return NULL;
+ }
+
+ mappings = calloc(ranges, sizeof(*mappings));
+ if (!mappings) {
+ fprintf(stderr, _( "%s: Memory allocation failure\n"),
+ Prog);
+ exit(EXIT_FAILURE);
+ }
+
+ /* Gather up the ranges from the command line */
+ mapping = mappings;
+ for (idx = 0, argidx = 0; idx < ranges; idx++, argidx += 3, mapping++) {
+ if (!getulong(argv[argidx + 0], &mapping->upper)) {
+ free(mappings);
+ return NULL;
+ }
+ if (!getulong(argv[argidx + 1], &mapping->lower)) {
+ free(mappings);
+ return NULL;
+ }
+ if (!getulong(argv[argidx + 2], &mapping->count)) {
+ free(mappings);
+ return NULL;
+ }
+ if (ULONG_MAX - mapping->upper <= mapping->count || ULONG_MAX - mapping->lower <= mapping->count) {
+ fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+ exit(EXIT_FAILURE);
+ }
+ if (mapping->upper > UINT_MAX ||
+ mapping->lower > UINT_MAX ||
+ mapping->count > UINT_MAX) {
+ fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+ exit(EXIT_FAILURE);
+ }
+ if (mapping->lower + mapping->count > UINT_MAX ||
+ mapping->upper + mapping->count > UINT_MAX) {
+ fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+ exit(EXIT_FAILURE);
+ }
+ if (mapping->lower + mapping->count < mapping->lower ||
+ mapping->upper + mapping->count < mapping->upper) {
+ /* this one really shouldn't be possible given previous checks */
+ fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+ exit(EXIT_FAILURE);
+ }
+ }
+ return mappings;
+}
+
+/* Number of ascii digits needed to print any unsigned long in decimal.
+ * There are approximately 10 bits for every 3 decimal digits.
+ * So from bits to digits the formula is roundup((Number of bits)/10) * 3.
+ * For common sizes of integers this works out to:
+ * 2bytes --> 6 ascii estimate -> 65536 (5 real)
+ * 4bytes --> 12 ascii estimated -> 4294967296 (10 real)
+ * 8bytes --> 21 ascii estimated -> 18446744073709551616 (20 real)
+ * 16bytes --> 39 ascii estimated -> 340282366920938463463374607431768211456 (39 real)
+ */
+#define ULONG_DIGITS ((((sizeof(unsigned long) * CHAR_BIT) + 9)/10)*3)
+
+
+void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
+ const char *map_file)
+{
+ int idx;
+ struct map_range *mapping;
+ size_t bufsize;
+ char *buf, *pos;
+ int fd;
+
+ bufsize = ranges * ((ULONG_DIGITS + 1) * 3);
+ pos = buf = xmalloc(bufsize);
+
+ /* Build the mapping command */
+ mapping = mappings;
+ for (idx = 0; idx < ranges; idx++, mapping++) {
+ /* Append this range to the string that will be written */
+ int written = snprintf(pos, bufsize - (pos - buf),
+ "%lu %lu %lu\n",
+ mapping->upper,
+ mapping->lower,
+ mapping->count);
+ if ((written <= 0) || (written >= (bufsize - (pos - buf)))) {
+ fprintf(stderr, _("%s: snprintf failed!\n"), Prog);
+ exit(EXIT_FAILURE);
+ }
+ pos += written;
+ }
+
+ /* Write the mapping to the maping file */
+ fd = openat(proc_dir_fd, map_file, O_WRONLY);
+ if (fd < 0) {
+ fprintf(stderr, _("%s: open of %s failed: %s\n"),
+ Prog, map_file, strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+ if (write(fd, buf, pos - buf) != (pos - buf)) {
+ fprintf(stderr, _("%s: write to %s failed: %s\n"),
+ Prog, map_file, strerror(errno));
+ exit(EXIT_FAILURE);
+ }
+ close(fd);
+}
diff --git a/libmisc/idmapping.h b/libmisc/idmapping.h
new file mode 100644
index 0000000..58d000f
--- /dev/null
+++ b/libmisc/idmapping.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2013 Eric Biederman
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _IDMAPPING_H_
+#define _IDMAPPING_H_
+
+struct map_range {
+ unsigned long upper; /* first ID inside the namespace */
+ unsigned long lower; /* first ID outside the namespace */
+ unsigned long count; /* Length of the inside and outside ranges */
+};
+
+extern struct map_range *get_map_ranges(int ranges, int argc, char **argv);
+extern void write_mapping(int proc_dir_fd, int ranges,
+ struct map_range *mappings, const char *map_file);
+
+#endif /* _ID_MAPPING_H_ */
+
diff --git a/libmisc/isexpired.c b/libmisc/isexpired.c
new file mode 100644
index 0000000..8e8a645
--- /dev/null
+++ b/libmisc/isexpired.c
@@ -0,0 +1,125 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Extracted from age.c and made part of libshadow.a - may be useful
+ * in other shadow-aware programs. --marekm
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include <time.h>
+
+#ident "$Id$"
+
+
+/*
+ * isexpired - determine if account is expired yet
+ *
+ * isexpired calculates the expiration date based on the
+ * password expiration criteria.
+ *
+ * Return value:
+ * 0: The password is still valid
+ * 1: The password has expired, it must be changed
+ * 2: The password has expired since a long time and the account is
+ * now disabled. (password cannot be changed)
+ * 3: The account has expired
+ */
+int isexpired (const struct passwd *pw, /*@null@*/const struct spwd *sp)
+{
+ long now;
+
+ now = (long) time ((time_t *) 0) / SCALE;
+
+ if (NULL == sp) {
+ return 0;
+ }
+
+ /*
+ * Quick and easy - there is an expired account field
+ * along with an inactive account field. Do the expired
+ * one first since it is worse.
+ */
+
+ if ((sp->sp_expire > 0) && (now >= sp->sp_expire)) {
+ return 3;
+ }
+
+ /*
+ * Last changed date 1970-01-01 (not very likely) means that
+ * the password must be changed on next login (passwd -e).
+ *
+ * The check for "x" is a workaround for RedHat NYS libc bug -
+ * if /etc/shadow doesn't exist, getspnam() still succeeds and
+ * returns sp_lstchg==0 (must change password) instead of -1!
+ */
+ if ( (0 == sp->sp_lstchg)
+ && (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0)) {
+ return 1;
+ }
+
+ if ( (sp->sp_lstchg > 0)
+ && (sp->sp_max >= 0)
+ && (sp->sp_inact >= 0)
+ && (now >= (sp->sp_lstchg + sp->sp_max + sp->sp_inact))) {
+ return 2;
+ }
+
+ /*
+ * The last and max fields must be present for an account
+ * to have an expired password. A maximum of >10000 days
+ * is considered to be infinite.
+ */
+
+ if ( (-1 == sp->sp_lstchg)
+ || (-1 == sp->sp_max)
+ || (sp->sp_max >= ((10000L * DAY) / SCALE))) {
+ return 0;
+ }
+
+ /*
+ * Calculate today's day and the day on which the password
+ * is going to expire. If that date has already passed,
+ * the password has expired.
+ */
+
+ if (now >= (sp->sp_lstchg + sp->sp_max)) {
+ return 1;
+ }
+ return 0;
+}
+
diff --git a/libmisc/limits.c b/libmisc/limits.c
new file mode 100644
index 0000000..f40e171
--- /dev/null
+++ b/libmisc/limits.c
@@ -0,0 +1,611 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Separated from setup.c. --marekm
+ * Resource limits thanks to Cristian Gafton.
+ * Enhancements of resource limit code by Thomas Orgis <thomas@orgis.org>
+ */
+
+#include <config.h>
+
+#ifndef USE_PAM
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <ctype.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include "getdef.h"
+#ifdef HAVE_SYS_RESOURCE_H
+#include <sys/resource.h>
+#define LIMITS
+#endif
+#ifdef LIMITS
+#ifndef LIMITS_FILE
+#define LIMITS_FILE "/etc/limits"
+#endif
+#define LOGIN_ERROR_RLIMIT 1
+#define LOGIN_ERROR_LOGIN 2
+/* Set a limit on a resource */
+/*
+ * rlimit - RLIMIT_XXXX
+ * value - string value to be read
+ * multiplier - value*multiplier is the actual limit
+ */
+static int setrlimit_value (unsigned int resource,
+ const char *value,
+ unsigned int multiplier)
+{
+ struct rlimit rlim;
+ rlim_t limit;
+
+ /* The "-" is special, not belonging to a strange negative limit.
+ * It is infinity, in a controlled way.
+ */
+ if ('-' == value[0]) {
+ limit = RLIM_INFINITY;
+ }
+ else {
+ /* We cannot use getlong here because it fails when there
+ * is more to the value than just this number!
+ * Also, we are limited to base 10 here (hex numbers will not
+ * work with the limit string parser as is anyway)
+ */
+ char *endptr;
+ long longlimit = strtol (value, &endptr, 10);
+ if ((0 == longlimit) && (value == endptr)) {
+ /* No argument at all. No-op.
+ * FIXME: We could instead throw an error, though.
+ */
+ return 0;
+ }
+ longlimit *= multiplier;
+ limit = (rlim_t)longlimit;
+ if (longlimit != limit)
+ {
+ /* FIXME: Again, silent error handling...
+ * Wouldn't screaming make more sense?
+ */
+ return 0;
+ }
+ }
+
+ rlim.rlim_cur = limit;
+ rlim.rlim_max = limit;
+ if (setrlimit (resource, &rlim) != 0) {
+ return LOGIN_ERROR_RLIMIT;
+ }
+ return 0;
+}
+
+
+static int set_prio (const char *value)
+{
+ long prio;
+
+ if ( (getlong (value, &prio) == 0)
+ || (prio != (int) prio)) {
+ return 0;
+ }
+ if (setpriority (PRIO_PROCESS, 0, (int) prio) != 0) {
+ return LOGIN_ERROR_RLIMIT;
+ }
+ return 0;
+}
+
+
+static int set_umask (const char *value)
+{
+ unsigned long int mask;
+
+ if ( (getulong (value, &mask) == 0)
+ || (mask != (mode_t) mask)) {
+ return 0;
+ }
+
+ (void) umask ((mode_t) mask);
+ return 0;
+}
+
+
+/* Counts the number of user logins and check against the limit */
+static int check_logins (const char *name, const char *maxlogins)
+{
+#ifdef USE_UTMPX
+ struct utmpx *ut;
+#else /* !USE_UTMPX */
+ struct utmp *ut;
+#endif /* !USE_UTMPX */
+ unsigned long limit, count;
+
+ if (getulong (maxlogins, &limit) == 0) {
+ return 0;
+ }
+
+ if (0 == limit) { /* maximum 0 logins ? */
+ SYSLOG ((LOG_WARN, "No logins allowed for `%s'\n", name));
+ return LOGIN_ERROR_LOGIN;
+ }
+
+ count = 0;
+#ifdef USE_UTMPX
+ setutxent ();
+ while ((ut = getutxent ()))
+#else /* !USE_UTMPX */
+ setutent ();
+ while ((ut = getutent ()))
+#endif /* !USE_UTMPX */
+ {
+ if (USER_PROCESS != ut->ut_type) {
+ continue;
+ }
+ if ('\0' == ut->ut_user[0]) {
+ continue;
+ }
+ if (strncmp (name, ut->ut_user, sizeof (ut->ut_user)) != 0) {
+ continue;
+ }
+ count++;
+ if (count > limit) {
+ break;
+ }
+ }
+#ifdef USE_UTMPX
+ endutxent ();
+#else /* !USE_UTMPX */
+ endutent ();
+#endif /* !USE_UTMPX */
+ /*
+ * This is called after setutmp(), so the number of logins counted
+ * includes the user who is currently trying to log in.
+ */
+ if (count > limit) {
+ SYSLOG ((LOG_WARN,
+ "Too many logins (max %lu) for %s\n",
+ limit, name));
+ return LOGIN_ERROR_LOGIN;
+ }
+ return 0;
+}
+
+/* Function setup_user_limits - checks/set limits for the curent login
+ * Original idea from Joel Katz's lshell. Ported to shadow-login
+ * by Cristian Gafton - gafton@sorosis.ro
+ *
+ * We are passed a string of the form ('BASH' constants for ulimit)
+ * [Aa][Cc][Dd][Ff][Mm][Nn][Rr][Ss][Tt][Uu][Ll][Pp][Ii][Oo]
+ * (eg. 'C2F256D2048N5' or 'C2 F256 D2048 N5')
+ * where:
+ * [Aa]: a = RLIMIT_AS max address space (KB)
+ * [Cc]: c = RLIMIT_CORE max core file size (KB)
+ * [Dd]: d = RLIMIT_DATA max data size (KB)
+ * [Ff]: f = RLIMIT_FSIZE max file size (KB)
+ * [Ii]: i = RLIMIT_NICE max nice value (0..39 translates to 20..-19)
+ * [Kk]: k = file creation masK (umask)
+ * [Ll]: l = max number of logins for this user
+ * [Mm]: m = RLIMIT_MEMLOCK max locked-in-memory address space (KB)
+ * [Nn]: n = RLIMIT_NOFILE max number of open files
+ * [Oo]: o = RLIMIT_RTPRIO max real time priority (linux/sched.h 0..MAX_RT_PRIO)
+ * [Pp]: p = process priority -20..20 (negative = high, positive = low)
+ * [Rr]: r = RLIMIT_RSS max resident set size (KB)
+ * [Ss]: s = RLIMIT_STACK max stack size (KB)
+ * [Tt]: t = RLIMIT_CPU max CPU time (MIN)
+ * [Uu]: u = RLIMIT_NPROC max number of processes
+ *
+ * NOTE: Remember to extend the "no-limits" string below when adding a new
+ * limit...
+ *
+ * Return value:
+ * 0 = okay, of course
+ * LOGIN_ERROR_RLIMIT = error setting some RLIMIT
+ * LOGIN_ERROR_LOGIN = error - too many logins for this user
+ *
+ * buf - the limits string
+ * name - the username
+ */
+static int do_user_limits (const char *buf, const char *name)
+{
+ const char *pp;
+ int retval = 0;
+ bool reported = false;
+
+ pp = buf;
+ /* Skip leading whitespace. */
+ while ((' ' == *pp) || ('\t' == *pp)) {
+ pp++;
+ }
+
+ /* The special limit string "-" results in no limit for all known
+ * limits.
+ * We achieve that by parsing a full limit string, parts of it
+ * being ignored if a limit type is not known to the system.
+ * Though, there will be complaining for unknown limit types.
+ */
+ if (strcmp (pp, "-") == 0) {
+ /* Remember to extend this, too, when adding new limits!
+ * Oh... but "unlimited" does not make sense for umask,
+ * or does it? (K-)
+ */
+ pp = "A- C- D- F- I- L- M- N- O- P- R- S- T- U-";
+ }
+
+ while ('\0' != *pp) {
+ switch (*pp++) {
+#ifdef RLIMIT_AS
+ case 'a':
+ case 'A':
+ /* RLIMIT_AS - max address space (KB) */
+ retval |= setrlimit_value (RLIMIT_AS, pp, 1024);
+ break;
+#endif
+#ifdef RLIMIT_CORE
+ case 'c':
+ case 'C':
+ /* RLIMIT_CORE - max core file size (KB) */
+ retval |= setrlimit_value (RLIMIT_CORE, pp, 1024);
+ break;
+#endif
+#ifdef RLIMIT_DATA
+ case 'd':
+ case 'D':
+ /* RLIMIT_DATA - max data size (KB) */
+ retval |= setrlimit_value (RLIMIT_DATA, pp, 1024);
+ break;
+#endif
+#ifdef RLIMIT_FSIZE
+ case 'f':
+ case 'F':
+ /* RLIMIT_FSIZE - Maximum filesize (KB) */
+ retval |= setrlimit_value (RLIMIT_FSIZE, pp, 1024);
+ break;
+#endif
+#ifdef RLIMIT_NICE
+ case 'i':
+ case 'I':
+ /* RLIMIT_NICE - max scheduling priority (0..39) */
+ retval |= setrlimit_value (RLIMIT_NICE, pp, 1);
+ break;
+#endif
+ case 'k':
+ case 'K':
+ retval |= set_umask (pp);
+ break;
+ case 'l':
+ case 'L':
+ /* LIMIT the number of concurrent logins */
+ retval |= check_logins (name, pp);
+ break;
+#ifdef RLIMIT_MEMLOCK
+ case 'm':
+ case 'M':
+ /* RLIMIT_MEMLOCK - max locked-in-memory address space (KB) */
+ retval |= setrlimit_value (RLIMIT_MEMLOCK, pp, 1024);
+ break;
+#endif
+#ifdef RLIMIT_NOFILE
+ case 'n':
+ case 'N':
+ /* RLIMIT_NOFILE - max number of open files */
+ retval |= setrlimit_value (RLIMIT_NOFILE, pp, 1);
+ break;
+#endif
+#ifdef RLIMIT_RTPRIO
+ case 'o':
+ case 'O':
+ /* RLIMIT_RTPRIO - max real time priority (0..MAX_RT_PRIO) */
+ retval |= setrlimit_value (RLIMIT_RTPRIO, pp, 1);
+ break;
+#endif
+ case 'p':
+ case 'P':
+ retval |= set_prio (pp);
+ break;
+#ifdef RLIMIT_RSS
+ case 'r':
+ case 'R':
+ /* RLIMIT_RSS - max resident set size (KB) */
+ retval |= setrlimit_value (RLIMIT_RSS, pp, 1024);
+ break;
+#endif
+#ifdef RLIMIT_STACK
+ case 's':
+ case 'S':
+ /* RLIMIT_STACK - max stack size (KB) */
+ retval |= setrlimit_value (RLIMIT_STACK, pp, 1024);
+ break;
+#endif
+#ifdef RLIMIT_CPU
+ case 't':
+ case 'T':
+ /* RLIMIT_CPU - max CPU time (MIN) */
+ retval |= setrlimit_value (RLIMIT_CPU, pp, 60);
+ break;
+#endif
+#ifdef RLIMIT_NPROC
+ case 'u':
+ case 'U':
+ /* RLIMIT_NPROC - max number of processes */
+ retval |= setrlimit_value (RLIMIT_NPROC, pp, 1);
+ break;
+#endif
+ default:
+ /* Only report invalid strings once */
+ /* Note: A string can be invalid just because a
+ * specific (theoretically valid) setting is not
+ * supported by this build.
+ * It is just a warning in syslog anyway. The line
+ * is still processed
+ */
+ if (!reported) {
+ SYSLOG ((LOG_WARN,
+ "Invalid limit string: '%s'",
+ pp-1));
+ reported = true;
+ retval |= LOGIN_ERROR_RLIMIT;
+ }
+ }
+ /* After parsing one limit setting (or just complaining
+ * about it), one still needs to skip its argument to
+ * prevent a bogus warning on trying to parse that as
+ * limit specification.
+ * So, let's skip all digits, "-" and our limited set of
+ * whitespace.
+ */
+ while ( isdigit (*pp)
+ || ('-' == *pp)
+ || (' ' == *pp)
+ || ('\t' ==*pp)) {
+ pp++;
+ }
+ }
+ return retval;
+}
+
+/* Check if user uname is in the group gname.
+ * Can I be sure that gr_mem contains no UID as string?
+ * Returns true when user is in the group, false when not.
+ * Any error is treated as false.
+ */
+static bool user_in_group (const char *uname, const char *gname)
+{
+ struct group *groupdata;
+
+ if (uname == NULL || gname == NULL){
+ return false;
+ }
+
+ /* We are not claiming to be re-entrant!
+ * In case of paranoia or a multithreaded login program,
+ * one needs to add some mess for getgrnam_r. */
+ groupdata = getgrnam (gname);
+ if (NULL == groupdata) {
+ SYSLOG ((LOG_WARN, "Nonexisting group `%s' in limits file.",
+ gname));
+ return false;
+ }
+
+ return is_on_list (groupdata->gr_mem, uname);
+}
+
+static int setup_user_limits (const char *uname)
+{
+ FILE *fil;
+ char buf[1024];
+ char name[1024];
+ char limits[1024];
+ char deflimits[1024];
+ char tempbuf[1024];
+
+ /* init things */
+ memzero (buf, sizeof (buf));
+ memzero (name, sizeof (name));
+ memzero (limits, sizeof (limits));
+ memzero (deflimits, sizeof (deflimits));
+ memzero (tempbuf, sizeof (tempbuf));
+
+ /* start the checks */
+ fil = fopen (LIMITS_FILE, "r");
+ if (fil == NULL) {
+ return 0;
+ }
+ /* The limits file have the following format:
+ * - '#' (comment) chars only as first chars on a line;
+ * - username must start on first column (or *, or @group)
+ *
+ * FIXME: A better (smarter) checking should be done
+ */
+ while (fgets (buf, 1024, fil) != NULL) {
+ if (('#' == buf[0]) || ('\n' == buf[0])) {
+ continue;
+ }
+ memzero (tempbuf, sizeof (tempbuf));
+ /* a valid line should have a username, then spaces,
+ * then limits
+ * we allow the format:
+ * username L2 D2048 R4096
+ * where spaces={' ',\t}. Also, we reject invalid limits.
+ * Imposing a limit should be done with care, so a wrong
+ * entry means no care anyway :-).
+ *
+ * A '-' as a limits strings means no limits
+ *
+ * The username can also be:
+ * '*': the default limits (only the last is taken into
+ * account)
+ * @group: the limit applies to the members of the group
+ *
+ * To clarify: The first entry with matching user name rules,
+ * everything after it is ignored. If there is no user entry,
+ * the last encountered entry for a matching group rules.
+ * If there is no matching group entry, the default limits rule.
+ */
+ if (sscanf (buf, "%s%[ACDFIKLMNOPRSTUacdfiklmnoprstu0-9 \t-]",
+ name, tempbuf) == 2) {
+ if (strcmp (name, uname) == 0) {
+ strcpy (limits, tempbuf);
+ break;
+ } else if (strcmp (name, "*") == 0) {
+ strcpy (deflimits, tempbuf);
+ } else if (name[0] == '@') {
+ /* If the user is in the group, the group
+ * limits apply unless later a line for
+ * the specific user is found.
+ */
+ if (user_in_group (uname, name+1)) {
+ strcpy (limits, tempbuf);
+ }
+ }
+ }
+ }
+ (void) fclose (fil);
+ if (limits[0] == '\0') {
+ /* no user specific limits */
+ if (deflimits[0] == '\0') { /* no default limits */
+ return 0;
+ }
+ strcpy (limits, deflimits); /* use the default limits */
+ }
+ return do_user_limits (limits, uname);
+}
+#endif /* LIMITS */
+
+
+static void setup_usergroups (const struct passwd *info)
+{
+ const struct group *grp;
+
+/*
+ * if not root, and UID == GID, and username is the same as primary
+ * group name, set umask group bits to be the same as owner bits
+ * (examples: 022 -> 002, 077 -> 007).
+ */
+ if ((0 != info->pw_uid) && (info->pw_uid == info->pw_gid)) {
+ /* local, no need for xgetgrgid */
+ grp = getgrgid (info->pw_gid);
+ if ( (NULL != grp)
+ && (strcmp (info->pw_name, grp->gr_name) == 0)) {
+ mode_t tmpmask;
+ tmpmask = umask (0777);
+ tmpmask = (tmpmask & ~070) | ((tmpmask >> 3) & 070);
+ (void) umask (tmpmask);
+ }
+ }
+}
+
+/*
+ * set the process nice, ulimit, and umask from the password file entry
+ */
+
+void setup_limits (const struct passwd *info)
+{
+ char *cp;
+
+ if (getdef_bool ("USERGROUPS_ENAB")) {
+ setup_usergroups (info);
+ }
+
+ /*
+ * See if the GECOS field contains values for NICE, UMASK or ULIMIT.
+ * If this feature is enabled in /etc/login.defs, we make those
+ * values the defaults for this login session.
+ */
+
+ if (getdef_bool ("QUOTAS_ENAB")) {
+#ifdef LIMITS
+ if (info->pw_uid != 0) {
+ if ((setup_user_limits (info->pw_name) & LOGIN_ERROR_LOGIN) != 0) {
+ (void) fputs (_("Too many logins.\n"), stderr);
+ (void) sleep (2); /* XXX: Should be FAIL_DELAY */
+ exit (EXIT_FAILURE);
+ }
+ }
+#endif
+ for (cp = info->pw_gecos; cp != NULL; cp = strchr (cp, ',')) {
+ if (',' == *cp) {
+ cp++;
+ }
+
+ if (strncmp (cp, "pri=", 4) == 0) {
+ long int inc;
+ if ( (getlong (cp + 4, &inc) == 1)
+ && (inc >= -20) && (inc <= 20)) {
+ errno = 0;
+ if ( (nice ((int) inc) != -1)
+ || (0 != errno)) {
+ continue;
+ }
+ }
+
+ /* Failed to parse or failed to nice() */
+ SYSLOG ((LOG_WARN,
+ "Can't set the nice value for user %s",
+ info->pw_name));
+
+ continue;
+ }
+ if (strncmp (cp, "ulimit=", 7) == 0) {
+ long int blocks;
+ if ( (getlong (cp + 7, &blocks) == 0)
+ || (blocks != (int) blocks)
+ || (set_filesize_limit ((int) blocks) != 0)) {
+ SYSLOG ((LOG_WARN,
+ "Can't set the ulimit for user %s",
+ info->pw_name));
+ }
+ continue;
+ }
+ if (strncmp (cp, "umask=", 6) == 0) {
+ unsigned long int mask;
+ if ( (getulong (cp + 6, &mask) == 0)
+ || (mask != (mode_t) mask)) {
+ SYSLOG ((LOG_WARN,
+ "Can't set umask value for user %s",
+ info->pw_name));
+ } else {
+ (void) umask ((mode_t) mask);
+ }
+
+ continue;
+ }
+ }
+ }
+}
+
+#else /* !USE_PAM */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !USE_PAM */
+
diff --git a/libmisc/list.c b/libmisc/list.c
new file mode 100644
index 0000000..2da734a
--- /dev/null
+++ b/libmisc/list.c
@@ -0,0 +1,271 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include "prototypes.h"
+#include "defines.h"
+/*
+ * add_list - add a member to a list of group members
+ *
+ * the array of member names is searched for the new member
+ * name, and if not present it is added to a freshly allocated
+ * list of users.
+ */
+/*@only@*/ /*@out@*/char **add_list (/*@returned@*/ /*@only@*/char **list, const char *member)
+{
+ int i;
+ char **tmp;
+
+ assert (NULL != member);
+ assert (NULL != list);
+
+ /*
+ * Scan the list for the new name. Return the original list
+ * pointer if it is present.
+ */
+
+ for (i = 0; list[i] != (char *) 0; i++) {
+ if (strcmp (list[i], member) == 0) {
+ return list;
+ }
+ }
+
+ /*
+ * Allocate a new list pointer large enough to hold all the
+ * old entries, and the new entries as well.
+ */
+
+ tmp = (char **) xmalloc ((i + 2) * sizeof member);
+
+ /*
+ * Copy the original list to the new list, then append the
+ * new member and NULL terminate the result. This new list
+ * is returned to the invoker.
+ */
+
+ for (i = 0; list[i] != (char *) 0; i++) {
+ tmp[i] = list[i];
+ }
+
+ tmp[i] = xstrdup (member);
+ tmp[i+1] = (char *) 0;
+
+ return tmp;
+}
+
+/*
+ * del_list - delete a member from a list of group members
+ *
+ * the array of member names is searched for the old member
+ * name, and if present it is deleted from a freshly allocated
+ * list of users.
+ */
+
+/*@only@*/ /*@out@*/char **del_list (/*@returned@*/ /*@only@*/char **list, const char *member)
+{
+ int i, j;
+ char **tmp;
+
+ assert (NULL != member);
+ assert (NULL != list);
+
+ /*
+ * Scan the list for the old name. Return the original list
+ * pointer if it is not present.
+ */
+
+ for (i = j = 0; list[i] != (char *) 0; i++) {
+ if (strcmp (list[i], member) != 0) {
+ j++;
+ }
+ }
+
+ if (j == i) {
+ return list;
+ }
+
+ /*
+ * Allocate a new list pointer large enough to hold all the
+ * old entries.
+ */
+
+ tmp = (char **) xmalloc ((j + 1) * sizeof member);
+
+ /*
+ * Copy the original list except the deleted members to the
+ * new list, then NULL terminate the result. This new list
+ * is returned to the invoker.
+ */
+
+ for (i = j = 0; list[i] != (char *) 0; i++) {
+ if (strcmp (list[i], member) != 0) {
+ tmp[j] = list[i];
+ j++;
+ }
+ }
+
+ tmp[j] = (char *) 0;
+
+ return tmp;
+}
+
+/*
+ * Duplicate a list.
+ * The input list is not modified, but in order to allow the use of this
+ * function with list of members, the list elements are not enforced to be
+ * constant strings here.
+ */
+/*@only@*/ /*@out@*/char **dup_list (char *const *list)
+{
+ int i;
+ char **tmp;
+
+ assert (NULL != list);
+
+ for (i = 0; NULL != list[i]; i++);
+
+ tmp = (char **) xmalloc ((i + 1) * sizeof (char *));
+
+ i = 0;
+ while (NULL != *list) {
+ tmp[i] = xstrdup (*list);
+ i++;
+ list++;
+ }
+
+ tmp[i] = (char *) 0;
+ return tmp;
+}
+
+/*
+ * Check if member is part of the input list
+ * The input list is not modified, but in order to allow the use of this
+ * function with list of members, the list elements are not enforced to be
+ * constant strings here.
+ */
+bool is_on_list (char *const *list, const char *member)
+{
+ assert (NULL != member);
+ assert (NULL != list);
+
+ while (NULL != *list) {
+ if (strcmp (*list, member) == 0) {
+ return true;
+ }
+ list++;
+ }
+
+ return false;
+}
+
+/*
+ * comma_to_list - convert comma-separated list to (char *) array
+ */
+
+/*@only@*/char **comma_to_list (const char *comma)
+{
+ char *members;
+ char **array;
+ int i;
+ char *cp;
+ char *cp2;
+
+ assert (NULL != comma);
+
+ /*
+ * Make a copy since we are going to be modifying the list
+ */
+
+ members = xstrdup (comma);
+
+ /*
+ * Count the number of commas in the list
+ */
+
+ for (cp = members, i = 0;; i++) {
+ cp2 = strchr (cp, ',');
+ if (NULL != cp2) {
+ cp = cp2 + 1;
+ } else {
+ break;
+ }
+ }
+
+ /*
+ * Add 2 - one for the ending NULL, the other for the last item
+ */
+
+ i += 2;
+
+ /*
+ * Allocate the array we're going to store the pointers into.
+ */
+
+ array = (char **) xmalloc (sizeof (char *) * i);
+
+ /*
+ * Empty list is special - 0 members, not 1 empty member. --marekm
+ */
+
+ if ('\0' == *members) {
+ *array = (char *) 0;
+ return array;
+ }
+
+ /*
+ * Now go walk that list all over again, this time building the
+ * array of pointers.
+ */
+
+ for (cp = members, i = 0;; i++) {
+ array[i] = cp;
+ cp2 = strchr (cp, ',');
+ if (NULL != cp2) {
+ *cp2 = '\0';
+ cp2++;
+ cp = cp2;
+ } else {
+ array[i + 1] = (char *) 0;
+ break;
+ }
+ }
+
+ /*
+ * Return the new array of pointers
+ */
+
+ return array;
+}
+
diff --git a/libmisc/log.c b/libmisc/log.c
new file mode 100644
index 0000000..eb84859
--- /dev/null
+++ b/libmisc/log.c
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <pwd.h>
+#include <fcntl.h>
+#include <time.h>
+#include "defines.h"
+#include <lastlog.h>
+#include "prototypes.h"
+
+/*
+ * dolastlog - create lastlog entry
+ *
+ * A "last login" entry is created for the user being logged in. The
+ * UID is extracted from the global (struct passwd) entry and the
+ * TTY information is gotten from the (struct utmp).
+ */
+void dolastlog (
+ struct lastlog *ll,
+ const struct passwd *pw,
+ /*@unique@*/const char *line,
+ /*@unique@*/const char *host)
+{
+ int fd;
+ off_t offset;
+ struct lastlog newlog;
+ time_t ll_time;
+
+ /*
+ * If the file does not exist, don't create it.
+ */
+
+ fd = open (LASTLOG_FILE, O_RDWR);
+ if (-1 == fd) {
+ return;
+ }
+
+ /*
+ * The file is indexed by UID number. Seek to the record
+ * for this UID. Negative UID's will create problems, but ...
+ */
+
+ offset = (off_t) pw->pw_uid * sizeof newlog;
+
+ if (lseek (fd, offset, SEEK_SET) != offset) {
+ SYSLOG ((LOG_WARN,
+ "Can't read last lastlog entry for UID %lu in %s. Entry not updated.",
+ (unsigned long) pw->pw_uid, LASTLOG_FILE));
+ (void) close (fd);
+ return;
+ }
+
+ /*
+ * Read the old entry so we can tell the user when they last
+ * logged in. Then construct the new entry and write it out
+ * the way we read the old one in.
+ */
+
+ if (read (fd, (void *) &newlog, sizeof newlog) != (ssize_t) sizeof newlog) {
+ memzero (&newlog, sizeof newlog);
+ }
+ if (NULL != ll) {
+ *ll = newlog;
+ }
+
+ ll_time = newlog.ll_time;
+ (void) time (&ll_time);
+ newlog.ll_time = ll_time;
+ strncpy (newlog.ll_line, line, sizeof newlog.ll_line);
+#if HAVE_LL_HOST
+ strncpy (newlog.ll_host, host, sizeof newlog.ll_host);
+#endif
+ if ( (lseek (fd, offset, SEEK_SET) != offset)
+ || (write (fd, (const void *) &newlog, sizeof newlog) != (ssize_t) sizeof newlog)
+ || (close (fd) != 0)) {
+ SYSLOG ((LOG_WARN,
+ "Can't write lastlog entry for UID %lu in %s.",
+ (unsigned long) pw->pw_uid, LASTLOG_FILE));
+ (void) close (fd);
+ }
+}
+
diff --git a/libmisc/loginprompt.c b/libmisc/loginprompt.c
new file mode 100644
index 0000000..b008e2a
--- /dev/null
+++ b/libmisc/loginprompt.c
@@ -0,0 +1,178 @@
+/*
+ * Copyright (c) 1989 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <stdio.h>
+#include <signal.h>
+#include <ctype.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+
+static void login_exit (unused int sig)
+{
+ exit (EXIT_FAILURE);
+}
+
+/*
+ * login_prompt - prompt the user for their login name
+ *
+ * login_prompt() displays the standard login prompt. If ISSUE_FILE
+ * is set in login.defs, this file is displayed before the prompt.
+ */
+
+void login_prompt (const char *prompt, char *name, int namesize)
+{
+ char buf[1024];
+
+#define MAX_ENV 32
+ char *envp[MAX_ENV];
+ char *cp;
+ int i;
+ FILE *fp;
+
+ RETSIGTYPE (*sigquit) (int);
+#ifdef SIGTSTP
+ RETSIGTYPE (*sigtstp) (int);
+#endif
+
+ /*
+ * There is a small chance that a QUIT character will be part of
+ * some random noise during a prompt. Deal with this by exiting
+ * instead of core dumping. If SIGTSTP is defined, do the same
+ * thing for that signal.
+ */
+
+ sigquit = signal (SIGQUIT, login_exit);
+#ifdef SIGTSTP
+ sigtstp = signal (SIGTSTP, login_exit);
+#endif
+
+ /*
+ * See if the user has configured the issue file to
+ * be displayed and display it before the prompt.
+ */
+
+ if (NULL != prompt) {
+ const char *fname = getdef_str ("ISSUE_FILE");
+ if (NULL != fname) {
+ fp = fopen (fname, "r");
+ if (NULL != fp) {
+ while ((i = getc (fp)) != EOF) {
+ (void) putc (i, stdout);
+ }
+
+ (void) fclose (fp);
+ }
+ }
+ (void) gethostname (buf, sizeof buf);
+ printf (prompt, buf);
+ (void) fflush (stdout);
+ }
+
+ /*
+ * Read the user's response. The trailing newline will be
+ * removed.
+ */
+
+ memzero (buf, sizeof buf);
+ if (fgets (buf, (int) sizeof buf, stdin) != buf) {
+ exit (EXIT_FAILURE);
+ }
+
+ cp = strchr (buf, '\n');
+ if (NULL == cp) {
+ exit (EXIT_FAILURE);
+ }
+ *cp = '\0'; /* remove \n [ must be there ] */
+
+ /*
+ * Skip leading whitespace. This makes " username" work right.
+ * Then copy the rest (up to the end or the first "non-graphic"
+ * character into the username.
+ */
+
+ for (cp = buf; *cp == ' ' || *cp == '\t'; cp++);
+
+ for (i = 0; i < namesize - 1 && isgraph (*cp); name[i++] = *cp++);
+ while (isgraph (*cp)) {
+ cp++;
+ }
+
+ if ('\0' != *cp) {
+ cp++;
+ }
+
+ name[i] = '\0';
+
+ /*
+ * This is a disaster, at best. The user may have entered extra
+ * environmental variables at the prompt. There are several ways
+ * to do this, and I just take the easy way out.
+ */
+
+ if ('\0' != *cp) { /* process new variables */
+ char *nvar;
+ int count = 1;
+ int envc;
+
+ for (envc = 0; envc < MAX_ENV; envc++) {
+ nvar = strtok ((0 != envc) ? (char *) 0 : cp, " \t,");
+ if (NULL == nvar) {
+ break;
+ }
+ if (strchr (nvar, '=') != NULL) {
+ envp[envc] = nvar;
+ } else {
+ size_t len = strlen (nvar) + 32;
+ envp[envc] = xmalloc (len);
+ (void) snprintf (envp[envc], len,
+ "L%d=%s", count++, nvar);
+ }
+ }
+ set_env (envc, envp);
+ }
+
+ /*
+ * Set the SIGQUIT handler back to its original value
+ */
+
+ (void) signal (SIGQUIT, sigquit);
+#ifdef SIGTSTP
+ (void) signal (SIGTSTP, sigtstp);
+#endif
+}
+
diff --git a/libmisc/mail.c b/libmisc/mail.c
new file mode 100644
index 0000000..1c53c31
--- /dev/null
+++ b/libmisc/mail.c
@@ -0,0 +1,92 @@
+/*
+ * Copyright (c) 1989 - 1991, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <assert.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "getdef.h"
+
+#ident "$Id$"
+
+
+void mailcheck (void)
+{
+ struct stat statbuf;
+ char *mailbox;
+
+ if (!getdef_bool ("MAIL_CHECK_ENAB")) {
+ return;
+ }
+
+ /*
+ * Check incoming mail in Maildir format - J.
+ */
+ mailbox = getenv ("MAILDIR");
+ if (NULL != mailbox) {
+ char *newmail;
+ size_t len = strlen (mailbox) + 5;
+ int wlen;
+
+ newmail = xmalloc (len);
+ wlen = snprintf (newmail, len, "%s/new", mailbox);
+ assert (wlen == (int) len - 1);
+
+ if (stat (newmail, &statbuf) != -1 && statbuf.st_size != 0) {
+ if (statbuf.st_mtime > statbuf.st_atime) {
+ free (newmail);
+ (void) puts (_("You have new mail."));
+ return;
+ }
+ }
+ free (newmail);
+ }
+
+ mailbox = getenv ("MAIL");
+ if (NULL == mailbox) {
+ return;
+ }
+
+ if ( (stat (mailbox, &statbuf) == -1)
+ || (statbuf.st_size == 0)) {
+ (void) puts (_("No mail."));
+ } else if (statbuf.st_atime > statbuf.st_mtime) {
+ (void) puts (_("You have mail."));
+ } else {
+ (void) puts (_("You have new mail."));
+ }
+}
+
diff --git a/libmisc/motd.c b/libmisc/motd.c
new file mode 100644
index 0000000..6ba7e12
--- /dev/null
+++ b/libmisc/motd.c
@@ -0,0 +1,81 @@
+/*
+ * Copyright (c) 1989 - 1991, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2010 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+/*
+ * motd -- output the /etc/motd file
+ *
+ * motd() determines the name of a login announcement file and outputs
+ * it to the user's terminal at login time. The MOTD_FILE configuration
+ * option is a colon-delimited list of filenames.
+ */
+void motd (void)
+{
+ FILE *fp;
+ char *motdlist;
+ const char *motdfile;
+ char *mb;
+ register int c;
+
+ motdfile = getdef_str ("MOTD_FILE");
+ if (NULL == motdfile) {
+ return;
+ }
+
+ motdlist = xstrdup (motdfile);
+
+ for (mb = motdlist; ;mb = NULL) {
+ motdfile = strtok (mb, ":");
+ if (NULL == motdfile) {
+ break;
+ }
+
+ fp = fopen (motdfile, "r");
+ if (NULL != fp) {
+ while ((c = getc (fp)) != EOF) {
+ putchar (c);
+ }
+ fclose (fp);
+ }
+ }
+ fflush (stdout);
+
+ free (motdlist);
+}
+
diff --git a/libmisc/myname.c b/libmisc/myname.c
new file mode 100644
index 0000000..05efdad
--- /dev/null
+++ b/libmisc/myname.c
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * myname.c - determine the current username and get the passwd entry
+ *
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "defines.h"
+#include <pwd.h>
+#include "prototypes.h"
+/*@null@*/ /*@only@*/struct passwd *get_my_pwent (void)
+{
+ struct passwd *pw;
+ const char *cp = getlogin ();
+ uid_t ruid = getuid ();
+
+ /*
+ * Try getlogin() first - if it fails or returns a non-existent
+ * username, or a username which doesn't match the real UID, fall
+ * back to getpwuid(getuid()). This should work reasonably with
+ * usernames longer than the utmp limit (8 characters), as well as
+ * shared UIDs - but not both at the same time...
+ *
+ * XXX - when running from su, will return the current user (not
+ * the original user, like getlogin() does). Does this matter?
+ */
+ if ((NULL != cp) && ('\0' != *cp)) {
+ pw = xgetpwnam (cp);
+ if ((NULL != pw) && (pw->pw_uid == ruid)) {
+ return pw;
+ }
+ }
+
+ return xgetpwuid (ruid);
+}
+
diff --git a/libmisc/obscure.c b/libmisc/obscure.c
new file mode 100644
index 0000000..a075123
--- /dev/null
+++ b/libmisc/obscure.c
@@ -0,0 +1,323 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifndef USE_PAM
+
+#ident "$Id$"
+
+
+/*
+ * This version of obscure.c contains modifications to support "cracklib"
+ * by Alec Muffet (alec.muffett@uk.sun.com). You must obtain the Cracklib
+ * library source code for this function to operate.
+ */
+#include <ctype.h>
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+/*
+ * can't be a palindrome - like `R A D A R' or `M A D A M'
+ */
+static bool palindrome (unused const char *old, const char *new)
+{
+ size_t i, j;
+
+ i = strlen (new);
+
+ for (j = 0; j < i; j++) {
+ if (new[i - j - 1] != new[j]) {
+ return false;
+ }
+ }
+
+ return true;
+}
+
+/*
+ * more than half of the characters are different ones.
+ */
+
+static bool similar (/*@notnull@*/const char *old, /*@notnull@*/const char *new)
+{
+ int i, j;
+
+ /*
+ * XXX - sometimes this fails when changing from a simple password
+ * to a really long one (MD5). For now, I just return success if
+ * the new password is long enough. Please feel free to suggest
+ * something better... --marekm
+ */
+ if (strlen (new) >= 8) {
+ return false;
+ }
+
+ for (i = j = 0; ('\0' != new[i]) && ('\0' != old[i]); i++) {
+ if (strchr (new, old[i]) != NULL) {
+ j++;
+ }
+ }
+
+ if (i >= j * 2) {
+ return false;
+ }
+
+ return true;
+}
+
+/*
+ * a nice mix of characters.
+ */
+
+static bool simple (unused const char *old, const char *new)
+{
+ bool digits = false;
+ bool uppers = false;
+ bool lowers = false;
+ bool others = false;
+ int size;
+ int i;
+
+ for (i = 0; '\0' != new[i]; i++) {
+ if (isdigit (new[i])) {
+ digits = true;
+ } else if (isupper (new[i])) {
+ uppers = true;
+ } else if (islower (new[i])) {
+ lowers = true;
+ } else {
+ others = true;
+ }
+ }
+
+ /*
+ * The scam is this - a password of only one character type
+ * must be 8 letters long. Two types, 7, and so on.
+ */
+
+ size = 9;
+ if (digits) {
+ size--;
+ }
+ if (uppers) {
+ size--;
+ }
+ if (lowers) {
+ size--;
+ }
+ if (others) {
+ size--;
+ }
+
+ if (size <= i) {
+ return false;
+ }
+
+ return true;
+}
+
+static char *str_lower (/*@returned@*/char *string)
+{
+ char *cp;
+
+ for (cp = string; '\0' != *cp; cp++) {
+ *cp = tolower (*cp);
+ }
+ return string;
+}
+
+static /*@observer@*//*@null@*/const char *password_check (
+ /*@notnull@*/const char *old,
+ /*@notnull@*/const char *new,
+ /*@notnull@*/const struct passwd *pwdp)
+{
+ const char *msg = NULL;
+ char *oldmono, *newmono, *wrapped;
+
+#ifdef HAVE_LIBCRACK
+ char *dictpath;
+
+#ifdef HAVE_LIBCRACK_PW
+ char *FascistCheckPw ();
+#else
+ char *FascistCheck ();
+#endif
+#endif
+
+ if (strcmp (new, old) == 0) {
+ return _("no change");
+ }
+
+ newmono = str_lower (xstrdup (new));
+ oldmono = str_lower (xstrdup (old));
+ wrapped = xmalloc (strlen (oldmono) * 2 + 1);
+ strcpy (wrapped, oldmono);
+ strcat (wrapped, oldmono);
+
+ if (palindrome (oldmono, newmono)) {
+ msg = _("a palindrome");
+ } else if (strcmp (oldmono, newmono) == 0) {
+ msg = _("case changes only");
+ } else if (similar (oldmono, newmono)) {
+ msg = _("too similar");
+ } else if (simple (old, new)) {
+ msg = _("too simple");
+ } else if (strstr (wrapped, newmono) != NULL) {
+ msg = _("rotated");
+ } else {
+#ifdef HAVE_LIBCRACK
+ /*
+ * Invoke Alec Muffett's cracklib routines.
+ */
+
+ dictpath = getdef_str ("CRACKLIB_DICTPATH");
+ if (NULL != dictpath) {
+#ifdef HAVE_LIBCRACK_PW
+ msg = FascistCheckPw (new, dictpath, pwdp);
+#else
+ msg = FascistCheck (new, dictpath);
+#endif
+ }
+#endif
+ }
+ strzero (newmono);
+ strzero (oldmono);
+ strzero (wrapped);
+ free (newmono);
+ free (oldmono);
+ free (wrapped);
+
+ return msg;
+}
+
+static /*@observer@*//*@null@*/const char *obscure_msg (
+ /*@notnull@*/const char *old,
+ /*@notnull@*/const char *new,
+ /*@notnull@*/const struct passwd *pwdp)
+{
+ size_t maxlen, oldlen, newlen;
+ char *new1, *old1;
+ const char *msg;
+ const char *result;
+
+ oldlen = strlen (old);
+ newlen = strlen (new);
+
+ if (newlen < (size_t) getdef_num ("PASS_MIN_LEN", 0)) {
+ return _("too short");
+ }
+
+ /*
+ * Remaining checks are optional.
+ */
+ if (!getdef_bool ("OBSCURE_CHECKS_ENAB")) {
+ return NULL;
+ }
+
+ msg = password_check (old, new, pwdp);
+ if (NULL != msg) {
+ return msg;
+ }
+
+ result = getdef_str ("ENCRYPT_METHOD");
+ if (NULL == result) {
+ /* The traditional crypt() truncates passwords to 8 chars. It is
+ possible to circumvent the above checks by choosing an easy
+ 8-char password and adding some random characters to it...
+ Example: "password$%^&*123". So check it again, this time
+ truncated to the maximum length. Idea from npasswd. --marekm */
+
+ if (getdef_bool ("MD5_CRYPT_ENAB")) {
+ return NULL;
+ }
+
+ } else {
+
+ if ( (strcmp (result, "MD5") == 0)
+#ifdef USE_SHA_CRYPT
+ || (strcmp (result, "SHA256") == 0)
+ || (strcmp (result, "SHA512") == 0)
+#endif
+ ) {
+ return NULL;
+ }
+
+ }
+ maxlen = (size_t) getdef_num ("PASS_MAX_LEN", 8);
+ if ( (oldlen <= maxlen)
+ && (newlen <= maxlen)) {
+ return NULL;
+ }
+
+ new1 = xstrdup (new);
+ old1 = xstrdup (old);
+ if (newlen > maxlen) {
+ new1[maxlen] = '\0';
+ }
+ if (oldlen > maxlen) {
+ old1[maxlen] = '\0';
+ }
+
+ msg = password_check (old1, new1, pwdp);
+
+ memzero (new1, newlen);
+ memzero (old1, oldlen);
+ free (new1);
+ free (old1);
+
+ return msg;
+}
+
+/*
+ * Obscure - see if password is obscure enough.
+ *
+ * The programmer is encouraged to add as much complexity to this
+ * routine as desired. Included are some of my favorite ways to
+ * check passwords.
+ */
+
+bool obscure (const char *old, const char *new, const struct passwd *pwdp)
+{
+ const char *msg = obscure_msg (old, new, pwdp);
+
+ if (NULL != msg) {
+ printf (_("Bad password: %s. "), msg);
+ return false;
+ }
+ return true;
+}
+
+#else /* !USE_PAM */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !USE_PAM */
diff --git a/libmisc/pam_pass.c b/libmisc/pam_pass.c
new file mode 100644
index 0000000..a89bb2c
--- /dev/null
+++ b/libmisc/pam_pass.c
@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 1997 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef USE_PAM
+
+#ident "$Id$"
+
+
+/*
+ * Change the user's password using PAM.
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include "defines.h"
+#include "pam_defs.h"
+#include "prototypes.h"
+
+void do_pam_passwd (const char *user, bool silent, bool change_expired)
+{
+ pam_handle_t *pamh = NULL;
+ int flags = 0, ret;
+
+ if (silent)
+ flags |= PAM_SILENT;
+ if (change_expired)
+ flags |= PAM_CHANGE_EXPIRED_AUTHTOK;
+
+ ret = pam_start ("passwd", user, &conv, &pamh);
+ if (ret != PAM_SUCCESS) {
+ fprintf (stderr,
+ _("passwd: pam_start() failed, error %d\n"), ret);
+ exit (10); /* XXX */
+ }
+
+ ret = pam_chauthtok (pamh, flags);
+ if (ret != PAM_SUCCESS) {
+ fprintf (stderr, _("passwd: %s\n"), pam_strerror (pamh, ret));
+ fputs (_("passwd: password unchanged\n"), stderr);
+ pam_end (pamh, ret);
+ exit (10); /* XXX */
+ }
+
+ fputs (_("passwd: password updated successfully\n"), stderr);
+ (void) pam_end (pamh, PAM_SUCCESS);
+}
+#else /* !USE_PAM */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !USE_PAM */
diff --git a/libmisc/pam_pass_non_interractive.c b/libmisc/pam_pass_non_interractive.c
new file mode 100644
index 0000000..e50648b
--- /dev/null
+++ b/libmisc/pam_pass_non_interractive.c
@@ -0,0 +1,167 @@
+/*
+ * Copyright (c) 2009 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id:$"
+
+#ifdef USE_PAM
+#include <assert.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <security/pam_appl.h>
+#include "prototypes.h"
+
+/*@null@*/ /*@only@*/static const char *non_interactive_password = NULL;
+static int ni_conv (int num_msg,
+ const struct pam_message **msg,
+ struct pam_response **resp,
+ unused void *appdata_ptr);
+static struct pam_conv non_interactive_pam_conv = {
+ ni_conv,
+ NULL
+};
+
+
+
+static int ni_conv (int num_msg,
+ const struct pam_message **msg,
+ struct pam_response **resp,
+ unused void *appdata_ptr)
+{
+ struct pam_response *responses;
+ int count;
+
+ assert (NULL != non_interactive_password);
+
+ if (num_msg <= 0) {
+ return PAM_CONV_ERR;
+ }
+
+ responses = (struct pam_response *) calloc ((size_t) num_msg,
+ sizeof (*responses));
+ if (NULL == responses) {
+ return PAM_CONV_ERR;
+ }
+
+ for (count=0; count < num_msg; count++) {
+ responses[count].resp_retcode = 0;
+
+ switch (msg[count]->msg_style) {
+ case PAM_PROMPT_ECHO_ON:
+ fprintf (stderr,
+ _("%s: PAM modules requesting echoing are not supported.\n"),
+ Prog);
+ goto failed_conversation;
+ case PAM_PROMPT_ECHO_OFF:
+ responses[count].resp = strdup (non_interactive_password);
+ if (NULL == responses[count].resp) {
+ goto failed_conversation;
+ }
+ break;
+ case PAM_ERROR_MSG:
+ if ( (NULL == msg[count]->msg)
+ || (fprintf (stderr, "%s\n", msg[count]->msg) <0)) {
+ goto failed_conversation;
+ }
+ responses[count].resp = NULL;
+ break;
+ case PAM_TEXT_INFO:
+ if ( (NULL == msg[count]->msg)
+ || (fprintf (stdout, "%s\n", msg[count]->msg) <0)) {
+ goto failed_conversation;
+ }
+ responses[count].resp = NULL;
+ break;
+ default:
+ (void) fprintf (stderr,
+ _("%s: conversation type %d not supported.\n"),
+ Prog, msg[count]->msg_style);
+ goto failed_conversation;
+ }
+ }
+
+ *resp = responses;
+
+ return PAM_SUCCESS;
+
+failed_conversation:
+ for (count=0; count < num_msg; count++) {
+ if (NULL != responses[count].resp) {
+ memset (responses[count].resp, 0,
+ strlen (responses[count].resp));
+ free (responses[count].resp);
+ responses[count].resp = NULL;
+ }
+ }
+
+ free (responses);
+ *resp = NULL;
+
+ return PAM_CONV_ERR;
+}
+
+
+/*
+ * Change non interactively the user's password using PAM.
+ *
+ * Return 0 on success, 1 on failure.
+ */
+int do_pam_passwd_non_interractive (const char *pam_service,
+ const char *username,
+ const char* password)
+{
+ pam_handle_t *pamh = NULL;
+ int ret;
+
+ ret = pam_start (pam_service, username, &non_interactive_pam_conv, &pamh);
+ if (ret != PAM_SUCCESS) {
+ fprintf (stderr,
+ _("%s: (user %s) pam_start failure %d\n"),
+ Prog, username, ret);
+ return 1;
+ }
+
+ non_interactive_password = password;
+ ret = pam_chauthtok (pamh, 0);
+ if (ret != PAM_SUCCESS) {
+ fprintf (stderr,
+ _("%s: (user %s) pam_chauthtok() failed, error:\n"
+ "%s\n"),
+ Prog, username, pam_strerror (pamh, ret));
+ }
+
+ (void) pam_end (pamh, PAM_SUCCESS);
+
+ return ((PAM_SUCCESS == ret) ? 0 : 1);
+}
+#else /* !USE_PAM */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !USE_PAM */
diff --git a/libmisc/pwd2spwd.c b/libmisc/pwd2spwd.c
new file mode 100644
index 0000000..c1b9b29
--- /dev/null
+++ b/libmisc/pwd2spwd.c
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#ifndef USE_PAM
+
+#include <sys/types.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+extern time_t time (time_t *);
+
+/*
+ * pwd_to_spwd - create entries for new spwd structure
+ *
+ * pwd_to_spwd() creates a new (struct spwd) containing the
+ * information in the pointed-to (struct passwd).
+ */
+
+struct spwd *pwd_to_spwd (const struct passwd *pw)
+{
+ static struct spwd sp;
+
+ /*
+ * Nice, easy parts first. The name and passwd map directly
+ * from the old password structure to the new one.
+ */
+ sp.sp_namp = pw->pw_name;
+ sp.sp_pwdp = pw->pw_passwd;
+
+ {
+ /*
+ * Defaults used if there is no pw_age information.
+ */
+ sp.sp_min = 0;
+ sp.sp_max = (10000L * DAY) / SCALE;
+ sp.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
+ if (0 == sp.sp_lstchg) {
+ /* Better disable aging than requiring a password
+ * change */
+ sp.sp_lstchg = -1;
+ }
+ }
+
+ /*
+ * These fields have no corresponding information in the password
+ * file. They are set to uninitialized values.
+ */
+ sp.sp_warn = -1;
+ sp.sp_expire = -1;
+ sp.sp_inact = -1;
+ sp.sp_flag = SHADOW_SP_FLAG_UNSET;
+
+ return &sp;
+}
+#else /* USE_PAM */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !USE_PAM */
+
diff --git a/libmisc/pwd_init.c b/libmisc/pwd_init.c
new file mode 100644
index 0000000..774ba9b
--- /dev/null
+++ b/libmisc/pwd_init.c
@@ -0,0 +1,102 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1997 , Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "defines.h"
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#ifdef HAVE_SYS_RESOURCE_H
+#include <sys/resource.h>
+#endif
+
+#include "prototypes.h"
+
+/*
+ * pwd_init - ignore signals, and set resource limits to safe
+ * values. Call this before modifying password files, so that
+ * it is less likely to fail in the middle of operation.
+ */
+void pwd_init (void)
+{
+#ifdef HAVE_SYS_RESOURCE_H
+ struct rlimit rlim;
+
+#ifdef RLIMIT_CORE
+ rlim.rlim_cur = rlim.rlim_max = 0;
+ setrlimit (RLIMIT_CORE, &rlim);
+#endif
+ rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
+#ifdef RLIMIT_AS
+ setrlimit (RLIMIT_AS, &rlim);
+#endif
+#ifdef RLIMIT_CPU
+ setrlimit (RLIMIT_CPU, &rlim);
+#endif
+#ifdef RLIMIT_DATA
+ setrlimit (RLIMIT_DATA, &rlim);
+#endif
+#ifdef RLIMIT_FSIZE
+ setrlimit (RLIMIT_FSIZE, &rlim);
+#endif
+#ifdef RLIMIT_NOFILE
+ setrlimit (RLIMIT_NOFILE, &rlim);
+#endif
+#ifdef RLIMIT_RSS
+ setrlimit (RLIMIT_RSS, &rlim);
+#endif
+#ifdef RLIMIT_STACK
+ setrlimit (RLIMIT_STACK, &rlim);
+#endif
+#else /* !HAVE_SYS_RESOURCE_H */
+ set_filesize_limit (30000);
+ /* don't know how to set the other limits... */
+#endif /* !HAVE_SYS_RESOURCE_H */
+
+ signal (SIGALRM, SIG_IGN);
+ signal (SIGHUP, SIG_IGN);
+ signal (SIGINT, SIG_IGN);
+ signal (SIGPIPE, SIG_IGN);
+ signal (SIGQUIT, SIG_IGN);
+ signal (SIGTERM, SIG_IGN);
+#ifdef SIGTSTP
+ signal (SIGTSTP, SIG_IGN);
+#endif
+#ifdef SIGTTOU
+ signal (SIGTTOU, SIG_IGN);
+#endif
+
+ umask (077);
+}
diff --git a/libmisc/pwdcheck.c b/libmisc/pwdcheck.c
new file mode 100644
index 0000000..ec1f474
--- /dev/null
+++ b/libmisc/pwdcheck.c
@@ -0,0 +1,60 @@
+/*
+ * Copyright (c) 2000 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#ifndef USE_PAM
+
+#include <stdio.h>
+#include <shadow.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "pwauth.h"
+
+void passwd_check (const char *user, const char *passwd, unused const char *progname)
+{
+ struct spwd *sp;
+
+ sp = getspnam (user); /* !USE_PAM, no need for xgetspnam */
+ if (NULL != sp) {
+ passwd = sp->sp_pwdp;
+ }
+ if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) {
+ SYSLOG ((LOG_WARN, "incorrect password for `%s'", user));
+ (void) sleep (1);
+ fprintf (stderr, _("Incorrect password for %s.\n"), user);
+ exit (EXIT_FAILURE);
+ }
+}
+#else /* USE_PAM */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* USE_PAM */
diff --git a/libmisc/remove_tree.c b/libmisc/remove_tree.c
new file mode 100644
index 0000000..b2794ab
--- /dev/null
+++ b/libmisc/remove_tree.c
@@ -0,0 +1,133 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2001, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <dirent.h>
+#include <unistd.h>
+#include "prototypes.h"
+#include "defines.h"
+
+/*
+ * remove_tree - delete a directory tree
+ *
+ * remove_tree() walks a directory tree and deletes all the files
+ * and directories.
+ * At the end, it deletes the root directory itself.
+ */
+
+int remove_tree (const char *root, bool remove_root)
+{
+ char *new_name = NULL;
+ int err = 0;
+ struct DIRECT *ent;
+ struct stat sb;
+ DIR *dir;
+
+ /*
+ * Open the source directory and read each entry. Every file
+ * entry in the directory is copied with the UID and GID set
+ * to the provided values. As an added security feature only
+ * regular files (and directories ...) are copied, and no file
+ * is made set-ID.
+ */
+ dir = opendir (root);
+ if (NULL == dir) {
+ return -1;
+ }
+
+ while ((ent = readdir (dir))) {
+ size_t new_len = strlen (root) + strlen (ent->d_name) + 2;
+
+ /*
+ * Skip the "." and ".." entries
+ */
+
+ if (strcmp (ent->d_name, ".") == 0 ||
+ strcmp (ent->d_name, "..") == 0) {
+ continue;
+ }
+
+ /*
+ * Make the filename for the current entry.
+ */
+
+ free (new_name);
+ new_name = (char *) malloc (new_len);
+ if (NULL == new_name) {
+ err = -1;
+ break;
+ }
+ (void) snprintf (new_name, new_len, "%s/%s", root, ent->d_name);
+ if (LSTAT (new_name, &sb) == -1) {
+ continue;
+ }
+
+ if (S_ISDIR (sb.st_mode)) {
+ /*
+ * Recursively delete this directory.
+ */
+ if (remove_tree (new_name, true) != 0) {
+ err = -1;
+ break;
+ }
+ } else {
+ /*
+ * Delete the file.
+ */
+ if (unlink (new_name) != 0) {
+ err = -1;
+ break;
+ }
+ }
+ }
+ if (NULL != new_name) {
+ free (new_name);
+ }
+ (void) closedir (dir);
+
+ if (remove_root && (0 == err)) {
+ if (rmdir (root) != 0) {
+ err = -1;
+ }
+ }
+
+ return err;
+}
+
diff --git a/libmisc/rlogin.c b/libmisc/rlogin.c
new file mode 100644
index 0000000..b19f5e8
--- /dev/null
+++ b/libmisc/rlogin.c
@@ -0,0 +1,198 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef RLOGIN
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include <stdio.h>
+#include <pwd.h>
+#include <netdb.h>
+static struct {
+ int spd_name;
+ int spd_baud;
+} speed_table[] =
+{
+#ifdef B50
+ {
+ B50, 50},
+#endif
+#ifdef B75
+ {
+ B75, 75},
+#endif
+#ifdef B110
+ {
+ B110, 110},
+#endif
+#ifdef B134
+ {
+ B134, 134},
+#endif
+#ifdef B150
+ {
+ B150, 150},
+#endif
+#ifdef B200
+ {
+ B200, 200},
+#endif
+#ifdef B300
+ {
+ B300, 300},
+#endif
+#ifdef B600
+ {
+ B600, 600},
+#endif
+#ifdef B1200
+ {
+ B1200, 1200},
+#endif
+#ifdef B1800
+ {
+ B1800, 1800},
+#endif
+#ifdef B2400
+ {
+ B2400, 2400},
+#endif
+#ifdef B4800
+ {
+ B4800, 4800},
+#endif
+#ifdef B9600
+ {
+ B9600, 9600},
+#endif
+#ifdef B19200
+ {
+ B19200, 19200},
+#endif
+#ifdef B38400
+ {
+ B38400, 38400},
+#endif
+ {
+ -1, -1}
+};
+
+static void get_remote_string (char *buf, size_t size)
+{
+ for (;;) {
+ if (read (0, buf, 1) != 1) {
+ exit (EXIT_FAILURE);
+ }
+ if ('\0' == *buf) {
+ return;
+ }
+ --size;
+ if (size > 0) {
+ ++buf;
+ }
+ }
+ /*NOTREACHED*/}
+
+int
+do_rlogin (const char *remote_host, char *name, size_t namelen, char *term,
+ size_t termlen)
+{
+ struct passwd *pwd;
+ char remote_name[32];
+ char *cp;
+ unsigned long remote_speed = 9600;
+ int speed_name = B9600;
+ int i;
+ TERMIO termio;
+
+ get_remote_string (remote_name, sizeof remote_name);
+ get_remote_string (name, namelen);
+ get_remote_string (term, termlen);
+
+ cp = strchr (term, '/');
+ if (NULL != cp) {
+ *cp = '\0';
+ cp++;
+
+ if (getulong (cp, &remote_speed) == 0) {
+ remote_speed = 9600;
+ }
+ }
+ for (i = 0;
+ ( (speed_table[i].spd_baud != remote_speed)
+ && (speed_table[i].spd_name != -1));
+ i++);
+
+ if (-1 != speed_table[i].spd_name) {
+ speed_name = speed_table[i].spd_name;
+ }
+
+ /*
+ * Put the terminal in cooked mode with echo turned on.
+ */
+
+ GTTY (0, &termio);
+ termio.c_iflag |= ICRNL | IXON;
+ termio.c_oflag |= OPOST | ONLCR;
+ termio.c_lflag |= ICANON | ECHO | ECHOE;
+#ifdef CBAUD
+ termio.c_cflag = (termio.c_cflag & ~CBAUD) | speed_name;
+#else
+ termio.c_cflag = (termio.c_cflag) | speed_name;
+#endif
+ STTY (0, &termio);
+
+ pwd = getpwnam (name); /* local, no need for xgetpwnam */
+ if (NULL == pwd) {
+ return 0;
+ }
+
+ /*
+ * ruserok() returns 0 for success on modern systems, and 1 on
+ * older ones. If you are having trouble with people logging
+ * in without giving a required password, THIS is the culprit -
+ * go fix the #define in config.h.
+ */
+
+#ifndef RUSEROK
+ return 0;
+#else
+ return ruserok (remote_host, pwd->pw_uid == 0,
+ remote_name, name) == RUSEROK;
+#endif
+}
+#endif /* RLOGIN */
+
diff --git a/libmisc/root_flag.c b/libmisc/root_flag.c
new file mode 100644
index 0000000..7f5e611
--- /dev/null
+++ b/libmisc/root_flag.c
@@ -0,0 +1,124 @@
+/*
+ * Copyright (c) 2011 , Julian Pidancet
+ * Copyright (c) 2011 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <assert.h>
+#include "defines.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+static void change_root (const char* newroot);
+
+/*
+ * process_root_flag - chroot if given the --root option
+ *
+ * This shall be called before accessing the passwd, group, shadow,
+ * gshadow, useradd's default, login.defs files (non exhaustive list)
+ * or authenticating the caller.
+ *
+ * The audit, syslog, or locale files shall be open before
+ */
+extern void process_root_flag (const char* short_opt, int argc, char **argv)
+{
+ /*
+ * Parse the command line options.
+ */
+ int i;
+ const char *newroot = NULL;
+
+ for (i = 0; i < argc; i++) {
+ if ( (strcmp (argv[i], "--root") == 0)
+ || (strcmp (argv[i], short_opt) == 0)) {
+ if (NULL != newroot) {
+ fprintf (stderr,
+ _("%s: multiple --root options\n"),
+ Prog);
+ exit (E_BAD_ARG);
+ }
+
+ if (i + 1 == argc) {
+ fprintf (stderr,
+ _("%s: option '%s' requires an argument\n"),
+ Prog, argv[i]);
+ exit (E_BAD_ARG);
+ }
+ newroot = argv[i + 1];
+ }
+ }
+
+ if (NULL != newroot) {
+ change_root (newroot);
+ }
+}
+
+static void change_root (const char* newroot)
+{
+ /* Drop privileges */
+ if ( (setregid (getgid (), getgid ()) != 0)
+ || (setreuid (getuid (), getuid ()) != 0)) {
+ fprintf (stderr, _("%s: failed to drop privileges (%s)\n"),
+ Prog, strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+
+ if ('/' != newroot[0]) {
+ fprintf (stderr,
+ _("%s: invalid chroot path '%s'\n"),
+ Prog, newroot);
+ exit (E_BAD_ARG);
+ }
+
+ if (access (newroot, F_OK) != 0) {
+ fprintf(stderr,
+ _("%s: cannot access chroot directory %s: %s\n"),
+ Prog, newroot, strerror (errno));
+ exit (E_BAD_ARG);
+ }
+
+ if (chdir (newroot) != 0) {
+ fprintf(stderr,
+ _("%s: cannot chdir to chroot directory %s: %s\n"),
+ Prog, newroot, strerror (errno));
+ exit (E_BAD_ARG);
+ }
+
+ if (chroot (newroot) != 0) {
+ fprintf(stderr,
+ _("%s: unable to chroot to directory %s: %s\n"),
+ Prog, newroot, strerror (errno));
+ exit (E_BAD_ARG);
+ }
+}
+
diff --git a/libmisc/salt.c b/libmisc/salt.c
new file mode 100644
index 0000000..c72447e
--- /dev/null
+++ b/libmisc/salt.c
@@ -0,0 +1,260 @@
+/*
+ * salt.c - generate a random salt string for crypt()
+ *
+ * Written by Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>,
+ * it is in the public domain.
+ *
+ * l64a was Written by J.T. Conklin <jtc@netbsd.org>. Public domain.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/time.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <assert.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+
+/* local function prototypes */
+static void seedRNG (void);
+static /*@observer@*/const char *gensalt (size_t salt_size);
+#ifdef USE_SHA_CRYPT
+static long shadow_random (long min, long max);
+static /*@observer@*/const char *SHA_salt_rounds (/*@null@*/int *prefered_rounds);
+#endif /* USE_SHA_CRYPT */
+
+#ifndef HAVE_L64A
+static /*@observer@*/char *l64a(long value)
+{
+ static char buf[8];
+ char *s = buf;
+ int digit;
+ int i;
+
+ if (value < 0) {
+ errno = EINVAL;
+ return(NULL);
+ }
+
+ for (i = 0; value != 0 && i < 6; i++) {
+ digit = value & 0x3f;
+
+ if (digit < 2) {
+ *s = digit + '.';
+ } else if (digit < 12) {
+ *s = digit + '0' - 2;
+ } else if (digit < 38) {
+ *s = digit + 'A' - 12;
+ } else {
+ *s = digit + 'a' - 38;
+ }
+
+ value >>= 6;
+ s++;
+ }
+
+ *s = '\0';
+
+ return(buf);
+}
+#endif /* !HAVE_L64A */
+
+static void seedRNG (void)
+{
+ struct timeval tv;
+ static int seeded = 0;
+
+ if (0 == seeded) {
+ (void) gettimeofday (&tv, NULL);
+ srandom (tv.tv_sec ^ tv.tv_usec ^ getpid ());
+ seeded = 1;
+ }
+}
+
+/*
+ * Add the salt prefix.
+ */
+#define MAGNUM(array,ch) (array)[0]=(array)[2]='$',(array)[1]=(ch),(array)[3]='\0'
+
+#ifdef USE_SHA_CRYPT
+/* It is not clear what is the maximum value of random().
+ * We assume 2^31-1.*/
+#define RANDOM_MAX 0x7FFFFFFF
+
+/*
+ * Return a random number between min and max (both included).
+ *
+ * It favors slightly the higher numbers.
+ */
+static long shadow_random (long min, long max)
+{
+ double drand;
+ long ret;
+ seedRNG ();
+ drand = (double) (max - min + 1) * random () / RANDOM_MAX;
+ /* On systems were this is not random() range is lower, we favor
+ * higher numbers of salt. */
+ ret = (long) (max + 1 - drand);
+ /* And we catch limits, and use the highest number */
+ if ((ret < min) || (ret > max)) {
+ ret = max;
+ }
+ return ret;
+}
+
+/* Default number of rounds if not explicitly specified. */
+#define ROUNDS_DEFAULT 5000
+/* Minimum number of rounds. */
+#define ROUNDS_MIN 1000
+/* Maximum number of rounds. */
+#define ROUNDS_MAX 999999999
+
+/*
+ * Return a salt prefix specifying the rounds number for the SHA crypt methods.
+ */
+static /*@observer@*/const char *SHA_salt_rounds (/*@null@*/int *prefered_rounds)
+{
+ static char rounds_prefix[18]; /* Max size: rounds=999999999$ */
+ long rounds;
+
+ if (NULL == prefered_rounds) {
+ long min_rounds = getdef_long ("SHA_CRYPT_MIN_ROUNDS", -1);
+ long max_rounds = getdef_long ("SHA_CRYPT_MAX_ROUNDS", -1);
+
+ if ((-1 == min_rounds) && (-1 == max_rounds)) {
+ return "";
+ }
+
+ if (-1 == min_rounds) {
+ min_rounds = max_rounds;
+ }
+
+ if (-1 == max_rounds) {
+ max_rounds = min_rounds;
+ }
+
+ if (min_rounds > max_rounds) {
+ max_rounds = min_rounds;
+ }
+
+ rounds = shadow_random (min_rounds, max_rounds);
+ } else if (0 == *prefered_rounds) {
+ return "";
+ } else {
+ rounds = *prefered_rounds;
+ }
+
+ /* Sanity checks. The libc should also check this, but this
+ * protects against a rounds_prefix overflow. */
+ if (rounds < ROUNDS_MIN) {
+ rounds = ROUNDS_MIN;
+ }
+
+ if (rounds > ROUNDS_MAX) {
+ rounds = ROUNDS_MAX;
+ }
+
+ (void) snprintf (rounds_prefix, sizeof rounds_prefix,
+ "rounds=%ld$", rounds);
+
+ return rounds_prefix;
+}
+#endif /* USE_SHA_CRYPT */
+
+/*
+ * Generate salt of size salt_size.
+ */
+#define MAX_SALT_SIZE 16
+#define MIN_SALT_SIZE 8
+
+static /*@observer@*/const char *gensalt (size_t salt_size)
+{
+ static char salt[32];
+
+ salt[0] = '\0';
+
+ assert (salt_size >= MIN_SALT_SIZE &&
+ salt_size <= MAX_SALT_SIZE);
+ seedRNG ();
+ strcat (salt, l64a (random()));
+ do {
+ strcat (salt, l64a (random()));
+ } while (strlen (salt) < salt_size);
+
+ salt[salt_size] = '\0';
+
+ return salt;
+}
+
+/*
+ * Generate 8 base64 ASCII characters of random salt. If MD5_CRYPT_ENAB
+ * in /etc/login.defs is "yes", the salt string will be prefixed by "$1$"
+ * (magic) and pw_encrypt() will execute the MD5-based FreeBSD-compatible
+ * version of crypt() instead of the standard one.
+ * Other methods can be set with ENCRYPT_METHOD
+ *
+ * The method can be forced with the meth parameter.
+ * If NULL, the method will be defined according to the MD5_CRYPT_ENAB and
+ * ENCRYPT_METHOD login.defs variables.
+ *
+ * If meth is specified, an additional parameter can be provided.
+ * * For the SHA256 and SHA512 method, this specifies the number of rounds
+ * (if not NULL).
+ */
+/*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const char *meth, /*@null@*/void *arg)
+{
+ /* Max result size for the SHA methods:
+ * +3 $5$
+ * +17 rounds=999999999$
+ * +16 salt
+ * +1 \0
+ */
+ static char result[40];
+ size_t salt_len = 8;
+ const char *method;
+
+ result[0] = '\0';
+
+ if (NULL != meth)
+ method = meth;
+ else {
+ method = getdef_str ("ENCRYPT_METHOD");
+ if (NULL == method) {
+ method = getdef_bool ("MD5_CRYPT_ENAB") ? "MD5" : "DES";
+ }
+ }
+
+ if (0 == strcmp (method, "MD5")) {
+ MAGNUM(result, '1');
+#ifdef USE_SHA_CRYPT
+ } else if (0 == strcmp (method, "SHA256")) {
+ MAGNUM(result, '5');
+ strcat(result, SHA_salt_rounds((int *)arg));
+ salt_len = (size_t) shadow_random (8, 16);
+ } else if (0 == strcmp (method, "SHA512")) {
+ MAGNUM(result, '6');
+ strcat(result, SHA_salt_rounds((int *)arg));
+ salt_len = (size_t) shadow_random (8, 16);
+#endif /* USE_SHA_CRYPT */
+ } else if (0 != strcmp (method, "DES")) {
+ fprintf (stderr,
+ _("Invalid ENCRYPT_METHOD value: '%s'.\n"
+ "Defaulting to DES.\n"),
+ method);
+ result[0] = '\0';
+ }
+
+ /*
+ * Concatenate a pseudo random salt.
+ */
+ assert (sizeof (result) > strlen (result) + salt_len);
+ strncat (result, gensalt (salt_len),
+ sizeof (result) - strlen (result) - 1);
+
+ return result;
+}
+
diff --git a/libmisc/setugid.c b/libmisc/setugid.c
new file mode 100644
index 0000000..9bb62af
--- /dev/null
+++ b/libmisc/setugid.c
@@ -0,0 +1,148 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Separated from setup.c. --marekm
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <grp.h>
+#include <errno.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include "getdef.h"
+
+/*
+ * setup_groups - set the group credentials
+ * set the group ID to the value from the password file entry
+ * set the supplementary group IDs
+ *
+ * In case of PAM enabled configurations, this shall be called before
+ * pam_setcred.
+ *
+ * Returns 0 on success, or -1 on failure.
+ */
+int setup_groups (const struct passwd *info)
+{
+ /*
+ * Set the real group ID to the primary group ID in the password
+ * file.
+ */
+ if (setgid (info->pw_gid) == -1) {
+ int err = errno;
+ perror ("setgid");
+ SYSLOG ((LOG_ERR, "bad group ID `%d' for user `%s': %s\n",
+ info->pw_gid, info->pw_name, strerror (err)));
+ closelog ();
+ return -1;
+ }
+#ifdef HAVE_INITGROUPS
+ /*
+ * For systems which support multiple concurrent groups, go get
+ * the group set from the /etc/group file.
+ */
+ if (initgroups (info->pw_name, info->pw_gid) == -1) {
+ int err = errno;
+ perror ("initgroups");
+ SYSLOG ((LOG_ERR, "initgroups failed for user `%s': %s\n",
+ info->pw_name, strerror (err)));
+ closelog ();
+ return -1;
+ }
+#endif
+ return 0;
+}
+
+/*
+ * change_uid - Set the real UID
+ *
+ * Returns 0 on success, or -1 on failure.
+ */
+int change_uid (const struct passwd *info)
+{
+ /*
+ * Set the real UID to the UID value in the password file.
+ */
+ if (setuid (info->pw_uid) != 0) {
+ int err = errno;
+ perror ("setuid");
+ SYSLOG ((LOG_ERR, "bad user ID `%d' for user `%s': %s\n",
+ (int) info->pw_uid, info->pw_name, strerror (err)));
+ closelog ();
+ return -1;
+ }
+ return 0;
+}
+
+/*
+ * setup_uid_gid() performs the following steps -
+ *
+ * set the group ID to the value from the password file entry
+ * set the supplementary group IDs
+ * optionally call specified function which may add more groups
+ * set the user ID to the value from the password file entry
+ *
+ * Returns 0 on success, or -1 on failure.
+ */
+
+#if defined (HAVE_INITGROUPS) && ! (defined USE_PAM)
+int setup_uid_gid (const struct passwd *info, bool is_console)
+#else
+int setup_uid_gid (const struct passwd *info)
+#endif
+{
+ if (setup_groups (info) < 0) {
+ return -1;
+ }
+
+#if defined (HAVE_INITGROUPS) && ! defined (USE_PAM)
+ if (is_console) {
+ const char *cp = getdef_str ("CONSOLE_GROUPS");
+
+ if ((NULL != cp) && (add_groups (cp) != 0)) {
+ perror ("Warning: add_groups");
+ }
+ }
+#endif /* HAVE_INITGROUPS && !USE_PAM*/
+
+ if (change_uid (info) < 0) {
+ return -1;
+ }
+
+ return 0;
+}
+
diff --git a/libmisc/setupenv.c b/libmisc/setupenv.c
new file mode 100644
index 0000000..8020f3d
--- /dev/null
+++ b/libmisc/setupenv.c
@@ -0,0 +1,312 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Separated from setup.c. --marekm
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <ctype.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include "getdef.h"
+
+#ifndef USE_PAM
+static void
+addenv_path (const char *varname, const char *dirname, const char *filename)
+{
+ char *buf;
+ size_t len = strlen (dirname) + strlen (filename) + 2;
+ int wlen;
+
+ buf = xmalloc (len);
+ wlen = snprintf (buf, len, "%s/%s", dirname, filename);
+ assert (wlen == (int) len - 1);
+
+ addenv (varname, buf);
+ free (buf);
+}
+
+static void read_env_file (const char *filename)
+{
+ FILE *fp;
+ char buf[1024];
+ char *cp, *name, *val;
+
+ fp = fopen (filename, "r");
+ if (NULL == fp) {
+ return;
+ }
+ while (fgets (buf, (int)(sizeof buf), fp) == buf) {
+ cp = strrchr (buf, '\n');
+ if (NULL == cp) {
+ break;
+ }
+ *cp = '\0';
+
+ cp = buf;
+ /* ignore whitespace and comments */
+ while (('\0' != *cp) && isspace (*cp)) {
+ cp++;
+ }
+ if (('\0' == *cp) || ('#' == *cp)) {
+ continue;
+ }
+ /*
+ * ignore lines which don't follow the name=value format
+ * (for example, the "export NAME" shell commands)
+ */
+ name = cp;
+ while (('\0' != *cp) && !isspace (*cp) && ('=' != *cp)) {
+ cp++;
+ }
+ if ('=' != *cp) {
+ continue;
+ }
+ /* NUL-terminate the name */
+ *cp = '\0';
+ cp++;
+ val = cp;
+#if 0 /* XXX untested, and needs rewrite with fewer goto's :-) */
+/*
+ (state, char_type) -> (state, action)
+
+ state: unquoted, single_quoted, double_quoted, escaped, double_quoted_escaped
+ char_type: normal, white, backslash, single, double
+ action: remove_curr, remove_curr_skip_next, remove_prev, finish XXX
+*/
+ no_quote:
+ if (*cp == '\\') {
+ /* remove the backslash */
+ remove_char (cp);
+ /* skip over the next character */
+ if (*cp)
+ cp++;
+ goto no_quote;
+ } else if (*cp == '\'') {
+ /* remove the quote */
+ remove_char (cp);
+ /* now within single quotes */
+ goto s_quote;
+ } else if (*cp == '"') {
+ /* remove the quote */
+ remove_char (cp);
+ /* now within double quotes */
+ goto d_quote;
+ } else if (*cp == '\0') {
+ /* end of string */
+ goto finished;
+ } else if (isspace (*cp)) {
+ /* unescaped whitespace - end of string */
+ *cp = '\0';
+ goto finished;
+ } else {
+ cp++;
+ goto no_quote;
+ }
+ s_quote:
+ if (*cp == '\'') {
+ /* remove the quote */
+ remove_char (cp);
+ /* unquoted again */
+ goto no_quote;
+ } else if (*cp == '\0') {
+ /* end of string */
+ goto finished;
+ } else {
+ /* preserve everything within single quotes */
+ cp++;
+ goto s_quote;
+ }
+ d_quote:
+ if (*cp == '\"') {
+ /* remove the quote */
+ remove_char (cp);
+ /* unquoted again */
+ goto no_quote;
+ } else if (*cp == '\\') {
+ cp++;
+ /* if backslash followed by double quote, remove backslash
+ else skip over the backslash and following char */
+ if (*cp == '"')
+ remove_char (cp - 1);
+ else if (*cp)
+ cp++;
+ goto d_quote;
+ }
+ eise if (*cp == '\0') {
+ /* end of string */
+ goto finished;
+ } else {
+ /* preserve everything within double quotes */
+ goto d_quote;
+ }
+ finished:
+#endif /* 0 */
+ /*
+ * XXX - should handle quotes, backslash escapes, etc.
+ * like the shell does.
+ */
+ addenv (name, val);
+ }
+ (void) fclose (fp);
+}
+#endif /* USE_PAM */
+
+
+/*
+ * change to the user's home directory
+ * set the HOME, SHELL, MAIL, PATH, and LOGNAME or USER environmental
+ * variables.
+ */
+
+void setup_env (struct passwd *info)
+{
+#ifndef USE_PAM
+ const char *envf;
+#endif
+ const char *cp;
+
+ /*
+ * Change the current working directory to be the home directory
+ * of the user. It is a fatal error for this process to be unable
+ * to change to that directory. There is no "default" home
+ * directory.
+ *
+ * We no longer do it as root - should work better on NFS-mounted
+ * home directories. Some systems default to HOME=/, so we make
+ * this a configurable option. --marekm
+ */
+
+ if (chdir (info->pw_dir) == -1) {
+ static char temp_pw_dir[] = "/";
+
+ if (!getdef_bool ("DEFAULT_HOME") || chdir ("/") == -1) {
+ fprintf (stderr, _("Unable to cd to '%s'\n"),
+ info->pw_dir);
+ SYSLOG ((LOG_WARN,
+ "unable to cd to `%s' for user `%s'\n",
+ info->pw_dir, info->pw_name));
+ closelog ();
+ exit (EXIT_FAILURE);
+ }
+ (void) puts (_("No directory, logging in with HOME=/"));
+ free (info->pw_dir);
+ info->pw_dir = xstrdup (temp_pw_dir);
+ }
+
+ /*
+ * Create the HOME environmental variable and export it.
+ */
+
+ addenv ("HOME", info->pw_dir);
+
+ /*
+ * Create the SHELL environmental variable and export it.
+ */
+
+ if ((NULL == info->pw_shell) || ('\0' == *info->pw_shell)) {
+ static char temp_pw_shell[] = SHELL;
+
+ free (info->pw_shell);
+ info->pw_shell = xstrdup (temp_pw_shell);
+ }
+
+ addenv ("SHELL", info->pw_shell);
+
+ /*
+ * Export the user name. For BSD derived systems, it's "USER", for
+ * all others it's "LOGNAME". We set both of them.
+ */
+
+ addenv ("USER", info->pw_name);
+ addenv ("LOGNAME", info->pw_name);
+
+ /*
+ * Create the PATH environmental variable and export it.
+ */
+
+ cp = getdef_str ((info->pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
+
+ if (NULL == cp) {
+ /* not specified, use a minimal default */
+ addenv ((info->pw_uid == 0) ? "PATH=/sbin:/bin:/usr/sbin:/usr/bin" : "PATH=/bin:/usr/bin", NULL);
+ } else if (strchr (cp, '=')) {
+ /* specified as name=value (PATH=...) */
+ addenv (cp, NULL);
+ } else {
+ /* only value specified without "PATH=" */
+ addenv ("PATH", cp);
+ }
+
+#ifndef USE_PAM
+ /*
+ * Create the MAIL environmental variable and export it. login.defs
+ * knows the prefix.
+ */
+
+ if (getdef_bool ("MAIL_CHECK_ENAB")) {
+ cp = getdef_str ("MAIL_DIR");
+ if (NULL != cp) {
+ addenv_path ("MAIL", cp, info->pw_name);
+ } else {
+ cp = getdef_str ("MAIL_FILE");
+ if (NULL != cp) {
+ addenv_path ("MAIL", info->pw_dir, cp);
+ } else {
+#if defined(MAIL_SPOOL_FILE)
+ addenv_path ("MAIL", info->pw_dir, MAIL_SPOOL_FILE);
+#elif defined(MAIL_SPOOL_DIR)
+ addenv_path ("MAIL", MAIL_SPOOL_DIR, info->pw_name);
+#endif
+ }
+ }
+ }
+
+ /*
+ * Read environment from optional config file. --marekm
+ */
+ envf = getdef_str ("ENVIRON_FILE");
+ if (NULL != envf) {
+ read_env_file (envf);
+ }
+#endif /* !USE_PAM */
+}
+
diff --git a/libmisc/shell.c b/libmisc/shell.c
new file mode 100644
index 0000000..92bfc2b
--- /dev/null
+++ b/libmisc/shell.c
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 1989 - 1991, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2009 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <errno.h>
+#include "prototypes.h"
+#include "defines.h"
+extern char **newenvp;
+extern size_t newenvc;
+
+/*
+ * shell - execute the named program
+ *
+ * shell begins by trying to figure out what argv[0] is going to
+ * be for the named process. The user may pass in that argument,
+ * or it will be the last pathname component of the file with a
+ * '-' prepended.
+ * Then, it executes the named file.
+ */
+
+int shell (const char *file, /*@null@*/const char *arg, char *const envp[])
+{
+ char arg0[1024];
+ int err;
+
+ if (file == (char *) 0) {
+ errno = EINVAL;
+ return errno;
+ }
+
+ /*
+ * The argv[0]'th entry is usually the path name, but
+ * for various reasons the invoker may want to override
+ * that. So, we determine the 0'th entry only if they
+ * don't want to tell us what it is themselves.
+ */
+ if (arg == (char *) 0) {
+ (void) snprintf (arg0, sizeof arg0, "-%s", Basename ((char *) file));
+ arg0[sizeof arg0 - 1] = '\0';
+ arg = arg0;
+ }
+
+ /*
+ * First we try the direct approach. The system should be
+ * able to figure out what we are up to without too much
+ * grief.
+ */
+ (void) execle (file, arg, (char *) 0, envp);
+ err = errno;
+
+ if (access (file, R_OK|X_OK) == 0) {
+ /*
+ * Assume this is a shell script (with no shebang).
+ * Interpret it with /bin/sh
+ */
+ (void) execle (SHELL, "sh", "-", file, (char *)0, envp);
+ err = errno;
+ }
+
+ /*
+ * Obviously something is really wrong - I can't figure out
+ * how to execute this stupid shell, so I might as well give
+ * up in disgust ...
+ */
+ (void) snprintf (arg0, sizeof arg0, _("Cannot execute %s"), file);
+ errno = err;
+ perror (arg0);
+ return err;
+}
+
diff --git a/libmisc/strtoday.c b/libmisc/strtoday.c
new file mode 100644
index 0000000..5764898
--- /dev/null
+++ b/libmisc/strtoday.c
@@ -0,0 +1,243 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#if !defined(__GLIBC__)
+#define _XOPEN_SOURCE 500
+#endif
+
+#include <config.h>
+
+#include <ctype.h>
+
+#ident "$Id$"
+
+#include "defines.h"
+#include "prototypes.h"
+
+#ifndef USE_GETDATE
+#define USE_GETDATE 1
+#endif
+
+#if USE_GETDATE
+#include "getdate.h"
+/*
+ * strtoday() now uses get_date() (borrowed from GNU shellutils)
+ * which can handle many date formats, for example:
+ * 1970-09-17 # ISO 8601.
+ * 70-9-17 # This century assumed by default.
+ * 70-09-17 # Leading zeros are ignored.
+ * 9/17/72 # Common U.S. writing.
+ * 24 September 1972
+ * 24 Sept 72 # September has a special abbreviation.
+ * 24 Sep 72 # Three-letter abbreviations always allowed.
+ * Sep 24, 1972
+ * 24-sep-72
+ * 24sep72
+ */
+long strtoday (const char *str)
+{
+ time_t t;
+ bool isnum = true;
+ const char *s = str;
+
+ /*
+ * get_date() interprets an empty string as the current date,
+ * which is not what we expect, unless you're a BOFH :-).
+ * (useradd sets sp_expire = current date for new lusers)
+ */
+ if ((NULL == str) || ('\0' == *str)) {
+ return -1;
+ }
+
+ /* If a numerical value is provided, this is already a number of
+ * days since EPOCH.
+ */
+ if ('-' == *s) {
+ s++;
+ }
+ while (' ' == *s) {
+ s++;
+ }
+ while (isnum && ('\0' != *s)) {
+ if (!isdigit (*s)) {
+ isnum = false;
+ }
+ s++;
+ }
+ if (isnum) {
+ long retdate;
+ if (getlong (str, &retdate) == 0) {
+ return -2;
+ }
+ return retdate;
+ }
+
+ t = get_date (str, NULL);
+ if ((time_t) - 1 == t) {
+ return -2;
+ }
+ /* convert seconds to days since 1970-01-01 */
+ return (long) (t + DAY / 2) / DAY;
+}
+
+#else /* !USE_GETDATE */
+/*
+ * Old code, just in case get_date() doesn't work as expected...
+ */
+#include <stdio.h>
+#ifdef HAVE_STRPTIME
+/*
+ * for now we allow just one format, but we can define more later
+ * (we try them all until one succeeds). --marekm
+ */
+static char *date_formats[] = {
+ "%Y-%m-%d",
+ (char *) 0
+};
+#else
+/*
+ * days and juldays are used to compute the number of days in the
+ * current month, and the cummulative number of days in the preceding
+ * months. they are declared so that january is 1, not 0.
+ */
+static short days[13] = { 0,
+ 31, 28, 31, 30, 31, 30, /* JAN - JUN */
+ 31, 31, 30, 31, 30, 31
+}; /* JUL - DEC */
+
+static short juldays[13] = { 0,
+ 0, 31, 59, 90, 120, 151, /* JAN - JUN */
+ 181, 212, 243, 273, 304, 334
+}; /* JUL - DEC */
+#endif
+
+/*
+ * strtoday - compute the number of days since 1970.
+ *
+ * the total number of days prior to the current date is
+ * computed. january 1, 1970 is used as the origin with
+ * it having a day number of 0.
+ */
+
+long strtoday (const char *str)
+{
+#ifdef HAVE_STRPTIME
+ struct tm tp;
+ char *const *fmt;
+ char *cp;
+ time_t result;
+
+ memzero (&tp, sizeof tp);
+ for (fmt = date_formats; *fmt; fmt++) {
+ cp = strptime ((char *) str, *fmt, &tp);
+ if ((NULL == cp) || ('\0' != *cp)) {
+ continue;
+ }
+
+ result = mktime (&tp);
+ if ((time_t) - 1 == result) {
+ continue;
+ }
+
+ return (long) (result / DAY); /* success */
+ }
+ return -1;
+#else
+ char slop[2];
+ int month;
+ int day;
+ int year;
+ long total;
+
+ /*
+ * start by separating the month, day and year. the order
+ * is compiled in ...
+ */
+
+ if (sscanf (str, "%d/%d/%d%c", &year, &month, &day, slop) != 3) {
+ return -1;
+ }
+
+ /*
+ * the month, day of the month, and year are checked for
+ * correctness and the year adjusted so it falls between
+ * 1970 and 2069.
+ */
+
+ if ((month < 1) || (month > 12)) {
+ return -1;
+ }
+
+ if (day < 1) {
+ return -1;
+ }
+
+ if ( ((2 != month) || ((year % 4) != 0))
+ && (day > days[month])) {
+ return -1;
+ } else if ((month == 2) && ((year % 4) == 0) && (day > 29)) {
+ return -1;
+ }
+
+ if (year < 0) {
+ return -1;
+ } else if (year <= 69) {
+ year += 2000;
+ } else if (year <= 99) {
+ year += 1900;
+ }
+
+ /*
+ * On systems with 32-bit signed time_t, time wraps around in 2038
+ * - for now we just limit the year to 2037 (instead of 2069).
+ * This limit can be removed once no one is using 32-bit systems
+ * anymore :-). --marekm
+ */
+ if ((year < 1970) || (year > 2037)) {
+ return -1;
+ }
+
+ /*
+ * the total number of days is the total number of days in all
+ * the whole years, plus the number of leap days, plus the
+ * number of days in the whole months preceding, plus the number
+ * of days so far in the month.
+ */
+
+ total = (long) ((year - 1970) * 365L) + (((year + 1) - 1970) / 4);
+ total += (long) juldays[month] + (month > 2 && (year % 4) == 0 ? 1 : 0);
+ total += (long) day - 1;
+
+ return total;
+#endif /* HAVE_STRPTIME */
+}
+#endif /* !USE_GETDATE */
diff --git a/libmisc/sub.c b/libmisc/sub.c
new file mode 100644
index 0000000..b0e32d1
--- /dev/null
+++ b/libmisc/sub.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 1989 - 1991, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include "prototypes.h"
+#include "defines.h"
+#define BAD_SUBROOT2 "invalid root `%s' for user `%s'\n"
+#define NO_SUBROOT2 "no subsystem root `%s' for user `%s'\n"
+/*
+ * subsystem - change to subsystem root
+ *
+ * A subsystem login is indicated by the presence of a "*" as
+ * the first character of the login shell. The given home
+ * directory will be used as the root of a new filesystem which
+ * the user is actually logged into.
+ */
+void subsystem (const struct passwd *pw)
+{
+ /*
+ * The new root directory must begin with a "/" character.
+ */
+
+ if (pw->pw_dir[0] != '/') {
+ printf (_("Invalid root directory '%s'\n"), pw->pw_dir);
+ SYSLOG ((LOG_WARN, BAD_SUBROOT2, pw->pw_dir, pw->pw_name));
+ closelog ();
+ exit (EXIT_FAILURE);
+ }
+
+ /*
+ * The directory must be accessible and the current process
+ * must be able to change into it.
+ */
+
+ if ( (chdir (pw->pw_dir) != 0)
+ || (chroot (pw->pw_dir) != 0)) {
+ (void) printf (_("Can't change root directory to '%s'\n"),
+ pw->pw_dir);
+ SYSLOG ((LOG_WARN, NO_SUBROOT2, pw->pw_dir, pw->pw_name));
+ closelog ();
+ exit (EXIT_FAILURE);
+ }
+}
+
diff --git a/libmisc/sulog.c b/libmisc/sulog.c
new file mode 100644
index 0000000..4068acd
--- /dev/null
+++ b/libmisc/sulog.c
@@ -0,0 +1,106 @@
+/*
+ * Copyright (c) 1989 - 1992, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <time.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+
+/*
+ * sulog - log a SU command execution result
+ */
+void sulog (const char *tty, bool success, const char *oldname, const char *name)
+{
+ const char *sulog_file;
+ time_t now;
+ struct tm *tm;
+ FILE *fp;
+ mode_t oldmask;
+ gid_t oldgid = 0;
+
+ if (success) {
+ SYSLOG ((LOG_INFO,
+ "Successful su for %s by %s",name,oldname));
+ } else {
+ SYSLOG ((LOG_NOTICE,
+ "FAILED su for %s by %s",name,oldname));
+ }
+
+ sulog_file = getdef_str ("SULOG_FILE");
+ if (NULL == sulog_file) {
+ return;
+ }
+
+ oldgid = getgid ();
+ oldmask = umask (077);
+ /* Switch to group root to avoid creating the sulog file with
+ * the wrong group ownership. */
+ if ((oldgid != 0) && (setgid (0) != 0)) {
+ SYSLOG ((LOG_INFO,
+ "su session not logged to %s", sulog_file));
+ /* Continue, but do not switch back to oldgid later */
+ oldgid = 0;
+ }
+ fp = fopen (sulog_file, "a+");
+ (void) umask (oldmask);
+ if ((oldgid != 0) && (setgid (oldgid) != 0)) {
+ perror ("setgid");
+ SYSLOG ((LOG_ERR,
+ "can't switch back to group `%d' in sulog",
+ oldgid));
+ /* Do not return if the group permission were raised. */
+ exit (EXIT_FAILURE);
+ }
+ if (fp == (FILE *) 0) {
+ return; /* can't open or create logfile */
+ }
+
+ (void) time (&now);
+ tm = localtime (&now);
+
+ fprintf (fp, "SU %.02d/%.02d %.02d:%.02d %c %s %s-%s\n",
+ tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min,
+ success ? '+' : '-', tty, oldname, name);
+
+ (void) fflush (fp);
+ fsync (fileno (fp));
+ fclose (fp);
+ /* TODO: log if failure */
+}
+
diff --git a/libmisc/ttytype.c b/libmisc/ttytype.c
new file mode 100644
index 0000000..06e7944
--- /dev/null
+++ b/libmisc/ttytype.c
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+/*
+ * ttytype - set ttytype from port to terminal type mapping database
+ */
+void ttytype (const char *line)
+{
+ FILE *fp;
+ char buf[BUFSIZ];
+ const char *typefile;
+ char *cp;
+ char type[1024] = "";
+ char port[1024];
+
+ if (getenv ("TERM") != NULL) {
+ return;
+ }
+ typefile = getdef_str ("TTYTYPE_FILE");
+ if (NULL == typefile) {
+ return;
+ }
+ if (access (typefile, F_OK) != 0) {
+ return;
+ }
+
+ fp = fopen (typefile, "r");
+ if (NULL == fp) {
+ perror (typefile);
+ return;
+ }
+ while (fgets (buf, (int) sizeof buf, fp) == buf) {
+ if (buf[0] == '#') {
+ continue;
+ }
+
+ cp = strchr (buf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ }
+
+ if ( (sscanf (buf, "%1023s %1023s", type, port) == 2)
+ && (strcmp (line, port) == 0)) {
+ break;
+ }
+ }
+ if ((feof (fp) == 0) && (ferror (fp) == 0) && (type[0] != '\0')) {
+ addenv ("TERM", type);
+ }
+
+ (void) fclose (fp);
+}
+
diff --git a/libmisc/tz.c b/libmisc/tz.c
new file mode 100644
index 0000000..bcf4f7f
--- /dev/null
+++ b/libmisc/tz.c
@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1991 - 1994, Chip Rosenthal
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifndef USE_PAM
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <string.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "getdef.h"
+
+/*
+ * tz - return local timezone name
+ *
+ * tz() determines the name of the local timezone by reading the
+ * contents of the file named by ``fname''.
+ */
+/*@observer@*/const char *tz (const char *fname)
+{
+ FILE *fp = NULL;
+ static char tzbuf[BUFSIZ];
+ const char *def_tz = "TZ=CST6CDT";
+
+ fp = fopen (fname, "r");
+ if ( (NULL == fp)
+ || (fgets (tzbuf, (int) sizeof (tzbuf), fp) == NULL)) {
+ def_tz = getdef_str ("ENV_TZ");
+ if ((NULL == def_tz) || ('/' == def_tz[0])) {
+ def_tz = "TZ=CST6CDT";
+ }
+
+ strcpy (tzbuf, def_tz);
+ } else {
+ tzbuf[strlen (tzbuf) - 1] = '\0';
+ }
+
+ if (NULL != fp) {
+ (void) fclose (fp);
+ }
+
+ return tzbuf;
+}
+#else /* !USE_PAM */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !USE_PAM */
+
diff --git a/libmisc/ulimit.c b/libmisc/ulimit.c
new file mode 100644
index 0000000..30255a5
--- /dev/null
+++ b/libmisc/ulimit.c
@@ -0,0 +1,70 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#if HAVE_ULIMIT_H
+#include <ulimit.h>
+#ifndef UL_SETFSIZE
+#ifdef UL_SFILLIM
+#define UL_SETFSIZE UL_SFILLIM
+#else
+#define UL_SETFSIZE 2
+#endif
+#endif
+#elif HAVE_SYS_RESOURCE_H
+#include <sys/time.h> /* for struct timeval on sunos4 */
+/* XXX - is the above ok or should it be <time.h> on ultrix? */
+#include <sys/resource.h>
+#endif
+#include "prototypes.h"
+
+int set_filesize_limit (int blocks)
+{
+ int ret = -1;
+#if HAVE_ULIMIT_H
+ if (ulimit (UL_SETFSIZE, blocks) != -1) {
+ ret = 0;
+ }
+#elif defined(RLIMIT_FSIZE)
+ struct rlimit rlimit_fsize;
+
+ rlimit_fsize.rlim_cur = 512L * blocks;
+ rlimit_fsize.rlim_max = rlimit_fsize.rlim_cur;
+ ret = setrlimit (RLIMIT_FSIZE, &rlimit_fsize);
+#endif
+
+ return ret;
+}
+
diff --git a/libmisc/user_busy.c b/libmisc/user_busy.c
new file mode 100644
index 0000000..b086756
--- /dev/null
+++ b/libmisc/user_busy.c
@@ -0,0 +1,266 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id: $"
+
+#include <assert.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <dirent.h>
+#include <fcntl.h>
+#include "defines.h"
+#include "prototypes.h"
+#ifdef ENABLE_SUBIDS
+#include "subordinateio.h"
+#endif /* ENABLE_SUBIDS */
+
+#ifdef __linux__
+static int check_status (const char *name, const char *sname, uid_t uid);
+static int user_busy_processes (const char *name, uid_t uid);
+#else /* !__linux__ */
+static int user_busy_utmp (const char *name);
+#endif /* !__linux__ */
+
+/*
+ * user_busy - check if an user if currently running processes
+ */
+int user_busy (const char *name, uid_t uid)
+{
+ /* There are no standard ways to get the list of processes.
+ * An option could be to run an external tool (ps).
+ */
+#ifdef __linux__
+ /* On Linux, directly parse /proc */
+ return user_busy_processes (name, uid);
+#else /* !__linux__ */
+ /* If we cannot rely on /proc, check is there is a record in utmp
+ * indicating that the user is still logged in */
+ return user_busy_utmp (name);
+#endif /* !__linux__ */
+}
+
+#ifndef __linux__
+static int user_busy_utmp (const char *name)
+{
+#ifdef USE_UTMPX
+ struct utmpx *utent;
+
+ setutxent ();
+ while ((utent = getutxent ()) != NULL)
+#else /* !USE_UTMPX */
+ struct utmp *utent;
+
+ setutent ();
+ while ((utent = getutent ()) != NULL)
+#endif /* !USE_UTMPX */
+ {
+ if (utent->ut_type != USER_PROCESS) {
+ continue;
+ }
+ if (strncmp (utent->ut_user, name, sizeof utent->ut_user) != 0) {
+ continue;
+ }
+ if (kill (utent->ut_pid, 0) != 0) {
+ continue;
+ }
+
+ fprintf (stderr,
+ _("%s: user %s is currently logged in\n"),
+ Prog, name);
+ return 1;
+ }
+
+ return 0;
+}
+#endif /* !__linux__ */
+
+#ifdef __linux__
+static int check_status (const char *name, const char *sname, uid_t uid)
+{
+ /* 40: /proc/xxxxxxxxxx/task/xxxxxxxxxx/status + \0 */
+ char status[40];
+ char line[1024];
+ FILE *sfile;
+
+ snprintf (status, 40, "/proc/%s/status", sname);
+ status[39] = '\0';
+
+ sfile = fopen (status, "r");
+ if (NULL == sfile) {
+ return 0;
+ }
+ while (fgets (line, sizeof (line), sfile) == line) {
+ if (strncmp (line, "Uid:\t", 5) == 0) {
+ unsigned long ruid, euid, suid;
+ assert (uid == (unsigned long) uid);
+ if (sscanf (line,
+ "Uid:\t%lu\t%lu\t%lu\n",
+ &ruid, &euid, &suid) == 3) {
+ if ( (ruid == (unsigned long) uid)
+ || (euid == (unsigned long) uid)
+ || (suid == (unsigned long) uid)
+#ifdef ENABLE_SUBIDS
+ || have_sub_uids(name, ruid, 1)
+ || have_sub_uids(name, euid, 1)
+ || have_sub_uids(name, suid, 1)
+#endif /* ENABLE_SUBIDS */
+ ) {
+ (void) fclose (sfile);
+ return 1;
+ }
+ } else {
+ /* Ignore errors. This is just a best effort. */
+ }
+ (void) fclose (sfile);
+ return 0;
+ }
+ }
+ (void) fclose (sfile);
+ return 0;
+}
+
+static int user_busy_processes (const char *name, uid_t uid)
+{
+ DIR *proc;
+ struct dirent *ent;
+ char *tmp_d_name;
+ pid_t pid;
+ DIR *task_dir;
+ /* 22: /proc/xxxxxxxxxx/task + \0 */
+ char task_path[22];
+ char root_path[22];
+ struct stat sbroot;
+ struct stat sbroot_process;
+
+#ifdef ENABLE_SUBIDS
+ sub_uid_open (O_RDONLY);
+#endif /* ENABLE_SUBIDS */
+
+ proc = opendir ("/proc");
+ if (proc == NULL) {
+ perror ("opendir /proc");
+#ifdef ENABLE_SUBIDS
+ sub_uid_close();
+#endif
+ return 0;
+ }
+ if (stat ("/", &sbroot) != 0) {
+ perror ("stat (\"/\")");
+ (void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+ sub_uid_close();
+#endif
+ return 0;
+ }
+
+ while ((ent = readdir (proc)) != NULL) {
+ tmp_d_name = ent->d_name;
+ /*
+ * Ingo Molnar's patch introducing NPTL for 2.4 hides
+ * threads in the /proc directory by prepending a period.
+ * This patch is applied by default in some RedHat
+ * kernels.
+ */
+ if ( (strcmp (tmp_d_name, ".") == 0)
+ || (strcmp (tmp_d_name, "..") == 0)) {
+ continue;
+ }
+ if (*tmp_d_name == '.') {
+ tmp_d_name++;
+ }
+
+ /* Check if this is a valid PID */
+ if (get_pid (tmp_d_name, &pid) == 0) {
+ continue;
+ }
+
+ /* Check if the process is in our chroot */
+ snprintf (root_path, 22, "/proc/%lu/root", (unsigned long) pid);
+ root_path[21] = '\0';
+ if (stat (root_path, &sbroot_process) != 0) {
+ continue;
+ }
+ if ( (sbroot.st_dev != sbroot_process.st_dev)
+ || (sbroot.st_ino != sbroot_process.st_ino)) {
+ continue;
+ }
+
+ if (check_status (name, tmp_d_name, uid) != 0) {
+ (void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+ sub_uid_close();
+#endif
+ fprintf (stderr,
+ _("%s: user %s is currently used by process %d\n"),
+ Prog, name, pid);
+ return 1;
+ }
+
+ snprintf (task_path, 22, "/proc/%lu/task", (unsigned long) pid);
+ task_path[21] = '\0';
+ task_dir = opendir (task_path);
+ if (task_dir != NULL) {
+ while ((ent = readdir (task_dir)) != NULL) {
+ pid_t tid;
+ if (get_pid (ent->d_name, &tid) == 0) {
+ continue;
+ }
+ if (tid == pid) {
+ continue;
+ }
+ if (check_status (name, task_path+6, uid) != 0) {
+ (void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+ sub_uid_close();
+#endif
+ fprintf (stderr,
+ _("%s: user %s is currently used by process %d\n"),
+ Prog, name, pid);
+ return 1;
+ }
+ }
+ (void) closedir (task_dir);
+ } else {
+ /* Ignore errors. This is just a best effort */
+ }
+ }
+
+ (void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+ sub_uid_close();
+#endif /* ENABLE_SUBIDS */
+ return 0;
+}
+#endif /* __linux__ */
+
diff --git a/libmisc/utmp.c b/libmisc/utmp.c
new file mode 100644
index 0000000..c22f31c
--- /dev/null
+++ b/libmisc/utmp.c
@@ -0,0 +1,464 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include "defines.h"
+#include "prototypes.h"
+
+#include <utmp.h>
+
+#ifdef USE_UTMPX
+#include <utmpx.h>
+#endif
+
+#include <assert.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+#include <stdio.h>
+
+#ident "$Id$"
+
+
+/*
+ * is_my_tty -- determine if "tty" is the same TTY stdin is using
+ */
+static bool is_my_tty (const char *tty)
+{
+ /* full_tty shall be at least sizeof utmp.ut_line + 5 */
+ char full_tty[200];
+ /* tmptty shall be bigger than full_tty */
+ static char tmptty[sizeof (full_tty)+1];
+
+ if ('/' != *tty) {
+ (void) snprintf (full_tty, sizeof full_tty, "/dev/%s", tty);
+ tty = &full_tty[0];
+ }
+
+ if ('\0' == tmptty[0]) {
+ const char *tname = ttyname (STDIN_FILENO);
+ if (NULL != tname) {
+ (void) strncpy (tmptty, tname, sizeof tmptty);
+ tmptty[sizeof (tmptty) - 1] = '\0';
+ }
+ }
+
+ if ('\0' == tmptty[0]) {
+ (void) puts (_("Unable to determine your tty name."));
+ exit (EXIT_FAILURE);
+ } else if (strncmp (tty, tmptty, sizeof (tmptty)) != 0) {
+ return false;
+ } else {
+ return true;
+ }
+}
+
+/*
+ * get_current_utmp - return the most probable utmp entry for the current
+ * session
+ *
+ * The utmp file is scanned for an entry with the same process ID.
+ * The line enterred by the *getty / telnetd, etc. should also match
+ * the current terminal.
+ *
+ * When an entry is returned by get_current_utmp, and if the utmp
+ * structure has a ut_id field, this field should be used to update
+ * the entry information.
+ *
+ * Return NULL if no entries exist in utmp for the current process.
+ */
+/*@null@*/ /*@only@*/struct utmp *get_current_utmp (void)
+{
+ struct utmp *ut;
+ struct utmp *ret = NULL;
+
+ setutent ();
+
+ /* First, try to find a valid utmp entry for this process. */
+ while ((ut = getutent ()) != NULL) {
+ if ( (ut->ut_pid == getpid ())
+#ifdef HAVE_STRUCT_UTMP_UT_ID
+ && ('\0' != ut->ut_id[0])
+#endif
+#ifdef HAVE_STRUCT_UTMP_UT_TYPE
+ && ( (LOGIN_PROCESS == ut->ut_type)
+ || (USER_PROCESS == ut->ut_type))
+#endif
+ /* A process may have failed to close an entry
+ * Check if this entry refers to the current tty */
+ && is_my_tty (ut->ut_line)) {
+ break;
+ }
+ }
+
+ if (NULL != ut) {
+ ret = (struct utmp *) xmalloc (sizeof (*ret));
+ memcpy (ret, ut, sizeof (*ret));
+ }
+
+ endutent ();
+
+ return ret;
+}
+
+#ifndef USE_PAM
+/*
+ * Some systems already have updwtmp() and possibly updwtmpx(). Others
+ * don't, so we re-implement these functions if necessary.
+ */
+#ifndef HAVE_UPDWTMP
+static void updwtmp (const char *filename, const struct utmp *ut)
+{
+ int fd;
+
+ fd = open (filename, O_APPEND | O_WRONLY, 0);
+ if (fd >= 0) {
+ write (fd, (const char *) ut, sizeof (*ut));
+ close (fd);
+ }
+}
+#endif /* ! HAVE_UPDWTMP */
+
+#ifdef USE_UTMPX
+#ifndef HAVE_UPDWTMPX
+static void updwtmpx (const char *filename, const struct utmpx *utx)
+{
+ int fd;
+
+ fd = open (filename, O_APPEND | O_WRONLY, 0);
+ if (fd >= 0) {
+ write (fd, (const char *) utx, sizeof (*utx));
+ close (fd);
+ }
+}
+#endif /* ! HAVE_UPDWTMPX */
+#endif /* ! USE_UTMPX */
+#endif /* ! USE_PAM */
+
+
+/*
+ * prepare_utmp - prepare an utmp entry so that it can be logged in a
+ * utmp/wtmp file.
+ *
+ * It accepts an utmp entry in input (ut) to return an entry with
+ * the right ut_id. This is typically an entry returned by
+ * get_current_utmp
+ * If ut is NULL, ut_id will be forged based on the line argument.
+ *
+ * The ut_host field of the input structure may also be kept, and is
+ * used to define the ut_addr/ut_addr_v6 fields. (if these fields
+ * exist)
+ *
+ * Other fields are discarded and filed with new values (if they
+ * exist).
+ *
+ * The returned structure shall be freed by the caller.
+ */
+/*@only@*/struct utmp *prepare_utmp (const char *name,
+ const char *line,
+ const char *host,
+ /*@null@*/const struct utmp *ut)
+{
+ struct timeval tv;
+ char *hostname = NULL;
+ struct utmp *utent;
+
+ assert (NULL != name);
+ assert (NULL != line);
+
+
+
+ if ( (NULL != host)
+ && ('\0' != host[0])) {
+ hostname = (char *) xmalloc (strlen (host) + 1);
+ strcpy (hostname, host);
+#ifdef HAVE_STRUCT_UTMP_UT_HOST
+ } else if ( (NULL != ut)
+ && ('\0' != ut->ut_host[0])) {
+ hostname = (char *) xmalloc (sizeof (ut->ut_host) + 1);
+ strncpy (hostname, ut->ut_host, sizeof (ut->ut_host));
+ hostname[sizeof (ut->ut_host)] = '\0';
+#endif /* HAVE_STRUCT_UTMP_UT_HOST */
+ }
+
+ if (strncmp(line, "/dev/", 5) == 0) {
+ line += 5;
+ }
+
+
+ utent = (struct utmp *) xmalloc (sizeof (*utent));
+ memzero (utent, sizeof (*utent));
+
+
+
+#ifdef HAVE_STRUCT_UTMP_UT_TYPE
+ utent->ut_type = USER_PROCESS;
+#endif /* HAVE_STRUCT_UTMP_UT_TYPE */
+ utent->ut_pid = getpid ();
+ strncpy (utent->ut_line, line, sizeof (utent->ut_line));
+#ifdef HAVE_STRUCT_UTMP_UT_ID
+ if (NULL != ut) {
+ strncpy (utent->ut_id, ut->ut_id, sizeof (utent->ut_id));
+ } else {
+ /* XXX - assumes /dev/tty?? */
+ strncpy (utent->ut_id, line + 3, sizeof (utent->ut_id));
+ }
+#endif /* HAVE_STRUCT_UTMP_UT_ID */
+#ifdef HAVE_STRUCT_UTMP_UT_NAME
+ strncpy (utent->ut_name, name, sizeof (utent->ut_name));
+#endif /* HAVE_STRUCT_UTMP_UT_NAME */
+#ifdef HAVE_STRUCT_UTMP_UT_USER
+ strncpy (utent->ut_user, name, sizeof (utent->ut_user));
+#endif /* HAVE_STRUCT_UTMP_UT_USER */
+ if (NULL != hostname) {
+ struct addrinfo *info = NULL;
+#ifdef HAVE_STRUCT_UTMP_UT_HOST
+ strncpy (utent->ut_host, hostname, sizeof (utent->ut_host));
+#endif /* HAVE_STRUCT_UTMP_UT_HOST */
+#ifdef HAVE_STRUCT_UTMP_UT_SYSLEN
+ utent->ut_syslen = MIN (strlen (hostname),
+ sizeof (utent->ut_host));
+#endif /* HAVE_STRUCT_UTMP_UT_SYSLEN */
+#if defined(HAVE_STRUCT_UTMP_UT_ADDR) || defined(HAVE_STRUCT_UTMP_UT_ADDR_V6)
+ if (getaddrinfo (hostname, NULL, NULL, &info) == 0) {
+ /* getaddrinfo might not be reliable.
+ * Just try to log what may be useful.
+ */
+ if (info->ai_family == AF_INET) {
+ struct sockaddr_in *sa =
+ (struct sockaddr_in *) info->ai_addr;
+#ifdef HAVE_STRUCT_UTMP_UT_ADDR
+ memcpy (&(utent->ut_addr),
+ &(sa->sin_addr),
+ MIN (sizeof (utent->ut_addr),
+ sizeof (sa->sin_addr)));
+#endif /* HAVE_STRUCT_UTMP_UT_ADDR */
+#ifdef HAVE_STRUCT_UTMP_UT_ADDR_V6
+ memcpy (utent->ut_addr_v6,
+ &(sa->sin_addr),
+ MIN (sizeof (utent->ut_addr_v6),
+ sizeof (sa->sin_addr)));
+ } else if (info->ai_family == AF_INET6) {
+ struct sockaddr_in6 *sa =
+ (struct sockaddr_in6 *) info->ai_addr;
+ memcpy (utent->ut_addr_v6,
+ &(sa->sin6_addr),
+ MIN (sizeof (utent->ut_addr_v6),
+ sizeof (sa->sin6_addr)));
+#endif /* HAVE_STRUCT_UTMP_UT_ADDR_V6 */
+ }
+ freeaddrinfo (info);
+ }
+#endif /* HAVE_STRUCT_UTMP_UT_ADDR || HAVE_STRUCT_UTMP_UT_ADDR_V6 */
+ free (hostname);
+ }
+ /* ut_exit is only for DEAD_PROCESS */
+ utent->ut_session = getsid (0);
+ if (gettimeofday (&tv, NULL) == 0) {
+#ifdef HAVE_STRUCT_UTMP_UT_TIME
+ utent->ut_time = tv.tv_sec;
+#endif /* HAVE_STRUCT_UTMP_UT_TIME */
+#ifdef HAVE_STRUCT_UTMP_UT_XTIME
+ utent->ut_xtime = tv.tv_usec;
+#endif /* HAVE_STRUCT_UTMP_UT_XTIME */
+#ifdef HAVE_STRUCT_UTMP_UT_TV
+ utent->ut_tv.tv_sec = tv.tv_sec;
+ utent->ut_tv.tv_usec = tv.tv_usec;
+#endif /* HAVE_STRUCT_UTMP_UT_TV */
+ }
+
+ return utent;
+}
+
+/*
+ * setutmp - Update an entry in utmp and log an entry in wtmp
+ *
+ * Return 1 on failure and 0 on success.
+ */
+int setutmp (struct utmp *ut)
+{
+ int err = 0;
+
+ assert (NULL != ut);
+
+ setutent ();
+ if (pututline (ut) == NULL) {
+ err = 1;
+ }
+ endutent ();
+
+#ifndef USE_PAM
+ /* This is done by pam_lastlog */
+ updwtmp (_WTMP_FILE, ut);
+#endif /* ! USE_PAM */
+
+ return err;
+}
+
+#ifdef USE_UTMPX
+/*
+ * prepare_utmpx - the UTMPX version for prepare_utmp
+ */
+/*@only@*/struct utmpx *prepare_utmpx (const char *name,
+ const char *line,
+ const char *host,
+ /*@null@*/const struct utmp *ut)
+{
+ struct timeval tv;
+ char *hostname = NULL;
+ struct utmpx *utxent;
+
+ assert (NULL != name);
+ assert (NULL != line);
+
+
+
+ if ( (NULL != host)
+ && ('\0' != host[0])) {
+ hostname = (char *) xmalloc (strlen (host) + 1);
+ strcpy (hostname, host);
+#ifdef HAVE_STRUCT_UTMP_UT_HOST
+ } else if ( (NULL != ut)
+ && (NULL != ut->ut_host)
+ && ('\0' != ut->ut_host[0])) {
+ hostname = (char *) xmalloc (sizeof (ut->ut_host) + 1);
+ strncpy (hostname, ut->ut_host, sizeof (ut->ut_host));
+ hostname[sizeof (ut->ut_host)] = '\0';
+#endif /* HAVE_STRUCT_UTMP_UT_TYPE */
+ }
+
+ if (strncmp(line, "/dev/", 5) == 0) {
+ line += 5;
+ }
+
+ utxent = (struct utmpx *) xmalloc (sizeof (*utxent));
+ memzero (utxent, sizeof (*utxent));
+
+
+
+ utxent->ut_type = USER_PROCESS;
+ utxent->ut_pid = getpid ();
+ strncpy (utxent->ut_line, line, sizeof (utxent->ut_line));
+ /* existence of ut->ut_id is enforced by configure */
+ if (NULL != ut) {
+ strncpy (utxent->ut_id, ut->ut_id, sizeof (utxent->ut_id));
+ } else {
+ /* XXX - assumes /dev/tty?? */
+ strncpy (utxent->ut_id, line + 3, sizeof (utxent->ut_id));
+ }
+#ifdef HAVE_STRUCT_UTMPX_UT_NAME
+ strncpy (utxent->ut_name, name, sizeof (utxent->ut_name));
+#endif /* HAVE_STRUCT_UTMPX_UT_NAME */
+ strncpy (utxent->ut_user, name, sizeof (utxent->ut_user));
+ if (NULL != hostname) {
+ struct addrinfo *info = NULL;
+#ifdef HAVE_STRUCT_UTMPX_UT_HOST
+ strncpy (utxent->ut_host, hostname, sizeof (utxent->ut_host));
+#endif /* HAVE_STRUCT_UTMPX_UT_HOST */
+#ifdef HAVE_STRUCT_UTMPX_UT_SYSLEN
+ utxent->ut_syslen = MIN (strlen (hostname),
+ sizeof (utxent->ut_host));
+#endif /* HAVE_STRUCT_UTMPX_UT_SYSLEN */
+#if defined(HAVE_STRUCT_UTMPX_UT_ADDR) || defined(HAVE_STRUCT_UTMPX_UT_ADDR_V6)
+ if (getaddrinfo (hostname, NULL, NULL, &info) == 0) {
+ /* getaddrinfo might not be reliable.
+ * Just try to log what may be useful.
+ */
+ if (info->ai_family == AF_INET) {
+ struct sockaddr_in *sa =
+ (struct sockaddr_in *) info->ai_addr;
+#ifdef HAVE_STRUCT_UTMPX_UT_ADDR
+ memcpy (utxent->ut_addr,
+ &(sa->sin_addr),
+ MIN (sizeof (utxent->ut_addr),
+ sizeof (sa->sin_addr)));
+#endif /* HAVE_STRUCT_UTMPX_UT_ADDR */
+#ifdef HAVE_STRUCT_UTMPX_UT_ADDR_V6
+ memcpy (utxent->ut_addr_v6,
+ &(sa->sin_addr),
+ MIN (sizeof (utxent->ut_addr_v6),
+ sizeof (sa->sin_addr)));
+ } else if (info->ai_family == AF_INET6) {
+ struct sockaddr_in6 *sa =
+ (struct sockaddr_in6 *) info->ai_addr;
+ memcpy (utxent->ut_addr_v6,
+ &(sa->sin6_addr),
+ MIN (sizeof (utxent->ut_addr_v6),
+ sizeof (sa->sin6_addr)));
+#endif /* HAVE_STRUCT_UTMPX_UT_ADDR_V6 */
+ }
+ freeaddrinfo (info);
+ }
+#endif /* HAVE_STRUCT_UTMPX_UT_ADDR || HAVE_STRUCT_UTMPX_UT_ADDR_V6 */
+ free (hostname);
+ }
+ /* ut_exit is only for DEAD_PROCESS */
+ utxent->ut_session = getsid (0);
+ if (gettimeofday (&tv, NULL) == 0) {
+#ifdef HAVE_STRUCT_UTMPX_UT_TIME
+ utxent->ut_time = tv.tv_sec;
+#endif /* HAVE_STRUCT_UTMPX_UT_TIME */
+#ifdef HAVE_STRUCT_UTMPX_UT_XTIME
+ utxent->ut_xtime = tv.tv_usec;
+#endif /* HAVE_STRUCT_UTMPX_UT_XTIME */
+ utxent->ut_tv.tv_sec = tv.tv_sec;
+ utxent->ut_tv.tv_usec = tv.tv_usec;
+ }
+
+ return utxent;
+}
+
+/*
+ * setutmpx - the UTMPX version for setutmp
+ */
+int setutmpx (struct utmpx *utx)
+{
+ int err = 0;
+
+ assert (NULL != utx);
+
+ setutxent ();
+ if (pututxline (utx) == NULL) {
+ err = 1;
+ }
+ endutxent ();
+
+#ifndef USE_PAM
+ /* This is done by pam_lastlog */
+ updwtmpx (_WTMP_FILE "x", utx);
+#endif /* ! USE_PAM */
+
+ return err;
+}
+#endif /* USE_UTMPX */
+
diff --git a/libmisc/valid.c b/libmisc/valid.c
new file mode 100644
index 0000000..4b85d67
--- /dev/null
+++ b/libmisc/valid.c
@@ -0,0 +1,105 @@
+/*
+ * Copyright (c) 1989 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+/*
+ * valid - compare encrypted passwords
+ *
+ * Valid() compares the DES encrypted password from the password file
+ * against the password which the user has entered after it has been
+ * encrypted using the same salt as the original. Entries which do
+ * not have a password file entry have a NULL pw_name field and this
+ * is used to indicate that a dummy salt must be used to encrypt the
+ * password anyway.
+ */
+bool valid (const char *password, const struct passwd *ent)
+{
+ const char *encrypted;
+ /*@observer@*/const char *salt;
+
+ /*
+ * Start with blank or empty password entries. Always encrypt
+ * a password if no such user exists. Only if the ID exists and
+ * the password is really empty do you return quickly. This
+ * routine is meant to waste CPU time.
+ */
+
+ if ((NULL != ent->pw_name) && ('\0' == ent->pw_passwd[0])) {
+ if ('\0' == password[0]) {
+ return true; /* user entered nothing */
+ } else {
+ return false; /* user entered something! */
+ }
+ }
+
+ /*
+ * If there is no entry then we need a salt to use.
+ */
+
+ if ((NULL == ent->pw_name) || ('\0' == ent->pw_passwd[0])) {
+ salt = "xx";
+ } else {
+ salt = ent->pw_passwd;
+ }
+
+ /*
+ * Now, perform the encryption using the salt from before on
+ * the users input. Since we always encrypt the string, it
+ * should be very difficult to determine if the user exists by
+ * looking at execution time.
+ */
+
+ encrypted = pw_encrypt (password, salt);
+
+ /*
+ * One last time we must deal with there being no password file
+ * entry for the user. We use the pw_name == NULL idiom to
+ * cause non-existent users to not be validated.
+ */
+
+ if ( (NULL != ent->pw_name)
+ && (NULL != encrypted)
+ && (strcmp (encrypted, ent->pw_passwd) == 0)) {
+ return true;
+ } else {
+ return false;
+ }
+}
+
diff --git a/libmisc/xgetXXbyYY.c b/libmisc/xgetXXbyYY.c
new file mode 100644
index 0000000..1b0b001
--- /dev/null
+++ b/libmisc/xgetXXbyYY.c
@@ -0,0 +1,144 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include "prototypes.h"
+
+#define XFUNCTION_NAME XPREFIX (FUNCTION_NAME)
+#define XPREFIX(name) XPREFIX1 (name)
+#define XPREFIX1(name) x##name
+#define REENTRANT_NAME APPEND_R (FUNCTION_NAME)
+#define APPEND_R(name) APPEND_R1 (name)
+#define APPEND_R1(name) name##_r
+#define STRINGIZE(name) STRINGIZE1 (name)
+#define STRINGIZE1(name) #name
+
+/*@null@*/ /*@only@*/LOOKUP_TYPE *XFUNCTION_NAME (ARG_TYPE ARG_NAME)
+{
+#if HAVE_FUNCTION_R
+ LOOKUP_TYPE *result=NULL;
+ char *buffer=NULL;
+ /* we have to start with something */
+ size_t length = 0x100;
+
+ result = malloc(sizeof(LOOKUP_TYPE));
+ if (NULL == result) {
+ fprintf (stderr, _("%s: out of memory\n"),
+ "x" STRINGIZE(FUNCTION_NAME));
+ exit (13);
+ }
+
+ while (true) {
+ int status;
+ LOOKUP_TYPE *resbuf = NULL;
+ buffer = (char *)realloc (buffer, length);
+ if (NULL == buffer) {
+ fprintf (stderr, _("%s: out of memory\n"),
+ "x" STRINGIZE(FUNCTION_NAME));
+ exit (13);
+ }
+ errno = 0;
+ status = REENTRANT_NAME(ARG_NAME, result, buffer,
+ length, &resbuf);
+ if ((0 == status) && (resbuf == result)) {
+ /* Build a result structure that can be freed by
+ * the shadow *_free functions. */
+ LOOKUP_TYPE *ret_result = DUP_FUNCTION(result);
+ free(buffer);
+ free(result);
+ return ret_result;
+ }
+
+ if (ERANGE != errno) {
+ free (buffer);
+ free (result);
+ return NULL;
+ }
+
+ if (length <= ((size_t)-1 / 4)) {
+ length *= 4;
+ } else if (length == (size_t) -1) {
+ break;
+ } else {
+ length = (size_t) -1;
+ }
+ }
+
+ free(buffer);
+ free(result);
+ return NULL;
+
+#else /* !HAVE_FUNCTION_R */
+
+ /* No reentrant function.
+ * Duplicate the structure to avoid other call to overwrite it.
+ *
+ * We should also restore the initial structure. But that would be
+ * overkill.
+ */
+ LOOKUP_TYPE *result = FUNCTION_NAME(ARG_NAME);
+
+ if (result) {
+ result = DUP_FUNCTION(result);
+ if (NULL == result) {
+ fprintf (stderr, _("%s: out of memory\n"),
+ "x" STRINGIZE(FUNCTION_NAME));
+ exit (13);
+ }
+ }
+
+ return result;
+#endif
+}
+
diff --git a/libmisc/xgetgrgid.c b/libmisc/xgetgrgid.c
new file mode 100644
index 0000000..2ef171d
--- /dev/null
+++ b/libmisc/xgetgrgid.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <config.h>
+
+#include "groupio.h"
+
+#define LOOKUP_TYPE struct group
+#define FUNCTION_NAME getgrgid
+#define ARG_TYPE gid_t
+#define ARG_NAME gid
+#define DUP_FUNCTION __gr_dup
+#define HAVE_FUNCTION_R (defined HAVE_GETGRGID_R)
+
+#include "xgetXXbyYY.c"
+
diff --git a/libmisc/xgetgrnam.c b/libmisc/xgetgrnam.c
new file mode 100644
index 0000000..a07d0c3
--- /dev/null
+++ b/libmisc/xgetgrnam.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <config.h>
+
+#include "groupio.h"
+
+#define LOOKUP_TYPE struct group
+#define FUNCTION_NAME getgrnam
+#define ARG_TYPE const char *
+#define ARG_NAME name
+#define DUP_FUNCTION __gr_dup
+#define HAVE_FUNCTION_R (defined HAVE_GETGRNAM_R)
+
+#include "xgetXXbyYY.c"
+
diff --git a/libmisc/xgetpwnam.c b/libmisc/xgetpwnam.c
new file mode 100644
index 0000000..db65abb
--- /dev/null
+++ b/libmisc/xgetpwnam.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <config.h>
+
+#include "pwio.h"
+
+#define LOOKUP_TYPE struct passwd
+#define FUNCTION_NAME getpwnam
+#define ARG_TYPE const char *
+#define ARG_NAME name
+#define DUP_FUNCTION __pw_dup
+#define HAVE_FUNCTION_R (defined HAVE_GETPWNAM_R)
+
+#include "xgetXXbyYY.c"
+
diff --git a/libmisc/xgetpwuid.c b/libmisc/xgetpwuid.c
new file mode 100644
index 0000000..8924134
--- /dev/null
+++ b/libmisc/xgetpwuid.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <config.h>
+
+#include "pwio.h"
+
+#define LOOKUP_TYPE struct passwd
+#define FUNCTION_NAME getpwuid
+#define ARG_TYPE uid_t
+#define ARG_NAME uid
+#define DUP_FUNCTION __pw_dup
+#define HAVE_FUNCTION_R (defined HAVE_GETPWUID_R)
+
+#include "xgetXXbyYY.c"
+
diff --git a/libmisc/xgetspnam.c b/libmisc/xgetspnam.c
new file mode 100644
index 0000000..287e97f
--- /dev/null
+++ b/libmisc/xgetspnam.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <config.h>
+
+#include "shadowio.h"
+
+#define LOOKUP_TYPE struct spwd
+#define FUNCTION_NAME getspnam
+#define ARG_TYPE const char *
+#define ARG_NAME name
+#define DUP_FUNCTION __spw_dup
+#define HAVE_FUNCTION_R (defined HAVE_GETSPNAM_R)
+
+#include "xgetXXbyYY.c"
+
diff --git a/libmisc/xmalloc.c b/libmisc/xmalloc.c
new file mode 100644
index 0000000..41a3343
--- /dev/null
+++ b/libmisc/xmalloc.c
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* Replacements for malloc and strdup with error checking. Too trivial
+ to be worth copyrighting :-). I did that because a lot of code used
+ malloc and strdup without checking for NULL pointer, and I like some
+ message better than a core dump... --marekm
+
+ Yeh, but. Remember that bailing out might leave the system in some
+ bizarre state. You really want to put in error checking, then add
+ some back-out failure recovery code. -- jfh */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <errno.h>
+#include "defines.h"
+#include "prototypes.h"
+
+/*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/char *xmalloc (size_t size)
+{
+ char *ptr;
+
+ ptr = (char *) malloc (size);
+ if (NULL == ptr) {
+ (void) fprintf (stderr,
+ _("%s: failed to allocate memory: %s\n"),
+ Prog, strerror (errno));
+ exit (13);
+ }
+ return ptr;
+}
+
+/*@maynotreturn@*/ /*@only@*//*@notnull@*/char *xstrdup (const char *str)
+{
+ return strcpy (xmalloc (strlen (str) + 1), str);
+}
diff --git a/libmisc/yesno.c b/libmisc/yesno.c
new file mode 100644
index 0000000..a2eb953
--- /dev/null
+++ b/libmisc/yesno.c
@@ -0,0 +1,79 @@
+/*
+ * Copyright (c) 1992 - 1994, Julianne Frances Haugh
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Common code for yes/no prompting
+ *
+ * Used by pwck.c and grpck.c
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include "prototypes.h"
+
+/*
+ * yes_or_no - get answer to question from the user
+ *
+ * It returns false if no.
+ *
+ * If the read_only flag is set, it will print No, and will return
+ * false.
+ */
+bool yes_or_no (bool read_only)
+{
+ char buf[80];
+
+ /*
+ * In read-only mode all questions are answered "no".
+ */
+ if (read_only) {
+ (void) puts (_("No"));
+ return false;
+ }
+
+ /*
+ * Typically, there's a prompt on stdout, sometimes unflushed.
+ */
+ (void) fflush (stdout);
+
+ /*
+ * Get a line and see what the first character is.
+ */
+ /* TODO: use gettext */
+ if (fgets (buf, (int) sizeof buf, stdin) == buf) {
+ return buf[0] == 'y' || buf[0] == 'Y';
+ }
+
+ return false;
+}
+
diff --git a/man/.gitignore b/man/.gitignore
new file mode 100644
index 0000000..a5a91a9
--- /dev/null
+++ b/man/.gitignore
@@ -0,0 +1,8 @@
+.xml2po.mo
+config.xml
+generate_mans.deps
+
+*.[0-9]
+
+/po/POTFILES
+/po/stamp-po
diff --git a/man/Makefile.am b/man/Makefile.am
new file mode 100644
index 0000000..4c34022
--- /dev/null
+++ b/man/Makefile.am
@@ -0,0 +1,218 @@
+
+# subdirectories for translated manual pages
+if USE_NLS
+SUBDIRS = po cs da de es fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW
+else
+SUBDIRS =
+endif
+
+man_MANS = \
+ man1/chage.1 \
+ man1/chfn.1 \
+ man8/chgpasswd.8 \
+ man8/chpasswd.8 \
+ man1/chsh.1 \
+ man1/expiry.1 \
+ man5/faillog.5 \
+ man8/faillog.8 \
+ man3/getspnam.3 \
+ man1/gpasswd.1 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmems.8 \
+ man8/groupmod.8 \
+ man1/groups.1 \
+ man8/grpck.8 \
+ man8/grpconv.8 \
+ man8/grpunconv.8 \
+ man5/gshadow.5 \
+ man8/lastlog.8 \
+ man1/login.1 \
+ man5/login.defs.5 \
+ man8/logoutd.8 \
+ man1/newgrp.1 \
+ man8/newusers.8 \
+ man8/nologin.8 \
+ man1/passwd.1 \
+ man5/passwd.5 \
+ man8/pwck.8 \
+ man8/pwconv.8 \
+ man8/pwunconv.8 \
+ man1/sg.1 \
+ man3/shadow.3 \
+ man5/shadow.5 \
+ man1/su.1 \
+ man5/suauth.5 \
+ man8/useradd.8 \
+ man8/userdel.8 \
+ man8/usermod.8 \
+ man8/vigr.8 \
+ man8/vipw.8
+
+man_nopam = \
+ man5/limits.5 \
+ man5/login.access.5 \
+ man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+man_subids = \
+ man1/newgidmap.1 \
+ man1/newuidmap.1 \
+ man5/subgid.5 \
+ man5/subuid.5
+
+if ENABLE_SUBIDS
+man_MANS += $(man_subids)
+endif
+
+man_XMANS = \
+ chage.1.xml \
+ chfn.1.xml \
+ chgpasswd.8.xml \
+ chpasswd.8.xml \
+ chsh.1.xml \
+ expiry.1.xml \
+ faillog.5.xml \
+ faillog.8.xml \
+ gpasswd.1.xml \
+ groupadd.8.xml \
+ groupdel.8.xml \
+ groupmems.8.xml \
+ groupmod.8.xml \
+ groups.1.xml \
+ grpck.8.xml \
+ gshadow.5.xml \
+ lastlog.8.xml \
+ limits.5.xml \
+ login.1.xml \
+ login.access.5.xml \
+ login.defs.5.xml \
+ logoutd.8.xml \
+ newgidmap.1.xml \
+ newgrp.1.xml \
+ newuidmap.1.xml \
+ newusers.8.xml \
+ nologin.8.xml \
+ passwd.1.xml \
+ passwd.5.xml \
+ porttime.5.xml \
+ pwck.8.xml \
+ pwconv.8.xml \
+ shadow.3.xml \
+ shadow.5.xml \
+ sg.1.xml \
+ su.1.xml \
+ suauth.5.xml \
+ subgid.5.xml \
+ subuid.5.xml \
+ useradd.8.xml \
+ userdel.8.xml \
+ usermod.8.xml \
+ vipw.8.xml
+
+login_defs_v = \
+ CHFN_AUTH.xml \
+ CHFN_RESTRICT.xml \
+ CHSH_AUTH.xml \
+ CONSOLE.xml \
+ CONSOLE_GROUPS.xml \
+ CREATE_HOME.xml \
+ DEFAULT_HOME.xml \
+ ENCRYPT_METHOD.xml \
+ ENV_HZ.xml \
+ ENVIRON_FILE.xml \
+ ENV_PATH.xml \
+ ENV_SUPATH.xml \
+ ENV_TZ.xml \
+ ERASECHAR.xml \
+ FAIL_DELAY.xml \
+ FAILLOG_ENAB.xml \
+ FAKE_SHELL.xml \
+ FTMP_FILE.xml \
+ GID_MAX.xml \
+ HUSHLOGIN_FILE.xml \
+ ISSUE_FILE.xml \
+ KILLCHAR.xml \
+ LASTLOG_ENAB.xml \
+ LOGIN_RETRIES.xml \
+ LOGIN_STRING.xml \
+ LOGIN_TIMEOUT.xml \
+ LOG_OK_LOGINS.xml \
+ LOG_UNKFAIL_ENAB.xml \
+ MAIL_CHECK_ENAB.xml \
+ MAIL_DIR.xml \
+ MAX_MEMBERS_PER_GROUP.xml \
+ MD5_CRYPT_ENAB.xml \
+ MOTD_FILE.xml \
+ NOLOGINS_FILE.xml \
+ OBSCURE_CHECKS_ENAB.xml \
+ PASS_ALWAYS_WARN.xml \
+ PASS_CHANGE_TRIES.xml \
+ PASS_MAX_DAYS.xml \
+ PASS_MAX_LEN.xml \
+ PASS_MIN_DAYS.xml \
+ PASS_WARN_AGE.xml \
+ PORTTIME_CHECKS_ENAB.xml \
+ QUOTAS_ENAB.xml \
+ SHA_CRYPT_MIN_ROUNDS.xml \
+ SULOG_FILE.xml \
+ SU_NAME.xml \
+ SU_WHEEL_ONLY.xml \
+ SYSLOG_SG_ENAB.xml \
+ SYSLOG_SU_ENAB.xml \
+ TCB_AUTH_GROUP.xml \
+ TCB_SYMLINKS.xml \
+ TTYGROUP.xml \
+ TTYTYPE_FILE.xml \
+ UID_MAX.xml \
+ ULIMIT.xml \
+ UMASK.xml \
+ USERDEL_CMD.xml \
+ USERGROUPS_ENAB.xml \
+ USE_TCB.xml \
+ SUB_GID_COUNT.xml \
+ SUB_UID_COUNT.xml \
+ SYS_GID_MAX.xml \
+ SYS_UID_MAX.xml
+
+EXTRA_DIST = \
+ $(man_MANS) \
+ $(man_XMANS) \
+ $(addprefix login.defs.d/,$(login_defs_v)) \
+ man1/id.1 \
+ id.1.xml \
+ man8/sulogin.8 \
+ sulogin.8.xml \
+ generate_mans.mak \
+ generate_translations.mak
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+if !ENABLE_SUBIDS
+EXTRA_DIST += $(man_subids)
+endif
+
+generate_mans.deps: *.xml
+ echo "# This file is generated" > $@
+ awk 'BEGIN{FS="\"";} /^<!ENTITY .* * SYSTEM ".*">$$/{ f=FILENAME; sub(/.xml/,"",f); print "man" substr(f, length (f)) "/" f ": " $$2 }' $(man_XMANS) >> $@
+
+if ENABLE_REGENERATE_MAN
+
+@ENABLE_REGENERATE_MAN_TRUE@include generate_mans.deps
+
+include generate_mans.mak
+
+CLEANFILES = $(man_MANS) man1/id.1 man8/sulogin.8
+
+else
+$(man_MANS):
+ @echo ""
+ @echo "Error: you need to run configure with '--enable-man'"
+ @echo " in order to regenerate man pages."
+ @echo ""
+endif
diff --git a/man/chage.1.xml b/man/chage.1.xml
new file mode 100644
index 0000000..d05617d
--- /dev/null
+++ b/man/chage.1.xml
@@ -0,0 +1,321 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY USE_TCB SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='chage.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1990</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>chage</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>chage</refname>
+ <refpurpose>change user password expiry information</refpurpose>
+ </refnamediv>
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>chage</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>LOGIN</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>chage</command> command changes the number of days between
+ password changes and the date of the last password change. This
+ information is used by the system to determine when a user must change
+ his/her password.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>chage</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Set the number of days since January 1st, 1970 when the password
+ was last changed. The date may also be expressed in the format
+ YYYY-MM-DD (or the format more commonly used in your area).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-E</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Set the date or number of days since January 1, 1970 on which the
+ user's account will no longer be accessible. The date may also
+ be expressed in the format YYYY-MM-DD (or the format more
+ commonly used in your area). A user whose account is locked must
+ contact the system administrator before being able to use the
+ system again.
+ </para>
+ <para>
+ Passing the number <emphasis remap='I'>-1</emphasis> as the
+ <replaceable>EXPIRE_DATE</replaceable> will remove an account
+ expiration date.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Set the number of days of inactivity after a password has
+ expired before the account is locked. The
+ <replaceable>INACTIVE</replaceable> option is the number of days
+ of inactivity. A user whose account is locked must contact the
+ system administrator before being able to use the system again.
+ </para>
+ <para>
+ Passing the number <emphasis remap='I'>-1</emphasis> as the
+ <replaceable>INACTIVE</replaceable> will remove an account's
+ inactivity.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-l</option>, <option>--list</option>
+ </term>
+ <listitem>
+ <para>
+ Show account aging information.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Set the minimum number of days between password changes to
+ <replaceable>MIN_DAYS</replaceable>. A value of zero for this field
+ indicates that the user may change his/her password at any time.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Set the maximum number of days during which a password is valid.
+ When <replaceable>MAX_DAYS</replaceable> plus
+ <replaceable>LAST_DAY</replaceable> is less than the current
+ day, the user will be required to change his/her password before
+ being able to use his/her account. This occurrence can be planned for
+ in advance by use of the <option>-W</option> option, which
+ provides the user with advance warning.
+ </para>
+ <para>
+ Passing the number <emphasis remap='I'>-1</emphasis> as
+ <replaceable>MAX_DAYS</replaceable> will remove checking a
+ password's validity.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-W</option>, <option>--warndays</option>&nbsp;<replaceable>WARN_DAYS</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Set the number of days of warning before a password change is
+ required. The <replaceable>WARN_DAYS</replaceable> option is the
+ number of days prior to the password expiring that a user will
+ be warned his/her password is about to expire.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ If none of the options are selected, <command>chage</command> operates
+ in an interactive fashion, prompting the user with the current values
+ for all of the fields. Enter the new value to change the field, or
+ leave the line blank to use the current value. The current value is
+ displayed between a pair of <emphasis>[ ]</emphasis> marks.
+ </para>
+ </refsect1>
+ <refsect1 id='note'>
+ <title>NOTE</title>
+ <para>
+ The <command>chage</command> program requires a shadow password file to
+ be available.
+ </para>
+ <para>The <command>chage</command> command is restricted to the root
+ user, except for the <option>-l</option> option, which may be used by
+ an unprivileged user to determine when his/her password or account is due
+ to expire.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &USE_TCB;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <filename>/etc/passwd</filename>
+ </term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <filename>/etc/shadow</filename>
+ </term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='exit_values'>
+ <title>EXIT VALUES</title>
+ <para>
+ The <command>chage</command> command exits with the following values:
+ <variablelist>
+ <varlistentry>
+ <term><replaceable>0</replaceable></term>
+ <listitem>
+ <para>success</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>1</replaceable></term>
+ <listitem>
+ <para>permission denied</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>2</replaceable></term>
+ <listitem>
+ <para>invalid command syntax</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>15</replaceable></term>
+ <listitem>
+ <para>can't find the shadow password file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/chfn.1.xml b/man/chfn.1.xml
new file mode 100644
index 0000000..153d67e
--- /dev/null
+++ b/man/chfn.1.xml
@@ -0,0 +1,238 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CHFN_AUTH SYSTEM "login.defs.d/CHFN_AUTH.xml">
+<!ENTITY CHFN_RESTRICT SYSTEM "login.defs.d/CHFN_RESTRICT.xml">
+<!ENTITY LOGIN_STRING SYSTEM "login.defs.d/LOGIN_STRING.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='chfn.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1990</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>chfn</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>chfn</refname>
+ <refpurpose>change real user name and information</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>chfn</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ <arg choice='opt'>
+ <replaceable>LOGIN</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>chfn</command> command changes user fullname,
+ office room number, office phone number, and home phone number information
+ for a user's account. This information is typically printed by
+ <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> and similar programs. A normal user may only change
+ the fields for her own account, subject to the restrictions in
+ <filename>/etc/login.defs</filename>. (The default configuration is to
+ prevent users from changing their fullname.) The superuser may change
+ any field for any account. Additionally, only the superuser may use
+ the <option>-o</option> option to change the undefined portions of the
+ GECOS field.
+ </para>
+
+ <para>
+ These fields must not contain any colons. Except for the
+ <emphasis remap='I'>other</emphasis> field, they should not contain
+ any comma or equal sign. It is also recommended to avoid
+ non-US-ASCII characters, but this is only enforced for the phone
+ numbers. The <emphasis remap='I'>other</emphasis> field is used to
+ store accounting information used by other applications.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>chfn</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-f</option>, <option>--full-name</option>&nbsp;<replaceable>FULL_NAME</replaceable>
+ </term>
+ <listitem>
+ <para>Change the user's full name.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-h</option>, <option>--home-phone</option>&nbsp;<replaceable>HOME_PHONE</replaceable>
+ </term>
+ <listitem>
+ <para>Change the user's home phone number.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Change the user's other GECOS information. This field is used to
+ store accounting information used by other applications, and can
+ be changed only by a superuser.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</replaceable>
+ </term>
+ <listitem>
+ <para>Change the user's room number.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-u</option>, <option>--help</option>
+ </term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-w</option>, <option>--work-phone</option>&nbsp;<replaceable>WORK_PHONE</replaceable>
+ </term>
+ <listitem>
+ <para>Change the user's office phone number.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ If none of the options are selected, <command>chfn</command>
+ operates in an interactive fashion, prompting the user with the
+ current values for all of the fields. Enter the new value to change
+ the field, or leave the line blank to use the current value. The
+ current value is displayed between a pair of <emphasis remap='B'>[
+ ]</emphasis> marks. Without options, <command>chfn</command>
+ prompts for the current user account.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &CHFN_AUTH;
+ &CHFN_RESTRICT;
+ &LOGIN_STRING;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/chgpasswd.8.xml b/man/chgpasswd.8.xml
new file mode 100644
index 0000000..cd61687
--- /dev/null
+++ b/man/chgpasswd.8.xml
@@ -0,0 +1,250 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 2006 , Tomasz KÅ‚oczko
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='chgpasswd.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>Creation, 2006</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>chgpasswd</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>chgpasswd</refname>
+ <refpurpose>update group passwords in batch mode</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>chgpasswd</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>chgpasswd</command> command reads a list of group name
+ and password pairs from standard input and uses this information to
+ update a set of existing groups. Each line is of the format:
+ </para>
+ <para>
+ <emphasis remap='I'>group_name</emphasis>:<emphasis
+ remap='I'>password</emphasis>
+ </para>
+ <para>
+ By default the supplied password must be in clear-text, and is
+ encrypted by <command>chgpasswd</command>.
+ </para>
+ <para>
+ The default encryption algorithm can be defined for the system with
+ the <option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</filename>,
+ and can be overwritten with the <option>-e</option>,
+ <option>-m</option>, or <option>-c</option> options.
+ </para>
+ <para>
+ This command is intended to be used in a large system environment
+ where many accounts are created at a single time.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>chgpasswd</command> command
+ are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-c</option>, <option>--crypt-method</option></term>
+ <listitem>
+ <para>Use the specified method to encrypt the passwords.</para>
+ <para condition="no_sha_crypt">
+ The available methods are DES, MD5, and NONE.
+ </para>
+ <para condition="sha_crypt">
+ The available methods are DES, MD5, NONE, and SHA256 or SHA512
+ if your libc support these methods.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-e</option>, <option>--encrypted</option></term>
+ <listitem>
+ <para>Supplied passwords are in encrypted form.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-m</option>, <option>--md5</option></term>
+ <listitem>
+ <para>
+ Use MD5 encryption instead of DES when the supplied passwords are
+ not encrypted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="sha_crypt">
+ <term><option>-s</option>, <option>--sha-rounds</option></term>
+ <listitem>
+ <para>
+ Use the specified number of rounds to encrypt the passwords.
+ </para>
+ <para>
+ The value 0 means that the system will choose the default
+ number of rounds for the crypt method (5000).
+ </para>
+ <para>
+ A minimal value of 1000 and a maximal value of 999,999,999
+ will be enforced.
+ </para>
+ <para>
+ You can only use this option with the SHA256 or SHA512
+ crypt method.
+ </para>
+ <para>
+ By default, the number of rounds is defined by the
+ SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in
+ <filename>/etc/login.defs</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ Remember to set permissions or umask to prevent readability of
+ unencrypted files by other users.
+ </para>
+ <para>
+ You should make sure the passwords and the encryption method respect
+ the system's password policy.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &ENCRYPT_METHOD;
+ &MAX_MEMBERS_PER_GROUP;
+ &MD5_CRYPT_ENAB;
+ &SHA_CRYPT_MIN_ROUNDS; <!--This also document SHA_CRYPT_MAX_ROUNDS-->
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/chpasswd.8.xml b/man/chpasswd.8.xml
new file mode 100644
index 0000000..19ef36e
--- /dev/null
+++ b/man/chpasswd.8.xml
@@ -0,0 +1,303 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 , Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='chpasswd.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>chpasswd</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>chpasswd</refname>
+ <refpurpose>update passwords in batch mode</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>chpasswd</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>chpasswd</command> command reads a list of user name and
+ password pairs from standard input and uses this information to update
+ a group of existing users. Each line is of the format:
+ </para>
+ <para>
+ <emphasis remap='I'>user_name</emphasis>:<emphasis
+ remap='I'>password</emphasis>
+ </para>
+ <para>
+ By default the passwords must be supplied in clear-text, and are
+ encrypted by <command>chpasswd</command>.
+ Also the password age will be updated, if present.
+ </para>
+ <para condition="no_pam">
+ The default encryption algorithm can be defined for the system with
+ the <option>ENCRYPT_METHOD</option> or
+ <option>MD5_CRYPT_ENAB</option> variables of
+ <filename>/etc/login.defs</filename>, and can be overwritten with the
+ <option>-e</option>, <option>-m</option>, or <option>-c</option>
+ options.
+ </para>
+ <para condition="pam">
+ By default, passwords are encrypted by PAM, but (even if not
+ recommended) you can select a different encryption method with the
+ <option>-e</option>, <option>-m</option>, or <option>-c</option>
+ options.
+ </para>
+ <para>
+ <phrase condition="pam">Except when PAM is used to encrypt the
+ passwords,</phrase> <command>chpasswd</command> first updates all the
+ passwords in memory, and then commits all the changes to disk if no
+ errors occurred for any user.
+ </para>
+ <para condition="pam">
+ When PAM is used to encrypt the passwords (and update the passwords in
+ the system database) then if a password cannot be updated
+ <command>chpasswd</command> continues updating the passwords of the
+ next users, and will return an error code on exit.
+ </para>
+ <para>
+ This command is intended to be used in a large system environment
+ where many accounts are created at a single time.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>chpasswd</command> command
+ are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-c</option>, <option>--crypt-method</option>&nbsp;<replaceable>METHOD</replaceable>
+ </term>
+ <listitem>
+ <para>Use the specified method to encrypt the passwords.</para>
+ <para condition="no_sha_crypt">
+ The available methods are DES, MD5, and NONE.
+ </para>
+ <para condition="sha_crypt">
+ The available methods are DES, MD5, NONE, and SHA256 or SHA512
+ if your libc support these methods.
+ </para>
+ <para condition="pam">
+ By default, PAM is used to encrypt the passwords.
+ </para>
+ <para condition="no_pam">
+ By default (if none of the <option>-c</option>,
+ <option>-m</option>, or <option>-e</option> options are
+ specified), the encryption method is defined by the
+ <option>ENCRYPT_METHOD</option> or
+ <option>MD5_CRYPT_ENAB</option> variables of
+ <filename>/etc/login.defs</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-e</option>, <option>--encrypted</option></term>
+ <listitem>
+ <para>Supplied passwords are in encrypted form.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-m</option>, <option>--md5</option></term>
+ <listitem>
+ <para>
+ Use MD5 encryption instead of DES when the supplied passwords are
+ not encrypted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="sha_crypt">
+ <term>
+ <option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Use the specified number of rounds to encrypt the passwords.
+ </para>
+ <para>
+ The value 0 means that the system will choose the default
+ number of rounds for the crypt method (5000).
+ </para>
+ <para>
+ A minimal value of 1000 and a maximal value of 999,999,999
+ will be enforced.
+ </para>
+ <para>
+ You can only use this option with the SHA256 or SHA512
+ crypt method.
+ </para>
+ <para>
+ By default, the number of rounds is defined by the
+ <option>SHA_CRYPT_MIN_ROUNDS</option> and
+ <option>SHA_CRYPT_MAX_ROUNDS</option> variables in
+ <filename>/etc/login.defs</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ Remember to set permissions or umask to prevent readability of
+ unencrypted files by other users.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist condition="no_pam">
+ &ENCRYPT_METHOD;
+ &MD5_CRYPT_ENAB;
+ </variablelist>
+ <variablelist>
+ &SHA_CRYPT_MIN_ROUNDS; <!--documents also SHA_CRYPT_MAX_ROUNDS-->
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="pam">
+ <term><filename>/etc/pam.d/chpasswd</filename></term>
+ <listitem>
+ <para>PAM configuration for <command>chpasswd</command>.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <phrase>
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ </phrase>
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/chsh.1.xml b/man/chsh.1.xml
new file mode 100644
index 0000000..2c853be
--- /dev/null
+++ b/man/chsh.1.xml
@@ -0,0 +1,204 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1990 , Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CHSH_AUTH SYSTEM "login.defs.d/CHSH_AUTH.xml">
+<!ENTITY LOGIN_STRING SYSTEM "login.defs.d/LOGIN_STRING.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='chsh.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1990</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>chsh</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>chsh</refname>
+ <refpurpose>change login shell</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>chsh</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ <arg choice='opt'>
+ <replaceable>LOGIN</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>chsh</command> command changes the user login shell.
+ This determines the name of the user's initial login command. A normal
+ user may only change the login shell for her own account; the
+ superuser may change the login shell for any account.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>chsh</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The name of the user's new login shell. Setting this field to
+ blank causes the system to select the default login shell.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ If the <option>-s</option> option is not selected,
+ <command>chsh</command> operates in an interactive fashion, prompting
+ the user with the current login shell. Enter the new value to change
+ the shell, or leave the line blank to use the current one. The current
+ shell is displayed between a pair of <emphasis>[ ]</emphasis> marks.
+ </para>
+ </refsect1>
+
+ <refsect1 id='note'>
+ <title>NOTE</title>
+ <para>
+ The only restriction placed on the login shell is that the command
+ name must be listed in <filename>/etc/shells</filename>, unless the
+ invoker is the superuser, and then any value may be added. An
+ account with a restricted login shell may not change her login shell.
+ For this reason, placing <filename>/bin/rsh</filename> in
+ <filename>/etc/shells</filename> is discouraged since accidentally
+ changing to a restricted shell would prevent the user from ever
+ changing her login shell back to its original value.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration' condition="no_pam">
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &CHSH_AUTH;
+ &LOGIN_STRING;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shells</filename></term>
+ <listitem>
+ <para>List of valid login shells.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/config.xml.in b/man/config.xml.in
new file mode 100644
index 0000000..2dbad9f
--- /dev/null
+++ b/man/config.xml.in
@@ -0,0 +1,2 @@
+<!ENTITY GROUP_NAME_MAX_LENGTH '@GROUP_NAME_MAX_LENGTH@'>
+<!ENTITY SHADOW_UTILS_VERSION '@VERSION@'>
diff --git a/man/cs/Makefile.am b/man/cs/Makefile.am
new file mode 100644
index 0000000..3b2be0c
--- /dev/null
+++ b/man/cs/Makefile.am
@@ -0,0 +1,26 @@
+
+mandir = @mandir@/cs
+
+man_MANS = \
+ man1/expiry.1 \
+ man5/faillog.5 \
+ man8/faillog.8 \
+ man1/gpasswd.1 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmod.8 \
+ man1/groups.1 \
+ man8/grpck.8 \
+ man5/gshadow.5 \
+ man8/lastlog.8 \
+ man8/nologin.8 \
+ man5/passwd.5 \
+ man5/shadow.5 \
+ man1/su.1 \
+ man8/vipw.8
+
+EXTRA_DIST = $(man_MANS) \
+ man1/id.1 \
+ man8/groupmems.8 \
+ man8/logoutd.8
+
diff --git a/man/cs/man1/expiry.1 b/man/cs/man1/expiry.1
new file mode 100644
index 0000000..99a0b4e
--- /dev/null
+++ b/man/cs/man1/expiry.1
@@ -0,0 +1,25 @@
+.TH "EXPIRY" "1" "11/05/2005" "User Commands" "User Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+expiry \- zkontroluje a vynutí politiku vypršení platnosti hesla
+.SH "POUŽITÃ"
+.HP 7
+\fBexpiry\fR [\-c] [\-f]
+.SH "POPIS"
+.PP
+\fBexpiry\fR
+zkontroluje (\fB\-c\fR) vypršení platnosti aktuálního hesla a případně vynutí (\fB\-f\fR) změnu. Příkaz lze spustit jako běžný uživatel.
+.SH "SOUBORY"
+.TP
+\fI/etc/passwd\fR
+informace o uživatelských úÄtech
+.TP
+\fI/etc/shadow\fR
+důvÄ›rné informace o uživatelských úÄtech
+.SH "VIZ TAKÉ"
+.PP
+\fBpasswd\fR(5),
+\fBshadow\fR(5).
diff --git a/man/cs/man1/gpasswd.1 b/man/cs/man1/gpasswd.1
new file mode 100644
index 0000000..32e4288
--- /dev/null
+++ b/man/cs/man1/gpasswd.1
@@ -0,0 +1,76 @@
+.TH "GPASSWD" "1" "11/05/2005" "User Commands" "User Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+gpasswd \- spravuje soubor /etc/group
+.SH "POUŽITÃ"
+.HP 8
+\fBgpasswd\fR \fIskupina\fR
+.HP 8
+\fBgpasswd\fR \-a\ \fIuživatel\fR \fIskupina\fR
+.HP 8
+\fBgpasswd\fR \-d\ \fIuživatel\fR \fIskupina\fR
+.HP 8
+\fBgpasswd\fR \-R\ \fIskupina\fR
+.HP 8
+\fBgpasswd\fR \-r\ \fIskupina\fR
+.HP 8
+\fBgpasswd\fR [\-A\ \fIuživatel,\fR...] [\-M\ \fIuživatel,\fR...] \fIskupina\fR
+.SH "POPIS"
+.PP
+\fBgpasswd\fR
+se používá pro správu souboru
+\fI/etc/group\fR
+(a pokud je zkompilován s podporou SHADOWGRP, tak i
+\fI/etc/gshadow\fR).
+Každá skupina může mít správce, Äleny a heslo. Systémový správce může
+volbou
+\fB\-A\fR
+definovat správce skupiny, volbou
+\fB\-M\fR
+Äleny skupiny a má vÅ¡echna práva skupinových správců a Älenů.
+.SS "Poznámka o skupinových heslech"
+.PP
+Skupinová hesla jsou samozÅ™ejmÄ› bezpeÄnostním problémem, jelikož je
+heslo sdíleno více uživateli. Skupiny jsou nicménÄ› užiteÄným nástrojem
+pro spolupráci mezi různými uživateli.
+.SH "VOLBY"
+.PP
+Správce skupiny může přidávat resp. mazat uživatele pomocí
+\fB\-a\fR
+resp.
+\fB\-d\fR.
+Správcové mohou odstranit skupinové heslo pomocí pÅ™epínaÄe
+\fB\-r\fR.
+Pokud není heslo nastaveno, mohou použít příkaz
+\fBnewgrp\fR
+pro zapojení do skupiny pouze Älenové skupiny. Volba
+\fB\-R\fR
+zakáže přístup do skupiny skrze příkaz
+\fBnewgrp\fR
+(Älenové skupiny se do ní budou moci stále pÅ™epnout).
+.PP
+Pokud je
+\fBgpasswd\fR
+spušten správcem skupiny a jediným parametrem je jméno skupiny, zeptá
+se na skupinové heslo. Pokud je heslo nastaveno, mohou Älenové používat
+\fBnewgrp\fR(1)
+stále bez hesla, neÄlenové musí heslo zadat.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových úÄtech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových úÄtech
+.SH "VIZ TAKÉ"
+.PP
+\fBnewgrp\fR(1),
+\fBgshadow\fR(5),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBgrpck\fR(8),
+\fBgroup\fR(5).
diff --git a/man/cs/man1/groups.1 b/man/cs/man1/groups.1
new file mode 100644
index 0000000..6deab53
--- /dev/null
+++ b/man/cs/man1/groups.1
@@ -0,0 +1,29 @@
+.TH GROUPS 1 "GNU Shell Utilities" "FSF" \" \-*\- nroff \-*\-
+.do hla cs
+.do hpf hyphen.cs
+.SH JMÉNO
+groups \- vypíše skupiny, jichž je uživatel Älenem
+.SH POUŽITÃ
+\fBgroups\fR [\fIuživatel...\fR]
+.SH POPIS
+Tato dokumentace není dále udržována a může být nepřesná nebo neúplná.
+Autoritativním zdrojem je Texinfo dokumentace.
+.PP
+Tato manuálová stránka popisuje GNU verzi příkazu
+.BR groups .
+Příkaz
+.B groups
+vypíše jména všech skupin, v nichž je zadaný \fIuživatel\fR nebo aktuální proces,
+pokud uživatel není zadán, Älenem. Pokud jsou zadána jména uživatelů, potom bude
+jméno každého z uživatelů vypsáno pÅ™ed seznam skupin, jichž je Älenem.
+.PP
+Seznam skupin je ekvivalentní s výstupem příkazu `id \-Gn'.
+.SH VOLBY
+Když je GNU příkaz \fBgroups\fR vyvolán právě s jedním parametrem,
+jsou rozpoznávány následující volby:
+.TP
+.I "\-\-help"
+Vypíše návod k použití na standardní výstup a bezchybnÄ› skonÄí.
+.TP
+.I "\-\-version"
+Vypíše Äíslo verze na standardní výstup a bezchybnÄ› skonÄí.
diff --git a/man/cs/man1/id.1 b/man/cs/man1/id.1
new file mode 100644
index 0000000..9eafaf1
--- /dev/null
+++ b/man/cs/man1/id.1
@@ -0,0 +1,62 @@
+.TH ID 1 "GNU Shell Utilities" "FSF" \" \-*\- nroff \-*\-
+.do hla cs
+.do hpf hyphen.cs
+.SH JMÉNO
+id \- vypíše reálný a efektivní UID a GID
+.SH POUŽITÃ
+.B id
+[\-gnruG] [\-\-group] [\-\-name] [\-\-real] [\-\-user] [\-\-groups]
+[\-\-help] [\-\-version] [uživatel]
+.SH POPIS
+Tato dokumentace není dále udržována a může být nepřesná nebo neúplná.
+Autoritativním zdrojem je Texinfo dokumentace.
+.PP
+Tato manuálová stránka popisuje GNU verzi příkazu
+.BR id .
+Příkaz
+.B id
+vypíše informace o zadaném uživateli nebo (pokud není jméno uživatele
+zadáno) o uživateli, který program
+.B id
+spustil. Implicitně vypisuje reálné user ID, reálné group ID,
+efektivní user ID, pokud se liší od reálného user ID, efektivní
+group ID, pokud se liší od reálného group ID, a group ID skupin,
+v nichž je uživatel Älenem. PÅ™ed každou z hodnot je vypsán Å™etÄ›zec
+urÄující o jakou hodnotu se jedná a za každou jsou odpovídající
+jména skupin a uživatelů v závorkách.
+.PP
+Volby způsobí, že program
+.B id
+vypisuje pouze některé z těchto informací.
+.SS VOLBY
+.TP
+.I "\-g, \-\-group"
+Vypíše pouze group ID.
+.TP
+.I "\-G, \-\-groups"
+Vypíše pouze skupiny, v nichž je uživatel Älenem.
+.TP
+.I "\-\-help"
+Vypíše návod k použití na standardní výstup a bezchybnÄ› skonÄí.
+.TP
+.I "\-n, \-\-name"
+Vypíše jméno uživatele nebo skupiny místo Äísla ID.
+Vyžaduje
+.IR \-u ,
+.IR \-g ,
+nebo
+.IR \-G .
+.TP
+.I "\-r, \-\-real"
+Vypíše reálné místo efektivních user a group ID.
+Vyžaduje
+.IR \-u ,
+.IR \-g ,
+nebo
+.IR \-G .
+.TP
+.I "\-u, \-\-user"
+Vypíše pouze user ID.
+.TP
+.I "\-\-version"
+Vypíše Äíslo verze na standardní výstup a bezchybnÄ› skonÄí.
diff --git a/man/cs/man1/su.1 b/man/cs/man1/su.1
new file mode 100644
index 0000000..e8a6842
--- /dev/null
+++ b/man/cs/man1/su.1
@@ -0,0 +1,111 @@
+.TH SU 1 "GNU Shell Utilities" "FSF" \" \-*\- nroff \-*\-
+.do hla cs
+.do hpf hyphen.cs
+.SH JMÉNO
+su \- spustí shell pod jiným uživatelským a skupinovým ID
+.SH POUŽITÃ
+.B su
+[\-flmp] [\-c příkaz] [\-s shell] [\-\-login] [\-\-fast]
+[\-\-preserve\-environment] [\-\-command=příkaz] [\-\-shell=shell] [\-]
+[\-\-help] [\-\-version] [uživatel [arg...]]
+.SH POPIS
+Tato dokumentace není dále udržována a může být nepřesná nebo neúplná.
+Autoritativním zdrojem je Texinfo dokumentace.
+.PP
+Tato manuálová stránka popisuje GNU verzi příkazu
+.BR su .
+Příkaz
+.B su
+umožňuje, aby se uživatel doÄasnÄ› stal jiným uživatelem. Spustí
+shell s reálným a efektivním user ID, group ID, i skupinami, jichž
+je zadaný
+.I uživatel
+Älenem. Pokud není zadán
+.IR uživatel ,
+dosadí se root, superuživatel. Jméno shellu je převzato ze souboru
+/etc/passwd. Pokud v /etc/passwd jméno shellu není, použije se
+/bin/sh. Pokud má uživatelský úÄet heslo, a příkaz
+.B su
+není spuštěn pod reálným user ID 0 (tj. superuživatelem), bude
+požadovat zadání hesla.
+.PP
+Příkaz
+.B su
+implicitně nemění aktuální adresář. Nastavuje proměnné prostředí
+`HOME' a `SHELL' podle údajů z /etc/passwd a pokud zadaný
+.I uživatel
+není superuživatelem, nastaví proměnné `USER' a `LOGNAME' na
+.IR uživatel .
+Implicitně není spuštěný shell login shellem.
+.PP
+Jsou\-li zadány další argumenty, budou předány jako argumenty shellu.
+.PP
+Příkaz
+.B su
+nezpracovává speciálně /bin/sh nebo ostatní shelly (nastavením
+argv[0] na "\-su", předáním volby `\-c' pouze jistým shellům, atd.).
+.PP
+Na systémech se syslog démonem může být příkaz
+.B su
+přeložen tak, aby zaznamenával pomocí syslogu neúspěšná
+a volitelně i úspěšná vyvolání příkazu
+.BR su .
+.SS VOLBY
+.TP
+.I "\-c příkaz, \-\-command=příkaz"
+Místo odstartování interaktivního shellu předá
+.I příkaz
+s volbou
+.I \-c
+jako jediný příkazový řádek shellu.
+.TP
+.I "\-f, \-\-fast"
+Předá shellu volbu
+.IR \-f .
+Tuto volbu je pravděpodobně vhodné používat pouze pro shelly
+.B csh
+a
+.BR tcsh ,
+u nichž zabrání provedení startovacího souboru (.cshrc).
+U shellů vycházejících z Bourne shellu volba
+.I \-f
+zakazuje expanzi žolíkových znaků, což obecně není žádoucí.
+.TP
+.I "\-\-help"
+Vypíše návod k použití na standardní výstup a bezchybnÄ› skonÄí.
+.TP
+.I "\-, \-l, \-\-login"
+Spustí shell jako login shell. To znamená, že nebude nastaven obsah
+žádných proměnných prostředí kromě `TERM', `HOME', a `SHELL' (které
+budou nastaveny, jak je popsáno výše), `USER' a `LOGNAME' (které
+budou nastaveny i pro superuživatele jak je popsáno výše). Proměnná
+prostředí `PATH' bude nastavena na hodnotu definovanou při překladu.
+Aktuální adresář bude nastaven na domovský adresář; před jméno
+shellu bude předřazen znak "\-", který způsobí, že bude zpracován
+startovací soubor nebo soubory.
+.TP
+.I "\-m, \-p, \-\-preserve\-environment"
+Nebude měnit proměnné prostředí `HOME', `USER', `LOGNAME' ani
+`SHELL'. Je chybou, pokud uživatel, který spustil příkaz
+.B su
+není superuživatel a přitom má nový uživatel omezený shell. Jinak
+se spustí místo uživatelova shellu z /etc/passwd shell zadaný
+v proměnné prostředí `SHELL'. Omezený shell je takový, který
+není uveden v souboru /etc/shells, nebo v zakompilován seznamu
+souborů, pokud /etc/shells neexistuje. Chování příkazu
+.B su
+s touto volbou lze změnit volbami
+.I \-\-login
+a
+.I \-\-shell
+(má přednost před hodnotou proměnné prostředí SHELL).
+.TP
+.I "\-s, \-\-shell shell"
+Spustí zadaný shell místo uživatelova shellu z /etc/passwd.
+Je chybou, pokud uživatel, který spustil
+.B su
+není superuživatel a přitom shell nového uživatele uvedený
+v /etc/passwd je omezený.
+.TP
+.I "\-\-version"
+Vypíše Äíslo verze na standardní výstup a bezchybnÄ› skonÄí.
diff --git a/man/cs/man5/faillog.5 b/man/cs/man5/faillog.5
new file mode 100644
index 0000000..99036ff
--- /dev/null
+++ b/man/cs/man5/faillog.5
@@ -0,0 +1,35 @@
+.TH "FAILLOG" "5" "11/05/2005" "" ""
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+faillog \- Soubor pro zaznamenávání chybných pokusů o přihlášení
+.SH "POPIS"
+.PP
+\fI/var/log/faillog\fR
+uchovává pro každý úÄet poÄet chybných pÅ™ihlášení a jejich
+limity. Záznamy v souboru mají pevnou délku a jsou indexovány
+Äíselným UID. Každý záznam obsahuje poÄet chybných pokusů o
+pÅ™ihlášení od posledního úspěšného pÅ™ihlášení, maximální poÄet
+chybných pokusů o pÅ™ihlášení pÅ™ed zablokováním úÄtu, linku, na které
+byl zaznamenán poslední chybný pokus o přihlášení, a datum,
+kdy byl zaznamenán poslední chybný pokus o přihlášení.
+.PP
+Struktura souboru vypadá následovně:
+.sp
+.nf
+struct faillog {
+ short fail_cnt;
+ short fail_max;
+ char fail_line[12];
+ time_t fail_time;
+};
+.fi
+.SH "SOUBORY"
+.TP
+\fI/var/log/faillog\fR
+soubor pro záznam chybných pokusů o přihlášení
+.SH "VIZ TAKÉ"
+.PP
+\fBfaillog\fR(8)
diff --git a/man/cs/man5/gshadow.5 b/man/cs/man5/gshadow.5
new file mode 100644
index 0000000..ad8750d
--- /dev/null
+++ b/man/cs/man5/gshadow.5
@@ -0,0 +1,52 @@
+.TH "GSHADOW" "5" "11/05/2005" "File Formats and Conversions" "File Formats and Conversions"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+gshadow \- stínový soubor se skupinami
+.SH "POPIS"
+.PP
+\fI/etc/gshadow\fR
+Obsahuje stínové informace ke skupinovým úÄtům. Obsahuje řádky
+s pevnou strukturou, kde jsou jednotlivá pole oddÄ›lená dvojteÄkami:
+.TP 3
+\(bu
+název skupiny
+.TP
+\(bu
+zašifrované heslo
+.TP
+\(bu
+Äárkami oddÄ›lený seznam administrátorů skupiny
+.TP
+\(bu
+Äárkami oddÄ›lený seznam Älenů skupiny
+.PP
+Pole pro název skupiny a heslo musí být vyplněná. Zašifrované heslo se
+skládá ze znaků 64 znakové abecedy (a-z, A-Z, 0-9, \\ a /).
+Podrobnosti o hesle naleznete v
+\fBcrypt\fR(3).
+Pokud pole s heslem obsahuje znak, který není platným výsledkem
+funkce
+\fBcrypt\fR(3), např. ! nebo *, uživatel se nebude moci pomocí tohoto
+hesla přihlásit, ale záleží také na systému
+\fBpam\fR(7).
+.PP
+Heslo v tomto souboru má přednost před heslem ze souboru
+\fI/etc/group\fR.
+.PP
+Má-li být zachována bezpeÄnost hesel, nesmí být tento soubor Äitelný
+pro běžné uživatele.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových úÄtech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových úÄtech
+.SH "VIZ TAKÉ"
+.PP
+\fBgroup\fR(5),
+\fBgpasswd\fR(5),
+\fBnewgrp\fR(5).
diff --git a/man/cs/man5/passwd.5 b/man/cs/man5/passwd.5
new file mode 100644
index 0000000..1b00228
--- /dev/null
+++ b/man/cs/man5/passwd.5
@@ -0,0 +1,57 @@
+.TH PASSWD 5 "19. bÅ™ezna 1997" "Linux" "Linux \- příruÄka programátora"
+.do hla cs
+.do hpf hyphen.cs
+.SH JMÉNO
+passwd \- seznam hesel uživatelů
+.SH POPIS
+.B Passwd
+je Äitelný textový soubor, který obsahuje seznam uživatelů systému a hesel,
+která musejí použít pro přístup. Seznam hesel uživatelů by měl být s právy
+pro Ätení pro každého, což v pořádku, protože jsou hesla zaÅ¡ifrována, ale
+zápisová práva má jenom superuživatel. Jestliže vytvoříte nový login,
+nechejte pole pro heslo prázdné a použijte \fBpasswd\fP(1) pro doplnění.
+HvÄ›zdiÄka nebo nÄ›co podobného v poli hesel znaÄí, že tento uživatel se nemůže
+přihlásit přes \fBlogin\fP(1). Jestliže je váš kořenový adresář v
+.IR /dev/ram,
+tak musíte uložit změněný soubor hesel do vašeho kořenového adresáře na
+disketě něž systém vypnete. Jestliže chcete
+vytvořit skupinu uživatelů, jejich GID musí být stejná a musí pro ni
+existovat záznam v souboru \fI/etc/group\fP, nebo skupina nebude existovat.
+.PP
+Každý řádek tvoří jeden záznam, který má následující formát:
+.sp
+.RS
+login_name:passwd:UID:GID:user_name:directory:shell
+.RE
+.sp
+Popis jednotlivých polí:
+.sp
+.RS
+.TP 1.0in
+.I login_name
+přihlašovací jméno uživatele systému
+.TP
+.I password
+zašifrované heslo uživatele
+.TP
+.I UID
+Äíselná identifikace uživatele (user ID)
+.TP
+.I GID
+Äíselná identifikace skupiny (group ID)
+.TP
+.I user_name
+(volitelné) poznámka (Äasto celé jméno uživatele)
+.TP
+.I directory
+domovský adresář uživatele ($HOME)
+.TP
+.I shell
+program, který je spuštěn po úspěšném přihlášení (jestliže je prázdný,
+použije se
+.IR /bin/sh ).
+.RE
+.SH SOUBORY
+.I /etc/passwd
+.SH DALÅ Ã INFORMACE
+.BR passwd "(1), " login "(1), " group (5)
diff --git a/man/cs/man5/shadow.5 b/man/cs/man5/shadow.5
new file mode 100644
index 0000000..fdbe0a1
--- /dev/null
+++ b/man/cs/man5/shadow.5
@@ -0,0 +1,64 @@
+.TH SHADOW 5
+.do hla cs
+.do hpf hyphen.cs
+.SH JMÉNO
+shadow \- soubor se zašifrovanými hesly
+.SH POPIS
+.I shadow
+obsahuje informace o zaÅ¡ifrovaných heslech uživatelských úÄtů a
+volitelně může obsahovat informace o stárnutí hesel. Soubor obsahuje
+
+.IP "" .5i
+Přihlašovací jméno
+.IP "" .5i
+Zašifrované heslo
+.IP "" .5i
+PoÄet dnů od 1. ledna 1970, kdy bylo heslo naposledy zmÄ›nÄ›no
+.IP "" .5i
+PoÄet dnů, po jejichž uplynutí může být heslo zmÄ›nÄ›no
+.IP "" .5i
+PoÄet dnů, po jejichž uplynutí musí být heslo zmÄ›nÄ›no
+.IP "" .5i
+PoÄet dnů pÅ™ed lhůtou, kdy je uživatel varován, že heslo vyprší
+.IP "" .5i
+PoÄet dnů, po jejichž uplynutí po propadnutí hesla je zablokován úÄet.
+.IP "" .5i
+PoÄet dnů od 1. ledna 1970, kdy byl úÄet zablokován
+.IP "" .5i
+Rezervované pole
+.PP
+Pole hesla musí být vyplněno. Zašifrované heslo se skládá ze 13 až 24
+znaků z 64 prvkové množiny znaků (a až z, A až Z, 0 až 9, \. a
+/). \fIcrypt(3)\fR obsahuje detailní informace o tom, jak
+interpretovat tento řetězec.
+.PP
+Datum poslední zmÄ›ny hesla je dáno poÄtem dní od 1. ledna 1970. Heslo
+nesmí býti znovu zmÄ›nÄ›no dokud řádnÄ› neuplyne specifikovaný poÄet dní,
+a musí být zmÄ›nÄ›no po uplynutí maximálního poÄtu dní. Pokud je
+minimální poÄet dnů platnosti hesla vyšší než maximální poÄet
+povolených dní, heslo nemůže být změněno uživatelem.
+.PP
+ÚÄet je považován za neaktivní a bude zablokován, jestliže heslo není
+zmÄ›nÄ›no bÄ›hem urÄeného poÄtu dní po vyprÅ¡ení platnosti hesla. ÚÄet
+bude také zablokován v urÄený den nezávisle na ostatních informacích o
+vypršení hesla.
+.PP
+Tyto informace o heslu a době jeho platnosti mají prioritu před
+informacemi uloženými v souboru \fB/etc/passwd\fR.
+.PP
+Tento soubor nesmí být Äitelný řádnými uživateli, má\-li být
+ochrana hesel úÄinná.
+.SH SOUBORY
+\fI/etc/passwd\fR \- informace o uživatelských úÄtech
+.br
+\fI/etc/shadow\fR \- zašifrovaná hesla uživatelů
+.SH DALÅ Ã INFORMACE
+chage(1),
+login(1),
+passwd(1),
+su(1),
+sulogin(1M),
+shadow(3),
+passwd(5),
+pwconv(8),
+pwunconv(8)
diff --git a/man/cs/man8/faillog.8 b/man/cs/man8/faillog.8
new file mode 100644
index 0000000..e4dcae0
--- /dev/null
+++ b/man/cs/man8/faillog.8
@@ -0,0 +1,86 @@
+.TH "FAILLOG" "8" "11/05/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+faillog \- zobrazí záznamy faillogu nebo nastaví limity na chybná přihlášení
+.SH "POUŽITÃ"
+.HP 8
+\fBfaillog\fR [\fIvolby\fR]
+.SH "POPIS"
+.PP
+\fBfaillog\fR
+formátuje obsah souboru
+\fI/var/log/faillog\fR,
+ve kterém se zaznamenávají neúspěšné pokusy o přihlášení. Také jej
+můžete použít pro správu poÄitadel neúspěšných pÅ™ihlášení a pro
+nastavení limitů. Spuštení programu
+\fBfaillog\fR
+bez argumentů vypíše záznamy o neúspěšném přihlášení těch uživatelů,
+u kterých je zaznamenáno alespoň jedno chybné přihlášení.
+.SH "VOLBY"
+.PP
+Příkaz
+\fBfaillog\fR
+akceptuje následující volby:
+.TP
+\fB\-a\fR, \fB\-\-all\fR
+Zobrazí záznamy faillogu všech uživatelů.
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+Zobrazí nápovÄ›du a skonÄí.
+.TP
+\fB\-l\fR, \fB\-\-lock\-time\fR \fISEK\fR
+Po neúspěšném pÅ™ihlášení zamkne úÄet na
+\fISEK\fR
+sekund.
+.TP
+\fB\-m\fR, \fB\-\-maximum\fR \fIMAX\fR
+Nastaví maximální poÄet chybných pÅ™ihlášení na MAX. Poté se úÄet
+zablokuje. Hodnotou 0 tento limit zrušíte. Pro uživatele
+\fIroot\fR
+by hodnota
+\fIMAX\fR
+měla být vždy 0, abyste předešli útokům typu odepření služby.
+.TP
+\fB\-r\fR, \fB\-\-reset\fR
+Vynuluje poÄitadla chybných pÅ™ihlášení vÅ¡ech uživatelů. PÅ™i použití s
+parametrem \-u
+\fIÚČET\fR
+vynuluje poÄitadlo pouze pro daný úÄet. Tato operace vyžaduje práva
+zápisu k souboru
+\fI/var/log/faillog\fR.
+.TP
+\fB\-t\fR, \fB\-\-time\fR \fIDNÅ®\fR
+Zobrazí záznamy faillogu novější než
+\fIDNÅ®\fR. Volba
+\fB\-t\fR
+má vyšší prioritu než
+\fB\-u\fR.
+.TP
+\fB\-u\fR, \fB\-\-user\fR \fIÚČET\fR
+Zobrazí záznamy faillogu (resp. s volbami
+\fB\-l\fR,
+\fB\-m\fR
+nebo
+\fB\-r\fR
+upraví poÄitadla nebo limity chybných pÅ™ihlášení) pouze pro uživatele
+\fIÚČET\fR.
+.SH "ZÃLUDNOSTI"
+.PP
+\fBfaillog\fR
+vypíše pouze uživatele, bez úspěšného přihlášení od poslední
+chyby. Chcete-li vypsat i uživatele, kteří se od poslední chyby
+úspěšně přihlásili, musíte si je explicitně vyžádat volbou
+\fB\-u\fR
+nebo
+\fB\-a\fR.
+.SH "SOUBORY"
+.TP
+\fI/var/log/faillog\fR
+soubor pro záznam chybných pokusů o přihlášení
+.SH "VIZ TAKÉ"
+.PP
+\fBlogin\fR(1),
+\fBfaillog\fR(5).
diff --git a/man/cs/man8/groupadd.8 b/man/cs/man8/groupadd.8
new file mode 100644
index 0000000..c8e3977
--- /dev/null
+++ b/man/cs/man8/groupadd.8
@@ -0,0 +1,113 @@
+.TH "GROUPADD" "8" "01/02/2006" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+groupadd \- Vytvoří skupinu
+.SH "POUŽITÃ"
+.HP 9
+\fBgroupadd\fR [\-g\ \fIGID\fR\ [\-o]] [\-f] [\-K\ \fIKLÃÄŒ\fR=\fIHODNOTA\fR] \fIskupina\fR
+.SH "POPIS"
+.PP
+Příkaz
+\fBgroupadd\fR
+vytváří nové skupinové úÄty na základÄ› zadaných hodnot a výchozích
+hodnot nastavených v systému. Nová skupina bude podle pořeby zařazena
+do příslušných systémových souborů.
+.SH "VOLBY"
+.PP
+Příkaz
+\fBgroupadd\fR
+akceptuje následující volby:
+.TP
+\fB\-f\fR
+Tato volba způsobí, že v případě kolize se stávající skupinou se vrátí
+úspěšný návratový kód. Při použití s volbou
+\fB\-g\fR, pokud již dané GID existuje, vybere se unikární GID
+automaticky, (tj. jako kdybyste
+\fB\-g\fR
+nezadali).
+.TP
+\fB\-g\fR \fIGID\fR
+Číselná hodnota skupinového ID. Tato hodnota musí být unikátní (s
+výjimkou volby
+\fB\-o\fR).
+Hodnota musí být nezáporné celé Äíslo. Jako výchozí hodnota se použije
+nejmenší ID větší než 999 a zároveň větší než ID všech ostatních
+skupin. Hodnoty mezi 0 a 999 jsou obvykle rezervovány pro systémové úÄty.
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+Zobrazí nápovÄ›du a skonÄí.
+.TP
+\fB\-K \fR\fB\fIKLÃÄŒ\fR\fR\fB=\fR\fB\fIHODNOTA\fR\fR
+Přepíše výchozí nastavení /etc/login.defs (GID_MIN, GID_MAX
+apod.). Můžete zadat i více voleb najednou.
+.sp
+Příklad:
+\fB\-K \fR\fIGID_MIN\fR=\fI100\fR\fB \-K \fR\fIGID_MAX\fR=\fI499\fR
+.sp
+Poznámka:
+\fB\-K \fR\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR
+zatím nefunguje.
+.TP
+\fB\-o\fR
+Tato volba povolí přidání skupiny s neunikátním GID.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových úÄtech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových úÄtech
+.TP
+\fI/etc/login.defs\fR
+nastavení systému shadow
+.SH "ZÃLUDNOSTI"
+.PP
+Názvy skupin musí zaÄínat malým písmenem nebo podtržítkem a mohou
+obsahovat pouze malá písmena, Äísla, podtržítka, pomlÄky a závÄ›reÄný
+dolar. Vyjádřeno regulárním výrazem: [a\-z_][a\-z0\-9_\-]*[$]
+.PP
+Délka názvu skupiny nesmí pÅ™ekroÄit 16 znaků.
+.PP
+Jestliže již název skupiny existuje v externí databázi typu NIS,
+příkaz
+\fBgroupadd\fR
+odmítne požadavek na vytvoření této skupiny.
+.SH "NÃVRATOVÉ HODNOTY"
+.PP
+Příkaz
+\fBgroupadd\fR
+může skonÄit s následujícími návratovými hodnotami:
+.TP
+\fI0\fR
+úspěch
+.TP
+\fI2\fR
+chybná syntaxe příkazu
+.TP
+\fI3\fR
+chybný argument parametru
+.TP
+\fI4\fR
+GID není unikátní (pokud nepoužijete
+\fB\-o\fR)
+.TP
+\fI9\fR
+název skupiny není unikátní
+.TP
+\fI10\fR
+nelze aktualizovat soubor group
+.SH "VIZ TAKÉ"
+.PP
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgpasswd\fR(8),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBlogin.defs\fR(5),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
diff --git a/man/cs/man8/groupdel.8 b/man/cs/man8/groupdel.8
new file mode 100644
index 0000000..7991d9d
--- /dev/null
+++ b/man/cs/man8/groupdel.8
@@ -0,0 +1,60 @@
+.TH "GROUPDEL" "8" "11/05/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+groupdel \- Smaže skupinu
+.SH "POUŽITÃ"
+.HP 9
+\fBgroupdel\fR \fIskupina\fR
+.SH "POPIS"
+.PP
+Příkaz
+\fBgroupdel\fR
+upraví soubory se systémovými úÄty tak, že smaže vÅ¡echy záznamy, které
+se odkazují na
+\fIskupinu\fR. Daná skupina musí existovat.
+.PP
+Abyste zajistili, že na souborových systémech nezůstanou soubory
+vlastněné mazanou skupinou, musíte je sami vyhledat a příslušně
+opravit.
+.SH "ZÃLUDNOSTI"
+.PP
+Nelze odstranit primární skupinu uživatele. Nejprve musíte odstranit
+uživatele a pak teprve danou skupinu.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových úÄtech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových úÄtech
+.SH "NÃVRATOVÉ HODNOTY"
+.PP
+Příkaz
+\fBgroupdel\fR
+může skonÄit s následujícími návratovými hodnotami:
+.TP
+\fI0\fR
+úspěch
+.TP
+\fI2\fR
+chybná syntaxe příkazu
+.TP
+\fI8\fR
+nelze odstranit primární skupinu uživatele
+.TP
+\fI10\fR
+nelze aktualizovat soubor group
+.SH "VIZ TAKÉ"
+.PP
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgpasswd\fR(8),
+\fBgroupadd\fR(8),
+\fBgroupmod\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8)
diff --git a/man/cs/man8/groupmems.8 b/man/cs/man8/groupmems.8
new file mode 100644
index 0000000..729fce4
--- /dev/null
+++ b/man/cs/man8/groupmems.8
@@ -0,0 +1,85 @@
+.TH "GROUPMEMS" "8" "10/20/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+groupmems \- Spravuje Äleny uživatelovy primární skupiny
+.SH "POUŽITÃ"
+.HP 10
+\fBgroupmems\fR \-a\ \fIuživatel\fR \-d\ \fIuživatel\fR \-l \-D [\-g\ \fIskupina\fR]
+.SH "POPIS"
+.PP
+Nástroj
+\fBgroupmems\fR
+umožňuje uživatelům spravovat Älenství ve své primární skupinÄ›, aniž
+by museli mít superuživatelská práva. Nástroj
+\fBgroupmems\fR
+je zamýšlen pro systémy, které pro každého uživatele vytváří vlastní
+primární skupinu (tj. novak / novak).
+.PP
+Pouze superuživatel (root) může použít
+\fBgroupmems\fR
+ke zmÄ›nÄ› Älenství v ostatních skupinách.
+.SH "VOLBY"
+.PP
+Příkaz
+\fBgroupmems\fR
+akceptuje následující volby:
+.TP
+\fB\-a\fR \fIuživatel\fR
+PÅ™idá do seznamu Älenů skupiny nového uživatele.
+.TP
+\fB\-d\fR \fIuživatel\fR
+Ze seznamu Älenů skupiny odebere daného uživatele.
+.TP
+\fB\-D\fR
+Ze seznamu Älenů skupiny odebere vÅ¡echny uživatele.
+.TP
+\fB\-g\fR \fIskupina\fR
+Superuživatel může zadat skupinu, které se mají změny týkat.
+.TP
+\fB\-l\fR
+Vypíše seznam Älenů skupiny.
+.SH "NASTAVENÃ"
+.PP
+Příkaz
+\fBgroupmems\fR
+by měl mít nastavena práva
+2770
+a měl by jej vlastnit uživatel
+\fIroot\fR
+a skupina
+\fIgroups\fR. Správce systému může uživatelům povolit
+používání nástroje
+\fBgroupmems\fR
+tím, že přidá uživatele do skupiny groups. Uživatelé si pak mohou sami
+spravovat Älenství ve skupinách.
+.sp
+.nf
+ $ groupadd \-r groups
+ $ chmod 2770 groupmems
+ $ chown root.groups groupmems
+ $ groupmems \-g groups \-a gk4
+
+.fi
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových úÄtech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových úÄtech
+.SH "VIZ TAKÉ"
+.PP
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
+.SH "AUTOR"
+.PP
+George Kraft IV (gk4@us.ibm.com)
diff --git a/man/cs/man8/groupmod.8 b/man/cs/man8/groupmod.8
new file mode 100644
index 0000000..9338994
--- /dev/null
+++ b/man/cs/man8/groupmod.8
@@ -0,0 +1,79 @@
+.TH "GROUPMOD" "8" "11/05/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+groupmod \- upraví skupinu
+.SH "POUŽITÃ"
+.HP 9
+\fBgroupmod\fR [\-g\ \fIgid\fR\ [\-o\ ]] [\-n\ \fInové_jméno_skupiny\fR] \fIskupina\fR
+.SH "POPIS"
+.PP
+Příkaz
+\fBgroupmod\fR
+upravuje soubory se systémovými úÄty tak, aby odpovídaly zmÄ›nám
+zadaným na příkazové řádce.
+.SH "VOLBY"
+.PP
+Příkaz
+\fBgroupmod\fR
+akceptuje následující volby:
+.TP
+\fB\-g\fR \fIgid\fR
+Číselná hodnota skupinového ID. Tato hodnota musí být unikátní (s
+výjimkou volby
+\fB\-o\fR.
+Hodnota musí být nezáporné celé Äíslo. Hodnoty mezi 0 a 999 jsou
+obvykle rezervovány pro systémové úÄty. U souborů, které mÄ›ly skupinu
+nastavenu na staré GID, ji musíte pÅ™enastavit na nové GID ruÄnÄ›.
+.TP
+\fB\-n\fR \fInové_jméno_skupiny\fR
+Jméno skupiny se změní ze
+\fIskupina\fR
+na
+\fInové_jméno_skupiny\fR.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových úÄtech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových úÄtech
+.SH "NÃVRATOVÉ HODNOTY"
+.PP
+Příkaz
+\fBgroupmod\fR
+může skonÄit s následujícími návratovými hodnotami:
+.TP
+\fI0\fR
+úspěch
+.TP
+\fI2\fR
+chybná syntaxe příkazu
+.TP
+\fI3\fR
+chybný argument parametru
+.TP
+\fI4\fR
+zadaná skupina neexistuje
+.TP
+\fI6\fR
+zadaná skupina neexistuje
+.TP
+\fI9\fR
+skupina je již používána
+.TP
+\fI10\fR
+nelze aktualizovat soubor group
+.SH "VIZ TAKÉ"
+.PP
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgpasswd\fR(8),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
diff --git a/man/cs/man8/grpck.8 b/man/cs/man8/grpck.8
new file mode 100644
index 0000000..07e67d7
--- /dev/null
+++ b/man/cs/man8/grpck.8
@@ -0,0 +1,111 @@
+.TH "GRPCK" "8" "11/05/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+grpck \- ověří integritu skupinových souborů
+.SH "POUŽITÃ"
+.HP 6
+\fBgrpck\fR [\-r] [\fIgroup\fR\ \fIshadow\fR]
+.SH "POPIS"
+.PP
+\fBgrpck\fR
+ověří integritu informací používaných pÅ™i autentizaci vůÄi
+systému. Kontrolují se všechny záznamy v souborech
+\fI/etc/group\fR
+a
+\fI/etc/gshadow\fR,
+zda mají správný formát a zda jsou ve všech polích jen povolená
+data. Při nalezení chybně formátovaných a jinak neopravitelných
+záznamů je uživatel vybídnut, aby tyto záznamy smazal.
+.PP
+U každého záznamu se kontroluje, zda:
+.TP 3
+\(bu
+má správný poÄet polí
+.TP
+\(bu
+má unikátní název skupiny
+.TP
+\(bu
+obsahuje platný seznam Älenů a administrátorů
+.PP
+Kontroly na správný poÄet polí a unikátnost názvu skupiny jsou
+kritické. Pokud má záznam chybný poÄet polí, je uživatel vybídnut, aby
+záznam smazal. Nebude-li uživatel souhlasit, jsou všechny další
+kontroly pÅ™eskoÄeny. U záznamu s duplicitním názvem skupiny je
+uživatel taktéž vybídnut ke smazání záznamu, ovšem následné kontroly
+nejsou pÅ™eskoÄeny. VÅ¡echny ostatní chyby jsou považovány pouze za
+varování a uživatel je vyzván k nápravě chyby pomocí příkazu
+\fBgroupmod\fR.
+.PP
+Příkazy pracující se souborem
+\fI/etc/group\fR
+nemohou měnit porušené nebo duplicitní záznamy. V takových případech
+byste měli použít
+\fBgrpck\fR
+a chybné záznamy odstranit.
+.SH "VOLBY"
+.PP
+\fBgrpck\fR
+implicitnÄ› pracuje nad soubory
+\fI/etc/group\fR
+a
+\fI/etc/gshadow\fR. Uživatel může zvolit jiné soubory pomocí parametrů
+\fIgroup\fR
+a
+\fIshadow\fR.
+Uživatel dále může parametrem
+\fB\-r\fR
+zapnout režim jen pro Ätení. Prakticky to znamená, že na vÅ¡echny
+otázky ohledně změn se automaticky odpoví
+\fIne\fR.
+\fBgrpck\fR
+také umí setřítit záznamy v souborech
+\fI/etc/group\fR
+a
+\fI/etc/gshadow\fR
+podle GID. Pro třídící režim zadejte parametr
+\fB\-s\fR.
+V takovém případě se neprovádí žádné kontroly, soubory se pouze
+setřídí.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových úÄtech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových úÄtech
+.TP
+\fI/etc/passwd\fR
+informace o uživatelských úÄtech
+.SH "NÃVRATOVÉ HODNOTY"
+.PP
+Příkaz
+\fBgrpck\fR
+může skonÄit s následujícími návratovými hodnotami:
+.TP
+\fI0\fR
+úspěch
+.TP
+\fI1\fR
+chybná syntaxe příkazu
+.TP
+\fI2\fR
+jeden Äi více chybných záznamů
+.TP
+\fI3\fR
+nelze otevřít soubory skupin
+.TP
+\fI4\fR
+nelze zamknout soubory skupin
+.TP
+\fI5\fR
+nelze aktualizovat soubory skupin
+.SH "VIZ TAKÉ"
+.PP
+\fBgroup\fR(5),
+\fBpasswd\fR(5),
+\fBshadow\fR(5),
+\fBgroupmod\fR(8).
diff --git a/man/cs/man8/lastlog.8 b/man/cs/man8/lastlog.8
new file mode 100644
index 0000000..67682ec
--- /dev/null
+++ b/man/cs/man8/lastlog.8
@@ -0,0 +1,40 @@
+.\" @(#)lastlog.8 3.3 08:24:58 29 Sep 1993 (National Guard Release)
+.\" $Id$
+.\"
+.TH LASTLOG 8
+.SH JMÉNO
+lastlog \- prozkoumá soubor lastlog
+.SH SYNTAXE
+.B lastlog
+.RB [ \-u
+.IR přihlašovací\-jméno ]
+.RB [ \-t
+.IR dny ]
+.SH POPIS
+\fBlastlog\fR setřídí a zobrazí obsah souboru
+\fI/var/log/lastlog\fR,
+který obsahuje záznamy o přihlašování a odhlašování uživatelů v systému.
+Zobrazí se \fBpÅ™ihlaÅ¡ovací jméno\fR, \fBjméno terminálu\fR a \fBÄas posledního
+přihlašení\fR.
+Standardně (tj. bez dalších voleb) lastlog zobrazí záznamy setříděné
+podle Äísla UID.
+Použití pÅ™epínaÄe \fB\-u \fIpÅ™ihlaÅ¡ovací\-jméno\fR
+způsobí, že bude vytištěn pouze poslední záznam o přihlášení příslušného uživatele.
+Zadáním \fB\-t \fIdny\fR se zobrazí pouze
+ta přihlášení, které jsou dřívější než zadané \fIdny\fR.
+Parametr \fB\-t\fR překryje případný parametr \fB\-u\fR.
+.PP
+Pokud se uživatel ještě nikdy nepřihlásil, zobrazí se zpráva \fB"**Never logged in**"\fR (Nikdy nepřihlášen)
+místo jména terminálu a Äasu.
+.SH SOUBORY
+/var/log/lastlog \- soubor se záznamy o přihlášení a odhlášení
+.SH NÃMITKY
+Velké rozdíly v UID Äíslech jsou způsobeny tím, že lastlog program běžel dlouho bez
+výstupu na obrazovku (např. mmdf=800 a poslední uid=170, program se bude
+jevit jako s uid 171\-799).
+.SH AUTOŘI
+Julianne Frances Haugh (jfh@austin.ibm.com)
+.br
+Phillip Street
+.SH PŘELOŽIL
+OndÅ™ej PavlíÄek (mox@post.cz).
diff --git a/man/cs/man8/logoutd.8 b/man/cs/man8/logoutd.8
new file mode 100644
index 0000000..ed264c4
--- /dev/null
+++ b/man/cs/man8/logoutd.8
@@ -0,0 +1,30 @@
+.TH "LOGOUTD" "8" "11/05/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+logoutd \- Omezuje Äas pÅ™ihlášení
+.SH "POUŽITÃ"
+.HP 8
+\fBlogoutd\fR
+.SH "POPIS"
+.PP
+\fBlogoutd\fR
+omezí Äas pÅ™ihlášení a seznam povolených portů podle pravidel zadaných v
+\fI/etc/porttime\fR.
+\fBlogoutd\fR
+by se měl spouštět z
+\fI/etc/rc\fR. Program pak pravidelnÄ› kontroluje soubor
+\fI/var/run/utmp\fR
+a zkoumá, zda má daný uživatel oprávnění být přihlášen na daném portu
+v daný Äas. VÅ¡echna sezení, která poruÅ¡ují pravidla zadaná v
+\fI/etc/porttime\fR,
+jsou ukonÄena.
+.SH "SOUBORY"
+.TP
+\fI/etc/porttime\fR
+oprávnění k portům a přihlášení
+.TP
+\fI/var/run/utmp\fR
+seznam aktuálních sezení
diff --git a/man/cs/man8/nologin.8 b/man/cs/man8/nologin.8
new file mode 100644
index 0000000..92d6be8
--- /dev/null
+++ b/man/cs/man8/nologin.8
@@ -0,0 +1,28 @@
+.TH "NOLOGIN" "8" "01/07/2006" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+nologin \- slušně odmítne přihlášení
+.SH "PŘEHLED"
+.HP 8
+\fBnologin\fR
+.SH "POPIS"
+.PP
+\fBnologin\fR
+zobrazí oznámení, že úÄet není dostupný a skonÄí s nenulovým
+návratovým kódem. Program je zamýšlen jako vhodná náhrada pole shell
+v souboru passwd pro zablokované úÄty.
+.PP
+Pro zakázání všech přihlášení prozkoumejte
+\fBnologin\fR(5).
+.SH "VIZ TAKÉ"
+.PP
+\fBlogin\fR(1),
+\fBnologin\fR(5).
+.SH "HISTORIE"
+.PP
+Příkaz
+\fBnologin\fR
+se objevil v BSD 4.4.
diff --git a/man/cs/man8/vipw.8 b/man/cs/man8/vipw.8
new file mode 100644
index 0000000..fbef380
--- /dev/null
+++ b/man/cs/man8/vipw.8
@@ -0,0 +1,71 @@
+.TH "VIPW" "8" "12/07/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+vipw, vigr \- slouží k úpravě souborů password, group, shadow-password a shadow-group.
+.SH "POUŽITÃ"
+.HP 5
+\fBvipw\fR [volby]
+.HP 5
+\fBvigr\fR [volby]
+.SH "POPIS"
+.PP
+\fBvipw\fR
+a
+\fBvigr\fR
+upravují soubory
+\fI/etc/passwd\fR
+a
+\fI/etc/group\fR. S pÅ™epínaÄem
+\fB\-s\fR
+budou upravovat stínové verze obou souborů, tj.
+\fI/etc/shadow\fR
+a
+\fI/etc/gshadow\fR. Programy používají zámky, aby předešly porušení
+souborů. Při hledání editoru nejprve zkusí proměnnou prostředí
+\fB$VISUAL\fR, poté proměnnou prostředí
+\fB$EDITOR\fR a na konec spustí standardní editor
+\fBvi\fR(1).
+.SH "VOLBY"
+.PP
+Příkazy
+\fBvipw\fR
+a
+\fBvigr\fR
+akceptují následující volby:
+.TP
+\fB\-g\fR, \fB\-\-group\fR
+Upraví databázi skupin.
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+Zobrazí nápovÄ›du a skonÄí.
+.TP
+\fB\-p\fR, \fB\-\-passwd\fR
+Upraví databázi hesel.
+.TP
+\fB\-q\fR, \fB\-\-quiet\fR
+Tichý režim.
+.TP
+\fB\-s\fR, \fB\-\-shadow\fR
+Upraví databázi shadow nebo gshadow.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových úÄtech
+.TP
+\fI/etc/gshadow\fR
+stínový soubor pro skupiny
+.TP
+\fI/etc/passwd\fR
+informace o uživatelských úÄtech
+.TP
+\fI/etc/shadow\fR
+citlivé informace o uživatelských úÄtech
+.SH "VIZ TAKÉ"
+.PP
+\fBvi\fR(1),
+\fBgroup\fR(5),
+\fBgshadow\fR(5)\fBpasswd\fR(5),
+\fBshadow\fR(5).
diff --git a/man/da/Makefile.am b/man/da/Makefile.am
new file mode 100644
index 0000000..a3b0922
--- /dev/null
+++ b/man/da/Makefile.am
@@ -0,0 +1,32 @@
+
+mandir = @mandir@/da
+
+# 2012.01.28 - activate manpages with more than 50% translated messages
+man_MANS = \
+ man1/chfn.1 \
+ man8/groupdel.8 \
+ man1/groups.1 \
+ man5/gshadow.5 \
+ man8/logoutd.8 \
+ man1/newgrp.1 \
+ man8/nologin.8 \
+ man1/sg.1 \
+ man8/vigr.8 \
+ man8/vipw.8
+
+man_nopam =
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+ $(man_MANS) \
+ man1/id.1
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/de/Makefile.am b/man/de/Makefile.am
new file mode 100644
index 0000000..3cd302e
--- /dev/null
+++ b/man/de/Makefile.am
@@ -0,0 +1,66 @@
+
+mandir = @mandir@/de
+
+man_MANS = \
+ man1/chage.1 \
+ man1/chfn.1 \
+ man8/chgpasswd.8 \
+ man8/chpasswd.8 \
+ man1/chsh.1 \
+ man1/expiry.1 \
+ man5/faillog.5 \
+ man8/faillog.8 \
+ man3/getspnam.3 \
+ man1/gpasswd.1 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmems.8 \
+ man8/groupmod.8 \
+ man1/groups.1 \
+ man8/grpck.8 \
+ man8/grpconv.8 \
+ man8/grpunconv.8 \
+ man5/gshadow.5 \
+ man8/lastlog.8 \
+ man1/login.1 \
+ man5/login.defs.5 \
+ man8/logoutd.8 \
+ man1/newgrp.1 \
+ man8/newusers.8 \
+ man8/nologin.8 \
+ man1/passwd.1 \
+ man5/passwd.5 \
+ man8/pwck.8 \
+ man8/pwconv.8 \
+ man8/pwunconv.8 \
+ man1/sg.1 \
+ man3/shadow.3 \
+ man5/shadow.5 \
+ man1/su.1 \
+ man5/suauth.5 \
+ man8/useradd.8 \
+ man8/userdel.8 \
+ man8/usermod.8 \
+ man8/vigr.8 \
+ man8/vipw.8
+
+man_nopam = \
+ man5/limits.5 \
+ man5/login.access.5 \
+ man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+ $(man_MANS) \
+ man1/id.1 \
+ man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/es/Makefile.am b/man/es/Makefile.am
new file mode 100644
index 0000000..721dc0d
--- /dev/null
+++ b/man/es/Makefile.am
@@ -0,0 +1,17 @@
+
+mandir = @mandir@/es
+
+man_MANS =
+
+# These Spanish manpages are outdated.
+# Please contact pkg-shadow-devel@lists.alioth.debian.org if you wish to
+# provide updates.
+# man1/login.1 \
+# man1/newgrp.1 \
+# man1/passwd.1 \
+# man5/passwd.5 \
+# man1/su.1 \
+# man8/vigr.8 \
+# man8/vipw.8
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/es/man1/login.1 b/man/es/man1/login.1
new file mode 100644
index 0000000..ae3b7fc
--- /dev/null
+++ b/man/es/man1/login.1
@@ -0,0 +1,332 @@
+.\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu)
+.\" May be distributed under the GNU General Public License
+.\"
+.\" Translated 17 sep. 1998 by Juan José López Mellado(laveneno@hotmail.com)
+.\"
+.TH LOGIN 1 "4 Noviembre 1996" "Util\-linux 1.6" "Manual del Programador de Linux"
+.SH NOMBRE
+login \- firmar
+.SH SINOPSIS
+.BR "login [ " name " ]"
+.br
+.B "login \-p"
+.br
+.BR "login \-h " hostname
+.br
+.BR "login \-f " name
+.SH DESCRIPCIÓN
+.B login
+es usado cuando se firma en un sistema. Puede ser usado para cambiar
+desde un usuario a otro en cualquier momento (los shells más modernos
+disponen de esta característica incluida internamente).
+
+Si no se da ningún argumento,
+.B login
+pregunta por el nombre de usuario.
+
+Si el usuario
+.I no
+es root, y si existe
+.IR /etc/nologin ,
+el contenido de este fichero se escribe en la pantalla y el ingreso
+finaliza. Esto se usa típicamente para prevenir los ingresos cuando el
+sistema se está cerrando.
+
+Si se han especificado restricciones de acceso para el usuario en
+.IR /etc/usertty ,
+estas son requeridas, o la petición de ingreso será denegada y se
+generará un mensaje a través de
+.BR syslog .
+Vea la sección "Restricciones de Acceso Especiales".
+
+Si el usuario es root, entonces el ingreso debe estar ocurriendo en
+alguno de los tty listados en
+.IR /etc/securetty .
+Los fallos serán registrados mediante
+.BR syslog .
+
+Después de comprobar estas condiciones, se pedirá la contraseña y se
+validará (si es que se requiere de una contraseña para el usuario). Se
+permite un total de diez intentos antes de que
+.B login
+muera, pero después de los tres primeros, la respuesta comienza a ser muy
+lenta. Los fallos de ingreso son registrados a través de
+.BR syslog .
+También es usado para registrar cualquier ingreso correcto del usuario
+root.
+
+Si el fichero
+.I .hushlogin
+existe, entonces se realiza un ingreso "reservado" (esto deshabilita la
+comprobación del correo y la escritura de la hora del último ingreso así
+como el mensaje del día). Por otro lado, si existe
+.IR /var/log/lastlog ,
+la hora del último ingreso se imprime (y el ingreso actual es
+registrado).
+
+Se llevan a cabo algunas tareas administrativas, como el cambio del UID y
+GID del tty. La variable de entorno TERM se preserva, si existe (las
+otras variables de entorno son preservadas si se usa la opción
+.BR \-p ).
+Después son definidas las variables HOME, PATH, SHELL, TERM, MAIL y
+LOGNAME. El PATH por defecto será
+.I /usr/local/bin:/bin:/usr/bin:.
+para usuarios normales, y
+.I /sbin:/bin:/usr/sbin:/usr/bin
+para root. Por último, si no es un ingreso "reservado", el mensaje del
+día será imprimido y se comprobará el fichero con el nombre del usuario en
+.I /usr/spool/mail
+y se imprimirá un mensaje si este tuviera un tamaño diferente de cero.
+
+A continuación, se inicia el shell del usuario. Si no se especifica ninguno
+para el usuario en
+.BR /etc/passwd ,
+entonces se usará
+.BR /bin/sh .
+Si no hay un directorio especificado en
+.IR /etc/passwd ,
+entonces se usará
+.I /
+(el directorio del usuario se analizará en busca del fichero
+.I .hushlogin
+descrito más abajo).
+
+.SH OPCIONES
+.TP
+.B \-p
+Usado por
+.BR getty (8)
+para indicar a
+.B login
+que no destruya el entorno
+.TP
+.B \-f
+Usado para evitar la segunda autenticación del ingreso. Esto
+.B no
+funciona específicamente para root y no parece que funcione
+correctamente bajo Linux.
+.TP
+.B \-h
+Usado por otros servidores (por ejemplo,
+.BR telnetd (8))
+para pasar el nombre del host remoto a
+.B login
+de tal manera que pueda ser puesto en utmp y wtmp. Solo el superusuario
+podrá usar esta opción.
+
+.SH "RESTRICCIONES DE ACCESO ESPECIALES"
+El fichero
+.I /etc/securetty
+lista los nombres de los ttys donde se permite que el root pueda
+ingresar. Deberá especificarse un nombre de tty por línea (sin el prefijo
+/dev/). Si el fichero no existiera, se permitirá su ingreso desde
+cualquier tty.
+.PP
+El fichero
+.I /etc/usertty
+especifica restricciones de acceso adicionales para usuarios específicos.
+Si no existiera este fichero, no se impondrá ninguna restricción de
+acceso adicional. El fichero consiste en una secuencia de secciones. Hay
+tres tipos de secciones posibles: CLASSES, GROUPS y USERS. Una sección
+de tipo CLASSES define tipos de ttys y patrones de nombres de hosts, una
+sección de tipo GROUPS define los ttys permitidos y los hosts grupo por
+grupo y una sección USERS define los ttys permitidos y los hosts usuario
+por usuario.
+.PP
+Cada línea de este fichero no puede tener más de 255 caracteres. Los
+comentarios comienzan con un carácter # y se extienden hasta el final de
+la línea.
+.PP
+.SS "La sección CLASSES"
+Una sección de tipo CLASSES comienza por la palabra CLASSES al principio
+de la línea escrito en mayúsculas. Cada una de las líneas hasta el
+principio de una nueva sección o del final del fichero consiste en una
+secuencia de palabras separadas pos tabuladores o espacios. Cada línea
+define una clase de ttys y patrones de hosts.
+.PP
+La palabra al principio de la línea es tomada como el nombre colectivo
+para los ttys y patrones de hosts especificados en el resto de la línea.
+Este nombre colectivo puede usarse en las siguientes secciones de tipo
+GROUPS o USERS. No debería aparecer el nombre de una clase como parte de
+la definición de una clase para evitar problemas de recursividad de
+nombres.
+.PP
+Una sección CLASSES de ejemplo:
+.PP
+.nf
+.in +.5
+CLASSES
+miclase1 tty1 tty2
+miclase2 tty3 @.foo.com
+.in -.5
+.fi
+.PP
+Esto define las clases
+.I miclase1
+y
+.I miclase2
+como las partes derechas correspondientes.
+.PP
+
+.SS "La sección GROUPS"
+Una sección GROUPS define los ttys y hosts permitidos para cada grupo
+.I /etc/passwd
+y
+.I /etc/group
+y ese grupo es mencionado en una sección de tipo GROUPS en
+.I /etc/usertty
+entonces el usuario tiene acceso permitido.
+.PP
+Una sección GROUPS comienza con la palabra GROUPS en mayúsculas en el
+principio de una línea, y cada una de las siguientes líneas es una
+secuencia de palabras separadas pos espacios o tabuladores. La primera
+palabra de una línea es el nombre del grupo, y el resto de las palabras
+de la línea especifican los ttys y hosts donde los miembros de ese grupo
+tienen permitido el acceso. Estas especificaciones pueden comportar el
+uso de las clases definidas en secciones CLASSES anteriores.
+.PP
+Un ejemplo de una sección GROUPS:
+.PP
+.nf
+.in +0.5
+GROUPS
+sys tty1 @.bar.edu
+stud miclase1 tty4
+.in -0.5
+.fi
+.PP
+Este ejemplo especifica que los miembros del grupo
+.I sys
+pueden ingresar en el tty1 y desde los hosts en el dominio bar.edu. Los
+usuarios en el grupo
+.I stud
+pueden ingresar desde los hosts/ttys especificados en la clase miclase1 o
+desde el tty4.
+.PP
+
+.SS "La sección USERS"
+Una sección USERS comienza con la palabra USERS toda en mayúsculas al
+principio de la línea, y cada una de las líneas siguientes es una
+secuencia de palabras separadas por espacios o tabuladores. La primera
+palabra de una línea es un nombre de usuario y a ese usuario se le
+permite ingresar en los ttys y desde los hosts mencionados en el resto de
+la línea. Estas especificaciones pueden contener clases definidas en
+secciones CLASSES anteriores. Si no se especifica al principio del
+fichero una cabecera de sección, por defecto la primera sección se
+interpreta como del tipo USERS.
+
+.PP
+Una sección USERS de ejemplo:
+.PP
+.nf
+.in +0.5
+USERS
+zacho tty1 @130.225.16.0/255.255.255.0
+pepe tty3 miclase2
+.in -0.5
+.fi
+.PP
+Esto autoriza al usuario zacho a ingresar solo en el tty1 y desde los
+hosts con direcciones IP en el rango 130.225.16.0 \- 130.225.16.255, y
+también autoriza al usuario pepe a ingresar en el tty3 y desde cualquier
+parte mencionada en la clase miclase2.
+.PP
+Podrá aparecer una línea en la sección USERS que comience por un nombre
+de usuario *. Esta es la regla por defecto y será aplicada a cualquier
+usuario que no aparezca en ninguna de las otras líneas.
+.PP
+Si un usuario encaja con una línea USERS y con una línea GROUPS, el
+usuario estará autorizado a ingresar desde la unión de todos los
+ttys/hosts mencionados en estas especificaciones.
+
+.SS Orígenes
+Las especificaciones de patrones de tty y host usadas en la
+especificación de las clases, grupos y usuarios se llaman orígenes. Un
+origen es una cadena de caracteres que puede tener uno de estos formatos:
+.IP o
+El nombre de un dispositivo tty sin el prefijo /dev/, por ejemplo tty1 o
+ttyS0.
+.PP
+.IP o
+La cadena @localhost, indicando que el usuario está autorizado a
+telnet/rlogin desde el host local al mismo host. Esto también habilita al
+usuario a ejecutar, por ejemplo, el comando: xterm \-e /bin/login.
+.PP
+.IP o
+Un sufijo de nombre de dominio como @.algun.dom, indicando que el usuario
+podrá hacer rlogin/telnet desde cualquier host cuyo nombre de dominio
+tenga el sufijo .algun.dom.
+.PP
+.IP o
+Un rango de direcciones IPv4, escritas @x.x.x.x/y.y.y.y donde x.x.x.x es
+la dirección IP en la notación decimal tradicional con puntos, e y.y.y.y
+es una máscara de bits en la misma notación especificando cuales de los
+bits de la dirección serán comparados con la dirección IP del host
+remoto. Por ejemplo @130.255.16.0/255.255.254.0 significa que el usuario
+podrá hacer rlogin/telnet desde cualquier host cuya dirección IP esté en
+el rango 130.255.16.0 \- 130.255.17.255.
+.PP
+Cualquiera de los orígenes anteriores pueden tener un prefijo con la
+especificación temporal acordando con la sintaxis:
+.PP
+.nf
+espec\-tiempo ::= '[' <día\-u\-hora> [':' <día\-u\-hora>]* ']'
+día ::= 'mon' | 'tue' | 'wed' | 'thu' | 'fri' | 'sat' | 'sun'
+hora ::= '0' | '1' | ... | '23'
+espec\-hora ::= <hora> | <hora> '\-' <hora>
+día\-u\-hora ::= <día> | <espec\-hora>
+.fi
+.PP
+Por ejemplo, el origen [mon:tue:wed:thu:fri:8\-17]tty3 significa que solo
+se permitirán ingresos de lunes a viernes entre las 8:00 y las 17:59
+(5:59 pm) en el tty3. Esto también muestra que un rango de horas a\-b
+incluye todo momento entre a:00 y b:59. Una sola hora (por ejemplo 10)
+significará un espacio temporal entre las 10:00 y las 10:59.
+.PP
+Si no se especifica ningún prefijo temporal para un tty o host significará
+que se permitirá el ingreso desde ese origen a cualquier hora. Si da un
+prefijo temporal asegúrese de especificar tanto el conjunto de días como
+una o más horas o rango de horas. Una especificación de tiempo no puede
+incluir espacios en blanco.
+.PP
+Si no se define ninguna regla por defecto entonces los usuarios que no
+concuerden con ninguna línea de
+.I /etc/usertty
+está autorizados para ingresar desde cualquier lugar en la manera
+estándar.
+.PP
+.SH FICHEROS
+.nf
+.I /var/run/utmp
+.I /var/log/wtmp
+.I /var/log/lastlog
+.I /usr/spool/mail/*
+.I /etc/motd
+.I /etc/passwd
+.I /etc/nologin
+.I /etc/usertty
+.I .hushlogin
+.fi
+.SH "VÉASE TAMBIÉN"
+.BR init (8),
+.BR getty (8),
+.BR mail (1),
+.BR passwd (1),
+.BR passwd (5),
+.BR environ (7),
+.BR shutdown (8)
+.SH FALLOS
+
+Linux, a diferencia de otros sistemas operativos draconianos, no comprueba
+las cuotas.
+
+La opción no documentada
+.B \-r
+de BSD no está soportada. Esta podría ser requerida por algún programa
+.BR rlogind (8)
+.
+.SH AUTOR
+Derivado de login 5.40 de BSD (5/9/89) por Michael Glad (glad@daimi.dk)
+para HP\-UX
+.br
+Portado a Linux 0.12: Peter Orbaek (poe@daimi.aau.dk)
diff --git a/man/es/man1/newgrp.1 b/man/es/man1/newgrp.1
new file mode 100644
index 0000000..09854f1
--- /dev/null
+++ b/man/es/man1/newgrp.1
@@ -0,0 +1,32 @@
+.\" Original author unknown. This man page is in the public domain.
+.\" Modified Sat Oct 9 17:46:48 1993 by faith@cs.unc.edu
+.\"
+.\" Translated 19 Sep 1998 by Juan José López Mellado
+.\" (laveneno@hotmail.com)
+.\"
+.TH NEWGRP 1 "9 Octubre 1993" "Linux 1.2" "Manual del Programador de Linux"
+.SH NOMBRE
+newgrp \- ingresar con un nuevo grupo
+.SH SINOPSIS
+.BI "newgrp [ " group " ]"
+.SH DESCRIPCIÓN
+.B Newgrp
+cambia la identificación de grupo de su invocador, análogamente a
+.BR login (1).
+La misma persona queda ingresada, y el directorio actual no es
+modificado, pero los cálculos de los permisos de acceso a los ficheros se
+realizan con respecto al nuevo ID de grupo.
+.LP
+Si no se espcifica un grupo, el GID es cambiado al GID de ingreso.
+.LP
+.SH FICHEROS
+.I /etc/group
+.br
+.I /etc/passwd
+
+.SH "VÉASE TAMBIÉN"
+.BR login "(1), " group (5)
+
+.SH AUTOR
+Originalmente por Michael Haardt. Actualmente mantenido por
+Peter Orbaek (poe@daimi.aau.dk).
diff --git a/man/es/man1/passwd.1 b/man/es/man1/passwd.1
new file mode 100644
index 0000000..fb17e64
--- /dev/null
+++ b/man/es/man1/passwd.1
@@ -0,0 +1,138 @@
+.\" Copyright 1992 Rickard E. Faith (faith@cs.unc.edu)
+.\" May be distributed under the GNU General Public License
+.\"
+.\" Translated 2 Dec 1998 by Victor Moral (victor@venexma.es)
+.\"
+.TH PASSWD 1 "11 Noviembre 1996" "Util\-linux 2.6" "Manual del Programador Linux"
+.SH NOMBRE
+passwd \- cambia contraseñas
+.SH SINOPSIS
+.BR "passwd"
+.RB [ " \-o " ]
+.RB [ " \-q " ]
+.RB [ " \-v " ]
+.RI [ " usuario " [ " contraseña " ]]
+.br
+.BR "passwd \-f "
+.RI [ " parámetros para el cambio de nombre completo del usuario " ]
+.br
+.BR "passwd \-s "
+.RI [ " parámetros para el cambio de shell " ]
+
+.SH DESCRIPCIÓN
+
+Cuando se utiliza sin parámetros
+.B passwd
+cambia la contraseña para el usuario que lo invoca. Primero le exigirá
+la contraseña vigente, y a continuación pedirá dos veces la nueva para
+prevenir errores de escritura.
+
+La invocación del programa con los parámetros
+.IR usuario
+y
+.IR contraseña
+sólo puede realizarse desde la cuenta de superusuario.
+
+Utilizando la invocación sólo con el parámetro
+.IR usuario
+, el
+superusuario puede cambiar la contraseña para ese
+.IR usuario .
+
+En este caso no se exige al superusuario la contraseña vigente para el usuario,
+pero las reglas para validar contraseñas se siguen aplicando a menos que se
+utilice la opción
+.B "\-o".
+El superusuario puede tener razones legítimas para elegir una contraseña no
+conforme a las reglas.
+
+
+El uso de los dos parámetros asigna al
+.IR usuario " la " contraseña
+indicada en el segundo parámetro. Puede ser útil cuando se debe dar a muchos
+usuarios una contraseña inicial predefinida. Pero también puede ser
+extremadamente peligroso. Un simple fallo en un programa podría cambiar la
+contraseña del superusuario (root) a cualquier cosa desconocida.
+
+Indicar una cadena vacía como el segundo parámetro borra la contraseña para
+el usuario, pero sólo en combinación de la opción
+.B "\-o".
+
+Los cambios de contraseña pueden registrarse utilizando el servicio
+.BR syslog (3),
+dependiendo de las definiciones hechas en tiempo de compilación del programa
+(estando esta característica activa por omisión).
+Si es así, todos los cambios se registrarán a un nivel bajo como auth.notice,
+excepto para cambiar la contraseña del superusuario (root); en este caso se
+registrarán con nivel auth.warning.
+
+.SH OPCIONES
+.TP
+.B "\-f, \-\-fullname"
+Cambia el nombre completo del usuario (el campo GECOS del registro de
+contraseñas). Invoca el programa /usr/bin/chfn utilizando los parámetros
+que ha recibido que no son opciones.
+
+.TP
+.B "\-o, \-\-force"
+Desactiva las verificaciones de validación sobre la nueva contraseña . Sólo
+puede ser utilizada por el superusuario, y está pensado para permitirle
+asignar contraseñas iniciales simples.
+
+.TP
+.B "\-s, \-\-shell"
+Cambia el shell del usuario mediante la invocación del programa /usr/bin/chsh
+con los parámetros recibidos que no son opciones.
+
+.TP
+.B "\-q, \-\-quiet, \-\-silent"
+En este modo de funcionamiento passwd no indica que la contraseña se haya
+cambiado.
+
+.TP
+.B "\-v, \-V, \-\-version"
+Muestra información acerca de la versión del programa y finaliza.
+
+.SH REGLAS DE CONTRASEÑAS
+La nueva contraseña debe cumplir estas reglas:
+.TP
+o
+tener como mínimo seis caracteres;
+
+.TP
+o
+no ser igual a la contraseña anterior;
+
+.TP
+o
+contener caracteres que pertenezcan, como mínimo, a dos de las
+siguientes categorías: mayúsculas y minúsculas, dígitos y caracteres no
+alfanuméricos;
+
+.TP
+o
+no debe coincidir ni con el nombre del usuario, ni con ninguna de las palabras
+que forman su nombre completo (real), tanto en orden normal como inverso, ni
+al principio ni al final.
+
+.SH FALLOS (BUGS)
+
+Si cambia de opinión no hay escape del programa. Insistirá en obtener una
+contraseña nueva hasta que sea muerto (mediante kill) desde otro terminal.
+(Esto es provocado por un fallo en getpass(3): e ignora las señales.)
+
+.SH FICHEROS
+.TP
+.I /etc/passwd
+El archivo que contiene las contraseñas.
+.SH "VÉASE TAMBIÉN"
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5)
+.SH AUTOR
+Peter Orbaek (poe@daimi.aau.dk).
+.br
+Martin Schulze (joey@infodrom.north.de) con extensas mejoras y reescrituras.
+.br
+.SH MANTENIMIENTO
+Nicolai Langfeldt (janl@math.uio.no)
diff --git a/man/es/man1/su.1 b/man/es/man1/su.1
new file mode 100644
index 0000000..1acf8c7
--- /dev/null
+++ b/man/es/man1/su.1
@@ -0,0 +1,139 @@
+.\" \-*\- nroff \-*\-
+.\"Translated 21 Jul 1998 by Javi Diaz (javid@si.upc.es)
+.TH SU 1 "Utilidades Shell de GNU" "FSF"
+.SH NOMBRE
+su \- ejecuta una shell con identificadores de grupo y de usuario distintos
+.SH SINOPSIS
+.B su
+[\-flmp] [\-c comando] [\-s shell] [\-\-login] [\-\-fast]
+[\-\-preserve\-environment] [\-\-command=comando] [\-\-shell=shell] [\-]
+[\-\-help] [\-\-version] [usuario [arg...]]
+.SH DESCRIPCIÓN
+Este documento ya no es mantenido y puede ser impreciso o incompleto. La
+documentación de Texinfo es ahora la fuente de información recomendada.
+.PP
+Esta página del manual documenta la versión GNU de
+.BR su .
+.B su
+permite a un usuario convertirse temporalmente en otro usuario. Se ejecuta
+una shell con los identificadores reales y efectivos, el identificador de
+grupo, y los identificadores suplementarios del grupo del USUARIO. Si no se
+especifica ningún USUARIO, por defecto se usa root, el superusuario.
+La shell a ejecutar se toma de la entrada correspondiente al USUARIO en el
+fichero de passwords, o /bin/sh si no se especifica ninguna en dicho fichero.
+Si el USUARIO tiene password,
+.B su
+lo solicitará, a menos que sea ejecutado por el usuario con identificador real
+0 (el superusuario).
+.PP
+Por defecto,
+.B su
+no cambia el directorio actual.
+.B su
+modifica las variables de entorno `HOME' y `SHELL' de acuerdo con la entrada
+del fichero de passwords correspondiente al USUARIO, y si el USUARIO no es el
+superusuario, coloca en las variables `USER' y `LOGNAME' el valor de USUARIO.
+Por defecto, la shell ejecutada no es una shell de entrada al sistema.
+.PP
+Si se facilitan uno o más ARGs, estos son pasados como argumentos adicionales
+a la shell ejecutada.
+.PP
+.B su
+no ejecuta de manera especial /bin/sh u otras shells (colocando en argv[0] el
+valor "\-su", pasando \-c únicamente a algunas shells, etc.).
+.PP
+En sistemas que utilicen syslog,
+.B su
+puede ser compilado para reportar fallo, y opcionalmente éxito en syslog.
+.B su
+intentará utilizar syslog.
+.PP
+Este programa no soporta el grupo "wheel", el cual restringe quien podrá
+ejecutar
+.B su
+hacia la cuenta de root (el superusuario) ya que esta política podría
+ayudar a los administradores de máquinas a facilitar un uso inadecuado a otros
+usuarios.
+.SS OPCIONES
+.TP
+.I "\-c COMANDO, \-\-command=COMANDO"
+Pasa el COMANDO, una única línea a ejecutar, a la shell con la opción
+.I \-c
+en vez de ejecutar una shell interactiva.
+.TP
+.I "\-f, \-\-fast"
+Pasa la opción
+.I \-f
+a la shell. Esto probablemente tiene sentido con
+.B csh
+y
+.BR tcsh ,
+en estos casos la opción
+.I \-f
+indica que no se lean los ficheros de arranque de la shell (.cshrc).
+Con las shells del estilo Bourne shell, la opción
+.I \-f
+deshabilita la expansión de los patrones de fichero, la cual cosa no es
+demasiado deseable.
+.TP
+.I "\-\-help"
+Escribe un mensaje sobre el uso en la salida estándar y acaba sin
+provocar error.
+.TP
+.I "\-, \-l, \-\-login"
+Provoca que la shell a ejecutar sea una shell de login. Lo cual significa que
+se eliminan del entorno todas las variables excepto `TERM', `HOME' y `SHELL'
+(las cuales se modifican como se explicó anteriormente) y `USER'y `LOGNAME'
+(que se modifican, incluso para el superusuario, como se explicó anteriormente),
+la variable `PATH' se añade al entorno con el valor por defecto que se
+estableció al compilar
+.B su
+, además de los cambios anteriores,
+.B su
+cambia al directorio por defecto del USUARIO. Si se antepone "\-" al nombre de
+la shell a ejecutar, se leerán los ficheros de arraque pertinentes.
+.TP
+.I "\-m, \-p, \-\-preserve\-environment"
+No se cambian las variables de entorno `HOME', `USER', `LOGNAME' ni `SHELL'.
+Se ejecuta la shell especificada en la variable de entorno `SHELL' en vez
+de la shell que indique la entrada para el USUARIO en el fichero /etc/passwd,
+a menos que el usuario que ejecute
+.B su
+no sea el superusuario y la shell del USUARIO esté restringida.
+Una shell restringida es aquella que no está listada en el fichero /etc/shells
+o en una lista generada al compilar
+.B su
+si dicho fichero no existe. Algunos detalles de lo que hace esta opción pueden
+ser invalidadas mediante la opción
+.I \-\-login
+y
+.IR \-\-shell .
+.TP
+.I "\-s, \-\-shell shell"
+Ejecuta la SHELL en vez de la shell del USUARIO especificada en el fichero
+\fI/etc/passwd\fR, a menos que el usuario que ejecute
+.B su
+no sea el superusuario y la shell del USUARIO esté restringida.
+.TP
+.I "\-\-version"
+Escribe información sobre la versión en la salida estándar y acaba sin
+provocar error.
+
+.SH Por que GNU no soporta el grupo "wheel" (por Richard Stallman)
+A veces, algunos listillos intentan hacerse con el poder total
+sobre el resto de usuarios. Por ejemplo, en 1984, un grupo de usuarios del
+laboratorio de Inteligencia Artificial del MIT decidieron tomar el poder
+cambiando el password de operador del sistema Twenex y manteniendolo secreto
+para el resto de usuarios. (De todas maneras, hubiera sido posible desbaratar
+la situación y devolver el control a los usuarios legítimos parcheando el
+kernel, pero no sabría como realizar esta operación en un sistema Unix.)
+.PP
+Sin embargo, casualmente alguien contó el secreto. Mediante el uso habitual de
+.B su
+una vez que alguien conoce el password de root puede contarselo al resto de
+usuarios. El grupo "wheel" hará que esto sea imposible, protegiendo así el poder
+de los superusuarios.
+.PP
+Yo estoy del lado de las masas, no de los superusuarios. Si eres de los que
+estan de acuerdo con los jefes y los administradores de sistemas en cualquier
+cosa que hagan, al principio encontrarás esta idea algo extraña.
diff --git a/man/es/man5/passwd.5 b/man/es/man5/passwd.5
new file mode 100644
index 0000000..bff5412
--- /dev/null
+++ b/man/es/man5/passwd.5
@@ -0,0 +1,138 @@
+.\" Copyright (c) 1993 Michael Haardt (michael@moria.de), Fri Apr 2 11:32:09 MET DST 1993
+.\"
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.\" Translated Tue Jul 23 11:06:10 1996 by Diego Novillo (diego@cs.ualberta.ca)
+.\" Modified Mon Jan 5 20:24:40 MET 1998 by Michael Haardt
+.\" (michael@cantor.informatik.rwth-aachen.de)
+.\" Translation revised June 6 1998
+.\" Translation revised Wed Aug 19 1998 by Juan Piernas <piernas@ditec.um.es>
+.\"
+.TH PASSWD 5 "5 Enero 1998" "Linux" "Formatos de Fichero"
+.SH NOMBRE
+passwd \- fichero de contraseñas
+.SH DESCRIPCIÓN
+.B Passwd
+es un fichero de texto que contiene una lista de las cuentas del sistema,
+proporcionando para cada cuenta cierta información útil como el
+identificador (ID) de usuario, el ID de grupo, el directorio `home', el
+intérprete de órdenes, etc.
+Con frecuencia, también contiene la contraseña cifrada de cada cuenta.
+Este fichero debe tener permiso de lectura para todos (muchas utilidades,
+como
+.BR ls (1),
+lo usan para traducir el número de identificador de
+usuario (UID) al nombre del usuario), pero sólo el superusuario debe
+poder escribirlo.
+.PP
+En los buenos viejos tiempos no había grandes problemas con estos permisos
+generales de lectura. Cualquiera podía leer contraseñas cifradas, ya que el
+hardware era demasiado lento para descifrar una clave bien elegida
+y, además, la suposición básica solía ser que la comunidad de usuarios era
+bastante amigable. Hoy en día, mucha gente
+utiliza alguna versión del paquete \fBshadow password\fP, donde en
+.I /etc/passwd
+encontramos *'s en lugar de las claves cifradas; éstas se encuentran
+en el fichero
+.IR /etc/shadow ,
+el cual sólo lo puede leer el superusuario.
+.PP
+Sin tener en cuenta si se utilizan o no `shadow passwords', muchos
+administradores de sistemas usan un asterisco en el campo de contraseña
+para asegurarse de que dicho usuario no se puede autenticar a sí
+mismo usando una contraseña. (No obstante, vea la sección OBSERVACIONES más abajo).
+.PP
+Si crea una nueva cuenta, coloque primero un asterisco en el campo de
+contraseña y a continuación use
+.BR passwd (1)
+para asignarla.
+.PP
+Hay una entrada por línea, cada línea tiene el siguiente formato:
+.sp
+.RS
+cuenta:contraseña:UID:GID:GECOS:directorio:intérprete
+.RE
+.sp
+Las descripciones de los campos son las siguientes:
+.sp
+.RS
+.TP 1.0in
+.I cuenta
+el nombre del usuario en el sistema. No debe contener letras mayúsculas.
+.TP
+.I contraseña
+la contraseña cifrada del usuario o un asterisco.
+.TP
+.I UID
+el número del ID de usuario.
+.TP
+.I GID
+el número del ID de grupo primario para este usuario.
+.TP
+.I GECOS
+Este campo es opcional y sólo se usa para propósitos de información.
+Normalmente, contiene el nombre completo del usuario. GECOS significa General
+Electric Comprehensive Operating System, que se renombró a GCOS cuando
+la división de grandes sistemas de GE se vendió a Honeywell. Dennis Ritchie
+ha dicho: "Algunas veces enviábamos una salida de impresora o unos trabajos
+por lotes a la máquina GCOS. El campo gcos en el fichero password era el
+lugar para esconder la información de la $IDENTcard. No era elegante."
+.TP
+.I directorio
+el directorio base del usuario ($HOME).
+.TP
+.I intérprete
+el programa que se debe ejecutar cuando el usuario ingresa (si está vacío,
+se utiliza
+.BR /bin/sh ).
+Si se establece a un ejecutable que no existe, el usuario será incapaz de
+entrar al sistema a través de
+.BR login (1).
+.RE
+.SH OBSERVACIONES
+Para crear un grupo de usuarios, sus GIDs deben ser iguales y debe
+haber una entrada en \fI/etc/group\fP, de lo contrario no existirá ningún
+grupo.
+.PP
+Si la contraseña cifrada es un asterisco, el usuario será incapaz de entrar
+al sistema usando
+.BR login (1),
+pero todavía podrá entrar utilizando
+.BR rlogin (1),
+ejecutar procesos existentes e iniciar nuevos procesos a través de
+.BR rsh (1),
+.BR cron (1),
+.BR at (1),
+filtros de correo, etc. Intentar cerrar una cuenta cambiando simplemente el
+campo del intérprete de órdenes produce el mismo resultado y permite
+además el uso de
+.BR su (1).
+.SH FICHEROS
+.I /etc/passwd
+.SH "VÉASE TAMBIÉN"
+.BR passwd (1),
+.BR login (1),
+.BR su (1),
+.BR group (5),
+.BR shadow (5)
diff --git a/man/es/man8/vigr.8 b/man/es/man8/vigr.8
new file mode 100644
index 0000000..ff72d7a
--- /dev/null
+++ b/man/es/man8/vigr.8
@@ -0,0 +1 @@
+.so man8/vipw.8
diff --git a/man/es/man8/vipw.8 b/man/es/man8/vipw.8
new file mode 100644
index 0000000..b33d14b
--- /dev/null
+++ b/man/es/man8/vipw.8
@@ -0,0 +1,92 @@
+.\" Copyright (c) 1983, 1991 The Regents of the University of California.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\" must display the following acknowledgement:
+.\" This product includes software developed by the University of
+.\" California, Berkeley and its contributors.
+.\" 4. Neither the name of the University nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" from: @(#)vipw.8 6.7 (Berkeley) 3/16/91
+.\" $Id$
+.\"
+.\"
+.\" Translated into Spanish on Fri Aug 28 1998 by Gerardo Aburruzaga
+.\" García <gerado@cica.es>
+.\"
+.Dd 7 Julio 1996
+.Dt VIPW 8
+.Os Util-Linux 2.6
+.Sh NOMBRE
+.Nm vipw, vigr
+.Nd editan los ficheros de cuentas y grupos
+.Sh SINOPSIS
+.Nm vipw
+.Op -V
+.Op --version
+.Pp
+.Nm vigr
+.Op -V
+.Op --version
+.Sh DESCRIPCIÓN
+.Nm Vipw
+edita el fichero de cuentas tras establecer los bloqueos apropiados, y
+hace cualquier procesado que sea necesario después de que el fichero
+de cuentas se desbloquee.
+Si el fichero de cuentas ya está bloqueado para la edición por parte
+de otro usuario,
+.Nm vipw
+le pedirá que lo intente de nuevo más tarde. El editor predeterminado
+para
+.Nm vipw
+suele ser, como indica su nombre,
+.Xr vi 1 .
+.br
+.Nm Vigr
+edita el fichero de grupos de la misma manera que vipw.
+.Sh ENTORNO
+Si la siguiente variable de entorno existe, será utilizada por
+.Nm vipw :
+.Bl -tag -width EDITOR
+.It Ev EDITOR
+El editor especificado por la cadena
+.Ev EDITOR
+será llamado en vez del predeterminado
+.Xr vi 1 .
+.El
+.Sh VÉASE TAMBIÉN
+.Xr passwd 1 ,
+.Xr vi 1 ,
+.Xr passwd 5
+.Sh HISTORIA
+La orden
+.Nm vipw
+apareció en
+.Bx 4.0 .
+.br
+La orden
+.Nm vigr
+apareció en
+Util-Linux 2.6.
diff --git a/man/expiry.1.xml b/man/expiry.1.xml
new file mode 100644
index 0000000..63575b0
--- /dev/null
+++ b/man/expiry.1.xml
@@ -0,0 +1,149 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ Copyright (c) 1999 , Ben Collins
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!--ENTITY CONSOLE_GROUPS SYSTEM "login.defs.d/CONSOLE_GROUPS.xml"-->
+<!-- A call to CONSOLE_GROUPS is linked, but not used -->
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='expiry.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1990</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>expiry</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>expiry</refname>
+ <refpurpose>check and enforce password expiration policy</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>expiry</command>
+ <arg choice='plain'>
+ <replaceable>option</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>expiry</command> command checks (<option>-c</option>)
+ the current password expiration and forces (<option>-f</option>)
+ changes when required. It is callable as a normal user command.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>expiry</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-c</option>, <option>--check</option></term>
+ <listitem>
+ <para>Check the password expiration of the current user.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-f</option>, <option>--force</option></term>
+ <listitem>
+ <para>
+ Force a password change if the current user has an expired
+ password.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/faillog.5.xml b/man/faillog.5.xml
new file mode 100644
index 0000000..0e16752
--- /dev/null
+++ b/man/faillog.5.xml
@@ -0,0 +1,116 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='faillog.5'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1989</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>faillog</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc"> File Formats and Conversions</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>faillog</refname>
+ <refpurpose>login failure logging file</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ <filename>/var/log/faillog</filename> maintains a count of login
+ failures and the limits for each account.
+ </para>
+ <para>
+ The file contains fixed length
+ records, indexed by numerical UID. Each record contains the count of
+ login failures since the last successful login; the maximum number of
+ failures before the account is disabled; the line on which the last login
+ failure occurred; the date of the last login failure;
+ and the duration (in seconds) during which the account will be locked after
+ a failure.
+ </para>
+
+ <para>The structure of the file is:</para>
+ <programlisting>
+struct faillog {
+ short fail_cnt;
+ short fail_max;
+ char fail_line[12];
+ time_t fail_time;
+ long fail_locktime;
+};</programlisting>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/var/log/faillog</filename></term>
+ <listitem>
+ <para>Failure logging file.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>faillog</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
+
diff --git a/man/faillog.8.xml b/man/faillog.8.xml
new file mode 100644
index 0000000..a9132a8
--- /dev/null
+++ b/man/faillog.8.xml
@@ -0,0 +1,265 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='faillog.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1989</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>faillog</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>faillog</refname>
+ <refpurpose>display faillog records or set login failure limits</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>faillog</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ <command>faillog</command> displays the contents of the failure log
+ database (<filename>/var/log/faillog</filename>). It can also
+ set the failure counters and limits. When
+ <command>faillog</command> is run without arguments, it only displays the
+ faillog records of the users who had a login failure.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>faillog</command> command
+ are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-a</option>, <option>--all</option></term>
+ <listitem>
+ <para>
+ Display (or act on) faillog records for all users having an
+ entry in the <filename>faillog</filename> database.
+ </para>
+ <para>
+ The range of users can be restricted with the
+ <option>-u</option> option.
+ </para>
+ <para>
+ In display mode, this is still restricted to existing users
+ but forces the display of the faillog entries even if they
+ are empty.
+ </para>
+ <para>
+ With the <option>-l</option>, <option>-m</option>,
+ <option>-r</option>, <option>-t</option> options, the users'
+ records are changed, even if the user does not exist on the
+ system. This is useful to reset records of users that have
+ been deleted or to set a policy in advance for a range of
+ users.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Lock account for <replaceable>SEC</replaceable>
+ seconds after failed login.
+ </para>
+ <para>
+ Write access to <filename>/var/log/faillog</filename>
+ is required for this option.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Set the maximum number of login failures after the account is
+ disabled to <replaceable>MAX</replaceable>.
+ </para>
+ <para>
+ Selecting a
+ <replaceable>MAX</replaceable> value of 0 has the effect of not
+ placing a limit on the number of failed logins.
+ </para>
+ <para>
+ The maximum
+ failure count should always be 0 for <emphasis>root</emphasis>
+ to prevent a denial of services attack against the system.
+ </para>
+ <para>
+ Write access to <filename>/var/log/faillog</filename>
+ is required for this option.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-r</option>, <option>--reset</option></term>
+ <listitem>
+ <para>
+ Reset the counters of login failures.
+ </para>
+ <para>
+ Write access to <filename>/var/log/faillog</filename>
+ is required for this option.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Display faillog records more recent than
+ <replaceable>DAYS</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</replaceable>|<replaceable>RANGE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Display faillog record or maintains failure counters and limits
+ (if used with <option>-l</option>, <option>-m</option> or
+ <option>-r</option> options) only for the specified user(s).
+ </para>
+ <para>
+ The users can be specified by a login name, a numerical user
+ ID, or a <replaceable>RANGE</replaceable> of users. This
+ <replaceable>RANGE</replaceable> of users can be specified
+ with a min and max values
+ (<replaceable>UID_MIN-UID_MAX</replaceable>), a max value
+ (<replaceable>-UID_MAX</replaceable>), or a min value
+ (<replaceable>UID_MIN-</replaceable>).
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ When none of the <option>-l</option>, <option>-m</option>, or
+ <option>-r</option> options are used, <command>faillog</command>
+ displays the faillog record of the specified user(s).
+ </para>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ <command>faillog</command> only prints out users with no successful
+ login since the last failure. To print out a user who has had a
+ successful login since their last failure, you must explicitly request
+ the user with the <option>-u</option> flag, or print out all users
+ with the <option>-a</option> flag.
+ </para>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/var/log/faillog</filename></term>
+ <listitem>
+ <para>Failure logging file.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>faillog</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/fi/Makefile.am b/man/fi/Makefile.am
new file mode 100644
index 0000000..26a1a84
--- /dev/null
+++ b/man/fi/Makefile.am
@@ -0,0 +1,12 @@
+
+mandir = @mandir@/fi
+
+man_MANS = \
+ man1/chfn.1 \
+ man1/chsh.1 \
+ man1/su.1
+
+# Outdated manpages
+# passwd.1 (https://bugs.launchpad.net/ubuntu/+bug/384024)
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/fi/man1/chfn.1 b/man/fi/man1/chfn.1
new file mode 100644
index 0000000..2a10395
--- /dev/null
+++ b/man/fi/man1/chfn.1
@@ -0,0 +1,68 @@
+.\"
+.\" chfn.1 -- change your finger information
+.\" (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\" this program is free software. you can redistribute it and
+.\" modify it under the terms of the gnu general public license.
+.\" there is no warranty.
+.\"
+.\" $Author: kloczek $
+.\" $Revision: 1.2 $
+.\" $Date: 2005/12/01 20:38:25 $
+.\" Proofread by Raimo Koski, Nov-Dec. 1999
+.\" Translated into Finnish by Lauri Nurmi (lanurmi@kauhajoki.fi)
+.\" Proofread by Juhana Siren (Juhana.Siren@oulu.fi)
+.\"
+.TH CHFN 1 "24. huhtikuuta 1998" "chfn" "Käyttäjän sovellusohjelmat"
+.SH NIMI
+chfn \- muuta finger-tietojasi
+.SH "YLEISKATSAUS"
+.B chfn
+[\ \-f\ koko nimi\ ] [\ \-o\ toimisto\ ] [\ \-p\ toimiston puhelin\ ]
+[\ \-h\ kotipuhelin\ ] [\ \-u\ ] [\ \-v\ ] [\ käyttäjänimi\ ]
+.SH KUVAUS
+.B chfn:ää
+käytetään finger-tietojen muuttamiseen. Nämä tiedot ovat
+.I /etc/passwd
+-tiedostossa, ja niitä voidaan katsoa
+.B finger\fR-ohjelmalla.
+Linuxin
+.B finger\fR-komento
+näyttää neljä tietoa, joita voidaan muuttaa
+.B chfn\fR:llä
+: todellinen nimesi, työhuoneesi ja puhelin, sekä kotipuhelimesi.
+.SS KOMENTORIVI
+Jokainen neljästä tiedosta voidaan määritellä komentorivillä. Jos
+komentorivillä ei anneta tietoja,
+.B chfn
+käynnistyy vuorovaikutteisessa tilassa.
+.SS VUOROVAIKUTTEINEN TILA
+Vuorovaikutteisessa tilassa
+.B chfn
+kysyy erikseen jokaista kenttää. Voit syöttää kenttään uuden tiedon, tai
+painaa Enteriä jättääksesi kentän ennalleen. Syötä sana "none" saadaksesi
+kentän tyhjäksi.
+.SH OPTIOT
+.TP
+.I "\-f, \-\-full-name"
+Määritä todellinen nimesi.
+.TP
+.I "\-o, \-\-office"
+Määritä toimistohuoneesi numero.
+.TP
+.I "\-p, \-\-office-phone"
+Määritä toimistohuoneesi puhelinnumero.
+.TP
+.I "\-h, \-\-home-phone"
+Määritä kotipuhelinnumerosi.
+.TP
+.I "\-u, \-\-help"
+Näytä lyhyt ohje komennoista.
+.TP
+.I "-v, \-\-version"
+Näytä versiotiedot.
+.SH TEKIJÄ
+Salvatore Valente <svalente@mit.edu>
+.SH "KATSO MYÖS"
+.BR finger (1),
+.BR passwd (5),
diff --git a/man/fi/man1/chsh.1 b/man/fi/man1/chsh.1
new file mode 100644
index 0000000..ed9cb95
--- /dev/null
+++ b/man/fi/man1/chsh.1
@@ -0,0 +1,49 @@
+.\" ** You probably do not want to edit this file directly **
+.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
+.\" Instead of manually editing it, you probably should edit the DocBook XML
+.\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
+.TH "CHSH" "1" "03/07/2006" "Käyttäjän sovellukset" "Käyttäjän sovellukset"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+chsh \- vaihda sisäänkirjautumiskuorta
+.SH "SYNOPSIS"
+.HP 5
+\fBchsh\fR [\-s\ \fIsisäänkirjautumiskuori\fR] [\fIkäyttäjä\fR]
+.SH "KUVAUS"
+.PP
+\fBchsh\fR
+vaihtaa käyttäjän sisäänkirjautumiskuorta. Tämä määrittää käyttäjän ensimmäisen kirjautumiskomennon. Tavallinen käyttäjä voi vaihtaa ainoastaan oman tunnuksensa kirjautumiskuorta, mutta pääkäyttäjä voi vaihtaa kenen tahansa kirjautumiskuoren.
+.PP
+Ainoa rajoitus kirjautumiskuorelle on, että komennon nimen täytyy olla lueteltuna tiedostossa
+\fI/etc/shells\fR
+ellei komentoa käynnistänyt pääkäyttäjä, jolloin mikä tahansa arvo voidaan lisätä. Tunnus, jolla on rajoitettu kirjautumiskuori, ei voi vaihtaa omaa kirjautumiskuortaan. Tästä syystä komennon
+\fI/bin/rsh\fR
+lisääminen tiedostoon
+\fI/etc/shells\fR
+ei ole suositeltavaa, koska käyttäjän vahingossa vaihtaessa rajoitettuun kuoreen, ei hän voi koskaan vaihtaa kirjautumiskuortaan takaisin alkuperäiseen arvoon.
+.SH "VALITSIMET"
+.PP
+Mikäli valitsinta
+\fB\-s\fR
+ei ole annettu,
+\fBchsh\fR
+toimii interaktiivisesti kysyen käyttäjältä kirjautumiskuorta. Syöttämällä uuden arvon vaihdetaan kuorta, ja antamalla tyhjän syötteen, vanha kuori jää voimaan. Nykyinen kuori tulostetaan
+\fI[ ]\fR\-merkkiparin välissä.
+.SH "TIEDOSTOT"
+.TP
+\fI/etc/passwd\fR
+käyttäjätunnuksien tiedot
+.TP
+\fI/etc/shells\fR
+luettelo sallituista kirjautumiskuorista
+.TP
+\fI/etc/login.defs\fR
+varjosalasanakaluston asetukset
+.SH "KATSO MYÖS"
+.PP
+\fBchfn\fR(1),
+\fBlogin.defs\fR(5),
+\fBpasswd\fR(5)
diff --git a/man/fi/man1/passwd.1 b/man/fi/man1/passwd.1
new file mode 100644
index 0000000..930300f
--- /dev/null
+++ b/man/fi/man1/passwd.1
@@ -0,0 +1,95 @@
+.\" Hey Emacs! This file is -*- nroff -*- source.
+.\" (above from Rik Faith..:*)
+.\" Copyright (c) Andrew G. Morgan 1996, <morgan@parc.power.net>
+.\" Proofread by Raimo Koski, Nov-Dec. 1999
+.\" Translated into Finnish by Tuomo Pyhälä (tuomo@lesti.kpnet.fi)
+.\" Proofread by Raimo Koski (rkoski@pp.weppi.fi)
+.\"
+.TH PASSWD 1 "28. Huhtikuuta 1998" "SimplePAMApps 0.50" "Käyttäjän sovellusohjelmat"
+.SH NIMI
+passwd \- päivitä käyttäjän todennustunnukset
+
+.SH "YLEISKATSAUS"
+.B passwd [-u] [käyttäjänimi]
+.sp 2
+.SH KUVAUS
+Passwd on apuohjelma käyttäjän todennustunnusten
+päivittämiseen. Todennustunnus on lähes kaikissa järjestelmissä
+salasana ja termejä käytetään jäljempänä ristiin.
+
+.sp
+Ainoastaan pääkäyttäjä voi päivittää toisen käyttäjän salasanan syöttämällä
+.BR käyttäjänimen ". "
+Optiota
+.BR -u
+käytetään, kun halutaan kertoa passwd:lle, että sen tulisi päivittää vain
+vanhentuneet salasanat (todennustunnukset) säilyttäen vanhentumattomat
+salasanat entisellään.
+
+.sp
+Passwd käyttää
+.BR "Linux-PAM"
+ohjelmointirajapintaa ja se voidaan määrittää käyttämään
+haluttuja moduuleita salasanaa vaihtavan käyttäjän todennukseen ja
+salasanan vaihtoon. Alustaessaan ohjelmointirajapintaa passwd toimii nimellä
+"passwd".
+
+.sp
+Yksinkertainen osio
+.I Linux-PAM
+määritystiedostossa passwd:lle olisi:
+.br
+
+.br
+ #
+.br
+ # passwd palvelun määrittely, joka tarkistaa ettei ehdotettu salasana
+.br
+ # ole helposti arvattavissa, ennen salasanan päivittämistä.
+.br
+ #
+.br
+ passwd password requisite pam_cracklib.so retry=3
+.br
+ passwd password required pam_pwdb.so use_authtok
+.br
+ #
+
+.sp
+Huomaa, että passwd ei tarvitse muun tyyppisten moduulien määrittelyä.
+
+.SH PALUUARVO
+
+Virheettömän suorituksen jälkeen
+.B passwd
+päättää toimintansa paluuarvolla 0. Paluuarvo 1 palautetaan virheen
+sattuessa. Virheilmoitukset kirjoitetaan virhetulosteeseen.
+
+.SH "NOUDATTAA:"
+.br
+.BR Linux-PAM
+(Pluggable Authentication modules for Linux).
+
+.SH TIEDOSTOT
+.br
+.B /etc/pam.conf
+- the
+.BR Linux-PAM
+asetus tiedosto
+
+.SH BUGIT
+.sp 2
+Ei tunnettuja virheitä.
+
+.SH "KATSO MYÖS"
+.BR pam (8),
+ja
+.BR pam_chauthok (2).
+.sp
+Monipuolisempi selostus tämän ohjelman ja Linux-PAMin asetuksista
+löytyy englanninkielisestä
+.BR "'Linux-PAM System Adminstarators' Guide'":sta
+WWW-osoitteesta:
+.br
+.I <http://parc.power.net/morgan/Linux-PAM/index.html>
+.\" TERM authentication_token todennustunnus
diff --git a/man/fi/man1/su.1 b/man/fi/man1/su.1
new file mode 100644
index 0000000..4c29823
--- /dev/null
+++ b/man/fi/man1/su.1
@@ -0,0 +1,119 @@
+.\" ** You probably do not want to edit this file directly **
+.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
+.\" Instead of manually editing it, you probably should edit the DocBook XML
+.\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
+.TH "SU" "1" "03/07/2006" "Käyttäjän sovellukset" "Käyttäjän sovellukset"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+su \- vaihda käyttäjätunnusta tai tule pääkäyttäjäksi
+.SH "SYNOPSIS"
+.HP 3
+\fBsu\fR [\fIvalitsimet\fR] [\-] [\fIkäyttäjätunnus\fR\ [\ \fIparametrit\fR\ ]]
+.SH "KUVAUS"
+.PP
+\fBsu\fR\-komentoa käytetään vaihtamaan toiseksi käyttäjäksi kesken istunnon. Kun komento ajetaan ilman käyttäjänimeä,
+\fBsu\fR
+oletuksena vaihtaa pääkäyttäjäksi. Valinnainen parametri
+\fB\-\fR
+voidaan antaa kun halutaan samanlainen ympäristö kuin käyttäjä odottaa kirjautuessaan suoraan sisään.
+.PP
+Muita parametreja voidaan antaa käyttäjänimen jälkeen, jolloin ne välitetään käyttäjän sisäänkirjautumiskuorelle. Erityisesti parametri
+\fB\-c\fR
+tarkoittaa, että seuraava parametri on komento useimmissa komentotulkeissa. Komento suoritetaan kuorella, joka on määritetty
+\fI/etc/passwd\fR\-tiedostossa kohdekäyttäjälle.
+.PP
+Voit käyttää parametria
+\fB\-\-\fR
+erottamaan
+\fBsu\fR\-valitsimet kuorelle välitettävistä parametreista.
+.PP
+Käyttäjältä pyydetään salasanaa tarvittaessa. Väärä salasana tuottaa virheilmoituksen. Kaikki yritykset, niin kelvolliset kuin virheellisetkin, kirjataan lokiin järjestelmän väärinkäytösten tunnistamiseksi.
+.PP
+Nykyinen ympäristö välitetään kuorelle.
+\fB$PATH\fR\-muuttujan arvo tyhjätään arvoksi
+\fI/bin:/usr/bin\fR
+tavallisille käyttäjille taikka
+\fI/sbin:/bin:/usr/sbin:/usr/bin\fR
+pääkäyttäjälle. Tämän käyttäytymisen voi vaihtaa asetuksilla
+\fIENV_PATH\fR
+ja
+\fIENV_SUPATH\fR
+tiedostossa
+\fI/etc/login.defs\fR.
+.PP
+Sisäinen kirjautuminen ilmoitetaan lisäämällä "*" ensimmäiseksi merkiksi sisäänkirjautumiskuoreen. Annettua kotihakemistoa käytetään uuden tiedostojärjestelmän juurena, jonne käyttäjä tosiasiassa kirjautuu.
+.SH "VALITSIMET"
+.PP
+\fBsu\fR\-komennon valitsimet ovat:
+.TP
+\fB\-c\fR, \fB\-\-command\fR \fIKUORI\fR
+Määritä komento, jonka kuori käynnistää sen
+\fB\-c\fR\-valitsimella.
+.TP
+\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR
+Tarjoa samankaltainen ympäristö kuin käyttäjä saisi kirjautuessaan suoraa sisään.
+.sp
+Kun
+\fB\-\fR
+on käytössä, se täytyy antaa viimeisenä valitsimena
+\fBsu\fR\-komennolle. Muilla valitsimilla (\fB\-l\fR
+sekä
+\fB\-\-login\fR) ei ole tätä rajoitusta.
+.TP
+\fB\-s\fR, \fB\-\-shell\fR \fIKUORI\fR
+Käynnistettävä kuori
+.sp
+Käynnistettävä kuori valitaan seuraavasti (tärkeimmästä alkaen):
+.RS
+.TP 3
+\(bu
+Kuori, joka määritetään valitsimella \-\-shell
+.TP
+\(bu
+Mikäli valitsinta
+\fB\-\-preserve\-environment\fR
+on käytetty, kuori onka määrittää ympäristömuuttuja
+\fB$SHELL\fR.
+.TP
+\(bu
+Kuori, joka on asetettu /etc/passwd\-tietueessa kohdekäyttäjälle.
+.TP
+\(bu
+/bin/sh mikäli kuorta ei löytynyt millään edellisistä tavoista.
+.RE
+.IP
+.sp
+Mikäli kohdekäyttäjällä on rajoitettu kuori (esim. kuorikenttä käyttäjän tietueessa
+\fI/etc/passwd\fR\-tiedostossa ei löydy tiedostosta
+\fI/etc/shell\fR), niin valitsin
+\fB\-\-shell\fR
+ja ympäristömuuttuja
+\fB$SHELL\fR
+jätetään huomiotta paitsi kun komennon
+\fBsu\fR
+käynnistää pääkäyttäjä.
+.TP
+\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve\-environment\fR
+Säilytä nykyinen ympäristö.
+.sp
+Mikäli kohdekäyttäjällä on rajoitettu ympäristö, tällä valitsimella ei ole vaikutusta (ellei
+\fBsu\fR\-komentoa käynnistänyt pääkäyttäjä).
+.SH "VAROITUKSET"
+.PP
+Tällä versiolla
+\fBsu\fR\-sovelluksesta on useita käännösaikaisia valitsimia, ja niistä vain osa saattaa olla käytössä tietyissä paikoissa.
+.SH "TIEDOSTOT"
+.TP
+\fI/etc/passwd\fR
+käyttäjätunnuksien tiedot
+.TP
+\fI/etc/shadow\fR
+turvalliset käyttäjätunnuksien tiedot
+.SH "KATSO MYÖS"
+.PP
+\fBlogin\fR(1),
+\fBlogin.defs\fR(5),
+\fBsh\fR(1)
diff --git a/man/fr/Makefile.am b/man/fr/Makefile.am
new file mode 100644
index 0000000..230d212
--- /dev/null
+++ b/man/fr/Makefile.am
@@ -0,0 +1,80 @@
+
+mandir = @mandir@/fr
+
+man_MANS = \
+ man1/chage.1 \
+ man1/chfn.1 \
+ man8/chgpasswd.8 \
+ man8/chpasswd.8 \
+ man1/chsh.1 \
+ man1/expiry.1 \
+ man5/faillog.5 \
+ man8/faillog.8 \
+ man3/getspnam.3 \
+ man1/gpasswd.1 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmems.8 \
+ man8/groupmod.8 \
+ man1/groups.1 \
+ man8/grpck.8 \
+ man8/grpconv.8 \
+ man8/grpunconv.8 \
+ man5/gshadow.5 \
+ man8/lastlog.8 \
+ man1/login.1 \
+ man5/login.defs.5 \
+ man8/logoutd.8 \
+ man1/newgrp.1 \
+ man8/newusers.8 \
+ man8/nologin.8 \
+ man1/passwd.1 \
+ man5/passwd.5 \
+ man8/pwck.8 \
+ man8/pwconv.8 \
+ man8/pwunconv.8 \
+ man1/sg.1 \
+ man3/shadow.3 \
+ man5/shadow.5 \
+ man1/su.1 \
+ man5/suauth.5 \
+ man8/useradd.8 \
+ man8/userdel.8 \
+ man8/usermod.8 \
+ man8/vigr.8 \
+ man8/vipw.8
+
+man_nopam = \
+ man5/limits.5 \
+ man5/login.access.5 \
+ man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+man_subids = \
+ man1/newgidmap.1 \
+ man1/newuidmap.1 \
+ man5/subgid.5 \
+ man5/subuid.5
+
+if ENABLE_SUBIDS
+man_MANS += $(man_subids)
+endif
+
+EXTRA_DIST = \
+ $(man_MANS) \
+ man1/id.1 \
+ man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+if !ENABLE_SUBIDS
+EXTRA_DIST += $(man_subids)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/generate_mans.mak b/man/generate_mans.mak
new file mode 100644
index 0000000..a0721b8
--- /dev/null
+++ b/man/generate_mans.mak
@@ -0,0 +1,56 @@
+if USE_PAM
+PAM_COND=pam
+else
+PAM_COND=no_pam
+endif
+if SHADOWGRP
+SHADOWGRP_COND=gshadow
+else
+SHADOWGRP_COND=no_gshadow
+endif
+if WITH_TCB
+TCB_COND=tcb
+else
+TCB_COND=no_tcb
+endif
+
+if USE_SHA_CRYPT
+SHA_CRYPT_COND=sha_crypt
+else
+SHA_CRYPT_COND=no_sha_crypt
+endif
+
+if ENABLE_SUBIDS
+SUBIDS_COND=subids
+else
+SUBIDS_COND=no_subids
+endif
+
+if ENABLE_REGENERATE_MAN
+%.xml-config: %.xml
+ if grep -q SHADOW-CONFIG-HERE $<; then \
+ sed -e 's/^<!-- SHADOW-CONFIG-HERE -->/<!ENTITY % config SYSTEM "config.xml">%config;/' $< > $@; \
+ else \
+ sed -e 's/^\(<!DOCTYPE .*docbookx.dtd"\)>/\1 [<!ENTITY % config SYSTEM "config.xml">%config;]>/' $< > $@; \
+ fi
+
+man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml
+ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \
+ --param "man.authors.section.enabled" "0" \
+ --stringparam "man.output.base.dir" "" \
+ --param "man.output.in.separate.dir" "1" \
+ -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $<
+
+clean-local:
+ rm -rf man1 man3 man5 man8
+
+else
+$(man_MANS):
+ @echo you need to run configure with --enable-man to generate man pages
+endif
+
+man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8
+
+man3/getspnam.3: man3/shadow.3
+
+man8/vigr.8: man8/vipw.8
diff --git a/man/generate_translations.mak b/man/generate_translations.mak
new file mode 100644
index 0000000..7d242cc
--- /dev/null
+++ b/man/generate_translations.mak
@@ -0,0 +1,19 @@
+LANG=$(notdir $(CURDIR))
+
+if ENABLE_REGENERATE_MAN
+config.xml: ../config.xml.in
+ $(MAKE) -C .. config.xml
+ cp ../config.xml $@
+
+%.xml: ../%.xml ../po/$(LANG).po
+ xml2po --expand-all-entities -l $(LANG) -p ../po/$(LANG).po -o $@ ../$@
+ sed -i 's:\(^<refentry .*\)>:\1 lang="$(LANG)">:' $@
+
+include ../generate_mans.mak
+
+else
+$(man_MANS):
+ @echo you need to run configure with --enable-man to generate man pages
+endif
+
+CLEANFILES = .xml2po.mo $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml
diff --git a/man/gpasswd.1.xml b/man/gpasswd.1.xml
new file mode 100644
index 0000000..ebd1b41
--- /dev/null
+++ b/man/gpasswd.1.xml
@@ -0,0 +1,322 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1996 , Rafal Maszkowski
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='gpasswd.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Rafal</firstname>
+ <surname>Maszkowski</surname>
+ <contrib>Creation, 1996</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>gpasswd</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>gpasswd</refname>
+ <refpurpose>
+ <phrase condition="no_gshadow">
+ administer <filename>/etc/group</filename>
+ </phrase>
+ <phrase condition="gshadow">
+ administer <filename>/etc/group</filename> and
+ <filename>/etc/gshadow</filename>
+ </phrase>
+ </refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>gpasswd</command>
+ <arg choice='opt'>
+ <replaceable>option</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>group</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>gpasswd</command> command is used to administer
+ <filename>/etc/group</filename><phrase condition="gshadow">,
+ and <filename>/etc/gshadow</filename></phrase>.
+ Every group can have
+ <phrase condition="gshadow">administrators,</phrase>
+ members and a password.
+ </para>
+ <para condition="gshadow">
+ System administrators can use the <option>-A</option> option to define
+ group administrator(s) and the <option>-M</option> option to define
+ members. They have all rights of group administrators and members.
+ </para>
+ <para>
+ <command>gpasswd</command> called by
+ <phrase condition="gshadow">a group administrator</phrase>
+ <phrase condition="no_gshadow">a system administrator</phrase>
+ with a group name only prompts for the new password of the
+ <replaceable>group</replaceable>.
+ </para>
+ <para>
+ If a password is set the members can still use <citerefentry>
+ <refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> without a password, and non-members must supply the
+ password.
+ </para>
+
+ <refsect2 id='notes_about_group_passwords'>
+ <title>Notes about group passwords</title>
+ <para>
+ Group passwords are an inherent security problem since more than one
+ person is permitted to know the password. However, groups are a
+ useful tool for permitting co-operation between different users.
+ </para>
+ </refsect2>
+
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para condition="gshadow">
+ Except for the <option>-A</option> and <option>-M</option> options,
+ the options cannot be combined.
+ </para>
+ <para condition="no_gshadow">
+ The options cannot be combined.
+ </para>
+ <para>
+ The options which apply to the <command>gpasswd</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Add the <replaceable>user</replaceable> to the named
+ <replaceable>group</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Remove the <replaceable>user</replaceable> from the named
+ <replaceable>group</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-r</option>, <option>--remove-password</option>
+ </term>
+ <listitem>
+ <para>
+ Remove the password from the named <replaceable>group</replaceable>.
+ The group password will be empty.
+ Only group members will be allowed to use
+ <command>newgrp</command> to join the named
+ <replaceable>group</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--restrict</option>
+ </term>
+ <listitem>
+ <para>
+ Restrict the access to the named <replaceable>group</replaceable>.
+ The group password is set to "!".
+ Only group members with a password will be allowed to use
+ <command>newgrp</command> to join the named
+ <replaceable>group</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP' condition="gshadow">
+ <varlistentry>
+ <term>
+ <option>-A</option>, <option>--administrators</option>&nbsp;<replaceable>user</replaceable>,...
+ </term>
+ <listitem>
+ <para>
+ Set the list of administrative users.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</replaceable>,...
+ </term>
+ <listitem>
+ <para>
+ Set the list of group members.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ This tool only operates on the <filename>/etc/group</filename>
+ <phrase condition="gshadow"> and <filename>/etc/gshadow</filename>
+ files.</phrase>
+ <phrase condition="no_gshadow">file.</phrase>
+ Thus you cannot change any NIS or LDAP group. This must be performed
+ on the corresponding server.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &ENCRYPT_METHOD;
+ &MAX_MEMBERS_PER_GROUP;
+ &MD5_CRYPT_ENAB;
+ &SHA_CRYPT_MIN_ROUNDS; <!--This also document SHA_CRYPT_MAX_ROUNDS-->
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry><phrase condition="gshadow">,
+ <citerefentry>
+ <refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry></phrase>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/groupadd.8.xml b/man/groupadd.8.xml
new file mode 100644
index 0000000..93d8b6f
--- /dev/null
+++ b/man/groupadd.8.xml
@@ -0,0 +1,357 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 , Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY GID_MAX SYSTEM "login.defs.d/GID_MAX.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY SYS_GID_MAX SYSTEM "login.defs.d/SYS_GID_MAX.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='groupadd.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>groupadd</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>groupadd</refname>
+ <refpurpose>create a new group</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>groupadd</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>group</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>The <command>groupadd</command> command creates a new group
+ account using the values specified on the command line plus the default
+ values from the system. The new group will be entered into the system
+ files as needed.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>groupadd</command> command
+ are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-f</option>, <option>--force</option>
+ </term>
+ <listitem>
+ <para>
+ This option causes the command to simply exit with success
+ status if the specified group already exists. When used with
+ <option>-g</option>, and the specified GID already exists,
+ another (unique) GID is chosen (i.e. <option>-g</option> is
+ turned off).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</replaceable>
+ </term>
+ <listitem>
+ <para>The numerical value of the group's ID. This value must be
+ unique, unless the <option>-o</option> option is used. The value
+ must be non-negative. The default is to use the smallest ID
+ value greater than or equal to <option>GID_MIN</option> and
+ greater than every other group.
+ </para>
+ <para>
+ See also the <option>-r</option> option and the
+ <option>GID_MAX</option> description.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</replaceable>=<replaceable>VALUE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Overrides <filename>/etc/login.defs</filename> defaults
+ (GID_MIN, GID_MAX and others). Multiple
+ <option>-K</option> options can be specified.
+ </para>
+ <para>
+ Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;
+ <option>-K</option>&nbsp;<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>
+ </para>
+ <para>
+ Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>
+ doesn't work yet.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-o</option>, <option>--non-unique</option>
+ </term>
+ <listitem>
+ <para>
+ This option permits to add a group with a non-unique GID.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The encrypted password, as returned by <citerefentry>
+ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>. The default is to disable the password.
+ </para>
+ <para>
+ <emphasis role="bold">Note:</emphasis> This option is not
+ recommended because the password (or encrypted password) will
+ be visible by users listing the processes.
+ </para>
+ <para>
+ You should make sure the password respects the system's
+ password policy.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-r</option>, <option>--system</option>
+ </term>
+ <listitem>
+ <para>
+ Create a system group.
+ </para>
+ <para>
+ The numeric identifiers of new system groups are chosen in
+ the <option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option>
+ range, defined in <filename>login.defs</filename>, instead of
+ <option>GID_MIN</option>-<option>GID_MAX</option>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &GID_MAX; <!-- documents also GID_MIN -->
+ &MAX_MEMBERS_PER_GROUP;
+ &SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ Groupnames must start with a lower case letter or an underscore,
+ followed by lower case letters, digits, underscores, or dashes.
+ They can end with a dollar sign.
+ In regular expression terms: [a-z_][a-z0-9_-]*[$]?
+ </para>
+ <para>
+ Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long.
+ </para>
+ <para>
+ You may not add a NIS or LDAP group. This must be performed on the
+ corresponding server.
+ </para>
+ <para>
+ If the groupname already exists in an external group database such
+ as NIS or LDAP, <command>groupadd</command> will deny the group
+ creation request.
+ </para>
+ </refsect1>
+
+ <refsect1 id='exit_values'>
+ <title>EXIT VALUES</title>
+ <para>
+ The <command>groupadd</command> command exits with the following values:
+ <variablelist>
+ <varlistentry>
+ <term><replaceable>0</replaceable></term>
+ <listitem>
+ <para>success</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>2</replaceable></term>
+ <listitem>
+ <para>invalid command syntax</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>3</replaceable></term>
+ <listitem>
+ <para>invalid argument to option</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>4</replaceable></term>
+ <listitem>
+ <para>GID not unique (when <option>-o</option> not used)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>9</replaceable></term>
+ <listitem>
+ <para>group name not unique</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>10</replaceable></term>
+ <listitem>
+ <para>can't update group file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para><citerefentry>
+ <refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/groupdel.8.xml b/man/groupdel.8.xml
new file mode 100644
index 0000000..438e9e5
--- /dev/null
+++ b/man/groupdel.8.xml
@@ -0,0 +1,228 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='groupdel.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>groupdel</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>groupdel</refname>
+ <refpurpose>delete a group</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>groupdel</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ <arg choice='plain'><replaceable>GROUP</replaceable></arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para> The <command>groupdel</command> command modifies the system
+ account files, deleting all entries that refer to
+ <replaceable>GROUP</replaceable>. The named group must exist.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>groupdel</command> command
+ are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ You may not remove the primary group of any existing user. You
+ must remove the user before you remove the group.
+ </para>
+ <para>
+ You should manually check all file systems to ensure that no files
+ remain owned by this group.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &MAX_MEMBERS_PER_GROUP;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='exit_values'>
+ <title>EXIT VALUES</title>
+ <para>
+ The <command>groupdel</command> command exits with the following values:
+ <variablelist>
+ <varlistentry>
+ <term><replaceable>0</replaceable></term>
+ <listitem>
+ <para>success</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>2</replaceable></term>
+ <listitem>
+ <para>invalid command syntax</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>6</replaceable></term>
+ <listitem>
+ <para>specified group doesn't exist</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>8</replaceable></term>
+ <listitem>
+ <para>can't remove user's primary group</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>10</replaceable></term>
+ <listitem>
+ <para>can't update group file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/groupmems.8.xml b/man/groupmems.8.xml
new file mode 100644
index 0000000..40d0421
--- /dev/null
+++ b/man/groupmems.8.xml
@@ -0,0 +1,257 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 2000 , International Business Machines
+ George Kraft IV, gk4@us.ibm.com, 03/23/2000
+ Copyright (c) 2005 , Tomasz KÅ‚oczko
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='groupmems.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>George</firstname>
+ <surname>Kraft</surname>
+ <lineage>IV</lineage>
+ <contrib>Creation, 2000</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>groupmems</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>groupmems</refname>
+ <refpurpose>administer members of a user's primary group</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>groupmems</command>
+ <group choice='plain'>
+ <arg choice='plain'>-a <replaceable>user_name</replaceable></arg>
+ <arg choice='plain'>-d <replaceable>user_name</replaceable></arg>
+ <arg choice='opt'>-g <replaceable>group_name</replaceable></arg>
+ <arg choice='plain'>-l </arg><arg choice='plain'>-p </arg>
+ </group>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>groupmems</command> command allows a user to administer
+ his/her own group membership list without the requirement of
+ superuser privileges. The <command>groupmems</command> utility is for
+ systems that configure its users to be in their own name sake primary
+ group (i.e., guest / guest).
+ </para>
+
+ <para>Only the superuser, as administrator, can use
+ <command>groupmems</command> to alter the memberships of other groups.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>groupmems</command> command
+ are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</replaceable></term>
+ <listitem>
+ <para>Add a user to the group membership list.</para>
+ <para condition="gshadow">
+ If the <filename>/etc/gshadow</filename> file exist, and the
+ group has no entry in the <filename>/etc/gshadow</filename>
+ file, a new entry will be created.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</replaceable></term>
+ <listitem>
+ <para>Delete a user from the group membership list.</para>
+ <para condition="gshadow">
+ If the <filename>/etc/gshadow</filename> file exist, the user
+ will be removed from the list of members and administrators of
+ the group.
+ </para>
+ <para condition="gshadow">
+ If the <filename>/etc/gshadow</filename> file exist, and the
+ group has no entry in the <filename>/etc/gshadow</filename>
+ file, a new entry will be created.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</replaceable></term>
+ <listitem>
+ <para>The superuser can specify which group membership
+ list to modify.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-l</option>, <option>--list</option></term>
+ <listitem>
+ <para>List the group membership list.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-p</option>, <option>--purge</option></term>
+ <listitem>
+ <para>Purge all users from the group membership list.</para>
+ <para condition="gshadow">
+ If the <filename>/etc/gshadow</filename> file exist, and the
+ group has no entry in the <filename>/etc/gshadow</filename>
+ file, a new entry will be created.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='setup'>
+ <title>SETUP</title>
+ <para>
+ The <command>groupmems</command> executable should be in mode
+ <literal>2770</literal> as user <emphasis>root</emphasis> and in group
+ <emphasis>groups</emphasis>. The system administrator can add users to
+ group <emphasis>groups</emphasis> to allow or disallow them using the
+ <command>groupmems</command> utility to manage their own group
+ membership list.
+ </para>
+
+ <programlisting>
+ $ groupadd -r groups
+ $ chmod 2770 groupmems
+ $ chown root.groups groupmems
+ $ groupmems -g groups -a gk4
+ </programlisting>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &MAX_MEMBERS_PER_GROUP;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>secure group account information</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/groupmod.8.xml b/man/groupmod.8.xml
new file mode 100644
index 0000000..4666625
--- /dev/null
+++ b/man/groupmod.8.xml
@@ -0,0 +1,320 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 , Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='groupmod.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>groupmod</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>groupmod</refname>
+ <refpurpose>modify a group definition on the system</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>groupmod</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ <arg choice='plain'><replaceable>GROUP</replaceable></arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>groupmod</command> command modifies the definition of the
+ specified <replaceable>GROUP</replaceable> by modifying the appropriate
+ entry in the group database.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>groupmod</command> command
+ are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The group ID of the given <replaceable>GROUP</replaceable> will
+ be changed to <replaceable>GID</replaceable>.
+ </para>
+ <para>
+ The value of
+ <replaceable>GID</replaceable> must be a non-negative decimal
+ integer. This value must be unique, unless the
+ <option>-o</option> option is used.
+ </para>
+ <para>
+ Users who use the group as primary group will be updated to
+ keep the group as their primary group.
+ </para>
+ <para>
+ Any files that have the
+ old group ID and must continue to belong to
+ <replaceable>GROUP</replaceable>, must have their group ID
+ changed manually.
+ </para>
+ <para>
+ No checks will be performed with regard to the
+ <option>GID_MIN</option>, <option>GID_MAX</option>,
+ <option>SYS_GID_MIN</option>, or <option>SYS_GID_MAX</option>
+ from <filename>/etc/login.defs</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-n</option>, <option>--new-name</option>&nbsp;<replaceable>NEW_GROUP</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The name of the group will be changed from <replaceable>GROUP</replaceable>
+ to <replaceable>NEW_GROUP</replaceable> name.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-o</option>, <option>--non-unique</option>
+ </term>
+ <listitem>
+ <para>
+ When used with the <option>-g</option> option, allow to change the
+ group <replaceable>GID</replaceable> to a non-unique value.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The encrypted password, as returned by <citerefentry>
+ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ <para>
+ <emphasis role="bold">Note:</emphasis> This option is not
+ recommended because the password (or encrypted password) will
+ be visible by users listing the processes.
+ </para>
+ <para>
+ You should make sure the password respects the system's
+ password policy.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &MAX_MEMBERS_PER_GROUP;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='exit_values'>
+ <title>EXIT VALUES</title>
+ <para>
+ The <command>groupmod</command> command exits with the following values:
+ <variablelist>
+ <varlistentry>
+ <term><replaceable>0</replaceable></term>
+ <listitem>
+ <para>success</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>2</replaceable></term>
+ <listitem>
+ <para>invalid command syntax</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>3</replaceable></term>
+ <listitem>
+ <para>invalid argument to option</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>4</replaceable></term>
+ <listitem>
+ <para>specified group doesn't exist</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>6</replaceable></term>
+ <listitem>
+ <para>specified group doesn't exist</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>9</replaceable></term>
+ <listitem>
+ <para>group name already in use</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>10</replaceable></term>
+ <listitem>
+ <para>can't update group file</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/groups.1.xml b/man/groups.1.xml
new file mode 100644
index 0000000..02e5432
--- /dev/null
+++ b/man/groups.1.xml
@@ -0,0 +1,128 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='groups.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>groups</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>groups</refname>
+ <refpurpose>display current group names</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>groups</command>
+ <arg choice='opt'>
+ <replaceable>user</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>groups</command> command displays the current group names
+ or ID values. If the value does not have a corresponding entry in
+ <filename>/etc/group</filename>, the value will be displayed as the
+ numerical group value. The optional <emphasis
+ remap='I'>user</emphasis> parameter will display the groups for the
+ named <emphasis remap='I'>user</emphasis>.
+ </para>
+ </refsect1>
+
+ <refsect1 id='note'>
+ <title>NOTE</title>
+ <para>
+ Systems which do not support concurrent group sets will have the
+ information from <filename>/etc/group</filename> reported. The user
+ must use <command>newgrp</command> or <command>sg</command> to change
+ his current real and effective group ID.
+ </para>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>getgid</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>getgroups</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>getuid</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/grpck.8.xml b/man/grpck.8.xml
new file mode 100644
index 0000000..77c4bd8
--- /dev/null
+++ b/man/grpck.8.xml
@@ -0,0 +1,314 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1992 - 1993, Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='grpck.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1992</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>grpck</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>grpck</refname>
+ <refpurpose>verify integrity of group files</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>grpck</command>
+ <arg choice='opt'>options</arg>
+ <arg choice='opt'>
+ <arg choice='plain'><replaceable>group</replaceable></arg>
+ <arg choice='opt' condition="gshadow">
+ <arg choice='plain'><replaceable>shadow</replaceable></arg>
+ </arg>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>grpck</command> command verifies the integrity of the
+ groups information. It checks that all entries in
+ <filename>/etc/group</filename> <phrase condition="gshadow">and
+ <filename>/etc/gshadow</filename></phrase>
+ have the proper format and contain valid data.
+ The user is prompted to delete entries that are
+ improperly formatted or which have other uncorrectable errors.
+ </para>
+
+ <para>Checks are made to verify that each entry has:</para>
+
+ <itemizedlist mark='bullet'>
+ <listitem>
+ <para>the correct number of fields</para>
+ </listitem>
+ <listitem>
+ <para>a unique and valid group name</para>
+ </listitem>
+ <listitem>
+ <para>
+ a valid group identifier
+ <phrase condition="gshadow"> (<filename>/etc/group</filename>
+ only)</phrase>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ a valid list of members
+ <phrase condition="gshadow"> and administrators</phrase>
+ </para>
+ </listitem>
+ <listitem condition="gshadow">
+ <para>
+ a corresponding entry in the <filename>/etc/gshadow</filename>
+ file (respectively <filename>/etc/group</filename> for the
+ <filename>gshadow</filename> checks)
+ </para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
+ The checks for correct number of fields and unique group name are
+ fatal. If an entry has the wrong number of fields, the user will be
+ prompted to delete the entire line. If the user does not answer
+ affirmatively, all further checks are bypassed. An entry with a
+ duplicated group name is prompted for deletion, but the remaining
+ checks will still be made. All other errors are warnings and the user
+ is encouraged to run the <command>groupmod</command> command to
+ correct the error.
+ </para>
+
+ <para>
+ The commands which operate on the <filename>/etc/group</filename>
+ <phrase condition="no_gshadow">file</phrase><phrase
+ condition="gshadow">and <filename>/etc/gshadow</filename> files</phrase>
+ are not able to alter corrupted or duplicated entries.
+ <command>grpck</command> should be used in those circumstances to
+ remove the offending entries.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The <option>-r</option> and <option>-s</option> options cannot be
+ combined.
+ </para>
+ <para>
+ The options which apply to the <command>grpck</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-r</option>, <option>--read-only</option></term>
+ <listitem>
+ <para>
+ Execute the <command>grpck</command> command in read-only mode.
+ This causes all questions regarding changes to be answered
+ <emphasis>no</emphasis> without user intervention.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-s</option>, <option>--sort</option></term>
+ <listitem>
+ <para>
+ Sort entries in <filename>/etc/group</filename>
+ <phrase condition="gshadow">and
+ <filename>/etc/gshadow</filename></phrase>
+ by GID.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ By default, <command>grpck</command> operates on
+ <filename>/etc/group</filename> <phrase condition="gshadow">and
+ <filename>/etc/gshadow</filename></phrase>.
+ The user may select alternate files with the <emphasis
+ remap='I'>group</emphasis>
+ <phrase condition="no_gshadow">parameter.</phrase>
+ <phrase condition="gshadow">and <emphasis remap='I'>shadow</emphasis>
+ parameters.</phrase>
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &MAX_MEMBERS_PER_GROUP;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='exit_values'>
+ <title>EXIT VALUES</title>
+ <para>
+ The <command>grpck</command> command exits with the following values:
+ <variablelist>
+ <varlistentry>
+ <term><replaceable>0</replaceable></term>
+ <listitem>
+ <para>success</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>1</replaceable></term>
+ <listitem>
+ <para>invalid command syntax</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>2</replaceable></term>
+ <listitem>
+ <para>one or more bad group entries</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>3</replaceable></term>
+ <listitem>
+ <para>can't open group files</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>4</replaceable></term>
+ <listitem>
+ <para>can't lock group files</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>5</replaceable></term>
+ <listitem>
+ <para>can't update group files</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <phrase condition="gshadow">
+ <citerefentry>
+ <refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>,
+ </citerefentry>,
+ </phrase>
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/gshadow.5.xml b/man/gshadow.5.xml
new file mode 100644
index 0000000..6bc1ed9
--- /dev/null
+++ b/man/gshadow.5.xml
@@ -0,0 +1,193 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 2005 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='gshadow.5'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>Creation, 2005</contrib>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>gshadow</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>gshadow</refname>
+ <refpurpose>shadowed group file</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ <filename>/etc/gshadow</filename> contains the shadowed information
+ for group accounts.
+ </para>
+
+ <para>
+ This file must not be readable by regular users if password security
+ is to be maintained.
+ </para>
+
+ <para>
+ Each line of this file contains the following colon-separated
+ fields:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term><emphasis role="bold">group name</emphasis></term>
+ <listitem>
+ <para>
+ It must be a valid group name, which exist on the system.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis role="bold">encrypted password</emphasis></term>
+ <listitem>
+ <para>
+ Refer to <citerefentry><refentrytitle>crypt</refentrytitle>
+ <manvolnum>3</manvolnum></citerefentry> for details on how
+ this string is interpreted.
+ </para>
+ <para>
+ If the password field contains some string that is not a valid
+ result of <citerefentry><refentrytitle>crypt</refentrytitle>
+ <manvolnum>3</manvolnum></citerefentry>, for instance ! or *,
+ users will not be able to use a unix password to access the
+ group (but group members do not need the password).
+ </para>
+ <para>
+ The password is used when a user who is not a member of the
+ group wants to gain the permissions of this group (see
+ <citerefentry><refentrytitle>newgrp</refentrytitle>
+ <manvolnum>1</manvolnum></citerefentry>).
+ </para>
+ <para>
+ This field may be empty, in which case only the group members
+ can gain the group permissions.
+ </para>
+ <para>
+ A password field which starts with an exclamation mark means
+ that the password is locked. The remaining characters on the
+ line represent the password field before the password was
+ locked.
+ </para>
+ <para>
+ This password supersedes any password specified in
+ <filename>/etc/group</filename>.
+ </para>
+
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis role="bold">administrators</emphasis></term>
+ <listitem>
+ <para>
+ It must be a comma-separated list of user names.
+ </para>
+ <para>
+ Administrators can change the password or the members of the
+ group.
+ </para>
+ <para>
+ Administrators also have the same permissions as the members
+ (see below).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis role="bold">members</emphasis></term>
+ <listitem>
+ <para>
+ It must be a comma-separated list of user names.
+ </para>
+ <para>
+ Members can access the group without being prompted for a
+ password.
+ </para>
+ <para>
+ You should use the same list of users as in
+ <filename>/etc/group</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>gpasswd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>grpconv</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/hu/Makefile.am b/man/hu/Makefile.am
new file mode 100644
index 0000000..e659aef
--- /dev/null
+++ b/man/hu/Makefile.am
@@ -0,0 +1,17 @@
+
+mandir = @mandir@/hu
+
+man_MANS = \
+ man1/chsh.1 \
+ man1/gpasswd.1 \
+ man1/groups.1 \
+ man8/lastlog.8 \
+ man1/login.1 \
+ man1/newgrp.1 \
+ man1/passwd.1 \
+ man5/passwd.5 \
+ man1/sg.1 \
+ man1/su.1
+
+EXTRA_DIST = $(man_MANS)
+
diff --git a/man/hu/man1/chfn.1 b/man/hu/man1/chfn.1
new file mode 100644
index 0000000..44826aa
--- /dev/null
+++ b/man/hu/man1/chfn.1
@@ -0,0 +1,75 @@
+.\"
+.\" chfn.1 \-\- change your finger information
+.\" (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\" this program is free software. you can redistribute it and
+.\" modify it under the terms of the gnu general public license.
+.\" there is no warranty.
+.\"
+.\" $Author: kloczek $
+.\" $Revision: 1.4 $
+.\" $Date: 2005/12/01 20:38:25 $
+.\"
+.TH CHFN 1 "October 13 1994" "chfn" "Linux Reference Manual"
+.SH NÉV
+chfn \- finger információk módosítása
+.SH VÃZLAT
+.B chfn
+[\ \-f\ teljes név\ ] [\ \-o\ iroda\ ] [\ \-p\ irodai telefon\ ]
+[\ \-h\ otthoni telefon\ ] [\ \-u\ ] [\ \-v\ ] [\ felhasználó\ ]
+.SH LEÃRÃS
+A
+.B chfn
+segítségével megváltoztathatók a finger információk. Ezeket a
+.I /etc/passwd
+fájl tartalmazza, és a
+.B finger
+programmal jeleníthetőek meg. A linuxos
+.B finger
+négy adatot ír ki: valódi (polgári) nevet, munkahelyi
+szoba\- és telefonszámot és otthoni telefonszámot.
+.SS PARANCSSOR
+A négy érték bármelyike megadható parancssorból. Ha paraméterek nélkül
+indítjuk, a
+.B chfn
+interaktív módba lép.
+.SS INTERAKTÃV MÓD
+Ilyenkor a
+.B chfn
+minden mezőt billentyűzetről kér be. A promptnál az új értékeket kell
+megadni. Az adatok az Enter lenyomásával változatlanul hagyhatók, a "none" szó
+beírásával a mező tartalma kiürül.
+.SH OPCIÓK
+.TP
+.I "\-f, \-\-full\-name"
+Teljes valódi név megadása.
+.TP
+.I "\-h, \-\-home\-phone"
+Otthoni telefonszám.
+.TP
+.I "\-o, \-\-office"
+Az irodai szobaszám módosítása.
+.TP
+.I "\-p, \-\-office\-phone"
+Irodai telefonszám megadása.
+.TP
+.I "\-u, \-\-help"
+Segítség kiíratása.
+.TP
+.I "\-v, \-\-version"
+Verzióinformáció megjelenítése.
+.SH LÃSD MÉG
+.BR finger (1),
+.BR passwd (5)
+.SH SZERZÅ
+Salvatore Valente <svalente@mit.edu>
+.SH MEGJEGYZÉS
+Ford. megj.: A hosszú, valamint az \-u és \-v paraméterek a
+.B chfn
+Julianne
+Frances Haugh által írt változatában nem érvényesek (pl. SuSE).
+Az irodai telefon itt a \-w, a szobaszám az \-r opcióval adható meg.
+Az \-o egy nem definiált tartalmú mezőt tölt ki; ezt egyébként csak a root
+módosíthatja.
+.SH MAGYAR FORDÃTÃS
+Gál Gyuri <gyuri@lamer.hu>
diff --git a/man/hu/man1/chsh.1 b/man/hu/man1/chsh.1
new file mode 100644
index 0000000..b4b1b4d
--- /dev/null
+++ b/man/hu/man1/chsh.1
@@ -0,0 +1,65 @@
+.\" Copyright 1990, John F. Haugh II
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\" must display the following acknowledgement:
+.\" This product includes software developed by John F. Haugh, II
+.\" and other contributors.
+.\" 4. Neither the name of John F. Haugh, II nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JOHN HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JOHN HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $Id$
+.\"
+.TH CHSH 1
+.SH NÉV
+chsh \- bejelentkezési parancsértelmező (héj) állítása
+.SH ÃTTEKINTÉS
+.TP 5
+\fBchsh\fR
+[\fB\-s\fR \fIhéjprogram\fR] [\fIfelhasználó\fR]
+.SH LEÃRÃS
+A \fBchsh\fR parancs a felhasználó bejelentkezési parancsértelmezőjét változtatja meg.
+Normál felhasználó csak a saját parancsértelmezőjét állíthatja, a
+rendszergazda bárkiét.
+.PP
+A héjprogrammal (shell) szemben támasztott követelmény, hogy szerepeljen
+a \fI/etc/shells\fR fájlban, kivéve ha a rendszergazdáé mert
+neki minden beállítás elfogadott.
+Korlátozott parancsértelmezőt nem lehet másikra átállítani.
+Ezért nem tanácsos a \fB/bin/rsh\fR\-nak a \fI/etc/shells\fR\-ben
+való felsorolása, mert ha a felhasználó átvált erre a héj\-ra
+nem válthat másikra.
+.PP
+A \fB\-s\fR opció nélkül a \fBchsh\fR interaktív módon
+működik. Be kell írni az új értéket, vagy üresen hagyni a sort, hogy
+az éppen aktuális beállítás maradjon, ami \fB[ ]\fR jelek között látható.
+.SH FÃJLOK
+\fI/etc/passwd\fR \- felhaszálói nyilvántartás
+.br
+\fI/etc/shells\fR \- engedélyezett parancsértelmezők listája
+.SH LÃSD MÉG
+.BR chfn (1),
+.BR passwd (5)
+.SH MAGYAR FORDÃTÃS
+Székely Krisztián <szekelyk@edasz.hu>
diff --git a/man/hu/man1/gpasswd.1 b/man/hu/man1/gpasswd.1
new file mode 100644
index 0000000..b62cf1e
--- /dev/null
+++ b/man/hu/man1/gpasswd.1
@@ -0,0 +1,81 @@
+.\" Copyright 1996, Rafal Maszkowski, rzm@pdi.net
+.\" All rights reserved. You can redistribute this man page and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of the
+.\" License, or (at your option) any later version.
+.\"
+.\" $Id$
+.\"
+.TH GPASSWD 1
+.SH NÉV
+gpasswd \- az /etc/group fájlt adminisztrálja
+.br
+.SH ÃTTEKINTÉS
+.B gpasswd \fIcsoport\fR
+.br
+.B gpasswd
+.B \-a
+\fIfelhasználó\fR \fIcsoport\fR
+.br
+.B gpasswd
+.B \-d
+\fIfelhasználó\fR \fIcsoport\fR
+.br
+.B gpasswd
+.B \-R
+\fIcsoport\fR
+.br
+.B gpasswd
+.B \-r
+\fIcsoport\fR
+.br
+.B gpasswd
+.RB [ \-A
+\fIfelhasználó\fR,...]
+.RB [ \-M
+\fIfelhasználó\fR,...]
+\fIcsoport\fR
+.br
+.SH LEÃRÃS
+A
+.B gpasswd
+program segítségével adminisztrálhatjuk az /etc/group fájlt
+illetve az /etc/gshadow fájlt amennyiben a SHADOWGPR definiálva
+volt a fordítás alatt. Minden csoportban lehetnek adminisztrátorok,
+tagok és egy jelszó. A rendszeradminisztrátor a \fB\-A\fR opció
+segítségével definiálhat csoportadminisztrátor(oka)t és a \fB\-M\fR
+opcióval tagokat. A rendszeradminisztátor minden joggal rendelkezik,
+amellyel a csoportadminisztrátor és a csoport tagjai.
+.PP
+A csoportadminisztrátor a \fB\-a\fR kapcsolóval hozhat létre
+felhasználókat, és a \fB\-d\fR opcióval törölheti őket. Az
+adminisztrátorok a \fB\-r\fR opcióval törölhetik a csoport
+jelszavát. Ha nincs jelszó beállítva, akkor csak a csoport
+tagjai használhatják a
+.BR newgrp (1)
+parancsot a csatlakozáshoz. A \fB\-R\fR opció
+meggátolja a csoport elérését a
+.BR newgrp (1)
+parancson keresztül.
+.PP
+Ha
+.B gpasswd
+parancsot a csoportadminisztrátor adja ki a csoport nevével,
+akkor csak a jelszót kell beírnia. Ha van jelszó, akkor a tagok
+be tudnak lépni a
+.BR newgrp (1)
+paranccsal jelszó nélkül is, csak a csoporton kívüli felhasználóknak
+kell megadniuk a jelszót.
+
+.SH FÃJLOK
+\fI/etc/group\fR \- információ a csoportról
+.br
+\fI/etc/gshadow\fR \- információ a shadow csoportról
+.SH LÃSD MÉG
+.BR newgrp (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR grpck (8)
+.SH MAGYAR FORDÃTÃS
+Tímár András <timar_a@freemail.hu>
diff --git a/man/hu/man1/groups.1 b/man/hu/man1/groups.1
new file mode 100644
index 0000000..9b87e51
--- /dev/null
+++ b/man/hu/man1/groups.1
@@ -0,0 +1,59 @@
+.\" Copyright 1991 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $Id$
+.\"
+.TH GROUPS 1
+.SH NÉV
+groups \- kiírja a jelenlegi csoportazonosító neveket
+.SH ÃTTEKINTÉS
+.B groups
+.RI [ felhasználó ]
+.SH LEÃRÃS
+A
+.B groups
+parancs kiírja a jelenlegi csoportazonosító neveket vagy számértékeket. Ha
+nincs az értéknek megfelelő bejegyzés a \fI/etc/group\fR fájlban, akkor a
+csoport azonosító számát írja ki. Az opcionális \fIfelhasználó\fR paraméter
+esetén azokat a csoportokat írja ki, amelyekbe a megadott \fIfelhasználó\fR
+tartozik.
+.SH MEGJEGYZÉS
+Azok a rendszerek, amelyek nem támogatják a konkurrens csoportbeállításokat,
+a kiírt információkat a \fI/etc/group\fR fájlból gyűjtik. A felhasználónak
+muszáj a \fBnewgrp\fR vagy a \fBsg\fR parancsot használniuk, hogy
+megváltoztassák a jelenlegi valódi és effektív csoportazonosítójukat.
+.SH FÃJLOK
+\fI/etc/group\fR \- információ a csoportokról
+.SH LÃSD MÉG
+.BR newgrp (1),
+.BR getgid (2),
+.BR getgroups (2),
+.BR getuid (2)
+.SH AUTHOR
+Julianne Frances Haugh (jfh@tab.com)
+.SH MAGYAR FORDÃTÃS
+ifj. Dyekiss Emil <emil2@cds.hu>
diff --git a/man/hu/man1/id.1 b/man/hu/man1/id.1
new file mode 100644
index 0000000..cae75b7
--- /dev/null
+++ b/man/hu/man1/id.1
@@ -0,0 +1,63 @@
+.TH ID 1 "GNU Shell Utilities" "FSF" \" \-*\- nroff \-*\-
+.SH NÉV
+id \- kiírja a valóságos és effektív UID\-eket és GID\-eket
+.SH ÃTTEKINTÉS
+.B id
+[\-gnruG] [\-\-group] [\-\-name] [\-\-real] [\-\-user] [\-\-groups]
+[\-\-help] [\-\-version] [username]
+.SH LEÃRÃS
+Ezt a dokumentációt a továbbiakban nem tartjuk karban, így
+pontatlan vagy hiányos lehet. A Texinfo dokumentáció a hiteles forrás.
+.PP
+Ez a kézikönyv lap az
+.BR id
+GNU változatát írja le. Az
+.B id
+információt szolgáltat az adott felhasználóról, vagy arról aki a
+programot futtatja, ha felhasználó nincs megadva.
+Alapértelmezésben a valódi felhasználói ID\-t írja ki,
+a valódi csoport ID\-t, az effektív felhasználói ID\-t, ha az különbözik a
+valódi felhasználói ID\-től, az effektív csoport ID\-t, ha az különbözik a
+valódi csoport ID\-től, és a kiegészítő csoportok ID\-it.
+A parancs ezeket a paramétereket egy sorban, egymás után
+irja ki, zárójelben megadva a felhasználó, illetve a csoport nevét.
+.PP
+Az alábbi opciókkal az
+.B id
+képes a fenti információk egy részének a megjelenítésére is.
+.SS OPCIÓK
+.TP
+.I "\-g, \-\-group"
+Csak a csoport ID\-jét írja ki.
+.TP
+.I "\-G, \-\-groups"
+Csak a kiegészítő csoportok ID\-it írja ki.
+.TP
+.I "\-\-help"
+Használati útmutatót ír a standard kimenetre és kilép.
+.TP
+.I "\-n, \-\-name"
+A nevet jeleníti meg az ID helyet.
+Szükséges az
+.IR \-u ,
+.IR \-g ,
+vagy
+.IR \-G
+paraméter.
+.TP
+.I "\-r, \-\-real"
+A valódi felhasználói vagy csoport ID\-t jeleníti meg az effektív helyett.
+Szükséges
+.IR \-u ,
+.IR \-g ,
+vagy
+.IR \-G
+paraméter.
+.TP
+.I "\-u, \-\-user"
+Csak a felhasználó ID\-jét jeleníti meg.
+.TP
+.I "\-\-version"
+A program verziójáról ír ki információt a standard kimenetre és kilép.
+.SH MAGYAR FORDÃTÃS
+Ãmon Tamás <sajt@erba.hu>
diff --git a/man/hu/man1/login.1 b/man/hu/man1/login.1
new file mode 100644
index 0000000..f84ea82
--- /dev/null
+++ b/man/hu/man1/login.1
@@ -0,0 +1,123 @@
+.\" Copyright 1989 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $Id$
+.\"
+.TH LOGIN 1
+.SH NÉV
+login \- Új kapcsolat felvétele a rendszerrel (bejelentkezés)
+.SH ÃTTEKINTÉS
+.B login
+.RI [ felhasználónév " [" környezeti változók ]]
+.SH LEÃRÃS
+A
+.B login
+programot a rendszerbe való belépésre használjuk. Ãltalában nem
+közvetlenül használjuk, hanem automatikusan meghívásra kerül, amikor a
+.I login:
+promptra válaszként beírjuk a felhasználónevünket.
+A
+.B login
+a shell szempontjából különleges kezelésű lehet és előfordulhat, hogy
+nem hívható meg alfolyamatként. Tipikus példa erre, amikor a
+.B login
+parancsot a shell \fBexec login\fR \-ként értelmezi, tehát az új
+bejelentkezés előtt az aktuálisból való kilépésre készteti a
+felhasználót.
+Ha nem login shellből próbáljuk meg a \fBlogin\fR parancsot végrehajtani,
+hibaüzenetet kapunk.
+.PP
+Ezután a jelszavunkat kell megadnunk. A beírt karakterek nem jelennek meg
+a képernyőn, megelőzvén a 'leskelődést'. Ha többször hibás jelszót adunk
+meg, a \fBlogin\fR kilép, és a kapcsolat megszakad.
+.PP
+Ha a jelszavunk érvényességi ideje korlátozott, a rendszer továbblépés
+előtt felszólíthat a jelszó megváltoztatására. Ez azt jelenti, hogy a
+jelszavunk lejárt, nem érvényes, vagy hamarosan le fog járni. A régi
+jelszavunkat is esetleg meg kell adni ellenőrzésképpen, majd az általunk
+választott új jelszót. A témában lásd: \fBpasswd \fR(1)
+.PP
+Sikeres bejelentkezés után néhány rendszerüzenetet kapunk, és a postaládánk
+állapotáról némi visszajelszést. A rendszerüzenetfájl (\fI/etc/motd\fR)
+kiíratását letilthatjuk egy 0 byte hosszúságú \fI.hushlogin\fR file
+létrehozásával a login könyvtárunkban. A posta állapotától függően a
+következő üzenetek valamelyikét kapjuk: "\fBYou have new mail.\fR" (Új
+levél van), "\fBYou have mail.\fR" (Levél van), vagy "\fBNo Mail.\fR"
+(Nincs levél).
+.PP
+A felhasználói\- (UID) és a csoportazonosítónk (GID) beállításra kerül az
+\fI/etc/passwd\fR alapján. A \fB$HOME\fR, \fB$SHELL\fR,
+\fB$PATH\fR, \fB$LOGNAME\fR és a \fB$MAIL\fR környezeti változók
+beállításra kerülnek a passwd adatbázis megfelelő mezői alapján.
+Az ulimit, umask és a nice is értéket kaphat a GECOS mező tartalma
+alapján.
+.PP
+Néhány rendszeren a \fB$TERM\fR változó is értéket kap, miként az a
+\fI/etc/ttytype\fR\-ban meg van írva.
+.PP
+Végrehajtódhat a parancsértelmezőnk inicializációs scriptje is. Ez ügyben
+lásd a megfelelő kézikönyv\-oldalt.
+.SH FIGYELMEZTETÉSEK
+.PP
+A \fBlogin\fR ezen verziója sok fordítási opcióval rendelkezik, bár csak
+néhány közülük az, ami használatban lehet egyes speciális gépeken.
+
+.PP
+A fájlok elhelyezkedése a rendszerkonfigurációk különbözőségéből adódóan
+változhat.
+.SH FÃJLOK
+\fI/var/run/utmp\fR \- az aktuális bejelentkezések listája
+.br
+\fI/var/log/wtmp\fR \- az előző (eddigi) bejelentkezések listája
+.br
+\fI/etc/passwd\fR \- felhasználói account\-okra vonatkozó információk
+.br
+\fI/etc/shadow\fR \- titkosított jelszavak és érvényességi idő\-információk
+.br
+\fI/etc/motd\fR \- rendszerüzenet file
+.br
+\fI/etc/nologin\fR \- nem\-root felhasználók belépésének tiltása
+.br
+\fI/etc/ttytype\fR \- termináltípusok listája
+.br
+.br
+\fI$HOME/.hushlogin\fR \- korlátozza a rendszerüzenetek megjelenítését
+.br
+.SH LÃSD MÉG
+.PP
+.BR getty (8),
+.BR mail (1),
+.BR passwd (1),
+.BR sh (1),
+.BR su (1),
+.\" .BR d_passwd (5),
+.BR passwd (5),
+.BR nologin (5)
+.SH SZERZÅ
+Julianne Frances Haugh (jfh@bga.com)
+.SH MAGYAR FORDÃTÃS
+Niedermayer Miklós <mico@musician.org>
diff --git a/man/hu/man1/newgrp.1 b/man/hu/man1/newgrp.1
new file mode 100644
index 0000000..714f187
--- /dev/null
+++ b/man/hu/man1/newgrp.1
@@ -0,0 +1,89 @@
+.\" Copyright 1991, Julianne Frances Haugh
+.\" Hungarian translation by Peter Mamuzsics <zumu@mentha.hu>
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $Id$
+.\"
+.TH NEWGRP 1
+.SH NÉV
+newgrp \- Csoportazonosító módosítása
+.br
+sg \- Parancs végrehajtása más csoportazonoító alatt
+.SH ÃTTEKINTÉS
+.BR newgrp " [" \- ]
+[\fIgroup\fR]
+.br
+.BR sg " [" \- ]
+[\fIgroup\fR [\fB\-c\fR \fIcommand\fR]]
+.SH LEÃRÃS
+A
+.B newgrp
+parancs a jelenlegi bejelentkezéshez tartozó csoportazonosító
+módosítására használható. Ha a parancsot az elhagyható \fB\-\fR
+kapcsolóval hívtuk meg, akkor a rendszer úgy inicializálja újra
+a felhasználói környezetet, ahogy az a bejelelentkezés során
+megtörténik, ellenkező esetben a jelenlegi környezet \- beleértve
+az aktuális munkakönyvtárat is \- változatlan marad.
+.PP
+A
+.B newgrp
+parancs lecseréli az aktuális csoportazonosítót a megnevezett
+vagy \- ha nincs megadva \- az \fI/etc/passwd\fR fájlban megadott
+alapértelmezett csoportra. Ha a felhasználó nem rendelkezik jelszóval,
+de a csoport igen, vagy a felhasználó nem tagja a csoportnak,
+de a csoport rendelkezik jelszóval, akkor a rendszer bekéri a csoport
+jelszavát.
+Amennyiben a csoportnak nincs jelszava, és a felhasználó nem tagja a
+csoportnak, akkor a hozzáférés nem lehetséges.
+.PP
+Az
+.B sg
+parancs működése hasonló a \fBnewgrp\fR parancs működéséhez,
+de ez nem cseréli le a felhasználó parancsértelmezőjét, így
+amikor kilépünk az \fBsg\fR parancsból, visszakapjuk az
+eredeti csoportazonosítót.
+Az
+.B sg
+parancsnak egy másik, aposztrófok közé zárt parancsot is meg lehet
+adni, amely a \fB/bin/sh\fR parancsértelmezővel kerül végrehajtásra.
+.SH HIBÃK
+A \fBnewgrp\fR többféle fordítási beállítással rendelkezik,
+amelyeknek egy adott felhasználási környezetben csak egy részére
+lehet szükség.
+.SH FÃJLOK
+\fI/etc/passwd\fR \- felhasználói információk
+.br
+\fI/etc/group\fR \- csoportinfomációk
+.SH LÃSD MÉG
+.BR id (1),
+.BR login (1),
+.BR su (1)
+.SH SZERZÅ
+Julianne Frances Haugh (jfh@bga.com)
+.br
+.SH MAGYAR FORDÃTÃS
+Mamuzsics Péter <zumu@mentha.hu>
diff --git a/man/hu/man1/passwd.1 b/man/hu/man1/passwd.1
new file mode 100644
index 0000000..dab98dd
--- /dev/null
+++ b/man/hu/man1/passwd.1
@@ -0,0 +1,164 @@
+.\" Copyright 1989 \- 1994, John F. Haugh II
+.\" All rights reserved.
+.\"
+.\" Redistribution is allowed, provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\" must display the following acknowledgement:
+.\" This product includes software developed by John F. Haugh, II
+.\" and other contributors.
+.\" 4. Neither the name of John F. Haugh, II nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JOHN HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JOHN HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $Id$
+.\"
+.TH PASSWD 1 "" \" \-*\- nroff \-*\-
+.SH NÉV
+passwd \- Felhasználói jelszó megváltoztatása
+.SH ÃTTEKINTÉS
+\fBpasswd\fR [\fB\-f\fR|\fB\-s\fR] [\fInév\fR]
+.br
+\fBpasswd\fR [\fB\-g\fR] [\fB\-r\fR|\fB\-R\fR] \fIcsoport\fR
+.br
+\fBpasswd\fR [\fB\-x\fR \fImax\fR] [\fB\-n\fR \fImin\fR]
+[\fB\-w\fR \fIfigy\fR] [\fB\-i\fR \fIinakt\fR] \fInév\fR
+.br
+\fBpasswd\fR {\fB\-l\fR|\fB\-u\fR|\fB\-d\fR|\fB\-S\fR} \fInév\fR
+.SH LEÃRÃS
+A \fBpasswd\fR a felhasználók és a csoportok megváltoztatását végzi.
+A felhasználók csak a saját jelszavukat változtathatják meg, a rendszergazda
+bárkiét. A csoportok jelszavát az adott csoport adminisztrátora
+változtathatja meg.
+A \fBpasswd\fR ezen kívül használható a felhasználói adatok, mint pl. az
+igazi név, a login shell, vagy a jelszavak "szavatossági idejének"
+megváltoztatására is.
+.SS Jelszóváltozások
+A felhasználónak először a régi jelszavát kell beírnia, ha már volt neki.
+Ezután ennek a jelszónak a kódolt változatát összehasonlítja a tárolt
+jelszóval. A megfelelő jelszó beírására a felhasználónak csak egy lehetősége
+van.
+A rendszergazda átugorhatja ezt a lépést, így az elfelejtett jelszavak is
+megváltoztathatóak.
+.PP
+Miután a felhasználó beírta a jelszavát, a \fBpasswd\fR megvizsgálja, hogyan
+rendelkezett a rendszergazda a jelszavak "szavatossági idejéről". Amennyiben
+az idő nem alkalmas a jelszó megváltoztatására, \fBpasswd\fR kilép minden
+változtatás nélkül.
+.PP
+Ezekután a program bekéri a felhasználótól az új jelszót, majd
+megvizsgálja hogy elég bonyolult\-e.
+Ãltalános szabályként elmondható, hogy a jelszavak jók, ha 6\-8 karakterbÅ‘l
+állnak, és a következő jelkészletekből tartalmaz elemeket:
+.IP "" .5i
+Az ABC kis betűi
+.IP "" .5i
+Az ABC nagy betűi
+.IP "" .5i
+Számok 0 és 9 között
+.IP "" .5i
+Ãrásjelek
+.PP
+Fontos odafigyelni, hogy ne tartalmazzon az adott rendszeren használt
+"erase" és "kill" kódű karaktereket.
+A \fBpasswd\fR nem fogad el nem eléggé bonyolult jelszót.
+.PP
+Ha a jelszó elfogadható,
+a \fBpasswd\fR a biztonság kedvéért még egyszer bekéri az új jelszót, és
+csak akkor hajtja végre a változtatást, ha a két bevitt jelszó megegyezik.
+.SS Csoportok jelszavai
+A \fB\-g\fR kapcsoló használata esetén a megadott nevű csoport jelszava
+változik meg. Ezt csak a rendszergazda vagy a csoport adminisztrátora teheti
+meg.
+A jelenlegi csoportjelszavat nem kéri változtatás előtt.
+Az \fB\-r\fR kapcsolót a \fB\-g\fR kapcsolóval használva lehet a csoport jelszavát kikapcsolni, ezáltal minden tag használhatja a csoportot.
+Az \fB\-R\fR kapcsoló a \fB\-g\fR kapcsolóval használva a csoport minden felhasználó előtt lezárul.
+
+.SS A jelszavak "szavatossági ideje"
+A jelszavak elévülési idejét a rendszergazda a \fB\-x\fR, \fB\-n\fR, \fB\-w\fR, és \fB\-i\fR kapcsolókkal szabályozhatja.
+A \fB\-x\fR kapcsoló a jelszócserék közti maximális időt állítja be.
+A jelszót legkésőbb \fImax\fR naponként meg kell változtatni.
+Az \fB\-n\fR kapcsoló a két jelszócsere közötti minimális időt szabályozza: a felhasználó addig nem változtathatja meg jelszavát, amíg legalább
+\fImin\fR nap el nem telt az előző változtatás óta.
+A \fB\-w\fR kapcsolóval azt állíthatod be, hogy hány nappal a jelszó lejárta előtt kezdje el a rendszer a felhasználót figyelmeztetni. Az első figyelmeztetés \fIfigy\fR nappal a lejárat előtt jelenik meg, és utána naponta tájékoztatja a felhasználót a még hátralévő napok számáról.
+Az \fB\-i\fR kapcsoló \fIinakt\fR nappal a jelszó lejárta után lezárja a felhasználó belépési lehetőségét.
+
+.SS Jogosultság\-kezelés
+A felhasználók lezárhatóak és újra beengedhetőek a \fB\-l\fR és a \fB\-u\fR kapcsolókkal.
+Az \fB\-l\fR kapcsoló a jelszót kicseréli egy olyan értékre, ami semmilyen lehetséges jelszó kódolt értékével nem egyezik.
+Az \fB\-u\fR kapcsoló visszaállítja a jelszót a régire, és így újra engedélyezi a belépést.
+.PP
+A jogosultságok az \fB\-S\fR kapcsolóval állíthatóak be. Ez 6 részből áll:
+Az első azt jelzi, hogy a felhaszáló le van zárva (L), nincs jelszava (NP), vagy van érvényes jelszava (P).
+A második rész az utolsó jelszóváltoztatás dátuma.
+A következő négy rész a jelszavak minimális és maximális ideje, az első figyelmeztetés a jelszó lejárta előtt és hogy mennyi ideig él a jelszó lejárta után.
+
+.SS Tippek a felhasználói jelszavakhoz
+Egy jelszavas rendszer biztonsága a kódolási algoritmus erősségétől és a lehetséges kulcsok számától függ.
+A \fB\s-2UNIX\s+2\fR rendszerek kódolási módja az NBS DES algoritmuson alapul, és nagyon biztonságos. A lehetséges kulcsok száma a választott jelszó véletlenszerűségén múlik.
+.PP
+A jelszavas rendszerek feltörése legtöbbször a gondatlanul megválasztott jelszóválasztásnak vagy a jelszavak cserélgetésének eredménye.
+Ezen okok miatt célszerű olyan jelszót választanod, ami nem szerepel a szótárban és nem szükséges leírnod. Tipikusan rossz választás még, ha valamilyen nevet, valamilyen azonosítószámodat, születésnapodat, vagy címedet használod jelszóként.
+Ezeket legtöbbször minden más lehetőség vizsgálata előtt kipróbálja a potenciális cracker.
+.PP
+Igyekezz olyan jelszót választani, amit könnyen megjegyzel és így nem vagy
+arra szorulva, hogy le kelljen írnod.
+Ezt például úgy érheted el, hogy két rövidebb szót elválasztasz egy számmal
+vagy valamilyen karakterrel, például jel@szo
+.PP
+A másik módszer, hogy egy könnyen megjegyezhető mondat vagy idézet minden
+szavának első vagy utolsó betűjét írod egymás után.
+Ãgy például a
+.IP "" .5i
+Morzsa kutyám hegyezd füled
+.PP
+\-ből
+.IP "" .5i
+Maqmhdfd
+.PP
+lesz.
+Feltehetőleg kevés cracker szótárában fog szerepelni ez a szó.
+Ennek ellenére a még nagyobb biztonság kedvéért érdemes valamilyen saját
+módszert kitalálnod jelszavak készítésére.
+
+.SS Megjegyzés a csoportok jelszavairól
+A csoportok jelszavai állandó biztonsági problémát jelenthetnek, mivel
+nemcsak egy ember ismerheti a jelszavat. A csoport\-kezelés azonban
+hasznos abban az esetben, ha több felhasználó együttműködését kell
+megoldani.
+
+.SH FIGYELMEZTETÉS
+Nem biztos, hogy minden kapcsoló felhasználható.
+Az, hogy hogyan vizsgálja a jelszavak bonyolultságát, rendszerről rendszerre
+változhat.
+Minden felhasználónak célszerű a lehető legbonyolultabb, de még használható
+jelszót használnia.
+Ha NIS\-t használ a felhasználók azonosítására a rendszer és a felhasználó nem
+lépett be a NIS kiszolgálóra, nem változtathatja meg jelszavát.
+.SH FÃJLOK
+\fI/etc/passwd\fR \- felhasználói információk
+.br
+\fI/etc/shadow\fR \- kódolt felhasználói jelszavak
+.SH LÃSD MÉG
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5)
+.SH MAGYAR FORDÃTÃS
+Érdi "Cactus" Gergő <cactus@freemail.c3.hu>
diff --git a/man/hu/man1/sg.1 b/man/hu/man1/sg.1
new file mode 100644
index 0000000..d07c5e4
--- /dev/null
+++ b/man/hu/man1/sg.1
@@ -0,0 +1 @@
+.so man1/newgrp.1
diff --git a/man/hu/man1/su.1 b/man/hu/man1/su.1
new file mode 100644
index 0000000..3d6e9fc
--- /dev/null
+++ b/man/hu/man1/su.1
@@ -0,0 +1,185 @@
+.\" You may copy, distribute and modify under the terms of the LDP General
+.\" Public License as specified in the LICENSE file that comes with the
+.\" gnumaniak distribution
+.\"
+.\" The author kindly requests that no comments regarding the "better"
+.\" suitability or up\-to\-date notices of any info documentation alternative
+.\" is added without contacting him first.
+.\"
+.\" (C) 1999 Ragnar Hojland Espinosa <ragnar@macula.net>
+.\"
+.\" GNU su man page
+.\" man pages are NOT obsolete!
+.\" <ragnar@macula.net>
+.TH su 1 "18 August 1999" "GNU Shell Utilities 2.0"
+.SH NÉV
+su \- indít egy shellt más felhasználó\- és csoportazonosítóval
+.SH ÃTTEKINTÉS
+.B su
+.BI "[\-] [\-flmp] [\-c " parancs "] [\-s " shell "] [\-\-fast] [\-\-login]"
+.B [\-\-preserve\-environment]
+.BI "[\-\-command=" parancs "] [\-\-shell=" shell "]"
+.BI [ felhasználó " [" argumentum... ]]
+.sp
+.B su [\-\-help] [\-\-version]
+.SH LEÃRÃS
+Az
+.B su
+parancs lehetővé teszi, hogy ideiglenesen más felhasználóvá válhassunk
+úgy, hogy egy új shell\-t indít a kért
+.I felhasználó
+valós és effektív felhasználói azonosítójával, csoportazonosítójával és
+másodlagos csoportjaival. Ha nem adunk meg
+.IR felhasználó \-t,
+az alapértelmezett érték a root (super\-user). Az a shell indul el, ami a
+.I felhasználó
+passwd bejegyzésében szerepel, ha ott nincs
+semmi, akkor a /bin/sh. Ha a
+.IR felhasználó \-nak
+van jelszava, akkor az
+.B su
+meg fogja azt kérdezni, kivéve ha root\-ként (a felhasználói azonosító 0)
+futtatjuk.
+.PP
+Alapértelmezésben az
+.B su
+nem változtatja meg az aktuális könyvtárat. Ãtállítja a
+.B HOME
+és a
+.B SHELL
+környezeti változókat a
+.I felhasználó
+password bejegyzéséből kinézett értékekre, és ha a
+.I felhasználó
+nem a root (a super\-user) a
+.BR USER és LOGNAME
+változókat a
+.I felhasználó
+nevére állítja. Az alapértelmezés az, hogy az elinduló shell nem lesz
+bejelentkezési shell.
+.PP
+Ha megadunk
+.IR argumentum \-ként
+valamit, az is átadódik az induló shellnek.
+.PP
+Az
+.B su
+se a /bin/sh\-t, se más shell\-eket nem kezel speciálisan.
+(ilyen az argv[0] "\-su"\-ra állítása, vagy a \-c paraméter csak
+bizonyos shelleknek való átadása, stb.)
+.PP
+Azokon a rendszereken, ahol van
+.RB syslog (3) ,
+az
+.B su
+fordítható úgy is, hogy a sikertelen, vagy opcionálisan a
+sikeres próbálkozásokat is naplóztassa a sysloggal.
+.SH OPCIÓK
+.TP
+.BI "\-c " parancs ", \-\-command=" parancs
+Csak a
+.I parancs
+parancsot hajtatja végre a shell\-lel a
+.B \-c
+opció segítségével, így a shell nem interaktívan
+indul el.
+.TP
+.B "\-f, \-\-fast"
+Beállítja a
+.B \-f
+opciót az induló shellnél. Ennek talán csak a
+.BR csh (1)
+és a
+.BR tcsh (1),
+shelleknél van értelme ahol
+.B \-f
+opció megakadályozza, hogy a startup fájlt (.cshrc) a shell beolvassa.
+A Bourne\-hoz hasonló shelleknél a
+.B \-f
+opció letiltja a fájlnév minták kiterjesztését (filename pattern
+expansion), ami általában nem kívánatos dolog.
+.TP
+.B "\-, \-l, \-\-login"
+A shellt bejelentkezési shellként indítja. Ez a következőket jelenti:
+törli az összes környezeti változót, kivéve a
+.BR TERM "\-et, " HOME \-ot,
+és a
+.BR SHELL \-t
+(amiket a fent leírt módon állít át), és a
+.BR USER "\-t és " LOGNAME \-t
+(amiket szintén a fent leírt módon állít át
+a rootnak), továbbá a
+.BR PATH \-t,
+amit a fordításkor meghatározott
+alapértékre állít. Az aktuális könyvtárat a
+.I felhasználó
+home\-könyvtárára
+állítja. A shell neve elé egy
+.B \- \-t
+szúr be, így eléri azt, hogy
+az beolvassa a startup fájlját illetve fájljait.
+.TP
+.B "\-m, \-p, \-\-preserve\-environment"
+Nem állítja át a
+.BR HOME ", " USER ", " LOGNAME ", és " SHELL
+környezeti változókat. Azt a shellt indítja, ami a
+.B SHELL
+változóban van a passwd fájlban lévő helyett, de csak akkor, ha az
+.B su
+parancsot vagy a superuser futtatja, vagy nem egy korlátozott
+(restricted) shellt akar futtatni. Az a shell korlátozott, ami nem
+szerepel a /etc/shells fájlban, vagy
+az
+.B su
+belső listájában, ha ez a fájl nem létezik. Az opció hatásainak egy részét a
+.B \-\-login
+és a
+.B \-\-shell
+opciók hatástalanítják.
+.TP
+.BI "\-s, \-\-shell " shell
+A
+.IR shell "\-t indítja a " felhasználó
+/etc/passwd fájlban szereplő
+shellje helyett, ha parancsot vagy a superuser futtatja,
+vagy ha nem korlátozott shellt akar futtatni. (Korlátozott
+shell\-t lásd fentebb.)
+.TP
+.B "\-\-help"
+Használati útmutatót ír a standard kimenetre, majd sikeres visszatérési értékkel kilép.
+.TP
+.B "\-\-version"
+A program verziójáról ír ki információt a standard kimenetre, majd
+sikeres visszatérési értékkel kilép.
+.SH Miért nem támogatja a GNU su a wheel csoportot? (Richard Stallman)
+
+Néha a rendszer fölötti teljes ellenőrzést egy néhány emberből
+álló csoport akarja kézbe venni. Például 1984\-ben pár user a MIT AI
+laborban úgy döntött, hogy átveszik az irányítást a Twenex rendszer
+operátori jelszavának megváltoztatásával, és annak titokban tartásával.
+(A puccsot sikerült leverni, és a felhasználókat jogaikba visszahelyezni
+egy kernel patch segítségével, de Unix alatt ezt nem tudtam volna megcsinálni.)
+(A fordító megj.: a wheel csoportot ezzel a módszerrel könnyen
+önkényesen is leszűkíthetik a csoporttagok , így tulajdonképpen nincs sok értelme.)
+.PP
+Néha az uralmon levők elárulják a root jelszót. A szokásos su
+mechanizmus szerint, ha valaki megtudja a root jelszót, és
+szimpatizál a többi közönséges felhasználóval, elárulhatja nekik
+is. A wheel csoport ezt lehetetlenné tenné, és így bebetonozná az
+uralmon levő hatalmát.
+.PP
+Én a tömegek oldalán állok, nem az uralkodókén. Ha te mindig a
+főnökök és a rendszergazdák oldalán állsz, bármit is tesznek, akkor
+valószínűleg furcsálni fogod ezt a hozzáállást.
+.PP
+A fordító megjegyzése:
+Valami jó azért mégis lenne a wheel csoportban: az, hogy ha a root
+jelszó kitudódna azzal nem tudna bármelyik felhasználó közvetlenül
+visszaélni. A wheel csoporthoz hasonló dolgot lehet elérni a
+.B sudo
+csomaggal.
+.SH MEGJEGYZÉS
+A hibákat a bug\-sh\-utils@gnu.org címen lehet jelenteni.
+Az oldalt Ragnar Hojland Espinosa <ragnar@macula.net> frissítette.
+.SH MAGYAR FORDÃTÃS
+Havasi Ferenc <hafy@prins.externet.hu> és Tímár András <timar_a@freemail.hu>
diff --git a/man/hu/man5/passwd.5 b/man/hu/man5/passwd.5
new file mode 100644
index 0000000..0ef231a
--- /dev/null
+++ b/man/hu/man5/passwd.5
@@ -0,0 +1,99 @@
+.\" Copyright (c) 1993 Michael Haardt (u31b3hs@pool.informatik.rwth-aachen.de), Fri Apr 2 11:32:09 MET DST 1993
+.\"
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.TH PASSWD 5 "24 July 1993" "Linux" "Linux Programozói Kézikönyv"
+.SH NÉV
+passwd \- Jelszófájl
+.SH LEÃRÃS
+A
+.B Passwd
+egy, a felhasználók listáját és a belépésükhöz szükséges jelszavakat
+tartalmazó ASCII file. Mindenkinek tudnia kell olvasni (sok segédprogram,
+pl. a
+.BR ls (1)
+ezt használja hogy a felhasználói azonosítókhoz (UID-khez) neveket
+rendeljen), de írási jogot csak a rendszergazdának szabad kapnia.
+.PP
+A régi szép időkben nem is volt ezzel semmi baj: mindenki olvashatta a
+felhasználók kódolt jelszavait, de mivel az akkori hardware-körülmények nem
+tették lehetővé a jól megválasztott jelszavak törését, és a felasználók
+alapvetően jóindulatűak voltak, ez nem okozott problémát.
+Manapság mindenki igyekszik shadow-zott jelszavakat használni, amikor is a
+.I /etc/passwd
+file-ban a jelszavak helyett csak egy * karakter áll, és az igazi jelszavak
+a
+.I /etc/shadow
+file-ban találhatóak, amit csak a rendszergazda olvashat.
+.PP
+Amikor új felhasználót készítesz, célszerű a jelszó helyét
+üresen hagyni, és a \fBpasswd\fP(1) programmal kitölteni. Egy * karakter a
+jelszó helyén azt jelenti, hogy a \fBlogin\fP(1) szoltáltatáson keresztül
+a felhasználó nem tud belépni.
+.PP
+Soronként egy bejegyzés található, a következő formában:
+.sp
+.RS
+usernév:jelszó:UID:GID:valódi név:home mappa:shell
+.RE
+.sp
+, ahol a mezők jelentése:
+.sp
+.RS
+.TP 1.0in
+.I usernév
+a felhasználó belépési neve a rendszerben.
+.TP
+.I jelszó
+a felhasználó kódolt jelszava.
+.TP
+.I UID
+A felhasználó azonosítószáma.
+.TP
+.I GID
+A felhasználó csoportjának azonosítószáma.
+.TP
+.I valódi név
+egy opcionális mező megjegyzések tárolására (gyakran a felhasználó teljes neve)
+.TP
+.I home mappa
+a felhasználó $HOME mappája.
+.TP
+.I shell
+a belépéskor elindítandó program (ha nincs megadva, a
+.IR /bin/sh -t használja).
+.RE
+.SH MEGJEGYZÉS
+Ha a root fájlrendszered a
+.IR /dev/ram
+-on van, a rendszer leállítása előtt rögzítened kell a megváltozott jelszófile-t a root fájlrendszer floppylemezén. Ha csoportokat is kezelni akarsz, meg kell egyezniük a GID-jüknek és be kell jegyezni őket a \fI/etc/group\fP-ba.
+.SH FÃJLOK
+.I /etc/passwd
+.SH LÃSD MÉG
+.BR passwd (1),
+.BR login (1),
+.BR group (5),
+.BR shadow (5)
+.SH MAGYAR FORDÃTÃS
+Horváth András <horvatha@rs1.szif.hu>
diff --git a/man/hu/man8/lastlog.8 b/man/hu/man8/lastlog.8
new file mode 100644
index 0000000..a7058c5
--- /dev/null
+++ b/man/hu/man8/lastlog.8
@@ -0,0 +1,68 @@
+.\" Copyright 1992, Phillip Street and Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" @(#)lastlog.8 3.3 08:24:58 29 Sep 1993 (National Guard Release)
+.\" $Id$
+.\"
+.TH LASTLOG 8
+.SH NÉV
+lastlog \- a lastlog fájl vizsgálata
+.SH ÃTTEKINTÉS
+.B lastlog
+.RB [ -u
+.IR uid ]
+.RB [ -t
+.IR napok száma ]
+.SH LEÃRÃS
+
+A \fBlastlog\fR formázza és olvashatóan megjeleníti a
+\fB/var/log/lastlog\fR tartalmát. A listában szerepel a \fBlogin-név\fR, a
+\fBterminál (port) azonosítója\fR és a felhasználó \fBlegutolsó
+belépésének ideje\fR. Paraméterek nélkül meghívva a
+felhasználó-azonosítók (UID) alapján sorbarendezve jelennek meg az
+értékek. A \fB-u \fIlogin-név\fR opció megadása esetén csak a megadott
+felhasználó utolsó belépésének ideje jelenik meg. A \fB-t \fInapok
+száma\fR opció megadásával csak a megadott számú napon belüli belépési
+idők jelennek meg. A \fB-r\fR opció felülírja a \fB-u\fR opciót.
+.PP
+Ha a felhasználó még soha nem lépett be, akkor a terminál és az idő
+helyett a \fB**Never logged in**\fR felirat jelenik meg.
+.SH FÃJLOK
+/var/log/lastlog \- a felhasználók legutóbbi belépéseit tartalmazza
+.SH MEGJEGYZÉS
+Ha a felhasználói azonosító számok (UID-k) között nagyobb üres tartományok
+vannak, akkor a lastlog futásakor megtörténhet, hogy hosszabb ideig
+nem jelenik meg semmi a képernyőn (pl ha a 170-es és a 800-as azonosítójú
+felhasználók között nincs több azonosító, akkor a 171 és 799 közötti
+számok kiértékelése alatt a képernyőn nem változik semmi).
+.SH SZERZÅK
+Julianne Frances Haugh (jfh@tab.com)
+.br
+Phillip Street
+.SH MAGYAR FORDÃTÃS
+Hermann Benedek (bence@intercom.hu)
+
diff --git a/man/id.1.xml b/man/id.1.xml
new file mode 100644
index 0000000..e947e19
--- /dev/null
+++ b/man/id.1.xml
@@ -0,0 +1,119 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 , Julianne Frances Haugh
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='id.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>id</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>id</refname>
+ <refpurpose>display current user and group ID names</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>id</command> <arg choice='opt'>-a </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>id</command> command displays the current real and
+ effective user and group ID names or values. If the value does not
+ have a corresponding entry in <filename>/etc/passwd</filename> or
+ <filename>/etc/group</filename>, the value will be displayed without
+ the corresponding name. The optional <option>-a</option> flag will
+ display the group set on systems which support multiple concurrent
+ group membership.
+ </para>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>getgid</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>getgroups</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>getuid</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/id/Makefile.am b/man/id/Makefile.am
new file mode 100644
index 0000000..21f3dbe
--- /dev/null
+++ b/man/id/Makefile.am
@@ -0,0 +1,9 @@
+
+mandir = @mandir@/id
+
+man_MANS = \
+ man1/chsh.1 \
+ man1/login.1 \
+ man8/useradd.8
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/id/man1/chsh.1 b/man/id/man1/chsh.1
new file mode 100644
index 0000000..e13a49d
--- /dev/null
+++ b/man/id/man1/chsh.1
@@ -0,0 +1,53 @@
+.\"
+.\" chsh.1 \-\- change your login shell
+.\" (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\" this program is free software. you can redistribute it and
+.\" modify it under the terms of the gnu general public license.
+.\" there is no warranty.
+.\"
+.\" $Author: kloczek $
+.\" $Revision: 1.4 $
+.\" $Date: 2005/08/29 13:59:29 $
+.\"
+.TH CHSH 1 "October 13 1994" "chsh" "Linux Reference Manual"
+.SH NAMA
+chsh \- merubah shell login
+.SH RINGKASAN
+.B chsh
+[\ \-s\ shell\ ] [\ \-l\ ] [\ \-u\ ] [\ \-v\ ] [\ username\ ]
+.SH PENJELASAN
+.B chsh
+digunakan untuk merubah shell login Anda.
+Bila shell tidak diberikan pada baris perintah maka
+.B chsh
+menampilkan prompt untuk memasukkan shell.
+.SS SHELL\-SHELL YANG BENAR
+.B chsh
+akan menerima pathname lengkap dari file executable pada sistem.
+Walau demikian, akan menampilkan peringatan bila shell tidak terdapat
+dalam file
+.I /etc/shells .
+.SH OPTION
+.TP
+.I "\-l, \-\-list\-shells"
+Menampilkan daftar shell yang ada dalam
+.I /etc/shells
+dan keluar atau exit.
+.TP
+.I "\-s, \-\-shell"
+Menentukan shell login Anda.
+.TP
+.I "\-u, \-\-help"
+Menampilkan cara penggunaan program.
+.TP
+.I "\-v, \-\-version"
+Menampilkan informasi versi program.
+.SH "LIHAT JUGA"
+.BR login (1),
+.BR passwd (5),
+.BR shells (5)
+.SH PEMBUAT
+Salvatore Valente <svalente@mit.edu>
+.SH PENTERJEMAH
+Rizqy Syarief <rizqy@rad.net.id>
diff --git a/man/id/man1/login.1 b/man/id/man1/login.1
new file mode 100644
index 0000000..970fc72
--- /dev/null
+++ b/man/id/man1/login.1
@@ -0,0 +1,311 @@
+.\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu)
+.\" May be distributed under the GNU General Public License
+.TH LOGIN 1 "4 November 1996" "Util\-linux 1.6" "Linux Programmer's Manual"
+.SH NAME
+login \- masuk ke system
+.SH SYNOPSIS
+.BR "login [ " name " ]"
+.br
+.B "login \-p"
+.br
+.BR "login \-h " hostname
+.br
+.BR "login \-f " name
+.SH PENJELASAN
+.B login
+digunakan ketika hendak masuk ke sebuah system. Ia juga dapat digunakan
+untuk berpindah dari satu user ke user lainnya kapan saja (shell\-shell yang
+modern mendukung kemampuan ini).
+Jika tidak diikuti oleh sebuah argumen
+.B login
+system akan menanyakan nama user/username.
+
+Jika user tersebut
+.I bukan
+root, dan jika terdapat file
+.I /etc/nologin
+isi file tersebut akan tercetak di layar, kemudian login dihentikan.
+Biasanya ini dilakukan untuk mencegah login ketika system sedang dimatikan.
+
+Jika terdapat pembatasan akses tertentu pada user sebagaimana terdapat di
+.IR /etc/usertty ,
+hal tersebut harus dipenuhi, atau login akan ditolak dan pesan
+.B syslog
+akan dibuat. Lihat section pada "Special Access Restrictions".
+
+Jika user adalah root, maka login harus dijalankan pada tty yang terdapat
+di
+.IR /etc/securetty .
+Kegagalan akan dicatat pada log melalui fasilitas
+.B syslog .
+
+Setelah kondisi\-kondisi tersebut dicek, anda akan dimintai password untuk
+kemudian dicek (jika ada password untuk username tersebut). Anda dapat
+mencoba sepuluh kali sebelum
+.B login
+dimatikan, tapi setelah kegagalan yang ketiga, respon yang diberikan
+akan sangat lamban. Kegagalan login akan dilaporkan melalui fasilitas
+.B syslog .
+Fasilitas ini juga dapat digunakan untuk melaporkan login yang berhasil.
+
+Jika file
+.I .hushlogin
+ditemukan, maka login secara "quiet" dilaksanakan (hal ini menonaktifkan
+pengecekan mail dan tidak menampilkan waktu login terakhir dan pesan
+yang ada untuk hari itu). Namun, jika terdapat file
+.I /var/log/lastlog
+, waktu login terakhir akan ditampilkan (dan kegiatan login yang sekarang
+akan dicatat).
+
+Kegiatan administratif secara acak, seperti mengeset UID dan GID untuk tty
+akan dilakukan. Variabel environment TERM dibuatkan, jika ia sudah ada
+(variabel environment lain akan dibuatkan jika option
+.B \-p
+digunakan). Kemudian variable environment HOME, PATH, SHELL, TERM, MAIL
+dan LOGNAME ditetapkan. Default PATH merujuk ke
+.I /usr/local/bin:/bin:/usr/bin:.
+untuk user biasa, dan ke
+.I /sbin:/bin:/usr/sbin:/usr/bin
+untuk root. Terakhir, jika login yang sedang dilakukan bukan login "quiet",
+pesan hari ini akan ditampilkan dan file dengan nama yang sama dengan user
+pada
+.I /usr/spool/mail
+akan diperiksa, dan sebuah pesan ditampilkan jika besar file tersebut tidak
+nol.
+
+Kemudian, shell untuk user berjalan. Jika shell untuk user tidak ditentukan
+pada
+.BR /etc/passwd ,
+maka akan digunakan
+.BR /bin/sh .
+Jika directory tidak ditentukan pada
+.IR /etc/passwd ,
+maka
+.I /
+digunakan (home directiry diperiksa pada file
+.I .hushlogin
+seperti dijelaskan sebelumnya).
+.SH OPTION
+.TP
+.B \-f
+Used to skip a second login authentication. This specifically does
+Digunakan untuk melewatkan pengecekan tahap kedua ketika login. Biasanya
+.B tidak
+berjalan untuk, dan kelihatannya tidak dapat berjalan dengan baik pada Linux.
+.TP
+.B \-h
+Digunakan oleh server lain (misalnya
+.BR telnetd (8))
+to pass the name of the remote host to
+untuk melewatkan nama remote host ketika
+.B login
+sehingga dapat ditempatkan pada utmp dan wtmp. HAnya superuser yang dapat
+menggunakan option ini.
+.TP
+.B \-p
+digunakan oleh
+.BR getty (8)
+untuk memberi tahu bahwa
+.B login
+tidak mengubah environment
+
+.SH "PEMBATASAN AKSES TERTENTU/SPECIAL ACCESS RESTRICTIONS"
+File
+.I /etc/securetty
+mencatat nama\-nama tty dimana root boleh login. Nama device tty yang tidak
+berawalan /dev/ harus ditentukan pada setiap barisnya. Jika file tersebut
+tidak ditemukan, root boleh login di tty mana saja.
+
+.PP
+File
+.I /etc/usertty
+Menentukan tambahan batasan akses tertentu untuk user tertentu. Jika
+file ini tidak ditemukan, tak ada tambahan batasan akses yang diterapkan.
+File ini terdiri dari beberapa bagian. Ada tiga bagian yang mungkin
+ada : CLASSES, GROUPS dan USERS. Bagian CLASSES mendefinisikan kelas tty
+dan pola nama host, bagian GROUPS mendefinisikan tty dan nama host yang
+diperbolehkan berdasarkan per group, dan bagian USERS mendefinisikan tty
+dan host yang diperbolehkan berdasarkan per user.
+
+.PP
+Panjang setiap baris pada file ini tidak boleh lebih dari 255 karakter.
+Komentar diawali oleh karakter # yang berlaku hingga akhir baris.
+
+.PP
+.SS "Bagian CLASSES"
+Bagian CLASSES dimulai dengan kata CLASSES pada baris awal dalam
+huruf besar semua. Setiap baris berikutnya hingga permulaan bagian baru
+atau akhir file terdiri dari urutan kata\-kata yang dipisahkan oleh tab
+atau spasi. Tiap baris mendefinisikan kelas tty dan pola host.
+
+.PP
+Kata yang terdapat pada awal baris dijadikan sebuah definisi untuk
+sekumpulan nama untuk tty dan pola host yang ditentukan pada akhir baris.
+Kumpulan nama ini dapat digunakan untuk bagian GROUPS berikutnya atau
+bagian USERS. Nama kelas tidak boleh didefinisikan sebagai bagian
+dari sebuah kelas untuk menghindari masalah kelas rekursif.
+
+.PP
+Contoh bagian CLASSES:
+.PP
+.nf
+.in +.5
+CLASSES
+myclass1 tty1 tty2
+myclass2 tty3 @.foo.com
+.in -.5
+.fi
+.PP
+File di atas mendefinisikan
+.I myclass1
+dan
+.I myclass2
+sebagai sebelah kanan yang saling berhubungan.
+.PP
+
+.SS "Bagian GROUPS"
+Bagian GROUPS mendefinisikan tty dan host yang diperbolehkan berdasarkan
+per group UNIX. Jika seorang user adalah anggota sebuah group menurut
+.I /etc/passwd
+dan
+.I /etc/group
+dan jika sebuah group disebutkan pada bagian GROUPS di
+.I /etc/usertty
+maka user diberikan akses jika memang itu group\-nya.
+.PP
+Bagian GROUPS diawali oleh kata GROUPS dalam huruf besar semua pada permulaan
+baris dan tiap baris selanjutnya merupakan urutan kata\-kata yang dipisahkan
+oleh spasi atau tab. Kata pertama pada sebuah baris adalah nama group dan
+sisanya menentukan tty dan host dimana anggota group tersebut boleh
+mendapatkan akses. Ketentuan ini dapat mengikutsertakan kelas yang telah
+didefinisikan pada bagian CLASSES sebelumnya.
+
+.PP
+Contoh bagian GROUPS
+.PP
+.nf
+.in +0.5
+GROUPS
+sys tty1 @.bar.edu
+stud myclass1 tty4
+.in -0.5
+.fi
+.PP
+Contoh ini menentukan bahwa anggota group
+.I sys
+boleh log in pada tty1 dan dari host\-host yang terdapat pada domain
+bar.edu. User yang terdapat pada group
+.I stud
+boleh log in dari host\-host/tty\-tty yang ditentukan pada kelas myclass1
+atau dari tty4
+.PP
+
+.SS "Bagian USERS"
+Bagian USERS dimulai dengan kata USERS dalam huruf besar semua pada awal
+baris, dan tiap baris berikutnya adalah urutan kata\-kata yang dipisahkan
+oleh tab atau spasi. Kata pertama pada sebuah baris adalah username
+dan sisanya merupakan definisi tentang tty dan host tempat user boleh
+log in. Ketentuan ini dapat melibatkan kelas yang didefinisikan pada
+bagian CLASSES sebelumnya dan. Jika tak ada header bagian yang tercantum
+pada awal file, bagian pertama secara defaults adalah bagian USERS.
+
+.PP
+Contoh penggunaan bagian USERS:
+.PP
+.nf
+.in +0.5
+USERS
+zacho tty1 @130.225.16.0/255.255.255.0
+blue tty3 myclass2
+.in -0.5
+.fi
+.PP
+KEtentuan ini mengizinkan zacho hanya boleh login pada tty1 dan dari
+host\-host yang alamat IP\-nya terletak di kisaran 130.225.16.0 \-
+130.225.16.255, dan user bernama blue boleh log in dari tty3 dan apa
+saja yang disebutkan pada kelas myclass2.
+.PP
+Mungkin terdapat sebuah baris pada bagian USERS yang dimulai dengan
+sebuah username bernama *. Ini adalah aturan default dan ia akan
+diterapkan pada user yang tidak tercantum pada baris\-baris definisi.
+.PP
+Jika user ditemukan pada baris USERS dan GROUPS maka user tersebut boleh
+mengakses dari gabungan tty/host yang disebutkan pada ketentuan tersebut.
+
+.SS Origins
+Ketentuan mengenai tty dan pola host yang digunakan sebagai ketentuan
+pada kelas, group dan user disebut origin. Sebuah origin bisa memiliki
+format berikut:
+.IP o
+Nama sebuah device tty tanpa awalan /dev/, contohnya tty1 atau ttyS0.
+.PP
+.IP o
+String @localhost, artinya user boleh melakukan telnet/rlogin
+dari local host ke host yang sama. Ini juga membolehkan user untuk
+menjalankan perintah: xterm \-e /bin/login.
+.PP
+.IP o
+Sebuah akhiran nama domain seperti @.some.dom, artinya user boleh
+melakukan rlogin/telnet dari host mana saja yang nama domainnya berakhiran
+@.some.dom
+.PP
+.IP o
+Kisaran alamat IPv4, ditulis @x.x.x.x/y.y.y.y dimana x.x.x.x adalah
+alamat IP pada notasi desimal biasa dan y.y.y.y adalah bitmask dalam
+notasi yang sama yang menentukan bit mana pada alamat tersebut untuk
+dibandingkan dengan alamat IP dari remote host. Contohnya @130.225.16.0/
+255.255.254.0 berarti user boleh rlogin/telnet dari host mana saja yang
+alamat IP\-nya berada pada kisaran 130.225.16.0 \- 130.225.17.255.
+.PP
+Origin di atas boleh diawali oleh penentuan waktu menurut syntax:
+.PP
+.nf
+timespec ::= '[' <day\-or\-hour> [':' <day\-or\-hour>]* ']'
+day ::= 'mon' | 'tue' | 'wed' | 'thu' | 'fri' | 'sat' | 'sun'
+hour ::= '0' | '1' | ... | '23'
+hourspec ::= <hour> | <hour> '\-' <hour>
+day\-or\-hour ::= <day> | <hourspec>
+.fi
+.PP
+Contohnya, origin [mon:tue:wed:thu:fri:8\-17]tty3 berarti log in
+diperbolehkan pada hari senin hingga jumat pukul 8:00 dan 17:59 (5:59
+pm) pada tty3. Ini juga menunjukkan bahwa kisaran jam (seperti 10)
+menandakan waktu berkisar antara 10:00 dan 10:59.
+.PP
+Jika tidak menentukan waktu untuk tty atau nama host berarti lo gin
+dari origin tersebut diperbolehkan untuk setiap waktu. Jika anda
+memberikan awalan waktu, yakinkan untuk menentukan baik kumpulan hari
+dan waktu yang agak dilebihkan. Penentuan waktu tidak boleh berisi
+spasi.
+.PP
+Jika tidak ada aturan diberikan maka user yang tidak ditemukan pada
+.I /etc/usertty
+boleh log in dari mana saja.
+.PP
+.SH FILES
+.nf
+.I /var/run/utmp
+.I /var/log/wtmp
+.I /var/log/lastlog
+.I /usr/spool/mail/*
+.I /etc/motd
+.I /etc/passwd
+.I /etc/nologin
+.I /etc/usertty
+.I .hushlogin
+.fi
+.SH "SEE ALSO"
+.BR init (8),
+.BR getty (8),
+.BR mail (1),
+.BR passwd (1),
+.BR passwd (5),
+.BR environ (7),
+.BR shutdown (8)
+.SH BUGS
+
+Linux, tidak seperti sistem operasi draconian, tidak mengecek quota.
+
+Option tidak resmi pada BSD
+.B \-r
+tidak dapat digunakan. Ini mungkin dibutuhkan oleh program
diff --git a/man/id/man8/useradd.8 b/man/id/man8/useradd.8
new file mode 100644
index 0000000..2d6730c
--- /dev/null
+++ b/man/id/man8/useradd.8
@@ -0,0 +1,214 @@
+.\" Copyright 1991 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Pendistribusian dan penggunaan dalam bentuk source dan binary, dengan
+.\" atau tanpa modifikasi, diperbolehkan asal syarat\-syarat ini dipenuhi :
+.\" 1. Pendistribusian source code harus mempertahankan tulisan copyright
+.\" di atas, persyaratan ini, dan disclaimer berikut.
+.\" 2. Pendistribusian dalam bentuk binary harus menampilkan copyright di atas,
+.\" persyaratan ini, dan disclaimer yang tercantum pada dokumentasi dan/
+.\" atau keterangan lainnya yang terdapat pada distribusi ini.
+.\" 3. Nama Julianne F. Haugh atau nama\-nama kontributor lainnya tidak boleh
+.\" digunakan sebagai jaminan atau untuk mempromosikan produk yang berasal
+.\" dari software ini tanpa izin khusus tertulis.
+.\"
+.\" SOFTWARE INI DISEDIAKAN OLEH JULIE HAUGH DAN PARA KONTRIBUTOR DALAM BENTUK
+.\" "APA ADANYA" DAN SEGALA PERNYATAAN ATAU JAMINAN, TERMASUK, TAPI TIDAK
+.\" TERBATAS PADA, JAMINAN DALAM PENJUALAN DAN PENYESUAIAN UNTUK MAKSUD
+.\" TERTENTU DILUAR TANGGUNG JAWABNYA. JULIE HAUGH DAN PARA KONTRIBUTOR TIDAK
+.\" BERTANGGUNG JAWAB PADA KERUSAKAN SECARA LANGSUNG, TIDAK LANGSUNG, KEBETULAN,
+.\" TERTENTU, SESUAI CONTOH ATAU KERUSAKAN BERUNTUN (TERMASUK, TAPI TIDAK
+.\" TERBATAS PADA MENDAPATKAN PRODUK DENGAN CARA PERTUKARAN ATAU JASA;
+.\" KEHILANGAN DATA, ATAU PROFIT; ATAU TERHENTINYA BISNIS) YANG MENGAKIBATKAN
+.\" DAN SECARA TEORI BERTANGGUNG JAWAB, MESKIPUN DALAM PERJANJIAN, BERTANGGUNG
+.\" JAWAB PENUH, ATAU TORT (TERMASUK KECEROBOHAN ATAU SEBALIKNYA) YANG TIMBUL
+.\" KARENA KESALAHAN DALAM MENGGUNAKAN SOFTWARE INI, BAHKAN JIKA TELAH
+.\" DIPERINGATKAN SEBELUMNYA TENTANG KEMUNGKINAN AKAN KERUSAKAN TERSEBUT.
+.\"
+.\" $Id$
+.\"
+.TH USERADD 8
+.SH NAME
+useradd \- Membuat user baru atau memperbarui informasi tentang user baru
+.SH SYNOPSIS
+.TP 8
+.B useradd
+.\" .RB [ \-A
+.\" .RI { method | \fBDEFAULT\fR "},... ]"
+.RB [ \-c
+.IR comment ]
+.RB [ \-d
+.IR home_dir ]
+.br
+.RB [ \-e
+.IR expire_date ]
+.RB [ \-f
+.IR inactive_time ]
+.br
+.RB [ \-g
+.IR initial_group ]
+.RB [ \-G
+.IR group [,...]]
+.br
+.RB [ \-m " [" \-k
+.IR skeleton_dir ] " |" " " \-M ]
+.RB [ \-s
+.IR shell ]
+.br
+.RB [ \-u
+.IR uid " ["
+.BR \-o ]]
+.RB [ \-n ]
+.RB [ \-r ]
+.I login
+.TP 8
+.B useradd
+\fB\-D\fR
+[\fB\-g\fI default_group\fR]
+[\fB\-b\fI default_home\fR]
+.br
+[\fB\-f\fI default_inactive\fR]
+[\fB\-e\fI default_expire_date\fR]
+.br
+[\fB\-s\fI default_shell\fR]
+.SH PENJELASAN
+.SS Membuat User Baru
+Jika digunakan tanpa option \fB\-D\fR, perintah \fBuseradd\fR menciptakan
+sebuah user account baru dengan menggunakan nilai yang terdapat pada
+baris perintah dan nilai default dari system.
+User account yang baru tersebut akan dimasukkan ke system files seperlunya,
+home directory akan dibuatkan, dan initial files di\-copy\-kan, tergantung
+option yang terdapat pada baris perintah.
+Versi yang terdapat pada Red Hat Linux akan membuat sebuah group untuk
+setiap user yang didaftarkan pada system, jika \fB\-b\fR tidak diberikan.
+Option yang dapat digunakan pada perintah \fBuseradd\fR adalah
+.\" .IP "\fB\-A {\fImethod\fR|\fBDEFAULT\fR},..."
+.\" Nilai milik user dalam metode autentikasi/pengecekan.
+.\" Metode autentikasi/pengecekan adalah nama sebuah program yang bertanggung
+.\" jawab untuk memeriksa identitas user.
+.\" String \fBDEFAULT\fR dapat digunakan untuk mengubah metode autentikasi
+.\" menjadi metode password system yang standar.
+.\" Daftar tersebut berisi nama\-nama program, yang dipisahkan oleh koma.
+.\" \fBDEFAULT\fR hanya dapat dicantumkan sekali saja.
+.\"
+.\"
+.\"
+.IP "\fB\-c \fIcomment\fR"
+Komentar pada file password milik user baru.
+.IP "\fB\-d \fIhome_dir\fR"
+User baru akan diciptakan dengan \fIhome_dir\fR sebagai lokasi directory
+login\-nya.
+Default\-nya adalah menambahkan nama \fIlogin\fR pada \fIdefault_home\fR
+dan menggunakannya sebagai nama directory login.
+.IP "\fB\-e \fIexpire_date\fR"
+Tanggal ketika user account dimatikan.
+Tanggal ditulis dalam format \fIMM/DD/YY\fR.
+.IP "\fB\-f \fIinactive_days\fR"
+Jumlah hari setelah sebuah password kadaluarsa hingga account
+tersebut dimatikan secara permanen.
+Nilai 0 mematikan account segera setelah password kadaluarsa,
+dan nilai \-1 mematikan fungsi ini.
+Nilai default\-nya adalah \-1.
+.IP "\fB\-g \fIinitial_group\fR"
+Nama group atau angka initial login group.
+Nama group harus sudah ada. Seorang anggota group harus merujuk
+pada group yang sudah ada.
+Nilai group default\-nya adalah 1.
+.IP "\fB\-G \fIgroup,[...]\fR"
+Daftar group tambahan yang juga merupakan group\-nya user.
+Setiap group dipisahkan oleh koma, tanpa diikuti spasi.
+Group juga mengikuti aturan yang diberikan dengan option \fB\-g\fR.
+Default\-nya hanyalah untuk user yang terdaftar pada group awal.
+.IP \fB\-m\fR
+Home directory milik user akan dibuatkan jika belum ada.
+File yang terdapat pada \fIskeleton_dir\fR atau \fI/etc/skel\fR
+akan dibuatkan pada home directory milik user.
+Option \fB\-k\fR hanya valid jika bertemu option \fB\-m\fR.
+Dafault\-nya adalah tidak membuat directory dan tidak meng\-copy
+segala file.
+.IP \fB\-M\fR
+Home directory milik user tidak akan dibuatkan, bahkan jika setting
+system pada \fI/etc/login.defs\fR ditujukan untuk membuat home
+directory.
+.IP \fB\-n\fR
+Sebuah group yang namanya sama dengan user akan ditambahkan ke dalam
+system secara default. Option ini akan mematikan kebiasaan tersebut
+yang terdapat pada Red Hat Linux.
+.IP \fB\-r\fR
+Flag ini digunakan untuk membuat sebuah system account. Yaitu, user
+dengan UID yang lebih kecil dari UID_MIN yang tercantum pada
+\fI/etc/login.defs\fR. Harap diingat bahwa \fBuseradd\fR tidak akan
+membuat home directory untuk user semacam ini, menghiraukan setting
+default yang terdapat di \fI/etc/login.defs\fR.
+Anda harus menyebutkan option \fB\-m\fR jika ingin membuat home directory
+untuk sebuah system account yang akan dibuat.
+Ini adalah option yang ditambahkan oleh Red Hat.
+.IP "\fB\-s \fIshell\fR"
+Nama login shell milik user.
+Default\-nya adalah membiarkan field ini kosong, yang menyebabkan
+system untuk memilih login shell yang default.
+.IP "\fB\-u \fIuid\fR"
+Nilai user ID secara numerik.
+Nilai ini harus unique, kecuali jika option \fI\-o\fR digunakan.
+Nilai tersebut tidak boleh negatif.
+Default\-nya adalah menggunakan nilai ID yang lebih besar dari 999
+dan lebih besar dari semua user lain.
+Nilai di antara 0 dan 999 biasanya disiapkan untuk system aacount.
+.SS Mengubah nilai\-nilai default.
+Ketika digunakan dengan option \fB\-D\fR, \fBuseradd\fR akan
+menampilkan nilai default, atau memperbarui nilai default baru
+yang terdapat pada baris perintah.
+Option yang dapat digunakan adalah
+.IP "\fB\-b \fIdefault_home\fR"
+Awalan path untuk home directory milik user baru.
+Nama user akan ditambahkan setelah akhir \fIdefault_home\fR
+ketika membuat nama directory baru jika option \fB\-d\fI tidak
+disebutkan dalam membuat account baru.
+.IP "\fB\-e \fIdefault_expire_date\fR"
+Tanggal ketika user account dimatikan.
+.IP "\fB\-f \fIdefault_inactive\fR"
+Jumlah hari setelah password kadaluarsa sebelum account
+dimatikan.
+.IP "\fB\-g \fIdefault_group\fR"
+Nama group atau ID sebagai group awal user baru.
+Nama group yang disebut harus sudah ada dan nomor group ID
+harus mempunyai entry.
+.IP "\fB\-s \fIdefault_shell\fR"
+Nama untuk login shell milik user baru.
+Nama program yang disebutkan akan digunakan untuk semua user
+account baru mendatang.
+.PP
+Jika tidak ada option yang disebutkan, \fBuseradd\fR menampilkan
+nilai default yang ada saat ini.
+.SH NOTES
+The system administrator is responsible for placing the default
+user files in the \fI/etc/skel\fR directory.
+.br
+Versi useradd ini dimodifikasi oleh Red Hat agar cocok dengan
+ketentuan mengenai user/group.
+.SH CAVEATS
+Anda tidak dapat menambahkan user pada grou NIS.
+Ini harus dilakukan pada server NIS.
+.SH FILES
+\fB/etc/passwd\fR \- informasi tentang user account
+.br
+\fB/etc/shadow\fR \- informasi user account yang terlindung
+.br
+\fB/etc/group\fR \- informasi tentang group
+.br
+\fB/etc/default/useradd\fR \- informasi tentang nilai default
+.br
+\fB/etc/login.defs\fR \- system\-wide settings
+.br
+\fB/etc/skel\fR \- directory yang mengandung default files
+.SH LIHAT JUGA
+.BR chfn (1),
+.BR chsh (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR passwd (1),
+.BR userdel (8),
+.BR usermod (8)
+.SH AUTHOR
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/it/Makefile.am b/man/it/Makefile.am
new file mode 100644
index 0000000..94460aa
--- /dev/null
+++ b/man/it/Makefile.am
@@ -0,0 +1,66 @@
+
+mandir = @mandir@/it
+
+man_MANS = \
+ man1/chage.1 \
+ man1/chfn.1 \
+ man8/chgpasswd.8 \
+ man8/chpasswd.8 \
+ man1/chsh.1 \
+ man1/expiry.1 \
+ man5/faillog.5 \
+ man8/faillog.8 \
+ man3/getspnam.3 \
+ man1/gpasswd.1 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmems.8 \
+ man8/groupmod.8 \
+ man1/groups.1 \
+ man8/grpck.8 \
+ man8/grpconv.8 \
+ man8/grpunconv.8 \
+ man5/gshadow.5 \
+ man8/lastlog.8 \
+ man1/login.1 \
+ man5/login.defs.5 \
+ man8/logoutd.8 \
+ man1/newgrp.1 \
+ man8/newusers.8 \
+ man8/nologin.8 \
+ man1/passwd.1 \
+ man5/passwd.5 \
+ man8/pwck.8 \
+ man8/pwconv.8 \
+ man8/pwunconv.8 \
+ man1/sg.1 \
+ man3/shadow.3 \
+ man5/shadow.5 \
+ man1/su.1 \
+ man5/suauth.5 \
+ man8/useradd.8 \
+ man8/userdel.8 \
+ man8/usermod.8 \
+ man8/vigr.8 \
+ man8/vipw.8
+
+man_nopam = \
+ man5/limits.5 \
+ man5/login.access.5 \
+ man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+ $(man_MANS) \
+ man1/id.1 \
+ man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/ja/Makefile.am b/man/ja/Makefile.am
new file mode 100644
index 0000000..ffb75a9
--- /dev/null
+++ b/man/ja/Makefile.am
@@ -0,0 +1,58 @@
+
+mandir = @mandir@/ja
+
+man_MANS = \
+ man1/chage.1 \
+ man1/chfn.1 \
+ man8/chpasswd.8 \
+ man1/chsh.1 \
+ man1/expiry.1 \
+ man5/faillog.5 \
+ man8/faillog.8 \
+ man1/gpasswd.1 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmod.8 \
+ man1/groups.1 \
+ man8/grpck.8 \
+ man8/grpconv.8 \
+ man8/grpunconv.8 \
+ man8/lastlog.8 \
+ man1/login.1 \
+ man5/login.defs.5 \
+ man8/logoutd.8 \
+ man1/newgrp.1 \
+ man8/newusers.8 \
+ man1/passwd.1 \
+ man5/passwd.5 \
+ man8/pwck.8 \
+ man8/pwconv.8 \
+ man8/pwunconv.8 \
+ man1/sg.1 \
+ man5/shadow.5 \
+ man1/su.1 \
+ man5/suauth.5 \
+ man8/useradd.8 \
+ man8/userdel.8 \
+ man8/usermod.8 \
+ man8/vigr.8 \
+ man8/vipw.8
+
+man_nopam = \
+ man5/limits.5 \
+ man5/login.access.5 \
+ man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+ $(man_MANS) \
+ man1/id.1 \
+ man3/shadow.3 \
+ man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
diff --git a/man/ja/man1/chage.1 b/man/ja/man1/chage.1
new file mode 100644
index 0000000..cad8bfe
--- /dev/null
+++ b/man/ja/man1/chage.1
@@ -0,0 +1,120 @@
+.\" $Id$
+.\" Copyright 1990 - 1994 Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH CHAGE 1
+.SH åå‰
+chage \- ユーザパスワードã®æœ‰åŠ¹æœŸé™æƒ…報を変更ã™ã‚‹ã€‚
+.SH 書å¼
+.TP 6
+\fBchage\fR
+[\fB\-m\fR \fImindays\fR] [\fB\-M\fR \fImaxdays\fR]
+[\fB\-d\fR \fIlastday\fR] [\fB\-I\fR \fIinactive\fR]
+.br
+[\fB\-E\fR \fIexpiredate\fR] [\fB\-W\fR \fIwarndays\fR] \fIuser\fR
+.TP 6
+\fBchage\fR
+\fB\-l\fR \fIuser\fR
+.SH 説明
+\fBchage\fR ã¯ã€
+パスワードを最後ã«æ›´æ–°ã—ã¦ã‹ã‚‰ã€
+次ã«å¤‰æ›´ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„期日ã¾ã§ã®æ—¥æ•°ã‚’変更ã™ã‚‹ã€‚
+システムã¯ã“ã®æƒ…報を用ã„ã¦ã€
+ユーザãŒã„ã¤ãƒ‘スワードを変更ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„ã‹ã‚’決定ã™ã‚‹ã€‚
+\fBchage\fR コマンドを使ãˆã‚‹ã®ã¯ root ユーザã®ã¿ã«é™ã‚‰ã‚Œã¦ã„る。
+ãŸã ã—一般ユーザも \fB\-l\fR オプションを指定ã™ã‚Œã°ã“ã®ã‚³ãƒžãƒ³ãƒ‰ã‚’利用ã§ãã€
+自分ã®ãƒ‘スワードã¾ãŸã¯ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãŒã„ã¤åˆ‡ã‚Œã‚‹ã‹ã‚’知るã“ã¨ãŒã§ãる。
+.PP
+\fB\-m\fR オプションを指定ã—ãŸå ´åˆã€
+\fImindays\fR ã®å€¤ã¯ãƒ‘スワード変更ã®é–“éš”ã®æœ€çŸ­æ—¥æ•°ã«ãªã‚‹ã€‚
+ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’ゼロã¨ã—ãŸæ™‚ã¯ã€ãƒ¦ãƒ¼ã‚¶ã¯ã„ã¤ã§ã‚‚パスワードを変更ã§ãる。
+.PP
+\fB\-M\fR オプションを指定ã™ã‚‹ã¨ã€
+\fImaxdays\fR ã®å€¤ã¯ãƒ‘スワードãŒæœ‰åŠ¹ãªæœ€é•·æ—¥æ•°ã¨ãªã‚‹ã€‚
+\fImaxdays\fR 㨠\fIlastday\fR を足ã—ãŸå€¤ãŒç¾åœ¨ã®æ—¥ä»˜ã‚ˆã‚Šå°ã•ã„å ´åˆã€
+ユーザã¯ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã‚’使用ã™ã‚‹å‰ã«ãƒ‘スワードを変更ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+\fB\-W\fR オプションを使ãˆã°ã“ã®æœŸæ—¥ãŒã„ã¤æ¥ã‚‹ã‹ãŒåˆ†ã‹ã‚‹ã‚ˆã†ã«ã§ãる。
+ã“ã®å ´åˆã¯ãƒ¦ãƒ¼ã‚¶ã«äº‹å‰ã«è­¦å‘ŠãŒä¸Žãˆã‚‰ã‚Œã‚‹ã€‚
+.PP
+\fB\-d\fR オプションを用ã„ã‚‹ã¨ã€
+パスワードã®æœ€çµ‚更新日を設定ã§ãる。
+\fIlastday\fR ã®å€¤ã¯
+1970 å¹´ 1 月 1 æ—¥ã‹ã‚‰ãƒ‘スワード最終更新日ã¾ã§ã®æ—¥æ•°ã§ã‚る。
+日付㯠YYYY\-MM\-DD ã¨ã„ã†æ›¸å¼
+(ã‚‚ã—ãã¯ã‚ãªãŸã®åœ°åŸŸã§ã‚‚ã£ã¨ã‚ˆã用ã„られã¦ã„る書å¼)
+ã§æŒ‡å®šã™ã‚‹äº‹ã‚‚ã§ãる。
+.PP
+\fB\-E\fR オプションã¯ã€
+ãれ以é™ãƒ¦ãƒ¼ã‚¶ãŒã‚¢ã‚«ã‚¦ãƒ³ãƒˆã«ã‚¢ã‚¯ã‚»ã‚¹ã§ããªããªã‚‹æ—¥ä»˜ã‚’設定ã™ã‚‹ã®ã«ç”¨ã„られる。
+\fIexpiredate\fR 㯠1970 å¹´ 1 月 1 æ—¥ã‹ã‚‰
+アカウントãŒãƒ­ãƒƒã‚¯ã•ã‚Œã‚‹æ—¥ã¾ã§ã®æ—¥æ•°ã§ã‚る。
+日付㯠YYYY\-MM\-DD ã¨ã„ã†æ›¸å¼
+(ã‚‚ã—ãã¯ã‚ãªãŸã®åœ°åŸŸã§ã‚‚ã£ã¨ã‚ˆã用ã„られã¦ã„ã‚‹ã‚‚ã®)
+ã§æŒ‡å®šã™ã‚‹ã“ã¨ã‚‚ã§ãる。
+アカウントをロックã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ãŒå†ã³ãã®ã‚·ã‚¹ãƒ†ãƒ ã‚’使ã†ã«ã¯ã€
+システム管ç†è€…ã¨é€£çµ¡ã‚’å–ã‚‹å¿…è¦ãŒã‚る。
+.PP
+\fB\-I\fR オプションã¯ã€
+パスワードã®æœŸé™ãŒåˆ‡ã‚Œã¦ã‹ã‚‰ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãŒãƒ­ãƒƒã‚¯ã•ã‚Œã‚‹ã¾ã§ã®
+放置日数を設定ã™ã‚‹ãŸã‚ã«ç”¨ã„る。
+アカウントをロックã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ãŒå†ã³ãã®ã‚·ã‚¹ãƒ†ãƒ ã‚’使ã†ãŸã‚ã«ã¯ã€
+システム管ç†è€…ã«é€£çµ¡ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+\fIinactive\fR ã¯ä½¿ç”¨ä¸èƒ½æœŸé–“ã®æ—¥æ•°ã§ã‚る。
+0 ã«ã™ã‚Œã°ã“ã®æ©Ÿèƒ½ã‚’無効ã«ã§ãる。
+.PP
+\fB\-W\fR オプションã¯ã€
+パスワードã®å¤‰æ›´ãŒå¿…è¦ã¨ãªã‚‹å‰ã«è­¦å‘Šã‚’è¡Œã†æœŸé–“ã®æ—¥æ•°ã‚’設定ã™ã‚‹ãŸã‚ã«ç”¨ã„る。
+\fIwarndays\fR ã¯ã€
+パスワードã®æœŸé™åˆ‡ã‚Œã«å…ˆã ã£ã¦ã€
+ユーザã«æœŸé™ãŒåˆ‡ã‚Œã‹ã‹ã£ã¦ã„ã‚‹ã“ã¨ã‚’警告ã™ã‚‹æ—¥æ•°ã§ã‚る。
+.PP
+ã„ãšã‚Œã®ã‚ªãƒ—ションも指定ã•ã‚Œãªã„ã¨
+\fBchage\fR ã¯å¯¾è©±çš„ã«å‹•ä½œã™ã‚‹ã€‚
+å…¨ã¦ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«å¯¾ã—ã¦å„々ç¾åœ¨ã®è¨­å®šå€¤ã‚’表示ã—ã€
+æ–°ã—ã„値ã®å…¥åŠ›ã‚’促ã™ã€‚
+æ–°ã—ã„値を設定ã™ã‚‹å ´åˆã¯ãれを入力ã—ã€
+ç¾åœ¨ã®å€¤ã‚’使ã†ãªã‚‰ç©ºè¡Œã®ã¾ã¾ãƒªã‚¿ãƒ¼ãƒ³ã‚­ãƒ¼ã‚’押ã›ã°ã‚ˆã„。
+ç¾åœ¨ã®å€¤ã¯ \fB[ ]\fR ã®é–“ã«è¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+.SH 注æ„
+\fBchage\fR プログラムを用ã„ã‚‹ã«ã¯ shadow パスワードファイルãŒå¿…è¦ã§ã‚る。
+ã“ã®æ©Ÿèƒ½ã¯ã€passwd ファイルã«ãƒ‘スワードãŒä¿å­˜ã•ã‚Œã¦ã„ã‚‹ã¨ãã«ã¯
+利用ã§ããªã„。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- shadow 化ã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆæƒ…å ±
+.SH 関連項目
+.BR passwd (5),
+.BR shadow (5)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/chfn.1 b/man/ja/man1/chfn.1
new file mode 100644
index 0000000..38971ea
--- /dev/null
+++ b/man/ja/man1/chfn.1
@@ -0,0 +1,72 @@
+.\" $Id$
+.\" Copyright 1990 - 1994 Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH CHFN 1
+.SH åå‰
+chfn \- ユーザã®æ°åや情報を変更ã™ã‚‹ã€‚
+.SH 書å¼
+.TP 5
+\fBchfn\fR [\fB\-f\fR \fIfull_name\fR] [\fB\-r\fR \fIroom_no\fR]
+.br
+[\fB\-w\fR \fIwork_ph\fR] [\fB\-h\fR \fIhome_ph\fR] [\fB\-o\fR \fIother\fR]
+[\fIuser\fR]
+.SH 説明
+\fBchfn\fR ã¯ã€ãƒ¦ãƒ¼ã‚¶ã®ãƒ•ãƒ«ãƒãƒ¼ãƒ ãƒ»ã‚ªãƒ•ã‚£ã‚¹ã®éƒ¨å±‹ç•ªå·ãƒ»å†…線番å·ãƒ»
+自宅ã®é›»è©±ç•ªå·ã¨ã„ã£ãŸã‚¢ã‚«ã‚¦ãƒ³ãƒˆæƒ…報を変更ã™ã‚‹ã€‚
+ã“ã®æƒ…報㯠\fBfinger\fR(1) ã®ã‚ˆã†ãªãƒ—ログラムã«ã‚ˆã£ã¦è¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+一般ユーザã¯è‡ªåˆ†è‡ªèº«ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆæƒ…å ±ã®ã¿ã‚’変更ã§ãる。
+スーパーユーザã¯å…¨ã¦ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã«å¯¾ã—ã¦æƒ…報を変更ã§ãる。
+ã¾ãŸ \fB\-o\fR オプションを用ã„ã¦
+GECOS 欄ã®æœªå®šç¾©éƒ¨åˆ†ã‚’変更ã§ãã‚‹ã®ã‚‚スーパーユーザã ã‘ã§ã‚る。
+.PP
+å„フィールドã«æ›¸ã内容ã«é–¢ã™ã‚‹åˆ¶é™ã¯ã€
+コントロール文字・コンマ・コロン・等å·ã‚’å«ã‚“ã§ã„ã¦ã¯ãªã‚‰ãªã„ã€
+ã¨ã„ã†ã“ã¨ã®ã¿ã§ã‚る。
+\fIother\fR 欄ã«å¯¾ã—ã¦ã¯ã“ã®åˆ¶é™ã¯ãªã„ã®ã§ã€
+ä»–ã®ã‚¢ãƒ—リケーションãŒç”¨ã„るアカウンティング情報ã®è¨˜éŒ²ã«åˆ©ç”¨ã•ã‚Œã‚‹ã€‚
+.PP
+ã„ãšã‚Œã®ã‚ªãƒ—ションも指定ã•ã‚Œãªã„ã¨
+\fBchfn\fR ã¯å¯¾è©±çš„ã«å‹•ä½œã™ã‚‹ã€‚
+å…¨ã¦ã®æ¬„ã«å¯¾ã—ã¦å„々ç¾åœ¨ã®è¨­å®šå€¤ã‚’表示ã—ã€æ–°ã—ã„値ã®å…¥åŠ›ã‚’促ã™ã€‚
+æ–°ã—ã„値を設定ã™ã‚‹å ´åˆã¯ãれを入力ã—ã€
+ç¾åœ¨ã®å€¤ã‚’使ã†ãªã‚‰ç©ºè¡Œã®ã¾ã¾ãƒªã‚¿ãƒ¼ãƒ³ã‚­ãƒ¼ã‚’押ã›ã°ã‚ˆã„。
+ç¾åœ¨ã®å€¤ã¯ \fB[ ]\fR 記å·ã®é–“ã«è¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+オプションを指定ã—ãªã‹ã£ãŸå ´åˆã€
+chfn ã¯ç¾åœ¨ã®ãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã«å¯¾ã—ã¦å‹•ä½œã™ã‚‹ã€‚
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.SH 関連項目
+.BR passwd (5)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/chsh.1 b/man/ja/man1/chsh.1
new file mode 100644
index 0000000..d56be97
--- /dev/null
+++ b/man/ja/man1/chsh.1
@@ -0,0 +1,72 @@
+.\"$Id$
+.\" Copyright 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH CHSH 1
+.SH åå‰
+chsh \- ログインシェルを変更ã™ã‚‹
+.SH 書å¼
+.TP 5
+\fBchsh\fR
+[\fB\-s\fR \fIlogin_shell\fR] [\fIuser\fR]
+.SH 説明
+\fBchsh\fR ã¯ãƒ¦ãƒ¼ã‚¶ã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã‚’変更ã™ã‚‹ã€‚
+ã“ã‚Œã«ã‚ˆã£ã¦ã€ãƒ¦ãƒ¼ã‚¶ãŒãƒ­ã‚°ã‚¤ãƒ³ã—ã¦æœ€åˆã«å®Ÿè¡Œã•ã‚Œã‚‹ã‚³ãƒžãƒ³ãƒ‰ãŒæ±ºã¾ã‚‹ã€‚
+一般ユーザã¯è‡ªåˆ†ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã®ã¿ã‚’変更ã§ãる。
+スーパーユーザã¯å…¨ã¦ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã‚’変更ã§ãる。
+.PP
+ログインシェルã¯ã€
+コマンドå㌠\fI/etc/shells\fR ã«è¨˜è¼‰ã•ã‚Œã¦ã„ã‚Œã°ãªã‚“ã§ã‚‚良ã„。
+スーパーユーザã®å ´åˆã¯ã“ã®åˆ¶é™ã¯ãªãã€ã„ã‹ãªã‚‹å€¤ã§ã‚‚指定ã§ãる。
+機能を制é™ã•ã‚ŒãŸãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã‚’用ã„ã¦ã„るアカウントã‹ã‚‰ã¯ã€
+ログインシェルを変更ã§ããªã„ã‹ã‚‚ã—ã‚Œãªã„。
+ã“ã®ç†ç”±ã‹ã‚‰ã€
+\fB/bin/rsh\fR 㯠\fI/etc/shells\fR ã«ã¯æ›¸ã‹ãªã„ã»ã†ãŒè‰¯ã„。
+誤ã£ã¦æ©Ÿèƒ½ãŒåˆ¶é™ã•ã‚ŒãŸã‚·ã‚§ãƒ«ã«å¤‰æ›´ã—ã¦ã—ã¾ã†ã¨ã€
+ログインシェルを元ã®ã‚‚ã®ã«æˆ»ã›ãªããªã£ã¦ã—ã¾ã†ã‹ã‚‰ã§ã‚る。
+.PP
+\fB\-s\fR オプションを指定ã—ãªã‹ã£ãŸå ´åˆã¯ã€
+\fBchsh\fR ã¯å¯¾è©±çš„ã«å‹•ä½œã™ã‚‹ã€‚
+ユーザã®ç¾åœ¨ã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã‚’表示ã—ã€æ–°ã—ã„値ã®å…¥åŠ›ã‚’促ã™ã€‚
+設定値を変更ã™ã‚‹ãªã‚‰æ–°ã—ã„値を入力ã—ã€
+ç¾åœ¨ã®å€¤ã‚’使ã†ãªã‚‰ç©ºè¡Œã®ã¾ã¾ãƒªã‚¿ãƒ¼ãƒ³ã‚­ãƒ¼ã‚’押ã›ã°ã‚ˆã„。
+ç¾åœ¨ã®ã‚·ã‚§ãƒ«ã¯ \fB[ ]\fR 記å·ã®é–“ã«è¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shells\fR \- 指定ã§ãるログインシェルã®ãƒªã‚¹ãƒˆ
+.SH 関連項目
+.BR chfn (1),
+.BR passwd (5)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/expiry.1 b/man/ja/man1/expiry.1
new file mode 100644
index 0000000..d671507
--- /dev/null
+++ b/man/ja/man1/expiry.1
@@ -0,0 +1,53 @@
+.\" $Id$
+.\" Copyright 1990 - 1994 Julianne Frances Haugh
+.\" All rights reserved.
+.\" Modified for expiry by Ben Collins <bcollins@debian.org>, 1999
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 2002 NAKANO Takeo all rights reserved.
+.\" Translated Sun 3 Mar 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH EXPIRY 1
+.SH åå‰
+expiry \- パスワードã®æœŸé™åˆ‡ã‚Œãƒãƒªã‚·ãƒ¼ã®ãƒã‚§ãƒƒã‚¯ã¨åŸ·è¡Œ
+.SH 書å¼
+.TP 6
+\fBexpiry\fR [\fB\-c\fR] [\fB\-f\fR]
+.SH 説明
+.B expiry
+ã¯ç¾åœ¨ã®ãƒ‘スワード期é™åˆ‡ã‚Œæƒ…報をãƒã‚§ãƒƒã‚¯ (\fB\-c\fR) ã—ã€
+å¿…è¦ãªå ´åˆã¯å¤‰æ›´ã‚’強制ã™ã‚‹ (\fB\-f\fR)。
+ã“ã®ã‚³ãƒžãƒ³ãƒ‰ã¯é€šå¸¸ã®ãƒ¦ãƒ¼ã‚¶ã‚³ãƒžãƒ³ãƒ‰ã¨ã—ã¦å‘¼ã³å‡ºã—å¯èƒ½ã§ã‚る。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- shadow 化ã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆæƒ…å ±
+.SH 関連項目
+.BR passwd (5),
+.BR shadow (5)
+.SH 著者
+Ben Collins <bcollins@debian.org>
diff --git a/man/ja/man1/gpasswd.1 b/man/ja/man1/gpasswd.1
new file mode 100644
index 0000000..1b34157
--- /dev/null
+++ b/man/ja/man1/gpasswd.1
@@ -0,0 +1,70 @@
+.\"$Id$
+.\" Copyright 1996, Rafal Maszkowski <rzm@pdi.net>
+.\" All rights reserved. You can redistribute this man page and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of the
+.\" License, or (at your option) any later version.
+.\"
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified 3 Mar 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH GPASSWD 1
+.SH åå‰
+gpasswd \- /etc/groupファイルを管ç†ã™ã‚‹
+.SH 書å¼
+\fBgpasswd\fR \fIgroup\fR
+.br
+\fBgpasswd \-a\fR \fIuser\fR \fIgroup\fR
+.br
+\fBgpasswd \-d\fR \fIuser\fR \fIgroup\fR
+.br
+\fBgpasswd \-R\fR \fIgroup\fR
+.br
+\fBgpasswd \-r\fR \fIgroup\fR
+.br
+\fBgpasswd\fR [\fB\-A\fR \fIuser\fR,...] [\fB\-M\fR \fIuser\fR,...] \fIgroup\fR
+.SH 説明
+.B gpasswd
+㯠/etc/group ファイル
+(ãŠã‚ˆã³ SHADOWGRP を定義ã—ã¦ã‚³ãƒ³ãƒ‘イルã—ãŸæ™‚㯠/etc/gshadow ファイル)
+ã®ç®¡ç†ã«ç”¨ã„られる。
+å„グループã«ã¯ã€ç®¡ç†è€…・メンãƒãƒ¼ãƒ»ãƒ‘スワードを設定ã§ãる。
+システム管ç†è€…ã¯ã€
+\fB\-A\fR オプションを使ã£ã¦ã‚°ãƒ«ãƒ¼ãƒ—管ç†è€… (複数ã§ã‚‚å¯) を定義ã—ãŸã‚Šã€
+\fB\-M\fR オプションを使ã£ã¦ãƒ¡ãƒ³ãƒãƒ¼ã‚’定義ã—ãŸã‚Šã§ãã€
+å„グループã®ç®¡ç†è€…・メンãƒãƒ¼ã¨åŒç­‰ã®ç‰¹æ¨©ã‚’æŒã¤ã€‚
+.PP
+グループ管ç†è€…ã¯ã€\fB\-a\fR オプションを用ã„ã¦ãƒ¦ãƒ¼ã‚¶ã‚’追加ã—ãŸã‚Šã€
+\fB\-d\fR オプションを用ã„ã¦ãƒ¦ãƒ¼ã‚¶ã‚’削除ã—ãŸã‚Šã§ãる。
+管ç†è€…㯠\fB\-r\fR オプションを用ã„ã¦ã‚°ãƒ«ãƒ¼ãƒ—パスワードを削除ã§ãる。
+パスワードãŒè¨­å®šã•ã‚Œã¦ã„ãªã„時ã¯ã€
+グループã®ãƒ¡ãƒ³ãƒãƒ¼ã®ã¿ãŒ
+.BR newgrp (1)
+を用ã„ã¦ã‚°ãƒ«ãƒ¼ãƒ—ã®ä¸€å“¡ã«ãªã‚Œã‚‹ã€‚
+オプション \fB\-R\fR を指定ã™ã‚‹ã¨ã€
+.BR newgrp (1)
+コマンドを用ã„ãŸã‚°ãƒ«ãƒ¼ãƒ—ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã¯ã§ããªããªã‚‹ã€‚
+.PP
+グループã®ç®¡ç†è€…ãŒã‚°ãƒ«ãƒ¼ãƒ—åã®ã¿ã‚’指定ã—ã¦
+.B gpasswd
+コマンドを実行ã—ãŸå ´åˆã¯ã€
+パスワードã®å…¥åŠ›ã‚’求ã‚られる。
+パスワードãŒè¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã§ã‚‚ã€
+メンãƒãƒ¼ã¯ãƒ‘スワードãªã—ã§
+.BR newgrp (1)
+コマンドを使ãˆã‚‹ãŒã€
+メンãƒãƒ¼ã§ãªã„人ã¯ãƒ‘スワードを入力ã—ãªãã¦ã¯ãªã‚‰ãªã„。
+.SH ファイル
+\fI/etc/group\fR \- グループ情報
+.br
+\fI/etc/gshadow\fR \- shadow ã•ã‚ŒãŸã‚°ãƒ«ãƒ¼ãƒ—情報
+.SH 関連項目
+.BR newgrp (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR grpck (8)
+.SH 著者
+Rafal Maszkowski <rzm@pdi.net>
diff --git a/man/ja/man1/groups.1 b/man/ja/man1/groups.1
new file mode 100644
index 0000000..f0a2bbf
--- /dev/null
+++ b/man/ja/man1/groups.1
@@ -0,0 +1,65 @@
+.\"$Id$
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 2001 Maki KURODA
+.\" all right reserved,
+.\" Translated Tue Oct 30 11:58:18 JST 2001
+.\" by Maki KURODA <mkuroda@aisys\-jp.com>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.\"WORD: concurrent group set åŒæ™‚所属グループ集åˆ
+.\"WORD: real group ID 実グループ ID
+.\"WORD: effective group ID 実効グループ ID
+.\"
+.TH GROUPS 1
+.SH åå‰
+groups \- ç¾åœ¨ã®ã‚°ãƒ«ãƒ¼ãƒ—åã®è¡¨ç¤º
+.SH 書å¼
+\fBgroups\fR [\fIuser\fR]
+.SH 説明
+.B groups
+ã¯ç¾åœ¨ã®ã‚°ãƒ«ãƒ¼ãƒ—ã®åå‰ã¾ãŸã¯ ID 値を表示ã™ã‚‹ã€‚
+ID 値ã«å¯¾å¿œã™ã‚‹åå‰ãŒ \fI/etc/group\fR ã«ç™»éŒ²ã•ã‚Œã¦ã„ãªã‘ã‚Œã°ã€
+数値ã®ã‚°ãƒ«ãƒ¼ãƒ— ID ã§è¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+パラメータã¨ã—㦠\fIuser\fR を与ãˆã‚‹ã¨ã€
+指定ã—㟠\fIuser\fR ãŒæ‰€å±žã™ã‚‹ã‚°ãƒ«ãƒ¼ãƒ—åを表示ã™ã‚‹ã€‚
+.SH 注æ„
+åŒæ™‚æ‰€å±žã‚°ãƒ«ãƒ¼ãƒ—é›†åˆ (concurrent group set)
+をサãƒãƒ¼ãƒˆã—ã¦ã„ãªã„システムã§ã¯ã€
+\fI/etc/group\fR ã®æƒ…å ±ãŒå ±å‘Šã•ã‚Œã‚‹ã€‚
+ユーザãŒç¾åœ¨ã®å®Ÿã‚°ãƒ«ãƒ¼ãƒ— ID や実効グループ ID を変更ã™ã‚‹ã«ã¯ã€
+\fBnewgrp\fR ã‚„ \fBsg\fR を使用ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.SH ファイル
+/etc/group \- グループ情報
+.SH 関連項目
+.BR newgrp (1),
+.BR getuid (2),
+.BR getgid (2),
+.BR getgroups (2)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/id.1 b/man/ja/man1/id.1
new file mode 100644
index 0000000..197cbe7
--- /dev/null
+++ b/man/ja/man1/id.1
@@ -0,0 +1,57 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 2000 ISHIKAWA Keisuke
+.\" all rights reserved.
+.\" Translated Thu Nov 9 23:17:10 JST 2000
+.\" by ISHIKAWA Keisuke
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH ID 1
+.SH åå‰
+id \- ç¾åœ¨ã®ãƒ¦ãƒ¼ã‚¶ ID åã¨ã‚°ãƒ«ãƒ¼ãƒ— ID åを表示ã™ã‚‹
+.SH 書å¼
+\fBid\fR [\fB\-a\fR]
+.SH 説明
+\fBid\fRã¯ã€ç¾åœ¨ã®å®Ÿãƒ¦ãƒ¼ã‚¶ IDã€å®ŸåŠ¹ãƒ¦ãƒ¼ã‚¶ IDã€å®Ÿã‚°ãƒ«ãƒ¼ãƒ— IDã€
+実効グループ ID ã®åå‰ã¾ãŸã¯å€¤ã‚’表示ã™ã‚‹ã€‚
+値ã«å¯¾å¿œã™ã‚‹ã‚¨ãƒ³ãƒˆãƒªãŒ \fI/etc/passwd\fR ã‚„
+\fI/etc/group\fR ã«å­˜åœ¨ã—ãªã„å ´åˆã¯ã€
+対応ã™ã‚‹åå‰ã¯è¡¨ç¤ºã•ã‚Œãšã«å€¤ã ã‘ãŒè¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+ユーザãŒåŒæ™‚ã«è¤‡æ•°ã®ã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒ¡ãƒ³ãƒãƒ¼ã«ãªã‚Œã‚‹ã‚·ã‚¹ãƒ†ãƒ ã§ã¯ã€
+\fB\-a\fR オプションを指定ã™ã‚‹ã¨ã‚°ãƒ«ãƒ¼ãƒ—ã®é›†åˆãŒè¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザーアカウント情報
+.br
+\fI/etc/group\fR \ \- グループ情報
+.SH 関連項目
+.BR getgid (2),
+.BR getgroups (2),
+.BR getuid (2)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/login.1 b/man/ja/man1/login.1
new file mode 100644
index 0000000..44d305e
--- /dev/null
+++ b/man/ja/man1/login.1
@@ -0,0 +1,141 @@
+.\" $Id$
+.\" Copyright 1989 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH LOGIN 1
+.SH åå‰
+login \- システム上ã§ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’é–‹ã
+.SH 書å¼
+\fBlogin\fR [\fB\-p\fR] [\fIusername\fR] [\fIENV=VAR\fR ...]
+.br
+\fBlogin\fR [\fB\-p\fR] [\fB\-h\fR \fIhost\fR] [\fB\-f\fR \fIusername\fR]
+.br
+\fBlogin\fR [\fB\-p\fR] \fB\-r\fR \fIhost\fR
+.SH 説明
+.B login
+ã¯ã‚·ã‚¹ãƒ†ãƒ ã«æ–°ãŸã«ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’é–‹ããŸã‚ã«ç”¨ã„られる。
+通常ã¯ã€ãƒ¦ãƒ¼ã‚¶ã®ç«¯æœ«ã«è¡¨ç¤ºã•ã‚Œã‚‹
+.I login:
+ã¨ã„ã†ãƒ—ロンプトã«å¿œã˜ã‚‹äº‹ã«ã‚ˆã£ã¦è‡ªå‹•çš„ã«èµ·å‹•ã•ã‚Œã‚‹ã€‚
+.B login
+ã¯ã‚·ã‚§ãƒ«å°‚用ã®ã‚‚ã®ã§ã‚ã‚Šã€
+サブプロセスã¨ã—ã¦èµ·å‹•ã™ã‚‹ã“ã¨ã¯ã§ããªã„。
+通常シェルã¯
+.B login
+ã‚’
+\fBexec login\fR ã¨ã¿ãªã™ã®ã§ã€ãƒ¦ãƒ¼ã‚¶ã¯ç¾åœ¨ã®ã‚·ã‚§ãƒ«ã‹ã‚‰æŠœã‘ã‚‹ã“ã¨ã«ãªã‚‹ã€‚
+ログインシェル以外ã‹ã‚‰ \fBlogin\fR ã‚’èµ·å‹•ã—よã†ã¨ã™ã‚‹ã¨ã€
+エラーメッセージãŒè¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+.PP
+次ã„ã§ã€å¿…è¦ãªå ´åˆã«ã¯ã€ãƒ¦ãƒ¼ã‚¶ã¯ãƒ‘スワードを入力ã™ã‚‹ã‚ˆã†ä¿ƒã•ã‚Œã‚‹ã€‚
+パスワードを表示ã—ã¦ã—ã¾ã‚ãªã„よã†ã€ã‚¨ã‚³ãƒ¼ã¯è¡Œã‚ã‚Œãªã„。
+数回以上パスワード入力ã«å¤±æ•—ã™ã‚‹ã¨
+\fBlogin\fR ã¯çµ‚了ã—ã€é€šä¿¡ã®æŽ¥ç¶šã¯åˆ‡æ–­ã•ã‚Œã¦ã—ã¾ã†ã€‚
+.PP
+アカウントã«å¯¾ã—ã¦ãƒ‘スワードã®æœ‰åŠ¹æœŸé™ãŒè¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€
+å…ˆã«é€²ã‚€å‰ã«æ–°ã—ã„パスワードã®è¨­å®šã‚’促ã•ã‚Œã‚‹ã“ã¨ã‚‚ã‚る。
+セッションを続ã‘ã‚‹ãŸã‚ã«ã¯å¤ã„パスワードã¨
+æ–°ã—ã„パスワードを入力ã—ãªãã¦ã¯ãªã‚‰ãªã„。
+詳ã—ã„情報㯠\fBpasswd\fR(1) ã‚’å‚ç…§ã™ã‚‹ã“ã¨ã€‚
+.PP
+ログインã«æˆåŠŸã™ã‚‹ã¨ã€ã‚·ã‚¹ãƒ†ãƒ ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚„メールã®æœ‰ç„¡ãŒè¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+ログインディレクトリã«é•·ã• 0 ã®ãƒ•ã‚¡ã‚¤ãƒ« \fI.hushlogin\fR を作ã£ã¦ãŠã‘ã°ã€
+システムメッセージファイルã§ã‚ã‚‹
+\fI/etc/motd\fR ã®è¡¨ç¤ºã‚’無効ã«ã§ãる。
+メールã«é–¢ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã¯ã€ãƒ¡ãƒ¼ãƒ«ãƒœãƒƒã‚¯ã‚¹ã®çŠ¶æ…‹ã«ã‚ˆã£ã¦
+"\fBYou have new mail.\fR",
+"\fBYou have mail.\fR",
+"\fBNo Mail.\fR"
+ã®ã„ãšã‚Œã‹ã«ãªã‚‹ã€‚
+.PP
+ユーザ ID ã¨ã‚°ãƒ«ãƒ¼ãƒ—ã® ID ã¯
+\fI/etc/passwd\fR ファイル中ã«è¨˜è¼‰ã•ã‚Œã¦ã„る値ã«å¾“ã£ã¦è¨­å®šã•ã‚Œã‚‹ã€‚
+\fB$HOME\fR, \fB$SHELL\fR, \fB$PATH\fR, \fB$LOGNAME\fR, \fB$MAIL\fR
+ã®å€¤ã¯ã€ãƒ‘スワードエントリã®ãã‚Œãžã‚Œã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«å¾“ã£ã¦è¨­å®šã•ã‚Œã‚‹ã€‚
+ulimit, umask, nice 値ãŒã€
+GECOS フィールドã®ã‚¨ãƒ³ãƒˆãƒªãƒ¼ã«ã‚ˆã£ã¦è¨­å®šã•ã‚Œã‚‹ã“ã¨ã‚‚ã‚る。
+.PP
+インストール時ã®è¨­å®šã«ã‚ˆã£ã¦ã¯ã€
+\fI/etc/ttytype\fR ã®æŒ‡å®šã«å¾“ã£ã¦ã€
+環境変数\fB$TERM\fR㌠tty 接続ã®ç«¯æœ«ã®åž‹ (terminal type)
+ã«åˆæœŸåŒ–ã•ã‚Œã‚‹ã“ã¨ã‚‚ã‚る。
+.PP
+コマンドインタプリタã®åˆæœŸåŒ–スクリプトãŒå®Ÿè¡Œã•ã‚Œã‚‹ã“ã¨ã‚‚ã‚る。
+ã“ã®æ©Ÿèƒ½ã«ã¤ã„ã¦ã®è©³ã—ã„情報ã¯é©å½“ãªãƒžãƒ‹ãƒ¥ã‚¢ãƒ«ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã‚’å‚ç…§ã®ã“ã¨ã€‚
+.PP
+サブシステムログインã§ã¯ã€
+ログインシェルã®æœ€åˆã®æ–‡å­—ã« "*" ã‚’ç½®ã。
+渡ã•ã‚ŒãŸãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã¯ã€
+ユーザãŒå®Ÿéš›ã«ãƒ­ã‚°ã‚¤ãƒ³ã™ã‚‹æ–°ã—ã„ファイルシステムã®ãƒ«ãƒ¼ãƒˆã¨ã—ã¦æ‰±ã‚れる。
+.SH オプション
+.TP
+.B \-p
+環境をä¿å­˜ã™ã‚‹ã€‚
+.TP
+.B \-f
+ユーザã¯ã™ã§ã«èªè¨¼ã•ã‚Œã¦ã„ã‚‹ã‚‚ã®ã¨ã—ã¦ã€èªè¨¼å‹•ä½œã‚’è¡Œãªã‚ãªã„。
+.TP
+.B \-h
+ã“ã®ãƒ­ã‚°ã‚¤ãƒ³ã®ãƒªãƒ¢ãƒ¼ãƒˆãƒ›ã‚¹ãƒˆã®åå‰ã€‚
+.TP
+.B \-r
+rlogin ã®è‡ªå‹•ãƒ­ã‚°ã‚¤ãƒ³ãƒ—ロトコルを実行ã™ã‚‹ã€‚
+.PP
+\fB\-r\fP, \fB\-h\fP, \fB\-f\fP オプションã¯ã€
+root ㌠\fBlogin\fP ã‚’èµ·å‹•ã—ãŸå ´åˆã«ã®ã¿ç”¨ã„る。
+.SH 警告
+ã“ã®ç‰ˆã® \fBlogin\fR ã«ã¯å¤šãã®ã‚³ãƒ³ãƒ‘イル時オプションãŒã‚ã‚‹ãŒã€
+サイトã«ã‚ˆã£ã¦ã¯ã“ã®ã†ã¡ã®ä¸€éƒ¨ã—ã‹ä½¿ã‚ã‚Œã¦ã„ãªã„ã‹ã‚‚ã—ã‚Œãªã„。
+.PP
+システム設定ã®é•ã„ã«ã‚ˆã£ã¦ä¸Šè¨˜ãƒ•ã‚¡ã‚¤ãƒ«ã®ç½®ã場所ã¯å¤‰ã‚る。
+.SH ファイル
+\fI/var/run/utmp\fR \- ç¾åœ¨ã®ãƒ­ã‚°ã‚¤ãƒ³ã‚»ãƒƒã‚·ãƒ§ãƒ³ã®ãƒªã‚¹ãƒˆ
+.br
+\fI/var/log/wtmp\fR \- éŽåŽ»ã®ãƒ­ã‚°ã‚¤ãƒ³ã‚»ãƒƒã‚·ãƒ§ãƒ³ã®ãƒªã‚¹ãƒˆ
+.br
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- æš—å·åŒ–パスワードã¨æœ‰åŠ¹æœŸé™æƒ…å ±
+.br
+\fI/etc/motd\fR \- システムメッセージファイル
+.br
+\fI/etc/nologin\fR \- root 以外ã®ãƒ¦ãƒ¼ã‚¶ã®ãƒ­ã‚°ã‚¤ãƒ³ã‚’ç¦æ­¢ã™ã‚‹
+.br
+\fI/etc/ttytype\fR \- 端末ã®åž‹ã®ãƒªã‚¹ãƒˆ
+.br
+\fI$HOME/.hushlogin\fR \- システムメッセージã®è¡¨ç¤ºã‚’抑制ã™ã‚‹
+.SH 関連項目
+.BR mail (1),
+.BR passwd (1),
+.BR sh (1),
+.BR su (1),
+.\" .BR d_passwd (5),
+.BR login.defs (5),
+.BR nologin (5),
+.BR passwd (5),
+.BR getty (8)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/newgrp.1 b/man/ja/man1/newgrp.1
new file mode 100644
index 0000000..a60af04
--- /dev/null
+++ b/man/ja/man1/newgrp.1
@@ -0,0 +1,92 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Sun 3 Mar 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH NEWGRP 1
+.SH åå‰
+newgrp \- æ–°ã—ã„グループã«ãƒ­ã‚°ã‚¤ãƒ³ã™ã‚‹
+.br
+sg \- 別ã®ã‚°ãƒ«ãƒ¼ãƒ— ID ã§ã‚³ãƒžãƒ³ãƒ‰ã‚’実行ã™ã‚‹
+.SH 書å¼
+\fBnewgrp\fR [\fB\-\fR] [\fIgroup\fR]
+.br
+\fBsg\fR [\fB\-\fR] [\fIgroup\fR [[\fB\-c\fR] \fIcommand\fR]]
+.SH 説明
+.B newgrp
+ã¯ãƒ­ã‚°ã‚¤ãƒ³ã‚»ãƒƒã‚·ãƒ§ãƒ³ä¸­ã«ç¾åœ¨ã®ã‚°ãƒ«ãƒ¼ãƒ— ID を変更ã™ã‚‹ãŸã‚ã«ç”¨ã„られる。
+オプションã¨ã—㦠\fB\-\fR フラグを与ãˆãŸå ´åˆã¯ã€
+æ–°ãŸã«ãƒ­ã‚°ã‚¤ãƒ³ã—ãŸã®ã¨åŒã˜æ§˜ã«ç’°å¢ƒãŒå†åˆæœŸåŒ–ã•ã‚Œã‚‹ã€‚
+ãã†ã§ãªã„å ´åˆã¯ã€ç¾åœ¨ã®ä½œæ¥­ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’å«ã‚ã¦ã€
+ç¾åœ¨ã®ç’°å¢ƒã¯å¤‰åŒ–ã—ãªã„。
+.PP
+.B newgrp
+ã¯ç¾åœ¨ã®å®Ÿã‚°ãƒ«ãƒ¼ãƒ— ID ã‚’ã€æŒ‡å®šã—ãŸã‚°ãƒ«ãƒ¼ãƒ—ã«
+(グループåを指定ã—ãªã‹ã£ãŸå ´åˆã¯ \fI/etc/passwd\fR
+ã«è¨˜è¼‰ã•ã‚ŒãŸãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ã‚°ãƒ«ãƒ¼ãƒ—ã«) 変更ã™ã‚‹ã€‚
+ユーザã«ã¯ãƒ‘スワードãŒãªãグループã«ã¯ã‚ã‚‹å ´åˆã€
+ã‚ã‚‹ã„ã¯ãƒ¦ãƒ¼ã‚¶ãŒã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒ¡ãƒ³ãƒãƒ¼ã§ã¯ãªã
+グループã«ãƒ‘スワードãŒã‚ã‚‹å ´åˆã«ã¯ã€
+ãã®ãƒ¦ãƒ¼ã‚¶ã¯ãƒ‘スワードã®å…¥åŠ›ã‚’求ã‚られる。
+グループã®ãƒ‘スワードãŒè¨­å®šã•ã‚Œã¦ãŠã‚‰ãšã€
+ã‹ã¤ãƒ¦ãƒ¼ã‚¶ãŒã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒ¡ãƒ³ãƒãƒ¼ã§ãªã„å ´åˆã¯ã€
+アクセスã¯æ‹’å¦ã•ã‚Œã‚‹ã€‚
+.PP
+.B sg
+コマンドã¯
+.B newgrp
+ã¨åŒæ§˜ã«å‹•ä½œã™ã‚‹ãŒã€ã‚³ãƒžãƒ³ãƒ‰ã‚’å—ã‘付ã‘る。
+ã“ã®ã‚³ãƒžãƒ³ãƒ‰ã¯ \fB/bin/sh\fR シェルã§å®Ÿè¡Œã•ã‚Œã‚‹ã€‚
+コマンドãŒè¤‡æ•°ã®å˜èªžã‹ã‚‰ãªã‚‹å ´åˆã¯ã€
+sg ã®å®Ÿè¡Œå…ƒã¨ãªã‚‹ã§ã‚ã‚ã†ã‚·ã‚§ãƒ«ã®ã»ã¨ã‚“ã©ã«ãŠã„ã¦ã€
+ã“れらをクォートã™ã‚‹å¿…è¦ãŒã‚ã‚‹ã ã‚ã†ã€‚
+.BR newgrp " 㨠" sg
+ã®ã‚‚ã†ä¸€ã¤ã®é•ã„ã¯ã€
+特定ã®ã‚·ã‚§ãƒ«ãŒ \fBnewgrp\fR を特別ã«æ‰±ã†ç‚¹ã«ã‚る。
+ã“ã®ã‚ˆã†ãªã‚·ã‚§ãƒ«ã¯ã€è‡ªåˆ†è‡ªèº«ã‚’
+.B newgrp
+ãŒç”Ÿæˆã—ãŸæ–°ã—ã„実体ã¨ç½®ãæ›ãˆã‚‹ã€‚ã“ã®ã‚ˆã†ãªã“ã¨ã¯
+.B sg
+ã§ã¯èµ·ããªã„ã®ã§ã€
+.B sg
+コマンドã‹ã‚‰æˆ»ã£ãŸéš›ã«ã¯ä»¥å‰ã®ã‚°ãƒ«ãƒ¼ãƒ— ID ã«æˆ»ã‚‹ã€‚
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/group\fR \- グループ情報
+.SH 関連項目
+.BR id (1),
+.BR login (1),
+.BR su (1)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/passwd.1 b/man/ja/man1/passwd.1
new file mode 100644
index 0000000..15f55d4
--- /dev/null
+++ b/man/ja/man1/passwd.1
@@ -0,0 +1,217 @@
+.\" $Id$
+.\" Copyright 1989 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated 2 Mar 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH PASSWD 1
+.SH åå‰
+passwd \- ユーザパスワードを変更ã™ã‚‹
+.SH 書å¼
+\fBpasswd\fR [\fB\-f\fR|\fB\-s\fR] [\fIname\fR]
+.br
+\fBpasswd\fR [\fB\-g\fR] [\fB\-r\fR|\fB\-R\fR] \fIgroup\fR
+.br
+\fBpasswd\fR [\fB\-x\fR \fImax\fR] [\fB\-n\fR \fImin\fR]
+[\fB\-w\fR \fIwarn\fR] [\fB\-i\fR \fIinact\fR] \fIlogin\fR
+.br
+\fBpasswd\fR {\fB\-l\fR|\fB\-u\fR|\fB\-d\fR|\fB\-S\fR|\fB\-e\fR} \fIlogin\fR
+.SH 説明
+\fBpasswd\fR ã¯ãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãƒ»ã‚°ãƒ«ãƒ¼ãƒ—アカウントã®ãƒ‘スワードを変更ã™ã‚‹ã€‚
+一般ユーザã¯è‡ªåˆ†ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã®ãƒ‘スワードã—ã‹å¤‰æ›´ã§ããªã„。
+スーパーユーザã¯ã„ã‹ãªã‚‹ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã®ãƒ‘スワードも変更ã§ãる。
+グループã®ç®¡ç†è€…ã¯ã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒ‘スワードを変更ã§ãる。
+\fBpasswd\fR ã«ã‚ˆã£ã¦ã€ãƒ¦ãƒ¼ã‚¶ã®ãƒ•ãƒ«ãƒãƒ¼ãƒ ãƒ»ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ãƒ»
+パスワードã®æœŸé™åˆ‡ã‚Œã®æ—¥ä»˜ãƒ»
+有効期間ã¨ã„ã£ãŸã‚¢ã‚«ã‚¦ãƒ³ãƒˆæƒ…報を変更ã™ã‚‹ã“ã¨ã‚‚ã§ãる。
+.PP
+.B \-s
+オプションを指定ã™ã‚‹ã¨
+.BR passwd " 㯠" chsh
+を呼ã³å‡ºã—ã¦ãƒ¦ãƒ¼ã‚¶ã®ã‚·ã‚§ãƒ«ã‚’変更ã™ã‚‹ã€‚
+.B \-f
+オプションを指定ã™ã‚‹ã¨
+.BR passwd " 㯠" chfn
+を呼ã³å‡ºã—ã¦ãƒ¦ãƒ¼ã‚¶ã® GECOS 情報を変更ã™ã‚‹ã€‚
+ã“れら㮠2 ã¤ã®ã‚ªãƒ—ションã¯äº’æ›æ€§ã®ãŸã‚ã ã‘ã«ã‚る。
+chsh ã‚„ chfn を直接呼ã³å‡ºã—ã¦ã‚‚構ã‚ãªã„。
+.SS パスワードã®å¤‰æ›´
+パスワードãŒæ—¢ã«ã‚ã‚‹å ´åˆã¯ã€ã¾ãšå¤ã„パスワードを入力ã™ã‚‹ã‚ˆã†ä¿ƒã•ã‚Œã‚‹ã€‚
+入力ã•ã‚ŒãŸãƒ‘スワードã¯æš—å·åŒ–ã•ã‚Œã€è¨˜éŒ²ã•ã‚Œã¦ã„ã‚‹ã‚‚ã®ã¨ç…§åˆã•ã‚Œã‚‹ã€‚
+æ­£ã—ã„パスワードを 1 回ã§å…¥åŠ›ã—ãªãã¦ã¯ãªã‚‰ãªã„。
+スーパーユーザã¯ã€ãƒ‘スワードを忘れã¦ã—ã¾ã£ãŸéš›ã®å¤‰æ›´ã‚‚è¡Œãªãˆã‚‹æ§˜ã«ã€
+ã“ã®ã‚¹ãƒ†ãƒƒãƒ—ã‚’çœç•¥ã§ãる。
+.PP
+パスワードãŒå…¥åŠ›ã•ã‚ŒãŸå¾Œã€ãƒ‘スワード有効期é™ã®æƒ…報を調ã¹ã€
+ç¾åœ¨ãƒ‘スワードã®å¤‰æ›´ãŒè¨±ã•ã‚Œã¦ã„ã‚‹ã‹æ¤œæŸ»ã™ã‚‹ã€‚
+ã‚‚ã—許å¯ã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€
+\fBpasswd\fR ã¯å¤‰æ›´ã‚’æ‹’å¦ã—ã¦çµ‚了ã™ã‚‹ã€‚
+.PP
+次ã«ãƒ¦ãƒ¼ã‚¶ã¯ã€ç½®ãæ›ãˆã‚‹ãƒ‘スワードを入力ã™ã‚‹ã‚ˆã†ä¿ƒã•ã‚Œã‚‹ã€‚
+入力ã•ã‚ŒãŸãƒ‘スワードã¯ã€å……分複雑ã‹ã©ã†ã‹æ¤œæŸ»ã•ã‚Œã‚‹ã€‚
+一般的ãªæŒ‡é‡ã¨ã—ã¦ã¯ã€
+パスワードã¯ä»¥ä¸‹ã®é›†åˆãã‚Œãžã‚Œã‹ã‚‰ä¸€ã¤ä»¥ä¸Šã®æ–‡å­—を使ã£ãŸ
+6 ã‹ã‚‰ 8 文字ã®ã‚‚ã®ã«ã™ã¹ãã§ã‚る。
+.IP "" .5i
+å°æ–‡å­—ã®ã‚¢ãƒ«ãƒ•ã‚¡ãƒ™ãƒƒãƒˆ
+.IP "" .5i
+大文字ã®ã‚¢ãƒ«ãƒ•ã‚¡ãƒ™ãƒƒãƒˆ
+.IP "" .5i
+0 ã‹ã‚‰ 9 ã¾ã§ã®æ•°å­—
+.IP "" .5i
+å¥èª­ç‚¹
+.PP
+システムã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®æ¶ˆåŽ»æ–‡å­—ã‚„
+kill 文字をå«ã‚ãªã„よã†ã«æ³¨æ„ã™ã‚‹ã“ã¨ã€‚
+\fBpasswd\fR ã¯ã‚ã¾ã‚Šã«å˜ç´”ãªãƒ‘スワードã¸ã®å¤‰æ›´ã¯æ‹’å¦ã™ã‚‹ã€‚
+.PP
+入力ã—ãŸãƒ‘スワードãŒå—ã‘入れられãŸå ´åˆã€
+\fBpasswd\fR ã¯ã‚‚ã†ä¸€åº¦å…¥åŠ›ã‚’促ã—ã€
+二番目ã«å…¥åŠ›ã—ãŸã‚‚ã®ã‚’最åˆã®ã‚‚ã®ã¨æ¯”較ã™ã‚‹ã€‚
+パスワード変更ãŒå—ã‘入れられるãŸã‚ã«ã¯ã€
+ã“ã®ä¸¡è€…ãŒåˆè‡´ã—ãªãã¦ã¯ãªã‚‰ãªã„。
+.SS グループパスワード
+\fB\-g\fR オプションを用ã„ãŸå ´åˆã€
+指定ã—ãŸã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒ‘スワードãŒå¤‰æ›´ã•ã‚Œã‚‹ã€‚
+ã“ã®ã‚ªãƒ—ションã¯ã‚¹ãƒ¼ãƒ‘ーユーザã‹æŒ‡å®šã—ãŸã‚°ãƒ«ãƒ¼ãƒ—ã®ç®¡ç†è€…ã—ã‹ä½¿ãˆãªã„。
+ç¾åœ¨ã®ã‚°ãƒ«ãƒ¼ãƒ—パスワードã¯å°‹ã­ã¦ã“ãªã„。
+\fB\-g\fR オプションを \fB\-r\fR オプションã¨ã¨ã‚‚ã«ç”¨ã„ã‚‹ã¨ã€
+指定ã—ãŸã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒ‘スワードãŒå‰Šé™¤ã•ã‚Œã‚‹ã€‚
+ã“ã†ã™ã‚‹ã¨å…¨ã¦ã®ãƒ¡ãƒ³ãƒãƒ¼ãŒã“ã®ã‚°ãƒ«ãƒ¼ãƒ—ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«ãªã‚‹ã€‚
+\fB\-R\fR オプションを \fB\-g\fR オプションã¨ã¨ã‚‚ã«ç”¨ã„ã‚‹ã¨ã€
+å…¨ã¦ã®ãƒ¦ãƒ¼ã‚¶ã«å¯¾ã—ã¦æŒ‡å®šã—ãŸã‚°ãƒ«ãƒ¼ãƒ—ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’ç¦æ­¢ã§ãる。
+.SS パスワードã®æœ‰åŠ¹æœŸé™æƒ…å ±
+スーパーユーザã¯ã€ãƒ‘スワードã®æœ‰åŠ¹æœŸé™ã«é–¢ã™ã‚‹æƒ…報を変更ã§ãる。
+ã“ã‚Œã«ã¯ \fB\-x\fR, \fB\-n\fR, \fB\-w\fR, \fB\-i\fR ãªã©ã®ã‚ªãƒ—ションを用ã„る。
+\fB\-x\fR オプションã¯ãƒ‘スワードãŒæœ‰åŠ¹ãªæœ€é•·æ—¥æ•°ã‚’設定ã™ã‚‹ã®ã«ç”¨ã„られる。
+\fImax\fR æ—¥ãŒéŽãŽã‚‹ã¨ãƒ‘スワードを変更ã™ã‚‹ã‚ˆã†ã«æ±‚ã‚られる。
+\fB\-n\fR オプションã¯ãƒ‘スワードãŒå¤‰æ›´å¯èƒ½ã¨ãªã‚‹ã¾ã§ã®
+最短日数を設定ã™ã‚‹ã®ã«ç”¨ã„られる。
+ユーザ㯠\fImin\fR æ—¥ãŒçµŒéŽã—ãŸå¾Œã§ãªã„ã¨ãƒ‘スワードを変更ã§ããªã„。
+\fB\-w\fR オプションã¯ãƒ‘スワードã®ä½¿ç”¨æœŸé™ãŒæ¥ã‚‹å‰ã«
+何日間警告を与ãˆã‚‹ã‹ã‚’設定ã™ã‚‹ãŸã‚ã«ç”¨ã„られる。
+期é™åˆ‡ã‚Œã® \fIwarn\fR æ—¥å‰ã‹ã‚‰æ³¨æ„ãŒé–‹å§‹ã•ã‚Œã€
+パスワードãŒæœŸé™åˆ‡ã‚Œã«ãªã‚‹ã¾ã§ã‚ã¨ä½•æ—¥æ®‹ã£ã¦ã„ã‚‹ã‹ãŒç¤ºã•ã‚Œã‚‹ã€‚
+\fB\-i\fR オプションã¯ã€
+パスワードã®æœŸé™ãŒåˆ‡ã‚Œã¦ã‹ã‚‰ä½•æ—¥é–“経éŽã—ãŸã‚‰ã€
+ãã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã‚’使用ä¸èƒ½ã®çŠ¶æ…‹ã«ã™ã‚‹ã‹ã‚’設定ã™ã‚‹ã®ã«ç”¨ã„る。
+\fIinact\fR 日間アカウントをパスワード期é™åˆ‡ã‚ŒçŠ¶æ…‹ã®ã¾ã¾ã«ã™ã‚‹ã¨ã€
+ユーザã¯ãã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã«å…¥ã‚Œãªããªã‚‹ã€‚
+.PP
+ã‚るアカウントã®ãƒ‘スワードを直ã¡ã«æœŸé™åˆ‡ã‚Œã«ã—ãŸã„å ´åˆã¯ã€
+\fB\-e\fR オプションを用ã„ã‚Œã°ã‚ˆã„。
+ã™ã‚‹ã¨ãã®ãƒ¦ãƒ¼ã‚¶ã¯æ¬¡ã«ãƒ­ã‚°ã‚¤ãƒ³ã™ã‚‹éš›ã«ãƒ‘スワードを変更ã™ã‚‹ã‚ˆã†å¼·åˆ¶ã•ã‚Œã‚‹ã€‚
+\fB\-d\fR オプションを使ã£ã¦ã€ãƒ¦ãƒ¼ã‚¶ã®ãƒ‘スワードを削除ã™ã‚‹ã“ã¨ã‚‚ã§ãã‚‹
+(パスワードãŒç©ºã«ãªã‚‹)。ã“ã®ã‚ªãƒ—ションã¯æ³¨æ„ã—ã¦ä½¿ã†ã“ã¨ã€‚
+ã“れを使ã†ã¨ã€ãã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã¯ãƒ­ã‚°ã‚¤ãƒ³ã«ãƒ‘スワードを全ãå¿…è¦ã¨ã—ãªããªã‚Šã€
+システムãŒä¾µå…¥è€…ã«å¯¾ã—ã¦ã‚ªãƒ¼ãƒ—ンã«ãªã£ã¦ã—ã¾ã†ã€‚
+.SS アカウントã®ä¿å®ˆ
+\fB\-l\fR フラグ㨠\fB\-u\fR フラグを用ã„ã‚‹ã¨ã€
+ユーザアカウントをロックã—ãŸã‚Šã€ãã®ãƒ­ãƒƒã‚¯ã‚’外ã—ãŸã‚Šã§ãる。
+\fB\-l\fR オプションを用ã„ã‚‹ã¨ã€
+パスワードフィールドã®å€¤ã¯æš—å·åŒ–ã•ã‚ŒãŸå¦‚何ãªã‚‹å€¤ã¨ã‚‚マッãƒã—ãªããªã‚Šã€
+アカウントã¯ä½¿ç”¨ä¸èƒ½ã«ãªã‚‹ã€‚
+\fB\-u\fR オプションを用ã„ã‚‹ã¨ã€ãƒ‘スワードã¯ä»¥å‰ã®å€¤ã«æˆ»ã‚Šã€
+アカウントãŒå†ã³ä½¿ç”¨å¯èƒ½ã¨ãªã‚‹ã€‚
+.PP
+\fB\-S\fR オプションを用ã„ã‚‹ã¨ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã®çŠ¶æ…‹ãŒè¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+アカウントã®çŠ¶æ…‹ã®æƒ…報㯠6 ã¤ã®éƒ¨åˆ†ã‹ã‚‰ãªã‚‹ã€‚
+最åˆã®éƒ¨åˆ†ã¯ã€ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã«ãƒ­ãƒƒã‚¯ãŒã‹ã‘られã¦ã„ã‚‹ (L)ã€
+パスワードãŒå­˜åœ¨ã—ãªã„ (NP)ã€
+ã‚‚ã—ãã¯ä½¿ç”¨å¯èƒ½ãªãƒ‘スワードãŒã‚ã‚‹ (P) ã¨ã„ã£ãŸæƒ…報を示ã™ã€‚
+2 番目ã¯æœ€å¾Œã«ãƒ‘スワードãŒå¤‰æ›´ã•ã‚ŒãŸæ—¥ä»˜ã‚’示ã™ã€‚
+残りã®4ã¤ã®éƒ¨åˆ†ã¯ãã‚Œãžã‚Œãƒ‘スワードã®æœ€çŸ­æœŸé™ã€æœ€é•·æœŸé™ã€è­¦å‘ŠæœŸé–“ã€
+使用ä¸èƒ½æœŸé–“ã§ã‚る。
+.SS ユーザパスワードã«å¯¾ã™ã‚‹ãƒ’ント
+パスワードã®å®‰å…¨æ€§ã¯æš—å·åŒ–アルゴリズムã®å¼·åŠ›ã•ã¨ã‚­ãƒ¼ç©ºé–“ã®å¤§ãã•ã«ä¾å­˜ã™ã‚‹ã€‚
+\fB\s-2UNIX\s+2\fR ã®ã‚·ã‚¹ãƒ†ãƒ æš—å·åŒ–ã®æ–¹æ³•ã¯
+NBS DES アルゴリズムã«åŸºã¥ã„ã¦ãŠã‚Šã€éžå¸¸ã«å®‰å…¨æ€§ãŒé«˜ã„。
+キー空間ã®å¤§ãã•ã¯é¸ã°ã‚ŒãŸãƒ‘スワードã®ãƒ©ãƒ³ãƒ€ãƒ ã•ã«ä¾å­˜ã™ã‚‹ã€‚
+.PP
+パスワードã®å®‰å…¨æ€§ãŒè„…ã‹ã•ã‚Œã‚‹ã®ã¯ã€
+大抵ã®å ´åˆãƒ‘スワードã®é¸æŠžã‚„扱ã„ãŒä¸æ³¨æ„ãªãŸã‚ã§ã‚る。
+従ã£ã¦ãƒ‘スワードã¨ã—ã¦ã¯ã€
+辞書ã«è¼‰ã£ã¦ã„ã‚‹ã‚‚ã®ã‚„書ãç•™ã‚ãªã‘ã‚Œã°ãªã‚‰ãªã„ã‚‚ã®ã¯
+é¿ã‘ã‚‹ã¹ãã§ã‚る。
+ã¾ãŸã€å›ºæœ‰å詞・å…許証番å·ãƒ»èª•ç”Ÿæ—¥ãƒ»è‡ªå®…ã®ä½æ‰€ãªã©ã‚’
+パスワードã«ã™ã‚‹ã®ã‚‚é¿ã‘ã‚‹ã¹ãã§ã‚る。
+ã“れらã¯ã„ãšã‚Œã‚‚システムセキュリティを破る際ã«ã€
+推é‡æƒ…å ±ã«ç”¨ã„られるå¯èƒ½æ€§ãŒã‚ã‚‹ã‹ã‚‰ã§ã‚る。
+.PP
+パスワードã¯ç´™ç‰‡ã«æ›¸ãç•™ã‚ã¦ãŠãå¿…è¦ãŒç„¡ã„よã†ã€
+ç°¡å˜ã«æ€ã„出ã›ã‚‹ã‚‚ã®ã«ã—ãªãã¦ã¯ãªã‚‰ãªã„。
+ã“ã‚Œã¯ä¾‹ãˆã°ã€
+短ã„二ã¤ã®å˜èªžã‚’ãã£ã¤ã‘ã¦ã€
+ãã®é–“ã«ç‰¹æ®Šè¨˜å·ã‚„数字を挟ã¿è¾¼ã‚€ã“ã¨ã«ã‚ˆã£ã¦ä½œã‚Œã‚‹ã€‚
+例ãˆã° Pass%word ãªã©ã€‚
+.PP
+ä»–ã®ä½œã‚Šæ–¹ã¨ã—ã¦ã¯ã€æ–‡å­¦ä½œå“ãªã©ã‹ã‚‰æ€ã„出ã—ã‚„ã™ã„å¥ã‚’é¸ã³å‡ºã—ã€
+ãã‚Œãžã‚Œã®å˜èªžã‹ã‚‰æœ€åˆã‚‚ã—ãã¯æœ€å¾Œã®æ–‡å­—を抜ã出ã™æ–¹æ³•ãŒã‚る。
+ã“ã®æ–¹æ³•ã®ä¾‹ã¨ã—ã¦ã¯ã€
+.IP "" .5i
+Ask not for whom the bell tolls.
+.PP
+ã¨ã„ã†å¥ã‹ã‚‰
+.IP "" .5i
+An4wtbt.
+ã¨ã„ã†ãƒ‘スワードãŒä½œã‚Šå‡ºã›ã‚‹ã€‚
+.PP
+クラッカーã®è¾žæ›¸ã«ã¯ã€
+ã“ã‚“ãªèªžå¥ã¯è¼‰ã£ã¦ã„ãªã•ãã†ã ã€ã¨ã¿ãªã—ã¦ã‚‚良ã„ã ã‚ã†ã€‚
+ã—ã‹ã—ã€ã“ã“ã«ç¤ºã—ãŸæ–¹æ³•ã ã‘ã«é ¼ã‚‹ã®ã§ã¯ãªãã€
+自分独自ã®ãƒ‘スワードã®ä½œã‚Šæ–¹ã‚’考ãˆå‡ºã™ã¹ãã§ã‚る。
+.SS グループã®ãƒ‘スワードã«é–¢ã™ã‚‹æ³¨æ„
+グループパスワードã¯ã€ä¸€äººä»¥ä¸Šã®äººé–“ãŒçŸ¥ã‚‹ã“ã¨ãŒè¨±ã•ã‚Œã‚‹ã‚‚ã®ã§ã‚ã‚‹ã‹ã‚‰ã€
+本質的ã«ã‚»ã‚­ãƒ¥ãƒªãƒ†ã‚£ä¸Šã®å•é¡Œã‚’抱ãˆã¦ã„る。
+ã—ã‹ã—グループを使ãˆã°åˆ¥ã€…ã®äººé–“ãŒå…±åŒã§ä½œæ¥­ã™ã‚‹äº‹ãŒã§ãã‚‹ã®ã§ã€
+ã“ã‚Œã¯ä¾¿åˆ©ãªãƒ„ールã§ã¯ã‚る。
+.SH 警告
+å…¨ã¦ã®ã‚ªãƒ—ションãŒä½¿ãˆã‚‹ã‚ˆã†ã«ã¯è¨­å®šã•ã‚Œã¦ã„ãªã„ã‹ã‚‚ã—ã‚Œãªã„。
+パスワードã®è¤‡é›‘ã•ã®æ¤œè¨¼ã¯ã‚µã‚¤ãƒˆã«ã‚ˆã£ã¦ç•°ãªã‚‹ã ã‚ã†ã€‚
+ユーザã¯ã‚·ã‚¹ãƒ†ãƒ ãŒæº€è¶³ã™ã‚‹ã‚ˆã†ãªã€
+充分複雑ãªãƒ‘スワードをé¸ã¶ã‚ˆã†å¼·åˆ¶ã•ã‚Œã‚‹ã€‚
+NIS ãŒå‹•ä½œã—ã¦ã„ã¦ã€
+ã‹ã¤ NIS サーãƒä»¥å¤–ã«ãƒ­ã‚°ã‚¤ãƒ³ã—ã¦ã„るユーザã¯ã€
+パスワードを変更ã§ããªã„。
+(訳注: ã“ã®å ´åˆ
+.BR yppasswd (8)
+を用ã„る。)
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- æš—å·åŒ–ã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ãƒ‘スワード
+.SH 関連項目
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/sg.1 b/man/ja/man1/sg.1
new file mode 100644
index 0000000..d07c5e4
--- /dev/null
+++ b/man/ja/man1/sg.1
@@ -0,0 +1 @@
+.so man1/newgrp.1
diff --git a/man/ja/man1/su.1 b/man/ja/man1/su.1
new file mode 100644
index 0000000..9406f0d
--- /dev/null
+++ b/man/ja/man1/su.1
@@ -0,0 +1,88 @@
+.\" $Id$
+.\" Copyright 1989 - 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated Wed Apr 26 JST 2000 by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Fri Jan 12 JST 2001 by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Mon Mar 4 JST 2002 by Kentaro Shirakata <argrath@ub32.org>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH SU 1
+.SH åå‰
+su \- ユーザIDを変更ã™ã‚‹ã€‚ã¾ãŸã¯ã‚¹ãƒ¼ãƒ‘ーユーザã«ãªã‚‹
+.SH 書å¼
+\fBsu\fR [\fB\-\fR] [\fIusername\fR [\fIargs\fR]]
+.SH 説明
+\fBsu\fR ã¯ãƒ­ã‚°ã‚¤ãƒ³ã‚»ãƒƒã‚·ãƒ§ãƒ³ä¸­ã«åˆ¥ã®ãƒ¦ãƒ¼ã‚¶ã«ãªã‚‹ãŸã‚ã«ç”¨ã„る。
+ユーザåを指定ã›ãšã«èµ·å‹•ã—ãŸå ´åˆã€
+デフォルトã§ã¯ã‚¹ãƒ¼ãƒ‘ーユーザ㮠ID ã«å¤‰æ›´ã™ã‚‹ã€‚
+オプション引数 \fB\-\fR を用ã„ã‚‹ã¨ã€
+直接ログインã—ãŸå ´åˆã¨åŒã˜ç’°å¢ƒã«åˆæœŸåŒ–ã•ã‚Œã‚‹ã€‚
+.PP
+ユーザåã®å¾Œã‚ã«è¿½åŠ ã®å¼•æ•°ã‚’与ãˆã‚‹ã“ã¨ã‚‚ã§ãã€
+ãã®å ´åˆå¼•æ•°ã¯ãƒ¦ãƒ¼ã‚¶ã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã«æ¸¡ã•ã‚Œã‚‹ã€‚
+特ã«ã€ãã®å¼•æ•°ã®ä¸€ã¤ã¨ã—㦠\fB\-c\fR を渡ã—ãŸå ´åˆã€
+ãã‚Œã«ç¶šã引数ã¯å¤§éƒ¨åˆ†ã®ã‚³ãƒžãƒ³ãƒ‰ã‚¤ãƒ³ã‚¿ãƒ—リタã«ã‚³ãƒžãƒ³ãƒ‰ã¨ã—ã¦è§£é‡ˆã•ã‚Œã‚‹ã€‚
+コマンドã¯ãã®ãƒ¦ãƒ¼ã‚¶ã« (\fI/etc/passwd\fR ã§)
+指定ã•ã‚Œã¦ã„るシェルã§å®Ÿè¡Œã•ã‚Œã‚‹ã€‚
+.PP
+å¿…è¦ãªå ´åˆã«ã¯ã€ãƒ¦ãƒ¼ã‚¶ã«ã¯ãƒ‘スワードã®å…¥åŠ›ãŒä¿ƒã•ã‚Œã‚‹ã€‚
+é–“é•ã£ãŸãƒ‘スワードãŒå…¥åŠ›ã•ã‚ŒãŸå ´åˆã«ã¯ã‚¨ãƒ©ãƒ¼ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒå‡ºåŠ›ã•ã‚Œã‚‹ã€‚
+\fIsu\fRã—よã†ã¨ã—ãŸå ´åˆã¯ã€ã‚·ã‚¹ãƒ†ãƒ ã®æ¿«ç”¨ã‚’検知ã™ã‚‹ãŸã‚ã«ã€
+ãã‚ŒãŒæ­£ã—ã„å ´åˆã‚‚ä¸æ­£ãªå ´åˆã‚‚常ã«è¨˜éŒ²ãŒæ®‹ã•ã‚Œã‚‹ã€‚
+.PP
+ç¾åœ¨ã®ç’°å¢ƒã¯æ–°ã—ã„シェルã«å¼•ã継ãŒã‚Œã‚‹ã€‚
+ãŸã ã—
+\fB$PATH\fR ã®å€¤ã¯ã€
+通常ã®ãƒ¦ãƒ¼ã‚¶ã§ã¯ \fB/bin:/usr/bin\fR ã«ã€
+スーパーユーザã§ã¯ \fB/sbin:/bin:/usr/sbin:/usr/bin\fR
+ã«å†è¨­å®šã•ã‚Œã‚‹ã€‚
+ã“れ㯠\fI/etc/login.defs\fR ã®
+\fBENV_PATH\fR 㨠\fBENV_SUPATH\fR ã§å¤‰æ›´ã§ãる。
+.PP
+サブシステムログインã§ã¯ã€
+ログインシェルã®æœ€åˆã®æ–‡å­—ã« "*" ã‚’ç½®ã。
+渡ã•ã‚ŒãŸãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã¯ã€
+ユーザãŒå®Ÿéš›ã«ãƒ­ã‚°ã‚¤ãƒ³ã™ã‚‹æ–°ã—ã„ファイルシステムã®ãƒ«ãƒ¼ãƒˆã¨ã—ã¦æ‰±ã‚れる。
+.SH 警告
+ã“ã®ç‰ˆã® \fBsu\fR ã«ã¯å¤šãã®ã‚³ãƒ³ãƒ‘イル時オプションãŒã‚ã‚‹ãŒã€
+サイトã«ã‚ˆã£ã¦ã¯ã“ã®ä¸€éƒ¨ã—ã‹è¨­å®šã•ã‚Œã¦ã„ãªã„ã“ã¨ã‚‚ã‚る。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- æš—å·åŒ–パスワードã¨æœ‰åŠ¹æœŸé™æƒ…å ±
+.SH 関連項目
+.BR login (1),
+.BR sh (1),
+.BR login.defs (5),
+.BR suauth (5)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man3/shadow.3 b/man/ja/man3/shadow.3
new file mode 100644
index 0000000..b76a74f
--- /dev/null
+++ b/man/ja/man3/shadow.3
@@ -0,0 +1,153 @@
+.\" $Id$
+.\" Copyright 1989 - 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" updated Tue 17 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH SHADOW 3
+.SH åå‰
+shadow \- æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワードファイル用ルーãƒãƒ³
+.SH 書å¼
+.B #include <shadow.h>
+.PP
+.B struct spwd *getspent();
+.PP
+.B struct spwd *getspnam(char
+.IB *name );
+.PP
+.B void setspent();
+.PP
+.B void endspent();
+.PP
+.B struct spwd *fgetspent(FILE
+.IB *fp );
+.PP
+.B struct spwd *sgetspent(char
+.IB *cp );
+.PP
+.B int putspent(struct spwd
+.I *p,
+.B FILE
+.IB *fp );
+.PP
+.B int lckpwdf();
+.PP
+.B int ulckpwdf();
+.SH 説明
+.I shadow
+㯠shadow パスワードファイル
+\fI/etc/shadow\fR ã®å†…容をæ“作ã™ã‚‹ãƒ«ãƒ¼ãƒãƒ³ã§ã‚る。
+\fI#include\fR ファイルã«ä¸Žãˆã‚‰ã‚Œã¦ã„る構造体ã¯ä»¥ä¸‹ã®é€šã‚Šã€‚
+.sp
+struct spwd {
+.in +.5i
+.br
+ char *sp_namp; /* user login name */
+.br
+ char *sp_pwdp; /* encrypted password */
+.br
+ long sp_lstchg; /* last password change */
+.br
+ int sp_min; /* days until change allowed. */
+.br
+ int sp_max; /* days before change required */
+.br
+ int sp_warn; /* days warning for expiration */
+.br
+ int sp_inact; /* days before account inactive */
+.br
+ int sp_expire; /* date when account expires */
+.br
+ int sp_flag; /* reserved for future use */
+.br
+.in \-.5i
+}
+.PP
+å„フィールドã®æ„味ã¯:
+.sp
+sp_namp \- ヌル終端ã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶å文字列ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+.br
+sp_pwdp \- ヌル終端ã•ã‚ŒãŸãƒ‘スワード文字列ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+.br
+sp_lstchg \- 1970å¹´1月1æ—¥ã‹ã‚‰ãƒ‘スワード最終変更日時迄ã®æ—¥æ•°
+.br
+sp_min \- パスワード変更ãŒå‡ºæ¥ã‚‹ã‚ˆã†ã«ãªã‚‹ã¾ã§ã®æ—¥æ•°
+.br
+sp_max \- パスワードを変更ã—ãªãã¦ã‚‚良ã„日数
+.br
+sp_warn \- パスワードãŒæœŸé™åˆ‡ã‚Œã«ãªã‚‹å‰ã«ã€
+期é™åˆ‡ã‚ŒãŒè¿‘ã¥ã„ã¦ã„ã‚‹æ—¨ã®è­¦å‘Šã‚’ユーザã«å‡ºã™æœŸé–“ã®æ—¥æ•°
+.br
+sp_inact \- パスワードãŒæœŸé™åˆ‡ã‚Œã«ãªã£ã¦ã‹ã‚‰ã€
+アカウントãŒä¸èƒ½ã¨ãªã‚Šä½¿ç”¨ã§ããªããªã‚‹ã¾ã§ã®æ—¥æ•°
+.br
+sp_expire \- 1970å¹´1月1ã‹ã‚‰ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãŒä½¿ç”¨ä¸èƒ½ã¨ãªã‚‹æ—¥è¿„ã®æ—¥æ•°
+.br
+sp_flag \- å°†æ¥ä½¿ã†ã¨ãã«å‘ã‘ã¦äºˆç´„
+.SH 説明
+\fBgetspent\fR, \fBgetspname\fR, \fBfgetspent\fR, \fBsgetspent\fR
+ã¯ã€ãã‚Œãžã‚Œ \fBstruct spwd\fR ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã™ã€‚
+\fBgetspent\fR ã¯ãƒ•ã‚¡ã‚¤ãƒ«ã‹ã‚‰æ¬¡ã®ã‚¨ãƒ³ãƒˆãƒªã‚’ã€
+\fBfgetspent\fR ã¯æŒ‡å®šã•ã‚ŒãŸã‚¹ãƒˆãƒªãƒ¼ãƒ 
+(æ­£ã—ã„書å¼ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¨ã¿ãªã•ã‚Œã‚‹)
+ã‹ã‚‰æ¬¡ã®ã‚¨ãƒ³ãƒˆãƒªã‚’è¿”ã™ã€‚
+\fBsgetspent\fR ã¯å…¥åŠ›ã¨ã—ã¦ä¸Žãˆã‚‰ã‚ŒãŸæ–‡å­—列を用ã„ã¦
+\fBstruct spwd\fR ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã™ã€‚
+\fBgetspnam\fR ã¯ãƒ•ã‚¡ã‚¤ãƒ«ä¸­ã®ç¾åœ¨ã®ä½ç½®ã‹ã‚‰
+\fBname\fR ã«ãƒžãƒƒãƒã™ã‚‹ã‚¨ãƒ³ãƒˆãƒªã‚’探ã™ã€‚
+.PP
+\fBsetspent\fR ã¯
+shadow パスワードファイルã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’開始ã™ã‚‹ãŸã‚ã«ã€
+\fBendspent\fR ã¯çµ‚了ã™ã‚‹ãŸã‚ã«ç”¨ã„られる。
+.PP
+\fI/etc/shadow\fR ファイルã«å¯¾ã™ã‚‹æŽ’ä»–çš„ãªã‚¢ã‚¯ã‚»ã‚¹ã‚’ä¿è¨¼ã—ãŸã„å ´åˆã«ã¯ã€
+\fBlckpwdf\fR ルーãƒãƒ³ã¨ \fBulckpwdf\fR ルーãƒãƒ³ã‚’用ã„る。
+\fBlckpwdf\fR 㯠\fBpw_lock\fR を用ã„ã¦æœ€å¤§ 15 秒間ロックをå–å¾—ã—よã†ã¨ã™ã‚‹ã€‚
+ãã—ã¦æœ€åˆã® 15 秒ã®æ®‹ã‚Šã®é–“ã€
+\fBspw_lock\fR ã«ã‚ˆã£ã¦äºŒåº¦ç›®ã®ãƒ­ãƒƒã‚¯ã‚’ã—よã†ã¨è©¦ã¿ç¶šã‘る。
+計 15 秒間ã®é–“ã«ã„ãšã‚Œã‹ã®è©¦ã¿ãŒå¤±æ•—ã—ãŸå ´åˆã¯ã€
+\fBlckpwdf\fR 㯠\-1 ã‚’è¿”ã™ã€‚
+ã„ãšã‚Œã®ãƒ­ãƒƒã‚¯ã‚‚æˆåŠŸã—ãŸå ´åˆã¯ 0 ãŒè¿”ã•ã‚Œã‚‹ã€‚
+.SH 返り値
+ã“れらã®ãƒ«ãƒ¼ãƒãƒ³ã¯ã€ã‚¨ãƒ³ãƒˆãƒªãŒæ®‹ã£ã¦ã„ãªã„å ´åˆã‚„ã€
+処ç†ã®éŽç¨‹ã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«ã¯ NULL ã‚’è¿”ã™ã€‚
+返り値㌠\fBint\fR ã§ã‚るルーãƒãƒ³ã¯ã€
+æˆåŠŸã—ãŸã‚‰ 0 ã‚’ã€å¤±æ•—ã—ãŸã‚‰ \-1 ã‚’è¿”ã™ã€‚
+.SH 警告
+shadowã•ã‚ŒãŸãƒ‘スワードファイルã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã¯åˆ¶é™ã•ã‚Œã¦ã„ã‚‹ã®ã§ã€
+ã“れらã®ãƒ«ãƒ¼ãƒãƒ³ã¯ã‚¹ãƒ¼ãƒ‘ーユーザã ã‘ãŒåˆ©ç”¨ã§ãる。
+.SH ファイル
+\fI/etc/shadow\fR \- æš—å·åŒ–ã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ãƒ‘スワード
+.SH 関連項目
+.BR getpwent (3),
+.BR shadow (5)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man5/faillog.5 b/man/ja/man5/faillog.5
new file mode 100644
index 0000000..4fdcf73
--- /dev/null
+++ b/man/ja/man5/faillog.5
@@ -0,0 +1,64 @@
+.\"$Id$
+.\" Copyright 1989 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH FAILLOG 5
+.SH åå‰
+faillog \- ログイン失敗を記録ã™ã‚‹ãƒ•ã‚¡ã‚¤ãƒ«
+.SH 説明
+.I faillog
+ã¯å€‹ã€…ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã«å¯¾ã™ã‚‹ãƒ­ã‚°ã‚¤ãƒ³å¤±æ•—回数ã¨ãã®é™åº¦ã‚’記録ã™ã‚‹ã€‚
+ファイルã¯å›ºå®šé•·ãƒ¬ã‚³ãƒ¼ãƒ‰ã§ã‚ã‚Šã€UID 番å·ã§ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ä»˜ã‘ã•ã‚Œã¦ã„る。
+å„レコードã«ã¯ã€æœ€å¾Œã«ãƒ­ã‚°ã‚¤ãƒ³ã«æˆåŠŸã—ã¦ä»¥é™ã®ãƒ­ã‚°ã‚¤ãƒ³å¤±æ•—回数ã€
+アカウントãŒä½¿ç”¨ä¸èƒ½ã¨ãªã‚‹ã¾ã§ã«è¨±ã•ã‚Œã‚‹ãƒ­ã‚°ã‚¤ãƒ³å¤±æ•—回数ã€
+最後ã«ãƒ­ã‚°ã‚¤ãƒ³ã«å¤±æ•—ã—ãŸã¨ãã®æŽ¥ç¶šãƒ‡ãƒã‚¤ã‚¹ã€
+最後ã«ãƒ­ã‚°ã‚¤ãƒ³ã«å¤±æ•—ã—ãŸæ—¥ä»˜ã€
+ãŒè¨˜éŒ²ã•ã‚Œã¦ã„る。
+.PP
+ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ã®æ§‹é€ ã¯ä»¥ä¸‹ã®é€šã‚Šã€‚
+.DS
+
+ struct faillog {
+ short fail_cnt;
+ short fail_max;
+ char fail_line[12];
+ time_t fail_time;
+ };
+
+.DE
+.SH ファイル
+\fI/var/log/faillog\fR \- ログイン失敗ã®è¨˜éŒ²
+.SH 関連項目
+.BR faillog (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man5/limits.5 b/man/ja/man5/limits.5
new file mode 100644
index 0000000..a8c8329
--- /dev/null
+++ b/man/ja/man5/limits.5
@@ -0,0 +1,89 @@
+.\"$Id$
+.\"
+.\" Japanese Version Copyright (c) 2001 Maki KURODA
+.\" all right reserved,
+.\" Translated Mon Nov 5 18:12:16 JST 2001
+.\" by Maki KURODA <mkuroda@aisys-jp.com>
+.\" Modified Tue 18 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH LIMITS 5
+.SH åå‰
+limits \- リソース制é™ã®å®šç¾©
+.SH 説明
+.I limits
+ファイル (デフォルトã§ã¯ /etc/limits。
+ã‚ã‚‹ã„㯠config.h ã§å®šç¾©ã—㟠LIMITS_FILE)
+ã«ã¯ã€è¨­å®šã—ãŸã„リソース制é™ã‚’記述ã™ã‚‹ã€‚
+ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¯ root ãŒæ‰€æœ‰ã—ã€
+root アカウントã®ã¿ãŒèª­ã¿è¾¼ã¿å¯èƒ½ã¨ã™ã‚‹ã¹ãã§ã‚る.
+.PP
+デフォルトã§ã¯ root ã«å¯¾ã™ã‚‹åˆ¶é™ã¯è¨­å®šã§ããªã„。
+実ã¯ã€root ã¨åŒç­‰ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆ (UID 0 ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆ)
+ã‚’ã“ã®æ‰‹æ®µã«ã‚ˆã£ã¦åˆ¶é™ã™ã‚‹ã“ã¨ã¯ã§ããªã„。
+.PP
+å„è¡Œã«ã¯ä»¥ä¸‹ã®å½¢å¼ã§ãƒ¦ãƒ¼ã‚¶ã«å¯¾ã™ã‚‹åˆ¶é™ã‚’記述ã™ã‚‹ã€‚
+.sp
+.I user LIMITS_STRING
+.PP
+\fBLIMITS_STRING\fP ã¯ãƒªã‚½ãƒ¼ã‚¹åˆ¶é™ã®å®šç¾©ã‚’連çµã•ã›ãŸæ–‡å­—列ã§ã‚る。
+å„制é™ã®å®šç¾©ã¯ã€1 文字ã®è­˜åˆ¥å­ã¨ã€ãã‚Œã«ç¶šã制é™æ•°å€¤ã‹ã‚‰ãªã‚‹ã€‚
+.PP
+有効ãªè­˜åˆ¥å­ã¯ä»¥ä¸‹ã®é€šã‚Šã€‚
+.sp
+A: アドレス空間ã®æœ€å¤§å€¤ (KB)
+.br
+C: コアファイルサイズã®æœ€å¤§å€¤ (KB)
+.br
+D: データサイズã®æœ€å¤§å€¤ (KB)
+.br
+F: ファイルサイズã®æœ€å¤§å€¤ (KB)
+.br
+M: メモリ上ã«ãƒ­ãƒƒã‚¯ã§ãるアドレス空間ã®æœ€å¤§å€¤ (KB)
+.br
+N: ファイルオープン数ã®æœ€å¤§å€¤
+.br
+R: レジデントセットサイズã®æœ€å¤§å€¤ (KB)
+.br
+S: スタックサイズã®æœ€å¤§å€¤ (KB)
+.br
+T: CPU 時間ã®æœ€å¤§å€¤ (分)
+.br
+U: プロセス数ã®æœ€å¤§å€¤
+.br
+K: \fBumask\fR(2) ã«ã‚ˆã‚Šè¨­å®šã•ã‚Œã‚‹ã€ãƒ•ã‚¡ã‚¤ãƒ«ä½œæˆæ™‚ã® mask
+.br
+L: ã“ã®ãƒ¦ãƒ¼ã‚¶ã®åŒæ™‚ログイン数ã®æœ€å¤§å€¤
+.br
+P: \fBsetpriority\fR(2) ã«ã‚ˆã£ã¦è¨­å®šã•ã‚Œã‚‹ãƒ—ロセス優先度
+.PP
+例ãˆã°ã€\fIL2D2048N5\fP ã¯æ­£ã—ã„ \fBLIMITS_STRING\fP ã§ã‚る。
+以下㮠2 ã¤ã®ä¾‹ã¯ç­‰ä¾¡ã§ã‚る。2 番目ã®ã‚ˆã†ã«èª­ã¿æ˜“ã書ãã“ã¨ã‚‚ã§ãる。
+.sp
+username L2D2048N5
+.br
+username L2 D2048 N5
+.PP
+\fIusername\fP 以é™ã®è¡Œã®æ®‹ã‚ŠãŒåˆ¶é™ç”¨ã®æ–‡å­—列ã¨ã—ã¦æ‰±ã‚れるã®ã§ã€
+コメントã¯æ›¸ãã“ã¨ãŒã§ããªã„。
+login プログラムã¯ã€æ­£ã—ããªã„制é™æ–‡å­—列ã¯æ‹’絶ã™ã‚‹ (無視ã™ã‚‹)。
+.PP
+デフォルトã®ã‚¨ãƒ³ãƒˆãƒªã¯ã€ãƒ¦ãƒ¼ã‚¶å㌠"\fB*\fP" ã¨ãªã£ã¦ã„ã‚‹ã‚‚ã®ã§ã‚る。
+\fBLIMITS_FILE\fP ã«è¤‡æ•°ã®\fIデフォルト\fPを登録ã™ã‚‹ã¨ã€
+最後ã®ã‚‚ã®ãŒãƒ‡ãƒ•ã‚©ãƒ«ãƒˆæŒ‡å®šã¨ã—ã¦ä½¿ç”¨ã•ã‚Œã‚‹ã€‚
+.PP
+ã‚るユーザã¸ã®åˆ¶é™ã‚’完全ã«ç„¡åŠ¹ã«ã™ã‚‹ã«ã¯ã€
+シングルダッシュ "\fB\-\fP" を使用ã™ã‚‹ã€‚
+.PP
+ã•ã‚‰ã«ã€å…¨ã¦ã®åˆ¶é™ã®è¨­å®šã¯ã€Œãƒ­ã‚°ã‚¤ãƒ³å˜ä½ã€ã§è¨­å®šã•ã‚Œã¦ã„ã‚‹ã“ã¨ã«æ³¨æ„ã™ã‚‹ã“ã¨ã€‚
+制é™ã¯ã‚°ãƒ­ãƒ¼ãƒãƒ«ã§ã¯ãªãã€æ°¸ç¶šçš„ã§ã‚‚ãªã„。
+グローãƒãƒ«ãªåˆ¶é™ã¯ã„ãšã‚Œå¯èƒ½ã«ãªã‚‹ã ã‚ã†ãŒã€
+今ã®ã¨ã“ã‚ã¯ã€ŒTO DOã€ã§ã‚る。;)
+.\"nakano 二番目ã®æ–‡ã“ã‚Œã§ã„ã„ã®ã‹ãªã‚。
+.SH ファイル
+\fI/etc/limits\fR
+.SH 関連項目
+.BR login (1),
+.BR setpriority (2),
+.BR setrlimit (2)
+.SH 著者
+Cristian Gafton (gafton@sorosis.ro)
diff --git a/man/ja/man5/login.access.5 b/man/ja/man5/login.access.5
new file mode 100644
index 0000000..c6ec97b
--- /dev/null
+++ b/man/ja/man5/login.access.5
@@ -0,0 +1,69 @@
+.\"$Id$
+.\" this is comment
+.\"
+.\" This page is originally in the shadow package.
+.\" Translated Fri 14 Feb 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH LOGIN.ACCESS 5
+.\" .Dt SKEY.ACCESS 5
+.\" .Os FreeBSD 1.2
+.SH åå‰
+login.access \- ログインアクセスã®åˆ¶å¾¡è¡¨
+.SH 説明
+.I login.access
+ファイルã«ã¯ã€ãƒ­ã‚°ã‚¤ãƒ³ã‚’許å¯ã¾ãŸã¯æ‹’絶ã™ã‚‹ã€
+(ユーザ, ホスト) ã‚„ (ユーザ, tty) ã®çµ„ã¿åˆã‚ã›ã‚’指定ã™ã‚‹ã€‚
+.PP
+誰ã‹ãŒãƒ­ã‚°ã‚¤ãƒ³ã™ã‚‹ã¨ã€
+.I login.access
+ファイルãŒã‚¹ã‚­ãƒ£ãƒ³ã•ã‚Œã€æœ€åˆã«ãƒžãƒƒãƒã™ã‚‹
+(ユーザ,ホスト) ã®çµ„ã€
+ã‚ã‚‹ã„ã¯ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯çµŒç”±ã®ãƒ­ã‚°ã‚¤ãƒ³ã§ãªã„å ´åˆã¯æœ€åˆã«ãƒžãƒƒãƒã™ã‚‹
+(ユーザ, tty) ã®çµ„を探ã™ã€‚
+ã“ã®ãƒ†ãƒ¼ãƒ–ルã®è¨±å¯ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ã‚ˆã£ã¦ã€
+ログインãŒè¨±å¯ã•ã‚Œã‚‹ã‹æ‹’絶ã•ã‚Œã‚‹ã‹ãŒæ±ºã¾ã‚‹ã€‚
+.PP
+ログインアクセス制御表ã®å„行㯠3 ã¤ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‹ã‚‰ãªã‚Šã€
+文字 ":" ã§åˆ†å‰²ã•ã‚Œã‚‹ã€‚
+.sp 1
+.IR permission : users : origins
+.sp 1
+最åˆã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ "\fB+\fR" (アクセスを許å¯ã™ã‚‹) ã‹
+"\fB\-\fR" (アクセスを拒å¦ã™ã‚‹) ã§ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+二番目ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã€ä¸€ã¤ä»¥ä¸Šã®ãƒ­ã‚°ã‚¤ãƒ³åやグループåã€
+ã‚‚ã—ãã¯
+.B ALL
+(å¿…ãšãƒžãƒƒãƒã™ã‚‹)
+ã§ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+三番目ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã€
+tty å (ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯çµŒç”±ã§ãªã„ログインã®å ´åˆ)ã€
+ホストåã€
+ドメインå ("\fB.\fR"ã§å§‹ã¾ã‚‹)ã€
+ホストアドレスã€
+インターãƒãƒƒãƒˆã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ç•ªå· ("\fB.\fR"ã§çµ‚ã‚ã‚‹)ã€
+ã®ã²ã¨ã¤ä»¥ä¸Šã®æ§‹æˆè¦ç´ ã‹ã‚‰ãªã‚‹ãƒªã‚¹ãƒˆã§ã‚ã‚‹ã‹ã€
+.B ALL
+(å¿…ãšãƒžãƒƒãƒã™ã‚‹) ã¾ãŸã¯
+.B LOCAL
+("\fB.\fR"ã‚’å…¨ãå«ã¾ãªã„文字列全ã¦ã«ãƒžãƒƒãƒã™ã‚‹)
+ã®ã„ãšã‚Œã‹ã§ãªãã¦ã¯ãªã‚‰ãªã„。
+NIS ã‚’é‹ç”¨ã—ã¦ã„ã‚‹å ´åˆã¯ã€ãƒ›ã‚¹ãƒˆã‚„ユーザã®ãƒ‘ターンã§
+@netgroupname ãŒä½¿ãˆã‚‹ã€‚
+.PP
+.B EXCEPT
+オペレータを用ã„ã‚‹ã¨ã€
+éžå¸¸ã«ç°¡ç•¥ã«ãƒ«ãƒ¼ãƒ«ã‚’指定ã§ãる。
+.PP
+group ファイルãŒæ¤œç´¢ã•ã‚Œã‚‹ã®ã¯ã€
+ログインã™ã‚‹ãƒ¦ãƒ¼ã‚¶åãŒåå‰ã«ãƒžãƒƒãƒã—ãªã‹ã£ãŸå ´åˆã«é™ã‚‰ã‚Œã‚‹ã€‚
+マッãƒã™ã‚‹ã‚°ãƒ«ãƒ¼ãƒ—ã¯ã€
+group ファイル中ã§ãƒ¦ãƒ¼ã‚¶åãŒæ˜Žç¤ºçš„ã«ãƒªã‚¹ãƒˆã•ã‚Œã¦ã„ã‚‹ã‚‚ã®ã«é™ã‚‰ã‚Œã‚‹ã€‚
+ã“ã®ãƒ—ログラムã¯ãƒ¦ãƒ¼ã‚¶ã®ä¸»ã‚°ãƒ«ãƒ¼ãƒ—ã® ID 番å·ã¾ã§ã¯è¦‹ãªã„。
+.SH ファイル
+\fI/etc/login.access\fR
+.SH 関連項目
+.BR login (1)
+.SH 著者
+Guido van Rooij
diff --git a/man/ja/man5/login.defs.5 b/man/ja/man5/login.defs.5
new file mode 100644
index 0000000..cb9566e
--- /dev/null
+++ b/man/ja/man5/login.defs.5
@@ -0,0 +1,193 @@
+.\" Copyright 1991 - 1993, Julianne Frances Haugh and Chip Rosenthal
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $Id$
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated Wed Apr 26 17:22:36 JST 2000
+.\" by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Sat Jan 13 09:24:04 JST 2001
+.\" by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.\" WORD: shadow login suite shadow ログイン機能
+.TH LOGIN.DEFS 5
+.SH åå‰
+/etc/login.defs \- shadow パスワード機能ã®è¨­å®š
+.SH 説明
+.I /etc/login.defs
+ファイル㯠shadow ログイン機能ã«å¯¾ã™ã‚‹ã‚µã‚¤ãƒˆå›ºæœ‰ã®è¨­å®šã‚’定義ã™ã‚‹ã€‚
+ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¯å¿…ãšå­˜åœ¨ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ãŒç„¡ãã¦ã‚‚システムé‹ç”¨ã¯å¯èƒ½ã§ã‚ã‚‹ãŒã€
+ãŠãらã望ã¾ãªã„çµæžœã¨ãªã‚‹ã ã‚ã†ã€‚
+.PP
+ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¯èª­ã¿å–ã‚Šå¯èƒ½ãªãƒ†ã‚­ã‚¹ãƒˆãƒ•ã‚¡ã‚¤ãƒ«ã§ã€
+ファイル中ã®ä¸€è¡Œã«ã¤ã一ã¤ã®è¨­å®šãƒ‘ラメータを設定ã—ã¦ã„る。
+å„è¡Œã§ã¯ã€è¨­å®šãƒ‘ラメータã®åå‰ã¨ãã®å€¤ãŒç©ºç™½ã§åŒºåˆ‡ã‚‰ã‚Œã¦ç¤ºã•ã‚Œã‚‹ã€‚
+空行ã¨ã‚³ãƒ¡ãƒ³ãƒˆè¡Œã¯ç„¡è¦–ã•ã‚Œã‚‹ã€‚
+コメント行㯠`#' 記å·ã§å§‹ã¾ã‚‹ã€‚
+記å·`#'ã¯ãã®è¡Œã§ã®ç©ºç™½ä»¥å¤–ã®æœ€åˆã®æ–‡å­—ã§ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.PP
+パラメータ値ã¯å››ã¤ã®åž‹ã‚’å–ã‚‹ã“ã¨ãŒã§ãる。
+文字列・ブール型・数値・å€ç²¾åº¦æ•°å€¤ã€ã§ã‚る。
+文字列ã«ã¯å…¨ã¦ã®å°å­—å¯èƒ½æ–‡å­—を使ãˆã‚‹ã€‚
+ブール型パラメータã®å€¤ã¯ ``yes'' ã‹ ``no'' ã®ã„ãšã‚Œã‹ã§ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+値ã®æŒ‡å®šã•ã‚Œã¦ã„ãªã„ブール型パラメータやã€
+``yes'', ``no'' 以外ãŒæŒ‡å®šã•ã‚ŒãŸãƒ–ール型パラメータã®å€¤ã¯ ``no''ã¨ã•ã‚Œã‚‹ã€‚
+(å˜ç²¾åº¦ãŠã‚ˆã³å€ç²¾åº¦) 数値ã¯ã€
+10 進数ã€
+(数値ã®å‰ã« ``0'' を付ã‘ãŸ) 8 進数ã€
+(数値ã®å‰ã« ``0x'' を付ã‘ãŸ) 16 進数ã®ã„ãšã‚Œã‹ã§æŒ‡å®šã™ã‚‹ã€‚
+å˜ç²¾åº¦ãƒ»å€ç²¾åº¦æ•°å€¤ãƒ‘ラメータã®æœ€å¤§å€¤ã¯è¨ˆç®—æ©Ÿã«ä¾å­˜ã™ã‚‹ã€‚
+.PP
+以下ã«ç¤ºã™ã‚ˆã†ãªè¨­å®šé …ç›®ãŒã‚ã‚‹:
+.\"
+.IP "CHFN_AUTH (ブール値)"
+ã‚‚ã—
+.I yes
+ãªã‚‰ã€
+.BR chfn ", " chsh
+両プログラムã¯ã€ã‚¹ãƒ¼ãƒ‘ーユーザãŒèµ·å‹•ã—ãŸã®ã§ãªã„é™ã‚Š
+何らã‹ã®å¤‰æ›´ã‚’è¡Œãªã†å‰ã«ãƒ‘スワードを尋ã­ã‚‹ã€‚
+.\"
+.IP "CHFN_RESTRICT (文字列)"
+ã“ã®ãƒ‘ラメータã¯
+.I passwd
+ファイルã®
+.I gecos
+フィールドã®ã†ã¡ã€
+一般ユーザãŒ
+.B chfn
+を使ã£ã¦å¤‰æ›´ã§ãるフィールドを指定ã™ã‚‹ã€‚
+指定ã™ã‚‹æ–‡å­—列ã¯
+.IR f ,
+.IR r ,
+.IR w ,
+.I h
+å„文字ã®ä»»æ„ã®çµ„ã¿åˆã‚ã›ã§ã€ãã‚Œãžã‚Œãƒ•ãƒ«ãƒãƒ¼ãƒ ã€éƒ¨å±‹ç•ªå·ã€
+è·å ´é›»è©±ç•ªå·ã€è‡ªå®…電話番å·ã‚’æ„味ã™ã‚‹ã€‚
+指定ã•ã‚Œãªã‹ã£ãŸå ´åˆã¯ã€ã‚¹ãƒ¼ãƒ‘ーユーザã ã‘ãŒå…¨ã¦ã®é …目を変更ã§ãる。
+最も制é™ã‚’ãã¤ãã—ãŸã„å ´åˆã¯ã€
+chfn ã‚’ SUID ã§ã¯ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã—ãªã‘ã‚Œã°ã‚ˆã„。
+.\"
+.IP "GID_MAX (数値)"
+.IP "GID_MIN (数値)"
+.B useradd
+プログラムãŠã‚ˆã³
+.B groupadd
+プログラムãŒã‚°ãƒ«ãƒ¼ãƒ— ID ã‚’é¸æŠžã™ã‚‹æ™‚ã®ç¯„囲。
+.\"
+.IP "MAIL_DIR (文字列)"
+メールスプールディレクトリ。
+ã‚るユーザアカウントãŒä¿®æ­£ãƒ»å‰Šé™¤ã•ã‚ŒãŸéš›ã«ã€
+ãã®ãƒ¦ãƒ¼ã‚¶ã®ãƒ¡ãƒ¼ãƒ«ãƒœãƒƒã‚¯ã‚¹ã«å¯¾ã™ã‚‹ä½œæ¥­ã®ãŸã‚ã«å¿…è¦ã¨ãªã‚‹ã€‚
+指定ã•ã‚Œãªã„ã¨ã€ã‚³ãƒ³ãƒ‘イル時ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆå€¤ãŒç”¨ã„られる。
+.\"
+.IP "PASS_MAX_DAYS (数値)"
+一ã¤ã®ãƒ‘スワードを使ãˆã‚‹æœ€é•·æ—¥æ•°ã€‚
+パスワードãŒã“ã®æ—¥æ•°ã‚ˆã‚Šã‚‚å¤ã„å ´åˆã¯ã€å¤‰æ›´ã™ã‚‹ã‚ˆã†å¼·åˆ¶ã•ã‚Œã‚‹ã€‚
+指定ã•ã‚Œã¦ã„ãªã„å ´åˆã¯ \-1 ã¨ãªã‚‹ (ã“ã®åˆ¶é™æ©Ÿèƒ½ã‚’無効ã«ã™ã‚‹)。
+.IP "PASS_MIN_DAYS (数値)"
+パスワードを変更ã—ã¦ã‹ã‚‰æ¬¡ã«å¤‰æ›´ã§ãるよã†ã«ãªã‚‹ã¾ã§ã®æœ€çŸ­æ—¥æ•°ã€‚
+ã“ã®æ—¥æ•°ãŒçµŒãŸãªã„ã†ã¡ã«ãƒ‘スワードを変更ã—よã†ã¨ã—ã¦ã‚‚æ‹’å¦ã•ã‚Œã‚‹ã€‚
+指定ã•ã‚Œã¦ã„ãªã„å ´åˆã¯ \-1 ã¨ãªã‚‹ (ã“ã®åˆ¶é™æ©Ÿèƒ½ã‚’無効ã«ã™ã‚‹)。
+.IP "PASS_WARN_AGE (数値)"
+パスワードã®æœ‰åŠ¹æœŸé™ãŒæ¥ã‚‹å‰ã«è­¦å‘Šã‚’発ã™ã‚‹æœŸé–“ã®æ—¥æ•°ã€‚
+ゼロã«ã—ã¦ãŠãã¨ã€æœŸé™åˆ‡ã‚Œã®å½“æ—¥ã«ã®ã¿è­¦å‘Šã‚’è¡Œã„ã€
+è² ã®æ•°ã‚’指定ã—ãŸå ´åˆã¯ä¸€åˆ‡è­¦å‘Šã‚’è¡Œã‚ãªã„。
+指定ã•ã‚Œã¦ã„ãªã„å ´åˆã¯è­¦å‘Šã‚’è¡Œã‚ãªã„。
+.PP
+PASS_MAX_DAYS, PASS_MIN_DAYS, PASS_WARN_AGE
+ã¯ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã‚’作るã¨ãã«ã ã‘利用ã•ã‚Œã‚‹ã€‚
+ã“れらã®è¨­å®šã‚’変更ã—ã¦ã‚‚ã€æ—¢å­˜ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã«ã¯å½±éŸ¿ã—ãªã„。
+.\"
+.IP "UID_MAX (数値)"
+.IP "UID_MIN (数値)"
+.B useradd
+プログラムãŒãƒ¦ãƒ¼ã‚¶ ID ã‚’é¸æŠžã™ã‚‹æ™‚ã®ç¯„囲。
+.\"
+.IP "UMASK (数値)"
+許å¯å±žæ€§ãƒžã‚¹ã‚¯ã‚’ã“ã®å€¤ã«åˆæœŸåŒ–ã™ã‚‹ã€‚
+指定ã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€è¨±å¯å±žæ€§ãƒžã‚¹ã‚¯ã¯ 077 ã«åˆæœŸåŒ–ã•ã‚Œã‚‹ã€‚
+.\"
+.IP "USERDEL_CMD (文字列)"
+定義ã•ã‚Œã¦ã„ã‚‹ã¨ã€ãƒ¦ãƒ¼ã‚¶ã‚’削除ã™ã‚‹ã¨ãã«ã“ã®ã‚³ãƒžãƒ³ãƒ‰ãŒå®Ÿè¡Œã•ã‚Œã‚‹ã€‚
+削除ã•ã‚Œã‚‹ãƒ¦ãƒ¼ã‚¶ (最åˆã®å¼•ãæ•°ã«æ¸¡ã•ã‚Œã‚‹) ã® at/cron/print
+ジョブãªã©ã‚’削除ã™ã‚‹ã‚³ãƒžãƒ³ãƒ‰ã«ã—ã¦ãŠãã¨ã‚ˆã„。
+.\"
+.SH å‚照表
+以下ã®å‚照表ã¯ã€
+shadow パスワード機能ã®ã©ã®ãƒ—ログラムãŒ
+ã©ã®ãƒ‘ラメータを使用ã™ã‚‹ã‹ã‚’示ã—ãŸã‚‚ã®ã§ã‚る。
+.na
+.IP chfn 12
+CHFN_AUTH CHFN_RESTRICT
+.IP chsh 12
+CHFN_AUTH
+.IP groupadd 12
+GID_MAX GID_MIN
+.IP newusers 12
+PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+UMASK
+.IP pwconv 12
+PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+.IP useradd 12
+GID_MAX GID_MIN
+PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+UID_MAX UID_MIN
+UMASK
+.IP userdel 12
+MAIL_DIR
+USERDEL_CMD
+.IP usermod 12
+MAIL_DIR
+.ad
+.SH ãƒã‚°
+shadow パスワード機能ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¦ããŸæ©Ÿèƒ½ã®å¤§éƒ¨åˆ†ã¯ã€
+ç¾åœ¨ã¯ PAM ã«ã‚ˆã£ã¦å‡¦ç†ã•ã‚Œã¦ã„る。
+ã—ãŸãŒã£ã¦ã€
+.BR login (1),
+.BR passwd (1),
+.BR su (1)
+ãªã©ã®ãƒ—ログラムã¯ã€ã‚‚ã¯ã‚„
+\fI/etc/login.defs\fR
+を用ã„ãªã„。
+対応ã™ã‚‹ PAM ã®è¨­å®šãƒ•ã‚¡ã‚¤ãƒ«ã‚’調ã¹ã‚‹ã‚ˆã†ã«ã—ã¦ã»ã—ã„。
+.SH 関連項目
+.BR login (1),
+.BR passwd (1),
+.BR su (1),
+.BR passwd (5),
+.BR shadow (5),
+.BR pam (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
+.br
+Chip Rosenthal (chip@unicom.com)
diff --git a/man/ja/man5/passwd.5 b/man/ja/man5/passwd.5
new file mode 100644
index 0000000..438f499
--- /dev/null
+++ b/man/ja/man5/passwd.5
@@ -0,0 +1,113 @@
+.\"$Id$
+.\" Copyright 1989 - 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH PASSWD 5
+.SH åå‰
+passwd \- パスワードファイル
+.SH 説明
+.I passwd
+ファイルã«ã¯å„ユーザアカウントã®æ§˜ã€…ãªæƒ…å ±ãŒè¨˜éŒ²ã•ã‚Œã¦ã„る。
+書ã‹ã‚Œã¦ã„ã‚‹ã®ã¯æ¬¡ã®é€šã‚Šã€‚
+.IP "" .5i
+ログインå
+.IP "" .5i
+æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワード (ç„¡ã„ã“ã¨ã‚‚ã‚ã‚‹)
+.IP "" .5i
+ユーザ ID 番å·
+.IP "" .5i
+グループ ID 番å·
+.IP "" .5i
+ユーザåã¾ãŸã¯ã‚³ãƒ¡ãƒ³ãƒˆã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰
+.IP "" .5i
+ユーザã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒª
+.IP "" .5i
+ユーザã®ã‚³ãƒžãƒ³ãƒ‰ã‚¤ãƒ³ã‚¿ãƒ—リタ
+.PP
+パスワード㌠shadow 化ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€
+パスワードフィールドを埋ã‚ã¦ã¯ãªã‚‰ãªã„。
+shadow パスワードを用ã„ã¦ã„ã‚‹å ´åˆã€æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワードã¯
+\fI/etc/shadow\fR ã«æ›¸ã‹ã‚Œã¦ã„る。
+æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワードã¯ã€
+アルファベット a ã‹ã‚‰ zã€A ã‹ã‚‰ Zã€0 ã‹ã‚‰ 9ã€\. 㨠/ ã®
+64 文字ã‹ã‚‰ä½œã‚‰ã‚ŒãŸ 13 文字ã‹ã‚‰ãªã‚‹ã€‚
+ã“ã®æ–‡å­—列ãŒã©ã®ã‚ˆã†ã«è§£é‡ˆã•ã‚Œã‚‹ã‹ã®è©³ç´°ã¯
+\fBcrypt\fR(3) ã‚’å‚ç…§ã®ã“ã¨ã€‚
+.PP
+オプションã¨ã—ã¦ã€ãƒ‘スワードã®å¾Œã«ã€
+コンマã«ç¶šã„ã¦ãƒ‘スワードã®æœ‰åŠ¹æœŸé™æ–‡å­—列ãŒè¨˜ã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚‚ã‚る。
+ã“ã®æ–‡å­—列ã¯ãƒ‘スワードã¨åŒã˜æ–‡å­—セットã‹ã‚‰ãªã‚‹ã€‚
+最åˆã®æ–‡å­—ã¯ã€ãƒ‘スワードãŒä½•é€±é–“有効ã‹ã‚’示ã™ã€‚
+二番目ã®æ–‡å­—ã¯ã€ä½•é€±é–“経ã¦ã°ãƒ¦ãƒ¼ã‚¶ãŒãƒ‘スワードを変更ã§ãã‚‹ã‹ã‚’示ã™ã€‚
+最後ã®äºŒæ–‡å­—ã¯ã€
+最後ã«ãƒ‘スワードを変更ã—ãŸã®ãŒ
+1970 å¹´ 1 月ã‹ã‚‰ä½•é€±é–“経éŽã—ãŸæ™‚点ã§ã‚ã‚‹ã‹ã‚’表ã™ã€‚
+パスワードã®æœ‰åŠ¹æœŸé™ãŒéŽãŽãŸæ™‚ã¯ã€
+ユーザã¯æ–°ã—ã„パスワードを設定ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.PP
+コメントフィールドã¯
+\fBfinger\fR(1) ã®ã‚ˆã†ãªæ§˜ã€…ãªã‚·ã‚¹ãƒ†ãƒ ãƒ¦ãƒ¼ãƒ†ã‚£ãƒªãƒ†ã‚£ã‹ã‚‰åˆ©ç”¨ã•ã‚Œã‚‹ã€‚
+コメントフィールドã«ã¯ã€è¿½åŠ æƒ…å ±ã¨ã—ã¦ã€
+次ã®ã‚ˆã†ãª 3 ã¤ã®æ•°å€¤ãŒè¨˜å…¥ã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚‚ã‚る。
+.IP "" .5i
+pri= \- nice ã®åˆæœŸè¨­å®šå€¤
+.IP "" .5i
+umask= \- umask ã®åˆæœŸè¨­å®šå€¤
+.IP "" .5i
+ulimit= \- ulimit ã®åˆæœŸè¨­å®šå€¤
+.PP
+ã“れらã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯äº’ã„ã«ã€ã¾ãŸä»–ã®ã‚³ãƒ¡ãƒ³ãƒˆãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¨ã€
+コンマを用ã„ã¦åˆ†é›¢ã•ã‚Œã‚‹ã€‚
+.PP
+ホームディレクトリフィールドã¯ã€
+åˆæœŸä½œæ¥­ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®åå‰ã‚’与ãˆã‚‹ã€‚
+\fBlogin\fR ã¯ã“ã®æƒ…報を用ã„ã¦ç’°å¢ƒå¤‰æ•° \fBHOME\fR ã®å†…容を設定ã™ã‚‹ã€‚
+.PP
+コマンドインタプリタã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ã¯ã€
+ユーザã®ã‚³ãƒžãƒ³ãƒ‰è¨€èªžã‚¤ãƒ³ã‚¿ãƒ—リタã‹ã€
+最åˆã«å®Ÿè¡Œã™ã‚‹ãƒ—ログラムã®åå‰ã‚’記ã™ã€‚
+\fBlogin\fR ã¯ã“ã®æƒ…報を用ã„ã¦ç’°å¢ƒå¤‰æ•° \fBSHELL\fR ã®å†…容を設定ã™ã‚‹ã€‚
+ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ä½•ã‚‚記ã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€
+デフォルト値ã¨ã—㦠\fB/bin/sh\fR を使用ã™ã‚‹ã€‚
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.SH 関連項目
+.BR login (1),
+.BR passwd (1),
+.BR su (1),
+.BR shadow (5),
+.BR pwconv (8),
+.BR pwunconv (8),
+.BR sulogin (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man5/porttime.5 b/man/ja/man5/porttime.5
new file mode 100644
index 0000000..5b6b035
--- /dev/null
+++ b/man/ja/man5/porttime.5
@@ -0,0 +1,93 @@
+.\" $Id$
+.\" Copyright 1989 - 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH PORTTIME 5
+.SH åå‰
+porttime \- ãƒãƒ¼ãƒˆã‚¢ã‚¯ã‚»ã‚¹æ™‚間設定ファイル
+.SH 説明
+.I porttime
+㯠tty デãƒã‚¤ã‚¹ãƒ»ãƒ¦ãƒ¼ã‚¶å・ログインå¯èƒ½æ™‚é–“ã€ã®ãƒªã‚¹ãƒˆã‹ã‚‰ãªã‚‹ã€‚
+.PP
+ãã‚Œãžã‚Œã®ã‚¨ãƒ³ãƒˆãƒªã¯ã€ã‚³ãƒ­ãƒ³ã§åŒºåˆ‡ã‚‰ã‚ŒãŸä¸‰ã¤ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‹ã‚‰ãªã‚‹ã€‚
+最åˆã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã‚³ãƒ³ãƒžã§åŒºåˆ‡ã‚‰ã‚ŒãŸ tty デãƒã‚¤ã‚¹ã®ãƒªã‚¹ãƒˆã§ã€
+アスタリスクを指定ã—ãŸå ´åˆã¯ã‚らゆる tty デãƒã‚¤ã‚¹ã«ãƒžãƒƒãƒã™ã‚‹ã€‚
+二番目ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã‚³ãƒ³ãƒžã§åŒºåˆ‡ã‚‰ã‚ŒãŸãƒ¦ãƒ¼ã‚¶åã®ãƒªã‚¹ãƒˆã§ã€
+アスタリスクを指定ã—ãŸå ´åˆã¯ã‚らゆるユーザã«ãƒžãƒƒãƒã™ã‚‹ã€‚
+三番目ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã€
+コンマã§åŒºåˆ‡ã‚‰ã‚ŒãŸãƒ­ã‚°ã‚¤ãƒ³ã‚’許å¯æ™‚é–“ã®ãƒªã‚¹ãƒˆã§ã‚る。
+.PP
+アクセス時間ã®å„エントリã¯ã€
+\fBSu\fR, \fBMo\fR, \fBTu\fR, \fBWe\fR, \fBTh\fR, \fBFr\fR, \fBSa\fR
+ã§ç•¥è¨˜ã•ã‚ŒãŸã‚¼ãƒ­å€‹ä»¥ä¸Šã®æ›œæ—¥ã¨ã€
+ãƒã‚¤ãƒ•ãƒ³ã§åŒºåˆ‡ã‚‰ã‚ŒãŸ 2 ã¤ã®æ™‚刻ã¨ã‹ã‚‰ãªã‚‹ã€‚
+月曜日ã‹ã‚‰é‡‘曜日ã¾ã§ã‚’指定ã™ã‚‹ \fBWk\fR ã‚„ã€
+å…¨ã¦ã®æ—¥ã‚’指定ã™ã‚‹ \fBAl\fR ã¨ã„ã†ç•¥è¨˜æ³•ã‚’用ã„ã‚‹ã“ã¨ã‚‚ã§ãる。
+曜日ã®æŒ‡å®šãŒç„¡ã„å ´åˆã¯ \fBAl\fR ã ã¨ã¿ãªã•ã‚Œã‚‹ã€‚
+.SH 例
+次ã®ã‚¨ãƒ³ãƒˆãƒªã¯ã€ãƒ¦ãƒ¼ã‚¶ \fBjfh\fR ãŒå¹³æ—¥ã®åˆå‰9時ã‹ã‚‰åˆå¾Œ5時ã¾ã§ã€
+å…¨ã¦ã®ãƒãƒ¼ãƒˆã‹ã‚‰ã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ã€‚
+.br
+.sp 1
+ *:jfh:Wk0900\-1700
+.br
+.sp 1
+次ã®ã‚¨ãƒ³ãƒˆãƒªã¯ã€
+\fBroot\fR 㨠\fBoper\fR 以外ã®ãƒ¦ãƒ¼ã‚¶ã«ã¯ã€ã©ã®æ™‚間帯ã«ã‚‚
+/dev/console ã‹ã‚‰ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’許å¯ã—ãªã„。
+ã“ã®ä¾‹ã¯ã€\fI/etc/porttime\fR
+ファイルãŒã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½æ™‚é–“ã®ãƒªã‚¹ãƒˆã‚’
+ã©ã†ã„ã†é †åºã§æ‰±ã†ã‹ã‚‚示ã—ã¦ã„る。
+ä»–ã®å…¨ã¦ã®ãƒ¦ãƒ¼ã‚¶ã¯äºŒç•ªç›®ã®ã‚¨ãƒ³ãƒˆãƒªã«ãƒžãƒƒãƒã—ã€
+ã—ãŸãŒã£ã¦ console ã‹ã‚‰ã®ã‚¢ã‚¯ã‚»ã‚¹ã¯è¨±å¯ã•ã‚Œãªã„。
+.br
+.sp 1
+ console:root,oper:Al0000\-2400
+.br
+ console:*:
+.br
+.sp 1
+次ã®ã‚¨ãƒ³ãƒˆãƒªã¯ã€
+ユーザ \fBgames\fR ãŒã€å°±æ¥­æ™‚間外ãªã‚‰
+ã‚らゆるãƒãƒ¼ãƒˆã‹ã‚‰ã‚¢ã‚¯ã‚»ã‚¹ã§ãるよã†ã«æŒ‡å®šã—ã¦ã„る。
+.br
+.sp 1
+ *:games:Wk1700\-0900,SaSu0000\-2400
+.br
+.sp 1
+.SH ファイル
+\fI/etc/porttime\fR \- ãƒãƒ¼ãƒˆã¸ã®ã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½æ™‚間を記ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«
+.SH 関連項目
+.BR login (1)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man5/shadow.5 b/man/ja/man5/shadow.5
new file mode 100644
index 0000000..8885990
--- /dev/null
+++ b/man/ja/man5/shadow.5
@@ -0,0 +1,102 @@
+.\"$Id$
+.\" Copyright 1989 - 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH SHADOW 5
+.SH åå‰
+shadow \- æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワードファイル
+.SH 説明
+.I shadow
+ã«ã¯ãƒ¦ãƒ¼ã‚¶ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã«å¯¾ã™ã‚‹æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワード情報ã€
+ãŠã‚ˆã³ã‚ªãƒ—ションã¨ã—ã¦ãƒ‘スワードã®æœ‰åŠ¹æœŸé™ã®æƒ…å ±ãŒè¨˜ã•ã‚Œã¦ã„る。
+å«ã¾ã‚Œã¦ã„る内容ã¯
+.IP "" .5i
+ログインå
+.IP "" .5i
+æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワード
+.IP "" .5i
+1970 å¹´ 1 月 1 æ—¥ã‹ã‚‰ã€æœ€å¾Œã«ãƒ‘スワードãŒå¤‰æ›´ã•ã‚ŒãŸæ—¥ã¾ã§ã®æ—¥æ•°
+.IP "" .5i
+パスワードãŒå¤‰æ›´å¯èƒ½ã¨ãªã‚‹ã¾ã§ã®æ—¥æ•°
+.IP "" .5i
+パスワードを変更ã—ãªãã¦ã¯ãªã‚‰ãªããªã‚‹æ—¥ã¾ã§ã®æ—¥æ•°
+.IP "" .5i
+パスワード有効期é™ãŒæ¥ã‚‹å‰ã«ã€ãƒ¦ãƒ¼ã‚¶ãŒè­¦å‘Šã‚’å—ã‘る日数
+.IP "" .5i
+パスワード有効期é™ãŒéŽãŽã¦ã‹ã‚‰ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãŒä½¿ç”¨ä¸èƒ½ã«ãªã‚‹ã¾ã§ã®æ—¥æ•°
+.IP "" .5i
+1970 å¹´ 1 月 1 æ—¥ã‹ã‚‰ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãŒä½¿ç”¨ä¸èƒ½ã«ãªã‚‹æ—¥ã¾ã§ã®æ—¥æ•°
+.IP "" .5i
+予約フィールド
+.PP
+パスワードフィールドã¯å¿…ãšè¨˜å…¥ã•ã‚Œã¦ã„ãªãã¦ã¯ãªã‚‰ãªã„。
+æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワードã¯ã€
+a ã‹ã‚‰ zã€A ã‹ã‚‰ Z ã®ã‚¢ãƒ«ãƒ•ã‚¡ãƒ™ãƒƒãƒˆã€
+0 ã‹ã‚‰ 9 ã¾ã§ã®æ•°å­—〠\. 㨠/ ã® 64 文字ã®ã†ã¡ã®ã€
+13 文字以上 24 文字以下ã§ã‚る。
+ã“ã®æ–‡å­—列ãŒã©ã®ã‚ˆã†ã«è§£é‡ˆã•ã‚Œã‚‹ã‹ã®è©³ç´°ã¯ \fBcrypt\fR(3) ã‚’å‚ç…§ã›ã‚ˆã€‚
+.PP
+最後ã«ãƒ‘スワードを変更ã—ãŸæ—¥æ™‚ã¯
+1970 å¹´ 1 月 1 æ—¥ã‹ã‚‰ã®æ—¥æ•°ã¨ã—ã¦è¨˜è¿°ã•ã‚Œã‚‹ã€‚
+パスワードã¯å分ãªæ—¥æ•°ãŒçµŒéŽã—ã¦ã‹ã‚‰ã§ãªã„ã¨å¤‰æ›´ã§ããšã€
+ã¾ãŸæœ€å¤§æ—¥æ•°ãŒçµŒéŽã—ãŸå¾Œã¯å¿…ãšå¤‰æ›´ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+変更å¯èƒ½ã¨ãªã‚‹ã¾ã§ã«è¦ã™ã‚‹æ—¥æ•°ãŒæœ‰åŠ¹æœŸé™ã‚ˆã‚Šã‚‚大ãã„å ´åˆã¯ã€
+ユーザãŒãƒ‘スワードを変更ã™ã‚‹ã“ã¨ã¯å‡ºæ¥ãªã„。
+.PP
+パスワードã®æœ‰åŠ¹æœŸé™ãŒéŽãŽã¦ã‹ã‚‰ã€
+指定日数ã®ã†ã¡ã«ãƒ‘スワードを変更ã—ãªã‹ã£ãŸå ´åˆã¯ã€
+ãã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã¯ç„¡åŠ¹ã«ãªã‚Šã€ä½¿ãˆãªããªã‚‹ã€‚
+ã¾ãŸã€ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã‚’指定ã—ãŸæœŸæ—¥ã«ã€
+(ãã®ä»–ã®ãƒ‘スワード有効期é™æƒ…å ±ã«ã¯ã‚ˆã‚‰ãš)
+使用ä¸èƒ½ã¨ã™ã‚‹ã“ã¨ã‚‚ã§ãる。
+.PP
+ã“ã®æƒ…å ±ã¯ã€\fI/etc/passwd\fR 中ã®
+ã‚らゆるパスワード情報・有効期é™æƒ…報よりも優先ã•ã‚Œã‚‹ã€‚
+.PP
+パスワードã®å®‰å…¨æ€§ã‚’ä¿ã¤ãŸã‚ã«ã¯ã€
+ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ã‚’一般ユーザãŒèª­ã‚るよã†ã«ã—ã¦ã¯ãªã‚‰ãªã„。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- æš—å·åŒ–ã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ãƒ‘スワード
+.SH 関連項目
+.BR chage (1),
+.BR login (1),
+.BR passwd (1),
+.BR su (1),
+.BR passwd (5),
+.BR pwconv (8),
+.BR pwunconv (8),
+.BR sulogin (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man5/suauth.5 b/man/ja/man5/suauth.5
new file mode 100644
index 0000000..b379d03
--- /dev/null
+++ b/man/ja/man5/suauth.5
@@ -0,0 +1,116 @@
+.\"$Id$
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri 14 Feb 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH SUAUTH 5 "Feb 14, 1996"
+.UC 5
+.SH åå‰
+suauth \- su を詳細ã«åˆ¶å¾¡ã™ã‚‹ãŸã‚ã®ãƒ•ã‚¡ã‚¤ãƒ«
+.SH 書å¼
+.B /etc/suauth
+.SH 説明
+.I /etc/suauth
+ファイルã¯ã€
+su コマンドãŒå®Ÿè¡Œã•ã‚Œã‚‹ãŸã³ã«å‚ç…§ã•ã‚Œã‚‹ã€‚
+ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ã‚’用ã„ã‚‹ã¨ã€
+以下ã®æƒ…å ±ã«åŸºã¥ã„㦠su コマンドã®å‹•ä½œã‚’変更ã§ãる。
+.PP
+.RS
+.nf
+1) su ã§æˆã‚Šä»£ã‚ã‚ã†ã¨ã—ã¦ã„るユーザ
+.fi
+2) su コマンドを実行ã—ã¦ã„るユーザ
+(ã‚‚ã—ãã¯ãã®ãƒ¦ãƒ¼ã‚¶ãŒå±žã™ã‚‹ã‚°ãƒ«ãƒ¼ãƒ—ã®ã„ãšã‚Œã‹)
+.RE
+.PP
+ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¯æ¬¡ã®æ§˜ãªæ›¸å¼ã‚’ã—ã¦ã„る。
+# ã§å§‹ã¾ã‚‹è¡Œã¯ã‚³ãƒ¡ãƒ³ãƒˆã¨ã—ã¦æ‰±ã‚ã‚Œã€ç„¡è¦–ã•ã‚Œã‚‹ã€‚
+.PP
+.RS
+to\-id:from\-id:ACTION
+.RE
+.PP
+ã“ã“㧠to\-id ã¯ã€
+.B ALL
+ã¨ã„ã†å˜èªžã€
+コンマã§åŒºåˆ‡ã‚‰ã‚ŒãŸãƒ¦ãƒ¼ã‚¶åã®ãƒªã‚¹ãƒˆã€
+.B ALL EXCEPT
+ã¨ã„ã†å˜èªžä»¥é™ã«ç½®ã‹ã‚ŒãŸ "," 区切りã®ãƒ¦ãƒ¼ã‚¶åリストã€
+ã®ã„ãšã‚Œã‹ã§ã‚る。
+.PP
+from\-id 㯠to\-id ã¨åŒã˜æ›¸å¼ã§ã‚ã‚Šã€æ›´ã«
+.B GROUP
+ã¨ã„ã†å˜èªžã‚‚使用ã§ãる。
+.B ALL EXCEPT GROUP
+ã¨ã„ã†ä½¿ã„方もåŒæ§˜ã«åˆ©ç”¨ã§ãる。
+.B GROUP
+ã®å¾Œã«ã¯ä¸€ã¤ä»¥ä¸Šã®ã‚°ãƒ«ãƒ¼ãƒ—åã‚’ "," ã§åŒºåˆ‡ã£ã¦è¨˜ã™ã€‚
+ãã®ã‚°ãƒ«ãƒ¼ãƒ—を主グループ id ã¨ã—ã¦æŒã¤ã ã‘ã§ã¯ã ã‚ã§ã€
+\fI/etc/group\fR ã®ã‚¨ãƒ³ãƒˆãƒªã«ãƒ¦ãƒ¼ã‚¶åãŒè¨˜ã•ã‚Œã¦ã„ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.PP
+ACTION ã«ã¯ã€ä»¥ä¸‹ã®ã‚ªãƒ—ションã®ã„ãšã‚Œã‹ä¸€ã¤ã‚’指定ã§ãる。
+.TP 10
+.B DENY
+パスワードをèžãå‰ã« su 動作を中止ã™ã‚‹ã€‚
+.TP
+.B NOPASS
+自動的㫠su ã¯æˆåŠŸã—ã€ãƒ‘スワードã¯å°‹ã­ãªã„。
+.TP
+.B OWNPASS
+su ãŒæˆåŠŸã™ã‚‹ãŸã‚ã«ã¯ã€
+ユーザãŒè‡ªåˆ†ã®ãƒ‘スワードを入力ã—ãªãã¦ã¯ãªã‚‰ãªã„。
+パスワードを入力ã™ã‚‹ã‚ˆã†ã«è¦æ±‚ã•ã‚Œã‚‹ã€‚
+.PP
+コロンã«ã‚ˆã£ã¦åŒºåˆ‡ã‚‰ã‚ŒãŸåˆ¥ã€…ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒä¸‰ã¤ã‚る点ã«æ³¨æ„ã™ã‚‹ã“ã¨ã€‚
+コロンã®å‰å¾Œã«ç©ºç™½ãŒã‚ã£ã¦ã¯ãªã‚‰ãªã„。
+ファイルã¯ä¸€è¡Œæ¯Žã«é †ç•ªã«åŸå‘³ã•ã‚Œã€
+最åˆã«ãƒžãƒƒãƒã—ãŸè¦å‰‡ãŒç”¨ã„られã€
+ファイルã®æ®‹ã‚Šã¯ãれ以上æœæŸ»ã•ã‚Œãªã„。
+ã“ã‚Œã«ã‚ˆã£ã¦ã€
+システム管ç†è€…ã¯æœ›ã‚€é™ã‚Šã®å¾®èª¿æ•´ã‚’è¡Œã†ã“ã¨ãŒå¯èƒ½ã¨ãªã‚‹ã€‚
+.SH 例
+.PP
+.nf
+# /etc/suauthファイルã®ä¾‹
+#
+# 二人ã®ç‰¹æ¨©ãƒ¦ãƒ¼ã‚¶ãŒã€è‡ªåˆ†ã®ãƒ‘スワードを
+# 用ã„㦠root ã« su ã§ãる。
+#
+root:chris,birddog:OWNPASS
+#
+# ä»–ã®ãƒ¦ãƒ¼ã‚¶ã¯ wheel グループã«å±žã—ã¦ã„ãªã„é™ã‚Š
+# root ã« su ã§ããªã„。ã“れ㯠BSD ã¨åŒã˜å‹•ä½œã§ã‚る。
+#
+root:ALL EXCEPT GROUP wheel:DENY
+#
+# ãŠãらã terry 㨠birddog ã¯åŒã˜äººé–“ãŒ
+# 所有ã™ã‚‹ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã§ã‚る。
+# パスワード無ã—ã§äº’ã„ã«ä»–方㫠su ã§ãる。
+#
+terry:birddog:NOPASS
+birddog:terry:NOPASS
+#
+.fi
+.SH ファイル
+\fI/etc/suauth\fR
+.SH ãƒã‚°
+多ãã®ãƒã‚°ãŒæ½œã‚“ã§ã„ã‚‹å¯èƒ½æ€§ãŒã‚る。
+ã¨ã‚Šã‚ã‘ã€ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘ーザã¯æ›¸å¼ã‚¨ãƒ©ãƒ¼ã«å¯›å¤§ã§ã¯ãªãã€
+(è¡Œã®å§‹ã‚åŠã³çµ‚ã‚り以外ã«) 無駄ãªç©ºç™½ãŒã‚ã£ã¦ã¯ãªã‚‰ãªã„ã—ã€
+特定ã®ãƒˆãƒ¼ã‚¯ãƒ³ãŒåˆ¥ã€…ã®ã‚‚ã®ã‚’区切るよã†ã«ãªã£ã¦ã„る。
+.SH 返り値
+ファイルをパースã™ã‚‹éš›ã®ã‚¨ãƒ©ãƒ¼ã¯
+.BR syslogd (8)
+を通ã—ã¦ã€AUTH ファシリティ㮠ERR レベルã§é€šçŸ¥ã•ã‚Œã‚‹ã€‚
+.SH 関連項目
+.BR su (1)
+.SH 著者
+.nf
+Chris Evans (lady0110@sable.ox.ac.uk)
+Lady Margaret Hall
+Oxford University
+England
diff --git a/man/ja/man8/chpasswd.8 b/man/ja/man8/chpasswd.8
new file mode 100644
index 0000000..e5dc43e
--- /dev/null
+++ b/man/ja/man8/chpasswd.8
@@ -0,0 +1,70 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated Wed Apr 26 18:06:10 JST 2000
+.\" by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated & Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH CHPASSWD 8
+.SH åå‰
+\fBchpasswd\fR \- パスワードファイルをãƒãƒƒãƒå‡¦ç†ã§æ›´æ–°ã™ã‚‹
+.SH 書å¼
+\fBchpasswd\fR [\fB\-e\fR]
+.SH 説明
+\fBchpasswd\fR コマンドã¯
+標準入力ã‹ã‚‰ãƒ¦ãƒ¼ã‚¶åã¨ãƒ‘スワードã®çµ„ãŒè¨˜ã•ã‚Œã¦ã„るファイルを読ã¿è¾¼ã¿ã€
+ãã®æƒ…報を用ã„ã¦æ—¢å­˜ã®ãƒ¦ãƒ¼ã‚¶ç¾¤ã®ãƒ‘スワード情報を更新ã™ã‚‹ã€‚
+\-e オプションãŒãªã„å ´åˆã¯ã€ãƒ‘スワードã¯å¹³æ–‡ã¨ã¿ãªã•ã‚Œã‚‹ã€‚
+\-e オプションãŒã‚ã‚‹å ´åˆã¯ã€ãƒ‘スワードã¯æš—å·åŒ–ã•ã‚Œã¦ã„ã‚‹ã¨ã¿ãªã•ã‚Œã‚‹ã€‚
+å„è¡Œã®æ›¸å¼ã¯æ¬¡ã®é€šã‚Šã€‚
+.sp 1
+ \fIuser_name\fR:\fIpassword\fR
+.sp 1
+指定ã—ãŸãƒ¦ãƒ¼ã‚¶ã¯æ—¢ã«å­˜åœ¨ã—ã¦ã„ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+与ãˆã‚‰ã‚ŒãŸãƒ‘スワードã¯å¿…è¦ã«å¿œã˜ã¦æš—å·åŒ–ã•ã‚Œã€
+パスワードã®æœ‰åŠ¹æœŸé™ãŒã‚ã‚‹å ´åˆã¯ãれも更新ã•ã‚Œã‚‹ã€‚
+.PP
+ã“ã®ã‚³ãƒžãƒ³ãƒ‰ã¯ã€åŒæ™‚ã«å¤§é‡ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã‚’作æˆã™ã‚‹ã‚ˆã†ãªã€
+大è¦æ¨¡ãªã‚·ã‚¹ãƒ†ãƒ ç’°å¢ƒã§ç”¨ã„ã‚‹ãŸã‚ã«ä½œã‚‰ã‚ŒãŸã€‚
+.SH 警告
+.\" The \fBmkpasswd\fR command must be executed afterwards to update the
+.\" DBM password files.
+入力ファイルã«æš—å·åŒ–ã•ã‚Œã¦ã„ãªã„パスワードãŒè¨˜ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€
+é©åˆ‡ã«ä¿è­·ã—ã¦ãŠã‹ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.\" This command may be discarded in favor of the newusers(8) command.
+.SH 関連項目
+.\" mkpasswd(8), passwd(1), useradd(1)
+.BR passwd (1),
+.BR newusers (8),
+.BR useradd (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/faillog.8 b/man/ja/man8/faillog.8
new file mode 100644
index 0000000..222043a
--- /dev/null
+++ b/man/ja/man8/faillog.8
@@ -0,0 +1,97 @@
+.\"$Id$
+.\" Copyright 1989 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH FAILLOG 8
+.SH åå‰
+faillog \- faillog を調ã¹ã€login 失敗ã®åˆ¶é™ã‚’設定ã™ã‚‹
+.SH 書å¼
+\fBfaillog\fR [\fB\-u\fR \fIlogin\-name\fR] [\fB\-a\fR] [\fB\-t\fR \fIdays\fR]
+[\fB\-m\fR \fImax\fR] [\fB\-pr\fR]
+.SH 説明
+\fBfaillog\fR ã¯ãƒ­ã‚°ã‚¤ãƒ³ã®å¤±æ•—を記録ã™ã‚‹ãƒ­ã‚°ãƒ•ã‚¡ã‚¤ãƒ«
+\fI/var/log/faillog\fR ã®å†…容を整形ã—ã€
+失敗ã®å›žæ•°ã¨åˆ¶é™å€¤ã‚’記録・管ç†ã™ã‚‹ã€‚
+\fBfaillog\fR ã«ä¸Žãˆã‚‹å¼•æ•°ã®é †åºã¯é‡è¦ã§ã‚ã‚Šã€
+å„引数ã¯ä¸Žãˆã‚‰ã‚ŒãŸé †ã«ç›´ã¡ã«å‡¦ç†ã•ã‚Œã‚‹ã€‚
+.PP
+\fB\-p\fR フラグを指定ã™ã‚‹ã¨ãƒ­ã‚°ã‚¤ãƒ³å¤±æ•—ã®ã‚¨ãƒ³ãƒˆãƒªã‚’ UID é †ã«è¡¨ç¤ºã™ã‚‹ã€‚
+\fB\-u \fIlogin\-name\fR ã¨å…¥åŠ›ã™ã‚‹ã¨ã€
+\fIlogin\-name\fR ã®ãƒ­ã‚°ã‚¤ãƒ³å¤±æ•—記録ã®ã¿ã‚’表示ã™ã‚‹ã€‚
+\fB\-t \fIdays\fR ã¨å…¥åŠ›ã™ã‚‹ã¨ã€
+最近 \fIdays\fR 日以内ã®ãƒ­ã‚°ã‚¤ãƒ³å¤±æ•—ã®è¨˜éŒ²ã‚’表示ã™ã‚‹ã€‚
+\fB\-u\fR フラグを指定ã™ã‚‹ã¨ \fB\-t\fR フラグã¯ç„¡è¦–ã•ã‚Œã‚‹ã€‚
+.\"nakano ã¨ã„ã†ã®ãŒå®Ÿéš›ã®å‹•ä½œã®ã‚ˆã†ãªæ°—ãŒã™ã‚‹ã®ã ã‘ã©...
+\fB\-a\fR フラグを用ã„ã‚‹ã¨å…¨ãƒ¦ãƒ¼ã‚¶ã«å¯¾ã™ã‚‹è¨˜éŒ²ãŒè¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+ã“ã®ãƒ•ãƒ©ã‚°ã‚’ \fB\-p\fR フラグã¨ã¨ã‚‚ã«ç”¨ã„ã‚‹ã¨ã€
+ã“ã‚Œã¾ã§ã«ãƒ­ã‚°ã‚¤ãƒ³ã«å¤±æ•—ã—ãŸå…¨ã¦ã®ãƒ¦ãƒ¼ã‚¶ãŒè¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+\fB\-a\fR 㯠\fB\-r\fR フラグã¨ç”¨ã„ã¦ã‚‚æ„味ãŒç„¡ã„。
+.PP
+\fB\-r\fR フラグã¯ãƒ­ã‚°ã‚¤ãƒ³å¤±æ•—回数ã®è¨˜éŒ²ã‚’リセットã™ã‚‹ã€‚
+ã“ã®ã‚ªãƒ—ションを用ã„ã‚‹ã«ã¯
+\fI/var/log/faillog\fR ã¸ã®æ›¸ãè¾¼ã¿æ¨©é™ãŒå¿…è¦ã§ã‚る。
+\fB\-u \fIlogin\-name\fR ã¨å…¥åŠ›ã™ã‚‹ã¨ã€
+\fIlogin\-name\fR ã®ãƒ­ã‚°ã‚¤ãƒ³å¤±æ•—回数ã®ã¿ã‚’リセットã™ã‚‹ã€‚
+.PP
+\fB\-m\fR フラグã¯ã€
+アカウントãŒä½¿ç”¨ä¸èƒ½ã«ãªã‚‹ã¾ã§ã®æœ€å¤§ã®ãƒ­ã‚°ã‚¤ãƒ³å¤±æ•—回数を設定ã™ã‚‹ã€‚
+ã“ã®ã‚ªãƒ—ションを用ã„ã‚‹ã«ã¯
+\fI/var/log/faillog\fR ã¸ã®æ›¸ãè¾¼ã¿æ¨©é™ãŒå¿…è¦ã§ã‚る。
+\fB\-m \fImax\fR ã¨å…¥åŠ›ã™ã‚‹ã¨ã€
+å…¨ã¦ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã¯ãƒ­ã‚°ã‚¤ãƒ³å¤±æ•—回数㌠\fImax\fR ã«ãªã‚‹ã¨ä½¿ç”¨ä¸èƒ½ã«ãªã‚‹ã€‚
+.\"nakano double meaning...
+\fB\-u \fIlogin\-name\fR ã‚’åŒæ™‚ã«ç”¨ã„ã‚‹ã¨ã€
+ã“ã®æ©Ÿèƒ½ã‚’ \fIlogin\-name\fR ã ã‘ã«ä½œç”¨ã•ã›ã‚‹ã“ã¨ãŒã§ãる。
+\fImax\fR ã®å€¤ã‚’ 0 ã«ã™ã‚‹ã¨ãƒ­ã‚°ã‚¤ãƒ³ã®å¤±æ•—回数ã«ã¯åˆ¶é™ãŒç„¡ããªã‚‹ã€‚
+システムã«å¯¾ã™ã‚‹ã‚µãƒ¼ãƒ“スä¸èƒ½æ”»æ’ƒã‚’防ããŸã‚ã€
+\fBroot\fR ã®æœ€å¤§ãƒ­ã‚°ã‚¤ãƒ³å¤±æ•—回数ã¯å¸¸ã« 0 ã«ã—ã¦ãŠãã¹ãã§ã‚る。
+.PP
+オプションã¯ã»ã¼ã©ã®ã‚ˆã†ã«çµ„ã¿åˆã‚ã›ã¦ã‚‚良ã„。
+\fB\-p\fR, \fB\-r\fR, \fB\-m\fR
+ã®å„オプションã¯ã€
+\fB\-u\fR, \fB\-t\fR ã®æŒ‡å®šã«ã‚ˆã‚‹ä¿®æ­£ã‚’å—ã‘ã€
+指定ã—ãŸé †ã«å®Ÿè¡Œã•ã‚Œã‚‹ã€‚
+.SH 警告
+\fBfaillog\fR ã¯ã€
+最後ã«å¤±æ•—ã—ã¦ä»¥é™ãƒ­ã‚°ã‚¤ãƒ³ã«æˆåŠŸã—ã¦ã„ãªã„ユーザã®ã¿ã‚’表示ã™ã‚‹ã€‚
+ログインã«å¤±æ•—ã—ãŸå¾Œã«æ­£ã—ãログインã§ããŸãƒ¦ãƒ¼ã‚¶ã‚‚表示ã•ã›ã‚‹ã«ã¯ã€
+\fB\-u\fR フラグを用ã„ã¦ãã®ãƒ¦ãƒ¼ã‚¶ã‚’明示的ã«æŒ‡å®šã™ã‚‹ã‹ã€
+\fB\-a\fR フラグを用ã„ã¦å…¨ãƒ¦ãƒ¼ã‚¶ã‚’表示ã•ã›ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.SH ファイル
+\fI/var/log/faillog\fR \- 失敗を記録ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«
+.SH 関連項目
+.BR login (1),
+.BR faillog (5)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/groupadd.8 b/man/ja/man8/groupadd.8
new file mode 100644
index 0000000..4bdf73d
--- /dev/null
+++ b/man/ja/man8/groupadd.8
@@ -0,0 +1,68 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH GROUPADD 8
+.SH åå‰
+groupadd \- æ–°ã—ã„グループを作æˆã™ã‚‹
+.SH 書å¼
+\fBgroupadd\fR [\fB\-g\fR \fIgid \fR[\fB\-o\fR]] [\fB\-f\fR] \fIgroup\fR
+.SH 説明
+\fBgroupadd\fR コマンドã¯ã€
+コマンドライン上ã§æŒ‡å®šã•ã‚ŒãŸå€¤ã¨
+システムã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆå€¤ã¨ã‚’用ã„ã¦æ–°ã—ã„グループを作æˆã™ã‚‹ã€‚
+æ–°ã—ã„グループãŒå¿…è¦ã«å¿œã˜ã¦ã‚·ã‚¹ãƒ†ãƒ ãƒ•ã‚¡ã‚¤ãƒ«ã«è¨˜å…¥ã•ã‚Œã‚‹ã€‚
+\fBgroupadd\fR コマンドã«æŒ‡å®šã§ãるオプションã¯æ¬¡ã®é€šã‚Šã€‚
+.IP "\fB\-g \fIgid\fR"
+æ–°è¦ã‚°ãƒ«ãƒ¼ãƒ—ã® ID 番å·ã€‚
+ã“ã®å€¤ã¯ã€\fB\-o\fR オプションを用ã„ã‚‹å ´åˆã‚’除ãã€ä»–ã¨é‡è¤‡ã—ã¦ã¯ãªã‚‰ãªã„。
+ã¾ãŸéžè² å€¤ã§ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+デフォルトã§ã¯ã€99 ãŠã‚ˆã³ä»–ã®ã‚らゆる既存グループ㮠ID よりも大ãã„ã€
+最å°ã®æ•°å€¤ã¨ãªã‚‹ã€‚
+0 ã‹ã‚‰ 999 ã¾ã§ã®å€¤ã¯ã€
+通常システム用ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã«äºˆç´„ã•ã‚Œã¦ã„る。
+.SH ファイル
+\fI/etc/group\fR \- グループアカウント情報
+.br
+\fI/etc/gshadow\fR \- 安全ãªã‚°ãƒ«ãƒ¼ãƒ—アカウント情報
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/groupdel.8 b/man/ja/man8/groupdel.8
new file mode 100644
index 0000000..0f24453
--- /dev/null
+++ b/man/ja/man8/groupdel.8
@@ -0,0 +1,65 @@
+.\"$Id$
+.\" Copyright 1991 - 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH GROUPDEL 8
+.SH åå‰
+groupdel \- グループを削除ã™ã‚‹
+.SH 書å¼
+\fBgroupdel\fR \fIgroup\fR
+.SH 説明
+\fBgroupdel\fR コマンドã¯ã€ã‚·ã‚¹ãƒ†ãƒ ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãƒ•ã‚¡ã‚¤ãƒ«ã‚’修正ã—ã€
+グループ \fIgroup\fR ã«å¯¾å¿œã™ã‚‹ã™ã¹ã¦ã®ã‚¨ãƒ³ãƒˆãƒªã‚’削除ã™ã‚‹ã€‚
+指定ã•ã‚ŒãŸã‚°ãƒ«ãƒ¼ãƒ—ã¯å­˜åœ¨ã—ã¦ã„ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.PP
+å…¨ã¦ã®ãƒ•ã‚¡ã‚¤ãƒ«ã‚·ã‚¹ãƒ†ãƒ ã«ã€
+指定ã—ãŸã‚°ãƒ«ãƒ¼ãƒ—ã® ID ã‚’æŒã¤ãƒ•ã‚¡ã‚¤ãƒ«ãŒæ®‹ã£ã¦ã„ãªã„ã“ã¨ã‚’ã€
+手作業ã§ç¢ºèªã—ãªãã¦ã¯ãªã‚‰ãªã„。
+.SH 警告
+存在ã™ã‚‹ãƒ¦ãƒ¼ã‚¶ã®ä¸»ã‚°ãƒ«ãƒ¼ãƒ—を削除ã—ã¦ã¯ãªã‚‰ãªã„。
+グループを削除ã™ã‚‹å‰ã«ãã®ãƒ¦ãƒ¼ã‚¶ã‚’削除ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.SH ファイル
+\fI/etc/group\fR \- グループ情報
+.br
+\fI/etc/gshadow\fR \- 安全ãªã‚°ãƒ«ãƒ¼ãƒ—情報
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/groupmod.8 b/man/ja/man8/groupmod.8
new file mode 100644
index 0000000..eb0f7cf
--- /dev/null
+++ b/man/ja/man8/groupmod.8
@@ -0,0 +1,70 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH GROUPMOD 8
+.SH åå‰
+groupmod \- グループを修正ã™ã‚‹
+.SH 書å¼
+\fBgroupmod\fR [\fB\-g\fR \fIgid\fR [\fB\-o\fR]] [\fB\-n\fR \fIgroup_name\fR]
+\fIgroup\fR
+.SH 説明
+\fBgroupmod\fR コマンドã¯ã€
+コマンドラインã‹ã‚‰ã®æŒ‡å®šã«ã‚ˆã£ã¦ã€
+システムアカウントファイルを修正ã™ã‚‹ã€‚
+\fIgroupmod\fR コマンドã«æŒ‡å®šã§ãるオプションã¯æ¬¡ã®é€šã‚Šã€‚
+.IP "\fB\-g \fIgid\fR"
+変更をå—ã‘るグループ㮠ID 番å·ã€‚
+ã“ã®å€¤ã¯ã€\fB\-o\fR オプションを用ã„ã‚‹å ´åˆã‚’除ãã€ä»–ã¨é‡è¤‡ã—ã¦ã¯ãªã‚‰ãªã„。
+ã¾ãŸéžè² å€¤ã§ãªãã¦ã¯ãªã‚‰ãªã„。
+デフォルトã¯ã€999 ãŠã‚ˆã³ä»–ã®ã‚らゆる既存グループ㮠ID よりも大ãã„ã€
+最å°ã®æ•°å€¤ã¨ãªã‚‹ã€‚
+変更å‰ã®ã‚°ãƒ«ãƒ¼ãƒ— ID ã‚’æŒã¤å…¨ã¦ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¯ã€
+手作業ã§æ–°ã—ã„グループ ID ã¸ã¨å¤‰æ›´ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.IP "\fB\-n \fIgroup_name\fR"
+グループã®åå‰ãŒ \fIgroup\fR ã‹ã‚‰ \fIgroup_name\fR ã«å¤‰æ›´ã•ã‚Œã‚‹ã€‚
+.SH ファイル
+\fI/etc/group\fR \- グループ情報
+.br
+\fI/etc/gshadow\fR \- 安全ãªã‚°ãƒ«ãƒ¼ãƒ—情報
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/grpck.8 b/man/ja/man8/grpck.8
new file mode 100644
index 0000000..c570c28
--- /dev/null
+++ b/man/ja/man8/grpck.8
@@ -0,0 +1,116 @@
+.\"$Id$
+.\" Copyright 1992 - 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH GRPCK 8
+.SH åå‰
+grpck \- グループファイルãŒæ­£ã—ã„ã‹ã©ã†ã‹æ¤œæŸ»ã™ã‚‹
+.SH 書å¼
+\fBgrpck\fR [\fB\-r\fR] [\fIgroup\fR \fIshadow\fR]
+.SH 説明
+\fBgrpck\fR コマンドã¯ã‚·ã‚¹ãƒ†ãƒ ã®èªè¨¼æƒ…å ±ãŒæ­£ã—ã„ã‹ã©ã†ã‹æ¤œæŸ»ã™ã‚‹ã€‚
+\fI/etc/group\fR 㨠\fI/etc/gshadow\fR
+å„ファイルã®å…¨ã¦ã®ã‚¨ãƒ³ãƒˆãƒªã«å¯¾ã—ã€
+å„フィールドã®æ›¸å¼ãŒæ­£ã—ã„ã‹ã€
+ãã®ãƒ‡ãƒ¼ã‚¿ãŒæœ‰åŠ¹ãªã‚‚ã®ã‹ã©ã†ã‹ã‚’検証ã™ã‚‹ã€‚
+書å¼ãŒæ­£ã—ããªã„エントリやã€
+修正ä¸èƒ½ãªèª¤ã‚Šã‚’å«ã‚€ã‚¨ãƒ³ãƒˆãƒªã¯å‰Šé™¤ã™ã‚‹ã‚ˆã†ãƒ—ロンプトを出ã™ã€‚
+.P
+å„々ã®ã‚¨ãƒ³ãƒˆãƒªã«å¯¾ã—ã¦
+.sp
+.in +.5i
+\- フィールドã®æ•°ãŒæ­£ã—ã„ã‹
+.br
+\- グループåã«é‡è¤‡ãŒãªã„ã‹
+.br
+\- メンãƒãƒ¼ã®ãƒªã‚¹ãƒˆã¨ç®¡ç†è€…ã®ãƒªã‚¹ãƒˆãŒæ­£ã—ã„ã‹
+.in -.5i
+.sp
+ãŒãƒã‚§ãƒƒã‚¯ã•ã‚Œã‚‹ã€‚
+.P
+フィールドã®æ•°ãŒé–“é•ã£ã¦ã„ãŸã‚Šã€
+グループåãŒé‡è¤‡ã—ã¦ã„ã‚‹ã®ã¯è‡´å‘½çš„ãªã‚¨ãƒ©ãƒ¼ã§ã‚る。
+フィールドã®æ•°ãŒæ­£ã—ããªã„å ´åˆã€
+ユーザーã¯ãã®ã‚¨ãƒ³ãƒˆãƒªè¡Œã‚’削除ã™ã‚‹ã‚ˆã†ä¿ƒã•ã‚Œã‚‹ã€‚
+削除ã«åŒæ„ã—ãªã‹ã£ãŸå ´åˆã¯ã€ãれ以é™ã®ãƒã‚§ãƒƒã‚¯ã¯è¡Œã‚ã‚Œãªã„。
+é‡è¤‡ã—ãŸã‚°ãƒ«ãƒ¼ãƒ—åãŒã‚ã£ãŸå ´åˆã‚‚削除を促ã•ã‚Œã‚‹ãŒã€
+ã“ã®å ´åˆã¯å‰Šé™¤ã—ãªãã¦ã‚‚ãれ以é™ã®ãƒã‚§ãƒƒã‚¯ã¯ç¶šè¡Œã•ã‚Œã‚‹ã€‚
+ä»–ã®å…¨ã¦ã®ã‚¨ãƒ©ãƒ¼ã«å¯¾ã—ã¦ã¯è­¦å‘ŠãŒãªã•ã‚Œã‚‹ã€‚
+\fBgroupmod\fR コマンドを実行ã—ã¦ãã®ã‚¨ãƒ©ãƒ¼ã‚’修正ã™ã‚‹ã¨è‰¯ã„ã ã‚ã†ã€‚
+.P
+\fI/etc/group\fR ファイルをæ“作ã™ã‚‹ã‚³ãƒžãƒ³ãƒ‰ã¯ã€
+壊れãŸã‚¨ãƒ³ãƒˆãƒªã‚„é‡è¤‡ã—ãŸã‚¨ãƒ³ãƒˆãƒªã‚’変更ã§ããªã„。
+ãã®ã‚ˆã†ãªéš›ã«èª¤ã‚Šã®ã‚るエントリを削除ã™ã‚‹ã«ã¯
+\fBgrpck\fR を用ã„ã‚‹ã¨ã‚ˆã„。
+.SH オプション
+デフォルトã§ã¯ \fBgrpck\fR 㯠\fI/etc/group\fR ファイルã¨
+\fI/etc/gshadow\fR ã«å¯¾ã—ã¦å‹•ä½œã™ã‚‹ã€‚
+\fIgroup\fR パラメータ㨠\fIshadow\fR パラメータを用ã„ã¦ã€
+別ã®ãƒ•ã‚¡ã‚¤ãƒ«ã‚’é¸æŠžã™ã‚‹ã“ã¨ã‚‚ã§ãる。
+ã•ã‚‰ã« \fB\-r\fR フラグを指定ã™ã‚Œã°ã€
+リードオンリーモードã§ã‚³ãƒžãƒ³ãƒ‰ã‚’実行ã™ã‚‹ã“ã¨ã‚‚ã§ãる。
+ã“ã®å ´åˆã€å¤‰æ›´ã‚’è¡Œã†ã‹ã©ã†ã‹ã¯ãƒ¦ãƒ¼ã‚¶ã¸å•ã„åˆã‚ã•ã‚Œãšã€
+自動的㫠\fBno\fR ã¨å›žç­”ã•ã‚Œã‚‹ã€‚
+.B grpck
+ã¯
+\fI/etc/group\fR 㨠\fI/etc/gshadow\fR
+ã®ã‚¨ãƒ³ãƒˆãƒªã‚’ GID ã§ã‚½ãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚‚ã§ãる。
+ソートモードã§å‹•ä½œã•ã›ã‚‹ã«ã¯ \fB\-s\fR フラグを与ãˆã‚‹ã€‚
+ã“ã®å ´åˆãƒã‚§ãƒƒã‚¯ã¯è¡Œã‚ã‚Œãšã€å˜ã«ã‚½ãƒ¼ãƒˆã™ã‚‹ã ã‘ã§ã‚る。
+.SH ファイル
+\fI/etc/group\fR \ \- グループアカウント情報
+.br
+\fI/etc/gshadow\fR \- æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワードã¨ã‚°ãƒ«ãƒ¼ãƒ—管ç†è€…情報
+.br
+\fI/etc/passwd\fR \ \- ユーザー情報
+.SH 関連項目
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5),
+.BR groupmod (8)
+.SH 返り値
+\fBgrpck\fR コマンドã¯çµ‚了時ã«ä»¥ä¸‹ã®å€¤ã‚’è¿”ã™:
+.IP 0 5
+æˆåŠŸ
+.IP 1 5
+構文エラー
+.IP 2 5
+誤ã£ãŸã‚°ãƒ«ãƒ¼ãƒ—エントリãŒå­˜åœ¨ã™ã‚‹
+.IP 3 5
+グループファイルをオープンã§ããªã„
+.IP 4 5
+グループファイルをロックã§ããªã„
+.IP 5 5
+グループファイルを更新ã§ããªã„
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/grpconv.8 b/man/ja/man8/grpconv.8
new file mode 100644
index 0000000..6eed9e8
--- /dev/null
+++ b/man/ja/man8/grpconv.8
@@ -0,0 +1 @@
+.so man8/pwconv.8
diff --git a/man/ja/man8/grpunconv.8 b/man/ja/man8/grpunconv.8
new file mode 100644
index 0000000..6eed9e8
--- /dev/null
+++ b/man/ja/man8/grpunconv.8
@@ -0,0 +1 @@
+.so man8/pwconv.8
diff --git a/man/ja/man8/lastlog.8 b/man/ja/man8/lastlog.8
new file mode 100644
index 0000000..171d6a9
--- /dev/null
+++ b/man/ja/man8/lastlog.8
@@ -0,0 +1,80 @@
+.\"$Id$
+.\" Copyright 1992, Phillip Street and Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\" @(#)lastlog.8 3.3 08:24:58 29 Sep 1993 (National Guard Release)
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Thu Oct 14 1997 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Updated Fri Jan 12 2001 by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Mon Mar 4 2002 by kentaro Shirakata <argrath@ub32.org>
+.\" Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH LASTLOG 8
+.SH åå‰
+lastlog \- lastlog ファイルを調ã¹ã‚‹
+.SH 書å¼
+.TP 8
+\fBlastlog\fR [(\fB\-u\fR|\fB\-\-user\fR) \fIlogin\fR]
+[(\fB\-t\fR|\fB\-\-time\fR) \fIdays\fR] [(\fB\-h\fR|\fB\-\-help\fR)]
+.SH 説明
+\fBlastlog\fR ã¯æœ€çµ‚ログインã®è¨˜éŒ²ãƒ•ã‚¡ã‚¤ãƒ«
+\fI/var/log/lastlog\fR ã®å†…容を整形ã—ã¦è¡¨ç¤ºã™ã‚‹ã€‚
+\fBログインå\fR・\fBãƒãƒ¼ãƒˆ\fR・\fB最終ログイン時刻\fRã€ãŒè¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+オプションを指定ã—ãªã‹ã£ãŸå ´åˆã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã¯
+lastlog エントリを UID ã®æ•°å€¤ã§ã‚½ãƒ¼ãƒˆã—ã¦è¡¨ç¤ºã™ã‚‹ã€‚
+.TP
+\fB\-u\fR, \fB\-\-user\fR \fIlogin\-name\fR
+\fIlogin\-name\fR ã®è¨˜éŒ²ã ã‘を表示ã™ã‚‹ã€‚
+.TP
+\fB\-t\fR, \fB\-\-time\fR \fIdays\fR
+最近 \fIdays\fR 日以内ã®æœ€çµ‚ログインを表示ã™ã‚‹ã€‚
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+オンラインヘルプを表示ã—ã¦çµ‚了ã™ã‚‹ã€‚
+.PP
+\fB\-u\fR フラグを用ã„る㨠\fB\-t\fR ã¯ç„¡è¦–ã•ã‚Œã‚‹ã€‚
+.\"nakano ã¨ã„ã†ã®ãŒå®Ÿéš›ã®å‹•ä½œã®ã‚ˆã†ã«è¦‹ãˆã‚‹ã®ã ãŒã€‚
+.PP
+一度もログインã—ã¦ã„ãªã„ユーザã«å¯¾ã—ã¦ã¯ã€
+ãƒãƒ¼ãƒˆã¨æ™‚刻ã®ä»£ã‚ã‚Šã«
+\fB"**Never logged in**"\fR
+ã¨ã„ã†ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒè¡¨ç¤ºã•ã‚Œã‚‹ã€‚
+.SH ファイル
+\fI/var/log/lastlog\fR \- lastlog 記録ファイル
+.SH 警告
+UID 番å·ã«å¤§ããªé£›ã³ãŒã‚ã‚‹ã¨ã€
+lastlog プログラムã¯é•·æ™‚é–“ç”»é¢ã«ä½•ã‚‚出力ã—ãªã„ã¾ã¾
+実行を続ã‘ã‚‹ (例ãˆã° mmdf ㌠800 ã§æœ€å¾Œã® UID ㌠170 ã®å ´åˆã€
+UID ㌠171\-799 ã®é–“プログラムã¯ä½•ã‚‚出力ã—ãªã„ã®ã§ã€
+ãƒãƒ³ã‚°ã—ãŸã‚ˆã†ã«è¦‹ãˆã‚‹)。
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
+.BR
+Phillip Street
diff --git a/man/ja/man8/logoutd.8 b/man/ja/man8/logoutd.8
new file mode 100644
index 0000000..c8215a5
--- /dev/null
+++ b/man/ja/man8/logoutd.8
@@ -0,0 +1,55 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH LOGOUTD 8
+.SH åå‰
+logoutd \- ログイン時間ã®åˆ¶é™ã‚’実施ã™ã‚‹
+.SH 書å¼
+\fBlogoutd\fR
+.SH 説明
+\fBlogoutd\fR 㯠\fI/etc/porttime\fR
+ã«è¨˜ã•ã‚Œã¦ã„るログイン時間・ãƒãƒ¼ãƒˆã«å¯¾ã™ã‚‹åˆ¶é™ã‚’実施ã™ã‚‹ã€‚
+.B logoutd
+㯠\fI/etc/rc\fR ã«ã‚ˆã£ã¦èµ·å‹•ã•ã‚Œã‚‹ã‚ˆã†ã«ã™ã‚‹ã€‚
+\fI/etc/utmp\fR ファイルãŒå®šæœŸçš„ã«ã‚¹ã‚­ãƒ£ãƒ³ã•ã‚Œã€
+ログインã—ã¦ã„ã‚‹å„ユーザãŒ
+\fI/etc/porttime\fR 中ã§ã®ãã®ãƒ¦ãƒ¼ã‚¶ã®è¨±å¯
+(ãƒãƒ¼ãƒˆã¨æ™‚刻) ã«åã—ã¦ã„ãªã„ã‹èª¿ã¹ã‚‹ã€‚
+\fI/etc/porttime\fR ã®åˆ¶é™ã«åã™ã‚‹ãƒ­ã‚°ã‚¤ãƒ³ã‚»ãƒƒã‚·ãƒ§ãƒ³ã¯çµ‚了ã•ã›ã‚‰ã‚Œã‚‹ã€‚
+.SH ファイル
+/etc/porttime \- ログインã¨ãƒãƒ¼ãƒˆã®è¨±å¯
+.br
+/etc/utmp \- ç¾åœ¨ã®ãƒ­ã‚°ã‚¤ãƒ³ã‚»ãƒƒã‚·ãƒ§ãƒ³
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/newusers.8 b/man/ja/man8/newusers.8
new file mode 100644
index 0000000..630660d
--- /dev/null
+++ b/man/ja/man8/newusers.8
@@ -0,0 +1,71 @@
+.\"$Id$
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1996 HANATAKA Shinya
+.\" all rights reserved.
+.\" Translated Wed Nov 20 17:42:39 JST 1996
+.\" by HANATAKA Shinya
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH NEWUSERS 8
+.SH åå‰
+newusers \- ユーザã®æ–°è¦ä½œæˆã‚„情報更新をãƒãƒƒãƒå‡¦ç†ã§è¡Œã†
+.SH 書å¼
+\fBnewusers\fR [\fInew_users\fR]
+.SH 説明
+\fBnewusers\fR ã¯ãƒ¦ãƒ¼ã‚¶åã¨å¹³æ–‡ãƒ‘スワードã¨ã®çµ„を記ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã‚’読ã¿ã€
+ãã®æƒ…報をもã¨ã«æ—¢å­˜ã®ãƒ¦ãƒ¼ã‚¶æƒ…å ±ã®å¤‰æ›´ã‚„æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®ä½œæˆã‚’è¡Œã†ã€‚
+ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ã®æ›¸å¼ã¯ã€
+下記ã®ç‚¹ã‚’除ã標準的ãªãƒ‘スワードファイル
+(\fBpasswd\fR(5) å‚ç…§) ã¨åŒã˜ã§ã‚る。
+.IP "\fIpw_passwd\fR" 10
+ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒæš—å·åŒ–ã•ã‚Œã€æ–°ã—ã„æš—å·åŒ–パスワードã¨ãªã‚‹ã€‚
+.IP "\fIpw_age\fR"
+ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ shadow ファイルå‘ã‘ã®æƒ…å ±ã§ã‚ã‚‹ãŒã€
+ユーザãŒã™ã§ã«å­˜åœ¨ã™ã‚‹å ´åˆã¯ç„¡è¦–ã•ã‚Œã‚‹ã€‚
+.IP "\fIpw_gid\fR"
+ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«æ—¢å­˜ã®ã‚°ãƒ«ãƒ¼ãƒ—を指定ã—ãŸå ´åˆã¯ã€
+ユーザã¯ãã®ã‚°ãƒ«ãƒ¼ãƒ—ã«åŠ ãˆã‚‰ã‚Œã‚‹ã€‚
+存在ã—ãªã„グループ ID を指定ã—ãŸå ´åˆã¯ã€
+ãã®ã‚°ãƒ«ãƒ¼ãƒ— ID ã§æ–°ãŸãªã‚°ãƒ«ãƒ¼ãƒ—ãŒä½œæˆã•ã‚Œã‚‹ã€‚
+.IP "\fIpw_dir\fR"
+ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã§æŒ‡å®šã—ãŸãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªãŒã™ã§ã«å­˜åœ¨ã™ã‚‹ã‹ãƒã‚§ãƒƒã‚¯ã—ã€
+ã‚‚ã—存在ã—ãªã‘ã‚Œã°æ–°ãŸã«ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªãŒä½œã‚‰ã‚Œã‚‹ã€‚
+ã“ã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®æ‰€æœ‰è€…ã¯ã€
+æ–°è¦ä½œæˆã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ã€ã‚ã‚‹ã„ã¯æƒ…å ±ãŒå¤‰æ›´ã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ã¨ãªã‚‹ã€‚
+.PP
+ã“ã®ã‚³ãƒžãƒ³ãƒ‰ã¯ã€åŒæ™‚ã«å¤§é‡ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã‚’作æˆã™ã‚‹ã‚ˆã†ãªã€
+大è¦æ¨¡ãªã‚·ã‚¹ãƒ†ãƒ ç’°å¢ƒã§ç”¨ã„ã‚‹ãŸã‚ã«ä½œã‚‰ã‚ŒãŸã€‚
+.SH 警告
+入力ファイルã«ã¯æš—å·åŒ–ã•ã‚Œã¦ã„ãªã„パスワードãŒå«ã¾ã‚Œã‚‹ãŸã‚ã€
+é©åˆ‡ã«ä¿è­·ã—ã¦ãŠã‹ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.SH 関連項目
+.BR passwd (1),
+.BR useradd (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/pwck.8 b/man/ja/man8/pwck.8
new file mode 100644
index 0000000..e59972f
--- /dev/null
+++ b/man/ja/man8/pwck.8
@@ -0,0 +1,121 @@
+.\"$Id$
+.\" Copyright 1992, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated Sun 3 Mar 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo
+.\"
+.TH PWCK 8
+.SH åå‰
+pwck \- パスワードファイルãŒæ­£ã—ã„ã‹ã©ã†ã‹æ¤œæŸ»ã™ã‚‹
+.SH 書å¼
+\fBpwck\fR [\fB\-sr\fR] [\fIpasswd\fR \fIshadow\fR]
+.SH 説明
+\fBpwck\fR コマンドã¯ã‚·ã‚¹ãƒ†ãƒ ã®èªè¨¼æƒ…å ±ãŒæ­£ã—ã„ã‹ã©ã†ã‹æ¤œæŸ»ã™ã‚‹ã€‚
+\fI/etc/passwd\fR 㨠\fI/etc/shadow\fR
+å„ファイルã®ã™ã¹ã¦ã®ã‚¨ãƒ³ãƒˆãƒªã«å¯¾ã—ã€
+å„フィールドã®æ›¸å¼ãŒæ­£ã—ã„ã‹ã€
+ãã®ãƒ‡ãƒ¼ã‚¿ãŒæœ‰åŠ¹ãªã‚‚ã®ã‹ã©ã†ã‹ã‚’検証ã™ã‚‹ã€‚
+書å¼ãŒæ­£ã—ããªã„エントリやã€
+修正ä¸èƒ½ãªèª¤ã‚Šã‚’å«ã‚€ã‚¨ãƒ³ãƒˆãƒªã¯å‰Šé™¤ã™ã‚‹ã‚ˆã†ãƒ—ロンプトを出ã™ã€‚
+.P
+å„々ã®ã‚¨ãƒ³ãƒˆãƒªã«å¯¾ã—ã¦
+.sp
+.in +.5i
+\- フィールドã®æ•°ãŒæ­£ã—ã„ã‹
+.br
+\- ユーザåã«é‡è¤‡ãŒãªã„ã‹
+.br
+\- ユーザやグループ㮠ID ãŒæ­£ã—ã„ã‹
+.br
+\- プライマリグループãŒæ­£ã—ã„ã‹
+.br
+\- ホームディレクトリãŒæ­£ã—ã„ã‹
+.br
+\- ログインシェルãŒæ­£ã—ã„ã‹
+.in -.5i
+.sp
+ãŒãƒã‚§ãƒƒã‚¯ã•ã‚Œã‚‹ã€‚
+.P
+フィールドã®æ•°ãŒé–“é•ã£ã¦ã„ãŸã‚Šã€
+グループåãŒé‡è¤‡ã—ã¦ã„ã‚‹ã®ã¯è‡´å‘½çš„ãªã‚¨ãƒ©ãƒ¼ã§ã‚る。
+フィールドã®æ•°ãŒæ­£ã—ããªã„å ´åˆã€
+ユーザーã¯ãã®ã‚¨ãƒ³ãƒˆãƒªè¡Œã‚’削除ã™ã‚‹ã‚ˆã†ä¿ƒã•ã‚Œã‚‹ã€‚
+削除ã«åŒæ„ã—ãªã‹ã£ãŸå ´åˆã¯ã€ãれ以é™ã®ãƒã‚§ãƒƒã‚¯ã¯è¡Œã‚ã‚Œãªã„。
+é‡è¤‡ã—ãŸã‚°ãƒ«ãƒ¼ãƒ—åãŒã‚ã£ãŸå ´åˆã‚‚削除を促ã•ã‚Œã‚‹ãŒã€
+ã“ã®å ´åˆã¯å‰Šé™¤ã—ãªãã¦ã‚‚ãれ以é™ã®ãƒã‚§ãƒƒã‚¯ã¯ç¶šè¡Œã•ã‚Œã‚‹ã€‚
+ä»–ã®ã™ã¹ã¦ã®ã‚¨ãƒ©ãƒ¼ã«å¯¾ã—ã¦ã¯è­¦å‘ŠãŒãªã•ã‚Œã‚‹ã€‚
+\fBusermod\fR コマンドを実行ã—ã¦ãã®ã‚¨ãƒ©ãƒ¼ã‚’修正ã™ã‚‹ã¨è‰¯ã„ã ã‚ã†ã€‚
+.P
+\fI/etc/passwd\fR ファイルをæ“作ã™ã‚‹ã‚³ãƒžãƒ³ãƒ‰ã¯ã€
+壊れãŸã‚¨ãƒ³ãƒˆãƒªã‚„é‡è¤‡ã—ãŸã‚¨ãƒ³ãƒˆãƒªã‚’変更ã§ããªã„。
+ãã®ã‚ˆã†ãªéš›ã«èª¤ã‚Šã®ã‚るエントリを削除ã™ã‚‹ã«ã¯
+\fBpwck\fR を用ã„ã‚‹ã¨ã‚ˆã„。
+.SH オプション
+デフォルトã§ã¯ \fBpwck\fR 㯠\fI/etc/passwd\fR ファイルã¨
+\fI/etc/shadow\fR ã«å¯¾ã—ã¦å‹•ä½œã™ã‚‹ã€‚
+\fIpasswd\fR パラメータ㨠\fIshadow\fR パラメータを用ã„ã¦ã€
+別ã®ãƒ•ã‚¡ã‚¤ãƒ«ã‚’é¸æŠžã™ã‚‹ã“ã¨ã‚‚ã§ãる。
+ã•ã‚‰ã« \fB\-r\fR フラグを指定ã™ã‚Œã°ã€
+リードオンリーモードã§ã‚³ãƒžãƒ³ãƒ‰ã‚’実行ã™ã‚‹ã“ã¨ã‚‚ã§ãる。
+ã“ã®å ´åˆã€å¤‰æ›´ã‚’è¡Œã†ã‹ã©ã†ã‹ã¯ãƒ¦ãƒ¼ã‚¶ã¸å•ã„åˆã‚ã•ã‚Œãšã€
+自動的㫠\fBno\fR ã¨å›žç­”ã•ã‚Œã‚‹ã€‚
+\fBpwck\fR 㯠\fI/etc/passwd\fR 㨠\fI/etc/shadow\fR
+ã®ã‚¨ãƒ³ãƒˆãƒªã‚’ UID ã§ã‚½ãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚‚ã§ãる。
+ソートモードã§å‹•ä½œã•ã›ã‚‹ã«ã¯ \fB\-s\fR フラグを与ãˆã‚‹ã€‚
+ã“ã®å ´åˆãƒã‚§ãƒƒã‚¯ã¯è¡Œã‚ã‚Œãšã€å˜ã«ã‚½ãƒ¼ãƒˆã™ã‚‹ã ã‘ã§ã‚る。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザーアカウント情報
+.br
+\fI/etc/shadow\fR \- æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワード情報
+.br
+\fI/etc/group\fR \ \- グループ情報
+.SH 関連項目
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5),
+.BR usermod (8)
+.SH 返り値
+\fBpwck\fR コマンドã¯ä»¥ä¸‹ã®å€¤ã‚’è¿”ã—ã¦çµ‚了ã™ã‚‹:
+.IP 0 5
+æˆåŠŸ
+.IP 1 5
+構文エラー
+.IP 2 5
+誤ã£ãŸãƒ‘スワードエントリーãŒå­˜åœ¨ã™ã‚‹
+.IP 3 5
+パスワードファイルをオープンã§ããªã„
+.IP 4 5
+パスワードファイルをロックã§ããªã„
+.IP 5 5
+パスワードファイルを更新出æ¥ãªã„
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/pwconv.8 b/man/ja/man8/pwconv.8
new file mode 100644
index 0000000..e48a926
--- /dev/null
+++ b/man/ja/man8/pwconv.8
@@ -0,0 +1,80 @@
+.\"$Id$
+.\"
+.\" Japanese Version Copyright (c) 2001 Yuichi SATO
+.\" all rights reserved.
+.\" Translated Sat Dec 1 20:09:17 JST 2001
+.\" by Yuichi SATO <ysato@h4.dion.ne.jp>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH PWCONV 8 "26 Sep 1997"
+.SH åå‰
+pwconv, pwunconv, grpconv, grpunconv \- パスワード・グループ㮠shadow 化ã¨ã€é€šå¸¸ãƒ•ã‚¡ã‚¤ãƒ«ã¸ã®é€†å¤‰æ›
+.SH 書å¼
+.B pwconv
+.br
+.B pwunconv
+.br
+.B grpconv
+.br
+.B grpunconv
+.SH 説明
+ã“れら 4 ã¤ã®ãƒ—ログラムã¯ã€
+通常ã®ãƒ‘スワードファイル・グループファイルã¨ã€
+shadow 化ã•ã‚ŒãŸãƒ‘スワードファイル・グループファイルã§ã‚ã‚‹
+\fI/etc/passwd\fR ", " \fI/etc/group\fR ", " \fI/etc/shadow\fR ", " \fI/etc/gshadow\fR
+ã‚’æ“作ã™ã‚‹ã€‚
+
+\fBpwconv\fR 㯠\fIpasswd\fR ã‹ã‚‰ \fIshadow\fR を作æˆã™ã‚‹
+(ã™ã§ã«å­˜åœ¨ã™ã‚‹å ´åˆã¯ \fIshadow\fR ã®æƒ…報も用ã„ã‚‹)。
+\fBpwunconv\fR 㯠\fIpasswd\fR 㨠\fIshadow\fR ã‹ã‚‰
+\fIpasswd\fR を作æˆã—ã€\fIshadow\fR を削除ã™ã‚‹ã€‚
+\fBgrpconv\fR 㯠\fIgroup\fR ã‹ã‚‰ \fIgshadow\fR を作æˆã™ã‚‹
+(ã™ã§ã«å­˜åœ¨ã™ã‚‹å ´åˆã¯ \fIgshadow\fR ã®æƒ…報も用ã„ã‚‹)。
+\fBgrpunconv\fR 㯠\fIgroup\fR 㨠\fIgshadow\fR ã‹ã‚‰
+\fIgroup\fR を作æˆã—ã€\fIgshadow\fR を削除ã™ã‚‹ã€‚
+
+å„プログラムã¯å¤‰æ›å‰ã«ã€å¿…è¦ãªãƒ­ãƒƒã‚¯ã‚’è¦æ±‚ã™ã‚‹ã€‚
+
+.B pwconv
+ã¨
+.B grpconv
+ã¨ã¯ä»¥ä¸‹ã®ç‚¹ã§é¡žä¼¼ã—ã¦ã„る。
+ã¾ãšã€shadow 化ファイルã«ã‚るエントリã®ã†ã¡ã€
+通常ファイルã«ãªã„ã‚‚ã®ã¯ã€å‰Šé™¤ã•ã‚Œã‚‹ã€‚
+ã¾ãŸã€shadow 化ファイルã«ã‚るエントリã®ã†ã¡ã€
+通常ファイルã§ãƒ‘スワード㌠`x' ã«ãªã£ã¦ã„ãªã„ã‚‚ã®ã¯ã€æ›´æ–°ã•ã‚Œã‚‹ã€‚
+最後ã«ã€é€šå¸¸ãƒ•ã‚¡ã‚¤ãƒ«ã«æ›¸ã‹ã‚ŒãŸãƒ‘スワード㯠`x' ã«ç½®ãæ›ãˆã‚‰ã‚Œã‚‹ã€‚
+ã“れらã®ãƒ—ログラムã¯ã€åˆã‚ã¦å¤‰æ›ã‚’è¡Œã†ã¨ãã«ã‚‚ã€
+ã¾ãŸé€šå¸¸ã®ãƒ•ã‚¡ã‚¤ãƒ«ã‚’手動ã§ç·¨é›†ã—ãŸéš›ã«ã€
+shadow 化ファイルを更新ã™ã‚‹ã¨ãã«ã‚‚利用ã§ãる。
+
+\fI/etc/shadow\fR ã«æ–°ã—ã„エントリを追加ã™ã‚‹ã¨ãã€
+\fBpwconv\fR 㯠\fI/etc/login.defs\fR
+ã®
+.BR PASS_MIN_DAYS ", " PASS_MAX_DAYS ", " PASS_WARN_AGE
+ã®å€¤ã‚’使ã†ã€‚
+
+åŒã˜ã‚ˆã†ã«ã€
+\fBpwunconv\fR 㨠\fBgrpunconv\fR
+ã¨ã¯ä»¥ä¸‹ã®ç‚¹ã§é¡žä¼¼ã—ã¦ã„る。
+通常ファイルã®ãƒ‘スワードã¯ã€
+shadow 化ファイルã®ã‚‚ã®ã§æ›´æ–°ã•ã‚Œã‚‹ã€‚
+通常ファイルã«ã‚るエントリã¯ã€
+shadow 化ファイルã«ã¯ãã®ã‚¨ãƒ³ãƒˆãƒªãŒãªãã¦ã‚‚ã€
+ãã®ã¾ã¾ç½®ã‹ã‚Œç¶šã‘る。
+最後ã«ã€ shadow 化ファイルã¯å‰Šé™¤ã•ã‚Œã‚‹ã€‚
+
+パスワードã®æœ‰åŠ¹æœŸé™æƒ…å ±ã®ä¸€éƒ¨ã¯ã€
+.B pwunconv
+ã«ã‚ˆã£ã¦å¤±ã‚れる。変æ›ã§ãã‚‹ã‚‚ã®ã¯å¤‰æ›ã•ã‚Œã‚‹ã€‚
+.SH ãƒã‚°
+(ä¸æ­£ãªã‚¨ãƒ³ãƒˆãƒªã‚„é‡è¤‡ã—ãŸã‚¨ãƒ³ãƒˆãƒªã¨ã„ã£ãŸ)
+エラーãŒãƒ‘スワードファイルやグループファイルã«ã‚ã‚‹ã¨ã€
+プログラムã¯æ°¸é ã«ãƒ«ãƒ¼ãƒ—ã—ãŸã‚Šã€ãŠã‹ã—ãªå½¢ã§å¤±æ•—ã™ã‚‹ã‹ã‚‚ã—ã‚Œãªã„。
+shadow パスワード・グループã¸ã®å¤‰æ›ã‚„
+shadow 化ファイルã‹ã‚‰ã®é€†å¤‰æ›ã‚’è¡Œã†å‰ã«ã€
+\fBpwck\fR 㨠\fBgrpck\fR を実行ã—ã¦ã‚¨ãƒ©ãƒ¼ã‚’修正ã™ã‚‹ã“ã¨ã€‚
+.SH 関連項目
+.BR login.defs (5),
+.BR grpck (8),
+.BR pwck (8)
diff --git a/man/ja/man8/pwunconv.8 b/man/ja/man8/pwunconv.8
new file mode 100644
index 0000000..6eed9e8
--- /dev/null
+++ b/man/ja/man8/pwunconv.8
@@ -0,0 +1 @@
+.so man8/pwconv.8
diff --git a/man/ja/man8/sulogin.8 b/man/ja/man8/sulogin.8
new file mode 100644
index 0000000..b4b0fd7
--- /dev/null
+++ b/man/ja/man8/sulogin.8
@@ -0,0 +1,95 @@
+.\" $Id$
+.\" Copyright 1989 - 1992, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH SULOGIN 8
+.SH åå‰
+sulogin \- シングルユーザ login
+.SH 書å¼
+\fBsulogin\fR [\fItty\-device\fR]
+.SH 説明
+.B sulogin
+ã¯ã€ã‚·ãƒ³ã‚°ãƒ«ãƒ¦ãƒ¼ã‚¶ãƒ¢ãƒ¼ãƒ‰ã®æ™‚ã€
+ユーザãŒã‚·ã‚¹ãƒ†ãƒ ã«ã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½ã¨ãªã‚‹å‰ã«ã€
+\fI/etc/init\fR ã«ã‚ˆã£ã¦èµ·å‹•ã•ã‚Œã‚‹ã€‚
+ã“ã®æ©Ÿèƒ½ã¯ã€\fBinit\fR ãŒé©åˆ‡ã«å¤‰æ›´ã•ã‚Œã¦ã„るシステムã‹ã€
+ã‚ã‚‹ã„㯠\fI/etc/inittab\fR ã«ã‚·ãƒ³ã‚°ãƒ«ãƒ¦ãƒ¼ã‚¶ login
+ã®ã‚¨ãƒ³ãƒˆãƒªãŒã‚るシステムã§ã®ã¿åˆ©ç”¨ã§ãる。
+.PP
+次ã®ã‚ˆã†ãªãƒ—ロンプトãŒå‡ºã‚‹ã€‚
+.IP "" .5i
+Type control\-d to proceed with normal startup,
+.br
+(or give root password for system maintenance):
+.PP
+オプションã®ãƒ‡ãƒã‚¤ã‚¹å引数ãŒæŒ‡å®šã•ã‚ŒãŸå ´åˆã‚’除ãã€
+標準ã®ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‡ã‚£ã‚¹ã‚¯ãƒªãƒ—タを用ã„ã¦å…¥å‡ºåŠ›ã‚’è¡Œãªã†ã€‚
+.PP
+ユーザãŒæ­£ã—ã„ root ã®ãƒ‘スワードを入力ã—ãŸå ´åˆã¯ã€
+ログインセッションãŒé–‹å§‹ã•ã‚Œã‚‹ã€‚
+\fBEOF\fR ãŒæŠ¼ã•ã‚ŒãŸå ´åˆã¯ã€
+システムã¯ãƒžãƒ«ãƒãƒ¦ãƒ¼ã‚¶ãƒ¢ãƒ¼ãƒ‰ã«å…¥ã‚‹ã€‚
+.PP
+ユーザãŒã‚·ãƒ³ã‚°ãƒ«ãƒ¦ãƒ¼ã‚¶ã‚·ã‚§ãƒ«ã‚’抜ã‘ãŸã€
+ã‚ã‚‹ã„㯠(シェルã«å…¥ã‚‹å‰ã«) \fBEOF\fR を押ã—ãŸå¾Œã«ã¯ã€
+システムã¯ãƒžãƒ«ãƒãƒ¦ãƒ¼ã‚¶ãƒ¢ãƒ¼ãƒ‰ã«å…¥ã‚‹ãŸã‚ã«å¿…è¦ãªåˆæœŸåŒ–処ç†ã‚’開始ã™ã‚‹ã€‚
+.SH 警告
+ã“ã®ã‚³ãƒžãƒ³ãƒ‰ãŒåˆ©ç”¨ã§ãるよã†ã«ã™ã‚‹ã«ã¯ã€
+\fBinit\fR ㌠\fB/bin/sh\fR ã§ã¯ãªã
+\fBsulogin\fR を呼ã¶ã‚ˆã†ã«ãªã£ã¦ã„ã‚‹ã‹ã€
+ã¾ãŸã¯
+\fIinittab\fR
+中ã«ã‚·ãƒ³ã‚°ãƒ«ãƒ¦ãƒ¼ã‚¶ãƒ­ã‚°ã‚¤ãƒ³ã«å¯¾ã™ã‚‹è¨­å®šãŒã•ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚る。
+例ãˆã°ã€
+.br
+.sp 1
+co:s:respawn:/etc/sulogin /dev/console
+.br
+.sp 1
+ã¨ã„ã†è¡Œã‚’書ã„ã¦ãŠã‘ã°ã€
+シングルユーザモードã§ã¯ sulogin コマンドãŒå®Ÿè¡Œã•ã‚Œã‚‹ã€‚
+.PP
+å¯èƒ½ãªé™ã‚Šå®Œå…¨ãªç’°å¢ƒãŒæä¾›ã•ã‚Œã‚‹ã€‚
+ã—ã‹ã—ã€
+様々ãªãƒ‡ãƒã‚¤ã‚¹ãŒãƒžã‚¦ãƒ³ãƒˆã•ã‚Œã¦ã„ãªã‹ã£ãŸã‚ŠåˆæœŸåŒ–ã•ã‚Œã¦ã„ãªã‹ã£ãŸã‚Šã™ã‚‹ãŸã‚ã€
+多ãã®ãƒ¦ãƒ¼ã‚¶ã‚³ãƒžãƒ³ãƒ‰ãŒä½¿ãˆãªã‹ã£ãŸã‚Šæ©Ÿèƒ½ã—ãªã„ã‹ã‚‚ã—ã‚Œãªã„。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワードã¨æœ‰åŠ¹æœŸé™ã®æƒ…å ±
+.SH 関連項目
+.BR login (1),
+.BR sh (1),
+.BR init (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/useradd.8 b/man/ja/man8/useradd.8
new file mode 100644
index 0000000..40ae9f3
--- /dev/null
+++ b/man/ja/man8/useradd.8
@@ -0,0 +1,176 @@
+.\" $Id$
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1996 HANATAKA Shinya
+.\" all rights reserved.
+.\" Translated Wed Nov 20 17:42:39 JST 1996
+.\" by HANATAKA Shinya
+.\" Updated Mon Mar 5 JST 2002 by Kentaro Shirakata <argrath@ub32.org>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.\"WORD: initial group 主グループ
+.\"WORD: supplementary group 補助グループ
+.\"
+.TH USERADD 8
+.SH åå‰
+useradd \- æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®ä½œæˆãƒ»æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆæƒ…å ±ã®æ›´æ–°
+.SH 書å¼
+.TP 8
+\fBuseradd\fR [\fB\-c\fR \fIcomment\fR] [\fB\-d\fR \fIhome_dir\fR]
+.br
+[\fB\-e\fR \fIexpire_date\fR] [\fB\-f\fR \fIinactive_time\fR]
+.br
+[\fB\-g\fR \fIinitial_group\fR] [\fB\-G\fR \fIgroup\fR[,...]]
+.br
+[\fB\-m\fR [\fB\-k\fR \fIskeleton_dir\fR]] [\fB\-o\fR] [\fB\-p\fR \fIpasswd\fR]
+.br
+[\fB\-s\fR \fIshell\fR] [\fB\-u\fR \fIuid\fR] \fIlogin\fR
+.TP 8
+\fBuseradd\fR \fB\-D\fR [\fB\-g\fR \fIdefault_group\fR] [\fB\-b\fR \fIdefault_home\fR]
+.br
+[\fB\-e\fR \fIdefault_expire_date\fR] [\fB\-f\fR \fIdefault_inactive\fR]
+.br
+[\fB\-s\fR \fIdefault_shell\fR]
+.SH 説明
+.SS æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®ä½œæˆ
+\fB\-D\fR オプションãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã€
+\fBuseradd\fR コマンドã¯
+コマンドラインã®å€¤ã¨ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®è¨­å®šå€¤ã‚’ã‚‚ã¨ã«
+æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã‚’作æˆã™ã‚‹ã€‚
+コマンドラインオプションã«å¿œã˜ã¦ã€
+æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãŒå¿…è¦ãªã‚·ã‚¹ãƒ†ãƒ ãƒ•ã‚¡ã‚¤ãƒ«ã«è¿½åŠ ã•ã‚Œã€
+ホームディレクトリãŒä½œæˆã•ã‚Œã€
+設定ファイルãŒã‚³ãƒ”ーã•ã‚Œã‚‹ã€‚
+\fBuseradd\fR コマンドã®ã‚ªãƒ—ションã¯æ¬¡ã®é€šã‚Šã€‚
+.IP "\fB\-c\fR \fIcomment\fR"
+パスワードファイルã«è¿½åŠ ã™ã‚‹æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®ã‚³ãƒ¡ãƒ³ãƒˆãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã€‚
+.IP "\fB\-d\fR \fIhome_dir\fR"
+æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®ãƒ­ã‚°ã‚¤ãƒ³ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’ \fIhome_dir\fR ã«ã™ã‚‹ã€‚
+デフォルトã§ã¯ \fIlogin\fR ã‚’
+\fIdefault_home\fR ã«ä»˜ã‘加ãˆãŸã‚‚ã®ãŒãƒ­ã‚°ã‚¤ãƒ³ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã¨ãªã‚‹ã€‚
+.IP "\fB\-e\fR \fIexpire_date\fR"
+ユーザアカウントãŒä½¿ç”¨ä¸èƒ½ã«ãªã‚‹æ—¥ä»˜ã€‚
+日付㯠\fIYYYY\-MM\-DD\fR ã¨ã„ã†æ›¸å¼ã§æŒ‡å®šã™ã‚‹ã€‚
+.IP "\fB\-f\fR \fIinactive_days\fR"
+パスワードã®ä½¿ç”¨æœŸé™ãŒåˆ‡ã‚Œã¦ã‹ã‚‰ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãŒæ°¸ä¹…ã«ä½¿ç”¨ä¸èƒ½ã«ãªã‚‹ã¾ã§ã®æ—¥æ•°ã€‚
+0 ã«ã™ã‚‹ã¨ã€
+パスワードã®æœŸé™ãŒåˆ‡ã‚Œã‚‹ã¨åŒæ™‚ã«ã“ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã¯ä½¿ç”¨ä¸èƒ½ã«ãªã‚‹ã€‚
+\-1 ã«ã™ã‚‹ã¨ã“ã®æ©Ÿèƒ½ãŒç„¡åŠ¹ã«ãªã‚‹ã€‚デフォルト値㯠\-1。
+.IP "\fB\-g\fR \fIinitial_group\fR"
+ユーザã®å±žã™ã‚‹ä¸»ã‚°ãƒ«ãƒ¼ãƒ—ã®ã‚°ãƒ«ãƒ¼ãƒ—åã¾ãŸã¯ ID。
+グループåã¯ã™ã§ã«å­˜åœ¨ã—ã¦ã„ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+グループ ID ã¯æ—¢å­˜ã®ã‚°ãƒ«ãƒ¼ãƒ—ã«å¯¾å¿œã™ã‚‹ã‚‚ã®ã§ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+デフォルトã®ã‚°ãƒ«ãƒ¼ãƒ— ID 㯠1 ã‹ã€
+ã¾ãŸã¯ \fI/etc/default/useradd\fR
+ã§æŒ‡å®šã•ã‚Œã¦ã„ã‚‹ã‚‚ã®ãŒã‚ã‚Œã°ãã‚Œã«å¾“ã†ã€‚
+.IP "\fB\-G\fR \fIgroup,[...]\fR"
+ユーザã®å±žã™ã‚‹è£œåŠ©ã‚°ãƒ«ãƒ¼ãƒ— (supplementary groups) ã®ãƒªã‚¹ãƒˆã€‚
+グループã¯ã‚³ãƒ³ãƒžã§åŒºåˆ‡ã‚Šã€é–“ã«ç©ºç™½ã‚’入れã¦ã¯ãªã‚‰ãªã„。
+指定ã§ãるグループã«ã¯ \fB\-g\fR オプションã¨åŒæ§˜ã®åˆ¶é™ãŒã‚る。
+デフォルトã§ã¯ã€ãƒ¦ãƒ¼ã‚¶ã¯ä¸»ã‚°ãƒ«ãƒ¼ãƒ—ã®ã¿ã«å±žã™ã‚‹ã€‚
+.IP \fB\-m\fR
+ホームディレクトリãŒå­˜åœ¨ã—ãªã„å ´åˆã«ã¯ã€ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’作æˆã™ã‚‹ã€‚
+\fB\-k\fR オプションをåŒæ™‚ã«æŒ‡å®šã™ã‚‹ã¨ \fIskeleton_dir\fR 以下ã®ãƒ•ã‚¡ã‚¤ãƒ«ãŒã€
+指定ã—ãªã„㨠\fI/etc/skel\fR 以下ã®ãƒ•ã‚¡ã‚¤ãƒ«ãŒã€
+ホームディレクトリã«ã‚³ãƒ”ーã•ã‚Œã‚‹ã€‚
+ホームディレクトリã«ã¯ã€
+\fIskeleton_dir\fR ã¾ãŸã¯ \fI/etc/skel\fR
+ã«å«ã¾ã‚Œã‚‹ã™ã¹ã¦ã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚‚作æˆã•ã‚Œã‚‹ã€‚
+\fB\-k\fR オプションã¯ã€
+\fB\-m\fR オプションã¨ã¨ã‚‚ã«ä½¿ã‚れる場åˆã®ã¿æœ‰åŠ¹ã§ã‚る。
+デフォルトã§ã¯ã€ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’作らãšã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ã‚³ãƒ”ーもã—ãªã„。
+.IP "\fB\-o\fR"
+é‡è¤‡ã—㟠(固有ã§ãªã„) UID ã§ãƒ¦ãƒ¼ã‚¶ã‚’作æˆã§ãるよã†ã«ã™ã‚‹ã€‚
+.IP "\fB\-p\fR \fIpasswd\fR"
+\fBcrypt\fR(3) ã®è¿”り値ã§ã‚ã‚‹æš—å·åŒ–パスワード。
+デフォルトã§ã¯ã€ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã¯ä½¿ãˆãªã„状態ã¨ãªã‚‹ã€‚
+.IP "\fB\-s\fR \fIshell\fR"
+ユーザã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã®åå‰ã€‚
+デフォルトã§ã¯ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ç©ºç™½ã¨ãªã‚Šã€
+システムãŒãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã‚’é¸ã¶ã€‚
+.IP "\fB\-u\fR \fIuid\fR"
+ユーザ㮠ID 番å·ã€‚
+ã“ã®å€¤ã¯ã€\fB\-o\fR オプションを用ã„ã‚‹å ´åˆã‚’除ãã€ä»–ã¨é‡è¤‡ã—ã¦ã¯ãªã‚‰ãªã„。
+ã¾ãŸéžè² å€¤ã§ãªãã¦ã¯ãªã‚‰ãªã„。
+デフォルトã§ã¯ã€ 999 ãŠã‚ˆã³ä»–ã®ã‚らゆる既存ユーザ㮠ID よりも大ãã„ã€
+最å°ã®æ•°å€¤ã¨ãªã‚‹ã€‚
+0 ã‹ã‚‰ 999 ã¾ã§ã®å€¤ã¯ã€
+通常システム用ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã«äºˆç´„ã•ã‚Œã¦ã„る。
+.SS デフォルト値ã®å¤‰æ›´
+\fB\-D\fR オプションを指定ã™ã‚‹ã¨ã€
+\fBuseradd\fR ã¯ç¾åœ¨ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆå€¤ã‚’表示ã™ã‚‹ã‹ã€
+ã¾ãŸã¯ã‚ªãƒ—ションã§ä¸Žãˆã‚‰ã‚ŒãŸå€¤ã«å¿œã˜ã¦ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆå€¤ã‚’変更ã™ã‚‹ã€‚
+使用å¯èƒ½ãªã‚ªãƒ—ションã¯æ¬¡ã®é€šã‚Šã€‚
+.IP "\fB\-b\fR \fIdefault_home\fR"
+æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®ãƒ‘スã®ãƒ—レフィックス。
+æ–°è¦ãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã®ä½œæˆæ™‚ã« \fB\-d\fI オプションãŒæŒ‡å®šã•ã‚Œãªã„ã¨ã€
+\fIdefault_home\fR ã®å¾Œã«ãƒ¦ãƒ¼ã‚¶åを付ã‘加ãˆãŸã‚‚ã®ãŒ
+æ–°è¦ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªåã¨ã—ã¦ä½¿ã‚れる。
+.IP "\fB\-e\fR \fIdefault_expire_date\fR"
+ユーザアカウントãŒä½¿ç”¨ä¸èƒ½ã¨ãªã‚‹æ—¥ä»˜ã€‚
+.IP "\fB\-f\fR \fIdefault_inactive\fR"
+パスワードã®ä½¿ç”¨æœŸé™ãŒåˆ‡ã‚Œã¦ã‹ã‚‰ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãŒä½¿ç”¨ä¸èƒ½ã¨ãªã‚‹ã¾ã§ã®æ—¥æ•°ã€‚
+.IP "\fB\-g\fR \fIdefault_group\fR"
+æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®å±žã™ã‚‹ä¸»ã‚°ãƒ«ãƒ¼ãƒ—ã®ã‚°ãƒ«ãƒ¼ãƒ—åã¾ãŸã¯ã‚°ãƒ«ãƒ¼ãƒ— ID。
+グループåã¯ã™ã§ã«å­˜åœ¨ã™ã‚‹ã‚‚ã®ã§ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+グループ ID ã¯æ—¢å­˜ã®ã‚°ãƒ«ãƒ¼ãƒ—ã«å¯¾å¿œã™ã‚‹ã‚‚ã®ã§ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.IP "\fB\-s\fR \fIdefault_shell\fR"
+æ–°è¦ãƒ¦ãƒ¼ã‚¶ã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã€‚
+指定ã•ã‚ŒãŸãƒ—ログラムã¯ã€
+今後作られるã™ã¹ã¦ã®æ–°è¦ãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã«é©ç”¨ã•ã‚Œã‚‹ã€‚
+.PP
+オプションを指定ã—ãªã„ã¨ã€
+\fBuseradd\fR ã¯ç¾åœ¨ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆå€¤ã‚’表示ã™ã‚‹ã€‚
+.SH 注æ„
+\fI/etc/skel\fR ディレクトリã«ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ãƒ¦ãƒ¼ã‚¶ãƒ•ã‚¡ã‚¤ãƒ«ã‚’ç½®ãã®ã¯
+システム管ç†è€…ã®è¡Œã†ã¹ã作業ã§ã‚る。
+.SH 警告
+NIS ã®ã‚°ãƒ«ãƒ¼ãƒ—ã«ãƒ¦ãƒ¼ã‚¶ã‚’加ãˆã¦ã¯ãªã‚‰ãªã„。
+ã“ã‚Œã¯å¿…ãš NIS サーãƒä¸Šã§è¡Œã†ã“ã¨ã€‚
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- 安全ãªãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆæƒ…å ±
+.br
+\fI/etc/group\fR \ \- グループ情報
+.br
+\fI/etc/default/useradd\fR \- デフォルト情報
+.br
+\fI/etc/skel/\fR \ \- ファイルã®é››å½¢ãŒç½®ã‹ã‚Œã‚‹ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒª
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR crypt (3),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/userdel.8 b/man/ja/man8/userdel.8
new file mode 100644
index 0000000..8cbb218
--- /dev/null
+++ b/man/ja/man8/userdel.8
@@ -0,0 +1,77 @@
+.\" $Id$
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated Fri Jan 12 JST 2000 by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Fri Mar 1 JST 2002 by Kentaro Shirakata <argrath@ub32.org>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH USERDEL 8
+.SH åå‰
+userdel \- ユーザã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã¨é–¢é€£ãƒ•ã‚¡ã‚¤ãƒ«ã‚’削除ã™ã‚‹
+.SH 書å¼
+.B userdel
+[\fB\-r\fR]
+.I login
+.SH 説明
+\fBuserdel\fR コマンドã¯ã€ã‚·ã‚¹ãƒ†ãƒ ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãƒ•ã‚¡ã‚¤ãƒ«ã‚’修正ã—ã€
+ユーザ \fIlogin\fR ã«å¯¾å¿œã™ã‚‹ã™ã¹ã¦ã®ã‚¨ãƒ³ãƒˆãƒªã‚’削除ã™ã‚‹ã€‚
+削除ã•ã‚Œã‚‹ãƒ¦ãƒ¼ã‚¶ã¯å­˜åœ¨ã—ã¦ã„ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+\fBuserdel\fR コマンドã«é©ç”¨ã§ãるオプションã¯ä»¥ä¸‹ã®é€šã‚Šã€‚
+.IP \fB\-r\fR
+ユーザã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªä¸­ã®ãƒ•ã‚¡ã‚¤ãƒ«ã‚’削除ã™ã‚‹ã€‚
+ホームディレクトリ自体ã¨ãƒ¦ãƒ¼ã‚¶ã®ãƒ¡ãƒ¼ãƒ«ã‚¹ãƒ—ールも消去ã™ã‚‹ã€‚
+ファイルシステム中ã®ã»ã‹ã®å ´æ‰€ã«ã‚ã‚‹ãã®ãƒ¦ãƒ¼ã‚¶ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¯ã€
+手作業ã§æŽ¢ã—出ã—ã¦å‰Šé™¤ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- 安全ãªãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆæƒ…å ±
+.br
+\fI/etc/group\fR \ \- グループ情報
+.SH 警告
+\fBuserdel\fR ã¯ã€å‰Šé™¤ã•ã‚Œã‚‹ãƒ¦ãƒ¼ã‚¶ãŒç¾åœ¨ãƒ­ã‚°ã‚¤ãƒ³ã—ã¦ã„ã‚‹å ´åˆã¯ã€
+ãã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã®å‰Šé™¤ã‚’許å¯ã—ãªã„。
+削除ã—よã†ã¨ã—ã¦ã„るアカウントã«å±žã™ã‚‹å®Ÿè¡Œä¸­ã®ãƒ—ロセスã¯ã€
+ã™ã¹ã¦ kill ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+NIS ã®ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‹ã‚‰ã¯ã€NIS ã®å±žæ€§å€¤ã¯å‰Šé™¤ã§ããªã„。
+削除㯠NIS ã®ã‚µãƒ¼ãƒã§è¡Œã‚ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR usermod (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/usermod.8 b/man/ja/man8/usermod.8
new file mode 100644
index 0000000..bd2f604
--- /dev/null
+++ b/man/ja/man8/usermod.8
@@ -0,0 +1,145 @@
+.\" $Id$
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\" all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\" by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated Tue Jan 23 17:21:08 JST 2001
+.\" by Kentaro Shirakata <argrath@ub32.org>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.\"WORD: initial group 主グループ
+.\"WORD: supplementary group 補助グループ
+.\"
+.TH USERMOD 8
+.SH åå‰
+usermod \- ユーザアカウントを修正ã™ã‚‹
+.SH 書å¼
+\fBusermod\fR [\fB\-c\fR \fIcomment\fR] [\fB\-d\fR \fIhome_dir\fR [\fB\-m\fR]]
+.br
+[\fB\-e\fR \fIexpire_date\fR] [\fB\-f\fR \fIinactive_time\fR]
+.br
+[\fB\-g\fR \fIinitial_group\fR] [\fB\-G\fR \fIgroup\fR [,...]]
+.br
+[\fB\-l\fR \fIlogin_name\fR] [\fB\-p\fR \fIpasswd\fR]
+.br
+[\fB\-s\fR \fIshell\fR] [\fB\-u\fR \fIuid\fR [\fB\-o\fR]] [\fB\-L\fR|\fB\-U\fR]
+\fIlogin\fR
+.SH 説明
+\fBusermod\fR コマンドã¯ã€
+コマンドライン上ã§ã®æŒ‡å®šã«ã‚ˆã£ã¦ã€
+システムアカウントファイルを修正ã™ã‚‹ã€‚
+\fBusermod\fR コマンドã«æŒ‡å®šã§ãるオプションã¯æ¬¡ã®é€šã‚Šã€‚
+.IP "\fB\-c\fR \fIcomment\fR"
+パスワードファイルã®ã‚³ãƒ¡ãƒ³ãƒˆãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ä¸Žãˆã‚‹æ–°ã—ã„値。
+通常ã¯
+.BR chfn (1)
+ユーティリティã«ã‚ˆã£ã¦å¤‰æ›´ã•ã‚Œã‚‹ã€‚
+.IP "\fB\-d\fR \fIhome_dir\fR"
+æ–°ã—ã„ログインディレクトリ。
+\fB\-m\fR オプションを用ã„ã‚‹ã¨ã€
+ç¾åœ¨ã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®ä¸­èº«ãŒæ–°ã—ã„ホームディレクトリã«ç§»å‹•ã•ã‚Œã‚‹
+(後者ãŒå­˜åœ¨ã—ãªã„å ´åˆã¯æ–°ãŸã«ä½œæˆã•ã‚Œã‚‹)。
+.IP "\fB\-e\fR \fIexpire_date\fR"
+ãã®ãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãŒä½¿ç”¨ä¸èƒ½ã«ãªã‚‹æ—¥ä»˜ã€‚
+日付㯠\fIYYYY\-MM\-DD\fR ã¨ã„ã†æ›¸å¼ã§æŒ‡å®šã™ã‚‹ã€‚
+.IP "\fB\-f\fR \fIinactive_days\fR"
+パスワードã®ä½¿ç”¨æœŸé™ãŒåˆ‡ã‚Œã¦ã‹ã‚‰ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãŒæ°¸ä¹…ã«ä½¿ç”¨ä¸èƒ½ã«ãªã‚‹ã¾ã§ã®æ—¥æ•°ã€‚
+0 ã«ã™ã‚‹ã¨ã€
+パスワードã®æœŸé™ãŒåˆ‡ã‚Œã‚‹ã¨åŒæ™‚ã«ã“ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã¯ä½¿ç”¨ä¸èƒ½ã«ãªã‚‹ã€‚
+\-1 ã«ã™ã‚‹ã¨ã“ã®æ©Ÿèƒ½ãŒç„¡åŠ¹ã«ãªã‚‹ã€‚デフォルト値㯠\-1。
+.IP "\fB\-g\fR \fIinitial_group\fR"
+
+æ–°ãŸã«ãã®ãƒ¦ãƒ¼ã‚¶ã®ãƒ­ã‚°ã‚¤ãƒ³æ™‚åˆæœŸã‚°ãƒ«ãƒ¼ãƒ—ã¨ã™ã‚‹ã‚°ãƒ«ãƒ¼ãƒ—åã¾ãŸã¯ ID。
+グループåã¯æ—¢ã«å­˜åœ¨ã—ã¦ã„ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+グループ番å·ã¯æ—¢å­˜ã®ã‚°ãƒ«ãƒ¼ãƒ—ã‚’å‚ç…§ã—ã¦ã„ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+デフォルトã®ã‚°ãƒ«ãƒ¼ãƒ—番å·ã¯ 1。
+.IP "\fB\-G\fR \fIgroup,[...]\fR"
+ユーザãŒå±žã™ã‚‹è£œåŠ©ã‚°ãƒ«ãƒ¼ãƒ— (supplementary groups) ã®ãƒªã‚¹ãƒˆã€‚
+グループã¯ã‚³ãƒ³ãƒžã§åŒºåˆ‡ã‚Šã€é–“ã«ç©ºç™½æ–‡å­—を入れã¦ã¯ãªã‚‰ãªã„。
+指定ã§ãるグループã«ã¯ \fB\-g\fR オプションã¨åŒæ§˜ã®åˆ¶é™ãŒã‚る。
+ç¾åœ¨ãã®ãƒ¦ãƒ¼ã‚¶ãŒã€
+æ–°ã—ã„リストã«ãªã„グループã®ãƒ¡ãƒ³ãƒãƒ¼ã«ãªã£ã¦ã„ã‚‹å ´åˆã¯ã€
+ãã®ã‚°ãƒ«ãƒ¼ãƒ—ã‹ã‚‰å‰Šé™¤ã•ã‚Œã‚‹ã€‚
+.IP "\fB\-l\fR \fIlogin_name\fR"
+ユーザã®ãƒ­ã‚°ã‚¤ãƒ³åã‚’ \fIlogin\fR ã‹ã‚‰ \fIlogin_name\fR ã«å¤‰æ›´ã™ã‚‹ã€‚
+ä»–ã¯ä½•ã‚‚変更ã—ãªã„ã®ã§ã€
+ãŠãらãæ–°ã—ã„ログインåã«åˆã‚ã›ã¦
+ホームディレクトリã®åå‰ã‚’変更ã™ã‚‹å¿…è¦ãŒã‚ã‚‹ã ã‚ã†ã€‚
+.IP "\fB\-p\fR \fIpasswd\fR"
+\fBcrypt\fR(3) ã®è¿”り値ã§ã‚ã‚‹æš—å·åŒ–パスワード。
+.IP "\fB\-s\fR \fIshell\fR"
+ユーザã®æ–°ã—ã„ログインシェルã®åå‰ã€‚
+ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’空白ã«ã—ãŸå ´åˆã¯ã€
+システムãŒãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã‚’é¸æŠžã™ã‚‹ã€‚
+.IP "\fB\-u\fR \fIuid\fR"
+ユーザ㮠ID 番å·ã€‚
+ã“ã®å€¤ã¯ã€\fB\-o\fR オプションを用ã„ã‚‹å ´åˆã‚’除ãã€ä»–ã¨é‡è¤‡ã—ã¦ã¯ãªã‚‰ãªã„。
+ã¾ãŸéžè² å€¤ã§ãªãã¦ã¯ãªã‚‰ãªã„。
+0 ã‹ã‚‰ 999 ã¾ã§ã®å€¤ã¯ã€é€šå¸¸ã‚·ã‚¹ãƒ†ãƒ ã‚¢ã‚«ã‚¦ãƒ³ãƒˆç”¨ã«äºˆç´„ã•ã‚Œã¦ã„る。
+ホームディレクトリ以下ã®ã€
+ãã®ãƒ¦ãƒ¼ã‚¶æ‰€æœ‰ã®ã™ã¹ã¦ã®ãƒ•ã‚¡ã‚¤ãƒ«ã®ãƒ¦ãƒ¼ã‚¶ ID ã¯ã€
+自動的ã«æ–°ã—ã„値ã«å¤‰æ›´ã•ã‚Œã‚‹ã€‚
+ホームディレクトリ以下ã«ãªã„ファイルã¯æ‰‹ä½œæ¥­ã§å¤‰æ›´ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.IP "\fB\-L\fR"
+ユーザã®ãƒ‘スワードをロックã™ã‚‹ã€‚
+ã“ã‚Œã¯æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワードã®å‰ã« '!' を追加ã—ã€
+実質的ã«ãƒ‘スワードを無効ã«ã™ã‚‹ã€‚
+ã“ã®ã‚ªãƒ—ションを \fI\-p\fR ã‚„ \fI\-U\fR ã¨åŒæ™‚ã«ç”¨ã„ã‚‹ã“ã¨ã¯ã§ããªã„。
+.IP "\fB\-U\fR"
+ユーザã®ãƒ‘スワードをアンロックã™ã‚‹ã€‚
+ã“ã‚Œã¯æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワードã®å…ˆé ­ã® '!' ã‚’å–り除ã。
+ã“ã®ã‚ªãƒ—ションを \fI\-p\fR ã‚„ \fI\-L\fR ã¨åŒæ™‚ã«ç”¨ã„ã‚‹ã“ã¨ã¯ã§ããªã„。
+.SH 警告
+\fBusermod\fR
+ã¯ç¾åœ¨ãƒ­ã‚°ã‚¤ãƒ³ã—ã¦ã„るユーザã®åå‰ã‚’変更ã§ããªã„。
+ã“ã®ã‚³ãƒžãƒ³ãƒ‰ã‚’使用ã—ã¦ãƒ¦ãƒ¼ã‚¶ã® ID 番å·ã‚’変更ã™ã‚‹éš›ã«ã¯ã€
+指定ã—ãŸãƒ¦ãƒ¼ã‚¶ã®ãƒ—ロセスãŒä¸€ã¤ã‚‚実行ã•ã‚Œã¦ã„ãªã„ã“ã¨ã‚’
+事å‰ã«ç¢ºèªã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+crontab ファイルã®æ‰€æœ‰è€…ã¯æ‰‹ä½œæ¥­ã§å¤‰æ›´ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+at ジョブã®æ‰€æœ‰è€…ã¯æ‰‹ä½œæ¥­ã§å¤‰æ›´ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+NIS ã«é–¢ã™ã‚‹ä½œæ¥­ã¯ NIS サーãƒä¸Šã§è¡Œãªã‚ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- 安全ãªãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆæƒ…å ±
+.br
+\fI/etc/group\fR \ \- グループ情報
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR crypt (3),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR userdel (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/vigr.8 b/man/ja/man8/vigr.8
new file mode 100644
index 0000000..ff72d7a
--- /dev/null
+++ b/man/ja/man8/vigr.8
@@ -0,0 +1 @@
+.so man8/vipw.8
diff --git a/man/ja/man8/vipw.8 b/man/ja/man8/vipw.8
new file mode 100644
index 0000000..205d121
--- /dev/null
+++ b/man/ja/man8/vipw.8
@@ -0,0 +1,38 @@
+.\" $Id$
+.\"
+.\" Japanese Version Copyright (c) 2001 Maki KURODA
+.\" all right reserved,
+.\" Translated Tue Oct 30 11:55:56 JST 2001
+.\" by Maki KURODA <mkuroda@aisys-jp.com>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH VIPW 8 "26 Sep 1997"
+.SH åå‰
+vipw, vigr \- password, group ã¨ãã‚Œãžã‚Œã® shadow ファイルを編集ã™ã‚‹
+.SH 書å¼
+\fBvipw\fR [\fB\-s\fR]
+.br
+\fBvigr\fR [\fB\-s\fR]
+.SH 説明
+.BR vipw " 㨠" vigr
+ã¯ã€ãã‚Œãžã‚Œ
+\fI/etc/passwd\fR " 㨠" \fI/etc/group\fR
+を編集ã™ã‚‹ã€‚
+.B \-s
+フラグãŒæŒ‡å®šã•ã‚Œã‚‹ã¨ã€ã“れらã®ãƒ•ã‚¡ã‚¤ãƒ«ã® shadow 化版ã§ã‚ã‚‹
+\fI/etc/shadow\fR 㨠\fI/etc/gshadow\fR
+ã‚’ãã‚Œãžã‚Œç·¨é›†ã™ã‚‹ã€‚
+ã“れらã®ãƒ—ログラムã¯ãƒ•ã‚¡ã‚¤ãƒ«ãŒå£Šã‚Œãªã„よã†é©åˆ‡ãªãƒ­ãƒƒã‚¯ã‚’設定ã™ã‚‹ã€‚
+
+ã“れらã®ãƒ—ログラムã¯ã€åˆ©ç”¨ã™ã‚‹ã‚¨ãƒ‡ã‚£ã‚¿ã¨ã—ã¦ã¾ãš
+環境変数
+.BR VISUAL ,
+環境変数
+.BR EDITOR ,
+ã‚’é †ã«è©¦ã—ã€æœ€å¾Œã«ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ã‚¨ãƒ‡ã‚£ã‚¿ã§ã‚ã‚‹
+.BR vi
+を用ã„よã†ã¨ã™ã‚‹ã€‚
+.SH 関連項目
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5)
diff --git a/man/ko/Makefile.am b/man/ko/Makefile.am
new file mode 100644
index 0000000..c269f0b
--- /dev/null
+++ b/man/ko/Makefile.am
@@ -0,0 +1,16 @@
+
+mandir = @mandir@/ko
+
+man_MANS = \
+ man1/chfn.1 \
+ man1/chsh.1 \
+ man1/groups.1 \
+ man1/login.1 \
+ man5/passwd.5 \
+ man1/su.1 \
+ man8/vigr.8 \
+ man8/vipw.8
+# newgrp.1 must be updated
+# newgrp.1
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/ko/man1/chfn.1 b/man/ko/man1/chfn.1
new file mode 100644
index 0000000..e6d3fae
--- /dev/null
+++ b/man/ko/man1/chfn.1
@@ -0,0 +1,54 @@
+.\" $Id$
+.\" (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\" this program is free software. you can redistribute it and
+.\" modify it under the terms of the gnu general public license.
+.\" there is no warranty.
+.TH CHFN 1 "October 13 1994" "chfn" "Linux Reference Manual"
+.SH NAME
+chfn \- ì‚¬ìš©ìž finger 정보를 바꾼다.
+.SH SYNOPSIS
+\fBchfn\fR [\fB\-f\fR \fIfull\-name\fR] [\fB\-o\fR \fIoffice\fR] [\fB\-p\fR \fIoffice\-phone\fR]
+[\ \-h\ home\-phone\ ] [\ \-u\ ] [\ \-v\ ] [\ username\ ]
+.SH DESCRIPTION
+.B chfn
+ëª…ë ¹ì€ ì‚¬ìš©ìžì˜ finger 정보를 바꾼다. ì´ê²ƒì€
+.I /etc/passwd
+파ì¼ì˜ 정보를 바꾼다.
+.B finger
+ëª…ë ¹ì´ ì‚¬ìš©ë  ë•Œ 바로 ì´ íŒŒì¼ì„ 참조하기 때문ì´ë‹¤.
+.B finger
+명령ì€
+.B chfn
+명령ì—ì„œ ë°”ë€ ì‹¤ìž¬ì´ë¦„, ì§ìž¥, ì§ìž¥ì „í™”, 집전화번호를 보여준다.
+.SS COMMAND LINE
+아무 옵션 ì—†ì´ ì´ ëª…ë ¹ì„ ì‚¬ìš©í•˜ë©´, ì§ì ‘ 사용ìžì—게 ê°ê°ì˜ 바꿀 정보를
+물어보지만, ì´ ì •ë³´ë“¤ì„ ëª…ë ¹í–‰ì—ì„œ ì§ì ‘ 입력할 ìˆ˜ë„ ìžˆë‹¤.
+.SS INTERACTIVE MODE
+아무 옵션 ì—†ì´ ì´ ëª…ë ¹ì„ ì‚¬ìš©í•˜ë©´, ì§ì ‘ 사용ìžì—게 ê°ê°ì˜ 바꿀 정보를
+물어본다. ì´ë•Œ 정당한 ê°’ì„ ì§€ì •í•´ 주고, ì›ëž˜ì˜ ê°’ì„ ë°”ê¾¸ì§€ 않으려면,
+그냥 Enter 글쇠를 누르면 ëœë‹¤.
+.SH OPTIONS
+.TP
+.I "\-f, \-\-full\-name"
+ì‚¬ìš©ìž ì‹¤ìž¬ ì´ë¦„
+.TP
+.I "\-o, \-\-office"
+ì‚¬ìš©ìž ì§ìž¥
+.TP
+.I "\-p, \-\-office\-phone"
+ì‚¬ìš©ìž ì§ìž¥ 전화번호
+.TP
+.I "\-h, \-\-home\-phone"
+ì‚¬ìš©ìž ì§‘ ì „í™” 번호
+.TP
+.I "\-u, \-\-help"
+ë„움ë§ì„ 보여주고 마친다.
+.TP
+.I "\-v, \-\-version"
+버전 정보를 보여주고 마친다.
+.SH "SEE ALSO"
+.BR finger (1),
+.BR passwd (5)
+.SH AUTHOR
+Salvatore Valente <svalente@mit.edu>
diff --git a/man/ko/man1/chsh.1 b/man/ko/man1/chsh.1
new file mode 100644
index 0000000..6fd5d3f
--- /dev/null
+++ b/man/ko/man1/chsh.1
@@ -0,0 +1,43 @@
+.\" $Id$
+.\" (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\" this program is free software. you can redistribute it and
+.\" modify it under the terms of the gnu general public license.
+.\" there is no warranty.
+.TH CHSH 1 "October 13 1994" "chsh" "Linux Reference Manual"
+.SH NAME
+chsh \- ì‚¬ìš©ìž ë¡œê·¸ì¸ ì‰˜ì„ ë°”ê¾¼ë‹¤.
+.SH SYNOPSIS
+.B chsh
+[\ \-s\ shell\ ] [\ \-l\ ] [\ \-u\ ] [\ \-v\ ] [\ username\ ]
+.SH DESCRIPTION
+.B chsh
+ëª…ë ¹ì€ ì‚¬ìš©ìžê°€ 사용하고 있는 ë¡œê·¸ì¸ ì‰˜ì„ ë°”ê¾¸ëŠ”ë°, 사용ëœë‹¤.
+(ì´ë§ì€ exit ëª…ë ¹ì„ ì‚¬ìš©í–ˆì„ ë•Œ 로그아웃ë˜ëŠ” ì‰˜ì„ ë§í•œë‹¤.)
+명령행ì—ì„œ ì‰˜ì„ ì§€ì •í•˜ì§€ 않으면, 사용ìžì—게 물어본다.
+.SS VALID SHELLS
+.B chsh
+명령ì—서는 절대 경로를 지정하는 ì–´ë– í•œ 실행파ì¼ë„ ì§€ì •ì´ ê°€ëŠ¥í•˜ë‹¤.
+하지만,
+.I /etc/shells
+파ì¼ì—ì„œ 지정ë˜ì–´ 있지 않는 í’€ê·¸ë¦¼ì„ ì‚¬ìš©í•  경우ì—는 경고 메시지를 보여준다.
+.SH OPTIONS
+.TP
+.I "\-s, \-\-shell"
+지정하는 ì‰˜ì„ ì•žìœ¼ë¡œ 사용할 ë¡œê·¸ì¸ ì‰˜ë¡œ 바꾼다.
+.TP
+.I "\-l, \-\-list\-shells"
+.I /etc/shells
+íŒŒì¼ ì•ˆì— ì§€ì •ëœ ì‰˜ì„ ë‚˜ì—´í•˜ê³  마친다.
+.TP
+.I "\-u, \-\-help"
+ë„움ë§ì„ 보여주고 마친다.
+.TP
+.I "\-v, \-\-version"
+버전 정보를 보여주고 마친다.
+.SH "SEE ALSO"
+.BR login (1),
+.BR passwd (5),
+.BR shells (5)
+.SH AUTHOR
+Salvatore Valente <svalente@mit.edu>
diff --git a/man/ko/man1/groups.1 b/man/ko/man1/groups.1
new file mode 100644
index 0000000..d407d3d
--- /dev/null
+++ b/man/ko/man1/groups.1
@@ -0,0 +1,32 @@
+.\"$Id$
+.TH GROUPS 1L "GNU 쉘 유틸리티" "FSF" \" \-*\- nroff \-*\-
+.SH ì´ë¦„
+groups \- 사용ìžê°€ ì†í•œ ê·¸ë£¹ë“¤ì„ ì¶œë ¥í•œë‹¤
+.SH 개요
+.B groups
+[사용ìžëª…...]
+.br
+.B groups
+{\-\-help,\-\-version}
+.SH 설명
+ì´ ë§¨íŽ˜ì´ì§€ëŠ” GNU 버전ì˜
+.BR groups
+를 다룬다.
+.B groups
+는 주어진 ê°
+.IR username
+ë˜ëŠ” 프로세스
+ê°€ ì†í•œ 추가 ê·¸ë£¹ì˜ ì´ë¦„ì„ ì¶œë ¥í•´ì¤€ë‹¤.
+만약 사용ìžëª…ì´ ì£¼ì–´ì¡Œë‹¤ë©´ ê° ì‚¬ìš©ìžëª…ì´ ì†Œì†ëœ 그룹 ëª©ë¡ ì•žì— í‘œì‹œëœë‹¤.
+.PP
+그룹 목ë¡ì€ `id \-Gn'ì˜ ê²°ê³¼ì™€ 같다.
+.SS 옵션
+GNU
+.B groups
+ê°€ 단 í•œ ê°œì˜ ì¸ìˆ˜ë¥¼ 가지고 실행ë˜ë©´ ë‹¤ìŒ ì˜µì…˜ë“¤ì„ ì¸ì‹í•œë‹¤:
+.TP
+.I "\-\-help"
+표준출력으로 ì‚¬ìš©ë²•ì„ ì¶œë ¥í•˜ê³  ì •ìƒì ìœ¼ë¡œ 종료한다.
+.TP
+.I "\-\-version"
+표준출력으로 버전정보를 출력하고 ì •ìƒì ìœ¼ë¡œ 종료한다.
diff --git a/man/ko/man1/id.1 b/man/ko/man1/id.1
new file mode 100644
index 0000000..a48aa26
--- /dev/null
+++ b/man/ko/man1/id.1
@@ -0,0 +1,52 @@
+.TH ID 1L "GNU 쉘 유틸리티" "FSF" \" \-*\- nroff \-*\-
+.SH ì´ë¦„
+id \- 실제, 유효 UID와 GID를 출력한다.
+.SH 개요
+.B id
+[\-gnruG] [\-\-group] [\-\-name] [\-\-real] [\-\-user] [\-\-groups]
+[\-\-help] [\-\-version] [username]
+.SH 설명
+ì´ ë§¨íŽ˜ì´ì§€ëŠ” GNU 버전ì˜
+.BR id
+를 다룬다.
+.B id
+는 주어진 사용ìž, ë˜ëŠ” 사용ìžê°€ 주어지지 않는 경우 í”„ë¡œì„¸ìŠ¤ì˜ ì£¼ì¸ì— 대한
+정보를 출력한다. 기본ì ìœ¼ë¡œ 실제 ì‚¬ìš©ìž ID, 실제 그룹 ID, 만약 실제 사용ìž
+ID와 다르다면 유효 ì‚¬ìš©ìž ID를, 마찬가지로 실제 그룹 ID와 다르다면 유효 그룹
+ID를 출력하고 추가 그룹 ID를 출력한다. ê° í•­ëª©ì€ ì‹ë³„ ë¬¸ìž ê·¸ë¦¬ê³  괄호 안ì—
+해당하는 ì‚¬ìš©ìž ë˜ëŠ” 그룹명으로 표현ëœë‹¤.
+.PP
+.B id
+ì— ì˜µì…˜ì„ ì£¼ë©´ 위ì—ì„œ ì—´ê±°í•œ ì •ë³´ì˜ ì¼ë¶€ë§Œ 보여준다.
+.SS 옵션
+.TP
+.I "\-g, \-\-group"
+오로지 그룹 ID만 출력한다.
+.TP
+.I "\-G, \-\-groups"
+추가 그룹만 출력한다.
+.TP
+.I "\-\-help"
+표준출력으로 ì‚¬ìš©ë²•ì„ ì¶œë ¥í•˜ê³  ì •ìƒì ìœ¼ë¡œ 종료한다.
+.TP
+.I "\-n, \-\-name"
+ID 번호 대신 사용ìžëª…, ê·¸ë£¹ëª…ì„ ì¶œë ¥í•œë‹¤.
+.IR \-u ,
+.IR \-g ,
+ë˜ëŠ”
+.IR \-G
+를 필요로 한다.
+.TP
+.I "\-r, \-\-real"
+유효 사용ìž, 유효 그룹 IDê°€ ì•„ë‹ˆë¼ ì‹¤ì œ ID 를 출력한다.
+.IR \-u ,
+.IR \-g ,
+ë˜ëŠ”
+.IR \-G
+를 필요로 한다.
+.TP
+.I "\-u, \-\-user"
+오로지 ì‚¬ìš©ìž ID 만 출력한다.
+.TP
+.I "\-\-version"
+표준출력으로 버전정보를 출력하고 ì •ìƒì ìœ¼ë¡œ 종료한다.
diff --git a/man/ko/man1/login.1 b/man/ko/man1/login.1
new file mode 100644
index 0000000..4533beb
--- /dev/null
+++ b/man/ko/man1/login.1
@@ -0,0 +1,300 @@
+.\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu)
+.\" May be distributed under the GNU General Public License
+.TH LOGIN 1 "1 February 1993" "Linux 0.99" "Linux Programmer's Manual"
+.SH ì´ë¦„
+login \- 시스템 ì ‘ì†
+.SH 사용법
+.BR "login [ " ì´ë¦„ " ]"
+.br
+.B "login \-p"
+.br
+.BR "login \-h " 호스트ì´ë¦„
+.br
+.BR "login \-f " ì´ë¦„
+.SH 설명
+.B login
+í’€ê·¸ë¦¼ì€ í•œ ì‹œìŠ¤í…œì— ì ‘ì†ì²˜ë¦¬ë¥¼ 하는 풀그림ì´ë‹¤.
+ë˜í•œ 현재 ì ‘ì† ì¤‘ì—ì„œë„ í•œ 사용ìžì—ì„œ 다른 사용ìžë¡œ ë°”ê¾¸ê³ ìž í•  ë•Œë„
+ì‚¬ìš©ë  ìˆ˜ 있다. (한편, ëŒ€ë¶€ë¶„ì˜ ìš”ì¦˜ 만들어진 ì‰˜ì€ ê·¸ 쉘 내부ì ìœ¼ë¡œ
+ì´ëŸ¬í•œ ê¸°ëŠ¥ì„ ì œê³µí•˜ê³  ìžˆê¸°ë„ í•˜ë‹¤.)
+
+아무 옵션 ì—†ì´ ì‚¬ìš©í•˜ë©´,
+ì‚¬ìš©ìž ê³„ì •ì„ ë¬¼ì–´ë³´ëŠ” 프롬프트가 나타난다.
+
+ì´ë•Œ ìž…ë ¥ë˜ëŠ” ê³„ì •ì´ rootê°€ 아니고,
+.I /etc/nologin
+파ì¼ì´ 있으면 ê·¸ 파ì¼ì•ˆì— ë‚´ìš©ì´ ë³´ì—¬ì§€ê³ 
+ì´ í’€ê·¸ë¦¼ì€ ì¢…ë£Œëœë‹¤. ì´ê²ƒì€ 시스템 검사나 기타 ì‚¬ì •ìƒ ì¼ë°˜ 사용ìž
+ì ‘ì†ì„ 하지 못하ë„ë¡ í• ë•Œ 사용ëœë‹¤.
+
+.IR /etc/usertty
+파ì¼ì—ì„œ 특정 사용ìžì˜ ë¡œê·¸ì¸ í—ˆìš©ê³¼ 거부가 지정ë˜ì–´ ìžˆì„ ë•Œ,
+ë§Œì¼ ê·¸ 사용ìžê°€ ì ‘ì†í•˜ê³ ìž í•  때는 ê·¸ì— ë”°ë¥¸ ì ‘ì†ì²˜ë¦¬ë¥¼ 한다.
+ì´ë•Œ, ì ‘ì†ê±°ë¶€ë˜ë©´ 로그ì¸ì€ ë나고
+.B syslog
+ëª…ë ¹ì´ ìž‘ë™ë˜ì–´ ê·¸ ìƒí™©ì„ 기ë¡í•œë‹¤.
+ìžì„¸í•œ ì´ì•¼ê¸°ëŠ” 아래 "특별 ì ‘ê·¼ 거부" 부분ì—ì„œ 다룬다.
+
+
+.IR /etc/securetty
+파ì¼ì—서는 rootë¡œ ì ‘ì†í•  수 있는 í„°ë¯¸ë‚ ë“¤ì´ ë‚˜ì—´ë˜ì–´ 있다.
+ì´ë•Œ ì ‘ì† ì‹¤íŒ¨ê°€ ì¼ì–´ë‚˜ë©´
+.B syslog
+ëª…ë ¹ì´ ìž‘ë™ë˜ì–´ ê·¸ ìƒí™©ì„ 기ë¡í•œë‹¤.
+
+ì‚¬ìš©ìž ê³„ì •ì˜ í™•ì¸ ì ˆì°¨ê°€ ë나면, 비밀번호를 물어보는 프롬프트가
+나타난다. (ê·¸ 사용ìžì˜ 계정ì—ì„œ 비밀번호가 필요하면 나타난다.)
+ì´ë•Œ, 10번ë™ì•ˆ 비밀번호를 틀리게 입력하면 loginì€ ì¢…ë£Œëœë‹¤.
+그런ë°, ì²˜ìŒ ì„¸ë²ˆì€ ë°”ë¡œ 다시 물어보지만, 다ìŒë¶€í„°ëŠ” 매우 ëŠë¦¬ê²Œ
+반복ëœë‹¤. (ë¡œê·¸ì¸ ê³¼ì •ì´)
+물론 ì´ ê³¼ì •ë“¤ë„
+.B syslog
+ëª…ë ¹ì— ì˜í•´ ê·¸ ìƒí™©ì´ 기ë¡ëœë‹¤.
+
+.I .hushlogin
+íŒŒì¼ $HOME ê²½ë¡œì•ˆì— ìžˆìœ¼ë©´, 새로 ë„ì°©í•œ 편지가 ìžˆì„ ë•Œ 보여주는
+메시지와 마지막 로그ì¸í•œ ì‹œê°„ì„ ì•Œë¦¬ëŠ” 메시지를 보여주지 않는다.
+ì´ íŒŒì¼ì´ 없고,
+.I /var/log/lastlog
+파ì¼ì´ 있으면, ê·¸ 파ì¼ì—ì„œ 마지막 ë¡œê·¸ì¸ ì‹œê°„ì„ ì½ì–´ 보여주고,
+ê·¸ 파ì¼ì—, 현재 로그ì¸ì„ 기ë¡í•œë‹¤.
+
+ë¡œê·¸ì¸ ê³„ì •, 비밀번호 확ì¸ì² ìžê°€ ë나면,
+다ìŒì€ í„°ë¯¸ë‚ ì˜ UID, GID ì„¤ì •ê°™ì€ ê´€ë¦¬ìž‘ì—…ë“¤ì„ ë¬´ìž‘ìœ„ë¡œ
+수행한다. TERM 환경변수가 사용ë˜ê³  있으면, ì´ í™˜ê²½ë³€ìˆ˜ë¥¼ 지정하고,
+(
+.B \-p
+ì˜µì…˜ì´ ì‚¬ìš©ë˜ë©´ 다른 환경변수가 지정ëœë‹¤)
+HOME, PATH, SHELL, TERM, MAIL, LOGNAME í™˜ê²½ë³€ìˆ˜ë“¤ì„ ì§€ì •í•œë‹¤.
+ì¼ë°˜ 사용ìžë¼ë©´ 경로를 초기값으로 아래와 ê°™ì´ ì§€ì •í•˜ê³ ,
+.br
+.I /usr/local/bin:/bin:/usr/bin:.
+rootë¼ë©´ 초기값으로 아래와 ê°™ì´ ì§€ì •í•œë‹¤.
+.br
+.I /sbin:/bin:/usr/sbin:/usr/bin
+.br
+마지막으로 "ì¡°ìš©í•œ" 로그ì¸ì´ 아니ë¼ë©´, ê·¸ë‚ ì˜ ë©”ì‹œì§€ë¥¼ 출력하고,
+.I /usr/spool/mail
+ê²½ë¡œì•ˆì— ê·¸ ì‚¬ìš©ìž ì´ë¦„으로 ëœ íŒŒì¼ì˜ í¬ê¸°ê°€ 0ì´ ì•„ë‹Œì§€ 확ì¸í•´ì„œ
+0ì´ ì•„ë‹ˆë©´, 편지가 있다고 알려준다.
+
+ë‹¤ìŒ ì‚¬ìš©ìž ì‰˜ì„ ì§€ì •í•˜ëŠ”ë°,
+.BR /etc/passwd
+파ì¼ì—ì„œ ê·¸ 사용ìžì˜ ì‰˜ì´ ì§€ì •ë˜ì–´ 있지 않으면,
+.B /bin/sh
+ì‰˜ì„ ì‚¬ìš©í•œë‹¤.
+ë˜í•œ,
+.IR /etc/passwd
+파ì¼ì—ì„œ 홈 경로가 지정ë˜ì–´ 있지 않으며,
+.I /
+경로로 로그ì¸ëœë‹¤.(홈 경로는 위ì—ì„œ 설명한
+.I .hushlogin
+파ì¼ì´ 있는지 확ì¸í•  ë•Œ 검사ëœë‹¤.)
+.SH 옵션
+.TP
+.B \-p
+.B login
+실행할 ë•Œ ì´ì „ í™˜ê²½ë“¤ì„ ê·¸ëŒ€ë¡œ 사용하ë„ë¡
+.BR getty (8)
+ëª…ë ¹ì— ì˜í•´ 사용ëœë‹¤.
+.TP
+.B \-f
+ë‘번째 로그ì¸ì¼ 경우ì—는 ê·¸ ì¸ì¦(계정확ì¸ì ˆì°¨)ì„ í†µê³¼í•œë‹¤.
+root ê³„ì •ì¼ ê²½ìš°ì—는 ìž‘ë™ë˜ì§€ 않으며, 리눅스ì—서는 바르게
+ìž‘ë™ë˜ì§€ ì•Šì„ ìˆ˜ë„ ìžˆë‹¤.
+.TP
+.B \-h
+리모트 호스트 로그ì¸ì‹œ(가령, telnetd(8) 사용) 계정 ìž…ë ¥ì„ í†µê³¼í•œë‹¤.
+물론 utmp, wtmp 기ë¡ì€ 있다. ì´ ì˜µì…˜ì€ ë‹¨ì§€ rootë§Œì´ ì‚¬ìš©í•  수 있다.
+
+.SH "특별 접근 거부"
+.I /etc/securetty
+파ì¼ì—는 rootê°€ ì ‘ì† í•  수 í„°ë¯¸ë‚ ì´ ë‚˜ì—´ë˜ì–´ 있다.
+ì´ í„°ë¯¸ë‚  ì´ë¦„ì€ /dev/ 글ìžë¥¼ ìƒëžµí•œ 터미날 ì´ë¦„만ì´ë‹¤.
+ì´ íŒŒì¼ì´ 없다면 root는 모든 터미날ì—ì„œ ì ‘ì†ì´ 가능하다.
+.PP
+.I /etc/usertty
+파ì¼ì—는 특정 사용ìžì˜ ì ‘ì†ì— 대한 특별한 설정 ë‚´ìš©ì´ ìžˆë‹¤.
+ì´ íŒŒì¼ì´ 없다면, ì–´ë– í•œ 특정 사용ìžì˜ ì ‘ì† ê±°ë¶€ê°™ì€ ì—†ë‹¤.
+ì´ íŒŒì¼ì˜ 세부분으로 구성ë˜ì–´ 있는ë°, ê°ê° ê·¸ ë¶€ë¶„ë“¤ì˜ ì´ë¦„ì€
+CLASSES, GROUPS, USERS ì´ë‹¤. CLASSES 부분ì—서는 í„°ë¯¸ë‚ ì˜ í´ëž˜ìŠ¤ì™€
+호스트ì´ë¦„ íŒ¨í„´ì´ ì •ì˜ë˜ê³ , GROUPS 부분ì—서는 그룹 ë‹¨ìœ„ì˜ í—ˆë½ë˜ëŠ”
+터미날과 호스트가 ì •ì˜ë˜ê³ , USERS 부분ì—서는 ì‚¬ìš©ìž ë‹¨ìœ„ì˜ í—ˆë½ë˜ëŠ”
+터미날과 호스트가 ì •ì˜ëœë‹¤.
+.PP
+ì´ íŒŒì¼ì˜ ê° ì¤„ì€ 255 문ìžë¥¼ ë„˜ì„ ìˆ˜ 없으며,
+# 문ìžë¡œ 시작하는 ê·¸ 줄 전체는 주ì„으로 처리ëœë‹¤.
+.PP
+.SS "CLASSES 섹션"
+CLASSES ì„¹ì…˜ì€ ëŒ€ë¬¸ìžë¡œ 첫칸부터 CLASSESë¼ê³  씀으로 ì •ì˜ëœë‹¤.
+ì´ ë¶€ë¶„ì€ ë‹¤ìŒ ì„¹ì…˜ì´ ì •ì˜ë˜ê¸° 전까지 모든 ë¶€ë¶„ì´ í¬í•¨ëœë‹¤.
+ê° ë‹¨ì–´ì˜ êµ¬ë¶„ì€ ê³µë°±ë¬¸ìžë‚˜ 탭문ìžë¡œ 한다.
+ê° ì¤„ì—는 터미날과 호스트 íŒ¨í„´ì˜ í´ëž˜ìŠ¤ê°€ ì •ì˜ëœë‹¤.
+.PP
+ê° ì¤„ì˜ ì²˜ìŒì€ 관리ìžê°€ ì •ì˜í•˜ëŠ” í´ëž˜ìŠ¤ ì´ë¦„ì´ ì˜¤ê³ ,
+ê·¸ 다ìŒì—는 ê·¸ í´ëž˜ìŠ¤ì—ì„œ 사용하는 터미날과 호스트 íŒ¨í„´ì´ ì˜¨ë‹¤.
+ì´ í´ëž˜ìŠ¤ ì´ë¦„ì€ ë‹¤ìŒì— 오는 GROUPS, USERS 섹션ì—ì„œ ì‚¬ìš©ë  ìˆ˜ 있다.
+.PP
+CLASSES 섹션 예제:
+.PP
+.nf
+.in +.5
+CLASSES
+myclass1 tty1 tty2
+myclass2 tty3 @.foo.com
+.in -.5
+.fi
+.PP
+윗 예제는
+.I myclass1
+ê³¼
+.I myclass2
+í´ëž˜ìŠ¤ë¥¼ 오른쪽 부분과 ê°™ì´ ì •ì˜í•œ 것ì´ë‹¤.
+.PP
+.SS "GROUPS 섹션"
+GROUPS 섹션ì—서는 유닉스 그룹 ë‹¨ìœ„ì˜ í—ˆë½ë˜ëŠ” 터미날과 호스트가 ì •ì˜ëœë‹¤.
+ì ‘ì†í•˜ëŠ” 사용ìžì˜ 그룹ì´(ì´ê²ƒì€
+.I /etc/passwd
+파ì¼ê³¼
+.I /etc/group
+파ì¼ì—ì„œ 확ì¸ë¨)ì´
+.I /etc/usertty
+파ì¼ì˜ GROUPS 섹션 부분ì—ì„œ ì •ì˜ëœ 그룹ì´ë¼ë©´, ê·¸ì— í•´ë‹¹ë˜ëŠ”
+터미날과 호스트ì—만 ì ‘ì†ì´ 가능해 진다.
+.PP
+GROUPS ì„¹ì…˜ì€ ì²«ì¹¸ì— ëŒ€ë¬¸ìžë¡œ GROUPS ì´ë¼ê³  씀으로 ì •ì˜ê°€ 시작ë˜ê³ ,
+다ìŒì„¹ì…˜ì˜ ì •ì˜ê°€ 나타나기 전까지 ì´ ì„¹ì…˜ìœ¼ë¡œ 가정한다.
+ê° ë‹¨ì–´ì˜ êµ¬ë¶„ì€ ê³µë°±ë¬¸ìžë‚˜ 탭문ìžë¡œ 하며,
+ê° ì¤„ì˜ ì²˜ìŒì—는 ê·¸ë£¹ì´ ì˜¤ê³  다ìŒì—는 ê·¸ 그룹ì—ì„œ 접근할 수 있는
+터미날과 호스트가 온다. ë˜í•œ í—ˆë½ë˜ëŠ” 터미날과 호스트 부분ì—ì„œ
+ì•ž CLASSES 섹션ì—ì„œ ì •ì˜í•œ í´ëž˜ìŠ¤ ì´ë¦„ì´ ì‚¬ìš©ë  ìˆ˜ë„ ìžˆë‹¤.
+.PP
+GROUPS ì„¹ì…˜ì˜ ì˜ˆì œ:
+.PP
+.nf
+.in +0.5
+GROUPS
+sys tty1 @.bar.edu
+stud myclass1 tty4
+.in -0.5
+.fi
+.PP
+윗 예제는
+.I sys
+ê·¸ë£¹ì˜ ì‚¬ìš©ìžëŠ” bar.edu ë„ë©”ì¸ì„ 가진 호스트ì—ì„œ, tty1로만
+ì ‘ì†ì´ 가능하다.
+.I stud
+ê·¸ë£¹ì˜ ì‚¬ìš©ìžëŠ” myclass1 í´ëž˜ìŠ¤ ë˜ëŠ” tty4로만 ì ‘ì†ì´ 가능하다.
+.PP
+
+.SS "USERS 섹션"
+USERS ì„¹ì…˜ì€ ì²«ì¹¸ì— USERS ë¼ê³  대문ìžë¡œ 씀으로 ì •ì˜ëœë‹¤.
+ê° ë‹¨ì–´ì˜ êµ¬ë¶„ì€ ê³µë°±ë¬¸ìžì™€ 탭문ìžë¡œ 하며,
+첫칸ì—는 ì‚¬ìš©ìž ê³„ì •, 다ìŒì—는 ê·¸ 계정 사용ìžê°€ ì ‘ì† í•  수 있는
+터미날과 ê·¸ 사용ìžê°€ ì ‘ì† ì‹œë„하는 호스트가 ì •ì˜ëœë‹¤.
+물론 터미날과 호스트 ì •ì˜ë¶€ë¶„ì—ì„œ ì•ž CLASSES 섹션ì—ì„œ ì •ì˜í•œ í´ëž˜ìŠ¤ê°€
+ì‚¬ìš©ë  ìˆ˜ë„ ìžˆë‹¤.
+.PP
+USERS 섹션 예제:
+.PP
+.nf
+.in +0.5
+USERS
+zacho tty1 @130.225.16.0/255.255.255.0
+blue tty3 myclass2
+.in -0.5
+.fi
+.PP
+윗 예제는 zacho 계정 사용ìžëŠ” IP 주소가 130.225.16.0 부터 130.225.16.255
+범위 ì•ˆì˜ í˜¸ìŠ¤íŠ¸ì—ì„œ ì´ ì»´ì˜ tty1ë¡œ ì ‘ì† í•˜ê³ ìž í•  때만 ì ‘ì†ì„ í•  수 있다.
+blue 계정 사용ìžëŠ” myclass2ì—ì„œ ì •ì˜ëœ 환경과 tty3으로만 ì ‘ì†í•  수 있다.
+.PP
+USERS 섹션안ì—ì„œ ì‚¬ìš©ìž ê³„ì • ë¶€ë¶„ì— * 문ìžê°€ 올 ìˆ˜ë„ ìžˆë‹¤.
+ì´ê²ƒì€ 초기값 지정ì´ë©°, 모든 사용ìžì—게 ì ìš©ëœë‹¤.
+.PP
+ì ‘ì†í•˜ê³ ìž 하는 사용ìžì˜ 계정과 ê·¸ë£¹ì´ USERS, GROUPS 섹션 ë‘ ë¶€ë¶„ì—ì„œ 모ë‘
+ì ìš©ë˜ë©´ ê° ì„¹ì…˜ì—ì„œ ì •ì˜ëœ 모든 터미날/호스트가 ì ìš©ëœë‹¤.
+
+.SS Origins
+터미날과 호스트 ì •ì˜ ë¶€ë¶„ì—는 í´ëž˜ìŠ¤, originì´ë¼ê³  부르는
+ì¼êµ°ì˜ 문ìžì—´ì´ 사용ëœë‹¤. ì´ origin 문ìžì—´ì€ 다ìŒê³¼ ê°™ì€ í˜•ì‹ì„ 취한다.
+.IP o
+í„°ë¯¸ë‚ ì˜ ì´ë¦„ì—는 /dev/ ë¶€ë¶„ì´ ë¹ ì§„ë‹¤. 즉, tty1, ttyS0 형ì‹ìœ¼ë¡œ 사용ëœë‹¤.
+.PP
+.IP o
+@localhost 문ìžì—´ì€ 로칼 호스트ì—ì„œ telnet/rlogin으로 ì ‘ì†í•˜ëŠ” 사용ìžë¥¼
+ì˜ë¯¸í•œë‹¤. 즉 `xterm \-e /bin/login' ëª…ë ¹ê°™ì€ ê²ƒì´ ì‹¤í–‰ëœë‹¤ëŠ” ê²ƒì„ ì˜ë¯¸í•œë‹¤.
+.PP
+.IP o
+@.some.dom 문ìžì—´ì€ 리모트 호스트 ì ‘ì†ì‹œ ê·¸ 사용ìžê°€ rlogin/telnet으로
+ë„ë©”ì¸ì´ .some.domë¡œ ë나는 호스트ì—서만 ì ‘ì†í•  수 있다는 ê²ƒì„ ì˜ë¯¸í•œë‹¤.
+.PP
+.IP o
+IP ì£¼ì†Œì˜ ì˜ì—­ì€ @x.x.x.x/y.y.y.y ì´ëŸ° ì‹ìœ¼ë¡œ ì •ì˜í•˜ëŠ”ë°,
+ì´ê²ƒì€ x.x.x.x ì—ì„œ y.y.y.y ë²”ìœ„ì˜ IP 주소를 가진 호스트ì—서만
+ì ‘ì†ì´ 가능하다. 예를 들어, @130.225.16.0/255.255.254.0
+으로 ì •ì˜í•˜ë©´, IPì˜ ë²”ìœ„ê°€ 130.225.16.0 \- 130.225.17.255ì¸
+호스트ì—서만 ì ‘ì†ì´ 가능하다.
+.PP
+기타 origin ì—ì„œ 사용ë˜ëŠ” 문ìžì—´ë¡œ ì‹œê°„ì„ ì •í• ìˆ˜ 있는ë°,
+ê·¸ 형ì‹ì€ 다ìŒê³¼ 같다.
+.PP
+.nf
+timespec ::= '[' <day\-or\-hour> [':' <day\-or\-hour>]* ']'
+day ::= 'mon' | 'tue' | 'wed' | 'thu' | 'fri' | 'sat' | 'sun'
+hour ::= '0' | '1' | ... | '23'
+hourspec ::= <hour> | <hour> '\-' <hour>
+day\-or\-hour ::= <day> | <hourspec>
+.fi
+.PP
+예를 들어, [mon:tue:wed:thu:fri:8\-17]tty3 문ìžì—´ì€
+월요ì¼ë¶€í„° 금요ì¼ê¹Œì§€, 오전 8ì‹œ 00분부터 오후 5ì‹œ 59분까지만
+tty3으로 ì ‘ì†í•  수 있ìŒì„ ì˜ë¯¸í•œë‹¤. 시간 지정ì—서는 단지,
+a\-b ì‹ìœ¼ë¡œ ì •ì˜ë˜ë©´ aì‹œ 00분 부터 bì‹œ 59분까지를 ì˜ë¯¸í•˜ë©°,
+단지 ë‹¨ì¼ ìˆ«ìžë§Œ 있으면(가령 10) ê·¸ 시간만(10ì‹œ 00분부터 10ì‹œ 59분까지)ì„
+ì˜ë¯¸í•œë‹¤.
+.PP
+ì‹œê°„ë¶€ë¶„ì˜ ì„¤ì •ì´ ì§€ì •ë˜ì§€ 않으면 ì–´ë– í•œ 시간ì—ë„ ì ‘ì†ì´ 가능하다.
+ê° ìš”ì¼ë³„ë¡œ ê·¸ ì‹œê°„ì„ ë”°ë¡œ 정하고 싶으면 ê° ìš”ì¼ ì •ì˜ë‹¤ìŒì— 시간ì„
+ê°ê° ë”°ë¡œ ì •ì˜ í•  ìˆ˜ë„ ìžˆë‹¤.
+시간지정ì—서는 공백문ìžë¥¼ 사용할 수 없다.
+.PP
+만약
+.I /etc/usertty
+파ì¼ì—ì„œ ê° ì •ì˜ë“¤ì´ 바르지 못하게 ì •ì˜ëœë‹¤ë©´,
+모든 사용ìžì˜ 특별 ì ‘ì† ê±°ë¶€ ê°™ì€ ê²ƒì€ ì—†ë‹¤.
+.PP
+.SH "관련 파ì¼"
+.nf
+\fI/var/run/utmp\fR
+\fI/var/log/wtmp\fR
+\fI/var/log/lastlog\fR
+\fI/etc/motd\fR
+\fI/etc/passwd\fR
+\fI/etc/nologin\fR
+\fI/etc/usertty\fR
+\fI$HOME/.hushlogin\fR
+.fi
+.SH "관련 항목"
+.BR init (8),
+.BR getty (8),
+.BR mail (1),
+.BR passwd (1),
+.BR passwd (5),
+.BR environ (7),
+.BR shutdown (8)
+.SH 벌레
+리눅스ì—서는 다른 옛날 ìš´ì˜ì²´ì œì™€ 달리 í•œ 사용ìžì˜ 중복 로그ì¸ì„
+제한하지 않는다.
+
+설명ë˜ì§€ ì•Šì€ BSDì˜
+.B \-r
+ì˜µì…˜ì€ ì§€ì›ë˜ì§€ 않는다.
+ì´ ì˜µì…˜ì€
+어떠한
+.BR rlogind (8)
+풀그림ì—ì„œ 필요할 ì§€ë„ ëª¨ë¥¸ë‹¤.
+.SH 만든ì´
+Derived from BSD login 5.40 (5/9/89) by Michael Glad (glad@daimi.dk) for HP\-UX
+.br
+Ported to Linux 0.12: Peter Orbaek (poe@daimi.aau.dk)
diff --git a/man/ko/man1/newgrp.1 b/man/ko/man1/newgrp.1
new file mode 100644
index 0000000..31cc482
--- /dev/null
+++ b/man/ko/man1/newgrp.1
@@ -0,0 +1,29 @@
+.\" Original author unknown. This man page is in the public domain.
+.\" Modified Sat Oct 9 17:46:48 1993 by faith@cs.unc.edu
+.TH NEWGRP 1 "9 October 1993" "Linux 1.2" "Linux Programmer's Manual"
+.SH NAME
+newgrp \- ìžì‹ ì´ 소ì†ëœ ê·¸ë£¹ì„ ìƒˆ 그룹으로 바꾼다.
+.SH SYNOPSIS
+.BI "newgrp [ " group " ]"
+.SH DESCRIPTION
+.B Newgrp
+명령ì€
+changes the group identification of its caller, analogously to
+.BR login (1).
+명령으로 ë¡œê·¸ì¸ í•  ë•Œ ì‹ë³„ë˜ëŠ” ê·¸ë£¹ì„ ë°”ê¾¼ë‹¤.
+\fIgroup\fR으로 ì‚¬ìš©ë  ìˆ˜ 있는 ê°’ì€ /etc/group 파ì¼ì•ˆì—
+있는 ê·¸ë£¹ì˜ ì´ë¦„ì´ë‚˜, GID ê°’ì´ì—¬ì•¼ 하며,
+명령행 ì¸ìžì—ì„œ ì´ ê°’ì„ íŠ¹ë³„ížˆ 지정하지 않으면, 현재 ìžì‹ ì˜
+그룹으로 바꾼다.
+.LP
+.SH FILES
+.I /etc/group
+.br
+.I /etc/passwd
+
+.SH "SEE ALSO"
+.BR login "(1), " group (5)
+
+.SH AUTHOR
+Originally by Michael Haardt. Currently maintained by
+Peter Orbaek (poe@daimi.aau.dk).
diff --git a/man/ko/man1/su.1 b/man/ko/man1/su.1
new file mode 100644
index 0000000..e509c70
--- /dev/null
+++ b/man/ko/man1/su.1
@@ -0,0 +1,92 @@
+.TH SU 1 "GNU 쉘 유틸리티" "FSF" \" \-*\- nroff \-*\-
+.SH ì´ë¦„
+su \- 사용ìžì™€ 그룹 ID 를 êµì²´í•˜ì—¬ ì‰˜ì„ ì‹¤í–‰í•œë‹¤
+.SH 개요
+.B su
+[\-flmp] [\-c 명령] [\-s 쉘] [\-\-login] [\-\-fast]
+[\-\-preserve\-environment] [\-\-command=명령] [\-\-shell=쉘] [\-]
+[\-\-help] [\-\-version] [ì‚¬ìš©ìž [ì¸ìˆ˜...]]
+.SH 설명
+ì´ ë§¨íŽ˜ì´ì§€ëŠ” GNU 버전ì˜
+.BR su
+를 설명한다.
+.B su
+는 í•œ 사용ìžê°€ ìž ì‹œ 다른 사용ìžê°€ ë  ìˆ˜ 있ë„ë¡ í•´ì¤€ë‹¤.
+실제 ì‚¬ìš©ìž ID, 그룹 ID, USERì˜ ë³´ì¶©ì ì¸ 그룹으로 ì‰˜ì„ ì‹¤í–‰í•œë‹¤.
+USERê°€ 주어지지 않으면 기본ì ìœ¼ë¡œ 수í¼ìœ ì €ì¸ root ë¡œ 설정ëœë‹¤.
+실행ë˜ëŠ” ì‰˜ì€ USERì˜ íŒ¨ìŠ¤ì›Œë“œ 목ë¡ì—ì„œ 찾아오거나 없으면 /bin/sh 를 수행한다.
+만약 USERì— íŒ¨ìŠ¤ì›Œë“œê°€ 있다면
+.B su
+는 실제 ì‚¬ìš©ìž ID 0 (수í¼ìœ ì €)ê°€ ì•„ë‹Œ í•œ 패스워드를 물어온다.
+.PP
+기본ì ìœ¼ë¡œ,
+.B su
+는 현재 디렉토리를 변경하지 않는다. USER ì˜ íŒ¨ìŠ¤ì›Œë“œ 항목으로부터 `HOME',
+`SHELL' ë“±ì˜ ë³€ìˆ˜ë¥¼ 설정하고 만약 수í¼ìœ ì €ê°€ 아니ë¼ë©´ `USER'와 `LOGNAME'ì„
+USERë¡œ 설정한다. 기본ì ìœ¼ë¡œ ì´ ì‰˜ì€ ë¡œê·¸ì¸ ì‰˜ì´ ì•„ë‹ˆë‹¤.
+.PP
+만약 í•œ ê°œ ì´ìƒì˜ ì¸ìˆ˜ê°€ 주어지면 ì‰˜ì— ëŒ€í•œ ì¸ìˆ˜ë¡œ 전달ëœë‹¤.
+.PP
+.B su
+는 /bin/sh나 다른 ì‰˜ì„ íŠ¹ë³„ížˆ 다루지는 않는다.
+(argv[0]를 "\-su"로 하고 \-c 를 특정 쉘로 지정하지 않는 한... )
+.PP
+syslog를 가지고 있는 시스템ì—서는,
+.B su
+ê°€ 실패하는 경우 보고를 하ë„ë¡, 그리고 ì„±ê³µì˜ ê²½ìš°ì—는 ì„ íƒì ìœ¼ë¡œ 보고하ë„ë¡
+컴파ì¼í•˜ë©´
+.B su
+가 syslog를 사용한다.
+.SS 옵션
+.TP
+.I "\-c COMMAND, \-\-command=COMMAND"
+대화형 ì‰˜ì„ ì‹œìž‘í•˜ì§€ ì•Šê³ 
+.I \-c
+ì˜µì…˜ì„ ì‰˜ì— ì£¼ì–´ì„œ í•œ ê°œì˜ ëª…ë ¹ë§Œì„ ìˆ˜í–‰í•˜ë„ë¡ í•œë‹¤.
+.TP
+.I "\-f, \-\-fast"
+쉘ì—
+.I \-f
+ì˜µì…˜ì„ ì „ë‹¬í•œë‹¤.
+.B csh
+와
+.BR tcsh
+ì—만 해당ë˜ëŠ” 것으로서,
+.I \-f
+ì˜µì…˜ì€ ì‹œìž‘ í™”ì¼(.cshrc)를 ì½ì§€ ì•Šë„ë¡ í•œë‹¤. ë³¸ì‰˜ì˜ ê²½ìš°,
+.I \-f
+ì˜µì…˜ì€ í™”ì¼ íŒ¨í„´ í™•ìž¥ì„ ë¶ˆëŠ¥ìœ¼ë¡œ 설정하는 것으로서 ì¼ë°˜ì ìœ¼ë¡œ 그렇게 하지
+않는다.
+.TP
+.I "\-\-help"
+표준출력으로 ì‚¬ìš©ë²•ì„ ì¶œë ¥í•˜ê³  ì •ìƒì ìœ¼ë¡œ 종료한다.
+.TP
+.I "\-, \-l, \-\-login"
+ì‰˜ì„ ë¡œê·¸ì¸ ì‰˜ë¡œ 만든다. ê·¸ ì˜ë¯¸ëŠ” 다ìŒê³¼ 같다. `TERM', `HOME', `SHELL'
+(위ì—ì„œ 설명) 그리고 `USER', `LOGNAME'(위ì—ì„œ 설명하였듯 수í¼ìœ ì €ë¼ í•  지ë¼ë„
+설정ëœë‹¤)ì„ ì œì™¸í•˜ê³  나머지 환경 변수를 제거한다. 그리고 `PATH'를 ì»´íŒŒì¼ ê¸°ë³¸
+설정값으로 설정한다. USERì˜ í™ˆ 디렉토리로 ì´ë™í•œë‹¤. 쉘 ì´ë¦„ì— "\-" 를 추가하여
+ë¡œê·¸ì¸ ìŠ¤í¬ë¦½íŠ¸ í™”ì¼ë“¤ì„ ì½ì„ 수 있게 í•  수 있다.
+.TP
+.I "\-m, \-p, \-\-preserve\-environment"
+`HOME', `USER', `LOGNAME', `SHELL' ë“±ì˜ í™˜ê²½ë³€ìˆ˜ê°’ì„ ë³€ê²½í•˜ì§€ 않는다.
+만약
+.B su
+를 실행하는 사용ìžê°€ 수í¼ìœ ì €ì´ê±°ë‚˜ 사용ìžì˜ ì‰˜ì´ ì œí•œëœ ì‰˜ì¼ ë•ŒëŠ”
+\fI/etc/passwd\fRì— ê¸°ìž¬ëœ USERì˜ ì‰˜ì´ ì•„ë‹ˆë¼ `SHELL' í™˜ê²½ë³€ìˆ˜ì— ì„¤ì •ëœ ì‰˜ì„
+실행한다.
+ì œí•œëœ ì‰˜ì´ëž€ /etc/shellsì— ë“±ë¡ë˜ì–´ 있지 않거나 /etc/shells í™”ì¼ì´ 존재하지
+ì•Šì„ ë•Œ 내장 컴파ì¼ëœ 목ë¡ì— 들어있지 않는 경우를 ë§í•œë‹¤.
+ì´ ì˜µì…˜ì˜ ì¼ë¶€ëŠ” 다ìŒ
+.I \-\-login
+ê³¼
+.IR \-\-shell
+ì˜µì…˜ì— ì˜í•´ ë¬´ì‹œë  ìˆ˜ 있다.
+.TP
+.I "\-s, \-\-shell shell"
+.B su
+를 실행하는 사용ìžê°€ 수í¼ìœ ì €ê°€ 아니거나 사용ìžì˜ ì‰˜ì´ ì œí•œëœ ì‰˜ì¼ ë•ŒëŠ”
+\fI/etc/passwd\fRì— ë“±ë¡ëœ USERì˜ ì‰˜ì„ ìˆ˜í–‰í•˜ì§€ ì•Šê³  지정한 ì‰˜ì„ ìˆ˜í–‰í•œë‹¤.
+.TP
+.I "\-\-version"
+표준출력으로 버전정보를 출력하고 ì •ìƒì ìœ¼ë¡œ 종료한다.
diff --git a/man/ko/man5/passwd.5 b/man/ko/man5/passwd.5
new file mode 100644
index 0000000..52d7f0a
--- /dev/null
+++ b/man/ko/man5/passwd.5
@@ -0,0 +1,119 @@
+.\"$Id$
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.\" Modified Mon Jan 5 20:24:40 MET 1998 by Michael Haardt
+.\" (michael@cantor.informatik.rwth-aachen.de)
+.\"
+.\" 한국어 번역 : ASPLINUX<man@asp-linux.co.kr> 2000ë…„ 7ì›” 29ì¼
+.\"
+.TH PASSWD 5 "January 5, 1998" "" "File formats"
+.SH ì´ë¦„
+passwd \- 패스워드 파ì¼
+.SH 설명
+.B Passwd
+는 í…스트 파ì¼ë¡œì„œ, 시스템 ê³„ì •ì˜ ëª©ë¡ì„ í¬í•¨í•˜ê³  있고, ì‚¬ìš©ìž ID, 그룹
+ID, 홈 디렉토리, 쉘 ë“±ì˜ ê° ê³„ì •ì— ëŒ€í•œ 매우 유용한 정보를 제공한다.
+종종, ê° ê³„ì •ì— ëŒ€í•œ ì•”í˜¸í™”ëœ íŒ¨ìŠ¤ì›Œë“œë¥¼ í¬í•¨í•œë‹¤.
+Passwd는 ì¼ë°˜ì ì¸ ì½ê¸° ê¶Œí•œì„ ê°€ì ¸ì•¼ 하지만, ìˆ˜í¼ ìœ ì €ì—게만 쓰기 ì ‘ê·¼ì´
+가능하다.
+.PP
+예전ì—는 ì¼ë°˜ì ì¸ ì½ê¸° 권한으로ì¸í•œ ë¬¸ì œë“¤ì´ ì—†ì—ˆë‹¤. 모든 사람들ì´
+ì•”í˜¸í™”ëœ íŒ¨ìŠ¤ì›Œë“œë¥¼ ì½ì„ 수 있었지만, 패스워드를 í¬ëž™í•˜ê¸°ì—는 하드웨어가
+너무나 ëŠë ¸ê³ , ë”우기, 기본ì ì¸ ê°€ì •ì€ ê·¸ë“¤ì€ ì•„ì£¼ 친숙한 사용ìž
+ê³µë™ì²´ì˜ 패스워드들ì´ì—ˆë‹¤.
+
+오늘날 ë§Žì€ ì‚¬ëžŒë“¤ì´ ì‰ë„ìš° íŒ¨ìŠ¤ì›Œë“œì˜ ì¼ë¶€ ë²„ì „ì„ ì‹¤í–‰í•œë‹¤.
+ .I /etc/passwd는 ì•”í˜¸í™”ëœ íŒ¨ìŠ¤ì›Œë“œ 대신 *ë¡œ ëœ
+패스워드를 지니고, ì•”í˜¸í™”ëœ íŒ¨ìŠ¤ì›Œë“œë“¤ì€ ìˆ˜í¼ìœ ì €ë§Œì´ ì½ì„ 수 있는
+.I /etc/shadowì— ì €ìž¥ëœë‹¤.
+.PP
+ì‰ë„ìš° 패스우드가 사용ë˜ëŠ”ì§€ì— ìƒê´€ì—†ì´, ë§Žì€ ì‹œìŠ¤í…œ 관리ìžë“¤ì€ 사용ìžê°€
+ìžê¸° ìžì‹ ì„ 패스워드를 사용하여 ì¸ì¦í•  수 ì—†ë„ë¡ íŒ¨ìŠ¤ì›Œë“œ 필드내ì—
+별표를 사용한다.
+
+.PP
+ë§Œì¼ ìƒˆë¡œìš´ 로그ì¸ì„ 만들면, ìš°ì„  패스워드 í•„ë“œì— ë³„í‘œë¥¼ 놓고, ì´ë¥¼
+설정하기 위해 .BR passwd (1)ì„ ì‚¬ìš©í•œë‹¤.
+PP
+ê° í–‰ë§ˆë‹¤ í•˜ë‚˜ì˜ í•­ëª©ì´ ìžˆê³ , ê° í–‰ì€ ë‹¤ìŒì˜ 형ì‹ì„ 지닌다.
+.sp
+.RS
+계정:패스워드:UID:GID:GECOS:디렉토리:쉘
+.RE
+.sp
+ê° í•„ë“œì— ëŒ€í•œ ì„¤ëª…ì€ ë‹¤ìŒê³¼ 같다.
+.sp
+.RS
+.TP 1.0in
+.I 계정
+시스템ì—ì„œì˜ ì‚¬ìš©ìž ì´ë¦„. 대문ìžë¥¼ 사용해서는 안ëœë‹¤.
+.TP
+.I 패스워드
+ì•”í˜¸í™”ëœ ì‚¬ìš©ìžì˜ 패스워드 í˜¹ì€ ë³„í‘œ
+.TP
+.I UID
+숫ìžë¡œ 표현ë˜ëŠ” ì‚¬ìš©ìž id
+.TP
+.I GID
+ì´ ì‚¬ìš©ìžì— 대한 주 그룹 ID, 숫ìžë¡œ 표현ë¨
+.TP
+.I GECOS
+ì´ í•„ë“œëŠ” ì„ íƒì ì´ê³ , ì˜¤ì§ ì •ë³´ì ì¸ 목ì ìœ¼ë¡œë§Œ 사용ëœë‹¤. 보통, ì´ëŠ”
+사용ìžì˜ ì „ì²´ ì´ë¦„ì„ í¬í•¨í•œë‹¤. GECOS는 ì¼ë°˜ ì „ìž í†µí•© ìš´ì˜ì²´ì œë¡œì„œ,
+GEì˜ ê±°ëŒ€ ì‹œìŠ¤í…œì´ Honeywellì— íŒë§¤ëœ GCOS,ë¡œ 다시 명명ë˜ì—ˆë‹¤. Dennis
+Ritchie는 ë§í•˜ê¸°ë¥¼, 때때로 우리는 프린터 출력 í˜¹ì€ ì¼ê´„ 처리 작업들ì„
+GCOS 머신으로 전송하였다. 패스워드 파ì¼ì—ì„œ GCOS 필드는 $IDENTcardì— ëŒ€í•œ
+정보를 숨겨ë‘는 장소ì´ë‹¤.
+.TP
+.I directory
+사용ìžì˜ $HOME 디렉토리
+.TP
+.I shell(쉘)
+로그ì¸ì‹œ 실행하는 프로그램(ë§Œì¼ ë¹„ì—ˆë‹¤ë©´, .BR /bin/shì„ ì‚¬ìš©í•œë‹¤.)
+ë§Œì¼ ì¡´ìž¬í•˜ì§€ 않는 실행파ì¼ë¡œ 설정ë˜ì—ˆë‹¤ë©´, 사용ìžëŠ” .BR login (1)ì„ í†µí•´
+ë¡œê·¸ì¸ í•  수 ì—†ì„ ê²ƒì´ë‹¤.
+
+.RE
+.SH 주ì˜
+ì—¬ëŸ¬ë¶„ì´ ì‚¬ìš©ìž ê·¸ë£¹ì„ ë§Œë“¤ê³  싶다면, GID는 ì´ì™€ ë™ì¼í•˜ì—¬ì•¼ 하며,
+\fI/etc/group\fPë‚´ì— í•­ëª©ë“¤ì´ ìžˆê±°ë‚˜, ê·¸ë£¹ì´ ì¡´ìž¬í•˜ì§€ 않아야 한다.
+.PP
+ì•”í˜¸í™”ëœ íŒ¨ìŠ¤ì›Œë“œê°€ 별표로 ì„¤ì •ëœ ê²½ìš°, 사용ìžëŠ” .BR login (1)ë¡œ ë¡œê·¸ì¼ í•  수 없지만,
+.BR rlogin (1)ì„ ì‚¬ìš©í•˜ì—¬ 로그ì¸í•  수 ìžˆì„ ìˆ˜ë„ ìžˆë‹¤. 존재하는 í”„ë¡œì„¸ìŠ¤ë“¤ì„ ì‹¤í–‰í•˜ê³ ,
+.BR rsh (1)
+혹ì€
+.BR cron (1)
+혹ì€
+.BR at (1)
+ì„ ì´ˆê¸°í™”ì‹œí‚¤ê±°ë‚˜, ë©”ì¼ í•„í„°ë¥¼ 시작한다.
+단순히 쉘 필드를 변경시켜서 ê³„ì •ì„ ìž ê·¸ëŠ” ê²ƒì€ ë˜‘ê°™ì€ ê²°ê³¼ë¥¼ 가져오고,
+.BR su (1)ì˜ ì‚¬ìš©ì„ í—ˆìš©í•œë‹¤..
+.SH 파ì¼
+.I /etc/passwd
+.SH 관련 항목
+.BR passwd (1),
+.BR login (1),
+.BR su (1),
+.BR group (5),
+.BR shadow (5)
diff --git a/man/ko/man8/vigr.8 b/man/ko/man8/vigr.8
new file mode 100644
index 0000000..ff72d7a
--- /dev/null
+++ b/man/ko/man8/vigr.8
@@ -0,0 +1 @@
+.so man8/vipw.8
diff --git a/man/ko/man8/vipw.8 b/man/ko/man8/vipw.8
new file mode 100644
index 0000000..c36f908
--- /dev/null
+++ b/man/ko/man8/vipw.8
@@ -0,0 +1,64 @@
+.\" Copyright (c) 1983, 1991 The Regents of the University of California.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\" must display the following acknowledgement:
+.\" This product includes software developed by the University of
+.\" California, Berkeley and its contributors.
+.\" 4. Neither the name of the University nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" from: @(#)vipw.8 6.7 (Berkeley) 3/16/91
+.\" $Id$
+.\"
+.Dd March 16, 1991
+.Dt VIPW 8
+.Os BSD 4
+.Sh NAME
+.Nm vipw
+.Nd 패스워드 íŒŒì¼ íŽ¸ì§‘
+.Sh 사용법
+.Nm vipw
+.Sh 설명
+.Nm Vipw
+ëª…ë ¹ì€ /etc/passwd 파ì¼ì„ 잠그고(lock) 편집하고,
+íŽ¸ì§‘ì´ ë나면, /etc/passwd 파ì¼ì„ 잠금해제(unlock)한다.
+ì´ë¯¸ /etc/passwd 파ì¼ì´ 잠겨 있으면, 다ìŒì— 사용하ë¼ê³ 
+메시지를 보여준다.
+\fBvipw\fRì—ì„œ 사용하는 기본 편집기는 \fBvi(1)\fRì´ë‹¤.
+.Sh 환경변수
+\fBvipw\fR는 ë‹¤ìŒ í™˜ê²½ 변수를 사용한다.
+.Bl -tag -width EDITOR
+.It Ev EDITOR
+사용할 편집기 지정. ì´ˆê¸°ê°’ì€ vi
+.El
+.Sh 관련 항목
+.Xr passwd 1 ,
+.Xr vi 1 ,
+.Xr passwd 5
+.Sh ë°œìžì·¨
+.Nm
+명령ì€
+.Bx 4.0
+ì—ì„œ ì²˜ìŒ ë‚˜íƒ€ë‚¬ë‹¤.
diff --git a/man/lastlog.8.xml b/man/lastlog.8.xml
new file mode 100644
index 0000000..3ee1b3a
--- /dev/null
+++ b/man/lastlog.8.xml
@@ -0,0 +1,224 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1992 , Julianne Frances Haugh
+ Copyright (c) 1992 , Phillip Street
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='lastlog.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1992</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>lastlog</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>lastlog</refname>
+ <refpurpose>reports the most recent login of all users or of a given user</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>lastlog</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ <command>lastlog</command> formats and prints the contents of the last
+ login log <filename>/var/log/lastlog</filename> file. The
+ <emphasis>login-name</emphasis>, <emphasis>port</emphasis>, and
+ <emphasis>last login time</emphasis> will be printed. The default (no
+ flags) causes lastlog entries to be printed, sorted by their order in
+ <filename>/etc/passwd</filename>.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>lastlog</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Print only lastlog records older than <emphasis remap='I'>DAYS</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-C</option>, <option>--clear</option>
+ </term>
+ <listitem>
+ <para>
+ Clear lastlog record of a user. This option can be used only together
+ with <option>-u</option> (<option>--user</option>)).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-h</option>, <option>--help</option>
+ </term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-S</option>, <option>--set</option>
+ </term>
+ <listitem>
+ <para>
+ Set lastlog record of a user to the current time. This option can be
+ used only together with <option>-u</option> (<option>--user</option>)).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Print the lastlog records more recent than
+ <emphasis remap='I'>DAYS</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</replaceable>|<replaceable>RANGE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Print the lastlog record of the specified user(s).
+ </para>
+ <para>
+ The users can be specified by a login name, a numerical user ID,
+ or a <replaceable>RANGE</replaceable> of users. This
+ <replaceable>RANGE</replaceable> of users can be specified with a
+ min and max values (<replaceable>UID_MIN-UID_MAX</replaceable>), a
+ max value (<replaceable>-UID_MAX</replaceable>), or a min value
+ (<replaceable>UID_MIN-</replaceable>).
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ If the user has never logged in the message <emphasis>** Never logged
+ in**</emphasis> will be displayed instead of the port and time.
+ </para>
+
+ <para>
+ Only the entries for the current users of the system will be
+ displayed. Other entries may exist for users that were deleted
+ previously.
+ </para>
+ </refsect1>
+
+ <refsect1 id='note'>
+ <title>NOTE</title>
+ <para>
+ The <filename>lastlog</filename> file is a database which contains info
+ on the last login of each user. You should not rotate it. It is a sparse
+ file, so its size on the disk is usually much smaller than the one shown
+ by "<command>ls -l</command>" (which can indicate a really big file if
+ you have in <filename>passwd</filename> users with a high UID). You can
+ display its real size with "<command>ls -s</command>".
+ </para>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/var/log/lastlog</filename></term>
+ <listitem>
+ <para>Database times of previous user logins.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ Large gaps in UID numbers will cause the lastlog program to run
+ longer with no output to the screen (i.e. if in lastlog database there
+ is no entries for users with UID between 170 and 800 lastlog will appear
+ to hang as it processes entries with UIDs 171-799).
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/limits.5.xml b/man/limits.5.xml
new file mode 100644
index 0000000..1215f13
--- /dev/null
+++ b/man/limits.5.xml
@@ -0,0 +1,219 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1997 , Luca Berra
+ Copyright (c) 2001 - 2007, Tomasz KÅ‚oczko
+ Copyright (c) 2005 - 2006, Yuri Kozlov
+ Copyright (c) 2005 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='limits.5'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Luca</firstname>
+ <surname>Berra</surname>
+ <contrib>Creation, 1997</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>limits</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>limits</refname>
+ <refpurpose>resource limits definition</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <emphasis remap='I'>limits</emphasis> file
+ (<filename>/etc/limits</filename> by default
+ or LIMITS_FILE defined <filename>config.h</filename>) describes
+ the resource limits you wish to impose. It should be owned by
+ root and readable by root account only.
+ </para>
+
+ <para>
+ By default no quota is imposed on 'root'. In fact, there is no way to
+ impose limits via this procedure to root-equiv accounts (accounts with
+ UID 0).
+ </para>
+
+ <para>Each line describes a limit for a user in the form:</para>
+
+ <para>
+ <emphasis remap='I'>user LIMITS_STRING</emphasis>
+ </para>
+
+ <para>or in the form:</para>
+
+ <para>
+ <emphasis remap='I'>@group LIMITS_STRING</emphasis>
+ </para>
+
+ <para>
+ The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated
+ list of resource limits. Each limit consists of a letter identifier
+ followed by a numerical limit.
+ </para>
+
+ <para>The valid identifiers are:</para>
+
+ <itemizedlist>
+ <listitem><para>A: max address space (KB)</para></listitem>
+ <listitem><para>C: max core file size (KB)</para></listitem>
+ <listitem><para>D: max data size (KB)</para></listitem>
+ <listitem><para>F: maximum file size (KB)</para></listitem>
+ <listitem><para>K: file creation mask, set by
+ <citerefentry>
+ <refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>.</para>
+ </listitem>
+ <listitem><para>I: max nice value (0..39 which translates to
+ 20..-19)</para></listitem>
+ <listitem><para>L: max number of logins for this user</para></listitem>
+ <listitem><para>M: max locked-in-memory address space (KB)</para></listitem>
+ <listitem><para>N: max number of open files</para></listitem>
+ <listitem><para>O: max real time priority</para></listitem>
+ <listitem><para>P: process priority, set by
+ <citerefentry>
+ <refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>.</para>
+ </listitem>
+ <listitem><para>R: max resident set size (KB)</para></listitem>
+ <listitem><para>S: max stack size (KB)</para></listitem>
+ <listitem><para>T: max CPU time (MIN)</para></listitem>
+ <listitem><para>U: max number of processes</para></listitem>
+ </itemizedlist>
+
+ <para>
+ For example, <emphasis remap='I'>L2D2048N5</emphasis> is a valid
+ <emphasis>LIMITS_STRING</emphasis>. For reading convenience, the
+ following entries are equivalent:
+ </para>
+
+ <programlisting>
+ username L2D2048N5
+ username L2 D2048 N5
+ </programlisting>
+
+ <para>
+ Be aware that after <emphasis remap='I'>username</emphasis> the rest
+ of the line is considered a limit string, thus comments are not
+ allowed. An invalid limits string will be rejected (not considered) by
+ the <command>login</command> program.
+ </para>
+
+ <para>
+ The default entry is denoted by username "<emphasis>*</emphasis>". If
+ you have multiple <emphasis remap='I'>default</emphasis> entries in
+ your <emphasis>LIMITS_FILE</emphasis>, then the last one will be used
+ as the default entry.
+ </para>
+
+ <para>
+ The limits specified in the form "<replaceable>@group</replaceable>"
+ apply to the members of the specified
+ <replaceable>group</replaceable>.
+ </para>
+
+ <para>
+ If more than one line with limits for a user exist, only the first line for
+ this user will be considered.
+ </para>
+
+ <para>
+ If no lines are specified for a user, the last
+ <replaceable>@group</replaceable> line matching a group whose the
+ user is a member of will be considered, or the last line with
+ default limits if no groups contain the user.
+ </para>
+
+ <para>
+ To completely disable limits for a user, a single dash
+ "<emphasis>-</emphasis>" will do.
+ </para>
+
+ <para>
+ To disable a limit for a user, a single dash
+ "<replaceable>-</replaceable>" can be used instead of the numerical
+ value for this limit.
+ </para>
+
+ <para>
+ Also, please note that all limit settings are set PER LOGIN. They are
+ not global, nor are they permanent. Perhaps global limits will come,
+ but for now this will have to do ;)
+ </para>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/limits</filename></term>
+ <listitem><para></para></listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/login.1.xml b/man/login.1.xml
new file mode 100644
index 0000000..1bca536
--- /dev/null
+++ b/man/login.1.xml
@@ -0,0 +1,429 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ Copyright (c) 2007 - 2009, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CONSOLE SYSTEM "login.defs.d/CONSOLE.xml">
+<!ENTITY CONSOLE_GROUPS SYSTEM "login.defs.d/CONSOLE_GROUPS.xml">
+<!ENTITY DEFAULT_HOME SYSTEM "login.defs.d/DEFAULT_HOME.xml">
+<!ENTITY ENV_HZ SYSTEM "login.defs.d/ENV_HZ.xml">
+<!ENTITY ENV_PATH SYSTEM "login.defs.d/ENV_PATH.xml">
+<!ENTITY ENV_SUPATH SYSTEM "login.defs.d/ENV_SUPATH.xml">
+<!ENTITY ENV_TZ SYSTEM "login.defs.d/ENV_TZ.xml">
+<!ENTITY ENVIRON_FILE SYSTEM "login.defs.d/ENVIRON_FILE.xml">
+<!ENTITY ERASECHAR SYSTEM "login.defs.d/ERASECHAR.xml">
+<!ENTITY FAIL_DELAY SYSTEM "login.defs.d/FAIL_DELAY.xml">
+<!ENTITY FAILLOG_ENAB SYSTEM "login.defs.d/FAILLOG_ENAB.xml">
+<!ENTITY FAKE_SHELL SYSTEM "login.defs.d/FAKE_SHELL.xml">
+<!ENTITY FTMP_FILE SYSTEM "login.defs.d/FTMP_FILE.xml">
+<!ENTITY HUSHLOGIN_FILE SYSTEM "login.defs.d/HUSHLOGIN_FILE.xml">
+<!ENTITY ISSUE_FILE SYSTEM "login.defs.d/ISSUE_FILE.xml">
+<!ENTITY KILLCHAR SYSTEM "login.defs.d/KILLCHAR.xml">
+<!ENTITY LASTLOG_ENAB SYSTEM "login.defs.d/LASTLOG_ENAB.xml">
+<!ENTITY LOGIN_RETRIES SYSTEM "login.defs.d/LOGIN_RETRIES.xml">
+<!ENTITY LOGIN_STRING SYSTEM "login.defs.d/LOGIN_STRING.xml">
+<!ENTITY LOGIN_TIMEOUT SYSTEM "login.defs.d/LOGIN_TIMEOUT.xml">
+<!ENTITY LOG_OK_LOGINS SYSTEM "login.defs.d/LOG_OK_LOGINS.xml">
+<!ENTITY LOG_UNKFAIL_ENAB SYSTEM "login.defs.d/LOG_UNKFAIL_ENAB.xml">
+<!ENTITY MAIL_CHECK_ENAB SYSTEM "login.defs.d/MAIL_CHECK_ENAB.xml">
+<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY MOTD_FILE SYSTEM "login.defs.d/MOTD_FILE.xml">
+<!ENTITY NOLOGINS_FILE SYSTEM "login.defs.d/NOLOGINS_FILE.xml">
+<!ENTITY PORTTIME_CHECKS_ENAB SYSTEM "login.defs.d/PORTTIME_CHECKS_ENAB.xml">
+<!ENTITY QUOTAS_ENAB SYSTEM "login.defs.d/QUOTAS_ENAB.xml">
+<!ENTITY TTYGROUP SYSTEM "login.defs.d/TTYGROUP.xml">
+<!ENTITY TTYTYPE_FILE SYSTEM "login.defs.d/TTYTYPE_FILE.xml">
+<!ENTITY ULIMIT SYSTEM "login.defs.d/ULIMIT.xml">
+<!ENTITY UMASK SYSTEM "login.defs.d/UMASK.xml">
+<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='login.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1989</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>login</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>login</refname>
+ <refpurpose>begin session on the system</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>login</command>
+ <arg choice='opt'>-p</arg>
+ <arg choice='opt'>-h <replaceable>host</replaceable></arg>
+ <arg choice='opt'>
+ <replaceable>username</replaceable></arg>
+ <arg choice='opt' rep='repeat'> <replaceable>ENV=VAR</replaceable></arg>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <command>login</command>
+ <arg choice='opt'>-p</arg>
+ <arg choice='opt'>-h <replaceable>host</replaceable></arg>
+ <arg choice='plain'>-f</arg>
+ <arg choice='plain'><replaceable>username</replaceable></arg>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <command>login</command>
+ <arg choice='opt'>-p</arg>
+ <arg choice='plain'>-r <replaceable>host</replaceable></arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>login</command> program is used to establish a new session
+ with the system. It is normally invoked automatically by responding to
+ the <emphasis remap='I'>login:</emphasis> prompt on the user's
+ terminal. <command>login</command> may be special to the shell and may
+ not be invoked as a sub-process. When called from a shell,
+ <command>login</command> should be executed as
+ <emphasis remap='B'>exec login</emphasis> which will cause the user
+ to exit from the current shell (and thus will prevent the new logged
+ in user to return to the session of the caller). Attempting to
+ execute <command>login</command> from any shell but the login shell
+ will produce an error message.
+ </para>
+
+ <para>
+ The user is then prompted for a password, where appropriate. Echoing
+ is disabled to prevent revealing the password. Only a small number of
+ password failures are permitted before <command>login</command> exits
+ and the communications link is severed.
+ </para>
+
+ <para>
+ If password aging has been enabled for your account, you may be
+ prompted for a new password before proceeding. You will be forced to
+ provide your old password and the new password before continuing.
+ Please refer to <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> for more information.
+ </para>
+
+ <para condition="no_pam">
+ After a successful login, you will be informed of any system messages
+ and the presence of mail. You may turn off the printing of the system
+ message file, <filename>/etc/motd</filename>, by creating a
+ zero-length file <filename>.hushlogin</filename> in your login directory.
+ The mail message will be one of "<emphasis>You have new
+ mail.</emphasis>", "<emphasis>You have mail.</emphasis>", or
+ "<emphasis>No Mail.</emphasis>" according to the condition of your
+ mailbox.
+ </para>
+
+ <para>
+ Your user and group ID will be set according to their values in the
+ <filename>/etc/passwd</filename> file. The value for
+ <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$PATH</envar>,
+ <envar>$LOGNAME</envar>, and <envar>$MAIL</envar> are set according
+ to the appropriate fields in the password entry. Ulimit, umask and nice
+ values may also be set according to entries in the GECOS field.
+ </para>
+
+ <para>
+ On some installations, the environmental variable
+ <envar>$TERM</envar> will be initialized to the terminal type on
+ your tty line, as specified in <filename>/etc/ttytype</filename>.
+ </para>
+
+ <para>
+ An initialization script for your command interpreter may also be
+ executed. Please see the appropriate manual section for more
+ information on this function.
+ </para>
+
+ <para>
+ A subsystem login is indicated by the presence of a "*" as the first
+ character of the login shell. The given home directory will be used as
+ the root of a new file system which the user is actually logged into.
+ </para>
+
+ <para>
+ The <command>login</command> program is NOT responsible for removing
+ users from the utmp file. It is the responsibility of
+ <citerefentry><refentrytitle>getty</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> and
+ <citerefentry><refentrytitle>init</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> to clean up apparent ownership
+ of a terminal session. If you use <command>login</command> from the
+ shell prompt without <command>exec</command>, the user you use will
+ continue to appear to be logged in even after you log out of the
+ "subsession".
+ </para>
+
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-f</option>
+ </term>
+ <listitem>
+ <para>
+ Do not perform authentication, user is preauthenticated.
+ </para>
+ <para>
+ Note: In that case, <replaceable>username</replaceable> is
+ mandatory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-h</option>
+ </term>
+ <listitem>
+ <para>Name of the remote host for this login.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-p</option>
+ </term>
+ <listitem>
+ <para>Preserve environment.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-r</option>
+ </term>
+ <listitem>
+ <para>Perform autologin protocol for rlogin.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ The <option>-r</option>, <option>-h</option> and <option>-f</option>
+ options are only used when <command>login</command> is invoked by
+ root.
+ </para>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ This version of <command>login</command> has many compilation options,
+ only some of which may be in use at any particular site.
+ </para>
+
+ <para>The location of files is subject to differences in system
+ configuration.
+ </para>
+
+ <para>
+ The <command>login</command> program is NOT responsible for removing
+ users from the utmp file. It is the responsibility of <citerefentry>
+ <refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry> and <citerefentry>
+ <refentrytitle>init</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry> to clean up apparent ownership of a terminal session.
+ If you use <command>login</command> from the shell prompt without
+ <command>exec</command>, the user you use will continue to appear to
+ be logged in even after you log out of the "subsession".
+ </para>
+
+ <para>
+ As with any program, <command>login</command>'s appearance can be faked.
+ If non-trusted users have physical access to a machine, an
+ attacker could use this to obtain the password of the next person
+ coming to sit in front of the machine. Under Linux, the SAK mechanism can be
+ used by users to initiate a trusted path and prevent this kind of
+ attack.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &CONSOLE;
+ &CONSOLE_GROUPS;
+ &DEFAULT_HOME;
+ <phrase condition="no_pam">&ENV_HZ;</phrase>
+ <phrase>&ENV_PATH;</phrase>
+ <phrase>&ENV_SUPATH;</phrase>
+ &ENV_TZ;
+ &ENVIRON_FILE;
+ &ERASECHAR;
+ &FAIL_DELAY;
+ &FAILLOG_ENAB;
+ &FAKE_SHELL;
+ &FTMP_FILE;
+ &HUSHLOGIN_FILE;
+ &ISSUE_FILE;
+ &KILLCHAR;
+ &LASTLOG_ENAB;
+ &LOGIN_RETRIES;
+ &LOGIN_STRING;
+ &LOGIN_TIMEOUT;
+ &LOG_OK_LOGINS;
+ &LOG_UNKFAIL_ENAB;
+ &MAIL_CHECK_ENAB;
+ <phrase condition="no_pam">&MAIL_DIR;</phrase>
+ &MOTD_FILE;
+ &NOLOGINS_FILE;
+ &PORTTIME_CHECKS_ENAB;
+ &QUOTAS_ENAB;
+ &TTYGROUP; <!-- documents also TTYPERM -->
+ &TTYTYPE_FILE;
+ &ULIMIT;
+ <phrase condition="no_pam">&UMASK;</phrase>
+ &USERGROUPS_ENAB;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/var/run/utmp</filename></term>
+ <listitem>
+ <para>List of current login sessions.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/var/log/wtmp</filename></term>
+ <listitem>
+ <para>List of previous login sessions.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/motd</filename></term>
+ <listitem>
+ <para>System message of the day file.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/nologin</filename></term>
+ <listitem>
+ <para>Prevent non-root users from logging in.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/ttytype</filename></term>
+ <listitem>
+ <para>List of terminal types.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>$HOME/.hushlogin</filename></term>
+ <listitem>
+ <para>Suppress printing of system messages.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>securetty</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/login.access.5.xml b/man/login.access.5.xml
new file mode 100644
index 0000000..bb3e77c
--- /dev/null
+++ b/man/login.access.5.xml
@@ -0,0 +1,140 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='login.access.5'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Marek</firstname>
+ <surname>Michałkiewicz</surname>
+ <contrib>Creation, 1996</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>login.access</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>login.access</refname>
+ <refpurpose>login access control table</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <emphasis remap='I'>login.access</emphasis> file specifies (user,
+ host) combinations and/or (user, tty) combinations for which a login
+ will be either accepted or refused.
+ </para>
+
+ <para>
+ When someone logs in, the <emphasis remap='I'>login.access</emphasis>
+ is scanned for the first entry that matches the (user, host)
+ combination, or, in case of non-networked logins, the first entry that
+ matches the (user, tty) combination. The permissions field of that
+ table entry determines whether the login will be accepted or refused.
+ </para>
+
+ <para>
+ Each line of the login access control table has three fields separated
+ by a ":" character:
+ </para>
+
+ <para>
+ <emphasis remap='I'>permission</emphasis>:<emphasis remap='I'>users</emphasis>:<emphasis remap='I'>origins</emphasis>
+ </para>
+
+ <para>
+ The first field should be a "<emphasis>+</emphasis>" (access granted)
+ or "<emphasis>-</emphasis>" (access denied) character. The second
+ field should be a list of one or more login names, group names, or
+ <emphasis>ALL</emphasis> (always matches). The third field should be a
+ list of one or more tty names (for non-networked logins), host names,
+ domain names (begin with "<literal>.</literal>"), host addresses,
+ internet network numbers (end with "<literal>.</literal>"),
+ <emphasis>ALL</emphasis> (always matches) or
+ <emphasis>LOCAL</emphasis> (matches any string that does not contain a
+ "<literal>.</literal>" character). If you run NIS you can use
+ @netgroupname in host or user patterns.
+ </para>
+
+ <para>
+ The <emphasis>EXCEPT</emphasis> operator makes it possible to write
+ very compact rules.
+ </para>
+
+ <para>
+ The group file is searched only when a name does not match that of the
+ logged-in user. Only groups are matched in which users are explicitly
+ listed: the program does not look at a user's primary group id value.
+ </para>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/login.defs.5.xml b/man/login.defs.5.xml
new file mode 100644
index 0000000..98d37fd
--- /dev/null
+++ b/man/login.defs.5.xml
@@ -0,0 +1,556 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2009, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CHFN_AUTH SYSTEM "login.defs.d/CHFN_AUTH.xml">
+<!ENTITY CHFN_RESTRICT SYSTEM "login.defs.d/CHFN_RESTRICT.xml">
+<!ENTITY CHSH_AUTH SYSTEM "login.defs.d/CHSH_AUTH.xml">
+<!ENTITY CONSOLE SYSTEM "login.defs.d/CONSOLE.xml">
+<!ENTITY CONSOLE_GROUPS SYSTEM "login.defs.d/CONSOLE_GROUPS.xml">
+<!ENTITY CREATE_HOME SYSTEM "login.defs.d/CREATE_HOME.xml">
+<!ENTITY DEFAULT_HOME SYSTEM "login.defs.d/DEFAULT_HOME.xml">
+<!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY ENV_HZ SYSTEM "login.defs.d/ENV_HZ.xml">
+<!ENTITY ENV_PATH SYSTEM "login.defs.d/ENV_PATH.xml">
+<!ENTITY ENV_SUPATH SYSTEM "login.defs.d/ENV_SUPATH.xml">
+<!ENTITY ENV_TZ SYSTEM "login.defs.d/ENV_TZ.xml">
+<!ENTITY ENVIRON_FILE SYSTEM "login.defs.d/ENVIRON_FILE.xml">
+<!ENTITY ERASECHAR SYSTEM "login.defs.d/ERASECHAR.xml">
+<!ENTITY FAIL_DELAY SYSTEM "login.defs.d/FAIL_DELAY.xml">
+<!ENTITY FAILLOG_ENAB SYSTEM "login.defs.d/FAILLOG_ENAB.xml">
+<!ENTITY FAKE_SHELL SYSTEM "login.defs.d/FAKE_SHELL.xml">
+<!ENTITY FTMP_FILE SYSTEM "login.defs.d/FTMP_FILE.xml">
+<!ENTITY GID_MAX SYSTEM "login.defs.d/GID_MAX.xml">
+<!ENTITY HUSHLOGIN_FILE SYSTEM "login.defs.d/HUSHLOGIN_FILE.xml">
+<!ENTITY ISSUE_FILE SYSTEM "login.defs.d/ISSUE_FILE.xml">
+<!ENTITY KILLCHAR SYSTEM "login.defs.d/KILLCHAR.xml">
+<!ENTITY LASTLOG_ENAB SYSTEM "login.defs.d/LASTLOG_ENAB.xml">
+<!ENTITY LOG_OK_LOGINS SYSTEM "login.defs.d/LOG_OK_LOGINS.xml">
+<!ENTITY LOG_UNKFAIL_ENAB SYSTEM "login.defs.d/LOG_UNKFAIL_ENAB.xml">
+<!ENTITY LOGIN_RETRIES SYSTEM "login.defs.d/LOGIN_RETRIES.xml">
+<!ENTITY LOGIN_STRING SYSTEM "login.defs.d/LOGIN_STRING.xml">
+<!ENTITY LOGIN_TIMEOUT SYSTEM "login.defs.d/LOGIN_TIMEOUT.xml">
+<!ENTITY MAIL_CHECK_ENAB SYSTEM "login.defs.d/MAIL_CHECK_ENAB.xml">
+<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY MOTD_FILE SYSTEM "login.defs.d/MOTD_FILE.xml">
+<!ENTITY NOLOGINS_FILE SYSTEM "login.defs.d/NOLOGINS_FILE.xml">
+<!ENTITY OBSCURE_CHECKS_ENAB SYSTEM "login.defs.d/OBSCURE_CHECKS_ENAB.xml">
+<!ENTITY PASS_ALWAYS_WARN SYSTEM "login.defs.d/PASS_ALWAYS_WARN.xml">
+<!ENTITY PASS_CHANGE_TRIES SYSTEM "login.defs.d/PASS_CHANGE_TRIES.xml">
+<!ENTITY PASS_MAX_LEN SYSTEM "login.defs.d/PASS_MAX_LEN.xml">
+<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
+<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
+<!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+<!ENTITY PORTTIME_CHECKS_ENAB SYSTEM "login.defs.d/PORTTIME_CHECKS_ENAB.xml">
+<!ENTITY QUOTAS_ENAB SYSTEM "login.defs.d/QUOTAS_ENAB.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!ENTITY SULOG_FILE SYSTEM "login.defs.d/SULOG_FILE.xml">
+<!ENTITY SU_NAME SYSTEM "login.defs.d/SU_NAME.xml">
+<!ENTITY SU_WHEEL_ONLY SYSTEM "login.defs.d/SU_WHEEL_ONLY.xml">
+<!ENTITY SUB_GID_COUNT SYSTEM "login.defs.d/SUB_GID_COUNT.xml">
+<!ENTITY SUB_UID_COUNT SYSTEM "login.defs.d/SUB_UID_COUNT.xml">
+<!ENTITY SYS_GID_MAX SYSTEM "login.defs.d/SYS_GID_MAX.xml">
+<!ENTITY SYSLOG_SG_ENAB SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml">
+<!ENTITY SYSLOG_SU_ENAB SYSTEM "login.defs.d/SYSLOG_SU_ENAB.xml">
+<!ENTITY SYS_UID_MAX SYSTEM "login.defs.d/SYS_UID_MAX.xml">
+<!ENTITY TCB_AUTH_GROUP SYSTEM "login.defs.d/TCB_AUTH_GROUP.xml">
+<!ENTITY TCB_SYMLINKS SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
+<!ENTITY TTYGROUP SYSTEM "login.defs.d/TTYGROUP.xml">
+<!ENTITY TTYTYPE_FILE SYSTEM "login.defs.d/TTYTYPE_FILE.xml">
+<!ENTITY UID_MAX SYSTEM "login.defs.d/UID_MAX.xml">
+<!ENTITY ULIMIT SYSTEM "login.defs.d/ULIMIT.xml">
+<!ENTITY UMASK SYSTEM "login.defs.d/UMASK.xml">
+<!ENTITY USERDEL_CMD SYSTEM "login.defs.d/USERDEL_CMD.xml">
+<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
+<!ENTITY USE_TCB SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='login.defs.5'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>login.defs</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>login.defs</refname>
+ <refpurpose>shadow password suite configuration</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <filename>/etc/login.defs</filename> file defines the
+ site-specific configuration for the shadow password suite. This file
+ is required. Absence of this file will not prevent system operation,
+ but will probably result in undesirable operation.
+ </para>
+
+ <para>
+ This file is a readable text file, each line of the file describing
+ one configuration parameter. The lines consist of a configuration name
+ and value, separated by whitespace. Blank lines and comment lines are
+ ignored. Comments are introduced with a "#" pound sign and the pound
+ sign must be the first non-white character of the line.
+ </para>
+
+ <para>
+ Parameter values may be of four types: strings, booleans, numbers, and
+ long numbers. A string is comprised of any printable characters. A
+ boolean should be either the value <replaceable>yes</replaceable> or
+ <replaceable>no</replaceable>. An undefined boolean
+ parameter or one with a value other than these will be given a
+ <replaceable>no</replaceable>
+ value. Numbers (both regular and long) may be either decimal values,
+ octal values (precede the value with <replaceable>0</replaceable>) or
+ hexadecimal values
+ (precede the value with <replaceable>0x</replaceable>).
+ The maximum value of the regular and
+ long numeric parameters is machine-dependent.
+ </para>
+
+ <para>The following configuration items are provided:</para>
+
+ <variablelist remap='IP'>
+ &CHFN_AUTH;
+ &CHFN_RESTRICT;
+ &CHSH_AUTH;
+ &CONSOLE;
+ &CONSOLE_GROUPS;
+ &CREATE_HOME;
+ &DEFAULT_HOME;
+ &ENCRYPT_METHOD;
+ &ENV_HZ;
+ &ENV_PATH;
+ &ENV_SUPATH;
+ &ENV_TZ;
+ &ENVIRON_FILE;
+ &ERASECHAR;
+ &FAIL_DELAY;
+ &FAILLOG_ENAB;
+ &FAKE_SHELL;
+ &FTMP_FILE;
+ &GID_MAX; <!-- documents also GID_MIN -->
+ &HUSHLOGIN_FILE;
+ &ISSUE_FILE;
+ &KILLCHAR;
+ &LASTLOG_ENAB;
+ &LOG_OK_LOGINS;
+ &LOG_UNKFAIL_ENAB;
+ &LOGIN_RETRIES;
+ &LOGIN_STRING;
+ &LOGIN_TIMEOUT;
+ &MAIL_CHECK_ENAB;
+ &MAIL_DIR;
+ &MAX_MEMBERS_PER_GROUP;
+ &MD5_CRYPT_ENAB;
+ &MOTD_FILE;
+ &NOLOGINS_FILE;
+ &OBSCURE_CHECKS_ENAB;
+ &PASS_ALWAYS_WARN;
+ &PASS_CHANGE_TRIES;
+ &PASS_MAX_DAYS;
+ &PASS_MIN_DAYS;
+ &PASS_WARN_AGE;
+ <para>
+ <option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and
+ <option>PASS_WARN_AGE</option> are only used at the
+ time of account creation. Any changes to these settings won't affect
+ existing accounts.
+ </para>
+ &PASS_MAX_LEN; <!-- documents also PASS_MIN_LEN -->
+ &PORTTIME_CHECKS_ENAB;
+ &QUOTAS_ENAB;
+ &SHA_CRYPT_MIN_ROUNDS; <!-- documents also SHA_CRYPT_MAX_ROUNDS -->
+ &SULOG_FILE;
+ &SU_NAME;
+ &SU_WHEEL_ONLY;
+ &SUB_GID_COUNT; <!-- documents also SUB_GID_MIN SUB_GID_MAX -->
+ &SUB_UID_COUNT; <!-- documents also SUB_UID_MIN SUB_UID_MAX -->
+ &SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
+ &SYS_UID_MAX; <!-- documents also SYS_UID_MIN -->
+ &SYSLOG_SG_ENAB;
+ &SYSLOG_SU_ENAB;
+ &TCB_AUTH_GROUP;
+ &TCB_SYMLINKS;
+ &TTYGROUP;
+ &TTYTYPE_FILE;
+ &UID_MAX; <!-- documents also UID_MIN -->
+ &ULIMIT;
+ &UMASK;
+ &USERDEL_CMD;
+ &USERGROUPS_ENAB;
+ &USE_TCB;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='cross_references'>
+ <title>CROSS REFERENCES</title>
+ <para>
+ The following cross references show which programs in the shadow
+ password suite use which parameters.
+ </para>
+ <!-- .na -->
+ <variablelist remap='IP'>
+ <varlistentry condition="tcb">
+ <term>chage</term>
+ <listitem>
+ <para>USE_TCB</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>chfn</term>
+ <listitem>
+ <para>
+ <phrase condition="no_pam">CHFN_AUTH</phrase>
+ CHFN_RESTRICT
+ <phrase condition="no_pam">LOGIN_STRING</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>chgpasswd</term>
+ <listitem>
+ <para>
+ ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
+ <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+ SHA_CRYPT_MIN_ROUNDS</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>chpasswd</term>
+ <listitem>
+ <para>
+ <phrase condition="no_pam">ENCRYPT_METHOD
+ MD5_CRYPT_ENAB </phrase>
+ <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+ SHA_CRYPT_MIN_ROUNDS</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="no_pam">
+ <term>chsh</term>
+ <listitem>
+ <para>
+ CHSH_AUTH LOGIN_STRING
+ </para>
+ </listitem>
+ </varlistentry>
+ <!-- expiry: no variables (CONSOLE_GROUPS linked, but not used) -->
+ <!-- faillog: no variables -->
+ <varlistentry>
+ <term>gpasswd</term>
+ <listitem>
+ <para>
+ ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
+ <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+ SHA_CRYPT_MIN_ROUNDS</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>groupadd</term>
+ <listitem>
+ <para>
+ GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP
+ SYS_GID_MAX SYS_GID_MIN
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>groupdel</term>
+ <listitem>
+ <para>MAX_MEMBERS_PER_GROUP</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>groupmems</term>
+ <listitem>
+ <para>MAX_MEMBERS_PER_GROUP</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>groupmod</term>
+ <listitem>
+ <para>MAX_MEMBERS_PER_GROUP</para>
+ </listitem>
+ </varlistentry>
+ <!-- groups: no variables -->
+ <varlistentry>
+ <term>grpck</term>
+ <listitem>
+ <para>MAX_MEMBERS_PER_GROUP</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>grpconv</term>
+ <listitem>
+ <para>MAX_MEMBERS_PER_GROUP</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>grpunconv</term>
+ <listitem>
+ <para>MAX_MEMBERS_PER_GROUP</para>
+ </listitem>
+ </varlistentry>
+ <!-- id: no variables -->
+ <!-- lastlog: no variables -->
+ <varlistentry>
+ <term>login</term>
+ <listitem>
+ <para>
+ <phrase condition="no_pam">CONSOLE</phrase>
+ CONSOLE_GROUPS DEFAULT_HOME
+ <phrase condition="no_pam">ENV_HZ ENV_PATH ENV_SUPATH
+ ENV_TZ ENVIRON_FILE</phrase>
+ ERASECHAR FAIL_DELAY
+ <phrase condition="no_pam">FAILLOG_ENAB</phrase>
+ FAKE_SHELL
+ <phrase condition="no_pam">FTMP_FILE</phrase>
+ HUSHLOGIN_FILE
+ <phrase condition="no_pam">ISSUE_FILE</phrase>
+ KILLCHAR
+ <phrase condition="no_pam">LASTLOG_ENAB</phrase>
+ LOGIN_RETRIES
+ <phrase condition="no_pam">LOGIN_STRING</phrase>
+ LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB
+ <phrase condition="no_pam">MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE
+ MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB
+ QUOTAS_ENAB</phrase>
+ TTYGROUP TTYPERM TTYTYPE_FILE
+ <phrase condition="no_pam">ULIMIT UMASK</phrase>
+ USERGROUPS_ENAB
+ </para>
+ </listitem>
+ </varlistentry>
+ <!-- logoutd: no variables -->
+ <varlistentry>
+ <term>newgrp / sg</term>
+ <listitem>
+ <para>
+ SYSLOG_SG_ENAB
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>newusers</term>
+ <listitem>
+ <para>
+ ENCRYPT_METHOD
+ GID_MAX GID_MIN
+ MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
+ PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+ <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+ SHA_CRYPT_MIN_ROUNDS</phrase>
+ SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN
+ SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN
+ SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN
+ UMASK
+ </para>
+ </listitem>
+ </varlistentry>
+ <!-- nologin: no variables -->
+ <varlistentry condition="no_pam">
+ <term>passwd</term>
+ <listitem>
+ <para>
+ ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB
+ PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN
+ <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+ SHA_CRYPT_MIN_ROUNDS</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>pwck</term>
+ <listitem>
+ <para>
+ PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+ <phrase condition="tcb">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>pwconv</term>
+ <listitem>
+ <para>
+ PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+ <phrase condition="tcb">USE_TCB</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="tcb">
+ <term>pwunconv</term>
+ <listitem>
+ <para>
+ <phrase condition="tcb">USE_TCB</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>su</term>
+ <listitem>
+ <para>
+ <phrase condition="no_pam">CONSOLE</phrase>
+ CONSOLE_GROUPS DEFAULT_HOME
+ <phrase condition="no_pam">ENV_HZ ENVIRON_FILE</phrase>
+ ENV_PATH ENV_SUPATH
+ <phrase condition="no_pam">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB
+ MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase>
+ SULOG_FILE SU_NAME
+ <phrase condition="no_pam">SU_WHEEL_ONLY</phrase>
+ SYSLOG_SU_ENAB
+ <phrase condition="no_pam">USERGROUPS_ENAB</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>sulogin</term>
+ <listitem>
+ <para>
+ ENV_HZ
+ <phrase condition="no_pam">ENV_TZ</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>useradd</term>
+ <listitem>
+ <para>
+ CREATE_HOME
+ GID_MAX GID_MIN
+ MAIL_DIR MAX_MEMBERS_PER_GROUP
+ PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+ SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN
+ SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN
+ SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN
+ UMASK
+ <phrase condition="tcb">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>userdel</term>
+ <listitem>
+ <para>
+ MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD
+ USERGROUPS_ENAB
+ <phrase condition="tcb">TCB_SYMLINKS USE_TCB</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>usermod</term>
+ <listitem>
+ <para>
+ MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP
+ <phrase condition="tcb">TCB_SYMLINKS USE_TCB</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="tcb">
+ <term>vipw</term>
+ <listitem>
+ <para>
+ <phrase condition="tcb">USE_TCB</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='bugs' condition="pam">
+ <title>BUGS</title>
+ <para>
+ Much of the functionality that used to be provided by the shadow
+ password suite is now handled by PAM. Thus,
+ <filename>/etc/login.defs</filename> is no longer used by <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>, or less used by <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>, and <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>. Please refer to the corresponding PAM configuration
+ files instead.
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/login.defs.d/CHFN_AUTH.xml b/man/login.defs.d/CHFN_AUTH.xml
new file mode 100644
index 0000000..941e5f9
--- /dev/null
+++ b/man/login.defs.d/CHFN_AUTH.xml
@@ -0,0 +1,40 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>CHFN_AUTH</option> (boolean)</term>
+ <listitem>
+ <para>
+ If <replaceable>yes</replaceable>, the <command>chfn</command>
+ program will require authentication before making any changes,
+ unless run by the superuser.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/CHFN_RESTRICT.xml b/man/login.defs.d/CHFN_RESTRICT.xml
new file mode 100644
index 0000000..ecc21b7
--- /dev/null
+++ b/man/login.defs.d/CHFN_RESTRICT.xml
@@ -0,0 +1,51 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>CHFN_RESTRICT</option> (string)</term>
+ <listitem>
+ <para>
+ This parameter specifies which values in the <emphasis
+ remap='I'>gecos</emphasis> field of the
+ <filename>/etc/passwd</filename> file may be changed by regular
+ users using the <command>chfn</command> program. It can be any
+ combination of letters <replaceable>f</replaceable>,
+ <replaceable>r</replaceable>, <replaceable>w</replaceable>,
+ <replaceable>h</replaceable>, for Full name, Room number, Work
+ phone, and Home phone, respectively. For backward compatibility,
+ <replaceable>yes</replaceable> is equivalent to
+ <replaceable>rwh</replaceable> and <replaceable>no</replaceable> is
+ equivalent to <replaceable>frwh</replaceable>. If not specified,
+ only the superuser can make any changes. The most restrictive
+ setting is better achieved by not installing <command>chfn</command>
+ SUID.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/CHSH_AUTH.xml b/man/login.defs.d/CHSH_AUTH.xml
new file mode 100644
index 0000000..0d7139f
--- /dev/null
+++ b/man/login.defs.d/CHSH_AUTH.xml
@@ -0,0 +1,40 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>CHSH_AUTH</option> (boolean)</term>
+ <listitem>
+ <para>
+ If <replaceable>yes</replaceable>, the <command>chsh</command>
+ program will require authentication before making any changes,
+ unless run by the superuser.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/CONSOLE.xml b/man/login.defs.d/CONSOLE.xml
new file mode 100644
index 0000000..a5f6932
--- /dev/null
+++ b/man/login.defs.d/CONSOLE.xml
@@ -0,0 +1,46 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>CONSOLE</option> (string)</term>
+ <listitem>
+ <para>
+ If defined, either full pathname of a file containing device names
+ (one per line) or a ":" delimited list of device names. Root logins will be
+ allowed only upon these devices.
+ </para>
+ <para>
+ If not defined, root will be allowed on any device.
+ </para>
+ <para>
+ The device should be specified without the /dev/ prefix.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/CONSOLE_GROUPS.xml b/man/login.defs.d/CONSOLE_GROUPS.xml
new file mode 100644
index 0000000..f464153
--- /dev/null
+++ b/man/login.defs.d/CONSOLE_GROUPS.xml
@@ -0,0 +1,44 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>CONSOLE_GROUPS</option> (string)</term>
+ <listitem>
+ <para>
+ List of groups to add to the user's supplementary groups set when
+ logging in on the console (as determined by the CONSOLE setting).
+ Default is none.
+ <para>
+ </para>
+ Use with caution - it is possible for users to gain permanent access
+ to these groups, even when not logged in on the console.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/CREATE_HOME.xml b/man/login.defs.d/CREATE_HOME.xml
new file mode 100644
index 0000000..fe40477
--- /dev/null
+++ b/man/login.defs.d/CREATE_HOME.xml
@@ -0,0 +1,41 @@
+<!--
+ Copyright (c) 2009 , Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>CREATE_HOME</option> (boolean)</term>
+ <listitem>
+ <para>
+ Indicate if a home directory should be created by default for new
+ users.
+ </para>
+ <para>
+ This setting does not apply to system users, and can be overridden on
+ the command line.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/DEFAULT_HOME.xml b/man/login.defs.d/DEFAULT_HOME.xml
new file mode 100644
index 0000000..bb9982b
--- /dev/null
+++ b/man/login.defs.d/DEFAULT_HOME.xml
@@ -0,0 +1,44 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>DEFAULT_HOME</option> (boolean)</term>
+ <listitem>
+ <para>
+ Indicate if login is allowed if we can't cd to the home directory.
+ Default is no.
+ </para>
+ <para>
+ If set to <replaceable>yes</replaceable>, the user will login in
+ the root (<filename>/</filename>) directory if it is not possible to
+ cd to her home directory.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENCRYPT_METHOD.xml b/man/login.defs.d/ENCRYPT_METHOD.xml
new file mode 100644
index 0000000..325d025
--- /dev/null
+++ b/man/login.defs.d/ENCRYPT_METHOD.xml
@@ -0,0 +1,54 @@
+<!--
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>ENCRYPT_METHOD</option> (string)</term>
+ <listitem>
+ <para>
+ This defines the system default encryption algorithm for encrypting
+ passwords (if no algorithm are specified on the command line).
+ </para>
+ <para>
+ It can take one of these values:
+ <replaceable>DES</replaceable> (default),
+ <replaceable>MD5</replaceable><phrase condition="sha_crypt">,
+ <replaceable>SHA256</replaceable>,
+ <replaceable>SHA512</replaceable></phrase>.
+ </para>
+ <para>
+ Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option>
+ variable.
+ </para>
+ <para condition="pam">
+ Note: This only affect the generation of group passwords.
+ The generation of user passwords is done by PAM and subject to the
+ PAM configuration. It is recommended to set this variable
+ consistently with the PAM configuration.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENVIRON_FILE.xml b/man/login.defs.d/ENVIRON_FILE.xml
new file mode 100644
index 0000000..ee85d8c
--- /dev/null
+++ b/man/login.defs.d/ENVIRON_FILE.xml
@@ -0,0 +1,42 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2009, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>ENVIRON_FILE</option> (string)</term>
+ <listitem>
+ <para>
+ If this file exists and is readable, login environment will be
+ read from it. Every line should be in the form name=value.
+ </para>
+ <para>
+ Lines starting with a # are treated as comment lines and ignored.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENV_HZ.xml b/man/login.defs.d/ENV_HZ.xml
new file mode 100644
index 0000000..9bbc255
--- /dev/null
+++ b/man/login.defs.d/ENV_HZ.xml
@@ -0,0 +1,47 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <!-- XXX: When compiled with PAM support, only sulogin uses ENV_HZ -->
+ <term><option>ENV_HZ</option> (string)</term>
+ <listitem>
+ <para>
+ If set, it will be used to define the HZ environment variable when
+ a user login. The value must be preceded by
+ <replaceable>HZ=</replaceable>. A common value on Linux is
+ <replaceable>HZ=100</replaceable>.
+ </para>
+ <para condition="pam">
+ The <envar>HZ</envar> environment variable is only set when the user
+ (the superuser) logs in with <command>sulogin</command>.
+ </para>
+ <!-- TODO: it can in fact be used to set any other variable-->
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENV_PATH.xml b/man/login.defs.d/ENV_PATH.xml
new file mode 100644
index 0000000..a3852fa
--- /dev/null
+++ b/man/login.defs.d/ENV_PATH.xml
@@ -0,0 +1,43 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>ENV_PATH</option> (string)</term>
+ <listitem>
+ <para>
+ If set, it will be used to define the PATH environment variable when
+ a regular user login. The value is a colon separated list of paths
+ (for example <replaceable>/bin:/usr/bin</replaceable>) and can be
+ preceded by <replaceable>PATH=</replaceable>. The default value is
+ <replaceable>PATH=/bin:/usr/bin</replaceable>.
+ </para>
+ <!-- TODO: it can in fact be used to set any other variable-->
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENV_SUPATH.xml b/man/login.defs.d/ENV_SUPATH.xml
new file mode 100644
index 0000000..bbd07f8
--- /dev/null
+++ b/man/login.defs.d/ENV_SUPATH.xml
@@ -0,0 +1,44 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2009, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>ENV_SUPATH</option> (string)</term>
+ <listitem>
+ <para>
+ If set, it will be used to define the PATH environment variable when
+ the superuser login. The value is a colon separated list of paths
+ (for example
+ <replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be
+ preceded by <replaceable>PATH=</replaceable>. The default value is
+ <replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>.
+ </para>
+ <!-- TODO: it can in fact be used to set any other variable-->
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENV_TZ.xml b/man/login.defs.d/ENV_TZ.xml
new file mode 100644
index 0000000..90c8bca
--- /dev/null
+++ b/man/login.defs.d/ENV_TZ.xml
@@ -0,0 +1,48 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>ENV_TZ</option> (string)</term>
+ <listitem>
+ <para>
+ If set, it will be used to define the TZ environment variable when
+ a user login. The value can be the name of a timezone preceded by
+ <replaceable>TZ=</replaceable> (for example
+ <replaceable>TZ=CST6CDT</replaceable>), or the full path to the file
+ containing the timezone specification (for example
+ <filename>/etc/tzname</filename>).
+ </para>
+ <!-- TODO: it can in fact be used to set any other variable-->
+ <para>
+ If a full path is specified but the file does not exist or cannot be
+ read, the default is to use <replaceable>TZ=CST6CDT</replaceable>.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ERASECHAR.xml b/man/login.defs.d/ERASECHAR.xml
new file mode 100644
index 0000000..fad4d72
--- /dev/null
+++ b/man/login.defs.d/ERASECHAR.xml
@@ -0,0 +1,43 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>ERASECHAR</option> (number)</term>
+ <listitem>
+ <para>
+ Terminal ERASE character (<replaceable>010</replaceable> =
+ backspace, <replaceable>0177</replaceable> = DEL).
+ </para>
+ <para>
+ The value can be prefixed "0" for an octal value, or "0x" for an
+ hexadecimal value.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/FAILLOG_ENAB.xml b/man/login.defs.d/FAILLOG_ENAB.xml
new file mode 100644
index 0000000..5a52557
--- /dev/null
+++ b/man/login.defs.d/FAILLOG_ENAB.xml
@@ -0,0 +1,39 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>FAILLOG_ENAB</option> (boolean)</term>
+ <listitem>
+ <para>
+ Enable logging and display of <filename>/var/log/faillog</filename>
+ login failure info.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/FAIL_DELAY.xml b/man/login.defs.d/FAIL_DELAY.xml
new file mode 100644
index 0000000..060ca0a
--- /dev/null
+++ b/man/login.defs.d/FAIL_DELAY.xml
@@ -0,0 +1,39 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>FAIL_DELAY</option> (number)</term>
+ <listitem>
+ <para>
+ Delay in seconds before being allowed another attempt after a login
+ failure.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/FAKE_SHELL.xml b/man/login.defs.d/FAKE_SHELL.xml
new file mode 100644
index 0000000..967acaa
--- /dev/null
+++ b/man/login.defs.d/FAKE_SHELL.xml
@@ -0,0 +1,39 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>FAKE_SHELL</option> (string)</term>
+ <listitem>
+ <para>
+ If set, <command>login</command> will execute this shell instead of
+ the users' shell specified in <filename>/etc/passwd</filename>.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/FTMP_FILE.xml b/man/login.defs.d/FTMP_FILE.xml
new file mode 100644
index 0000000..255569a
--- /dev/null
+++ b/man/login.defs.d/FTMP_FILE.xml
@@ -0,0 +1,38 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>FTMP_FILE</option> (string)</term>
+ <listitem>
+ <para>
+ If defined, login failures will be logged in this file in a utmp format.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/GID_MAX.xml b/man/login.defs.d/GID_MAX.xml
new file mode 100644
index 0000000..639eafb
--- /dev/null
+++ b/man/login.defs.d/GID_MAX.xml
@@ -0,0 +1,45 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>GID_MAX</option> (number)</term>
+ <term><option>GID_MIN</option> (number)</term>
+ <listitem>
+ <para>
+ Range of group IDs used for the creation of regular groups by
+ <command>useradd</command>, <command>groupadd</command>, or
+ <command>newusers</command>.
+ </para>
+ <para>
+ The default value for <option>GID_MIN</option> (resp.
+ <option>GID_MAX</option>) is 1000 (resp. 60000).
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/HUSHLOGIN_FILE.xml b/man/login.defs.d/HUSHLOGIN_FILE.xml
new file mode 100644
index 0000000..edb0262
--- /dev/null
+++ b/man/login.defs.d/HUSHLOGIN_FILE.xml
@@ -0,0 +1,42 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>HUSHLOGIN_FILE</option> (string)</term>
+ <listitem>
+ <para>
+ If defined, this file can inhibit all the usual chatter during the
+ login sequence. If a full pathname is specified, then hushed mode
+ will be enabled if the user's name or shell are found in the file.
+ If not a full pathname, then hushed mode will be enabled if the file
+ exists in the user's home directory.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ISSUE_FILE.xml b/man/login.defs.d/ISSUE_FILE.xml
new file mode 100644
index 0000000..12c22a7
--- /dev/null
+++ b/man/login.defs.d/ISSUE_FILE.xml
@@ -0,0 +1,38 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>ISSUE_FILE</option> (string)</term>
+ <listitem>
+ <para>
+ If defined, this file will be displayed before each login prompt.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/KILLCHAR.xml b/man/login.defs.d/KILLCHAR.xml
new file mode 100644
index 0000000..fea9f87
--- /dev/null
+++ b/man/login.defs.d/KILLCHAR.xml
@@ -0,0 +1,42 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>KILLCHAR</option> (number)</term>
+ <listitem>
+ <para>
+ Terminal KILL character (<replaceable>025</replaceable> = CTRL/U).
+ </para>
+ <para>
+ The value can be prefixed "0" for an octal value, or "0x" for an
+ hexadecimal value.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LASTLOG_ENAB.xml b/man/login.defs.d/LASTLOG_ENAB.xml
new file mode 100644
index 0000000..c264a89
--- /dev/null
+++ b/man/login.defs.d/LASTLOG_ENAB.xml
@@ -0,0 +1,38 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>LASTLOG_ENAB</option> (boolean)</term>
+ <listitem>
+ <para>
+ Enable logging and display of /var/log/lastlog login time info.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LOGIN_RETRIES.xml b/man/login.defs.d/LOGIN_RETRIES.xml
new file mode 100644
index 0000000..3de450d
--- /dev/null
+++ b/man/login.defs.d/LOGIN_RETRIES.xml
@@ -0,0 +1,44 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>LOGIN_RETRIES</option> (number)</term>
+ <listitem>
+ <para>
+ Maximum number of login retries in case of bad password.
+ </para>
+ <para condition="pam">
+ This will most likely be overridden by PAM, since the default
+ pam_unix module has its own built in of 3 retries. However, this is
+ a safe fallback in case you are using an authentication module that
+ does not enforce PAM_MAXTRIES.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LOGIN_STRING.xml b/man/login.defs.d/LOGIN_STRING.xml
new file mode 100644
index 0000000..3743afe
--- /dev/null
+++ b/man/login.defs.d/LOGIN_STRING.xml
@@ -0,0 +1,44 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>LOGIN_STRING</option> (string)</term>
+ <listitem>
+ <para>
+ The string used for prompting a password. The default is to use
+ "Password: ", or a translation of that string. If you set this
+ variable, the prompt will not be translated.
+ </para>
+ <para>
+ If the string contains <replaceable>%s</replaceable>, this will be
+ replaced by the user's name.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LOGIN_TIMEOUT.xml b/man/login.defs.d/LOGIN_TIMEOUT.xml
new file mode 100644
index 0000000..05b7cff
--- /dev/null
+++ b/man/login.defs.d/LOGIN_TIMEOUT.xml
@@ -0,0 +1,38 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>LOGIN_TIMEOUT</option> (number)</term>
+ <listitem>
+ <para>
+ Max time in seconds for login.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LOG_OK_LOGINS.xml b/man/login.defs.d/LOG_OK_LOGINS.xml
new file mode 100644
index 0000000..ec11580
--- /dev/null
+++ b/man/login.defs.d/LOG_OK_LOGINS.xml
@@ -0,0 +1,38 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>LOG_OK_LOGINS</option> (boolean)</term>
+ <listitem>
+ <para>
+ Enable logging of successful logins.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LOG_UNKFAIL_ENAB.xml b/man/login.defs.d/LOG_UNKFAIL_ENAB.xml
new file mode 100644
index 0000000..2bc0ca2
--- /dev/null
+++ b/man/login.defs.d/LOG_UNKFAIL_ENAB.xml
@@ -0,0 +1,43 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>LOG_UNKFAIL_ENAB</option> (boolean)</term>
+ <listitem>
+ <para>
+ Enable display of unknown usernames when login failures are
+ recorded.
+ </para>
+ <para>
+ Note: logging unknown usernames may be a security issue if an user
+ enter her password instead of her login name.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/MAIL_CHECK_ENAB.xml b/man/login.defs.d/MAIL_CHECK_ENAB.xml
new file mode 100644
index 0000000..62dece0
--- /dev/null
+++ b/man/login.defs.d/MAIL_CHECK_ENAB.xml
@@ -0,0 +1,42 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>MAIL_CHECK_ENAB</option> (boolean)</term>
+ <listitem>
+ <para>
+ Enable checking and display of mailbox status upon login.
+ </para>
+ <para>
+ You should disable it if the shell startup files already check for
+ mail ("mailx -e" or equivalent).
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/MAIL_DIR.xml b/man/login.defs.d/MAIL_DIR.xml
new file mode 100644
index 0000000..60b82d6
--- /dev/null
+++ b/man/login.defs.d/MAIL_DIR.xml
@@ -0,0 +1,60 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>MAIL_DIR</option> (string)</term>
+ <listitem>
+ <para>
+ The mail spool directory. This is needed to manipulate the mailbox
+ when its corresponding user account is modified or deleted. If not
+ specified, a compile-time default is used.
+ </para>
+ </listitem>
+</varlistentry><varlistentry>
+ <term><option>MAIL_FILE</option> (string)</term>
+ <listitem>
+ <para>
+ Defines the location of the users mail spool files relatively to
+ their home directory.
+ </para>
+ </listitem>
+</varlistentry>
+<!-- FIXME: MAIL_FILE not used in useradd -->
+<para>
+ The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables
+ are used by <command>useradd</command>, <command>usermod</command>, and
+ <command>userdel</command> to create, move, or delete the user's mail
+ spool.
+</para>
+<para condition="no_pam">
+ If <option>MAIL_CHECK_ENAB</option> is set to
+ <replaceable>yes</replaceable>, they are also used to define the
+ <envar>MAIL</envar> environment variable.
+</para>
diff --git a/man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml b/man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml
new file mode 100644
index 0000000..45975d9
--- /dev/null
+++ b/man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml
@@ -0,0 +1,57 @@
+<!--
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>MAX_MEMBERS_PER_GROUP</option> (number)</term>
+ <listitem>
+ <para>
+ Maximum members per group entry. When the maximum is reached, a new
+ group entry (line) is started in <filename>/etc/group</filename>
+ (with the same name, same password, and same GID).
+ </para>
+ <para>
+ The default value is 0, meaning that there are no limits in the
+ number of members in a group.
+ </para>
+ <!-- Note: on HP, split groups have the same ID, but different
+ names. -->
+ <para>
+ This feature (split group) permits to limit the length of lines in
+ the group file. This is useful to make sure that lines for NIS
+ groups are not larger than 1024 characters.
+ </para>
+ <para>
+ If you need to enforce such limit, you can use 25.
+ </para>
+ <para>
+ Note: split groups may not be supported by all tools (even in the
+ Shadow toolsuite). You should not use this variable unless you really
+ need it.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/MD5_CRYPT_ENAB.xml b/man/login.defs.d/MD5_CRYPT_ENAB.xml
new file mode 100644
index 0000000..be9426e
--- /dev/null
+++ b/man/login.defs.d/MD5_CRYPT_ENAB.xml
@@ -0,0 +1,60 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>MD5_CRYPT_ENAB</option> (boolean)</term>
+ <listitem>
+ <para>
+ Indicate if passwords must be encrypted using the MD5-based
+ algorithm. If set to <replaceable>yes</replaceable>, new passwords
+ will be encrypted using the MD5-based algorithm compatible with the
+ one used by recent releases of FreeBSD. It supports passwords of
+ unlimited length and longer salt strings. Set to
+ <replaceable>no</replaceable> if you need to copy encrypted
+ passwords to other systems which don't understand the new algorithm.
+ Default is <replaceable>no</replaceable>.
+ </para>
+ <para>
+ This variable is superseded by the <option>ENCRYPT_METHOD</option>
+ variable or by any command line option used to configure the
+ encryption algorithm.
+ </para>
+ <para>
+ This variable is deprecated. You should use
+ <option>ENCRYPT_METHOD</option>.
+ </para>
+ <para condition="pam">
+ Note: This only affect the generation of group passwords.
+ The generation of user passwords is done by PAM and subject to the
+ PAM configuration. It is recommended to set this variable
+ consistently with the PAM configuration.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/MOTD_FILE.xml b/man/login.defs.d/MOTD_FILE.xml
new file mode 100644
index 0000000..b472e71
--- /dev/null
+++ b/man/login.defs.d/MOTD_FILE.xml
@@ -0,0 +1,39 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>MOTD_FILE</option> (string)</term>
+ <listitem>
+ <para>
+ If defined, ":" delimited list of "message of the day" files to be
+ displayed upon login.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/NOLOGINS_FILE.xml b/man/login.defs.d/NOLOGINS_FILE.xml
new file mode 100644
index 0000000..fde79f5
--- /dev/null
+++ b/man/login.defs.d/NOLOGINS_FILE.xml
@@ -0,0 +1,40 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>NOLOGINS_FILE</option> (string)</term>
+ <listitem>
+ <para>
+ If defined, name of file whose presence will inhibit non-root
+ logins. The contents of this file should be a message indicating
+ why logins are inhibited.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/OBSCURE_CHECKS_ENAB.xml b/man/login.defs.d/OBSCURE_CHECKS_ENAB.xml
new file mode 100644
index 0000000..5eb1d65
--- /dev/null
+++ b/man/login.defs.d/OBSCURE_CHECKS_ENAB.xml
@@ -0,0 +1,38 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>OBSCURE_CHECKS_ENAB</option> (boolean)</term>
+ <listitem>
+ <para>
+ Enable additional checks upon password changes.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_ALWAYS_WARN.xml b/man/login.defs.d/PASS_ALWAYS_WARN.xml
new file mode 100644
index 0000000..8687488
--- /dev/null
+++ b/man/login.defs.d/PASS_ALWAYS_WARN.xml
@@ -0,0 +1,38 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>PASS_ALWAYS_WARN</option> (boolean)</term>
+ <listitem>
+ <para>
+ Warn about weak passwords (but still allow them) if you are root.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_CHANGE_TRIES.xml b/man/login.defs.d/PASS_CHANGE_TRIES.xml
new file mode 100644
index 0000000..f6f6d1d
--- /dev/null
+++ b/man/login.defs.d/PASS_CHANGE_TRIES.xml
@@ -0,0 +1,39 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>PASS_CHANGE_TRIES</option> (number)</term>
+ <listitem>
+ <para>
+ Maximum number of attempts to change password if rejected (too
+ easy).
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_MAX_DAYS.xml b/man/login.defs.d/PASS_MAX_DAYS.xml
new file mode 100644
index 0000000..7df51a2
--- /dev/null
+++ b/man/login.defs.d/PASS_MAX_DAYS.xml
@@ -0,0 +1,40 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>PASS_MAX_DAYS</option> (number)</term>
+ <listitem>
+ <para>
+ The maximum number of days a password may be used. If the password
+ is older than this, a password change will be forced. If not
+ specified, -1 will be assumed (which disables the restriction).
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_MAX_LEN.xml b/man/login.defs.d/PASS_MAX_LEN.xml
new file mode 100644
index 0000000..2b9e024
--- /dev/null
+++ b/man/login.defs.d/PASS_MAX_LEN.xml
@@ -0,0 +1,43 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>PASS_MAX_LEN</option> (number)</term>
+ <term><option>PASS_MIN_LEN</option> (number)</term>
+ <listitem>
+ <para>
+ Number of significant characters in the password for crypt().
+ <option>PASS_MAX_LEN</option> is 8 by default. Don't change unless
+ your crypt() is better. This is ignored if
+ <option>MD5_CRYPT_ENAB</option> set to
+ <replaceable>yes</replaceable>.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_MIN_DAYS.xml b/man/login.defs.d/PASS_MIN_DAYS.xml
new file mode 100644
index 0000000..14f68eb
--- /dev/null
+++ b/man/login.defs.d/PASS_MIN_DAYS.xml
@@ -0,0 +1,40 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>PASS_MIN_DAYS</option> (number)</term>
+ <listitem>
+ <para>
+ The minimum number of days allowed between password changes. Any
+ password changes attempted sooner than this will be rejected. If not
+ specified, -1 will be assumed (which disables the restriction).
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_WARN_AGE.xml b/man/login.defs.d/PASS_WARN_AGE.xml
new file mode 100644
index 0000000..fc03f1d
--- /dev/null
+++ b/man/login.defs.d/PASS_WARN_AGE.xml
@@ -0,0 +1,41 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>PASS_WARN_AGE</option> (number)</term>
+ <listitem>
+ <para>
+ The number of days warning given before a password expires. A zero
+ means warning is given only upon the day of expiration, a negative
+ value means no warning is given. If not specified, no warning will
+ be provided.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PORTTIME_CHECKS_ENAB.xml b/man/login.defs.d/PORTTIME_CHECKS_ENAB.xml
new file mode 100644
index 0000000..0ba7c3a
--- /dev/null
+++ b/man/login.defs.d/PORTTIME_CHECKS_ENAB.xml
@@ -0,0 +1,39 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>PORTTIME_CHECKS_ENAB</option> (boolean)</term>
+ <listitem>
+ <para>
+ Enable checking of time restrictions specified in
+ <filename>/etc/porttime</filename>.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/QUOTAS_ENAB.xml b/man/login.defs.d/QUOTAS_ENAB.xml
new file mode 100644
index 0000000..2a68b21
--- /dev/null
+++ b/man/login.defs.d/QUOTAS_ENAB.xml
@@ -0,0 +1,40 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>QUOTAS_ENAB</option> (boolean)</term>
+ <listitem>
+ <para>
+ Enable setting of resource limits from
+ <filename>/etc/limits</filename> and ulimit, umask, and niceness
+ from the user's passwd gecos field.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml b/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml
new file mode 100644
index 0000000..0755e69
--- /dev/null
+++ b/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml
@@ -0,0 +1,69 @@
+<!--
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="sha_crypt">
+ <term><option>SHA_CRYPT_MIN_ROUNDS</option> (number)</term>
+ <term><option>SHA_CRYPT_MAX_ROUNDS</option> (number)</term>
+ <listitem>
+ <para>
+ When <option>ENCRYPT_METHOD</option> is set to
+ <replaceable>SHA256</replaceable> or
+ <replaceable>SHA512</replaceable>, this defines the number of SHA
+ rounds used by the encryption algorithm by default (when the number
+ of rounds is not specified on the command line).
+ </para>
+ <para>
+ With a lot of rounds, it is more difficult to brute forcing the
+ password. But note also that more CPU resources will be needed to
+ authenticate users.
+ </para>
+ <para>
+ If not specified, the libc will choose the default number of rounds
+ (5000).
+ </para>
+ <para>
+ The values must be inside the 1000-999,999,999 range.
+ </para>
+ <para>
+ If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or
+ <option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value
+ will be used.
+ </para>
+ <para>
+ If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt;
+ <option>SHA_CRYPT_MAX_ROUNDS</option>, the highest value will be
+ used.
+ </para>
+ <para condition="pam">
+ Note: This only affect the generation of group passwords.
+ The generation of user passwords is done by PAM and subject to the
+ PAM configuration. It is recommended to set this variable
+ consistently with the PAM configuration.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SUB_GID_COUNT.xml b/man/login.defs.d/SUB_GID_COUNT.xml
new file mode 100644
index 0000000..01ace00
--- /dev/null
+++ b/man/login.defs.d/SUB_GID_COUNT.xml
@@ -0,0 +1,48 @@
+<!--
+ Copyright (c) 2013, Eric W. Biederman
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="subids">
+ <term><option>SUB_GID_MIN</option> (number)</term>
+ <term><option>SUB_GID_MAX</option> (number)</term>
+ <term><option>SUB_GID_COUNT</option> (number)</term>
+ <listitem>
+ <para>
+ If <filename>/etc/subuid</filename> exists, the commands
+ <command>useradd</command> and <command>newusers</command> (unless
+ the user already have subordinate group IDs) allocate
+ <option>SUB_GID_COUNT</option> unused group IDs from the range
+ <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</option> for each
+ new user.
+ </para>
+ <para>
+ The default values for <option>SUB_GID_MIN</option>,
+ <option>SUB_GID_MAX</option>, <option>SUB_GID_COUNT</option>
+ are respectively 100000, 600100000 and 10000.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SUB_UID_COUNT.xml b/man/login.defs.d/SUB_UID_COUNT.xml
new file mode 100644
index 0000000..5ad812f
--- /dev/null
+++ b/man/login.defs.d/SUB_UID_COUNT.xml
@@ -0,0 +1,48 @@
+<!--
+ Copyright (c) 2013, Eric W. Biederman
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="subids">
+ <term><option>SUB_UID_MIN</option> (number)</term>
+ <term><option>SUB_UID_MAX</option> (number)</term>
+ <term><option>SUB_UID_COUNT</option> (number)</term>
+ <listitem>
+ <para>
+ If <filename>/etc/subuid</filename> exists, the commands
+ <command>useradd</command> and <command>newusers</command> (unless
+ the user already have subordinate user IDs) allocate
+ <option>SUB_UID_COUNT</option> unused user IDs from the range
+ <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</option> for each
+ new user.
+ </para>
+ <para>
+ The default values for <option>SUB_UID_MIN</option>,
+ <option>SUB_UID_MAX</option>, <option>SUB_UID_COUNT</option>
+ are respectively 100000, 600100000 and 10000.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SULOG_FILE.xml b/man/login.defs.d/SULOG_FILE.xml
new file mode 100644
index 0000000..d5d07c8
--- /dev/null
+++ b/man/login.defs.d/SULOG_FILE.xml
@@ -0,0 +1,38 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>SULOG_FILE</option> (string)</term>
+ <listitem>
+ <para>
+ If defined, all su activity is logged to this file.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SU_NAME.xml b/man/login.defs.d/SU_NAME.xml
new file mode 100644
index 0000000..0a9dfdb
--- /dev/null
+++ b/man/login.defs.d/SU_NAME.xml
@@ -0,0 +1,41 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>SU_NAME</option> (string)</term>
+ <listitem>
+ <para>
+ If defined, the command name to display when running "su -". For
+ example, if this is defined as "su" then a "ps" will display the
+ command is "-su". If not defined, then "ps" would display the name
+ of the shell actually being run, e.g. something like "-sh".
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SU_WHEEL_ONLY.xml b/man/login.defs.d/SU_WHEEL_ONLY.xml
new file mode 100644
index 0000000..7b8e0bc
--- /dev/null
+++ b/man/login.defs.d/SU_WHEEL_ONLY.xml
@@ -0,0 +1,44 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!-- TODO: TBC -->
+<varlistentry condition="no_pam">
+ <term><option>SU_WHEEL_ONLY</option> (boolean)</term>
+ <listitem>
+ <para>
+ If <replaceable>yes</replaceable>, the user must be listed as a
+ member of the first gid 0 group in <filename>/etc/group</filename>
+ (called <replaceable>root</replaceable> on most Linux systems) to be
+ able to <command>su</command> to uid 0 accounts. If the group
+ doesn't exist or is empty, no one will be able to
+ <command>su</command> to uid 0.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SYSLOG_SG_ENAB.xml b/man/login.defs.d/SYSLOG_SG_ENAB.xml
new file mode 100644
index 0000000..0705537
--- /dev/null
+++ b/man/login.defs.d/SYSLOG_SG_ENAB.xml
@@ -0,0 +1,38 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>SYSLOG_SG_ENAB</option> (boolean)</term>
+ <listitem>
+ <para>
+ Enable "syslog" logging of <command>sg</command> activity.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SYSLOG_SU_ENAB.xml b/man/login.defs.d/SYSLOG_SU_ENAB.xml
new file mode 100644
index 0000000..af94a23
--- /dev/null
+++ b/man/login.defs.d/SYSLOG_SU_ENAB.xml
@@ -0,0 +1,39 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>SYSLOG_SU_ENAB</option> (boolean)</term>
+ <listitem>
+ <para>
+ Enable "syslog" logging of <command>su</command> activity - in
+ addition to sulog file logging.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SYS_GID_MAX.xml b/man/login.defs.d/SYS_GID_MAX.xml
new file mode 100644
index 0000000..4a9ed28
--- /dev/null
+++ b/man/login.defs.d/SYS_GID_MAX.xml
@@ -0,0 +1,43 @@
+<!--
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>SYS_GID_MAX</option> (number)</term>
+ <term><option>SYS_GID_MIN</option> (number)</term>
+ <listitem>
+ <para>
+ Range of group IDs used for the creation of system groups by
+ <command>useradd</command>, <command>groupadd</command>, or
+ <command>newusers</command>.
+ </para>
+ <para>
+ The default value for <option>SYS_GID_MIN</option> (resp.
+ <option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1).
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SYS_UID_MAX.xml b/man/login.defs.d/SYS_UID_MAX.xml
new file mode 100644
index 0000000..3ca6cee
--- /dev/null
+++ b/man/login.defs.d/SYS_UID_MAX.xml
@@ -0,0 +1,42 @@
+<!--
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>SYS_UID_MAX</option> (number)</term>
+ <term><option>SYS_UID_MIN</option> (number)</term>
+ <listitem>
+ <para>
+ Range of user IDs used for the creation of system users by
+ <command>useradd</command> or <command>newusers</command>.
+ </para>
+ <para>
+ The default value for <option>SYS_UID_MIN</option> (resp.
+ <option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1).
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/TCB_AUTH_GROUP.xml b/man/login.defs.d/TCB_AUTH_GROUP.xml
new file mode 100644
index 0000000..f9c9f72
--- /dev/null
+++ b/man/login.defs.d/TCB_AUTH_GROUP.xml
@@ -0,0 +1,37 @@
+<!--
+ Copyright (c) 2010, Pawel Hajdan
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="tcb">
+ <term><option>TCB_AUTH_GROUP</option> (boolean)</term>
+ <listitem>
+ <para>
+ If <replaceable>yes</replaceable>, newly created tcb shadow files
+ will be group owned by the <replaceable>auth</replaceable> group.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/TCB_SYMLINKS.xml b/man/login.defs.d/TCB_SYMLINKS.xml
new file mode 100644
index 0000000..76b34fb
--- /dev/null
+++ b/man/login.defs.d/TCB_SYMLINKS.xml
@@ -0,0 +1,53 @@
+<!--
+ Copyright (c) 2010, Pawel Hajdan
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="tcb">
+ <term><option>TCB_SYMLINKS</option> (boolean)</term>
+ <listitem>
+ <para>
+ If <replaceable>yes</replaceable>, the location of the user tcb
+ directory to be created will not be automatically set to /etc/tcb/user,
+ but will be computed depending on the UID of the user, according to
+ the following algorithm:
+ <programlisting>
+if ( UID is less than 1000) {
+ use /etc/tcb/user
+} else if ( UID is less than 1000000) {
+ kilos = UID / 1000
+ use /etc/tcb/:kilos/user
+ make symlink /etc/tcb/user to the above directory
+} else {
+ megas = UID / 1000000
+ kilos = ( UID / megas * 1000000 ) / 1000
+ use /etc/tcb/:megas/:kilos/user
+ make symlink /etc/tcb/user to the above directory
+}
+ </programlisting>
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/TTYGROUP.xml b/man/login.defs.d/TTYGROUP.xml
new file mode 100644
index 0000000..474f31b
--- /dev/null
+++ b/man/login.defs.d/TTYGROUP.xml
@@ -0,0 +1,56 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>TTYGROUP</option> (string)</term>
+ <term><option>TTYPERM</option> (string)</term>
+ <listitem>
+ <para>
+ The terminal permissions: the login tty will be owned by the
+ <option>TTYGROUP</option> group, and the permissions will be set to
+ <option>TTYPERM</option>.
+ </para>
+ <para>
+ By default, the ownership of the terminal is set to the user's
+ primary group and the permissions are set to
+ <replaceable>0600</replaceable>.
+ </para>
+ <para>
+ <option>TTYGROUP</option> can be either the name of a group or a
+ numeric group identifier.
+ </para>
+ <para>
+ If you have a <command>write</command> program which is "setgid" to
+ a special group which owns the terminals, define TTYGROUP to the
+ group number and TTYPERM to 0620. Otherwise leave TTYGROUP
+ commented out and assign TTYPERM to either 622 or 600.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/TTYTYPE_FILE.xml b/man/login.defs.d/TTYTYPE_FILE.xml
new file mode 100644
index 0000000..f3e8509
--- /dev/null
+++ b/man/login.defs.d/TTYTYPE_FILE.xml
@@ -0,0 +1,39 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>TTYTYPE_FILE</option> (string)</term>
+ <listitem>
+ <para>
+ If defined, file which maps tty line to TERM environment parameter.
+ Each line of the file is in a format something like "vt100 tty01".
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/UID_MAX.xml b/man/login.defs.d/UID_MAX.xml
new file mode 100644
index 0000000..77cf41f
--- /dev/null
+++ b/man/login.defs.d/UID_MAX.xml
@@ -0,0 +1,44 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>UID_MAX</option> (number)</term>
+ <term><option>UID_MIN</option> (number)</term>
+ <listitem>
+ <para>
+ Range of user IDs used for the creation of regular users by
+ <command>useradd</command> or <command>newusers</command>.
+ </para>
+ <para>
+ The default value for <option>UID_MIN</option> (resp.
+ <option>UID_MAX</option>) is 1000 (resp. 60000).
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ULIMIT.xml b/man/login.defs.d/ULIMIT.xml
new file mode 100644
index 0000000..3cf4267
--- /dev/null
+++ b/man/login.defs.d/ULIMIT.xml
@@ -0,0 +1,38 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+ <term><option>ULIMIT</option> (number)</term>
+ <listitem>
+ <para>
+ Default <command>ulimit</command> value.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/UMASK.xml b/man/login.defs.d/UMASK.xml
new file mode 100644
index 0000000..d7b71a5
--- /dev/null
+++ b/man/login.defs.d/UMASK.xml
@@ -0,0 +1,55 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2009, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>UMASK</option> (number)</term>
+ <listitem>
+ <para>
+ The file mode creation mask is initialized to this value. If not
+ specified, the mask will be initialized to 022.
+ </para>
+ <para>
+ <command>useradd</command> and <command>newusers</command> use this
+ mask to set the mode of the home directory they create
+ </para>
+ <para condition="no_pam">
+ It is also used by <command>login</command> to define users' initial
+ umask. Note that this mask can be overridden by the user's GECOS
+ line (if <option>QUOTAS_ENAB</option> is set) or by the
+ specification of a limit with the <emphasis>K</emphasis> identifier
+ in <citerefentry><refentrytitle>limits</refentrytitle>
+ <manvolnum>5</manvolnum></citerefentry>.
+ </para>
+ <para condition="pam">
+ It is also used by <command>pam_umask</command> as the default umask
+ value.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/USERDEL_CMD.xml b/man/login.defs.d/USERDEL_CMD.xml
new file mode 100644
index 0000000..40800b2
--- /dev/null
+++ b/man/login.defs.d/USERDEL_CMD.xml
@@ -0,0 +1,72 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ Copyright (c) 2007 - 2009, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>USERDEL_CMD</option> (string)</term>
+ <listitem>
+ <para>
+ If defined, this command is run when removing a user. It should
+ remove any at/cron/print jobs etc. owned by the user to be removed
+ (passed as the first argument).
+ </para>
+ <para>
+ The return code of the script is not taken into account.
+ </para>
+ <para>
+ Here is an example script, which removes the user's
+ cron, at and print jobs:
+ <programlisting>
+#! /bin/sh
+
+# Check for the required argument.
+if [ $# != 1 ]; then
+ echo "Usage: $0 username"
+ exit 1
+fi
+
+# Remove cron jobs.
+crontab -r -u $1
+
+# Remove at jobs.
+# Note that it will remove any jobs owned by the same UID,
+# even if it was shared by a different username.
+AT_SPOOL_DIR=/var/spool/cron/atjobs
+find $AT_SPOOL_DIR -name "[^.]*" -type f -user $1 -delete \;
+
+# Remove print jobs.
+lprm $1
+
+# All done.
+exit 0
+ </programlisting>
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/USERGROUPS_ENAB.xml b/man/login.defs.d/USERGROUPS_ENAB.xml
new file mode 100644
index 0000000..daa8892
--- /dev/null
+++ b/man/login.defs.d/USERGROUPS_ENAB.xml
@@ -0,0 +1,46 @@
+<!--
+ Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ Copyright (c) 1991 - 1993, Chip Rosenthal
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+ <term><option>USERGROUPS_ENAB</option> (boolean)</term>
+ <listitem>
+ <para condition="no_pam">
+ Enable setting of the umask group bits to be the same as owner bits
+ (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
+ the same as gid, and username is the same as the primary group name.
+ </para>
+ <para>
+ If set to <replaceable>yes</replaceable>, <command>userdel</command>
+ will remove the user's group if it contains no more members, and
+ <command>useradd</command> will create by default a group with the
+ name of the user.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/USE_TCB.xml b/man/login.defs.d/USE_TCB.xml
new file mode 100644
index 0000000..6fbe4d9
--- /dev/null
+++ b/man/login.defs.d/USE_TCB.xml
@@ -0,0 +1,38 @@
+<!--
+ Copyright (c) 2010, Pawel Hajdan
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="tcb">
+ <term><option>USE_TCB</option> (boolean)</term>
+ <listitem>
+ <para>
+ If <replaceable>yes</replaceable>, the <citerefentry>
+ <refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ password shadowing scheme will be used.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/man/logoutd.8.xml b/man/logoutd.8.xml
new file mode 100644
index 0000000..13b1337
--- /dev/null
+++ b/man/logoutd.8.xml
@@ -0,0 +1,105 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 , Julianne Frances Haugh
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='logoutd.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>logoutd</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>logoutd</refname>
+ <refpurpose>enforce login time restrictions</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>logoutd</command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ <command>logoutd</command> enforces the login time and port
+ restrictions specified in <filename>/etc/porttime</filename>.
+ <command>logoutd</command> should be started from
+ <filename>/etc/rc</filename>. The <filename>/var/run/utmp</filename>
+ file is scanned periodically and each user name is checked to see if
+ the named user is permitted on the named port at the current time.
+ Any login session which is violating the restrictions in
+ <filename>/etc/porttime</filename> is terminated.
+ </para>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/porttime</filename></term>
+ <listitem>
+ <para>File containing port access.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/var/run/utmp</filename></term>
+ <listitem>
+ <para>List of current login sessions.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+</refentry>
diff --git a/man/newgidmap.1.xml b/man/newgidmap.1.xml
new file mode 100644
index 0000000..864bad1
--- /dev/null
+++ b/man/newgidmap.1.xml
@@ -0,0 +1,183 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 2013 Eric W. Biederman
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='newgidmap.1'>
+ <refmeta>
+ <refentrytitle>newgidmap</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>newgidmap</refname>
+ <refpurpose>set the gid mapping of a user namespace</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>newgidmap</command>
+ <arg choice='plain'>
+ <replaceable>pid</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>gid</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>lowergid</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>count</replaceable>
+ </arg>
+ <arg choice='opt'>
+ <arg choice='plain'>
+ <replaceable>gid</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>lowergid</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>count</replaceable>
+ </arg>
+ <arg choice='opt'>
+ <replaceable>...</replaceable>
+ </arg>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>newgidmap</command> sets <filename>/proc/[pid]/gid_map</filename> based on its
+ command line arguments and the gids allowed in <filename>/etc/subgid</filename>.
+ Note that the root user is not exempted from the requirement for a valid
+ <filename>/etc/subgid</filename> entry.
+ </para>
+
+ <para>
+ After the pid argument, <command>newgidmap</command> expects sets of 3 integers:
+ <variablelist>
+ <varlistentry>
+ <term>gid</term>
+ <listitem>
+ <para>
+ Beginning of the range of GIDs inside the user namespace.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>lowergid</term>
+ <listitem>
+ <para>
+ Beginning of the range of GIDs outside the user namespace.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>count</term>
+ <listitem>
+ <para>
+ Length of the ranges (both inside and outside the user namespace).
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+
+ <para>
+ <command>newgidmap</command> verifies that the caller is the owner
+ of the process indicated by <option>pid</option> and that for each
+ of the above sets, each of the GIDs in the range [lowergid,
+ lowergid+count] is allowed to the caller according to
+ <filename>/etc/subgid</filename> before setting
+ <filename>/proc/[pid]/gid_map</filename>.
+ </para>
+ <para>
+ Note that newgidmap may be used only once for a given process.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ There currently are no options to the <command>newgidmap</command> command.
+ </para>
+ <variablelist remap='IP'>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/subgid</filename></term>
+ <listitem>
+ <para>List of user's subordinate group IDs.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/proc/[pid]/gid_map</filename></term>
+ <listitem>
+ <para>Mapping of gids from one between user namespaces.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/newgrp.1.xml b/man/newgrp.1.xml
new file mode 100644
index 0000000..62f0625
--- /dev/null
+++ b/man/newgrp.1.xml
@@ -0,0 +1,177 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 , Julianne Frances Haugh
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY SYSLOG_SG_ENAB SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='newgrp.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>newgrp</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>newgrp</refname>
+ <refpurpose>log in to a new group</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>newgrp</command> <arg choice='opt'>- </arg>
+ <arg choice='opt'><replaceable>group</replaceable></arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>newgrp</command> command is used to change the current
+ group ID during a login session. If the optional <option>-</option>
+ flag is given, the user's environment will be reinitialized as though
+ the user had logged in, otherwise the current environment, including
+ current working directory, remains unchanged.
+ </para>
+
+ <para>
+ <command>newgrp</command> changes the current real group ID to the
+ named group, or to the default group listed in
+ <filename>/etc/passwd</filename> if no group name is given.
+ <command>newgrp</command> also tries to add the group to the user
+ groupset. If not root, the user will be prompted for a password if she
+ does not have a password (in <filename>/etc/shadow</filename> if this
+ user has an entry in the shadowed password file, or in
+ <filename>/etc/passwd</filename> otherwise) and the group does, or if
+ the user is not listed as a member and the group has a password. The
+ user will be denied access if the group password is empty and the user
+ is not listed as a member.
+ </para>
+
+ <para condition="gshadow">
+ If there is an entry for this group in
+ <filename>/etc/gshadow</filename>, then the list of members and the
+ password of this group will be taken from this file, otherwise, the
+ entry in <filename>/etc/group</filename> is considered.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &SYSLOG_SG_ENAB;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>id</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry><phrase condition="gshadow">,
+ <citerefentry condition="gshadow">
+ <refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>
+ </phrase>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/newuidmap.1.xml b/man/newuidmap.1.xml
new file mode 100644
index 0000000..a97b7f9
--- /dev/null
+++ b/man/newuidmap.1.xml
@@ -0,0 +1,182 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 2013 Eric W. Biederman
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='newuidmap.1'>
+ <refmeta>
+ <refentrytitle>newuidmap</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>newuidmap</refname>
+ <refpurpose>set the uid mapping of a user namespace</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>newuidmap</command>
+ <arg choice='plain'>
+ <replaceable>pid</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>uid</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>loweruid</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>count</replaceable>
+ </arg>
+ <arg choice='opt'>
+ <arg choice='plain'>
+ <replaceable>uid</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>loweruid</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>count</replaceable>
+ </arg>
+ <arg choice='opt'>
+ <replaceable>...</replaceable>
+ </arg>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>newuidmap</command> sets <filename>/proc/[pid]/uid_map</filename> based on its
+ command line arguments and the uids allowed in <filename>/etc/subuid</filename>.
+ Note that the root user is not exempted from the requirement for a valid
+ <filename>/etc/subuid</filename> entry.
+ </para>
+
+ <para>
+ After the pid argument, <command>newuidmap</command> expects sets of 3 integers:
+ <variablelist>
+ <varlistentry>
+ <term>uid</term>
+ <listitem>
+ <para>
+ Beginning of the range of UIDs inside the user namespace.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>loweruid</term>
+ <listitem>
+ <para>
+ Beginning of the range of UIDs outside the user namespace.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>count</term>
+ <listitem>
+ <para>
+ Length of the ranges (both inside and outside the user namespace).
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+
+ <para>
+ <command>newuidmap</command> verifies that the caller is the owner
+ of the process indicated by <option>pid</option> and that for each
+ of the above sets, each of the UIDs in the range [loweruid,
+ loweruid+count] is allowed to the caller according to
+ <filename>/etc/subuid</filename> before setting
+ <filename>/proc/[pid]/uid_map</filename>.
+ </para>
+ <para>
+ Note that newuidmap may be used only once for a given process.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ There currently are no options to the <command>newuidmap</command> command.
+ </para>
+ <variablelist remap='IP'>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/subuid</filename></term>
+ <listitem>
+ <para>List of user's subordinate user IDs.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/proc/[pid]/uid_map</filename></term>
+ <listitem>
+ <para>Mapping of uids from one between user namespaces.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/newusers.8.xml b/man/newusers.8.xml
new file mode 100644
index 0000000..ff6dc1c
--- /dev/null
+++ b/man/newusers.8.xml
@@ -0,0 +1,472 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY GID_MAX SYSTEM "login.defs.d/GID_MAX.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
+<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
+<!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!ENTITY SUB_GID_COUNT SYSTEM "login.defs.d/SUB_GID_COUNT.xml">
+<!ENTITY SUB_UID_COUNT SYSTEM "login.defs.d/SUB_UID_COUNT.xml">
+<!ENTITY SYS_GID_MAX SYSTEM "login.defs.d/SYS_GID_MAX.xml">
+<!ENTITY SYS_UID_MAX SYSTEM "login.defs.d/SYS_UID_MAX.xml">
+<!ENTITY UID_MAX SYSTEM "login.defs.d/UID_MAX.xml">
+<!ENTITY UMASK SYSTEM "login.defs.d/UMASK.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='newusers.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>newusers</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>newusers</refname>
+ <refpurpose>update and create new users in batch</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>newusers</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ <arg choice='opt'>
+ <replaceable>file</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>newusers</command> command reads a <replaceable>file</replaceable> (or the standard input by default)
+ and uses this information to update a set
+ of existing users or to create new users. Each line is in the same format
+ as the standard password file (see
+ <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>) with the exceptions explained below:
+ </para>
+ <para>pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell</para>
+
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <emphasis remap='I'>pw_name</emphasis>
+ </term>
+ <listitem>
+ <para>
+ This is the name of the user.
+ </para>
+ <para>
+ It can be the name of a new user or the name of an existing
+ user (or a user created before by
+ <command>newusers</command>). In case of an existing user,
+ the user's information will be changed, otherwise a new user
+ will be created.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis remap='I'>pw_passwd</emphasis>
+ </term>
+ <listitem>
+ <para>
+ This field will be encrypted and used as the new value of the
+ encrypted password.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis remap='I'>pw_uid</emphasis>
+ </term>
+ <listitem>
+ <para>
+ This field is used to define the UID of the user.
+ </para>
+ <para>
+ If the field is empty, a new (unused) UID will be defined
+ automatically by <command>newusers</command>.
+ </para>
+ <para>
+ If this field contains a number, this number will be used as
+ the UID.
+ </para>
+ <para>
+ If this field contains the name of an existing user (or the
+ name of a user created before by
+ <command>newusers</command>), the UID of the specified user
+ will be used.
+ </para>
+ <para>
+ If the UID of an existing user is changed, the files ownership
+ of the user's file should be fixed manually.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis remap='I'>pw_gid</emphasis>
+ </term>
+ <listitem>
+ <para>
+ This field is used to define the primary group ID for the user.
+ </para>
+ <para>
+ If this field contains the name of an existing group (or a
+ group created before by <command>newusers</command>), the GID
+ of this group will be used as the primary group ID for the
+ user.
+ </para>
+ <para>
+ If this field is a number, this number will be used as the
+ primary group ID of the user. If no groups exist with this
+ GID, a new group will be created with this GID, and the name
+ of the user.
+ </para>
+ <para>
+ If this field is empty, a new group will be created with the
+ name of the user and a GID will be automatically defined by
+ <command>newusers</command> to be used as the primary group ID
+ for the user and as the GID for the new group.
+ </para>
+ <para>
+ If this field contains the name of a group which does not
+ exist (and was not created before by
+ <command>newusers</command>), a new group will be created with
+ the specified name and a GID will be automatically defined by
+ <command>newusers</command> to be used as the primary group ID
+ for the user and GID for the new group.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis remap='I'>pw_gecos</emphasis>
+ </term>
+ <listitem>
+ <para>
+ This field is copied in the GECOS field of the user.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis remap='I'>pw_dir</emphasis>
+ </term>
+ <listitem>
+ <para>
+ This field is used to define the home directory of the user.
+ </para>
+ <para>
+ If this field does not specify an existing directory, the
+ specified directory is created, with ownership set to the
+ user being created or updated and its primary group.
+ </para>
+ <para>
+ If the home directory of an existing user is changed,
+ <command>newusers</command> does not move or copy the content
+ of the old directory to the new location. This should be done
+ manually.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis remap='I'>pw_shell</emphasis>
+ </term>
+ <listitem>
+ <para>
+ This field defines the shell of the user.
+ No checks are performed on this field.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ <command>newusers</command> first tries to create or change all the
+ specified users, and then write these changes to the user or group
+ databases. If an error occurs (except in the final writes to the
+ databases), no changes are committed to the databases.
+ </para>
+ <para condition="pam">
+ During this first pass, users are created with a locked password
+ (and passwords are not changed for the users which are not created).
+ A second pass is used to update the passwords using PAM. Failures
+ to update a password are reported, but will not stop the other
+ password updates.
+ </para>
+
+ <para>
+ This command is intended to be used in a large system environment
+ where many accounts are updated at a single time.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>newusers</command> command are:
+ </para>
+ <variablelist remap='IP' condition="no_pam">
+ <varlistentry>
+ <term><option>-c</option>, <option>--crypt-method</option></term>
+ <listitem>
+ <para>Use the specified method to encrypt the passwords.</para>
+ <para>
+ The available methods are DES, MD5, NONE, and SHA256 or SHA512
+ if your libc support these methods.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-r</option>, <option>--system</option>
+ </term>
+ <listitem>
+ <para>
+ Create a system account.
+ </para>
+ <para>
+ System users will be created with no aging information in
+ <filename>/etc/shadow</filename>, and their numeric
+ identifiers are chosen in the
+ <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>
+ range, defined in <filename>login.defs</filename>, instead of
+ <option>UID_MIN</option>-<option>UID_MAX</option> (and their
+ <option>GID</option> counterparts for the creation of groups).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP' condition="no_pam">
+ <varlistentry condition="sha_crypt">
+ <term><option>-s</option>, <option>--sha-rounds</option></term>
+ <listitem>
+ <para>
+ Use the specified number of rounds to encrypt the passwords.
+ </para>
+ <para>
+ The value 0 means that the system will choose the default
+ number of rounds for the crypt method (5000).
+ </para>
+ <para>
+ A minimal value of 1000 and a maximal value of 999,999,999
+ will be enforced.
+ </para>
+ <para>
+ You can only use this option with the SHA256 or SHA512
+ crypt method.
+ </para>
+ <para>
+ By default, the number of rounds is defined by the
+ SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in
+ <filename>/etc/login.defs</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ The input file must be protected since it contains unencrypted
+ passwords.
+ </para>
+ <para condition="no_pam">
+ You should make sure the passwords and the encryption method respect
+ the system's password policy.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist condition="no_pam">
+ &ENCRYPT_METHOD;
+ </variablelist>
+ <variablelist>
+ &GID_MAX; <!-- documents also GID_MIN -->
+ &MAX_MEMBERS_PER_GROUP;
+ </variablelist>
+ <variablelist condition="no_pam">
+ &MD5_CRYPT_ENAB;
+ </variablelist>
+ <variablelist>
+ &PASS_MAX_DAYS;
+ &PASS_MIN_DAYS;
+ &PASS_WARN_AGE;
+ </variablelist>
+ <variablelist condition="no_pam">
+ &SHA_CRYPT_MIN_ROUNDS; <!-- documents also SHA_CRYPT_MAX_ROUNDS-->
+ </variablelist>
+ <variablelist>
+ &SUB_GID_COUNT; <!-- documents also SUB_GID_MAX and SUB_GID_MIN -->
+ &SUB_UID_COUNT; <!-- documents also SUB_UID_MAX and SUB_UID_MIN -->
+ &SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
+ &SYS_UID_MAX; <!-- documents also SYS_UID_MIN -->
+ &UID_MAX; <!-- documents also UID_MIN -->
+ &UMASK;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="pam">
+ <term><filename>/etc/pam.d/newusers</filename></term>
+ <listitem>
+ <para>PAM configuration for <command>newusers</command>.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term><filename>/etc/subgid</filename></term>
+ <listitem>
+ <para>Per user subordinate group IDs.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term><filename>/etc/subuid</filename></term>
+ <listitem>
+ <para>Per user subordinate user IDs.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <phrase condition="subids">
+ <citerefentry>
+ <refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ </phrase>
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/nologin.8.xml b/man/nologin.8.xml
new file mode 100644
index 0000000..ae355d3
--- /dev/null
+++ b/man/nologin.8.xml
@@ -0,0 +1,95 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1993 , The Regents of the University of California
+ Copyright (c) 2006 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='nologin.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>nologin</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>nologin</refname>
+ <refpurpose>politely refuse a login</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>nologin</command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>nologin</command> command displays a message that an account
+ is not available and exits non-zero. It is intended as a replacement shell
+ field for accounts that have been disabled.
+ </para>
+ <para>
+ To disable all logins, investigate
+ <citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id='history'>
+ <title>HISTORY</title>
+ <para>
+ The <command>nologin</command> command appeared in BSD 4.4.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/passwd.1.xml b/man/passwd.1.xml
new file mode 100644
index 0000000..e678448
--- /dev/null
+++ b/man/passwd.1.xml
@@ -0,0 +1,510 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY OBSCURE_CHECKS_ENAB SYSTEM "login.defs.d/OBSCURE_CHECKS_ENAB.xml">
+<!ENTITY PASS_ALWAYS_WARN SYSTEM "login.defs.d/PASS_ALWAYS_WARN.xml">
+<!ENTITY PASS_CHANGE_TRIES SYSTEM "login.defs.d/PASS_CHANGE_TRIES.xml">
+<!ENTITY PASS_MAX_LEN SYSTEM "login.defs.d/PASS_MAX_LEN.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='passwd.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1989</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>passwd</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>passwd</refname>
+ <refpurpose>change user password</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>passwd</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ <arg choice='opt'>
+ <replaceable>LOGIN</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>passwd</command> command changes passwords for user accounts.
+ A normal user may only change the password for his/her own account, while
+ the superuser may change the password for any account.
+ <command>passwd</command> also changes the account or associated
+ password validity period.
+ </para>
+
+ <refsect2 id='password_changes'>
+ <title>Password Changes</title>
+ <para>
+ The user is first prompted for his/her old password, if one is
+ present. This password is then encrypted and compared against the
+ stored password. The user has only one chance to enter the correct
+ password. The superuser is permitted to bypass this step so that
+ forgotten passwords may be changed.
+ </para>
+
+ <para>
+ After the password has been entered, password aging information is
+ checked to see if the user is permitted to change the password at
+ this time. If not, <command>passwd</command> refuses to change the
+ password and exits.
+ </para>
+
+ <para>
+ The user is then prompted twice for a replacement password. The
+ second entry is compared against the first and both are required to
+ match in order for the password to be changed.
+ </para>
+
+ <para>
+ Then, the password is tested for complexity. As a general guideline,
+ passwords should consist of 6 to 8 characters including one or more
+ characters from each of the following sets:
+ </para>
+
+ <itemizedlist mark='bullet'>
+ <listitem>
+ <para>lower case alphabetics</para>
+ </listitem>
+ <listitem>
+ <para>digits 0 thru 9</para>
+ </listitem>
+ <listitem>
+ <para>punctuation marks</para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
+ Care must be taken not to include the system default erase or kill
+ characters. <command>passwd</command> will reject any password which
+ is not suitably complex.
+ </para>
+
+ </refsect2>
+
+ <refsect2 id='hints_for_user_passwords'>
+ <title>Hints for user passwords</title>
+ <para>
+ The security of a password depends upon the strength of the
+ encryption algorithm and the size of the key space. The legacy
+ <emphasis>UNIX</emphasis> System encryption method is based on the
+ NBS DES algorithm. More recent methods are now recommended (see
+ <option>ENCRYPT_METHOD</option>). The size of the key space
+ depends upon the randomness of the password which is selected.
+ </para>
+
+ <para>
+ Compromises in password security normally result from careless
+ password selection or handling. For this reason, you should not
+ select a password which appears in a dictionary or which must be
+ written down. The password should also not be a proper name, your
+ license number, birth date, or street address. Any of these may be
+ used as guesses to violate system security.
+ </para>
+
+ <para>
+ You can find advice on how to choose a strong password on
+ http://en.wikipedia.org/wiki/Password_strength
+ </para>
+ </refsect2>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>passwd</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-a</option>, <option>--all</option>
+ </term>
+ <listitem>
+ <para>
+ This option can be used only with <option>-S</option> and causes show
+ status for all users.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-d</option>, <option>--delete</option>
+ </term>
+ <listitem>
+ <para>
+ Delete a user's password (make it empty). This is a quick way
+ to disable a password for an account. It will set the named
+ account passwordless.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-e</option>, <option>--expire</option>
+ </term>
+ <listitem>
+ <para>
+ Immediately expire an account's password. This in effect can
+ force a user to change his/her password at the user's next login.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ This option is used to disable an account after the password has
+ been expired for a number of days. After a user account has had
+ an expired password for <replaceable>INACTIVE</replaceable>
+ days, the user may no longer sign on to the account.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-k</option>, <option>--keep-tokens</option>
+ </term>
+ <listitem>
+ <para>
+ Indicate password change should be performed only for expired
+ authentication tokens (passwords). The user wishes to keep their
+ non-expired tokens as before.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-l</option>, <option>--lock</option>
+ </term>
+ <listitem>
+ <para>
+ Lock the password of the named account. This option disables a
+ password by changing it to a value which matches no possible
+ encrypted value (it adds a ´!´ at the beginning of the
+ password).
+ </para>
+ <para>
+ Note that this does not disable the account. The user may
+ still be able to login using another authentication token
+ (e.g. an SSH key). To disable the account, administrators
+ should use <command>usermod --expiredate 1</command> (this set
+ the account's expire date to Jan 2, 1970).
+ </para>
+ <para>
+ Users with a locked password are not allowed to change their
+ password.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Set the minimum number of days between password changes to
+ <replaceable>MIN_DAYS</replaceable>. A value of zero for this field
+ indicates that the user may change his/her password at any time.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-q</option>, <option>--quiet</option>
+ </term>
+ <listitem>
+ <para>
+ Quiet mode.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-r</option>, <option>--repository</option>&nbsp;<replaceable>REPOSITORY</replaceable>
+ </term>
+ <listitem>
+ <para>
+ change password in <replaceable>REPOSITORY</replaceable> repository
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-S</option>, <option>--status</option>
+ </term>
+ <listitem>
+ <para>
+ Display account status information. The status information
+ consists of 7 fields. The first field is the user's login name.
+ The second field indicates if the user account has a locked
+ password (L),
+ has no password (NP), or has a usable password (P). The third
+ field gives the date of the last password change. The next four
+ fields are the minimum age, maximum age, warning period, and
+ inactivity period for the password. These ages are expressed in
+ days.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-u</option>, <option>--unlock</option>
+ </term>
+ <listitem>
+ <para>
+ Unlock the password of the named account. This option
+ re-enables a password by changing the password back to its
+ previous value (to the value before using the
+ <option>-l</option> option).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-w</option>, <option>--warndays</option>&nbsp;<replaceable>WARN_DAYS</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Set the number of days of warning before a password change is
+ required. The <replaceable>WARN_DAYS</replaceable> option is
+ the number of days prior to the password expiring that a user
+ will be warned that his/her password is about to expire.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Set the maximum number of days a password remains valid. After
+ <replaceable>MAX_DAYS</replaceable>, the password is required
+ to be changed.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ Password complexity checking may
+ vary from site to site. The user is urged to select a password as
+ complex as he or she feels comfortable with.
+ </para>
+ <para>
+ Users may not be able to
+ change their password on a system if NIS is enabled and they are not
+ logged into the NIS server.
+ </para>
+ <para condition="pam">
+ <command>passwd</command> uses PAM to authenticate users and to
+ change their passwords.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration' condition="no_pam">
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &ENCRYPT_METHOD;
+ &MD5_CRYPT_ENAB;
+ &OBSCURE_CHECKS_ENAB;
+ &PASS_ALWAYS_WARN;
+ &PASS_CHANGE_TRIES;
+ &PASS_MAX_LEN; <!-- documents also PASS_MIN_LEN -->
+ &SHA_CRYPT_MIN_ROUNDS;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="no_pam">
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="pam">
+ <term><filename>/etc/pam.d/passwd</filename></term>
+ <listitem>
+ <para>PAM configuration for <command>passwd</command>.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='exit_values'>
+ <title>EXIT VALUES</title>
+ <para>
+ The <command>passwd</command> command exits with the following values:
+ <variablelist>
+ <varlistentry>
+ <term><replaceable>0</replaceable></term>
+ <listitem>
+ <para>success</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>1</replaceable></term>
+ <listitem>
+ <para>permission denied</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>2</replaceable></term>
+ <listitem>
+ <para>invalid combination of options</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>3</replaceable></term>
+ <listitem>
+ <para>unexpected failure, nothing done</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>4</replaceable></term>
+ <listitem>
+ <para>unexpected failure, <filename>passwd</filename> file missing</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>5</replaceable></term>
+ <listitem>
+ <para><filename>passwd</filename> file busy, try again</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>6</replaceable></term>
+ <listitem>
+ <para>invalid argument to option</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>chpasswd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <phrase condition="no_pam">
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ </phrase>
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/passwd.5.xml b/man/passwd.5.xml
new file mode 100644
index 0000000..8625dfb
--- /dev/null
+++ b/man/passwd.5.xml
@@ -0,0 +1,206 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1989 - 1990, Julianne Frances Haugh
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='passwd.5'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1989</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>passwd</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>passwd</refname>
+ <refpurpose>the password file</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ <filename>/etc/passwd</filename> contains one line for each
+ user account, with seven fields delimited by colons
+ (<quote>:</quote>).
+ These fields are:
+ </para>
+ <itemizedlist mark='bullet'>
+ <listitem>
+ <para>login name</para>
+ </listitem>
+ <listitem>
+ <para>optional encrypted password</para>
+ </listitem>
+ <listitem>
+ <para>numerical user ID</para>
+ </listitem>
+ <listitem>
+ <para>numerical group ID</para>
+ </listitem>
+ <listitem>
+ <para>user name or comment field</para>
+ </listitem>
+ <listitem>
+ <para>user home directory</para>
+ </listitem>
+ <listitem>
+ <para>optional user command interpreter</para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
+ The encrypted password field may be blank, in which case no password
+ is required to authenticate as the specified login name. However,
+ some applications which read the <filename>/etc/passwd</filename> file
+ may decide not to permit <emphasis>any</emphasis> access at all if the
+ <emphasis>password</emphasis> field is blank. If the
+ <emphasis>password</emphasis> field is a lower-case <quote>x</quote>,
+ then the encrypted password is actually stored in the
+ <citerefentry><refentrytitle>shadow</refentrytitle>
+ <manvolnum>5</manvolnum></citerefentry> file instead; there
+ <emphasis>must</emphasis> be a corresponding line in the
+ <filename>/etc/shadow</filename> file, or else the user account is invalid.
+ If the <emphasis>password</emphasis> field is any other string, then
+ it will be treated as an encrypted password, as specified by
+ <citerefentry><refentrytitle>crypt</refentrytitle>
+ <manvolnum>3</manvolnum></citerefentry>.
+
+ </para>
+
+ <para>
+ The comment field is used by various system utilities, such as
+ <citerefentry><refentrytitle>finger</refentrytitle>
+ <manvolnum>1</manvolnum></citerefentry>.
+ </para>
+
+ <para>
+ The home directory field provides the name of the initial working
+ directory. The <command>login</command> program uses this information
+ to set the value of the <envar>$HOME</envar> environmental variable.
+ </para>
+
+ <para>
+ The command interpreter field provides the name of the user's command
+ language interpreter, or the name of the initial program to execute.
+ The <command>login</command> program uses this information to set the
+ value of the <envar>$SHELL</envar> environmental variable. If this
+ field is empty, it defaults to the value <filename>/bin/sh</filename>.
+ </para>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>optional encrypted password file</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/passwd-</filename></term>
+ <listitem>
+ <para>Backup file for /etc/passwd.</para>
+ <para>
+ Note that this file is used by the tools of the shadow
+ toolsuite, but not by all user and password management tools.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>getpwnam</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/pl/Makefile.am b/man/pl/Makefile.am
new file mode 100644
index 0000000..724d25f
--- /dev/null
+++ b/man/pl/Makefile.am
@@ -0,0 +1,44 @@
+
+mandir = @mandir@/pl
+
+# 2012.01.28 - activate manpages with more than 50% translated messages
+man_MANS = \
+ man1/chage.1 \
+ man1/chsh.1 \
+ man1/expiry.1 \
+ man5/faillog.5 \
+ man8/faillog.8 \
+ man3/getspnam.3 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmems.8 \
+ man8/groupmod.8 \
+ man1/groups.1 \
+ man8/grpck.8 \
+ man8/lastlog.8 \
+ man8/logoutd.8 \
+ man1/newgrp.1 \
+ man1/sg.1 \
+ man3/shadow.3 \
+ man8/userdel.8 \
+ man8/usermod.8 \
+ man8/vigr.8 \
+ man8/vipw.8
+
+man_nopam = \
+ man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+ $(man_MANS) \
+ man1/id.1
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/po/LINGUAS b/man/po/LINGUAS
new file mode 100644
index 0000000..1bf026a
--- /dev/null
+++ b/man/po/LINGUAS
@@ -0,0 +1,8 @@
+# LINGUAS
+
+LINGUAS = da de fr it pl ru sv zh_CN
+
+# These variables are generated based on the LINGUAS list
+POFILES = $(patsubst %,$(srcdir)/%.po,$(LINGUAS))
+UPDATEPOFILES = $(patsubst %,%.po-update,$(LINGUAS))
+DUMMYPOFILES = $(patsubst %,%.nop,$(LINGUAS))
diff --git a/man/po/Makefile.in b/man/po/Makefile.in
new file mode 100644
index 0000000..deaa870
--- /dev/null
+++ b/man/po/Makefile.in
@@ -0,0 +1,245 @@
+# Makefile for PO directory in any package using GNU gettext.
+# Copyright (C) 1995-1997, 2000-2006 by Ulrich Drepper <drepper@gnu.ai.mit.edu>
+#
+# This file can be copied and used freely without restrictions. It can
+# be used in projects which are not available under the GNU General Public
+# License but which still want to provide support for the GNU gettext
+# functionality.
+# Please note that the actual code of GNU gettext is covered by the GNU
+# General Public License and is *not* in the public domain.
+#
+# Origin: gettext-0.16
+# Modified to handle translations with xml2po by Nicolas François - 2007
+
+PACKAGE = @PACKAGE@
+VERSION = @VERSION@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+
+SHELL = /bin/sh
+@SET_MAKE@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+
+MSGFMT_ = @MSGFMT@
+MSGFMT_no = @MSGFMT@
+MSGFMT_yes = @MSGFMT_015@
+MSGFMT = $(MSGFMT_$(USE_MSGCTXT))
+XGETTEXT_ = @XGETTEXT@
+XGETTEXT_no = @XGETTEXT@
+XGETTEXT_yes = @XGETTEXT_015@
+XGETTEXT = $(XGETTEXT_$(USE_MSGCTXT))
+MSGMERGE = @MSGMERGE@ --previous
+MSGMERGE_UPDATE = @MSGMERGE@ --update --previous
+MSGINIT = msginit
+MSGCONV = msgconv
+MSGFILTER = msgfilter
+
+include $(srcdir)/LINGUAS
+DISTFILES = $(srcdir)/Makevars $(srcdir)/XMLFILES $(srcdir)/LINGUAS $(POFILES)
+
+include $(srcdir)/XMLFILES
+
+include $(srcdir)/Makevars
+
+.SUFFIXES:
+.SUFFIXES: .po .sed .sin .nop .po-create .po-update
+
+remove-potcdate.sin: $(top_srcdir)/po/remove-potcdate.sin
+ cp $? $@
+
+.sin.sed:
+ sed -e '/^#/d' $< > t-$@
+ mv t-$@ $@
+
+all: all-yes
+
+all-yes: stamp-po
+all-no:
+
+# $(srcdir)/$(DOMAIN).pot is only created when needed. When xgettext finds no
+# internationalized messages, no $(srcdir)/$(DOMAIN).pot is created (because
+# we don't want to bother translators with empty POT files). We assume that
+# LINGUAS is empty in this case, i.e. $(POFILES) and $(GMOFILES) are empty.
+# In this case, stamp-po is a nop (i.e. a phony target).
+
+# stamp-po is a timestamp denoting the last time at which the CATALOGS have
+# been loosely updated. Its purpose is that when a developer or translator
+# checks out the package via CVS, and the $(DOMAIN).pot file is not in CVS,
+# "make" will update the $(DOMAIN).pot and the $(CATALOGS), but subsequent
+# invocations of "make" will do nothing. This timestamp would not be necessary
+# if updating the $(CATALOGS) would always touch them; however, the rule for
+# $(POFILES) has been designed to not touch files that don't need to be
+# changed.
+stamp-po: $(srcdir)/$(DOMAIN).pot
+ @test ! -f $(srcdir)/$(DOMAIN).pot || { \
+ echo "touch stamp-po" && \
+ echo timestamp > stamp-poT && \
+ mv stamp-poT stamp-po; \
+ }
+
+# Note: Target 'all' must not depend on target '$(DOMAIN).pot-update',
+# otherwise packages like GCC can not be built if only parts of the source
+# have been downloaded.
+
+# This target rebuilds $(DOMAIN).pot; it is an expensive operation.
+# Note that $(DOMAIN).pot is not touched if it doesn't need to be changed.
+# TODO: set MSGID_BUGS_ADDRESS, COPYRIGHT_HOLDER
+$(DOMAIN).pot-update: $(XMLFILES) $(srcdir)/XMLFILES remove-potcdate.sed
+ @set -e; tmpdir=`pwd`; \
+ echo "cd $(top_srcdir)/man"; \
+ cd $(top_srcdir)/man; \
+ echo "xml2po --expand-all-entities -o $$tmpdir/$(DOMAIN).po $(notdir $(XMLFILES))"; \
+ xml2po --expand-all-entities -o $$tmpdir/$(DOMAIN).po $(notdir $(XMLFILES)); \
+ cd $$tmpdir
+ test ! -f $(DOMAIN).po || { \
+ if test -f $(srcdir)/$(DOMAIN).pot; then \
+ sed -f remove-potcdate.sed < $(srcdir)/$(DOMAIN).pot > $(DOMAIN).1po && \
+ sed -f remove-potcdate.sed < $(DOMAIN).po > $(DOMAIN).2po && \
+ if cmp $(DOMAIN).1po $(DOMAIN).2po >/dev/null 2>&1; then \
+ rm -f $(DOMAIN).1po $(DOMAIN).2po $(DOMAIN).po; \
+ else \
+ rm -f $(DOMAIN).1po $(DOMAIN).2po $(srcdir)/$(DOMAIN).pot && \
+ mv $(DOMAIN).po $(srcdir)/$(DOMAIN).pot; \
+ fi; \
+ else \
+ mv $(DOMAIN).po $(srcdir)/$(DOMAIN).pot; \
+ fi; \
+ }
+
+# This rule has no dependencies: we don't need to update $(DOMAIN).pot at
+# every "make" invocation, only create it when it is missing.
+# Only "make $(DOMAIN).pot-update" or "make dist" will force an update.
+$(srcdir)/$(DOMAIN).pot:
+ $(MAKE) $(DOMAIN).pot-update
+
+# This target rebuilds a PO file if $(DOMAIN).pot has changed.
+# Note that a PO file is not touched if it doesn't need to be changed.
+$(POFILES): $(srcdir)/$(DOMAIN).pot
+ @lang=`echo $@ | sed -e 's,.*/,,' -e 's/\.po$$//'`; \
+ if test -f "$(srcdir)/$${lang}.po"; then \
+ test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \
+ echo "$${cdcmd}$(MSGMERGE_UPDATE) $${lang}.po $(DOMAIN).pot"; \
+ cd $(srcdir) && $(MSGMERGE_UPDATE) $${lang}.po $(DOMAIN).pot; \
+ else \
+ $(MAKE) $${lang}.po-create; \
+ fi
+
+
+install: install-exec install-data
+install-exec:
+install-data:
+
+install-strip: install
+
+installdirs: installdirs-exec installdirs-data
+installdirs-exec:
+installdirs-data:
+
+# Define this as empty until I found a useful application.
+installcheck:
+
+uninstall: uninstall-exec uninstall-data
+uninstall-exec:
+uninstall-data:
+
+check: all
+
+info dvi ps pdf html tags TAGS ctags CTAGS ID:
+
+mostlyclean:
+ rm -f remove-potcdate.sed remove-potcdate.sin
+ rm -f stamp-poT
+ rm -f core core.* $(DOMAIN).po $(DOMAIN).1po $(DOMAIN).2po *.new.po
+
+clean: mostlyclean
+
+distclean: clean
+ rm -f Makefile
+
+maintainer-clean: distclean
+ @echo "This command is intended for maintainers to use;"
+ @echo "it deletes files that may require special tools to rebuild."
+ rm -f stamp-po
+
+distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
+dist distdir:
+ $(MAKE) update-po
+ @$(MAKE) dist2
+# This is a separate target because 'update-po' must be executed before.
+dist2: stamp-po $(DISTFILES)
+ dists="$(DISTFILES)"; \
+ if test -f $(srcdir)/$(DOMAIN).pot; then \
+ dists="$$dists $(DOMAIN).pot stamp-po"; \
+ fi; \
+ if test -f $(srcdir)/ChangeLog; then \
+ dists="$$dists ChangeLog"; \
+ fi; \
+ for i in 0 1 2 3 4 5 6 7 8 9; do \
+ if test -f $(srcdir)/ChangeLog.$$i; then \
+ dists="$$dists ChangeLog.$$i"; \
+ fi; \
+ done; \
+ for file in $$dists; do \
+ if test -f $$file; then \
+ cp -p $$file $(distdir) || exit 1; \
+ else \
+ cp -p $(srcdir)/$$file $(distdir) || exit 1; \
+ fi; \
+ done
+
+update-po: Makefile
+ $(MAKE) $(DOMAIN).pot-update
+ test -z "$(UPDATEPOFILES)" || $(MAKE) $(UPDATEPOFILES)
+
+# General rule for creating PO files.
+
+.nop.po-create:
+ @lang=`echo $@ | sed -e 's/\.po-create$$//'`; \
+ echo "File $$lang.po does not exist. If you are a translator, you can create it through 'msginit'." 1>&2; \
+ exit 1
+
+# General rule for updating PO files.
+
+.nop.po-update:
+ @lang=`echo $@ | sed -e 's/\.po-update$$//'`; \
+ tmpdir=`pwd`; \
+ echo "$$lang:"; \
+ test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \
+ echo "$${cdcmd}$(MSGMERGE) $$lang.po $(DOMAIN).pot -o $$lang.new.po"; \
+ cd $(srcdir); \
+ if $(MSGMERGE) $$lang.po $(DOMAIN).pot -o $$tmpdir/$$lang.new.po; then \
+ if cmp $$lang.po $$tmpdir/$$lang.new.po >/dev/null 2>&1; then \
+ rm -f $$tmpdir/$$lang.new.po; \
+ else \
+ if mv -f $$tmpdir/$$lang.new.po $$lang.po; then \
+ :; \
+ else \
+ echo "msgmerge for $$lang.po failed: cannot move $$tmpdir/$$lang.new.po to $$lang.po" 1>&2; \
+ exit 1; \
+ fi; \
+ fi; \
+ else \
+ echo "msgmerge for $$lang.po failed!" 1>&2; \
+ rm -f $$tmpdir/$$lang.new.po; \
+ fi
+
+$(DUMMYPOFILES):
+
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+# Tell versions [3.59,3.63) of GNU make not to export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/man/po/Makevars b/man/po/Makevars
new file mode 100644
index 0000000..c78c646
--- /dev/null
+++ b/man/po/Makevars
@@ -0,0 +1,27 @@
+# Makefile variables for PO directory in any package using GNU gettext.
+
+# Usually the message domain is the same as the package name.
+DOMAIN = $(PACKAGE)-man-pages
+
+# These two variables depend on the location of this directory.
+subdir = man/po
+top_builddir = ../..
+
+# These options get passed to xgettext.
+XGETTEXT_OPTIONS = --keyword=_ --keyword=N_ --no-location
+
+# This is the copyright holder that gets inserted into the header of the
+# $(DOMAIN).pot file. Set this to the copyright holder of the surrounding
+# package. (Note that the msgstr strings, extracted from the package's
+# sources, belong to the copyright holder of the package.) Translators are
+# expected to transfer the copyright for their translations to this person
+# or entity, or to disclaim their copyright. The empty string stands for
+# the public domain; in this case the translators are expected to disclaim
+# their copyright.
+COPYRIGHT_HOLDER = Free Software Foundation, Inc.
+
+# This is the list of locale categories, beyond LC_MESSAGES, for which the
+# message catalogs shall be used. It is usually empty.
+EXTRA_LOCALE_CATEGORIES =
+
+MSGID_BUGS_ADDRESS = pkg-shadow-devel@lists.alioth.debian.org
diff --git a/man/po/XMLFILES b/man/po/XMLFILES
new file mode 100644
index 0000000..de7925d
--- /dev/null
+++ b/man/po/XMLFILES
@@ -0,0 +1,42 @@
+# List of xml which contain translatable strings.
+XMLFILES = \
+ $(top_srcdir)/man/chage.1.xml \
+ $(top_srcdir)/man/chfn.1.xml \
+ $(top_srcdir)/man/chgpasswd.8.xml \
+ $(top_srcdir)/man/chpasswd.8.xml \
+ $(top_srcdir)/man/chsh.1.xml \
+ $(top_srcdir)/man/expiry.1.xml \
+ $(top_srcdir)/man/faillog.5.xml \
+ $(top_srcdir)/man/faillog.8.xml \
+ $(top_srcdir)/man/gpasswd.1.xml \
+ $(top_srcdir)/man/groupadd.8.xml \
+ $(top_srcdir)/man/groupdel.8.xml \
+ $(top_srcdir)/man/groupmems.8.xml \
+ $(top_srcdir)/man/groupmod.8.xml \
+ $(top_srcdir)/man/groups.1.xml \
+ $(top_srcdir)/man/grpck.8.xml \
+ $(top_srcdir)/man/gshadow.5.xml \
+ $(top_srcdir)/man/lastlog.8.xml \
+ $(top_srcdir)/man/limits.5.xml \
+ $(top_srcdir)/man/login.1.xml \
+ $(top_srcdir)/man/login.access.5.xml \
+ $(top_srcdir)/man/login.defs.5.xml \
+ $(top_srcdir)/man/logoutd.8.xml \
+ $(top_srcdir)/man/newgrp.1.xml \
+ $(top_srcdir)/man/newusers.8.xml \
+ $(top_srcdir)/man/nologin.8.xml \
+ $(top_srcdir)/man/passwd.1.xml \
+ $(top_srcdir)/man/passwd.5.xml \
+ $(top_srcdir)/man/porttime.5.xml \
+ $(top_srcdir)/man/pwck.8.xml \
+ $(top_srcdir)/man/pwconv.8.xml \
+ $(top_srcdir)/man/shadow.3.xml \
+ $(top_srcdir)/man/shadow.5.xml \
+ $(top_srcdir)/man/sg.1.xml \
+ $(top_srcdir)/man/su.1.xml \
+ $(top_srcdir)/man/suauth.5.xml \
+ $(top_srcdir)/man/useradd.8.xml \
+ $(top_srcdir)/man/userdel.8.xml \
+ $(top_srcdir)/man/usermod.8.xml \
+ $(top_srcdir)/man/vipw.8.xml
+
diff --git a/man/po/da.po b/man/po/da.po
new file mode 100644
index 0000000..8930267
--- /dev/null
+++ b/man/po/da.po
@@ -0,0 +1,8140 @@
+# Danish translation shadow-man.
+# Copyright (C) 2012 Free Software Foundation, Inc.
+# This file is distributed under the same license as the shadow package.
+# Joe Hansen (joedalton2@yahoo.dk), 2012.
+#
+# konventioner:
+# audit -> overvågning
+# entry, entries -> punkt, punkter
+# exist -> findes
+# Home Phone -> telefon (telefonnr. hvor det er mere præcist)
+# locktime -> låsetid
+# mapping -> oversættelse eller kortlægning?
+# quiet -> tavs
+# record -> post
+# scratch -> scratch
+# shadow -> skygge
+# stat -> køre stat
+# unlock -> åbne
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow-man\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:35+0200\n"
+"Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n"
+"Language-Team: Danish <debian-l10n-danish@lists.debian.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Kommandoer for systemhåndtering"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr ""
+"rediger adgangskoden, gruppe, shadow-adgangskode- eller shadow-gruppe-fil"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "tilvalg"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "BESKRIVELSE"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Kommandoerne <command>vipw</command> og <command>vigr</command> redigerer "
+"filerne <filename>/etc/passwd</filename> og <filename>/etc/group</filename>, "
+"respektivt. Med flaget <option>-s</option> vil de redigere versionerne for "
+"Shadow for disse filer, <filename>/etc/shadow</filename> og <filename>/etc/"
+"gshadow</filename>, respektivt. Programmerne vil sætte de passende låse for "
+"at forhindre filødelæggelse. Når der kigges efter et redigerngsprogram, så "
+"vil programmet øfrst forsøge med miljøvariablen <envar>$VISUAL</envar>, "
+"derefter miljøvariablen <envar>$EDITOR</envar>, og endelig "
+"standardredigeringsprogrammet, <citerefentry><refentrytitle>vi</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "TILVALG"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Tilvalgene som gælder for kommandoerne <command>vipw</command> og "
+"<command>vigr</command> er:"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Rediger gruppedatabase."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Vis hjælpeteksten og afslut."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Rediger passwd-database."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Stille tilstand."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Brug ændringer i mappen <replaceable>CHROOT_DIR</replaceable> og brug "
+"konfigurationsfilerne fra mappen <replaceable>CHROOT_DIR</replaceable>."
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Rediger shadow- eller gshadow-database."
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "Indikerer hvilken brugers tcb-shadowfil at redigere."
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "KONFIGURATION"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"De følgende konfigurationsvariabler i <filename>/etc/login.defs</filename> "
+"ændrer opførelsen for dette værktøj:"
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (boolesk)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Hvis <replaceable>ja</replaceable>, så vil skemaet for adgangskodeskygge "
+"<citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> blive brugt."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "MILJØ"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUEL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "Redigeringsprogram der skal bruges."
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "REDIGERINGSPROGRAM"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr ""
+"Redigeringsprogram der skal bruges hvis <option>VISUAL</option> ikke er "
+"angivet."
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "FILER"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Information om gruppekonto."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Information om sikret gruppekonto."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Information om brugerkonto."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Information om sikret brugerkonto."
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "SE OGSÃ…"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gruppe</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "ændre en brugerkonto"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "LOGIND"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Kommandoen <command>usermod</command> ændrer systemkontofilerne så de "
+"reflekterer ændringerne som angives på kommandolinjen."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr ""
+"Tilvalgene som kan bruges for kommandoen <command>usermod</command> er:"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Tilføj brugeren til de supplementære grupper. Brug kun med tilvalget "
+"<option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMMENTAR</"
+"replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"Den nye værdi for brugerens kommentar kommentarfelt i adgangskodefilen. Den "
+"ændres normalt med redskabet <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>HJEMMEMAPPE</replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "Brugerens nye logindmappe."
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Hvis tilvalget <option>-m</option> er angivet, vil indholdet af den aktuelle "
+"hjemmemappe blive flyttet til den nye hjemmemappe, som oprettes hvis denne "
+"ikke allerede findes."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>UDLØBSDATO</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Datoen hvorpå brugerkontoen vil blive deaktiveret. Datoen er angivet i "
+"formatet <emphasis remap=\"I\">Ã…Ã…Ã…Ã…-MM-DD</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"Et tomt argument for <replaceable>UDLØBSDATO</replaceable> vil deaktivere "
+"udløb for kontoen."
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Dette tilvalg kræver en <filename>/etc/shadow</filename>-fil. Et <filename>/"
+"etc/shadow</filename>-punkt vil blive oprettet hvis et sådant ikke fandtes."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Antallet af dage fra en adgangskode udløber til kontoen bliver permanent "
+"deaktiveret."
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr ""
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr ""
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr ""
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr ""
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr ""
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-f</option>, <option>--inactive</option>&nbsp;"
+#| "<replaceable>INACTIVE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-e</option>, <option>--expiredate</option>&nbsp;"
+#| "<replaceable>EXPIRE_DATE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>UDLØBSDATO</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-f</option>, <option>--inactive</option>&nbsp;"
+#| "<replaceable>INACTIVE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-e</option>, <option>--expiredate</option>&nbsp;"
+#| "<replaceable>EXPIRE_DATE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>UDLØBSDATO</replaceable>"
+
+#: usermod.8.xml:444(para)
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr ""
+
+#: usermod.8.xml:479(para)
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr ""
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr ""
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+
+#. Note: on HP, split groups have the same ID, but different
+#. names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (nummer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (nummer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>GID_MIN</option> (nummer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+#| "option>) is 1000 (resp. 60000)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Standardværdien for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) er 1000 (resp. 60000)."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>GID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (nummer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>GID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (nummer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>GID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>GID_MIN</option> (nummer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+#| "option>) is 1000 (resp. 60000)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Standardværdien for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) er 1000 (resp. 60000)."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr ""
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+" use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+" kilos = UID / 1000\n"
+" use /etc/tcb/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" use /etc/tcb/:megas/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+" "
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr ""
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr ""
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry condition=\"tcb"
+#| "\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#| "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gruppe</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr ""
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr ""
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr ""
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr ""
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr ""
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr ""
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr ""
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr ""
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+" "
+msgstr ""
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr ""
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr ""
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr ""
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr ""
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr ""
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr ""
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr ""
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr ""
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr ""
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr ""
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr ""
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr ""
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr ""
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr ""
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr ""
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry condition=\"tcb"
+#| "\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#| "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gruppe</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr ""
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr ""
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr ""
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>HJEMMEMAPPE</replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr ""
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr ""
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr ""
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:301(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr ""
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr ""
+
+#: useradd.8.xml:327(para)
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr ""
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr ""
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr ""
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr ""
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr ""
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: useradd.8.xml:434(para)
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr ""
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr ""
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr ""
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"Antallet af dage efter en adgangskode er udløbet før kontoen vil blive "
+"deaktiveret."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Dette tilvalg sætter variablen <option>INACTIVE</option> i <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "Navnet på en ny brugers logindskal."
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr ""
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Du kan ikke tilføje en bruger til en NIS eller LDAP-gruppe. Dette skal "
+"udføres på den tilsvarende server."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "Brugernavne må kun være op til 32 tegn lange."
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (boolesk)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+"Indikerer om en hjemmemappe skal oprettes som standard for nye brugere."
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Denne indstilling gælder ikke for systembrugere og kan overskrives på "
+"kommandolinjen."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (nummer)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (nummer)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Standardværdien for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) er 1000 (resp. 60000)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr ""
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Standardværdier for kontooprettelse."
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Mappe indeholdende standardfiler."
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "Ugyldigt argument for tilvalg"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID er allerede i brug (og intet <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "angivet gruppe findes ikke"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "brugernavn er allerede i brug"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "kan ikke oprette hjemmemappe"
+
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "4"
+msgid "14"
+msgstr "4"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>useradd</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry condition=\"tcb"
+#| "\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#| "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gruppe</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr ""
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr ""
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr ""
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" 1) the user su is targeting\n"
+" "
+msgstr ""
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" to-id:from-id:ACTION\n"
+" "
+msgstr ""
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+
+#: suauth.5.xml:107(para)
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr ""
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr ""
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr ""
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr ""
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr ""
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" # sample /etc/suauth file\n"
+" #\n"
+" # A couple of privileged usernames may\n"
+" # su to root with their own password.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Anyone else may not su to root unless in\n"
+" # group wheel. This is how BSD does things.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Perhaps terry and birddog are accounts\n"
+" # owned by the same person.\n"
+" # Access can be arranged between them\n"
+" # with no password.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+msgstr ""
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr ""
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr ""
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr ""
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr ""
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr ""
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr ""
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Du kan bruge argumentet <option>--</option> til at adskille <command>su</"
+"command>-tilvalg fra argumenterne angivet til skallen."
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Brugeren vil blive spurgt om sin adgangskode, hvis det er relevant. Ugyldige "
+"adgangskoder vil medføre en fejlbesked. Alle forsøg, både gyldige og "
+"ugyldige, logges for at deteketere misbrug af systemet."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr ""
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+
+#: su.1.xml:158(para)
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr ""
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+
+#: su.1.xml:176(para)
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr ""
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "Skallen angivet med --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr ""
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr ""
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Hvis målbrugeren har en begrænset skal, så har dette tilvalg ingen effekt "
+"(med mindre <command>su</command> kaldes af root)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr ""
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+"Hvis ikke defineret så vil administrator (root) være tilladt på alle enheder"
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "Enheden skal angives uden præfikset /dev/."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"Indiker om logind er tilladt, hvis vi ikke kan cd til hjemmemappen. "
+"Standarden er nej."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (streng)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr ""
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr ""
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr ""
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr ""
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr ""
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr ""
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr ""
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr ""
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr ""
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr ""
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr ""
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr ""
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr ""
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr ""
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr ""
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr ""
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr ""
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:134(para)
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr ""
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr ""
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr ""
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr ""
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr ""
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr ""
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:229(para)
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr ""
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr ""
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Dette felt er reserveret for fremtidig brug."
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "Sikkerhedskopi for /etc/shadow."
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Bemærk at denne fil bruges af værktøjer fra shodows værktøjssæt, men ikke af "
+"alle håndteringsværktøjer for brugere og adgangskoder."
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr ""
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr ""
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr ""
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAKS"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr ""
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr ""
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr ""
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr ""
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ""
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr ""
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr ""
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr ""
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr ""
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr ""
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr ""
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr ""
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr ""
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr ""
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr ""
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr ""
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* user login name */\n"
+" char\t\t*sp_pwdp; /* encrypted password */\n"
+" long int\t\tsp_lstchg; /* last password change */\n"
+" long int\t\tsp_min; /* days until change allowed. */\n"
+" long int\t\tsp_max; /* days before change required */\n"
+" long int\t\tsp_warn; /* days warning for expiration */\n"
+" long int\t\tsp_inact; /* days before account inactive */\n"
+" long int\t\tsp_expire; /* date when account expires */\n"
+" unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+" "
+msgstr ""
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr ""
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr "sp_min - antal dage hvor adgangskode ikke må ændres"
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr "sp_max - antal dage hvorefter adgangskode skal ændres"
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - reserveret for fremtidig brug"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr ""
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr ""
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr ""
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr ""
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr ""
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr ""
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr ""
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr ""
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr ""
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr ""
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr ""
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr ""
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr ""
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr ""
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr ""
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr ""
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr ""
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr ""
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr ""
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr ""
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr ""
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+
+#: pwck.8.xml:243(para)
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr ""
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "kan ikke åbne adgangskodefiler"
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "kan ikke låse adgangskodefiler"
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "kan ikke opdatere adgangskodefiler"
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "kan ikke sortere adgangskodefiler"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>pwck</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr ""
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "EKSEMPLER"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr ""
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+msgstr ""
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr ""
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr ""
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr ""
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr ""
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr ""
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr ""
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr ""
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr ""
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr ""
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr ""
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr ""
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr ""
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr ""
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr ""
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr ""
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr ""
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr ""
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr ""
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr ""
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"Du kan finde råd om hvordan du vælger en god adgangskode på http://en."
+"wikipedia.org/wiki/Password_strength"
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "Tilvalgene som gælder for kommandoen <command>passwd</command> er:"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Dette tilvalg kan kun bruges med <option>-S</option> medfører vis status for "
+"alle brugere."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Slet en brugers adgangskode (gør den tom). Dette er en hurtig måde at "
+"deaktivere en adgangskode for en konto. Den vil sætte den navngivne konto "
+"uden adgangskode."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Angiv øjeblikkelig en kontos adgangskode som udløbet. Dette kan tvinge en "
+"bruger til at ændre sin adgangskode ved brugerens næste logind."
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Denne indstilling bruges til at deaktivere en konto efter at adgangskoden er "
+"udløbet i et antal dage. Efter at en brugerkonto har haft en udløbet "
+"adgangskode for <replaceable>INAKTIV</replaceable> dage, kan brugeren ikke "
+"længere logge ind på kontoen."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr ""
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr ""
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr ""
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr ""
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+"Denne variabel er forældet, du skal bruge <option>ENCRYPT_METHOD</option>."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (boolesk)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr "Aktiver yderligere kontroller før ændringer af adgangskode."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (boolesk)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"Advar om svage adgangskoder (men tillad dem stadig) hvis du er administrator "
+"(root)."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (antal)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr "Maksimalt antal forsøg at ændre adgangskode hvis afvist (for nemt)."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (antal)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (antal)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (antal)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr ""
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "PAM-konfiguration for <command>passwd</command>."
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "tilladelse nægtet"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "Ugyldig kombination af tilvalg"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "uventet fejl, intet udført"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "uventet fejl, <filename>passwd</filename>-filen mangler"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr "<filename>passwd</filename>-filen er optaget, forsøg igen"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>passwd</command> afsluttedes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr ""
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "nægt venligt et logind"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "HISTORIK"
+
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "Kommandoen <command>nologin</command> fremkom i BSD 4.4."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "opdater og opret nye brugere i et job"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "fil"
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr ""
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr ""
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "Dette er navnet på brugeren."
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Hvis dette felt indeholder navnet på en eksisterende bruger (eller navnet på "
+"en bruger oprettet før af <command>newusers</command>), så vil UID'en for "
+"den angivne bruger blive brugt."
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr ""
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Dette felt vil være krypteret og brugt som den nye værdi for den krypterede "
+"adgangskode."
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr ""
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Dette flet bruges til at definere UID for brugeren."
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"Hvis feltet er tomt, vil en ny (ubrugt) UID blive defineret automatisk af "
+"<command>newusers</command>."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr ""
+"Hvis dette felt indeholer et tal, så vil dette tal blive brugt som UID'en."
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"Hvis dette felt indeholder navnet på en eksisterende bruger (eller navnet på "
+"en bruger oprettet før af <command>newusers</command>), så vil UID'en for "
+"den angivne bruger blive brugt."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"Hvis UID'en for en eksisterende bruger har ændret sig, så skal filens "
+"ejerskab for brugerens fil rettes manuelt."
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr ""
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr "Dette felt bruges til at definere det primære gruppe-id for brugeren."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr ""
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Dette felt er kopieret i GECOS-feltet for brugeren."
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr ""
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr "Dette felt bruges til at definere hjemmemappen for brugeren."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"Hvis feltet ikke angiver en eksisterende mappe, så oprettes den angiven "
+"mappe, med ejerskab angivet for brugeren der oprettes elelr opdateres og "
+"dennes primære gruppe."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"Hvis hjemmemappen for en eksisterende bruger ændres så flytter eller "
+"kopierer <command>newusers</command> ikke indholdet fra den gamle mappe til "
+"den nye placering. Dette ksal gøres manuelt."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr ""
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"Dette felt definerer brugerens skal. Ingen kontrollerer udføres på dette "
+"felt."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Denne kommando skal bruges i store systemmiljøer hvor mange kontoer "
+"opdateres på en gang."
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "Tilvalgene som gælder for kommandoen <command>newusers</command> er:"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "Brug den angivne metode til at kryptere adgangskoderne."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"De tilgængelige metoder er DES, Md5, NONE og SHA256 eller SHA512 hvis din "
+"libc understøtter disse metoder."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Systembrugere vil blive oprettet uden aldersinformation i <filename>/etc/"
+"shadow</filename>, og deres numeriske identifikatører vælges i intervallet "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, defineret i "
+"<filename>login.defs</filename>, i stedet for <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (og deres <option>GID</option>-modparte for "
+"oprettelsen af grupper.)."
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "Brug det angivet antal rundet til at kryhptere adgangskoderne."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"Værdien 0 betyder at systemet vil vælge antallet af standardrunder for "
+"krypteringsmetoden (5000)."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+"En minimusværdi på 1000 og en maksimumsværdi på 999.999.999 vil blive "
+"påtvunget."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Du kan kun bruge dette tilvalg med SHA256- eller SHA512-krypteringsmetoden."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Som standard er antallet af runder defineret af variablerne "
+"SHA_CRYPT_MIN_ROUNDS og SHA_CRYPT_MAX_ROUNDS i <filename>/etc/login.defs</"
+"filename>."
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Inddatafilen skal beskyttes da den indeholder adgangskoder der ikke er "
+"krypteret."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Du skal sikre dig at adgangskoderne og krypteringsmetoden respekterer "
+"systemets adgangskodepolitik."
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "PAM-konfiguration for <command>newusers</command>."
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry condition=\"tcb"
+#| "\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#| "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gruppe</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr ""
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "log ind på en ny gruppe"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr ""
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"Kommandoen <command>newgrp</command> bruges til at ændre den aktuelle grupp-"
+"id under en logindsession. Hvis det valgfrie flag <option>-</option> er "
+"angivet, så vil brugerens miljø blive geninitialiseres som om at brugeren "
+"havde logget ind, ellers bevares det aktuelle miljø, inklusiv aktuel "
+"arbejdsmappe, uændret."
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr ""
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "påtving restriktioner for logindperiode"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr ""
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Liste over aktuelle logindsessioner."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr ""
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr ""
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Denne fil er en læsbar tekstfil, hvier linje i filen beskriver en "
+"konfigurationsparameter. Linjerne består af et konfigurationsnavn og -værdi, "
+"adskilt af mellemrum. Tomme linjer og kommentarlinjer ignoreres. Kommentarer "
+"indledes med tegnet »#« og tegnet skal være det første tegn på linjen, som "
+"ikke er et mellemrum."
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "De følgende konfigurationspunkter tilbydes:"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (boolesk)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (antal)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "Aktiver logning af succesfulde logind."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr "Aktiver visning af ukendte brugernavne når logindfejl optages."
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Bemærk: Logning af ukendte brugernaven kan udgøre en sikkerhedsmæssig risiko "
+"såfremt en bruger indtatser sin adgangskode i stedet for sit logindnavn."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (antal)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr "Maksimalt antal logindforsøg i tilfælde af ugyldig adgangskode."
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"Denne vil højst sandsynlig blive overskrevet af PAM, da standardmodulet "
+"pam_unix har sin egen indbygget 3 forsøg. Dette er dog en ekstra sikkerhed i "
+"tilfælde af at du bruger et godkendelsesmodul som ikke påtvinger "
+"PAM_MAXTRiES."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (antal)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "Maks. tidsforbrug i sekunder for logind."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (streng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (streng)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (streng)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"Som standard er ejerskabet af terminalen angivet til brugerens primære "
+"gruppe og rettighederne er angivet til <replaceable>0600</replaceable>."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (streng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "Standardværdi for <command>ulimit</command>."
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr ""
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"De følgende krydsreferencer viser hvilke programmer i shadows "
+"adgangskodeprogrampakke der bruger hvilke parametre."
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr ""
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr ""
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr ""
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr ""
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr ""
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr ""
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr ""
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr ""
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr ""
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr ""
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr ""
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr ""
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr ""
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr ""
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr ""
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr ""
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr ""
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr ""
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:393(para)
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr ""
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:474(para)
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr ""
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "kontroltabel for logindadgang"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"Hver linje i kontroltabellen for logindadagng har tre felter adskilt af "
+"tegnet »:«:"
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr ""
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "vært"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr ""
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr ""
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr ""
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Navn på den eksterne vært for dette logind."
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Bevar miljø."
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "Udfør autologin-protokol for rlogin."
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr "Placeringen af filer er underlagt forskelle i systemkonfiguration."
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Liste over tidligere logindsessioner."
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr ""
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr ""
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr ""
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "Undertryk udskrivning af systembeskeder."
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr ""
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr "Hver linje beskriver en begrænsning for en bruger i formen:"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "bruger LIMITS_STRING"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "eller i formen:"
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@group LIMITS_STRING"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr ""
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A: Maks. adresserum (KB)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D: Maks. datastørrelse (KB)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F: Maks filstørrelse (KB)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr ""
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N: Maks antal åbne filer"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr ""
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr ""
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T: Maks CPU-tid (MIN)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr ""
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+msgstr ""
+
+#: limits.5.xml:145(para)
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+
+#: limits.5.xml:165(para)
+#, fuzzy
+#| msgid ""
+#| "If more than one line with limits for an user exist, only the first line "
+#| "for this user will be considered."
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"Hvis mere end en linje med begrænsninger for en bruger findes, så vil kun "
+"den første linje for denne bruger indgå."
+
+#: limits.5.xml:170(para)
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr ""
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr ""
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr ""
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:111(para)
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr ""
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr ""
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "Databasetider for tidligere brugerlogind."
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr ""
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr ""
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "gruppenavn"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "Det skal være et gyldigt gruppenavn, som findes på systemet."
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The new value of the user's password file comment field. It is normally "
+#| "modified using the <citerefentry><refentrytitle>chfn</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Den nye værdi for brugerens kommentar kommentarfelt i adgangskodefilen. Den "
+"ændres normalt med redskabet <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "administratorer"
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "Det skal være en kommaadskilt liste af brugernavne."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr "Administratorer kan ændre adgangskoden eller medlemmerne af gruppen."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"Administratorer har også de samme rettigheder som medlemmerne (se nedenfor)."
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "medlemmer"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr "Medlemmer kan tilgå gruppen uden at blive spurgt efter en adgangskode."
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Du skal bruge den samme liste over brugere som i <filename>/etc/group</"
+"filename>."
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "verificer integritet for gruppefiler"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "et unikt og gyldigt gruppenavn"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "Tilvalgen som gælder for kommandoen <command>grpck</command> er:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+
+#: grpck.8.xml:196(para)
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr ""
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "kan ikke åbne gruppefiler"
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "kan ikke låse gruppefiler"
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "kan ikke opdatere gruppefiler"
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>grpck</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "vis aktuelle gruppenavne"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "bruger"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "ændr en gruppedefinition på systemet"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GRUPPE"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr ""
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"Brugere som bruger gruppen som primær gruppe vil blive opdateret for at "
+"beholde gruppen som deres primære gruppe."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "gruppenavn er allerede i brug"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>groupmod</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "administrer medlemmer for en brugers primære gruppe"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr ""
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr ""
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr ""
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr ""
+
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Tilføj en bruger til listen over gruppemedlemmer."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"Hvis filen <filename>/etc/gshadow</filename> findes, og gruppen ikke har et "
+"punkt i filen <filename>/etc/gshadow</filename>, så vil et nyt punkt blive "
+"oprettet."
+
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Slet en bruger fra listen over gruppemedlemskab."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr ""
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr ""
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+msgstr ""
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr ""
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "slet en gruppe"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "Tilvalgene som gælder for kommandoen <command>groupdel</command> er:"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"De kan ikke fjerne den primære gruppe for en eksisterende bruger. Du skal "
+"fjerne brugeren før du fjerner gruppen."
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Du skal manuelt kontrollere alle filsystemer for at sikre dig, at ingen "
+"filer fortsat er ejet af denne gruppe."
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "Kan ikke fjerne brugers primære gruppe"
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>groupdel</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "opret en ny gruppe"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "Tilvalgene som gælder for kommandoen <command>groupadd</command> er:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Se også tilvalget <option>-r</option> og beskrivelsen <option>GID_MAX</"
+"option>."
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "Opret en systemgruppe."
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr ""
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr ""
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr ""
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr ""
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr ""
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr ""
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr ""
+
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr ""
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr ""
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr ""
+
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr ""
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr ""
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr ""
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr ""
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr ""
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr ""
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr ""
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr ""
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "Strukturen for filen er:"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+msgstr ""
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr ""
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr ""
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr ""
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr ""
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr ""
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr ""
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr ""
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr ""
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr ""
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr ""
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+
+#: chpasswd.8.xml:97(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:111(para)
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr ""
+
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr ""
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr ""
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr ""
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr ""
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr ""
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr ""
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr ""
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr ""
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+
+#: chgpasswd.8.xml:92(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr ""
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr ""
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Tilvalgende som gælder for kommandoen <command>chfn</command> er:"
+
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;<replaceable>NAVN</"
+"replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "Ændr brugerens navn."
+
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>TELEFONNUMMER</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "Ændr brugerens telefonnummer."
+
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>ANDEN</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"Ændr brugerens anden GECOS-information. Dette felt bruges til at gemme "
+"kontoinformation brugt af andre programmer, og kan kun ændres af en "
+"superbruger."
+
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>VÆRELSESNUMMER</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "Ændr brugerens værelsesnummer."
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>ARBEJDSTELEFON</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "Ændr brugerens arbejdsnummer."
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "ændr udløbsinformation om brugeradgangskode"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "Tilvalgene som gælder for kommandoen <command>chage</command> er:"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr ""
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Programmet <command>chage</command> kræver at en adgangskodefil for shadow "
+"er tilgængelig."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"Kommandoen <command>chage</command> er begrænset til administratorbrugeren "
+"(root), undtaget for tilvalget <option>-l</option>, som kan bruges af en "
+"upriviligeret bruger til at bestemme hvornår denne brugers adgangskode eller "
+"konto står til at udløbe."
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "Kan ikke finde shadows adgangskodefil"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>chage</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "kan ikke oprette postkø"
diff --git a/man/po/de.po b/man/po/de.po
new file mode 100644
index 0000000..340e15d
--- /dev/null
+++ b/man/po/de.po
@@ -0,0 +1,10632 @@
+# German translation of shadow-man-pages
+# Copyright (C) 2006 Free Software Foundation, Inc.
+# Simon Brandmair <sbrandmair@gmx.net>, 2005, 2006, 2007, 2011, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow-man-pages\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:36+0200\n"
+"Last-Translator: Simon Brandmair <sbrandmair@gmx.net>\n"
+"Language-Team: debian-l10n-german <http://lists.debian.org/debian-l10n-"
+"german/>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr "Marek"
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr "Michałkiewicz"
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr "ursprünglicher Autor, 1997"
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr "Thomas"
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr "KÅ‚oczko"
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr "kloczek@pld.org.pl"
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr "shadow-utils-Betreuer, 2000 - 2007"
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr "Nicolas"
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr "François"
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr "nicolas.francois@centraliens.net"
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr "shadow-utils-Betreuer, 2007 - heute"
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Befehle zur Systemverwaltung"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr ""
+"bearbeitet die Passwort-, Gruppen-, Shadow-Passwort- oder Shadow-Gruppen-"
+"Datei"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "Optionen"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "BESCHREIBUNG"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Die Befehle <command>vipw</command> und <command>vigr</command> bearbeiten "
+"die Dateien <filename>/etc/passwd</filename> beziehungsweise <filename>/etc/"
+"group</filename>. Mit der Option <option>-s</option> bearbeiten Sie die "
+"Shadow-Versionen beider Dateien, <filename>/etc/shadow</filename> und "
+"<filename>/etc/gshadow</filename>. Die Programme werden die geeigneten "
+"Sperren setzen, um eine Beschädigung der Dateien zu verhindern. Wenn ein "
+"Editor benötigt wird, wird zuerst die Umgebungsvariable <envar>$VISUAL</"
+"envar> ausgewertet, danach die Umgebungsvariable <envar>$EDITOR</envar>. "
+"Zuletzt wird der Standard-Editor <citerefentry><refentrytitle>vi</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> verwendet."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "OPTIONEN"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Die Optionen, die von den Befehlen <command>vipw</command> und "
+"<command>vigr</command> unterstützt werden, sind:"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "bearbeitet die Gruppendatenbank"
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "zeigt die Hilfe an und beendet das Programm"
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "bearbeitet die Passwd-Datenbank"
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "stiller Modus"
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_VERZ</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"führt die Veränderungen in dem Verzeichnis <replaceable>CHROOT_VERZ</"
+"replaceable> durch und verwendet die Konfigurationsdateien aus dem "
+"Verzeichnis <replaceable>CHROOT_VERZ</replaceable>"
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "bearbeitet die Shadow- oder Gshadow-Datenbank"
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "bestimmt, welche Tcb-Shadow-Datei des Benutzers bearbeitet werden soll"
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "KONFIGURATION"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"Die folgenden Konfigurationsvariablen in <filename>/etc/login.defs</"
+"filename> beeinflussen das Verhalten dieses Werkzeugs:"
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (boolesch)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Wenn auf <replaceable>yes</replaceable> gesetzt, wird das "
+"<citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>-Passwort-Shadowing-Schema verwendet."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "UMGEBUNGSVARIABLEN"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "der verwendete Editor"
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr "der verwendete Editor, wenn <option>VISUAL</option> nicht gesetzt ist"
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "DATEIEN"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Informationen zu den Gruppenkonten"
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+# type: Plain text
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "sichere Informationen zu den Gruppenkonten"
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Informationen zu den Benutzerkonten"
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+# type: Plain text
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "verschlüsselte Informationen zu den Benutzerkonten"
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "SIEHE AUCH"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>,<citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr "Julianne Frances"
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr "Haugh"
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr "ursprünglicher Autor, 1991"
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "verändert ein Benutzerkonto"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "ANMELDENAME"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Der Befehl <command>usermod</command> verändert die Kontodateien des "
+"Systems, so dass sie die Änderungen enthalten, die in der Befehlszeile "
+"eingegeben wurden."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>usermod</command> unterstützt werden, "
+"sind:"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Fügt den Benutzer weiteren Gruppen hinzu. Kann nur zusammen mit der Option "
+"<option>-G</option> verwendet werden."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMMENTAR</"
+"replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"Der neue Wert des Kommentarfelds in der Passwortdatei des Benutzers. Er wird "
+"normalerweise mit dem Werkzeug <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> verändert."
+
+#: usermod.8.xml:124(term)
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_VERZ</"
+"replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "das neue Home-Verzeichnis des Benutzers"
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Wenn die Option <option>-m</option> verwendet wurde, wird der Inhalt des "
+"aktuellen Home-Verzeichnisses in das neue Home-Verzeichnis verschoben. Falls "
+"dieses nicht existiert, wird es angelegt."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>VERFALLS_DATUM</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Das Datum, an welchem das Benutzerkonto deaktiviert wird. Das Datum muss im "
+"Format <emphasis remap=\"I\">JJJJ-MM-TT</emphasis> angegeben werden."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"Wenn das Argument <replaceable>VERFALLS_DATUM</replaceable> leer bleibt, "
+"wird der Verfall des Kontos deaktiviert."
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Diese Option benötigt die Datei <filename>/etc/shadow</filename>. Falls die "
+"Datei <filename>/etc/shadow</filename> leer sein sollte, wird ein Eintrag "
+"erstellt."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Die Anzahl von Tagen, nach denen ein Passwort abgelaufen ist, bis das Konto "
+"deaktiviert wird."
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"Ein Wert von 0 deaktiviert das Konto, sobald das Passwort abläuft. Ein Wert "
+"von -1 schaltet diese Funktion ab."
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GRUPPE</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Der Name oder die Zahl der anfänglichen Anmeldegruppe eines neuen Benutzers. "
+"Der Gruppenname muss existieren."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+"Jede Datei im Home-Verzeichnis des Benutzers, die der alten Hauptgruppe des "
+"Benutzers gehörte, wird dieser neuen Gruppe gehören."
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+"Die Gruppenzugehörigkeit von Dateien außerhalb des Home-Verzeichnisses des "
+"Benutzers muss per Hand angepasst werden."
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GRUPPE_1</"
+"replaceable>[<emphasis remap=\"I\">,GRUPPE_2, ...</emphasis>[<emphasis remap="
+"\"I\">,GRUPPE_N</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"Eine Liste zusätzlicher Gruppen, denen der Benutzer ebenfalls angehört. Die "
+"Gruppen sind durch Kommata ohne Leerzeichen von einander zu trennen. Die "
+"Gruppen unterliegen denselben Beschränkungen wie die Gruppe, die mit der "
+"Option <option>-g</option> bestimmt wurde."
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"Wenn der Benutzer aktuell Mitglied einer Gruppe ist, die nicht angegeben "
+"ist, wird er aus dieser Gruppe entfernt. Dieses Verhalten kann mit der "
+"Option <option>-a</option> abgeschaltet werden. Damit wird der Benutzer nur "
+"den angegebenen Gruppen hinzugefügt, ohne aus den übrigen gelöscht zu werden."
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;"
+"<replaceable>NEUER_ANMELDENAME</replaceable>"
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Der Benutzername wird von <replaceable>ANMELDENAME</replaceable> zu "
+"<replaceable>NEUER_ANMELDENAME</replaceable> verändert. Andere Veränderungen "
+"werden nicht vorgenommen. Daher sollte wahrscheinlich der Name des Home-"
+"Verzeichnisses des Benutzers per Hand geändert werden, um dem neuen "
+"Anmeldenamen Rechnung zu tragen."
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Sperrt das Passwort eines Benutzers. Dadurch wird ein »!« vor das "
+"verschlüsselte Passwort gesetzt, wodurch im Ergebnis das Passwort "
+"abgeschaltet wird. Sie können diese Option nicht mit <option>-p</option> "
+"oder <option>-U</option> verwenden."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"Hinweis: Wenn Sie das Konto sperren wollen (und nicht nur den Zugang mit "
+"einem Passwort), müssen Sie auch das <replaceable>VERFALLSDATUM</"
+"replaceable> auf <replaceable>1</replaceable> setzen."
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+"verschiebt den Inhalt des Home-Verzeichnisses eines Benutzers zu dem neuen "
+"Ziel"
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"Diese Option ist nur in Verbindung mit der Option <option>-d</option> (oder "
+"<option>--home</option>) zulässig."
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"<command>usermod</command> versucht, den Eigentümer der Dateien anzupassen "
+"und die Rechte, ACL und erweiterten Attribute zu übernehmen, aber "
+"Anpassungen per Hand können dennoch notwendig sein."
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+# SB: What is that suppossed to mean? I can assign the UID 1000 twice?
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+"Wenn es mit der Option <option>-u</option> verwendet wird, kann mit dieser "
+"Option der Wert der Benutzer-ID auf einen nicht eindeutigen Wert gesetzt "
+"werden."
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORT</"
+"replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"das verschlüsselte Passwort, wie es von <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> zurückgegeben wird"
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">Hinweis:</emphasis> Diese Option ist nicht "
+"empfehlenswert, weil das Passwort (auch wenn es verschlüsselt ist) für "
+"Benutzer sichtbar ist, die sich den Prozess anzeigen lassen."
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"Das Passwort wird in die lokale Datei <filename>/etc/passwd</filename> oder "
+"<filename>/etc/shadow</filename> geschrieben. Dies könnte von der Passwort-"
+"Datenbank abweichen, die Sie für PAM konfiguriert haben."
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+"Sie sollten sicherstellen, dass das Passwort den Passwortrichtlinien des "
+"Systems entspricht."
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Der Name der neuen Anmelde-Shell des Benutzers. Falls dieses Feld leer "
+"gelassen wird, verwendet das System die Standard-Anmelde-Shell."
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "der neue numerische Wert der UID des Benutzers"
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"Dieser Wert muss eindeutig sein, sofern nicht die Option <option>-o</option> "
+"verwendet wird. Der Wert darf nicht negativ sein."
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+"Für die Mailbox des Benutzers und alle Dateien, die ihm gehören und sich in "
+"seinem Home-Verzeichnis befinden, wird die ID des Eigentümers automatisch "
+"angepasst."
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+"Der Eigentümer von Dateien außerhalb des Home-Verzeichnisses des Benutzers "
+"muss per Hand angepasst werden."
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Die Werte von <option>UID_MIN</option>, <option>UID_MAX</option>, "
+"<option>SYS_UID_MIN</option> und <option>SYS_UID_MAX</option> aus <filename>/"
+"etc/login.defs</filename> werden nicht geprüft."
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Gibt das Passwort eines Benutzers frei. Dies entfernt das »!« vor dem "
+"verschlüsselten Passwort. Sie können diese Option nicht mit <option>-p</"
+"option> oder <option>-U</option> verwenden."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"Hinweis: Falls Sie das Benutzerkonto freigeben wollen (und nicht nur den "
+"Zugang mit einem Passwort), sollten Sie auch das <replaceable>VERFALLSDATUM</"
+"replaceable> bearbeiten (zum Beispiel auf <replaceable>99999</replaceable> "
+"oder den Wert von <option>EXPIRE</option> aus <filename>/etc/default/"
+"useradd</filename> setzen)."
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>MENGE</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Die Werte von <option>UID_MIN</option>, <option>UID_MAX</option>, "
+"<option>SYS_UID_MIN</option> und <option>SYS_UID_MAX</option> aus <filename>/"
+"etc/login.defs</filename> werden nicht geprüft."
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>MENGE</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>MENGE</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>GID_MIN</option>, "
+#| "<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+#| "<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Die Werte von <option>GID_MIN</option>, <option>GID_MAX</option>, "
+"<option>SYS_GID_MIN</option> und <option>SYS_GID_MAX</option> aus <filename>/"
+"etc/login.defs</filename> werden nicht geprüft."
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>MENGE</replaceable>"
+
+#: usermod.8.xml:444(para)
+#, fuzzy
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+"entfernt die Zuordnung von SELinux-Benutzern aus den Anmeldeinformationen "
+"des Benutzers"
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;<replaceable>SE-"
+"BENUTZER</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr "der neue SELinux-Benutzer für den Anmeldenamen des Benutzers"
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"Wenn <replaceable>SEBENUTZER</replaceable> leer ist, wird die Zuordnung von "
+"SELinux-Benutzern (sofern vorhanden) aus den Anmeldeinformationen des "
+"Benutzers entfernt"
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "WARNUNGEN"
+
+#: usermod.8.xml:479(para)
+#, fuzzy
+#| msgid ""
+#| "You must make certain that the named user is not executing any processes "
+#| "when this command is being executed if the user's numerical user ID, the "
+#| "user's name, or the user's home directory is being changed. "
+#| "<command>usermod</command> checks this on Linux, but only check if the "
+#| "user is logged in according to utmp on other architectures."
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+"Wenn Sie mit diesem Befehl die numerische UID, den Namen oder das Home-"
+"Verzeichnis eines Benutzers verändern wollen, müssen Sie sicherstellen, dass "
+"dieser Benutzer keine Prozesse laufen lässt. Bei Linux stellt dies "
+"<command>usermod</command> sicher, auf anderen Architekturen überprüft es "
+"nur, ob der Benutzer laut utmp eingeloggt ist."
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"Sie müssen den Eigentümer von <command>crontab</command>-Dateien oder "
+"<command>at</command>-Aufträgen per Hand ändern."
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+"Sie müssen alle Änderung in Bezug auf NIS auf dem NIS-Server vornehmen."
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (Zeichenkette)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"Das Verzeichnis des Mail-Spools. Diese Angabe wird benötigt, um die Mailbox "
+"zu bearbeiten, nachdem das entsprechende Benutzerkonto verändert oder "
+"gelöscht wurde. Falls nicht angegeben, wird ein Standard verwendet, der beim "
+"Kompilieren festgelegt wurde."
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (Zeichenkette)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+"Legt den Ort der Mail-Spool-Dateien eines Benutzers relativ zu seinem Home-"
+"Verzeichnis fest."
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"Die Variablen <option>MAIL_DIR</option> und <option>MAIL_FILE</option> "
+"werden von <command>useradd</command>, <command>usermod</command> und "
+"<command>userdel</command> verwendet, um den Mail-Spool eines Benutzers zu "
+"erstellen, zu verschieben oder zu löschen."
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"Falls <option>MAIL_CHECK_ENAB</option> auf <replaceable>yes</replaceable> "
+"gesetzt ist, werden sie auch verwendet, um die Umgebungsvariable "
+"<envar>MAIL</envar> festzulegen."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (Zahl)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"Maximale Anzahl von Mitgliedern je Gruppeneintrag. Wenn das Maximum erreicht "
+"wird, wird ein weiterer Eintrag in <filename>/etc/group</filename> (mit dem "
+"gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt."
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+"Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder "
+"einer Gruppe nicht begrenzt ist."
+
+#. Note: on HP, split groups have the same ID, but different
+#. names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"Diese Fähigkeit (der aufgeteilten Gruppe) ermöglicht es, die Zeilenlänge in "
+"der Gruppendatei zu begrenzen. Damit kann sichergestellt werden, dass die "
+"Zeilen für NIS-Gruppen nicht länger als 1024 Zeichen sind."
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr "Falls Sie eine solche Begrenzung benötigen, können Sie 25 verwenden."
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"Hinweis: Aufgeteilte Gruppen werden möglicherweise nicht von allen "
+"Werkzeugen unterstützt, selbst nicht aus der Shadow-Werkzeugsammlung. Sie "
+"sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (Zahl)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (Zahl)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (Zahl)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Der Standardwert für <option>SYS_GID_MIN</option> ist 101, für "
+"<option>SYS_GID_MAX</option> <option>GID_MIN</option>-1."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (Zahl)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (Zahl)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (Zahl)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Der Standardwert für <option>SYS_UID_MIN</option> ist 101, für "
+"<option>SYS_UID_MAX</option> <option>UID_MIN</option>-1."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (boolesch)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+" use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+" kilos = UID / 1000\n"
+" use /etc/tcb/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" use /etc/tcb/:megas/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+" "
+msgstr ""
+"\n"
+"falls ( UID kleiner als 1000) {\n"
+" verwende /etc/tcb/user\n"
+"} anderenfalls, falls ( UID kleiner als 1000000) {\n"
+" kilos = UID / 1000\n"
+" verwende /etc/tcb/:kilos/user\n"
+" erstelle symbolischen Verweis /etc/tcb/user zu dem genannten Verzeichnis\n"
+"} anderenfalls {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" verwende /etc/tcb/:megas/:kilos/user\n"
+" erstelle symbolischen Verweis /etc/tcb/user zu dem genannten Verzeichnis\n"
+"}\n"
+" "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"Falls der Wert <replaceable>yes</replaceable> ist, wird der Ort des Tcb-"
+"Verzeichnisses des Benutzers nicht automatisch /etc/tcb/user sein, sondern "
+"nach dem folgenden Algorithmus aus der UID des Benutzers errechnet: "
+"<placeholder-1/>"
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr "Konfiguration der Shadow-Passwort-Werkzeugsammlung"
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "löscht ein Benutzerkonto und die dazugehörigen Dateien"
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"Der Befehl <command>userdel</command> bearbeitet die Kontodateien des "
+"Systems und löscht darin alle Einträge, die auf den <emphasis remap=\"I"
+"\">ANMELDENAMEN</emphasis> verweisen. Der bezeichnete Benutzer muss "
+"existieren."
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>userdel</command> unterstützt werden, "
+"sind:"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"Diese Option erzwingt, dass der Benutzer entfernt wird, selbst wenn er noch "
+"angemeldet ist. Sie führt auch dazu, dass <command>userdel</command> das "
+"Home-Verzeichnis und den Mailspool des Benutzers entfernt, sogar wenn ein "
+"anderer Benutzer dasselbe Home-Verzeichnis hat oder der Mailspool nicht dem "
+"angegebenen Benutzer gehört. Falls in <filename>/etc/login.defs</filename> "
+"<option>USERGROUPS_ENAB</option> auf <emphasis remap=\"I\">yes</emphasis> "
+"gesetzt ist und eine Gruppe mit dem gleichen Namen wie der gelöschte "
+"Benutzer vorhanden ist, wird auch diese Gruppe entfernt, selbst wenn sie die "
+"Hauptgruppe anderer Benutzer ist."
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Hinweis:</emphasis> Diese Option ist gefährlich und kann dazu "
+"führen, dass Ihr System nicht mehr ordnungsgemäß funktioniert."
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"Die Dateien im Home-Verzeichnis des Benutzers werden zusammen mit dem Home-"
+"Verzeichnis und dem Mailspool entfernt. Dateien, die sich nicht unterhalb "
+"des Home-Verzeichnisses befinden, müssen per Hand gesucht und gelöscht "
+"werden."
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"Der Mailspool wird durch die Variable <option>MAIL_DIR</option> in der Datei "
+"<filename>login.defs</filename> definiert."
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+"entfernt die Zuordnung von SELinux-Benutzern aus den Anmeldeinformationen "
+"des Benutzers"
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (Zeichenkette)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"Falls angegeben, wird dieser Befehl ausgeführt, wenn ein Benutzer entfernt "
+"wird. Damit können At-, Cron- und Druckaufträge etc. des entfernten "
+"Benutzers (wird als erstes Argument übergeben) gelöscht werden."
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr "Der Rückgabewert des Skripts wird nicht ausgewertet."
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+" "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Prüfen, ob das benötigte Argument angegeben wurde\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Verwendungsweise: $0 Benutzername\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# cron-Aufträge entfernen\n"
+"crontab -r -u $1\n"
+"\n"
+"# at-Aufträge entfernen.\n"
+"# Hinweis: Dies wird alle Aufträge entfernen, die der gleichen UID\n"
+"# gehören, selbst wenn sie von einem Benutzer mit einem anderen Namen\n"
+"# eingerichtet wurden.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Druck-Aufträge entfernen\n"
+"lprm $1\n"
+"\n"
+"# Fertig\n"
+"exit 0\n"
+" "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"Dies ist ein Beispielsskript, das die cron-, at- und Druckaufträge des "
+"Benutzers entfernt:<placeholder-1/>"
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (boolesch)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"Erlaubt Benutzern, die nicht Root sind, die Umask-Gruppen-Bits auf ihre "
+"Umask-Bits zu setzen (Beispiel: 022 -&gt; 002, 077 -&gt; 007), falls die UID "
+"mit der GID identisch ist sowie der Benutzername mit dem Gruppennamen "
+"übereinstimmt."
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"Wenn der Wert <replaceable>yes</replaceable> ist, wird <command>userdel</"
+"command> die Gruppe des Benutzers entfernen, falls sie keine Mitglieder mehr "
+"hat, und <command>useradd</command> wird standardmäßig eine Gruppe mit dem "
+"Namen des Benutzers erstellen."
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "RÃœCKGABEWERTE"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "Erfolg"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "Die Passwortdatei kann nicht aktualisieren werden."
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "unzulässige Syntax für diesen Befehl"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "Der angegebene Benutzer ist nicht vorhanden."
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "Benutzer ist im Moment angemeldet."
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "Die Gruppendatei kann nicht aktualisieren werden."
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "Das Home-Verzeichnis kann nicht gelöscht werden."
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>userdel</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"<command>userdel</command> löscht ein Benutzerkonto nicht, wenn Prozesse "
+"laufen, die diesem Konto gehören. In diesem Fall müssen Sie entweder diese "
+"Prozesse beenden oder das Passwort oder Konto des Benutzers sperren und das "
+"Konto später entfernen. Die Option <option>-f</option> erzwingt das Löschen "
+"eines Kontos."
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+"Sie sollten von Hand alle Systemdateien überprüfen, um sicherzustellen, dass "
+"keine Dateien vorhanden sind, die dem gelöschten Benutzer gehören."
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"Sie sollten keine NIS-Attribute auf einem NIS-Client löschen. Dies muss auf "
+"dem NIS-Server durchgeführt werden."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"Falls in <filename>/etc/login.defs</filename> <option>USERGROUPS_ENAB</"
+"option> auf <emphasis remap=\"I\">yes</emphasis> gesetzt ist, wird "
+"<command>userdel</command> die Gruppe mit dem gleichen Namen wie der "
+"Benutzer entfernen. Um Unstimmigkeiten in der Passwort- und Gruppendatenbank "
+"zu vermeiden, überprüft <command>userdel</command>, ob diese Gruppe die "
+"Hauptgruppe für andere Benutzer ist. Gegebenenfalls wird eine Warnung "
+"angezeigt und die betreffende Gruppe nicht entfernt. Mit der Option <option>-"
+"f</option> kann das Löschen dieser Gruppe erzwungen werden."
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"erstellt einen neuen Benutzer oder aktualisiert die Standardwerte für neue "
+"Benutzer"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"Wenn der Befehl <command>useradd</command> ohne die Option <option>-D</"
+"option> aufgerufen wird, wird ein neues Benutzerkonto mit den Werten "
+"erstellt, die auf der Befehlszeile angegeben wurden, und den Standardwerten "
+"des Systems. Je nach den Optionen auf der Befehlszeile aktualisiert der "
+"Befehl <command>useradd</command> Systemdateien, erstellt ein Home-"
+"Verzeichnis für den neuen Benutzer und kopiert Dateien."
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"Standardmäßig wird auch eine Gruppe für den neuen Benutzer erstellt "
+"(vergleiche <option>-g</option>, <option>-N</option>, <option>-U</option> "
+"und <option>USERGROUPS_ENAB</option>)."
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>useradd</command> unterstützt werden, "
+"sind:"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;"
+"<replaceable>WURZEL_VERZ</replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"Das standardmäßige Wurzelverzeichnis des Systems, wenn nicht eines mit "
+"<option>-d</option>&nbsp;<replaceable>HOME_VERZ</replaceable> festgelegt "
+"wurde. Der Name des Home-Verzeichnisses besteht aus der Verbindung von "
+"<replaceable>WURZEL_VERZ</replaceable> und dem Kontonamen. Wenn die Option "
+"<option>-m</option> nicht verwendet wird, muss <replaceable>WURZEL_VERZ</"
+"replaceable> existieren."
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"Falls diese Option nicht angegeben wird, verwendet <command>useradd</"
+"command> das Wurzelverzeichnis, das mit der Variable <option>HOME</option> "
+"in <filename>/etc/default/useradd</filename> festgelegt wurde, anderenfalls "
+"<filename>/home</filename>."
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+"Eine beliebige Zeichenkette. Dies ist für gewöhnlich eine kurze Beschreibung "
+"des Logins und wird im Moment im Feld für den vollständigen Namen des "
+"Benutzers gespeichert."
+
+#: useradd.8.xml:162(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_VERZ</"
+"replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"Beim Anlegen des neuen Benutzers wird <replaceable>HOME_VERZ</replaceable> "
+"als das Anmeldeverzeichnis des Benutzers verwendet. Um den Namen des "
+"Anmeldeverzeichnisses zu erhalten, wird standardmäßig der "
+"<replaceable>ANMELDE</replaceable>-Name an <replaceable>WURZEL_VERZ</"
+"replaceable> angehängt. Das Verzeichnis <replaceable>HOME_VERZ</replaceable> "
+"muss nicht vorhanden sein, sondern wird gegebenenfalls angelegt."
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr "Lesen Sie dazu unten den Abschnitt »Die Standardwerte verändern«."
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"Falls nicht definiert, verwendet <command>useradd</command> das "
+"Standardverfallsdatum, das mit der Variable <option>EXPIRE</option> in "
+"<filename>/etc/default/useradd</filename> bestimmt wurde, anderenfalls eine "
+"leere Zeichenkette (kein Verfall)."
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"Die Anzahl von Tagen nach Ablaufen des Passworts bis das Konto dauerhaft "
+"deaktiviert wird. Ein Wert von 0 deaktiviert das Konto, sobald das Passwort "
+"abläuft. Ein Wert von -1 schaltet diese Funktion ab."
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"Falls nicht definiert, verwendet <command>useradd</command> die "
+"Standarddauer der Inaktivität, die mit der Variable <option>INACTIVE</"
+"option> in <filename>/etc/default/useradd</filename> bestimmt wurde, "
+"anderenfalls -1."
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Der Name oder die Nummer der anfänglichen Anmeldegruppe des Benutzers. Der "
+"Gruppenname muss existieren. Die Gruppenzahl muss auf eine bereits "
+"vorhandene Gruppe verweisen."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"Falls nicht definiert, hängt das Verhalten von <command>useradd</command> "
+"von der Variable <option>USERGROUPS_ENAB</option> in <filename>/etc/login."
+"defs</filename> ab. Wenn diese Variable auf <replaceable>yes</replaceable> "
+"gesetzt ist (oder auf der Befehlszeile <option>-U/--user-group</option> "
+"angegeben wurde), wird für den Benutzer eine Gruppe, die auf seinen Namen "
+"lautet, erstellt. Wenn die Variable auf <replaceable>no</replaceable> "
+"gesetzt ist (oder auf der Befehlszeile <option>-N/--no-user-group</option> "
+"angegeben wurde), legt useradd als Hauptgruppe des neuen Benutzers diejenige "
+"fest, die mit der Variable <option>GROUP</option> in <filename>/etc/default/"
+"useradd</filename> definiert wurde, anderenfalls 100."
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"Eine Liste der zusätzlichen Gruppen, denen der Benutzer ebenfalls angehört. "
+"Die Gruppen sind durch Kommata ohne Leerzeichen voneinander zu trennen. Die "
+"Gruppen unterliegen denselben Beschränkungen wie die Gruppe, die mit der "
+"Option <option>-g</option> bestimmt wurde. Standardmäßig ist der Benutzer "
+"nur Mitglied der Ausgangsgruppe."
+
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>GERÃœST_VERZ</"
+"replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"Das Gerüstverzeichnis, das die Dateien und Verzeichnisse enthält, die in das "
+"Home-Verzeichnis des Benutzers kopiert werden, wenn es von <command>useradd</"
+"command> erstellt wird."
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"Diese Option ist nur zulässig, wenn auch die Option <option>-m</option> "
+"(oder <option>--create-home</option>) angegeben wird."
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"Wenn diese Option nicht angegeben wird, wird das Gerüstverzeichnis durch die "
+"Variable <option>SKEL</option> in <filename>/etc/default/useradd</filename> "
+"festgelegt, anderenfalls ist dieses <filename>/etc/skel</filename>."
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "Soweit möglich, werden die ACLs und erweiterten Attribute kopiert."
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>SCHLÃœSSEL</"
+"replaceable>=<replaceable>WERT</replaceable>"
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Ãœberschreibt die Standardwerte aus <filename>/etc/login.defs</filename> "
+"(<option>UID_MIN</option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> und andere). <placeholder-1/> Beispiel: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_TAGE</"
+"replaceable>=<replaceable>-1</replaceable> kann eingesetzt werden, wenn ein "
+"Systemkonto erstellt wird, um den Verfall des Passworts abzuschalten, selbst "
+"wenn das Systemkonto überhaupt kein Passwort besitzt. Die Option <option>-K</"
+"option> kann mehrmals verwendet werden, z.B.: <option>-K</option>&nbsp;"
+"<replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;"
+"<option>-K</option>&nbsp;<replaceable>UID_MAX</"
+"replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "Fügt den Benutzer nicht zu den Datenbanken lastlog und faillog hinzu."
+
+#: useradd.8.xml:327(para)
+#, fuzzy
+#| msgid ""
+#| "By default, the user's entries in the lastlog and faillog databases are "
+#| "resetted to avoid reusing the entry from a previously deleted user."
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"Standardmäßig werden die Benutzereinträge in den Datenbanken lastlog und "
+"faillog zurückgesetzt, um zu vermeiden, dass der Eintrag eines früher "
+"gelöschten Benutzers verwendet wird."
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"Erstellt das Home-Verzeichnis des Benutzers, wenn es nicht vorhanden ist. "
+"Die Dateien und Verzeichnisse im Gerüstverzeichnis, das mit der Option "
+"<option>-k</option> festgelegt werden kann, werden in das Home-Verzeichnis "
+"kopiert."
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"Wenn diese Option nicht angegeben wird und <option>CREATE_HOME</option> "
+"nicht aktiviert wurde, wird standardmäßig kein Home-Verzeichnis erstellt."
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"Erstellt nicht das Home-Verzeichnis des Benutzers, selbst wenn die "
+"systemweite Option <option>CREATE_HOME</option> in <filename>/etc/login."
+"defs</filename> auf <replaceable>yes</replaceable> gesetzt ist."
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"Erstellt keine Gruppe mit dem gleichen Namen wie der Benutzer, aber fügt ihn "
+"der Gruppe hinzu, die mit der Option <option>-g</option> oder mit der "
+"Variable <option>GROUP</option> in <filename>/etc/default/useradd</filename> "
+"angegeben wurde."
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Wenn die Optionen <option>-g</option>, <option>-N</option> und <option>-U</"
+"option> nicht angegeben werden, wird das Verhalten durch die Variable "
+"<option>USERGROUPS_ENAB</option> in <filename>/etc/login.defs</filename> "
+"bestimmt."
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+"Erlaubt das Erstellen eines Benutzerkontos mit einer schon vergebenen (nicht "
+"eindeutigen) UID."
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr ""
+"Diese Option kann nur in Verbindung mit der Option <option>-u</option> "
+"verwendet werden."
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Das verschlüsselte Passwort, wie es von <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> zurückgegeben wird. "
+"Standardmäßig ist das Passwort deaktiviert."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "erstellt ein Systemkonto"
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Systembenutzer werden ohne Hinterlegung ihres Alters in <filename>/etc/"
+"shadow</filename> erstellt. Ihre numerische Kennung wird aus der Spanne "
+"<option>SYS_UID_MIN</option> bis <option>SYS_UID_MAX</option> anstelle von "
+"<option>UID_MIN</option> bis <option>UID_MAX</option> gewählt (gleiches gilt "
+"für die GID bei der Erstellung von Gruppen)."
+
+#: useradd.8.xml:434(para)
+#, fuzzy
+#| msgid ""
+#| "Note that <command>useradd</command> will not create a home directory for "
+#| "such an user, regardless of the default setting in <filename>/etc/login."
+#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+#| "<option>-m</option> options if you want a home directory for a system "
+#| "account to be created."
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+"Beachten Sie, dass <command>useradd</command> für einen solchen Benutzer "
+"unabhängig von der Einstellung in <filename>/etc/login.defs</filename> "
+"(<option>CREATE_HOME</option>) kein Home-Verzeichnis erzeugen wird."
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"Der Name der Anmelde-Shell des Benutzers. Standardmäßig wird dieses Feld "
+"leer gelassen. Das System verwendet dann die Standard-Anmelde-Shell, die mit "
+"der Variable <option>SHELL</option> in <filename>/etc/default/useradd</"
+"filename> definiert wird, anderenfalls bleibt das Feld leer."
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"Der zahlenmäßige Wert der Benutzer-ID. Dieser Wert muss eindeutig sein, "
+"sofern nicht die Option <option>-o</option> verwendet wird. Der Wert darf "
+"nicht negativ sein. Standardmäßig wird der kleinste Wert größer als oder "
+"gleich <option>UID_MIN</option> und größer als jeder andere Wert eines "
+"Benutzers verwendet."
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Vergleichen Sie auch die Option <option>-r</option> und die Ausführungen zu "
+"<option>UID_MAX</option>."
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+"erstellt eine Gruppe mit dem gleichen Name wie der Benutzer und fügt diesen "
+"der Gruppe hinzu"
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"Der SELinux-Benutzer für den Benutzer nach seiner Anmeldung. Standardmäßig "
+"bleibt dieses Feld leer und es wird dem System überlassen, den SELinux-"
+"Benutzer zu bestimmen."
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Die Standardwerte verändern"
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"Wenn <command>useradd</command> nur mit der Option <option>-D</option> "
+"aufgerufen wird, werden die aktuellen Standardwerte angezeigt. Wenn "
+"<command>useradd</command> neben der Option <option>-D</option> mit weiteren "
+"Optionen aufgerufen wird, werden deren Standardwerte entsprechend angepasst. "
+"Die gültigen Optionen, um Standardwerte zu ändern, sind:"
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"Das Wurzelverzeichnis des Home-Verzeichnisses eines neuen Benutzers. Der "
+"Benutzername wird an <replaceable>WURZEL_VERZ</replaceable> angehängt, um "
+"den Namen des Home-Verzeichnisses zu erhalten, falls nicht die Option "
+"<option>-d</option> bei der Erstellung eines neuen Kontos verwendet wird."
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Diese Option verändert die Variable <option>HOME</option> in <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "das Datum, an dem das Benutzerkonto abgeschaltet wird"
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Diese Option verändert die Variable <option>EXPIRE</option> in <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"die Anzahl von Tagen nach dem Ablaufen des Passworts bis das Konto "
+"deaktiviert wird"
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Diese Option verändert die Variable <option>INACTIVE</option> in <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"Der Gruppenname oder die GID für die Anfangsgruppe eines neuen Benutzers "
+"(wenn <option>-N/--no-user-group</option> verwendet wird oder wenn in "
+"<filename>/etc/login.defs</filename> die Variable <option>USERGROUPS_ENAB</"
+"option> auf <replaceable>no</replaceable> gesetzt ist). Die bezeichnete "
+"Gruppe und die GID müssen existieren."
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Diese Option verändert die Variable <option>GROUP</option> in <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "der Name der Anmelde-Shell des neuen Benutzers"
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Diese Option verändert die Variable <option>SHELL</option> in <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "ANMERKUNGEN"
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"Der Systemadministrator ist dafür verantwortlich, die standardmäßigen "
+"Benutzerdateien im Verzeichnis <filename>/etc/skel/</filename> (oder in "
+"einem anderen Gerüstverzeichnis, das in <filename>/etc/default/useradd</"
+"filename> oder über die Befehlszeile definiert wurde), anzulegen."
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Sie dürfen einen Benutzer nicht einer NIS- oder LDAP-Gruppe hinzufügen. Dies "
+"muss auf dem entsprechenden Server durchgeführt werden."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"Ebenso wird <command>useradd</command> ablehnen, ein neues Benutzerkonto zu "
+"erstellen, wenn der Benutzername schon in einer externen Benutzerdatenbank "
+"wie z.B. NIS oder LDAP vorhanden ist."
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Benutzernamen müssen mit einem Kleinbuchstaben oder einem Unterstrich "
+"beginnen. Sie dürfen nur Kleinbuchstaben, Zahlen, Unterstriche oder "
+"Gedankenstriche enthalten. Sie können mit einem Dollarzeichen enden. Als "
+"regulärer Ausdruck: [a-z_][a-z0-9_-]*[$]?"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "Benutzernamen dürfen nur bis zu 32 Zeichen lang sein."
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (boolesch)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+"bestimmt, ob standardmäßig ein Home-Verzeichnis für neue Benutzer erstellt "
+"werden soll"
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Diese Einstellung trifft nicht auf Systembenutzer zu. Sie kann auf der "
+"Befehlszeile überschrieben werden."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (Zahl)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (Zahl)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"der Bereich von Gruppen-IDs, aus dem die Programme <command>useradd</"
+"command>, <command>groupadd</command> oder <command>newusers</command> bei "
+"der Erstellung normaler Gruppen auswählen dürfen"
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Der Standardwert für <option>GID_MIN</option> ist 1000, für <option>GID_MAX</"
+"option> 60.000."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (Zahl)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"Die maximale Anzahl von Tagen, für die ein Passwort verwendet werden darf. "
+"Wenn das Passwort älter ist, wird ein Wechsel des Passworts erzwungen. Falls "
+"nicht angegeben, wird -1 angenommen (was zur Folge hat, dass diese "
+"Beschränkung abgeschaltet ist)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (Zahl)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"Die Mindestanzahl von Tagen, bevor ein Wechsel des Passworts zugelassen "
+"wird. Ein vorheriger Versuch, das Passwort zu ändern, wird abgelehnt. Falls "
+"nicht angegeben, wird -1 angenommen (was zur Folge hat, dass diese "
+"Beschränkung abgeschaltet ist)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (Zahl)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"Die Anzahl von Tagen, an denen der Benutzer vorgewarnt wird, bevor das "
+"Passwort verfällt. Eine Null bedeutet, dass eine Warnung nur am Tag des "
+"Verfalls ausgegeben wird. Ein negativer Wert bedeutet, dass keine Vorwarnung "
+"erfolgt. Falls nicht angegeben, wird keine Vorwarnung ausgegeben."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (Zahl)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (Zahl)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"der Bereich von Gruppen-IDs, aus dem die Programme <command>useradd</"
+"command>, <command>groupadd</command> oder <command>newusers</command> bei "
+"der Erstellung von Systemgruppen auswählen dürfen"
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"Der Standardwert für <option>SYS_GID_MIN</option> ist 101, für "
+"<option>SYS_GID_MAX</option> <option>GID_MIN</option>-1."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (Zahl)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (Zahl)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"der Bereich von Benutzer-IDs, aus dem die Programme <command>useradd</"
+"command> oder <command>newusers</command> bei der Erstellung von "
+"Systembenutzern auswählen dürfen"
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"Der Standardwert für <option>SYS_UID_MIN</option> ist 101, für "
+"<option>SYS_UID_MAX</option> <option>UID_MIN</option>-1."
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (boolesch)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"Falls <replaceable>yes</replaceable>, gehören neu erstellte tcb-shadow-"
+"Dateien der Gruppe <replaceable>auth</replaceable>."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (Zahl)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (Zahl)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"der Bereich von Benutzer-IDs, aus dem die Programme <command>useradd</"
+"command> oder <command>newusers</command> bei der Erstellung normaler "
+"Benutzer auswählen dürfen"
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Der Standardwert für <option>UID_MIN</option> ist 1000, für <option>UID_MAX</"
+"option> 60.000."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (Zahl)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+"Die Bit-Gruppe, welche die Rechte von erstellten Dateien bestimmt, wird "
+"anfänglich auf diesen Wert gesetzt. Falls nicht angegeben, wird sie auf 022 "
+"gesetzt."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"<command>useradd</command> und <command>newusers</command> verwenden diese "
+"Bit-Gruppe, um die Rechte des von ihnen erstellten Home-Verzeichnisses zu "
+"setzen."
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Sie wird auch von <command>login</command> verwendet, um die anfängliche "
+"Umask eines Benutzers zu bestimmen. Beachten Sie, dass diese Bit-Gruppe "
+"durch die GECOS-Zeile des Benutzers (wenn <option>QUOTAS_ENAB</option> "
+"gesetzt wurde) oder die Festlegung eines Limits in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> mit der Kennung <emphasis>K</emphasis> überschrieben werden "
+"kann."
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+"Sie wird ebenfalls von <command>pam_umask</command> als die Standard-Umask "
+"verwendet."
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+# type: Plain text
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Standardwerte für die Erstellung eines Kontos"
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Verzeichnis, das die Standarddateien enthält"
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "ungültiges Argument für Option"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID ist schon vergeben (und kein <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "angegebene Gruppe ist nicht vorhanden"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "Benutzername ist schon vergeben"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "Home-Verzeichnis kann nicht erstellt werden."
+
+#: useradd.8.xml:794(replaceable)
+msgid "14"
+msgstr "14"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr "Die Zuordnung von SELinux-Benutzern kann nicht aktualisiert werden."
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>useradd</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr "ursprünglicher Autor, 1996"
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Dateiformate und konvertierung"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "ausführliche Kontrolldatei für su"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"Wenn der Befehl su aufgerufen wird, wird die Datei <filename>/etc/suauth</"
+"filename> ausgewertet. Dadurch kann das Verhalten des Befehls su verändert "
+"werden. Dies hängt von Folgendem ab:"
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, fuzzy, no-wrap
+#| msgid ""
+#| "\n"
+#| " 1) the user su is targetting\n"
+#| " "
+msgid ""
+"\n"
+" 1) the user su is targeting\n"
+" "
+msgstr ""
+"\n"
+" 1) auf welchen Benutzer su gerichtet ist\n"
+" "
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+"2) dem Benutzer, der su ausführt (oder einer Gruppe, deren Mitglied er ist)"
+
+# SB: Shouldn't it be ":" at the end?
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Die Datei ist folgendermaßen aufgebaut, wobei Zeilen, die mit einem # "
+"beginnen, als Kommentare behandelt und daher ignoriert werden:"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" to-id:from-id:ACTION\n"
+" "
+msgstr ""
+"\n"
+" Herkunfts-ID:Ziel-ID:AKTION\n"
+" "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Hierbei kann to-id <emphasis>ALL</emphasis>, eine Aufzählung von "
+"Benutzernamen, die durch ein »,« getrennt werden, oder <emphasis>ALL EXCEPT</"
+"emphasis>, die von einer Aufzählung von Benutzernamen gefolgt werden, die "
+"durch ein »,« getrennt werden, sein."
+
+# SB: What is the meaning of the last sentence?
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"from-id hat das gleiche Format wie to-id mit der Ausnahme, dass zusätzlich "
+"<emphasis>GROUP</emphasis> zulässig ist. Auch <emphasis>ALL EXCEPT GROUP</"
+"emphasis> ist zulässig. Nach <emphasis>GROUP</emphasis> werden ein oder "
+"mehrere Gruppennamen aufgeführt, die durch »,« getrennt sind. Die Haupt-ID "
+"einer Gruppe reicht nicht aus, sondern ein Eintrag in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> ist notwendig."
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "Als Aktion können nur die folgenden Optionen angegeben werden."
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+"Der Versuch, su auszuführen, wird abgebrochen, ehe nach einem Passwort "
+"gefragt wird."
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+"Der Versuch, su auszuführen, hat automatisch Erfolg. Ein Passwort wird nicht "
+"abgefragt."
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"Damit der Befehl su Erfolg hat, muss der Benutzer sein eigenes Passwort "
+"eingeben. Darauf wird er hingewiesen."
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"Beachten Sie, dass es sich um drei selbständige Felder handelt, die durch "
+"einen Doppelpunkt getrennt sind. Neben den Doppelpunkten darf sich kein "
+"Leerzeichen befinden. Beachten Sie zudem, dass die Datei von oben nach unten "
+"Zeile für Zeile durchgegangen wird. Die erste Regel, die zutreffend ist, "
+"wird angewendet, ohne dass die Datei weiter ausgewertet wird. Damit kann ein "
+"Systemadministrator eine strenge Kontrolle ausüben."
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "BEISPIEL"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" # sample /etc/suauth file\n"
+" #\n"
+" # A couple of privileged usernames may\n"
+" # su to root with their own password.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Anyone else may not su to root unless in\n"
+" # group wheel. This is how BSD does things.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Perhaps terry and birddog are accounts\n"
+" # owned by the same person.\n"
+" # Access can be arranged between them\n"
+" # with no password.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+msgstr ""
+"\n"
+" # /etc/suauth-Beispielsdatei\n"
+" #\n"
+" # Einige besondere Benutzer dürfen su\n"
+" # auf Root mit ihrem eigenen Passwort ausführen.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Alle anderen Benutzer dürfen nicht su auf Root\n"
+" # ausführen, falls sie nicht in der Gruppe wheel\n"
+" # sind. Dies wird bei BSD so gehandhabt.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Die Konten terry und birddog gehören derselben\n"
+" # Person. Sie können ohne Passwort aufeinander\n"
+" # zugreifen.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "FEHLER"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"Es gibt zahlreiche Fehlerquellen. Die Auswertung der Datei ist sehr "
+"empfindlich bei Syntaxfehlern, zusätzlichen Leerzeichen (außer am Anfang und "
+"Schluss einer Zeile) und dem besonderen Zeichen, das die verschiedenen "
+"Felder von einander trennt."
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSE"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"Fehler beim Auswerten der Datei werden an "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> mit der Stufe ERR an das Gerät AUTH gemeldet."
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr "ursprünglicher Autor, 1989"
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Dienstprogramme für Benutzer"
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "ändert die Benutzer-ID oder wechselt zu Root"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "Benutzername"
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"Der Befehl <command>su</command> dient dazu, während einer Sitzung ein "
+"anderer Benutzer zu werden. Wenn <command>su</command> ohne "
+"<option>username</option> aufgerufen wird, wechselt es standardmäßig zu "
+"Root. Zusätzlich kann das Argument <option>-</option> angegeben werden. "
+"Damit wird eine Umgebung zur Verfügung gestellt, die der entspricht, die der "
+"Benutzer nach einer direkten Anmeldung erwartet."
+
+# SB: Bessere Ãœbersetzung als 'Zielbenutzer'?
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"Zusätzliche Argumente können nach dem Benutzernamen angegeben werden. In "
+"diesem Fall werden sie an die Anmelde-Shell des Benutzers weitergereicht. "
+"Insbesondere führt das Argument <option>-c</option> dazu, dass das nächste "
+"Argument von den meisten Interpretatoren als Befehl behandelt wird. Dieser "
+"Befehl wird von der Shell ausgeführt, die in <filename>/etc/passwd</"
+"filename> für den Zielbenutzer angegeben ist."
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Sie können das Argument <option>--</option> verwenden, um Optionen für "
+"<command>su</command> von Argumenten für die Shell zu trennen."
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Der Benutzer wird gegebenenfalls nach einem Passwort gefragt. Ungültige "
+"Passworteingaben werden eine Fehlermeldung erzeugen. Sowohl erfolgreiche als "
+"auch misslungene Versuche werden protokolliert, um Missbrauch des Systems zu "
+"entdecken."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Die aktuelle Umgebung wird an die neue Shell übergeben. Der Wert von <envar>"
+"$PATH</envar> wird für normale Benutzer auf <filename>/bin:/usr/bin</"
+"filename> gesetzt, für Root auf <filename>/sbin:/bin:/usr/sbin:/usr/bin</"
+"filename>. Dieses Verhalten kann durch die Definition von <option>ENV_PATH</"
+"option> und <option>ENV_SUPATH</option> in <filename>/etc/login.defs</"
+"filename> geändert werden."
+
+# SB: Not quite sure what subsystem logins are.
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"Eine Subsystem-Anmeldung wird durch einen »*« als erstes Zeichen der Anmelde-"
+"Shell gekennzeichnet. Das angegebene Home-Verzeichnis wird als Wurzel für "
+"das Dateisystem verwendet, auf welchem der Benutzer tatsächlich angemeldet "
+"ist."
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>su</command> unterstützt werden, sind:"
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>BEFEHL</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+"gibt einen Befehl an, der von der Shell mittels ihrer Option <option>-c</"
+"option> ausgeführt wird"
+
+#: su.1.xml:158(para)
+#, fuzzy
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"Der ausgeführte Befehl hat kein ihn steuerndes Terminal. Mit dieser Option "
+"können keine interaktiven Programme, die ein sie steuerndes TTY benötigen, "
+"ausgeführt werden."
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"Eine Umgebung wird zur Verfügung gestellt, die der entspricht, die der "
+"Benutzer nach einer direkten Anmeldung erwartet."
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"Wenn <option>-</option> verwendet wird, muss es als die letzte Option von "
+"<command>su</command> angegeben werden. Die übrigen Formen ((<option>-l</"
+"option> und <option>--login</option>) unterliegen nicht dieser Beschränkung."
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "die Shell, die gestartet wird"
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "die Shell, die mit --shell angegeben wurde"
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"Falls <option>--preserve-environment</option> verwendet wird, die Shell, die "
+"durch die Umgebungsvariable <envar>$SHELL</envar> festgelegt wird."
+
+# SB: Bessere Ãœbersetzung als 'Zielbenutzer'?
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+"die Shell, die in <filename>/etc/passwd</filename> für den Zielbenutzer "
+"angegeben ist"
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"<filename>/bin/sh</filename>, falls durch die obigen Methoden keine Shell "
+"gefunden werden kann"
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+"Die aufgerufene Shell wird bestimmt durch (höchste Priorität zuerst): "
+"<placeholder-1/>"
+
+# SB: Bessere Ãœbersetzung als 'Zielbenutzer'?
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"Falls der Zielbenutzer eine beschränkte Shell hat (d.h. das Feld für die "
+"Shell im Eintrag des Benutzers in <filename>/etc/passwd</filename> ist nicht "
+"in <filename>/etc/shells</filename>) aufgeführt), werden die Option "
+"<option>--shell</option> und die Umgebungsvariable <envar>$SHELL</envar> "
+"nicht beachtet, sofern <command>su</command> nicht von Root aufgerufen wird."
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"auf den Ausgangswert entsprechend der Optionen <option>ENV_PATH</option> "
+"oder <option>ENV_SUPATH</option> in <filename>/etc/login.defs</filename> "
+"zurücksetzen (siehe unten);"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"auf <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote> zurücksetzen, "
+"falls es verändert wurde"
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Erhält die aktuelle Umgebung mit Ausnahme von: <placeholder-1/>"
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Falls der Zielbenutzer eine beschränkte Shell besitzt, hat diese Option "
+"keinen Effekt (sofern <command>su</command> nicht von Root aufgerufen wird)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"Die Umgebungsvariablen <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>"
+"$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar> und <envar>"
+"$IFS</envar> werden zurückgesetzt."
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+"Falls nicht <option>--login</option> verwendet wurde, wird die Umgebung mit "
+"der Ausnahme der genannten Variablen kopiert."
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"Falls <option>--login</option> verwendet wurde, werden die Variablen <envar>"
+"$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar> und <envar>"
+"$XAUTHORITY</envar> übernommen, wenn ihnen ein Wert zugewiesen wurde."
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"Falls <option>--login</option> verwendet wurde, werden die "
+"Umgebungsvariablen <envar>$TZ</envar>, <envar>$HZ</envar> und <envar>$MAIL</"
+"envar> auf die in <filename>/etc/login.defs</filename> definierten Optionen "
+"<option>ENV_TZ</option>, <option>ENV_HZ</option>, <option>MAIL_DIR</option> "
+"und <option>MAIL_FILE</option> (siehe unten) gesetzt."
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"Wenn <option>--login</option> verwendet wird, können andere "
+"Umgebungsvariablen mit der Datei <option>ENVIRON_FILE</option> vergeben "
+"werden (siehe unten)."
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr "Andere Umgebungen können auch durch PAM-Module eingerichtet werden."
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+"Beachten Sie, dass Folgendes das Standardverhalten für die Umgebung ist: "
+"<placeholder-1/>"
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Diese Version von <command>su</command> hat viele Kompilierungsoptionen. "
+"Deren Nützlichkeit hängt von den Anforderungen der jeweiligen Umgebung ab."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"Die Konfiguration erfolgt entweder über die Angabe des vollen Pfadnamens "
+"einer Datei, welche die Namen der Geräte enthält (eines pro Zeile), oder mit "
+"einer Liste der Gerätenamen, die mit »:« getrennt sind. Root kann sich nur "
+"auf diesen Geräten anmelden."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+"Wenn es unkonfiguriert gelassen wird, kann sich Root auf jedem Gerät "
+"anmelden."
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "Das Gerät soll ohne vorangestelltes /dev/ angegeben werden."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"Liste von Gruppen, deren Mitglied der Benutzer wird, wenn der sich auf der "
+"Konsole anmeldet, die mit dem Parameter CONSOLE festgelegt wird. "
+"Standardmäßig ist die Liste leer. <placeholder-1/> Seien Sie vorsichtig. "
+"Benutzer können dauerhaft Zugang zu den Gruppen erlangen, auch wenn sie "
+"nicht auf der Konsole angemeldet sind."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (boolesch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"Legt fest, ob ein Login erlaubt wird, wenn mit cd nicht in das Home-"
+"Verzeichnis gewechselt werden kann. Standardmäßig wird dies nicht zugelassen."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"Falls auf <replaceable>yes</replaceable> gesetzt, wird der Benutzer mit dem "
+"Wurzelverzeichnis (<filename>/</filename>) angemeldet, wenn mit cd nicht in "
+"sein Home-Verzeichnis gewechselt werden kann."
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (Zeichenkette)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"Wenn vergeben, wird damit die Umgebungsvariable HZ definiert, wenn sich ein "
+"Benutzer anmeldet. Dem Wert muss ein <replaceable>HZ=</replaceable> "
+"vorangestellt werden. Ein üblicher Wert bei Linux ist <replaceable>HZ=100</"
+"replaceable>."
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"Die Umgebungsvariable <envar>HZ</envar> wird nur gesetzt, wenn sich der "
+"Benutzer (der Administrator) mit <command>sulogin</command> anmeldet."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"Wenn diese Datei vorhanden ist, wird die Anmeldeumgebung aus ihr gelesen. "
+"Jede Zeile sollte die Form Name=Wert haben."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+"Zeilen, die mit einem # beginnen, werden als Kommentare behandelt und daher "
+"ignoriert."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"Wenn gesetzt, wird damit die Umgebungsvariable PATH definiert, wenn sich ein "
+"normaler Benutzer anmeldet. Der Wert ist eine Liste, deren Einträge durch "
+"Doppelpunkte getrennt sind (zum Beispiel <replaceable>/bin:/usr/bin</"
+"replaceable>). Ihr kann ein <replaceable>PATH=</replaceable> vorangestellt "
+"werden. Der Standardwert ist <replaceable>PATH=/bin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"Wenn gesetzt, wird damit die Umgebungsvariable PATH definiert, wenn sich der "
+"Superuser anmeldet. Der Wert ist eine Liste, deren Einträge durch "
+"Doppelpunkte getrennt sind (zum Beispiel <replaceable>/sbin:/bin:/usr/sbin:/"
+"usr/bin</replaceable>). Ihr kann ein <replaceable>PATH=</replaceable> "
+"vorangestellt werden. Der Standardwert ist <replaceable>PATH=/sbin:/bin:/usr/"
+"sbin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"Wenn gesetzt, wird damit die Umgebungsvariable TZ definiert, wenn sich ein "
+"Benutzer anmeldet. Der Wert kann der Name der Zeitzone sein, dem "
+"<replaceable>TZ=</replaceable> vorausgeht (zum Beispiel "
+"<replaceable>TZ=CST6CDT</replaceable>), oder der vollständige Pfad der "
+"Datei, welche die Konfiguration der Zeitzone enthält (zum Beispiel "
+"<filename>/etc/tzname</filename>)."
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"Wenn ein vollständiger Pfadname angegeben wird, die Datei aber nicht "
+"existiert oder nicht lesbar ist, wird <replaceable>TZ=CST6CDT</replaceable> "
+"verwendet."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"Diese Zeichenkette wird bei der Eingabeaufforderung des Passworts (Prompt) "
+"verwendet. Standardmäßig wird »Password: « oder eine Übersetzung davon "
+"benutzt. Wenn Sie diese Variable definieren, wird die Eingabeaufforderung "
+"nicht übersetzt."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+"Wenn die Zeichenkette ein <replaceable>%s</replaceable> enthält, wird dies "
+"durch den Benutzernamen ersetzt."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (boolesch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+"aktiviert die Prüfung und Anzeige des Status der Mailbox bei der Anmeldung"
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"Sie sollten dies abschalten, wenn schon die Startdateien der Shell die Mails "
+"prüfen (»mailx -e« oder ähnliches)."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (boolesch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+"aktiviert das Setzen von Resourcenbeschränkungen aus <filename>/etc/limits</"
+"filename> und von ulimit, umask und niceness aus dem gecos-Feld des "
+"Benutzers von passwd"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+"Wenn angegeben, wird jeder Aufruf von su in dieser Datei protokolliert."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"Damit kann die Anzeige des Namens des Befehls festgelegt werden, wenn »su -« "
+"ausgeführt wird. Wenn beispielsweise dies auf »su« gesetzt wurde, zeigt »ps« "
+"den Befehl als »-su« an. Wenn es dagegen nicht vergeben wurde, wird »ps« den "
+"Namen der Shell anzeigen, die ausgeführt wird, also etwa »-sh«."
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (boolesch)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"Falls <replaceable>yes</replaceable>, muss der Benutzer Mitglied der ersten "
+"Gruppe mit der GID 0 in <filename>/etc/group</filename> sein (auf den "
+"meisten Linux-Systemen heißt die <replaceable>root</replaceable>), um mit "
+"<command>su</command> zu einem Konto mit der UID 0 wechseln zu können. Falls "
+"die Gruppe nicht existiert oder keine Mitglieder hat, kann niemand mittels "
+"<command>su</command> zur UID 0 wechseln."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (boolesch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+"aktiviert das Protokollieren der Aktivitäten von <command>su</command> in "
+"»syslog« neben der Protokollierung in der sulog-Datei"
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+"Wenn <command>su</command> erfolgreich ausgeführt wird, gibt es den "
+"Rückgabewert des mit ihm ausgeführten Befehls zurück."
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+"Wenn dieser Befehl mit einem Signal beendet wurde, gibt <command>su</"
+"command> die Nummer des Signals plus 128 zurück."
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"Wenn <command>su</command> den Befehl mit kill beenden musste (weil er der "
+"Aufforderung, sich zu beenden, nicht rechtzeitig nachgekommen ist), gibt es "
+"255 zurück."
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "Erfolg (nur bei <option>--help</option>)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "System- oder Anmeldefehler"
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "Der angegebene Befehl konnte nicht gefunden werden."
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "Der angegebene Befehl konnte nicht ausgeführt werden."
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+"Einige Rückgabewerte von <command>su</command> sind unabhängig von dem "
+"ausgeführten Befehl: <placeholder-1/>"
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "führt einen Befehl unter einer anderen Gruppen-ID aus"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "Gruppe <placeholder-1/> Befehl"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"Der Befehl <command>sg</command> funktioniert so ähnlich wie der Befehl "
+"<command>newgrp</command>, übernimmt aber auch einen Befehl. Dieser Befehl "
+"wird in der Shell <filename>/bin/sh</filename> ausgeführt. Bei den meisten "
+"Shells, in denen Sie <command>sg</command> ausführen, müssen Sie die "
+"Befehle, die aus mehrere Wörtern bestehen, in Anführungszeichen einfassen. "
+"Ein weiterer Unterschied zwischen <command>newgrp</command> und <command>sg</"
+"command> ist, dass einige Shells <command>newgrp</command> besonders "
+"behandeln: sie ersetzen sich mit einer neuen Instanz der Shell, die von "
+"<command>newgrp</command> erzeugt wurde. Dies geschieht nicht mit "
+"<command>sg</command>, daher werden Sie nach Beenden des Befehls "
+"<command>sg</command> zu Ihrer vorherigen Gruppen-ID zurückkehren."
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (boolesch)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+"aktiviert das Protokollieren der Aktivitäten von <command>sg</command> in "
+"»syslog«"
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "Shadow-Passwortdatei"
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>shadow</filename> ist eine Datei, welche die "
+"Passwortinformationen für die Konten des Systems und fakultativ "
+"Informationen zum Verfall der Passwörter enthält."
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Um die Sicherheit der Passwörter zu gewährleisten, darf diese Datei nicht "
+"für normale Benutzer lesbar sein."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"Jede Zeile dieser Datei enthält folgende neun Felder, die durch Doppelpunkt "
+"(<quote>:</quote>) getrennt werden:"
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "Anmeldename"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+"Dabei muss es sich um eine gültigen Kontonamen handeln, der auf dem System "
+"existiert."
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "verschlüsseltes Passwort"
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Sie sollten in <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> nachsehen, wenn Sie "
+"mehr über die Bedeutung dieser Zeichenkette wissen wollen."
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Wenn das Passwortfeld eine Zeichenkette enthält, die kein zulässiges "
+"Ergebnis von <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> ist, z.B. ! oder *, kann sich der Benutzer nicht "
+"mit einem Unix-Passwort anmelden; eine Anmeldung auf anderem Wege wird "
+"dadurch nicht verhindert."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"Dieses Feld kann leer bleiben. In diesem Fall kann sich der angegebene "
+"Benutzer ohne Passwort anmelden. Möglicherweise verweigern Anwendungen, "
+"welche die Datei <filename>/etc/shadow</filename> auswerten, dennoch den "
+"Zugang, wenn das Passwortfeld leer ist."
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "A password field which starts with a exclamation mark means that the "
+#| "password is locked. The remaining characters on the line represent the "
+#| "password field before the password was locked."
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"Ein Passwortfeld, das mit einem Ausrufezeichen beginnt, führt dazu, dass das "
+"Passwort gesperrt ist. Die übrigen Zeichen sind das Passwort vor der "
+"Sperrung."
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "Datum, an dem das Passwort das letzte Mal geändert wurde"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"Das Datum, als das Passwort das letzte Mal geändert wurde, wird als Anzahl "
+"der Tage seit dem 1. Januar 1970 ausgedrückt."
+
+#: shadow.5.xml:134(para)
+#, fuzzy
+#| msgid ""
+#| "The value 0 has a special meaning, which is that the user should change "
+#| "her pasword the next time she will log in the system."
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+"Dem Wert 0 kommt eine besondere Bedeutung zu: Der Benutzer sollte sein "
+"Passwort bei der nächsten Anmeldung ändern."
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+"Ein leeres Feld bedeutet, dass das Altern des Passworts abgeschaltet ist."
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "Mindestalter des Passworts"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"Das Mindestalter des Passworts ist die Anzahl von Tagen, die ein Benutzer "
+"warten muss, bevor er sein Passwort wieder ändern darf."
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+"Eine leeres Feld oder der Wert 0 bedeuten, dass es kein Mindestalter eines "
+"Passworts gibt."
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "Höchstalter des Passworts"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+"Das Höchstalter des Passworts ist die Anzahl von Tagen, nach welcher der "
+"Benutzer sein Passwort ändern muss."
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+"Auch nach Ablauf dieser Anzahl von Tagen bleibt das Passwort gültig. Der "
+"Benutzer wird bei der nächsten Anmeldung aufgefordert, sein Passwort zu "
+"ändern."
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"Ein leeres Feld bedeutet, dass es kein Höchstalter für das Passwort, keine "
+"Vorwarnung und keine Dauer der Untätigkeit (siehe unten) gibt."
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+"Wenn das Höchstalter niedriger als das Mindestalter eines Passworts ist, "
+"kann ein Benutzer sein Passwort nicht ändern."
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "Passwortvorwarndauer"
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"Die Anzahl von Tagen, während welcher der Benutzer vorgewarnt wird, bevor "
+"sein Passwort abläuft (siehe das Höchstalter des Passworts)."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+"Ein leeres Feld oder der Wert 0 bedeutet, dass es keine Vorwarnung gibt."
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "Dauer der fehlenden Verwendung des Passworts"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"Die Anzahl von Tagen, für die ein Benutzer sein Passwort, nachdem es "
+"abgelaufen ist (vergleiche oben das Höchstalter des Passworts), noch "
+"verwenden kann (und während des nächsten Logins ändern muss)."
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"Nachdem das Passwort abgelaufen ist und auch die Dauer der Untätigkeit "
+"verstrichen ist, kann sich der Benutzer mit seinem Passwort nicht mehr "
+"anmelden. Er muss sich dann an den Administrator wenden."
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr ""
+"Ein leeres Feld bedeutet, dass es keine Höchstdauer zwischen Ablauf des "
+"Passworts und erneuter Anmeldung des Benutzers gibt."
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "Datum des Verfalls des Kontos"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"Das Datum, an dem das Konto verfällt, wird als Anzahl der Tage seit dem 1. "
+"Januar 1970 ausgedrückt."
+
+#: shadow.5.xml:229(para)
+#, fuzzy
+#| msgid ""
+#| "Note that an account expiration differs from a password expiration. In "
+#| "case of an acount expiration, the user shall not be allowed to login. In "
+#| "case of a password expiration, the user is not allowed to login using her "
+#| "password."
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"Beachten Sie, dass der Verfall eines Kontos sich von dem Ablaufen eines "
+"Passworts unterscheidet. Im ersteren Fall kann sich der Benutzer nicht mehr "
+"anmelden. Im letzteren Fall kann sich der Benutzer nur nicht mehr mit seinem "
+"(alten) Passwort anmelden."
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "Ein leeres Feld bedeutet, dass das Konto nicht verfallen wird."
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+"Der Wert 0 sollte nicht verwendet werden, weil er sowohl bedeuten kann, dass "
+"das Konto nicht verfällt als auch, dass das Konto bereits am 1. Januar 1970 "
+"verfallen ist."
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "reserviertes Feld"
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Dieses Feld ist für zukünftigen Gebrauch reserviert."
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "Sicherungskopie von /etc/shadow"
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Beachten Sie, dass diese Datei von Werkzeugen der Shadow-Werkzeugsammlung "
+"verwendet wird, aber nicht von allen sonstigen Programmen zur Benutzer- und "
+"Passwortverwaltung."
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Bibliotheksaufrufe"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+# SB: Ãœbersetzung iO?
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "Routinen für die Datei, die die verschlüsselten Passwörter enthält"
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAX"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "truct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*name"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "DATEIEN"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> verändert den Inhalt der Shadow-"
+"Passwort-Datei <filename>/etc/shadow</filename>. Der Aufbau der Datei "
+"<emphasis remap=\"I\">#include</emphasis> ist:"
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* user login name */\n"
+" char\t\t*sp_pwdp; /* encrypted password */\n"
+" long int\t\tsp_lstchg; /* last password change */\n"
+" long int\t\tsp_min; /* days until change allowed. */\n"
+" long int\t\tsp_max; /* days before change required */\n"
+" long int\t\tsp_warn; /* days warning for expiration */\n"
+" long int\t\tsp_inact; /* days before account inactive */\n"
+" long int\t\tsp_expire; /* date when account expires */\n"
+" unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+" "
+msgstr ""
+"struct spwd {\n"
+" char *sp_namp; /* Anmeldename des Benutzers */\n"
+" char *sp_pwdp; /* verschlüsseltes Passwort */\n"
+" long int sp_lstchg; /* letzte Änderung des Passworts */\n"
+" long int sp_min; /* Tage, ehe Änderung erlaubt ist */\n"
+" long int sp_max; /* Tage, bis Änderung erfolgen muss */\n"
+" long int sp_warn; /* Tage für Warnung vor Verfall */\n"
+" long int sp_inact; /* Tage, ehe Konto inaktiv wird */\n"
+" long int sp_expire; /* Datum, an dem Konto abgeschaltet wird */\n"
+" unsigned long int sp_flag; /* reserviert für zukünftigen Gebrauch*/\n"
+"}\n"
+" "
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "Die Bedeutung dieser Felder ist:"
+
+# SB: Ãœbersetzung von 'null-terminated'?
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr "sp_namp - Verweis auf Benutzername, der mit einer Null endet"
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr "sp_pwdp - Verweis auf Passwort, das mit einer Null endet"
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+"sp_lstchg - Anzahl der Tage gerechnet ab dem 1. Januar 1970, seitdem das "
+"Passwort das letzte Mal geändert wurde"
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr "sp_min - Anzahl der Tage, ehe das Passwort nicht geändert werden darf"
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr "sp_max - Anzahl der Tage, nach denen das Passwort geändert werden muss"
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+"sp_warn - Anzahl der Tage ehe das Passwort verfällt, an denen der Benutzer "
+"vor dem Verfall gewarnt wird"
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+"sp_inact - Anzahl der Tage nach dem Verfall des Passworts, nach denen das "
+"Konto als inaktiv angesehen und abgeschaltet wird"
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+"sp_expire - Anzahl Tage gerechnet ab dem 1. Januar 1970, für die das Konto "
+"abgeschaltet ist"
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - für zukünftigen Gebrauch reserviert"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis> und <emphasis>sgetspent</emphasis> geben "
+"einen Verweis auf <emphasis>struct spwd</emphasis> zurück. "
+"<emphasis>getspent</emphasis> gibt den nächsten Eintrag der Datei zurück. "
+"<emphasis>fgetspent</emphasis> gibt den nächsten Eintrag im angegebenen "
+"Datenstrom zurück, für den angenommen wird, dass es sich dabei um eine Datei "
+"im zulässigen Format handelt. <emphasis>sgetspent</emphasis> gibt einen "
+"Verweis auf einen <emphasis>struct spwd</emphasis> zurück, wobei die "
+"angegebene Zeichenkette als Eingabe verwendet wird. <emphasis>getspnam</"
+"emphasis> sucht ab der aktuellen Position in der Datei nach einem Eintrag, "
+"der mit <emphasis>name</emphasis> übereinstimmt."
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"<emphasis>setspent</emphasis> und <emphasis>endspent</emphasis> können "
+"verwendet werden, um den Zugriff auf die Shadow-Passwort-Datei zu beginnen "
+"oder zu beenden."
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"Die Routinen <emphasis>lckpwdf</emphasis> und <emphasis>ulckpwdf</emphasis> "
+"sollten eingesetzt werden, da so sichergestellt werden kann, dass exlusiv "
+"auf die Datei <filename>/etc/shadow</filename> zugegriffen wird. "
+"<emphasis>lckpwdf</emphasis> versucht, eine Sperre durch <emphasis>pw_lock</"
+"emphasis> für bis zu 15 Sekunden zu erhalten. Dann versucht es, eine zweite "
+"Sperre durch <emphasis>spw_lock</emphasis> für den Rest der 15 Sekunden zu "
+"erhalten. Sollte einer der beiden Versuche nach insgesamt 15 Sekunden "
+"scheitern, gibt <emphasis>lckpwdf</emphasis> -1 zurück. Wurden beide Sperren "
+"erhalten, wird 0 zurückgegeben."
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"Wenn kein weiterer Eintrag vorhanden ist oder während der Verarbeitung ein "
+"Fehler auftritt, geben die Routinen NULL zurück. Routinen, die "
+"<emphasis>int</emphasis> als Rückgabewert haben, geben im Erfolgsfall 0 und "
+"beim Scheitern -1 zurück."
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+"Diese Routinen können nur von Root verwendet werden, da der Zugriff auf die "
+"Shadow-Passwort-Datei beschränkt ist."
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr "konvertiert zu oder von Shadow-Passwörtern und -gruppen"
+
+# SB: Translation ok?
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"Der Befehl <command>pwconv</command> erstellt eine <emphasis remap=\"I"
+"\">shadow</emphasis>-Datei aus einer <emphasis remap=\"I\">passwd</emphasis>-"
+"Datei und gegebenenfalls aus einer bereits vorhandenen <emphasis remap=\"I"
+"\">shadow</emphasis>-Datei."
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"<command>pwconv</command> funktioniert nicht, wenn <option>USE_TCB</option> "
+"aktiviert ist. Um zu Tcb-Passwörtern zu konvertieren, sollten Sie zuerst mit "
+"<command>pwconv</command> zu Shadowed-Passwörtern konvertieren, wobei Sie in "
+"<filename>login.defs</filename> <option>USE_TCB</option> deaktivieren, und "
+"anschließend mit <command>tcb_convert</command> zu Tcb-Passwörtern "
+"konvertieren. Schließlich können Sie <option>USE_TCB</option> in "
+"<filename>login.defs</filename> reaktivieren."
+
+# SB: Translation ok?
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"Der Befehl <command>pwunconv</command> erstellt eine <emphasis remap=\"I"
+"\">passwd</emphasis>-Datei aus einer <emphasis remap=\"I\">passwd</"
+"emphasis>- und <emphasis remap=\"I\">shadow</emphasis>-Datei und entfernt "
+"anschließend die<emphasis remap=\"I\">shadow</emphasis>-Datei."
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"<command>pwunconv</command> funktioniert nicht, wenn <option>USE_TCB</"
+"option> aktiviert ist. Sie sollten zuerst mit <command>tcb_unconvert</"
+"command> von tcb- zu shadowed-Passwörtern wechseln und anschließend vor der "
+"Verwendung von <command>pwunconv</command> <option>USE_TCB</option> in "
+"<filename>login.defs</filename> deaktivieren."
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"Der Befehl <command>grconv</command> erstellt eine <emphasis remap=\"I"
+"\">gshadow</emphasis>-Datei aus einer <emphasis remap=\"I\">group</emphasis>-"
+"Datei und gegebenenfalls aus einer bereits vorhandenen <emphasis remap=\"I"
+"\">gshadow</emphasis>-Datei."
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"Der Befehl <command>grpunconv</command> erstellt eine <emphasis remap=\"I"
+"\">group</emphasis>-Datei aus einer <emphasis remap=\"I\">group</emphasis>- "
+"und <emphasis remap=\"I\">gshadow</emphasis>-Datei und entfernt anschließend "
+"die <emphasis remap=\"I\">gshadow</emphasis>-Datei."
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"Diese vier Programme funktionieren mit der normalen und der Shadow-"
+"Passwortdatei und den Gruppendateien: <filename>/etc/passwd</filename>, "
+"<filename>/etc/group</filename>, <filename>/etc/shadow</filename> und "
+"<filename>/etc/gshadow</filename>."
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"Jedes dieser Programme erzeugt vor der Konvertierung die notwendigen "
+"Sperren. <command>pwconv</command> und <command>grpconv</command> sind "
+"vergleichbar. Zuerst werden die Einträge aus der Shadow-Datei entfernt, die "
+"nicht in der Hauptdatei enthalten sind. Anschließend werden die Einträge in "
+"der Shadow-Datei aktualisiert, die kein »x« als Passwort haben. Zuletzt "
+"werden die Passwörter in der Hauptdatei durch »x« ersetzt. Diese Programme "
+"können für eine erstmalige Konvertierung genutzt werden als auch, um die "
+"Shadow-Datei zu aktualisieren, falls die Hauptdatei von Hand bearbeitet "
+"wurde."
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"<command>pwconv</command> verwendet die Werte <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis> "
+"und <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> aus <filename>/etc/login."
+"defs</filename>, wenn neue Einträge zu <filename>/etc/shadow</filename> "
+"hinzugefügt werden."
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"Ebenfalls sind die Befehle <command>pwunconv</command> und "
+"<command>grpunconv</command> ähnlich. Passwörter in der Hauptdatei werden "
+"durch die Shadow-Datei aktualisiert. Einträge, welche in der Hauptdatei, "
+"aber nicht in der Shadow-Datei vorhanden sind, bleiben unberührt. Zuletzt "
+"wird die Shadow-Datei gelöscht. Eine Information für den Verfall von "
+"Passwörtern geht durch <command>pwunconv</command> verloren. Es wird aber so "
+"viel wie möglich umgewandelt."
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Die Optionen, die von den Befehlen <command>pwconv</command>, "
+"<command>pwunconv</command>, <command>grpconv</command> und "
+"<command>grpunconv</command> unterstützt werden, sind:"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"Fehler in der Passwort- oder Gruppendatei (wie z.B. ungültige oder doppelte "
+"Einträge) können zu Endlosschleifen oder anderen seltsamen Fehlern führen. "
+"Sie sollten daher <command>pwck</command> und <command>grpck</command> "
+"ausführen, um solche Fehler zu entfernen, bevor Sie von oder zu Shadow-"
+"Passwörtern oder -gruppen umwandeln."
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"Die folgende Konfigurationsvariablen in <filename>/etc/login.defs</filename> "
+"beeinflussen das Verhalten von <command>grpconv</command> und "
+"<command>grpunconv</command>:"
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"Die folgenden Konfigurationsvariablen in <filename>/etc/login.defs</"
+"filename> beeinflussen das Verhalten von <command>pwconv</command>:"
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr "ursprünglicher Autor, 1992"
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "überprüft die Stimmigkeit der Passwortdateien"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"Der Befehl <command>pwck</command> überprüft die Stimmigkeit der Benutzer- "
+"und Authentifizierungsdaten. Alle Einträge in <filename>/etc/passwd</"
+"filename> und <filename>/etc/shadow</filename><phrase condition=\"tcb\"> "
+"(oder die Dateien in <filename>/etc/tcb</filename>, falls <option>USE_TCB</"
+"option> aktiviert ist)</phrase> werden darauf überprüft, ob der Eintrag das "
+"richtige Format hat und gültige Daten enthält. Der Benutzer wird "
+"aufgefordert, Einträge zu löschen, die falsch formatiert sind oder andere "
+"unbehebbare Fehler enthalten."
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "Es wird überprüft, ob jeder Eintrag folgende Eigenschaften aufweist:"
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "die richtige Anzahl von Feldern"
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "einen eindeutigen und gültigen Benutzernamen"
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "eine gültige Benutzer- und Gruppenkennung"
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "eine gültige Hauptgruppe"
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "ein gültiges Home-Verzeichnis"
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "eine gültige Anmelde-Shell"
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"Eine Überprüfung von <filename>shadow</filename> findet statt, wenn ein "
+"zweiter Parameter angegeben wird oder auf dem System <filename>/etc/shadow</"
+"filename> existiert."
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "Diese Tests umfassen Folgendes:"
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+"ob jedem Eintrag in passwd ein Eintrag in shadow entspricht und umgekehrt"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr "ob die Passwörter in der Shadow-Datei niedergelegt sind"
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "ob die shadow-Einträge die richtige Anzahl von Feldern haben"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "ob die Shadow-Einträge in shadow eindeutig sind"
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "dass das Datum der letzten Passwortänderung nicht in der Zukunft liegt"
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+"Fehler bei der Überprüfung der richtigen Anzahl der Felder und des "
+"eindeutigen Benutzernames sind schwerwiegend. Wenn ein Eintrag die falsche "
+"Anzahl von Feldern ausweist, wird der Benutzer aufgefordert, die gesamte "
+"Zeile zu löschen. Wenn dies der Benutzer ablehnt, werden alle weiteren Tests "
+"ausgelassen. Bei einem Eintrag mit einem mehrfach verwendeten Benutzernamen "
+"wird der Benutzer aufgefordert, diesen Eintrag zu löschen. Sollte er dies "
+"ablehnen, werden dennoch die übrigen Test ausgeführt. Bei allen anderen "
+"Fehlern wird eine Warnung abgegeben und der Benutzer aufgefordert, den "
+"Fehler mittels des Befehls <command>usermod</command> zu beheben."
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"Die Befehle, welche die Datei <filename>/etc/passwd</filename> bearbeiten, "
+"können falsche oder doppelte Einträge nicht verändern. In solchen Fällen "
+"sollte <command>pwck</command> verwendet werden, um den betreffenden Eintrag "
+"zu entfernen."
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Die Optionen <option>-r</option> und <option>-s</option> können nicht "
+"zusammen verwendet werden."
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>pwck</command> unterstützt werden, "
+"sind:"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+"meldet nur Fehler. Warnungen, die keine Handlung des Benutzers erfordern, "
+"werden nicht angezeigt"
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "führt den Befehl <command>pwck</command> im Modus Nur-Lesen aus"
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"ordnet die Einträge in <filename>/etc/passwd</filename> und <filename>/etc/"
+"shadow</filename> nach der UID"
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+"Diese Option ist wirkungslos, wenn <option>USE_TCB</option> aktiviert ist."
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"Standardmäßig bearbeitet <command>pwck</command> die Dateien <filename>/etc/"
+"passwd</filename> und <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (oder die Dateien in <filename>/etc/tcb</filename>)</phrase>. Der "
+"Benutzer kann andere Dateien mit den Parametern <replaceable>passwd</"
+"replaceable> und <replaceable>shadow</replaceable> auswählen."
+
+#: pwck.8.xml:243(para)
+#, fuzzy
+#| msgid ""
+#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+#| "alternative <replaceable>shadow</replaceable> file. In future releases, "
+#| "this paramater could be replaced by an alternate TCB directory."
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+"Hinweis: Wenn <option>USE_TCB</option> aktiviert ist, können Sie keine "
+"andere <replaceable>shadow</replaceable>-Datei angeben. In zukünftigen "
+"Versionen kann dieser Parameter durch ein anderes TCB-Verzeichnis ersetzt "
+"werden."
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "ein oder mehrere fehlerhafte Passworteinträge"
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "Die Passwortdatei kann nicht geöffnet werden."
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "Die Passwortdatei kann nicht gesperret werden."
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "Die Passwortdatei kann nicht aktualisieren werden."
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "Die Passwortdatei kann nicht sortieren werden."
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>pwck</command> gibt beim Beenden folgende Werte zurück: "
+"<placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr "Datei für zeitlich begrenzten Zugang zu Ports"
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> enthält eine Liste von tty-"
+"Geräten, Benutzernamen und zulässigen Anmeldezeiten."
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"Jeder Eintrag besteht aus drei Feldern, die durch Doppelpunkte getrennt "
+"sind. Das erste Feld enthält eine Liste von tty-Geräten, die durch Kommata "
+"getrennt sind, oder einen Stern, was bedeutet, dass dieser Eintrag auf alle "
+"tty-Geräte zutrifft. Das zweite Feld enthält eine Liste von Benutzernamen, "
+"die durch Kommata getrennt sind, oder einen Stern, was bedeutet, dass dieser "
+"Eintrag auf alle Benutzernamen zutrifft. Das dritte Feld ist eine Liste von "
+"Anmeldezeiten, die durch Kommata getrennt sind."
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"Jeder Zeiteintrag kann aus einem oder mehreren Wochentagen bestehen, die mit "
+"<emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</emphasis>, "
+"<emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</emphasis> "
+"und <emphasis>Sa</emphasis> abgekürzt werden. Danach folgt die Angabe von "
+"zwei Uhrzeiten, die durch einen Bindestrich getrennt sind. Mit der Abkürzung "
+"<emphasis>Wk</emphasis> wird Montag bis Freitag bezeichnet. Mit "
+"<emphasis>Al</emphasis> wird jeder Tag gewählt. Falls keine Tage angegeben "
+"werden, wird <emphasis>Al</emphasis> angenommen."
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "BEISPIELE"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"Der folgende Eintrag erlaubt dem Benutzer <emphasis remap=\"B\">jfh</"
+"emphasis> Zugriff auf jeden Port während Werktagen von 9 bis 17 Uhr."
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"Die folgenden Einträge erlauben nur den Benutzern <emphasis>root</emphasis> "
+"und <emphasis>oper</emphasis> jederzeit Zugriff auf <filename>/dev/console</"
+"filename>. Hier ist auch ersichtlich, dass <filename>/etc/porttime</"
+"filename> eine geordnete Liste der Zugriffszeiten ist. Jeder andere Benutzer "
+"fällt unter den zweiten Eintrag, welcher Zugriff zu keiner Zeit erlaubt."
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+msgstr ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"Der folgende Eintrag erlaubt dem Benutzer <emphasis>games</emphasis> Zugriff "
+"auf jeden Port außerhalb von Arbeitszeiten."
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "Datei, die den Port-Zugriff enthält."
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "die Passwortdatei"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> enthält einen Eintrag pro Benutzerkonto, "
+"wobei jeder Eintrag sieben Felder besitzt, die durch Doppelpunkt (<quote>:</"
+"quote>) getrennt sind. Diese Felder sind:"
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "optional verschlüsseltes Passwort"
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "numerische Benutzer-ID"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "numerische Gruppen-ID"
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "Benutzername oder Kommentarfeld"
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "Home-Verzeichnis des Benutzers"
+
+# SB: Ãœbersetzung von "command interpreter"?
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "optional Befehlsinterpreter des Benutzers"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Das Feld für das verschlüsselte Passwort kann leer sein. In diesem Fall wird "
+"kein Passwort benötigt, um sich beim System anzumelden. Allerdings werden "
+"einige Anwendung, die <filename>/etc/passwd</filename> auswerten, "
+"<emphasis>keinen</emphasis> Zugriff erlauben, wenn das <emphasis>Passwort</"
+"emphasis>-Feld leer ist. Wenn das <emphasis>Passwort</emphasis>-Feld ein "
+"kleines <quote>x</quote> enthält, ist das Passwort in der Datei "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> gespeichert. Es <emphasis>muss</emphasis> sich dann ein "
+"passender Eintrag in <filename>/etc/shadow</filename> befinden, oder das "
+"Benutzerkonto ist ungültig. Wenn das <emphasis>Passwort</emphasis>-Feld eine "
+"andere Zeichenkette enthält, wird diese als ein verschlüsseltes Passwort "
+"behandelt. Genaueres dazu befindet sich unter "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Das Kommentarfeld wird von verschiedenen Systemprogrammen wie z.B. "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> ausgewertet."
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"Das Feld für das Home-Verzeichnis gibt den Namen für das anfängliche "
+"Arbeitsverzeichnis an. Das Programm <command>login</command> benutzt diese "
+"Information, um den Wert der Umgebungsvariable <envar>$HOME</envar> zu "
+"setzen."
+
+# SB: Ãœbersetzung von "command language interpreter"?
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"Das Feld für den Befehlsinterpreter enthält den Namen des Befehlssprachen-"
+"Interpreters des Benutzers oder den Namen des Programms, das zuerst "
+"ausgeführt werden soll. Das Programm <command>login</command> benutzt diese "
+"Information, um den Wert der Umgebungsvariable <envar>$SHELL</envar> zu "
+"setzen. Falls dieses Feld leer ist, wird ihm standardmäßig der Wert "
+"<filename>/bin/sh</filename> zugewiesen."
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "optionale Datei für verschlüsseltes Passwort"
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "Sicherungskopie von /etc/passwd"
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "ändert das Passwort eines Benutzers"
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"Der Befehl <command>passwd</command> ändert die Passwörter von "
+"Benutzerkonten. Ein normaler Benutzer kann nur das Passwort seines Kontos "
+"verändern, der Superuser dagegen kann die Passwörter aller Konten ändern. "
+"Mit <command>passwd</command> können auch die Informationen über das Konto "
+"und die Gültigkeitsdauer des Passworts verändert werden."
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Verändern des Passworts"
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"Der Benutzer wird zuerst nach seinem alten Passwort gefragt, falls eines "
+"vorhanden ist. Dieses Passwort wird dann verschlüsselt und mit dem "
+"gespeicherten Passwort verglichen. Der Benutzer hat nur eine Gelegenheit, "
+"das richtige Passwort einzugeben. Der Superuser kann diesen Schritt "
+"überspringen, um so vergessene Passwörter zu ändern."
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"Nachdem das Passwort eingegeben wurde, werden Informationen über die "
+"Gültigkeitsdauer des Passworts abgefragt, um festzustellen, ob der Benutzer "
+"das Passwort zu dieser Zeit verändern darf. Wenn nicht, lehnt "
+"<command>passwd</command> die Änderung des Passworts ab und beendet sich."
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"Der Benutzer wird dann aufgefordert, zweimal ein neues Passwort einzugeben. "
+"Beide Eingaben werden miteinander verglichen. Sie müssen übereinstimmen, "
+"damit das Passwort geändert wird."
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"Anschließend wird das Passwort auf seine Komplexität überprüft. Eine "
+"allgemeine Richtlinie besagt, dass Passwörter aus sechs bis acht Zeichen "
+"bestehen sollten und ein oder mehrere Zeichen aus folgenden Mengen enthalten "
+"sollten:"
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "Kleinbuchstaben"
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "Ziffern 0 bis 9"
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "Satzzeichen"
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"Seien Sie vorsichtig, dass Sie nicht die standardmäßigen Lösch- und Kill-"
+"Zeichen des Systems eingeben. <command>passwd</command> weist Passwörter "
+"zurück, die nicht hinreichend komplex sind."
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Hinweise zu Benutzerpasswörtern"
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"Die Sicherheit eines Passworts hängt von der Stärke des "
+"Verschlüsselungsalgorithmus und von der Größe des Schlüsselraums ab. Die "
+"hergebrachte Verschlüsselung auf <emphasis>UNIX</emphasis>-Systemen basiert "
+"auf dem NBS-DES-Algorithmus. Heutzutage sind neuere Verschlüsselungsmethoden "
+"zu empfehlen (vergleiche <option>ENCRYPT_METHOD</option>). Die Größe des "
+"Schlüsselraums hängt von der Zufälligkeit des gewählten Passworts ab."
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"Gefahren für die Sicherheit von Passwörtern kommen gewöhnlich von sorgloser "
+"Wahl oder Handhabung des Passworts. Daher sollten Sie kein Passwort wählen, "
+"das in einem Wörterbuch auftaucht oder das aufgeschrieben werden muss. Das "
+"Passwort sollte somit kein echter Name, Ihr Autokennzeichen, Geburtstag oder "
+"Ihre Adresse sein. All das kann dazu verwendet werden, das Passwort zu "
+"erraten, und stellt daher eine Gefahr für die Sicherheit Ihres Systems dar."
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"Ratschläge, wie Sie ein sicheres Passwort wählen, finden Sie unter http://de."
+"wikipedia.org/wiki/Passwort#Wahl_von_sicheren_Passw.C3.B6rtern."
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
+"sind:"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Diese Option kann nur in Verbindung mit <option>-S</option> verwendet werden "
+"und führt dazu, dass der Status aller Benutzer angezeigt wird."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Löscht das Passwort eines Benutzers (macht es leer). Dies ist ein schneller "
+"Weg, um das Passwort eines Kontos zu deaktivieren. Dem Konto ist dann kein "
+"Passwort zugeordnet."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Lässt das Passwort eines Kontos sofort verfallen. Im Ergebnis kann damit "
+"erreicht werden, dass ein Benutzer beim nächsten Login das Passwort ändern "
+"muss."
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Mit dieser Option wird ein Konto deaktiviert, nachdem das Passwort für eine "
+"bestimmte Anzahl von Tagen abgelaufen ist. Wenn ein Benutzerkonto ein "
+"abgelaufenes Passwort für länger als <replaceable>INAKTIV</replaceable> Tage "
+"hatte, kann sich der Benutzer nicht mehr auf diesem Konto anmelden."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+# FIXME: Übersetzung, die näher am Original ist (tokens). SB
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Zeigt an, dass nur abgelaufene Passwörter geändert werden sollen. Der "
+"Benutzer möchte seine gültigen Passwörter unverändert lassen."
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Sperrt das Passwort des bezeichneten Kontos. Die Option schaltet ein "
+"Passwort ab, indem es ihm einen Wert zuweist, der mit keinem möglichen "
+"verschlüsselten Wert übereinstimmen kann. Dies geschieht, indem ein »!« dem "
+"Passwort vorangestellt wird."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"Beachten Sie, dass damit nicht das Konto deaktiviert wird. Der Benutzer kann "
+"sich immer noch mit einer anderen Authentifizierungsmethode (etwa einem SSH-"
+"Schlüssel) anmelden. Um ein Konto abzuschalten, sollte der Administrator "
+"<command>usermod --expiredate 1</command> verwenden; dies setzt das "
+"Verfallsdatum des Kontos auf den 2. Januar 1970."
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr "Benutzer mit einem gesperrten Passwort können dieses nicht ändern."
+
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_TAGE</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Setzt die Anzahl von Tagen, die mindestens zwischen zwei Änderungen eines "
+"Passworts vergehen müssen, auf <replaceable>MIN_TAGE</replaceable>. Ein Wert "
+"von Null in diesem Feld bedeutet, dass der Benutzer sein Passwort jederzeit "
+"ändern darf."
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;<replaceable>DEPOT</"
+"replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr "ändert das Passwort im Depot <replaceable>DEPOT</replaceable>"
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Zeigt Informationen über den Kontostatus an. Die Statusinformation besteht "
+"aus sieben Feldern. Das erste Feld ist der Anmeldename des Benutzers. Das "
+"zweite Feld zeigt an, ob das Benutzerkonto ein gesperrtes Passwort (L), kein "
+"Passwort (NP) oder ein verwendbares Passwort hat (P). Das dritte Feld zeigt "
+"das Datum der letzten Änderung des Passworts an. Die nächsten vier Felder "
+"sind das Mindestalter, das Höchstalter, die Dauer der Warnung und die Dauer "
+"der Untätigkeit für das Passwort. Die Zeiträume werden in Tagen ausgedrückt."
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Entsperrt das bezeichnete Konto. Diese Option reaktiviert ein Konto wieder, "
+"indem das Passwort auf seinen alten Wert zurückgesetzt wird, den es hatte, "
+"bevor die Option <option>-l</option> verwendet wurde."
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_TAGE</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"Legt die Anzahl der Tage fest, an denen der Benutzer eine Warnung erhält, "
+"bevor sein Passwort ungültig wird. Die Option <replaceable>WARN_TAGE</"
+"replaceable> bezeichnet die Anzahl der Tage, für die ein Benutzer vor "
+"Verfall seines Passworts gewarnt wird."
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_TAGE</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"Bestimmt die maximale Anzahl von Tagen, die das Passwort gültig bleibt. Nach "
+"<replaceable>MAX_TAGE</replaceable> Tagen muss das Passwort geändert werden."
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"Die Komplexität der Passwortprüfung kann sich auf verschiedenen Systemen "
+"unterscheiden. Der Benutzer wird angehalten, ein möglichst komplexes, von "
+"ihm aber gut zu verwendendes Passwort zu wählen."
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"Benutzer können unter Umständen ihr Passwort nicht ändern, wenn auf dem "
+"System NIS aktiviert ist, sie aber nicht am NIS-Server angemeldet sind."
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+"<command>passwd</command> verwendet PAM, um einen Benutzer zu "
+"authentifizieren und sein Passwort zu ändern."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (Zeichenkette)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+"Damit wird der standardmäßige Verschlüsselungsalgorithmus, mit dem "
+"Passwörter verschlüsselt werden, bestimmt (soweit nicht in der Befehlszeile "
+"ein Algorithmus angegeben wird)."
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Ihm kann einer der folgenden Wert zugewiesen werden: <replaceable>DES</"
+"replaceable> (default), <replaceable>MD5</replaceable><phrase condition="
+"\"sha_crypt\">, <replaceable>SHA256</replaceable>, <replaceable>SHA512</"
+"replaceable></phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+"Hinweis: Dieser Parameter überschreibt die Variable <option>MD5_CRYPT_ENAB</"
+"option>."
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"Hinweis: Damit wird lediglich die Erstellung von Gruppenpasswörtern "
+"beeinflusst. Benutzerpasswörter werden dagegen von PAM erstellt, so dass "
+"dieser Vorgang in PAM konfiguriert werden muss. Empfehlenswert ist, diese "
+"Variable mit der Konfiguration von PAM in Einklang zu bringen."
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (boolesch)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"Legt fest, ob Passwörter mit dem auf MD5 beruhenden Algorithmus "
+"verschlüsselt werden. Falls diesem Wert <replaceable>yes</replaceable> "
+"zugewiesen ist, werden neue Passwörter mit dem auf MD5 beruhenden "
+"Algorithmus verschlüsselt, der zu dem in der aktuellen Veröffentlichung von "
+"FreeBSD eingesetzten Algorithmus kompatibel ist. Passwörter können dann "
+"beliebig lang sein, auch die Salt-Zeichenketten sind länger. Setzen Sie "
+"diesen Wert auf <replaceable>no</replaceable>, wenn Sie verschlüsselte "
+"Passwörter auf ein anderes System kopieren möchten, das den neuen "
+"Algorithmus nicht versteht. Der Standardwert ist <replaceable>no</"
+"replaceable>."
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"Dieser Variable geht die Variable <option>ENCRYPT_METHOD</option> und eine "
+"Option auf der Befehlszeile, mit der der Verschlüsselungsalgorithmus "
+"bestimmt wird, vor."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+"Der Einsatz dieser Variable ist veraltet. Sie sollten "
+"<option>ENCRYPT_METHOD</option> verwenden."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (boolesch)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr "Aktiviert zusätzliche Tests bei der Veränderung eines Passworts."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (boolesch)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"weist auf schwache Passwörter hin (aber lässt sie zu), falls Sie root sind"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (Zahl)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+"maximale Anzahl von Versuchen, ein Passwort zu ändern, wenn dies wegen zu "
+"geringer Stärke des gewählten Passworts abgelehnt wurde"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (Zahl)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (Zahl)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"Anzahl der von crypt() berücksichtigten Zeichen des Passworts. Standardmäßig "
+"ist <option>PASS_MAX_LEN</option> 8. Diese Option wird ignoriert, wenn "
+"<option>MD5_CRYPT_ENAB</option> auf <replaceable>yes</replaceable> gesetzt "
+"ist."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (Zahl)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (Zahl)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"Wenn <option>ENCRYPT_METHOD</option> auf <replaceable>SHA256</replaceable> "
+"oder <replaceable>SHA512</replaceable> gesetzt ist, legt dies die Anzahl der "
+"Runden von SHA fest, die standardmäßig vom Verschlüsselungsalgorithmus "
+"verwendet werden (falls die Anzahl der Runden nicht auf der Befehlszeile "
+"angegeben wird)."
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"Je mehr Runden Sie definieren, umso schwieriger ist es, das Passwort mit "
+"sturem Durchprobieren (brute force) zu knacken; umso mehr Rechenleistung "
+"wird jedoch auch für die Anmeldung eines Benutzers benötigt."
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+"Falls Sie nichts angeben, wird libc die Standardanzahl der Runden festlegen "
+"(5000)."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr "Die Werte müssen zwischen 1000-999.999.999 liegen."
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"Falls nur der Wert für <option>SHA_CRYPT_MIN_ROUNDS</option> oder "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> festgelegt wird, wird dieser Wert "
+"verwendet."
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"Falls <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; "
+"<option>SHA_CRYPT_MAX_ROUNDS</option>, wird der höhere Wert verwendet."
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "PAM-Konfiguration für <command>passwd</command>"
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "Berechtigung verweigert"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "ungültige Kombination von Optionen"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "unerwarteter Fehler, nichts wurde verändert"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "unerwarteter Fehler, die Datei <filename>passwd</filename> fehlt"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+"Datei <filename>passwd</filename> wird benutzt, bitte nochmal versuchen"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>passwd</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "lehnt höflich eine Anmeldung ab"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"Der Befehl <command>nologin</command> zeigt die Meldung an, dass ein Konto "
+"nicht verfügbar ist, und gibt einen Wert von ungleich Null zurück. Dies ist "
+"als Einsatz für das Shell-Feld bei abgeschalteten Konten vorgesehen."
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"Wie Sie alle Konten abschalten, erfahren Sie unter "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "GESCHICHTE"
+
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "Der Befehl <command>nologin</command> tauchte erstmals in BSD 4.4 auf."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "erstellt oder aktualisiert mehrere neue Benutzer am Stück"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "Datei"
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"Der Befehl <command>newusers</command> verwendet eine <replaceable>Datei</"
+"replaceable> (oder standardmäßig die Standardeingabe) und aktualisiert damit "
+"eine Gruppe bestehender Benutzer oder erstellt damit neue Benutzer. Jede "
+"Zeile hat dasselbe Format wie die übliche Passwortdatei (vergleiche "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) mit den unten aufgeführten Ausnahmen:"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_Name:pw_Passwort:pw_uid:pw_gid:pw_gecos:pw_Verz:pw_shell"
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_Name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "Dies ist der Name des Benutzers."
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "It can be the name of a new user or the name of an existing user (or an "
+#| "user created before by <command>newusers</command>). In case of an "
+#| "existing user, the user's information will be changed, otherwise a new "
+#| "user will be created."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Es kann sich dabei um den Namen eines neuen oder eines existierenden "
+"Benutzer (oder eines, der zuvor mit <command>newusers</command> erstellt "
+"wurde) handeln. Für den Fall, dass der Benutzer bereits vorhanden ist, "
+"werden seine Daten verändert, anderenfalls wird ein neuer Benutzer erstellt."
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_Passwort"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Dieses Feld wird verschlüsselt und als neuer Wert für das verschlüsselte "
+"Passwort verwendet."
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr "pw_uid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Mit diesem Feld wird die UID des Benutzers bestimmt."
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"Wenn dieses Feld leer ist, wird von <command>newusers</command> automatisch "
+"eine neue (noch freie) UID gewählt."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr "Wenn dieses Feld eine Zahl enthält, wird sie als UID verwendet."
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"Wenn dieses Feld den Namen eines existierenden Benutzers enthält (oder eines "
+"Benutzers, der zuvor mit <command>newusers</command> erstellt wurde), wird "
+"die UID des angegebenen Benutzers verwendet."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"Falls die UID eines bestehenden Benutzers verändert wird, muss der "
+"Eigentümer der Dateien des Benutzers per Hand angepasst werden."
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr "Mit diesem Feld wird die ID der Hauptgruppe des Benutzers definiert."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"Wenn dieses Feld den Namen einer existierenden Gruppe enthält (oder einer "
+"Gruppe, die zuvor mit <command>newusers</command> erstellt wurde), wird die "
+"GID dieser Gruppe als ID der Hauptgruppe des Benutzers verwendet."
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"Wenn dieses Feld eine Zahl enthält, wird sie als ID der Hauptgruppe des "
+"Benutzers verwendet. Falls eine Gruppe mit dieser GID nicht existiert, wird "
+"eine neue Gruppe mit dieser GID unter dem Namen des Benutzers erstellt."
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"Wenn dieses Feld leer ist, wird eine neue Gruppe unter dem Namen des "
+"Benutzers erstellt und von <command>newusers</command> automatisch eine neue "
+"GID gewählt, die als ID der Hauptgruppe des Benutzers und als GID für die "
+"neue Gruppe dient."
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"Wenn dieses Feld den Namen einer Gruppe enthält, die nicht vorhanden ist "
+"(und nicht zuvor von <command>newusers</command> erstellt wurde), wird eine "
+"neue Gruppe unter dem angegebenen Namen erstellt und von <command>newusers</"
+"command> automatisch eine neue GID gewählt, die als ID der Hauptgruppe des "
+"Benutzers und als GID für die neue Gruppe dient."
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Dieses Feld wird in das GECOS-Feld des Benutzers kopiert."
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_Verz"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr "Mit diesem Feld wird das Home-Verzeichnis des Benutzers definiert."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"Wenn in diesem Feld ein Verzeichnis angegeben wird, das nicht vorhanden ist, "
+"wird es erstellt. Dieses gehört dem Benutzer, der gerade erstellt und "
+"aktualisiert wird, und dessen Hauptgruppe."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"Wenn das Home-Verzeichnis eines vorhandenen Benutzers geändert wird, "
+"verschiebt oder kopiert <command>newusers</command> nicht den Inhalt des "
+"alten Verzeichnisses in das neue. Dies muss von Hand erledigt werden."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"Mit diesem Feld wird die Shell des Benutzers definiert. Diese Eingabe wird "
+"nicht überprüft."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"Zuerst erstellt und ändert <command>newusers</command> die angegebenen "
+"Benutzer und schreibt die Änderungen in die Benutzer- oder Gruppendatenbank. "
+"Falls ein Fehler auftritt (außer beim Schreiben in die Datenbanken), werden "
+"in den Datenbanken keine Änderungen vorgenommen."
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+"Im ersten Durchlauf werden Benutzer mit einem gesperrten Passwort erstellt; "
+"Passwörter von bereits vorhandenen Benutzern werden in diesem Stadium nicht "
+"verändert. Im zweiten Durchlauf werden die Passwörter mit PAM aktualisiert. "
+"Sofern dabei ein Fehler auftritt, wird dieser angezeigt, die Aktualisierung "
+"der übrigen Passwörter aber fortgesetzt."
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Dieser Befehl ist für den Einsatz in einer Umgebung mit zahlreichen Systemen "
+"vorgesehen, in der viele Konten gleichzeitig aktualisiert werden müssen."
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>newusers</command> unterstützt werden, "
+"sind:"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "Definiert die Methode, mit der die Passwörter verschlüsselt werden."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"Die verfügbaren Methoden sind DES, MD5, NONE und SHA256 oder SHA512, soweit "
+"Ihre libc sie unterstützt."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Systembenutzer werden ohne Hinterlegung des Alters ihres Passworts in "
+"<filename>/etc/shadow</filename> erstellt. Ihre numerische Kennung wird aus "
+"der Spanne <option>SYS_UID_MIN</option> bis <option>SYS_UID_MAX</option> "
+"anstelle von <option>UID_MIN</option> bis <option>UID_MAX</option> gewählt "
+"(gleiches gilt für die GID bei der Erstellung von Gruppen)."
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr ""
+"Verwendet die angegebene Anzahl von Runden, um die Passwörter zu "
+"verschlüsseln."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"Ein Wert von 0 bedeutet, dass das System die Standardanzahl der Runden "
+"(5000) für die Verschlüsselung verwenden wird."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr "Der Mindestwert ist 1000, der Höchstwert 999.999.999."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Sie können diese Option nur mit den Verschlüsselungsmethoden SHA256 und "
+"SHA512 verwenden."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Standardmäßig wird die Anzahl der Runden mit den Variablen "
+"SHA_CRYPT_MIN_ROUNDS und SHA_CRYPT_MAX_ROUNDS in <filename>/etc/login.defs</"
+"filename> definiert."
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Die Eingabedatei muss geschützt werden, da sie unverschlüsselte Passwörter "
+"enthält."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Sie sollten darauf achten, dass Passwörter und Verschlüsselungsmethode in "
+"Einklage mit der Passwortrichtlinie des Systems stehen."
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "Konfiguration von PAM für <command>newusers</command>."
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "als neue Gruppe anmelden"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "Gruppe"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"Mit dem Befehl <command>newgrp</command> kann während einer angemeldeten "
+"Sitzung die aktuelle Gruppen-ID geändert werden. Wenn zusätzlich der "
+"Schalter <option>-</option> angegeben wird, wird die Benutzerumgebung neu "
+"gestartet, so als ob sich der Benutzer neu angemeldet hätte. Anderenfalls "
+"bleibt die aktuelle Umgebung einschließlich des aktuellen "
+"Arbeitsverzeichnisses unverändert."
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+"<command>newgrp</command> wechselt von der aktuellen echten Gruppen-ID zu "
+"der angegeben Gruppe oder, falls kein Gruppenname angegeben wird, zu der "
+"Standardgruppe, wie sie in <filename>/etc/passwd</filename> festgelegt ist. "
+"Zudem versucht <command>newgrp</command>, die Gruppe der Gruppensammlung des "
+"Benutzers hinzuzufügen. Wenn der Benutzer nicht Root ist und die Gruppe ein "
+"Passwort hat und der Benutzer nicht Mitglied der Gruppe ist oder kein "
+"Passwort hat (in <filename>/etc/shadow</filename>, falls er einen Eintrag in "
+"der Shadow-Passwort-Datei hat, anderenfalls in <filename>/etc/passwd</"
+"filename>), wird er nach einem Passwort gefragt."
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+"Wenn sich in <filename>/etc/gshadow</filename> ein Eintrag für diese Gruppe "
+"befindet, wird die Mitgliederliste und das Passwort der Gruppe dieser Datei "
+"entnommen. Anderenfalls wird der Eintrag in <filename>/etc/group</filename> "
+"ausgewertet."
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "richtet Beschränkung von Anmeldezeiten ein"
+
+# SB: /etc/rc is not in Debian. Probably doesn't matter, since logoutd is not in Debian either.
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"<command>logoutd</command> setzt die Anmeldezeiten und Portbeschränkungen "
+"aus <filename>/etc/porttime</filename> um. <command>logoutd</command> sollte "
+"aus <filename>/etc/rc</filename> gestartet werden. Die Datei <filename>/var/"
+"run/utmp</filename> wird regelmäßig abgerufen, wobei jeder Benutzername "
+"darauf überprüft wird, ob er für den jeweiligen Port zur jeweiligen Zeit "
+"zugelassen ist. Alle angemeldeten Sitzungen, die gegen die Beschränkungen in "
+"<filename>/etc/porttime</filename> verstoßen, werden beendet."
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Liste der aktuellen angemeldeten Sitzungen"
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "Konfiguration der Werkzeugsammlung für Shadow-Passwörter"
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+"Die Datei <filename>/etc/login.defs</filename> legt die systemspezifische "
+"Konfiguration der Werkzeugsammlung für Shadow-Passwörter fest. Diese Datei "
+"muss vorhanden sein. Wenn sie fehlt, wird das System zwar laufen, es können "
+"aber unerwünschte Ergebnisse auftauchen."
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Diese Datei ist eine lesbare Textdatei. Jede Zeile der Datei beschreibt "
+"einen Konfigurationsparameter. Eine Zeile besteht aus einem "
+"Konfigurationsnamen und einem Wert, die durch ein Leerzeichen getrennt sind. "
+"Leer- und Kommentarzeilen werden nicht beachtet. Kommentare werden mit dem "
+"Rautezeichen »#« eingeleitet. Die Raute muss das erste nicht leere Zeichen "
+"der Zeile sein."
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+"Die Parameterwerte können aus vier Typen bestehen: Zeichenketten, Boolesch, "
+"Zahlen und lange Zahlen. Eine Zeichenkette kann aus jedem druckbaren Zeichen "
+"bestehen. Ein Boolesch sollte »yes« oder »no« sein. Einem anderen oder "
+"undefinierten Parameter für Boolesch wird der Wert »no« zugewiesen. Normale "
+"und lange Zahlen können aus Dezimalzahlen, Oktalzahlen (beginnen mit »0«) "
+"oder Hexadezimalzahlen (beginnen mit »0x«) bestehen. Die maximale Größe der "
+"Parameter normaler und langer Zahlen ist systemabhängig."
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Die folgenden Konfigurationsmöglichkeiten sind vorhanden:"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"Falls <replaceable>yes</replaceable>, benötigt das Programm <command>chfn</"
+"command> eine Authentifizierung, bevor es Änderungen vornimmt, sofern es "
+"nicht von Root ausgeführt wird."
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+"Der Parameter bestimmt, welcher Wert in dem <emphasis remap=\"I\">gecos</"
+"emphasis>-Feld von <filename>/etc/passwd</filename> von gewöhnlichen "
+"Benutzern mittels des Programms <command>chfn</command> geändert werden "
+"darf. Er kann aus jeder Kombination der Buchstaben <emphasis remap=\"I\">f</"
+"emphasis> ,<emphasis remap=\"I\">r</emphasis>, <emphasis remap=\"I\">w</"
+"emphasis> und <emphasis remap=\"I\">h</emphasis> bestehen. Diese Buchstaben "
+"stehen für den vollständigen Namen, die Zimmernummer, die geschäftliche "
+"Telefonnummer und die private Telefonnummer. Zum Zweck der "
+"Abwärtskompatibilität entspricht <replaceable>yes</replaceable> "
+"<replaceable>rwh</replaceable> und <replaceable>no</replaceable> "
+"<replaceable>frwh</replaceable>. Falls nichts festgelegt wird, kann nur Root "
+"Änderungen vornehmen. Die größte Einschränkung erreicht man besser, indem "
+"<filename>chfn</filename> nicht mit SUID-Rechten ausgestattet wird."
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"Falls <replaceable>yes</replaceable>, benötigt das Programm <command>chsh</"
+"command> eine Authentifizierung, bevor es Änderungen vornimmt, sofern es "
+"nicht von Root ausgeführt wird."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Das Löschzeichen des Terminals (<replaceable>010</replaceable> = Rücktaste, "
+"<replaceable>0177</replaceable> = Entf)."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+"Wenn der Wert mit »0« beginnt, wird er als Oktalzahl gewertet, wenn er mit "
+"»0x« beginnt, als Hexadezimalzahl."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+"Wartezeit in Sekunden, ehe nach einem fehlgeschlagenen Anmeldeversuch ein "
+"neuer unternommen werden kann"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+"aktiviert die Protokollierung und Anzeige der Informationen zu "
+"fehlgeschlagenen Anmeldeversuchen in <filename>/var/log/faillog</filename>"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"Falls angegeben, führt <command>login</command> diese Shell anstelle der in "
+"<filename>/etc/passwd</filename> angegebenen Shell des Benutzers aus."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+"Falls angegeben, werden fehlgeschlagene Anmeldeversuche in dieser Datei im "
+"Format utmp protokolliert."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+"Falls angegeben, kann diese Datei die übliche Informationsanzeige während "
+"des Anmeldevorgangs unterbinden. Wenn ein vollständiger Pfad angegeben wird, "
+"wird der Modus ohne Anmeldeinformationen verwendet, wenn der Name oder die "
+"Shell des Benutzers in der Datei enthalten sind. Wenn kein vollständiger "
+"Pfad angegeben wird, wird der Modus ohne Anmeldeinformationen aktiviert, "
+"wenn die Datei im Home-Verzeichnis des Benutzers existiert."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+"Falls angegeben, wird diese Datei vor der Anmeldeaufforderung angezeigt."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+"Das KILL-Zeichen des Terminals (<replaceable>025</replaceable> = CTRL/U)."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+"aktiviert die Protokollierung und Anzeige der Informationen zu Anmeldezeiten "
+"in <filename>/var/log/lastlog</filename>"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "aktiviert die Protokollierung erfolgreicher Anmeldungen"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+"aktiviert die Anzeige unbekannter Benutzernamen, wenn fehlgeschlagene "
+"Anmeldeversuche aufgezeichnet werden"
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Hinweis: Das Protokollieren unbekannter Benutzernamen kann ein "
+"Sicherheitsproblem darstellen, wenn ein Benutzer sein Passwort anstelle "
+"seines Anmeldenamens eingibt."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+"maximale Anzahl von Anmeldeversuchen, wenn ein falsches Passwort eingegeben "
+"wird"
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"Dies wird höchstwahrscheinlich von PAM überschrieben, da standardmäßig das "
+"Modul pam_unix drei Versuche enthält. Dennoch stellt dies ein zusätzliches "
+"Sicherungssystem dar, falls Sie eine Anmeldemöglichkeit einsetzen, die nicht "
+"PAM_MAXTRIES beachtet."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "Höchstdauer für einen Anmeldeversuch"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+"Falls angegeben, eine Aufzählung von Dateien, welche die bei der Anmeldung "
+"anzuzeigenden »Nachrichten des Tages« enthält. Die Dateien werden mit einem "
+"»:« getrennt."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+"Falls angegeben, der Name einer Datei, deren Existenz Anmeldungen außer von "
+"Root verhindert. Der Inhalt der Datei sollte die Gründe enthalten, weshalb "
+"Anmeldungen untersagt sind."
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> und "
+"<option>PASS_WARN_AGE</option> werden nur bei der Erstellung eines Kontos "
+"verwendet. Spätere Änderungen dieser Werte berühren bestehende Konten nicht."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+"aktiviert die Auswertung der in <filename>/etc/porttime</filename> "
+"angegebenen Zeitbegrenzungen"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (Zeichenkette)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (Zeichenkette)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+"Die Rechte des Terminals: Das Anmelde-tty gehört der Gruppe "
+"<option>TTYGROUP</option> an, die Rechte werden auf <option>TTYPERM</option> "
+"gesetzt."
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"Standardmäßig ist der Eigentümer des Terminals die Hauptgruppe des "
+"Benutzers, die Rechte werden auf <replaceable>0600</replaceable> gesetzt."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+"<option>TTYGROUP</option> kann der Gruppenname oder die als Zahl "
+"ausgedrückte Gruppen-ID sein."
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+"Wenn Sie ein <command>write</command>-Programm haben, das »setgid« für eine "
+"Gruppe besitzt, der das Terminal gehört, sollten Sie TTYGROUP die "
+"Gruppennummer und TTYPERM den Wert 0620 zuweisen. Oder Sie sollten TTYGROUP "
+"als Kommentar belassen und TTYPERM den Wert 622 oder 600 zuweisen."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+"Falls angegeben, eine Datei, welche einer tty-Zeile den Umgebungsparameter "
+"TERM zuweist. Jede Zeile hat das Format wie etwa »vt100 tty01«."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "der Standardwert von <command>ulimit</command>"
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "QUERVERWEISE"
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"Die folgenden Querverweise zeigen, welche Programme aus der Shadow-Passwort-"
+"Werkzeugsammlung welche Parameter verwenden."
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN "
+"UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK "
+"USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"Ein Großteil der Funktionen, die früher einmal durch die Shadow-Passwort-"
+"Werkzeugsammlung angeboten wurden, wird heute durch PAM zur Verfügung "
+"gestellt. Daher wird <filename>/etc/login.defs</filename> nicht länger von "
+"Programmen wie <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> ausgewertet und von "
+"Programmen wie <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> oder "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> nur noch in geringem Umfang beachtet. Sie sollten daher für "
+"eine entsprechende Konfiguration in den Dateien von PAM nachsehen."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "Tabelle für die Zugangskontrolle zur Anmeldung"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+"Die Datei <emphasis remap=\"I\">login.access</emphasis> legt Kombinationen "
+"von (Benutzer, Rechner) und (Benutzer, tty) fest, für die eine Anmeldung "
+"erlaubt oder abgelehnt wird."
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+"Wenn sich jemand anmeldet, wird <emphasis remap=\"I\">login.access</"
+"emphasis> nach dem ersten Eintrag durchsucht, auf den die Kombination von "
+"(Benutzer, Rechner) oder, bei lokalen Anmeldungen, von (Benutzer, tty) "
+"zutrifft. Das Feld für die Erlaubnis bestimmt, ob die Anmeldung zugelassen "
+"oder abgelehnt wird."
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"Jede Zeile der Tabelle für die Zugangskontrolle enthält drei Felder, die "
+"jeweils durch einen Doppelpunkt »:« getrennt sind:"
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">Erlaubnis</emphasis>:<emphasis remap=\"I\">Benutzer</"
+"emphasis>:<emphasis remap=\"I\">Herkunft</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+"Das erste Feld kann das Zeichen »<emphasis>+</emphasis>« (Zugriff erlaubt) "
+"oder »<emphasis>-</emphasis>« (Zugriff verweigert) sein. Das zweite Feld "
+"kann eine Liste von einem oder mehreren Anmeldenamen, Gruppennamen oder "
+"<emphasis>ALL<emphasis> (trifft immer zu) sein. Das dritte Feld kann eine "
+"Liste von einem oder mehreren tty-Namen (für lokale Anmeldungen), Rechner-"
+"Namen, Domain-Namen (beginnen mit einem »<literal>.</literal>«), Rechner-"
+"Adressen, Internet-Netzwerk-Nummern (enden mit einem »<literal>.</"
+"literal>«), <emphasis>ALL</emphasis> (trifft immer zu) oder <emphasis>LOCAL</"
+"emphasis> (trifft auf alle Zeichenketten zu, die keinen »<literal>.</"
+"literal>« enthalten). Falls Sie NIS einsetzen, können Sie in den Rechner- "
+"und Benutzerangaben auch @netgroupname verwenden."
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+"Der Operator <emphasis>EXCEPT</emphasis> ermöglicht es, sehr kurze Regeln zu "
+"schreiben."
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+"Die Gruppendatei wird nur durchsucht, wenn ein Name nicht mit dem des "
+"angemeldeten Benutzers übereinstimmt. Eine Übereinstimmung mit Gruppen wird "
+"nur festgestellt, wenn darin der Benutzer ausdrücklich aufgeführt ist. Das "
+"Programm beachtet also nicht den Wert der Hauptgruppe des Benutzers."
+
+# SB: Translation of login.1 based on Josef Spillner's
+# (josef@ggzgamingzone.org) from 2003. Mention somewhere else as well?
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "startet eine Sitzung auf dem System"
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "Rechner"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+"Das Programm <command>login</command> wird verwendet, um eine neue Sitzung "
+"auf dem System zu starten. Es wird normalerweise automatisch als Antwort auf "
+"die <emphasis remap=\"I\">login:</emphasis>-Eingabeaufforderung auf dem "
+"Terminal des Benutzers ausgeführt. <command>login</command> kann von der "
+"Shell besonders behandelt werden und kann nicht als Subprozess gestartet "
+"werden. Wenn <command>login</command> von einer Shell aufgerufen wird, "
+"sollte es als <emphasis remap=\"B\">exec login</emphasis> ausgeführt werden, "
+"so dass die aktuelle Shell des Benutzers beendet wird (und somit verhindert "
+"wird, dass der neue Benutzer in die Sitzung des alten zurückkehren kann). "
+"Der Versuch, von einer Shell außer der Anmelde-Shell <command>login</"
+"command> auszuführen, wird eine Fehlermeldung erzeugen."
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+"Falls erforderlich, wird der Benutzer anschließend nach einem Passwort "
+"gefragt. Dieses wird während der Eingabe nicht angezeigt. Es sind nur eine "
+"kleine Anzahl von Anmeldeversuchen zulässig, ehe <command>login</command> "
+"abbricht und die Kommunikation getrennt wird."
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+"Falls der Passwortverfall für Ihr Konto aktiviert wurde, kann es sein, dass "
+"Sie vor der weiteren Nutzung nach einem neuen Passwort gefragt werden. Sie "
+"müssen Ihr altes und neues Passwort angegeben, bevor Sie fortfahren können. "
+"In der Dokumentation zu <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> finden sich weitere "
+"Informationen."
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+"Nach einer erfolgreichen Anmeldung werden Ihnen Systemmeldungen präsentiert, "
+"sowie das Vorhandensein von Mails angezeigt. Die Anzeige der systemweiten "
+"Nachrichtendatei <filename>/etc/motd</filename> kann abgeschaltet werden, "
+"indem im Anmeldeverzeichnis eine leere Datei <filename>.hushlogin</filename> "
+"angelegt wird. Je nach Zustand der Mailbox des Benutzers ist die "
+"Mailnachricht entweder »<emphasis>Sie haben neue Mails.</emphasis>«, "
+"»<emphasis>Sie haben Mails.</emphasis>« oder »<emphasis>Keine Mails.</"
+"emphasis>«."
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+"Die Benutzer- und Gruppen-IDs werden gemäß den Werten in <filename>/etc/"
+"passwd</filename> gesetzt. Die Werte für <envar>$HOME</envar>, <envar>"
+"$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar> und <envar>"
+"$MAIL</envar> werden ebenfalls entsprechend den Feldern im Passworteintrag "
+"gesetzt. Werte für ulimit, umask und nice können ebenfalls gemäß den Werten "
+"im GECOS-Feld gesetzt werden."
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+"Bei einigen Installationen wird anfänglich die Umgebungsvariable <envar>"
+"$TERM</envar> entsprechend dem Terminaltyp Ihrer tty-Zeile, wie sie in "
+"<filename>/etc/ttytype</filename> angegeben ist, gesetzt."
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"Ein Startskript für Ihren Befehlsinterpreter kann auch ausgeführt werden. "
+"Sehen Sie bitte in den entsprechenden Handbuchseiten für weitere "
+"Informationen darüber nach."
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+"Es liegt NICHT in der Verantwortung von <command>login</command>, Benutzer "
+"aus der utmp-Datei zu entfernen. Sowohl <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> als auch "
+"<citerefentry><refentrytitle>init</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> sind dafür zuständig, die offenkundige Eigentümerstellung "
+"einer Terminalsitzung aufzuräumen. Falls Sie <command>login</command> von "
+"der Shell ohne <command>exec</command> verwenden, wird der Benutzer, den Sie "
+"verwenden, weiterhin als angemeldet erscheinen, obwohl Sie die "
+"»untergeordnete Sitzung« beendet haben."
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "Keine Authentifizierung durchführen, Benutzer ist bereits angemeldet."
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+"Hinweis: In diesem Fall muss <replaceable>Benutzername</replaceable> "
+"angegeben werden."
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Name des entfernt stehenden Rechners für die Anmeldung"
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "behält die Umgebungseinstellungen bei"
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "führt das Autologin-Protokoll für rlogin aus"
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Die Optionen <option>-r</option>, <option>-h</option> und <option>-f</"
+"option> können nur verwendet werden, wenn <command>login</command> von Root "
+"ausgeführt wird."
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Diese Version von <command>login</command> hat viele Optionen für die "
+"Kompilierung, wobei eventuell nicht alle Optionen auf allen Systemen "
+"verwendet werden."
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+"Der Ort der Konfigurationsdateien kann je nach Konfiguration des Systems "
+"unterschiedlich sein."
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+"Wie bei jedem anderen Programm kann auch das Erscheinungsbild von "
+"<command>login</command> vorgespiegelt werden. Falls unseriöse Benutzer "
+"physischen Zugriff auf den Rechner haben, kann dies von einem Angreifer "
+"verwendet werden, um das Passwort der Person zu erhalten, die sich als "
+"nächste vor den Rechner setzt. In Linux können Benutzer den SAK-Mechanismus "
+"verwenden, um einen vertrauenswürdigen Pfad zu erstellen und somit diesem "
+"Angriff zu entgehen."
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Liste der vorangegangenen angemeldeten Sitzungen"
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "Datei mit der Systemmeldung des Tages"
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "verhindert, dass sich Benutzer außer Root anmelden"
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "Liste der Terminaltypen"
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "unterdrückt die Ausgabe von Systemnachrichten"
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr "Luca"
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr "Berra"
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "Festlegung von Resourcenbeschränkungen"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+"Die <emphasis remap=\"I\">limits</emphasis>-Datei (standardmäßig <filename>/"
+"etc/limits</filename> oder die durch LIMITS_FILE in <filename>config.h</"
+"filename> festgelegte) bezeichnet die von Ihnen eingeführte Beschränkung von "
+"Ressourcen. Sie sollte Root gehören und nur von ihm lesbar sein."
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+"Standardmäßig bestehen für Root keine Einschränkungen. Tatsächlich gibt es "
+"keine Möglichkeit, mit diesem Verfahren Root-Konten (Konten mit der UID 0) "
+"Beschränkungen aufzuerlegen."
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr ""
+"Jede Zeile beschreibt eine Beschränkung für einen Benutzer in der Form:"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "Benutzer BESCHRÄNKUNGSZEICHENKETTE"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "oder in der Form:"
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@Gruppe BESCHRÄNKUNGSZEICHENKETTE"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"Die <emphasis>BESCHRÄNKUNGSZEICHENKETTE</emphasis> ist eine Kette von "
+"Ressourcen-Beschränkungen. Jede Beschränkung besteht aus einer "
+"Buchstabenkennung, der eine zahlenmäßige Beschränkung folgt."
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "Gültige Kennungen sind:"
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A: maximaler Adressraum (KB)"
+
+# SB: Uebersetzung von "core file"?
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr "C: maximale Größe der Speicherabbild-Datei"
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D: maximale Datengröße (KB)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F: maximale Dateigröße (KB)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K: Maske für die Dateierstellung, wird von "
+"<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></"
+"citerefentry> gesetzt."
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+"I: Maximaler Wert von nice (0 bis 39, was in 20 bis -19 übersetzt wird)"
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L: maximale Anzahl von Logins für diesen Benutzer"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr "M: maximaler gesperrter Adressbereich im Speicher (KB)"
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N: maximale Anzahl offener Dateien"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O: Maximale Echtzeit-Priorität "
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P: Prozesspriorität, wird von <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry> gesetzt."
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr "R: maximale Resident Set Size (KB)"
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S: maximale Größe des Stapelverarbeitungsspeichers (KB)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T: maximale CPU-Zeit (Min)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U: maximale Anzahl von Prozessen"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"Zum Beispiel ist <emphasis remap=\"I\">L2D2048N5</emphasis> eine gültige "
+"<emphasis>BESCHRÄNKUNGSZEICHENKETTE</emphasis>. Um das Lesen zu erleichtern, "
+"werden folgende Einträge gleich behandelt:"
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+msgstr ""
+"\n"
+" Benutzername L2D2048N5\n"
+" Benutzername L2 D2048 N5\n"
+" "
+
+#: limits.5.xml:145(para)
+#, fuzzy
+#| msgid ""
+#| "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+#| "the line is considered a limit string, thus comments are not allowed. A "
+#| "invalid limits string will be rejected (not considered) by the "
+#| "<command>login</command> program."
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+"Beachten Sie, dass nach <emphasis remap=\"I\">Benutzername</emphasis> die "
+"übrige Zeile als Zeichenkette für Beschränkungen angesehen wird. Kommentare "
+"sind daher nicht zulässig. Eine ungültige Zeichenkette wird von "
+"<command>login</command> ignoriert."
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+"Standardwerte werden mit dem Benutzernamen »<emphasis>*</emphasis>« "
+"festgelegt. Falls Sie mehrfach <emphasis remap=\"I\">Standard</emphasis>-"
+"Werte in der <emphasis>BESCHRÄNKUNGSDATEI</emphasis> bestimmen, wird nur der "
+"letzte berücksichtigt."
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"Beschränkungen, die in der Form »<replaceable>@group</replaceable>« "
+"festgelegt wurden, gelten für alle Mitglieder der angegebenen Gruppe "
+"<replaceable>group</replaceable>."
+
+#: limits.5.xml:165(para)
+#, fuzzy
+#| msgid ""
+#| "If more than one line with limits for an user exist, only the first line "
+#| "for this user will be considered."
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"Wenn mehr als eine Zeile mit Beschränkungen für einen Benutzer vorhanden "
+"ist, wird für ihn nur die erste Zeile berücksichtigt."
+
+#: limits.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "If no lines are specified for an user, the last <replaceable>@group</"
+#| "replaceable> line matching a group whose the user is a member of will be "
+#| "considered, or the last line with default limits if no groups contain the "
+#| "user."
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+"Wenn keine Zeile auf einen Benutzer zutrifft, wird auf ihn die letzte Zeile "
+"mit <replaceable>@group</replaceable> angewendet, die auf eine Gruppe "
+"verweist, deren Mitglied er ist. Wenn er auch nicht Mitglied einer der "
+"aufgeführten Gruppe ist, wird auf ihn die letzte Zeile, in der Standardwerte "
+"bestimmt sind, angewendet."
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+"Mit einem Gedankenstrich »<emphasis>-</emphasis>« können Sie alle "
+"Beschränkungen für einen Benutzer zu entfernen."
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+"Um für einen Benutzer eine bestimmte Beschränkung zu entfernen, müssen Sie "
+"für diese Beschränkung anstelle des numerischen Wertes einen Gedankenstrich "
+"»<replaceable>-</replaceable>« setzen."
+
+# SB: Well, there is PAM with /etc/security/limits.conf
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+"Berücksichtigen Sie auch, dass alle Beschränkungen nur JE ANMELDUNG gelten. "
+"Sie sind nicht global und auch nicht dauerhaft. Vielleicht wird es einmal "
+"globale Beschränkungen geben, für jetzt muss dies aber reichen ;)"
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr "berichtet die letzte Anmeldung für alle oder einen bestimmten Benutzer"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"<command>lastlog</command> formatiert und gibt den Inhalt der Datei mit den "
+"letzten Anmeldungen, <filename>/var/log/lastlog</filename>, aus. Der "
+"<emphasis>Anmeldename</emphasis>, der <emphasis>Port</emphasis> und der "
+"<emphasis>Zeitpunkt der letzten Anmeldung</emphasis> werden angezeigt. "
+"Standardmäßig (keine Optionen) werden die Lastlog-Einträge in der "
+"Reihenfolge, wie sie sich in <filename>/etc/passwd</filename> befinden, "
+"ausgegeben."
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>lastlog</command> unterstützt werden, "
+"sind:"
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>TAGE</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"gibt nur Lastlog-Einträge aus, die älter als <emphasis remap=\"I\">TAGE</"
+"emphasis> sind"
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "This option is only valid in combination with the <option>-d</option> (or "
+#| "<option>--home</option>) option."
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+"Diese Option ist nur in Verbindung mit der Option <option>-d</option> (oder "
+"<option>--home</option>) zulässig."
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>TAGE</"
+"replaceable>"
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"gibt nur Lastlog-Einträge aus, die neuer als <emphasis remap=\"I\">TAGE</"
+"emphasis> sind"
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>MENGE</replaceable>"
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr "gibt nur die Lastlog-Einträge für die angegebenen Benutzer aus"
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+"Die Bestimmung der Benutzer erfolgt durch ihren Anmeldenamen, ihrer "
+"zahlenmäßigen Benutzer-ID oder einer <replaceable>MENGE</replaceable> von "
+"Benutzern. Diese <replaceable>MENGE</replaceable> kann mit Minimum- und "
+"Maximumwerten (<replaceable>UID_MIN-UID_MAX</replaceable>), nur mit einem "
+"Maximumwert (<replaceable>UID_MIN-UID_MAX</replaceable>) oder nur einem "
+"Minimumwert (<replaceable>UID_MIN-</replaceable>) bestimmt werden."
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"Wenn sich ein Benutzer noch nie angemeldet hat, wird die Meldung "
+"<emphasis>** Never logged in**</emphasis> anstatt von Port und Zeit "
+"angezeigt."
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+"Es werden nur Einträge für auf dem System vorhandene Benutzer angezeigt, "
+"selbst wenn Einträge über gelöschte Benutzer noch vorhanden sind."
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "ANMERKUNGEN"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Bei der Datei <filename>lastlog</filename> handelt es sich um eine "
+"Datenbank, die Informationen zur letzten Anmeldung der Benutzer enthält. Sie "
+"sollten sie nicht austauschen. Es handelt sich um eine Sparse-Datei, so dass "
+"die tatsächliche Größe auf dem Speichermedium gewöhnlich viel kleiner ist "
+"als von »<command>ls -l</command>« angezeigt wird (was eine sehr große Datei "
+"anzeigen kann, wenn sich Benutzer mit einer großen UID in <filename>passwd</"
+"filename> befinden). Die wirkliche Dateigröße lässt sich mit »<command>ls -"
+"s</command>« anzeigen."
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "Datenbank mit Zeiten der letzten Anmeldung der Benutzer"
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"Große Lücken in den UID-Zahlen haben zur Folge, dass das Lastlog-Programm "
+"längere Zeit ohne Bildschirmausgabe läuft. Wenn sich z.B. in der Datenbank "
+"von Lastlog kein Eintrag für Benutzer mit der UID zwischen 170 und 800 "
+"befindet, wird es scheinen, als ob lastlog stehen geblieben ist, während es "
+"die Einträge mit der UID 171 bis 799 verarbeitet."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr "ursprünglicher Autor, 2005"
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "Shadow-Datei für Gruppen"
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"In <filename>/etc/gshadow</filename> befinden sich die Informationen für das "
+"Shadow-Gruppen-System."
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+"Die darin enthaltenen Zeilen haben folgende Felder, die durch Doppelpunkt "
+"getrennt sind:"
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "Gruppenname"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr ""
+"Es muss sich um einen gültigen, auf dem System vorhandenen Gruppennamen "
+"handeln."
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Wenn das Passwortfeld eine Zeichenkette enthält, die kein zulässiges "
+"Ergebnis von <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> ist, z.B. ! oder *, können Benutzer nicht mit "
+"einem Unix-Passwort Zugang zu der Gruppe erhalten, wobei Gruppenmitglieder "
+"kein Passwort benötigen."
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The password is used when an user who is not a member of the group wants "
+#| "to gain the permissions of this group (see "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>)."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Das Passwort wird angefordert, wenn ein Benutzer, der nicht Mitglied der "
+"Gruppe ist, die Berechtigungen dieser Gruppe erhalten will (vergleiche "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>)."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+"Dieses Feld kann leer bleiben. Dies hat zur Folge, dass nur "
+"Gruppenmitglieder von den Rechten der Gruppe Gebrauch machen können."
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+"Dieses Passwort geht den in <filename>/etc/group</filename> definierten "
+"Passwörtern vor."
+
+# SB: Gruppenverwalter ist besser als Administrator, weil so keine Verwechslung mit Systemadminstrator.
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "Gruppenverwalter"
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr ""
+"Es muss sich dabei um eine durch Kommas getrennte Liste von Benutzernamen "
+"handeln."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+"Gruppenverwalter können das Passwort und die Mitglieder der Gruppe ändern."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"Gruppenverwalter haben die gleichen Recht wie die Gruppenmitglieder (siehe "
+"unten)."
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "Mitglieder"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+"Mitglieder haben Zugang zu der Gruppe, ohne eine Passwort eingeben zu müssen."
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Sie sollten die gleiche Benutzerliste wie in <filename>/etc/group</filename> "
+"verwenden."
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "überprüft die Stimmigkeit der Gruppendateien"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+"Der Befehl <command>grpwck</command> überprüft die Stimmigkeit der "
+"Informationen über die Gruppen. Alle Einträge in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">und <filename>/etc/gshadow</"
+"filename></phrase> werden darauf überprüft, ob sie das richtige Format haben "
+"und gültige Daten enthalten. Bei einem Eintrag, der falsch formatiert ist "
+"oder andere unbehebbare Fehler enthält, wird der Benutzer aufgefordert, ihn "
+"zu löschen."
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "einen eindeutigen und gültigen Gruppennamen"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"eine gültige Gruppenkennung <phrase condition=\"gshadow\"> (nur für "
+"<filename>/etc/group</filename>)</phrase>"
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+"eine gültige Liste der Mitglieder <phrase condition=\"gshadow\"> und "
+"Gruppenverwalter</phrase>"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+"einen passenden Eintrag in der Datei <filename>/etc/gshadow</filename> "
+"(oder in <filename>/etc/group</filename> bei der Überprüfung von "
+"<filename>gshadow</filename>)"
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+"Fehler bei der Überprüfung der richtigen Anzahl der Felder und des "
+"eindeutigen Benutzernamens sind schwerwiegend. Wenn ein Eintrag die falsche "
+"Anzahl von Feldern aufweist, wird der Benutzer aufgefordert, die gesamte "
+"Zeile zu löschen. Wenn er dies ablehnt, werden alle weiteren Tests "
+"ausgelassen. Bei einem Eintrag mit einem mehrfach verwendeten Benutzernamen "
+"wird der Benutzer aufgefordert, diesen Eintrag zu löschen. Sollte er dies "
+"ablehnen, werden dennoch die übrigen Tests ausgeführt. Bei allen anderen "
+"Fehlern wird eine Warnung ausgegeben und der Benutzer aufgefordert, den "
+"Fehler mittels des Befehls <command>groupmod</command> zu beheben."
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+"Die Befehle, welche die <phrase condition=\"no_gshadow\">Datei <filename>/"
+"etc/group</filename></phrase><phrase condition=\"gshadow\">Dateien "
+"<filename>/etc/group</filename> und <filename>/etc/gshadow</filename></"
+"phrase> bearbeiten, können falsche oder doppelte Einträge nicht verändern. "
+"In solchen Fällen sollte <command>grpwck</command> verwendet werden, um die "
+"betreffenden Einträge zu entfernen."
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>grpck</command> unterstützt werden, "
+"sind:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+"Führt den Befehl <command>grpck</command> im Modus Nur-Lesen aus. Dies hat "
+"zur Folge, dass alle Fragen, ob Veränderungen vorgenommen werden sollen, mit "
+"<emphasis>no</emphasis> beantworteten werden, ohne dass der Benutzer "
+"einzugreifen braucht."
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"Ordnet die Einträge in <filename>/etc/group</filename><phrase condition="
+"\"gshadow\">und <filename>/etc/gshadow</filename></phrase> nach der GID."
+
+#: grpck.8.xml:196(para)
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"Standardmäßig arbeitet <command>grpck</command> mit <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\"> und <filename>/etc/gshadow</"
+"filename></phrase>. Der Benutzer kann andere Dateien mit <phrase condition="
+"\"no_gshadow\">dem Parameter <emphasis remap=\"I\">group</emphasis></"
+"phrase><phrase condition=\"gshadow\">den Parametern <emphasis remap=\"I"
+"\">group</emphasis> und <emphasis remap=\"I\">shadow</emphasis></phrase> "
+"auswählen."
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "ein oder mehrere fehlerhafte Gruppeneinträge"
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "Die Gruppendateien können nicht geöffnet werden."
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "Die Gruppendateien können nicht gesperrt werden."
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "Die Gruppendateien können nicht aktualisiert werden."
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>grpck</command> gibt beim Beenden folgende Werte zurück: "
+"<placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "zeigt die aktuell verwendeten Gruppennamen an"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "Benutzer"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+"Der Befehl <command>groups</command> zeigt die momentan verwendeten "
+"Gruppennamen oder IDs an. Wenn einem Wert kein Eintrag in <filename>/etc/"
+"group</filename> entspricht, wird die Gruppennummer ausgegeben. Mit der "
+"Option <emphasis remap=\"I\">user</emphasis> werden nur die Gruppen des "
+"bezeichneten <emphasis remap=\"I\">Benutzers</emphasis> angezeigt."
+
+# SB: Ãœbersetzung von "concurrent group set"?
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+"Auf Systemen, die keine simultanen Gruppen unterstützen, werden die "
+"Informationen aus <filename>/etc/group</filename> ausgegeben. Wenn der "
+"Benutzer seine tatsächliche und effektive Gruppen-ID ändern will, muss er "
+"<command>newgrp</command> oder <command>sg</command> verwenden."
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "ändert die Eigenschaften einer Gruppe auf dem System"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GRUPPE"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"Der Befehl <command>groupmod</command> ändert die Eigenschaften der "
+"angegebenen <replaceable>GRUPPE</replaceable>, indem die passenden Einträge "
+"in der Gruppendatenbank geändert werden."
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>groupmod</command> unterstützt werden, "
+"sind:"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"Die Gruppen-ID der angegebenen <replaceable>GRUPPE</replaceable> wird zu "
+"<replaceable>GID</replaceable> geändert."
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"Der Wert von <replaceable>GID</replaceable> muss eine nicht negative, "
+"dezimale Zahl sein. Er muss eindeutig sein, außer wenn die Option <option>-"
+"o</option> verwendet wird."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"Benutzer, welche die Gruppe als Hauptgruppe verwenden, werden aktualisiert, "
+"um die Gruppe als Hauptgruppe zu behalten."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+"Bei Dateien, welche die alte Gruppen-ID haben und weiterhin der Gruppe "
+"<replaceable>GROUP</replaceable> gehören sollen, muss die Gruppen-ID per "
+"Hand angepasst werden."
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Die Werte von <option>GID_MIN</option>, <option>GID_MAX</option>, "
+"<option>SYS_GID_MIN</option> und <option>SYS_GID_MAX</option> aus <filename>/"
+"etc/login.defs</filename> werden nicht geprüft."
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEUE_GRUPPE</replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Der Gruppenname wird vom Namen <replaceable>GRUPPE</replaceable> zu "
+"<replaceable>NEUE_GRUPPE</replaceable> geändert."
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"Wenn sie mit der Option <option>-g</option> verwendet wird, kann mit ihr der "
+"Wert der Gruppen-<replaceable>GID</replaceable> auf einen nicht eindeutigen "
+"Wert gesetzt werden."
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "Gruppenname wird schon verwendet"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>groupmod</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr "George"
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr "Kraft"
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr "IV"
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr "ursprünglicher Autor, 2000"
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "verwaltet die Mitglieder der Hauptgruppe eines Benutzers"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "Benutzer_Name"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "Gruppen_Name"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+# SB: 1. I don't understand "sake"? A typo? But of what? 2. I think we shouldn't have the notorious guest account here as an example.
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+"Mit dem Befehl <command>groupmems</command> kann ein Benutzer die "
+"Mitgliederliste seiner eigenen Gruppe verwalten, ohne Root-Rechte zu "
+"benötigen. Das Werkzeug <command>groupmems</command> ist für Systeme "
+"gedacht, auf denen die Hauptgruppe eines Benutzers den gleichen Namen hat "
+"wie der Benutzer (z.B. fritz/fritz)."
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Nur Root als Administrator kann mit <command>groupmems</command> die "
+"Mitgliederlisten anderer Gruppen bearbeiten."
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>groupmems</command> unterstützt "
+"werden, sind:"
+
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>Benutzer_Name</"
+"replaceable>"
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Fügt einen Benutzer der Mitgliederliste der Gruppe hinzu."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"Wenn die Datei <filename>/etc/gshadow</filename> vorhanden ist, die Gruppe "
+"darin aber keinen Eintrag hat, wird ein solcher erstellt."
+
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>Benutzer_Name</replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Löscht einen Benutzer aus der Mitgliederliste der Gruppe."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"Wenn <filename>/etc/gshadow</filename> vorhanden ist, wird der Benutzer aus "
+"der Liste der Mitglieder und Gruppenverwalter entfernt."
+
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;"
+"<replaceable>Gruppen_Name</replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+"Root kann eine Gruppen bestimmen, deren Mitgliederliste er bearbeiten will."
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "gibt die Mitgliederliste aus"
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "löscht alle Benutzer aus der Mitgliederliste der Gruppe"
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr "EINRICHTUNG"
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+"Die ausführbare Datei <command>groupmems</command> sollte die Rechte "
+"<literal>2770</literal> haben und dem Benutzer <emphasis>root</emphasis> und "
+"der Gruppe <emphasis>groups</emphasis> gehören. Der Systemadministrator kann "
+"Benutzer der Gruppe <emphasis>groups</emphasis> hinzufügen, um ihnen zu "
+"ermöglichen, mit <command>groupmems</command> die Mitgliederliste ihrer "
+"eigenen Gruppe zu verwalten."
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "verschlüsselte Informationen zu den Gruppenkonten"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "löscht eine Gruppe"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"Der Befehl <command>groupdel</command> bearbeitet die Kontodateien des "
+"Systems und löscht darin alle Einträge, die auf die <replaceable>Gruppe</"
+"replaceable> verweisen. Die bezeichnete Gruppe muss existieren."
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>groupdel</command> unterstützt werden, "
+"sind:"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Sie können nicht die Hauptgruppe eines Benutzers entfernen. Dazu müssten Sie "
+"zunächst den betreffenden Benutzer löschen."
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Sie sollten von Hand alle Systemdateien überprüfen, um sicherzustellen, dass "
+"keine Dateien, die der gelöschten Gruppe angehören, vorhanden sind."
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "Die Hauptgruppe eines Benutzers kann nicht entfernen werden."
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>groupdel</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "erstellt eine neue Gruppe"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+"Der Befehl <command>groupadd</command> erstellt ein neues Gruppenkonto. "
+"Dabei verwendet er die Werte, die auf der Befehlszeile angegeben wurden, "
+"oder die Standardwerte des Systems. Soweit es notwendig ist, wird die neue "
+"Gruppe den Systemdateien hinzugefügt."
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>groupadd</command> unterstützt werden, "
+"sind:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+"Die Option führt dazu, dass der Befehl nur dann erfolgreich beendet wird, "
+"wenn die angegebene Gruppe existiert. Falls diese Option zusammen mit der "
+"Option <option>-g</option> verwendet wird und die angegebene GID schon "
+"vergeben ist, wird eine andere, eindeutige GID gewählt (d.h. <option>-g</"
+"option> wird nicht beachtet)."
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"Der zahlenmäßige Wert der Gruppen-ID. Dieser Wert muss eindeutig sein, "
+"sofern nicht die Option <option>-o</option> verwendet wird. Der Wert darf "
+"nicht negativ sein. Standardmäßig wird der kleinste Wert größer als oder "
+"gleich <option>GID_MIN</option> und größer als jeder andere Wert einer "
+"Gruppe verwendet."
+
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Vergleichen Sie auch die Option <option>-r</option> und die Ausführungen zu "
+"<option>GID_MAX</option>."
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Ãœberschreibt die Standardwerte von <filename>/etc/login.defs</filename> "
+"(GID_MIN, GID_MAX und weitere). Diese Option kann mehrfach verwendet werden."
+
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Beispiel: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Hinweis: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> funktioniert noch nicht."
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+"Diese Option erlaubt es, eine Gruppe mit einer nicht eindeutigen GID zu "
+"erstellen."
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "erstellt eine neue Systemgruppe"
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+"Die zahlenmäßige Kennung einer neuen Systemgruppe wird aus der Spanne von "
+"<option>SYS_GID_MIN</option> bis <option>SYS_GID_MAX</option> gewählt, "
+"welche in <filename>login.defs</filename> festgelegt wird, anstelle von "
+"<option>GID_MIN</option> bis <option>GID_MAX</option>."
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Gruppennamen müssen mit einem Kleinbuchstaben oder einem Unterstrich "
+"beginnen. Nachfolgend dürfen sie Kleinbuchstaben, Zahlen, Unterstriche und "
+"Gedankenstriche enthalten. Das letzte Zeichen darf auch ein Dollarzeichen "
+"sein. Als regulärer Ausdruck: [a-z_][a-z0-9_-]*[$]?"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+"Gruppennamen dürfen nur bis zu &GROUP_NAME_MAX_LENGTH; Zeichen lang sein."
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Sie können einen Benutzer nicht einer NIS- oder LDAP-Gruppe hinzufügen. Dies "
+"müssen Sie auf dem entsprechenden Server durchführen."
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+"Falls der Gruppenname bereits in einer externen Datenbank (wie etwa NIS oder "
+"LDAP) vergeben ist, wird <command>groupadd</command> die Gruppe nicht "
+"erstellen."
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID nicht eindeutig (wenn <option>-o</option> nicht angegeben wird)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "Gruppenname nicht eindeutig"
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>groupadd</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr "Rafal"
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr "Maszkowski"
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "verwaltet <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "verwaltet <placeholder-1/> und <placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "Option"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+"Der Befehl <command>gpasswd</command> dient zur Verwaltung von <filename>/"
+"etc/group</filename><phrase condition=\"gshadow\"> und <filename>/etc/"
+"gshadow</filename></phrase>. Jede Gruppe kann <phrase condition=\"gshadow"
+"\">Gruppenverwalter,</phrase> Mitglieder und ein Passwort haben."
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+"Der Systemadministrator kann mit der Option <option>-A</option> "
+"Gruppenverwalter bestimmen. Mit der Option <option>-M</option> legt er die "
+"Mitglieder fest. Er besitzt alle Rechte, die Gruppenverwalter und Mitglieder "
+"haben können."
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+"Wenn ein <phrase condition=\"gshadow\">Gruppenverwalter</phrase><phrase "
+"condition=\"no_gshadow\">Systemadministrator</phrase> <command>gpasswd</"
+"command> nur mit dem Gruppennamen aufruft, wird er aufgefordert, für die "
+"<replaceable>Gruppe</replaceable> ein neues Passwort zu vergeben."
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Wenn ein Passwort vergeben wurde, können Mitglieder der Gruppe dennoch ohne "
+"Passwort <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry> ausführen. Alle anderen Benutzer benötigen dazu "
+"das Passwort."
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Hinweise zu Gruppenpasswörtern"
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+"Gruppenpasswörter beinhalten ein Sicherheitsrisiko, da mehrere Personen das "
+"Passwort kennen. Dennoch können sie sinnvoll sein, um die Zusammenarbeit "
+"zwischen Benutzern zu erleichtern."
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"Außer die Optionen <option>-A</option> und <option>-M</option> können die "
+"übrigen Optionen nicht zusammen verwendet werden."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "Die Optionen können nicht zusammen verwendet werden."
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>gpasswd</command> unterstützt werden, "
+"sind:"
+
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>Benutzer</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Fügt den <replaceable>Benutzer</replaceable> der bezeichneten "
+"<replaceable>Gruppe</replaceable> zu."
+
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>Benutzer</"
+"replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"entfernt den <replaceable>Benutzer</replaceable> aus der bezeichneten "
+"<replaceable>Gruppe</replaceable>"
+
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_VERZ</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+"Entfernt das Passwort der bezeichneten <replaceable>Gruppe</replaceable>. "
+"Das Gruppenpasswort wird leer sein. Damit können nur noch Gruppenmitglieder "
+"mit <command>newgrp</command> zu der bezeichneten <replaceable>Gruppe</"
+"replaceable> wechseln."
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Schränkt den Zugang zur bezeichneten <replaceable>Gruppe</replaceable> ein. "
+"Das Gruppenpasswort wird auf »!« gesetzt. Damit können nur noch "
+"Gruppenmitglieder mit einem Passwort mit <command>newgrp</command> zu der "
+"bezeichneten <replaceable>Gruppe</replaceable> wechseln."
+
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>Benutzer</replaceable>, ..."
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "Liste der Gruppenverwalter bestimmen"
+
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>Benutzer</"
+"replaceable>, ..."
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "Liste der Mitglieder der Gruppe bestimmen"
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+"Dieses Werkzeug bearbeitet nur <phrase condition=\"gshadow\">die Dateien "
+"<filename>/etc/group</filename> und <filename>/etc/gshadow</filename> </"
+"phrase><phrase condition=\"no_gshadow\">die Datei <filename>/etc/group</"
+"filename></phrase>. Sie können daher keine NIS- oder LDAP-Gruppen "
+"bearbeiten. Dies muss auf dem entsprechenden Server durchgeführt werden."
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+"zeigt Aufzeichnungen der fehlgeschlagenen Anmeldungen an oder richtet "
+"Beschränkungen für fehlgeschlagene Anmeldungen ein"
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+"<command>faillog</command> zeigt den Inhalt der Datenbank der "
+"fehlgeschlagenen Anmeldungen (<filename>/var/log/faillog</filename>) an. Es "
+"kann auch die Zählung und Beschränkung der Fehlversuche verwalten. Wenn "
+"<command>faillog</command> ohne Optionen ausgeführt wird, wird nur die Liste "
+"der fehlgeschlagenen Anmeldungen aller Benutzer angezeigt, deren Anmeldung "
+"jemals gescheitert ist."
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>faillog</command> unterstützt werden, "
+"sind:"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+"zeigt (oder bearbeitet) die faillog-Einträge aller Benutzer, die einen "
+"Eintrag in der Datenbank <filename>faillog</filename> haben"
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+"Die Spanne der Benutzer kann mit der Option <option>-u</option> eingegrenzt "
+"werden."
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+"Im Anzeigemodus ist dies auf vorhandene Benutzer beschränkt, erzwingt aber "
+"die Anzeige der Faillog-Einträge, auch wenn diese leer sind."
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+"Mit den Optionen <option>-l</option>, <option>-m</option>, <option>-r</"
+"option> und <option>-t</option> werden die Benutzereinträge selbst dann "
+"geändert, wenn der Benutzer auf dem System nicht vorhanden ist. Dies kann "
+"sinnvoll sein, wenn die Einträge von gelöschten Benutzer zurückgesetzt "
+"werden sollen oder vorsorglich eine Richtlinie für eine Anzahl von Benutzern "
+"eingerichtet werden soll."
+
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEK</"
+"replaceable>"
+
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"sperrt nach einer fehlgeschlagenen Anmeldung das Konto für <replaceable>SEK</"
+"replaceable> Sekunden"
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+"Für diese Option muss ein Schreibzugriff auf <filename>/var/log/faillog</"
+"filename> bestehen."
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"setzt den Zähler der fehlgeschlagene Anmeldungen, nach denen das Konto "
+"abgeschaltet wird, auf <replaceable>MAX</replaceable>"
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+"Wenn <replaceable>MAX</replaceable> den Wert 0 hat, besteht keine "
+"Beschränkung für die Anzahl fehlgeschlagener Anmeldeversuche."
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+"Für <emphasis>root</emphasis> sollte der Wert der maximalen Anmeldeversuche "
+"immer 0 betragen, um eine durch einen Angriff ausgelöste Dienstverweigerung "
+"(denial of service) zu verhindern."
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "setzt die Zählerstände der fehlgeschlagenen Anmeldeversuche zurück"
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+"zeigt die Einträge der fehlgeschlagenen Anmeldungen an, die aktueller als "
+"<replaceable>TAGE</replaceable> sind"
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+"zeigt die Aufzeichnungen der fehlgeschlagenen Anmeldungen nur der "
+"angegebenen Benutzer an oder bearbeitet (wenn mit den Optionen <option>-l</"
+"option>, <option>-m</option> oder <option>-r</option> verwendet) nur deren "
+"Zählerstände und Beschränkungen"
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"Wenn keine der Optionen <option>-l</option>, <option>-m</option> oder "
+"<option>-r</option> verwendet wird, zeigt <command>faillog</command> die "
+"Aufzeichnung der fehlgeschlagenen Anmeldeversuche der angegebenen Benutzer "
+"an."
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+"<command>faillog</command> zeigt nur die Benutzer an, die sich seit der "
+"letzten fehlgeschlagenen Anmeldung nicht erfolgreich anmelden konnten. Um "
+"die übrigen Benutzer anzuzeigen, müssen Sie diese explizit mit der Option "
+"<option>-u</option> benennen oder sich alle Benutzer mit der Option <option>-"
+"a</option> anzeigen lassen."
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr "Datei mit fehlgeschlagenen Anmeldungen"
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "Datei mit fehlgeschlagenen Anmeldungen"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+"In <filename>/var/log/faillog</filename> wird der Zählerstand von "
+"fehlgeschlagenen Anmeldungen und die Beschränkungen für jedes Konto "
+"niedergelegt."
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+"Einträge in dieser Datei haben eine festgelegte Länge und sind der "
+"zahlenmäßigen UID nach angeordnet. Jeder Eintrag besteht aus der Anzahl der "
+"fehlgeschlagenen Anmeldungen seit der letzten erfolgreichen Anmeldung, der "
+"maximalen Anzahl von Fehlschlägen, ehe das Konto abgeschaltet wird, dem "
+"Gerät, auf dem die letzte fehlgeschlagene Anmeldung erfolgte, das Datum der "
+"letzten fehlgeschlagenen Anmeldung und die Dauer in Sekunden, für die das "
+"Konto nach einem Fehlschlag gesperrt ist."
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "Die Datei ist so aufgebaut:"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr "ursprünglicher Autor, 1990"
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "überprüft die Regeln für den Verfall des Passworts und setzt diese um"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"Mit der Option <option>-c</option> überprüft der Befehl <command>expiry</"
+"command> den aktuellen Status des Verfalls des Passworts. Mit der Option "
+"<option>-f</option> werden die notwendigen Veränderungen umgesetzt. Er kann "
+"von normalen Benutzern aufgerufen werden."
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>expiry</command> unterstützt werden, "
+"sind:"
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr "überprüft den Verfall des Passworts des aktuellen Benutzers"
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+"erzwingt den Wechsel des Passworts des aktuellen Benutzers, falls dieses "
+"abgelaufen ist"
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# SB: Translation of chsh.1 based on Josef Spillner's
+# (josef@ggzgamingzone.org) from 2003. Mention somewhere else as well?
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "ändert die Anmelde-Shell"
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"Der Befehl <command>chsh</command> ändert die Anmelde-Shell eines Benutzers. "
+"Er legt den Befehl fest, der bei der Anmeldung ausgeführt wird. Ein normaler "
+"Benutzer kann nur die Anmelde-Shell seines eigenen Kontos ändern, während "
+"Root dies für alle Konten darf."
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>chsh</command> unterstützt werden, "
+"sind:"
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Wenn die Option <option>-s</option> nicht ausgewählt ist, wird "
+"<command>chsh</command> im interaktiven Modus betrieben. Dabei wird der "
+"Benutzer mit der aktuellen Anmelde-Shell zur Eingabe einer neuen "
+"aufgefordert. Durch Eingabe eines Wertes wird die Shell geändert, während "
+"sie bei einer leeren Zeile beibehalten wird. Die aktuelle Shell wird "
+"zwischen einem Paar von <emphasis>[ ]</emphasis> angezeigt."
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"Die einzige Beschränkung für die Anmelde-Shell ist, dass der Name des "
+"Befehls in der Datei <filename>/etc/shells</filename> enthalten sein muss. "
+"Root darf allerdings jeden beliebigen Befehl vergeben. Bei Konten, denen "
+"eine beschränkte Anmelde-Shell zugewiesen ist, ist es nicht möglich, die "
+"Anmelde-Shell zu ändern. Daher ist es nicht ratsam, <filename>/bin/rsh</"
+"filename> in <filename>/etc/shells</filename> einzutragen, da ein Benutzer "
+"nicht zu seiner ursprünglichen Anmelde-Shell zurückwechseln kann, falls er "
+"versehentlich eine beschränkte Shell als Anmelde-Shell auswählt."
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Liste der möglichen Anmelde-Shells"
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "aktualisiert Passwörter im Batch-Modus"
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"Der Befehl <command>chpasswd</command> liest eine Liste von Benutzername-"
+"Passwort-Paaren von der Standardeingabe. Damit werden Benutzerdaten "
+"aktualisiert. Jede Zeile muss folgendes Format haben:"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">Benutzername</emphasis>:<emphasis remap=\"I"
+"\">Passwort</emphasis>"
+
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Das Passwort muss standardmäßig im Klartext angegeben werden und von "
+"<command>chpasswd</command> verschlüsselt. Soweit vorhanden, wird auch das "
+"Alter des Passworts aktualisiert."
+
+#: chpasswd.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+#| "variables of <filename>/etc/login.defs</filename>, and can be overwitten "
+#| "with the <option>-e</option>, <option>-m</option>, or <option>-c</option> "
+#| "options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"Der standardmäßige Verschlüsselungsalgorithmus kann systemweit mit den "
+"Variablen <option>ENCRYPT_METHOD</option> oder <option>MD5_CRYPT_ENAB</"
+"option> in <filename>/etc/login.defs</filename> definiert werden. Dieser "
+"kann mit den Optionen <option>-e</option>, <option>-m</option> oder <option>-"
+"c</option> überschrieben werden."
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"Standardmäßig werden die Passwörter von PAM verschlüsselt. Sie können aber "
+"eine andere Verschlüsselungsmethode mit den Optionen <option>-e</option>, "
+"<option>-m</option> oder <option>-c</option> festlegen (dies wird jedoch "
+"nicht angeraten)."
+
+#: chpasswd.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "<phrase condition=\"pam\">Except when PAM is used to encrypt the "
+#| "passwords,</phrase><command>chpasswd</command> first updates all the "
+#| "passwords in memory, and then commits all the changes to disk if no "
+#| "errors occured for any user."
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+"<phrase condition=\"pam\">PAM wird nicht zur Verschlüsselung der Passwörter "
+"verwendet:</phrase><command>chpasswd</command> aktualisiert zunächst alle "
+"Passwörter im Arbeitsspeicher und schreibt dann die Änderungen auf das "
+"Speichermedium, falls keine Fehler aufgetreten sind."
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+"Wenn PAM zur Verschlüsselung der Passwörter (und ihrer Aktualisierung in der "
+"Systemdatenbank) verwendet wird, wird <command>chpasswd</command> die "
+"Aktualisierung der Passwörter auch dann fortsetzen, wenn ein Passwort nicht "
+"geändert werden kann, und beim Beenden eine Fehlermeldung zurückgeben."
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Dieser Befehl ist für den Einsatz in großen Umgebungen vorgesehen, in der "
+"viele Konten gleichzeitig erstellt werden müssen."
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>chpasswd</command> unterstützt werden, "
+"sind:"
+
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHODE</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "Die verfügbaren Methoden sind DES, MD5 und NONE."
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "Standardmäßig verschlüsselt PAM die Passwörter."
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+"Standardmäßig (wenn keine der Optionen <option>-c</option>, <option>-m</"
+"option> oder <option>-e</option> angegeben wird) wird die "
+"Verschlüsselungsmethode durch die Variablen <option>ENCRYPT_METHOD</option> "
+"oder <option>MD5_CRYPT_ENAB</option> in <filename>/etc/login.defs</filename> "
+"bestimmt."
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Passwörter werden verschlüsselt angegeben."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"werwendet zur Verschlüsselung MD5 anstelle von DES, wenn die Passwörter "
+"unverschlüsselt angegeben werden"
+
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>RUNDEN</"
+"replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Standardmäßig wird die Anzahl der Runden von den Variablen "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> und <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> <filename>/etc/login.defs</filename> bestimmt."
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Achten Sie darauf, dass die Rechte und Umask korrekt vergeben sind, um zu "
+"verhindern, dass andere Benutzer unverschlüsselte Dateien lesen können."
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "PAM-Konfiguration für <command>chpasswd</command>"
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr "ursprünglicher Autor, 2006"
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "aktualisiert Gruppenpasswörter im Batch-Modus"
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"Der Befehl <command>chgpasswd</command> liest eine Liste von Gruppenname-"
+"Passwort-Paaren von der Standardeingabe. Damit werden Gruppendaten "
+"aktualisiert. Jede Zeile muss folgendes Format haben:"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">Gruppenname</emphasis>:<emphasis remap=\"I\">Passwort</"
+"emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Das Passwort wird standardmäßig im Klartext angegeben. Die "
+"Standardalgorithmus zur Verschlüsselung ist DES."
+
+#: chgpasswd.8.xml:92(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+#| "filename>, and can be overwiten with the <option>-e</option>, <option>-m</"
+#| "option>, or <option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"Der standardmäßige Verschlüsselungsalgorithmus wird systemweit mit der "
+"Variable <option>ENCRYPT_METHOD</option> in <filename>/etc/login.defs</"
+"filename> bestimmt. Dies kann mit den Optionen <option>-e</option>, <option>-"
+"m</option> oder <option>-c</option> überschrieben werden."
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>chgpasswd</command> unterstützt "
+"werden, sind:"
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+# SB: Translation of chfn.1 based on Josef Spillner's
+# (josef@ggzgamingzone.org) from 2003. Mention somewhere else as well?
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr ""
+"ändert den vollständigen Namen eines Benutzers und sonstige Informationen"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+"Der Befehl <command>chfn</command> ändert den vollständigen Namen, die "
+"Bürozimmernummer sowie die berufliche und private Telefonnummer für ein "
+"Benutzerkonto. Diese Informationen werden typischerweise von "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> und ähnlichen Programmen verwendet. Ein normaler Benutzer darf "
+"nur die Felder seines eigenen Kontos ändern und muss dabei zudem die "
+"Einschränkungen in <filename>/etc/login.defs</filename> beachten. So ist es "
+"Benutzern standardmäßig nicht möglich, ihren vollständigen Namen zu ändern. "
+"Root kann die Felder aller Konten verändern. Außerdem darf nur Root mittels "
+"der Option <option>-o</option> die undefinierten Teile des GECOS-Feldes "
+"ändern."
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+"Diese Felder dürfen keinen Doppelpunkt enthalten. Mit Ausnahme des Feldes "
+"<emphasis remap=\"I\">sonstiges</emphasis> sollten sie kein Komma oder "
+"Gleichheitszeichen enthalten. Außerdem wird abgeraten, andere Zeichen als US-"
+"ASCII zu verwenden, aber nur für die Telefonnummern ist dies zwingend. Das "
+"Feld <emphasis remap=\"I\">sonstiges</emphasis> wird von anderen Anwendungen "
+"verwendet, um dort Informationen über das Konto abzuspeichern."
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>chfn</command> unterstützt werden, "
+"sind:"
+
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>VOLLSTÄNDIGER_NAME</replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "verändert den vollständigen Namen des Benutzers"
+
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>TEL_PRIV</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "ändert die private Telefonnummer des Benutzers"
+
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>SONSTIGES</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"Verändert die sonstigen Informationen über den Benutzer in der GECOS-Zeile. "
+"In diesem Feld werden Kontoinformationen anderer Anwendungen gespeichert. Es "
+"kann nur vom Superuser verändert werden."
+
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>ZIMMER_NUMMER</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "ändert die Zimmernummer des Benutzers"
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>TEL_BERUF</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "verändert die berufliche Telefonnummer des Benutzers"
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+"Wenn keine Option ausgewählt wird, arbeitet <command>chfn</command> "
+"interaktiv. Dabei wird der Benutzer nach den aktuellen Werten für alle "
+"Felder befragt. Bei Eingabe eines neuen Wertes wird dieser verwendet, bei "
+"keiner Eingabe stattdessen der Originalwert beibehalten. Der aktuelle Wert "
+"wird zwischen einem Paar von <emphasis remap=\"B\">[ ]</emphasis> angezeigt. "
+"Ohne Optionen fragt <command>chfn</command> nach einem Benutzerkonto."
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "ändert die Information zum Passwortverfall"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"Der Befehl <command>chage</command> verändert die Anzahl der Tage zwischen "
+"dem letzten Wechsel des Passworts und dem nächsten Wechsel. Mit dieser "
+"Information bestimmt das System, wann ein Benutzer sein Passwort verändern "
+"muss."
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>chage</command> unterstützt werden, "
+"sind:"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;"
+"<replaceable>LETZTER_TAG</replaceable>"
+
+# SB: So I could also do DD.MM.YYYY or MM.DD.YYYY? How does system know which format I chose?
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"Legt die Anzahl der Tage, gerechnet ab dem 1. Januar 1970, fest, seit denen "
+"das Passwort das letzte Mal gewechselt wurde. Das Datum kann auch im Format "
+"JJJJ-MM-TT (oder in dem Format, das in Ihrer Region verbreitet ist) "
+"angegeben werden."
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>VERFALLSDATUM</replaceable>"
+
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"Setzt das Datum oder die Anzahl der Tage seit dem 1. Januar 1970, ab dem auf "
+"das Benutzerkonto nicht mehr zugegriffen werden kann. Das Datum kann auch im "
+"Format JJJJ-MM-TT (oder in dem Format, das in Ihrer Region verbreitet ist) "
+"angegeben werden. Ein Benutzer, dessen Konto gesperrt ist, muss sich mit dem "
+"Systemadministrator in Verbindung setzen, ehe er sich wieder am System "
+"anmelden kann."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Wenn <emphasis remap=\"I\">-1</emphasis> als <replaceable>VERFALLSDATUM</"
+"replaceable> angegeben wird, wird das Verfallsdatum für das Konto entfernt."
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"Legt die Anzahl der Tage der Untätigkeit fest, nach denen ein Passwort "
+"abgelaufen ist, bevor das Konto gesperrt wird. Die Option "
+"<replaceable>INAKTIV</replaceable> bezeichnet die Anzahl der Tage, für die "
+"das Konto inaktiv ist. Ein Benutzer, dessen Konto gesperrt ist, muss sich "
+"mit dem Systemadministrator in Verbindung setzen, ehe er sich wieder am "
+"System anmelden kann."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Wenn <emphasis remap=\"I\">-1</emphasis> als <replaceable>INAKTIV</"
+"replaceable> angegeben wird, wird die Ãœberwachung der fehlenden Verwendung "
+"des Kontos entfernt."
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "zeigt Informationen zur Kontoalterung an"
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_TAGE</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_TAGE</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"Bestimmt die maximale Anzahl von Tagen, die das Passwort gültig bleibt. Wenn "
+"<replaceable>MAX_TAGE</replaceable> plus <replaceable>LETZTER_TAG</"
+"replaceable> älter als das aktuelle Datum ist, muss der Benutzer sein "
+"Passwort ändern, ehe er sein Konto benutzen kann. Mit der Option <option>-W</"
+"option> werden die Benutzer vor dem drohenden Verfall ihres Passworts "
+"gewarnt."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Wenn <emphasis remap=\"I\">-1</emphasis> als <replaceable>MAX_TAGE</"
+"replaceable> angegeben wird, wird der Passwortverfall entfernt."
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_TAGE</replaceable>"
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"Legt die Anzahl der Tage fest, an denen der Benutzer eine Warnung erhält, "
+"bevor sein Passwort geändert werden muss. Die Option <replaceable>WARN_TAGE</"
+"replaceable> bezeichnet die Anzahl der Tage, für die ein Benutzer vor "
+"Verfall seines Passworts gewarnt wird."
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Wenn keine Option ausgewählt wird, arbeitet <command>chage</command> "
+"interaktiv. Dabei wird der Benutzer nach den aktuellen Werten für alle "
+"Felder befragt. Bei Eingabe eines neuen Wertes wird dieser verwendet, bei "
+"Eingabe einer Leerzeile stattdessen der Originalwert beibehalten. Der "
+"aktuelle Wert wird zwischen einem Paar von <emphasis remap=\"B\">[ ]</"
+"emphasis> angezeigt."
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Für das Programm <command>chage</command> ist es notwendig, dass eine Shadow-"
+"Passwort-Datei vorhanden ist."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"Der Befehl <command>chage</command> kann nur von Root ausgeführt werden. "
+"Alle anderen Benutzer können nur die Option <option>-l</option> verwenden, "
+"um die Verfallsdaten für ihr Konto einzusehen."
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "Eine Shadow-Passwort-Datei kann nicht gefunden werden."
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>chage</command> gibt beim Beenden folgende Werte zurück: "
+"<placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr "Simon Brandmair (sbrandmair@gmx.net), 2005, 2007, 2011."
+
+#~ msgid "-M"
+#~ msgstr "-M"
+
+#~ msgid "Kłoczko"
+#~ msgstr "Kłoczko"
+
+#~ msgid "François"
+#~ msgstr "François"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "Mail-Spool kann nicht erstellen werden."
+
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "Der SELinux-Benutzer für den Benutzer nach seiner Anmeldung. "
+#~ "Standardmäßig bleibt dieses Feld leer und es wird dem System überlassen, "
+#~ "den SELinux-Benutzer zu bestimmen."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "neue_benutzer"
+
+#~ msgid "full_name"
+#~ msgstr "Voller_Name"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "Zimmer_Nr"
+
+#~ msgid "work_ph"
+#~ msgstr "Tel_dienstlich"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "Tel_Privat"
+
+#~ msgid "other"
+#~ msgstr "sonstiges"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
diff --git a/man/po/fr.po b/man/po/fr.po
new file mode 100644
index 0000000..48ef2fd
--- /dev/null
+++ b/man/po/fr.po
@@ -0,0 +1,11084 @@
+# translation of shadow-man.po to French
+# French translation of the shadow's man pages
+# Traduction des pages de manuel livrées avec shadow
+# Copyright (C) 2011, 2012 Debian French l10n team <debian-l10n-french@lists.debian.org>
+#
+# Certaines pages étaient déjà traduites:
+# chpasswd: Amand Tihon <amand@alrj.org>
+# faillog(5): Pascal Terjan <CMoi@tuxfamily.org>
+#
+# Nicolas FRANÇOIS <nicolas.francois@centraliens.net>, 2004-2009.
+# Jean-Luc Coulon <jean-luc.coulon@wanadoo.fr>, 2008.
+# ABBAS.B <abelkcem@hotmail.com>, 2009.
+# chage: Olivier Marin, 2001.
+# chsh, groups, passwd(1), passwd(5): Christophe Blaess, 1997.
+# gpasswd: Maxime Mastin, 2001.
+# shadow(5): Thierry Vignaud <tvignaud@mandrakesoft.com>, 1999.
+# useradd: Frédéric Delanoy, 2000.
+# Christian Perrier <bubulle@debian.org>, 2009, 2012.
+# Thomas Blein <tblein@tblein.eu>, 2011, 2012.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow-man-pages 4.0.18\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:37+0200\n"
+"Last-Translator: Thomas Blein <tblein@tblein.eu>\n"
+"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
+"Language: fr\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Lokalize 1.2\n"
+"X-Poedit-Language: French\n"
+"X-Poedit-Country: FRANCE\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Commandes de gestion du système"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr "Éditer les fichiers passwd, group, shadow ou gshadow"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "options"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "DESCRIPTION"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<command>vipw</command> et <command>vigr</command> permettent de modifier "
+"les fichiers <filename>/etc/passwd</filename> et <filename>/etc/group</"
+"filename>, respectivement. Avec l'option <option>-s</option>, ils permettent "
+"d'éditer les versions cachées de ces fichiers : <filename>/etc/shadow</"
+"filename> et <filename>/etc/gshadow</filename>, respectivement. Ces "
+"programmes placent les verrous nécessaires afin d'éviter toute corruption "
+"des fichiers. L'éditeur utilisé est choisi d'abord en fonction de la "
+"variable d'environnement <envar>$VISUAL</envar>, puis de la variable "
+"d'environnement <envar>$EDITOR</envar>. À défaut, l'éditeur, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> est utilisé quand ces variables ne sont pas définies."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "OPTIONS"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Les options applicables aux commandes <command>vipw</command> et "
+"<command>vigr</command> sont :"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Éditer la base de données de groupes."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Afficher un message d'aide et quitter."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Éditer la base de données passwd."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Mode silencieux."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>RÉP_CHROOT</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Appliquer les changements dans le répertoire <replaceable>RÉP_CHROOT</"
+"replaceable> et utiliser les fichiers de configuration du répertoire "
+"<replaceable>RÉP_CHROOT</replaceable>."
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Éditer les bases de données shadow ou gshadow."
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "Indique l'utilisateur dont le fichier shadow de tcb doit être édité."
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "CONFIGURATION"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"Les variables de configuration suivantes dans <filename>/etc/login.defs</"
+"filename> modifient le comportement de cet outil :"
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (booléen)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Si <replaceable>yes</replaceable> (« oui »), le schéma de mot de passe "
+"shadow de <citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> sera utilisé."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "ENVIRONNEMENT"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "L'éditeur à utiliser"
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr "L'éditeur à utiliser si <option>VISUAL</option> n'est pas définie."
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "FICHIERS"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Informations sur les groupes."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Informations sécurisées sur les groupes."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Informations sur les comptes des utilisateurs."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Informations sécurisées sur les comptes utilisateurs."
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "VOIR AUSSI"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "Modifier un compte utilisateur"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "LOGIN"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"La commande <command>usermod</command> modifie les fichiers d'administration "
+"des comptes du système selon les modifications qui ont été indiquées sur la "
+"ligne de commande."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>usermod</command> sont :"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Ajouter l'utilisateur aux groupes supplémentaires. N'utilisez cette option "
+"qu'avec l'option <option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;"
+"<replaceable>COMMENTAIRE</replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"La nouvelle valeur du champ de commentaire du fichier de mots de passe pour "
+"l'utilisateur. Il est normalement modifié en utilisant l'utilitaire "
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>RÉP_PERSO</replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "Le nouveau répertoire personnel de l'utilisateur."
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Si l'option <option>-m</option> est fournie, le contenu du répertoire "
+"personnel actuel sera déplacé dans le nouveau répertoire personnel, qui sera "
+"créé si nécessaire."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Date à laquelle le compte utilisateur sera désactivé. La date est indiquée "
+"dans le format <emphasis remap=\"I\">AAAA-MM-JJ</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"Un paramètre <replaceable>DATE_FIN_VALIDITÉ</replaceable> vide désactivera "
+"l'expiration du compte."
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Cette option nécessite un fichier <filename>/etc/shadow</filename>. Une "
+"entrée <filename>/etc/shadow</filename> sera créée si il n'y en avait pas."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Nombre de jours suivant la fin de validité d'un mot de passe après lequel le "
+"compte est définitivement désactivé."
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"Une valeur de 0 désactive le compte dès que le mot de passe a dépassé sa fin "
+"de validité, et une valeur de -1 désactive cette fonctionnalité."
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUPE</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+"l'utilisateur. Le groupe doit exister."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+"Tout fichier du répertoire personnel de l'utilisateur appartenant au groupe "
+"primaire précédent de l'utilisateur appartiendra à ce nouveau groupe."
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+"Le groupe propriétaire des fichiers en dehors du répertoire personnel de "
+"l'utilisateur doit être modifié manuellement."
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUPE1</"
+"replaceable>[<emphasis remap=\"I\">,GROUPE2,...</emphasis>[<emphasis remap="
+"\"I\">,GROUPEN</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"Liste de groupes supplémentaires auxquels appartient également "
+"l'utilisateur. Chaque groupe est séparé du suivant par une virgule, sans "
+"espace entre eux. Les groupes sont soumis aux mêmes restrictions que celles "
+"de l'option <option>-g</option>."
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"Si l'utilisateur fait actuellement partie d'un groupe qui n'est pas listé, "
+"l'utilisateur sera supprimé du groupe. Ce comportement peut être modifié par "
+"l'option <option>-a</option>, qui permet d'ajouter l'utilisateur à la liste "
+"actuelle des groupes supplémentaires."
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;"
+"<replaceable>NOUVEAU_LOGIN</replaceable>"
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Le nom de l'utilisateur passera de <replaceable>LOGIN</replaceable> à "
+"<replaceable>NOUVEAU_LOGIN</replaceable>. Rien d'autre ne sera modifié. En "
+"particulier, le nom du répertoire personnel et l'emplacement de la boîte aux "
+"lettres de l'utilisateur devrontprobablement être changés pour refléter le "
+"nouveau nom de connexion."
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Verrouiller le mot de passe d'un utilisateur. Cette option ajoute un « ! » "
+"devant le mot de passe chiffré, ce qui désactive le mot de passe. Vous ne "
+"pouvez pas utiliser cette option avec <option>-p</option> ou <option>-U</"
+"option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"Remarque : pour verrouiller le compte (et pas seulement l'accès au compte "
+"par un mot de passe), il est également nécessaire de placer "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> à <replaceable>1</replaceable>."
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+"Déplacer le contenu du répertoire personnel de l'utilisateur vers un nouvel "
+"emplacement."
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"Cette option ne fonctionne que lorsqu'elle est combinée avec l'option "
+"<option>-d</option> (ou <option>--home</option>)."
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"<command>usermod</command> essayera d'adapter les permissions des fichiers "
+"et de copier les modes, ACL et attributs étendus. Cependant, vous risquez de "
+"devoir procéder à des modifications vous-même."
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+"En combinaison avec l'option <option>-u</option>, cette option permet de "
+"changer l'identifiant utilisateur vers une valeur déjà utilisée."
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;"
+"<replaceable>MOT_DE_PASSE</replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"Mot de passe chiffré, comme renvoyé par <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">Remarque :</emphasis> l'utilisation de cette option "
+"est déconseillée car le mot de passe (ou le mot de passe chiffré) peut être "
+"visible des utilisateurs qui affichent la liste des processus. "
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"Le mot de passe sera écrit dans le fichier <filename>/etc/passwd</filename> "
+"local ou le fichier <filename>/etc/shadow</filename>. Cela peut être "
+"différent de la base de données de mots de passe définie dans la "
+"configuration de PAM."
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+"Il est nécessaire de vérifier si le mot de passe respecte la politique de "
+"mots de passe du système."
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;"
+"<replaceable>INTERPRÉTEUR</replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Nom du nouvel interpréteur de commandes initial (« login shell ») de "
+"l'utilisateur. Si ce champ est vide, le système sélectionnera l'interpréteur "
+"de commandes initial par défaut."
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "La valeur numérique de l'identifiant de l'utilisateur."
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"Cette valeur doit être unique, à moins que l'option <option>-o</option> ne "
+"soit utilisée. La valeur ne doit pas être négative."
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+"La boîte aux lettres et tous les fichiers possédés par l'utilisateur et qui "
+"sont situés dans son répertoire personnel verront leur identifiant "
+"d'utilisateur automatiquement modifié."
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+"Le propriétaire des fichiers en dehors du répertoire personnel de "
+"l'utilisateur doit être modifié manuellement."
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, ou "
+"<option>SYS_UID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Déverrouiller le mot de passe d'un utilisateur. Cela supprime le « ! » situé "
+"devant le mot de passe chiffré. Vous ne pouvez pas utiliser cette option "
+"avec <option>-p</option> ou <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"Remarque : pour déverrouiller le compte (et pas seulement l'accès au compte "
+"via un mot de passe), vous devriez définir la valeur "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> (par exemple à "
+"<replaceable>99999</replaceable> ou à la valeur <option>EXPIRE</option> dans "
+"<filename>/etc/default/useradd</filename>)."
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, ou "
+"<option>SYS_UID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>GID_MIN</option>, "
+#| "<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+#| "<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, ou "
+"<option>SYS_GID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: usermod.8.xml:444(para)
+#, fuzzy
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+"Élimine toute association avec tout utilisateur SELinux pour la connexion de "
+"l'utilisateur."
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>UTILISATEUR_SELINUX</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+"Le nouvel utilisateur SELinux utilisé pour la connexion de l'utilisateur."
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"Un paramètre <replaceable>SEUSER</replaceable> vide éliminera l'association "
+"de l'utilisateur SELinux pour l'utilisateur <replaceable>LOGIN</replaceable> "
+"(si spécifiée)"
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "AVERTISSEMENTS"
+
+#: usermod.8.xml:479(para)
+#, fuzzy
+#| msgid ""
+#| "You must make certain that the named user is not executing any processes "
+#| "when this command is being executed if the user's numerical user ID, the "
+#| "user's name, or the user's home directory is being changed. "
+#| "<command>usermod</command> checks this on Linux, but only check if the "
+#| "user is logged in according to utmp on other architectures."
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+"Il est nécessaire de contrôler que l'identifiant indiqué n'a pas de "
+"processus en cours d'exécution si cette commande est utilisée pour modifier "
+"l'identifiant numérique de l'utilisateur, son identifiant (login) ou son "
+"répertoire personnel. <command>usermod</command> effectue ce contrôle sous "
+"Linux mais vérifie seulement les informations d'utmp sur les autres "
+"architectures."
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"Il est nécessaire de changer manuellement le propriétaire des fichiers "
+"<command>crontab</command> ou des travaux programmés par <command>at</"
+"command>."
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+"Les modifications qui concernent NIS doivent être effectuées sur le serveur "
+"NIS."
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (chaîne de caractères)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"Répertoire d'attente des courriels (« mail spool directory »). Ce paramètre "
+"est nécessaire pour manipuler les boîtes à lettres lorsque le compte d'un "
+"utilisateur est modifié ou supprimé. S'il n'est pas spécifié, une valeur par "
+"défaut définie à la compilation est utilisée."
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (chaîne de caractères)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+"Définir l'emplacement des boîtes aux lettres des utilisateurs relativement à "
+"leur répertoire personnel."
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"Les paramètres <option>MAIL_DIR</option> et <option>MAIL_FILE</option> sont "
+"utilisés par <command>useradd</command>, <command>usermod</command> et "
+"<command>userdel</command> pour créer, déplacer ou supprimer les boîtes aux "
+"lettres des utilisateurs."
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"Si <option>MAIL_CHECK_ENAB</option> est réglé sur <replaceable>yes</"
+"replaceable>, ces variables servent également à définir la variable "
+"d'environnement <envar>MAIL</envar>."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (nombre)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"Nombre maximum de membres par entrée de groupe. Lorsque le maximum est "
+"atteint, une nouvelle entrée de groupe (ligne) est démarrée dans <filename>/"
+"etc/group</filename> (avec le même nom, même mot de passe, et même GID)."
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+"La valeur par défaut est 0, ce qui signifie qu'il n'y a pas de limites pour "
+"le nombre de membres dans un groupe."
+
+#. Note: on HP, split groups have the same ID, but different
+#. names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"Cette fonctionnalité (groupe découpé) permet de limiter la longueur des "
+"lignes dans le fichier de groupes. Ceci est utile pour s'assurer que les "
+"lignes pour les groupes NIS ne sont pas plus grandes que 1024 caractères."
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+"Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25."
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"Remarque : les groupes découpés ne sont peut-être pas pris en charge par "
+"tous les outils (même dans la suite d'outils Shadow). Vous ne devriez pas "
+"utiliser cette variable, sauf si vous en avez vraiment besoin."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (nombre)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (nombre)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (nombre)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"La valeur par défaut pour <option>SYS_GID_MIN</option> (respectivement "
+"<option>SYS_GID_MAX</option>) est 101 (respectivement <option>GID_MIN</"
+"option>-1)."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (nombre)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (nombre)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (nombre)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"La valeur par défaut pour <option>SYS_UID_MIN</option> (respectivement "
+"<option>SYS_UID_MAX</option>) est 101 (respectivement <option>UID_MIN</"
+"option>-1)."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (booléen)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+" use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+" kilos = UID / 1000\n"
+" use /etc/tcb/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" use /etc/tcb/:megas/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+" "
+msgstr ""
+"\n"
+"si ( UID est inférieur à 1000) {\n"
+" utiliser /etc/tcb/user\n"
+"} sinon, et si ( UID est inférieur à 1000000) {\n"
+" kilos = UID / 1000\n"
+" utiliser /etc/tcb/:kilos/user\n"
+" faire un lien symbolique de /etc/tcb/user vers le répertoire précédent\n"
+"} sinon {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" utiliser /etc/tcb/:megas/:kilos/user\n"
+" faire un lien symbolique de /etc/tcb/user vers le répertoire précédent\n"
+"}\n"
+" "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"Si <replaceable>yes</replaceable> (« oui »), l'emplacement du répertoire tcb "
+"de l'utilisateur à créer ne sera pas automatiquement configuré à /etc/tcb/"
+"user, mais sera calculé en fonction de l'UID de l'utilisateur, à l'aide de "
+"l'algorithme suivant : <placeholder-1/>"
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr ""
+"Configuration de la suite des mots de passe cachés « shadow password »."
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "supprimer un compte utilisateur et les fichiers associés"
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"La commande <command>userdel</command> modifie les fichiers d'administration "
+"des comptes du système, en supprimant les entrées qui se réfèrent à "
+"<emphasis remap=\"I\">LOGIN</emphasis>. L'utilisateur nommé doit exister."
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr ""
+"Les options disponibles de la commande <command>userdel</command> sont :"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"Cette option impose la suppression de l'utilisateur, même s'il est encore "
+"connecté. Elle force également <command>userdel</command> à supprimer son "
+"répertoire personnel et sa file d'attente des courriels, même si un autre "
+"utilisateur utilise le même répertoire personnel ou si l'utilisateur précisé "
+"n'est pas le propriétaire de la file d'attente des courriels. Si "
+"<emphasis>USERGROUPS_ENAB</emphasis> vaut <emphasis remap=\"I\">yes</"
+"emphasis> dans <filename>/etc/login.defs</filename> et si un groupe existe "
+"avec le même nom que l'utilisateur supprimé, alors ce groupe sera supprimé, "
+"même s'il s'agit du groupe primaire d'un autre utilisateur."
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Remarque :</emphasis> Cette option est dangereuse, elle peut "
+"laisser votre système dans un état incohérent."
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"Les fichiers présents dans le répertoire personnel de l'utilisateur seront "
+"supprimés en même temps que le répertoire lui-même, ainsi que le répertoire "
+"d'attente des courriels. Vous devrez rechercher et éliminer vous-même les "
+"fichiers situés dans d'autres systèmes de fichiers."
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"Le répertoire d'attente des courriels est défini par la variable "
+"<option>MAIL_DIR</option> dans <filename>login.defs</filename>."
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+"Élimine toute association avec tout utilisateur SELinux pour la connexion de "
+"l'utilisateur."
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (chaîne de caractères)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"Si définie, la commande est exécutée lors de la suppression d'un "
+"utilisateur. Elle pourra supprimer toutes les tâches périodiques cron ou at, "
+"tous les travaux d'impression, etc. de l'utilisateur (qui sera fourni comme "
+"premier paramètre)."
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr "Le code de retour du script n'est pas pris en compte."
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+" "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+" "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"Voici un script exemple, qui supprime le fichier d'entrée de cron et d'at "
+"ainsi que les travaux d'impression en attente ;<placeholder-1/>"
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (booléen)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"Activer la mise en place de bits de masque de groupe (« umask group bits ») "
+"identiques à ceux du propriétaire (exemple : 022 -&gt; 002, 077 -&gt; 007) "
+"pour les utilisateurs non privilégiés, si l'UID est identique au GID et que "
+"l'identifiant de connexion est identique au groupe principal."
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"Si cette variable est configurée à <replaceable>yes</replaceable>, "
+"<command>userdel</command> supprimera le groupe de l'utilisateur s'il ne "
+"contient pas d'autres membres, et <command>useradd</command> créera par "
+"défaut un groupe portant le nom de l'utilisateur."
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "VALEURS DE RETOUR"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "succès"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "impossible de mettre à jour le fichier des mots de passe"
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "erreur de syntaxe"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "l'utilisateur indiqué n'existe pas"
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "l'utilisateur est actuellement connecté"
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "impossible de mettre à jour le fichier des groupes"
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "impossible de supprimer le répertoire personnel"
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>userdel</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"<command>userdel</command> ne permet pas la suppression d'un compte si des "
+"processus actifs lui appartiennent encore. Dans ce cas, il peut être "
+"nécessaire de tuer ces processus ou de simplement verrouiller le mot de "
+"passe ou le compte de l'utilisateur, afin de supprimer le compte plus tard. "
+"L'option <option>-f</option> permet de forcer la suppression du compte."
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+"Vous devez vérifier vous-même qu'aucun fichier possédé par l'utilisateur ne "
+"subsiste sur tous les systèmes de fichiers."
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"Vous ne pouvez supprimer aucun attribut NIS d'un client NIS. Cela doit être "
+"effectué sur le serveur NIS."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"Si <option>USERGROUPS_ENAB</option> vaut <emphasis remap=\"I\">yes</"
+"emphasis> (« oui ») dans <filename>/etc/login.defs</filename>, "
+"<command>userdel</command> supprimera le groupe ayant le même nom que "
+"l'utilisateur. Afin d'éviter des incohérences entre les fichiers passwd et "
+"group, <command>userdel</command> vérifiera que le groupe n'est pas utilisé "
+"comme groupe primaire d'un autre utilisateur ; si c'est le cas un "
+"avertissement sera affiché et le groupe ne sera pas supprimé. L'option "
+"<option>-f</option> permet d'imposer la suppression du groupe."
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"créer un nouvel utilisateur ou modifier les informations par défaut "
+"appliquées aux nouveaux utilisateurs"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"Quand elle est invoquée sans l'option <option>-D</option>, la commande "
+"<command>useradd</command> crée un nouveau compte utilisateur qui utilise "
+"les valeurs indiquées sur la ligne de commande et les valeurs par défaut du "
+"système. En fonction des options de la ligne de commande, la commande "
+"<command>useradd</command> fera la mise à jour des fichiers du système, elle "
+"pourra créer le répertoire personnel et copier les fichiers initiaux."
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"Par défaut, un groupe sera également créé pour le nouvel utilisateur (voir "
+"<option>-g</option>, <option>-N</option>, <option>-U</option>, et "
+"<option>USERGROUPS_ENAB</option>)"
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>useradd</command> sont :"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>RÉP_BASE</"
+"replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"Répertoire de base par défaut du système si l'option <option>-d</"
+"option>&nbsp;<replaceable>RÉP_PERSO</replaceable> n'est pas spécifiée. "
+"<replaceable>RÉP_BASE</replaceable> est concaténé avec le nom du compte pour "
+"définir le répertoire personnel. Quand l'option <option>-m</option> n'est "
+"pas utilisée, <replaceable>RÉP_BASE</replaceable> doit exister."
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"Si cette option n'est pas précisée, <command>useradd</command> utilisera le "
+"répertoire de base précisé par la variable <option>HOME</option> dans "
+"<filename>/etc/default/useradd</filename> ou <filename>/home</filename> par "
+"défaut."
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+"Toute chaîne de texte. C'est généralement une description courte du compte, "
+"elle est actuellement utilisée comme champ pour le nom complet de "
+"l'utilisateur."
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>RÉP_PERSO</replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"Le nouvel utilisateur sera créé en utilisant <replaceable>RÉP_PERSO</"
+"replaceable> comme valeur de répertoire de connexion de l'utilisateur. Le "
+"comportement par défaut est de concaténer <replaceable>UTILISATEUR</"
+"replaceable> au répertoire <replaceable>RÉP_BASE</replaceable>, et de "
+"l'utiliser en tant que nom de répertoire de connexion. Il n'est pas "
+"nécessaire que le répertoire <replaceable>RÉP_PERSO</replaceable> existe "
+"mais il ne sera pas créé s'il n'existe pas."
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr ""
+"Consultez ci-dessous la sous-section « Modifier les valeurs par défaut »."
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"Si non précisé, <command>useradd</command> utilisera la date d'expiration "
+"par défaut précisée par la variable <option>EXPIRE</option> dans <filename>/"
+"etc/default/useradd</filename> ou une chaîne vide (pas d'expiration) par "
+"défaut."
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"Nombre de jours suivant la fin de validité d'un mot de passe après lequel le "
+"compte est définitivement désactivé. Une valeur de 0 désactive le compte dès "
+"que le mot de passe a dépassé sa fin de validité, et une valeur de -1 "
+"désactive cette fonctionnalité."
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"Si non précisé, <command>useradd</command> utilisera la période d'inactivité "
+"par défaut précisée par la variable <option>INACTIVE</option> dans "
+"<filename>/etc/default/useradd</filename>, ou -1 par défaut."
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+"l'utilisateur. Le nom du groupe doit exister. Un numéro de groupe doit se "
+"référer à un groupe déjà existant."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"Si non précisé, le comportement de <command>useradd</command> dépendra de la "
+"variable <option>USERGROUPS_ENAB</option> dans <filename>/etc/login.defs</"
+"filename>. Si cette variable est configurée à <replaceable>yes</replaceable> "
+"(ou si <option>-U/--user-group</option> est précisée sur la ligne de "
+"commandes), un groupe sera créé pour l'utilisateur, avec le même nom que son "
+"identifiant. Si la variable est configurée à <replaceable>no</replaceable> "
+"(ou si <option>-N/--no-user-group</option> est précisé sur la ligne de "
+"commandes), useradd configurera le groupe primaire du nouvel utilisateur à "
+"la valeur précisée par la variable <option>GROUP</option> dans <filename>/"
+"etc/default/useradd</filename>, ou 100 par défaut."
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"Liste de groupes supplémentaires auxquels appartient également "
+"l'utilisateur. Chaque groupe est séparé du suivant par une virgule, sans "
+"espace entre eux. Les groupes sont soumis aux mêmes restrictions que celles "
+"de l'option <option>-g</option>. Le comportement par défaut pour "
+"l'utilisateur est de n'appartenir qu'au groupe initial."
+
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;"
+"<replaceable>RÉP_SQUELETTE</replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"Le répertoire squelette, qui contient les fichiers et répertoires qui seront "
+"copiés dans le répertoire personnel de l'utilisateur, quand le répertoire "
+"personnel est créé par <command>useradd</command>."
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"Cette option n'est valable que si l'option <option>-m</option> (ou <option>--"
+"create-home</option>) est utilisée."
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"Si cette option n'est pas précisée, le répertoire squelette est défini par "
+"la variable <option>SKEL</option> dans <filename>/etc/default/useradd</"
+"filename> ou, par défaut, <filename>/etc/skel</filename>."
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "Si possible, les ACL et les attributs étendus seront copiés."
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>CLÉ</"
+"replaceable>=<replaceable>VALEUR</replaceable>"
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Surcharge les valeurs par défaut de <filename>/etc/login.defs</filename> "
+"(<option>UID_MIN</option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> et autres). <placeholder-1/> Par exemple : "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> peut être utilisé pour la "
+"création de comptes système pour désactiver la gestion de la durée de "
+"validité des mots de passe, même si les comptes système n'ont pas de mot de "
+"passe. Plusieurs options <option>-K</option> peuvent être précisées, comme "
+"par exemple : <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable> <option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "N'ajoute pas l'utilisateur aux bases de données lastlog et faillog."
+
+#: useradd.8.xml:327(para)
+#, fuzzy
+#| msgid ""
+#| "By default, the user's entries in the lastlog and faillog databases are "
+#| "resetted to avoid reusing the entry from a previously deleted user."
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"Par défaut, les entrées de l'utilisateur dans les bases de données lastlog "
+"et faillog sont remises à zéro pour éviter de réutiliser les entrées d'un "
+"utilisateur précédemment supprimé."
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"Créé le répertoire personnel de l'utilisateur s'il n'existe pas. Les "
+"fichiers et les répertoires contenus dans le répertoire squelette (qui peut "
+"être défini avec l'option <option>-k</option>) sera copié dans le répertoire "
+"personnel."
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"Par défaut, si cette option n'est pas précisée et si <option>CREATE_HOME</"
+"option> n'est pas activée, aucun répertoire personnel ne sera créé."
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"Ne crée pas le répertoire personnel de l'utilisateur, même si la "
+"configuration globale au système contenue dans <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>) est configurée à <replaceable>yes</"
+"replaceable>."
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"Ne crée pas de groupe avec le même nom que celui de l'utilisateur, mais "
+"ajoute l'utilisateur au groupe précisé par l'option <option>-g</option> ou "
+"par la variable <option>GROUP</option> dans <filename>/etc/default/useradd</"
+"filename>."
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Le comportement par défaut (si les options <option>-g</option>, <option>-N</"
+"option>, et <option>-U</option> ne sont pas précisées) est défini par la "
+"variable <option>USERGROUPS_ENAB</option> dans <filename>/etc/login.defs</"
+"filename>."
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+"Permet de créer un compte d'utilisateur avec un identifiant (« UID ») "
+"dupliqué (non unique)."
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr "Cette option n'est valable qu'avec l'option <option>-u</option>."
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Le mot de passe chiffré, comme renvoyé par "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>. Le comportement par défaut est de désactiver le mot de passe."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "Créer un compte système."
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Les utilisateurs système seront créés sans information d'expiration dans "
+"<filename>/etc/shadow</filename>, et leur identifiant numérique est choisi "
+"dans l'intervalle <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, "
+"défini dans <filename>/etc/login.defs</filename>, au lieu de "
+"<option>UID_MIN</option>-<option>UID_MAX</option> (et leurs équivalents "
+"<option>GID</option> pour la création des groupes)."
+
+#: useradd.8.xml:434(para)
+#, fuzzy
+#| msgid ""
+#| "Note that <command>useradd</command> will not create a home directory for "
+#| "such an user, regardless of the default setting in <filename>/etc/login."
+#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+#| "<option>-m</option> options if you want a home directory for a system "
+#| "account to be created."
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+"Notez que <command>useradd</command> ne créera pas de répertoire personnel "
+"pour ces utilisateurs, indépendamment de la configuration par défaut dans "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>). Vous "
+"devez préciser l'option <option>-m</option> si vous voulez qu'un répertoire "
+"personnel soit créé pour un compte système."
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"Le nom de l'interpréteur de commandes initial de l'utilisateur (« login "
+"shell »). Le comportement par défaut est de laisser ce champ vide. Le "
+"système sélectionnera alors l'interpréteur par défaut indiqué par la "
+"variable <option>SHELL</option> dans <filename>/etc/default/useradd</"
+"filename>, ou une chaîne vide par défaut."
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"La valeur numérique de l'identifiant de l'utilisateur. Cette valeur doit "
+"être unique, sauf si l'option <option>-o</option> est utilisée. La valeur ne "
+"doit pas être négative. Le comportement par défaut est d'utiliser la plus "
+"petite valeur d'identifiant à la fois supérieure ou égale à <option>UID_MIN</"
+"option> et supérieure aux identifiants de tous les autres utilisateurs."
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Voir aussi aussi l'option <option>-r</option> et la description de "
+"<option>UID_MAX</option>."
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+"Crée un groupe avec le même nom que celui de l'utilisateur, et ajoute "
+"l'utilisateur à ce groupe."
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"L'utilisateur SELinux utilisé pour la connexion de l'utilisateur. Le "
+"comportement par défaut est de laisser ce champ vide. Le système "
+"sélectionnera alors l'utilisateur SELinux par défaut."
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Modifier les valeurs par défaut"
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"Quand il est invoqué avec seulement l'option <option>-D</option>, "
+"<command>useradd</command> affichera les valeurs actuelles par défaut. Quand "
+"il est invoqué avec l'option <option>-D</option> et d'autres options, "
+"<command>useradd</command> mettra à jour les valeurs par défaut des options "
+"précisées. Les options valables sont :"
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"Préfixe du chemin des répertoires personnels pour les nouveaux utilisateurs. "
+"Le nom de l'utilisateur sera attaché à la fin de <replaceable>RÉP_PERSO</"
+"replaceable> pour créer le nom du nouveau répertoire personnel si l'option "
+"<option>-d</option> n'est pas utilisée pendant la création d'un nouveau "
+"compte."
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>HOME</option> dans <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "Date à laquelle le compte utilisateur sera désactivé."
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>EXPIRE</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"Nombre de jours après la fin de validité d'un mot de passe avant que le "
+"compte ne soit désactivé."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>INACTIVE</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"Le nom ou l'identifiant du groupe pour le groupe principal d'un nouvel "
+"utilisateur (quand l'option <option>-N/--no-user-group</option> est utilisée "
+"ou quand la variable <option>USERGROUPS_ENAB</option> est configurée à "
+"<replaceable>no</replaceable> dans <filename>/etc/login.defs</filename>). Le "
+"nom du groupe doit exister, et un identifiant de groupe numérique doit avoir "
+"une entrée existante."
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>GROUP</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "Le nom de l'interpréteur de commandes du nouvel utilisateur."
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>SHELL</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "NOTES"
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"L'administrateur système doit se charger de placer les fichiers par défaut "
+"dans le répertoire <filename>/etc/skel</filename> (ou tout autre répertoire "
+"de modèles indiqué dans <filename>/etc/default/useradd</filename> ou sur la "
+"ligne de commande)."
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Vous ne pouvez pas ajouter d'utilisateur à un groupe NIS ou LDAP. Cela doit "
+"être effectué sur le serveur correspondant."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"De la même façon, si le nom de l'utilisateur existe dans une base de données "
+"externe, telle que NIS ou LDAP, <command>useradd</command> refusera de créer "
+"le compte d'utilisateur."
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Les noms d'utilisateur doivent commencer par une lettre minuscule ou un "
+"tiret bas (« underscore »), et seuls des lettres minuscules, des chiffres, "
+"des « underscore », ou des tirets peuvent suivre. Ils peuvent se terminer "
+"par un signe dollar. Soit, sous la forme d'une expression rationnelle : [a-"
+"z_][a-z0-9_-]*[$]?"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "Les noms d'utilisateur sont limités à 16 caractères."
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (boolean)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+"Indiquer si un répertoire personnel doit être créé par défaut pour les "
+"nouveaux utilisateurs."
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Ce réglage ne s'applique pas pour les utilisateurs système, et peut être "
+"annulé sur la ligne de commande."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (nombre)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (nombre)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques de groupes que les commandes "
+"<command>useradd</command>, <command>groupadd</command> ou "
+"<command>newusers</command> peuvent utiliser pour la création des groupes "
+"normaux."
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"La valeur par défaut pour <option>GID_MIN</option> (respectivement "
+"<option>GID_MAX</option>) est 1000 (respectivement 60000)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"Nombre maximum de jours de validité d'un mot de passe. Après cette durée, "
+"une modification du mot de passe est obligatoire. S'il n'est pas précisé, la "
+"valeur de -1 est utilisée (ce qui enlève toute restriction)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"Nombre minimum de jours autorisé avant la modification d'un mot de passe. "
+"Toute tentative de modification du mot de passe avant cette durée est "
+"rejetée. S'il n'est pas précisé, la valeur de -1 est utilisée (ce qui enlève "
+"toute restriction)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"Nombre de jours durant lesquels l'utilisateur recevra un avertissement avant "
+"que son mot de passe n'arrive en fin de validité. Une valeur négative "
+"signifie qu'aucun avertissement n'est donné. S'il n'est pas précisé, aucun "
+"avertissement n'est donné."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (nombre)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (nombre)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques de groupes que les commandes "
+"<command>useradd</command>, <command>groupadd</command> ou "
+"<command>newusers</command> peuvent utiliser pour la création de groupes "
+"système."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"La valeur par défaut pour <option>SYS_GID_MIN</option> (respectivement "
+"<option>SYS_GID_MAX</option>) est 101 (respectivement <option>GID_MIN</"
+"option>-1)."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (nombre)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (nombre)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques d'utilisateurs que les commandes "
+"<command>useradd</command> ou <command>newusers</command> peuvent utiliser "
+"pour la création d'utilisateurs système."
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"La valeur par défaut pour <option>SYS_UID_MIN</option> (respectivement "
+"<option>SYS_UID_MAX</option>) est 101 (respectivement <option>UID_MIN</"
+"option>-1)."
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (booléen)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"Si <replaceable>yes</replaceable>, le fichier shadow de tcb nouvellement "
+"créé appartiendra au groupe <replaceable>auth</replaceable>."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (nombre)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (nombre)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques d'utilisateurs que les commandes "
+"<command>useradd</command> ou <command>newusers</command> peuvent utiliser "
+"pour la création d'utilisateurs normaux."
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"La valeur par défaut de <option>UID_MIN</option> (respectivement "
+"<option>UID_MAX</option>) est 1000 (respectivement 60000)."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (nombre)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+"Valeur d'initialisation du masque de permissions. S'il n'est pas précisé, le "
+"masque des permissions sera initialisé à 022."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"<command>useradd</command> et <command>newusers</command> utilisent ce "
+"masque pour définir les permissions d'accès des répertoires personnels "
+"qu'ils créent."
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Il est également utilisé par <command>login</command> pour définir l'umask "
+"initial de l'utilisateur. Veuillez noter que cet umask peut être redéfini "
+"par les GECOS de l'utilisateur (si <option>QUOTAS_ENAB</option> est activé) "
+"ou en précisant une limite avec l'identifiant <emphasis>K</emphasis> dans "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+"Il est également utilisé par <command>pam_umask</command> en tant que valeur "
+"d'umask par défaut."
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Valeurs par défaut pour la création de comptes."
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Répertoire contenant les fichiers par défaut."
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "paramètre non valable pour l'option"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID déjà utilisé (et pas d'option <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "le groupe spécifié n'existe pas"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "nom d'utilisateur déjà utilisé"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "impossible de créer le répertoire personnel"
+
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>useradd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Formats et conversions de fichiers"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "Fichier de contrôle détaillé de su"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"Le fichier <filename>/etc/suauth</filename> est lu chaque fois que su est "
+"exécuté. Il permet de modifier le comportement de la commande su, en "
+"fonction de :"
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, fuzzy, no-wrap
+#| msgid ""
+#| "\n"
+#| " 1) the user su is targetting\n"
+#| " "
+msgid ""
+"\n"
+" 1) the user su is targeting\n"
+" "
+msgstr ""
+"\n"
+" 1) l'utilisateur cible de su\n"
+" "
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+"2) l'utilisateur qui exécute la commande su (ou un groupe dont il est membre)"
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Le fichier est formaté de la façon suivante (les lignes commençant par un "
+"« # » sont des commentaires, et sont ignorées) :"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" to-id:from-id:ACTION\n"
+" "
+msgstr ""
+"\n"
+" vers-id:par-id:ACTION\n"
+" "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Où vers-id peut être le mot <emphasis>ALL</emphasis>, une liste de noms "
+"d'utilisateurs séparés par une virgule ou <emphasis>ALL EXCEPT</emphasis> "
+"suivi d'une liste d'utilisateurs séparés par une virgule."
+
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"par-id utilise le même format que vers-id, mais accepte également le mot-clé "
+"<emphasis>GROUP</emphasis>. <emphasis>ALL EXCEPT GROUP</emphasis> est "
+"également accepté. <emphasis>GROUP</emphasis> est suivi d'un ou plusieurs "
+"noms de groupes, séparés par une virgule. Il n'est pas suffisant d'avoir "
+"comme groupe primaire le groupe approprié : une entrée dans "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> est nécessaire."
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "Les valeurs d'ACTION valables sont :"
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+"La tentative de changement d'utilisateur est arrêtée avant que le mot de "
+"passe ne soit demandé."
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+"La tentative est automatiquement réussie. Aucun mot de passe n'est demandé."
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"Pour que la commande su soit réussie, l'utilisateur doit entrer son propre "
+"mot de passe. Ceci lui est demandé."
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"Notez qu'il y a trois champs séparés par un « deux-points ». Ne pas accoler "
+"d'espace à ce « deux-points ». Notez aussi que le fichier est examiné "
+"séquentiellement ligne par ligne, et que la première règle applicable est "
+"utilisée sans que le reste du fichier ne soit examiné. Ceci permet à "
+"l'administrateur système de définir un contrôle aussi fin qu'il le souhaite."
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "EXEMPLE"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" # sample /etc/suauth file\n"
+" #\n"
+" # A couple of privileged usernames may\n"
+" # su to root with their own password.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Anyone else may not su to root unless in\n"
+" # group wheel. This is how BSD does things.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Perhaps terry and birddog are accounts\n"
+" # owned by the same person.\n"
+" # Access can be arranged between them\n"
+" # with no password.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+msgstr ""
+"\n"
+" # exemple de fichier /etc/suauth\n"
+" #\n"
+" # Deux utilisateurs privilégiés peuvent\n"
+" # devenir root avec leur propre mot de passe.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Les autres ne peuvent pas de venir root avec\n"
+" # su, à l'exception des membres du groupe wheel.\n"
+" # Ceci correspond au comportement des BSD.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # terry et birddog sont des comptes possédés\n"
+" # par la même personne.\n"
+" # Un accès sans mot passe est aménagé\n"
+" # entre ces deux comptes.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "BOGUES"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"Il en reste sans doute beaucoup. L'analyseur du fichier est particulièrement "
+"impitoyable avec les erreurs de syntaxe. Il n'autorise d'espace qu'en début "
+"et fin de ligne, et seul le délimiteur spécifique doit être utilisé."
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSTICS"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"Une erreur dans l'analyse du fichier est reportée via "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> au niveau ERR dans la catégorie AUTH."
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Commandes utilisateur"
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "Changer d'identifiant d'utilisateur ou devenir superutilisateur"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "nom_utilisateur"
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"La commande <command>su</command> permet de devenir un autre utilisateur "
+"pour la durée d'une session. Invoqué sans nom d'<option>utilisateur</"
+"option>, le comportement par défaut de <command>su</command>est de devenir "
+"superutilisateur. Le paramètre optionnel <option>-</option> permet d'obtenir "
+"un environnement similaire à celui que l'utilisateur aurait obtenu lors "
+"d'une connexion directe."
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"Des paramètres supplémentaires peuvent être fournis après le nom de "
+"l'utilisateur. Dans ce cas, ils sont donnés à l'interpréteur de commandes de "
+"connexion de l'utilisateur. En particulier, le paramètre « <option>-c</"
+"option> » considère que le paramètre suivant est une commande pour la "
+"plupart des interpréteurs de commandes. La commande sera exécutée par "
+"l'interpréteur indiqué dans <filename>/etc/passwd</filename> pour "
+"l'utilisateur cible."
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Vous pouvez utiliser le paramètre <option>--</option> pour séparer les "
+"options de <command>su</command> des paramètres fournis par l'interpréteur "
+"de commandes."
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Un mot de passe sera demandé à l'utilisateur, si nécessaire. Les mots de "
+"passe incorrects produisent un message d'erreur. Toutes les tentatives, "
+"réussies ou non, sont enregistrées afin de détecter tout abus du système."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"L'environnement actuel est fourni au nouvel interpréteur de commandes. La "
+"valeur de <envar>$PATH</envar> est réinitialisée à <filename>/bin:/usr/bin</"
+"filename> pour les utilisateurs normaux, ou à <emphasis>/sbin:/bin:/usr/"
+"sbin:/usr/bin</emphasis> pour le superutilisateur. Ce comportement peut être "
+"modifié avec les paramètres <emphasis>ENV_PATH</emphasis> et "
+"<emphasis>ENV_SUPATH</emphasis> dans <filename>/etc/login.defs</filename>. "
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"Une connexion à un sous-système est indiquée par la présence d'un « * » "
+"comme premier caractère de l'interpréteur de commandes initial. Le "
+"répertoire personnel sera utilisé comme racine d'un nouveau système de "
+"fichiers dans lequel l'utilisateur sera connecté."
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Les options applicables à la commande <command>su</command> sont :"
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMANDE</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+"Indiquer une commande qui sera invoquée par l'interpréteur de commandes en "
+"utilisant son option <option>-c</option>"
+
+#: su.1.xml:158(para)
+#, fuzzy
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"La commande exécutée n'aura aucun terminal de contrôle. Cette option ne peut "
+"pas être utilisée pour exécuter des programmes interactifs qui ont besoin "
+"d'un terminal de contrôle."
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"Fournir à l'utilisateur un environnement similaire à celui qu'il aurait "
+"obtenu s'il s'était connecté directement."
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"Lorsque <option>-</option> est utilisé, il doit être indiqué comme dernier "
+"paramètre de <command>su</command>. Les autres formes (<option>-l</option> "
+"et <option>--login</option>) ne présentent pas cette restriction."
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "Interpréteur de commande devant être appelé."
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "Interpréteur de commande indiqué par --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"Si <option>--preserve-environment</option> est utilisé, l'interpréteur de "
+"commandes indiqué par la variable d'environnement <envar>$SHELL</envar> sera "
+"utilisé."
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+"Interpréteur de commandes indiqué dans <filename>/etc/passwd</filename> pour "
+"l'utilisateur cible."
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"<filename>/bin/sh</filename> si aucun interpréteur de commandes ne peut être "
+"trouvé par l'une des méthodes ci-dessus."
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+"L'interpréteur de commandes à appeler est choisi parmi (le choix de plus "
+"haute priorité en tête) : <placeholder-1/>"
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"Si l'utilisateur cible possède un interpréteur de commande restreint (par "
+"exemple, le champ de l'interpréteur de commande dans <filename>/etc/passwd</"
+"filename> n'est pas renseigné dans <filename>/etc/shells</filename>), alors, "
+"ni l'option <option>--shell</option> ni la variable d'environnement <envar>"
+"$SHELL</envar> ne seront prises en compte à moins que <command>su</command> "
+"ne soit appelé par le superutilisateur."
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"réinitialise suivant les options <option>ENV_PATH</option> ou "
+"<option>ENV_SUPATH</option> dans <filename>/etc/login.defs</filename> (voir "
+"ci-dessous) :"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"réinitialise à <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, s'il "
+"a été défini."
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Préserver l'environnement actuel, sauf pour : <placeholder-1/>"
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Si l'utilisateur cible possède un interpréteur de commandes restreint, cette "
+"option n'a aucun effet (à moins que <command>su</command> ne soit appelé par "
+"le superutilisateur)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"Les variables d'environnement <envar>$HOME</envar>, <envar>$SHELL</envar>, "
+"<envar>$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar> et "
+"<envar>$IFS</envar> sont réinitialisées."
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+"Si <option>--login</option> n'est pas utilisée, l'environnement est copié "
+"sauf pour les variables ci-dessus."
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"Si <option>--login</option> est utilisée, les variables d'environnement "
+"<envar>$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar> et "
+"<envar>$XAUTHORITY</envar> sont copiées si elles ont été définies."
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"Si <option>--login</option> est utilisée, les variables d'environnement "
+"<envar>$TZ</envar>, <envar>$HZ</envar> et <envar>$MAIL</envar> sont "
+"configurées en accord avec les options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option> et <option>MAIL_FILE</"
+"option> de <filename>/etc/login.defs</filename> (voir ci-dessous)."
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"Si <option>--login</option> est utilisée, les autres variables "
+"d'environnement peuvent être configurées par le fichier "
+"<option>ENVIRON_FILE</option> (voir ci-dessous)."
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr "D'autres environnements peuvent être configurés par des modules PAM."
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+"Notez que le comportement par défaut pour l'environnement est le suivant : "
+"<placeholder-1/>"
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Cette version de <command>su</command> a de nombreuses options de "
+"compilation. Seules certaines d'entre elles peuvent avoir été activées sur "
+"votre site."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"Si définie, soit un chemin complet du fichier contenant les noms de "
+"périphériques (un par ligne), soit une liste de noms du périphérique "
+"délimitée par des « : ». Les connexions d'un administrateur ne seront "
+"autorisées que depuis ces périphériques."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+"S'il n'est pas défini, root pourra se connecter depuis n'importe quel "
+"périphérique."
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "Le périphérique doit être précisé sans le préfixe /dev/."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"Une liste de groupes à rajouter aux groupes supplémentaires de l'utilisateur "
+"lors d'une connexion sur une console (déterminé par le paramètre CONSOLE). "
+"Par défaut, aucun groupe n'est ajouté. <placeholder-1/> À utiliser avec "
+"précaution : il est possible que les utilisateurs aient un accès permanent à "
+"ces groupes, et cela même s'ils ne sont pas connectés sur la console."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"Indiquer si la connexion est permise si on ne peut pas accéder au répertoire "
+"personnel. Le réglage par défaut est « no »."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"Si elle est configurée à <replaceable>yes</replaceable>, l'utilisateur va se "
+"connecter dans le répertoire racine (<filename>/</filename>) s'il n'est pas "
+"possible d'accéder à son répertoire personnel."
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (chaîne de caractères)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement HZ "
+"lorsqu'un utilisateur se connecte. La valeur doit être précédée par "
+"<replaceable>HZ=</replaceable>. Une valeur commune sur Linux est "
+"<replaceable>HZ=100</replaceable>."
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"La variable d'environnement <envar>HZ</envar> est uniquement définie quand "
+"l'utilisateur (le super-utilisateur) se connecte avec <command>sulogin</"
+"command>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"Si ce fichier existe et est lisible, l'environnement de connexion sera lu à  "
+"partir de lui. Chaque ligne doit être sous la forme nom=valeur."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+"Les lignes commençant par un « # » sont considérées comme des commentaires, "
+"et sont ignorées."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement PATH "
+"quand un utilisateur ordinaire se connecte. La valeur est une liste de "
+"chemins séparés par des deux points (par exemple <replaceable>/bin:/usr/bin</"
+"replaceable>) et peut être précédée par <replaceable>PATH=</replaceable>. La "
+"valeur par défaut est <replaceable>PATH=/bin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement PATH "
+"quand le super-utilisateur se connecte. La valeur est une liste de chemins "
+"séparés par deux points (par exemple <replaceable>/sbin:/bin:/usr/sbin:/usr/"
+"bin</replaceable>) et peut être précédée par <replaceable>PATH=</"
+"replaceable>. La valeur par défaut est <replaceable>PATH=/sbin:/bin:/usr/"
+"sbin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement TZ quand "
+"un utilisateur se connecte. La valeur peut être le nom d'un fuseau horaire "
+"précédé par <replaceable>TZ=</replaceable> (par exemple "
+"<replaceable>TZ=CST6CDT</replaceable>), ou le chemin complet vers le fichier "
+"contenant la spécification du fuseau horaire (par exemple <filename>/etc/"
+"tzname</filename>)."
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"Si un chemin complet est spécifié mais que le fichier n'existe pas ou ne "
+"peut pas être lu, la valeur par défaut utilisée est <replaceable>TZ=CST6CDT</"
+"replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"La chaîne de caractères utilisée pour l'invite de mot de passe. La valeur "
+"par défaut est d'utiliser \"Password: \" (« mot de passe : »), ou une "
+"traduction de cette chaîne. Si vous définissez cette variable, l'invite ne "
+"sera pas traduite."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+"Si la chaîne contient <replaceable>%s</replaceable>, ces caractères seront "
+"remplacés par le nom de l'utilisateur."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+"Activer le contrôle et l'affichage du statut de la boîte aux lettres durant "
+"la connexion."
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"Vous devriez le désactiver si les fichiers de démarrage de l'interpréteur de "
+"commandes vérifient déjà la présence de courriers (« mail -e » ou "
+"équivalent)."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+"Activer la mise en place de limites de resources depuis <filename>/etc/"
+"limits</filename> et ulimit, umask et niveau nice depuis les champs gecos de "
+"passwd."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr "Si définie, les activités de su seront enregistrées dans le fichier."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"Si définie, le nom de la commande à afficher lorsque « su - » est exécutée. "
+"Par exemple, si elle est définie à « su » alors un « ps » affichera la "
+"commande comme « -su ». Si non définie, alors « ps » affichera le nom du "
+"shell qui sera en fait exécuté, par exemple quelque chose comme « -sh »."
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (booléen)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"Si <replaceable>yes</replaceable>, l'utilisateur doit faire partie des "
+"membres du groupe avec le premier gid 0 dans <filename>/etc/group</filename> "
+"(appelé <replaceable>root</replaceable> sur la plupart des systèmes Linux) "
+"pour être capable de <command>su</command> vers des comptes à uid 0. Si ce "
+"groupe n'existe pas ou est vide, personne ne pourra <command>su</command> "
+"vers un uid 0."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+"Activer la journalisation « syslog » de l'activité de <command>su</command> "
+"- en plus de la journalisation sulog."
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+"En cas de succès, <command>su</command> renvoie la valeur de sortie de la "
+"commande qu'il a exécutée."
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+"Si cette commande s'est terminée par un signal, <command>su</command> y "
+"ajoute 128 et renvoie le résultat."
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"Si <command>su</command> doit tuer la commande (parce qu'il a été demandé de "
+"terminer et que la commande ne s'est pas terminée à temps), <command>su</"
+"command> renvoie 255."
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "succès (<option>--help</option> uniquement)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "Échec système ou d'authentification"
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "La commande demandée n'a pas été trouvée."
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "La commande demandée n'a pas pu être exécutée."
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+"Certaines valeurs de retour de <command>su</command> sont indépendantes de "
+"la commande exécutée : <placeholder-1/>"
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "exécuter une commande avec un autre identifiant de groupe"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "groupe <placeholder-1/> commande"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"La commande <command>sg</command> fonctionne de la même manière que "
+"<command>newgrp</command>, mais prend une commande comme paramètre. Cette "
+"commande sera exécutée avec un interpréteur de commandes <filename>/bin/sh</"
+"filename>. Avec la plupart des interpréteurs de commandes permettant "
+"d'exécuter <command>sg</command>, si la commande comporte plusieurs mots, il "
+"faut la placer entre des guillemets (« \" »). Une autre différence entre "
+"<command>newgrp</command> et <command>sg</command> est que certains "
+"interpréteurs de commandes traitent <command>newgrp</command> de façon "
+"particulière, en se remplaçant eux-mêmes par une nouvelle instance d'un "
+"interpréteur que <command>newgrp</command> crée. Ceci n'est pas le cas de "
+"<command>sg</command>, ce qui permet de retrouver le groupe précédent à la "
+"sortie de <command>sg</command>."
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (booléen)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+"Activer la journalisation « syslog » de l'activité de <command>sg</command>."
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "fichier des mots de passe cachés"
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>shadow</filename> est un fichier qui contient les informations "
+"cachées concernant les mots de passe des utilisateurs et leurs dates de "
+"validité."
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Ce fichier ne doit pas être accessible en lecture par les utilisateurs "
+"normaux afin de maintenir la sécurité des mots de passe, en particuliers "
+"pour prévenir les attaques par dictionnaires."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"Chaque ligne de ce fichier contient 9 champs, séparés par des deux-points "
+"(<quote>:</quote>), dans l'ordre suivant :"
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "nom de connexion de l'utilisateur (« login »)"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr "Ce doit être un nom de compte valable, qui existe sur le système."
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "mot de passe chiffré"
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Consultez <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> pour plus d'informations sur le traitement de "
+"cette chaîne."
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Si le champ du mot de passe contient une chaîne qui ne peut pas être un "
+"résultat valable de <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si elle "
+"contient les caractères ! ou *, alors l'utilisateur ne pourra pas utiliser "
+"son mot de passe UNIX pour se connecter (mais il se peut que l'utilisateur "
+"puisse se connecter au système par d'autres moyens)."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"Ce champ peut être vide. Dans ce cas aucun mot de passe n'est nécessaire "
+"pour s'authentifier avec l'identifiant de connexion indiqué. Cependant, "
+"certaines applications qui lisent le fichier <filename>/etc/shadow</"
+"filename> peuvent n'autoriser aucun accès si le mot de passe est vide."
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "A password field which starts with a exclamation mark means that the "
+#| "password is locked. The remaining characters on the line represent the "
+#| "password field before the password was locked."
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"Un champ de mot de passe qui commence avec un point d'exclamation indique "
+"que le mot de passe est bloqué. Les caractères restants sur la ligne "
+"représentent le champ de mot de passe avant que le mot de passe n'ait été "
+"bloqué."
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "date du dernier changement de mot de passe"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"La date du dernier changement de mot de passe, exprimée en nombre de jours "
+"depuis le 1er janvier 1970."
+
+#: shadow.5.xml:134(para)
+#, fuzzy
+#| msgid ""
+#| "The value 0 has a special meaning, which is that the user should change "
+#| "her pasword the next time she will log in the system."
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+"La valeur 0 a une signification particulière : l'utilisateur devra changer "
+"son mot de passe la prochaine fois qu'il se connectera au système."
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+"Un champ vide indique que les fonctionnalités de vieillissement de mot de "
+"passe sont désactivées."
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "âge minimum du mot de passe"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"L'âge minimum du mot de passe est la durée (en jour) que l'utilisateur devra "
+"attendre avant de pouvoir le changer de nouveau."
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+"Un champ vide ou une valeur de 0 signifie qu'il n'y a pas d'âge minimum pour "
+"le mot de passe."
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "âge maximum du mot de passe"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+"L'âge maximum du mot de passe est la durée (en jour) après laquelle "
+"l'utilisateur devra changer son mot de passe."
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+"Une fois cette durée écoulée, le mot de passe restera valable. Il sera "
+"demandé à l'utilisateur de le changer la prochaine fois qu'il se connectera."
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"Un champ vide signifie qu'il n'y a pour le mot de passe aucune limite d'âge, "
+"aucune période d'avertissement d'expiration et aucune période d'inactivité "
+"(voir ci-dessous)."
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+"Si l'âge maximum du mot de passe est plus petit que l'âge minimum du mot de "
+"passe, l'utilisateur ne pourra pas changer son mot de passe."
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "période d'avertissement d'expiration du mot de passe"
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"La durée (en jour) pendant laquelle l'utilisateur sera averti avant que le "
+"mot de passe n'expire (voir l'âge maximum du mot de passe ci-dessus)."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+"Un champ vide ou une valeur de 0 signifie qu'il n'y aura pas de période "
+"d'avertissement d'expiration du mot de passe."
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "période d'inactivité du mot de passe"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"La durée (en jour) pendant laquelle le mot de passe sera quand même accepté "
+"après son expiration (voir l'âge maximum du mot de passe ci-dessus). "
+"L'utilisateur devra mettre à jour son mot de passe à la prochaine connexion."
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"Après expiration du mot de passe suivie de la période d'expiration, plus "
+"aucune connexion n'est possible en utilisant le mot de passe de "
+"l'utilisateur. L'utilisateur doit contacter son administrateur."
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr "Un champ vide signifie qu'aucune période d'inactivité n'est imposée."
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "date de fin de validité du compte"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"La date d'expiration du compte, exprimé en nombre de jours depuis le "
+"1er janvier 1970."
+
+#: shadow.5.xml:229(para)
+#, fuzzy
+#| msgid ""
+#| "Note that an account expiration differs from a password expiration. In "
+#| "case of an acount expiration, the user shall not be allowed to login. In "
+#| "case of a password expiration, the user is not allowed to login using her "
+#| "password."
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"Veuillez noter que l'expiration d'un compte diffère de l'expiration d'un mot "
+"de passe. En cas d'expiration d'un compte, l'utilisateur ne sera plus "
+"autorisé à se connecter. En cas d'expiration d'un mot de passe, "
+"l'utilisateur n'est pas autorisé à se connecter en utilisant son mot de "
+"passe."
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "Un champ vide signifie que le compte n'expirera jamais."
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+"La valeur 0 ne doit pas être utilisée puisqu'elle peut être interprétée soit "
+"comme un compte sans expiration, soit comme ayant expiré le 1er janvier 1970."
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "champ réservé"
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Ce champ est réservé pour une utilisation future."
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "Fichier de sauvegarde pour /etc/shadow."
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Notez que ce fichier est utilisé par les outils de la suite d'outils shadow, "
+"mais pas par tous les outils de gestion d'utilisateurs et de mot de passes."
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Appels de bibliothèque"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "routines d'utilisation des mots de passe cachés"
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAX"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*nom"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FICHIER"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> manipule le contenu du fichier des "
+"mots de passe cachés, <filename>/etc/shadow</filename>. La structure définie "
+"dans le fichier inclus est :"
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* user login name */\n"
+" char\t\t*sp_pwdp; /* encrypted password */\n"
+" long int\t\tsp_lstchg; /* last password change */\n"
+" long int\t\tsp_min; /* days until change allowed. */\n"
+" long int\t\tsp_max; /* days before change required */\n"
+" long int\t\tsp_warn; /* days warning for expiration */\n"
+" long int\t\tsp_inact; /* days before account inactive */\n"
+" long int\t\tsp_expire; /* date when account expires */\n"
+" unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+" "
+msgstr ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* nom de connexion de l'utilisateur */\n"
+" char\t\t*sp_pwdp; /* mot de passe chiffré */\n"
+" long int\t\tsp_lstchg; /* dernier changement de mot de passe */\n"
+" long int\t\tsp_min; /* jours avant de pouvoir changer de mot de passe */\n"
+" long int\t\tsp_max; /* jours avant l'obligation de changer de mot de passe */\n"
+" long int\t\tsp_warn; /* jours d'avertissement avant la fin de validité */\n"
+" long int\t\tsp_inact; /* jours avant que le compte soit inactif */\n"
+" long int\t\tsp_expire; /* date de fin de validité du compte */\n"
+" unsigned long int\tsp_flag; /* réservé pour une utilisation future */\n"
+"}\n"
+" "
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "La signification de chaque champ est la suivante :"
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+"sp_namp - pointeur vers le nom d'utilisateur terminé par un zéro binaire "
+"(« null-terminated »)"
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+"sp_pwdp - pointeur vers le mot de passe terminé par un zéro binaire (« null-"
+"terminated »)"
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+"sp_lstchg - nombre de jours, comptés à partir du 1er janvier 1970, depuis la "
+"dernière modification du mot de passe"
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+"sp_min - nombre de jours pendant lesquels le mot de passe ne peut pas être "
+"changé"
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+"sp_max - nombre maximal de jours avant que le mot de passe doive être changé"
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+"sp_warn - nombre de jours avant que le mot de passe n'arrive en fin de "
+"validité pendant lesquels l'utilisateur est averti de la fin prochaine de la "
+"validité de son mot de passe"
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+"sp_inact - nombre de jours après la fin de validité du mot de passe avant de "
+"considérer que le compte est inactif et soit désactivé"
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+"sp_expire - nombre de jours, comptés à partir du 1er janvier 1970, après "
+"lesquels le compte sera désactivé"
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - réservé pour une utilisation future"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+"<emphasis>Getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, et <emphasis>sgetspent</emphasis> renvoient "
+"tous un pointeur vers une structure <emphasis>struct spwd</emphasis>. "
+"<emphasis>Getspent</emphasis> renvoie l'entrée suivante du fichier, et "
+"<emphasis>fgetspent</emphasis> renvoie l'entrée suivante du flux qui est "
+"considéré comme étant un fichier au format correct. <emphasis>Sgetspent</"
+"emphasis> renvoie un pointeur vers une structure <emphasis>struct spwd</"
+"emphasis> en utilisant la chaîne de caractère fournie en entrée. "
+"<emphasis>Getspnam</emphasis> cherche à partir de la position courante une "
+"entrée correspondant à <emphasis>nom</emphasis> dans le fichier fourni en "
+"entrée."
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"<emphasis>Setspent</emphasis> et <emphasis>endspent</emphasis> peuvent être "
+"utilisés pour débuter et terminer l'accès au fichier de mots de passe cachés."
+
+# TBD: vérifier tous les remap
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"Les fonctions <emphasis>lckpwdf</emphasis> et <emphasis>ulckpwdf</emphasis> "
+"doivent être utilisées pour garantir un accès exclusif au fichier <filename>/"
+"etc/shadow</filename>. <emphasis>Lckpwdf</emphasis> essaie de placer un "
+"verrou avec <emphasis>pw_lock</emphasis> pendant 15 secondes. Il essaie "
+"ensuite de placer un second verrou en utilisant <emphasis>spw_lock</"
+"emphasis> pendant le reste de ces 15 secondes. Si un de ces verrous ne peut "
+"être placé, <emphasis>lckpwdf</emphasis> renvoie -1. Quand les deux verrous "
+"peuvent être placés, la valeur 0 est renvoyée."
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"Les fonctions renvoient NULL si plus aucune entrée n'est disponible ou si "
+"une erreur est survenue lors du traitement. Les fonctions dont la valeur de "
+"retour est un <emphasis>int</emphasis> renvoient 0 en cas de succès et -1 en "
+"cas d'échec."
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+"Ces fonctions peuvent n'être utilisées que par le superutilisateur car "
+"l'accès au fichier de mots de passe cachés est restreint."
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr ""
+"Convertir vers ou depuis les fichiers de mots de passe ou de groupe cachés"
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"La commande <command>pwconv</command> crée le fichier <emphasis remap=\"I"
+"\">shadow</emphasis> à partir du fichier <emphasis remap=\"I\">passwd</"
+"emphasis> et d'un éventuel fichier <emphasis remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"<command>pwconv</command> ne fonctionne pas avec <option>USE_TCB</option> "
+"activée. Pour convertir les mots de passe vers tcb, vous devez d'abord "
+"utiliser <command>pwconv</command> pour les convertir vers les mots de passe "
+"cachés en désactivant <option>USE_TCB</option> dans <filename>login.defs</"
+"filename> puis les convertir en mots de passe tcb avec <command>tcb_convert</"
+"command> (et en réactivant <option>USE_TCB</option> dans <filename>login."
+"defs</filename>)."
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"La commande <command>pwunconv</command> crée le fichier <emphasis remap=\"I"
+"\">passwd</emphasis> à partir des fichiers <emphasis remap=\"I\">passwd</"
+"emphasis> et <emphasis remap=\"I\">shadow</emphasis> puis supprime <emphasis "
+"remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"<command>pwunconv</command> ne fonctionne pas avec <option>USE_TCB</option> "
+"activé. Vous devez d'abord convertir les mots de passe depuis tcb vers des "
+"mots de passe cachés en utilisant <command>tcb_unconvert</command> puis "
+"désactiver <option>USE_TCB</option> dans <filename>login.defs</filename> "
+"avant d'utiliser <command>pwunconv</command>."
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"La commande <command>grpconv</command> crée <emphasis remap=\"I\">gshadow</"
+"emphasis> à partir de <emphasis remap=\"I\">group</emphasis> et d'un "
+"éventuel fichier <emphasis remap=\"I\">gshadow</emphasis>."
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"La commande <command>grpunconv</command> crée <emphasis remap=\"I\">group</"
+"emphasis> à partir des fichiers <emphasis remap=\"I\">group</emphasis> et "
+"<emphasis remap=\"I\">gshadow</emphasis> puis supprime <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"Ces quatre programmes opèrent sur les fichiers de mots de passe et "
+"d'informations sur les groupes cachés ou non : <filename>/etc/passwd</"
+"filename>, <filename>/etc/group</filename>, <filename>/etc/shadow</"
+"filename>, et <filename>/etc/gshadow</filename>."
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"Chaque programme place les verrous nécessaires avant d'effectuer la "
+"conversion. <command>pwconv</command> et <command>grpconv</command> sont "
+"similaires. Dans un premier temps, les entrées du fichier de mots de passe "
+"cachés (<filename>/etc/shadow</filename> ou <filename>/etc/gshadow</"
+"filename>) qui n'existent pas dans le fichier principal (<filename>passwd</"
+"filename> ou <filename>group</filename>), sont retirées. Ensuite, les "
+"entrées du fichier <filename>shadow</filename> n'ayant pas pour mot de passe "
+"« x » dans le fichier <filename>passwd</filename> sont mises à jour. Enfin, "
+"les mots de passe du fichier <filename>passwd</filename> sont remplacés par "
+"« x ». Ces programmes peuvent être utilisés pour une première conversion, ou "
+"bien pour une mise à jour, si les fichiers principaux [ NdT : non cachés ] "
+"ont été édités à la main."
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"Lors de l'ajout de nouvelles entrées dans <filename>/etc/shadow</filename>, "
+"<command>pwconv</command> utilisera les valeurs de <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"et <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> définies dans le fichier "
+"<filename>/etc/login.defs</filename>."
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"De même, <command>pwunconv</command> et <command>grpunconv</command> sont "
+"similaires. Les mots de passe des fichiers principaux sont mis à jour à "
+"partir des fichiers d'informations cachées (« shadowed file »). Les entrées "
+"existant dans un fichier principal, mais pas dans le fichier caché sont "
+"laissées. Enfin, le fichier caché est supprimé. Certaines informations d'âge "
+"des mots de passe sont perdues par <command>pwunconv</command>. Il ne "
+"convertit que ce qu'il peut."
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Les options applicables aux commandes <command>pwconv</command>, "
+"<command>pwunconv</command>, <command>grpconv</command> et "
+"<command>grpunconv</command> sont :"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"Des erreurs dans les fichiers de mots de passe ou d'informations sur les "
+"groupes (comme des entrées invalides ou redondantes) peuvent conduire ces "
+"programmes à boucler indéfiniment ou à échouer d'une manière tout aussi "
+"étrange. Veuillez exécuter <command>pwck</command> et <command>grpck</"
+"command> pour corriger ces erreurs avant de lancer toute conversion."
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"La variable de configuration suivante dans <filename>/etc/login.defs</"
+"filename> change le comportement de <command>grpconv</command> et "
+"<command>grpunconv</command> :"
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"Les variables de configuration suivantes dans <filename>/etc/login.defs</"
+"filename> changent le comportement de <command>pwconv</command> :"
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "Vérifier l'intégrité des fichiers de mots de passe"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"La commande <command>pwck</command> vérifie l'intégrité des informations du "
+"système concernant les utilisateurs et leur mots de passe. Toutes les "
+"entrées des fichiers <filename>/etc/passwd</filename> et <filename>/etc/"
+"shadow</filename> sont vérifiées afin de s'assurer qu'elles ont le bon "
+"format et qu'elles contiennent des données valables dans chaque champ. Une "
+"confirmation de l'utilisateur sera demandée pour détruire les entrées mal "
+"formatées ou ayant d'autres erreurs non récupérables."
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "Voici les vérifications effectuées :"
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "nombre correct de champs ;"
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "unicité et validité des noms d'utilisateur ;"
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "validité des identifiants d'utilisateur et de groupe ;"
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "validité du groupe primaire ;"
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "validité du répertoire personnel ;"
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "validité de l'interpréteur de commandes initial (« login shell »)."
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"Les vérifications de <filename>shadow</filename> sont activées quand un "
+"second paramètre de fichier est indiqué ou quand <filename>/etc/shadow</"
+"filename> existe sur le système."
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "Ces vérifications sont les suivantes :"
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+"chaque entrée de passwd a une entrée correspondante dans shadow, et chaque "
+"entrée shadow a une entrée passwd correspondante ;"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+"les mots de passe sont indiqués dans le fichier des mot de passe cachés ;"
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "les entrées de shadow ont le bon nombre de champs ;"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "les entrées de shadow sont uniques dans shadow ;"
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "la date du dernier changement de mot de passe n'est pas dans le futur."
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+"Une erreur dans le nombre de champs ou la non unicité d'un nom d'utilisateur "
+"sera fatale. Si le nombre de champs n'est pas correct, il sera demandé à "
+"l'utilisateur de supprimer la ligne. Si l'utilisateur ne répond pas par "
+"l'affirmative, les vérifications suivantes ne seront pas effectuées. Il sera "
+"également demandé de supprimer les entrées correspondant aux noms "
+"d'utilisateur redondants, mais dans ce cas, les autres vérifications seront "
+"effectuées. Toutes les autres erreurs ne sont que des avertissements et "
+"l'utilisateur est encouragé à utiliser <command>usermod</command> pour les "
+"corriger."
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"Les commandes qui opèrent sur le fichier <filename>/etc/passwd</filename> ne "
+"peuvent pas modifier les entrées corrompues ou redondantes. <command>pwck</"
+"command> doit être utilisé dans ce cas pour retirer ces entrées."
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Les options <option>-r</option> et <option>-s</option> ne peuvent pas être "
+"combinées."
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>pwck</command> sont :"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+"Ne signaler que les erreurs. Les avertissements qui ne nécessitent pas une "
+"action de la part de l'utilisateur ne seront pas affichés."
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "Permet d'exécuter <command>pwck</command> dans le mode lecture seule."
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"Trie les entrées de <filename>/etc/passwd</filename> et <filename>/etc/"
+"shadow</filename> par UID."
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+"Cette option n'a aucun effet quand <option>USE_TCB</option> est activée."
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"Par défaut, <command>pwck</command> opère sur les fichiers <filename>/etc/"
+"passwd</filename> et <filename>/etc/shadow</filename><phrase condition="
+"\"tcb> (ou les fichiers dans <filename>/etc/tcb</filename>)</phrase>. "
+"L'utilisateur peut spécifier d'autres fichiers avec les paramètres "
+"<replaceable>passwd</replaceable> et <replaceable>shadow</replaceable>."
+
+#: pwck.8.xml:243(para)
+#, fuzzy
+#| msgid ""
+#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+#| "alternative <replaceable>shadow</replaceable> file. In future releases, "
+#| "this paramater could be replaced by an alternate TCB directory."
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+"Veuillez noter que quand <option>USE_TCB</option> est activée, vous ne "
+"pouvez pas indiquer de fichier <replaceable>shadow</replaceable> alternatif. "
+"Dans les prochaines versions, ce paramètre pourra être remplacé par un "
+"répertoire TCB alternatif."
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "une entrée de mot de passe ou plus est incorrecte"
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "impossible d'ouvrir les fichiers de mots de passe"
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "impossible de verrouiller les fichiers de mots de passe"
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "impossible de mettre à jour les fichiers des mots de passe"
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "impossible de trier les fichiers de mots de passe"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>pwck</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+"Fichier de configuration des droits d'accès en fonction de la date et de "
+"l'heure"
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> contient une liste de tty, noms "
+"d'utilisateurs, et horaires d'accès autorisés."
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"Chaque entrée consiste en trois champs séparés par un caractère deux-points "
+"« : ». Le premier champ est une liste de tty séparés par des virgules, ou un "
+"astérisque « * » pour indiquer que l'entrée correspond à toutes les tty. Le "
+"second champ est une liste de noms d'utilisateurs, ou un astérisque pour "
+"indiquer que cette entrée correspond à n'importe quel utilisateur. Le "
+"troisième champ est une liste d'horaires d'accès autorisés."
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"Chaque horaire d'accès consiste en zéro ou plusieurs abréviations de jours "
+"de la semaine : <emphasis>Su</emphasis> (dimanche), <emphasis>Mo</emphasis> "
+"(lundi), <emphasis>Tu</emphasis> (mardi), <emphasis>We</emphasis> "
+"(mercredi), <emphasis>Th</emphasis> (jeudi), <emphasis>Fr</emphasis> "
+"(vendredi), <emphasis>Sa</emphasis> (samedi), suivi d'un couple d'horaires "
+"séparés par un tiret. L'abréviation <emphasis>Wk</emphasis> peut être "
+"utilisée pour représenter les jours de la semaine du lundi au vendredi, et "
+"<emphasis>Al</emphasis> permet de spécifier l'ensemble des jours de la "
+"semaine. Par défaut, si aucun jour n'est spécifié, <emphasis>Al</emphasis> "
+"est utilisé."
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "EXEMPLES"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"L'entrée suivante autorise l'accès à l'utilisateur <emphasis remap=\"B"
+"\">jfh</emphasis> sur n'importe quel port pendant la semaine de 9 heures à "
+"17 heures."
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"L'entrée suivante autorise l'accès à /dev/console uniquement aux "
+"utilisateurs <emphasis>root</emphasis> et <emphasis>oper</emphasis> à "
+"n'importe quelle heure. Ceci permet de montrer l'importance de l'ordre des "
+"entrées dans le fichier <filename>/etc/porttime</filename>. Les autres "
+"utilisateurs ne satisferont que la deuxième entrée, qui n'autorise aucun "
+"accès."
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+msgstr ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"L'entrée suivante autorise l'accès à tous les ports pour l'utilisateur "
+"<emphasis>games</emphasis>, en dehors des heures de travail."
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "Fichier contenant le port d'accès."
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "fichier des mots de passe"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> contient différentes informations sur les "
+"comptes utilisateurs. Ces informations consistent en sept champs séparés par "
+"des deux-points (« : ») :"
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "un mot de passe chiffré optionnel"
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "l'identifiant numérique de l'utilisateur"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "l'identifiant numérique du groupe de l'utilisateur"
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "le nom complet de l'utilisateur ou un champ de commentaires"
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "le répertoire personnel de l'utilisateur"
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "l'interpréteur de commandes de l'utilisateur (optionnel)"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Le champ du mot de passe chiffré peut être vide. Dans ce cas, aucun mot de "
+"passe n'est nécessaire pour s'authentifier avec le compte donné. Cependant, "
+"certaines applications qui lisent le fichier <filename>/etc/passwd</"
+"filename> peuvent décider de ne donner aucun accès si le <emphasis>mot de</"
+"emphasis> passe est vide. Si le mot de passe est un <quote>x</quote> "
+"minuscule, alors le mot de passe chiffré se trouve dans le fichier "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> ; il <emphasis>doit</emphasis> y avoir une ligne "
+"correspondante dans le fichier <filename>shadow</filename>, sinon le compte "
+"de l'utilisateur n'est pas valide. Si le mot de passe est constitué d'une "
+"autre chaîne, alors il est considéré comme un mot de passe chiffré, comme "
+"indiqué dans <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Le champ de commentaire est utilisé par différents utilitaires système, tels "
+"que <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"Le champ du répertoire personnel de l'utilisateur correspond au nom du "
+"répertoire de travail initial. <command>login</command> utilise cette "
+"information pour définir la valeur de la variable d'environnement <envar>"
+"$HOME</envar>."
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"Le champ de l'interpréteur de commandes correspond au nom de l'interpréteur "
+"de commandes de l'utilisateur, ou au nom d'un programme initial à exécuter. "
+"<command>login</command> utilise cette information pour définir la valeur de "
+"la variable d'environnement <envar>$SHELL</envar>. Si ce champ est vide, "
+"<filename>/bin/sh</filename> est utilisé par défaut."
+
+# TBC: file ?
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "un mot de passe chiffré optionnel"
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "Fichier de sauvegarde de /etc/passwd."
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "Modifier le mot de passe d'un utilisateur"
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"La commande <command>passwd</command> modifie les mots de passe des comptes "
+"d'utilisateurs. Un utilisateur normal ne peut changer que son propre mot de "
+"passe, alors que le superutilisateur peut changer le mot de passe associé à "
+"n'importe quel compte. <command>passwd</command> modifie également les dates "
+"de fin de validité du compte ou du mot de passe associé."
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Modifications du mot de passe"
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"Dans un premier temps, l'utilisateur doit fournir son ancien mot de passe, "
+"s'il en avait un. Ce mot de passe est ensuite chiffré puis comparé avec le "
+"mot de passe enregistré. L'utilisateur n'a droit qu'à un seul essai pour "
+"entrer le mot de passe correct. Le superutilisateur peut contourner cette "
+"première étape de manière à changer les mots de passe ayant été oubliés."
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"Une fois que le mot de passe a été entré, les informations de limite de "
+"validité du mot de passe sont vérifiées pour s'assurer que l'utilisateur est "
+"autorisé à modifier son mot de passe à cet instant. Dans le cas contraire, "
+"<command>passwd</command> refuse de changer le mot de passe, et quitte."
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"Le nouveau mot de passe sera demandé deux fois à l'utilisateur. Le second "
+"mot de passe est comparé avec le premier. Ces deux mots de passe devront "
+"être identiques pour que le mot de passe soit changé."
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"La complexité de ce mot de passe est alors testée. Comme ligne de conduite "
+"générale, un mot de passe doit toujours être constitué de 6 à 8 caractères "
+"en en choisissant un ou plus parmi chacun des ensembles suivants :"
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "caractères alphabétiques minuscules"
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "chiffres de 0 à 9"
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "marques de ponctuation"
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"Il faudra faire attention à ne pas utiliser les caractères de suppression ou "
+"d'effacement. <command>passwd</command> rejettera tout mot de passe dont la "
+"complexité ne sera pas suffisante."
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Astuces pour les mots de passe"
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"La sécurité d'un mot de passe repose sur la force de l'algorithme de "
+"chiffrement et sur la taille de l'espace de clés utilisé. La méthode de "
+"chiffrement des systèmes <emphasis>UNIX</emphasis> est basée sur "
+"l'algorithme NBS DES. Des méthodes plus récentes sont maintenant "
+"recommandées (voir <option>ENCRYPT_METHOD</option>). La taille de l'espace "
+"de clés dépend de l'aléa du mot de passe utilisé."
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"Les compromissions de la sécurité des mots de passe résultent le plus "
+"souvent d'une négligence dans le choix du mot de passe, ou lors de son "
+"utilisation. Pour cette raison, vous ne devez pas sélectionner de mot de "
+"passe apparaissant dans un dictionnaire ou devant être écrit. Le mot de "
+"passe ne doit pas non plus être un nom propre, un numéro minéralogique, une "
+"date de naissance, ou une adresse. En effet ceux-ci pourraient être devinés "
+"pour violer la sécurité du système."
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"Vous pouvez trouver des conseils sur la façon choisir un mot de passe "
+"robuste sur http://en.wikipedia.org/wiki/Password_strength (en anglais)."
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>passwd</command> sont :"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+# NOTE: pas clair
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Cette option ne peut être utilisée qu'avec <option>-S</option> et permet "
+"d'afficher l'état des mots de passe pour tous les utilisateurs."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Supprimer le mot de passe (le rendre vide) d'un utilisateur. C'est une façon "
+"rapide de supprimer l'authentification par mot de passe pour un compte. Il "
+"rend le compte indiqué sans mot de passe."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Annuler immédiatement la validité du mot de passe d'un compte. Ceci permet "
+"d'obliger un utilisateur à changer son mot de passe lors de sa prochaine "
+"connexion."
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+# NOTE: Only this user account
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Cette option permet de désactiver un compte quelques temps après expiration "
+"de son mot de passe. <replaceable>DURÉE_INACTIVITÉ</replaceable> jours après "
+"expiration de son mot de passe, l'utilisateur ne pourra plus se connecter "
+"avec ce compte."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+# NOTE: pas clair
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Indiquer que la modification de mot de passe ne sera effectuée que lors de "
+"l'expiration des jetons d'authentification (mots de passe). C'est utile dans "
+"le cas où l'utilisateur voudrait conserver ses jetons d'authentification "
+"encore valables."
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Verrouiller le mot de passe du compte indiqué. Cette option désactive un mot "
+"de passe en le modifiant par une valeur qui ne correspond pas à un mot de "
+"passe chiffré possible (cela ajoute un « ! » au début du mot de passe)."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"Veuillez noter que cela ne désactive pas le compte. L'utilisateur peut "
+"toujours se connecter en utilisant une autre méthode d'authentification (par "
+"exemple une clé SSH). Pour désactiver un compte, les administrateurs "
+"devraient utiliser <command>usermod --expiredate 1</command> (cela définit "
+"la date d'expiration du compte au 2 janvier 1970)."
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+"Les utilisateurs avec un mot de passe verrouillé ne sont pas autorisés à le "
+"changer."
+
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>JOURS_MIN</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Définir le nombre minimum de jours entre chaque changement de mot de passe à "
+"<replaceable>MIN_DAYS</replaceable>. Une valeur de zéro pour ce champ "
+"indique que l'utilisateur peut changer son mot de passe quand il le souhaite."
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+"Modifier le mot de passe dans la base <replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Afficher l'état d'un compte. Cet état est constitué de 7 champs. Le premier "
+"champ est le nom du compte. Le second champ indique si le mot de passe est "
+"bloqué (L), n'a pas de mot de passe (NP) ou a un mot de passe utilisable "
+"(P). Le troisième champ donne la date de dernière modification du mot de "
+"passe. Les quatre champs suivants sont : la durée minimum avant "
+"modification, la durée maximum de validité, la durée d'avertissement, et la "
+"durée d'inactivité autorisée pour le mot de passe. Les durées sont exprimées "
+"en jours."
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Déverrouiller le mot de passe du compte indiqué. Cette option réactive un "
+"mot de passe en remettant le mot de passe à sa valeur précédente (la valeur "
+"présente avant l'utilisation de l'option <option>-l</option>)."
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DURÉE_AVERTISSEMENT</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"Configurer le nombre de jours d'avertissement avant que le changement de mot "
+"de passe ne soit obligatoire. La valeur <replaceable>DURÉE_AVERTISSEMENT</"
+"replaceable> est le nombre de jours précédant la fin de validité pendant "
+"lesquels un utilisateur sera prévenu que son mot de passe est sur le point "
+"d'arriver en fin de validité."
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>JOURS_MAX</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"Configurer le nombre maximum de jours pendant lesquels un mot de passe reste "
+"valable. Après <replaceable>JOURS_MAX</replaceable>, le mot de passe devra "
+"être modifié."
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"La vérification de la complexité des mots de passe peut varier d'un site à "
+"l'autre. Il est vivement conseillé aux utilisateurs de choisir un mot de "
+"passe aussi complexe que possible dans la limite de ce qu'il est capable de "
+"mémoriser. "
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"Il se peut que les utilisateurs ne puissent pas changer leur mot de passe "
+"sur un système si NIS est activé et qu'ils ne sont pas connectés au serveur "
+"NIS."
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+"<command>passwd</command> utilise PAM pour authentifier les utilisateurs et "
+"modifier leur mot de passe."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (chaîne de caractères)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+"Définir les algorithmes de chiffrement par défaut du système pour coder les "
+"mots de passes (si aucun algorithme n'a été indiqué sur la ligne de "
+"commandes)."
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Les valeurs suivantes sont acceptées : <replaceable>DES</replaceable> (par "
+"défaut), <replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+"Remarque : ce paramètre remplace la variable <option>MD5_CRYPT_ENAB</option>."
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"Remarque : cela n'affecte que la création des mots de passe de groupe. La "
+"création de mot de passe des utilisateurs est effectuée par PAM en fonction "
+"de la configuration de PAM. Il est recommandé de définir cette variable en "
+"cohérence avec la configuration de PAM."
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (booléen)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"Indiquer si un mot de passe doit être chiffré en utilisant l'algorithme basé "
+"sur MD5. Si configurée à <replaceable>yes</replaceable>, les nouveaux mots "
+"de passe seront chiffrés en utilisant l'algorithme basé sur MD5 compatible "
+"avec celui utilisé par les versions récentes de FreeBSD. Il gère des mots de "
+"passe de longueur illimitée et des chaînes de salage plus longues. "
+"Configurez-la à <replaceable>no</replaceable> pour copier les mots de passe "
+"chiffrés sur d'autres systèmes qui ne comprennent pas le nouvel algorithme. "
+"la valeur par défaut est <replaceable>no</replaceable>."
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"Cette variable est écrasée par la variable <option>ENCRYPT_METHOD</option> "
+"ou par toute option de la ligne de commande utilisée pour configurer "
+"l'algorithme de chiffrement."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+"Cette variable est obsolète. Vous devriez utiliser <option>ENCRYPT_METHOD</"
+"option>."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (booléen)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr ""
+"Activer des vérifications supplémentaires lors des changements de mot de "
+"passe."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (booléen)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"Avertir en cas de mots de passe faibles (mais les accepte quand même) si "
+"vous êtes superutilisateur."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (nombre)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+"Nombre maximum d'essais pour changer de mot de passe si refusé (trop facile)."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (nombre)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (nombre)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"Nombre de caractères significatifs dans le mot de passe pour crypt(). La "
+"valeur par défaut de <option>PASS_MAX_LEN</option> est 8. Ne la changez pas "
+"à moins que votre crypt() ne soit meilleur. Ceci est ignoré si "
+"<option>MD5_CRYPT_ENAB</option> est configurée à <replaceable>yes</"
+"replaceable>."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (nombre)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (nombre)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"Quand <option>ENCRYPT_METHOD</option> est configurée à <replaceable>SHA256</"
+"replaceable> ou <replaceable>SHA512</replaceable>, cela définit le nombre de "
+"rounds de SHA utilisés par l'algorithme de chiffrement par défaut (quand le "
+"nombre de rounds n'est pas précisé sur la ligne de commande)."
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"Avec beaucoup de rounds, il est plus difficile de trouver le mot de passe "
+"avec une attaque par force brute. Veuillez remarquer que plus de ressources "
+"processeur seront nécessaires pour authentifier les utilisateurs."
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+"Si non précisée, la libc utilisera le nombre de rounds par défaut (5000)."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+"Les valeurs doivent être comprises dans l'intervalle 1 000 - 999 999 999."
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"Si une seule des variables <option>SHA_CRYPT_MIN_ROUNDS</option> ou "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> est configurée, alors cette valeur "
+"sera utilisée."
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"Si <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, la valeur la plus élevée sera utilisée."
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "Configuration de PAM pour <command>passwd</command>."
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "permission refusée"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "combinaison d'options non valable"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "échec inattendu, rien n'a été fait"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "échec inattendu, le fichier <filename>passwd</filename> est manquant"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+"fichier <filename>passwd</filename> en cours d'utilisation, veuillez "
+"réessayer plus tard"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>passwd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "refuser poliment une connexion"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"La commande <command>nologin</command> affiche un message indiquant que le "
+"compte n'est pas disponible et retourne avec un code non nul. Elle peut être "
+"placée dans le champ indiquant l'interpréteur de commandes pour les comptes "
+"qui ont été désactivés."
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"Pour désactiver toutes les connexions, veuillez consulter "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "HISTORIQUE"
+
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "La commande <command>nologin</command> est apparue avec BSD 4.4."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "Mettre à jour, ou créer de nouveaux utilisateurs par lots"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "fichier"
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"La commande <command>newusers</command> lit un "
+"<replaceable>fichier<replaceable> (ou l'entrée standard par défaut) et "
+"utilise ces informations pour mettre à jour un groupe d'utilisateurs "
+"existants ou pour créer de nouveaux utilisateurs. Chaque ligne est au même "
+"format que le fichier des mots de passe (consultez "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) avec les exceptions suivantes :"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "C'est le nom de l'utilisateur."
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "It can be the name of a new user or the name of an existing user (or an "
+#| "user created before by <command>newusers</command>). In case of an "
+#| "existing user, the user's information will be changed, otherwise a new "
+#| "user will be created."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Il peut s'agir du nom d'un nouvel utilisateur ou du nom d'un utilisateur "
+"existant (ou d'un utilisateur créé précédemment par <command>newusers</"
+"command>). Dans le cas d'un utilisateur existant, les informations de "
+"l'utilisateur seront modifiées, sinon un nouvel utilisateur sera créé."
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Ce champ sera chiffré et utilisé comme nouvelle valeur du mot de passe "
+"chiffré."
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr "pw_uid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Ce champ est utilisé pour définir l'UID de l'utilisateur."
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"Si ce champ est vide, un nouvel UID (non utilisé) sera défini "
+"automatiquement par <command>newusers</command>."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr "Si ce champ contient un nombre, ce nombre sera utilisé comme UID."
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"Si ce champ contient le nom d'un utilisateur existant (ou le nom d'un "
+"utilisateur créé précédemment par <command>newusers</command>), l'UID de "
+"l'utilisateur indiqué sera utilisé."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"Si l'UID d'un utilisateur existant est modifié, vous devrez configurer vous-"
+"même le propriétaire des fichiers de l'utilisateur."
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+"Ce champ est utilisé pour définir l'identifiant du groupe primaire de "
+"l'utilisateur."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"Si ce champ contient le nom d'un groupe existant (ou d'un groupe créé "
+"précédemment par <command>newusers</command>), le GID de ce groupe sera "
+"utilisé comme identifiant de groupe primaire pour l'utilisateur."
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"Si ce champ est un nombre, ce nombre sera utilisé comme identifiant de "
+"groupe primaire de cet utilisateur. Si aucun groupe n'existe avec ce GID, un "
+"nouveau groupe sera créé avec ce GID et le nom de l'utilisateur."
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"Si ce champ est vide, un nouveau groupe sera créé avec le nom de "
+"l'utilisateur et un GID sera automatiquement défini par <command>newusers</"
+"command> pour être utilisé comme identifiant de groupe primaire pour "
+"l'utilisateur et comme GID pour le nouveau groupe."
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"Si le champ contient le nom d'un groupe qui n'existe pas (et qui n'a pas été "
+"créé précédemment par <command>newusers</command>), un nouveau groupe sera "
+"créé avec le nom indiqué et un GID sera automatiquement défini par "
+"<command>newusers</command> pour être utilisé comme identifiant de groupe "
+"primaire pour l'utilisateur et comme identifiant pour le nouveau groupe."
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Ce champ est copié dans le champ GECOS de l'utilisateur."
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr ""
+"Ce champ est utilisé pour définir le répertoire personnel de l'utilisateur."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"Si ce champ n'indique pas de répertoire existant, le répertoire indiqué est "
+"créé, avec comme propriétaire l'utilisateur en cours de création ou mis à "
+"jour et son groupe primaire."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"Si le répertoire personnel d'un utilisateur existant est modifié, "
+"<command>newusers</command> ne déplace ni ne copie le contenu de l'ancien "
+"répertoire personnel à la nouvelle place. Vous devrez effectuer cela vous-"
+"même."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"Ce champ définit l'interpréteur de commande de l'utilisateur. Aucune "
+"vérification n'est effectuée sur ce champ."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"<command>newusers</command> essayera d'abord de créer ou de modifier tous "
+"les utilisateurs indiqués puis écrira ces modifications dans les bases de "
+"données d'utilisateurs et de groupes. Si une erreur survient (en dehors de "
+"l'écriture finale des bases de données), aucune modification ne sera "
+"propagée dans les bases de données."
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+"Lors du premier passage, les utilisateurs sont créés avec un mot de passe "
+"verrouillé (les mots de passe ne sont pas modifiés pour les utilisateurs non "
+"créés). Un second passage est utilisé pour mettre à jour les mots de passe "
+"en utilisant PAM. Les échecs de mise à jour des mots de passe sont signalés, "
+"mais n'empêchent pas les mises à jour des autres mots de passe."
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Cette commande a été conçue pour les gros systèmes pour lesquels un grand "
+"nombre de comptes sont mis à jour en même temps."
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>newusers</command> sont :"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "Utiliser la méthode précisée pour chiffrer les mots de passe."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"Les méthodes disponibles sont DES, MD5, NONE et SHA256 ou SHA512 si votre "
+"libc prend en charge ces méthodes."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Les utilisateurs système seront créés sans information d'âge dans <filename>/"
+"etc/shadow</filename> et leurs identifiants numériques sont choisis dans "
+"l'intervalle <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, "
+"défini dans <filename>login.defs</filename>, au lieu de <option>UID_MIN</"
+"option>-<option>UID_MAX</option> (et leur <option>GID</option> correspondant "
+"pour la création de groupes)."
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "Utiliser le nombre de rounds précisé pour chiffrer les mots de passe."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"La valeur 0 signifie que le système choisira la valeur par défaut du nombre "
+"de rounds pour la méthode de chiffrement (5 000)."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+"Une valeur minimale de 1 000 et une valeur maximale de 999 999 999 seront "
+"imposées."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Vous ne pouvez utiliser cette méthode qu'avec les méthodes de chiffrement "
+"SHA256 ou SHA512."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut, le nombre de rounds est défini par les variables "
+"SHA_CRYPT_MIN_ROUNDS et SHA_CRYPT_MAX_ROUNDS dans <filename>/etc/login.defs</"
+"filename>."
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Le fichier d'entrée doit être correctement protégé puisqu'il contient des "
+"mots de passe en clair."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Vous devez vous assurer que les mots de passe et la méthode de chiffrement "
+"respectent la politique de mot de passe du système."
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "Configuration de PAM pour <command>newusers</command>."
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "se connecter avec un nouveau groupe"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "groupe"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"La commande <command>newgrp</command> permet de changer l'identifiant de "
+"groupe de l'utilisateur au cours d'une session. Si l'option <option>-</"
+"option> est fournie, l'environnement de l'utilisateur est réinitialisé, "
+"comme si l'utilisateur venait de se connecter. Sinon, l'environnement "
+"actuel, y compris le répertoire de travail actuel est conservé."
+
+# NOTE:
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+"<command>newgrp</command> change l'identifiant de groupe réel actuel à la "
+"valeur du groupe indiqué, ou au groupe par défaut défini dans <filename>/etc/"
+"passwd</filename> si aucun nom de groupe n'est fourni. <command>newgrp</"
+"command> essaiera également d'ajouter le groupe à l'ensemble des groupes de "
+"l'utilisateur. Si l'utilisateur n'est pas superutilisateur, un mot de passe "
+"lui sera demandé s'il n'utilise pas de mot de passe (dans <filename>/etc/"
+"shadow</filename>, si cet utilisateur a une entrée dans le fichier des mots "
+"de passe cachés, ou dans <filename>/etc/passwd</filename> sinon), mais que "
+"le groupe en a un, ou si l'utilisateur n'est pas dans la liste des membres "
+"de ce groupe et que ce groupe utilise un mot de passe. L'accès sera refusé "
+"si le mot de passe du groupe est vide et que l'utilisateur ne fait pas "
+"partie de ses membres."
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+"S'il y a une entrée pour ce groupe dans <filename>/etc/gshadow</filename>, "
+"alors la liste des membres et le mot de passe de ce groupe seront pris dans "
+"ce fichier, sinon, l'entrée du fichier <filename>/etc/group</filename> est "
+"utilisée."
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "Imposer les restrictions de connexion dans le temps"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"<command>logoutd</command> impose les restrictions (sur les ports, la date "
+"et l'heure de connexion) spécifiées dans <filename>/etc/porttime</filename>. "
+"<command>logoutd</command> doit être démarré depuis <filename>/etc/rc</"
+"filename>. Il analyse le fichier <filename>/var/run/utmp</filename> "
+"régulièrement et, pour chaque utilisateur, il vérifie que ce nom "
+"d'utilisateur est autorisé à être connecté à ce port à ce moment. Toute "
+"session en violation avec les restrictions de <filename>/etc/porttime</"
+"filename> est terminée."
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Liste des sessions de connexion en cours."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "configuration de la suite des mots de passe cachés « shadow password »"
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+"Le fichier <filename>/etc/login.defs</filename> définit la configuration de "
+"la suite shadow password (mots de passe cachés) pour le système. Ce fichier "
+"est indispensable. Son absence n'empêchera pas le système de fonctionner, "
+"mais aura probablement des conséquences indésirables."
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Ce fichier est un fichier texte, dont chaque ligne décrit un paramètre de "
+"configuration. Les lignes consistent en un nom et une valeur, séparés par "
+"une espace. Les lignes blanches et les lignes de commentaires sont ignorées. "
+"Les commentaires commencent par un caractère « # », qui doit être le premier "
+"caractère non blanc de la ligne."
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+"Les valeurs des paramètres sont de quatre types : chaînes de caractères, "
+"booléens, nombres et nombres longs. Une chaîne de caractères est constituée "
+"de n'importe quels caractères imprimables. Un booléen est soit "
+"<replaceable>yes</replaceable> (oui), soit <replaceable>no</replaceable> "
+"(non). Un paramètre booléen non défini, ou défini avec une valeur autre que "
+"celles-là prendra la valeur <replaceable>no</replaceable>. Un nombre (normal "
+"ou long) peut être soit décimal, soit octal (en précédant la valeur d'un "
+"<replaceable>0</replaceable>), ou encore hexadécimal (en précédant la valeur "
+"de <replaceable>0x</replaceable>). La valeur maximale des paramètres "
+"numériques normaux ou longs dépend de la machine."
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Les paramètres de configuration suivants sont fournis :"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (booléen)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"La valeur <replaceable>yes</replaceable> indique que le programme "
+"<command>chfn</command> nécessitera une authentification avant de procéder à "
+"tout changement, à moins qu'ils ne soient exécutés par le superutilisateur."
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+"Ce paramètre précise quelles valeurs du champ <emphasis remap=\"I\">gecos</"
+"emphasis> du fichier <filename>passwd</filename> peuvent être modifiées par "
+"les utilisateurs ordinaires à l'aide du programme <command>chfn</command>. "
+"Il est constitué d'une combinaison de lettres parmi <replaceable>f</"
+"replaceable>, <replaceable>r</replaceable>, <replaceable>w</replaceable> et "
+"<replaceable>h</replaceable>, correspondant respectivement au nom complet, "
+"au numéro de bureau, au numéro de téléphone professionnel et au numéro de "
+"téléphone personnel. Pour des raisons de compatibilité avec des versions "
+"antérieures, <replaceable>yes</replaceable> est équivalent à "
+"<replaceable>rwh</replaceable> et <replaceable>no</replaceable> à "
+"<replaceable>frwh</replaceable>. S'il n'est pas précisé, seul le "
+"superutilisateur peut effectuer des modifications. Pour une configuration "
+"encore plus restrictive, il sera préférable de ne pas installer "
+"<command>chfn</command> avec l'indicateur SUID positionné."
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (booléen)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"La valeur <replaceable>yes</replaceable> indique que le programme "
+"<command>chsh</command> nécessitera une authentification avant de procéder à "
+"tout changement, à moins qu'ils ne soient exécutés par le superutilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Le caractère ERASE du terminal (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+"La valeur peut être préfixée par « 0 » pour une valeur octale, ou « 0x » "
+"pour une valeur hexadécimale."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+"Le délai en secondes avant qu'un nouvel essai soit permis après un échec de "
+"connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+"Activer l'enregistrement et l'affichage des informations d'échec de "
+"connexion de <filename>/var/log/faillog</filename>"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"Si définie, <command>login</command> exécutera cet interpréteur de commandes "
+"au lieu de l'interpréteur de l'utilisateur spécifié dans <filename>/etc/"
+"passwd</filename>."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+"Si définie, les échecs de connexion seront enregistrés dans le fichier sous "
+"le format utmp"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+"Si définie, le fichier peut désactiver tous les affichages habituels durant "
+"la séquence de connexion. Si un nom de chemin complet est spécifié, alors le "
+"mode taiseux sera activé si le nom ou l'interpréteur de commandes de "
+"l'utilisateur sont trouvés dans le fichier. Si ce n'est pas un nom de chemin "
+"complet, alors le mode taiseux sera activé si le fichier existe dans le "
+"répertoire personnel de l'utilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr "Si définie, le fichier sera affiché avant chaque invite de connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+"Le caractère KILL du terminal (<replaceable>025</replaceable> = CTRL/U)."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+"Activer la journalisation et l'affichage des informations de dernière "
+"connexion de /var/log/lastlog."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "Activer la journalisation des connexions réussies."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+"Activer l'affichage des noms d'utilisateurs inconnus quand les échecs de "
+"connexions sont enregistrés."
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Remarque : la journalisation des noms d'utilisateurs inconnus peut être un "
+"problème de sécurité si un utilisateur entre son mot de passe au lieu de son "
+"nom d'utilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+"Le nombre maximum de tentatives de connexion en cas de mauvais mot de passe."
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"Ce sera probablement écrasé par PAM, puisque le module pam_unix est réglé en "
+"dur pour n'effectuer que 3 tentatives. Toutefois, il s'agit d'une solution "
+"de repli au cas où vous utilisez un module d'authentification qui ne fait "
+"pas appliquer PAM_MAXTRIES."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "Le temps maximum en secondes pour la connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+"Si définie, liste délimitée par des « : » de fichiers de « message du jour » "
+"à afficher lors de la connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+"Si définie, nom de fichier dont la présence empêchera les connexions de "
+"quelqu'un d'autre que le superutilisateur. Le contenu de ces fichiers doit "
+"être un message indiquant pourquoi les connexions sont désactivées."
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"Les paramètres <option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</"
+"option> et <option>PASS_WARN_AGE</option> ne sont utilisés qu'au moment de "
+"la création d'un compte. Les changements n'affecteront pas les comptes "
+"existants."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+"Activer la vérification des restrictions de temps précisées dans <filename>/"
+"etc/porttime</filename>."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+"Les permissions de terminal : la connexion tty appartiendra au groupe "
+"<option>TTYGROUP</option> et les permissions seront configurées à "
+"<option>TTYPERM</option>."
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"Par défaut, le propriétaire du terminal est configuré au groupe primaire de "
+"l'utilisateur et les permissions sont configurées à <replaceable>0600</"
+"replaceable>."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+"<option>TTYGROUP</option> peut être le nom d'un groupe ou un identifiant "
+"numérique de groupe."
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+"Si vous avez un programme <command>write</command> qui est « setgid » à un "
+"groupe spécial auquel les terminaux appartiennent, définissez TTYGROUP comme "
+"l'identifiant numérique du groupe et TTYPERM à 0620. Autrement laissez "
+"TTYGROUP décommenté et TTYPERM configuré soit à 622 soit à 600."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+"Si définie, fichier qui lie les lignes de tty à la variable d'environnement "
+"TERM. Chaque ligne du fichier est dans un format ressemblant à « vt100 "
+"tty01 »."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "Valeur par défaut d'<command>ulimit</command>."
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "RÉFÉRENCES CROISÉES"
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"Les références croisées ci-dessous montrent quels sont les paramètres "
+"utilisés par les différents programmes de la suite shadow password."
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN "
+"UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK "
+"USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"La plupart des fonctionnalités qui étaient fournies par les mots de passe "
+"cachés (« shadow password ») sont désormais gérées par PAM. De ce fait, "
+"<filename>/etc/login.defs</filename> n'est plus utilisé par "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> et moins utilisé par <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> et "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>. Veuillez plutôt vous référer aux fichiers de configuration de "
+"PAM correspondant."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "table de contrôle des connexions"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+"Le fichier <emphasis remap=\"I\">login.access</emphasis> permet de spécifier "
+"des paires (utilisateur, hôte) et/ou (utilisateur, tty) pour lesquelles "
+"toute connexion sera soit acceptée soit refusée."
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+"Lorsqu'un utilisateur se connecte, le fichier <emphasis remap=\"I\">login."
+"access</emphasis> est lu jusqu'à la première entrée correspondant à la paire "
+"(utilisateur, hôte) ou, dans le cas d'une connexion ne passant pas par le "
+"réseau, à la première entrée correspondant au couple (utilisateur, tty). Le "
+"champ des permissions de la table pour cette entrée détermine alors si la "
+"connexion doit être acceptée ou refusée."
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"Chaque ligne de la table de contrôle des connexions (« login access control "
+"table ») est composée de trois champs séparés par le caractère « : » :"
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I"
+"\">utilisateurs</emphasis>:<emphasis remap=\"I\">origines</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+"Le premier champ est soit un « <emphasis>+</emphasis> » (accès autorisé), "
+"soit un « <emphasis>-</emphasis> » (accès refusé). Le second champ est une "
+"liste d'un ou plusieurs noms d'utilisateurs ou de groupes, ou <emphasis>ALL</"
+"emphasis> (correspond à tous les utilisateurs). Le troisième champ est une "
+"liste d'un ou plusieurs noms de tty (pour les connexions hors réseau), noms "
+"d'hôtes, noms de domaines (commençant par un « <literal>.</literal> »), "
+"adresses d'hôte, adresses de sous-réseau (terminant par un « <literal>.</"
+"literal> »), <emphasis>ALL</emphasis> (pour spécifier n'importe quelle "
+"connexion), ou <emphasis>LOCAL</emphasis> (correspond à n'importe quelle "
+"chaîne ne contenant pas de « <literal>.</literal> »). Si vous utilisez NIS, "
+"vous pouvez utiliser @nomdegroupe pour les motifs d'utilisateur et d'hôte."
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+"L'opérateur <emphasis>EXCEPT</emphasis> permet d'écrire des règles très "
+"compactes."
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+"Le fichier d'informations sur les groupes (/etc/group) n'est utilisé que "
+"lorsqu'un nom ne correspond à aucun des utilisateurs connectés. Seuls les "
+"groupes pour lesquels la liste des utilisateurs est spécifiée sont "
+"utilisés : le programme ne recherche pas parmi les groupes primaires des "
+"utilisateurs."
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "Démarrer une session sur le système"
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "hôte"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+"Le programme <command>login</command> permet d'établir une nouvelle session "
+"sur le système. Il est généralement invoqué après avoir répondu à l'invite "
+"de connexion <emphasis remap=\"I\">login:</emphasis> sur le terminal de "
+"l'utilisateur. <command>login</command> peut être spécifique à "
+"l'interpréteur de commandes et ne devrait pas être invoqué comme un sous-"
+"processus. Lorsqu'il est appelé depuis un interpréteur de commande, "
+"<command>login</command> doit être exécuté comme <emphasis remap=\"B\">>exec "
+"login</emphasis>, ce qui entraîne la sortie de l'interpréteur de commandes "
+"en cours (et ainsi empêche le nouvel utilisateur connecté de retourner à la "
+"session de l'appelant). L'exécution de <command>login</command> depuis un "
+"interpréteur de commandes autre qu'un interpréteur de commandes initial "
+"(« login shell ») produira un message d'erreur."
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+"Un mot de passe est ensuite demandé à l'utilisateur. L'affichage du mot de "
+"passe est désactivé pour éviter de révéler le mot de passe. Seul un petit "
+"nombre d'échecs est permis avant que <command>login</command> ne quitte et "
+"que la liaison ne soit interrompue."
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+"Si une date de fin de validité du mot de passe a été définie pour ce compte, "
+"un nouveau mot de passe pourra vous être demandé. Votre ancien mot de passe "
+"et votre nouveau mot de passe vous seront alors demandés avant de pouvoir "
+"continuer. Veuillez lire la page de manuel "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> pour plus d'informations."
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+"Après une connexion réussie, vous serez informé des messages du système et "
+"de la présence de courrier. Vous pouvez désactiver l'affichage du message du "
+"système (<filename>/etc/motd</filename>), en créant un fichier vide "
+"<filename>.hushlogin</filename> dans le répertoire de votre compte. Le "
+"message concernant les courriers sera « <emphasis>You have new mail.</"
+"emphasis> », « <emphasis>You have mail.</emphasis> », ou « <emphasis>No Mail."
+"</emphasis> » suivant l'état de votre boîte aux lettres."
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+"Vos identifiants d'utilisateur et de groupe seront définis en fonction des "
+"valeurs spécifiées dans le fichier <filename>/etc/passwd</filename>. Les "
+"valeurs des variables d'environnement <emphasis>$HOME</emphasis>, <emphasis>"
+"$SHELL</emphasis>, <emphasis>$PATH</emphasis>, <emphasis>$LOGNAME</"
+"emphasis>, et <emphasis>$MAIL</emphasis> seront définies en fonction des "
+"champs appropriés de l'entrée qui vous correspond. Les valeurs d'ulimit, "
+"d'umask et de nice pourront également être affectées en fonction des entrées "
+"du champ GECOS."
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+"Sur certains systèmes, la variable d'environnement <emphasis>$TERM</"
+"emphasis> sera initialisée au type de terminal de votre tty, comme spécifié "
+"dans <filename>/etc/ttytype</filename>."
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"Un script d'initialisation pour votre interpréteur de commandes pourra "
+"également être exécuté. Veuillez vous référer à la section de manuel "
+"appropriée pour plus d'informations sur cette fonctionnalité."
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+"Le programme <command>login</command> n'est PAS responsable de la "
+"suppression d'utilisateurs dans le fichier utmp. Les responsables du "
+"nettoyage de l'appartenance des sessions de terminal sont "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> et <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>. Si vous utilisez "
+"<command>login</command> depuis un interpréteur de commandes sans "
+"<command>exec</command>, l'utilisateur que vous utilisez continuera à "
+"apparaître comme étant connecté même après s'être déconnecté de cette « sous-"
+"session »."
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "Ne pas réaliser d'authentification. L'utilisateur est pré-authentifié."
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+"Remarque : Dans ce cas, <replaceable>username</replaceable> est nécessaire."
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Nom de l'hôte distant pour cette connexion."
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Préserver l'environnement."
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr ""
+"Exécuter le protocole de connexion automatique (autologin) pour rlogin."
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Les options <option>-r</option>, <option>-h</option> et <option>-f</option> "
+"ne peuvent être utilisées que par root."
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Cette version de <command>login</command> comporte de nombreuses options de "
+"compilation. Seules certaines d'entre elles peuvent avoir été activées sur "
+"votre site."
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+"L'emplacement des fichiers peut varier suivant la configuration du système."
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+"Comme pour n'importe quel programme, l'apparence de <command>login</command> "
+"peut être imitée. Si des utilisateurs non sûrs ont un accès physique à la "
+"machine, un attaquant pourrait utiliser cet accès pour obtenir le mot de "
+"passe de la personne qui s'assiérait ensuite face à l'écran. Sous Linux, le "
+"mécanisme SAK peut être utilisé par les utilisateurs pour initier un chemin "
+"de confiance et prévenir ce genre d'attaques."
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Liste des sessions de connexion précédentes."
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "Fichier contenant le message du système."
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "Empêcher les utilisateurs non-root de se connecter."
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "Liste des types de terminaux."
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "Supprimer l'affichage des messages du système."
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "définition des limites de ressources"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+"Le fichier <emphasis remap=\"I\">limits</emphasis> (<filename>/etc/limits</"
+"filename> par défaut ou LIMITS_FILE définit dans <filename>config.h</"
+"filename>) décrit les limites de ressource que vous voulez imposer. Il doit "
+"être possédé et ne doit être lisible que par le compte root."
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+"Par défaut, aucun quota (aucune limite) n'est imposé à « root ». En fait, il "
+"n'est pas possible d'imposer de cette façon de limite aux comptes root ou "
+"équivalents (comptes ayant un UID de 0)."
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr ""
+"Chaque ligne décrit une limite pour un utilisateur, elle est de la forme "
+"suivante :"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "utilisateur LISTE_DE_LIMITES"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "ou sous la forme :"
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@groupe LISTE_DE_LIMITES"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"Où <emphasis>LISTE_DE_LIMITES</emphasis> est une chaîne construite par la "
+"concaténation d'une liste de limites de ressource. Chaque limite consiste en "
+"une lettre (identifiant le type de limite) et une valeur numérique."
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "Les identifiants possibles sont :"
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A : espace d'adressage maximal (en kilo octets)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+"C : taille maximale d'un fichier image de la mémoire (« core », en kilo "
+"octets)"
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr ""
+"D : taille maximale du segment de données d'un programme (en kilo octets)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F : taille maximale des fichiers (en kilo octets)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K : masque de création de fichier, défini par "
+"<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></"
+"citerefentry>."
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr "I : valeur nice maximum (0..39 qui sera traduit en 20..-19)"
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L : nombre maximal de connexions simultanées pour cet utilisateur"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+"M : taille maximale de mémoire verrouillée (« locked-in-memory », en kilo "
+"octets)"
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N : nombre maximal de fichiers ouverts"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O : priorité temps réel maximale"
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P : priorité des processus, défini par "
+"<citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+"R : taille maximale de la mémoire résidente (« resident set size », en kilo "
+"octets)"
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S : taille maximale de la pile (en kilo octets)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T : temps processeur maximal consommé (en minutes)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U : nombre maximal de processus"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"Par exemple, <emphasis remap=\"I\">L2D2048N5</emphasis> est une chaîne "
+"<emphasis>LISTE_DE_LIMITES</emphasis> valable. Pour faciliter la lecture, "
+"les entrées suivantes sont équivalentes :"
+
+# NOTE: elle va pas cette chaîne
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+msgstr ""
+"\n"
+" utilisateur L2D2048N5\n"
+" utilisateur L2 D2048 N5\n"
+" "
+
+#: limits.5.xml:145(para)
+#, fuzzy
+#| msgid ""
+#| "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+#| "the line is considered a limit string, thus comments are not allowed. A "
+#| "invalid limits string will be rejected (not considered) by the "
+#| "<command>login</command> program."
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+"Attention : tout ce qui suit <emphasis remap=\"I\">utilisateur</emphasis> "
+"est considéré comme une limite de chaîne. Les commentaires ne sont pas "
+"autorisés. Une chaîne de limites non valable sera rejetée (non utilisée) par "
+"le programme <command>login</command>."
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+"L'entrée par défaut est représentée par un utilisateur dénommé "
+"« <emphasis>*</emphasis> ». Si plusieurs entrées par défaut sont présentes "
+"dans le fichier de limites, alors seule la dernière sera prise en compte."
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"Les limites précisées sous la forme « <replaceable>@groupe</replaceable> » "
+"s'appliquent aux membres du <replaceable>groupe</replaceable> précisé."
+
+#: limits.5.xml:165(para)
+#, fuzzy
+#| msgid ""
+#| "If more than one line with limits for an user exist, only the first line "
+#| "for this user will be considered."
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"Si plusieurs lignes avec des limites pour un utilisateur existent, seule la "
+"première ligne pour cet utilisateur sera prise en compte."
+
+#: limits.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "If no lines are specified for an user, the last <replaceable>@group</"
+#| "replaceable> line matching a group whose the user is a member of will be "
+#| "considered, or the last line with default limits if no groups contain the "
+#| "user."
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+"Si aucune ligne n'est précisée pour l'utilisateur, la dernière ligne "
+"<replaceable>@groupe</replaceable> correspondant à un groupe auquel "
+"l'utilisateur appartient sera prise en compte, ou la dernière ligne avec les "
+"limites par défaut si aucun groupe ne contient l'utilisateur."
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+"Un simple tiret « <emphasis>-</emphasis> » sera suffisant pour désactiver "
+"toute limite à un utilisateur, "
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+"Afin de désactiver une limite pour un utilisateur, un simple tiret "
+"« <replaceable>-</replaceable> » peut être utilisé au lieu d'une valeur "
+"numérique pour cette limite."
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+"Notez également que les limites ne sont configurées que PAR CONNEXION. Il "
+"n'y a pas de limite globale ou permanente. Des limites globales pourraient "
+"voir le jour, mais pour l'instant, il faut faire sans."
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+"signaler les connexions les plus récentes de tous les utilisateurs ou d'un "
+"utilisateur donné"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"<command>lastlog</command> affiche le contenu du journal des dernières "
+"connexions (<filename>/var/log/lastlog</filename>). Les champs "
+"<emphasis>Utilisateur</emphasis>, <emphasis>Port</emphasis>, date de "
+"<emphasis>Dernière</emphasis> connexion sont affichés. Par défaut (aucune "
+"option de spécifiée), les entrées de lastlog sont affichées triées par ordre "
+"d'apparition dans <filename>/etc/passwd</filename>."
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>lastlog</command> sont :"
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>JOURS</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"N'afficher que les entrées du fichier lastlog plus anciennes que <emphasis "
+"remap=\"I\">JOURS</emphasis>."
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "This option is only valid in combination with the <option>-d</option> (or "
+#| "<option>--home</option>) option."
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+"Cette option ne fonctionne que lorsqu'elle est combinée avec l'option "
+"<option>-d</option> (ou <option>--home</option>)."
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>JOURS</"
+"replaceable>"
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"Afficher les entrées du fichier lastlog plus récentes que <emphasis remap=\"I"
+"\">JOURS</emphasis>."
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr "N'afficher que les entrées correspondant aux utilisateurs indiqués."
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+"Les utilisateurs peuvent être précisés par un nom de connexion, un "
+"identifiant numérique d'utilisateur ou un <replaceable>INTERVALLE</"
+"replaceable> d'utilisateurs. Cet <replaceable>INTERVALLE</replaceable> "
+"d'utilisateurs peut être précisé avec des valeurs minimale et maximale "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), seulement une valeur maximale "
+"(<replaceable>-UID_MAX</replaceable>) ou une valeur minimale "
+"(<replaceable>UID_MIN-</replaceable>)."
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"Dans le cas où l'utilisateur ne s'est jamais connecté, le message "
+"« <emphasis>**Never logged in**</emphasis> » (« <emphasis>**Jamais "
+"connecté**</emphasis> ») est affiché à la place des champs <emphasis>Port</"
+"emphasis> et date de <emphasis>Dernière</emphasis> connexion."
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+"Seules les entrées pour les utilisateurs actuels du système seront "
+"affichées. D'autres entrées peuvent exister pour les utilisateurs supprimés "
+"précédemment."
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "NOTE"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Le fichier <filename>lastlog</filename> est une base de données qui contient "
+"des informations concernant la dernière connexion de chaque utilisateur. "
+"Vous n'avez pas à faire de rotation (avec <command>logrotate</command>) sur "
+"ce fichier. C'est un fichier « creux », donc sa taille sur le disque est "
+"bien plus petite que celle affichée par « <command>ls -l</command> » (qui "
+"peut indiquer un très gros fichier si vous avez des utilisateurs avec des "
+"UID élevés). Vous pouvez afficher sa taille réelle avec « <command>ls -s</"
+"command> »."
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr ""
+"Base de données de l'heure des connexions précédentes des utilisateurs."
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"S'il y a des trous importants dans les valeurs des UID, <command>lastlog</"
+"command> s'exécutera plus lentement, sans affichage à l'écran (par exemple, "
+"s'il n'y a pas d'entrée pour les utilisateurs ayant un UID compris entre 170 "
+"et 800 dans base de données lastlog, le programme lastlog semblera bloqué "
+"comme s'il traitait les entrées correspondant aux UID 171 à 799)."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "informations cachées sur les groupes"
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"<filename>/etc/gshadow</filename> contient les informations cachées sur les "
+"groupes."
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+"Chaque ligne de ce fichier contient les champs suivants, séparés par des "
+"deux-points (« : ») :"
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "nom du groupe"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "Ce doit être un nom de groupe valable, qui existe sur le système."
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Si le champ du mot de passe contient une chaîne qui ne peut pas être un "
+"résultat valable de <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si elle "
+"contient les caractères « ! » ou « * », les utilisateurs ne pourront pas "
+"utiliser le mot de passe UNIX pour accéder au groupe (mais les membres du "
+"groupe n'ont pas besoin de mot de passe)."
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The password is used when an user who is not a member of the group wants "
+#| "to gain the permissions of this group (see "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>)."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Le mot de passe est utilisé quand un utilisateur non membre du groupe veut "
+"obtenir les permissions de ce groupe (consultez "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>)."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+"Ce champ peut être vide. Dans ce cas seuls les membres du groupe peuvent "
+"obtenir les permissions du groupe."
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+"Ce mot de passe remplace tout mot de passe indiqué dans <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "administrateurs"
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "Ce champ doit être une liste d'utilisateurs, séparés par des virgules."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+"Les administrateurs peuvent modifier le mot de passe ou les membres du "
+"groupe."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"Les administrateurs peuvent aussi avoir les mêmes permissions que les "
+"membres (voir ci-dessous)."
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "membres"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+"Les membres peuvent accéder au groupe sans qu'un mot de passe ne leur soit "
+"demandé."
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Vous devez utiliser la même liste d'utilisateurs que dans <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "Vérifier l'intégrité des fichiers d'administration des groupes"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+"La commande <command>grpck</command> vérifie l'intégrité des informations "
+"sur les groupes du système. Toutes les entrées de <filename>/etc/group</"
+"filename> <phrase condition=\"gshadow\"> et <filename>/etc/gshadow</"
+"filename></phrase> sont vérifiées afin de s'assurer qu'elles ont le bon "
+"format et qu'elles contiennent des données valables dans chaque champ. Une "
+"confirmation de l'utilisateur sera demandée pour détruire les entrées mal "
+"formatées ou ayant d'autres erreurs non récupérables."
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "unicité et validité des noms de groupe ;"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"validité des identifiants de groupe <phrase condition=\"gshadow\"> "
+"(seulement <filename>/etc/group</filename>)</phrase> ;"
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+"validité de la liste de membres <phrase condition=\"gshadow\"> et "
+"d'administrateurs</phrase> ;"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+"correspondance d'entrée dans le fichier <filename>/etc/gshadow</filename> "
+"(respectivement <filename>/etc/group</filename> pour les vérifications de "
+"<filename>gshadow</filename>)."
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+"Une erreur dans le nombre de champs ou la non unicité d'un nom de groupe "
+"sera fatale. Si le nombre de champs n'est pas correct, il sera demandé à "
+"l'utilisateur de supprimer la ligne. Si l'utilisateur ne répond pas par "
+"l'affirmative, les vérifications suivantes ne seront pas effectuées. Il sera "
+"également demandé de supprimer les entrées correspondant aux noms de groupe "
+"redondants, mais dans ce cas, les autres vérifications seront effectuées. "
+"Toutes les autres erreurs ne sont que des avertissements et l'utilisateur "
+"est encouragé à utiliser <command>groupmod</command> pour les corriger."
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+"Les commandes qui opèrent sur <phrase condition=\"no_gshadow\">le fichier</"
+"phrase> <phrase condition=\"gshadow\">les fichiers</phrase> <filename>/etc/"
+"group</filename> <phrase condition=\"gshadow\">et <filename>/etc/gshadow</"
+"filename></phrase> ne peuvent pas modifier les entrées corrompues ou "
+"redondantes. <command>grpck</command> doit être utilisée dans ce cas pour "
+"supprimer ces entrées."
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>grpck</command> sont :"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+"Exécute la commande <command>grpck</command> en mode lecture seule. Cela "
+"signifie qu'à toutes les questions concernant des modifications il sera "
+"répondu <emphasis>no</emphasis> sans l'intervention de l'utilisateur."
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"Trie les entrées de <filename>/etc/group</filename> <phrase condition="
+"\"gshadow\">et <filename>/etc/gshadow</filename></phrase> par GID."
+
+#: grpck.8.xml:196(para)
+#, fuzzy
+#| msgid ""
+#| "By default, <command>grpck</command> operates on <filename>/etc/group</"
+#| "filename><phrase condition=\"gshadow\"> and <filename>/etc/gshadow</"
+#| "filename></phrase>. The user may select alternate files with the "
+#| "<emphasis remap=\"I\">group</emphasis><phrase condition=\"no_gshadow"
+#| "\">parameter.</phrase><phrase condition=\"gshadow\">and <emphasis remap="
+#| "\"I\">shadow</emphasis> parameters.</phrase>"
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"Par défaut, <command>grpck</command> opère sur <filename>/etc/group</"
+"filename> <phrase condition=\"gshadow\">et <filename>/etc/gshadow</"
+"filename></phrase>. L'utilisateur peut préciser d'autres fichiers avec "
+"<phrase condition=\"no_gshadow\">le paramètre</phrase><phrase condition="
+"\"gshadow\">les paramètres</phrase> <emphasis remap=\"I\">group</emphasis> "
+"<phrase condition=\"gshadow\"> et <emphasis remap=\"I\">shadow</emphasis></"
+"phrase>."
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "une entrée de groupe ou plus est incorrecte"
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "impossible d'ouvrir les fichiers group"
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "impossible de verrouiller les fichiers group"
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "impossible de mettre à jour les fichiers group"
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>grpck</command> renvoie les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "Afficher la liste des groupes auxquels appartient l'utilisateur"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "utilisateur"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+"La commande <command>groups</command> affiche la liste des noms de groupe "
+"(ou leur identifiant numérique) de l'utilisateur courant. Si une valeur n'a "
+"pas d'entrée correspondante dans <filename>/etc/group</filename>, "
+"l'identifiant numérique du groupe est affiché. Le paramètre optionnel "
+"<emphasis remap=\"I\">utilisateur</emphasis> permet d'afficher la liste des "
+"groupes pour cet utilisateur."
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+"Sur les systèmes qui ne gèrent pas l'appartenance à plusieurs groupes, "
+"seules les informations contenues dans <filename>/etc/group</filename> sont "
+"affichées. L'utilisateur doit utiliser <command>newgrp</command> ou "
+"<command>sg</command> pour modifier l'identifiant de groupe réel et effectif."
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "Modifier la définition d'un groupe du système"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GROUPE"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"La commande <command>groupmod</command> modifie la définition du "
+"<replaceable>GROUPE</replaceable> spécifié en modifiant l'entrée "
+"correspondante de la base de données des groupes."
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupmod</command> sont :"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"L'identifiant numérique du groupe <replaceable>GROUPE</replaceable> sera "
+"modifié vers <emphasis remap=\"I\">GID</emphasis>."
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"La valeur de <replaceable>GID</replaceable> doit être un nombre décimal "
+"positif. Cette valeur doit être unique, à moins que l'option <option>-o</"
+"option> ne soit utilisée."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"Les utilisateurs qui utilisent ce groupe comme groupe primaire seront mis à "
+"jour pour garder le groupe comme groupe primaire."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+"Vous devrez modifier vous-même l'identifiant de groupe des fichiers ayant "
+"l'ancien identifiant de groupe qui doivent continuer à appartenir au "
+"<replaceable>GROUPE</replaceable>."
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, ou "
+"<option>SYS_GID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NOUVEAU_NOM_GROUPE</replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Le nom du groupe sera modifié de <emphasis remap=\"I\">GROUPE</emphasis> "
+"vers <emphasis remap=\"I\">NOUVEAU_NOM_GROUPE</emphasis>."
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"En combinaison avec l'option <option>-g</option>, cette option permet de "
+"changer l'identifiant du groupe (<replaceable>GID</replaceable>) vers une "
+"valeur déjà utilisée."
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "nom de groupe déjà utilisé"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupmod</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "Administrer les membres du groupe primaire d'un utilisateur"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "nom_utilisateur"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "nom_groupe"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+"La commande <command>groupmems</command> permet à un utilisateur "
+"d'administrer la liste des membres de son propre groupe sans avoir les "
+"privilèges du superutilisateur. L'utilitaire <command>groupmems</command> a "
+"été conçu pour les systèmes qui configurent leurs utilisateurs de telle "
+"sorte qu'ils soient responsables de leur groupe primaire (par exemple guest/"
+"guest)."
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Seul le superutilisateur, en tant qu'administrateur, peut utiliser "
+"<command>groupmems</command> pour modifier la liste des membres d'un autre "
+"groupe."
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupmems</command> sont :"
+
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;"
+"<replaceable>nom_utilisateur</replaceable>"
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Ajouter un utilisateur à la liste des membres du groupe."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"Si le fichier <filename>/etc/gshadow</filename> existe, et que le groupe n'y "
+"a pas d'entrée, une nouvelle entrée sera créée."
+
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>nom_utilisateur</replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Supprimer un utilisateur de la liste des membres du groupe."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"Si le fichier <filename>/etc/gshadow</filename> existe, l'utilisateur sera "
+"retiré de la liste des membres et des administrateurs du groupe."
+
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>nom_groupe</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+"Le superutilisateur peut préciser la liste des membres du groupe à modifier."
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "Afficher la liste des membres du groupe."
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "Supprimer tous les utilisateurs de la liste des membres du groupe."
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr "CONFIGURATION"
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+"L'exécutable <command>groupmems</command> doit être installé en mode "
+"<literal>2770</literal> avec pour utilisateur <emphasis>root</emphasis> et "
+"pour groupe <emphasis>groups</emphasis>. L'administrateur système peut "
+"ajouter des utilisateurs au groupe <emphasis>groups</emphasis> pour leur "
+"permettre ou leur interdire d'utiliser <command>groupmems</command> pour "
+"gérer leur propre liste de membres du groupe."
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "informations cachées sur les groupes"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "Supprimer un groupe"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"La commande <command>groupdel</command> modifie les fichiers "
+"d'administration des comptes du système, en supprimant les entrées qui se "
+"réfèrent à <replaceable>groupe</replaceable>. Le groupe indiqué doit exister."
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupdel</command> sont :"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Vous ne pouvez pas supprimer le groupe primaire d'un utilisateur existant. "
+"Vous devez supprimer l'utilisateur auparavant."
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Vous devriez vérifier vous-même qu'aucun fichier possédé par le groupe ne "
+"subsiste sur tous les systèmes de fichiers."
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "impossible de supprimer le groupe primaire d'un utilisateur existant"
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupdel</command> renvoie les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "Créer un nouveau groupe"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+"La commande <command>groupadd</command> crée un nouveau compte de groupe en "
+"utilisant les valeurs spécifiées sur la ligne de commande et les valeurs par "
+"défaut du système. Le nouveau groupe sera inséré dans les fichiers du "
+"système selon les besoins."
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupadd</command> sont :"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+"Avec cette option, la commande quittera juste avec un état de succès si le "
+"groupe indiqué existe déjà. Avec l'option <option>-g</option>, si "
+"l'identifiant de groupe indiqué existe déjà, un autre identifiant de groupe "
+"(non utilisé) sera choisi (c.-à-d. que <option>-g</option> est désactivée)."
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"La valeur numérique de l'identifiant du groupe (« group ID » ou GID). Cette "
+"valeur doit être unique, sauf si l'option <option>-o</option> est utilisée. "
+"La valeur ne doit pas être négative. Par défaut, le plus petit identifiant "
+"supérieur au <option>GID_MIN</option> et aux identifiants des groupes "
+"existants est utilisé."
+
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Voir aussi aussi la description des options <option>-r</option> et "
+"<option>GID_MAX</option>."
+
+# NOTE: missing <filename>
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Surcharger les valeurs par défaut du fichier <filename>/etc/login.defs</"
+"filename> (GID_MIN, GID_MAX et autres). L'option <option>-K</option> peut "
+"être indiquée plusieurs fois."
+
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Exemple : <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Remarque : <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> ne fonctionne pas pour l'instant."
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+"Cette option permet d'ajouter un groupe avec un identifiant (« GID ») déjà "
+"utilisé."
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "Créer un groupe système."
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+"Les identifiants numériques des nouveaux groupes systèmes sont choisis dans "
+"l'intervalle <option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option>, "
+"défini dans <filename>login.defs</filename>, au lieu de <option>GID_MIN</"
+"option>-<option>GID_MAX</option>"
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Les noms de groupe doivent commencer par une lettre minuscule ou un tiret "
+"bas (« underscore »), et seuls des lettres minuscules, des chiffres, des "
+"« underscore », ou des tirets peuvent suivre. Ils peuvent se terminer par un "
+"signe dollar. Soit, sous la forme d'une expression rationnelle : [a-z_][a-"
+"z0-9_-]*[$]?"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr "Les noms de groupe sont limités à &GROUP_NAME_MAX_LENGTH; caractères."
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Vous ne pouvez pas ajouter d'utilisateur à un groupe NIS ou LDAP. Cela doit "
+"être effectué sur le serveur correspondant."
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+"Si le nom du groupe existe dans une base de données externe, telle que NIS "
+"ou LDAP, <command>groupadd</command> refusera de créer le groupe."
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID déjà utilisé (et <option>-o</option> n'est pas utilisé)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "nom de groupe déjà utilisé"
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupadd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "Administrer <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "Administrer <placeholder-1/> et <placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "option"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+"La commande <command>gpasswd</command> est utilisée pour administrer "
+"<filename>/etc/group</filename><phrase condition=\"gshadow\"> et <filename>/"
+"etc/gshadow</filename></phrase>. Chaque groupe peut avoir <phrase condition="
+"\"gshadow\">des administrateurs,</phrase> des membres et un mot de passe."
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+"Les administrateurs système peuvent utiliser l'option <option>-A</option> "
+"pour définir un ou des administrateurs de groupe et l'option <option>-M</"
+"option> pour définir les membres. Ils ont tous les droits des "
+"administrateurs et membres du groupe."
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+"<command>gpasswd</command> appelée par <phrase condition=\"gshadow\">un "
+"administrateur de groupe</phrase><phrase condition=\"no_gshadow\">un "
+"administrateur système</phrase> avec un nom de groupe demande seulement le "
+"nouveau mot de passe du <replaceable>groupe</replaceable>."
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Si un mot de passe est configuré, les membres peuvent toujours utiliser "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> sans mot de passe. Les non membres doivent fournir le mot de "
+"passe."
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Notes sur les mots de passe de groupe"
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+"Les mots de passe de groupe représentent naturellement un risque en matière "
+"de sécurité, puisque plusieurs personnes ont connaissance du mot de passe. "
+"Cependant, les groupes sont utiles pour permettre la coopération entre "
+"différents utilisateurs."
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"À part les options <option>-A</option> et <option>-M</option>, les options "
+"ne peuvent pas être combinées."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "Les options ne peuvent pas être combinées."
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>gpasswd</command> sont :"
+
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>utilisateur</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Ajouter l'<replaceable>utilisateur</replaceable> à ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"Enlever l'<replaceable>utilisateur</replaceable> de ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>RÉP_CHROOT</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+"Enlever le mot de passe pour ce <replaceable>groupe</replaceable>. Le mot de "
+"passe du groupe sera vide. Seuls les membres du groupe seront autorisés à "
+"utiliser <command>newgrp</command> pour rejoindre ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Restreindre l'accès à ce <replaceable>groupe</replaceable>. Le mot de passe "
+"du groupe est défini à « ! ». Seuls les membres du groupe seront autorisés à "
+"utiliser <command>newgrp</command> pour rejoindre ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>,..."
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "Configurer la liste des administrateurs."
+
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>,..."
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "Configurer la liste des membres du groupe."
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+"Cet outil ne fonctionne que sur <phrase condition=\"no_gshadow\">le fichier</"
+"phrase><phrase condition=\"gshadow\">les fichiers</phrase> <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\"> et <filename>/etc/gshadow</"
+"filename></phrase>. Par conséquent vous ne pouvez modifier aucun groupe NIS "
+"ou LDAP. Cela doit être effectué sur le serveur correspondant."
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+"Examiner le fichier faillog, et configurer les limites d'échecs de connexion"
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+"<command>faillog</command> affiche le contenu du journal des échecs de "
+"connexion (<filename>/var/log/faillog</filename>). Il peut aussi configurer "
+"le décompte et les limitations de ces échecs. Exécuter <command>faillog</"
+"command> sans argument n'affiche que la liste des échecs des utilisateurs "
+"qui ont déjà eu un échec de connexion."
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>faillog</command> sont :"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+"Afficher (ou agir sur) les enregistrements d'erreurs de connexion pour tous "
+"les utilisateurs ayant une entrée dans la base de données <filename>faillog</"
+"filename>."
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+"La liste des utilisateurs peut être limitée avec l'option <option>-u</"
+"option>."
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+"En mode affichage, toujours limitée aux utilisateurs existants, mais "
+"l'affichage des entrées d'erreur de connexion est imposé même si elles sont "
+"vides."
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+"Avec les options <option>-l</option>, <option>-m</option>, <option>-r</"
+"option> ou <option>-t</option> les enregistrements des utilisateurs sont "
+"modifiés, même si l'utilisateur n'existe pas sur le système. C'est utile "
+"pour remettre à zéro les enregistrements des utilisateurs qui ont été "
+"supprimés ou pour mettre en place une politique préventive pour un ensemble "
+"d'utilisateurs."
+
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+
+# NOTE: s/to/during/
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"Verrouiller le compte pendant <replaceable>SEC</replaceable> secondes après "
+"un échec de connexion."
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+"L'accès en écriture sur <filename>/var/log/faillog</filename> est nécessaire "
+"pour cette option."
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"Configurer le nombre maximum d'échecs de connexion après lequel le compte "
+"sera désactivé à <replaceable>MAX</replaceable>."
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+"Sélectionner une valeur <replaceable>MAX</replaceable> de 0 a pour effet de "
+"ne placer aucune limite sur le nombre d'échecs de connexion."
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+"Le compteur d'erreurs maximum doit toujours être 0 pour <emphasis>root</"
+"emphasis> afin d'éviter les attaques de type déni de service sur le système."
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "Remettre à zéro le compteur d'échecs de connexion."
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+"Afficher les entrées de faillog plus récentes que <replaceable>JOURS</"
+"replaceable>."
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+"Afficher l'entrée de faillog ou maintient le décompte et les limitations "
+"(suivant que l'option <option>-l</option>, <option>-m</option> ou <option>-"
+"r</option> est utilisée) seulement pour les utilisateurs indiqués."
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"Quand aucune des options <option>-l</option>, <option>-m</option> ou "
+"<option>-r</option> n'est utilisée, <command>faillog</command> affiche "
+"l'enregistrement des échecs de connexion des utilisateurs précisés."
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+"<command>faillog</command> n'affiche que les utilisateurs n'ayant pas eu de "
+"connexion réussie depuis leur dernier échec. Pour afficher un utilisateur "
+"ayant eu une connexion réussie depuis son dernier échec, vous devez "
+"explicitement demander cet utilisateur avec l'option <option>-u</option>, ou "
+"demander l'affichage de tous les utilisateurs avec l'option <option>-a</"
+"option>."
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr "Journal des échecs de connexion."
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "journal des échecs de connexion"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+"<filename>/var/log/faillog</filename> maintient un compte des échecs de "
+"connexion et les limites pour chaque compte."
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+"Le fichier contient un nombre constant d'enregistrements, triés par "
+"identifiant d'utilisateur numérique. Chaque enregistrement contient le "
+"nombre d'échecs de connexion depuis la dernière connexion réussie, le nombre "
+"maximum d'échecs de connexion avant désactivation du compte, la ligne sur "
+"laquelle a eu lieu le dernier échec de connexion, la date du dernier échec "
+"de connexion et la durée (en seconde) pendant laquelle le compte sera "
+"verrouillé après un échec."
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "La structure du fichier est la suivante :"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt; /* compteur des échecs */\n"
+"\tshort fail_max; /* nb max avant désactivation */\n"
+"\tchar fail_line[12]; /* ligne du dernier échec */\n"
+"\ttime_t fail_time; /* date du dernier échec */\n"
+"\tlong fail_locktime;};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "Vérifier et sécuriser la durée de validité des mots de passe"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"Avec l'option <option>-c</option>, <command>expiry</command> vérifie la "
+"validité du mot de passe de l'utilisateur actuel, et force (avec l'option "
+"<option>-f</option>) des modifications si nécessaire. Il peut être appelé "
+"par un utilisateur normal."
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>expiry</command> sont :"
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr ""
+"Vérifier la durée de validité du mot de passe de l'utilisateur courant."
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+"Forcer le changement du mot de passe si l'utilisateur courant possède un mot "
+"de passe qui a expiré."
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "Changer l'interpréteur de commandes initial"
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"La commande <command>chsh</command> modifie l'interpréteur de commandes "
+"initial (« login shell ») de l'utilisateur qui sera invoqué lors des "
+"connexions de l'utilisateur. Un utilisateur normal ne peut changer que "
+"l'interpréteur associé à son propre compte. Le superutilisateur peut changer "
+"l'interpréteur de commandes initial de n'importe quel compte."
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Les options applicables à la commande <command>chsh</command> sont :"
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Quand l'option <option>-s</option> n'est pas sélectionnée, <command>chsh</"
+"command> opère de façon interactive, demandant à l'utilisateur quel doit "
+"être le nouvel interpréteur de commandes initial (« login shell »). "
+"L'utilisateur pourra entrer une nouvelle valeur pour modifier "
+"l'interpréteur, ou laisser la ligne blanche pour conserver l'interpréteur "
+"actuel. L'interpréteur actuel est indiqué entre crochets (<emphasis>[ ]</"
+"emphasis>)."
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"La seule restriction placée sur l'interpréteur de commandes initial (« login "
+"shell ») est que cette commande doit faire partie de <filename>/etc/shells</"
+"filename>, à moins qu'elle ne soit invoquée par le superutilisateur, qui "
+"peut ajouter n'importe quelle valeur. Un compte avec un interpréteur de "
+"commandes initial restreint ne peut pas changer son interpréteur. Pour cette "
+"raison, il est déconseillé de placer <filename>/bin/rsh</filename> dans "
+"<filename>/etc/shells</filename>, puisqu'une modification accidentelle vers "
+"un interpréteur restreint empêchera alors l'utilisateur de revenir ensuite à "
+"l'interpréteur précédent."
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Liste des interpréteurs de commandes initiaux valables."
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "Mettre à jour des mots de passe par lot"
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"La commande <command>chpasswd</command> lit une liste de paires de noms "
+"d'utilisateurs et de mots de passe depuis l'entrée standard et utilise ces "
+"informations pour mettre à jour un groupe d'utilisateurs existants. Chaque "
+"ligne est au format suivant :"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nom_utilisateur</emphasis>:<emphasis remap=\"I"
+"\">mot_de_passe</emphasis>"
+
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Par défaut, les mots de passe doivent être fournis en clair, et sont "
+"chiffrés par <command>chpasswd</command>. L'âge du mot de passe sera "
+"également mis à jour, s'il est présent."
+
+#: chpasswd.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+#| "variables of <filename>/etc/login.defs</filename>, and can be overwitten "
+#| "with the <option>-e</option>, <option>-m</option>, or <option>-c</option> "
+#| "options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"L'algorithme de chiffrement par défaut peut être défini pour le système à "
+"l'aide des variables <option>ENCRYPT_METHOD</option> ou "
+"<option>MD5_CRYPT_ENAB</option> de <filename>/etc/login.defs</filename>, et "
+"peut être surchargé par les options <option>-e</option>, <option>-m</option> "
+"ou <option>-c</option>"
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"Par défaut les mots de passe sont chiffrés par PAM, mais (même si cela est "
+"déconseillé) vous pouvez sélectionner une méthode de chiffrement différente "
+"avec les options <option>-e</option>, <option>-m</option> ou <option>-c</"
+"option>."
+
+#: chpasswd.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "<phrase condition=\"pam\">Except when PAM is used to encrypt the "
+#| "passwords,</phrase><command>chpasswd</command> first updates all the "
+#| "passwords in memory, and then commits all the changes to disk if no "
+#| "errors occured for any user."
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+"<phrase condition=\"pam\">Sauf quand PAM est utilisé pour chiffrer les mots "
+"de passe, </phrase><command>chpasswd</command> modifie d'abord tous les mots "
+"de passe en mémoire, puis propage toutes les modifications sur le disque si "
+"aucune erreur n'a eu lieu, quelque soit l'utilisateur."
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+"Quand PAM est utilisé pour chiffrer les mots de passe (et pour mettre à jour "
+"les mots de passe dans la base de données du système), si aucun mot de passe "
+"ne peut être mis à jour, <command>chpasswd</command> continuera la mise à "
+"jour des mots de passe pour les utilisateurs suivants, et renverra un code "
+"d'erreur en sortie."
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Cette commande est destinée aux gros systèmes pour lesquels un nombre "
+"importants de comptes sont créés en une seule fois."
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chpasswd</command> sont :"
+
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>MÉTHODE</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "Les méthodes disponibles sont DES, MD5 et NONE."
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "Par défaut, PAM est utilisé pour chiffrer les mots de passe."
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut (si aucune des options <option>-c</option>, <option>-m</option> "
+"ou <option>-e</option> n'est précisée), la méthode de chiffrement est "
+"définie par les variables <option>ENCRYPT_METHOD</option> ou "
+"<option>MD5_CRYPT_ENAB</option> de <filename>/etc/login.defs</filename>."
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Indiquer que les mots de passe fournis sont chiffrés."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"Permettre d'utiliser le chiffrement MD5, plutôt que DES, lorsque les mots de "
+"passe fournis ne sont pas chiffrés."
+
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut, le nombre de rounds est défini par les variables "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> et <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> dans <filename>/etc/login.defs</filename>."
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Pensez à configurer les permissions ou umask afin d'empêcher la lecture des "
+"fichiers non chiffrés par les d'autres utilisateurs."
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "Configuration de PAM pour <command>chpasswd</command>."
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "Mettre à jour par lot des mots de passe des groupes"
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"La commande <command>chgpasswd</command> lit une liste de paires de noms de "
+"groupes et de mots de passe depuis l'entrée standard et utilise ces "
+"informations pour mettre à jour un ensemble de groupes existants. Chaque "
+"ligne est au format suivant :"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nom_utilisateur</emphasis>:<emphasis remap=\"I"
+"\">mot_de_passe</emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Par défaut, le mot de passe doit être fourni en clair, et est chiffré par "
+"<command>chgpasswd</command>."
+
+#: chgpasswd.8.xml:92(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+#| "filename>, and can be overwiten with the <option>-e</option>, <option>-m</"
+#| "option>, or <option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"L'algorithme de chiffrement peut être défini pour le système avec la "
+"variable <option>ENCRYPT_METHOD</option> de <filename>/etc/login.defs</"
+"filename> et peut être surchargé avec les options <option>-e</option>, "
+"<option>-m</option> ou <option>-c</option>."
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chgpasswd</command> sont :"
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "Modifier le nom complet et les informations associées à un utilisateur"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+"La commande <command>chfn</command> modifie le nom complet d'un utilisateur, "
+"son numéro de bureau, son numéro de téléphone professionnel, son extension, "
+"et son numéro de téléphone personnel. Ces informations sont généralement "
+"affichées par <citerefentry><refentrytitle>finger</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> ou d'autres programmes "
+"similaires. Un utilisateur normal ne peut modifier que les informations "
+"associées à son propre compte, avec les restrictions précisées dans "
+"<filename>/etc/login.defs</filename>. (Par défaut, les utilisateurs ne "
+"peuvent pas modifier leur nom complet). Le superutilisateur peut modifier "
+"n'importe quel champ pour n'importe quel compte. De plus, seul le "
+"superutilisateur peut utiliser l'option <option>-o</option> pour modifier "
+"les parties non précisées du champ GECOS."
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+"Ces champs ne doivent contenir aucun « : ». À l'exception du champ <emphasis "
+"remap=\"I\">autre</emphasis>, ils ne doivent contenir aucune virgule ou "
+"signe égal. Il est également recommandé d'éviter les caractères non US-"
+"ASCII, mais cela n'est imposé que pour les numéros de téléphone. Le champ "
+"<emphasis remap=\"I\">autre</emphasis> est utilisé pour garder des "
+"informations de compte utilisées par d'autres applications."
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Les options applicables à la commande <command>chfn</command> sont :"
+
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>NOM_COMPLET</replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "Modifier le nom complet de l'utilisateur."
+
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>TEL_PERSO</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "Modifier le numéro de téléphone personnel de l'utilisateur."
+
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>AUTRE</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"Modifier les informations GECO de l'utilisateur. Ce champ est utilisé pour "
+"enregistrer les informations de l'utilisateur utilisées par d'autres "
+"applications et peut être changé seulement par un superutilisateur."
+
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>NUMÉRO_DE_BUREAU</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "Modifier le numéro de bureau de l'utilisateur."
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>TEL_PRO</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "Modifier le numéro de téléphone professionnel de l'utilisateur."
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+"Si aucune option n'est sélectionnée, <command>chfn</command> opère de "
+"manière interactive, demandant à l'utilisateur d'entrer les valeurs "
+"actuelles de chacun des champs. Entrer une nouvelle valeur pour la modifier, "
+"ou de laisser une ligne blanche pour conserver la valeur actuelle. La valeur "
+"actuelle est indiquée entre crochets (<emphasis remap=\"B\">[ ]</emphasis>). "
+"En l'absence d'option, <command>chfn</command> opère sur l'utilisateur "
+"actuel."
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "Modifier les informations de validité d'un mot de passe"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"La commande <command>chage</command> modifie le nombre de jours entre les "
+"changements de mot de passe et la date du dernier changement. Ces "
+"informations sont utilisées par le système pour déterminer si un utilisateur "
+"doit changer son mot de passe."
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chage</command> sont :"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;"
+"<replaceable>DERNIER_JOUR</replaceable>"
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"Configurer le nombre du jour, à compter du 1er janvier 1970, où le mot de "
+"passe a été changé la dernière fois. La date peut aussi être exprimée dans "
+"le format AAAA-MM-JJ (ou le format utilisé plus communément dans votre "
+"région)."
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable>"
+
+# NOTE: s/date//
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"Configurer la date, ou le nombre de jours à compter du 1er janvier 1970, à "
+"partir de laquelle le compte de l'utilisateur ne sera plus accessible. La "
+"date peut aussi être exprimée dans le format AAAA-MM-JJ (ou le format plus "
+"communément utilisé dans votre région). Un utilisateur dont le compte est "
+"bloqué doit contacter l'administrateur système pour pouvoir utiliser à "
+"nouveau le système."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> aura pour effet de supprimer la "
+"date de fin de validité."
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"Configurer le nombre de jours d'inactivité, après qu'un mot de passe ait "
+"dépassé la date de fin de validité, avant que le compte ne soit bloqué. La "
+"valeur <replaceable>DURÉE_INACTIVITÉ</replaceable> est le nombre de jours "
+"d'inactivité. Un utilisateur dont le compte est bloqué doit contacter "
+"l'administrateur système avant de pouvoir utiliser de nouveau le système."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>DURÉE_INACTIVITÉ</replaceable> supprime la durée d'inactivité "
+"pour un compte."
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Afficher les informations sur l'âge des comptes."
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>JOURS_MIN</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>JOURS_MAX</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"Configurer le nombre maximum de jours pendant lesquels un mot de passe est "
+"valable. Quand <replaceable>JOURS_MAX</replaceable> plus "
+"<replaceable>DERNIER_JOUR</replaceable> est inférieur à la date actuelle, "
+"l'utilisateur est obligé de changer son mot de passe avant de pouvoir "
+"utiliser son compte. Cet événement peut être déclenché plus tôt grâce à "
+"l'option <option>-W</option> qui prévient l'utilisateur à l'avance par un "
+"message d'alerte."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>JOURS_MAX</replaceable> supprime la vérification de validité."
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DURÉE_AVERTISSEMENT</replaceable>"
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"Configurer le nombre de jours d'avertissement avant que le changement de mot "
+"de passe ne soit obligatoire. La valeur <replaceable>DURÉE_AVERTISSEMENT</"
+"replaceable> est le nombre de jours précédant la fin de validité pendant "
+"lesquels un utilisateur sera prévenu que son mot de passe est sur le point "
+"d'arriver en fin de validité."
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Si aucune de ces options n'est donnée, <command>chage</command> utilise un "
+"mode interactif, demandant confirmation à l'utilisateur pour les valeurs de "
+"tous les champs. Entrez la nouvelle valeur pour modifier la valeur du champ, "
+"ou laissez la ligne vide pour conserver la valeur actuelle. La valeur "
+"actuelle est affichée entre crochets."
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Le programme <command>chage</command> nécessite l'utilisation d'un fichier "
+"de mots de passe cachés (« shadow password file »)."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"La commande <command>chage</command> est réservée à l'utilisateur root, sauf "
+"pour l'option <option>-l</option>, qui peut être utilisée par un utilisateur "
+"non privilégié pour lui permettre de savoir quand son mot de passe ou son "
+"compte arrivera en fin de validité."
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "impossible de trouver le fichier des mots de passe cachés"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>chage</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+"Nicolas FRANÇOIS <nicolas.francois@centraliens.net>, 2005-2010Thomas Blein "
+"<tblein@tblein.eu>, 2011-2012Debian French l10n team <debian-l10n-"
+"french@lists.debian.org>, 2011-2012"
+
+#~ msgid "-M"
+#~ msgstr "-M"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "impossible de créer le répertoire d'attente des courriels"
+
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "Identifiant SELinux du nouvel utilisateur. Cette valeur est vide par "
+#~ "défaut et, dans ce cas, le système sélectionnera l'utilisateur SELinux "
+#~ "par défaut."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "nouveaux_utilisateurs"
+
+#~ msgid "full_name"
+#~ msgstr "nom_complet"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "no_bureau"
+
+#~ msgid "work_ph"
+#~ msgstr "tel_bureau"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "tel_perso"
+
+#~ msgid "other"
+#~ msgstr "autre"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
+
+#~ msgid ""
+#~ "Note: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> doesn't work yet."
+#~ msgstr ""
+#~ "Note : <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> ne fonctionne pas pour "
+#~ "l'instant."
+
+#~ msgid "It can take one of these values: <placeholder-1/>"
+#~ msgstr "Il peut prendre une de ces valeurs : <placeholder-1/>"
+
+#~ msgid "The supplied passwords must be in clear-text."
+#~ msgstr "Les mots de passe doivent être fournis en clair."
+
+#~ msgid ""
+#~ "The encrypted password, as returned by "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. The default is to disable the account."
+#~ msgstr ""
+#~ "Le mot de passe chiffré, comme renvoyé par "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. Le comportement par défaut est de désactiver "
+#~ "le compte."
+
+# NOTE: shadowed, not encrypted
+#~ msgid "encrypted password file"
+#~ msgstr "fichier des mots de passe cachés"
+
+#~ msgid "comma-separated list of group administrators"
+#~ msgstr "liste d'administrateurs du groupe séparés par des virgules"
+
+#~ msgid ""
+#~ "The group name and password fields must be filled. The encrypted password "
+#~ "consists of characters from the 64-character alphabet a thru z, A thru Z, "
+#~ "0 thru 9, \\. and /. Refer to <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry> for details on how "
+#~ "this string is interpreted. If the password field contains some string "
+#~ "that is not valid result of <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or "
+#~ "*, the user will not be able to use a unix password to log in, subject to "
+#~ "<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum></"
+#~ "citerefentry>."
+#~ msgstr ""
+#~ "Les champs « nom du groupe » et « mot de passe » doivent être remplis. Le "
+#~ "mot de passe chiffré comprend 13 caractères pris dans l'alphabet de 64 "
+#~ "caractères a-z, A-Z, 0-9, \\. et /. Consultez "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry> pour plus d'informations sur le traitement de "
+#~ "cette chaîne. Si le champ du mot de passe contient une chaîne qui ne peut "
+#~ "pas être un résultat valable de <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si "
+#~ "elle contient les caractères ! ou *, alors l'utilisateur ne pourra pas "
+#~ "utiliser son mot de passe UNIX pour se connecter. Ceci peut dépendre de "
+#~ "<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum></"
+#~ "citerefentry>."
+
+#, fuzzy
+#~ msgid ""
+#~ "The group ID of the given <replaceable>GROUP</replaceable> will be "
+#~ "changed to <replaceable>GID</replaceable>. The value of <replaceable>GID</"
+#~ "replaceable> must be a non-negative decimal integer. This value must be "
+#~ "unique, unless the <option>-o</option> option is used. Values between 0 "
+#~ "and 999 are typically reserved for system groups. Any files that have the "
+#~ "old group ID and must continue to belong to <replaceable>GROUP</"
+#~ "replaceable>, must have their group ID changed manually."
+#~ msgstr ""
+#~ "Indiquer la nouvelle Valeur numérique de l'identifiant du "
+#~ "<replaceable>GROUPE</replaceable> (« group ID » ou GID). La valeur de "
+#~ "<replaceable>GID</replaceable> doit être un entier décimal non négatif. "
+#~ "Cette valeur doit être unique, à moins que l'option <option>-o</option> "
+#~ "ne soit utilisée. Les valeurs comprises entre 0 et 999 sont généralement "
+#~ "réservées aux comptes système. Vous devrez modifier vous-même le groupe "
+#~ "propriétaire de tous les fichiers possédés par ce groupe."
+
+#~ msgid ""
+#~ "Note: if you use PAM, it is recommended to set this variable consistently "
+#~ "with the PAM modules configuration."
+#~ msgstr ""
+#~ "Remarque : si vous utilisez PAM, il est recommandé d'ajuster cette "
+#~ "variable de façon cohérente avec la configuration des modules PAM."
+
+#~| msgid ""
+#~| "<command>usermod</command> will not allow you to change the name of a "
+#~| "user who is logged in. You must make certain that the named user is not "
+#~| "executing any processes when this command is being executed if the "
+#~| "user's numerical user ID is being changed. You must change the owner of "
+#~| "any <command>crontab</command> files manually. You must change the owner "
+#~| "of any <command>at</command> jobs manually. You must make any changes "
+#~| "involving NIS on the NIS server."
+#~ msgid ""
+#~ "<command>usermod</command> will not allow you to change the name of an "
+#~ "user who is logged in. You must make certain that the named user is not "
+#~ "executing any processes when this command is being executed if the user's "
+#~ "numerical user ID is being changed. You must change the owner of any "
+#~ "<command>crontab</command> files manually. You must change the owner of "
+#~ "any <command>at</command> jobs manually. You must make any changes "
+#~ "involving NIS on the NIS server."
+#~ msgstr ""
+#~ "<command>Usermod</command> ne vous permet pas de modifier le nom d'un "
+#~ "utilisateur qui est actuellement connecté. Vous devez vous assurer que "
+#~ "l'utilisateur nommé n'est pas en train d'exécuter un quelconque programme "
+#~ "lorsque cette commande est exécutée si l'UID numérique de l'utilisateur "
+#~ "est modifié. Vous devez modifier vous-même le nom du propriétaire de tous "
+#~ "les fichiers <command>crontab</command> et des tâches <command>at</"
+#~ "command>. Vous devez effectuer toutes les modifications impliquant NIS "
+#~ "sur le serveur NIS."
+
+#~ msgid ""
+#~ "<command>userdel</command> will not allow you to remove an account if the "
+#~ "user is currently logged in. You must kill any running processes which "
+#~ "belong to an account that you are deleting."
+#~ msgstr ""
+#~ "<command>Userdel</command> ne vous permet pas de supprimer un compte si "
+#~ "l'utilisateur en question est actuellement connecté. Vous devez tuer tous "
+#~ "les processus en cours d'exécution appartenant à l'utilisateur que vous "
+#~ "êtes en train de supprimer."
+
+#~ msgid ""
+#~ "The group name or number of the user's new initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1."
+#~ msgstr ""
+#~ "Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+#~ "l'utilisateur. Le nom du groupe doit exister. Un numéro de groupe doit se "
+#~ "référer à un groupe déjà existant. Le numéro de groupe par défaut est de "
+#~ "1."
+
+#~ msgid ""
+#~ "The group name or number of the user's initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1 or whatever is specified in <filename>/etc/"
+#~ "default/useradd</filename>."
+#~ msgstr ""
+#~ "Nom ou ou numéro du groupe de connexion initial de l'utilisateur. Le nom "
+#~ "du groupe doit exister. Un numéro de groupe doit se référer à un groupe "
+#~ "existant. Le numéro de groupe par défaut est de 1, ou la valeur indiquée "
+#~ "dans <filename>/etc/default/useradd</filename>."
+
+#~ msgid ""
+#~ "The group name or ID for a new user's initial group. The named group must "
+#~ "exist, and a numerical group ID must have an existing entry."
+#~ msgstr ""
+#~ "Nom de groupe ou identifiant numérique du groupe initial d'un nouvel "
+#~ "utilisateur. Le groupe spécifié doit exister, et un identifiant de groupe "
+#~ "numérique doit déjà exister."
+
+#~ msgid "days since Jan 1, 1970 that password was last changed"
+#~ msgstr ""
+#~ "nombre de jours, comptés à partir du 1er janvier 1970, depuis le dernier "
+#~ "changement de mot de passe"
+
+#~ msgid "days after which password must be changed"
+#~ msgstr "nombre de jours après lesquels le mot de passe doit être changé"
+
+#~ msgid "days before password is to expire that user is warned"
+#~ msgstr ""
+#~ "nombre de jours avant la fin de validité du mot de passe et pendant "
+#~ "lesquels l'utilisateur est averti"
+
+#~ msgid "days after password expires that account is disabled"
+#~ msgstr ""
+#~ "nombre de jours après la fin de validité provoquant la désactivation du "
+#~ "compte"
+
+#~ msgid "days since Jan 1, 1970 that account is disabled"
+#~ msgstr ""
+#~ "nombre de jours, comptés à partir du 1er janvier 1970, depuis que le "
+#~ "compte est désactivé"
+
+#, fuzzy
+#~ msgid ""
+#~ "The password field must be filled. The encrypted password consists of 13 "
+#~ "to 24 characters from the 64 character alphabet a thru z, A thru Z, 0 "
+#~ "thru 9, \\. and /. Optionally it can start with a \"$\" character. This "
+#~ "means the encrypted password was generated using another (not DES) "
+#~ "algorithm. For example if it starts with \"$1$\" it means the MD5-based "
+#~ "algorithm was used."
+#~ msgstr ""
+#~ "Le champ « mot de passe » doit être rempli. Le mot de passe chiffré "
+#~ "comprend 13 à 24 caractères pris dans l'alphabet de 64 caractère : a-z, A-"
+#~ "Z, 0-9, \\. et /. Il peut optionellement commencer par un caractère "
+#~ "« $ ». Ceci signifie que le mot de passe a été généré par un autre "
+#~ "algorithme (autre que DES). Par exemple, s'il commence par « $1$ », "
+#~ "l'algorithme basé sur MD5 a été utilisé."
+
+#~ msgid ""
+#~ "The date of the last password change is given as the number of days since "
+#~ "Jan 1, 1970. The password may not be changed again until the proper "
+#~ "number of days have passed, and must be changed after the maximum number "
+#~ "of days. If the minimum number of days required is greater than the "
+#~ "maximum number of day allowed, this password may not be changed by the "
+#~ "user."
+#~ msgstr ""
+#~ "La date de dernière modification du mot de passe est donnée par le nombre "
+#~ "de jours écoulés depuis le 1er janvier 1970 jusqu'au dernier changement "
+#~ "du mot de passe. Un mot de passe ne peut pas être changé de nouveau avant "
+#~ "le nombre de jours indiqués, et doit être modifié avant le nombre maximal "
+#~ "de jours spécifié. Si le nombre minimal de jours requis est plus grand "
+#~ "que le nombre maximal de jours de validité, ce mot de passe ne peut pas "
+#~ "être changé par l'utilisateur."
+
+#~ msgid ""
+#~ "An account is considered to be inactive and is disabled if the password "
+#~ "is not changed within the specified number of days after the password "
+#~ "expires. An account will also be disabled on the specified day regardless "
+#~ "of other password expiration information."
+#~ msgstr ""
+#~ "Un compte est considéré comme inactif et est désactivé si le mot de passe "
+#~ "n'est pas changé dans l'intervalle indiqué après la fin de la validité du "
+#~ "mot de passe. Un compte est également désactivé le jour indiqué quels que "
+#~ "soient les autres informations de validité."
+
+#~ msgid ""
+#~ "This information supersedes any password or password age information "
+#~ "present in <filename>/etc/passwd</filename>."
+#~ msgstr ""
+#~ "Ces informations sont prioritaires sur tous les autres champs présents "
+#~ "dans <filename>/etc/passwd</filename>."
+
+#, fuzzy
+#~ msgid ""
+#~ "This field will be checked for existence as a directory, and a new "
+#~ "directory with this name will be created if it does not already exist. "
+#~ "The ownership of the directory will be set to be that of the user being "
+#~ "created or updated."
+#~ msgstr ""
+#~ "L'existence du répertoire indiqué dans ce champ est vérifiée, et dans le "
+#~ "cas contraire, le répertoire est créé. Le propriétaire du répertoire sera "
+#~ "l'utilisateur dont le compte est créé ou mis à jour."
+
+#~ msgid "Display faillog records for all users."
+#~ msgstr "Afficher les échecs de tous les utilisateurs."
+
+#~ msgid ""
+#~ "Set maximum number of login failures after the account is disabled to "
+#~ "<replaceable>MAX</replaceable>. Selecting <replaceable>MAX</replaceable> "
+#~ "value of 0 has the effect of not placing a limit on the number of failed "
+#~ "logins. The maximum failure count should always be 0 for <emphasis>root</"
+#~ "emphasis> to prevent a denial of services attack against the system."
+#~ msgstr ""
+#~ "Fixer le nombre maximum d'échecs de connexion après lesquels le compte "
+#~ "sera désactivé à <emphasis remap=\"I\">MAX</emphasis>. Une limite "
+#~ "<replaceable>MAX</replaceable> de 0 aura pour effet de ne pas placer de "
+#~ "limite d'échec. La limite pour l'utilisateur <emphasis>root</emphasis> "
+#~ "devrait toujours être 0 pour éviter tout risque de déni de service contre "
+#~ "le système."
+
+#~ msgid ""
+#~ "The user's home directory will be created if it does not exist. The files "
+#~ "contained in <replaceable>SKEL_DIR</replaceable> will be copied to the "
+#~ "home directory if the <option>-k</option> option is used, otherwise the "
+#~ "files contained in <filename>/etc/skel</filename> will be used instead. "
+#~ "Any directories contained in <replaceable>SKEL_DIR</replaceable> or "
+#~ "<filename>/etc/skel</filename> will be created in the user's home "
+#~ "directory as well. The <option>-k</option> option is only valid in "
+#~ "conjunction with the <option>-m</option> option. The default is to not "
+#~ "create the directory and to not copy any files."
+#~ msgstr ""
+#~ "Le répertoire personnel de l'utilisateur sera créé s'il n'existe pas "
+#~ "déjà. Les fichiers contenus dans <replaceable>rép_squelette</replaceable> "
+#~ "seront copiés dans le répertoire personnel si l'option <option>-k</"
+#~ "option> est employée ; sinon, les fichiers contenus dans <filename>/etc/"
+#~ "skel</filename> seront utilisés à la place. Tous les répertoires contenus "
+#~ "dans <replaceable>rép_squelette</replaceable> ou dans <filename>/etc/"
+#~ "skel</filename> seront également créés dans le répertoire personnel de "
+#~ "l'utilisateur. L'option <option>-k</option> n'est valable qu'en "
+#~ "conjonction avec l'option <option>-m</option>. Le comportement par défaut "
+#~ "est de ne pas créer le répertoire, et de ne copier aucun fichier."
+
+#~ msgid ""
+#~ "Your password must be easily remembered so that you will not be forced to "
+#~ "write it on a piece of paper. This can be accomplished by appending two "
+#~ "small words together and separating each with a special character or "
+#~ "digit. For example, Pass%word."
+#~ msgstr ""
+#~ "Vous devez pouvoir vous souvenir facilement de votre mot de passe, afin "
+#~ "de ne pas avoir à le noter sur un morceau de papier. Pour ce faire, on "
+#~ "peut choisir d'accoler deux mots en les séparant avec un caractère "
+#~ "spécial ou un chiffre. Par exemple, Mot2passe."
+
+#~ msgid ""
+#~ "Other methods of construction involve selecting an easily remembered "
+#~ "phrase from literature and selecting the first or last letter from each "
+#~ "word. An example of this is:"
+#~ msgstr ""
+#~ "D'autres méthodes de construction utilisent une phrase facile à se "
+#~ "rappeler, et consistent à sélectionner la première ou la dernière lettre "
+#~ "de chaque mot. Voici un exemple [ NdT : en anglais ] :"
+
+#~ msgid "Ask not for whom the bell tolls"
+#~ msgstr "Ask not for whom the bell tolls."
+
+#~ msgid "which produces"
+#~ msgstr "Ce qui donne :"
+
+#~ msgid "An4wtbt"
+#~ msgstr "An4wtbt."
+
+#~ msgid ""
+#~ "You may be reasonably sure few crackers will have included this in their "
+#~ "dictionaries. You should, however, select your own methods for "
+#~ "constructing passwords and not rely exclusively on the methods given here."
+#~ msgstr ""
+#~ "Vous pouvez raisonnablement être assuré que quelques crackers ont "
+#~ "désormais inclus ces mots de passe dans leurs dictionnaires. Vous pouvez "
+#~ "également utiliser votre propre méthode de construction de mots de passe "
+#~ "et ne pas compter exclusivement sur les méthodes proposées ici."
+
+#~ msgid ""
+#~ "The only restriction placed on the contents of the fields is that no "
+#~ "control characters may be present, nor any of comma, colon, or equal "
+#~ "sign. The <emphasis remap=\"I\">other</emphasis> field does not have this "
+#~ "restriction, and is used to store accounting information used by other "
+#~ "applications."
+#~ msgstr ""
+#~ "La seule restriction pour le contenu des champs est qu'ils ne doivent "
+#~ "contenir aucun caractère de contrôle, ni aucune virgule, deux-points ou "
+#~ "signe égal. Le champ <emphasis remap=\"I\">autre</emphasis> n'a pas cette "
+#~ "limitation et peut être utilisé pour enregistrer des informations sur le "
+#~ "compte pour d'autres applications."
+
+#~ msgid ""
+#~ "Range of user IDs to choose from for the <command>useradd</command> "
+#~ "program."
+#~ msgstr ""
+#~ "Plage d'identifiants numériques d'utilisateur que <command>useradd</"
+#~ "command> peut utiliser."
+
+#~ msgid ""
+#~ "The <option>-t</option> flag overrides the use of <option>-u</option>."
+#~ msgstr ""
+#~ "L'utilisation de l'option <option>-t</option> supplante l'option <option>-"
+#~ "u</option>."
+
+# NOTE: shadow => gshadow
+#~ msgid ""
+#~ "By default, <command>grpck</command> operates on the files <filename>/etc/"
+#~ "group</filename> and <filename>/etc/gshadow</filename>. The user may "
+#~ "select alternate files with the <emphasis remap=\"I\">group</emphasis> "
+#~ "and <emphasis remap=\"I\">shadow</emphasis> parameters. Additionally, the "
+#~ "user may execute the command in read-only mode by specifying the <option>-"
+#~ "r</option> flag. This causes all questions regarding changes to be "
+#~ "answered <emphasis>no</emphasis> without user intervention. "
+#~ "<command>grpck</command> can also sort entries in <filename>/etc/group</"
+#~ "filename> and <filename>/etc/gshadow</filename> by GID. To run it in sort "
+#~ "mode pass it <option>-s</option> flag. No checks are performed then, it "
+#~ "just sorts."
+#~ msgstr ""
+#~ "Par défaut, <command>grpck</command> opère sur les fichiers <filename>/"
+#~ "etc/group</filename> et <filename>/etc/gshadow</filename>. L'utilisateur "
+#~ "peut spécifier d'autres fichiers avec les paramètres <emphasis remap=\"I"
+#~ "\">group</emphasis> et <emphasis remap=\"I\">gshadow</emphasis>. De plus, "
+#~ "l'utilisateur peut exécuter les commandes en lecture seule en utilisant "
+#~ "l'option <option>-r</option>. Ceci aura pour conséquence de répondre "
+#~ "<emphasis>no</emphasis> à toutes les questions demandant des "
+#~ "modifications, sans intervention de l'utilisateur. <command>Grpck</"
+#~ "command> permet aussi de trier les entrées de <filename>/etc/group</"
+#~ "filename> et <filename>/etc/gshadow</filename> par GID. Pour effectuer ce "
+#~ "tri, utilisez l'option <option>-s</option>. Aucune vérification n'est "
+#~ "alors effectuée, les entrées sont seulement triées."
+
+#~ msgid ""
+#~ "The name of the new user's login shell. The named program will be used "
+#~ "for all future new user accounts."
+#~ msgstr ""
+#~ "Nom de l'interpréteur de commandes initial (« login shell ») d'un nouvel "
+#~ "utilisateur. Le programme nommé sera utilisé pour tous les futurs "
+#~ "nouveaux comptes utilisateur."
+
+#~ msgid ""
+#~ "Group administrator can add and delete users using <option>-a</option> "
+#~ "and <option>-d</option> options respectively. Administrators can use "
+#~ "<option>-r</option> option to remove group password. When no password is "
+#~ "set only group members can use <command>newgrp</command> to join the "
+#~ "group. Option <option>-R</option> disables access via a password to the "
+#~ "group through <command>newgrp</command> command (however members will "
+#~ "still be able to switch to this group)."
+#~ msgstr ""
+#~ "Un administrateur de groupe peut ajouter ou supprimer des utilisateurs en "
+#~ "utilisant respectivement les options <option>-a</option> et <option>-d</"
+#~ "option>. Les administrateurs peuvent utiliser l'option <option>-r</"
+#~ "option> pour supprimer le mot de passe d'un groupe. Lorsqu'aucun mot de "
+#~ "passe n'est défini, seuls les membres d'un groupe peuvent utiliser "
+#~ "<command>newgrp</command> pour utiliser ce groupe. L'option <option>-R</"
+#~ "option> désactive l'accès au groupe via la commande <command>newgrp</"
+#~ "command> (sauf pour les membres du groupe)."
+
+#, fuzzy
+#~ msgid ""
+#~ "This field must contain name of group. When specified an existing group "
+#~ "name the named user will be added as a new member of this group. If "
+#~ "specified non-existent non-numerical group name a new group will be "
+#~ "created."
+#~ msgstr ""
+#~ "Ce champ peut être le nom d'un groupe existant, ce qui permet d'ajouter "
+#~ "l'utilisateur désigné dans la liste des membres du groupe. Si un "
+#~ "identifiant de groupe inexistant est indiqué, un nouveau groupe est créé, "
+#~ "avec cet identifiant de groupe."
diff --git a/man/po/it.po b/man/po/it.po
new file mode 100644
index 0000000..79e8475
--- /dev/null
+++ b/man/po/it.po
@@ -0,0 +1,10997 @@
+# Italian translations for shadow package.
+# Copyright © 2005 the shadow copyright holder.
+# This file is distributed under the same license as the shadow package.
+# Giuseppe Sacco <eppesuig@debian.org>, 2005, 2012.
+# Danilo Piazzalunga <danilopiazza@libero.it>, 2005.
+# Isabella Ruocco <isacher@nettaxi.com>, 1999.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.5\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:38+0200\n"
+"Last-Translator: Giuseppe Sacco <eppesuig@debian.org>\n"
+"Language-Team: Italian <tp@lists.linux.it>\n"
+"Language: it\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8-bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Comandi per la gestione del sistema"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+# type: Plain text
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr ""
+"modifica i file delle password, dei gruppi, delle password shadow o dei "
+"gruppi shadow"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "opzioni"
+
+# type: SH
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "DESCRIZIONE"
+
+# type: Plain text
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"I comandi <command>vipw</command> e <command>vigr</command> permettono di "
+"modificare rispettivamente i file <filename>/etc/passwd</filename> e "
+"<filename>/etc/group</filename>. Con l'opzione <option>-s</option>, vengono "
+"aperte le versioni shadow di quei file, rispettivamente <filename>/etc/"
+"shadow</filename> e <filename>/etc/gshadow</filename>. I programmi si "
+"occupano di impostare i lock necessari per evitare la corruzione dei file. "
+"Per determinare l'editor da usare, i programmi prima provano con la "
+"variabile d'ambiente <envar>$VISUAL</envar>, poi con la variabile d'ambiente "
+"<envar>$EDITOR</envar> e infine con l'editor predefinito, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: SH
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "OPZIONI"
+
+# type: Plain text
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Le opzioni per i comandi <command>vipw</command> e <command>vigr</command> "
+"sono:"
+
+# type: TP
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Modifica del database «group»."
+
+# type: TP
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+# type: Plain text
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Mostra un messaggio di aiuto ed esce."
+
+# type: IP
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Modifica del database «passwd»."
+
+# type: IP
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Modalità silenziosa."
+
+# type: IP
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+
+# type: Plain text
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Effettua le modifiche nella directory <replaceable>CHROOT_DIR</replaceable> "
+"e usa i file di configurazione dalla directory <replaceable>CHROOT_DIR</"
+"replaceable>."
+
+# type: IP
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Modifica del database «shadow» o «gshadow»"
+
+# type: IP
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "Indica di quale utente modificare il file «shadow tcb»."
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "CONFIGURAZIONE"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"Le seguenti variabili di configurazione in <filename>/etc/login.defs</"
+"filename> cambiano il comportamento di questo strumento:"
+
+# type: IP
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (booleano)"
+
+# type: Plain text
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Se <replaceable>yes</replaceable> viene usato lo schema "
+"<citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> per lo «shadow» delle password."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "VARIABILI D'AMBIENTE"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "Editor da utilizzare."
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr "Editor da utilizzare se <option>VISUAL</option> non è impostata."
+
+# type: SH
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "FILE"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+# type: Plain text
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Informazioni sugli account di gruppo."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+# type: Plain text
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Informazioni sicure sugli account di gruppo."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+# type: Plain text
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Informazioni sugli account utente."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+# type: Plain text
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Informazioni sicure sugli account utente."
+
+# type: SH
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "VEDERE ANCHE"
+
+# type: Plain text
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+# type: Plain text
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "modifica l'account di un utente"
+
+# type: TH
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "LOGIN"
+
+# type: Plain text
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Il comando <command>usermod</command> modifica i file di account del sistema "
+"in modo da riflettere i cambiamenti che sono specificati sulla riga di "
+"comando."
+
+# type: TP
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr "Il comando <command>usermod</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+# type: IP
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Aggiunge l'utente al/i gruppo/i supplmentare/i. Usare solo con l'opzione "
+"<option>-G</option>."
+
+# type: TP
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENTO</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"Il nuovo valore per il campo commento dell'utente nel file password. "
+"Normalmente viene modificato usando l'utilità "
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: TP
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "La nuova directory home dell'utente."
+
+# type: Plain text
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Se è data l'opzione <option>-m</option> il contenuto della directory home "
+"corrente sarà spostato nella nuova directory home, che viene creata se non "
+"esiste già."
+
+# type: TP
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATA_SCADENZA</replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"La data in cui l'account dell'utente verrà disabilitato. La data è "
+"specificata nel formato <emphasis remap=\"I\">AAAA-MM-GG</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"Un argomento <replaceable>DATA_SCADENZA</replaceable> vuoto disabilita la "
+"scadenza dell'account."
+
+# type: Plain text
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Questa opzione richiede il file <filename>/etc/shadow</filename>. Se non c'è "
+"ancora viene creata una voce nel file <filename>/etc/shadow</filename>."
+
+# type: TP
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INATTIVO</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Il numero di giorni dopo la scadenza di una password prima che l'account "
+"venga disabilitato permanentemente."
+
+# type: Plain text
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"Il valore 0 disabilita l'account non appena la password è scaduta, e il "
+"valore -1 disabilita questa funzionalità."
+
+# type: IP
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GRUPPO</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Il nome o numero del gruppo da assegnare alla connessione dell'utente. Il "
+"gruppo deve esistere."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+"Tutti i file nella directory home dell'utente che hanno come gruppo il "
+"precedente gruppo primario dell'utente stesso verranno modificati perché "
+"abbiano questo nuovo gruppo."
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+"Il gruppo dei file che si trovano all'esterno della directory home "
+"dell'utente andrà modificato manualmente."
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GRUPPO1</"
+"replaceable>[<emphasis remap=\"I\">,GRUPPO2,...</emphasis>[<emphasis remap="
+"\"I\">,GRUPPON</emphasis>]]]"
+
+# type: Plain text
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"Una lista di gruppi supplementari di cui l'utente è altresì membro. Ciascun "
+"gruppo è separato dal successivo da una virgola, senza spazi bianchi "
+"intermedi. I gruppi sono soggetti alle stesse restrizioni del gruppo dato "
+"con l'opzione <option>-g</option>."
+
+# type: Plain text
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"Se l'utente è attualmente membro di un gruppo che non è elencato, l'utente "
+"verrà rimosso dal gruppo. Questo comportamento può essere cambiato con "
+"l'opzione <option>-a</option> che aggiunge all'utente i gruppi supplementari "
+"dei quali fa attualmente parte."
+
+# type: IP
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NUOVO_LOGIN</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Il nome dell'utente verrà cambiato da <replaceable>LOGIN</replaceable> a "
+"<replaceable>NUOVO_LOGIN</replaceable>. Niente altro viene cambiato. In "
+"particolare, la directory home dell'utente e la casella di posta dovrebbero "
+"probabilmente essere modificate manualmente in modo da riflettere il nuovo "
+"nome di login."
+
+# type: IP
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Blocca la password di un utente. Questo inserisce un «!» davanti alla "
+"password cifrata, disabilitandola. Non si può utilizzare questa opzione con "
+"le opzioni <option>-p</option> e <option>-U</option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"Nota: se si vuole bloccare l'account (non solo l'accesso tramite password), "
+"si deve anche impostare <replaceable>DATA_SCADENZA</replaceable> a "
+"<replaceable>1</replaceable>."
+
+# type: IP
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+"Sposta il contenuto della directory home di un utente nella nuova posizione."
+
+# type: IP
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"Questa opzione è valida solo in combinazioone con l'opzione <option>-d</"
+"option> (o <option>--home</option>)."
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"<command>usermod</command> cercherà di adattare la proprietà dei file e di "
+"copiare i permessi, le ACL e gli attributi estesi, ma successive modifiche "
+"manuali potrebbe comunque essere necessarie."
+
+# type: TP
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+"Quando è usata con l'opzione <option>-u</option> questa opzione permette di "
+"modificare l'ID utente in un valore non univoco."
+
+# type: TP
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"La passwird cifrata, così come viene restituita da "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">Nota:</emphasis> questa opzione non è consigliata "
+"perché la password (o password cifrata) sarà visibile agli utenti che "
+"elencano i processi."
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"La password verrà scritta nel file locale <filename>/etc/passwd</filename> o "
+"<filename>/etc/shadow</filename>. Questo potrebbe essere diverso dal "
+"database delle password configurato per l'utilizzo da PAM."
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+"Ci si deve accertare che la password rispetti le norme delle password del "
+"sistema."
+
+# type: TP
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Il nome della nuova shell di login dell'utente. Lasciando questo campo vuoto "
+"si fa in modo che il sistema selezioni la shell di login predefinita."
+
+# type: TP
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "Il nuovo valore numerico dell'ID utente."
+
+# type: Plain text
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"Questo valore deve essere univoco, a meno che non sia utilizzata l'opzione "
+"<option>-o</option>. Il valore non può essere negativo."
+
+# type: Plain text
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+"La casella di posta dell'utente e ogni altro file di proprietà dell'utente "
+"che si trovi all'interno della directory home avrà l'ID utente cambiato "
+"automaticamente."
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+"La proprietà dei file esterni alla directory home dell'utente va corretta "
+"manualmente."
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Non vengono fatti controlli riguardo <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option> o "
+"<option>SYS_UID_MAX</option> dal file <filename>/etc/login.defs</filename>."
+
+# type: IP
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Sblocca la password di un utente. Questo rimuove il «!» davanti alla "
+"password cifrata. Non si può usare questa opzione con l'opzione <option>-p</"
+"option> o <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"Nota: se si vuole sbloccare l'account (non solo l'accesso con password) si "
+"deve anche impostare <replaceable>DATA_SCADENZA</replaceable> (per esempio a "
+"<replaceable>99999</replaceable> o al valore <option>EXPIRE</option> dal "
+"file <filename>/etc/default/useradd</filename>)."
+
+# type: IP
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLO</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Non vengono fatti controlli riguardo <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option> o "
+"<option>SYS_UID_MAX</option> dal file <filename>/etc/login.defs</filename>."
+
+# type: IP
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLO</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+# type: IP
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLO</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>GID_MIN</option>, "
+#| "<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+#| "<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Non verrà effettuato nessun controllo riguardo i limiti <option>GID_MIN</"
+"option>, <option>GID_MAX</option>, <option>SYS_GID_MIN</option> o "
+"<option>SYS_GID_MAX</option> definiti in <filename>/etc/login.defs</"
+"filename>."
+
+# type: IP
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLO</replaceable>"
+
+#: usermod.8.xml:444(para)
+#, fuzzy
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr "Rimuove tutti gli utenti SELinux assegnati al login utente."
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+# type: IP
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>UTENTESE</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr "Il nuovo utente SELinux per il login dell'utente."
+
+# type: Plain text
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"Un <replaceable>UTENTESE</replaceable> vuoto rimuoverà la mappatura per "
+"l'utente SELinux da <replaceable>LOGIN</replaceable> (se presente)."
+
+# type: SH
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "AVVISI/CAVEAT"
+
+#: usermod.8.xml:479(para)
+#, fuzzy
+#| msgid ""
+#| "You must make certain that the named user is not executing any processes "
+#| "when this command is being executed if the user's numerical user ID, the "
+#| "user's name, or the user's home directory is being changed. "
+#| "<command>usermod</command> checks this on Linux, but only check if the "
+#| "user is logged in according to utmp on other architectures."
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+"Se si cambia l'ID numerico, il nome dell'utente o la sua directory home, si "
+"deve verificare che l'utente in questione non stia eseguendo nessun processo "
+"al momento dell'esecuzione del comando.\n"
+"<command>usermod</command> effettua questo controllo in Linux, ma su altri "
+"sistemi controlla solo che non sia registrato come collegato in utmp."
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"Si deve cambiare manualmente il proprietario di eventuali file "
+"<command>crontab</command> e compiti <command>at</command>."
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+"Si devono apportare tutte le modifiche che riguardano NIS sul server NIS."
+
+# type: IP
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (testo)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"La directory di spool per la posta. Questa è necessaria per manipolare la "
+"casella di posta quando il corrispondente account utente viene modificato o "
+"cancellato. Se non è specificata viene utilizzato un valore impostato al "
+"momento della compilazione."
+
+# type: IP
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (testo)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+"Imposta la posizione delle caselle di posta degli utenti relative alla loro "
+"directory home."
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"Le variabili <option>MAIL_DIR</option> e <option>MAIL_FILE</option> vengono "
+"utilizzate da <command>useradd</command>, <command>usermod</command> e "
+"<command>userdel</command> per creare, spostare e cancellare le caselle di "
+"posta dell'utente."
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"Se <option>MAIL_CHECK_ENAB</option> è impostata a <replaceable>yes</"
+"replaceable> allora sono anche utilizzate per impostare la variabile "
+"d'ambiente <envar>MAIL</envar>."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (numero)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"Numero massimo di membri per gruppo. Quando viene raggiunto il massimo, "
+"viene creata una nuova riga per il gruppo nel file <filename>/etc/group</"
+"filename> (con lo stesso nome, stessa password e stesso GID)."
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+"Il valore predefinito è 0, che non pone nessun limite al numero di membri "
+"per gruppo."
+
+#. Note: on HP, split groups have the same ID, but different
+#. names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe "
+"nel file «group». Questo è utile per essere certi che le righe per gruppi "
+"NIS non eccedano i 1024 caratteri."
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr "Se si deve impostare questo limite, si può usare 25."
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"Nota: la divisione dei gruppi potrebbe non essere supportata da ogni "
+"strumento (anche all'interno del pacchetto Shadow). Non si dovrebbe "
+"utilizzare questa variabile a meno di esserci forzati."
+
+# type: IP
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (numerico)"
+
+# type: IP
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (numerico)"
+
+# type: IP
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (numerico)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Il valore predefinito per <option>SYS_GID_MIN</option> (rispettivamente "
+"<option>SYS_GID_MAX</option>) è 101 (rispettivamente <option>GID_MIN</"
+"option>-1)."
+
+# type: IP
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (numerico)"
+
+# type: IP
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (numerico)"
+
+# type: IP
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (numerico)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Il valore predefinito per <option>SYS_UID_MIN</option> (rispettivamente "
+"<option>SYS_UID_MAX</option>) è 101 (rispettivamente <option>UID_MIN</"
+"option>-1)."
+
+# type: IP
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (booleano)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+" use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+" kilos = UID / 1000\n"
+" use /etc/tcb/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" use /etc/tcb/:megas/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+" "
+msgstr ""
+"\n"
+"se ( UID è minore di 1000) {\n"
+" usa /etc/tcb/user\n"
+"} altrimenti se ( UID è minore di 1000000) {\n"
+" migliaia = UID / 1000\n"
+" usa /etc/tcb/:migliaia/user\n"
+" crea link simbolico da /etc/tcb/user alla directory precedente\n"
+"} altrimenti {\n"
+" milioni = UID / 1000000\n"
+" migliaia = ( UID / megas * 1000000 ) / 1000\n"
+" usa /etc/tcb/:milioni/:migliaia/user\n"
+" crea link simbolico da /etc/tcb/user alla directory precedente\n"
+"}\n"
+" "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"Se <replaceable>yes</replaceable> la posizione della directory utente tcb "
+"non verrà creata automaticamente come /etc/tcb/user, ma verrà determinato in "
+"base all'UID dell'utente secondo questo algoritmo: <placeholder-1/>"
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr "Configurazione del pacchetto password shadow"
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+# type: Plain text
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+# type: Plain text
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "rimuove l'account di un utente ed i file relativi"
+
+# type: Plain text
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"Il comando <command>userdel</command> modifica i file di account del "
+"sistema, rimuovendo tutte le voci che si riferiscono al nome utente "
+"<emphasis remap=\"I\">LOGIN</emphasis>. L'utente indicato deve esistere."
+
+# type: TP
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr "Il comando <command>userdel</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"Questa opzione forza la cancellazione di un account utente anche se l'utente "
+"è ancora collegato al sistema. Inoltre forza <command>userdel</command> a "
+"rimuovere la directory home dell'utente e la casella di posta anche se un "
+"altro utente usa la stessa directory home o se la casella di posta non è di "
+"proprietà dell'utente specificato. Se <option>USERGROUPS_ENAB</option> è "
+"impostato a <emphasis remap=\"I\">yes</emphasis> in <filename>/etc/login."
+"defs</filename> e se esiste un gruppo con lo stesso nome dell'utente "
+"cancellato, allora il gruppo stesso viene cancellato anche se risulta il "
+"gruppo primario di un altro utente."
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Nota:</emphasis> questa opzione è pericolosa e può lasciare il "
+"sistema in uno stato incoerente."
+
+# type: IP
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+# type: Plain text
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"I file nella home directory dell'utente verranno rimossi insieme alla home "
+"directory stessa e alla casella di posta dell'utente. I file collocati in "
+"altri file system dovranno essere cercati e rimossi manualmente."
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"La directory di spool per la posta è definita dalla variabile "
+"<option>MAIL_DIR</option> nel file <filename>login.defs</filename>."
+
+# type: IP
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr "Rimuove tutti gli utenti SELinux assegnati al login utente."
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (testo)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"Se definito, questo comando viene eseguito quando si cancella un utente. "
+"Dovrebbe rimuovere tutti i compiti di stampa/cron/at di proprietà "
+"dell'utente da cancellare (passato come primo argomento)."
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr ""
+"Il codice d'uscita restituito dallo script non è preso in considerazione."
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+" "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Verifica la presenza dell'argomento obbligatorio\n"
+"if [ $# != 1 ]; then\n"
+" echo \"Uso: $0 username\"\n"
+" exit 1\n"
+"fi\n"
+"\n"
+"# Rimuove i compiti di cron\n"
+"crontab -r -u $1\n"
+"\n"
+"# Rimuove i compiti di at\n"
+"# Nota che verranno rimossi tutti i compiti di proprietà dello stesso UID,\n"
+"# anche se condiviso con un altro nome utente.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Rimuove le stampe\n"
+"lprm $1\n"
+"\n"
+"# Finito.\n"
+"exit 0\n"
+" "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"Ecco uno script di esempio che rimuove i job dell'utente, sia di cron che at "
+"che di stampa: <placeholder-1/>"
+
+# type: IP
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (booleano)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"Abilita l'impostazione dei bit di gruppo di umask in modo che siano gli "
+"stessi dei bit del proprietario (esempio: 022 -&gt; 002, 077 -&gt; 007) per "
+"utenti non root a condizione che uid e gid siano identici e che il nome "
+"utente sia lo stesso del gruppo primario."
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"Se impostato a <replaceable>yes</replaceable>, <command>userdel</command> "
+"cancellerà il gruppo dell'utente se non contiene altri membri, e "
+"<command>useradd</command> creerà automaticamente un gruppo con lo stesso "
+"nome dell'utente."
+
+# type: SH
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "VALORI RESTITUITI"
+
+# type: IP
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+# type: Plain text
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "successo"
+
+# type: IP
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+# type: Plain text
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "impossibile aggiornare il file delle password"
+
+# type: IP
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+# type: Plain text
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "sintassi del comando errata"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+# type: Plain text
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "l'utente specificato non esiste"
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "utente attualmente connesso al sistema"
+
+# type: IP
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+# type: Plain text
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "non è possibile aggiornare il file group"
+
+# type: IP
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+# type: Plain text
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "non è possibile cancellare la directory home"
+
+# type: TP
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Il comando <command>userdel</command> esce con i seguenti valori: "
+"<placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"<command>userdel</command> non permetterà la cancellazione di un account se "
+"ci sono in esecuzione processi dell'account stesso. In quel caso si deve "
+"prima terminare quei processi o bloccare la password o l'account, e "
+"cancellare l'account successivamente. L'opzione <option>-f</option> forza la "
+"cancellazione dell'account."
+
+# type: Plain text
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+"Occorre controllare manualmente tutti i file system per assicurarsi che non "
+"rimanga nessun file di proprietà di questo utente."
+
+# type: Plain text
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"Non è possibile rimuovere nessun attributo NIS su un client NIS. Questo deve "
+"essere fatto sul server NIS."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"Se <option>USERGROUPS_ENAB</option> è impostato a <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> cancellerà il gruppo che ha lo stesso nome dell'utente. Per evitare "
+"incoerenze tra i database di passwd e group, <command>userdel</command> "
+"verificherà che questo gruppo non sia utilizzato come gruppo primario da "
+"altri utenti, e nel caso emetterà un avviso senza cancellare il gruppo. "
+"L'opzione <option>-f</option> forza la cancellazione di questo gruppo."
+
+# type: Plain text
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+# type: Plain text
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"crea un nuovo utente o aggiorna le informazioni predefinite per i nuovi "
+"utenti"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+# type: Plain text
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"Quando viene invocato senza l'opzione <option>-D</option>, il comando "
+"<command>useradd</command> crea un nuovo account di utente usando i valori "
+"specificati sulla riga di comando ed i valori predefiniti dal sistema. A "
+"seconda dalle opzioni nella riga di comando, il comando <command>useradd</"
+"command> aggiornerà i file di sistema che lo necessitano, creerà la home "
+"directory, e lì verranno copiati i file iniziali."
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"Normalmente viene anche creato un gruppo per il nuovo utente (vedere "
+"<option>-g</option>, <option>-N</option>, <option>-U</option> e "
+"<option>USERGROUPS_ENAB</option>).\""
+
+# type: Plain text
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr "Il comando <command>useradd</command> accetta le seguenti opzioni:"
+
+# type: TP
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"La directory base predefinita, nel caso che l'opzione <option>-d</"
+"option>&nbsp;<replaceable>HOME_DIR</replaceable> non sia specificata. "
+"<replaceable>BASE_DIR</replaceable> viene concatenata con il nome "
+"dell'account per definire la directory home. Se l'opzione <option>-m</"
+"option> non è usata, <replaceable>BASE_DIR</replaceable> deve esistere."
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"Se questa opzione non è specificata, <command>useradd</command> userà la "
+"directory base specificata dalla variabile <option>HOME</option> in "
+"<filename>/etc/default/useradd</filename> oppure la costante <filename>/"
+"home</filename>."
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+"Un testo qualsiasi. Di norma è una breve descrizione del login, ed è "
+"attualmente usato come nome completo dell'utente."
+
+# type: TP
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+
+# type: Plain text
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"Il nuovo utente verrà creato usando <replaceable>HOME_DIR</replaceable> come "
+"valore per la directory di login dell'utente. Il comportamento predefinito è "
+"di aggiungere il nome <replaceable>LOGIN</replaceable> in fondo a "
+"<replaceable>BASE_DIR</replaceable> ed usare quello come nome di directory "
+"di login. Non è necessario che la directory <replaceable>HOME_DIR</"
+"replaceable> esista, ma se non ci fosse non verrà creata."
+
+# type: IP
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+# type: SS
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr "Vedere oltre, la sezione «Cambiare i valori predefiniti»."
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"Se non specificato diversamente, <command>useradd</command> userà la data di "
+"scadenza impostata con la variabile <option>EXPIRE</option> nel file "
+"<filename>/etc/default/useradd</filename> o un campo vuoto (nessuna "
+"scadenza)."
+
+# type: Plain text
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"Il numero di giorni dopo la scadenza della password prima che l'account "
+"venga permanentemente disabilitato. Un valore pari a 0 disabilita l'account "
+"non appena la password è scaduta, ed un valore pari a -1 disabilita questa "
+"funzionalità."
+
+# type: Plain text
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"Il comportamento predefinito di <command>useradd</command> è di usare il "
+"periodo di inattività specificato dalla variabile <option>INACTIVE</option> "
+"del file <filename>/etc/default/useradd</filename> oppure -1 (con variabile "
+"assente)."
+
+# type: Plain text
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Il nome o numero del gruppo di connessione iniziale dell'utente. Il nome "
+"del gruppo deve esistere. Un numero di gruppo deve riferirsi ad un gruppo "
+"già esistente."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"Se non specificato, il comportamento di <command>useradd</command> varierà "
+"in base alla variabile <option>USERGROUPS_ENAB</option> del file <filename>/"
+"etc/login.defs</filename>. Se questa variabile è impostata a "
+"<replaceable>yes</replaceable> (o se è stata usata l'opzione <option>-U/--"
+"user-group</option> nella riga di comando) verrà creato un gruppo per "
+"l'utente con lo stesso nome. Se la variabile è impostata a <replaceable>no</"
+"replaceable> (o se è stata usata l'opzione <option>-N/--no-user-group</"
+"option> nella riga di comando) useradd imposterà il gruppo primario "
+"dell'utente in base a quello impostato nella variabile <option>GROUP</"
+"option> del file <filename>/etc/default/useradd</filename> o a 100 se non "
+"specificato."
+
+# type: Plain text
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"Una lista di gruppi supplementari di cui l'utente è altresì membro. Ciascun "
+"gruppo è separato dal successivo da una virgola, senza spazi bianchi "
+"intermedi. I gruppi sono soggetti alle stesse restrizioni del gruppo dato "
+"con l'opzione <option>-g</option>. Il comportamento predefinito è che "
+"l'utente appartenga solo al gruppo iniziale."
+
+# type: IP
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"La directory «skeleton» che contiene file e directory da copiare nella "
+"directory home dell'utente quando viene creata da <command>useradd</command>."
+
+# type: IP
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"Questa opzione è valida solo se anche l'opzione <option>-m</option> (o "
+"<option>--create-home</option>) è stata specificata."
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"Se questa opzione non è impostata, la directory «skeleton» è definita dalla "
+"variabile <option>SKEL</option> nel file <filename>/etc/default/useradd</"
+"filename> o, altrimenti, vale <filename>/etc/skel</filename>."
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "Se possibile vengono copiate le ACL e gli attributi estesi."
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>."
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Forza l'impostazione al di là di quanto specificato in <filename>/etc/login."
+"defs</filename> (<option>UID_MIN</option>, <option>UID_MAX</option>, "
+"<option>UMASK</option>, <option>PASS_MAX_DAYS</option> e altri). "
+"<placeholder-1/> Esempio: <option>-K</option>&nbsp;"
+"<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable> può "
+"essere usato durante la creazione di account di sistema per disabilitare la "
+"scadenza della password anche se l'account di sistema non ha affatto la "
+"password. Possono essere specificate più opzioni <option>-K</option>, come "
+"in: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+# type: IP
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "Non aggiunge l'utente ai database «lastlog» e «faillog»."
+
+#: useradd.8.xml:327(para)
+#, fuzzy
+#| msgid ""
+#| "By default, the user's entries in the lastlog and faillog databases are "
+#| "resetted to avoid reusing the entry from a previously deleted user."
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"Normalmente i dati utente nei database «lastlog» e «faillog» vengono "
+"azzerati per evitare di riutilizzare dati di un utente cancellato in "
+"precedenza."
+
+# type: IP
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"Crea la directory home dell'utente nel caso in cui non esista. I file e "
+"directory contenuti nella directory «skeleton» (che può essere definita con "
+"l'opzione <option>-k</option>) vengono copiati nella directory home."
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"Se questa opzione non viene utilizzata e se non è attiva la voce "
+"<option>CREATE_HOME</option>, la directory non viene creata."
+
+# type: IP
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"Non crea la directory home dell'utente nonostante la configurazione di "
+"sistema in <filename>/etc/login.defs</filename> (<option>CREATE_HOME</"
+"option>) sia impostata a <replaceable>yes</replaceable>."
+
+# type: TP
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"Non crea un gruppo con lo stesso nome dell'utente, ma aggiunge l'utente al "
+"gruppo specificato con l'opzione <option>-g</option> o tramite la variabile "
+"<option>GROUP</option> nel file <filename>/etc/default/useradd</filename>."
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Il comportamento predefinito (se le opzioni <option>-g</option>, <option>-N</"
+"option> e <option>-U</option> non sono specificate) è definito dalla "
+"variabile <option>USERGROUPS_ENAB</option> nel file <filename>/etc/login."
+"defs</filename>."
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr "Permette la creazione di un utente con un UID duplicato (non unico)."
+
+# type: IP
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr ""
+"Questa opzione è valida solo congiuntamente all'opzione <option>-u</option>."
+
+# type: Plain text
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"La password cifrata, come restituita da <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. Il comportamento "
+"predefinito è di disabilitare la password."
+
+# type: IP
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "Crea un account di sistema."
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Gli utenti di sistema vengono creati senza le informazioni sulla scadenza in "
+"<filename>/etc/shadow</filename> e con l'ID numerico scelto nell'intervallo "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, definito nel file "
+"<filename>/etc/login.defs</filename>, anziché <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (e le loro controparti <option>GID</option> per la "
+"creazione dei gruppi)."
+
+#: useradd.8.xml:434(para)
+#, fuzzy
+#| msgid ""
+#| "Note that <command>useradd</command> will not create a home directory for "
+#| "such an user, regardless of the default setting in <filename>/etc/login."
+#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+#| "<option>-m</option> options if you want a home directory for a system "
+#| "account to be created."
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+"Notare che <command>useradd</command> non creerà la directory home per "
+"questi utenti indipendentemente da quanto impostato in <filename>/etc/login."
+"defs</filename> (<option>CREATE_HOME</option>). Si deve specificare "
+"l'opzione <option>-m</option> se si vuole creare la directory home per un "
+"account di sistema."
+
+# type: Plain text
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"Il nome della shell di login dell'utente. Il comportamento predefinito è di "
+"lasciare vuoto questo campo, che fa sì che il sistema selezioni la shell di "
+"connessione predefinita tramite la variabile <option>SHELL</option> in "
+"<filename>/etc/default/useradd</filename>, oppure un testo vuoto."
+
+# type: Plain text
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"Il valore numerico dell'identificatore (ID) dell'utente. Questo valore deve "
+"essere univoco, a meno che non venga usata l'opzione <option>-o</option>. Il "
+"valore non deve essere negativo. La scelta predefinita è quella di usare il "
+"minimo valore di ID maggiore o eguale a <option>UID_MIN</option> e maggiore "
+"a qualunque altro utente."
+
+# type: Plain text
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Vedere anche la descrizione dell'opzione <option>-r</option> e "
+"<option>UID_MAX</option>"
+
+# type: TP
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+"Crea un gruppo con lo stesso nome dell'utente e aggiunge l'utente al gruppo "
+"stesso."
+
+# type: Plain text
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"L'utente SELinux per questo login utente. Lasciando questo campo vuoto si fa "
+"in modo che il sistema selezioni automaticamente l'utente SELinux."
+
+# type: SS
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Cambiare i valori predefiniti"
+
+# type: Plain text
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"Quando invocato con la sola opzione <option>-D</option>, <command>useradd</"
+"command> mostrerà i valori predefiniti correnti. Quando invocato con "
+"l'opzione <option>-D</option> e altre opzioni, <command>useradd</command> "
+"aggiornerà i valori predefiniti per le opzioni specificate. Le opzioni "
+"valide sono:"
+
+# type: Plain text
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"Il prefisso del percorso per la directory home del nuovo utente. Il nome "
+"dell'utente verrà aggiunto alla fine di <replaceable>BASE_DIR</replaceable> "
+"per creare il nome della nuova directory home, a meno che non venga usata "
+"l'opzione <option>-d</option> quando si crea un nuovo account."
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Questa opzione imposta la variabile <option>HOME</option> del file "
+"<filename>/etc/default/useradd</filename>."
+
+# type: Plain text
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "La data in cui l'account dell'utente verrà disabilitato."
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Questa opzione imposta la variabile <option>EXPIRE</option> del file "
+"<filename>/etc/default/useradd</filename>."
+
+# type: Plain text
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"Il numero di giorni dopo la scadenza di una password prima che l'account "
+"venga disabilitato."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Questa opzione imposta la variabile <option>INACTIVE</option> del file "
+"<filename>/etc/default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+#, fuzzy
+#| msgid ""
+#| "The group name or ID for a new user's initial group (when the <option>-"
+#| "N/--no-user-group</option> is used or when the <option>USERGROUPS_ENAB</"
+#| "option> variable is set to <replaceable>no</replaceable> in <filename>/"
+#| "etc/login.defs</filename>. The named group must exist, and a numerical "
+#| "group ID must have an existing entry."
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"Il nome o l'ID del gruppo da usare come gruppo iniziale per il nuovo utente "
+"(quando è usata l'opzione <option>-N/--no-user-group</option> o quando la "
+"variabile <option>USERGROUPS_ENAB</option> è impostata a <replaceable>no</"
+"replaceable> nel file <filename>/etc/login.defs</filename>). Il gruppo "
+"indicato deve esistere, anche se viene utilizzato l'ID numerico."
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Questa opzione imposta la variabile <option>GROUP</option> nel file "
+"<filename>/etc/default/useradd</filename>."
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "Il nome della shell di login per il nuovo utente."
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Questa opzione imposta la variabile <option>SHELL</option> del file "
+"<filename>/etc/default/useradd</filename>."
+
+# type: SH
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "NOTE"
+
+# type: Plain text
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"L'amministratore di sistema è responsabile del posizionamento dei file "
+"utente predefiniti nella directory <filename>/etc/skel/</filename> (o "
+"qualsiasi altra directory impostata in <filename>/etc/default/useradd</"
+"filename> o nella riga di comando)."
+
+# type: Plain text
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Non è possibile aggiungere un utente ad un gruppo NIS o LDAP. Questo deve "
+"essere fatto sul server corrispondente."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"Analogamente, se il nome utente esiste già in un database esterno come NIS o "
+"LDAP, <command>useradd</command> bloccherà la creazione dell'account."
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"I nomi utente devono iniziare con una lettera minuscola o un underscore, "
+"seguiti da lettere minuscole, cifre numeriche, underscore o trattini. "
+"Possono terminare con il simbolo del dollaro. In termini di espressioni "
+"regolari: [a-z_][a-z0-9_-]*[$]?"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "I nomi utente non possono eccedere i 32 caratteri di lunghezza."
+
+# type: IP
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (booleano)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr "Indica se per i nuovi utenti va creata la directory home."
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Questa impostazione non viene applicata agli utenti di sistema e può essere "
+"modificata sulla riga di comando."
+
+# type: IP
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (numerico)"
+
+# type: IP
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (numerico)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Intervallo di ID di gruppo per la creazione di gruppi normali tramite "
+"<command>useradd</command>, <command>groupadd</command> o <command>newusers</"
+"command>."
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Il valore predefinito per <option>GID_MIN</option> (rispettivamente "
+"<option>GID_MAX</option>) è 1000 (rispettivmente 60000)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (numerico)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"Il numero massimo di giorni che una password può essere utilizzata. Se la "
+"password è più vecchia verrà imposto il suo cambiamento. Se non specificato "
+"viene assunto -1 (che disabilita questo controllo)."
+
+# type: IP
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (numerico)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"Il numero minimo di giorni tra due cambiamenti di password. Ogni tentativo "
+"di cambiare la password prima di questo periodo verrà rifiutato. Se non "
+"specificato viene assunto -1 (che disabilita questo controllo)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (numerico)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"Il numero di giorni per i quali un utente va avvisato che la sua password "
+"sta per scadere. Se zero l'utente viene avvisato solo alla scadenza. Un "
+"valore negativo indica che non si deve avvisare mai. Se non specificato "
+"allora non c'è nessun avviso."
+
+# type: IP
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (numerico)"
+
+# type: IP
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (numerico)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Intervallo di ID di gruppo utilizzato per la creazione di un gruppo di "
+"sistema da <command>useradd</command>, <command>groupadd</command> o "
+"<command>newusers</command>."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"Il valore predefinito per <option>SYS_GID_MIN</option> (rispettivamente "
+"<option>SYS_GID_MAX</option>) è 101 (rispettivamente <option>GID_MIN</"
+"option>-1)."
+
+# type: IP
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (numerico)"
+
+# type: IP
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (numerico)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"Intervallo di ID utente per la creazione degli utenti di sistema con "
+"<command>useradd</command> o <command>newusers</command>."
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"Il valore predefinito per <option>SYS_UID_MIN</option> (rispettivamente "
+"<option>SYS_UID_MAX</option>) è 101 (rispettivamente <option>UID_MIN</"
+"option>-1)."
+
+# type: IP
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (booleano)"
+
+# type: Plain text
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"Se <replaceable>yes</replaceable> i file shadow tcb di prossima creazione "
+"avranno come gruppo proprietario il gruppo <replaceable>auth</replaceable>."
+
+# type: IP
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (numerico)"
+
+# type: IP
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (numerico)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"Intervallo di ID utente da utilizzare nella creazione degli utenti normali "
+"tramite <command>useradd</command> o <command>newusers</command>."
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Il valore predefinito per <option>UID_MIN</option> (rispettivamente "
+"<option>UID_MAX</option>) è 1000 (rispettivamente 60000)."
+
+# type: IP
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (numerico)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+"La maschera di permessi alla creazione dei file è inizializzata con questo "
+"valore. Se non specificato la maschera viene impostata a 022."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"<command>useradd</command> e <command>newusers</command> usano questa "
+"maschera per impostare i permessi della directory home che creano."
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Viene anche utilizzata da <command>login</command> per definire la maschera "
+"iniziale dell'utente. Notare che questa maschera può essere modificata dalla "
+"riga GECOS dell'utente (se <option>QUOTAS_ENAB</option> è impostato) o "
+"specificando un limite con l'identificativo <emphasis>K</emphasis> in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+"Viene anche utilizzato da <command>pam_umask</command> come valore umask "
+"predefinito."
+
+# type: Plain text
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Valori predefiniti per la creazione dell'account."
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+# type: Plain text
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Directory contenente i file predefiniti."
+
+# type: IP
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "argomento non valido per l'opzione"
+
+# type: IP
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID già in uso (e <option>-o</option> assente)"
+
+# type: Plain text
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "il gruppo specificato non esiste"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "nome utente già in uso"
+
+# type: Plain text
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "non è possibile creare la directory home"
+
+# type: IP
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+# type: TP
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "Il comando <command>useradd</command> restituisce i seguenti valori:"
+
+# type: Plain text
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+# type: IP
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Formati di file e conversioni"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "file di controllo dettagliato per «su»"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"Il file <filename>/etc/suauth</filename> viene utilizzato all'invocazione "
+"del comando «su». Può cambiare il comportamento del comando in base a:"
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, fuzzy, no-wrap
+#| msgid ""
+#| "\n"
+#| " 1) the user su is targetting\n"
+#| " "
+msgid ""
+"\n"
+" 1) the user su is targeting\n"
+" "
+msgstr ""
+"\n"
+" 1) l'utente che «su» sta usando come target\n"
+" "
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+"2) l'utente che sta invocando «su» (o qualsiasi gruppo del quale questi "
+"faccia parte)"
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Il formato del file è il seguente, con le righe che iniziano con «#» "
+"trattate come commenti e ignorate;"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" to-id:from-id:ACTION\n"
+" "
+msgstr ""
+"\n"
+" id-finale:id-iniziale:AZIONE\n"
+" "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Dove «id-finale» è la parola <emphasis>ALL</emphasis> (tutti), un elenco di "
+"nomi utenti separati da «,» o le parole <emphasis>ALL EXCEPT</emphasis> "
+"seguite da una lista di nomi utente separati da «,»."
+
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"«id-iniziale» è formattato come «id-iniziale» salvo il riconoscimento della "
+"parola aggiuntiva <emphasis>GROUP</emphasis>. Anche <emphasis>ALL EXCEPT "
+"GROUP</emphasis> è perfettamente gestito. Subito dopo <emphasis>GROUP</"
+"emphasis> appaiono uno o più nomi di gruppo separati da «,». Non è "
+"sufficiente avere come gruppo primario il gruppo specificato, ma deve anche "
+"esserci la relativa riga in <citerefentry><refentrytitle>/etc/group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "AZIONE può essere una delle seguenti opzioni attualmente supportate."
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+"Il tentativo di usare «su» viene bloccato prima ancora che la password sia "
+"chiesta."
+
+# type: SH
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+"Il tentativo di usare «su» ha successo senza neppure chiedere la password."
+
+# type: TH
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"Perché «su» abbia successo, l'utente deve inserire la propria password che "
+"verrà espressamente richiesta."
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"Notare che ci sono tre campi diversi separati da «:». Nessuno spazio deve "
+"affiancare i due punti. Notare anche che il file viene esaminato in maniera "
+"sequenziale una riga alla volta, e la prima regola applicabile viene "
+"utilizzata senza procede con la lettura delle successive. Questo permette "
+"all'amministratore di sistema di impostare dei controlli allargati o "
+"puntuali, come preferisce."
+
+# type: SH
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "ESEMPIO"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" # sample /etc/suauth file\n"
+" #\n"
+" # A couple of privileged usernames may\n"
+" # su to root with their own password.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Anyone else may not su to root unless in\n"
+" # group wheel. This is how BSD does things.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Perhaps terry and birddog are accounts\n"
+" # owned by the same person.\n"
+" # Access can be arranged between them\n"
+" # with no password.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+msgstr ""
+"\n"
+" # Esempio di file /etc/suauth\n"
+" #\n"
+" # Due utenti privilegiati possono usare\n"
+" # su verso root con la propria password.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Tutti gli altri non possono farlo a meno di non appartenere\n"
+" # al groppo wheel. Questo è come funziona in BSD.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Nel caso che terry e birddog siano account\n"
+" # della stessa persona di permettere il passaggio\n"
+" # tra loro senza richiedere la password.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+
+# type: SH
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "ERRORI"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"Ce ne possono essere molti non visti. Il parser dei file è particolarmente "
+"rigido sugli errori di sintassi, attendendo l'assenza di spazi estranei (ad "
+"eccezione di inizio e fine riga) e specifici separatori per delimitare "
+"oggetti diversi."
+
+# type: SH
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSTICA"
+
+# type: Plain text
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"Qualsiasi errore durante le lettura del file viene riportato tramite "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> con livello ERR e «facility» AUTH."
+
+# type: Plain text
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Comandi utente"
+
+# type: Plain text
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "cambia ID utente o diventa amministratore"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "nome"
+
+# type: Plain text
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"<command>su</command> permette di diventare un altro utente durante una "
+"sessione di login. Se nessun <option>nome</option> utente viene specificato, "
+"<command>su</command> acquisice i privilegi di amministratore. L'opzione "
+"<option>-</option> può essere usata per fornire un ambiente simile a quello "
+"che l'utente troverebbe se effettuasse il login direttamente."
+
+# type: Plain text
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"Dopo il nome utente, è possibile specificare argomenti aggiuntivi da passare "
+"alla shell di login dell'utente. In particolare, molti interpreti di comando "
+"adottano la convenzione per cui l'opzione <option>-c</option> seguita da un "
+"argomento fa sì che quest'ultimo sia considerato un comando. Il comando "
+"viene eseguito dalla shell specificata in <filename>/etc/passwd</filename> "
+"per l'utente di destinazione."
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Si può utilizzare <option>--</option> per separare le opzioni di "
+"<command>su</command> dagli argomenti passati alla shell."
+
+# type: Plain text
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"All'utente viene quindi chiesta la password, se necessario. Una password "
+"errata viene segnalata da un messaggio d'errore. Viene effettuato il log di "
+"tutti i tentativi, siano essi riusciti o meno, al fine di rilevare ogni "
+"abuso del sistema."
+
+# type: Plain text
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Le variabili d'ambiente in uso vengono passate alla nuova shell, eccetto il "
+"valore di <envar>$PATH</envar> che viene impostato a <filename>/bin:/usr/"
+"bin</filename> per gli utenti qualsiasi e a <filename>/sbin:/bin:/usr/sbin:/"
+"usr/bin</filename> per l'amministratore. Questa impostazione è controllata "
+"dalle definizioni <emphasis>ENV_PATH</emphasis> ed <emphasis>ENV_SUPATH</"
+"emphasis> in <filename>/etc/login.defs</filename>."
+
+# type: Plain text
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"Un sottosistema di login è indicato dalla presenza del carattere «*» "
+"all'inizio della shell di login. La directory home impostata sarà utilizzata "
+"come root di un nuovo file system al quale l'utente accede."
+
+# type: TP
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Il comando <command>su</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMANDO</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+"Specifica un comando che verrà invocato dalla shell tramite la sua opzione "
+"<option>-c</option>."
+
+#: su.1.xml:158(para)
+#, fuzzy
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"Il comando eseguito non avrà un terminale di controllo. Questa opzione non "
+"può essere utilizzata per invocare programmi interattivi che richiedono un "
+"TTY di controllo."
+
+# type: TP
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"Fornisce un ambiente simile a quello che un utente si attende quando "
+"effettua direttamente il login."
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"Quando si usa <option>-</option> deve essere l'ultima opzione di "
+"<command>su</command>. Le altre forme (<option>-l</option> e <option>--"
+"login</option>) non hanno questo vincolo."
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "La shell che verrà invocata."
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "La shell specificata con --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"Se viene usato <option>--preserve-environment</option>, la shell specificata "
+"dalla variabile d'ambiente <envar>$SHELL</envar>."
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+"La shell indicata nel file <filename>/etc/passwd</filename> per l'utente "
+"target."
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr "<filename>/bin/sh</filename> se gli altri metodi falliscono."
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+"La shell invocata viene scelta da (in ordine di priorità): <placeholder-1/>"
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"Se l'utente target ha una shell con restrizioni (cioè se la sua shell "
+"presente in <filename>/etc/passwd</filename> non è presente in <filename>/"
+"etc/shells</filename>), allora l'opzione <option>--shell</option> e la "
+"variabile d'ambiente <envar>$SHELL</envar> non vengono prese in "
+"considerazione a meno che <command>su</command> sia invocato da root."
+
+# type: IP
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"reimpostato in accordo alle opzioni <option>ENV_PATH</option> o "
+"<option>ENV_SUPATH</option> del file <filename>/etc/login.defs</filename> "
+"(vedi sotto);"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"reimpostato a <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote> se era "
+"impostato."
+
+# type: Plain text
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Mantiene l'ambiente attuale, fatta eccezione per: <placeholder-1/>"
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Se l'utente target ha una shell con restrizioni, questa opzione non ha "
+"effetto (a meno che <command>su</command> sia invocato da root)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"Le variabili d'ambiente <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>"
+"$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar> e <envar>$IFS</"
+"envar> sono reimpostate."
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+"Se l'opzione <option>--login</option> non è usata, l'ambiente è copiato con "
+"l'eccezione delle variabili elencate sopra."
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"Se l'opzione <option>--login</option> è utilizzata, le variabili <envar>"
+"$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar> e <envar>"
+"$XAUTHORITY</envar> sono copiate se risultano impostate."
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"Se l'opzione <option>--login</option> è utilizzata, le variabili d'ambiente "
+"<envar>$TZ</envar>, <envar>$HZ</envar> e <envar>$MAIL</envar> sono impostate "
+"in accordo alle opzioni <option>ENV_TZ</option>, <option>ENV_HZ</option>, "
+"<option>MAIL_DIR</option> e <option>MAIL_FILE</option> specificate nel file "
+"<filename>/etc/login.defs</filename> (vedi sotto)."
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"Se l'opzione <option>--login</option> è utilizzata, altre variabili "
+"d'ambiente potrebbero essere impostate dal file <option>ENVIRON_FILE</"
+"option> (vedi sotto)."
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr "Altre variabili d'ambiente potrebbero essere impostate da moduli PAM."
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+"Notare che il comportamento predefinito per l'ambiente è il seguente: "
+"<placeholder-1/>"
+
+# type: Plain text
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Questa versione di <command>su</command> ha molte opzioni di compilazione; "
+"solo una parte di esse potrebbe essere in uso su un determinato sistema."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"Se definito, o il percorso completo di un file che contiene l'elenco di nomi "
+"di device (uno per riga) oppure un elenco di nomi di device separati da «:». "
+"L'accesso come root verrà permesso solo attraverso questi device."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr "Se non definito, root potrà accedere da qualsiasi device."
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "Il nome di device deve essere specificato senza il prefisso /dev."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"Elenco di gruppi da aggiungere ai gruppi supplementari dell'utente quando "
+"questi accede dalla console (come determinato dalla impostazione CONSOLE). "
+"Il valore predefinito è nullo. <placeholder-1/> Usare con cautela - è "
+"possibile che gli utenti ottengano l'accesso permanente a questi gruppi "
+"anche se non accedono dalla console."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (booleano)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"Indica se permettere l'accesso al sistema anche se non si può accedere alla "
+"directory home. Il valore predefinito è no."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"Se impostato a <replaceable>yes</replaceable>, l'utente accederà alla "
+"directory root (<filename>/</filename>) nel caso che non sia possibile "
+"accedere alla propria directory home."
+
+# type: IP
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (testo)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"Se impostato viene utilizzato per definire il valore della variabile "
+"d'ambiente HZ al login dell'utente. Il valore deve essere preceduto da "
+"<replaceable>HZ=</replaceable>. Un valore comune per Linux è "
+"<replaceable>HZ=100</replaceable>."
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"La variabile d'ambiente <envar>HZ</envar> viene impostata solo quando "
+"l'utente (il super utente) accede con <command>sulogin</command>."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"Se questo file esiste ed è leggibile, l'ambiente di login viene letto da lì. "
+"Ogni riga deve essere nella forma nome=valore."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr "Le righe che iniziano con «#» sono trattate come commenti e ignorate."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when a "
+#| "regular user login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/bin:/usr/bin</replaceable>). The default value is "
+#| "<replaceable>PATH=/bin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"Se impostato, viene utilizzato per definire la variabile d'ambiente PATH "
+"all'accesso di un utente normale. Il valore può essere preceduto da "
+"<replaceable>PATH=</replaceable> e composto da una lista di directory "
+"separate da «:» (per esempio <replaceable>/bin:/usr/bin</replaceable>). Il "
+"valore predefinito è <replaceable>PATH=/bin:/usr/bin</replaceable>."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when the "
+#| "superuser login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>). The default "
+#| "value is <replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"> #: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)\n"
+"> > msgid \"\"\n"
+"> > \"If set, it will be used to define the PATH environment variable when "
+"the \"\n"
+"> > \"superuser login. The value can be preceded by <replaceable>PATH=</\"\n"
+"> > \"replaceable>, or a colon separated list of paths (for example "
+"<replaceable>/\"\n"
+"> > \"sbin:/bin:/usr/sbin:/usr/bin</replaceable>). The default value is \"\n"
+"> > \"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>.\"\n"
+"> > msgstr \"Se impostato, viene utilizzato per definire la variabile "
+"d'ambiente PATH al login del superutente. Il valore può essere preceduto da "
+"<replaceable>PATH=</replaceable>, ed è formato da un elenco di directory "
+"separati dal «:» (ad esempio <replaceable>/sbin:/bin:/usr/sbin:/usr/bin</"
+"replaceable>). Il valore predefinito è <replaceable>PATH=/sbin:/bin:/usr/"
+"sbin:/usr/bin</replaceable>.\"\n"
+"> \n"
+"> s/separatI dal/separatE da\n"
+"> "
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"Se impostato viene usato per definire la variabile d'ambiente TZ al login "
+"dell'utente. Il valore può essere il nome di una «timezone» preceduta da "
+"<replaceable>TZ=</replaceable> (ad esempio <replaceable>TZ=CST6CDT</"
+"replaceable>), o il percorso completo di un file che contenga la specifica "
+"della «timezone» (ad esempio <filename>/etc/tzname</filename>)."
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"Se viene specificato il percorso completo di un file che però non esiste o "
+"non può essere letto, allora viene utilizzato il valore predefinito "
+"<replaceable>TZ=CST6CDT</replaceable>."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"Il testo da utilizzare per richiedere la password. Il valore predefinito è "
+"«Password: » o una sua traduzione. Se si imposta questa variabile allora il "
+"testo non verrà tradotto."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+"Se il testo contiene <replaceable>%s</replaceable>, questo verrà sostituito "
+"dal nome dell'utente."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+"Abilita la verifica e stampa a video dello stato della casella di posta al "
+"momento dell'accesso al sistema."
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"Andrebbe disabilitato se i file di avvio della shell effettuano già questo "
+"controllo («mailx -e» o equivalente)."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (booleano)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+"Abilita l'impostazione di limiti di risorsa definiti in <filename>/etc/"
+"limits</filename> e ulimit, umask e livello di «nice» in base al campo gecos "
+"del passwd dell'utente."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr "Se definito, tutta l'attività di «su» viene tracciata in questo file."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"Se definito è il nome del comando da mostrare quando si esegue «su -». Ad "
+"esempio, se lo di definisce come «su» allora «ps» mostrerà che il comando è "
+"«-su». Se non definito, «ps» mostrerà il nome della shell invocata, come «-"
+"sh»."
+
+# type: IP
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (booleano)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"Se <replaceable>yes</replaceable>, l'utente deve essere elencato come membro "
+"del primo gruppo con gid 0 in <filename>/etc/group</filename> (chiamato "
+"<replaceable>root</replaceable> in molti sistemi Linux) perché sia possibile "
+"usare <command>su</command> verso account con uid 0. Se il gruppo non esiste "
+"o è vuoto, nessuno potrà utilizzare <command>su</command> verso uid 0."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (booleano)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+"Abilita la tracciatura su «syslog» dell'attività di <command>su</command>, "
+"oltre a quella sul file «sulog»."
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+"In caso di successo, il valore restituito da <command>su</command> è quello "
+"del comando da esso eseguito."
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+"Se questo comando è terminato da un segnale, <command>su</command> "
+"restituisce il numero del segnale più 128."
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"Se «su» deve terminare il comando (perché gli è stato chiesto di terminare "
+"ma il comando non è terminato in tempo), <command>su</command> restituisce "
+"255."
+
+# type: IP
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "successo (solo <option>--help</option>)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "Errore di sistema o di autenticazione"
+
+# type: IP
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+# type: Plain text
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "Il comando richiesto non è stato trovato"
+
+# type: IP
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "Il comando richiesto non può essere eseguito"
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+"Alcuni dei codici d'uscita di <command>su</command> sono indipendenti dal "
+"comando eseguito: <placeholder-1/>\""
+
+# type: Plain text
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+# type: Plain text
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "esegue un comando con un diverso ID di gruppo"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "comando <placeholder-1/> group"
+
+# type: Plain text
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"Il comando <command>sg</command> funziona in maniera analoga a "
+"<command>newgrp</command>, ma accetta un comando che viene eseguito con la "
+"shell <filename>/bin/sh</filename>. La maggior parte delle shell che "
+"permettono l'uso di <command>sg</command> richiede che i comandi composti da "
+"più parole siano inclusi tra apici. Un'altra differenza tra <command>newgrp</"
+"command> e <command>sg</command> è che alcune shell trattano "
+"<command>newgrp</command> in maniera speciale, sostituendo se stesse con la "
+"shell creata da <command>newgrp</command>. Questo non accade con "
+"<command>sg</command>, per cui all'uscita del comando <command>sg</command> "
+"si ritorna al precedente ID di gruppo."
+
+# type: IP
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (booleano)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+"Abilita il tracciamento dell'attività di <command>sg</command> su «syslog»."
+
+# type: Plain text
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+# type: Plain text
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "file delle password shadow"
+
+# type: Plain text
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>shadow</filename> è un file che contiene le informazioni sulle "
+"password per gli account degli utenti e, opzionalmente, le informazioni "
+"sulla durata delle password («aging»)."
+
+# type: Plain text
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Questo file non deve essere leggibile dagli utenti normali se si vuole "
+"mantenere la sicurezza sulle password."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"Ciascuna riga di questo file contiene 9 campi separati da due punti (<quote>:"
+"</quote>), nel seguente ordine:"
+
+# type: Plain text
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "nome di login"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr "Deve essere un nome valido di un account esistente nel sistema."
+
+# type: Plain text
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "password cifrata"
+
+# type: Plain text
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Fare riferimento a <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> per dettagli sul modo "
+"in cui questa stringa viene interpretata."
+
+# type: Plain text
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Se il campo password contiene un testo che non è un risultato valido di "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, come ad esempio ! o *, l'utente non potrà accedere al sistema "
+"utilizzando la password unix (ma potrà accedere al sistema in altri modi)."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"Questo campo può essere vuoto, nel qual caso nessuna password è richiesta "
+"per l'autenticazione di questo specifico nome di login. Tuttavia alcune "
+"applicazioni che leggono <filename>/etc/shadow</filename> possono decidere "
+"di non permettere nessun accesso se il campo password è vuoto."
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "A password field which starts with a exclamation mark means that the "
+#| "password is locked. The remaining characters on the line represent the "
+#| "password field before the password was locked."
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"Se il campo password inizia con un punto esclamativo vuol dire che la "
+"password è bloccata. I restanti caratteri del campo sono il contenuto del "
+"campo password prima che venisse bloccata."
+
+# type: Plain text
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "data dell'ultimo cambio di password"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"Data dell'ultimo cambio di password espressa in numero di giorni a partire "
+"dal 1 gennaio 1970."
+
+#: shadow.5.xml:134(para)
+#, fuzzy
+#| msgid ""
+#| "The value 0 has a special meaning, which is that the user should change "
+#| "her pasword the next time she will log in the system."
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+"Il valore 0 ha un significato speciale, vale a dire che l'utente deve "
+"cambiare la propria password al prossimo accesso al sistema."
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr "Un campo vuoto implica che la scadenza della password è disabilitata."
+
+# type: SS
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "età minima password"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"L'età minima password è il numero di giorni che l'utente dovrà attendere "
+"prima di poter cambiare nuovamente la propria password."
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+"Un campo vuoto o con valore 0 indica che non c'è una età minima della "
+"password."
+
+# type: SS
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "età massima password"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+"L'età massima password è il numero di giorni dopo il quale l'utente deve "
+"cambiare la propria password."
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+"Quando questo numero di giorni è passato, la password può ancora essere "
+"valida. All'utente verrà chiesto di cambiare la password durante il "
+"successivo accesso."
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"Un campo vuoto indica che non ci sono una età massima password, un periodo "
+"di avviso e nessun periodo di inattività (vedere oltre)."
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+"Se l'età massima password è minore dell'età minima password, l'utente non "
+"può cambiare la propria password."
+
+# type: SS
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "periodo avviso password"
+
+# type: Plain text
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"Il numero di giorni prima della scadenza di una password (vedere età massima "
+"password, sopra) durante il quale l'utente riceve un avviso."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+"Un campo vuoto e il valore 0 indicano che non c'è un periodo di avviso "
+"password."
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "periodo inattività password"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"Il numero di giorni dopo la scadenza della password (vedere età massima "
+"password, sopra) durante il quale la password è ancora accettata (e l'utente "
+"dovrebbe aggiornare la propria password al primo accesso)."
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"Dopo la scadenza della password e di questo periodo, l'utente non potrà "
+"accedere usando questa password, ma dovrà contattare l'amministratore."
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr "Un campo vuoto implica che non è applicato il periodo di inattività."
+
+# type: Plain text
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "data scadenza account"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"La data di scadenza dell'account, espressa in numero di giorni dal 1 gennaio "
+"1970."
+
+#: shadow.5.xml:229(para)
+#, fuzzy
+#| msgid ""
+#| "Note that an account expiration differs from a password expiration. In "
+#| "case of an acount expiration, the user shall not be allowed to login. In "
+#| "case of a password expiration, the user is not allowed to login using her "
+#| "password."
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"Notare che la scadenza dell'account differisce da quella della password. Nel "
+"caso di un account scaduto l'utente non deve poter accedere ulteriormente al "
+"sistema. Nel caso di password scaduta invece l'utente non è abilitato ad "
+"accedere con la propria password."
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "Un campo vuoto implica che l'account non scade mai."
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+"Il valore 0 non andrebbe usato perché potrebbe essere interpretato come "
+"account che non scade o come scaduto il 1 gennaio 1970."
+
+# type: Plain text
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "campo riservato"
+
+# type: Plain text
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Questo campo è riservato per uso futuro."
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "Copia di backup per /etc/shadow."
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Notare che questo file viene usato dagli strumenti del pacchetto shadow, ma "
+"non da tutti gli strumenti per la gestione di utenti e password."
+
+# type: Plain text
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>"
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Chiamate di libreria"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+# type: Plain text
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "routine per file delle password cifrate"
+
+# type: SH
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SINTASSI"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+# type: Plain text
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+# type: Plain text
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*nome"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+# type: Plain text
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+# type: Plain text
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+# type: Plain text
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+# type: Plain text
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+# type: SH
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FILE"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+# type: Plain text
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> manipola il contenuto del file delle "
+"password shadow, <filename>/etc/shadow</filename>. La struttura nel file "
+"<emphasis remap=\"I\">#include</emphasis> è la seguente:"
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* user login name */\n"
+" char\t\t*sp_pwdp; /* encrypted password */\n"
+" long int\t\tsp_lstchg; /* last password change */\n"
+" long int\t\tsp_min; /* days until change allowed. */\n"
+" long int\t\tsp_max; /* days before change required */\n"
+" long int\t\tsp_warn; /* days warning for expiration */\n"
+" long int\t\tsp_inact; /* days before account inactive */\n"
+" long int\t\tsp_expire; /* date when account expires */\n"
+" unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+" "
+msgstr ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* login dell'utente */\n"
+" char\t\t*sp_pwdp; /* password cifrata */\n"
+" long int\t\tsp_lstchg; /* ultimo cambio della password */\n"
+" long int\t\tsp_min; /* giorni minimi tra i cambi */\n"
+" long int\t\tsp_max; /* giorni massimi tra i cambi */\n"
+" long int\t\tsp_warn; /* giorni di preavviso */\n"
+" long int\t\tsp_inact; /* giorni di inattività */\n"
+" long int\t\tsp_expire; /* data di scadenza dell'account */\n"
+" unsigned long int\tsp_flag; /* riservato per uso futuro */\n"
+"}\n"
+" "
+
+# type: Plain text
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "Ciascun campo significa:"
+
+# type: Plain text
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+"sp_namp - puntatore a una stringa null-terminated che contiene il nome "
+"utente."
+
+# type: Plain text
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+"sp_pwdp - puntatore a una stringa null-terminated che contiene la password."
+
+# type: Plain text
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+"sp_lstchg - giorni trascorsi dal 1 gennaio 1970 al momento in cui la "
+"password è stata cambiata l'ultima volta."
+
+# type: Plain text
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr "sp_min - giorni prima dei quali la password non può essere cambiata."
+
+# type: Plain text
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr "sp_max - giorni dopo i quali la password deve essere cambiata."
+
+# type: Plain text
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+"sp_warn - giorni prima della scadenza della password in cui l'utente viene "
+"avvertito."
+
+# type: Plain text
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+"sp_inact - giorni dopo la scadenza della password dopo i quali l'account "
+"viene considerato inattivo e disabilitato."
+
+# type: Plain text
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+"sp_expire - giorni a partire dal 1 gennaio 1970 dopo i quali l'account viene "
+"disabilitato."
+
+# type: Plain text
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - riservato per uso futuro."
+
+# type: Plain text
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis> e <emphasis>sgetspent</emphasis> "
+"restituiscono tutte un puntatore a uno <emphasis>struct spwd</emphasis>. "
+"<emphasis>getspent</emphasis> restituisce la voce successiva nel file, "
+"<emphasis>fgetspent</emphasis> la voce successiva nello stream specificato, "
+"che si suppone sia un file nel formato corretto. <emphasis>sgetspent</"
+"emphasis> restituisce un puntatore a uno <emphasis>struct spwd</emphasis> "
+"usando come input la stringa fornita. <emphasis>getspnam</emphasis> cerca "
+"una voce che corrisponde a <emphasis>name</emphasis> partendo dalla "
+"posizione corrente nel file."
+
+# type: Plain text
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"<emphasis>setspent</emphasis> e <emphasis>endspent</emphasis> sono usate "
+"rispettivamente per iniziare e terminare l'accesso al file delle password "
+"shadow."
+
+# type: Plain text
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"Le funzioni <emphasis>lckpwdf</emphasis> e <emphasis>ulckpwdf</emphasis> si "
+"usano per garantire l'accesso esclusivo al file <filename>/etc/shadow</"
+"filename>. <emphasis>lckpwdf</emphasis> prova ad acquisire il lock tramite "
+"<emphasis>pw_lock</emphasis> per un massimo di 15 secondi, dopodiché tenta "
+"di ottenere un secondo lock usando <emphasis>spw_lock</emphasis> per il "
+"tempo che rimane dei 15 secondi iniziali. Se anche uno solo dei due "
+"tentativi fallisce dopo un totale di 15 secondi, <emphasis>lckpwdf</"
+"emphasis> restituisce -1, mentre restituisce 0 se riesce ad acquisire "
+"entrambi i lock."
+
+# type: Plain text
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"Le funzioni restituiscono NULL se non ci sono altre voci disponibili o se si "
+"verifica un errore durante l'elaborazione. Le funzioni di tipo "
+"<emphasis>int</emphasis> restituiscono 0 in caso di successo e -1 in caso di "
+"errore."
+
+# type: Plain text
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+"Queste funzioni possono essere usate solo dall'amministratore, perché "
+"l'accesso al file delle password shadow è riservato."
+
+# type: Plain text
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+# type: Plain text
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr "convertono a e da password e gruppi shadow."
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"<command>pwconv</command> crea <emphasis remap=\"I\">shadow</emphasis> da "
+"<emphasis remap=\"I\">passwd</emphasis> e da un eventuale preesistente "
+"<emphasis remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"<command>pwconv</command> non funziona se <option>USE_TCB</option> è attivo. "
+"Per convertire a password tcb si deve prima usare <command>pwconv</command> "
+"per convertire a password shadow disabilitando <option>USE_TCB</option> nel "
+"file <filename>login.defs</filename> e poi convertire a password tcb usando "
+"<command>tcb_convert</command> (e riabilitando <option>USE_TCB</option> in "
+"<filename>login.defs</filename>)."
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"<command>pwunconv</command> crea <emphasis remap=\"I\">passwd</emphasis> da "
+"<emphasis remap=\"I\">passwd</emphasis> e <emphasis remap=\"I\">shadow</"
+"emphasis> e poi cancella <emphasis remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"<command>pwunconv</command> non funziona con <option>USE_TCB</option> "
+"abilitato. Si deve prima ritornare da tcb a password shadow usando "
+"<command>tcb_unconvert</command> e poi disabilitare <option>USE_TCB</option> "
+"in <filename>login.defs</filename> prima di usare <command>pwunconv</"
+"command>."
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"<command>grpconv</command> crea <emphasis remap=\"I\">gshadow</emphasis> da "
+"<emphasis remap=\"I\">group</emphasis> e da un eventuale preesistente "
+"<emphasis remap=\"I\">gshadow</emphasis>."
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"<command>grpunconv</command> crea <emphasis remap=\"I\">group</emphasis> da "
+"<emphasis remap=\"I\">group</emphasis> e <emphasis remap=\"I\">gshadow</"
+"emphasis> e quindi rimuove <emphasis remap=\"I\">gshadow</emphasis>."
+
+# type: Plain text
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"Questi quattro programmi agiscono tutti sui file normali e oscurati (shadow) "
+"delle password e dei gruppi: <filename>/etc/passwd</filename>, <filename>/"
+"etc/group</filename>, <filename>/etc/shadow</filename> e <filename>/etc/"
+"gshadow</filename>."
+
+# type: Plain text
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"Ciascun programma, prima della conversione, acquisisce i lock necessari. "
+"<command>pwconv</command> e <command>grpconv</command> sono simili. Per "
+"prima cosa vengono rimosse le voci nel file shadow che non esistono nel file "
+"principale. Quindi vengono aggiornate le voci oscurate che non hanno «x» "
+"come password nel file principale. Vengono aggiunte le eventuali voci "
+"oscurate mancanti. Infine, le password nel file principale vengono "
+"sostituite con «x». Questi programmi possono essere usati per le conversioni "
+"iniziali così come per aggiornare il file oscurato se il file principale "
+"viene modificato a mano."
+
+# type: Plain text
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"<command>pwconv</command> userà i valori <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis> "
+"e <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> da <filename>/etc/login."
+"defs</filename> al momento dell'aggiunta di nuove voci a <filename>/etc/"
+"shadow</filename>."
+
+# type: Plain text
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"Analogamente, <command>pwunconv</command> e <command>grpunconv</command> "
+"sono simili. Le password nel file principale vengono aggiornate dal file "
+"shadow. Voci che esistono nel file principale ma non nel file shadow vengono "
+"lasciate stare. Infine, viene rimosso il file shadow. Alcune informazioni "
+"sull'invecchiamento delle password vengono perse da <command>pwunconv</"
+"command>. Convertirà solo quello che potrà."
+
+# type: Plain text
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Le opzioni che si possono applicare ai comandi <command>pwconv</command>, "
+"<command>pwunconv</command>, <command>grpconv</command> e "
+"<command>grpunconv</command> sono:"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"Errori nel file delle password o dei gruppi (come elementi non validi o "
+"duplicati) possono causare dei cicli infiniti in questi programmi, oppure "
+"degli errori non prevedibili. Eseguire <command>pwck</command> e "
+"<command>grpck</command> per correggere ogni eventuale errore prima di "
+"convertire da o verso password o gruppi shadow."
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"Le seguenti variabili di configurazione in <filename>/etc/login.defs</"
+"filename> influenzano il comportamento di <command>grpconv</command> e "
+"<command>grpunconv</command>:"
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"Le seguenti variabili di configurazione in <filename>/etc/login.defs</"
+"filename> influenzano il comportamento di <command>pwconv</command>:"
+
+# type: Plain text
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+# type: Plain text
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "verifica l'integrità dei file delle password"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+# type: Plain text
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"<command>pwck</command> verifica l'integrità delle informazioni su utenti e "
+"autenticazione del sistema. Ogni voce in <filename>/etc/passwd</filename> e "
+"in <filename>/etc/shadow</filename> <phrase condition=\"tcb\">(o nei file in "
+"<filename>/etc/tcb</filename>, quando <option>USE_TCB<option> è abilitato)</"
+"phrase> viene controllata per verificare che abbia il formato corretto e "
+"dati validi in ciascun campo. Viene richiesto all'utente di rimuovere le "
+"voci che non hanno un formato appropriato o che hanno altri errori "
+"impossibili da correggere."
+
+# type: Plain text
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "Vengono fatti controlli per verificare che ogni voce abbia:"
+
+# type: Plain text
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "il corretto numero di campi"
+
+# type: Plain text
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "un nome utente univoco e valido"
+
+# type: Plain text
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "identificatori validi dell'utente e del gruppo"
+
+# type: Plain text
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "un gruppo primario valido"
+
+# type: Plain text
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "una home directory valida"
+
+# type: Plain text
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "una shell di login valida"
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"Le verifiche sul file <filename>shadow</filename> sono abilitate ogni volta "
+"che si usa un secondo argomento o quanto esiste nel sistema il file "
+"<filename>/etc/shadow</filename>."
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "Le verifiche sono le seguenti:"
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+"ogni elemento del file passwd deve avere un corrispondente elemento in "
+"shadow, e viceversa"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr "le password sono specificate nel file shadow"
+
+# type: Plain text
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "gli elementi di shadow hanno il corretto numero di campi"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "gli elementi di shadow sono unici"
+
+# type: Plain text
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "le date di ultima modifica non sono nel futuro"
+
+# type: Plain text
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+"Gli errori nelle verifiche sul corretto numero di campi e sull'univocità del "
+"nome utente sono irrimediabili. Se una voce ha un numero errato di campi, "
+"all'utente viene chiesto di cancellare l'intera riga; se l'utente non "
+"risponde affermativamente, vengono omessi tutti gli ulteriori controlli. "
+"Viene richiesta la cancellazione anche per le voci aventi il nome utente "
+"duplicato, ma i rimanenti controlli vengono ugualmente effettuati. Tutti gli "
+"altri errori non sono gravi e l'utente è invitato a eseguire il comando "
+"<command>usermod</command> per correggerli."
+
+# type: Plain text
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"I comandi che operano sul file <filename>/etc/passwd</filename> non sono in "
+"grado di modificare voci corrotte o duplicate; in tali circostanze va usato "
+"<command>pwck</command> per rimuovere la voce scorretta."
+
+# type: Plain text
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Le opzioni <option>-r</option> e <option>-s</option> non possono essere "
+"combinate."
+
+# type: Plain text
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr "Il comando <command>pwck</command> accetta le seguenti opzioni:"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+"Riporta solo gli errori. Gli avvisi che non richiedono azioni da parte "
+"dell'utente non sono mostrati."
+
+# type: IP
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+# type: TP
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "Esegue il comando <command>pwck</command> in sola lettura."
+
+# type: IP
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"Ordina gli elementi di <filename>/etc/passwd</filename> e <filename>/etc/"
+"shadow</filename> per UID."
+
+# type: IP
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+"Questa opzione non ha nessun effetto se <option>USE_TCB</option> è abilitato."
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"Come impostazione predefinita, <command>pwck</command> opera sui file "
+"<filename>/etc/passwd</filename> e in <filename>/etc/shadow</"
+"filename><phrase condition=\"tcb\"> (o i file in <filename>/etc/tcb</"
+"filename>)</phrase>. L'utente può selezionare file alternativi con i "
+"parametri <replaceable>passwd</replaceable> e <replaceable>shadow</"
+"replaceable>."
+
+#: pwck.8.xml:243(para)
+#, fuzzy
+#| msgid ""
+#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+#| "alternative <replaceable>shadow</replaceable> file. In future releases, "
+#| "this paramater could be replaced by an alternate TCB directory."
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+"Notare che quando <option>USE_TCB</option> è abilitata, non si può "
+"specificare un file <replaceable>shadow</replaceable> alternativo. In future "
+"versioni questo parametro potrebbe essere sostituito da una directory TCB "
+"alternativa."
+
+# type: Plain text
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "una o più voci di password conengono errori"
+
+# type: Plain text
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "impossibile aprire i file delle password"
+
+# type: Plain text
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "impossibile fare il lock dei file delle password"
+
+# type: Plain text
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "impossibile aggiornare i file delle password"
+
+# type: Plain text
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "impossibile ordinare i file delle password"
+
+# type: TP
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Il comando <command>pwck</command> restituisce i seguenti valori: "
+"<placeholder-1/>"
+
+# type: Plain text
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+# type: Plain text
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr "file delle porte e degli orari d'accesso"
+
+# type: Plain text
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> contiene un elenco di device tty, "
+"nomi utente e orari di accesso permessi."
+
+# type: Plain text
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"Ciascuna voce è composta da tre campi separati da due punti. Il primo è un "
+"elenco di device tty, separati da virgole, oppure un asterisco per indicare "
+"che la voce corrisponde a qualsiasi device. Il secondo campo è un elenco di "
+"nomi utente, separati da virgole, oppure un asterisco per indicare che la "
+"voce corrisponde ad ogni utente. Il terzo campo è un elenco degli orari, "
+"separati da virgole, in cui è consentito l'accesso."
+
+# type: Plain text
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"Un orario di accesso consiste in zero o più giorni della settimana "
+"abbreviati in <emphasis>Mo</emphasis> (lunedì), <emphasis>Tu</emphasis>, "
+"<emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</emphasis>, "
+"<emphasis>Sa</emphasis> e <emphasis>Su</emphasis> (domenica), seguiti da una "
+"coppia di orari, separati da un trattino. L'abbreviazione <emphasis>Wk</"
+"emphasis> rappresenta tutti i giorni da lunedì a venerdì, mentre "
+"<emphasis>Al</emphasis> indica tutti i giorni della settimana. Se non si "
+"specifica alcun giorno, viene usato implicitamente <emphasis>Al</emphasis>."
+
+# type: SH
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "ESEMPI"
+
+# type: Plain text
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"La voce seguente permette l'accesso all'utente <emphasis remap=\"B\">jfh</"
+"emphasis> da qualsiasi porta durante i giorni lavorativi dalle 9 alle 17."
+
+# type: Plain text
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+# type: Plain text
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"Le voci seguenti permettono l'accesso solo agli utenti <emphasis>root</"
+"emphasis> e <emphasis>oper</emphasis> da <filename>/dev/console</filename> a "
+"qualsiasi ora. Qui viene mostrato come il file <filename>/etc/porttime</"
+"filename> sia una lista ordinata di orari d'accesso: ogni altro utente "
+"corrisponderebbe alla seconda voce, che impedisce l'accesso in qualsiasi "
+"orario."
+
+# type: Plain text
+# no-wrap
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+msgstr ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+
+# type: Plain text
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"La voce seguente permette l'accesso all'utente <emphasis>games</emphasis> da "
+"qualsiasi porta durante gli orari non lavorativi."
+
+# type: Plain text
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "File contenente gli accessi alle porte."
+
+# type: Plain text
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "il file delle password"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> contiene una riga per ogni account, con "
+"sette campi delimitati da due punti (<quote>:</quote>). Questi campi sono:"
+
+# type: Plain text
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "password cifrata opzionale"
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "ID utente numerico"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "ID gruppo numerico"
+
+# type: Plain text
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "nome utente o commento"
+
+# type: Plain text
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "directory home utente"
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "interprete dei comandi utente opzionale"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Il campo password cifrata può essere vuoto, nel qual caso non viene "
+"richiesta nessuna password per autenticare lo specifico login. Tuttavia "
+"alcune applicazioni che leggono il file <filename>/etc/passwd</filename> "
+"possono decidere di non permettere <emphasis>nessun</emphasis> accesso se il "
+"campo <emphasis>password</emphasis> è vuoto. Se il campo <emphasis>password</"
+"emphasis> contiene solo una <quote>x</quote> minuscola, la password cifrata "
+"è invece memorizzata nel file <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>; ci <emphasis>deve</"
+"emphasis> essere una riga corrispondente nel file <filename>/etc/shadow</"
+"filename> altrimenti l'account non sarà valido. Se il campo "
+"<emphasis>password</emphasis> ha un qualsiasi altro contenuto allora viene "
+"trattato come password cifrata, come specificato da "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Il campo di commento è utilizzato da vari strumenti di sistema come ad "
+"esempio <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"Il campo directory home fornisce il nome della directory di lavoro iniziale. "
+"Il programma <command>login</command> usa questa informazione per impostare "
+"il valore della variabile d'ambiente <envar>$HOME</envar>."
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"Il campo interprete dei comandi fornisce il nome dell'interprete del "
+"linguaggio utente, o il nome del programma da invocare inizialmente. Il "
+"programma <command>login</command> utilizza questa informazione per "
+"impostare il valore della variabile d'ambiente <envar>$SHELL</envar>. Se "
+"questo campo è vuoto, il valore predefinito è <filename>/bin/sh</filename>."
+
+# type: Plain text
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "file opzionale delle password cifrate"
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "Copia di backup di /etc/passwd."
+
+# type: Plain text
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Plain text
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "cambia la password utente"
+
+# type: Plain text
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"<command>passwd</command> cambia la password per account utente. Un utente "
+"normale può solo cambiare la password per il proprio account, mentre il "
+"super utente può cambiarla per qualsiasi account. <command>passwd</command> "
+"modifica anche l'account o il periodo di validità della password associata."
+
+# type: SS
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Modifiche delle password"
+
+# type: Plain text
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"All'utente viene prima chiesta la propria password attuale, se presente. "
+"Questa password viene cifrata e confrontata con quella memorizzata. "
+"All'utente viene data solo una possibilità di inserire la password corretta. "
+"Il super utente salta questo passo in modo da poter modificare password "
+"dimenticate."
+
+# type: Plain text
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"Dopo che la password è stata inserita, vengono controllati i parametri "
+"dell'invecchiamento delle password per verificare che l'utente possa "
+"modificarla in questo momento. In caso negativo <command>passwd</command> "
+"non fa cambiare la password ed esce."
+
+# type: Plain text
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"All'utente viene quindi chiesto di inserire la nuova password due volte. Le "
+"due password sono confrontate e devono essere uguali affinché la password "
+"venga accettata."
+
+# type: Plain text
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"Quindi viene misurata la complessità della password. In linea di massima le "
+"password dovrebbero contenere dai 6 agli 8 caratteri, includendovi uno o più "
+"caratteri da ciascuno dei seguenti insiemi:"
+
+# type: Plain text
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "lettere minuscole"
+
+# type: Plain text
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "numeri da 0 a 9"
+
+# type: Plain text
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "segni di punteggiatura"
+
+# type: Plain text
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"Si deve fare attenzione a non inserire il carattere di cancellazione o di "
+"kill (azzeramento della riga). <command>passwd</command> non accetta "
+"password non sufficientemente complesse."
+
+# type: SS
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Suggerimenti per password utente"
+
+# type: Plain text
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"La sicurezza di una password dipende dalla forza dell'algoritmo e dalla "
+"dimensione della chiave utilizzata. Il metodo originale di cifratura del "
+"sistema <emphasis>UNIX</emphasis> si basa sull'algoritmo NBS DES. Adesso "
+"sono da preferisi metodi di cifratura più recenti (vedere "
+"<option>ENCRYPT_METHOD</option>). La dimensione della chiave dipende "
+"dall'aleatorietà della password indicata."
+
+# type: Plain text
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"La compromissione di una password avviene normalmente a seguito di incuria "
+"nella scelta o nella gestione della password. Per questo motivo non si "
+"devono utilizzare password che appaiono nei dizionari o che devono essere "
+"scritte. La password non deve essere uno nome proprio, il numero della "
+"patente, la data di nascita o l'indirizzo. Uno qualunque di questi potrebbe "
+"essere indovinato per violare la sicurezza del sistema."
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"Si possono trovare indicazioni su come scegliere una password forte su "
+"http://en.wikipedia.org/wiki/Password_strength"
+
+# type: Plain text
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "Il comando <command>passwd</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Questa opzione può essere utilizzata solo con <option>-S</option> e mostra "
+"lo stato per ogni utente."
+
+# type: IP
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Cancella la password utente (la rende vuota). Questo è un metodo veloce per "
+"disabilitare la password per l'account. Imposta l'account indicato come "
+"senza password."
+
+# type: TP
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Fa scadere subito la password dell'utente. Il che ha l'effetto di forzare un "
+"cambio password al successivo accesso da parte dell'utente."
+
+# type: TP
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INATTIVO</"
+"replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Questa opzione viene utilizzata per disabilitare un account dopo che la "
+"password è scaduta da un certo numero di giorni. Dopo che un account ha una "
+"password che è scaduta da <replaceable>INATTIVO</replaceable> giorni, "
+"l'utente non può più accedere con l'account."
+
+# type: IP
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Indica che il cambio password va effettuato solo per i token (password) di "
+"autenticazione scaduti. L'utente vuole mantenere inalterati i token non "
+"scaduti."
+
+# type: IP
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Blocca la password dell'account indicato. Questa opzione disabilita una "
+"password modificandola in modo che non corrisponda a nessun valore cifrato "
+"(aggiunge un «!» all'inizio della password)."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"Notare che questo non disabilita l'account. L'utente può sempre accedere al "
+"sistema tramite altri token di autenticazione (ad esempio una chiave SSH). "
+"Per disabilitare l'account l'amministratore deve usare <command>usermod --"
+"expiredate 1</command> (che imposta la data di scadenza al 2 gennaio 1970)."
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr "Gli utenti con password bloccata non la possono cambiare."
+
+# type: IP
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;"
+"<replaceable>MIN_GIORNI</replaceable>"
+
+# type: Plain text
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Imposta il numero minimo di giorni tra i cambi di password a "
+"<replaceable>MIN_GIORNI</replaceable>. Un valore pari a zero indica che "
+"l'utente può cambiare la propria password in qualsiasi momento."
+
+# type: IP
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+"cambia la password nel repository <replaceable>REPOSITORY</replaceable>"
+
+# type: IP
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+# type: Plain text
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Visualizza le informazioni sullo stato di un account. Lo stato consiste di 7 "
+"campi. Il primo campo è il nome dell'utente. Il secondo campo indica se "
+"l'account ha una password bloccata (L), non ha password (NP) o ha una "
+"password valida (P). Il terzo campo contiene la data di ultima modifica "
+"della password. I successivi quattro campi sono l'età minima, la massima, il "
+"periodo di avviso e quello di inattività. Queste età sono espresse in giorni."
+
+# type: IP
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Sblocca la password dell'account indicato. Questa opzione riabilita la "
+"password riportandola al suo valore precedente (il valore che c'era prima di "
+"usare l'opzione <option>-l</option>)."
+
+# type: IP
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>AVVISO_GIORNI</replaceable>"
+
+# type: Plain text
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"Imposta il numero di giorni di preavviso prima che sia obbligatorio cambiare "
+"la password. L'opzione <replaceable>AVVISO_GIORNI</replaceable> indica il "
+"numero di giorni precedenti alla scadenza della password durante i quali "
+"l'utente viene avvertito dell'imminente scadenza."
+
+# type: IP
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;"
+"<replaceable>MAX_GIORNI</replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"Imposta il massimo numero di giorni che una password rimane valida. Dopo "
+"<replaceable>MAX_GIORNI</replaceable> viene richiesto di cambiare la "
+"password."
+
+# type: Plain text
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"Il controllo della complessità delle password varia da sistema a sistema. "
+"All'utente è caldamente consigliato si utilizzare una password che ritenga "
+"sufficientemente complessa."
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"Gli utenti possono non essere in grado di cambiare la propria password se "
+"NIS è abilitato ed essi non sono collegati al server NIS."
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+"<command>passwd</command> utilizza PAM per autenticare gli utenti e per "
+"cambiare le loro password."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (testo)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+"Definisce l'algoritmo di cifratura predefinito per le password (se non ne "
+"viene specificato uno a riga di comando)."
+
+# type: IP
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Può avere uno dei seguenti valori: <replaceable>DES</replaceable> "
+"(predefinito), <replaceable>MD5</replaceable><phrase condition=\"sha_crypt"
+"\">, <replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+"Nota: questo parametro ha la precedenza sulla variabile "
+"<option>MD5_CRYPT_ENAB</option>."
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"Nota: questo ha effetto solo sulla generazione delle password di gruppo. La "
+"generazione delle password utente avviene tramite PAM ed è soggetta alla "
+"configurazione PAM. È raccomandato di impostare questa variabile in maniera "
+"consistente con la configurazione PAM."
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (booleano)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"Indica se le password vanno cifrate usando l'algoritmo basato su MD5. Se "
+"impostato a <replaceable>yes</replaceable> le nuove password saranno cifrate "
+"usando un algoritmo basato su MD5 e compatibile con quello delle versioni "
+"più recenti di FreeBSD. Supporta password di lunghezza qualsiasi e testi "
+"«salt» più lunghi. Impostare a <replaceable>no</replaceable> se si devono "
+"copiare password su altri sistemi che non gestiscono l'algoritmo. Il valore "
+"predefinito è <replaceable>no</replaceable>."
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"Questa variabile ha meno priorità della variabile <option>ENCRYPT_METHOD</"
+"option> e di qualsiasi opzione a riga di comando che imposta un algoritmo di "
+"cifratura."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+"Questa variabile non è più usata. Si dovrebbe utilizzare "
+"<option>ENCRYPT_METHOD</option>."
+
+# type: IP
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (booleano)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr "Abilita controlli addizionali durante il cambio password."
+
+# type: IP
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (booleano)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"Avvisa riguardo password deboli (anche se le permette egualmente) se si è "
+"root."
+
+# type: IP
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (numerico)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr "Massimo numero di tentativi per cambiare una password (troppo facile)."
+
+# type: IP
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (numerico)"
+
+# type: IP
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (numerico)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"Numero di caratteri significativi della password per crypt(). "
+"<option>PASS_MAX_LEN</option> è normalmente 8. Da non cambiare a meno che la "
+"propria crypt() sia migliore. Questo viene ignorato se "
+"<option>MD5_CRYPT_ENAB</option> è impostata a <replaceable>yes</replaceable>."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (numerico)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (numerico)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"Quando <option>ENCRYPT_METHOD</option> vale <replaceable>SHA256</"
+"replaceable> o <replaceable>SHA512</replaceable>, questo definisce il numero "
+"di cicli SHA usati per l'algoritmo di cifratura (quando il numero di cicli "
+"non è impostato a riga di comando)."
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"Con molti cicli è più difficile trovare una password usando la forza bruta. "
+"Ma va notato che è richiesta maggiore potenza di calcolo per autenticare gli "
+"utenti."
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr "Se non specificato sarà la libc a scegliere il numero di cicli (5000)."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr "Il valore deve essere compreso tra 1.000 e 999.999.999."
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"Se viene impostato solo uno tra <option>SHA_CRYPT_MIN_ROUNDS</option> e "
+"<option>SHA_CRYPT_MAX_ROUNDS</option>, allora l'unico valore viene "
+"utilizzato."
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"Se <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, allora viene utilizzato il maggiore."
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+# type: Plain text
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "configurazione PAM per <command>passwd</command>."
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "permesso negato"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "combinazione di opzioni non valida"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "errore non previsto, nulla di fatto"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "errore non previsto, file <filename>passwd</filename> mancante"
+
+# type: TP
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr "file <filename>passwd</filename> occupato, provare di nuovo"
+
+# type: TP
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "Il comando <command>passwd</command> restituisce i seguenti valori:"
+
+# type: Plain text
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "rifiuta gentilmente l'accesso"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"Il comando <command>nologin</command> mostra un messaggio che indica che "
+"l'account non è disponibile ed esce con codice d'errore non zero. È stato "
+"pensato come sostituto del campo shell per account che sono stati "
+"disabilitati."
+
+# type: Plain text
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"Per diabilitare tutti gli accessi vedere "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+# type: Plain text
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "CRONOLOGIA"
+
+# type: TP
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "Il comando <command>nologin</command> è apparso in BSD 4.4."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "aggiorna e crea nuovi utenti in blocco"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "file"
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"Il comando <command>newusers</command> legge un <replaceable>file</"
+"replaceable> (o il proprio standard input) e utilizza queste informazioni "
+"per aggiornare l'insieme di utenti già esistenti oppure per crearne di "
+"nuovi. Ogni riga è nello stesso formato del file standard passwd (vedere "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) con le seguenti eccezioni:"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "Il nome dell'utente."
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "It can be the name of a new user or the name of an existing user (or an "
+#| "user created before by <command>newusers</command>). In case of an "
+#| "existing user, the user's information will be changed, otherwise a new "
+#| "user will be created."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Può essere il nome di un nuovo utente o di uno già esistente (o uno creato "
+"precedentemente da <command>newusers</command>). Nel caso di utente già "
+"esistente le informazioni sull'utente verranno aggiornate, altrimenti verrà "
+"creato un nuovo utente."
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Questo campo verrà cifrato e utilizzato come nuovo valore per la password "
+"cifrata."
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr "pw_uid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Definisce l'UID dell'utente."
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"Se il campo è vuoto, verrà generato automaticamente un nuovo UID (non "
+"utilizzato) da parte di <command>newusers</command>."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr "Se questo campo contiene un numero, verrà utilizzato come UID."
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"Se questo campo contiene il nome di un utente già esistente (o il nome di un "
+"utente creato precedentemente da <command>newusers</command>), verrà "
+"utilizzato l'UID dell'utente specificato."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"Se viene cambiato l'UID di un utente esistente, la proprietà dei file di "
+"proprietà dell'utente stesso andrà cambiata manualmente."
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr "Definisce il l'ID del gruppo primario dell'utente."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"Se questo campo contiene il nome di un gruppo esistente (o un gruppo creato "
+"in precedenza da <command>newusers</command>), verrà utilizzato come ID del "
+"gruppo primario di questo utente il GID del gruppo stesso."
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"Se questo campo è numerico, questo numero verrà utilizzato come ID del "
+"gruppo primario dell'utente. Se non esiste nessun gruppo con quel GID, ne "
+"viene creato uno con il nome dell'utente e il GID specificato."
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"Se questo campo è vuoto verrà creato un nuovo gruppo con lo stesso nome "
+"dell'utente e con un GID determinato automaticamente da <command>newusers</"
+"command> da utilizzare come ID del gruppo primario dell'utente e come GID "
+"del nuovo gruppo."
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"Se questo campo contiene il nome di un gruppo che non esiste (e non è stato "
+"creato precedentemente da <command>newusers</command>), verrà creato un "
+"nuovo gruppo con il nome specificato e un GID determinato automaticamente da "
+"<command>newusers</command> perché sia utilizzato come ID del gruppo "
+"primario dell'utente e come GID per il nuovo gruppo."
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Questo campo viene copiato nel campo GECOS dell'utente."
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr "Questo campo è utilizzato per impostare la directory home dell'utente."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"Se questo campo non contiene il nome di una directory esistente la directory "
+"viene creata, assegnandone la proprietà all'utente che si sta definendo o "
+"aggiornando e al suo gruppo primario."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"Se si modifica la directory home di un utente esistente, <command>newusers</"
+"command> non sposta o copia il contenuto della vecchia directory nella "
+"nuova. Questo va fatto manualmente."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"Questo campo definisce la shell dell'utente. Su questo campo non viene fatto "
+"nessun controllo."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"<command>newusers</command> prova prima a creare o modificare tutti gli "
+"utenti specificati e poi scrive tutte le modifiche sui database utente e "
+"gruppi. Se c'è un errore (eccetto sulla scrittura finale dei database) "
+"nessuna modifica viene scritta sui database."
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+"Durante il primo passaggio gli utenti vengono creati con la password "
+"bloccata (e le password non sono modificate nel caso di utenti che non sono "
+"creati). Un secondo passaggio si occupa di aggiornare tutte le password "
+"usando PAM. I problemi durante l'aggiornamento delle password sono "
+"riportati, ma non interrompono la modifica delle altre password."
+
+# type: Plain text
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Questo comando è appositamente pensato per grossi sistemi nei quali molti "
+"account sono aggiornati allo stesso tempo."
+
+# type: TP
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "Il comando <command>newusers</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "Utilizza il metodo specificato per cifrare le password."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"I metodi disponibili sono DES, MD5, NONE e SHA256 o SHA512 se la propria "
+"libc lo consente."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Gli utenti di sistema sono creati senza informazioni riguardo la scadenza "
+"della password in <filename>/etc/shadow</filename> e il loro identificativo "
+"numerico è scelto nell'intervallo <option>SYS_UID_MIN</option>-"
+"<option>SYS_UID_MAX</option> definito nel file <filename>login.defs</"
+"filename>, anziché dell'intervallo <option>UID_MIN</option>-<option>UID_MAX</"
+"option> (e la loro controparte <option>GID</option> per la creazione dei "
+"gruppi)."
+
+# type: IP
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "Usa il numero specificato di cicli per cifrare la password."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"Il valore 0 indica che il sistema utilizzerà il numero predefinito di cicli "
+"per il metodo crypt (5000)."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr "I valori minimo di 1.000 e massimo di 999.999.999 sono forzati."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Si può utilizzare questa opzione solo con i metodi di cifratura SHA256 o "
+"SHA512."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Il numero di cicli predefinito è impostato con le variabili "
+"SHA_CRYPT_MIN_ROUNDS e SHA_CRYPT_MAX_ROUNDS nel file <filename>/etc/login."
+"defs</filename>."
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Il file di input deve essere protetto poiché contiene password non cifrate."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Ci si deve accertare che le password e il metodo di cifratura rispettino le "
+"norme delle password del sistema."
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "Configurazione PAM per <command>newusers</command>."
+
+# type: Plain text
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+# type: Plain text
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "effettua l'accesso a un nuovo gruppo"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "gruppo"
+
+# type: Plain text
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"<command>newgrp</command> permette di cambiare il proprio ID di gruppo "
+"durante una sessione di login. Se viene specificato <option>-</option>, "
+"l'ambiente dell'utente viene reinizializzato come se l'utente stesse "
+"effettuando il login, altrimenti l'ambiente non viene modificato e la "
+"directory corrente non viene cambiata."
+
+# type: Plain text
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+"<command>newgrp</command> cambia l'ID di gruppo attuale reale in base al "
+"gruppo passato come argomento oppure, se non si passa nessun argomento, al "
+"gruppo predefinito nel file <filename>/etc/passwd</filename>. "
+"<command>newgrp</command> cerca anche di inserire il gruppo tra quelli "
+"dell'utente. Se non si tratta di root, all'utente viene chiesta una password "
+"nel caso che il gruppo lo richieda e l'utente non ne abbia (né in <filename>/"
+"etc/shadow</filename> se l'utente è definito anche lì, né in <filename>/etc/"
+"passwd</filename> altrimenti), oppure se l'utente non è elencato tra i "
+"membri del gruppo e il gruppo ha una password. Viene negato l'accesso "
+"all'utente nel caso che la password del gruppo sia vuota e l'utente non ne "
+"faccia parte."
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+"Se c'è una voce per questo gruppo nel file <filename>/etc/gshadow</"
+"filename>, allora l'elenco dei membri e la password di questo gruppo sono "
+"presi da questo file, altrimenti verrà presa la voce da <filename>/etc/"
+"group</filename>."
+
+# type: Plain text
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+# type: Plain text
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "impone le limitazioni sugli orari d'accesso"
+
+# type: Plain text
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"<command>logoutd</command> fa rispettare le limitazioni sugli orari e sulle "
+"porte di accesso specificate in <filename>/etc/porttime</filename>. "
+"<command>logoutd</command> andrebbe avviato da <filename>/etc/rc</filename>. "
+"Il file <filename>/var/run/utmp</filename> viene controllato periodicamente "
+"per verificare che a ciascun utente sia consentito l'accesso da quella "
+"determinata porta e all'orario attuale. Ogni sessione di login che stia "
+"violando le limitazioni in <filename>/etc/porttime</filename> viene "
+"terminata."
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+# type: Plain text
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Elenco delle sessioni attive."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+# type: Plain text
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "configurazione del pacchetto password shadow"
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+"Il file <filename>/etc/login.defs</filename> contiene la configurazione "
+"specifica per questo sistema relativa al pacchetto password shadow. Questo "
+"file è obbligatorio. La sua assenza non bloccerà l'utilizzo del sistema, ma "
+"probabilmente sarà causa di risultati non desiderati."
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Questo file è un file di testo leggibile nel quale ogni riga descrive un "
+"parametro di configurazione. Le righe consistono di una coppia nome valore "
+"separati da spazi. Le righe vuote e di commento sono ignorate. I commenti "
+"iniziano con con il simbolo \"#\" che deve essere il primo carattere diverso "
+"da spazio della riga."
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+"I valori dei parametri possono essere di quattro tipi: testo, booleano, "
+"numerico e numerico lungo. Un testo può contenere qualsiasi carattere "
+"stampabile. Un booleano dovrebbe essere uno tra <replaceable>yes</"
+"replaceable> e <replaceable>no</replaceable>. Un parametro dal valore "
+"booleano non definito oppure uno che ha un valore diverso da quelli permessi "
+"verrà equiparato al valore <replaceable>no</replaceable>. I numerici (sia "
+"normali che lunghi) possono essere decimali, ottali (preceduti da "
+"<replaceable>0</replaceable>) o esadecimali (preceduti da <replaceable>0x</"
+"replaceable>). Il valore massimo dei numerici normali e lunghi è dipendente "
+"dalla macchina."
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Sono forniti i seguenti parametri di configurazione:"
+
+# type: IP
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (booleano)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"Se <replaceable>yes</replaceable>, il programma <command>chfn</command> "
+"richiederà l'autenticazione prima di apportare qualsiasi modifica, a meno "
+"che non sia eseguito dal super utente."
+
+# type: IP
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (testo)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+"Questo parametro specifica quali valori del campo <emphasis remap=\"I"
+"\">gecos</emphasis> del file <filename>/etc/passwd</filename> possono essere "
+"cambiati da utenti normali usando il programma <command>chfn</command>. Può "
+"essere una combinazione qualsiasi delle lettere <replaceable>f</"
+"replaceable>, <replaceable>r</replaceable>, <replaceable>w</replaceable>, "
+"<replaceable>h</replaceable> per «Nome completo (f)», «Numero stanza (r)», "
+"«Telefono di lavoro (w)» e «Telefono di casa (h)». Per compatibilità con "
+"precedenti versioni, <replaceable>yes</replaceable> è quivalente a "
+"<replaceable>rwh</replaceable> e <replaceable>no</replaceable> è equivalente "
+"a <replaceable>frwh</replaceable>. Se non specificato, solo il super utente "
+"può effettuare modifiche. Le impostazioni più stringenti si ottengono "
+"installando <command>chfn</command> non SUID."
+
+# type: IP
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (booleano)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"Se <replaceable>yes</replaceable>, il comando <command>chsh</command> "
+"richiederà l'autenticazione prima di apportare qualsiasi modifica, a meno "
+"che sia utilizzato dal super utente."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (numerico)"
+
+# type: Plain text
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Carattere ERASE del terminale (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = Canc)."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+"Il valore deve avere il prefisso «0» se in ottale, o «0x» se esadecimale."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (numerico)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+"Numero di secondi prima che venga concesso un ulteriore tentativo dopo un "
+"accesso fallito."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (booleano)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+"Abilita la memorizzazione e mostra le informazioni sugli accessi falliti "
+"contenute in <filename>/var/log/faillog</filename>."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"Se impostato, <command>login</command> eseguirà questa shell al posto di "
+"quella utente specificata in <filename>/etc/passwd</filename>."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+"Se impostato, gli accessi falliti verranno tracciati in questo file nel "
+"formato utmp."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+"Se definito, questo file inibisce quanto stampato durante l'accesso. Se "
+"viene specificato un percorso completo, la modalità silenziosa (hushed) "
+"viene attivata se in quel file è presente il nome dell'utente o della shell "
+"dell'utente. Se il percorso non è completo, allora la modalità silenziosa "
+"viene attivata se quel file è presente nella directory home dell'utente."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr "Se definito, il file verrà mostrato prima del prompt di login."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (numerico)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+"Il carattere da usare sul terminale per cancellare l'intera riga "
+"(<replaceable>025</replaceable> = CTRL-U)"
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (booleano)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+"Abilita la memorizzazione e la stampa delle informazioni sulle date degli "
+"ultimi accessi in /var/log/lastlog."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (booleano)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "Abilita la tracciatura degli accessi avvenuti con successo."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (booleano)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+"Abilita l'inclusione dei nomi utente sconosciuti quando si registrano gli "
+"accessi falliti."
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Nota: memorizzare i nomi sconosciuti potrebbe diventare un problema legato "
+"alla sicurezza se un utente inserisce la propria password al posto del nome "
+"utente."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (numerico)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr "Massimo numero di tentativi di accesso per password errata."
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"Questa impostazione verrà probabilmente superata da quella di PAM poiché il "
+"modulo predefinito pam_unix ha una sua gestione con 3 tentativi. In ogni "
+"caso questa è una impostazione di sicurezza nel caso in cui si utilizzi un "
+"modulo PAM che ignora PAM_MAXTRIES."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (numerico)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "Numero massimo di secondi per l'accesso."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+"Se definito è una lista di nomi di file con «messaggi del giorno» separati "
+"da «:» che vengono mostrati subito dopo l'accesso."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+"Se definito è il nome di un file che impedisce l'accesso degli utenti non "
+"root. Il suo contenuto dovrebbe essere un messaggio che indica il motivo per "
+"il quale l'accesso è impedito."
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> e "
+"<option>PASS_WARN_AGE</option> sono utilizzate solo al momento della "
+"creazione dell'account. Qualsiasi cambiamento di queste impostazioni non "
+"modifica gli account preesistenti."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (booleano)"
+
+# type: Plain text
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+"Abilita la verifica delle restrizioni temporali specificate in <filename>/"
+"etc/porttime</filename>."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (testo)"
+
+# type: IP
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (testo)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+"I permessi del terminale: il tty usato per l'accesso sarà di proprietà del "
+"gruppo <option>TTYGROUP</option> e avrà permessi impostati a "
+"<option>TTYPERM</option>."
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"In maniera predefinita la proprietà del terminale sarà impostata al gruppo "
+"primario dell'utente, mentre i permessi saranno <replaceable>0600</"
+"replaceable>."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+"<option>TTYGROUP</option> può essere il nome del gruppo o il suo "
+"identificativo numerico."
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+"Se si ha il comando <command>write</command> che è «setgid» e ha un gruppo "
+"speciale che possiede i terminali, definire TTYGROUP con lo stesso gruppo e "
+"TTYPERM a 0620. Altrimenti lasciare TTYGROUP commentato e assegnare TTYPERM "
+"a 622 o 600."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+"Se definito si tratta di un file che mappa le linee tty nella variabile "
+"d'ambiente TERM. Ogni riga del file è in un formato tipo «vt100 tty01»."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (numerico)"
+
+# type: Plain text
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "Valore <command>ulimit</command> predefinito."
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "RIFERIMENTI INCROCIATI"
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"I seguenti riferimenti incrociati mostrano quali programmi del pacchetto "
+"shadow password utilizzano quali parametri."
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN "
+"UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK "
+"USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"\"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB "
+"<phrase condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+# type: Plain text
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"Molte delle funzionalità che erano fornite dal pacchetto password shadow "
+"sono adesso gestite da PAM. Quindi <filename>/etc/login.defs</filename> non "
+"è più utilizzato da <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, e meno usato da "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> e <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>. Vedere la corrispondente configurazione di PAM."
+
+# type: Plain text
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "tabella di controllo accessi"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+"Il file <emphasis remap=\"I\">login.access</emphasis> specifica le "
+"combinazioni (utente, macchina) e/o (utente, terminale) per le quali un "
+"accesso sia accettato o rifiutato."
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+"Quando avviene un accesso, il file <emphasis remap=\\\"I\\\">login.access</"
+"emphasis> viene scorso alla ricerca della prima combinazione (utente, "
+"macchina) oppure, in caso di accesso in locale, la prima combinazione "
+"(utente, terminale). Il campo per l'autorizzazione di quanto ritrovato "
+"determina se l'utente può o meno accedere."
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"Ogni riga della tabella di controllo degli accessi ha tre campi separati dal "
+"carattere «:»:"
+
+# type: Plain text
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">permesso</emphasis>:<emphasis remap=\"I\">utenti</"
+"emphasis>:<emphasis remap=\"I\">origini</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+"Il primo campo dovrebbe essere il carattere «<emphasis>+</"
+"emphasis>» (accesso concesso) o «<emphasis>-</emphasis>» (accesso negato). "
+"Il secondo campo dovrebbe essere un elenco di nomi utente o gruppi oppure "
+"<emphasis>ALL</emphasis> (sempre vero). Il terzo campo dovrebbe essere una "
+"lista di uno o più nomi di terminale (per accesso locale), nomi di macchina, "
+"nomi di dominio (con il carattere «<literal>.</literal>» all'inizio), "
+"indirizzi di macchina, numeri di rete internet (termina con il carattere "
+"«<literal>.</literal>»), <emphasis>ALL</emphasis> (sempre vero) oppure "
+"<emphasis>LOCAL</emphasis> (corrisponde a ogni testo che non contenga il "
+"carattere «<literal>.</literal>»). Se si usa NIS si può usare @nomenetgroup "
+"come nome macchina o utente."
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+"L'operatore <emphasis>EXCEPT</emphasis> permette di scrivere regole molto "
+"compatte."
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+"La ricerca nel file dei gruppi avviene solo quando il nome non corrisponde a "
+"quello dell'utente che accede. I gruppi che possono corrispondere sono solo "
+"quelli nei quali l'utente è esplicitamente elencato: il programma non "
+"controlla l'id del gruppo primario dell'utente."
+
+# type: Plain text
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "apre una sessione sul sistema"
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "macchina"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+# type: Plain text
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+"<command>login</command> viene utilizzato per aprire una sessione sul "
+"sistema. Normalmente viene invocato automaticamente rispondendo al prompt "
+"<emphasis remap=\"I\">login:</emphasis> del terminale. <command>login</"
+"command> può essere trattato in maniera speciale dalla shell e non può "
+"essere invocato come sottoprocesso. Quando è richiamato dalla shell, "
+"<command>login</command> va invocato come <emphasis remap=\"B\">exec login</"
+"emphasis> che termina la shell utente attuale (il che impedirà al nuovo "
+"utente che accede, di poter ritornare alla sessione del chiamante). Il "
+"tentativo di esecuzione di <command>login</command> da una shell che non sia "
+"quella di login produce un messaggio d'errore."
+
+# type: Plain text
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+"Se necessario viene quindi chiesta la password all'utente. Durante questa "
+"operazione l'eco sul terminale è disabilitata per non rivelare la password. "
+"Solo un basso numero di tentativi falliti è permesso prima che "
+"<command>login</command> termini e che la connessione sia interrotta."
+
+# type: Plain text
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+"Se la scadenza delle password è abilitata per il proprio account, prima di "
+"proseguire ci può essere la richiesta di una nuova password. Il programma "
+"chiederà prima la vecchia password e poi la nuova per poter continuare. Per "
+"maggiori informazioni si faccia riferimento a "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+"Dopo aver completato correttamente l'accesso, vengono mostrati eventuali "
+"messaggi di sistema e si viene informati della presenza di nuova posta. Si "
+"può evitare di visualizzare i messaggi in <filename>/etc/motd</filename> "
+"creando un file vuoto chiamato <filename>.hushlogin</filename> nella propria "
+"directory di login. Il messaggio relativo alla presenza di posta è "
+"«<emphasis>C'è nuova posta.</emphasis>», «<emphasis>C'è posta.</emphasis>» o "
+"«<emphasis>Nessun messaggio di posta.</emphasis>» a seconda dello stato "
+"della propria casella di posta."
+
+# type: Plain text
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+"I propri ID di utente e gruppo vengono poi impostati in base ai valori "
+"definiti nel file <filename>/etc/passwd</filename>. I valori di <envar>"
+"$HOME</envar>, <envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</"
+"envar> e <envar>$MAIL</envar> sono impostati in base ai campi appropriati "
+"nella voce della password. Anche i valori per ulimit, umask e nice possono "
+"essere impostati in base al campo GECOS."
+
+# type: Plain text
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+"In alcune installazioni la variabile d'ambiente <envar>$TERM</envar> può "
+"essere impostata in base al tipo di terminale della propria connessione, "
+"come specificato in <filename>/etc/ttytype</filename>."
+
+# type: Plain text
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"Può anche essere eseguito uno script di inizializzazione per il proprio "
+"interprete dei comandi. Fare riferimento alla relativa sezione di manuale "
+"per maggiori informazioni su questa funzione."
+
+# type: Plain text
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+"Il programma <command>login</command> NON è responsabile di rimuovere gli "
+"utenti dal file utmp. La correzione del proprietario di una sessione di "
+"terminale è responsabilità di <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> e "
+"<citerefentry><refentrytitle>init</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>. Se si usa <command>login</command> senza <command>exec</"
+"command> dal prompt della shell, allora l'utente che si sta usando risulterà "
+"sempre connesso al sistema anche oltre il termine della «sottosessione»."
+
+# type: Plain text
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "Non effettua l'autenticazione, l'utente è già autenticato"
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+"Nota: in questo caso <replaceable>username</replaceable> è obbligatorio."
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+# type: Plain text
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Nome dell'host remoto per questo login."
+
+# type: Plain text
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Non modifica l'ambiente."
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+# type: Plain text
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "Attiva il protocollo autologin di rlogin."
+
+# type: Plain text
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Le opzioni <option>-r</option>, <option>-h</option> e <option>-f</option> "
+"possono essere utilizzate solo quando <command>login</command> viene "
+"invocato da root."
+
+# type: Plain text
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Questa versione di <command>login</command> ha molte opzioni di "
+"compilazione; in un determinato sistema potrebbe esserne in uso solo una "
+"parte."
+
+# type: Plain text
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+"La posizione dei file è soggetta a differenze in base alla configurazione "
+"del sistema."
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+"Come per ogni programma, l'aspetto di <command>login</command> può essere "
+"simulata. Se utenti non fidati hanno accesso fisico alla macchina, essi "
+"potrebbero sfruttare questa cosa per ottenere la password della prossima "
+"persona che si siede davanti al terminale. In Linux si può utilizzare il "
+"meccanismo SAK per iniziare un percorso sicuro che previene questo tipo di "
+"attacchi."
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+# type: Plain text
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Elenco delle precedenti sessioni di login."
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "File di sistema con il messaggio del giorno."
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+# type: Plain text
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "Impedisce l'accesso al sistema per utenti diversi da root."
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+# type: Plain text
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "Elenco di tipi di terminale."
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+# type: Plain text
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "Impedisce che vengano mostrati i messaggi di sistema."
+
+# type: Plain text
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "definizione dei limiti di risorsa"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+"Il file <emphasis remap=\"I\">limits</emphasis> (<filename>/etc/limits</"
+"filename> o quanto definito da LIMITS_FILE in <filename>config.h</filename>) "
+"descrive i limiti di risorsa che si vuole imporre. Deve essere di proprietà "
+"di root e leggibile solo dall'account root."
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+"In maniera predefinita non c'è nessun limite alla quota di «root». In "
+"effetti non c'è nessun modo per imporre una quota massima tramite questa "
+"procedura agli account equivalenti a root (cioè tutti quelli con UID 0)."
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr "Ogni riga descrive un limite per l'utente in questo formato:"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "utente TESTO_LIMITE"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "oppure nel formato:"
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@gruppo TESTO_LIMITE"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"Dove <emphasis>TESTO_LIMITE</emphasis> è un testo dato dalla concatenazione "
+"di vari limiti di risorsa. Ogni limite consiste di una lettera "
+"identificativa seguita dal limite numerico."
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "Gli identificatori validi sono:"
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A: spazio massimo di indirizzamento (kB)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr "C: dimensione massima dei file «core» (kB)"
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D: spazio massimo per i dati (kB)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F: dimensione massima di file (kB)"
+
+# type: Plain text
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K: maschera dei permessi per i file creati, impostata da "
+"<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></"
+"citerefentry>."
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr "I: massimo valore di «nice» (0..39 che viene tradotto in 20..-19)"
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L: massimo numero di accessi per questo utente"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+"M: massima quantità di memoria bloccata (della quale non si può fare «swap») "
+"(kB)"
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N: numero massimo di file aperti"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O: massima priorità «real time»"
+
+# type: Plain text
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P: priorità di processo, impostata con "
+"<citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr "R: massimo «resident set size» (kB)"
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S: dimensione massima della pila (kB)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T: quantità massima di tempo CPU (MIN)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U: massimo numero di processi"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"Ad esempio, <emphasis remap=\"I\">L2D2048N5</emphasis> è uno testo valido "
+"per <emphasis>TESTO_LIMITE</emphasis>. Per sempicità di lettura le seguenti "
+"scritture sono equivalenti:"
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+msgstr ""
+"\n"
+" nomeutente L2D2048N5\n"
+" nomeutente L2 D2048 N5\n"
+" "
+
+#: limits.5.xml:145(para)
+#, fuzzy
+#| msgid ""
+#| "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+#| "the line is considered a limit string, thus comments are not allowed. A "
+#| "invalid limits string will be rejected (not considered) by the "
+#| "<command>login</command> program."
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+"Notare che dopo <emphasis remap=\"I\">nomeutente</emphasis> il resto della "
+"riga è considerato il testo del limite, quindi non sono ammessi commenti a "
+"fine riga. Un testo limite non valido verrà ignorato dal programma "
+"<command>login</command>."
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+"L'impostazione predefinita è quella che ha come nome utente «<emphasis>*</"
+"emphasis>». Se si hanno varie righe <emphasis remap=\"I\">predefinite</"
+"emphasis> nel file <emphasis>LIMITS_FILE</emphasis> verrà utilizzata solo "
+"l'ultima."
+
+# type: Plain text
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"I limiti specificati nella forma «<replaceable>@gruppo</replaceable>» si "
+"applicano ai membri del <replaceable>gruppo</replaceable> specificato."
+
+#: limits.5.xml:165(para)
+#, fuzzy
+#| msgid ""
+#| "If more than one line with limits for an user exist, only the first line "
+#| "for this user will be considered."
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"Se ci sono più righe per lo stesso utente nel file limits, allora solo la "
+"prima verrà considerata."
+
+#: limits.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "If no lines are specified for an user, the last <replaceable>@group</"
+#| "replaceable> line matching a group whose the user is a member of will be "
+#| "considered, or the last line with default limits if no groups contain the "
+#| "user."
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+"Se non ci sono righe specifiche per un utente, verrà presa l'ultima riga "
+"<replaceable>@group</replaceable> relativa ad un gruppo del quale l'utente è "
+"membro, oppure l'ultima riga con limiti predefiniti se non si trova nessuna "
+"riga con gruppi dell'utente."
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+"Per eliminare completamente l'impostazione di limiti per un certo utente, si "
+"può utilizzare «<emphasis>-</emphasis>»."
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+"Per disabilitare i limiti per un utente, un singolo trattino «<replaceable>-"
+"</replaceable>» può essere utilizzato al posto del valore numerico del "
+"limite."
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+"Notare inoltre che tutte queste impostazioni sono effettuate ad ogni "
+"accesso. Non si tratta di impostazioni globali né permanenti. Forse limiti "
+"globali saranno possibili in futuro, ma per ora devono bastare questi ;)"
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+# type: Plain text
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+"riepiloga gli accessi più recenti di tutti gli utenti o dell'utente dato"
+
+# type: Plain text
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"<command>lastlog</command> formatta e mostra il log degli ultimi accessi, "
+"contenuto nel file <filename>/var/log/lastlog</filename>. Le informazioni "
+"mostrate sono il <emphasis>nome utente</emphasis>, la <emphasis>porta</"
+"emphasis> e la <emphasis>data dell'ultimo accesso</emphasis>. Il "
+"comportamento predefinito (nessuna opzione specificata) è di mostrare i "
+"record di ultimo accesso per tutti gli utenti, nell'ordine in cui compaiono "
+"in <filename>/etc/passwd</filename>."
+
+# type: TP
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr "Il comando <command>lastlog</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>GIORNI</"
+"replaceable>"
+
+# type: Plain text
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"Mostra solo i record di ultimo accesso più vecchi di <emphasis remap=\"I"
+"\">GIORNI</emphasis> giorni."
+
+# type: IP
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+# type: IP
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "This option is only valid in combination with the <option>-d</option> (or "
+#| "<option>--home</option>) option."
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+"Questa opzione è valida solo in combinazioone con l'opzione <option>-d</"
+"option> (o <option>--home</option>)."
+
+# type: IP
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+# type: IP
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>GIORNI</"
+"replaceable>"
+
+# type: Plain text
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"Mostra solo i record di ultimo accesso più recenti di <emphasis remap=\"I"
+"\">GIORNI</emphasis>."
+
+# type: IP
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLO</replaceable>"
+
+# type: Plain text
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr ""
+"Mostra il record di ultimo accesso per l'utente o gli utenti specificati da "
+"<emphasis remap=\"I\">LOGIN</emphasis>."
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+"Gli utenti possono essere specificati utilizzando il loro nome oppure l'ID "
+"numerico o tramite un <replaceable>INTERVALLO</replaceable> di utenti. "
+"Questo <replaceable>INTERVALLO</replaceable> di utenti ha tre forme: tra "
+"minimo e massimo (<replaceable>UID_MIN-UID_MAX</replaceable>), fino ad un "
+"valore massimo (<replaceable>-UID_MAX</replaceable>) o da un valore minimo "
+"(<replaceable>UID_MIN-</replaceable>)."
+
+# type: Plain text
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"Se l'utente non ha mai effettuato accessi al sistema viene mostrato, al "
+"posto della porta e della data, il messaggio «<emphasis>**Nessun accesso "
+"effettuato**</emphasis>»."
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+"Solo le registrazioni degli utenti correnti del sistema verranno mostrate. "
+"Ci potrebbero essere altre registrazioni per utenti cancellati in precedenza."
+
+# type: SH
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "NOTA"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Il file <filename>lastlog</filename> è un database che contiene informazioni "
+"sull'ultimo accesso di ogni utente. Non deve essere ruotato. Si tratta di un "
+"file «sparse», quindi la sua dimensione è minore di quanto normalmente "
+"mostrato da «<command>ls -l</command>» (che potrebbe indicare una dimensione "
+"veramente grande se si hanno utenti con grandi UID in <filename>passwd</"
+"filename>). Si può vedere la dimensione effettiva con «<command>ls -s</"
+"command>»."
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "Database degli orari dei precedenti accessi utente."
+
+# type: Plain text
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"Se ci sono dei grossi scarti tra i valori di UID, il programma lastlog può "
+"restare in esecuzione per un tempo prolungato senza produrre output sullo "
+"schermo (ad es. se nel database lastlog non ci sono registrazioni per UID "
+"tra 170 e 800, il programma sembrerà bloccato mentre esamina gli UID tra 171 "
+"e 799)."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+# type: Plain text
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "file shadow per i gruppi"
+
+# type: Plain text
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"<emphasis>/etc/gshadow</emphasis> contiene le informazioni shadow sugli "
+"account di gruppo."
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr "Ogni riga di questo file contiene questi campi separati da due punti:"
+
+# type: Plain text
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "nome del gruppo"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "Deve essere un nome di gruppo valido, che esista nel sistema."
+
+# type: Plain text
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Se il campo password contiene un testo che non sia un risultato valido di "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, ad esempio ! o *, gli utenti non potranno accedere a quel "
+"gruppo utilizzando la password unix (ma i membri del gruppo non necessitano "
+"di password)."
+
+# type: Plain text
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The password is used when an user who is not a member of the group wants "
+#| "to gain the permissions of this group (see "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>)."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"La password è utilizzata quanto un utente che non è membro del gruppo cerca "
+"di ottenerne i permessi (vedere <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+"Questo campo può essere vuoto, nel qual caso solo i membri del gruppo "
+"possono ottenere i permessi del gruppo."
+
+# type: Plain text
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+"Questa password ha la precedenza su ogni altra specificata in <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "amministratori"
+
+# type: Plain text
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "Deve essere una lista di nomi utente separati da virgole."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr "Gli amministratori possono cambiare la password o i membri del gruppo."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"Gli amministratori hanno anche gli stessi permessi dei membri (vedere sotto),"
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "membri"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+"I membri possono accedere al gruppo senza che ne sia richiesta la password."
+
+# type: Plain text
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Si dovrebbe utilizzare la stessa lista di utenti di <filename>/etc/group</"
+"filename>."
+
+# type: Plain text
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "verifica l'integrità dei file dei gruppi"
+
+# type: Plain text
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+"Il comando <command>grpck</command> verifica l'integrità delle informazioni "
+"sui gruppi. Ogni voce in <filename>/etc/group</filename><phrase condition="
+"\"gshadow\"> e in <filename>/etc/gshadow</filename></phrase> viene "
+"controllata per verificare che abbia il formato corretto e dati validi. "
+"Viene richiesto all'utente di rimuovere le voci che non hanno un formato "
+"appropriato o che presentano altri errori impossibili da correggere."
+
+# type: Plain text
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "un nome univoco e valido di gruppo"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"un identificatore valido di gruppo <phrase condition=\"gshadow\"> (solo "
+"<filename>/etc/group</filename>)</phrase>"
+
+# type: Plain text
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+"un elenco valido di membri<phrase condition=\"gshadow\"> e amministratori</"
+"phrase>"
+
+# type: Plain text
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+"una voce corrispondente nel file <filename>/etc/gshadow</filename> "
+"(rispettivamente <filename>/etc/group</filename> per i controlli in "
+"<filename>gshadow</filename>)"
+
+# type: Plain text
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+"Gli errori nelle verifiche sul corretto numero di campi e sull'univocità del "
+"nome del gruppo sono irrimediabili. Se una voce ha un numero errato di "
+"campi, all'utente viene chiesto di cancellare l'intera riga; se l'utente non "
+"risponde affermativamente, vengono omessi tutti gli ulteriori controlli. "
+"Viene richiesta la cancellazione anche per le voci aventi il nome del gruppo "
+"duplicato, ma i rimanenti controlli vengono ugualmente effettuati. Tutti gli "
+"altri errori non sono gravi e l'utente è invitato a eseguire il comando "
+"<command>groupmod</command> per correggerli."
+
+# type: Plain text
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+"I comandi che operano <phrase condition=\"no_gshadow\">sul file <filename>/"
+"etc/group</filename></phrase><phrase condition=\"gshadow\">sui file "
+"<filename>/etc/group</filename> e <filename>/etc/gshadow</filename></phrase> "
+"non sono in grado di modificare voci corrotte o duplicate; in tali "
+"circostanze va usato <command>grpck</command> per rimuovere le voci "
+"scorrette."
+
+# type: Plain text
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "Il comando <command>grpck</command> accetta le seguenti opzioni:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+"Esegue il comando <command>grpck</command> in sola lettura. Questo implica "
+"che sia risposto <emphasis>no</emphasis> automaticamente a tutte le domande "
+"relative alle modifiche."
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"Ordina le voci in <filename>/etc/group</filename> <phrase condition=\"gshadow"
+"\">e <filename>/etc/gshadow</filename> </phrase>per GID."
+
+#: grpck.8.xml:196(para)
+#, fuzzy
+#| msgid ""
+#| "By default, <command>grpck</command> operates on <filename>/etc/group</"
+#| "filename><phrase condition=\"gshadow\"> and <filename>/etc/gshadow</"
+#| "filename></phrase>. The user may select alternate files with the "
+#| "<emphasis remap=\"I\">group</emphasis><phrase condition=\"no_gshadow"
+#| "\">parameter.</phrase><phrase condition=\"gshadow\">and <emphasis remap="
+#| "\"I\">shadow</emphasis> parameters.</phrase>"
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"Come impostazione predefinita, <command>grpck</command> opera sul file "
+"<filename>/etc/passwd</filename><phrase condition=\"gshadow\"> e su "
+"<filename>/etc/shadow</filename></phrase>. L'utente può selezionare file "
+"alternativi con <phrase condition=\"gshadow\">i parametri <emphasis remap=\"I"
+"\">group</emphasis> e <emphasis remap=\"I\">shadow</emphasis></"
+"phrase><phrase condition=\"no_gshadow\">il parametro <emphasis remap=\"I"
+"\">group</emphasis></phrase>."
+
+# type: Plain text
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "una o più voci di gruppo contengono errori"
+
+# type: Plain text
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "impossibile aprire i file dei gruppi"
+
+# type: Plain text
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "impossibile fare il lock dei file dei gruppi"
+
+# type: Plain text
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "impossibile aggiornare i file dei gruppi"
+
+# type: TP
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Il comando <command>grpck</command> restituisce i seguenti valori: "
+"<placeholder-1/>"
+
+# type: Plain text
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+# type: Plain text
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "mostra i nomi dei gruppi correnti"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "utente"
+
+# type: Plain text
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+"Per ciascuno dei gruppi correnti, il comando <command>groups</command> "
+"mostra i nomi o i valori ID. Se un valore non ha nessuna voce corrispondente "
+"in <filename>/etc/group</filename>, esso viene mostrato in forma numerica. "
+"Se viene specificato un <emphasis remap=\"I\">utente</emphasis>, vengono "
+"mostrati i gruppi a cui appartiene quel determinato <emphasis remap=\"I"
+"\">utente</emphasis>."
+
+# type: Plain text
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+"Sui sistemi che non supportano l'appartenenza contemporanea a più gruppi, "
+"vengono riportate le informazioni da <filename>/etc/group</filename>. "
+"L'utente deve usare <command>newgrp</command> o <command>sg</command> per "
+"cambiare gli ID reale ed effettivo del gruppo."
+
+# type: Plain text
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+# type: Plain text
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "modifica la definizione di un gruppo del sistema"
+
+# type: TH
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GRUPPO"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"Il comando <command>groupmod</command> cambia la definizione del "
+"<replaceable>GRUPPO</replaceable> modificando appropriatamente il database "
+"dei gruppi."
+
+# type: Plain text
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr "Il comando <command>groupmod</command> accetta le seguenti opzioni:"
+
+# type: TP
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"\"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+# type: Plain text
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"Verrà modificato l'ID del <replaceable>GRUPPO</replaceable> in "
+"<replaceable>GID</replaceable>."
+
+# type: Plain text
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"Il valore <replaceable>GID</replaceable> deve essere un numero intero "
+"decimale non negativo. Deve essere univoco, a meno che non venga usata "
+"l'opzione <option>-o</option>."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"Gli utenti che hanno il gruppo come gruppo primario verranno aggiornati per "
+"mantenere tale gruppo come loro gruppo primario."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+"Tutti i file che hanno il vecchio ID di gruppo e devono continuare ad "
+"appartenere a <replaceable>GRUPPO</replaceable>, devono essere aggiornati "
+"manualmente."
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Non verrà effettuato nessun controllo riguardo i limiti <option>GID_MIN</"
+"option>, <option>GID_MAX</option>, <option>SYS_GID_MIN</option> o "
+"<option>SYS_GID_MAX</option> definiti in <filename>/etc/login.defs</"
+"filename>."
+
+# type: TP
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NUOVO_GRUPPO</replaceable>"
+
+# type: Plain text
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Il nome del gruppo verrà modificato da <replaceable>GRUPPO</replaceable> a "
+"<replaceable>NUOVO_GRUPPO</replaceable>."
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"Quando è usato con l'opzione <option>-g</option>, permette di cambiare il "
+"<replaceable>GID</replaceable> in un valore non univoco."
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "nome di gruppo già in uso"
+
+# type: TP
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "Il comando <command>groupmod</command> esce con i seguenti valori:"
+
+# type: Plain text
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+# type: Plain text
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "membri amministratori del gruppo primario dell'utente"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "user_name"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "group_name"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+"Il comando <command>groupmems</command> permette a utenti di amministrare la "
+"lista di membri del proprio gruppo senza richiedere i privilegi di "
+"amministratore. Il comando <command>groupmems</command> è per sistemi che "
+"configurano gli utenti perché siano in un gruppo primario con lo stesso nome "
+"dell'utente (esempio: guest/guest)."
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Solo il super utente, come amministratore, può utilizzare "
+"<command>groupmems</command> per modificare l'elenco di membri di altri "
+"gruppi."
+
+# type: Plain text
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr "Il comando <command>groupmems</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Aggiunge un utente all'elenco di membri del gruppo."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"Se esiste il file <filename>/etc/gshadow</filename> e il gruppo non vi è "
+"presente, viene aggiunto."
+
+# type: IP
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Cancella un utente dall'elenco degli utenti del gruppo."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"Se esiste il file <filename>/etc/gshadow</filename>, l'utente verrà rimosso "
+"dalle liste di utenti e amministratori del gruppo."
+
+# type: IP
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+"Il super utente può specificare quale elenco di membri del gruppo modificare."
+
+# type: IP
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "Elenca tutti i membri del gruppo."
+
+# type: TP
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "Elimina tutti gli utenti dalla lista dei membri del gruppo."
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr "CONFIGURAZIONE"
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+"L'eseguibile <command>groupmems</command> dovrebbe avere i permessi "
+"<literal>2770</literal> ed essere di proprietà di <emphasis>root</emphasis> "
+"e del gruppo <emphasis>groups</emphasis>. L'amministratore di sistema può "
+"aggiungere utenti al gruppo <emphasis>groups</emphasis> per permettere loro "
+"di poter gestire l'elenco di membri del proprio gruppo tramite il comando "
+"<command>groupmems</command>."
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+msgstr ""
+"\n"
+" $ groupadd -r groups\n"
+" $ chmod 2770 groupmems\n"
+" $ chown root.groups groupmems\n"
+" $ groupmems -g groups -a gk4\n"
+" "
+
+# type: Plain text
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "informazioni sicure sugli account di gruppo"
+
+# type: Plain text
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Plain text
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "rimuove un gruppo"
+
+# type: Plain text
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"Il comando <command>groupdel</command> modifica i file di account di sistema "
+"rimuovendo tutte le voci che si riferiscono a <replaceable>GRUPPO</"
+"replaceable>. Il gruppo indicato deve esistere."
+
+# type: Plain text
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "Il comando <command>groupdel</command> accetta le seguenti opzioni:"
+
+# type: Plain text
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Non si può rimuovere un gruppo che sia gruppo primario di un utente. Occorre "
+"rimuovere l'utente prima di rimuovere il gruppo."
+
+# type: Plain text
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Occorre controllare manualmente tutti i file system per assicurarsi che non "
+"rimanga alcun file avente questo ID di gruppo."
+
+# type: Plain text
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "operazione impossibile perché il gruppo è primario per un utente"
+
+# type: TP
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Il comando <command>groupdel</command> restituisce i seguenti valori: "
+"<placeholder-1/>"
+
+# type: Plain text
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Plain text
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "crea un nuovo gruppo"
+
+# type: Plain text
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+"Il comando <command>groupadd</command> crea un nuovo account di gruppo "
+"usando i valori specificati sulla riga di comando ed i valori predefiniti "
+"dal sistema. Il nuovo gruppo verrà aggiunto ai file di sistema secondo "
+"necessità."
+
+# type: Plain text
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "Il comando <command>groupadd</command> accetta le seguenti opzioni:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+"Questa opzione fa sì che il comando esca con esito positivo nel caso che il "
+"gruppo esista già. Quando utilizzato con l'opzione <option>-g</option>, e il "
+"GID specificato esiste, un altro GID (univoco) viene scelto (cioè <option>-"
+"g</option> viene ignorato)."
+
+# type: Plain text
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"Il valore numerico dell'identificatore (ID) del gruppo. Questo valore deve "
+"essere univoco, a meno che non venga usata l'opzione <option>-o</option>. Il "
+"valore deve essere non-negativo. La scelta predefinita è quella di usare il "
+"minimo valore di ID maggiore o eguale a <option>GID_MIN</option> e superiore "
+"a qualunque altro gruppo."
+
+# type: Plain text
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Vedere anche l'opzione <option>-r</option> e la descrizione di "
+"<option>GID_MAX</option>."
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Ha la precedenza sui valori predefiniti (GID_MIN, GID_MAX e altri) definiti "
+"in <filename>/etc/login.defs</filename>. Più opzioni <option>-K</option> "
+"possono essere specificate."
+
+# type: IP
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Esempio: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Nota: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> non funziona ancora."
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+"Questa opzione permette di aggiungere un gruppo con un GID non univoco."
+
+# type: Plain text
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "Crea un gruppo di sistema."
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+"L'identificativo numerico del nuovo gruppo di sistema è scelto "
+"nell'intervallo <option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> "
+"definito in <filename>login.defs</filename>, al posto di <option>GID_MIN</"
+"option>-<option>GID_MAX</option>."
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"I nomi di gruppo devono iniziare con una lettera minuscola o l'underscore, "
+"seguiti da lettere minuscole, cifre numeriche, underscore o trattini. "
+"Possono terminare con il simbolo del dollaro. In termini di espressioni "
+"regolari: [a-z_][a-z0-9_-]*[$]?"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+"I nomi di gruppo possono essere al massimo di &GROUP_NAME_MAX_LENGTH; "
+"caratteri."
+
+# type: Plain text
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Non è possibile aggiungere un gruppo NIS o LDAP. Questo deve essere fatto "
+"sul server corrispondente."
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+"Se il nome di gruppo esiste già in un database esterno come quello NIS o "
+"LDAP, <command>groupadd</command> negherà la richiesta di creazione del "
+"gruppo."
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID non univoco (quando <option>-o</option> non è usata)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "nome di gruppo non univoco"
+
+# type: TP
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "Il comando <command>groupadd</command> restituisce i seguenti valori:"
+
+# type: Plain text
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "amministra <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "amministra <placeholder-1/> e <placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "opzione"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+"Il comando <command>gpasswd</command> è utilizzato per amministrare "
+"<filename>/etc/group</filename><phrase condition=\"gshadow\"> e <filename>/"
+"etc/gshadow</filename></phrase>. Ogni gruppo può avere<phrase condition="
+"\"gshadow\"> amministratori,</phrase> membri e una password."
+
+# type: Plain text
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+"Gli amministratori di sistema possono usare l'opzione <option>-A</option> "
+"per definire l'amministratore/gli amministratori di gruppo e l'opzione "
+"<option>-M</option> per definire i membri ed hanno tutti i permessi degli "
+"amministratori di gruppo e dei membri."
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+"<command>gpasswd</command> richiamato da <phrase condition=\"gshadow\">un "
+"amminstatore di gruppo </phrase><phrase condition=\"no_gshadow\">un "
+"amministratore di sistema</phrase> con un nome di gruppo richiede solo la "
+"nuova password del <replaceable>gruppo</replaceable>."
+
+# type: Plain text
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Se la password è impostata i membri possono ancora usare "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> senza la password, i non-membri devono fornire la password."
+
+# type: SS
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Note sulle password di gruppo"
+
+# type: Plain text
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+"Le password di gruppo rappresentano un intrinseco problema di sicurezza "
+"perché più di una persona deve conoscerle. Ciononostante i gruppi sono uno "
+"strumento molto utile per la cooperazione tra vari utenti."
+
+# type: Plain text
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"Ad eccezione di <option>-A</option> e <option>-M</option>, le altre opzioni "
+"non possono essere combinate."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "Le opzioni non possono essere combinate."
+
+# type: Plain text
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr "Il comando <command>gpasswd</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>utente</"
+"replaceable>"
+
+# type: Plain text
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Aggiunge <replaceable>utente</replaceable> al <replaceable>gruppo</"
+"replaceable> indicato."
+
+# type: IP
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>utente</"
+"replaceable>"
+
+# type: Plain text
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"Rimuove <replaceable>utente</replaceable> dal <replaceable>gruppo</"
+"replaceable> indicato."
+
+# type: IP
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+
+# type: IP
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+"Rimuove la password dal <replaceable>gruppo</replaceable> indicato. La "
+"password del gruppo sarà vuota. Solo ai membri del gruppo sarà ammesso "
+"l'accesso tramite <command>newgrp</command> al <replaceable>gruppo</"
+"replaceable> indicato."
+
+# type: IP
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Limita l'accesso al <replaceable>gruppo</replaceable> indicato. La password "
+"del gruppo è cambiata in «!». Solo ai membri del gruppo con una password "
+"verrà permesso di usare <command>newgrp</command> per accedere al "
+"<replaceable>gruppo</replaceable> indicato."
+
+# type: IP
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>utente</replaceable>,..."
+
+# type: Plain text
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "Imposta l'elenco degli utenti amministratori."
+
+# type: IP
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>utente</"
+"replaceable>,..."
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "Definisce l'elenco dei membri del gruppo."
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+"Questo strumento opera solo sul file <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> e sul file <filename>/etc/gshadow</filename></"
+"phrase>. Quindi non si possono modificare gruppi NIS o LDAP. Questo dovrebbe "
+"essere fatto sul corrispondente server."
+
+# type: Plain text
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+# type: Plain text
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr "mostra le registrazioni e imposta i limiti degli accessi falliti"
+
+# type: Plain text
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+"<command>faillog</command> mostra il contentuto del database degli accessi "
+"falliti (<filename>/var/log/faillog</filename>); può anche essere usato per "
+"impostare i conteggi e i limiti dei tentativi falliti. Eseguire "
+"<command>faillog</command> senza argomenti per ottenere un elenco degli "
+"utenti che hanno fallito almeno un tentativo di accesso."
+
+# type: Plain text
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr "Il comando <command>faillog</command> accetta le seguenti opzioni:"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+"Mostra (o opera su) registrazioni faillog per tutti gli utenti presenti nel "
+"database <filename>faillog</filename>."
+
+# type: IP
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+"L'intervallo di utenti può essere ristretto con l'opzione <option>-u</"
+"option>."
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+"Nella modalità di visualizzazione, questo è già ristretto ai soli utenti "
+"esistenti, ma vengono mostrate anche eventuali registrazioni vuote."
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+"Con le opzioni <option>-l</option>, <option>-m</option>, <option>-r</option> "
+"e <option>-t</option>, le registrazioni degli utenti sono modificate anche "
+"se l'utente non esiste nel sistema. Questo è utile quando si vogliono "
+"azzerare le registrazioni degli utenti cancellati, o per definire in "
+"anticipo delle norme per intervalli di utenti."
+
+# type: IP
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+
+# type: Plain text
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"Blocca l'account per <replaceable>SEC</replaceable> secondi dopo un "
+"tentativo di accesso fallito."
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+"Per questa opzione è necessario l'accesso in scrittura a <filename>/var/log/"
+"faillog</filename>."
+
+# type: IP
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+# type: Plain text
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"Imposta a <replaceable>MAX</replaceable> il massimo numero di accessi "
+"falliti prima che l'account sia disabilitato."
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+"Impostare <replaceable>MAX</replaceable> al valore 0 ha l'effetto di non "
+"porre nessun limite al numero di accessi falliti."
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+"Il numero massimo di fallimenti dovrebbe sempre essere 0 per <emphasis>root</"
+"emphasis> in modo da evitare attacchi al sistema di tipo «denial of service»."
+
+# type: IP
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "Azzera i contatori degli accessi falliti."
+
+# type: Plain text
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+"Visualizza le registrazioni faillog più recenti di <replaceable>GIORNI</"
+"replaceable> giorni."
+
+# type: Plain text
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+"Mostra la registrazione degli accessi falliti o, se sono state usate le "
+"opzioni <option>-r</option>, <option>-m</option> o <option>-l</option>, "
+"imposta contatori e limiti solo gli utenti specificati."
+
+# type: Plain text
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"Quando nessuna tra le opzioni <option>-l</option>, <option>-m</option> o "
+"<option>-r</option> è utilizzata, <command>faillog</command> mostra le voci "
+"dei fallimenti degli utenti specificati."
+
+# type: Plain text
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+"<command>faillog</command> mostra solo gli utenti che non hanno effettuato "
+"nessun accesso corretto dopo l'ultimo tentativo fallito. Un utente che abbia "
+"completato correttamente un accesso dopo l'ultimo tentativo fallito è "
+"mostrato solo se viene richiesto esplicitamente con l'opzione <option>-u</"
+"option> o se viene richiesto di mostrare tutti gli utenti con l'opzione "
+"<option>-a</option>."
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+# type: Plain text
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr "File per tracciare gli accessi falliti."
+
+# type: Plain text
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Plain text
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "file di log degli accessi falliti"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+"<filename>/var/log/faillog</filename> mantiene un contatore di accessi "
+"falliti e dei vari limiti per ogni account."
+
+# type: Plain text
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+"Questo file è composto da record di lunghezza fissa, indicizzati dal valore "
+"numerico di UID. Ciascun record contiene il conteggio degli accessi falliti "
+"a partire dall'ultimo login corretto, il numero massimo di tentativi "
+"permessi prima che l'account venga disabilitato, il terminale sul quale "
+"l'ultimo tentativo fallito è avvenuto, la data in cui è avvenuto, e infine "
+"il periodo (in secondi) durante il quale l'account verrà bloccato a seguito "
+"di un fallimento."
+
+# type: Plain text
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "La struttura del file è la seguente:"
+
+# type: Plain text
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+# type: Plain text
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "controlla e fa rispettare la scadenza della password"
+
+# type: Plain text
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"<command>expiry</command> controlla (<option>-c</option>) la scadenza della "
+"password in uso e, se necessario, richiede (<option>-f</option>) che venga "
+"cambiata quando necessario. Questo comando può essere eseguito da un utente "
+"qualsiasi."
+
+# type: Plain text
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr "Il comando <command>expiry</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+# type: Plain text
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr "Controlla la scadenza della password dell'utente corrente."
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+"Forza un cambio di password se l'utente corrente ha una password scaduta."
+
+# type: Plain text
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Plain text
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "cambia la shell di login"
+
+# type: Plain text
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"Il comando <command>chsh</command> cambia la shell di login dell'utente, in "
+"altre parole determina il comando iniziale eseguito quando un utente accede "
+"al sistema. Chiunque può cambiare la propria shell di login, mentre "
+"l'amministratore può cambiare la shell di login per ogni account."
+
+# type: Plain text
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Il comando <command>chsh</command> accetta le seguenti opzioni:"
+
+# type: Plain text
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Se non viene usata l'opzione <option>-s</option>, <command>chsh</command> "
+"opera in maniera interattiva, mostrando all'utente la shell attuale. "
+"Inserire il nuovo valore oppure lasciare la riga vuota per non modificare il "
+"valore attuale. La shell attuale è mostrata tra parentesi <emphasis>[ ]</"
+"emphasis>."
+
+# type: Plain text
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"L'unica limitazione sulla scelta della shell di login è che il nome del "
+"comando deve essere presente in <filename>/etc/shells</filename>; fa "
+"eccezione l'amministratore di sistema, che è libero di scegliere qualsiasi "
+"valore. Un account con una shell di login limitata non può cambiare la "
+"propria shell di login. Per questo motivo è sconsigliato includere "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename>: se "
+"accidentalmente un utente selezionasse una shell limitata, non potrebbe più "
+"tornare alla shell di login che usava originariamente."
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+# type: Plain text
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Elenco delle shell di login ammesse."
+
+# type: Plain text
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "aggiorna le password in modo non interattivo"
+
+# type: Plain text
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"<command>chpasswd</command> legge da standard input un elenco di coppie di "
+"nomi utente e password e usa queste informazioni per aggiornare un gruppo di "
+"utenti esistenti. Ciascuna riga usa il formato:"
+
+# type: Plain text
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nome_utente</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+
+# type: Plain text
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Come impostazione predefinita, si devono fornire password in chiaro che "
+"vengono poi cifrate da <command>chpasswd</command>. Vengono aggiornate, se "
+"presenti, anche le informazioni sulla durata delle password."
+
+#: chpasswd.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+#| "variables of <filename>/etc/login.defs</filename>, and can be overwitten "
+#| "with the <option>-e</option>, <option>-m</option>, or <option>-c</option> "
+#| "options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"L'algoritmo di cifratura predefinito può essere impostato con le variabili "
+"<option>ENCRYPT_METHOD</option> e <option>MD5_CRYPT_ENAB</option> in "
+"<filename>/etc/login.defs</filename>, e può essere ulteriormente modificato "
+"con le opzioni <option>-e</option>, <option>-m</option> o <option>-c</"
+"option>."
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"Se non diversamente impostato, le password saranno cifrate da PAM, ma (anche "
+"se non è raccomandato) si può impostare un metodo di cifratura diverso con "
+"le opzioni <option>-e</option>, <option>-m</option> e <option>-c</option>."
+
+#: chpasswd.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "<phrase condition=\"pam\">Except when PAM is used to encrypt the "
+#| "passwords,</phrase><command>chpasswd</command> first updates all the "
+#| "passwords in memory, and then commits all the changes to disk if no "
+#| "errors occured for any user."
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+"<phrase condition=\"pam\">Escluso quando PAM viene utilizzato per cifrare le "
+"password, </phrase><command>chpasswd</command> prima aggiorna tutte le "
+"passwor in memoria, e poi scrive tutto su disco se non trova errori per "
+"nessun utente."
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+"Quando PAM è utilizzato per cifrare le password (e aggiornare le password "
+"nel database di sistema), se una password non può essere aggiornata "
+"<command>chpasswd</command> continua con l'aggiornamento delle password "
+"degli utenti seguenti, e restituisce un codice d'errore all'uscita."
+
+# type: Plain text
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Questo comando è appositamente pensato per grossi sistemi in cui si abbia la "
+"necessità di creare molti account nello stesso momento."
+
+# type: Plain text
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr "Il comando <command>chpasswd</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METODO</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "I metodi disponibili sono DES, MD5 e NONE (nessuno)."
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "PAM viene utilizzato, in maniera predefinita, per cifrare le password."
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+"Normalmente (se nessuna delle opzioni <option>-c</option>, <option>-m</"
+"option> o <option>-e</option> viene specificata), il metodo di cifratura è "
+"definito dalle variabili <option>ENCRYPT_METHOD</option> o "
+"<option>MD5_CRYPT_ENAB</option> in <filename>/etc/login.defs</filename>."
+
+# type: IP
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+# type: Plain text
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Le password fornite sono in forma cifrata."
+
+# type: IP
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+# type: Plain text
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"Usa la cifratura MD5 anziché DES quando le password fornite non sono cifrate."
+
+# type: IP
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>CICLI</"
+"replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Il numero di cicli è definito dalle variabili <option>SHA_CRYPT_MIN_ROUNDS</"
+"option> e <option>SHA_CRYPT_MAX_ROUNDS</option> in <filename>/etc/login."
+"defs</filename>."
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Ricordarsi di impostare i permessi o umask in modo da prevenire la lettura "
+"in chiaro da parte di altri utenti."
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+# type: Plain text
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "Configurazione PAM per <command>chpasswd</command>."
+
+# type: Plain text
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+# type: Plain text
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "aggiorna le password di gruppo in modalità non interattiva"
+
+# type: Plain text
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"Il comando <command>chgpasswd</command> legge un elenco di coppie di nomi "
+"gruppo e password e usa queste informazioni per aggiornare un insieme di "
+"gruppi esistenti. Ciascuna riga usa il formato:"
+
+# type: Plain text
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nome_gruppo</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+
+# type: Plain text
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Come impostazione predefinita la password deve essere in chiaro ed è cifrata "
+"da <command>chgpasswd</command>."
+
+#: chgpasswd.8.xml:92(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+#| "filename>, and can be overwiten with the <option>-e</option>, <option>-m</"
+#| "option>, or <option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"L'algoritmo di cifratura utilizzato può essere definito per tutto il sistema "
+"dalla variabile <option>ENCRYPT_METHOD</option> in <filename>/etc/login."
+"defs</filename>, e può essere modificato con le opzioni <option>-e</option>, "
+"<option>-m</option> o <option>-c</option>."
+
+# type: Plain text
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr "Il comando <command>chgpasswd</command> accetta le seguenti opzioni:"
+
+# type: Plain text
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+# type: Plain text
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "cambia il nome dell'utente e altre informazioni"
+
+# type: Plain text
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+"<command>chfn</command> è usato per cambiare il nome completo "
+"dell'utilizzatore, il numero di stanza dell'ufficio, quello di telefono "
+"dell'ufficio e di casa. Questi dati sono normalmente stampati dal programma "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> o equivalenti. Un utente normale può cambiare solo i dati "
+"relativi al proprio account, con eventuali altre limitazioni specificate in "
+"<filename>/etc/login.defs</filename>. (La configurazione predefinita "
+"impedisce la modifica del proprio nome completo.) Il super utente può "
+"cambiare tutte le informazioni di ciascun utente. Inoltre, solo il super "
+"utente può usare l'opzione <option>-o</option> per la modifica delle parti "
+"non definite del campo GECOS."
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+"Questi campi non possono contenere nessun carattere due punti. Ad eccezione "
+"del campo <emphasis remap=\"I\">other</emphasis>, non dovrebbero contenere "
+"nessuna virgola e nessun segno uguale. È anche consigliato di evitare "
+"caratteri non US-ACII, ma su questo viene fatto un controllo solo per il "
+"numero di telefono. Il campo <emphasis remap=\"I\">other</emphasis> viene "
+"utilizzato per memorizzare informazioni sull'«accounting» da altre "
+"applicazioni."
+
+# type: Plain text
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Il comando <command>chfn</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>NOME_COMPLETO</replaceable>"
+
+# type: SS
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "Cambia il nome completo dell'utente."
+
+# type: IP
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>TELEFONO_CASA</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "Cambia il numero di telefono di casa dell'utente."
+
+# type: IP
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>ALTRO</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"Cambia il campo GECOS per le altre informazioni. Questo campo viene "
+"utilizzato per memorizzare informazioni di «accounting» usate da altre "
+"applicazioni, e può essere modificato solo dal super utente."
+
+# type: IP
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>NUMERO_STANZA</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "Cambia il numero della stanza dell'utente."
+
+# type: TP
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+# type: IP
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>TELEFONO_LAVORO</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "Cambia il numero di telefono di lavoro dell'utente."
+
+# type: Plain text
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+"Se nessuna delle opzioni è selezionata, <command>chfn</command> opera in "
+"maniera interattiva, chiedendo all'utente il valore da impostare per ogni "
+"campo. Inserire un nuovo valore per sostituire il contenuto attuale, oppure "
+"lasciare la riga vuota per non cambiarlo. Il valore attuale è mostrato tra "
+"le parentesi <emphasis remap=\"B\">[ ]</emphasis>. Senza nessuna opzione, "
+"<command>chfn</command> opera sull'account corrente."
+
+# type: Plain text
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "cambia le informazioni sulla scadenza della password"
+
+# type: Plain text
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"<command>chage</command> modifica il numero minimo di giorni tra i cambi di "
+"password e la data dell'ultimo cambio. Queste informazioni sono usate dal "
+"sistema per determinare quando un utente deve cambiare la propria password."
+
+# type: Plain text
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "Il comando <command>chage</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;"
+"<replaceable>ULTIMO_GIORNO</replaceable>"
+
+# type: Plain text
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"Imposta la data dell'ultimo cambio della password, espressa come il numero "
+"di giorni trascorsi dal 1 gennaio 1970. La data può anche essere specificata "
+"nel formato AAAA-MM-GG o nella notazione comunemente usata nel proprio paese."
+
+# type: TP
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATA_SCADENZA</replaceable>"
+
+# type: Plain text
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"Imposta la data o il numero di giorni dal 1 gennaio 1970 dal quale l'account "
+"utente non sarà più accessibile. La data può essere inserita nel formato "
+"AAAA-MM-GG (o il formato più comunemente utilizzato nel proprio paese). Un "
+"utente il cui account sia bloccato deve contattare l'amministratore di "
+"sistema prima di poter accedere nuovamente al sistema."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Se si passa il numero <emphasis remap=\"I\">-1</emphasis> come "
+"<replaceable>DATA_SCADENZA</replaceable>, si rimuove la data di scadenza "
+"dell'account."
+
+# type: TP
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INATTIVO</"
+"replaceable>"
+
+# type: Plain text
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"Imposta il numero di giorni di inattività dopo la scadenza della password "
+"dopo i quali l'account viene bloccato. L'opzione <replaceable>INATTIVO</"
+"replaceable> indica il numero di giorni di inattività. Un utente con "
+"l'account bloccato deve contattare l'amministratore prima di poter usare "
+"ancora il sistema."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Utilizzare il numero <emphasis remap=\"I\">-1</emphasis> come "
+"<replaceable>INATTIVO</replaceable> elimina l'intervallo di inattività "
+"dall'account."
+
+# type: Plain text
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Visualizza le informazioni sulla scadenza dell'account."
+
+# type: IP
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;"
+"<replaceable>MIN_GIORNI</replaceable>"
+
+# type: IP
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;"
+"<replaceable>MAX_GIORNI</replaceable>"
+
+# type: Plain text
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"Imposta il numero massimo di giorni di validità di una password. Quando la "
+"somma di <replaceable>MAX_GIORNI</replaceable> e <replaceable>ULTIMO_GIORNO</"
+"replaceable> è inferiore alla data odierna, l'utente è obbligato a cambiare "
+"la password prima di poter usare ancora il proprio account. Questo evento "
+"può essere reso noto in anticipo usando l'opzione <option>-W</option>, che "
+"fornisce un preavviso all'utente."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Usare il valore <emphasis remap=\"I\">-1</emphasis> come "
+"<replaceable>MAX_GIORNI</replaceable> rimuove il controllo sulla validità "
+"della password."
+
+# type: IP
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>AVVISO_GIORNI</replaceable>"
+
+# type: Plain text
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"Imposta il numero di giorni di preavviso prima che sia obbligatorio cambiare "
+"la password. L'opzione <replaceable>AVVISO_GIORNI</replaceable> indica il "
+"numero di giorni prima della scadenza della password in cui l'utente viene "
+"avvertito dell'imminente scadenza."
+
+# type: Plain text
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Se non viene specificata nessuna opzione, <command>chage</command> opera in "
+"modalità interattiva, chiedendo all'utente il nuovo valore per ogni campo. "
+"Inserire un nuovo valore per modificare il campo, oppure lasciare la riga "
+"vuota per continuare a usare il valore attuale. I valori attuali vengono "
+"mostrati tra parentesi quadre <emphasis>[ ]</emphasis>."
+
+# type: Plain text
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"<command>chage</command> richiede che il file delle password shadow sia "
+"disponibile."
+
+# type: Plain text
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"L'uso del comando <command>chage</command> è permesso solo all'utente root, "
+"tranne per l'opzione <option>-l</option>, che può essere usata da un utente "
+"non privilegiato per conoscere la scadenza della propria password o "
+"dell'account."
+
+# type: IP
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+# type: Plain text
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "non è possibile trovare il file delle password shadow"
+
+# type: TP
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Il comando <command>chage</command> restituisce i seguenti valori: "
+"<placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+"Giuseppe Sacco <eppesuig@debian.org>, 2005, 2012.\n"
+"Danilo Piazzalunga <danilopiazza@libero.it>, 2005."
+
+#~ msgid "-M"
+#~ msgstr "-M"
+
+# type: Plain text
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Plain text
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+# type: IP
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "non è possibile creare la casella di posta"
diff --git a/man/po/pl.po b/man/po/pl.po
new file mode 100644
index 0000000..c003c72
--- /dev/null
+++ b/man/po/pl.po
@@ -0,0 +1,9500 @@
+# Polish translation for shadow man pages
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: man pages for shadow 4.0.16\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:38+0200\n"
+"Last-Translator: Tomasz KÅ‚oczko <kloczek@pld.org.pl>\n"
+"Language-Team: Polish <translation-team-pl@lists.sourceforge.net>\n"
+"Language: pl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Polecenia ZarzÄ…dzania Systemem"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+#, fuzzy
+#| msgid "gshadow"
+msgid "shadow-utils"
+msgstr "gshadow"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr "edytuj plik haseł, grup lub ich wersji chronionych"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "opcje"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "OPIS"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Polecenia <command>vipw</command> i <command>vigr</command> umożliwiają "
+"modyfikację plików odpowiednio <filename>/etc/passwd</filename> i <filename>/"
+"etc/group</filename>. Przy zastosowaniu flagi <option>-s</option> modyfikujÄ… "
+"także dodatkowe wersje chronione tych plików - odpowiednio <filename>/etc/"
+"shadow</filename> i <filename>/etc/gshadow</filename>. Dla ochrony przed "
+"uszkodzeniem w trakcie modyfikacji tych plików programy te ustawiają "
+"odpowiednie blokady. Szukając edytora programy te używają w pierwszej "
+"kolejności zmiennej środowiska <envar>$VISUAL</envar>, a następnie <envar>"
+"$EDITOR</envar>, a na końcu a na końcu domyślnego edytora "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "OPCJE"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Polecenia <command>vipw</command> i <command>vigr</command> posiadajÄ… "
+"następujące opcje:Polecenia <command>vipw</command> i <command>vigr</"
+"command> posiadają następujące opcje:"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Edycja bazy grup."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Wyświetlenie komunikatu pomocy i zakończenie działania."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Edycja bazy passwd."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Cichy tryb pracy."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+#, fuzzy
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Edycja bazy shadow lub gshadow."
+
+#: vipw.8.xml:156(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr ""
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr ""
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+#, fuzzy
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+#, fuzzy
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr ""
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr ""
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr ""
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr ""
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr ""
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "PLIKI"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Informacje o grupach użytkowników."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Informacje chronione o grupach użytkowników."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Informacja o kontach użytkowników."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Informacje chronione o użytkownikach."
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "ZOBACZ TAKŻE"
+
+#: vipw.8.xml:226(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>login</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "zmiana danych konta użytkownika"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "LOGIN"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Polecenie <command>usermod</command> zmienia systemowe pliki kont, "
+"odzwierciedlając zmiany podane w wierszu poleceń."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr "Polecenie <command>usermod</command> posiada następujące opcje:"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: usermod.8.xml:104(para)
+#, fuzzy
+#| msgid ""
+#| "Add the user to the supplemental group(s). Use only with <option>-G</"
+#| "option> option."
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Dodaj użytkownika do dodatkowej grupy lub grup. Może być użyte tylko z opcją "
+"<option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMENTARZ</"
+"replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>KAT_DOMOWY</replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr ""
+
+#: usermod.8.xml:131(para)
+#, fuzzy
+#| msgid ""
+#| "The user's new login directory. If the <option>-m</option> option is "
+#| "given the contents of the current home directory will be moved to the new "
+#| "home directory, which is created if it does not already exist."
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Nowy katalog domowy użytkownika. Jeżeli podano opcję <option>-m</option>, to "
+"zawartość aktualnego katalogu domowego zostanie przesunięta do nowego "
+"katalogu. Nowy katalog domowy jest tworzony jeśli nie istnieje."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATA_WAŻN</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Data, od której konto danego użytkownika zostanie wyłączone. Data podawana "
+"jest w formacie <emphasis remap=\"I\">MM/DD/RR</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>NIEAKTYWNE</replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+
+#: usermod.8.xml:168(para)
+#, fuzzy
+#| msgid ""
+#| "The number of days after a password expires until the account is "
+#| "permanently disabled. A value of 0 disables the account as soon as the "
+#| "password has expired, and a value of -1 disables the feature. The default "
+#| "value is -1."
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"Liczba dni po wygaśnięciu hasła do stałego wyłączenia konta. Wartość 0 "
+"wyłącza konto natychmiast po przeterminowaniu hasła, zaś wartość -1 wyłącza "
+"tę cechę. Domyślną wartością jest -1."
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GRUPA</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+#, fuzzy
+#| msgid ""
+#| "The group name or number of the user's new initial login group. The group "
+#| "name must exist. A group number must refer to an already existing group. "
+#| "The default group number is 1."
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Nazwa lub numer początkowej grupy logowania użytkownika. Nazwa grupy musi "
+"istnieć. Numer grupy musi odnosić się do już istniejącej grupy. Domyślnym "
+"numerem grupy jest 1."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GRUPA1</"
+"replaceable>[<emphasis remap=\"I\">,GRUPA2,...</emphasis>[<emphasis remap=\"I"
+"\">,GRUPAN</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+#, fuzzy
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"Lista dodatkowych grup, do których również należy użytkownik. Każda grupa "
+"oddzielona jest od następnej przecinkiem, bez wtrąconej spacji. Do grup "
+"odnoszą się te same ograniczenia, które obowiązują przy grupie podanej w "
+"opcji <option>-g</option>. Jeżeli użytkownik jest obecnie członkiem grupy, "
+"której nie podano na liście, to zostanie z niej usunięty."
+
+#: usermod.8.xml:211(para)
+#, fuzzy
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"Lista dodatkowych grup, do których również należy użytkownik. Każda grupa "
+"oddzielona jest od następnej przecinkiem, bez wtrąconej spacji. Do grup "
+"odnoszą się te same ograniczenia, które obowiązują przy grupie podanej w "
+"opcji <option>-g</option>. Jeżeli użytkownik jest obecnie członkiem grupy, "
+"której nie podano na liście, to zostanie z niej usunięty."
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NOWY_LOGIN</"
+"replaceable>"
+
+#: usermod.8.xml:224(para)
+#, fuzzy
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Nazwa użytkownika zostanie zmieniona z <emphasis remap=\"I\">LOGIN</"
+"emphasis> na <emphasis remap=\"I\">NOWY_LOGIN</emphasis>. Nic więcej nie "
+"jest zmieniane. W szczególności, prawdopodobnie powinna zostać zmieniona "
+"nazwa katalogu domowego użytkownika, tak by odzwierciedlała nową nazwę "
+"użytkownika."
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Zablokuj hasło użytkownika. Opcja ta powoduje wstawienie ’!’ na początku "
+"zakodowanego hasła. Opcji tej nie można używać z opcjami <option>-p</option> "
+"or <option>-U</option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+
+#: usermod.8.xml:253(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+
+#: usermod.8.xml:261(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>HASÅO</"
+"replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Nazwa nowej powłoki (shell) użytkownika. Ustawienie tego pola na puste "
+"powoduje, że system wybierze domyślną powłokę logowania."
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr ""
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Odblokowuje hasło użytkownika. Opcja ta powoduje usuniecie ’!’ z początku "
+"zakodowanego hasła. Opcji tej nie można używać z opcjami <option>-p</option> "
+"lub <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: usermod.8.xml:444(para)
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+#| "replaceable>"
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+
+#: usermod.8.xml:467(para)
+#, fuzzy
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "OSTRZEŻENIA"
+
+#: usermod.8.xml:479(para)
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+#, fuzzy
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+
+#. Note: on HP, split groups have the same ID, but different
+#. names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "GID_MIN (numer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "GID_MAX (numer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "GID_MIN (numer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "UID_MIN (numer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "UID_MAX (numer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "UID_MIN (numer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+" use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+" kilos = UID / 1000\n"
+" use /etc/tcb/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" use /etc/tcb/:megas/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+" "
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr "Konfiguracja pakietu shadow."
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "plik chroniony informacji o użytkownikach"
+
+#: userdel.8.xml:85(para)
+#, fuzzy
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"Polecenie <command>usermod</command> zmienia systemowe pliki kont, "
+"odzwierciedlając zmiany podane w wierszu poleceń."
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr "Polecenie <command>userdel</command> posiada następujące opcje:"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+
+#: userdel.8.xml:158(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "USERDEL_CMD (łańcuch)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr ""
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+" "
+msgstr ""
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "KOD ZAKOŃCZENIA"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "poprawne zakończenie działania programu"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "nie można zaktualizować pliku z hasłami"
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "niepoprawna składnia polecenia"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr ""
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr ""
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "nie można zaktualizować pliku z grupami"
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr ""
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>userdel</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr "Polecenie <command>useradd</command> posiada następujące opcje:"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;"
+"<replaceable>KAT_BAZOWY</replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>KAT_DOMOWY</replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+
+#: useradd.8.xml:178(term)
+#, fuzzy
+#| msgid "<option>-d</option>, <option>--delete</option>"
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr ""
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+
+#: useradd.8.xml:209(para)
+#, fuzzy
+#| msgid ""
+#| "The number of days after a password expires until the account is "
+#| "permanently disabled. A value of 0 disables the account as soon as the "
+#| "password has expired, and a value of -1 disables the feature. The default "
+#| "value is -1."
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"Liczba dni po wygaśnięciu hasła do stałego wyłączenia konta. Wartość 0 "
+"wyłącza konto natychmiast po przeterminowaniu hasła, zaś wartość -1 wyłącza "
+"tę cechę. Domyślną wartością jest -1."
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+
+#: useradd.8.xml:228(para)
+#, fuzzy
+#| msgid ""
+#| "The group name or number of the user's new initial login group. The group "
+#| "name must exist. A group number must refer to an already existing group. "
+#| "The default group number is 1."
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Nazwa lub numer początkowej grupy logowania użytkownika. Nazwa grupy musi "
+"istnieć. Numer grupy musi odnosić się do już istniejącej grupy. Domyślnym "
+"numerem grupy jest 1."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+
+#: useradd.8.xml:272(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+#| "replaceable>"
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+
+#: useradd.8.xml:281(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr ""
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: useradd.8.xml:301(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:322(term)
+#, fuzzy
+#| msgid "<option>-l</option>, <option>--list</option>"
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr ""
+
+#: useradd.8.xml:327(para)
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+
+#: useradd.8.xml:366(term)
+#, fuzzy
+#| msgid "<option>-g</option>, <option>--group</option>"
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+
+#: useradd.8.xml:390(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+#, fuzzy
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr ""
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: useradd.8.xml:434(para)
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+
+#: useradd.8.xml:482(para)
+#, fuzzy
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: useradd.8.xml:489(term)
+#, fuzzy
+#| msgid "<option>-g</option>, <option>--group</option>"
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+
+#: useradd.8.xml:510(para)
+#, fuzzy
+#| msgid ""
+#| "The name of the user's new login shell. Setting this field to blank "
+#| "causes the system to select the default login shell."
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"Nazwa nowej powłoki (shell) użytkownika. Ustawienie tego pola na puste "
+"powoduje, że system wybierze domyślną powłokę logowania."
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr ""
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr ""
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr ""
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "UWAGI"
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr ""
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+#, fuzzy
+msgid "<option>GID_MAX</option> (number)"
+msgstr "GID_MAX (numer)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+#, fuzzy
+msgid "<option>GID_MIN</option> (number)"
+msgstr "GID_MIN (numer)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "PASS_MAX_DAYS (numer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "PASS_MIN_DAYS (numer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "PASS_WARN_AGE (numer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+#, fuzzy
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "GID_MAX (numer)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+#, fuzzy
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "GID_MIN (numer)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "UID_MAX (numer)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "UID_MIN (numer)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+#, fuzzy
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>UID_MAX</option> (number)"
+msgstr "UID_MAX (numer)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>UID_MIN</option> (number)"
+msgstr "UID_MIN (numer)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+#, fuzzy
+msgid "<option>UMASK</option> (number)"
+msgstr "UMASK (number)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr ""
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr ""
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "nieprawidłowy argument opcji"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID juz jest używany (i nie uzyto opcji <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr ""
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr ""
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr ""
+
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>useradd</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr ""
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr ""
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" 1) the user su is targeting\n"
+" "
+msgstr ""
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" to-id:from-id:ACTION\n"
+" "
+msgstr ""
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+
+#: suauth.5.xml:107(para)
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr ""
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "EXAMPLE"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" # sample /etc/suauth file\n"
+" #\n"
+" # A couple of privileged usernames may\n"
+" # su to root with their own password.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Anyone else may not su to root unless in\n"
+" # group wheel. This is how BSD does things.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Perhaps terry and birddog are accounts\n"
+" # owned by the same person.\n"
+" # Access can be arranged between them\n"
+" # with no password.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+msgstr ""
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "BÅĘDY"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSTYKA"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Polecenia użytkowników"
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr ""
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr ""
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Polecenie <command>su</command> posiada następujące opcje:"
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>POLECENIE</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+
+#: su.1.xml:158(para)
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+
+#: su.1.xml:176(para)
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr ""
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr ""
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr ""
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr ""
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr ""
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>CONSOLE</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+#, fuzzy
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SU_NAME</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr ""
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr ""
+
+#: su.1.xml:422(replaceable)
+#, fuzzy
+#| msgid "12"
+msgid "126"
+msgstr "12"
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr ""
+
+#: su.1.xml:428(replaceable)
+#, fuzzy
+#| msgid "12"
+msgid "127"
+msgstr "12"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr ""
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:439(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>sh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>"
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr ""
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr ""
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+
+#: sg.1.xml:141(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>login</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr ""
+
+#: shadow.5.xml:65(refpurpose)
+#, fuzzy
+#| msgid "can't update password file"
+msgid "shadowed password file"
+msgstr "nie można zaktualizować pliku z hasłami"
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr ""
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr ""
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+
+#: shadow.5.xml:103(para)
+#, fuzzy
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr ""
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:134(para)
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr ""
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr ""
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr ""
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr ""
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr ""
+
+#: shadow.5.xml:222(emphasis)
+#, fuzzy
+#| msgid "User account information."
+msgid "account expiration date"
+msgstr "Informacja o kontach użytkowników."
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:229(para)
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr ""
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr ""
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr ""
+
+#: shadow.5.xml:270(filename)
+#, fuzzy
+#| msgid "/etc/shadow"
+msgid "/etc/shadow-"
+msgstr "/etc/shadow"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr ""
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+
+#: shadow.5.xml:284(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>"
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr ""
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr ""
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SKÅADNIA"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*name"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent()"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FILE"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* user login name */\n"
+" char\t\t*sp_pwdp; /* encrypted password */\n"
+" long int\t\tsp_lstchg; /* last password change */\n"
+" long int\t\tsp_min; /* days until change allowed. */\n"
+" long int\t\tsp_max; /* days before change required */\n"
+" long int\t\tsp_warn; /* days warning for expiration */\n"
+" long int\t\tsp_inact; /* days before account inactive */\n"
+" long int\t\tsp_expire; /* date when account expires */\n"
+" unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+" "
+msgstr ""
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr ""
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr ""
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr ""
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+
+#: pwconv.8.xml:188(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>vipw</command> and <command>vigr</"
+#| "command> commands are:"
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Polecenia <command>vipw</command> i <command>vigr</command> posiadajÄ… "
+"następujące opcje:Polecenia <command>vipw</command> i <command>vigr</"
+"command> posiadają następujące opcje:"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+
+#: pwconv.8.xml:263(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr ""
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr ""
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr ""
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr ""
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr ""
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr ""
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr ""
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr ""
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr ""
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr ""
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+#, fuzzy
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr "Polecenie <command>pwck</command> posiada następujące opcje:"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--remove</option>"
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr ""
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+#, fuzzy
+#| msgid "<option>-s</option>, <option>--shadow</option>"
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+
+#: pwck.8.xml:227(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+
+#: pwck.8.xml:243(para)
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr ""
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr ""
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr ""
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr ""
+
+#: pwck.8.xml:336(para)
+#, fuzzy
+#| msgid "can't update password file"
+msgid "can't sort password files"
+msgstr "nie można zaktualizować pliku z hasłami"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>pwck</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr ""
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "PRZYKÅADY"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+msgstr ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "Plik zawierający ustawienia dostępu do portów."
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr ""
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr ""
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr ""
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr ""
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr ""
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr ""
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr ""
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr ""
+
+#: passwd.5.xml:156(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/passwd-"
+msgstr "/etc/passwd"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr ""
+
+#: passwd.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "zmiana hasła użytkownika"
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr ""
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr ""
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr ""
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr ""
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr ""
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+
+#: passwd.1.xml:166(para)
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "Polecenie <command>passwd</command> posiada następujące opcje:"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>NIEAKTYWNE</replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+
+#: passwd.1.xml:269(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-m</option>, <option>--mindays</option>&nbsp;"
+#| "<replaceable>MIN_DAYS</replaceable>"
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DNI</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Utawia minimalną liczbę dni pomiędzy zmianami hasła na "
+"<replaceable>MIN_DAYS</replaceable>. Wartość zerowa oznacza, że użytkownik "
+"może je zmieniać w dowolnym czasie."
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOZYTORIUM</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DNI_OSTRZ</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DNI</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr ""
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "PASS_WARN_AGE (numer)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "PASS_MAX_DAYS (numer)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "PASS_MIN_DAYS (numer)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+
+#: passwd.1.xml:429(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr ""
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "brak dostępu"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "nieprawidłowa kombinacja opcji"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr ""
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr ""
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>passwd</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr ""
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr ""
+
+#: nologin.8.xml:91(para)
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr ""
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "wsadowa aktualizacja i tworzenie nowych użytkowników"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr ""
+
+#: newusers.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The <command>newusers</command> command reads a file of user name and "
+#| "clear-text password pairs and uses this information to update a group of "
+#| "existing users or to create new users. Each line is in the same format as "
+#| "the standard password file (see <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>) with the following "
+#| "exceptions:"
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"Polecenie <command>newusers</command> odczytuje z pliku nazwa użytkowników i "
+"podane jawnym tekstem hasło. Odczytane informacje wykorzystywane są do "
+"aktualizacji grupy istniejących użytkowników lub tworzenia nowych. Każdy "
+"wiersz pliku posiada taki sam format jak standardowy plik haseł (patrz "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>), z następującymi wyjątkami:"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr ""
+
+#: newusers.8.xml:110(emphasis)
+#, fuzzy
+#| msgid "*name"
+msgid "pw_name"
+msgstr "*name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr ""
+
+#: newusers.8.xml:116(para)
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"To pole zostanie zakodowane i użyte jako nowa wartość zakodowanego hasła."
+
+#: newusers.8.xml:138(emphasis)
+#, fuzzy
+#| msgid "pw_gid"
+msgid "pw_uid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr ""
+
+#: newusers.8.xml:144(para)
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr ""
+
+#: newusers.8.xml:152(para)
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr ""
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr ""
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr ""
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr ""
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+
+#: newusers.8.xml:266(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>usermod</command> command are:"
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "Polecenie <command>usermod</command> posiada następujące opcje:"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+#, fuzzy
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+#, fuzzy
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+
+#: newusers.8.xml:430(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/passwd"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr ""
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "group"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+
+#: newgrp.1.xml:152(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "wymuszenie ograniczeń czasu logowania"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"<command>logoutd</command> wymusza ograniczenia portów i czasów logowania "
+"podane w <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"powinno być uruchamiane z <filename>/etc/rc</filename>. Okresowo "
+"przeglÄ…dany jest plik <filename>/var/run/utmp</filename>. Sprawdzana jest "
+"każda nazwa użytkownika, aby stwierdzić, czy użytkownik ma zezwolenie na "
+"pracę w bieżącym czasie na danym porcie. Każda sesja pracy (logowania) "
+"naruszajÄ…ca ograniczenia zawarte w <filename>/etc/porttime</filename> jest "
+"kończona."
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "List bieżących sesji pracy."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr ""
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+#, fuzzy
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+#, fuzzy
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "UMASK (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "PASS_MIN_DAYS (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "GID_MIN (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+#, fuzzy
+msgid "<option>TTYPERM</option> (string)"
+msgstr "USERDEL_CMD (łańcuch)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ULIMIT</option> (number)"
+msgstr "UID_MIN (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr ""
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr ""
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr ""
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr ""
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+#, fuzzy
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHFN_AUTH CHFN_RESTRICT"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+#, fuzzy
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr ""
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:383(term)
+#, fuzzy
+#| msgid "newgrp"
+msgid "newgrp / sg"
+msgstr "newgrp"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:431(para)
+#, fuzzy
+#| msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK"
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:463(term)
+#, fuzzy
+msgid "sulogin"
+msgstr "login"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:519(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr ""
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr ""
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr ""
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr ""
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr ""
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr ""
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr ""
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr ""
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr ""
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr ""
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr ""
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr ""
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr ""
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr ""
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr ""
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr ""
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr ""
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr ""
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr ""
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr ""
+
+#: limits.5.xml:111(para)
+msgid "F: maximum file size (KB)"
+msgstr ""
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr ""
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr ""
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr ""
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr ""
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr ""
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr ""
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+msgstr ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+
+#: limits.5.xml:145(para)
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+
+#: limits.5.xml:159(para)
+#, fuzzy
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: limits.5.xml:165(para)
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+
+#: limits.5.xml:170(para)
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+"wyświetla informacje o ostanim logowaniu dla wybranego lub wszystkich "
+"użytkowaników"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"Polecenie <command>lastlog</command> formatuje i wyświetla zawartość bazy "
+"ostatnich logowań zapisanych w pliku <filename>/var/log/lastlog</filename>. "
+"Wyświetlone zostaną <emphasis>nazwa użytkownika</emphasis>, <emphasis>port</"
+"emphasis> i <emphasis>czas</emphasis> ostatniego logowania. Domyślnie (bez "
+"flag) pozycje wyświetlane są w kolejności w jakiej są w pliku <filename>/etc/"
+"passwd</filename>."
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr "Polecenie <command>lastlog</command> posiada następujące opcje:"
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DNI</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"Wyświetlenie rekordów lastlog starszych niż zadana <emphasis remap=\"I"
+"\">DNI</emphasis>."
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DNI</"
+"replaceable>"
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"Wyświetlenie rekordów lastlog nie starszych niż zadana ilość <emphasis remap="
+"\"I\">DNI</emphasis>."
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: lastlog.8.xml:164(para)
+#, fuzzy
+#| msgid ""
+#| "Print the lastlog record for user with specified <emphasis remap=\"I"
+#| "\">LOGIN</emphasis> only."
+msgid "Print the lastlog record of the specified user(s)."
+msgstr ""
+"Wyświetlenie informacji o ostanim logowaniu dla użytkownika "
+"<replaceable>LOGIN</replaceable>."
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"Jeżeli użytkownik nigdy się nie logował to zamiast portu i czasu \n"
+"logowania wyświetlany jest komunikat <emphasis>**Nigdy nie zalogowany**</"
+"emphasis> (użytkownik nigdy się nie logował)."
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "UWAGI"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Baza danych <filename>lastlog</filename> jest plikiem zawierajacym "
+"informacje o ostanim logowaniu każdego użytkowanika. Pliku tego nie powinnoa "
+"się okresowo kasować i zakąłdać od nowa (rotacja). Plik ten jest plikiem z "
+"dziurami tak więc jego rozmiar jest zwykle znacznie mniejszy pokazywany "
+"przez polecenie \"<command>ls -l</command>\" (pokazujące że jest on dużych "
+"rozmiarów jeżeli masz w <filename>passwd</filename> użytkowaników z wysokimi "
+"wartościami UID). Mozesz wyświetlić rzeczywisty rozmiar tego pliku używając "
+"polecenia \"<command>ls -s</command>\"."
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "Baza danych ostatnich logowań użytkowników."
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"Duże luki w numeracji UID powodują, że program będzie pracował dłużej, nie "
+"wyświetlając wyników (np. jeśli w bazie lastlog nie ma wpisów dla o UID "
+"pomiedzy 170, a 800, to program będzie sprawiał wrażenie zawieszonego w "
+"trakcie przetwarzania wpisów dla użytkowanikół o UID 171-799)."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr ""
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "nazwa grupy"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr ""
+
+#: gshadow.5.xml:90(para)
+#, fuzzy
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The new value of the user's password file comment field. It is normally "
+#| "modified using the <citerefentry><refentrytitle>chfn</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr ""
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr ""
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr ""
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+
+#: gshadow.5.xml:175(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr ""
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr ""
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+
+#: grpck.8.xml:152(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>pwck</command> command are:"
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "Polecenie <command>pwck</command> posiada następujące opcje:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+
+#: grpck.8.xml:196(para)
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr ""
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr ""
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr ""
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr ""
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>grpckl</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>login</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gshadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr ""
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr ""
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "modyfikuj definicjÄ™ grupy systemowej"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GRUPA"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"Polcenie <command>groupmod</command> modifikuje definicjÄ™ grupy "
+"<replaceable>GRUPA</replaceable> poprzez modifikacjÄ™ stosownego wpisu w "
+"bazie grup."
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr "Polecenie <command>groupmod</command> posiada następujące opcje:"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+#, fuzzy
+#| msgid ""
+#| "The name of the group will be changed from <replaceable>GROUP</"
+#| "replaceable> to <replaceable>NEW_GROUP</replaceable> name."
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: groupmod.8.xml:104(para)
+#, fuzzy
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"Nowa wartość ID grupy <replaceable>GRUPA</replaceable>. Numeryczna wartość "
+"<replaceable>GID</replaceable> musi mieć nieujemną wartość całkowitą. "
+"Wartość ta musi być unikalna chyba że użyto opcji <option>-o</option>. "
+"Wartości pomiędzy 0 a 999 są zwykle zarezerwowane dla grup systemowych. "
+"Pliki, dla których stary identyfikator jest identyfikatorem grupy pliku, "
+"wymagają ręcznej zmiany ID grupy."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--append</option>&nbsp;<replaceable>NOWA_GRUPA</"
+"replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: groupmod.8.xml:150(para)
+#, fuzzy
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"Użyte z opcją <option>-g</option> umożliwia zmiane <replaceable>GID</"
+"replaceable> grupy na wartość nieunikalną."
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "nazwa grupy już jest w użyciu"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>groupmod</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr ""
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "user_name"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr ""
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr "Polecenie <command>groupmems</command> posiada następujące opcje:"
+
+#: groupmems.8.xml:107(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#| "replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: groupmems.8.xml:109(para)
+msgid "Add a user to the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+
+#: groupmems.8.xml:118(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DNI</"
+"replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+
+#: groupmems.8.xml:134(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+#| "replaceable>"
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:154(term)
+#, fuzzy
+#| msgid "<option>-e</option>, <option>--expire</option>"
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr ""
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr ""
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr ""
+
+#: groupdel.8.xml:81(para)
+#, fuzzy
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"Polecenie <command>usermod</command> zmienia systemowe pliki kont, "
+"odzwierciedlając zmiany podane w wierszu poleceń."
+
+#: groupdel.8.xml:89(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>groupmod</command> command are:"
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "Polecenie <command>groupmod</command> posiada następujące opcje:"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr ""
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>groupdel</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>"
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "utwórz nową grupę"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "Polecenie <command>groupadd</command> posiada następujące opcje:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+
+#: groupadd.8.xml:124(para)
+#, fuzzy
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+
+#: groupadd.8.xml:146(para)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+
+#: groupadd.8.xml:192(para)
+#, fuzzy
+#| msgid "create a new group"
+msgid "Create a system group."
+msgstr "twółrz nową grupę"
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr ""
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr ""
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>groupadd</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+#, fuzzy
+#| msgid "-r <placeholder-1/>"
+msgid "administer <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+#, fuzzy
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "-K <placeholder-1/>=<placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+#, fuzzy
+msgid "option"
+msgstr "opcje"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:115(para)
+#, fuzzy
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr ""
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+
+#: gpasswd.1.xml:135(para)
+#, fuzzy
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:142(para)
+#, fuzzy
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr "Polecenie <command>passwd</command> posiada następujące opcje:"
+
+#: gpasswd.1.xml:147(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#| "replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+#, fuzzy
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: gpasswd.1.xml:160(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DNI</"
+"replaceable>"
+
+#: gpasswd.1.xml:164(para)
+#, fuzzy
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: gpasswd.1.xml:181(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--remove</option>"
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:211(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:227(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-m</option>, <option>--mindays</option>&nbsp;"
+#| "<replaceable>MIN_DAYS</replaceable>"
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DNI</"
+"replaceable>"
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr ""
+
+#: gpasswd.1.xml:239(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DNI</"
+"replaceable>"
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr ""
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+
+#: gpasswd.1.xml:298(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr "Polecenie <command>faillog</command> posiada następujące opcje:"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+
+#: faillog.8.xml:102(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+
+#: faillog.8.xml:128(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-l</option>, <option>--lock-time</option>&nbsp;<replaceable>SEC</"
+#| "replaceable>"
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-time</option>&nbsp;<replaceable>SEK</"
+"replaceable>"
+
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr ""
+
+#: faillog.8.xml:195(para)
+#, fuzzy
+#| msgid ""
+#| "Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+#| "emphasis>."
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+"Wyświetlenie rekordów lastlog nie starszych niż zadana ilość <emphasis remap="
+"\"I\">DNI</emphasis>."
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr ""
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr ""
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "Struktura tego pliku to:"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "sprawdzenie ważności i wymuszenie zmiany hasła"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"Polecenie <command>expiry</command> sprawdza (<option>-c</option>), kiedy "
+"wygaśnie aktualne hasło oraz wymusza (<option>-f</option>) lub wymusza jego "
+"zmianę.Może ono być wywoływane jako zwykłe polecenie przez użytkownika."
+
+#: expiry.1.xml:92(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>pwck</command> command are:"
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr "Polecenie <command>pwck</command> posiada następujące opcje:"
+
+#: expiry.1.xml:97(term)
+#, fuzzy
+#| msgid "<option>-L</option>, <option>--lock</option>"
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: expiry.1.xml:99(para)
+#, fuzzy
+#| msgid "check and enforce password expiration policy"
+msgid "Check the password expiration of the current user."
+msgstr "sprawdzenie ważności i wymuszenie zmiany hasła"
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "zmiana powłoki zgłoszeniowej"
+
+#: chsh.1.xml:85(para)
+#, fuzzy
+#| msgid ""
+#| "The <command>chsh</command> command changes the user login shell. This "
+#| "determines the name of the user's initial login command. A normal user "
+#| "may only change the login shell for her own account, the superuser may "
+#| "change the login shell for any account."
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"Polecenie <command>chsh</command> zmienia powłokę zgłoszeniową użytkownika, "
+"która określa nazwę początkowego polecenia zgłoszeniowego użytkownika. "
+"Zwykły użytkownik może zmienić wyłącznie powłokę zgłoszeniową własnego "
+"konta, superużytkownik może zmienić powłokę zgłoszeniową dla dowolnego konta."
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Polecenie <command>chsh</command> posiada następujące opcje:"
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Jeżeli nie podano opcji <option>-s</option>, to polecenie <command>chsh</"
+"command> działa w trybie interaktywnym, proponując użytkownikowi bieżącą "
+"powłokę logowania. Wprowadzenie nowej wartości powoduje zmianę powłoki, a "
+"podanie wartości pustej pozostawia bieżącą powłokę. Bieżąca powłoka "
+"wyświetlana jest w nawiasach <emphasis>[ ]</emphasis>"
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"Jedynym ograniczeniem nałożonym na powłokę zgłoszeniową jest to, że jej "
+"nazwa musi być wymieniona w <filename>/etc/shells</filename>, chyba że "
+"polecenie chsh zostało uruchomione przez superużytkownika wówczas może być "
+"podana dowolna nazwa. Użytkownicy kont z ograniczoną powłoką logowania nie "
+"mogą jej zmieniać. Odradza się z tego powodu umieszczanie <filename>/bin/"
+"rsh</filename> w pliku <filename>/etc/shells</filename>, gdyż przypadkowa "
+"zmiana na powłokę ograniczoną uniemożliwi użytkownikowi jakąkolwiek zmianę "
+"powłoki logowania, nawet z powrotem na dotychczasową."
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Lista dozwolonych powłok zgłoszeniowych."
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "wsadowa aktualizacja haseł użytkowników"
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"Polecenie <command>chpasswd</command> czyta pary danych (użytkownik i hasło) "
+"ze standardowego wejścia. Odczytane informacje wykorzystywane są do "
+"aktualizacji danych o grupie istniejących użytkowników. Każdy wiersz "
+"przekazywanych danych ma postać:"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nazwa_użytkownika</emphasis>:<emphasis remap=\"I"
+"\">hasło</emphasis>"
+
+#: chpasswd.8.xml:92(para)
+#, fuzzy
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Domyślnie dostarczane hasła muszą być w postaci jawnej. Podczas kodowania "
+"haseł używany jest domyślnie algorytm DES. W trakcie zmiany hasła "
+"aktualizowany jest także wiek hasła."
+
+#: chpasswd.8.xml:97(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:111(para)
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Polecenie to przeznaczone jest do użytku w dużych systemach, gdzie "
+"aktualizuje siÄ™ wiele kont naraz."
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr "Polecenie <command>chpasswd</command> posiada następujące opcje:"
+
+#: chpasswd.8.xml:137(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-c</option>, <option>--comment</option>&nbsp;"
+#| "<replaceable>COMMENT</replaceable>"
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMENTARZ</"
+"replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr ""
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr ""
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr ""
+"Dostarczone na standardowe wejście hasła są traktowane jako już zakodowane."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"Jeżeli dpostarczane hasła są w postaci jawnej użyj kodowania MD5 zamiast "
+"domyślnego DES."
+
+#: chpasswd.8.xml:200(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-w</option>, <option>--warndays</option>&nbsp;"
+#| "<replaceable>WARN_DAYS</replaceable>"
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DNI_OSTRZ</replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Pamiętaj żeby zabezpieczyć przed odczytem plik przekazywany na standardowe "
+"wejście polecenia."
+
+#: chpasswd.8.xml:276(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/passwd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr ""
+
+#: chpasswd.8.xml:286(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "wsadowa aktualizacja haseł grup"
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"Polecenie <command>chgpasswd</command> czyta pary danych (grupa i hasło) ze "
+"standardowego wejścia. Odczytane informacje wykorzystywane są do "
+"aktualizacji danych o grupach istniejących użytkowników. Każdy wiersz "
+"przekazywanych danych ma postać:"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nazwa_grupy</emphasis>:<emphasis remap=\"I\">hasło</"
+"emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+#, fuzzy
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Domyślnie dostarczane hasła muszą być w postaci jawnej. Podczas kodowania "
+"haseł używany jest domyślnie algorytm DES."
+
+#: chgpasswd.8.xml:92(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr "Polecenie <command>chgpasswd</command> posiada następujące opcje:"
+
+#: chgpasswd.8.xml:238(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr ""
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+
+#: chfn.1.xml:112(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>chsh</command> command are:"
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Polecenie <command>chsh</command> posiada następujące opcje:"
+
+#: chfn.1.xml:117(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>"
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr ""
+
+#: chfn.1.xml:125(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr ""
+
+#: chfn.1.xml:133(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+
+#: chfn.1.xml:145(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr ""
+
+#: chfn.1.xml:165(term)
+#, fuzzy
+#| msgid "<option>-h</option>, <option>--help</option>"
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr ""
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "zmiana informacji o terminie ważności hasła użytkownika"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"Polecenie <command>chage</command> zmienia liczbę dni pomiędzy zmianami "
+"hasła i datę ostatniej zmiany hasła. Informację tę system wykorzystuje do "
+"ustalenia, kiedy użytkownik musi zmienić hasło."
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "Polecenie <command>chage</command> posiada następujące opcje:"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>OSTATNI</"
+"replaceable>"
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"Ustawia ilość dni od 1 stycznia 1970 kiedy hało było ostani raz zmieniane. "
+"Data ważności może być takze prezekazana w formacie RRRR-MM-DD (lub formacie "
+"używanym lokalnie)."
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATA_WAŻN</replaceable>"
+
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"Ustawia datę, począwszy od której konto użytkownika nie będzie już dostępne. "
+"<replaceable>DATA_WAŻN</replaceable> jest liczbą dni od 1 stycznia 1970, od "
+"której konto jest blokowane. Data może być też wyrażona w formacie RRRR-MM-"
+"DD (lub innej, powszechniej używanej w danym regionie). Użytkownik, którego "
+"konto jest zablokowane musi skontaktować się z administratorem systemu zanim "
+"będzie mógł z niego ponownie skorzystać."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Przekazanie <emphasis remap=\"I\">-1</emphasis> jako <replaceable>DATA_WAŻN</"
+"replaceable> usuwa ograniczenie ważności konta użytkownika."
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>NIEAKTYWNE</replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"Opcja ta służy do ustawiania czasu nieaktywności konta po wygaśnięciu "
+"ważności hasła, po którym to czasie konto jest blokowane. Parametr "
+"<replaceable>NIEAKTYWNE</replaceable> jest liczbą dni nieaktywności. "
+"Użytkownik, którego konto jest zablokowane musi skontaktować się z "
+"administratorem systemu zanim będzie mógł z niego ponownie skorzystać."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Przekazanie <emphasis remap=\"I\">-1</emphasis> jako "
+"<replaceable>NIEAKTYWNE</replaceable> usuwa ograniczenie nieaktywniści konta "
+"użytkownika."
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Wyświetlenie informacji o terminach ważności konta i hasła."
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DNI</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DNI</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"Ustawia maksymalną liczbę dni, przez jakie hasło jest ważne. Gdy "
+"<replaceable>MAX_DNI</replaceable> plus <replaceable>OSTATNI</replaceable> "
+"jest mniejsze niż bieżący dzień, użytkownik musi zmienić swoje hasła, zanim "
+"będzie mógł skorzystać z konta. Zdarzenie to może być zaplanowane z "
+"wyprzedzeniem przez wykorzystanie opcji <option>-W</option>, ostrzegajÄ…cej "
+"zawczasu użytkownika o zbliżającym się terminie zmiany."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Przekazanie <emphasis remap=\"I\">-1</emphasis> jako <replaceable>MAX_DAYS</"
+"replaceable> usuwa sprawdzanie wazności hasła."
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DNI_OSTRZ</replaceable>"
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"Ustawia na <replaceable>DNI_OSTRZ</replaceable> liczbę dni przed upływem "
+"ważności hasła. Od tego dnia użytkownik będzie ostrzegany o nadchodzącym "
+"terminie zmiany hasła."
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Jeśli nie podano żadnej opcji, to <command>chage</command> działa w trybie "
+"interaktywnym, proponując użytkownikowi wartości bieżące dla każdego z pól. "
+"Wprowadzenie nowej wartości powoduje zmianę wartości pola, a podanie "
+"wartości pustej pozostawia wartość bieżącą. Bieżąca wartość pola wyświetlana "
+"jest w nawiasach <emphasis>[ ]</emphasis>."
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Program <command>chage</command> wymaga do działania chronionego pliku haseł "
+"użytkowników (shadow)."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"Polecenia chage może użyć tylko użytkownik root, za wyjątkiem opcji <option>-"
+"l</option>. Może się nią posłużyć się użytkownik nieuprzywilejowany do "
+"stwierdzenia, kiedy wygasa jego własne hasło lub konto."
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "nie można znaleźć pliku shadow"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>chage</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr "Tomasz KÅ‚oczko <kloczek@pld.org.pl>, 2006"
+
+#, fuzzy
+#~| msgid "-"
+#~ msgid "-M"
+#~ msgstr "-"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#, fuzzy
+#~| msgid ""
+#~| "The name of the user's new login shell. Setting this field to blank "
+#~| "causes the system to select the default login shell."
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "Nazwa nowej powłoki (shell) użytkownika. Ustawienie tego pola na puste "
+#~ "powoduje, że system wybierze domyślną powłokę logowania."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "new_users"
+
+#~ msgid "full_name"
+#~ msgstr "full_name"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "room_no"
+
+#~ msgid "work_ph"
+#~ msgstr "work_ph"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "home_ph"
+
+#~ msgid "other"
+#~ msgstr "other"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#~ "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+#~ msgstr "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+
+#, fuzzy
+#~| msgid "Supplied passwords are in encrypted form."
+#~ msgid "The supplied passwords must be in clear-text."
+#~ msgstr ""
+#~ "Dostarczone na standardowe wejście hasła są traktowane jako już "
+#~ "zakodowane."
+
+#, fuzzy
+#~ msgid "and <placeholder-1/> files"
+#~ msgstr "-a <placeholder-1/>"
+
+#, fuzzy
+#~| msgid ""
+#~| "<command>usermod</command> will not allow you to change the name of a "
+#~| "user who is logged in. You must make certain that the named user is not "
+#~| "executing any processes when this command is being executed if the "
+#~| "user's numerical user ID is being changed. You must change the owner of "
+#~| "any <command>crontab</command> files manually. You must change the owner "
+#~| "of any <command>at</command> jobs manually. You must make any changes "
+#~| "involving NIS on the NIS server."
+#~ msgid ""
+#~ "<command>usermod</command> will not allow you to change the name of an "
+#~ "user who is logged in. You must make certain that the named user is not "
+#~ "executing any processes when this command is being executed if the user's "
+#~ "numerical user ID is being changed. You must change the owner of any "
+#~ "<command>crontab</command> files manually. You must change the owner of "
+#~ "any <command>at</command> jobs manually. You must make any changes "
+#~ "involving NIS on the NIS server."
+#~ msgstr ""
+#~ "Polecenie <command>usermod</command> nie pozwola na zmianÄ™ nazwy "
+#~ "zalogowanego użytkownika. Jeśli zmieniany jest numeryczny identyfikator "
+#~ "użytkownika procesu to musisz się upewnić, że w trakcie wykonywania tego "
+#~ "polecenia użytkownik nie wykonuje żadnego procesu. Właśniciela plików "
+#~ "<command>crontab</command> musisz zmienić ręcznie. Właśniciela zadań "
+#~ "<command>at</command> musisz zmienić ręcznie. Jakiekolwiek zmiany "
+#~ "dotyczące NIS musisz wykonać na serwerze NIS."
+
+#~ msgid ""
+#~ "The group name or number of the user's new initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1."
+#~ msgstr ""
+#~ "Nazwa lub numer początkowej grupy logowania użytkownika. Nazwa grupy musi "
+#~ "istnieć. Numer grupy musi odnosić się do już istniejącej grupy. Domyślnym "
+#~ "numerem grupy jest 1."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#, fuzzy
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-a"
+#~ msgstr "-a"
+
+#~ msgid "-d"
+#~ msgstr "-d"
+
+#~ msgid "-g"
+#~ msgstr "-g"
+
+#~ msgid "GID"
+#~ msgstr "GID"
+
+#~ msgid "-o"
+#~ msgstr "-o"
+
+#~ msgid "KEY"
+#~ msgstr "KLUCZ"
+
+#~ msgid "VALUE"
+#~ msgstr "WARTOŚĆ"
+
+#~ msgid "-K <placeholder-1/>=<placeholder-2/>"
+#~ msgstr "-K <placeholder-1/>=<placeholder-2/>"
+
+#, fuzzy
+#~ msgid "-R"
+#~ msgstr "-"
+
+#, fuzzy
+#~ msgid "<option>-A</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+#, fuzzy
+#~ msgid "<option>-M</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+#~ msgid "An4wtbt"
+#~ msgstr "An4wtbt"
+
+#~ msgid ""
+#~ "The <option>-t</option> flag overrides the use of <option>-u</option>."
+#~ msgstr ""
+#~ "Opcja <option>-t</option> przesłania użycie opcji <option>-u</option>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "MAIL_DIR USERDEL_CMD"
+#~ msgstr "MAIL_DIR USERDEL_CMD"
+
+#~ msgid "MAIL_DIR"
+#~ msgstr "MAIL_DIR"
+
+#~ msgid "CHFN_AUTH"
+#~ msgstr "CHFN_AUTH"
+
+#~ msgid "GID_MAX GID_MIN"
+#~ msgstr "GID_MAX GID_MIN"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "-R <placeholder-1/>"
+#~ msgstr "-R <placeholder-1/>"
+
+#~ msgid "-A <placeholder-1/>"
+#~ msgstr "-A <placeholder-1/>"
+
+#~ msgid "-M <placeholder-1/>"
+#~ msgstr "-M <placeholder-1/>"
diff --git a/man/po/ru.po b/man/po/ru.po
new file mode 100644
index 0000000..ef552be
--- /dev/null
+++ b/man/po/ru.po
@@ -0,0 +1,11767 @@
+# translation of shadow_1:4.0.18.2-1_ru.po to Russian
+# Yuri Kozlov <kozlov.y@gmail.com>, 2005, 2006, 2007.
+# Yuri Kozlov <yuray@komyakino.ru>, 2012.
+msgid ""
+msgstr ""
+"Project-Id-Version: 1:4.0.18.2-1\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:39+0200\n"
+"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n"
+"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
+"Language: ru\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Lokalize 1.0\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><command>
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><manvolnum>
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+# type: Content of: <refentry><refmeta><refmiscinfo>
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Команды ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ ÑиÑтемой"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr ""
+"позволÑÑŽÑ‚ редактировать файлы паролей, групп, теневых паролей пользователей "
+"или групп."
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "параметры"
+
+# type: Content of: <refentry><refsect1><title>
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "ОПИСÐÐИЕ"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"С помощью программ <command>vipw</command> и <command>vigr</command> можно "
+"изменÑÑ‚ÑŒ файлы <filename>/etc/passwd</filename> и <filename>/etc/group</"
+"filename>, ÑоответÑтвенно. ЕÑли указан параметр <option>-s</option>, то "
+"будут редактироватьÑÑ Ñ‚ÐµÐ½ÐµÐ²Ñ‹Ðµ верÑии Ñтих файлов, <filename>/etc/shadow</"
+"filename> и <filename>/etc/gshadow</filename>, ÑоответÑтвенно. Ðа Ð²Ñ€ÐµÐ¼Ñ "
+"работы программы уÑтанавливают блокировку Ð´Ð»Ñ Ð¿Ñ€ÐµÐ´Ð¾Ñ‚Ð²Ñ€Ð°Ñ‰ÐµÐ½Ð¸Ñ Ð¿Ð¾Ð²Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ "
+"файла. При выборе редактора программы Ñначала проверÑÑŽÑ‚ переменную Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ "
+"<envar>$VISUAL</envar>, затем <envar>$EDITOR</envar>, и еÑли ничего не "
+"найдено, запуÑкают Ñтандартный редактор <citerefentry><refentrytitle>vi</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><title>
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "ПÐРÐМЕТРЫ"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr "Параметры команд <command>vipw</command> и <command>vigr</command>:"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Редактировать базу данных групп."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Показать краткую Ñправку и закончить работу."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Редактировать базу данных passwd."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Ðе выводить Ñообщений при работе."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>КÐТ_CHROOT</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Выполнить Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð² каталоге <replaceable>КÐТ_CHROOT</replaceable> и "
+"иÑпользовать файлы наÑтройки из каталога <replaceable>КÐТ_CHROOT</"
+"replaceable>."
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Редактировать базу данных shadow или gshadow."
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "Указать какой пользовательÑкий теневой файл tcb редактировать."
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "ÐÐСТРОЙКÐ"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"Ðа работу Ñтого инÑтрумента влиÑÑŽÑ‚ Ñледующие переменные наÑтройки из "
+"<filename>/etc/login.defs</filename>:"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (логичеÑкий)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"ЕÑли значение равно <replaceable>yes</replaceable>, то будет иÑпользоватьÑÑ "
+"Ñ‚ÐµÐ½ÐµÐ²Ð°Ñ Ñхема паролей <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "ОКРУЖЕÐИЕ"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "Редактор, который будет вызван."
+
+# type: Content of: <refentry><refsect1><title>
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr ""
+"Редактор, который будет вызван, еÑли не задана Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð°Ñ <option>VISUAL</"
+"option>."
+
+# type: Content of: <refentry><refsect1><title>
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "ФÐЙЛЫ"
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Ñодержит информацию о группах"
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Ñодержит защищаемую информацию о группах"
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Ñодержит информацию о пользователÑÑ…"
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Ñодержит защищаемую информацию о пользователÑÑ…"
+
+# type: Content of: <refentry><refsect1><title>
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "СМОТРИТЕ ТÐКЖЕ"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "изменÑет учётную запиÑÑŒ пользователÑ"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><emphasis>
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "УЧÐТÐÐЯ_ЗÐПИСЬ"
+
+# type: Content of: <refentry><refsect1><para>
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Команда <command>usermod</command> изменÑет ÑиÑтемные файлы учётных запиÑей "
+"ÑоглаÑно переданным в командной Ñтроке параметрам."
+
+# type: Content of: <refentry><refsect1><para>
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr "Параметры команды <command>usermod</command>:"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Добавить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² дополнительную группу(Ñ‹). ИÑпользовать только вмеÑте "
+"Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;"
+"<replaceable>КОММЕÐТÐРИЙ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"Ðовое значение Ð¿Ð¾Ð»Ñ ÐºÐ¾Ð¼Ð¼ÐµÐ½Ñ‚Ð°Ñ€Ð¸Ñ Ð² файле пользовательÑких паролей. Обычно его "
+"изменÑÑŽÑ‚ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ программы <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option> "
+"<replaceable>ДОМÐШÐИЙ_КÐТÐЛОГ</replaceable>"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "Домашний каталог нового пользователÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"ЕÑли указан параметр <option>-m</option>, то Ñодержимое текущего домашнего "
+"каталога будет перемещено в новый домашний каталог, который будет Ñоздан, "
+"еÑли он ещё не ÑущеÑтвует."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option> "
+"<replaceable>ДÐТÐ_УСТÐРЕВÐÐИЯ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Дата, когда ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð±ÑƒÐ´ÐµÑ‚ заблокирована. Дата задаётÑÑ Ð² "
+"формате <emphasis remap=\"I\">ГГГГ-ММ-ДД</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"ПуÑтое значение аргумента <replaceable>ДÐТÐ_УСТÐРЕВÐÐИЯ</replaceable> "
+"отключает уÑтаревание учётной запиÑи."
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Ð”Ð»Ñ Ñтого параметра требуетÑÑ Ñ„Ð°Ð¹Ð» <filename>/etc/shadow</filename>. При "
+"отÑутÑтвии в <filename>/etc/shadow</filename> ÑоздаётÑÑ Ð½ÐµÐ¾Ð±Ñ…Ð¾Ð´Ð¸Ð¼Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>ДÐЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"КоличеÑтво дней, которые должны пройти поÑле уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ, чтобы "
+"ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ заблокировалаÑÑŒ навÑегда."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"ЕÑли указано значение 0, то ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ блокируетÑÑ Ñразу поÑле "
+"уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ, а при значении -1 Ð´Ð°Ð½Ð½Ð°Ñ Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾ÑÑ‚ÑŒ не иÑпользуетÑÑ."
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>ГРУППÐ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Ð˜Ð¼Ñ Ð¸Ð»Ð¸ чиÑловой идентификатор новой первичной группы пользователÑ. Группа Ñ "
+"таким именем должна ÑущеÑтвовать."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+"Ð’Ñе файлы в домашнем каталоге пользователÑ, принадлежавшие предыдущей "
+"первичной группе пользователÑ, будут принадлежать новой группе."
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+"Группового владельца файлов вне домашнего каталога нужно изменить вручную."
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>ГРУППÐ1</"
+"replaceable>[<emphasis remap=\"I\">,ГРУППÐ2,…</emphasis>[<emphasis remap=\"I"
+"\">,ГРУППÐN</emphasis>]]]"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"СпиÑок дополнительных групп, в которых чиÑлитÑÑ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÑŒ. ПеречиÑление "
+"групп оÑущеÑтвлÑетÑÑ Ñ‡ÐµÑ€ÐµÐ· запÑтую, без промежуточных пробелов. Ðа указанные "
+"группы дейÑтвуют те же ограничениÑ, что и Ð´Ð»Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ указанной в параметре "
+"<option>-g</option>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"ЕÑли пользователь — член группы, которой в указанном ÑпиÑке нет, то "
+"пользователь удалÑетÑÑ Ð¸Ð· Ñтой группы. Такое поведение можно изменить Ñ "
+"помощью параметра <option>-a</option>, при указании которого к уже "
+"имеющемуÑÑ ÑпиÑку групп Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð´Ð¾Ð±Ð°Ð²Ð»ÑетÑÑ ÑпиÑок указанных "
+"дополнительных групп."
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>ÐОВОЕ_ИМЯ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Ð˜Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð±ÑƒÐ´ÐµÑ‚ изменено Ñ <replaceable>ИМЯ</replaceable> на "
+"<replaceable>ÐОВОЕ_ИМЯ</replaceable>. Больше ничего не менÑетÑÑ. Ð’ "
+"чаÑтноÑти, вероÑтно, должно быть изменено Ð¸Ð¼Ñ Ð´Ð¾Ð¼Ð°ÑˆÐ½ÐµÐ³Ð¾ каталога и почтового "
+"Ñщика, чтобы отразить изменение имени пользователÑ."
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Заблокировать пароль пользователÑ. Это делаетÑÑ Ð¿Ð¾Ð¼ÐµÑ‰ÐµÐ½Ð¸ÐµÐ¼ Ñимвола «!» в "
+"начало шифрованного паролÑ, чтобы приводит к блокировке паролÑ. Ðе "
+"иÑпользуйте Ñтот параметр вмеÑте Ñ <option>-p</option> или <option>-U</"
+"option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"Замечание: еÑли вы хотите заблокировать учётную запиÑÑŒ (не только доÑтуп по "
+"паролю), также уÑтановите значение <replaceable>EXPIRE_DATE</replaceable> в "
+"<replaceable>1</replaceable>."
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr "ПеремеÑтить Ñодержимое домашнего каталога в новое меÑто."
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"Этот параметр можно иÑпользовать только Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-d</option> "
+"(или <option>--home</option>)."
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"Команда <command>usermod</command> пытаетÑÑ Ð¸Ð·Ð¼ÐµÐ½Ð¸Ñ‚ÑŒ владельцев файлов и "
+"копирует права, ACL и раÑширенные атрибуты, но поÑле неё вÑÑ‘ равно могут "
+"потребоватьÑÑ Ð½ÐµÐºÐ¾Ñ‚Ð¾Ñ€Ñ‹Ðµ ручные дейÑтвиÑ."
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+"При иÑпользовании Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-u</option>, Ñтот параметр позволÑет "
+"указывать не уникальный чиÑловой идентификатор пользователÑ."
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>ПÐРОЛЬ</"
+"replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"Шифрованное значение паролÑ, которое возвращает Ñ„ÑƒÐ½ÐºÑ†Ð¸Ñ "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">Замечание:</emphasis> Этот параметр иÑпользовать не "
+"рекомендуетÑÑ, так как пароль (или не шифрованный пароль) будет видим "
+"другими пользователÑм в ÑпиÑке процеÑÑов."
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"Пароль будет запиÑан в локальный файл <filename>/etc/passwd</filename> или "
+"<filename>/etc/shadow</filename>. Это может вызвать раÑÑ…Ð¾Ð¶Ð´ÐµÐ½Ð¸Ñ Ñ Ð±Ð°Ð·Ð¾Ð¹ "
+"данных паролей, наÑтроенной в PAM."
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+"Ð’Ñ‹ должны проверить, что пароль ÑоответÑтвует политике ÑиÑтемных паролей."
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>ОБОЛОЧКÐ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Ð˜Ð¼Ñ Ð½Ð¾Ð²Ð¾Ð¹ региÑтрационной оболочки пользователÑ. ЕÑли задать пуÑтое "
+"значение, то будет иÑпользована региÑÑ‚Ñ€Ð°Ñ†Ð¸Ð¾Ð½Ð½Ð°Ñ Ð¾Ð±Ð¾Ð»Ð¾Ñ‡ÐºÐ° по умолчанию."
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "Ðовый чиÑловой идентификатор Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ (UID)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"Оно должно быть уникальным, еÑли не иÑпользуетÑÑ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€ <option>-o</"
+"option>. Значение должно быть неотрицательным."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+"Ð”Ð»Ñ Ð¿Ð¾Ñ‡Ñ‚Ð¾Ð²Ð¾Ð³Ð¾ Ñщика и вÑех файлов, которыми владеет пользователь и которые "
+"раÑположены в его домашнем каталоге, идентификатор владельца файла будет "
+"изменён автоматичеÑки."
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+"Ð”Ð»Ñ Ñ„Ð°Ð¹Ð»Ð¾Ð², раÑположенных вне домашнего каталога, идентификатор нужно "
+"изменÑÑ‚ÑŒ вручную."
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Ðикаких проверок по <option>UID_MIN</option>, <option>UID_MAX</option>, "
+"<option>SYS_UID_MIN</option> или <option>SYS_UID_MAX</option> из <filename>/"
+"etc/login.defs</filename> не производитÑÑ."
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Разблокировать пароль пользователÑ. Это выполнÑетÑÑ ÑƒÐ´Ð°Ð»ÐµÐ½Ð¸ÐµÐ¼ Ñимвола «!» из "
+"начала шифрованного паролÑ. Ðе иÑпользуйте Ñтот параметр вмеÑте Ñ <option>-"
+"p</option> или <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"Замечание: еÑли вы хотите разблокировать учётную запиÑÑŒ (не только доÑтуп по "
+"паролю), также уÑтановите значение <replaceable>EXPIRE_DATE</replaceable> "
+"(например, в to <replaceable>99999</replaceable> или равным значению "
+"<option>EXPIRE</option> из файла <filename>/etc/default/useradd</filename>)."
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>УЧÐТÐÐЯ "
+"ЗÐПИСЬ</replaceable>|<replaceable>ДИÐПÐЗОÐ</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Ðикаких проверок по <option>UID_MIN</option>, <option>UID_MAX</option>, "
+"<option>SYS_UID_MIN</option> или <option>SYS_UID_MAX</option> из <filename>/"
+"etc/login.defs</filename> не производитÑÑ."
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>УЧÐТÐÐЯ "
+"ЗÐПИСЬ</replaceable>|<replaceable>ДИÐПÐЗОÐ</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>УЧÐТÐÐЯ "
+"ЗÐПИСЬ</replaceable>|<replaceable>ДИÐПÐЗОÐ</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>GID_MIN</option>, "
+#| "<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+#| "<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Ðикаких проверок по <option>GID_MIN</option>, <option>GID_MAX</option>, "
+"<option>SYS_GID_MIN</option> или <option>SYS_GID_MAX</option> из <filename>/"
+"etc/login.defs</filename> не производитÑÑ."
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>УЧÐТÐÐЯ "
+"ЗÐПИСЬ</replaceable>|<replaceable>ДИÐПÐЗОÐ</replaceable>"
+
+#: usermod.8.xml:444(para)
+#, fuzzy
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+"УдалÑет вÑе пользовательÑкие ÑопоÑÑ‚Ð°Ð²Ð»ÐµÐ½Ð¸Ñ SELinux Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи "
+"пользователÑ."
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr "Ðовый пользователь SELinux Ð´Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÑŒÑкого входа."
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"При пуÑтом значении <replaceable>SEUSER</replaceable> пользовательÑкое "
+"ÑопоÑтавление SELinux Ð´Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ <replaceable>LOGIN</replaceable> "
+"удалÑетÑÑ (еÑли еÑÑ‚ÑŒ)."
+
+# type: Content of: <refentry><refsect1><title>
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "ПРЕДОСТЕРЕЖЕÐИЯ"
+
+#: usermod.8.xml:479(para)
+#, fuzzy
+#| msgid ""
+#| "You must make certain that the named user is not executing any processes "
+#| "when this command is being executed if the user's numerical user ID, the "
+#| "user's name, or the user's home directory is being changed. "
+#| "<command>usermod</command> checks this on Linux, but only check if the "
+#| "user is logged in according to utmp on other architectures."
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+"Ð’Ñ‹ должны убедитьÑÑ, что от указанного Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð½Ðµ запущено никаких "
+"процеÑÑов, еÑли при выполнении Ñтой команды изменÑетÑÑ Ñ‡Ð¸Ñловой "
+"пользовательÑкий ID, Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð»Ð¸ домашний каталог пользователÑ. Ð’ "
+"Linux команда <command>usermod</command> выполнÑет такую проверку, но на "
+"других архитектурах проверÑетÑÑ Ñ‚Ð¾Ð»ÑŒÐºÐ¾ приÑутÑтвие Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² ÑиÑтеме "
+"ÑоглаÑно данным utmp."
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"Ð’Ñ‹ должны вручную изменить владельца вÑех файлов <command>crontab</command> "
+"или заданий <command>at</command>."
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr "Ð’Ñ‹ должны Ñделать вÑе Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ NIS на Ñервере NIS ÑамоÑтоÑтельно."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (Ñтрока)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"Почтовый каталог. Данный параметр нужен Ð´Ð»Ñ ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ð¾Ñ‡Ñ‚Ð¾Ð²Ñ‹Ð¼ Ñщиком при "
+"изменении или удалении учётной запиÑи пользователÑ. ЕÑли параметр не задан, "
+"то иÑпользуетÑÑ Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ðµ указанное при Ñборке."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (Ñтрока)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+"ОпределÑет раÑположение почтовых файлов Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¾Ñ‚Ð½Ð¾Ñительно домашнего "
+"каталога."
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"Переменные <option>MAIL_DIR</option> и <option>MAIL_FILE</option> "
+"иÑпользуютÑÑ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð°Ð¼Ð¸ <command>useradd</command>, <command>usermod</"
+"command> и <command>userdel</command> Ð´Ð»Ñ ÑозданиÑ, Ð¿ÐµÑ€ÐµÐ¼ÐµÑ‰ÐµÐ½Ð¸Ñ Ð¸Ð»Ð¸ ÑƒÐ´Ð°Ð»ÐµÐ½Ð¸Ñ "
+"почты пользователÑ."
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"ЕÑли значение <option>MAIL_CHECK_ENAB</option> равно <replaceable>yes</"
+"replaceable>, то они также иÑпользуютÑÑ Ð´Ð»Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ "
+"<envar>MAIL</envar>."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (чиÑло)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"МакÑимальное количеÑтво членов в запиÑи о группе. При доÑÑ‚Ð¸Ð¶ÐµÐ½Ð¸Ñ Ð¼Ð°ÐºÑимума "
+"заводитÑÑ Ð½Ð¾Ð²Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ группы (Ñтрока) в <filename>/etc/group</filename> (Ñ "
+"тем же именем, паролем и тем же GID)."
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+"Значение по умолчанию равно 0, означающее, что Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ Ð½Ð° количеÑтво "
+"членов в группе нет."
+
+#. Note: on HP, split groups have the same ID, but different
+#. names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"Ð”Ð°Ð½Ð½Ð°Ñ Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾ÑÑ‚ÑŒ (разделение группы) позволÑет ограничить длину Ñтрок в "
+"файле групп. Это полезно Ð´Ð»Ñ Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ Ð´Ð»Ð¸Ð½Ñ‹ Ñтрок групп NIS в 1024 "
+"Ñимвола."
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr "ЕÑли вам нужно такое ограничение, укажите значение 25."
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"Замечание: разделение групп поддерживаетÑÑ Ð½Ðµ вÑеми инÑтрументами (даже в "
+"наборе инÑтрументов Shadow). Ð’Ñ‹ не должны иÑпользовать Ñту переменную, еÑли "
+"вам дейÑтвительно Ñто ненужно."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (чиÑло)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Значение по умолчанию Ð´Ð»Ñ <option>SYS_GID_MIN</option> (Ñоотв."
+"<option>SYS_GID_MAX</option>) равно 101 (Ñоотв. <option>GID_MIN</option>-1)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (чиÑло)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Значение по умолчанию Ð´Ð»Ñ <option>SYS_UID_MIN</option> (Ñоотв. "
+"<option>SYS_UID_MAX</option>) равно 101 (Ñоотв. <option>UID_MIN</option>-1)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (логичеÑкий)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+" use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+" kilos = UID / 1000\n"
+" use /etc/tcb/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" use /etc/tcb/:megas/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+" "
+msgstr ""
+"\n"
+"еÑли ( UID меньше 1000) {\n"
+" иÑпользовать /etc/tcb/user\n"
+"} иначе еÑли ( UID меньше 1000000) {\n"
+" kilos = UID / 1000\n"
+" иÑпользовать /etc/tcb/:kilos/user\n"
+" Ñоздать symlink /etc/tcb/user на каталог выше\n"
+"} иначе {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" иÑпользовать /etc/tcb/:megas/:kilos/user\n"
+" Ñоздать symlink /etc/tcb/user на каталог выше\n"
+"}\n"
+" "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"ЕÑли значение равно <replaceable>yes</replaceable>, то раÑположение "
+"Ñоздаваемого пользовательÑкого каталога tcb directory не будет автоматичеÑки "
+"уÑтановлено в /etc/tcb/user, а будет вычиÑлено в завиÑимоÑти от UID "
+"пользователÑ, ÑоглаÑно Ñледующему алгоритму: <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr "Ñодержит конфигурацию подÑиÑтемы теневых паролей"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "удалÑет учётную запиÑÑŒ и файлы пользователÑ"
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"Команда <command>userdel</command> изменÑет ÑиÑтемные файлы учётных запиÑей, "
+"удалÑÑ Ð²Ñе запиÑи, отноÑÑщиеÑÑ Ðº указанному <emphasis remap=\"I"
+"\">имени_пользователÑ</emphasis>. Ð—Ð°Ð´Ð°Ð½Ð½Ð°Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ должна "
+"ÑущеÑтвовать."
+
+# type: Content of: <refentry><refsect1><para>
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr "Параметры команды <command>userdel</command>:"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"С Ñтим параметром ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ будет удалена, даже еÑли пользователь в "
+"Ñтот момент работает в ÑиÑтеме. Он также заÑтавлÑет <command>userdel</"
+"command> удалить домашний каталог Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ почтовый Ñщик, даже еÑли "
+"другой пользователь иÑпользует тот же домашний каталог или еÑли почтовый "
+"Ñщик не принадлежит данному пользователю. ЕÑли значение "
+"<option>USERGROUPS_ENAB</option> равно <emphasis remap=\"I\">yes</emphasis> "
+"в файле <filename>/etc/login.defs</filename> и еÑли ÑущеÑтвует группа Ñ "
+"именем удалÑемого пользователÑ, то Ñто группа будет удалена, даже еÑли она "
+"вÑÑ‘ ещё ÑвлÑетÑÑ Ð¿ÐµÑ€Ð²Ð¸Ñ‡Ð½Ð¾Ð¹ группой другого пользователÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Замечание:</emphasis> Этот параметр опаÑно иÑпользовать; он может "
+"привеÑти ÑиÑтему в нерабочее ÑоÑтоÑние."
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"Файлы в домашнем каталоге Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð±ÑƒÐ´ÑƒÑ‚ удалены вмеÑте Ñ Ñамим домашним "
+"каталогом и почтовым Ñщиком. ПользовательÑкие файлы, раÑположенные в других "
+"файловых ÑиÑтемах, нужно иÑкать и удалÑÑ‚ÑŒ вручную."
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"Ð˜Ð¼Ñ Ñ„Ð°Ð¹Ð»Ð° почтового Ñщика задаётÑÑ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ <option>MAIL_DIR</option> в "
+"файле <filename>login.defs</filename>."
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+"УдалÑет вÑе пользовательÑкие ÑопоÑÑ‚Ð°Ð²Ð»ÐµÐ½Ð¸Ñ SELinux Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи "
+"пользователÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (Ñтрока)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"ОпределÑет программу, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð±ÑƒÐ´ÐµÑ‚ запущена при удалении пользователÑ. Она "
+"должна удалÑÑ‚ÑŒ любые Ð·Ð°Ð´Ð°Ð½Ð¸Ñ at/cron/печати удалÑемого Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ "
+"(передаётÑÑ Ð² качеÑтве первого аргумента)."
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr "Возвращаемый Ñценарием код Ð·Ð°Ð²ÐµÑ€ÑˆÐµÐ½Ð¸Ñ Ð½Ðµ учитываетÑÑ."
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+" "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# проверить вÑе необходимые параметры\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"ИÑпользование: $0 имÑ_пользователÑ\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# удалить Ð·Ð°Ð´Ð°Ð½Ð¸Ñ cron\n"
+"crontab -r -u $1\n"
+"\n"
+"# удалить Ð·Ð°Ð´Ð°Ð½Ð¸Ñ at\n"
+"# Заметим, что Ñто удалит вÑе Ð·Ð°Ð´Ð°Ð½Ð¸Ñ Ñ ÑƒÐºÐ°Ð·Ð°Ð½Ð½Ñ‹Ð¼ UID,\n"
+"# даже еÑли он иÑпользуетÑÑ Ð´Ð»Ñ Ð´Ñ€ÑƒÐ³Ð¾Ð¹ учётной запиÑи.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# удалить Ð·Ð°Ð´Ð°Ð½Ð¸Ñ Ð¿ÐµÑ‡Ð°Ñ‚Ð¸\n"
+"lprm $1\n"
+"\n"
+"# вÑÑ‘\n"
+"exit 0\n"
+" "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"Вот проÑтой Ñценарий, который удалÑет Ð·Ð°Ð´Ð°Ð½Ð¸Ñ Ð¿ÐµÑ‡Ð°Ñ‚Ð¸, cron и at: "
+"<placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (логичеÑкий)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"Включает уÑтановку группы битов umask равной битам владельца (пример: 022 -"
+"&gt; 002, 077 -&gt; 007) Ð´Ð»Ñ Ð½Ðµ Ñуперпользователей, еÑли uid равен gid и Ð¸Ð¼Ñ "
+"Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ñовпадает Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ первичной группы."
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"ЕÑли значение равно <replaceable>yes</replaceable>, то <command>userdel</"
+"command> удалÑет пользовательÑкую группу, еÑли в ней нет больше членов, а "
+"<command>useradd</command> по умолчанию Ñоздаёт группу Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ пользователÑ."
+
+# type: Content of: <refentry><refsect1><title>
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "ВОЗВРÐЩÐЕМЫЕ ЗÐÐЧЕÐИЯ"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "уÑпешное выполнение"
+
+# type: Content of: <refentry><refmeta><manvolnum>
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "не удалоÑÑŒ изменить файл паролей"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "ошибка в параметрах команды"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "указанный пользователь не ÑущеÑтвует"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "пользователь ÑÐµÐ¹Ñ‡Ð°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ð°ÐµÑ‚ в ÑиÑтеме"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "не удалоÑÑŒ изменить файл групп"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "не удалоÑÑŒ удалить домашний каталог"
+
+# type: Content of: <refentry><refsect1><para>
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Команда <command>userdel</command> Ð·Ð°Ð²ÐµÑ€ÑˆÐ°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñƒ, возвращает Ñледующие "
+"значениÑ: <placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"Команда <command>userdel</command> не позволит удалить учётную запиÑÑŒ, еÑли "
+"еÑÑ‚ÑŒ запущенные процеÑÑÑ‹, принадлежащие данной учётной запиÑи. Ð’ Ñтом Ñлучае "
+"вы можете удалить Ñти процеÑÑÑ‹ или заблокировать пароль Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð»Ð¸ "
+"учётную запиÑÑŒ, а затем удалить учётную запиÑÑŒ. ЕÑли указан параметр "
+"<option>-f</option>, то ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ будет удалена неÑÐ¼Ð¾Ñ‚Ñ€Ñ Ð½Ð¸ на что."
+
+# type: Content of: <refentry><refsect1><para>
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+"Ð’Ñ‹ должны вручную проверить вÑе файловые ÑиÑтемы, чтобы убедитьÑÑ, что не "
+"оÑталоÑÑŒ файлов, принадлежащих Ñтому пользователю."
+
+# type: Content of: <refentry><refsect1><para>
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"ÐÐµÐ»ÑŒÐ·Ñ ÑƒÐ´Ð°Ð»Ð¸Ñ‚ÑŒ NIS атрибуты клиента NIS. Это необходимо Ñделать на NIS "
+"Ñервере."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"ЕÑли значение переменной <option>USERGROUPS_ENAB</option> равно <emphasis "
+"remap=\"I\">yes</emphasis> в файле <filename>/etc/login.defs</filename>, то "
+"<command>userdel</command> удалит группу Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ как у пользователÑ. Чтобы "
+"избежать раÑÑоглаÑованноÑти в базах данных групп и паролей, "
+"<command>userdel</command> проверит, что Ð´Ð°Ð½Ð½Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° не иÑпользуетÑÑ Ð² "
+"качеÑтве первичной Ð´Ð»Ñ Ð´Ñ€ÑƒÐ³Ð¾Ð³Ð¾ пользователÑ, и выдаÑÑ‚ предупреждение без "
+"удалениÑ, еÑли такое ÑлучитÑÑ. Параметр <option>-f</option> поможет удалить "
+"группу в любом Ñлучае."
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"региÑтрирует нового Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð»Ð¸ изменÑет информацию по умолчанию о "
+"новых пользователÑÑ…"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"При запуÑке без параметра <option>-D</option> команда <command>useradd</"
+"command> Ñоздаёт новую учётную запиÑÑŒ пользователÑ, иÑÐ¿Ð¾Ð»ÑŒÐ·ÑƒÑ Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¸Ð· "
+"командной Ñтроки и ÑиÑтемные Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию. Ð’ завиÑимоÑти от "
+"параметров командной Ñтроки, команда <command>useradd</command> обновлÑет "
+"ÑиÑтемные файлы, а также может Ñоздать домашний каталог нового Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ "
+"и Ñкопировать начальные файлы наÑтроек."
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"По умолчанию, Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ñ‚Ð°ÐºÐ¶Ðµ ÑоздаётÑÑ Ð³Ñ€ÑƒÐ¿Ð¿Ð° (Ñмотрите "
+"параметры <option>-g</option>, <option>-N</option>, <option>-U</option> и "
+"<option>USERGROUPS_ENAB</option>)."
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr "Параметры команды <command>useradd</command>:"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option> "
+"<replaceable>БÐЗОВЫЙ_КÐТÐЛОГ</replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"Базовый ÑиÑтемный каталог по умолчанию, еÑли другой каталог не указан Ñ "
+"помощью параметра <option>-d</option>. Значение "
+"<replaceable>БÐЗОВЫЙ_КÐТÐЛОГ</replaceable> объединÑетÑÑ Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ учётной "
+"запиÑи Ð´Ð»Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð´Ð¾Ð¼Ð°ÑˆÐ½ÐµÐ³Ð¾ каталога. ЕÑли не указан параметр <option>-"
+"m</option>, то <replaceable>БÐЗОВЫЙ_КÐТÐЛОГ</replaceable> должен "
+"ÑущеÑтвовать."
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"ЕÑли Ñтот параметр не задан, то команда <command>useradd</command> будет "
+"иÑпользовать базовый каталог, указанный в переменной <option>HOME</option> в "
+"файле <filename>/etc/default/useradd</filename> иначе <filename>/home</"
+"filename> (по умолчанию)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+"Ð›ÑŽÐ±Ð°Ñ Ñ‚ÐµÐºÑÑ‚Ð¾Ð²Ð°Ñ Ñтрока. Обычно, здеÑÑŒ коротко опиÑываетÑÑ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ, и "
+"в наÑтоÑщее Ð²Ñ€ÐµÐ¼Ñ Ð¸ÑпользуетÑÑ ÐºÐ°Ðº поле Ð´Ð»Ñ Ð¸Ð¼ÐµÐ½Ð¸ и фамилии пользователÑ."
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option> "
+"<replaceable>ДОМÐШÐИЙ_КÐТÐЛОГ</replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"Ð”Ð»Ñ Ñоздаваемого Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð±ÑƒÐ´ÐµÑ‚ иÑпользован каталог "
+"<replaceable>ДОМÐШÐИЙ_КÐТÐЛОГ</replaceable> в качеÑтве начального каталога. "
+"По умолчанию, Ñто значение получаетÑÑ Ð¾Ð±ÑŠÐµÐ´Ð¸Ð½ÐµÐ½Ð¸ÐµÐ¼ <replaceable>ИМЕÐИ</"
+"replaceable> Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ñ <replaceable>БÐЗОВЫМ_КÐТÐЛОГОМ</replaceable> и "
+"иÑпользуетÑÑ ÐºÐ°Ðº Ð¸Ð¼Ñ Ð´Ð¾Ð¼Ð°ÑˆÐ½ÐµÐ³Ð¾ каталога. Каталог "
+"<replaceable>ДОМÐШÐИЙ_КÐТÐЛОГ</replaceable> необÑзательно должен "
+"ÑущеÑтвовать, но не будет Ñоздан, еÑли его нет."
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr "Смотрите далее в подразделе «Изменение значений по умолчанию»."
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"ЕÑли Ñтот параметр не задан, то команда <command>useradd</command> будет "
+"иÑпользовать дату уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð¾ умолчанию, указанную в переменной "
+"<option>EXPIRE</option> в файле <filename>/etc/default/useradd</filename>, "
+"иначе пуÑтую Ñтроку (без уÑтареваниÑ, по умолчанию)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"ЕÑли указано значение 0, то ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ блокируетÑÑ Ñразу поÑле "
+"уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ, а при значении -1 Ð´Ð°Ð½Ð½Ð°Ñ Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾ÑÑ‚ÑŒ не иÑпользуетÑÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"ЕÑли Ñтот параметр не задан, то команда <command>useradd</command> будет "
+"иÑпользовать Ñрок неактивноÑти по умолчанию, указанный в переменной "
+"<option>INACTIVE</option> в файле <filename>/etc/default/useradd</filename> "
+"или -1 (по умолчанию)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Ð˜Ð¼Ñ Ð¸Ð»Ð¸ чиÑловой идентификатор первичной группы пользователÑ. Группа Ñ Ñ‚Ð°ÐºÐ¸Ð¼ "
+"именем должна ÑущеÑтвовать. Идентификатор группы должен указывать на уже "
+"ÑущеÑтвующую группу."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"ЕÑли не указан, то поведение <command>useradd</command> завиÑит от "
+"переменной <option>USERGROUPS_ENAB</option> в файле <filename>/etc/login."
+"defs</filename>. ЕÑли значение Ñтой переменной равно <replaceable>yes</"
+"replaceable> (или в командной Ñтроке указан параметр <option>-U/--user-"
+"group</option>), то Ð´Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð±ÑƒÐ´ÐµÑ‚ Ñоздана группа Ñ Ñ‚ÐµÐ¼ же именем "
+"как его Ð¸Ð¼Ñ Ð´Ð»Ñ Ð²Ñ…Ð¾Ð´Ð°. ЕÑли значение переменной равно <replaceable>no</"
+"replaceable> (или в командной Ñтроке указан параметр <option>-N/--no-user-"
+"group</option>), то useradd уÑтановит первичную группу нового Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ "
+"равной значению переменной <option>GROUP</option> из файла <filename>/etc/"
+"default/useradd</filename>, или 100 (по умолчанию)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"СпиÑок дополнительных групп, в которых чиÑлитÑÑ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÑŒ. ПеречиÑление "
+"групп оÑущеÑтвлÑетÑÑ Ñ‡ÐµÑ€ÐµÐ· запÑтую, без промежуточных пробелов. Ðа указанные "
+"группы дейÑтвуют те же ограничениÑ, что и Ð´Ð»Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ указанной в параметре "
+"<option>-g</option>. По умолчанию пользователь входит только в начальную "
+"группу."
+
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;"
+"<replaceable>КÐТÐЛОГ_ШÐБЛОÐОВ</replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"Каталог Ñ ÑˆÐ°Ð±Ð»Ð¾Ð½Ð°Ð¼Ð¸, который Ñодержит файлы и каталоги Ð´Ð»Ñ ÐºÐ¾Ð¿Ð¸Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð² "
+"домашний каталог Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¿Ñ€Ð¸ Ñоздании домашнего каталога командой "
+"<command>useradd</command>."
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"Этот параметр можно иÑпользовать только Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-m</option> "
+"(или <option>--create-home</option>)."
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"ЕÑли Ñтот параметр не задан, то каталог шаблонов определÑетÑÑ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ "
+"<option>SKEL</option> из файла <filename>/etc/default/useradd</filename>, "
+"или равен <filename>/etc/skel</filename> (по умолчанию)."
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "ЕÑли возможно, выполнÑетÑÑ ÐºÐ¾Ð¿Ð¸Ñ€Ð¾Ð²Ð°Ð½Ð¸Ðµ ACL и раÑширенных атрибутов."
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>КЛЮЧ</"
+"replaceable>=<replaceable>ЗÐÐЧЕÐИЕ</replaceable>"
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"ЗаменÑет Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию из файла <filename>/etc/login.defs</filename> "
+"(<option>UID_MIN</option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> и других). <placeholder-1/> Пример: <option>-"
+"K</option>&nbsp;<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</"
+"replaceable> можно иÑпользовать при Ñоздании ÑиÑтемной учётной запиÑи, чтобы "
+"выключить уÑтаревание паролÑ, даже еÑли ÑиÑÑ‚ÐµÐ¼Ð½Ð°Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ вообще не "
+"имеет паролÑ. Можно указывать параметр <option>-K</option> неÑколько раз, "
+"например: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "Ðе добавлÑÑ‚ÑŒ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² базы данных lastlog и faillog."
+
+#: useradd.8.xml:327(para)
+#, fuzzy
+#| msgid ""
+#| "By default, the user's entries in the lastlog and faillog databases are "
+#| "resetted to avoid reusing the entry from a previously deleted user."
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"По умолчанию, запиÑи Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² базах данных lastlog и faillog "
+"ÑбраÑываютÑÑ Ð²Ð¾ избежание повторного иÑÐ¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð·Ð°Ð¿Ð¸Ñи, оÑтавшейÑÑ Ð¾Ñ‚ "
+"ранее удалённого пользователÑ."
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"Создать домашний каталог пользователÑ, еÑли он не ÑущеÑтвует. Файлы и "
+"каталоги, ÑодержащиеÑÑ Ð² каталоге шаблонов (который можно указать Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ "
+"параметра the <option>-k</option> option), будут Ñкопированы в домашний "
+"каталог."
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"По умолчанию, еÑли Ñтот параметр не указан и не задана Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð°Ñ "
+"<option>CREATE_HOME</option>, домашний каталог не ÑоздаётÑÑ."
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"Ðе Ñоздавать домашний каталог пользователÑ, даже еÑли значение ÑиÑтемной "
+"переменной в файле <filename>/etc/login.defs</filename> "
+"(<option>CREATE_HOME</option>) равно <replaceable>yes</replaceable>."
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"Ðе Ñоздавать группу Ñ Ñ‚ÐµÐ¼ же именем как у пользователÑ, но добавить "
+"Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² группу, заданную параметром <option>-g</option> или "
+"переменной <option>GROUP</option> из файла <filename>/etc/default/useradd</"
+"filename>."
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Поведение по умолчанию (еÑли не указан параметр <option>-g</option>, "
+"<option>-N</option> и <option>-U</option>) определÑетÑÑ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ "
+"<option>USERGROUPS_ENAB</option> из файла <filename>/etc/login.defs</"
+"filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr "Разрешить Ñоздание учётной запиÑи Ñ ÑƒÐ¶Ðµ имеющимÑÑ (не уникальным) UID."
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr ""
+"Этот параметр можно иÑпользовать только Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-u</option>."
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Шифрованное значение паролÑ, которое возвращает Ñ„ÑƒÐ½ÐºÑ†Ð¸Ñ "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>. По умолчанию пароль отключён."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "Создать ÑиÑтемную учётную запиÑÑŒ."
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"СиÑтемные пользователи ÑоздаютÑÑ Ð±ÐµÐ· информации об уÑтаревании в <filename>/"
+"etc/shadow</filename>, и их чиÑловые идентификаторы выбираютÑÑ Ð¸Ð· диапазона "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, определённого в "
+"<filename>/etc/login.defs</filename>, а не из <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (Ñто же каÑаетÑÑ Ð¸ чаÑти Ñ <option>GID</option> при "
+"Ñоздании групп)."
+
+#: useradd.8.xml:434(para)
+#, fuzzy
+#| msgid ""
+#| "Note that <command>useradd</command> will not create a home directory for "
+#| "such an user, regardless of the default setting in <filename>/etc/login."
+#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+#| "<option>-m</option> options if you want a home directory for a system "
+#| "account to be created."
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+"Заметим, что <command>useradd</command> не Ñоздаёт домашний каталог Ð´Ð»Ñ "
+"данного Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð½ÐµÐ·Ð°Ð²Ð¸Ñимо от Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию в <filename>/etc/"
+"login.defs</filename> (<option>CREATE_HOME</option>). ЕÑли вы хотите Ñоздать "
+"домашний каталог Ð´Ð»Ñ ÑиÑтемной учётной запиÑи укажите параметр <option>-m</"
+"option>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"Ð˜Ð¼Ñ Ñ€ÐµÐ³Ð¸Ñтрационной оболочки пользователÑ. По умолчанию Ñто поле пуÑто, что "
+"вызывает выбор региÑтрационной оболочки по умолчанию ÑоглаÑно значению "
+"переменной <option>SHELL</option> из файла <filename>/etc/default/useradd</"
+"filename>, или по умолчанию иÑпользуетÑÑ Ð¿ÑƒÑÑ‚Ð°Ñ Ñтрока."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"ЧиÑловое значение идентификатора Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ (ID). Оно должно быть "
+"уникальным, еÑли не иÑпользуетÑÑ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€ <option>-o</option>. Значение "
+"должно быть неотрицательным. По умолчанию иÑпользуетÑÑ Ð½Ð°Ð¸Ð¼ÐµÐ½ÑŒÑˆÐµÐµ значение "
+"ID большее или равное <option>UID_MIN</option> и большее чем у оÑтальных "
+"пользователей."
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Смотрите также опиÑание <option>-r</option> и <option>UID_MAX</option>."
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+"Создать группу Ñ Ñ‚ÐµÐ¼ же именем что и у пользователÑ, и добавить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ "
+"в Ñту группу."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"Пользователь SELinux Ð´Ð»Ñ Ñ€ÐµÐ³Ð¸Ñтрационной оболочки пользователÑ. По умолчанию "
+"Ñто поле пуÑто, что заÑтавлÑет ÑиÑтему выбрать Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ SELinux по "
+"умолчанию."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Изменение значений по умолчанию"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"При запуÑке программы только Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-D</option> команда "
+"<command>useradd</command> показывает текущие Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию. ЕÑли "
+"программа запуÑкаетÑÑ Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-D</option> вмеÑте Ñ Ð´Ñ€ÑƒÐ³Ð¸Ð¼Ð¸ "
+"параметрами, то <command>useradd</command> обновлÑет Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию "
+"Ñтих указанных параметров. ИзменÑемые параметры:"
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"ÐÐ°Ñ‡Ð°Ð»ÑŒÐ½Ð°Ñ Ñ‡Ð°ÑÑ‚ÑŒ пути нового домашнего каталога пользователÑ. Ð˜Ð¼Ñ "
+"Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð±ÑƒÐ´ÐµÑ‚ добавлено в конец <replaceable>ДОМÐШÐЕГО_КÐТÐЛОГÐ</"
+"replaceable> Ð´Ð»Ñ ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ Ð¸Ð¼ÐµÐ½Ð¸ нового каталога, еÑли при Ñоздании новой "
+"учётной запиÑи не указан параметр <option>-d</option>."
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Этот параметр изменÑет переменную <option>HOME</option> в файле <filename>/"
+"etc/default/useradd</filename>."
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "Дата, когда ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð·Ð°Ð±Ð»Ð¾ÐºÐ¸Ñ€Ð¾Ð²Ð°Ð½Ð°."
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Этот параметр изменÑет переменную <option>EXPIRE</option> в файле <filename>/"
+"etc/default/useradd</filename>."
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"ЧиÑло дней, которые должны пройти поÑле уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ, перед тем как "
+"ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ будет заблокирована."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Этот параметр изменÑет переменную <option>INACTIVE</option> в файле "
+"<filename>/etc/default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"Ð˜Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ или ID новой первичной группы Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ (еÑли иÑпользуетÑÑ "
+"<option>-N/--no-user-group</option> или когда значение переменной "
+"<option>USERGROUPS_ENAB</option> равно <replaceable>no</replaceable> (файл "
+"<filename>/etc/login.defs</filename>). Группа Ñ ÑƒÐºÐ°Ð·Ð°Ð½Ð½Ñ‹Ð¼ именем должна "
+"ÑущеÑтвовать, а Ð´Ð»Ñ Ñ‡Ð¸Ñлового идентификатора группы должна быть "
+"ÑоответÑÑ‚Ð²ÑƒÑŽÑ‰Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ."
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Этот параметр изменÑет переменную <option>GROUP</option> в файле <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "Ð˜Ð¼Ñ Ð½Ð¾Ð²Ð¾Ð¹ региÑтрационной командной оболочки пользователÑ."
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Этот параметр изменÑет переменную <option>SHELL</option> в файле <filename>/"
+"etc/default/useradd</filename>."
+
+# type: Content of: <refentry><refsect1><title>
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "ЗÐМЕЧÐÐИЯ"
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"СиÑтемный админиÑтратор Ñам решает, какие файлы нужно положить в каталог "
+"<filename>/etc/skel/</filename> (или в любой другой каталог шаблонов, "
+"указанный в <filename>/etc/default/useradd</filename> или в командной "
+"Ñтроке)."
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"ÐÐµÐ»ÑŒÐ·Ñ Ð´Ð¾Ð±Ð°Ð²Ð¸Ñ‚ÑŒ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² группу NIS или LDAP. Это необходимо делать на "
+"ÑоответÑтвующем Ñервере."
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"Также, еÑли Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ ÑƒÐ¶Ðµ ÑущеÑтвует во внешней базе данных такой как "
+"NIS или LDAP, то <command>useradd</command> не Ñтанет Ñоздавать учётную "
+"запиÑÑŒ пользователÑ."
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Имена пользователей должны начинатьÑÑ Ñо Ñтрочной буквы или Ñимвола "
+"подчёркиваниÑ, и должны ÑоÑтоÑÑ‚ÑŒ только из Ñтрочных букв, цифр, Ñимволов "
+"Ð¿Ð¾Ð´Ñ‡Ñ‘Ñ€ÐºÐ¸Ð²Ð°Ð½Ð¸Ñ Ð¸ минуÑ. Они могут заканчиватьÑÑ Ð·Ð½Ð°ÐºÐ¾Ð¼ доллара. Это можно "
+"опиÑать регулÑрным выражением: [a-z_][a-z0-9_-]*[$]?"
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "Имена пользователей могут быть длиной не более 32 знаков."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (логичеÑкий)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+"ОпределÑет, должен ли ÑоздаватьÑÑ Ð¿Ð¾ умолчанию домашний каталог Ð´Ð»Ñ Ð½Ð¾Ð²Ñ‹Ñ… "
+"пользователей."
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Эта Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð°Ñ Ð½Ðµ влиÑет на ÑиÑтемных пользователей и может быть "
+"переопределена из командной Ñтроки."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (чиÑло)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Диапазон идентификаторов групп, иÑпользуемый в программах <command>useradd</"
+"command>, <command>groupadd</command> или <command>newusers</command> Ð´Ð»Ñ "
+"ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ Ð¾Ð±Ñ‹Ñ‡Ð½Ñ‹Ñ… групп."
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Значение по умолчанию Ð´Ð»Ñ <option>GID_MIN</option> (Ñоотв. <option>GID_MAX</"
+"option>) равно 1000 (Ñоотв. 60000)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"МакÑимальное чиÑло дней иÑÐ¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ. ЕÑли пароль Ñтарее Ñтого "
+"чиÑла, то будет запущена процедура Ñмены паролÑ. ЕÑли значение не задано, то "
+"предполагаетÑÑ Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ðµ -1 (то еÑÑ‚ÑŒ возможноÑÑ‚ÑŒ Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ Ð½Ðµ иÑпользуетÑÑ)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"МакÑимальное чиÑло дней между изменениÑми паролÑ. Ð›ÑŽÐ±Ð°Ñ Ñмена Ð¿Ð°Ñ€Ð¾Ð»Ñ Ñ€Ð°Ð½ÐµÐµ "
+"заданного Ñрока выполнена не будет. ЕÑли значение не задано, то "
+"предполагаетÑÑ Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ðµ -1 (то еÑÑ‚ÑŒ возможноÑÑ‚ÑŒ Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ Ð½Ðµ иÑпользуетÑÑ)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"ЧиÑло дней за которое начнёт выдаватьÑÑ Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ðµ об уÑтаревании "
+"паролÑ. Ðулевое значение означает, что предупреждение выдаётÑÑ Ð² день "
+"уÑтареваниÑ, при отрицательном значении предупреждение выдаватьÑÑ Ð½Ðµ будет. "
+"ЕÑли значение не задано, выдача Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ Ð¾Ñ‚ÐºÐ»ÑŽÑ‡Ð°ÐµÑ‚ÑÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (чиÑло)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Диапазон идентификаторов групп, иÑпользуемый в программах <command>useradd</"
+"command>, <command>groupadd</command> или <command>newusers</command> Ð´Ð»Ñ "
+"ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ ÑиÑтемных групп."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"Значение по умолчанию Ð´Ð»Ñ <option>SYS_GID_MIN</option> (Ñоотв."
+"<option>SYS_GID_MAX</option>) равно 101 (Ñоотв. <option>GID_MIN</option>-1)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (чиÑло)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"Диапазон идентификаторов пользователей, иÑпользуемый в программах "
+"<command>useradd</command> или <command>newusers</command> Ð´Ð»Ñ ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ "
+"ÑиÑтемных пользователей."
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"Значение по умолчанию Ð´Ð»Ñ <option>SYS_UID_MIN</option> (Ñоотв. "
+"<option>SYS_UID_MAX</option>) равно 101 (Ñоотв. <option>UID_MIN</option>-1)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (логичеÑкий)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"ЕÑли равно <replaceable>yes</replaceable>, то новые Ñоздаваемые теневые "
+"файлы tcb будут принадлежать группе <replaceable>auth</replaceable>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (чиÑло)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"Диапазон идентификаторов пользователей, иÑпользуемый в программах "
+"<command>useradd</command> или <command>newusers</command> Ð´Ð»Ñ ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ "
+"обычных пользователей."
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Значение по умолчанию Ð´Ð»Ñ <option>UID_MIN</option> (Ñоотв. <option>UID_MAX</"
+"option>) равно 1000 (Ñоотв. 60000)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+"Задаёт начальное значение маÑки доÑтупа Ð´Ð»Ñ Ñоздаваемых файлов. ЕÑли не "
+"указано, то маÑка уÑтанавливаетÑÑ Ð² 022."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"Команды <command>useradd</command> и <command>newusers</command> иÑпользуют "
+"Ñту маÑку Ð´Ð»Ñ ÑƒÑтановки прав доÑтупа к домашнему каталогу, который они "
+"Ñоздают."
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Также она иÑпользуетÑÑ Ð¿Ñ€Ð¾Ð³Ñ€Ð°Ð¼Ð¼Ð¾Ð¹ <command>login</command> Ð´Ð»Ñ Ð·Ð°Ð´Ð°Ð½Ð¸Ñ "
+"начального Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ umask пользователÑ. Заметим, что Ñта маÑка может быть "
+"переопределена из пользовательÑкой Ñтроки GECOS (еÑли уÑтановлена Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð°Ñ "
+"<option>QUOTAS_ENAB</option>) или указанием Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð¼ "
+"<emphasis>K</emphasis>, в <citerefentry><refentrytitle>limits</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+"Она также иÑпользуетÑÑ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð¾Ð¹ <command>pam_umask</command> как значение "
+"umask по умолчанию."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию Ð´Ð»Ñ Ñоздаваемой учётной запиÑи"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "каталог, Ñодержащий файлы по умолчанию"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "недопуÑтимое значение параметра"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "такой UID уже ÑущеÑтвует (и не задан параметр <option>-o</option>)"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "ÑƒÐºÐ°Ð·Ð°Ð½Ð½Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° не ÑущеÑтвует"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ ÑƒÐ¶Ðµ ÑущеÑтвует"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "не удалоÑÑŒ Ñоздать домашний каталог"
+
+# type: Content of: <refentry><refmeta><manvolnum>
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Команда <command>useradd</command> Ð·Ð°Ð²ÐµÑ€ÑˆÐ°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñƒ, возвращает Ñледующие "
+"значениÑ: <placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+# type: Content of: <refentry><refnamediv><refname>
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><manvolnum>
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+# type: Content of: <refentry><refmeta><refmiscinfo>
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Форматы файлов"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "файл ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð¾Ð¹ su"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+# type: Content of: <refentry><refsect1><para>
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"Файл <filename>/etc/suauth</filename> проверÑетÑÑ ÐºÐ°Ð¶Ð´Ñ‹Ð¹ раз при запуÑке "
+"команды su. Он влиÑет на поведение команды su, в завиÑимоÑти от:"
+
+# type: Content of: <refentry><refsect1><literallayout>
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, fuzzy, no-wrap
+#| msgid ""
+#| "\n"
+#| " 1) the user su is targetting\n"
+#| " "
+msgid ""
+"\n"
+" 1) the user su is targeting\n"
+" "
+msgstr ""
+"\n"
+" 1) пользователÑ, права которого нужно получить Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ su\n"
+" "
+
+# type: Content of: <refentry><refsect1><para>
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+"2) пользователÑ, запуÑтившего команду su (или группы, членом которой он "
+"может быть)"
+
+# type: Content of: <refentry><refsect1><para>
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Формат файла показан ниже, Ñтроки начинающиеÑÑ Ñ # ÑчитаютÑÑ ÐºÐ¾Ð¼Ð¼ÐµÐ½Ñ‚Ð°Ñ€Ð¸ÐµÐ¼ и "
+"игнорируютÑÑ;"
+
+# type: Content of: <refentry><refsect1><literallayout>
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" to-id:from-id:ACTION\n"
+" "
+msgstr ""
+"\n"
+" желаемый-id:желающий-id:ДЕЙСТВИЕ\n"
+" "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Где желаемый-id может быть Ñловом <emphasis>ALL</emphasis>, ÑпиÑком имён "
+"пользователей, перечиÑленных через запÑтую («,») или фразы <emphasis>ALL "
+"EXCEPT</emphasis>, поÑле которой идёт ÑпиÑок имён пользователей "
+"перечиÑленных через «,»."
+
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"желающий-id может Ñодержать то же, что и желательный-id, Ð¿Ð»ÑŽÑ Ð½Ð¾Ð²Ð¾Ðµ "
+"Ñлово<emphasis>GROUP</emphasis>. <emphasis>ALL EXCEPT GROUP</emphasis> тоже "
+"допуÑтимо. ПоÑле <emphasis>GROUP</emphasis> указываетÑÑ Ð¾Ð´Ð½Ð° или более "
+"названий групп, разделённых «,». ÐедоÑтаточно иметь id первичной группы "
+"ÑоответÑтвующей группы, необходимо иметь запиÑÑŒ в файле "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para>
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "Ð’ поле ДЕЙСТВИЕ может быть только одно из Ñледующих значений:"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><emphasis>
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr "Команда su оÑтанавливает выполнение, даже не ÑÐ¿Ñ€Ð°ÑˆÐ¸Ð²Ð°Ñ Ð¿Ð°Ñ€Ð¾Ð»ÑŒ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><emphasis>
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr "Команда su выполнÑетÑÑ Ð±ÐµÐ· запроÑа паролÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><emphasis>
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"Чтобы уÑпешно выполнить команду su, пользователь должен ввеÑти Ñвой "
+"ÑобÑтвенный пароль."
+
+# type: Content of: <refentry><refsect1><para>
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"Заметим, что тут иÑпользуютÑÑ Ñ‚Ñ€Ð¸ полÑ, разделённых двоеточиÑми. Ðикаких "
+"пробелов не допуÑкаетÑÑ Ð¾ÐºÐ¾Ð»Ð¾ двоеточий. Также заметим, что файл "
+"проÑматриваетÑÑ Ñтрока за Ñтрокой, и первое подходÑщее правило будет "
+"иÑпользовано без проверки оÑтавшихÑÑ Ð¿Ñ€Ð°Ð²Ð¸Ð». Это позволÑет ÑиÑтемному "
+"админиÑтратору оÑущеÑтвлÑÑ‚ÑŒ любой контроль, какой он пожелает."
+
+# type: Content of: <refentry><refsect1><title>
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "ПРИМЕР"
+
+# type: Content of: <refentry><refsect1><literallayout>
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" # sample /etc/suauth file\n"
+" #\n"
+" # A couple of privileged usernames may\n"
+" # su to root with their own password.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Anyone else may not su to root unless in\n"
+" # group wheel. This is how BSD does things.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Perhaps terry and birddog are accounts\n"
+" # owned by the same person.\n"
+" # Access can be arranged between them\n"
+" # with no password.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+msgstr ""
+"\n"
+" # пример файла /etc/suauth\n"
+" #\n"
+" # Пара привилегированных имён пользователей\n"
+" # могут выполнить su, чтобы получить права ÑÑƒÐ¿ÐµÑ€Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð²Ð²ÐµÐ´Ñ Ñвой пароль.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Ð’Ñе оÑтальные не могут выполнить su Ð´Ð»Ñ Ð¿Ð¾Ð»ÑƒÑ‡ÐµÐ½Ð¸Ñ root, еÑли они \n"
+" # не члены группы wheel. Так наÑтроено в BSD.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Возможно учётными запиÑÑми terry и birddog\n"
+" # владеет один человек.\n"
+" # Переход из одной запиÑи в другую\n"
+" # можно Ñделать без запроÑа паролÑ.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+
+# type: Content of: <refentry><refsect1><title>
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "ОШИБКИ РЕÐЛИЗÐЦИИ"
+
+# type: Content of: <refentry><refsect1><para>
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"Может быть неÑколько угроз. Ðнализатор файла, в чаÑтноÑти, не прощает "
+"ÑинтакÑичеÑких ошибок, ожидаÑ, что не будет недопуÑтимых пробелов (кроме как "
+"в начале и конце Ñтрок) и Ñпециальных Ñлов, разделÑющих различные вещи."
+
+# type: Content of: <refentry><refsect1><title>
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "ДИÐГÐОСТИКÐ"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"Ошибки при анализе файла выводÑÑ‚ÑÑ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> Ñ ÑƒÑ€Ð¾Ð²Ð½ÐµÐ¼ ERR ÑредÑтва AUTH."
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+# type: Content of: <refentry><refmeta><refmiscinfo>
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "ПользовательÑкие команды"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "изменÑет ID Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð»Ð¸ делает его Ñуперпользователем"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><arg><replaceable>
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "имÑ_пользователÑ"
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"Программа <command>su</command> иÑпользуетÑÑ Ð´Ð»Ñ Ñ‚Ð¾Ð³Ð¾, чтобы пользователь "
+"мог Ñтать другим пользователем в текущем ÑеанÑе. ЕÑли <command>su</command> "
+"вызываетÑÑ Ð±ÐµÐ· <option>имени_пользователÑ</option>, то Ñто по умолчанию "
+"делает Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ñуперпользователем. ÐеобÑзательный параметр <option>-</"
+"option> можно иÑпользовать Ð´Ð»Ñ Ð²Ð¾ÑÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ, такого же как еÑли бы "
+"наÑтоÑщий пользователь выполнÑл вход в ÑиÑтему."
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"ПоÑле имени Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¼Ð¾Ð¶Ð½Ð¾ указать дополнительные аргументы, которые "
+"будут переданы региÑтрационной оболочке пользователÑ. Ð’ чаÑтноÑти, аргумент "
+"<option>-c</option> заÑтавит большинÑтво оболочек Ñчитать Ñледующий аргумент "
+"как команду. Команда будет выполнена оболочкой, указанной в файле <filename>/"
+"etc/passwd</filename>, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ ÑвлÑетÑÑ Ñ€ÐµÐ³Ð¸Ñтрационной Ð´Ð»Ñ ÑƒÐºÐ°Ð·Ñ‹Ð²Ð°ÐµÐ¼Ð¾Ð³Ð¾ "
+"пользователÑ."
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Ð’Ñ‹ можете иÑпользовать параметр <option>--</option> чтобы отделить параметры "
+"<command>su</command> от параметров, которые передаютÑÑ Ð¾Ð±Ð¾Ð»Ð¾Ñ‡ÐºÐµ."
+
+# type: Content of: <refentry><refsect1><para>
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Пользователю предложат ввеÑти пароль, еÑли он задан. При неверном пароле "
+"возникает Ñообщение об ошибке. Ð’Ñе попытки, удачные и неудачные, "
+"протоколируютÑÑ ÑиÑтемой Ñ Ñ†ÐµÐ»ÑŒÑŽ Ð¾Ð±Ð½Ð°Ñ€ÑƒÐ¶ÐµÐ½Ð¸Ñ Ð·Ð»Ð¾ÑƒÐ¿Ð¾Ñ‚Ñ€ÐµÐ±Ð»ÐµÐ½Ð¸Ð¹."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Текущее окружение передаётÑÑ Ð½Ð¾Ð²Ð¾Ð¹ оболочке. Значение <envar>$PATH</envar> "
+"ÑбраÑываетÑÑ Ð² значение <filename>/bin:/usr/bin</filename> Ð´Ð»Ñ Ð¾Ð±Ñ‹Ñ‡Ð½Ñ‹Ñ… "
+"пользователей или в <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> Ð´Ð»Ñ "
+"ÑуперпользователÑ. Эти Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¼Ð¾Ð¶Ð½Ð¾ изменить в переменных "
+"<option>ENV_PATH</option> и <option>ENV_SUPATH</option> в файле <filename>/"
+"etc/login.defs</filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"СубÑиÑтемный вход в ÑиÑтему можно раÑпознать по наличию Ñимвола «*» в начале "
+"региÑтрационной оболочки. Заданный домашний каталог будет иÑпользован как "
+"корень новой файловой ÑиÑтемы, в которой региÑтрируетÑÑ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÑŒ."
+
+# type: Content of: <refentry><refsect1><para>
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Параметры команды <command>su</command>:"
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>КОМÐÐДÐ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+"Указать команду, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð±ÑƒÐ´ÐµÑ‚ запущена оболочкой в виде параметра Ð´Ð»Ñ "
+"<option>-c</option>."
+
+#: su.1.xml:158(para)
+#, fuzzy
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"ЗапуÑÐºÐ°ÐµÐ¼Ð°Ñ Ð¿Ñ€Ð¾Ð³Ñ€Ð°Ð¼Ð¼Ð° не будет иметь управлÑющего терминала. Этот параметр "
+"не может быть иÑпользован Ð´Ð»Ñ Ð·Ð°Ð¿ÑƒÑка интерактивных программ, которым "
+"требуетÑÑ ÑƒÐ¿Ñ€Ð°Ð²Ð»Ñющий TTY."
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"ПредоÑтавлÑет окружение, как еÑли бы пользователь непоÑредÑтвенно "
+"региÑтрировалÑÑ Ð² ÑиÑтеме."
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"ЕÑли иÑпользуетÑÑ <option>-</option>, то он должен быть задан поÑледним "
+"параметром <command>su</command>. Другие формы (<option>-l</option> и "
+"<option>--login</option>) не имеют Ñтого ограничениÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "Оболочка, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð±ÑƒÐ´ÐµÑ‚ запущена."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "Оболочка ÑƒÐºÐ°Ð·Ð°Ð½Ð½Ð°Ñ Ð² параметре --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"ЕÑли иÑпользуетÑÑ <option>--preserve-environment</option>, то оболочка "
+"задаётÑÑ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ <envar>$SHELL</envar>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+"Оболочка, ÑƒÐºÐ°Ð·Ð°Ð½Ð½Ð°Ñ Ð² запиÑи файла <filename>/etc/passwd</filename> Ð´Ð»Ñ "
+"заданного пользователÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"<filename>/bin/sh</filename>, еÑли ни одной оболочке не было найдено Ñ "
+"помощью методов, указанных выше."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+"Ð—Ð°Ð¿ÑƒÑ‰ÐµÐ½Ð½Ð°Ñ Ð¾Ð±Ð¾Ð»Ð¾Ñ‡ÐºÐ° выбираетÑÑ Ð¸Ð· (в порÑдке ÑƒÐ±Ñ‹Ð²Ð°Ð½Ð¸Ñ Ð¿Ñ€Ð¸Ð¾Ñ€Ð¸Ñ‚ÐµÑ‚Ð°): "
+"<placeholder-1/>"
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"ЕÑли заданный пользователь имеет ограниченную оболочку (то еÑÑ‚ÑŒ оболочка в "
+"поле пользовательÑкой запиÑи в файле <filename>/etc/passwd</filename> "
+"отÑутÑтвует в файле <filename>/etc/shells</filename>), то параметр <option>--"
+"shell</option> или Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð°Ñ Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ <envar>$SHELL</envar> не будут "
+"учтены, еÑли <command>su</command> не была запущена Ñуперпользователем."
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"ÑбраÑываетÑÑ Ð² значение <option>ENV_PATH</option> или <option>ENV_SUPATH</"
+"option> (Ñмотрите далее) из <filename>/etc/login.defs</filename>;"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"ÑбраÑываетÑÑ Ð² значение <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</"
+"quote>, еÑли она уÑтановлена."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Сохранить текущее окружение за иÑключением: <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"ЕÑли заданный пользователь имеет ограниченную оболочку, то Ñтот параметр не "
+"Ñработает (еÑли <command>su</command> не запуÑкаетÑÑ Ñуперпользователем)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"Переменные окружение <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>"
+"$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar> и <envar>$IFS</"
+"envar> ÑбраÑываютÑÑ."
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+"ЕÑли параметр <option>--login</option> не указан, то окружение копируетÑÑ, "
+"за иÑключением переменных, перечиÑленных выше."
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"ЕÑли параметр <option>--login</option> указан, то переменные Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ "
+"<envar>$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar> и "
+"<envar>$XAUTHORITY</envar> копируютÑÑ (еÑли они уÑтановлены)."
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"ЕÑли параметр <option>--login</option> указан, то переменные Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ "
+"<envar>$TZ</envar>, <envar>$HZ</envar> и <envar>$MAIL</envar> "
+"уÑтанавливаютÑÑ ÑоглаÑно переменным файла <filename>/etc/login.defs</"
+"filename>: <option>ENV_TZ</option>, <option>ENV_HZ</option>, "
+"<option>MAIL_DIR</option> и <option>MAIL_FILE</option> (Ñмотрите далее)."
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"ЕÑли параметр <option>--login</option> указан, то дополнительные переменные "
+"Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ Ð¼Ð¾Ð³ÑƒÑ‚ быть уÑтановлены из файла <option>ENVIRON_FILE</option> "
+"(Ñмотрите далее)."
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr ""
+"Дополнительные переменные Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ Ð¼Ð¾Ð³ÑƒÑ‚ быть уÑтановлены из модулей PAM."
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr "Заметим, что поведение Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию таково: <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><para>
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Ð”Ð°Ð½Ð½Ð°Ñ Ð²ÐµÑ€ÑÐ¸Ñ Ð¿Ñ€Ð¾Ð³Ñ€Ð°Ð¼Ð¼Ñ‹ <command>su</command> может быть Ñобрана Ñ Ñ€Ð°Ð·Ð½Ñ‹Ð¼Ð¸ "
+"параметрами и только некоторые из них Ñмогут быть иÑпользованы на любой "
+"машине."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (Ñтрока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"ЕÑли определена, то значение равно или полному пути к файлу Ñ Ð¸Ð¼ÐµÐ½Ð°Ð¼Ð¸ "
+"уÑтройÑтв (одно на Ñтроку), или ÑпиÑку имён уÑтройÑтв, перечиÑленных через "
+"«:». Вход ÑÑƒÐ¿ÐµÑ€Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð±ÑƒÐ´ÐµÑ‚ разрешён только Ñ Ñтих уÑтройÑтв."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+"ЕÑли не определена, то Ñуперпользователь может входить в ÑиÑтему Ñ Ð»ÑŽÐ±Ð¾Ð³Ð¾ "
+"уÑтройÑтва."
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "УÑтройÑтва должны указыватьÑÑ Ð±ÐµÐ· начального префикÑа /dev/."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (Ñтрока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"СпиÑок групп Ð´Ð»Ñ Ð´Ð¾Ð±Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ðº набору пользовательÑких дополнительных групп "
+"при входе Ñ ÐºÐ¾Ð½Ñоли (определÑемой переменной CONSOLE). По умолчанию не "
+"указана. <placeholder-1/> ИÑпользуйте оÑторожно — может дать пользователÑм "
+"поÑтоÑнный доÑтуп к Ñтим группам, даже еÑли они не входили Ñ ÐºÐ¾Ð½Ñоли."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (логичеÑкий)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"ОпределÑет, можно ли войти в ÑиÑтему, еÑли Ð½ÐµÐ»ÑŒÐ·Ñ Ð²Ñ‹Ð¿Ð¾Ð»Ð½Ð¸Ñ‚ÑŒ cd в домашний "
+"каталог. По умолчанию «no»."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"ЕÑли равно <replaceable>yes</replaceable>, то пользователь будет попадать в "
+"корневой каталог (<filename>/</filename>), еÑли невозможно выполнить cd в "
+"его домашний каталог."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (Ñтрока)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"ЕÑли уÑтановлена, то будет иÑпользоватьÑÑ Ð´Ð»Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ "
+"Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ HZ при входе Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² ÑиÑтему. Значение должно начинатьÑÑ Ñ "
+"<replaceable>HZ=</replaceable>. Обычное значение Ð´Ð»Ñ Linux — "
+"<replaceable>HZ=100</replaceable>."
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"ÐŸÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð°Ñ Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ <envar>HZ</envar> уÑтанавливаетÑÑ Ñ‚Ð¾Ð»ÑŒÐºÐ¾ когда "
+"пользователь (Ñуперпользователь) входит в ÑиÑтему Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ "
+"<command>sulogin</command>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (Ñтрока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"ЕÑли Ñтот файл ÑущеÑтвует и доÑтуп Ð´Ð»Ñ Ñ‡Ñ‚ÐµÐ½Ð¸Ñ, то из него читает "
+"региÑтрационное окружение. ÐšÐ°Ð¶Ð´Ð°Ñ Ñтрока должна иметь формат: имÑ=значение."
+
+# type: Content of: <refentry><refsect1><para>
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr "Строки, начинающиеÑÑ Ñ #, ÑчитаютÑÑ ÐºÐ¾Ð¼Ð¼ÐµÐ½Ñ‚Ð°Ñ€Ð¸ÐµÐ¼ и игнорируютÑÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (Ñтрока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when a "
+#| "regular user login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/bin:/usr/bin</replaceable>). The default value is "
+#| "<replaceable>PATH=/bin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"ЕÑли уÑтановлена, то будет иÑпользоватьÑÑ Ð´Ð»Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ "
+"Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ PATH, при входе обычного пользователÑ. Значение может начинатьÑÑ Ñ "
+"<replaceable>PATH=</replaceable>, или предÑтавлÑÑ‚ÑŒ Ñобой ÑпиÑок путей через "
+"двоеточие (например, <replaceable>/bin:/usr/bin</replaceable>). Значение по "
+"умолчанию равно <replaceable>PATH=/bin:/usr/bin</replaceable>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (Ñтрока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when the "
+#| "superuser login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>). The default "
+#| "value is <replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"ЕÑли уÑтановлена, то будет иÑпользоватьÑÑ Ð´Ð»Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ "
+"Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ PATH при входе ÑуперпользователÑ. Значение может начинатьÑÑ Ñ "
+"<replaceable>PATH=</replaceable>, или предÑтавлÑÑ‚ÑŒ Ñобой ÑпиÑок путей через "
+"двоеточие (например, <replaceable>/sbin:/bin:/usr/sbin:/usr/bin</"
+"replaceable>). Значение по умолчанию равно <replaceable>PATH=/sbin:/bin:/usr/"
+"sbin:/usr/bin</replaceable>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (Ñтрока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"ЕÑли уÑтановлена, то будет иÑпользоватьÑÑ Ð´Ð»Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ "
+"Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ TZ при входе пользователÑ. Значение может быть равно имени "
+"чаÑового поÑÑа, начинающегоÑÑ <replaceable>TZ=</replaceable> (например, "
+"<replaceable>TZ=CST6CDT</replaceable>), или полному пути к файлу Ñ "
+"параметрами чаÑового поÑÑа (например, <filename>/etc/tzname</filename>)."
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"ЕÑли указан полный путь, но файл не ÑущеÑтвует или недоÑтупен Ð´Ð»Ñ Ñ‡Ñ‚ÐµÐ½Ð¸Ñ, то "
+"иÑпользуетÑÑ Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ðµ по умолчанию: <replaceable>TZ=CST6CDT</replaceable>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (Ñтрока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"Строка-приглашение к вводу паролÑ. Значение по умолчанию: «Password:» или "
+"перевод Ñтой Ñтроки на разные Ñзыки. ЕÑли вы измените Ñту переменную, то "
+"перевод будет отÑутÑтвовать."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+"ЕÑли в Ñтроке ÑодержитÑÑ Ð¿Ð¾Ð´Ñтрока <replaceable>%s</replaceable>, то она "
+"будет заменена на Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (логичеÑкий)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr "Включает проверку и показ ÑоÑтоÑÐ½Ð¸Ñ Ð¿Ð¾Ñ‡Ñ‚Ð¾Ð²Ð¾Ð³Ð¾ Ñщика при входе."
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"Ð’Ñ‹ должны выключить Ñто, еÑли почтовый Ñщик проверÑетÑÑ Ð¸Ð· файлов "
+"автозапуÑка оболочки («mailx -e» или похожей командой)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (логичеÑкий)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+"Включает уÑтановку ограничений реÑурÑов из <filename>/etc/limits</filename> "
+"и ulimit, umask и niceness из Ð¿Ð¾Ð»Ñ gecos файла passwd."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (Ñтрока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+"ЕÑли определена, то Ð»ÑŽÐ±Ð°Ñ Ð°ÐºÑ‚Ð¸Ð²Ð½Ð¾ÑÑ‚ÑŒ su будет протоколироватьÑÑ Ð² Ñтот файл."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (Ñтрока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"ЕÑли определена, то выводитÑÑ Ð¸Ð¼Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ‹ когда работает «su -». Ðапример, "
+"еÑли значение равно «su», то «ps» покажет команду как «-su». ЕÑли не "
+"определена, то «ps» покажет Ð¸Ð¼Ñ Ð·Ð°Ð¿ÑƒÑкаемой оболочки например как «-sh»."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (логичеÑкий)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"ЕÑли равна <replaceable>yes</replaceable>, то пользователь должен быть "
+"членом первой группы Ñ gid 0 в файле <filename>/etc/group</filename> (в "
+"большинÑтве ÑиÑтем Linux называетÑÑ <replaceable>root</replaceable>), чтобы "
+"иметь возможноÑÑ‚ÑŒ запуÑкать <command>su</command> Ð´Ð»Ñ Ð¿Ð¾Ð»ÑƒÑ‡ÐµÐ½Ð¸Ñ uid 0. ЕÑли "
+"группа не ÑущеÑтвует, или пуÑта, то никто не Ñможет получить uid 0 Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ "
+"<command>su</command>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (логичеÑкий)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+"Включить протоколирование «syslog» дейÑтвий <command>su</command> — "
+"дополнительно к протоколированию в файле sulog."
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+"При уÑпешном выполнении <command>su</command> возвращает код выхода команды, "
+"ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð±Ñ‹Ð»Ð° выполнена."
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+"ЕÑли выполнение команды завершилоÑÑŒ по Ñигналу, то <command>su</command> "
+"возвращает номер Ñтого Ñигнала Ð¿Ð»ÑŽÑ 128."
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"ЕÑли su завершила команду (так как был Ð·Ð°Ð¿Ñ€Ð¾Ñ Ñделать Ñто и команда не "
+"завершилаÑÑŒ в положенное времÑ), то <command>su</command> завершаетÑÑ Ñ "
+"кодом 255."
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "УÑпешно (только Ð´Ð»Ñ <option>--help</option>)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "Сбой аутентификации или ÑиÑтемы"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "Ð—Ð°Ð¿Ñ€Ð¾ÑˆÐµÐ½Ð½Ð°Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð° не найдена"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "Ð—Ð°Ð¿Ñ€Ð¾ÑˆÐµÐ½Ð½Ð°Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð° не может быть выполнена"
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+"Ðекоторые коды выхода <command>su</command> не завиÑÑÑ‚ от запуÑкаемой "
+"команды: <placeholder-1/>"
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "выполнÑет команду Ñ Ð¿Ñ€Ð°Ð²Ð°Ð¼Ð¸ другой группы"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><option>
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+# type: Content of: <refentry><refsect1><para><option>
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "группа <placeholder-1/> команда"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"Команда <command>sg</command> работает подобно команде <command>newgrp</"
+"command>, но в качеÑтве параметра ожидает команду. Команда будет выполнена "
+"оболочкой <filename>/bin/sh</filename>. Ð’ большинÑтве оболочек, откуда может "
+"запуÑкатьÑÑ <command>sg</command>, команду из неÑкольких Ñлов нужно "
+"заключать в кавычки. Другим отличием между <command>newgrp</command> и "
+"<command>sg</command> ÑвлÑетÑÑ Ñ‚Ð¾, что некоторые оболочки воÑпринимают "
+"<command>newgrp</command> оÑобенным образом, заменÑÑ ÑÐµÐ±Ñ Ð½Ð¾Ð²Ñ‹Ð¼ ÑкземплÑром "
+"оболочки, которую Ñоздаёт <command>newgrp</command>. Этого не проиÑходит Ñ "
+"командой <command>sg</command>, поÑтому поÑле Ð·Ð°Ð²ÐµÑ€ÑˆÐµÐ½Ð¸Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñ‹ <command>sg</"
+"command> вы возвращаетеÑÑŒ в предыдущую группу."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (логичеÑкий)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr "Включить протоколирование «syslog» дейÑтвий <command>sg</command>."
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "файл теневых паролей"
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"Файл <filename>shadow</filename> Ñодержит шифрованные пароли учётных запиÑей "
+"пользователей и необÑзательную информацию об уÑтаревании паролÑ."
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Этот файл должен быть недоÑтупен обычному пользователю, еÑли нужно "
+"обеÑпечить безопаÑноÑÑ‚ÑŒ паролей."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"ÐšÐ°Ð¶Ð´Ð°Ñ Ñтрока файла Ñодержит 9 полей, разделённых двоеточиÑми (<quote>:</"
+"quote>), раÑположенных в Ñледующем порÑдке:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð´Ð»Ñ Ð²Ñ…Ð¾Ð´Ð° в ÑиÑтему"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+"Должно Ñодержать правильное Ð¸Ð¼Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ ÑущеÑтвует в ÑиÑтеме."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "шифрованный пароль"
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Подробней о пароле Ñмотрите в Ñправочной Ñтранице "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"ЕÑли поле Ð¿Ð°Ñ€Ð¾Ð»Ñ Ñодержит Ñтроку, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð½Ðµ удовлетворÑет требованиÑм "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, например Ñодержит ! или *, то пользователь не Ñможет "
+"иÑпользовать Ñтот пароль unix Ð´Ð»Ñ Ð²Ñ…Ð¾Ð´Ð° (но может войти в ÑиÑтему под "
+"другими паролÑми)."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"Это поле может быть пуÑтым, то еÑÑ‚ÑŒ Ð´Ð»Ñ ÑƒÐºÐ°Ð·Ð°Ð½Ð½Ð¾Ð¹ учётной запиÑи не "
+"требуетÑÑ Ð°ÑƒÑ‚ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ†Ð¸Ñ Ð¿Ð¾ паролю. Однако, некоторые приложениÑ, читающие "
+"файл <filename>/etc/shadow</filename>, могут вообще отказать в доÑтупе, еÑли "
+"поле Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿ÑƒÑто."
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "A password field which starts with a exclamation mark means that the "
+#| "password is locked. The remaining characters on the line represent the "
+#| "password field before the password was locked."
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"Поле Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¼Ð¾Ð¶ÐµÑ‚ начинатьÑÑ Ñ Ð²Ð¾Ñклицательного знака, означающего, что "
+"пароль заблокирован. ОÑтавшиеÑÑ Ñимволы в Ñтроке предÑтавлÑÑŽÑ‚ поле Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð´Ð¾ "
+"его блокировки."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "дата поÑледней Ñмены паролÑ"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr "Дата поÑледней Ñмены Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² днÑÑ… Ð½Ð°Ñ‡Ð¸Ð½Ð°Ñ Ñ 1 ÑÐ½Ð²Ð°Ñ€Ñ 1970 года."
+
+#: shadow.5.xml:134(para)
+#, fuzzy
+#| msgid ""
+#| "The value 0 has a special meaning, which is that the user should change "
+#| "her pasword the next time she will log in the system."
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+"Значение 0 имеет Ñпециальное предназначение: оно указывает, что пользователь "
+"должен Ñменить пароль в Ñледующий раз при входе в ÑиÑтему."
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr "ПуÑтое значение обозначает, что проверка уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð²Ñ‹ÐºÐ»ÑŽÑ‡ÐµÐ½Ð°."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "минимальный Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"Минимальный Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² днÑÑ…, которые пользователь должен ждать, "
+"чтобы поменÑÑ‚ÑŒ пароль."
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr "ПуÑтое значение Ð¿Ð¾Ð»Ñ Ð¸ 0 отключают минимальный Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "макÑимальный Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+"МакÑимальный Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² днÑÑ…, поÑле которого пользователь должен "
+"изменить пароль."
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+"По прошеÑтвии Ñтого количеÑтва дней пароль может быть ещё дейÑтвительным. "
+"ÐŸÐ¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð½ÑƒÐ¶Ð½Ð¾ попроÑить изменить пароль при Ñледующем входе."
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"ПуÑтое значение Ð¿Ð¾Ð»Ñ Ð¾Ð·Ð½Ð°Ñ‡Ð°ÐµÑ‚, что нет макÑимального Ñрока дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ, "
+"нет периода Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ Ð¾ пароле и нет периода неактивноÑти Ð¿Ð°Ñ€Ð¾Ð»Ñ "
+"(Ñмотрите далее)."
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+"ЕÑли макÑимальный Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¼ÐµÐ½ÑŒÑˆÐµ чем минимальный Ñрок дейÑÑ‚Ð²Ð¸Ñ "
+"паролÑ, то пользователь не Ñможет изменить Ñвой пароль."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "период Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ Ð¾ пароле"
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"КоличеÑтво дней до уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ (Ñмотрите макÑимальный Ñрок дейÑÑ‚Ð²Ð¸Ñ "
+"паролÑ) во Ð²Ñ€ÐµÐ¼Ñ ÐºÐ¾Ñ‚Ð¾Ñ€Ñ‹Ñ… пользователю выдаётÑÑ Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ðµ."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr "ПуÑтое значение Ð¿Ð¾Ð»Ñ Ð¸ 0 отключают период Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ Ð¾ пароле."
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "период неактивноÑти паролÑ"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"КоличеÑтво дней поÑле уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ (Ñмотрите макÑимальный Ñрок "
+"дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ) во Ð²Ñ€ÐµÐ¼Ñ ÐºÐ¾Ñ‚Ð¾Ñ€Ñ‹Ñ… пароль вÑÑ‘ ещё принимаетÑÑ (и пользователь "
+"должен обновить Ñвой пароль при Ñледующем входе)."
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"ПоÑле уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¸ иÑÑ‚ÐµÑ‡ÐµÐ½Ð¸Ñ Ñтого периода уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð²Ñ…Ð¾Ð´ Ñ "
+"текущим паролем ÑтановитÑÑ Ð½ÐµÐ²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ñ‹Ð¼. Пользователь должен обратитьÑÑ Ðº "
+"админиÑтратору."
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr "ПуÑтое значение Ð¿Ð¾Ð»Ñ Ð¾Ð·Ð½Ð°Ñ‡Ð°ÐµÑ‚, что период неактивноÑти отÑутÑтвует."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "дата иÑÑ‚ÐµÑ‡ÐµÐ½Ð¸Ñ Ñрока дейÑÑ‚Ð²Ð¸Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"Дата иÑÑ‚ÐµÑ‡ÐµÐ½Ð¸Ñ Ñрока дейÑÑ‚Ð²Ð¸Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи, указываетÑÑ Ð² днÑÑ… Ð½Ð°Ñ‡Ð¸Ð½Ð°Ñ Ñ 1 "
+"ÑÐ½Ð²Ð°Ñ€Ñ 1970 года."
+
+#: shadow.5.xml:229(para)
+#, fuzzy
+#| msgid ""
+#| "Note that an account expiration differs from a password expiration. In "
+#| "case of an acount expiration, the user shall not be allowed to login. In "
+#| "case of a password expiration, the user is not allowed to login using her "
+#| "password."
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"Заметим, что уÑтаревание учётной запиÑи отличаетÑÑ Ð¾Ñ‚ уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ. "
+"При уÑтаревании учётной запиÑи пользователь не Ñможет войти в ÑиÑтему. При "
+"уÑтаревании Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÑŒ не может войти в ÑиÑтему по Ñтому паролю."
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "ПуÑтое значение обозначает, что ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ никогда не уÑтаревает."
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+"Значение 0 не должно иÑпользоватьÑÑ, так как Ñто может раÑÑматриватьÑÑ ÐºÐ°Ðº "
+"неуÑÑ‚Ð°Ñ€ÐµÐ²Ð°ÑŽÑ‰Ð°Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ или что запиÑÑŒ уÑтарела 1 ÑÐ½Ð²Ð°Ñ€Ñ 1970 года."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "зарезервированное поле"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Это поле зарезервировано Ð´Ð»Ñ Ð¸ÑÐ¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð² будущем."
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "Ñ€ÐµÐ·ÐµÑ€Ð²Ð½Ð°Ñ ÐºÐ¾Ð¿Ð¸Ñ Ñ„Ð°Ð¹Ð»Ð° /etc/shadow"
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Заметим, что Ñтот файл иÑпользуетÑÑ Ð¿Ñ€Ð¾Ð³Ñ€Ð°Ð¼Ð¼Ð°Ð¼Ð¸ из комплекта утилит shadow, "
+"но не вÑеми инÑтрументами ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñми и паролÑми."
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refmeta><refmiscinfo>
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Библиотечные функции"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "процедуры Ð´Ð»Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñ‹ Ñ Ñ„Ð°Ð¹Ð»Ð¾Ð¼ шифрованных паролей"
+
+# type: Content of: <refentry><refsect1><title>
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "СИÐТÐКСИС"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*name"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><emphasis>
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+# type: Content of: <refentry><refsect1><title>
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "ФÐЙЛ"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> управлÑет Ñодержимым файла теневых "
+"паролей, <filename>/etc/shadow</filename>. Структура в файле <emphasis remap="
+"\"I\">#include</emphasis>:"
+
+# type: Content of: <refentry><refsect1><programlisting>
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* user login name */\n"
+" char\t\t*sp_pwdp; /* encrypted password */\n"
+" long int\t\tsp_lstchg; /* last password change */\n"
+" long int\t\tsp_min; /* days until change allowed. */\n"
+" long int\t\tsp_max; /* days before change required */\n"
+" long int\t\tsp_warn; /* days warning for expiration */\n"
+" long int\t\tsp_inact; /* days before account inactive */\n"
+" long int\t\tsp_expire; /* date when account expires */\n"
+" unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+" "
+msgstr ""
+"struct spwd {\n"
+" char\t \t \t*sp_namp; /* Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ */\n"
+" char\t \t \t*sp_pwdp; /* шифрованный пароль */\n"
+" long int\t \t \tsp_lstchg; /* дата поÑледней Ñмены Ð¿Ð°Ñ€Ð¾Ð»Ñ */\n"
+" long int\t \t \tsp_min; /* дней должно пройти между Ñменами паролÑ. */\n"
+" long int\t \t \tsp_max; /* дней перед необходимоÑтью Ñмены Ð¿Ð°Ñ€Ð¾Ð»Ñ */\n"
+" long int\t \t \tsp_warn; /* дней вывода Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ Ð¾Ð± уÑтаревании */\n"
+" long int\t \t \tsp_inact; /* дней перед тем как ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ заблокируетÑÑ */\n"
+" long int\t \t \tsp_expire; /* дата уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи */\n"
+" unsigned long int\tsp_flag; /* зарезервировано */\n"
+"}"
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "Значение каждого полÑ:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+"sp_namp - указатель на Ñтроку Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ пользователÑ, завершающуюÑÑ Ð½ÑƒÐ»ÐµÐ²Ñ‹Ð¼ "
+"Ñимволом"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+"sp_pwdp - указатель на Ñтроку Ñ Ð¿Ð°Ñ€Ð¾Ð»ÐµÐ¼, завершающуюÑÑ Ð½ÑƒÐ»ÐµÐ²Ñ‹Ð¼ Ñимволом"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+"sp_lstchg - количеÑтво дней, когда был изменён пароль поÑледний раз, Ð½Ð°Ñ‡Ð¸Ð½Ð°Ñ "
+"Ñ 1 ÑÐ½Ð²Ð°Ñ€Ñ 1970 года"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr "sp_min - количеÑтво дней, когда можно не менÑÑ‚ÑŒ пароль"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+"sp_max - количеÑтво дней, которое должно пройти, чтобы нужно было поменÑÑ‚ÑŒ "
+"пароль"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+"sp_warn - количеÑтво дней, когда будет выдаватьÑÑ Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ðµ о Ñкором "
+"уÑтаревании Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿ÐµÑ€ÐµÐ´ тем как пароль уÑтареет"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+"sp_inact - количеÑтво дней, которые должны пройти поÑле уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ, "
+"когда начинать Ñчитать, что ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ неактивна и заблокирована"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+"sp_expire - дней, поÑле которых ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ будет заблокирована, Ð½Ð°Ñ‡Ð¸Ð½Ð°Ñ "
+"Ñ 1 ÑÐ½Ð²Ð°Ñ€Ñ 1970 года"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - зарезервировано"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+"Функции <emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis> и <emphasis>sgetspent</emphasis> возвращают "
+"указатель на Ñтруктуру <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> возвращает Ñледующую запиÑÑŒ из файла, а <emphasis>fgetspent</"
+"emphasis> возвращает Ñледующую запиÑÑŒ из заданного канала, предполагаÑ, что "
+"Ñто файл правильного формата.<emphasis>sgetspent</emphasis> возвращает "
+"указатель на <emphasis>struct spwd</emphasis>, иÑÐ¿Ð¾Ð»ÑŒÐ·ÑƒÑ Ð¿Ñ€ÐµÐ´Ð¾Ñтавленную "
+"Ñтроку в качеÑтве входÑщих данных. <emphasis>getspnam</emphasis> ищет "
+"Ð½Ð°Ñ‡Ð¸Ð½Ð°Ñ Ñ Ñ‚ÐµÐºÑƒÑ‰ÐµÐ¹ позиции в файле запиÑÑŒ по имени <emphasis>name</emphasis>."
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"Функции <emphasis>setspent</emphasis> и <emphasis>endspent</emphasis> можно "
+"иÑпользовать Ð´Ð»Ñ Ð¿ÐµÑ€ÐµÐ¼ÐµÑ‰ÐµÐ½Ð¸Ñ Ð² начало и конец файла теневых паролей "
+"ÑоответÑтвенно."
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"Функции <emphasis>lckpwdf</emphasis> и <emphasis>ulckpwdf</emphasis> "
+"иÑпользуютÑÑ Ð´Ð»Ñ Ð¿Ð¾Ð»ÑƒÑ‡ÐµÐ½Ð¸Ñ Ð¼Ð¾Ð½Ð¾Ð¿Ð¾Ð»ÑŒÐ½Ð¾Ð³Ð¾ доÑтупа к файлу <filename>/etc/"
+"shadow</filename>. <emphasis>lckpwdf</emphasis> пытаетÑÑ Ð²Ñ‹Ð¿Ð¾Ð»Ð½Ð¸Ñ‚ÑŒ "
+"блокировку Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <emphasis>pw_lock</emphasis> в течении 15 Ñекунд. Далее "
+"выполнÑетÑÑ Ð¿Ð¾Ð¿Ñ‹Ñ‚ÐºÐ° получить вторую блокировку Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <emphasis>spw_lock</"
+"emphasis> в течении времени оÑтавшегоÑÑ Ð¾Ñ‚ первоначальных 15 Ñекунд. При "
+"неудаче в любой из блокировок в течении 15 Ñекунд, Ñ„ÑƒÐ½ÐºÑ†Ð¸Ñ "
+"<emphasis>lckpwdf</emphasis> возвращает -1. ЕÑли обе блокировки прошли "
+"уÑпешно возвращаетÑÑ 0."
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"Функции возвращают NULL, еÑли вÑе запиÑи кончилиÑÑŒ или произошла ошибка во "
+"Ð²Ñ€ÐµÐ¼Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñ‹. Функции, возвращающие <emphasis>int</emphasis>, возвращают 0 "
+"при уÑпешном выполнении и -1 в Ñлучае неудачи."
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+"Данные функции могут иÑпользоватьÑÑ Ñ‚Ð¾Ð»ÑŒÐºÐ¾ Ñуперпользователем, так как "
+"доÑтуп к файлу теневых паролей ограничен."
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr "преобразует пароли пользователей и групп в/из защищённую форму"
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"Команда <command>pwconv</command> Ñоздаёт файл <emphasis remap=\"I\">shadow</"
+"emphasis> из файла <emphasis remap=\"I\">passwd</emphasis> и необÑзательно "
+"ÑущеÑтвующего файла <emphasis remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"Программа <command>pwconv</command> не работает, еÑли включена "
+"<option>USE_TCB</option>. Ð”Ð»Ñ Ð¿Ñ€ÐµÐ¾Ð±Ñ€Ð°Ð·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»ÐµÐ¹ tcb, Ñначала "
+"иÑпользуйте команду <command>pwconv</command> Ð´Ð»Ñ Ð¿Ñ€ÐµÐ¾Ð±Ñ€Ð°Ð·Ð¾Ð²Ð°Ð½Ð¸Ñ Ñ‚ÐµÐ½ÐµÐ²Ñ‹Ñ… "
+"паролей, выключив <option>USE_TCB</option> в <filename>login.defs</"
+"filename>, а затем преобразуйте пароль tcb Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <command>tcb_convert</"
+"command> (и включите <option>USE_TCB</option> в <filename>login.defs</"
+"filename> опÑÑ‚ÑŒ)."
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"Команда <command>pwunconv</command> Ñоздаёт файл <emphasis remap=\"I"
+"\">passwd</emphasis> из файлов <emphasis remap=\"I\">passwd</emphasis> и "
+"<emphasis remap=\"I\">shadow</emphasis>, а затем удалÑет файл <emphasis "
+"remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"Программа <command>pwunconv</command> не работает, еÑли включена "
+"<option>USE_TCB</option>. Сначала вам нужно перейти Ñ tcb обратно к "
+"иÑпользованию теневых паролей Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ <command>tcb_unconvert</command>, а "
+"затем выключить <option>USE_TCB</option> в <filename>login.defs</filename> "
+"перед иÑпользованием <command>pwunconv</command>."
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"Команда <command>grpconv</command> Ñоздаёт файл <emphasis remap=\"I"
+"\">gshadow</emphasis> из файла <emphasis remap=\"I\">group</emphasis> и "
+"необÑзательно ÑущеÑтвующего файла <emphasis remap=\"I\">gshadow</emphasis>."
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"Команда <command>grpunconv</command> Ñоздаёт файл <emphasis remap=\"I"
+"\">group</emphasis> из файлов <emphasis remap=\"I\">group</emphasis> и "
+"<emphasis remap=\"I\">gshadow</emphasis>, а затем удалÑет файл <emphasis "
+"remap=\"I\">gshadow</emphasis>."
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"Эти четыре программы работают Ñ Ñ„Ð°Ð¹Ð»Ð°Ð¼Ð¸ обычных или теневых паролей "
+"пользователей и групп: <filename>/etc/passwd</filename>, <filename>/etc/"
+"group</filename>, <filename>/etc/shadow</filename> и <filename>/etc/gshadow</"
+"filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"ÐšÐ°Ð¶Ð´Ð°Ñ Ð¿Ñ€Ð¾Ð³Ñ€Ð°Ð¼Ð¼Ð° выполнÑет необходимые блокировки перед преобразованиÑми. "
+"Команды <command>pwconv</command> и <command>grpconv</command> выполнÑÑŽÑ‚ "
+"Ñхожий порÑдок дейÑтвий. Сначала удалÑÑŽÑ‚ÑÑ Ð·Ð°Ð¿Ð¸Ñи из теневого файла которых "
+"нет в главном файле. Затем обновлÑÑŽÑ‚ÑÑ Ð·Ð°Ð¿Ð¸Ñи в теневом файле которые не "
+"Ñодержат «x» вмеÑто Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² главном файле. Далее добавлÑÑŽÑ‚ÑÑ Ð¾Ñ‚ÑутÑтвующие "
+"теневые запиÑи. Ðаконец, пароли в главном файле заменÑÑŽÑ‚ÑÑ Ñимволом «x». "
+"Данные программы можно иÑпользовать как Ð´Ð»Ñ Ð¿ÐµÑ€Ð²Ð¾Ð½Ð°Ñ‡Ð°Ð»ÑŒÐ½Ð¾Ð³Ð¾ преобразованиÑ, "
+"так и Ð´Ð»Ñ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ Ñ‚ÐµÐ½ÐµÐ²Ð¾Ð³Ð¾ файла, еÑли главный файл редактировалÑÑ "
+"вручную."
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"Команда <command>pwconv</command> иÑпользует Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ñ‹Ñ… <emphasis "
+"remap=\"I\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</"
+"emphasis> и <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> из файла "
+"<filename>/etc/login.defs</filename> при добавлении новых запиÑей в файл "
+"<filename>/etc/shadow</filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"Программы <command>pwunconv</command> и <command>grpunconv</command> также "
+"выполнÑÑŽÑ‚ Ñхожий порÑдок дейÑтвий. Пароли в главном файле обновлÑÑŽÑ‚ÑÑ Ð¸Ð· "
+"теневого файла. ЗапиÑи, которые ÑущеÑтвуют в главном файле, но не ÑущеÑтвуют "
+"в теневом файле оÑтавлÑÑŽÑ‚ÑÑ ÐºÐ°Ðº еÑÑ‚ÑŒ. По окончании, теневой файл удалÑетÑÑ. "
+"Ð˜Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑтаревании Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð½Ðµ учитываетÑÑ Ð¿Ñ€Ð¾Ð³Ñ€Ð°Ð¼Ð¼Ð¾Ð¹ "
+"<command>pwunconv</command>. КонвертируетÑÑ Ñ‚Ð¾Ð»ÑŒÐºÐ¾ возможное."
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Параметры, применимые к <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command> и <command>grpunconv</command>:"
+
+# type: Content of: <refentry><refsect1><para>
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"Ошибки в файлах паролей или групп (типа неверных или дублирующихÑÑ Ð·Ð°Ð¿Ð¸Ñей) "
+"могут зациклить программу или произойдут какие-то другие Ñтранные вещи. "
+"Перед конвертацией запуÑтите <command>pwck</command> и <command>grpck</"
+"command>, чтобы иÑправить возможные ошибки."
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"Ð¡Ð»ÐµÐ´ÑƒÑŽÑ‰Ð°Ñ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð°Ñ Ð½Ð°Ñтройки в <filename>/etc/login.defs</filename> "
+"изменÑет поведение <command>grpconv</command> и <command>grpunconv</command>:"
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"Ð¡Ð»ÐµÐ´ÑƒÑŽÑ‰Ð°Ñ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð°Ñ Ð½Ð°Ñтройки в <filename>/etc/login.defs</filename> "
+"изменÑет поведение <command>pwconv</command>:"
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "проверÑет целоÑтноÑÑ‚ÑŒ файлов паролей"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+# type: Content of: <refentry><refsect1><para>
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"Программа <command>pwck</command> проверÑет целоÑтноÑÑ‚ÑŒ информации о "
+"пользователÑÑ… и аутентификации. ПроверÑетÑÑ Ñ„Ð¾Ñ€Ð¼Ð°Ñ‚ вÑех запиÑей файлов "
+"<filename>/etc/passwd</filename> и <filename>/etc/shadow</filename><phrase "
+"condition=\"tcb\">(или файлов в <filename>/etc/tcb</filename>, еÑли включена "
+"<option>USE_TCB</option>)</phrase> и корректноÑÑ‚ÑŒ данных каждого полÑ. Ð’ "
+"Ñлучае Ð¾Ð±Ð½Ð°Ñ€ÑƒÐ¶ÐµÐ½Ð¸Ñ Ð¾ÑˆÐ¸Ð±Ð¾Ðº пользователю предлагаетÑÑ Ð¿Ð¾Ð´Ñ‚Ð²ÐµÑ€Ð´Ð¸Ñ‚ÑŒ удаление "
+"запиÑей, имеющих неверный формат или воÑÑтановление которых невозможно."
+
+# type: Content of: <refentry><refsect1><para>
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "ВыполнÑÑŽÑ‚ÑÑ Ñледующие проверки:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "правильное количеÑтво полей"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "уникальноÑÑ‚ÑŒ и корректноÑÑ‚ÑŒ имени пользователÑ"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "корректноÑÑ‚ÑŒ идентификатора Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ группы"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "корректноÑÑ‚ÑŒ первичной группы"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "корректноÑÑ‚ÑŒ домашнего каталога"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "корректноÑÑ‚ÑŒ региÑтрационной оболочки"
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"Проверки <filename>shadow</filename> выполнÑÑŽÑ‚ÑÑ, еÑли указан второй "
+"файловый параметр или когда в ÑиÑтеме ÑущеÑтвует файл <filename>/etc/shadow</"
+"filename>."
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "ВыполнÑÑŽÑ‚ÑÑ Ñледующие проверки:"
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+"что ÐºÐ°Ð¶Ð´Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ passwd имеет ÑоответÑтвующую запиÑÑŒ shadow и ÐºÐ°Ð¶Ð´Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ "
+"shadow имеет ÑоответÑтвующую запиÑÑŒ passwd"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr "пароли указаны в теневом файле"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "запиÑи shadow Ñодержат корректное количеÑтво полей"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "запиÑи shadow уникальны в shadow"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "дата поÑледней Ñмены Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð½Ðµ находитÑÑ Ð² будущем"
+
+# type: Content of: <refentry><refsect1><para>
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+"Ошибки в количеÑтве полей и уникальноÑти имён пользователей невоÑÑтановимы. "
+"ЕÑли запиÑÑŒ Ñодержит неверное чиÑло полей, Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¿Ð¾Ð¿Ñ€Ð¾ÑÑÑ‚ подтвердить "
+"удаление вÑей запиÑи. ЕÑли пользователь ответит отрицательно, Ð´Ð°Ð»ÑŒÐ½ÐµÐ¹ÑˆÐ°Ñ "
+"проверка выполнÑÑ‚ÑŒÑÑ Ð½Ðµ будет. При ошибке Ð¿Ð¾Ð²Ñ‚Ð¾Ñ€ÐµÐ½Ð¸Ñ Ð¸Ð¼ÐµÐ½Ð¸ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ "
+"также возникает Ð·Ð°Ð¿Ñ€Ð¾Ñ Ð½Ð° удаление, но в Ñлучае отказа проверка будет "
+"продолжена. Обо вÑех оÑтальных ошибках выводитÑÑ Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ðµ и "
+"пользователю предлагаетÑÑ Ð·Ð°Ð¿ÑƒÑтить команду <command>usermod</command>, "
+"чтобы иÑправить ошибку."
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"Команды, которые работают Ñ Ñ„Ð°Ð¹Ð»Ð¾Ð¼ <filename>/etc/passwd</filename>, не "
+"могут изменÑÑ‚ÑŒ повреждённые или дублирующиеÑÑ Ð·Ð°Ð¿Ð¸Ñи. Как раз в Ñтом Ñлучае "
+"и нужно иÑпользовать <command>pwck</command> Ð´Ð»Ñ ÑƒÐ´Ð°Ð»ÐµÐ½Ð¸Ñ Ð¸Ñпорченной запиÑи."
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Параметры <option>-r</option>, <option>-s</option> не могут иÑпользоватьÑÑ "
+"одновременно."
+
+# type: Content of: <refentry><refsect1><para>
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr "Параметры команды <command>pwck</command>:"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+"Сообщать только об ошибках. ПредупреждениÑ, которые не требуют от "
+"Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð½Ð¸ÐºÐ°ÐºÐ¸Ñ… дейÑтвий, показаны не будут."
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "ВыполнÑÑ‚ÑŒ команду <command>pwck</command> в режиме «только чтение»."
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"ОтÑортировать вÑе запиÑи в файлах <filename>/etc/passwd</filename> и "
+"<filename>/etc/shadow</filename> по чиÑловому идентификатору пользователÑ."
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr "Этот параметр не дейÑтвует, еÑли определена <option>USE_TCB</option>."
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"По умолчанию, команда <command>pwck</command> работает Ñ Ñ„Ð°Ð¹Ð»Ð°Ð¼Ð¸ <filename>/"
+"etc/passwd</filename> и <filename>/etc/shadow</filename><phrase condition="
+"\"tcb\"> (или файлами в <filename>/etc/tcb</filename>)</phrase>. "
+"Пользователь может указать другие файлы Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ параметров "
+"<replaceable>passwd</replaceable> и <replaceable>shadow</replaceable>."
+
+#: pwck.8.xml:243(para)
+#, fuzzy
+#| msgid ""
+#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+#| "alternative <replaceable>shadow</replaceable> file. In future releases, "
+#| "this paramater could be replaced by an alternate TCB directory."
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+"Заметим, что еÑли определена <option>USE_TCB</option>, то вы не можете "
+"указать другой файл <replaceable>shadow</replaceable>. Ð’ Ñледующих верÑиÑÑ… "
+"Ñтим параметром можно будет задать другой каталог TCB."
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "еÑÑ‚ÑŒ одна или более запиÑей Ñ Ð½ÐµÐ´Ð¾Ð¿ÑƒÑтимыми паролÑми"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "не удалоÑÑŒ открыть файл паролей"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "не удалоÑÑŒ заблокировать файл паролей"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "не удалоÑÑŒ изменить файл паролей"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "не удалоÑÑŒ отÑортировать файл паролей"
+
+# type: Content of: <refentry><refsect1><para>
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Команда <command>pwck</command> Ð·Ð°Ð²ÐµÑ€ÑˆÐ°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñƒ, возвращает Ñледующие "
+"значениÑ: <placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr "файл Ñ Ð²Ñ€ÐµÐ¼ÐµÐ½Ð°Ð¼Ð¸ доÑтупа к портам"
+
+# type: Content of: <refentry><refsect1><para>
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"Файл <emphasis remap=\"I\">porttime</emphasis> Ñодержит ÑпиÑок уÑтройÑтв "
+"tty, имена пользователей и разрешённое Ð²Ñ€ÐµÐ¼Ñ Ð²Ñ…Ð¾Ð´Ð°."
+
+# type: Content of: <refentry><refsect1><para>
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"ÐšÐ°Ð¶Ð´Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ ÑоÑтоит из трёх полей, разделённых двоеточиÑми. Ð’ первом поле "
+"ÑодержитÑÑ ÑпиÑок уÑтройÑтв tty (перечиÑленных через запÑтую) или звёздочка, "
+"указывающаÑ, что вÑе уÑтройÑтва tty попадают под правило Ñтой запиÑи. Во "
+"втором поле ÑодержитÑÑ ÑпиÑок имён пользователей (перечиÑленных через "
+"запÑтую) или звёздочка, указывающаÑ, что вÑе имена пользователей попадают "
+"под правило Ñтой запиÑи. Ð’ третьем поле ÑодержитÑÑ ÑпиÑок (через запÑтую) "
+"допуÑтимого времени работы."
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"ÐšÐ°Ð¶Ð´Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ времени доÑтупа ÑоÑтоит из Ð½ÑƒÐ»Ñ Ð¸Ð»Ð¸ более дней недели, "
+"обозначенных как <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, "
+"<emphasis>Tu</emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, "
+"<emphasis>Fr</emphasis> и <emphasis>Sa</emphasis>, а также временем начала и "
+"конца, запиÑанного через дефиÑ. Сокращение <emphasis>Wk</emphasis> можно "
+"иÑпользовать Ð´Ð»Ñ Ð¾Ð±Ð¾Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿ÐµÑ€Ð¸Ð¾Ð´Ð° Ñ Ð¿Ð¾Ð½ÐµÐ´ÐµÐ»ÑŒÐ½Ð¸ÐºÐ° по пÑтницу, а "
+"<emphasis>Al</emphasis> обозначает каждый день. ЕÑли день не задан, то "
+"предполагаетÑÑ <emphasis>Al</emphasis> в качеÑтве Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию."
+
+# type: Content of: <refentry><refsect1><title>
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "ПРИМЕРЫ"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"Ð¡Ð»ÐµÐ´ÑƒÑŽÑ‰Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ разрешает доÑтуп пользователю <emphasis remap=\"B\">jfh</"
+"emphasis> Ñ Ð»ÑŽÐ±Ð¾Ð³Ð¾ порта по буднÑм Ñ 9:00 до 17:00."
+
+# type: Content of: <refentry><refsect1><para>
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"Следующие запиÑи разрешают доÑтуп только пользователÑм <emphasis>root</"
+"emphasis> и <emphasis>oper</emphasis> Ñ <filename>/dev/console</filename> в "
+"любое времÑ. Это показывает, что файл <filename>/etc/porttime</filename> "
+"обрабатываетÑÑ Ð² порÑдке поÑÐ²Ð»ÐµÐ½Ð¸Ñ Ð·Ð°Ð¿Ð¸Ñей в файле. Любой другой "
+"пользователь попадёт под правило второй запиÑи, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð½Ðµ разрешает доÑтуп "
+"в любое времÑ."
+
+# type: Content of: <refentry><refsect1><programlisting>
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+msgstr ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"Ð¡Ð»ÐµÐ´ÑƒÑŽÑ‰Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ разрешает доÑтуп пользователю <emphasis>games</emphasis> Ñ "
+"любого порта в нерабочие чаÑÑ‹."
+
+# type: Content of: <refentry><refsect1><para>
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr ""
+"Ñодержит разрешённое Ð²Ñ€ÐµÐ¼Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñ‹ определённых пользователей Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»Ñ‘Ð½Ð½Ñ‹Ñ… "
+"портов"
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "файл паролей"
+
+# type: Content of: <refentry><refsect1><para>
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"Файл <filename>/etc/passwd</filename> Ñодержит учётные запиÑи пользователей, "
+"по одной в каждой Ñтроке. Строка ÑоÑтоит из Ñеми полей, разделённых "
+"двоеточиÑми (<quote>:</quote>). ПолÑ:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "необÑзательный зашифрованный пароль"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "чиÑловой идентификатор пользователÑ"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "чиÑловой идентификатор группы"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "ФИО Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð»Ð¸ поле комментариÑ"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "домашний каталог пользователÑ"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "необÑзательный интерпретатор командной Ñтроки пользователÑ"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Поле Ñ Ð·Ð°ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð½Ñ‹Ð¼ паролем может быть пуÑтым, и тогда Ð´Ð»Ñ Ð²Ñ…Ð¾Ð´Ð° под Ñтой "
+"учётной запиÑью пароль не требуетÑÑ. Однако, некоторые приложениÑ, которые "
+"читают файл <filename>/etc/passwd</filename>, могут решить не позволÑÑ‚ÑŒ "
+"<emphasis>любой</emphasis> доÑтуп, еÑли поле <emphasis>паролÑ</emphasis> "
+"пуÑтое. ЕÑли поле <emphasis>паролÑ</emphasis> Ñодержит Ñтрочную <quote>x</"
+"quote>, то шифрованный пароль хранитÑÑ Ð² файле "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>; в файле <filename>shadow</filename> <emphasis>должна</"
+"emphasis> быть ÑоответÑÑ‚Ð²ÑƒÑŽÑ‰Ð°Ñ Ñтрока, иначе ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ ÑчитаетÑÑ "
+"недейÑтвительной. ЕÑли в поле <emphasis>паролÑ</emphasis> ÑодержитÑÑ ÐºÐ°ÐºÐ°Ñ-"
+"то Ð´Ñ€ÑƒÐ³Ð°Ñ Ñтрока, то она воÑпринимаетÑÑ ÐºÐ°Ðº шифрованный пароль, ÑоглаÑно "
+"формату <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Поле ÐºÐ¾Ð¼Ð¼ÐµÐ½Ñ‚Ð°Ñ€Ð¸Ñ Ð¸ÑпользуетÑÑ Ñ€Ð°Ð·Ð»Ð¸Ñ‡Ð½Ñ‹Ð¼Ð¸ ÑиÑтемными утилитами, такими как "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"Ð’ поле домашнего каталога хранитÑÑ Ð½Ð°Ñ‡Ð°Ð»ÑŒÐ½Ñ‹Ð¹ рабочий каталог. Программа "
+"<command>login</command> иÑпользует Ñту информацию Ð´Ð»Ñ ÑƒÑтановки Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ "
+"переменной Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ <envar>$HOME</envar>."
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"Ð’ поле интерпретатора командной Ñтроки хранитÑÑ Ð½Ð°Ð·Ð²Ð°Ð½Ð¸Ðµ интерпретатора "
+"командной Ñтроки Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð»Ð¸ программы, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð±ÑƒÐ´ÐµÑ‚ запущена первой. "
+"Программа <command>login</command> иÑпользует Ñту информацию Ð´Ð»Ñ ÑƒÑтановки "
+"Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ <envar>$SHELL</envar>. ЕÑли Ñто поле пуÑтое, "
+"то иÑпользуетÑÑ Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ðµ по умолчанию <filename>/bin/sh</filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "необÑзательный файл Ñ ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð½Ñ‹Ð¼Ð¸ паролÑми"
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "Ñ€ÐµÐ·ÐµÑ€Ð²Ð½Ð°Ñ ÐºÐ¾Ð¿Ð¸Ñ Ñ„Ð°Ð¹Ð»Ð° /etc/passwd"
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "изменÑет пароль пользователÑ"
+
+# type: Content of: <refentry><refsect1><para>
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"Программа <command>passwd</command> изменÑет пароли пользовательÑких учётных "
+"запиÑей. Обычный пользователь может изменить пароль только Ñвоей учётной "
+"запиÑи, Ñуперпользователь может изменить пароль любой учётной запиÑи. "
+"Программа <command>passwd</command> также изменÑет информацию об учётной "
+"запиÑи или Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Изменение паролÑ"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"Сначала Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¿Ð¾Ð¿Ñ€Ð¾ÑÑÑ‚ ввеÑти Ñтарый пароль, еÑли он был. Этот пароль "
+"зашифровываетÑÑ Ð¸ ÑравниваетÑÑ Ñ Ð¸Ð¼ÐµÑŽÑ‰Ð¸Ð¼ÑÑ. У Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ ÐµÑÑ‚ÑŒ только одна "
+"попытка ввеÑти правильный пароль. Ð”Ð»Ñ ÑÑƒÐ¿ÐµÑ€Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ñтот шаг "
+"пропуÑкаетÑÑ, Ð´Ð»Ñ Ñ‚Ð¾Ð³Ð¾ чтобы можно было изменить забытый пароль."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"ПоÑле ввода Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ñ€Ð¾Ð²ÐµÑ€ÑетÑÑ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± уÑтаревании паролÑ, чтобы "
+"убедитьÑÑ, что пользователю разрешено изменÑÑ‚ÑŒ пароль в наÑтоÑщий момент. "
+"ЕÑли нет, то <command>passwd</command> не производит изменение Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¸ "
+"завершает работу."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"Затем пользователю предложат дважды ввеÑти новый пароль. Значение второго "
+"ввода ÑравниваетÑÑ Ñ Ð¿ÐµÑ€Ð²Ñ‹Ð¼ и Ð´Ð»Ñ Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ð¸ из обеих попыток должны "
+"ÑовпаÑÑ‚ÑŒ."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"Затем пароль теÑтируетÑÑ Ð½Ð° ÑложноÑÑ‚ÑŒ подбора. СоглаÑно общим принципам, "
+"пароли должны быть длиной от 6 до 8 Ñимволов и включать один или более "
+"Ñимволов каждого типа:"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "Ñтрочные буквы"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "цифры от 0 до 9"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "знаки пунктуации"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"Ðе включайте ÑиÑтемные Ñимволы ÑÑ‚Ð¸Ñ€Ð°Ð½Ð¸Ñ Ð¸ удалениÑ. Программа "
+"<command>passwd</command> не примет пароль, который не имеет доÑтаточной "
+"ÑложноÑти."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Выбор паролÑ"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"БезопаÑноÑÑ‚ÑŒ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð·Ð°Ð²Ð¸Ñит от ÑтойкоÑти алгоритма ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¸ размера "
+"проÑтранÑтва ключа. Ð’ Ñтарых ÑиÑтемах <emphasis>UNIX</emphasis> метод "
+"ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¾ÑновывалÑÑ Ð½Ð° алгоритме NBS DES. Ð¡ÐµÐ¹Ñ‡Ð°Ñ Ñ€ÐµÐºÐ¾Ð¼ÐµÐ½Ð´ÑƒÑŽÑ‚ более новые "
+"методы (Ñмотрите <option>ENCRYPT_METHOD</option>). Размер проÑтранÑтва ключа "
+"завиÑит от Ñтепени произвольноÑти выбранного паролÑ."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"При обеÑпечении безопаÑноÑти Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð²Ñ‹Ð±Ð¸Ñ€Ð°ÑŽÑ‚ нечто Ñреднее между Ñложным "
+"паролем и ÑложноÑтью работы Ñ Ð½Ð¸Ð¼. По Ñтой причине, вы не должны "
+"иÑпользовать пароль, который ÑвлÑетÑÑ Ñловом из ÑÐ»Ð¾Ð²Ð°Ñ€Ñ Ð¸Ð»Ð¸ который придётÑÑ "
+"запиÑать из-за его ÑложноÑти. Также, пароль не должен быть названием чего-"
+"либо, номером вашей лицензии, днём Ñ€Ð¾Ð¶Ð´ÐµÐ½Ð¸Ñ Ð¸ домашним адреÑом. Обо вÑём "
+"Ñтом легко догадатьÑÑ, что приведёт к нарушению безопаÑноÑти ÑиÑтемы."
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"О том, как выбрать Ñтойкий пароль, читайте в http://ru.wikipedia.org/wiki/"
+"СложноÑÑ‚ÑŒ_паролÑ."
+
+# type: Content of: <refentry><refsect1><para>
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "Параметры команды <command>passwd</command>:"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Этот параметр можно иÑпользовать только вмеÑте Ñ <option>-S</option> Ð´Ð»Ñ "
+"вывода ÑтатуÑа вÑех пользователей."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Удалить пароль Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ (Ñделать его пуÑтым). Это быÑтрый ÑпоÑоб "
+"заблокировать пароль учётной запиÑи. Это Ñделает указанную учётную запиÑÑŒ "
+"беÑпарольной."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Ðемедленно Ñделать пароль уÑтаревшим. Ð’ результате Ñто заÑтавит Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ "
+"изменить пароль при Ñледующем входе в ÑиÑтему."
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>ДÐЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Этот параметр иÑпользуетÑÑ Ð´Ð»Ñ Ð±Ð»Ð¾ÐºÐ¸Ñ€Ð¾Ð²ÐºÐ¸ учётной запиÑи по прошеÑтвии "
+"заданного чиÑла дней поÑле уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ. То еÑÑ‚ÑŒ, еÑли пароль уÑтарел "
+"и прошло более указанных <replaceable>ДÐЕЙ</replaceable>, то пользователь "
+"больше не Ñможет иÑпользовать данную учётную запиÑÑŒ."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Указывает, что изменение Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð½ÑƒÐ¶Ð½Ð¾ выполнить только Ð´Ð»Ñ ÑƒÑтаревших ключей "
+"аутентификации (паролей). Пользователи хотÑÑ‚ оÑтавить Ñвои непроÑроченные "
+"ключи нетронутыми."
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Заблокировать пароль указанной учётной запиÑи. Этот параметр блокирует "
+"пароль, изменÑÑ ÐµÐ³Ð¾ значение на вариант, который не может быть шифрованным "
+"паролем (добавлÑетÑÑ Ñимвол «!» в начало паролÑ)."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"Заметим, что Ñто не блокирует учётную запиÑÑŒ. Пользователь вÑÑ‘ ещё может "
+"войти в ÑиÑтему Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ другого ÑпоÑоба аутентификации (например, Ñ "
+"помощью ключа SSH). Чтобы заблокировать учётную запиÑÑŒ, админиÑтратор должен "
+"иÑпользовать команду <command>usermod --expiredate 1</command> (Ñто "
+"уÑтановит дату уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑÑŒ равной 2 ÑÐ½Ð²Ð°Ñ€Ñ 1970 года)."
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr "ПоÑетитель Ñ Ð·Ð°Ð±Ð»Ð¾ÐºÐ¸Ñ€Ð¾Ð²Ð°Ð½Ð½Ñ‹Ð¼ паролем не может изменить Ñвой пароль."
+
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>МИÐ_ДÐЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Задать <replaceable>минимальное количеÑтво дней</replaceable> между Ñменами "
+"паролÑ. Ðулевое значение Ñтого Ð¿Ð¾Ð»Ñ ÑƒÐºÐ°Ð·Ñ‹Ð²Ð°ÐµÑ‚ на то, что пользователь может "
+"менÑÑ‚ÑŒ Ñвой пароль когда захочет."
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>РЕПОЗИТОРИЙ</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr "Изменить пароль в <replaceable>РЕПОЗИТОРИИ</replaceable>."
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Показать ÑоÑтоÑние учётной запиÑи. Ð˜Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾ ÑоÑтоÑнии Ñодержит 7 полей. "
+"Первое поле Ñодержит Ð¸Ð¼Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи. Второе поле указывает, заблокирован "
+"ли пароль учётной запиÑи (L), она без Ð¿Ð°Ñ€Ð¾Ð»Ñ (NP) или у неё еÑÑ‚ÑŒ рабочий "
+"пароль (P). Третье поле хранит дату поÑледнего Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ. Ð’ Ñледующих "
+"четырёх полÑÑ… хранÑÑ‚ÑÑ Ð¼Ð¸Ð½Ð¸Ð¼Ð°Ð»ÑŒÐ½Ñ‹Ð¹ Ñрок, макÑимальный Ñрок, период выдачи "
+"Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ Ð¸ период неактивноÑти паролÑ. Эти Ñроки измерÑÑŽÑ‚ÑÑ Ð² днÑÑ…."
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Разблокировать пароль указанной учётной запиÑи. Этот параметр разблокирует "
+"пароль, Ð²Ð¾Ð·Ð²Ñ€Ð°Ñ‰Ð°Ñ ÐµÐ³Ð¾ прежнее значение (которое было перед иÑпользованием "
+"параметра <option>-l</option>)."
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>ПРЕД_ДÐЕЙ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"УÑтановить чиÑло дней выдачи предупреждениÑ, перед тем как потребуетÑÑ Ñмена "
+"паролÑ. Ð’ параметре <replaceable>ПРЕД_ДÐЕЙ</replaceable> указываетÑÑ Ñ‡Ð¸Ñло "
+"дней перед тем как пароль уÑтареет, в течении которых пользователю будут "
+"напоминать, что пароль Ñкоро уÑтареет."
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>ÐœÐКС_ДÐЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"УÑтановить макÑимальное количеÑтво дней, в течении которых пароль оÑтаётÑÑ "
+"рабочим. ПоÑле <replaceable>ÐœÐКС_ДÐЕЙ</replaceable> пароль нужно изменить."
+
+# type: Content of: <refentry><refsect1><para>
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"СложноÑÑ‚ÑŒ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ñ€Ð¾Ð²ÐµÑ€ÑетÑÑ Ð½Ð° разных машинах по разному. Пользователю "
+"наÑтоÑтельно рекомендуетÑÑ Ð²Ñ‹Ð±Ð¸Ñ€Ð°Ñ‚ÑŒ пароль такой ÑложноÑти, чтобы ему "
+"нормально работалоÑÑŒ."
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"Пользователи не могут изменÑÑ‚ÑŒ Ñвои пароли в ÑиÑтеме, еÑли включён NIS и они "
+"не вошли на Ñервер NIS."
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+"Команда <command>passwd</command> Ð´Ð»Ñ Ð°ÑƒÑ‚ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ†Ð¸Ð¸ пользователей и Ð´Ð»Ñ "
+"Ñмены паролей иÑпользует PAM."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (Ñтрока)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+"Задаёт ÑиÑтемный алгоритм ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ð¾ умолчанию Ð´Ð»Ñ ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»ÐµÐ¹ "
+"(иÑпользуетÑÑ, еÑли алгоритм не указан в командной Ñтроке)."
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Возможны Ñледующие значениÑ: <replaceable>DES</replaceable> (по умолчанию), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+"Замечание: Ñтот параметр переопределÑет переменную <option>MD5_CRYPT_ENAB</"
+"option>."
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"Замечание: дейÑтвует только при генерации паролей к группам. Ð“ÐµÐ½ÐµÑ€Ð°Ñ†Ð¸Ñ "
+"пользовательÑких паролей выполнÑетÑÑ PAM и там же наÑтраиваетÑÑ. "
+"РекомендуетÑÑ ÑƒÑтанавливать значение Ñтой переменной ÑоглаÑно наÑтройкам PAM."
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (логичеÑкий)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"Обозначает, что пароль должен быть зашифрован по алгоритму на оÑнове MD5. "
+"ЕÑли значение равно <replaceable>yes</replaceable>, то новые пароли будут "
+"зашифрованы по алгоритму на оÑнове MD5, ÑовмеÑтимому Ñ Ð¸Ñпользуемым в новых "
+"верÑиÑÑ… FreeBSD. Он поддерживает пароли неограниченной длины и имеет более "
+"длинную Ñтроку Ñоли. УÑтановите в <replaceable>no</replaceable>, еÑли вам "
+"нужно копировать шифрованные пароли в другие ÑиÑтемы, которые не "
+"поддерживают новый алгоритм. По умолчанию <replaceable>no</replaceable>."
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"Эта Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð°Ñ Ð¿ÐµÑ€ÐµÐ¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÑетÑÑ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ <option>ENCRYPT_METHOD</option> "
+"или любым параметром командной Ñтроки, который задаёт алгоритм шифрованиÑ."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr "Эта Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð°Ñ ÑƒÑтарела; иÑпользуйте <option>ENCRYPT_METHOD</option>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (логичеÑкий)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr "Включает дополнительные проверки при Ñмене паролÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (логичеÑкий)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"Предупреждать о Ñлабых паролÑÑ… (но разрешать их иÑпользовать) Ð´Ð»Ñ "
+"ÑуперпользователÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (чиÑло)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+"МакÑимальное количеÑтво попыток Ñмены Ð¿Ð°Ñ€Ð¾Ð»Ñ (Ñлишком проÑтого) при "
+"непрохождении проверки."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (чиÑло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (чиÑло)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"КоличеÑтво значимых Ñимволов в пароле Ð´Ð»Ñ crypt(). По умолчанию значение "
+"<option>PASS_MAX_LEN</option> равно 8. Ðе изменÑйте, еÑли ваш crypt() лучше. "
+"ИгнорируетÑÑ, еÑли значение <option>MD5_CRYPT_ENAB</option> равно "
+"<replaceable>yes</replaceable>."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (чиÑло)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (чиÑло)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"ЕÑли значение <option>ENCRYPT_METHOD</option> равно <replaceable>SHA256</"
+"replaceable> или <replaceable>SHA512</replaceable>, Ñта Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð°Ñ "
+"определÑет количеÑтво раундов SHA, иÑпользуемых алгоритмом ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ð¾ "
+"умолчанию (еÑли количеÑтво раундов не задано в командной Ñтроке)."
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"Увеличение количеÑтва раундов повышает ÑложноÑÑ‚ÑŒ подбора Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ñ€Ð¾Ñтым "
+"перебором. Ðо заметим, что при Ñтом Ð´Ð»Ñ Ð°ÑƒÑ‚ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ†Ð¸Ð¸ пользователей "
+"требуетÑÑ Ð±Ð¾Ð»ÑŒÑˆÐµÐµ количеÑтво процеÑÑорных реÑурÑов."
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+"ЕÑли не задана, то libc выбирает значение количеÑтва раундов по умолчанию "
+"(5000)."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr "Ð—Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð´Ð¾Ð»Ð¶Ð½Ñ‹ лежать в диапазоне 1000-999999999."
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"ЕÑли задано какое-то одно значение — <option>SHA_CRYPT_MIN_ROUNDS</option> "
+"или <option>SHA_CRYPT_MAX_ROUNDS</option> — то будет иÑпользовано Ñто "
+"значение."
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"ЕÑли <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; "
+"<option>SHA_CRYPT_MAX_ROUNDS</option>, то иÑпользуетÑÑ Ð±Ð¾Ð»ÑŒÑˆÐµÐµ значение."
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "наÑтройки PAM Ð´Ð»Ñ <command>passwd</command>"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "доÑтуп запрещён"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "недопуÑÑ‚Ð¸Ð¼Ð°Ñ ÐºÐ¾Ð¼Ð±Ð¸Ð½Ð°Ñ†Ð¸Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð²"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "Ð½ÐµÐ¾Ð¶Ð¸Ð´Ð°Ð½Ð½Ð°Ñ Ð¾ÑˆÐ¸Ð±ÐºÐ° при работе, ничего не Ñделано"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr ""
+"Ð½ÐµÐ¾Ð¶Ð¸Ð´Ð°Ð½Ð½Ð°Ñ Ð¾ÑˆÐ¸Ð±ÐºÐ° при работе, отÑутÑтвует файл <filename>passwd</filename>"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+"файл <filename>passwd</filename> занÑÑ‚ другой программой, попробуйте ещё раз"
+
+# type: Content of: <refentry><refsect1><para>
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Программа <command>passwd</command> Ð·Ð°Ð²ÐµÑ€ÑˆÐ°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñƒ, возвращает Ñледующие "
+"значениÑ: <placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "вежливо отказывает во входе в ÑиÑтему"
+
+# type: Content of: <refentry><refsect1><para>
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"Программа <command>nologin</command> выдаёт Ñообщение, что ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ "
+"недоÑтупна и завершает работу Ñ Ð½ÐµÐ½ÑƒÐ»ÐµÐ²Ñ‹Ð¼ кодом возврата. Она предназначена "
+"Ð´Ð»Ñ Ð·Ð°Ð¼ÐµÐ½Ñ‹ оболочки командной Ñтроки в поле оболочки у заблокированных "
+"учётных запиÑей."
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"Чтобы заблокировать вÑе учётные запиÑи поÑмотрите Ñправочную Ñтраницу "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><title>
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "ИСТОРИЯ"
+
+# type: Content of: <refentry><refsect1><para>
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "Программа <command>nologin</command> впервые поÑвилаÑÑŒ в BSD 4.4."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr ""
+"обновлÑет и Ñоздаёт новые учётные запиÑи пользователей в пакетном режиме"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "файл"
+
+# type: Content of: <refentry><refsect1><para>
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"Программа <command>newusers</command> читает <replaceable>файл</replaceable> "
+"(или по умолчанию Ñтандартный ввод) и иÑпользует Ñту информацию Ð´Ð»Ñ "
+"Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ ÑущеÑтвующих или ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ Ð½Ð¾Ð²Ñ‹Ñ… учётных запиÑей. ÐšÐ°Ð¶Ð´Ð°Ñ "
+"Ñтрока имеет формат Ñтандартного файла паролей (Ñмотрите "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) за иÑключением:"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "Ð˜Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ."
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "It can be the name of a new user or the name of an existing user (or an "
+#| "user created before by <command>newusers</command>). In case of an "
+#| "existing user, the user's information will be changed, otherwise a new "
+#| "user will be created."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Это может быть Ð¸Ð¼Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð»Ð¸ Ð¸Ð¼Ñ ÑущеÑтвующего Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ "
+"(или пользователÑ, Ñозданного <command>newusers</command> ранее). ЕÑли "
+"пользователь ÑущеÑтвует, то будет изменена Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾ пользователе, или же "
+"ÑоздаётÑÑ Ð½Ð¾Ð²Ñ‹Ð¹ пользователь."
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Это поле будет зашифровано и иÑпользовано как новое значение шифрованного "
+"паролÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr " pw_gid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Это поле иÑпользуетÑÑ Ð´Ð»Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ UID пользователÑ."
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"ЕÑли Ñто поле пуÑто, то командой <command>newusers</command> автоматичеÑки "
+"определÑетÑÑ Ð½Ð¾Ð²Ñ‹Ð¹ (неиÑпользованный) UID."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr ""
+"ЕÑли в Ñтом поле указано чиÑло, то оно будет иÑпользовано в качеÑтве UID."
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"ЕÑли в поле ÑодержитÑÑ Ð¸Ð¼Ñ ÑущеÑтвующего Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ (или Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ, "
+"Ñозданного <command>newusers</command> ранее), то иÑпользует UID указанного "
+"пользователÑ."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"ЕÑли изменÑетÑÑ UID ÑущеÑтвующего пользователÑ, то у файлов, которыми владел "
+"Ñтот пользователь, нужно вручную переопределить владельца."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+"Это поле иÑпользуетÑÑ Ð´Ð»Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ ID первичной группы пользователÑ."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"ЕÑли в Ñтом поле ÑодержитÑÑ Ð¸Ð¼Ñ ÑущеÑтвующей группы (или группы, Ñозданной "
+"<command>newusers</command> ранее), то в качеÑтве ID первичной группы "
+"Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð±ÑƒÐ´ÐµÑ‚ иÑпользован GID Ñтой группы."
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"ЕÑли в Ñтом поле ÑодержитÑÑ Ñ‡Ð¸Ñло, то Ñто чиÑло будет иÑпользовано как ID "
+"первичной группы пользователÑ. ЕÑли Ñ Ñ‚Ð°ÐºÐ¸Ð¼ GID не ÑущеÑтвует, то будет "
+"Ñоздана Ð½Ð¾Ð²Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° Ñ Ñтим GID и именем пользователÑ."
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"ЕÑли Ñто поле пуÑто, то Ð½Ð¾Ð²Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° будет Ñоздана Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ пользователÑ, а "
+"GID будет определён <command>newusers</command> автоматичеÑки (Ð´Ð»Ñ "
+"иÑÐ¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð² качеÑтве ID первичной группы Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ GID новой "
+"группы)."
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"ЕÑли поле Ñодержит Ð¸Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹, которой не ÑущеÑтвует (и ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð½Ðµ была "
+"Ñоздана <command>newusers</command> ранее), то будет Ñоздана Ð½Ð¾Ð²Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° Ñ "
+"указанным именем, GID будет определён <command>newusers</command> "
+"автоматичеÑки (Ð´Ð»Ñ Ð¸ÑÐ¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð² качеÑтве ID первичной группы Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ "
+"и GID новой группы)."
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Это поле копируетÑÑ Ð² поле GECOS запиÑи пользователÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><emphasis>
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr "Это поле иÑпользуетÑÑ Ð´Ð»Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð´Ð¾Ð¼Ð°ÑˆÐ½ÐµÐ³Ð¾ каталога пользователÑ."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"ЕÑли Ñто поле указывает на неÑущеÑтвующий каталог, то указанный каталог "
+"ÑоздаётÑÑ, его владельцем назначаетÑÑ Ñоздаваемый или обновлÑемый "
+"пользователь и его Ð¿ÐµÑ€Ð²Ð¸Ñ‡Ð½Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð°."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"ЕÑли изменÑетÑÑ Ð´Ð¾Ð¼Ð°ÑˆÐ½Ð¸Ð¹ каталог ÑущеÑтвующего пользователÑ, то команда "
+"<command>newusers</command> не перемещает или копирует Ñодержимое Ñтарого "
+"каталога в новое меÑто. Это нужно выполнить вручную."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"Ð’ Ñтом поле задаётÑÑ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÑŒÑÐºÐ°Ñ Ð¾Ð±Ð¾Ð»Ð¾Ñ‡ÐºÐ°. Ðикаких проверок Ð¿Ð¾Ð»Ñ Ð½Ðµ "
+"делаетÑÑ."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"Команда <command>newusers</command> Ñначала пытаетÑÑ Ñоздать или изменить "
+"вÑех указанных пользователей, а затем запиÑать Ñти Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð² базы данных "
+"пользователей или групп. ЕÑли проиÑходит ошибка (кроме ошибок при поÑледней "
+"запиÑи в базы данных), то Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð² базы не ÑохранÑÑŽÑ‚ÑÑ."
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+"Во Ð²Ñ€ÐµÐ¼Ñ Ð¿ÐµÑ€Ð²Ð¾Ð³Ð¾ прохода пользователи ÑоздаютÑÑ Ñ Ð·Ð°Ð±Ð»Ð¾ÐºÐ¸Ñ€Ð¾Ð²Ð°Ð½Ð½Ñ‹Ð¼Ð¸ паролÑми "
+"(у неÑоздаваемых пользователей пароли не изменÑÑŽÑ‚ÑÑ). Во Ð²Ñ€ÐµÐ¼Ñ Ð²Ñ‚Ð¾Ñ€Ð¾Ð³Ð¾ "
+"прохода выполнÑетÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ðµ паролей Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ PAM. При возникновении "
+"ошибок при обновлении об Ñтом ÑообщаетÑÑ, но обновление паролей продолжаетÑÑ."
+
+# type: Content of: <refentry><refsect1><para>
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Ð”Ð°Ð½Ð½Ð°Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð° предназначена Ð´Ð»Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñ‹ в крупных ÑиÑтемных Ñредах, где за "
+"один раз обновлÑетÑÑ Ð½ÐµÑколько учётных запиÑей."
+
+# type: Content of: <refentry><refsect1><para>
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "Параметры команды <command>newusers</command>:"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "ИÑпользовать указанный метод Ð´Ð»Ñ ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»ÐµÐ¹."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"Возможные методы: DES, MD5, NONE и SHA256 или SHA512, еÑли Ñти методы "
+"поддерживаетÑÑ libc."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"СиÑтемные пользователи ÑоздаютÑÑ Ð±ÐµÐ· информации об уÑтаревании в <filename>/"
+"etc/shadow</filename>, и их чиÑловые идентификаторы выбираютÑÑ Ð¸Ð· диапазона "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, определённого в "
+"<filename>login.defs</filename>, а не из <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (Ñто же каÑаетÑÑ Ð¸ чаÑти Ñ <option>GID</option> при "
+"Ñоздании групп)."
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "ИÑпользовать указанное количеÑтво раундов ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»ÐµÐ¹."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"Значение 0 означает, что ÑиÑтема выберет количеÑтво раундов по умолчанию Ð´Ð»Ñ "
+"выбранного метода ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ (5000)."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+"Минимальное значение равно 1000, а макÑимальное значение равно 999,999,999."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Ð’Ñ‹ можете иÑпользовать Ñтот параметр только при методе ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ SHA256 или "
+"SHA512."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"По умолчанию, количеÑтво раундов определÑетÑÑ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ñ‹Ð¼Ð¸ "
+"SHA_CRYPT_MIN_ROUNDS и SHA_CRYPT_MAX_ROUNDS из <filename>/etc/login.defs</"
+"filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Файл Ñ Ð²Ñ…Ð¾Ð´Ð½Ñ‹Ð¼Ð¸ данными должен быть защищён, так как в нём ÑодержатÑÑ Ð½Ðµ "
+"шифрованные пароли."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Ð’Ñ‹ должны проверить, что пароль и метод ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ ÑоответÑтвует политике "
+"ÑиÑтемных паролей."
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "наÑтройки PAM Ð´Ð»Ñ <command>newusers</command>"
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "выполнÑет региÑтрацию Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² новой группе"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "группа"
+
+# type: Content of: <refentry><refsect1><para>
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"Программа <command>newgrp</command> иÑпользуетÑÑ Ð´Ð»Ñ Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ ID текущей "
+"группы в работающем ÑеанÑе. ЕÑли указан необÑзательный параметр <option>-</"
+"option>, то окружение Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð±ÑƒÐ´ÐµÑ‚ инициализировано повторно, как еÑли "
+"бы пользователь заново вошёл в ÑиÑтему, иначе имеющееÑÑ Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ðµ, Ð²ÐºÐ»ÑŽÑ‡Ð°Ñ "
+"текущий рабочий каталог, изменено не будет."
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+"Программа <command>newgrp</command> изменÑет идентификатор текущей реальной "
+"группы на заданный или на группу по умолчанию, указанную в файле <filename>/"
+"etc/passwd</filename>, в Ñлучае еÑли Ð¸Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ не указано. Программа "
+"<command>newgrp</command> также пытаетÑÑ Ð´Ð¾Ð±Ð°Ð²Ð¸Ñ‚ÑŒ группу в ÑпиÑок групп "
+"пользователÑ. ЕÑли пользователь не ÑвлÑетÑÑ Ñуперпользователем, то его "
+"попроÑÑÑ‚ ввеÑти пароль, даже еÑли он его не имеет (в файле <filename>/etc/"
+"shadow</filename>, еÑли Ð´Ð»Ñ Ñтого Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð¼ÐµÐµÑ‚ÑÑ Ð·Ð°Ð¿Ð¸ÑÑŒ в файле "
+"теневых паролей, иначе иÑпользуетÑÑ Ñ„Ð°Ð¹Ð» <filename>/etc/passwd</filename>), "
+"а группа имеет, или еÑли пользователь не ÑвлÑетÑÑ Ñ‡Ð»ÐµÐ½Ð¾Ð¼ группы, а группа "
+"имеет пароль. ЕÑли пользователь не ÑвлÑетÑÑ Ñ‡Ð»ÐµÐ½Ð¾Ð¼ группы, а у группы пуÑтой "
+"пароль, то пользователю будет отказано в доÑтупе."
+
+# type: Content of: <refentry><refsect1><para>
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+"ЕÑли еÑÑ‚ÑŒ запиÑÑŒ Ð´Ð»Ñ Ñтой группы в файле <filename>/etc/gshadow</filename>, "
+"то ÑпиÑок членов и пароль Ñтой группы будут взÑÑ‚Ñ‹ из Ñтого файла, иначе "
+"иÑпользуетÑÑ Ð·Ð°Ð¿Ð¸ÑÑŒ из файла <filename>/etc/group</filename>."
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "контролирует временные интервалы работы в ÑиÑтеме"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"Программа <command>logoutd</command> контролирует временные Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ "
+"работы в ÑиÑтеме и порты, заданные в файле <filename>/etc/porttime</"
+"filename>. Программа <command>logoutd</command> должна запуÑкатьÑÑ Ð¸Ð· "
+"ÑÑ†ÐµÐ½Ð°Ñ€Ð¸Ñ <filename>/etc/rc</filename>. Файл <filename>/var/run/utmp</"
+"filename> периодичеÑки ÑканируетÑÑ Ð¸ Ð´Ð»Ñ ÐºÐ°Ð¶Ð´Ð¾Ð³Ð¾ имени Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ "
+"проверÑетÑÑ, разрешено ли данному пользователю работать в наÑтоÑщий момент "
+"на данном порту. Любой ÑеанÑ, который нарушает ограничениÑ, опиÑанные в "
+"файле <filename>/etc/porttime</filename>, будет завершён."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Ñодержит ÑпиÑок работающих ÑеанÑов в ÑиÑтеме"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "Ñодержит конфигурацию подÑиÑтемы теневых паролей"
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+"Файл <filename>/etc/login.defs</filename> Ñодержит наÑтройки подÑиÑтемы "
+"теневых паролей (shadow password suite). Этот файл ÑвлÑетÑÑ Ð¾Ð±Ñзательным. "
+"ОтÑутÑтвие данного файла не повлиÑет на работу ÑиÑтемы, но, вероÑтно, "
+"приведёт к выполнению нежелаемых операций."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Файл предÑтавлÑет Ñобой обычный текÑтовый файл; ÐºÐ°Ð¶Ð´Ð°Ñ Ñтрока опиÑывает один "
+"параметр наÑтройки. Строки ÑоÑтоÑÑ‚ из Ð½Ð°Ð·Ð²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð° и его значениÑ, "
+"которые разделÑÑŽÑ‚ÑÑ Ð¿Ñ€Ð¾Ð±ÐµÐ»ÑŒÐ½Ñ‹Ð¼ Ñимволом. ПуÑтые Ñтроки и комментарии "
+"игнорируютÑÑ. Комментарии начинаютÑÑ Ñо знака фунта «#», который должен быть "
+"первым непробельным Ñимволом в Ñтроке."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+"Ð—Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð² могут быть четырёх типов: Ñтроки, логичеÑкие значениÑ, "
+"чиÑла и длинные чиÑла. Строки ÑоÑтоÑÑ‚ из любых печатных Ñимволов. Под "
+"логичеÑкими значениÑми подразумеваютÑÑ <replaceable>yes</replaceable> или "
+"<replaceable>no</replaceable>. Ðеопределённый логичеÑкий параметр или "
+"имеющий значение, отличное от указанных выше, ÑчитаетÑÑ ÐºÐ°Ðº имеющий значение "
+"<replaceable>no</replaceable>. ЧиÑла (обычные и длинные) можно задавать в "
+"деÑÑтичной, воÑьмеричной (перед значением ÑтавитÑÑ Â«<replaceable>0</"
+"replaceable>») или шеÑтнадцатеричной (перед значением ÑтавитÑÑ "
+"«<replaceable>0x</replaceable>») ÑиÑтемах ÑчиÑлениÑ. МакÑимальные Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ "
+"параметра обычного и длинного чиÑла завиÑÑÑ‚ от архитектуры компьютера."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Возможны Ñледующие параметры наÑтройки:"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (логичеÑкий)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"ЕÑли равно <<replaceable>yes</replaceable>, то программа <command>chfn</"
+"command> будет проводить аутентификацию перед тем как выполнить любые "
+"изменениÑ, в Ñлучае еÑли команда не запущена Ñуперпользователем."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (Ñтрока)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+"Этим параметром определÑÑŽÑ‚ÑÑ Ñ‡Ð°Ñти Ð¿Ð¾Ð»Ñ <emphasis remap=\"I\">gecos</"
+"emphasis> в файле <filename>/etc/passwd</filename>, которые могут изменÑÑ‚ÑŒ "
+"обычные пользователи Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ программы <command>chfn</command>. Строка "
+"может Ñодержать любую комбинацию букв <replaceable>f</replaceable>, "
+"<replaceable>r</replaceable>, <replaceable>w</replaceable>, <replaceable>h</"
+"replaceable> Ð´Ð»Ñ Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð¿Ð¾Ð»Ð½Ð¾Ð³Ð¾ имени пользователÑ, номера комнаты, "
+"рабочего и домашнего телефона, ÑоответÑтвенно. Ð”Ð»Ñ ÑовмеÑтимоÑти значение "
+"<replaceable>yes</replaceable> Ñквивалентно <replaceable>rwh</replaceable> и "
+"<replaceable>no</replaceable> Ñквивалентно <replaceable>frwh</replaceable>. "
+"ЕÑли ничего не задано, то только Ñуперпользователь может выполнÑÑ‚ÑŒ любые "
+"изменениÑ. Ðаиболее Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡Ð¸Ñ‚ÐµÐ»ÑŒÐ½Ð°Ñ Ð½Ð°Ñтройка доÑтигаетÑÑ ÑнÑтием SUID бита "
+"Ñ Ñ„Ð°Ð¹Ð»Ð° <filename>chfn</filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (логичеÑкий)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"ЕÑли равно <replaceable>yes</replaceable>, то программа <command>chsh</"
+"command> будет проводить аутентификацию перед тем как выполнить любые "
+"изменениÑ, в Ñлучае еÑли команда не запущены Ñуперпользователем."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (чиÑло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Символ ERASE у терминала (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+"Значение может начинатьÑÑ Ñ Â«0» при указании Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð² воÑьмеричной ÑиÑтеме "
+"ÑчиÑÐ»ÐµÐ½Ð¸Ñ Ð¸Ð»Ð¸ «0x» при указании Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð² шеÑтнадцатеричной ÑиÑтеме "
+"ÑчиÑлениÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (чиÑло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr "Задержка в Ñекундах перед повторной попыткой поÑле неудачного входа."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (логичеÑкий)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+"Включить протоколирование и показ информации о неудачных входах из "
+"<filename>/var/log/faillog</filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (Ñтрока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"ЕÑли уÑтановлена, то программа <command>login</command> запуÑтит указанную "
+"оболочку вмеÑто пользовательÑкой оболочки заданной в <filename>/etc/passwd</"
+"filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (Ñтрока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+"ЕÑли определена, то неудачные попытки входа будут протоколироватьÑÑ Ð² Ñтот "
+"файл в формате utmp."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (Ñтрока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+"ЕÑли определена, то Ñтот файл может заблокировать вÑе обычные переговоры "
+"(chatter) при входе. ЕÑли указан полный путь к файлу, то будет включён "
+"Ñокращённый (hushed) режим, еÑли в Ñтом файле указано Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð»Ð¸ "
+"оболочка. ЕÑли указан не полный путь, то будет включён Ñокращённый (hushed) "
+"режим, еÑли файл находитÑÑ Ð² домашнем каталоге пользователÑ."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (Ñтрока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+"ЕÑли определена, то Ñтот файл будет показан перед каждым поÑвлением "
+"Ð¿Ñ€Ð¸Ð³Ð»Ð°ÑˆÐµÐ½Ð¸Ñ Ð½Ð° вход."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (чиÑло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr "Символ KILL у терминала (<replaceable>025</replaceable> = CTRL/U)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (логичеÑкий)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+"Включить протоколирование и показ информации о времени входа из /var/log/"
+"lastlog."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (логичеÑкий)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "Включить протоколирование уÑпешных входов."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (логичеÑкий)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+"Включить показ неизвеÑтных имён пользователей при запиÑи неудачных попыток "
+"входа."
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Замечание: протоколирование неизвеÑтных имён Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¼Ð¾Ð¶ÐµÑ‚ привеÑти к "
+"проблемам Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑтью, еÑли пользователь введёт Ñвой пароль вмеÑто "
+"Ñвоего имени."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (чиÑло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr "МакÑимальное количеÑтво попыток входа при вводе неверного паролÑ."
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"Ðаиболее вероÑтно Ñто значение будет переопределено PAM, так как по "
+"умолчанию в модуле pam_unix определено 3 попытки. Однако, Ñто значение "
+"ÑвлÑетÑÑ Ñ€ÐµÐ·ÐµÑ€Ð²Ð¾Ð¼, еÑли вы иÑпользуете модуль аутентификации, который не "
+"учитывает PAM_MAXTRIES."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (чиÑло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "МакÑимальное Ð²Ñ€ÐµÐ¼Ñ Ð² Ñекундах, отведённое на вход."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (Ñтрока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+"ЕÑли определена, то при входе будет показано «Ñообщение днÑ» из файла Ñо "
+"ÑпиÑком значений, разделённых «:»."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (Ñтрока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+"ЕÑли определена, значение равно имени файла, чьё ÑущеÑтвование запретит вход "
+"Ð´Ð»Ñ Ð½Ðµ Ñуперпользователей. Ð’ файле должно ÑодержатьÑÑ Ñообщение, опиÑывающее "
+"почему запрещён вход."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"Параметры <option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> и "
+"<option>PASS_WARN_AGE</option> иÑпользуютÑÑ Ñ‚Ð¾Ð»ÑŒÐºÐ¾ при Ñоздании учётной "
+"запиÑи. Любые Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ñтих параметров не влиÑÑŽÑ‚ на уже ÑущеÑтвующие "
+"учётные запиÑи."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (логичеÑкий)"
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+"Включить проверку временных ограничений, заданных в <filename>/etc/porttime</"
+"filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (Ñтрока)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (Ñтрока)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+"Права терминала: tty входа будет принадлежать группе <option>TTYGROUP</"
+"option>, а права будут назначены в ÑоответÑтвии Ñ <option>TTYPERM</option>."
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"По умолчанию, терминалом владеет Ð¿ÐµÑ€Ð²Ð¸Ñ‡Ð½Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° пользователÑ, а права "
+"уÑтанавливаютÑÑ Ð² <replaceable>0600</replaceable>."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+"Ð’ <option>TTYGROUP</option> может задаватьÑÑ Ð¸Ð»Ð¸ Ð¸Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹, или чиÑловой "
+"идентификатор группы."
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+"ЕÑли ваша программа <command>write</command> имеет «setgid» Ñо Ñпециальной "
+"группой, которой принадлежат терминалы, то приÑвойте TTYGROUP номер Ñтой "
+"группы, а TTYPERM значение 0620. Ð’ противном Ñлучае оÑтавьте TTYGROUP "
+"закомментированной и назначьте TTYPERM значение 622 или 600."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (Ñтрока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+"ЕÑли определена, то в ней указываетÑÑ Ð¸Ð¼Ñ Ñ„Ð°Ð¹Ð»Ð°, в котором опиÑано "
+"ÑоответÑтвие между линией tty и параметром Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ TERM. ÐšÐ°Ð¶Ð´Ð°Ñ Ñтрока "
+"файла имеет формат вида «vt100 tty01»."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (чиÑло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "Значение <command>ulimit</command> по умолчанию."
+
+# type: Content of: <refentry><refsect1><title>
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "ПЕРЕКРÐСТÐЫЕ ССЫЛКИ"
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"Следующие перекрёÑтные ÑÑылки отражают ÑвÑзь между программами и их "
+"параметрам из набора Ð´Ð»Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñ‹ Ñ Ñ‚ÐµÐ½ÐµÐ²Ñ‹Ð¼Ð¸ паролÑми."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:393(para)
+#, fuzzy
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:474(para)
+#, fuzzy
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN "
+"UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK "
+"USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"БольшинÑтво функций теневых паролей теперь реализовано через PAM. ПоÑтому, "
+"файл <filename>/etc/login.defs</filename> больше не иÑпользуетÑÑ Ð¿Ñ€Ð¾Ð³Ñ€Ð°Ð¼Ð¼Ð°Ð¼Ð¸ "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> и "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>. ÐаÑтройку данных программ Ñледует выполнÑÑ‚ÑŒ в ÑоответÑтвующих "
+"файлах наÑтройки PAM."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "файл ÐºÐ¾Ð½Ñ‚Ñ€Ð¾Ð»Ñ Ð´Ð¾Ñтупа в ÑиÑтему"
+
+# type: Content of: <refentry><refsect1><para>
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+"Ð’ файле <emphasis remap=\"I\">login.access</emphasis> определÑÑŽÑ‚ÑÑ "
+"комбинации (пользователь, узел) и/или (пользователь, терминал), которым "
+"будет разрешён или запрещён вход в ÑиÑтему."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+"Когда кто-то пытаетÑÑ Ð²Ð¾Ð¹Ñ‚Ð¸ в ÑиÑтему выполнÑетÑÑ Ñканирование файла "
+"<emphasis remap=\"I\">login.access</emphasis> в поиÑках первой Ñовпадающей "
+"запиÑи (пользователь, узел), или в Ñлучае не Ñетевого входа, первой "
+"Ñовпадающей запиÑи (пользователь, терминал). Из найденной запиÑи выбираетÑÑ "
+"поле прав доÑтупа, по которому определÑетÑÑ Ñ€Ð°Ð·Ñ€ÐµÑˆÐ°Ñ‚ÑŒ ли данной учётной "
+"запиÑи вход в ÑиÑтему или нет."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"ÐšÐ°Ð¶Ð´Ð°Ñ Ñтрока таблицы ÐºÐ¾Ð½Ñ‚Ñ€Ð¾Ð»Ñ Ð´Ð¾Ñтупа в ÑиÑтему ÑоÑтоит из трёх полей "
+"разделённых Ñимволом «:» и выглÑдит так:"
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">права_доÑтупа</emphasis>:<emphasis remap=\"I"
+"\">пользователи</emphasis>:<emphasis remap=\"I\">иÑточники</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+"Первое поле должно Ñодержать Ñимвол «<emphasis>+</emphasis>» (доÑтуп "
+"разрешён) или «<emphasis>-</emphasis>» (доÑтуп запрещён). Второе поле должно "
+"Ñодержать Ð¸Ð¼Ñ Ð¾Ð´Ð½Ð¾Ð¹ или более учётных запиÑей, имена групп или "
+"<emphasis>ALL</emphasis> (вÑегда Ñовпадает). Третье поле должно Ñодержать "
+"одно или неÑкольких имён терминалов (Ð´Ð»Ñ Ð´Ð¾Ñтупа не из Ñети), имена узлов, "
+"доменных имён (начинаютÑÑ Ñ Â«<literal>.</literal>»), адреÑа узлов, адреÑа "
+"подÑетей (заканчиваютÑÑ Ð½Ð° «<literal>.</literal>»), <emphasis>ALL</emphasis> "
+"(вÑегда Ñовпадает) или <emphasis>LOCAL</emphasis> (Ð»ÑŽÐ±Ð°Ñ Ñтрока, не "
+"ÑÐ¾Ð´ÐµÑ€Ð¶Ð°Ñ‰Ð°Ñ Ñимвола «<literal>.</literal>»). ЕÑли иÑпользуетÑÑ NIS, то также "
+"можно иÑпользовать @имÑ_Ñетевой_группы в шаблонах узлов или именах "
+"пользователей."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+"Оператор <emphasis>EXCEPT</emphasis> помогает в напиÑании компактных правил."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+"ПоиÑк в файле групп производитÑÑ Ñ‚Ð¾Ð»ÑŒÐºÐ¾ когда Ð¸Ð¼Ñ Ð½Ðµ Ñовпадает Ñ "
+"региÑтрирующимÑÑ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÐµÐ¼. РаÑÑматриваютÑÑ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ только Ñ Ñвно "
+"пропиÑанными в них пользователÑми: программа не принимает во внимание "
+"значение первичной группы пользователÑ."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "начинает ÑÐµÐ°Ð½Ñ Ð² ÑиÑтеме"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "узел"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ПЕРЕМЕÐÐÐЯ_ОКРУЖЕÐИЯ=ЗÐÐЧЕÐИЕ"
+
+# type: Content of: <refentry><refsect1><para><option>
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+"Программа <command>login</command> иÑпользуетÑÑ Ð´Ð»Ñ Ð·Ð°Ð¿ÑƒÑка нового ÑеанÑа в "
+"ÑиÑтеме. Как правило, Ñта программа вызываетÑÑ Ð°Ð²Ñ‚Ð¾Ð¼Ð°Ñ‚Ð¸Ñ‡ÐµÑки и выводит "
+"приглашение <emphasis remap=\"I\">login:</emphasis> на терминал "
+"пользователÑ. Программа <command>login</command> может воÑприниматьÑÑ "
+"оболочкой командной Ñтроки не как проÑÑ‚Ð°Ñ Ð¿Ñ€Ð¾Ð³Ñ€Ð°Ð¼Ð¼Ð° и вызыватьÑÑ Ð½Ðµ как "
+"подпроцеÑÑ. При вызове из оболочки <command>login</command> должна "
+"запуÑкатьÑÑ Ð¿Ð¾ÑредÑтвом вызова <emphasis remap=\"B\">exec login</emphasis>, "
+"что приводит к завершению работы Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² текущей оболочке (и, таким "
+"образом, вновь входÑщий в ÑиÑтему пользователь не попадёт в ÑÐµÐ°Ð½Ñ "
+"вызвавшего). Попытка запуÑтить <command>login</command> из любой оболочки, "
+"отличной от региÑтрационной, приводит к Ñообщению об ошибке."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+"Ð’ какой-то момент Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¿Ð¾Ð¿Ñ€Ð¾ÑÑÑ‚ ввеÑти Ñвой пароль. Чтобы не "
+"допуÑтить раÑкрытиÑ, Ñимволы при вводе Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð½Ðµ отображаютÑÑ. Разрешено "
+"очень маленькое количеÑтво попыток ввода неправильного паролÑ, перед тем как "
+"<command>login</command> закончит работу и прервёт подключение."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+"ЕÑли включён механизм уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи, то перед входом в "
+"ÑиÑтему может потребоватьÑÑ Ñмена паролÑ. Ð”Ð»Ñ Ñтого нужно ввеÑти Ñтарый "
+"пароль и новый пароль. Подробней об Ñтом напиÑано в "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+"ПоÑле уÑпешного входа в ÑиÑтему, будут показаны ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ñ‚ ÑиÑтемы и о "
+"наличии почты. Можно отключить вывод файла ÑиÑтемных Ñообщений из файла "
+"<filename>/etc/motd</filename>, Ñоздав в домашнем каталоге файл нулевой "
+"длины Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ <filename>.hushlogin</filename>. Сообщение о наличии почты "
+"может быть одним из: «<emphasis>У Ð²Ð°Ñ ÐµÑÑ‚ÑŒ Ð½Ð¾Ð²Ð°Ñ Ð¿Ð¾Ñ‡Ñ‚Ð°.</emphasis>», "
+"«<emphasis>У Ð²Ð°Ñ ÐµÑÑ‚ÑŒ почта.</emphasis>» или «<emphasis>У Ð²Ð°Ñ Ð½ÐµÑ‚ почты.</"
+"emphasis>», в завиÑимоÑти от наполненноÑти почтового Ñщика."
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+"Значение идентификатора учётной запиÑи и группы будет взÑто из файла "
+"<filename>/etc/passwd</filename>. Ð—Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ñ‹Ñ… <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar> и "
+"<envar>$MAIL</envar> уÑтанавливаютÑÑ ÑоглаÑно ÑоответÑтвующим полÑм учётной "
+"запиÑи пользователÑ. Также могут быть уÑтановлены Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ ulimit, umask и "
+"nice из Ð¿Ð¾Ð»Ñ GECOS."
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+"Ð’ некоторых ÑиÑтемах переменной Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ <envar>$TERM</envar> будет "
+"приÑвоен тип терминала линии tty, ÑоглаÑно данным из файла <filename>/etc/"
+"ttytype</filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"Также может быть выполнен Ñценарий инициализации пользовательÑкого "
+"интерпретатора команд. Подробней об Ñтой функции Ñмотрите ÑоответÑтвующую "
+"Ñправочную Ñтраницу."
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+"Программа <command>login</command> ÐЕ удалÑет запиÑи о пользователÑÑ… из "
+"файла utmp. Эта задача программ <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> и "
+"<citerefentry><refentrytitle>init</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> — удалÑÑ‚ÑŒ запиÑи о владельце терминального ÑеанÑа. ЕÑли "
+"<command>login</command> запуÑкаетÑÑ Ð¸Ð· командной Ñтроки без <command>exec</"
+"command>, то пользователь продолжает находитьÑÑ Ð² ÑиÑтеме даже поÑле "
+"Ð·Ð°Ð²ÐµÑ€ÑˆÐµÐ½Ð¸Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñ‹ в «порождённом ÑеанÑе»."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "Ðе выполнÑÑ‚ÑŒ аутентификацию, пользователь уже прошёл проверку."
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+"Замечание: в Ñтом Ñлучае <replaceable>имÑ_пользователÑ</replaceable> "
+"обÑзательно."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Ð˜Ð¼Ñ ÑƒÐ´Ð°Ð»Ñ‘Ð½Ð½Ð¾Ð³Ð¾ узла, на который нужно войти."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Сохранить окружение."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "Выполнить протокол autologin Ð´Ð»Ñ rlogin."
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Параметры <option>-r</option>, <option>-h</option> и <option>-f</option> "
+"иÑпользуютÑÑ Ñ‚Ð¾Ð»ÑŒÐºÐ¾ еÑли <command>login</command> запуÑкаетÑÑ "
+"Ñуперпользователем."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Ð”Ð°Ð½Ð½Ð°Ñ Ð²ÐµÑ€ÑÐ¸Ñ <command>login</command> может быть Ñобрана Ñ Ñ€Ð°Ð·Ð½Ñ‹Ð¼Ð¸ "
+"параметрами и только некоторые из них Ñмогут быть иÑпользованы на любой "
+"машине."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr "РаÑположение файлов может отличатьÑÑ Ð½Ð° разных ÑиÑтемах."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+"Как и Ð´Ð»Ñ Ð»ÑŽÐ±Ð¾Ð¹ программы, запуÑк <command>login</command> может быть "
+"подделан. ЕÑли неуполномоченные пользователи имеют физичеÑкий доÑтуп к "
+"машине, то атакующий может иÑпользовать Ñто Ð´Ð»Ñ Ð¿Ð¾Ð»ÑƒÑ‡ÐµÐ½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ñледующего "
+"человека, который будет работать за машиной. Под Linux пользователи могут "
+"иÑпользовать механизм SAK Ð´Ð»Ñ ÑƒÑÑ‚Ð°Ð½Ð¾Ð²Ð»ÐµÐ½Ð¸Ñ Ð´Ð¾Ñтоверного пути и таким образом "
+"Ð¿Ñ€ÐµÐ´Ð¾Ñ‚Ð²Ñ€Ð°Ñ‰ÐµÐ½Ð¸Ñ Ð°Ñ‚Ð°ÐºÐ¸."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Ñодержит ÑпиÑок завершённых ÑеанÑов работы Ñ ÑиÑтемой"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "Ñодержит ÑиÑтемные ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð·Ð° день"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr ""
+"при ÑущеÑтвовании файла блокируетÑÑ Ð´Ð¾Ñтуп в ÑиÑтему обычным пользователÑм"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "Ñодержит ÑпиÑок типов терминалов"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr ""
+"при ÑущеÑтвовании файла ÑиÑтемные ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¿Ñ€Ð¸ входе в ÑиÑтему не выводÑÑ‚ÑÑ"
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "файл ÐºÐ¾Ð½Ñ‚Ñ€Ð¾Ð»Ñ Ñ€ÐµÑурÑов"
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+"В файле <emphasis remap=\"I\">limits</emphasis> (по умолчанию <filename>/etc/"
+"limits</filename> или определÑетÑÑ Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸ÐµÐ¼ LIMITS_FILE в файле "
+"<filename>config.h</filename>) опиÑываютÑÑ Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ, которые можно "
+"изменÑÑ‚ÑŒ. Этот файл должен принадлежать Ñуперпользователю и право на чтение "
+"должно быть только у ÑуперпользователÑ."
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+"По умолчанию ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ «root» ничем не ограничена. ФактичеÑки, никак "
+"Ð½ÐµÐ»ÑŒÐ·Ñ ÑƒÑтановить Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ Ñтой процедуры на учётные запиÑи, "
+"имеющие права ÑÑƒÐ¿ÐµÑ€Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ (учётные запиÑи Ñ UID равным 0)."
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr "ÐšÐ°Ð¶Ð´Ð°Ñ Ñтрока опиÑывает ограничение Ð´Ð»Ñ Ð¾Ð´Ð½Ð¾Ð³Ð¾ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð¼ÐµÐµÑ‚ вид:"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "user СТРОКÐ_ОГРÐÐИЧЕÐИЙ"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "или в виде:"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@group СТРОКÐ_ОГРÐÐИЧЕÐИЙ"
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"<emphasis>СТРОКÐ_ОГРÐÐИЧЕÐИЙ</emphasis> — Ñто Ñтрока, в которой указаны "
+"Ñразу неÑколько ограничений. Каждое ограничение ÑоÑтоит из буквенного "
+"идентификатора и чиÑлового значениÑ."
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "ДопуÑтимые идентификаторы:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A: макÑимальное адреÑное проÑтранÑтво (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr "C: макÑимальный размер файла core (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D: макÑимальный размер данных (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F: макÑимальный размер файла (КБ)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K: маÑка Ñоздаваемых файлов, уÑтанавливаетÑÑ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ вызова "
+"<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></"
+"citerefentry>."
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+"I: макÑимальное значение уÑтупчивоÑти (nice) (0..39, преобразуемые в 20..-19)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr ""
+"L: макÑимальное чиÑло возможных региÑтраций в ÑиÑтеме Ñтого пользователÑ"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr "M: макÑимальное Ñинхронизируемое адреÑное проÑтранÑтво памÑти (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N: макÑимальное чиÑло открытых файлов"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O: макÑимальный приоритет реального времени"
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P: приоритет процеÑÑа, уÑтанавливаетÑÑ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ вызова "
+"<citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr "R: макÑимальный размер резидентного Ñегмента (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S: макÑимальный размер Ñтека (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T: макÑимальное Ð²Ñ€ÐµÐ¼Ñ Ð¸ÑÐ¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ñ€Ð¾Ñ†ÐµÑÑора (минут)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U: макÑимальное чиÑло процеÑÑов"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"Ðапример, значение <emphasis remap=\"I\">L2D2048N5</emphasis> допуÑтимо Ð´Ð»Ñ "
+"<emphasis>СТРОКИ_ОГРÐÐИЧЕÐИЙ</emphasis>. Ð”Ð»Ñ ÑƒÐ´Ð¾Ð±Ñтва чтениÑ, Ñледующие "
+"запиÑи Ñквивалентны:"
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+msgstr ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:145(para)
+#, fuzzy
+#| msgid ""
+#| "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+#| "the line is considered a limit string, thus comments are not allowed. A "
+#| "invalid limits string will be rejected (not considered) by the "
+#| "<command>login</command> program."
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+"Заметим, что поÑле <emphasis remap=\"I\">username</emphasis> оÑтавшаÑÑÑ "
+"чаÑÑ‚ÑŒ Ñтроки ÑчитаетÑÑ Ñтрокой ограничений, поÑтому комментарии недопуÑтимы. "
+"ÐÐµÐ¿Ñ€Ð°Ð²Ð¸Ð»ÑŒÐ½Ð°Ñ Ñтрока ограничений будет отброшена (не учтена) программой "
+"<command>login</command>."
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+"ЗапиÑÑŒ по умолчанию выглÑдит как username \"<emphasis>*</emphasis>\". ЕÑли у "
+"Ð²Ð°Ñ ÐµÑÑ‚ÑŒ неÑколько запиÑей <emphasis remap=\"I\">по умолчанию</emphasis> в "
+"файле <emphasis>LIMITS_FILE</emphasis>, то будет иÑпользоватьÑÑ Ð¿Ð¾ÑледнÑÑ."
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"ОграничениÑ, задаваемые в виде «<replaceable>@group</replaceable>», "
+"применÑÑŽÑ‚ÑÑ Ðº членам указанной группы <replaceable>group</replaceable>."
+
+#: limits.5.xml:165(para)
+#, fuzzy
+#| msgid ""
+#| "If more than one line with limits for an user exist, only the first line "
+#| "for this user will be considered."
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"ЕÑли Ð´Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ ÐµÑÑ‚ÑŒ более одной Ñтроки ограничений, то учитываетÑÑ "
+"только Ð¿ÐµÑ€Ð²Ð°Ñ Ñтрока."
+
+#: limits.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "If no lines are specified for an user, the last <replaceable>@group</"
+#| "replaceable> line matching a group whose the user is a member of will be "
+#| "considered, or the last line with default limits if no groups contain the "
+#| "user."
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+"ЕÑли Ð´Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð½Ðµ указано ни одной Ñтроки, то учитываетÑÑ Ð¿Ð¾ÑледнÑÑ "
+"Ñтрока <replaceable>@group</replaceable> Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð¾Ð¹, в которую входит "
+"пользователь, или поÑледнÑÑ Ñтрока Ñ Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñми по умолчанию, еÑли не "
+"указано групп, в которые входит пользователь."
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+"Чтобы полноÑтью ÑнÑÑ‚ÑŒ Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ, иÑпользуетÑÑ Ð¾Ð´Ð¸Ð½Ð¾Ñ‡Ð½Ð¾Ðµ "
+"тире «<emphasis>-</emphasis>»."
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+"Чтобы ÑнÑÑ‚ÑŒ ограничение Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ, вмеÑто чиÑлового Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ "
+"Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ Ð¼Ð¾Ð¶Ð½Ð¾ иÑпользовать одиночное тире «<emphasis>-</emphasis>»."
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+"Также заметьте, что вÑе наÑтройки ограничений делаютÑÑ Ð”Ð›Ð¯ КОÐКРЕТÐОЙ "
+"УЧÐТÐОЙ ЗÐПИСИ. Они не ÑвлÑÑŽÑ‚ÑÑ Ð³Ð»Ð¾Ð±Ð°Ð»ÑŒÐ½Ñ‹Ð¼Ð¸ и не поÑтоÑнны. Возможно "
+"глобальные Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ Ð¸ поÑвÑÑ‚ÑÑ, но пока Ñто только в планах ;)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+"выводит отчёт о поÑледней региÑтрации в ÑиÑтеме вÑех или указанного "
+"пользователÑ"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"Программа <command>lastlog</command> упорÑдочивает и выводит Ñодержимое "
+"файла <filename>/var/log/lastlog</filename>, который Ñодержит даты "
+"поÑледнего входа пользователей в ÑиÑтему. ВыводÑÑ‚ÑÑ <emphasis>Ð¸Ð¼Ñ "
+"пользователÑ</emphasis>, <emphasis>порт</emphasis> и <emphasis>дата "
+"поÑледнего входа в ÑиÑтему</emphasis>. По умолчанию (вызов без параметров) "
+"показываютÑÑ Ð·Ð°Ð¿Ð¸Ñи файла lastlog, отÑортированные ÑоглаÑно раÑположению "
+"пользователей в файле <filename>/etc/passwd</filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr "Параметры команды <command>lastlog</command>:"
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>ДÐЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"Показать запиÑи lastlog за поÑледние <emphasis remap=\"I\">ДÐЕЙ</emphasis>."
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "This option is only valid in combination with the <option>-d</option> (or "
+#| "<option>--home</option>) option."
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+"Этот параметр можно иÑпользовать только Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-d</option> "
+"(или <option>--home</option>)."
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>ДÐЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"Показать запиÑи lastlog новее чем <emphasis remap=\"I\">ДÐЕЙ</emphasis>."
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>УЧÐТÐÐЯ "
+"ЗÐПИСЬ</replaceable>|<replaceable>ДИÐПÐЗОÐ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr "Показать запиÑÑŒ lastlog только Ð´Ð»Ñ ÑƒÐºÐ°Ð·Ð°Ð½Ð½Ð¾Ð³Ð¾ пользователÑ(ей)."
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+"ÐŸÐ¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¼Ð¾Ð¶Ð½Ð¾ указать по отдельному имени, чиÑловому идентификатору или "
+"в виде <replaceable>ДИÐПÐЗОÐÐ</replaceable> пользователей. Такой "
+"<replaceable>ДИÐПÐЗОÐ</replaceable> можно задавать в виде макÑимального и "
+"минимального значений(<replaceable>UID_МИÐ-UID_ÐœÐКС</replaceable>), "
+"макÑимального (<replaceable>-UID_ÐœÐКС</replaceable>) или минимального "
+"(<replaceable>UID_МИÐ-</replaceable>) значениÑ."
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"ЕÑли пользователь никогда не региÑтрировалÑÑ Ð² ÑиÑтеме, то будет показано "
+"Ñообщение <emphasis>** Ðикогда не входил в ÑиÑтему**</emphasis> вмеÑто "
+"Ð½Ð°Ð·Ð²Ð°Ð½Ð¸Ñ Ð¿Ð¾Ñ€Ñ‚Ð° и даты."
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+"Будут показаны запиÑи только Ð´Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÐµÐ¹, имеющих в ÑиÑтеме данный "
+"момент. Ð’ журнале могут ÑущеÑтвовать запиÑи Ð´Ð»Ñ ÑƒÐ´Ð°Ð»Ñ‘Ð½Ð½Ñ‹Ñ… ранее "
+"пользователей."
+
+# type: Content of: <refentry><refsect1><title>
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "ЗÐМЕЧÐÐИЕ"
+
+# type: Content of: <refentry><refsect1><para>
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Файл <filename>lastlog</filename> Ñодержит информацию о поÑледней "
+"региÑтрации в ÑиÑтеме каждого пользователÑ. Ð’Ñ‹ не должны применÑÑ‚ÑŒ к нему "
+"ротацию журнальных файлов. Этот файл ÑвлÑетÑÑ Ñ€Ð°Ð·Ñ€ÐµÐ¶ÐµÐ½Ð½Ñ‹Ð¼, поÑтому его "
+"размер на диÑке гораздо меньше, чем показывает команда «<command>ls -l</"
+"command>» (ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð¼Ð¾Ð¶ÐµÑ‚ показывать, что Ñто очень большой файл, еÑли "
+"Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð¾Ð² пользователей в ÑиÑтеме доÑтигают больших "
+"значений). Чтобы увидеть реальный размер введите «<command>ls -s</command>»."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "Ñодержит ÑпиÑок завершённых ÑеанÑов работы Ñ ÑиÑтемой"
+
+# type: Content of: <refentry><refsect1><para>
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"Большие промежутки в значениÑÑ… идентификаторов пользователей приводÑÑ‚ к "
+"тому, что программа некоторое Ð²Ñ€ÐµÐ¼Ñ Ð½Ð¸Ñ‡ÐµÐ³Ð¾ не выводит на Ñкран (то еÑÑ‚ÑŒ, "
+"еÑли в базе данных lastlog нет пользователей Ñ Ð¸Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€Ð°Ð¼Ð¸ Ñ 170 по "
+"800, то во Ð²Ñ€ÐµÐ¼Ñ Ð¾Ð±Ñ€Ð°Ð±Ð¾Ñ‚ÐºÐ¸ UID Ñ 171 по 799 программа кажетÑÑ Ð¿Ð¾Ð²Ð¸Ñшей)."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "файл Ñ Ð·Ð°Ñ‰Ð¸Ñ‰Ð°ÐµÐ¼Ð¾Ð¹ информацией о группах"
+
+# type: Content of: <refentry><refsect1><para>
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"Файл <filename>/etc/gshadow</filename> Ñодержит защищаемую информацию о "
+"группах."
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+"ÐšÐ°Ð¶Ð´Ð°Ñ Ñтрока файла Ñодержит полÑ, отделёнными друг от друга двоеточием:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "Ð¸Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "Должно Ñодержать правильное Ð¸Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ ÑущеÑтвует в ÑиÑтеме."
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"ЕÑли поле Ð¿Ð°Ñ€Ð¾Ð»Ñ Ñодержит Ñтроку, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð½Ðµ удовлетворÑет требованиÑм "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, например Ñодержит ! или *, то пользователь не Ñможет "
+"иÑпользовать пароль unix Ð´Ð»Ñ Ð´Ð¾Ñтупа в группу (а члену группы пароль не "
+"нужен)."
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The password is used when an user who is not a member of the group wants "
+#| "to gain the permissions of this group (see "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>)."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Пароль иÑпользуетÑÑ, еÑли пользователю, не ÑвлÑющему членом группы, "
+"требуютÑÑ Ð¿Ñ€Ð°Ð²Ð° Ñтой группы (Ñмотрите <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+"Это поле может быть пуÑтым; в Ñтом Ñлучае только члены группы могут "
+"пользоватьÑÑ Ð¿Ñ€Ð°Ð²Ð°Ð¼Ð¸ группы."
+
+# type: Content of: <refentry><refsect1><para>
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+"Данный пароль заменÑет любой пароль, указанный в файле <filename>/etc/group</"
+"filename>."
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "админиÑтраторы"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "СпиÑок имён пользователей, перечиÑленных через запÑтую."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr "ÐдминиÑтраторы могут менÑÑ‚ÑŒ пароль или членÑтво в группе."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"ÐдминиÑтраторы также имеют те же права, что и члены группы (Ñмотрите далее)."
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "члены"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr "Члены могут иметь доÑтуп к группе без ввода паролÑ."
+
+# type: Content of: <refentry><refsect1><para>
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Ð’Ñ‹ должны иÑпользовать тот же ÑпиÑок пользователей что и в <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "проверÑет корректноÑÑ‚ÑŒ файлов групп"
+
+# type: Content of: <refentry><refsect1><para>
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+"Программа <command>grpck</command> проверÑет целоÑтноÑÑ‚ÑŒ информации о "
+"группах в ÑиÑтеме. ПроверÑÑŽÑ‚ÑÑ Ñ„Ð¾Ñ€Ð¼Ð°Ñ‚ и правильноÑÑ‚ÑŒ данных вÑех запиÑей в "
+"файлах <filename>/etc/group</filename> и <filename>/etc/gshadow</filename>. "
+"Ð’ Ñлучае Ð¾Ð±Ð½Ð°Ñ€ÑƒÐ¶ÐµÐ½Ð¸Ñ Ð¾ÑˆÐ¸Ð±Ð¾Ðº пользователю предлагаетÑÑ Ð¿Ð¾Ð´Ñ‚Ð²ÐµÑ€Ð´Ð¸Ñ‚ÑŒ удаление "
+"запиÑей, имеющих неверный формат или воÑÑтановление которых невозможно."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "уникальноÑÑ‚ÑŒ и корректноÑÑ‚ÑŒ имени группы"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"корректноÑÑ‚ÑŒ идентификатора группы <phrase condition=\"gshadow\"> (только "
+"Ð´Ð»Ñ <filename>/etc/group</filename>)</phrase>"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+"корректноÑÑ‚ÑŒ ÑпиÑка членов <phrase condition=\"gshadow\">и админиÑтраторов</"
+"phrase>"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+"ÑоответÑтвие запиÑи в файле <filename>/etc/gshadow</filename> (и <filename>/"
+"etc/group</filename> при проверках <filename>gshadow</filename>)"
+
+# type: Content of: <refentry><refsect1><para>
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+"Ошибки в количеÑтве полей и уникальноÑти имён групп невоÑÑтановимы. ЕÑли "
+"запиÑÑŒ Ñодержит неверное чиÑло полей, Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¿Ð¾Ð¿Ñ€Ð¾ÑÑÑ‚ подтвердить "
+"удаление вÑей Ñтроки. ЕÑли пользователь ответит отрицательно, Ð´Ð°Ð»ÑŒÐ½ÐµÐ¹ÑˆÐ°Ñ "
+"проверка выполнÑÑ‚ÑŒÑÑ Ð½Ðµ будет. При ошибке Ð¿Ð¾Ð²Ñ‚Ð¾Ñ€ÐµÐ½Ð¸Ñ Ð¸Ð¼ÐµÐ½Ð¸ группы также "
+"возникает Ð·Ð°Ð¿Ñ€Ð¾Ñ Ð½Ð° удаление, но в Ñлучае отказа проверка будет продолжена. "
+"Обо вÑех оÑтальных ошибках выводитÑÑ Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ðµ и пользователю "
+"предлагаетÑÑ Ð·Ð°Ð¿ÑƒÑтить команду <command>groupmod</command>, чтобы иÑправить "
+"ошибку."
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+"Команды, которые работают Ñ Ñ„Ð°Ð¹Ð»Ð¾Ð¼ <filename>/etc/group</filename> <phrase "
+"condition=\"gshadow\"> и <filename>/etc/gshadow</filename></phrase>, не "
+"ÑпоÑобны изменить повреждённые или дублирующиеÑÑ Ð·Ð°Ð¿Ð¸Ñи. Ð’ Ñтом Ñлучае нужно "
+"иÑпользовать <command>grpck</command> Ð´Ð»Ñ ÑƒÐ´Ð°Ð»ÐµÐ½Ð¸Ñ Ð¸Ñпорченной запиÑи."
+
+# type: Content of: <refentry><refsect1><para>
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "Параметры команды <command>grpck</command>:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+"ЗапуÑкать команду <command>grpck</command> в режиме только Ð´Ð»Ñ Ñ‡Ñ‚ÐµÐ½Ð¸Ñ. При "
+"Ñтом на вÑе вопроÑÑ‹ об изменениÑÑ… уÑтанавливаетÑÑ Ð¾Ñ‚Ð²ÐµÑ‚ <emphasis>нет</"
+"emphasis> и учаÑтие Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð½Ðµ требуетÑÑ."
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"ОтÑортировать вÑе запиÑи в файле <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\">и <filename>/etc/gshadow</filename></phrase> по "
+"чиÑловому идентификатору группы (GID)."
+
+#: grpck.8.xml:196(para)
+#, fuzzy
+#| msgid ""
+#| "By default, <command>grpck</command> operates on <filename>/etc/group</"
+#| "filename><phrase condition=\"gshadow\"> and <filename>/etc/gshadow</"
+#| "filename></phrase>. The user may select alternate files with the "
+#| "<emphasis remap=\"I\">group</emphasis><phrase condition=\"no_gshadow"
+#| "\">parameter.</phrase><phrase condition=\"gshadow\">and <emphasis remap="
+#| "\"I\">shadow</emphasis> parameters.</phrase>"
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"По умолчанию, команда <command>grpck</command> работает Ñ Ñ„Ð°Ð¹Ð»Ð¾Ð¼ <filename>/"
+"etc/group</filename> <phrase condition=\"gshadow\"> и <filename>/etc/"
+"gshadow</filename></phrase>. Пользователь может указать другие файлы Ñ "
+"помощью параметра <emphasis remap=\"I\">group</emphasis><phrase condition="
+"\"no_gshadow\">.</phrase> <phrase condition=\"gshadow\">и <emphasis remap=\"I"
+"\">shadow</emphasis>.</phrase>"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "еÑÑ‚ÑŒ одна или более неправильных запиÑей групп"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "не удалоÑÑŒ открыть файл групп"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "не удалоÑÑŒ заблокировать файл групп"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "не удалоÑÑŒ изменить файл групп"
+
+# type: Content of: <refentry><refsect1><para>
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Команда <command>grpck</command> Ð·Ð°Ð²ÐµÑ€ÑˆÐ°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñƒ, возвращает Ñледующие "
+"значениÑ: <placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "показывает имена групп запуÑтившего программу пользователÑ"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "имÑ"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+"Команда <command>groups</command> показывает имена групп запуÑтившего "
+"программу Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð»Ð¸ их чиÑловые идентификаторы (ID). ЕÑли Ð´Ð»Ñ Ð½Ð¾Ð¼ÐµÑ€Ð° "
+"группы нет ÑоответÑтвующей запиÑи в файле <filename>/etc/group</filename>, "
+"то отображаетÑÑ Ñ‡Ð¸Ñловое значение. При указании необÑзательного параметра "
+"<emphasis remap=\"I\">имÑ</emphasis> выводÑÑ‚ÑÑ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи Ñ "
+"указанным <emphasis remap=\"I\">именем</emphasis>."
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+"Ð’ ÑиÑтемах, не имеющих поддержки одновременного членÑтва в неÑкольких "
+"группах, иÑпользуетÑÑ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¸Ð· файла <filename>/etc/group</filename>. "
+"Ð”Ð»Ñ Ñмены Ñвоей текущей реальной или Ñффективной группы пользователь должен "
+"иÑпользовать команды <command>newgrp</command> или <command>sg</command>."
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "изменÑет определение группы в ÑиÑтеме"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "ГРУППÐ"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"Команда <command>groupmod</command> изменÑет определение указанной "
+"<replaceable>ГРУППЫ</replaceable>, изменÑÑ ÑоответÑтвующую запиÑÑŒ в базе "
+"данных групп."
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr "Параметры команды <command>groupmod</command>:"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"Ð˜Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ будет изменено Ñ <replaceable>ГРУППÐ</replaceable> на "
+"<replaceable>GID</replaceable>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"ДеÑÑтичное значение <replaceable>GID</replaceable> должно быть "
+"неотрицательным. Это значение должно быть уникальным, еÑли не указан "
+"параметр <option>-o</option>."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"У пользователей, которых Ñта группа ÑвлÑетÑÑ Ð¿ÐµÑ€Ð²Ð¸Ñ‡Ð½Ð¾Ð¹, будет выполнено "
+"ÑоответÑтвующее обновление."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+"У вÑех файлов, которые имеют ID Ñтарой группы и должны продолжать "
+"принадлежать <replaceable>GROUP</replaceable>, нужно изменить их ID вручную."
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Ðикаких проверок по <option>GID_MIN</option>, <option>GID_MAX</option>, "
+"<option>SYS_GID_MIN</option> или <option>SYS_GID_MAX</option> из <filename>/"
+"etc/login.defs</filename> не производитÑÑ."
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>ÐОВÐЯ_ГРУППÐ</replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Ð˜Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ будет изменено Ñ <emphasis remap=\"I\">ГРУППÐ</emphasis> на "
+"<emphasis remap=\"I\">ÐОВÐЯ_ГРУППÐ</emphasis>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"При иÑпользовании Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-g</option> разрешаетÑÑ Ð¸Ð·Ð¼ÐµÐ½ÑÑ‚ÑŒ "
+"<replaceable>GID</replaceable> группы не уникальным значением."
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "такое Ð¸Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ уже иÑпользуетÑÑ"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Команда <command>groupmod</command> Ð·Ð°Ð²ÐµÑ€ÑˆÐ°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñƒ, возвращает Ñледующие "
+"значениÑ: <placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "управлÑет членами первичной группы пользователÑ"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "имÑ_пользователÑ"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "имÑ_группы"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+"Программа <command>groupmems</command> позволÑет пользователю управлÑÑ‚ÑŒ "
+"ÑпиÑком членов Ñвоей группы не Ð¸Ð¼ÐµÑ Ð¿Ñ€Ð¸Ð²Ð¸Ð»ÐµÐ³Ð¸Ð¹ ÑуперпользователÑ. Программа "
+"<command>groupmems</command> работает в ÑиÑтемах, где в качеÑтве первичной "
+"группы Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ ÑвлÑетÑÑ Ð³Ñ€ÑƒÐ¿Ð¿Ð° Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ Ñовпадающим Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ "
+"Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ (то еÑÑ‚ÑŒ, guest / guest)."
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Только Ñуперпользователь как админиÑтратор может иÑпользовать "
+"<command>groupmems</command>, чтобы изменить ÑпиÑок членов не Ñвоей группы."
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr "Параметры команды <command>groupmems</command>:"
+
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;"
+"<replaceable>имÑ_пользователÑ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Добавить нового Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² группу."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"ЕÑли ÑущеÑтвует файл <filename>/etc/gshadow</filename> и запиÑи о группе нет "
+"в файле <filename>/etc/gshadow</filename>, то будет Ñоздана Ð½Ð¾Ð²Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ."
+
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>имÑ_пользователÑ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Удалить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð· группы."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"ЕÑли ÑущеÑтвует файл <filename>/etc/gshadow</filename>, то пользователь "
+"будет удалён из ÑпиÑка членов и админиÑтраторов группы."
+
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>имÑ_группы</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+"Суперпользователь может указать группу, в которой нужно изменить ÑпиÑок "
+"членов."
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "Показать ÑпиÑок членов группы."
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "ВычиÑтить вÑех пользователей из ÑпиÑка членов группы."
+
+# type: Content of: <refentry><refsect1><title>
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr "ÐÐСТРОЙКÐ"
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+"ИÑполнÑемый файл программы <command>groupmems</command> должен иметь права "
+"<literal>2770</literal>, принадлежать пользователю <emphasis>root</emphasis> "
+"и группе <emphasis>groups</emphasis>. СиÑтемный админиÑтратор может "
+"добавлÑÑ‚ÑŒ пользователей в группу <emphasis>groups</emphasis>, Ñ€Ð°Ð·Ñ€ÐµÑˆÐ°Ñ Ð¸Ð»Ð¸ "
+"Ð·Ð°Ð¿Ñ€ÐµÑ‰Ð°Ñ Ð¸Ð¼ запуÑкать программу <command>groupmems</command> Ð´Ð»Ñ ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ "
+"членÑтвом в Ñвоей группе."
+
+# type: Content of: <refentry><refsect1><programlisting>
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "Ñодержит защищаемую информацию о группах"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "удалÑет группу"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"Программа <command>groupdel</command> изменÑет ÑиÑтемные файлы учётных "
+"запиÑей, удалÑÑ Ð²Ñе запиÑи, отноÑÑщиеÑÑ Ðº <replaceable>ГРУППЕ</replaceable>. "
+"Группа Ñ Ñ‚Ð°ÐºÐ¸Ð¼ именем должна ÑущеÑтвовать."
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "Параметры команды <command>groupdel</command>:"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Ð’Ñ‹ не можете удалить группу, еÑли она ÑвлÑетÑÑ Ð¿ÐµÑ€Ð²Ð¸Ñ‡Ð½Ð¾Ð¹ Ð´Ð»Ñ ÑущеÑтвующего "
+"пользователÑ. Ð’Ñ‹ должны удалить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¿ÐµÑ€ÐµÐ´ тем как удалÑÑ‚ÑŒ группу."
+
+# type: Content of: <refentry><refsect1><para>
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Ð’Ñ‹ должны вручную проверить вÑе файловые ÑиÑтемы, чтобы убедитьÑÑ, что не "
+"оÑталоÑÑŒ файлов, принадлежащих удалённой группе."
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "не удалоÑÑŒ удалить первичную пользовательÑкую группу"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Программа <command>groupdel</command> Ð·Ð°Ð²ÐµÑ€ÑˆÐ°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñƒ, возвращает Ñледующие "
+"значениÑ: <placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "Ñоздаёт новую группу"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+"Программа <command>groupadd</command> Ñоздаёт новую группу ÑоглаÑно "
+"указанным значениÑм командной Ñтроки и ÑиÑтемным значениÑм по умолчанию. "
+"ÐÐ¾Ð²Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° будет добавлена в ÑиÑтемные файлы."
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "Параметры команды <command>groupadd</command>:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+"Завершить работу и вернуть ÑоÑтоÑние уÑпешного выполнениÑ, еÑли группа уже "
+"ÑущеÑтвует. ЕÑли иÑпользуетÑÑ Ð²Ð¼ÐµÑте Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-g</option> и "
+"указанный GID уже ÑущеÑтвует, то выбираетÑÑ Ð´Ñ€ÑƒÐ³Ð¾Ð¹ (уникальный) GID (то еÑÑ‚ÑŒ "
+"параметр <option>-g</option> игнорируетÑÑ)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"ЧиÑловое значение идентификатора группы (ID). Оно должно быть уникальным, "
+"еÑли не иÑпользуетÑÑ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€ <option>-o</option>. Значение должно быть "
+"неотрицательным. По умолчанию иÑпользуетÑÑ Ð½Ð°Ð¸Ð¼ÐµÐ½ÑŒÑˆÐµÐµ значение ID большее "
+"или равное <option>GID_MIN</option> и большее чем у оÑтальных групп."
+
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Смотрите также опиÑание <option>-r</option> и <option>GID_MAX</option>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Изменить Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию (GID_MIN, GID_MAX и другие), которые хранÑÑ‚ÑÑ "
+"в файле <filename>/etc/login.defs</filename>. Можно указать неÑколько "
+"параметров <option>-K</option>."
+
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Пример: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Замечание: запиÑÑŒ вида <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> пока не работает."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr "Разрешить добавление группы Ñ Ð½Ðµ уникальным GID."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "Создать ÑиÑтемную группу."
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+"ЧиÑловые идентификаторы Ð´Ð»Ñ ÑиÑтемных групп выбираютÑÑ Ð¸Ð· диапазона "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option>, определённых в "
+"<filename>login.defs</filename>, а не из <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Имена групп должны начинатьÑÑ Ñо Ñтрочной буквы или Ñимвола подчёркиваниÑ, и "
+"должны ÑоÑтоÑÑ‚ÑŒ только из Ñтрочных букв, цифр, Ñимволов Ð¿Ð¾Ð´Ñ‡Ñ‘Ñ€ÐºÐ¸Ð²Ð°Ð½Ð¸Ñ Ð¸ "
+"минуÑ. Они могут заканчиватьÑÑ Ð·Ð½Ð°ÐºÐ¾Ð¼ доллара. Это можно опиÑать регулÑрным "
+"выражением: [a-z_][a-z0-9_-]*[$]?"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr "Имена групп могут быть длиной не более &GROUP_NAME_MAX_LENGTH; знаков."
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"ÐÐµÐ»ÑŒÐ·Ñ Ð´Ð¾Ð±Ð°Ð²Ð¸Ñ‚ÑŒ группу NIS или LDAP. Это необходимо делать на "
+"ÑоответÑтвующем Ñервере."
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+"ЕÑли Ð¸Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ уже ÑущеÑтвует во внешней базе данных групп, например в NIS "
+"или LDAP, то <command>groupadd</command> не Ñтанет Ñоздавать группу."
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "не уникальный GID (еÑли не задан параметр <option>-o</option>)"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "не уникальное Ð¸Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Программа <command>groupadd</command> Ð·Ð°Ð²ÐµÑ€ÑˆÐ°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñƒ, возвращает Ñледующие "
+"значениÑ: <placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "управление <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "управление <placeholder-1/> и <placeholder-2/>"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "параметр"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+"Программа <command>gpasswd</command> иÑпользуетÑÑ Ð´Ð»Ñ ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ñ„Ð°Ð¹Ð»Ð¾Ð¼ "
+"<filename>/etc/group</filename> <phrase condition=\"gshadow\"> и <filename>/"
+"etc/gshadow</filename></phrase>. В каждой группе могут быть определены "
+"<phrase condition=\"gshadow\">админиÑтраторы,</phrase> члены и пароль."
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+"СиÑтемные админиÑтраторы могут иÑпользовать параметр <option>-A</option>, "
+"чтобы назначить группе админиÑтратора(ов) и параметр <option>-M</option> Ð´Ð»Ñ "
+"Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ ÑпиÑка членов, а также имеют вÑе права админиÑтраторов и членов "
+"группы."
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+"Программа <command>gpasswd</command>, Ð·Ð°Ð¿ÑƒÑ‰ÐµÐ½Ð½Ð°Ñ <phrase condition=\"gshadow"
+"\">админиÑтратором группы</phrase><phrase condition=\"no_gshadow\">ÑиÑтемным "
+"админиÑтратором</phrase> Ñ ÑƒÐºÐ°Ð·Ð°Ð½Ð¸ÐµÐ¼ в командной Ñтроке только имени группы, "
+"предложит назначить пароль <replaceable>группе</replaceable>."
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"ЕÑли пароль не пуÑтой, то Ð´Ð»Ñ Ñ‡Ð»ÐµÐ½Ð¾Ð² группы вызов "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð½Ðµ требует, а не члены группы должны ввеÑти пароль."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Ð—Ð°Ð¼ÐµÑ‡Ð°Ð½Ð¸Ñ Ð¾ паролÑÑ… групп"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+"Пароли групп имеют врождённую проблему Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑтью, так как пароль знает "
+"более одного человека. Однако, группы ÑвлÑÑŽÑ‚ÑÑ Ð¿Ð¾Ð»ÐµÐ·Ð½Ñ‹Ð¼ инÑтрументом "
+"ÑовмеÑтной работы различных пользователей."
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"За иÑключением параметров <option>-A</option> и <option>-M</option>, "
+"параметры Ð½ÐµÐ»ÑŒÐ·Ñ Ð¸Ñпользовать вмеÑте."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "Параметры не могут быть указаны одновременно."
+
+# type: Content of: <refentry><refsect1><para>
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr "Параметры команды <command>gpasswd</command>:"
+
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>пользователь</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Добавить <replaceable>пользователÑ</replaceable> в указанную "
+"<replaceable>группу</replaceable>."
+
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>пользователь</replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"Удалить <replaceable>пользователÑ</replaceable> из указанной "
+"<replaceable>группы</replaceable>."
+
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>КÐТ_CHROOT</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+"Удалить пароль указанной <replaceable>группы</replaceable>. Пароль группы "
+"будет пуÑтым. Только члены группы Ñмогут иÑпользовать <command>newgrp</"
+"command> Ð´Ð»Ñ Ð²Ñ…Ð¾Ð´Ð° в указанную <replaceable>группу</replaceable>."
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Ограничить доÑтуп к указанной <replaceable>группе</replaceable>. Пароль "
+"группы ÑтановитÑÑ Ñ€Ð°Ð²Ð½Ñ‹Ð¼ «!». Только члены группы имеющие пароль Ñмогут "
+"иÑпользовать <command>newgrp</command> Ð´Ð»Ñ Ð²Ñ…Ð¾Ð´Ð° в указанную "
+"<replaceable>группу</replaceable>."
+
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option> "
+"<replaceable>пользователь</replaceable>, …"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "Задать ÑпиÑок админиÑтраторов группы."
+
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;"
+"<replaceable>пользователь</replaceable>, …"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "Задать ÑпиÑок членов группы."
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+"Ð”Ð°Ð½Ð½Ð°Ñ ÑƒÑ‚Ð¸Ð»Ð¸Ñ‚Ð° работает только Ñ Ñ„Ð°Ð¹Ð»Ð¾Ð¼ <filename>/etc/group</filename> "
+"<phrase condition=\"gshadow\"> и <filename>/etc/gshadow</filename>.</"
+"phrase><phrase condition=\"no_gshadow\">.</phrase> Она не может изменить "
+"группу NIS или LDAP, Ñто нужно делать на ÑоответÑтвующем Ñервере."
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+"показывает запиÑи из файла faillog или задаёт предел неудачных попыток входа "
+"в ÑиÑтему"
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+"Программа <command>faillog</command> показывает Ñодержимое журнала неудачных "
+"попыток (файл <filename>/var/log/faillog</filename>). Также она может быть "
+"иÑпользована Ð´Ð»Ñ ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ñчётчиком неудачных попыток и их ограничением. "
+"При запуÑке <command>faillog</command> без параметров выводÑÑ‚ÑÑ Ð·Ð°Ð¿Ð¸Ñи "
+"faillog только тех пользователей, у которых имеетÑÑ Ñ…Ð¾Ñ‚Ñ Ð±Ñ‹ одна Ð½ÐµÑƒÐ´Ð°Ñ‡Ð½Ð°Ñ "
+"попытка входа."
+
+# type: Content of: <refentry><refsect1><para>
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr "Параметры команды <command>faillog</command>:"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+"Показать запиÑи faillog Ð´Ð»Ñ Ð²Ñех пользователей из базы данных "
+"<filename>faillog</filename>."
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+"СпиÑок пользователей можно ограничить Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ параметра <option>-u</"
+"option>."
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+"Ð’ режиме вывода Ñто ограничивает вывод ÑпиÑком ÑущеÑтвующих пользователей, "
+"но при Ñтом Ð´Ð»Ñ Ð½Ð¸Ñ… выводÑÑ‚ÑÑ Ð´Ð°Ð¶Ðµ пуÑтые запиÑи faillog."
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+"Параметры <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> изменÑÑŽÑ‚ запиÑи пользователей, даже еÑли они не "
+"ÑущеÑтвует в ÑиÑтеме. Это полезно Ð´Ð»Ñ ÑброÑа запиÑей пользователей, которые "
+"были удалены или Ð´Ð»Ñ Ð¿Ñ€ÐµÐ´Ð²Ð°Ñ€Ð¸Ñ‚ÐµÐ»ÑŒÐ½Ð¾Ð¹ уÑтановки политики Ð´Ð»Ñ Ð´Ð¸Ð°Ð¿Ð°Ð·Ð¾Ð½Ð° "
+"пользователей."
+
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>СЕКУÐД</"
+"replaceable>"
+
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"Блокировать учётную запиÑÑŒ на указанное количеÑтво <replaceable>СЕКУÐД</"
+"replaceable> поÑле неудачной попытки входа."
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+"Ð”Ð»Ñ Ñтого параметра требуетÑÑ Ð¿Ñ€Ð°Ð²Ð¾ на запиÑÑŒ в <filename>/var/log/faillog</"
+"filename>."
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;"
+"<replaceable>ÐœÐКС_ЧИСЛО</replaceable>"
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"УÑтановить макÑимальное количеÑтво неудачных попыток входа перед блокировкой "
+"учётной запиÑи равным <replaceable>ÐœÐКС_ЧИСЛО</replaceable>."
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+"ЕÑли значение <replaceable>ÐœÐКС_ЧИСЛО</replaceable> равно 0, то количеÑтво "
+"неудачных попыток входа не ограничиваетÑÑ."
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+"Ð”Ð»Ñ Ð¿Ñ€ÐµÐ´Ð¾Ñ‚Ð²Ñ€Ð°Ñ‰ÐµÐ½Ð¸Ñ Ð°Ñ‚Ð°ÐºÐ¸ отказа в обÑлуживании макÑимальное количеÑтво "
+"неудачных попыток входа у <emphasis>root</emphasis> вÑегда должно быть равно "
+"0."
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "СброÑить Ñчётчик неудачных попыток входа."
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr "Показать запиÑи faillog новее чем <replaceable>ДÐЕЙ</replaceable>."
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+"Показать запиÑÑŒ faillog или изменить Ñчётчики неудачных попыток и "
+"Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ (еÑли задан параметр <option>-l</option>, <option>-m</option> "
+"или <option>-r</option>) только Ð´Ð»Ñ ÑƒÐºÐ°Ð·Ð°Ð½Ð½Ñ‹Ñ… учётных запиÑей."
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"ЕÑли параметры <option>-l</option>, <option>-m</option> или <option>-r</"
+"option> не заданы, то <command>faillog</command> показывает запиÑи faillog "
+"указанных пользователей."
+
+# type: Content of: <refentry><refsect1><para>
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+"Программа <command>faillog</command> выводит только запиÑи о пользователÑÑ…, "
+"поÑледнÑÑ Ð¿Ð¾Ð¿Ñ‹Ñ‚ÐºÐ° входа которых была неудачной. Чтобы увидеть запиÑÑŒ о "
+"пользователе, поÑледнÑÑ Ð¿Ð¾Ð¿Ñ‹Ñ‚ÐºÐ° входа которого была удачной, вы должны "
+"Ñпециально указать Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ параметра <option>-u</option>, "
+"или Ð´Ð»Ñ Ð¿Ð¾ÐºÐ°Ð·Ð° вÑех пользователей указать параметр <option>-a</option>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr "журнал неудавшихÑÑ Ð¿Ð¾Ð¿Ñ‹Ñ‚Ð¾Ðº входа в ÑиÑтему"
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "файл протокола неудачных попыток входа в ÑиÑтему"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+"Ð’ файле <filename>/var/log/faillog</filename> ÑодержатÑÑ Ñчётчики неудачных "
+"попыток входа и Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ Ð´Ð»Ñ ÐºÐ°Ð¶Ð´Ð¾Ð¹ учётной запиÑи."
+
+# type: Content of: <refentry><refsect1><para>
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+"Этот файл ÑоÑтоит из запиÑей поÑтоÑнной длины, упорÑдоченных по чиÑловому "
+"идентификатору учётной запиÑи. ÐšÐ°Ð¶Ð´Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ Ñодержит количеÑтво неудачных "
+"попыток входа Ñ Ð¼Ð¾Ð¼ÐµÐ½Ñ‚Ð° поÑледнего уÑпешного входа в ÑиÑтему, макÑимальное "
+"количеÑтво неудачных попыток перед тем как ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ будет "
+"заблокирована, терминал, Ñ ÐºÐ¾Ñ‚Ð¾Ñ€Ð¾Ð³Ð¾ оÑущеÑтвлÑлаÑÑŒ поÑледнÑÑ Ð½ÐµÑƒÐ´Ð°Ñ‡Ð½Ð°Ñ "
+"попытка входа, дату Ñтого ÑÐ¾Ð±Ñ‹Ñ‚Ð¸Ñ Ð¸ интервал (в Ñекундах) на Ñколько ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ "
+"запиÑÑŒ будет заблокирована в Ñлучае неудачной попытки."
+
+# type: Content of: <refentry><refsect1><para>
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "Структура файла:"
+
+# type: Content of: <refentry><refsect1><programlisting>
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><command>
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "проверÑет и изменÑет пароль ÑоглаÑно политике уÑтареваниÑ"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"Программа <command>expiry</command> проверÑет (параметр <option>-c</option>) "
+"Ñколько ещё времени будет работоÑпоÑобен текущий пароль и вынуждает изменить "
+"его (параметр <option>-f</option>), еÑли Ñто требуетÑÑ. Она может "
+"запуÑкатьÑÑ Ð¾Ð±Ñ‹Ñ‡Ð½Ñ‹Ð¼ пользователем."
+
+# type: Content of: <refentry><refsect1><para>
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr "Параметры команды <command>expiry</command>:"
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr "ПроверÑет и изменÑет Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ñƒ текущего пользователÑ."
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr "Принудительно менÑет пароль, еÑли его Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¸Ñтёк."
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "изменÑет региÑтрационную оболочку пользователÑ"
+
+# type: Content of: <refentry><refsect1><para>
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"Программа <command>chsh</command> изменÑет региÑтрационную оболочку "
+"пользователÑ. Она определÑет ÐºÐ°ÐºÐ°Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð° будет запущена поÑле региÑтрации "
+"Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² ÑиÑтеме. Обычный пользователь может изменÑÑ‚ÑŒ региÑтрационную "
+"оболочку только Ð´Ð»Ñ Ñвоей учётной запиÑи; Ñуперпользователь может изменÑÑ‚ÑŒ "
+"региÑтрационную оболочку любой учётной запиÑи."
+
+# type: Content of: <refentry><refsect1><para>
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Параметры команды <command>chsh</command>:"
+
+# type: Content of: <refentry><refsect1><para>
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"ЕÑли параметр <option>-s</option> не задан, то <command>chsh</command> "
+"переходит в интерактивный режим, Ð¿Ñ€ÐµÐ´Ð»Ð°Ð³Ð°Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÑŽ изменить Ñвою "
+"региÑтрационную оболочку. Вводимое значение заменÑет текущее значение полÑ; "
+"еÑли введена пуÑÑ‚Ð°Ñ Ñтрока, то текущее значение оÑтаётÑÑ Ð½ÐµÐ¸Ð·Ð¼ÐµÐ½Ð½Ñ‹Ð¼. Текущее "
+"значение региÑтрационной оболочки указано в Ñкобках <emphasis>[ ]</emphasis>."
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"Ð’Ñе допуÑтимые имена региÑтрационных оболочек должны быть указаны в файле "
+"<filename>/etc/shells</filename>. Ðа ÑÑƒÐ¿ÐµÑ€Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ñто ограничение не "
+"дейÑтвует и поÑтому ему разрешено указывать любое значение. Ð”Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ "
+"запиÑи Ñ Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð½Ð¾Ð¹ региÑтрационной оболочкой пользователь не может "
+"изменить Ñвою региÑтрационную оболочку. ПоÑтому <filename>/bin/rsh</"
+"filename> в файле <filename>/etc/shells</filename> лучше не указывать, так "
+"как, еÑли пользователь Ñлучайно изменит Ñвою региÑтрационную оболочку на Ñту "
+"ограниченную оболочку, то не Ñможет воÑÑтановить её первоначальное значение."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Ñодержит ÑпиÑок разрешённых региÑтрационных оболочек"
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "обновлÑет пароли в пакетном режиме"
+
+# type: Content of: <refentry><refsect1><para>
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"Программа <command>chpasswd</command> читает ÑпиÑок пар «пользователь "
+"пароль» из Ñтандартного входного потока и обновлÑет информацию о "
+"ÑущеÑтвующих пользователÑÑ…. ÐšÐ°Ð¶Ð´Ð°Ñ Ñтрока имеет вид:"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">имÑ_пользователÑ</emphasis>:<emphasis remap=\"I"
+"\">пароль</emphasis>"
+
+# type: Content of: <refentry><refsect1><para>
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"По умолчанию, передаваемый пароль должен быть в виде обычного текÑта и "
+"шифруетÑÑ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð¾Ð¹ <command>chpasswd</command>. Также, еÑли еÑÑ‚ÑŒ Ñрок "
+"дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ, то он будет обновлён."
+
+#: chpasswd.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+#| "variables of <filename>/etc/login.defs</filename>, and can be overwitten "
+#| "with the <option>-e</option>, <option>-m</option>, or <option>-c</option> "
+#| "options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"СиÑтемный алгоритм ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ð¾ умолчанию может быть задан в переменной "
+"<option>ENCRYPT_METHOD</option> или <option>MD5_CRYPT_ENAB</option> в файле "
+"<filename>/etc/login.defs</filename>, и может быть переопределён параметрами "
+"<option>-e</option>, <option>-m</option> или <option>-c</option>."
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"По умолчанию пароли шифруютÑÑ PAM, но (даже еÑли Ñто не рекомендуетÑÑ) вы "
+"можете выбрать другой метод ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ параметра <option>-e</"
+"option>, <option>-m</option> или <option>-c</option>."
+
+#: chpasswd.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "<phrase condition=\"pam\">Except when PAM is used to encrypt the "
+#| "passwords,</phrase><command>chpasswd</command> first updates all the "
+#| "passwords in memory, and then commits all the changes to disk if no "
+#| "errors occured for any user."
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+"Команда <command>chpasswd</command> <phrase condition=\"pam\">(когда Ð´Ð»Ñ "
+"ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»ÐµÐ¹ не иÑпользуетÑÑ PAM)</phrase> Ñначала обновлÑет вÑе "
+"пароли в памÑти, а затем запиÑывает вÑе Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð½Ð° диÑк, еÑли не было "
+"никаких ошибок."
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+"Ð’ Ñлучае когда шифрование паролей (и обновление в ÑиÑтемной базе данных) "
+"выполнÑетÑÑ PAM и пароль не может быть обновлён, то <command>chpasswd</"
+"command> продолжает обновление паролей оÑтальных пользователей и завершает "
+"работу Ñ ÐºÐ¾Ð´Ð¾Ð¼ ошибки."
+
+# type: Content of: <refentry><refsect1><para>
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Ð”Ð°Ð½Ð½Ð°Ñ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð° предназначена Ð´Ð»Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñ‹ в крупных ÑиÑтемных Ñредах, где за "
+"один раз заводитÑÑ Ð½ÐµÑколько учётных запиÑей."
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr "Параметры команды <command>chpasswd</command>:"
+
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>МЕТОД</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "Возможные методы: DES, MD5 и NONE."
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "По умолчанию, Ð´Ð»Ñ ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»ÐµÐ¹ иÑпользуетÑÑ PAM."
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+"По умолчанию (еÑли не указан параметр<option>-c</option>, <option>-m</"
+"option> или <option>-e</option>), метод ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÑетÑÑ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ð¾Ð¹ "
+"<option>ENCRYPT_METHOD</option> или <option>MD5_CRYPT_ENAB</option> из файла "
+"<filename>/etc/login.defs</filename>."
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Передаваемые пароли заданы в шифрованном виде."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"ИÑпользовать алгоритм ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ MD5 вмеÑто DES, еÑли пароли передаютÑÑ Ð½Ðµ "
+"шифрованными."
+
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;"
+"<replaceable>РÐУÐДОВ</replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"По умолчанию, количеÑтво раундов определÑетÑÑ Ð¿ÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ñ‹Ð¼Ð¸ "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> и <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> в <filename>/etc/login.defs</filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Ðе забудьте уÑтановить права или umask, чтобы не позволить чтение не "
+"шифрованных файлов другими пользователÑми."
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "наÑтройки PAM Ð´Ð»Ñ <command>chpasswd</command>"
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "обновлÑет пароли групп в пакетном режиме"
+
+# type: Content of: <refentry><refsect1><para>
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"Программа <command>chgpasswd</command> читает ÑпиÑок пар «группа пароль» из "
+"Ñтандартного входного потока и обновлÑет информацию о ÑущеÑтвующих группах. "
+"ÐšÐ°Ð¶Ð´Ð°Ñ Ñтрока имеет вид:"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">имÑ_группы</emphasis>:<emphasis remap=\"I\">пароль</"
+"emphasis>"
+
+# type: Content of: <refentry><refsect1><para>
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"По умолчанию, передаваемый пароль должен быть в виде обычного текÑта и "
+"шифруетÑÑ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð¾Ð¹ <command>chgpasswd</command>."
+
+#: chgpasswd.8.xml:92(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+#| "filename>, and can be overwiten with the <option>-e</option>, <option>-m</"
+#| "option>, or <option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"СиÑтемный алгоритм ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð¿Ð¾ умолчанию может быть задан в переменной "
+"<option>ENCRYPT_METHOD</option> в файле <filename>/etc/login.defs</"
+"filename>, и может быть переопределён параметрами <option>-e</option>, "
+"<option>-m</option> или <option>-c</option>."
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr "Параметры команды <command>chgpasswd</command>:"
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "изменÑет информацию о пользователе"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+"Программа <command>chfn</command> изменÑет ФИО, рабочий телефон, рабочий "
+"номер комнаты, рабочий и домашний номер телефона Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи "
+"пользователÑ. Обычно, Ñти данные выводÑÑ‚ÑÑ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð¾Ð¹ "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> и ей подобными программами. Обычный пользователь может "
+"изменить только определённые данные ÑобÑтвенной учётной запиÑи, разрешённые "
+"в файле <filename>/etc/login.defs</filename> (наÑтройкой по умолчанию "
+"пользователю не разрешаетÑÑ Ð¼ÐµÐ½ÑÑ‚ÑŒ Ñвоё Ð¸Ð¼Ñ Ð¸ фамилию). Суперпользователь "
+"может изменÑÑ‚ÑŒ любые данные любой учётной запиÑи. Кроме того, только "
+"Ñуперпользователь может иÑпользовать параметр <option>-o</option> Ð´Ð»Ñ "
+"Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð½ÐµÑтандартизованной чаÑти данных GECOS."
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+"ЧаÑти Ð¿Ð¾Ð»Ñ GECOS не должны Ñодержать двоеточий. За иÑключением чаÑти "
+"<emphasis remap=\"I\">другаÑ</emphasis>, в них не должно ÑодержатьÑÑ Ð·Ð°Ð¿ÑÑ‚Ñ‹Ñ… "
+"и знаков равно. Также рекомендуетÑÑ Ð¸Ð·Ð±ÐµÐ³Ð°Ñ‚ÑŒ Ñимволов не в кодировке US-"
+"ASCII, но Ñто каÑаетÑÑ Ñ‚Ð¾Ð»ÑŒÐºÐ¾ номеров телефонов. ЧаÑÑ‚ÑŒ <emphasis remap=\"I"
+"\">другаÑ</emphasis> иÑпользуетÑÑ Ð´Ð»Ñ Ñ…Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ð¸ об учётной запиÑи, "
+"ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð¸ÑпользуетÑÑ Ð´Ñ€ÑƒÐ³Ð¸Ð¼Ð¸ приложениÑми."
+
+# type: Content of: <refentry><refsect1><para>
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Параметры команды <command>chfn</command>:"
+
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;<replaceable>ФИО</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "ИзменÑет ФИО пользователÑ."
+
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>ДОМÐШÐИЙ_ТЕЛЕФОÐ</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "ИзменÑет номер домашнего телефона пользователÑ."
+
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>ДРУГÐЯ</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"ИзменÑет другую информацию GECOS о пользователе. Эта чаÑÑ‚ÑŒ иÑпользуетÑÑ Ð´Ð»Ñ "
+"Ñ…Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ð¸ об учётной запиÑи, иÑпользуемой другими приложениÑми, и "
+"может изменÑÑ‚ÑŒÑÑ Ñ‚Ð¾Ð»ÑŒÐºÐ¾ Ñуперпользователем."
+
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>ÐОМЕР_КОМÐÐТЫ</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "ИзменÑет номер комнаты пользователÑ."
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>РÐБОЧИЙ_ТЕЛЕФОÐ</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "ИзменÑет номер рабочего телефона пользователÑ."
+
+# type: Content of: <refentry><refsect1><para>
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+"ЕÑли ни один параметр не указан, то <command>chfn</command> переходит в "
+"интерактивный режим, Ð¿Ñ€ÐµÐ´Ð»Ð°Ð³Ð°Ñ Ð·Ð°Ð¿ÑƒÑтившему пользователю изменить данные "
+"Ñвоей учётной запиÑи. Вводимое значение заменÑет текущее значение запиÑи; "
+"еÑли введена пуÑÑ‚Ð°Ñ Ñтрока, то текущее значение оÑтаётÑÑ Ð½ÐµÐ¸Ð·Ð¼ÐµÐ½Ð½Ñ‹Ð¼. Текущее "
+"значение показано в Ñкобках <emphasis remap=\"B\">[ ]</emphasis>. При вызове "
+"без параметров программа <command>chfn</command> изменÑет учётную запиÑÑŒ "
+"запуÑтившего пользователÑ."
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "изменÑет информацию об уÑтаревании Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ"
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"Программа <command>chage</command> изменÑет количеÑтво дней между датой "
+"Ñмены Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¸ датой поÑледней Ñмены паролÑ. Эта Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¸ÑпользуетÑÑ "
+"ÑиÑтемой Ð´Ð»Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¼Ð¾Ð¼ÐµÐ½Ñ‚Ð°, когда пользователь должен Ñменить Ñвой "
+"пароль."
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "Параметры команды <command>chage</command>:"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>ПОСЛ_ДЕÐЬ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"УÑтановить чиÑло дней прошедших Ñ 1 ÑÐ½Ð²Ð°Ñ€Ñ 1970 года, когда была поÑледнÑÑ "
+"Ñмена паролÑ. Дата может быть также указана в виде ГГГГ-ММ-ДД (или в форме "
+"ÑоглаÑно региональным наÑтройкам)."
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option> "
+"<replaceable>ДÐТÐ_УСТÐРЕВÐÐИЯ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"УÑтановить дату уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи пользователÑ, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð·Ð°Ð´Ð°Ñ‘Ñ‚ÑÑ "
+"чиÑлом дней прошедших Ñ 1 ÑÐ½Ð²Ð°Ñ€Ñ 1970 года. Дата может быть также задана в "
+"виде ГГГГ-ММ-ДД (или в форме ÑоглаÑно региональным наÑтройкам). "
+"Пользователь, Ñ‡ÑŒÑ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ была заблокирована, должен обратитьÑÑ Ðº "
+"ÑиÑтемному админиÑтратору, еÑли хочет в дальнейшем работать Ñ ÑиÑтемой."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Значение <emphasis remap=\"I\">-1</emphasis> в параметре "
+"<replaceable>ДÐТÐ_УСТÐРЕВÐÐИЯ</replaceable> отменÑет уÑтаревание учётной "
+"запиÑи."
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>ДÐЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"УÑтановить количеÑтво дней неактивноÑти поÑле уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿ÐµÑ€ÐµÐ´ тем "
+"как ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ будет заблокирована. Ð’ параметре <replaceable>ДÐЕЙ</"
+"replaceable> задаётÑÑ ÐºÐ¾Ð»Ð¸Ñ‡ÐµÑтво дней неактивноÑти. Пользователь, Ñ‡ÑŒÑ "
+"ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ была заблокирована, должен обратитьÑÑ Ðº ÑиÑтемному "
+"админиÑтратору, еÑли хочет в дальнейшем работать Ñ ÑиÑтемой."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Значение <emphasis remap=\"I\">-1</emphasis> в параметре <replaceable>ДÐЕЙ</"
+"replaceable> отменÑет неактивноÑÑ‚ÑŒ учётной запиÑи."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Показать информацию об уÑтаревании учётной запиÑи."
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>МИÐ_ДÐЕЙ</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>ÐœÐКС_ДÐЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"УÑтановить макÑимальное количеÑтво дней работоÑпоÑобноÑти паролÑ. ЕÑли Ñумма "
+"значений <replaceable>ÐœÐКС_ДÐЕЙ</replaceable> и <replaceable>ПОСЛ_ДЕÐЬ</"
+"replaceable> раньше текущего днÑ, то пользователю придётÑÑ Ð¸Ð·Ð¼ÐµÐ½Ð¸Ñ‚ÑŒ Ñвой "
+"пароль перед иÑпользованием учётной запиÑи. Ð”Ð»Ñ Ñ‚Ð¾Ð³Ð¾, чтобы Ñто не было "
+"неожиданноÑтью можно воÑпользоватьÑÑ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-W</option>, который "
+"активирует выдачу Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ Ð¾ Ñмене Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð·Ð°Ñ€Ð°Ð½ÐµÐµ."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Значение <emphasis remap=\"I\">-1</emphasis> в параметре "
+"<replaceable>ÐœÐКС_ДÐЕЙ</replaceable> отменÑет проверку паролÑ."
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>ПРЕДУП_ДÐЕЙ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"УÑтановить количеÑтво дней выдачи предупреждениÑ, перед тем как потребуетÑÑ "
+"Ñмена паролÑ. Параметр <replaceable>ПРЕДУП_ДÐЕЙ</replaceable> ÑчитаетÑÑ Ð² "
+"днÑÑ…, в течении которых пользователь будет получать предупреждение об "
+"уÑтаревании паролÑ, перед тем как Ñто ÑлучитÑÑ."
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"ЕÑли ни один параметр не указан, то <command>chage</command> переходит в "
+"интерактивный режим, Ð¿Ñ€ÐµÐ´Ð»Ð°Ð³Ð°Ñ Ð·Ð°Ð¿ÑƒÑтившему пользователю изменить Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ "
+"вÑех полей Ñвоей учётной запиÑи. Вводимое значение заменÑет текущее значение "
+"полÑ; еÑли введена пуÑÑ‚Ð°Ñ Ñтрока, то текущее значение оÑтаётÑÑ Ð½ÐµÐ¸Ð·Ð¼ÐµÐ½Ð½Ñ‹Ð¼. "
+"Текущее значение показано в Ñкобках <emphasis>[ ]</emphasis>."
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Программа <command>chage</command> требует Ð½Ð°Ð»Ð¸Ñ‡Ð¸Ñ Ñ„Ð°Ð¹Ð»Ð° теневых паролей."
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"Программа <command>chage</command> работает только от ÑуперпользователÑ, за "
+"иÑключением вызова Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-l</option>, который может "
+"иÑпользоватьÑÑ Ð½ÐµÐ¿Ñ€Ð¸Ð²Ð¸Ð»ÐµÐ³Ð¸Ñ€Ð¾Ð²Ð°Ð½Ð½Ñ‹Ð¼ пользователем Ð´Ð»Ñ Ð¾Ð¿Ñ€ÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ Ð´Ð°Ñ‚Ñ‹ "
+"уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ñвоего паролÑ."
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "не удалоÑÑŒ найти файл теневых паролей"
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Программа <command>chage</command> Ð·Ð°Ð²ÐµÑ€ÑˆÐ°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñƒ, возвращает Ñледующие "
+"значениÑ: <placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+"Yuri Kozlov <yuray@komyakino.ru>, 2005, 2006, 2012 Sergey Alyoshin <alyoshin."
+"s@gmail.com>, 2012 "
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><option>
+#~ msgid "-M"
+#~ msgstr "-M"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#~ msgid "13"
+#~ msgstr "13"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#~ msgid "can't create mail spool"
+#~ msgstr "не удалоÑÑŒ Ñоздать почтовый Ñщик"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#, fuzzy
+#~| msgid ""
+#~| "The name of the user's new login shell. Setting this field to blank "
+#~| "causes the system to select the default login shell."
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "Ð˜Ð¼Ñ Ð½Ð¾Ð²Ð¾Ð¹ региÑтрационной оболочки пользователÑ. ЕÑли задать пуÑтое "
+#~ "значение, то будет иÑпользована региÑÑ‚Ñ€Ð°Ñ†Ð¸Ð¾Ð½Ð½Ð°Ñ Ð¾Ð±Ð¾Ð»Ð¾Ñ‡ÐºÐ° по умолчанию."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#~ msgid "-q"
+#~ msgstr "-q"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#~ msgid "new_users"
+#~ msgstr "new_users"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#~ msgid "full_name"
+#~ msgstr "ФИО"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#~ msgid "room_no"
+#~ msgstr "номер комнаты"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#~ msgid "work_ph"
+#~ msgstr "рабочий телефон"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#~ msgid "home_ph"
+#~ msgstr "домашний телефон"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#~ msgid "other"
+#~ msgstr "другое"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#~ "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "Note: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> doesn't work yet."
+#~ msgstr ""
+#~ "Замечание: запиÑÑŒ вида <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> пока не работает."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+#~ msgstr "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#, fuzzy
+#~| msgid "Supplied passwords are in encrypted form."
+#~ msgid "The supplied passwords must be in clear-text."
+#~ msgstr "Передаваемые пароли заданы в шифрованном виде."
+
+#, fuzzy
+#~ msgid "and <placeholder-1/> files"
+#~ msgstr "-a <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><para>
+#, fuzzy
+#~| msgid ""
+#~| "<command>usermod</command> will not allow you to change the name of a "
+#~| "user who is logged in. You must make certain that the named user is not "
+#~| "executing any processes when this command is being executed if the "
+#~| "user's numerical user ID is being changed. You must change the owner of "
+#~| "any <command>crontab</command> files manually. You must change the owner "
+#~| "of any <command>at</command> jobs manually. You must make any changes "
+#~| "involving NIS on the NIS server."
+#~ msgid ""
+#~ "<command>usermod</command> will not allow you to change the name of an "
+#~ "user who is logged in. You must make certain that the named user is not "
+#~ "executing any processes when this command is being executed if the user's "
+#~ "numerical user ID is being changed. You must change the owner of any "
+#~ "<command>crontab</command> files manually. You must change the owner of "
+#~ "any <command>at</command> jobs manually. You must make any changes "
+#~ "involving NIS on the NIS server."
+#~ msgstr ""
+#~ "Команда <command>usermod</command> не будет изменÑÑ‚ÑŒ Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ, "
+#~ "еÑли Ñтот пользователь в данный момент работает в ÑиÑтеме. ЕÑли требуетÑÑ "
+#~ "изменить чиÑловой идентификатор пользователÑ, нужно проверить, что от "
+#~ "Ñтого Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð½ÐµÑ‚ запущенных процеÑÑов. Владельца файлов "
+#~ "<command>crontab</command> нужно изменÑÑ‚ÑŒ вручную. Владельца заданий "
+#~ "<command>at</command> нужно изменÑÑ‚ÑŒ вручную. Также вручную нужно Ñделать "
+#~ "вÑе Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ ÑвÑзанные Ñ NIS на Ñервере NIS."
+
+# type: Content of: <refentry><refsect1><para>
+#~ msgid ""
+#~ "<command>userdel</command> will not allow you to remove an account if the "
+#~ "user is currently logged in. You must kill any running processes which "
+#~ "belong to an account that you are deleting."
+#~ msgstr ""
+#~ "Команда <command>userdel</command> не будет удалÑÑ‚ÑŒ учётную запиÑÑŒ, еÑли "
+#~ "пользователь в данный момент работает в ÑиÑтеме. Ð’Ñ‹ должны завершить вÑе "
+#~ "запущенные процеÑÑÑ‹, принадлежащие учётной запиÑи, которую нужно удалить."
+
+#~ msgid ""
+#~ "The encrypted password, as returned by "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. The default is to disable the account."
+#~ msgstr ""
+#~ "Шифрованное значение паролÑ, которое возвращает Ñ„ÑƒÐ½ÐºÑ†Ð¸Ñ "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. По умолчанию ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ заблокирована."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "encrypted password file"
+#~ msgstr "файл Ñ Ð·Ð°Ñ‰Ð¸Ñ‰Ð°ÐµÐ¼Ð¾Ð¹ информацией о пользователÑÑ…"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "comma-separated list of group administrators"
+#~ msgstr "ÑпиÑок админиÑтраторов группы, перечиÑленных через запÑтую"
+
+#~ msgid ""
+#~ "The group name and password fields must be filled. The encrypted password "
+#~ "consists of characters from the 64-character alphabet a thru z, A thru Z, "
+#~ "0 thru 9, \\. and /. Refer to <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry> for details on how "
+#~ "this string is interpreted. If the password field contains some string "
+#~ "that is not valid result of <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or "
+#~ "*, the user will not be able to use a unix password to log in, subject to "
+#~ "<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum></"
+#~ "citerefentry>."
+#~ msgstr ""
+#~ "ÐŸÐ¾Ð»Ñ Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ группы и пароль должны быть заполнены. Шифрованный пароль "
+#~ "ÑоÑтоит из разрешённых 64 Ñимволов Ñ a по z, Ñ A по Z, Ñ 0 по 9, \\. и /. "
+#~ "Подробней о пароле Ñмотрите на Ñтранице руководÑтва "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. ЕÑли поле Ð¿Ð°Ñ€Ð¾Ð»Ñ Ñодержит Ñтроку, ÐºÐ¾Ñ‚Ð¾Ñ€Ð°Ñ Ð½Ðµ "
+#~ "удовлетворÑет требованиÑм <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, например "
+#~ "Ñодержит ! или *, то пользователь не Ñможет иÑпользовать Ñтот unix пароль "
+#~ "Ð´Ð»Ñ Ñ€ÐµÐ³Ð¸Ñтрации Ñ ÑƒÑ‡Ñ‘Ñ‚Ð¾Ð¼ наÑтроек <citerefentry><refentrytitle>pam</"
+#~ "refentrytitle><manvolnum>7</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#, fuzzy
+#~ msgid ""
+#~ "The group ID of the given <replaceable>GROUP</replaceable> will be "
+#~ "changed to <replaceable>GID</replaceable>. The value of <replaceable>GID</"
+#~ "replaceable> must be a non-negative decimal integer. This value must be "
+#~ "unique, unless the <option>-o</option> option is used. Values between 0 "
+#~ "and 999 are typically reserved for system groups. Any files that have the "
+#~ "old group ID and must continue to belong to <replaceable>GROUP</"
+#~ "replaceable>, must have their group ID changed manually."
+#~ msgstr ""
+#~ "УказываетÑÑ Ð½Ð¾Ð²Ñ‹Ð¹ ID группы Ð´Ð»Ñ <replaceable>ГРУППЫ</replaceable>. "
+#~ "ЧиÑловое значение <replaceable>GID</replaceable> должно быть "
+#~ "неотрицательным деÑÑтичным чиÑлом. Оно должно быть уникальным, еÑли не "
+#~ "задан параметр <option>-o</option>. Ð—Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¾Ñ‚ 0 до 999 обычно "
+#~ "зарезервированы под ÑиÑтемные группы. Изменение принадлежноÑти вÑех "
+#~ "файлов Ñтарой группе необходимо выполнÑÑ‚ÑŒ вручную."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "The group name or number of the user's new initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1."
+#~ msgstr ""
+#~ "Ð˜Ð¼Ñ Ð¸Ð»Ð¸ чиÑловой идентификатор новой начальной группы пользователÑ. "
+#~ "Группа Ñ Ñ‚Ð°ÐºÐ¸Ð¼ именем должна ÑущеÑтвовать. Идентификатор группы должен "
+#~ "указывать на уже ÑущеÑтвующую группу. По умолчанию идентификатор группы "
+#~ "уÑтановлен в 1."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "The group name or number of the user's initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1 or whatever is specified in <filename>/etc/"
+#~ "default/useradd</filename>."
+#~ msgstr ""
+#~ "Ð˜Ð¼Ñ Ð¸Ð»Ð¸ чиÑловой идентификатор новой начальной группы пользователÑ. "
+#~ "Группа Ñ Ñ‚Ð°ÐºÐ¸Ð¼ именем должна ÑущеÑтвовать. Идентификатор группы должен "
+#~ "указывать на уже ÑущеÑтвующую группу. Идентификатор группы по умолчанию "
+#~ "равен 1 или значению указанному в файле <filename>/etc/default/useradd</"
+#~ "filename>."
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "The group name or ID for a new user's initial group. The named group must "
+#~ "exist, and a numerical group ID must have an existing entry."
+#~ msgstr ""
+#~ "Ð˜Ð¼Ñ Ð¸Ð»Ð¸ чиÑловой идентификатор новой начальной группы пользователÑ. "
+#~ "Группа Ñ Ñ‚Ð°ÐºÐ¸Ð¼ именем должна ÑущеÑтвовать и Ð´Ð»Ñ Ñ‡Ð¸Ñлового идентификатора "
+#~ "должна быть запиÑÑŒ."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "days since Jan 1, 1970 that password was last changed"
+#~ msgstr ""
+#~ "чиÑло дней Ñ Ð¼Ð¾Ð¼ÐµÐ½Ñ‚Ð° поÑледнего Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ, Ð½Ð°Ñ‡Ð¸Ð½Ð°Ñ Ñ 1 ÑÐ½Ð²Ð°Ñ€Ñ 1970 "
+#~ "года"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "days after which password must be changed"
+#~ msgstr "чиÑло дней, поÑле которых пароль должен быть изменён"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "days before password is to expire that user is warned"
+#~ msgstr ""
+#~ "чиÑло дней, за Ñколько Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð½Ð°Ñ‡Ð½ÑƒÑ‚ предупреждать, что пароль "
+#~ "уÑтаревает"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "days after password expires that account is disabled"
+#~ msgstr "чиÑло дней, поÑле уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð´Ð»Ñ Ð±Ð»Ð¾ÐºÐ¸Ñ€Ð¾Ð²ÐºÐ¸ учётной запиÑи"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "days since Jan 1, 1970 that account is disabled"
+#~ msgstr ""
+#~ "дней, отÑÑ‡Ð¸Ñ‚Ñ‹Ð²Ð°Ñ Ñ 1 ÑÐ½Ð²Ð°Ñ€Ñ 1970 года, когда ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ была "
+#~ "заблокирована"
+
+# type: Content of: <refentry><refsect1><para>
+#, fuzzy
+#~ msgid ""
+#~ "The password field must be filled. The encrypted password consists of 13 "
+#~ "to 24 characters from the 64 character alphabet a thru z, A thru Z, 0 "
+#~ "thru 9, \\. and /. Optionally it can start with a \"$\" character. This "
+#~ "means the encrypted password was generated using another (not DES) "
+#~ "algorithm. For example if it starts with \"$1$\" it means the MD5-based "
+#~ "algorithm was used."
+#~ msgstr ""
+#~ "Поле Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð´Ð¾Ð»Ð¶Ð½Ð¾ быть заполнено. Шифрованный пароль имеет длину от 13 "
+#~ "до 24 Ñимволов и ÑоÑтоит из 64 Ñимволов алфавита от a до z, от A до Z, от "
+#~ "0 до 9, \\. и /. Пароль может начинатьÑÑ Ñ Ñимвола \"$\". Это означает, "
+#~ "что шифрованный пароль был Ñгенерирован Ñ Ð¸Ñпользованием другого (не DES) "
+#~ "алгоритма. Ðапример, еÑли он начинаетÑÑ Ñ \"$1$\", то Ñто означает, что "
+#~ "иÑпользовалÑÑ Ð°Ð»Ð³Ð¾Ñ€Ð¸Ñ‚Ð¼ на оÑнове MD5."
+
+# type: Content of: <refentry><refsect1><para>
+#~ msgid ""
+#~ "The date of the last password change is given as the number of days since "
+#~ "Jan 1, 1970. The password may not be changed again until the proper "
+#~ "number of days have passed, and must be changed after the maximum number "
+#~ "of days. If the minimum number of days required is greater than the "
+#~ "maximum number of day allowed, this password may not be changed by the "
+#~ "user."
+#~ msgstr ""
+#~ "Дата поÑледнего Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð·Ð°Ð´Ð°Ñ‘Ñ‚ÑÑ Ð² днÑÑ…, прошедших Ñ 1 ÑÐ½Ð²Ð°Ñ€Ñ "
+#~ "1970 года. Пароль не может быть изменён пока не пройдёт положенное чиÑло "
+#~ "дней, и должен быть изменён поÑле макÑимального чиÑла дней. ЕÑли "
+#~ "обÑзательное минимальное чиÑло дней больше чем макÑимальное чиÑло дней, "
+#~ "то такой пароль не может быть изменён пользователем."
+
+# type: Content of: <refentry><refsect1><para>
+#~ msgid ""
+#~ "An account is considered to be inactive and is disabled if the password "
+#~ "is not changed within the specified number of days after the password "
+#~ "expires. An account will also be disabled on the specified day regardless "
+#~ "of other password expiration information."
+#~ msgstr ""
+#~ "Ð£Ñ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ ÑчитаетÑÑ Ð½ÐµÐ°ÐºÑ‚Ð¸Ð²Ð½Ð¾Ð¹ и будет заблокирована, еÑли пароль не "
+#~ "был изменён за заданное чиÑло дней поÑле уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ. Ð£Ñ‡Ñ‘Ñ‚Ð½Ð°Ñ "
+#~ "запиÑÑŒ также будет заблокирована в заданный день, незавиÑимо от другой "
+#~ "информации об уÑтаревании паролÑ."
+
+# type: Content of: <refentry><refsect1><para>
+#~ msgid ""
+#~ "This information supersedes any password or password age information "
+#~ "present in <filename>/etc/passwd</filename>."
+#~ msgstr ""
+#~ "Ð˜Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¸Ð· Ñтого файла заменÑет любой пароль или информацию об "
+#~ "уÑтаревании, ÑодержащуюÑÑ Ð² файле <filename>/etc/passwd</filename>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "This field must contain the name (or number) of a group. The user will be "
+#~ "added as a member to this group. When a non-existent group name or number "
+#~ "is specified, a new group will be created. In the case of a non-existent "
+#~ "group number, both the name and the number of the new group will be this "
+#~ "number."
+#~ msgstr ""
+#~ "Это поле должно Ñодержать Ð¸Ð¼Ñ (или номер). Пользователь будет добавлен в "
+#~ "Ñту группу. ЕÑли указан чиÑловой идентификатор или Ð¸Ð¼Ñ Ð½ÐµÑущеÑтвующей "
+#~ "группы, то будет Ñоздана Ð½Ð¾Ð²Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° Ñ Ð´Ð°Ð½Ð½Ñ‹Ð¼ именем и номером."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "This field will be checked for existence as a directory, and a new "
+#~ "directory with this name will be created if it does not already exist. "
+#~ "The ownership of the directory will be set to be that of the user being "
+#~ "created or updated."
+#~ msgstr ""
+#~ "Будет проверено ÑущеÑтвование каталога Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð´Ð°Ð½Ð½Ð¾Ð³Ð¾ Ð¿Ð¾Ð»Ñ Ð¸ "
+#~ "еÑли такого каталога нет, то он будет Ñоздан. Владельцем каталога будет "
+#~ "назначен обновлÑемый или Ñоздаваемый пользователь."
+
+#, fuzzy
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#~ msgid "-a"
+#~ msgstr "-a"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#~ msgid "-d"
+#~ msgstr "-d"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#~ msgid "-g"
+#~ msgstr "-g"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#~ msgid "GID"
+#~ msgstr "GID"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><option>
+#~ msgid "-o"
+#~ msgstr "-o"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#~ msgid "KEY"
+#~ msgstr "КЛЮЧ"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#~ msgid "VALUE"
+#~ msgstr "ЗÐÐЧЕÐИЕ"
+
+#~ msgid "-K <placeholder-1/>=<placeholder-2/>"
+#~ msgstr "-K <placeholder-1/>=<placeholder-2/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><option>
+#, fuzzy
+#~ msgid "-R"
+#~ msgstr "-"
+
+#, fuzzy
+#~ msgid "<option>-A</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+#, fuzzy
+#~ msgid "<option>-M</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid "Display faillog records for all users."
+#~ msgstr "Показать запиÑи faillog Ð´Ð»Ñ Ð²Ñех пользователей."
+
+#~ msgid ""
+#~ "Set maximum number of login failures after the account is disabled to "
+#~ "<replaceable>MAX</replaceable>. Selecting <replaceable>MAX</replaceable> "
+#~ "value of 0 has the effect of not placing a limit on the number of failed "
+#~ "logins. The maximum failure count should always be 0 for <emphasis>root</"
+#~ "emphasis> to prevent a denial of services attack against the system."
+#~ msgstr ""
+#~ "УÑтановить макÑимальное чиÑло неудачных попыток входа "
+#~ "равному<replaceable>ÐœÐКС_ЧИСЛО</replaceable>, поÑле чего ÑƒÑ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ "
+#~ "блокируетÑÑ. ЕÑли <replaceable>ÐœÐКС_ЧИСЛО</replaceable> равно 0, то "
+#~ "количеÑтво неудачных попыток не ограничиваетÑÑ. МакÑимальное значение "
+#~ "неудачных попыток должно быть вÑегда равно 0 Ð´Ð»Ñ <emphasis>root</"
+#~ "emphasis>, Ð´Ð»Ñ Ñ‚Ð¾Ð³Ð¾ чтобы предотвратить атаку отказа в обÑлуживании на "
+#~ "ÑиÑтему."
+
+#~ msgid ""
+#~ "The user's home directory will be created if it does not exist. The files "
+#~ "contained in <replaceable>SKEL_DIR</replaceable> will be copied to the "
+#~ "home directory if the <option>-k</option> option is used, otherwise the "
+#~ "files contained in <filename>/etc/skel</filename> will be used instead. "
+#~ "Any directories contained in <replaceable>SKEL_DIR</replaceable> or "
+#~ "<filename>/etc/skel</filename> will be created in the user's home "
+#~ "directory as well. The <option>-k</option> option is only valid in "
+#~ "conjunction with the <option>-m</option> option. The default is to not "
+#~ "create the directory and to not copy any files."
+#~ msgstr ""
+#~ "ЕÑли домашнего каталога Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð½Ðµ ÑущеÑтвует, то он будет Ñоздан. "
+#~ "Файлы из каталога <replaceable>КÐТÐЛОГ_ШÐБЛОÐ</replaceable> будут "
+#~ "Ñкопированы в домашний каталог, еÑли он указан параметр <option>-k</"
+#~ "option>, иначе будут иÑпользованы файлы из каталога <filename>/etc/skel</"
+#~ "filename>. Ð’Ñе подкаталоги каталога <replaceable>КÐТÐЛОГ_ШÐБЛОÐ</"
+#~ "replaceable> или <filename>/etc/skel</filename> будут также Ñозданы в "
+#~ "домашнем каталоге пользователÑ. Параметр <option>-k</option> можно "
+#~ "иÑпользовать только вмеÑте Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ <option>-m</option>. По "
+#~ "умолчанию, домашний каталог не ÑоздаётÑÑ Ð¸ файлы не копируютÑÑ."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#~ msgid ""
+#~ "Your password must be easily remembered so that you will not be forced to "
+#~ "write it on a piece of paper. This can be accomplished by appending two "
+#~ "small words together and separating each with a special character or "
+#~ "digit. For example, Pass%word."
+#~ msgstr ""
+#~ "Пароль должен легко запоминатьÑÑ, чтобы не было необходимоÑти запиÑывать "
+#~ "его на бумагу. Этого можно доÑтичь Ñоединив два маленьких Ñлова в одно, "
+#~ "разделив их Ñпециальным Ñимволом или цифрой. Ðапример, Pass%word."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#~ msgid ""
+#~ "Other methods of construction involve selecting an easily remembered "
+#~ "phrase from literature and selecting the first or last letter from each "
+#~ "word. An example of this is:"
+#~ msgstr ""
+#~ "Другим методом ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ ÑвлÑетÑÑ Ð²Ñ‹Ð±Ð¾Ñ€ легко запоминающейÑÑ Ñ„Ñ€Ð°Ð·Ñ‹ из "
+#~ "литературы и взÑтие первой или поÑледней буквы каждого Ñлова. Ðапример:"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#~ msgid "Ask not for whom the bell tolls"
+#~ msgstr "Ask not for whom the bell tolls"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#~ msgid "which produces"
+#~ msgstr "получаетÑÑ"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#~ msgid "An4wtbt"
+#~ msgstr "An4wtbt"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#~ msgid ""
+#~ "You may be reasonably sure few crackers will have included this in their "
+#~ "dictionaries. You should, however, select your own methods for "
+#~ "constructing passwords and not rely exclusively on the methods given here."
+#~ msgstr ""
+#~ "Можете быть уверены, что некоторые взломщики включат Ñтот пароль в Ñвои "
+#~ "Ñловари. ПоÑтому вы должны выбрать Ñвои ÑобÑтвенные методы ÑÐ¾Ð·Ð´Ð°Ð½Ð¸Ñ "
+#~ "паролей и не полагатьÑÑ Ð½Ð° методы предложенные здеÑÑŒ."
+
+# type: Content of: <refentry><refsect1><para>
+#~ msgid ""
+#~ "The only restriction placed on the contents of the fields is that no "
+#~ "control characters may be present, nor any of comma, colon, or equal "
+#~ "sign. The <emphasis remap=\"I\">other</emphasis> field does not have this "
+#~ "restriction, and is used to store accounting information used by other "
+#~ "applications."
+#~ msgstr ""
+#~ "ЕдинÑтвенным ограничением значений полей ÑвлÑетÑÑ Ñ‚Ð¾, что они не должны "
+#~ "Ñодержать управлÑющих Ñимволов, запÑÑ‚Ñ‹Ñ…, двоеточий или знака равно. Ðа "
+#~ "поле <emphasis remap=\"I\">другое</emphasis> не дейÑтвует Ñто "
+#~ "ограничение, и оно может иÑпользоватьÑÑ Ð´Ð»Ñ Ñ…Ñ€Ð°Ð½ÐµÐ½Ð¸Ñ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ð¸ об "
+#~ "учётной запиÑи Ð´Ð»Ñ Ð»ÑŽÐ±Ñ‹Ñ… приложений."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "Range of user IDs to choose from for the <command>useradd</command> "
+#~ "program."
+#~ msgstr ""
+#~ "Диапазон идентификаторов пользователей, иÑпользуемый программой "
+#~ "<command>useradd</command>."
+
+#~ msgid ""
+#~ "The <option>-t</option> flag overrides the use of <option>-u</option>."
+#~ msgstr ""
+#~ "Параметр <option>-t</option> отменÑет дейÑтвие параметра <option>-u</"
+#~ "option>."
+
+#~ msgid ""
+#~ "By default, <command>grpck</command> operates on the files <filename>/etc/"
+#~ "group</filename> and <filename>/etc/gshadow</filename>. The user may "
+#~ "select alternate files with the <emphasis remap=\"I\">group</emphasis> "
+#~ "and <emphasis remap=\"I\">shadow</emphasis> parameters. Additionally, the "
+#~ "user may execute the command in read-only mode by specifying the <option>-"
+#~ "r</option> flag. This causes all questions regarding changes to be "
+#~ "answered <emphasis>no</emphasis> without user intervention. "
+#~ "<command>grpck</command> can also sort entries in <filename>/etc/group</"
+#~ "filename> and <filename>/etc/gshadow</filename> by GID. To run it in sort "
+#~ "mode pass it <option>-s</option> flag. No checks are performed then, it "
+#~ "just sorts."
+#~ msgstr ""
+#~ "По умолчанию, команда <command>grpck</command> работает Ñ Ñ„Ð°Ð¹Ð»Ð°Ð¼Ð¸ "
+#~ "<filename>/etc/group</filename> и <filename>/etc/gshadow</filename>. "
+#~ "Пользователь может указать другие файлы Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ параметров <emphasis "
+#~ "remap=\"I\">shadow</emphasis>. Также, пользователь может запуÑтить "
+#~ "команду в режиме только Ð´Ð»Ñ Ñ‡Ñ‚ÐµÐ½Ð¸Ñ, указав параметр <option>-r</option>. "
+#~ "Это приведёт к автоматичеÑкому ответу <emphasis>нет</emphasis> без "
+#~ "Ð¿Ð¾Ð´Ñ‚Ð²ÐµÑ€Ð¶Ð´ÐµÐ½Ð¸Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ. Команда <command>grpck</command> также может "
+#~ "отÑортировать запиÑи в файлах <filename>/etc/group</filename> и "
+#~ "<filename>/etc/gshadow</filename> по номеру группы. Ð”Ð»Ñ Ð·Ð°Ð¿ÑƒÑка режима "
+#~ "Ñортировки укажите параметр <option>-s</option>. Ð’ Ñтом режиме проверка "
+#~ "не выполнÑетÑÑ, производитÑÑ Ñ‚Ð¾Ð»ÑŒÐºÐ¾ Ñортировка."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid "MAIL_DIR USERDEL_CMD"
+#~ msgstr "MAIL_DIR USERDEL_CMD"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><emphasis>
+#~ msgid "MAIL_DIR"
+#~ msgstr "MAIL_DIR"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid "CHFN_AUTH"
+#~ msgstr "CHFN_AUTH"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid "GID_MAX GID_MIN"
+#~ msgstr "GID_MAX GID_MIN"
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "The name of the new user's login shell. The named program will be used "
+#~ "for all future new user accounts."
+#~ msgstr ""
+#~ "Ð˜Ð¼Ñ Ð½Ð¾Ð²Ð¾Ð¹ региÑтрационной оболочки пользователÑ. Ð”Ð°Ð½Ð½Ð°Ñ Ð¿Ñ€Ð¾Ð³Ñ€Ð°Ð¼Ð¼Ð° будет "
+#~ "иÑпользована Ð´Ð»Ñ Ð²Ñех новых пользовательÑких учётных запиÑей."
+
+#~ msgid "-R <placeholder-1/>"
+#~ msgstr "-R <placeholder-1/>"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#~ msgid "user,"
+#~ msgstr "пользователь,"
+
+#~ msgid "-A <placeholder-1/>"
+#~ msgstr "-A <placeholder-1/>"
+
+#~ msgid "-M <placeholder-1/>"
+#~ msgstr "-M <placeholder-1/>"
+
+#~ msgid ""
+#~ "Group administrator can add and delete users using <option>-a</option> "
+#~ "and <option>-d</option> options respectively. Administrators can use "
+#~ "<option>-r</option> option to remove group password. When no password is "
+#~ "set only group members can use <command>newgrp</command> to join the "
+#~ "group. Option <option>-R</option> disables access via a password to the "
+#~ "group through <command>newgrp</command> command (however members will "
+#~ "still be able to switch to this group)."
+#~ msgstr ""
+#~ "ÐдминиÑтратор группы может добавлÑÑ‚ÑŒ и удалÑÑ‚ÑŒ пользователей Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ "
+#~ "параметров <option>-a</option> и <option>-d</option> ÑоответÑтвенно. "
+#~ "ÐдминиÑтраторы могут иÑпользовать параметр <option>-r</option> Ð´Ð»Ñ "
+#~ "ÑƒÐ´Ð°Ð»ÐµÐ½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹. ЕÑли пароль не задан, то только члены группы Ñ "
+#~ "помощью команды <command>newgrp</command> могут войти в группу. Указав "
+#~ "параметр <option>-R</option> можно запретить доÑтуп в группу по паролю Ñ "
+#~ "помощью команды <command>newgrp</command> (однако на членов группы Ñто не "
+#~ "раÑпроÑтранÑетÑÑ)."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
diff --git a/man/po/shadow-man-pages.pot b/man/po/shadow-man-pages.pot
new file mode 100644
index 0000000..05cef7f
--- /dev/null
+++ b/man/po/shadow-man-pages.pot
@@ -0,0 +1,4961 @@
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname) pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname) login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname) userdel.8.xml:50(firstname) useradd.8.xml:61(firstname) suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname) shadow.5.xml:44(firstname) shadow.3.xml:44(firstname) pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname) porttime.5.xml:44(firstname) passwd.5.xml:44(firstname) passwd.1.xml:51(firstname) newusers.8.xml:59(firstname) newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname) login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname) login.1.xml:77(firstname) limits.5.xml:46(firstname) lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname) groups.1.xml:44(firstname) groupmod.8.xml:45(firstname) groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname) groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname) faillog.8.xml:44(firstname) faillog.5.xml:44(firstname) expiry.1.xml:48(firstname) chsh.1.xml:47(firstname) chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname) chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname) useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname) sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname) pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname) passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname) newgrp.1.xml:46(surname) logoutd.8.xml:45(surname) login.defs.5.xml:110(surname) login.access.5.xml:46(surname) login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname) grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname) groupmems.8.xml:49(surname) groupdel.8.xml:46(surname) groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname) faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname) chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email) useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email) sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email) pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email) passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email) newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email) login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email) lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email) groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email) groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email) faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email) chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email) chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib) useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib) sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib) pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib) passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib) newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib) login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib) login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib) groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib) faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib) chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib) chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname) userdel.8.xml:56(firstname) useradd.8.xml:67(firstname) suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname) shadow.5.xml:50(firstname) shadow.3.xml:50(firstname) pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname) porttime.5.xml:50(firstname) passwd.5.xml:50(firstname) passwd.1.xml:57(firstname) nologin.8.xml:39(firstname) newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname) logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname) login.access.5.xml:51(firstname) login.1.xml:83(firstname) limits.5.xml:52(firstname) lastlog.8.xml:51(firstname) gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname) groups.1.xml:50(firstname) groupmod.8.xml:51(firstname) groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname) groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname) faillog.8.xml:50(firstname) faillog.5.xml:50(firstname) expiry.1.xml:54(firstname) chsh.1.xml:53(firstname) chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname) chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname) useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname) sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname) pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname) passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname) newusers.8.xml:66(surname) newgrp.1.xml:52(surname) logoutd.8.xml:51(surname) login.defs.5.xml:116(surname) login.access.5.xml:52(surname) login.1.xml:84(surname) limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname) grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname) groupmems.8.xml:55(surname) groupdel.8.xml:52(surname) groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname) faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname) chsh.1.xml:54(surname) chpasswd.8.xml:55(surname) chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email) useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email) sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email) pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email) passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email) newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email) login.defs.5.xml:117(email) login.access.5.xml:53(email) login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email) gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email) groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email) groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email) faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email) chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email) chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib) useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib) sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib) pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib) passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib) newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib) logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib) login.access.5.xml:54(contrib) login.1.xml:86(contrib) limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib) grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib) groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib) groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib) faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib) chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command) login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr ""
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum) userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable) useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum) pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum) newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum) lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum) groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum) groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable) groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum) faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum) chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr ""
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo) userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo) pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo) nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo) logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo) grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo) groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo) groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo) chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr ""
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo) userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo) suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo) sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo) shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo) pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo) passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo) nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo) newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo) login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo) login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo) lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo) grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo) groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo) groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo) gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo) faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo) chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo) chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo) chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr ""
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr ""
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr ""
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable) usermod.8.xml:78(replaceable) userdel.8.xml:76(arg) useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable) su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable) pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable) pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable) newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable) grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable) groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable) faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable) chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable) chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr ""
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title) useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title) sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title) shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title) porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title) nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title) logoutd.8.xml:75(title) login.defs.5.xml:134(title) login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title) lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title) groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title) groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title) faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title) chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title) chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr ""
+
+#: vipw.8.xml:90(para)
+msgid "The <command>vipw</command> and <command>vigr</command> commands edits the files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, respectively. With the <option>-s</option> flag, they will edit the shadow versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/gshadow</filename>, respectively. The programs will set the appropriate locks to prevent file corruption. When looking for an editor, the programs will first try the environment variable <envar>$VISUAL</envar>, then the environment variable <envar>$EDITOR</envar>, and finally the default editor, <citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title) useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title) pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title) login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title) groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title) groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title) expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title) chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr ""
+
+#: vipw.8.xml:108(para)
+msgid "The options which apply to the <command>vipw</command> and <command>vigr</command> commands are:"
+msgstr ""
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr ""
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr ""
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term) pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term) newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term) groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term) groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term) expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term) chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr ""
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para) groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr ""
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr ""
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr ""
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr ""
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr ""
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term) grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid "<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>"
+msgstr ""
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para) grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid "Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use the configuration files from the <replaceable>CHROOT_DIR</replaceable> directory."
+msgstr ""
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr ""
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr ""
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr ""
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr ""
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title) useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr ""
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para) useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para) groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para) chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para) chage.1.xml:245(para)
+msgid "The following configuration variables in <filename>/etc/login.defs</filename> change the behavior of this tool:"
+msgstr ""
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr ""
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid "If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing scheme will be used."
+msgstr ""
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr ""
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr ""
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr ""
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr ""
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr ""
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title) useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) newgrp.1.xml:121(title) logoutd.8.xml:89(title) login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr ""
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename) userdel.8.xml:191(filename) useradd.8.xml:690(filename) sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) grpck.8.xml:224(filename) groups.1.xml:103(filename) groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr ""
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para) useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para) gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr ""
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename) useradd.8.xml:696(filename) sg.1.xml:131(filename) newusers.8.xml:418(filename) newgrp.1.xml:142(filename) gshadow.5.xml:165(filename) grpck.8.xml:230(filename) groupmod.8.xml:214(filename) groupmems.8.xml:220(filename) groupdel.8.xml:149(filename) groupadd.8.xml:242(filename) gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename) chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr ""
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para) sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr ""
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename) userdel.8.xml:203(filename) useradd.8.xml:678(filename) su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) pwck.8.xml:278(filename) passwd.5.xml:144(filename) passwd.1.xml:411(filename) newusers.8.xml:400(filename) newgrp.1.xml:124(filename) login.1.xml:353(filename) grpck.8.xml:236(filename) groupmod.8.xml:226(filename) expiry.1.xml:124(filename) chsh.1.xml:170(filename) chpasswd.8.xml:258(filename) chfn.1.xml:216(filename) chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr ""
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para) useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para) expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para) chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr ""
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename) userdel.8.xml:209(filename) useradd.8.xml:684(filename) su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) shadow.3.xml:229(filename) pwck.8.xml:284(filename) passwd.5.xml:150(filename) passwd.1.xml:417(filename) newusers.8.xml:406(filename) newgrp.1.xml:130(filename) login.1.xml:359(filename) expiry.1.xml:130(filename) chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr ""
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para) useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para) chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr ""
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title) useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title) newusers.8.xml:451(title) newgrp.1.xml:151(title) login.defs.5.xml:534(title) login.access.5.xml:133(title) login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title) grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title) groupmems.8.xml:229(title) groupdel.8.xml:197(title) groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title) faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title) chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title) chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr ""
+
+#: vipw.8.xml:226(para)
+msgid "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></citerefentry><citerefentry condition=\"tcb\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname) useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname) shadow.5.xml:39(firstname) shadow.3.xml:39(firstname) pwck.8.xml:45(firstname) porttime.5.xml:39(firstname) passwd.5.xml:39(firstname) passwd.1.xml:46(firstname) newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname) logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname) login.1.xml:72(firstname) lastlog.8.xml:40(firstname) grpck.8.xml:40(firstname) groups.1.xml:39(firstname) groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname) groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname) faillog.5.xml:39(firstname) expiry.1.xml:43(firstname) chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname) chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname) useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname) shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname) porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname) newusers.8.xml:55(surname) newgrp.1.xml:41(surname) logoutd.8.xml:40(surname) login.defs.5.xml:105(surname) login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname) groupmod.8.xml:41(surname) groupdel.8.xml:41(surname) groupadd.8.xml:43(surname) faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib) useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib) newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib) login.defs.5.xml:106(contrib) groups.1.xml:41(contrib) groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib) groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname) usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr ""
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr ""
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable) useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable) chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable) chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr ""
+
+#: usermod.8.xml:86(para)
+msgid "The <command>usermod</command> command modifies the system account files to reflect the changes that are specified on the command line."
+msgstr ""
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr ""
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr ""
+
+#: usermod.8.xml:104(para)
+msgid "Add the user to the supplementary group(s). Use only with the <option>-G</option> option."
+msgstr ""
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid "<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:115(para)
+msgid "The new value of the user's password file comment field. It is normally modified using the <citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+
+#: usermod.8.xml:124(term)
+msgid "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr ""
+
+#: usermod.8.xml:131(para)
+msgid "If the <option>-m</option> option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist."
+msgstr ""
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid "<option>-e</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid "The date on which the user account will be disabled. The date is specified in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+
+#: usermod.8.xml:148(para)
+msgid "An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the expiration of the account."
+msgstr ""
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid "This option requires a <filename>/etc/shadow</filename> file. A <filename>/etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid "<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:164(para)
+msgid "The number of days after a password expires until the account is permanently disabled."
+msgstr ""
+
+#: usermod.8.xml:168(para)
+msgid "A value of 0 disables the account as soon as the password has expired, and a value of -1 disables the feature."
+msgstr ""
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid "<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:185(para)
+msgid "The group name or number of the user's new initial login group. The group must exist."
+msgstr ""
+
+#: usermod.8.xml:189(para)
+msgid "Any file from the user's home directory owned by the previous primary group of the user will be owned by this new group."
+msgstr ""
+
+#: usermod.8.xml:193(para)
+msgid "The group ownership of files outside of the user's home directory must be fixed manually."
+msgstr ""
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid "<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I\">,GROUPN</emphasis>]]]"
+msgstr ""
+
+#: usermod.8.xml:204(para)
+msgid "A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the <option>-g</option> option."
+msgstr ""
+
+#: usermod.8.xml:211(para)
+msgid "If the user is currently a member of a group which is not listed, the user will be removed from the group. This behaviour can be changed via the <option>-a</option> option, which appends the user to the current supplementary group list."
+msgstr ""
+
+#: usermod.8.xml:220(term)
+msgid "<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:224(para)
+msgid "The name of the user will be changed from <replaceable>LOGIN</replaceable> to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In particular, the user's home directory or mail spool should probably be renamed manually to reflect the new login name."
+msgstr ""
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr ""
+
+#: usermod.8.xml:238(para)
+msgid "Lock a user's password. This puts a '!' in front of the encrypted password, effectively disabling the password. You can't use this option with <option>-p</option> or <option>-U</option>."
+msgstr ""
+
+#: usermod.8.xml:244(para)
+msgid "Note: if you wish to lock the account (not only access with a password), you should also set the <replaceable>EXPIRE_DATE</replaceable> to <replaceable>1</replaceable>."
+msgstr ""
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr ""
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+
+#: usermod.8.xml:261(para)
+msgid "This option is only valid in combination with the <option>-d</option> (or <option>--home</option>) option."
+msgstr ""
+
+#: usermod.8.xml:265(para)
+msgid "<command>usermod</command> will try to adapt the ownership of the files and to copy the modes, ACL and extended attributes, but manual changes might be needed afterwards."
+msgstr ""
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term) groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr ""
+
+#: usermod.8.xml:277(para)
+msgid "When used with the <option>-u</option> option, this option allows to change the user ID to a non-unique value."
+msgstr ""
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term) groupadd.8.xml:167(term)
+msgid "<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid "The encrypted password, as returned by <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para) groupadd.8.xml:176(para)
+msgid "<emphasis role=\"bold\">Note:</emphasis> This option is not recommended because the password (or encrypted password) will be visible by users listing the processes."
+msgstr ""
+
+#: usermod.8.xml:298(para)
+msgid "The password will be written in the local <filename>/etc/passwd</filename> or <filename>/etc/shadow</filename> file. This might differ from the password database configured in your PAM configuration."
+msgstr ""
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para) groupadd.8.xml:181(para)
+msgid "You should make sure the password respects the system's password policy."
+msgstr ""
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term) su.1.xml:187(term) chsh.1.xml:119(term)
+msgid "<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid "The name of the user's new login shell. Setting this field to blank causes the system to select the default login shell."
+msgstr ""
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr ""
+
+#: usermod.8.xml:341(para)
+msgid "This value must be unique, unless the <option>-o</option> option is used. The value must be non-negative."
+msgstr ""
+
+#: usermod.8.xml:346(para)
+msgid "The user's mailbox, and any files which the user owns and which are located in the user's home directory will have the file user ID changed automatically."
+msgstr ""
+
+#: usermod.8.xml:351(para)
+msgid "The ownership of files outside of the user's home directory must be fixed manually."
+msgstr ""
+
+#: usermod.8.xml:355(para)
+msgid "No checks will be performed with regard to the <option>UID_MIN</option>, <option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or <option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr ""
+
+#: usermod.8.xml:368(para)
+msgid "Unlock a user's password. This removes the '!' in front of the encrypted password. You can't use this option with <option>-p</option> or <option>-L</option>."
+msgstr ""
+
+#: usermod.8.xml:373(para)
+msgid "Note: if you wish to unlock the account (not only access with a password), you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+
+#: usermod.8.xml:384(term)
+msgid "<option>-v</option>, <option>--add-subuids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid "This option may be specified multiple times to add multiple ranges to a users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+msgid "No checks will be performed with regard to <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/login.defs."
+msgstr ""
+
+#: usermod.8.xml:402(term)
+msgid "<option>-V</option>, <option>--del-subuids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid "This option may be specified multiple times to remove multiple ranges to a users account. When both <option>--del-subuids</option> and <option>--add-subuids</option> are specified, the removal of all subordinate uid ranges happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+msgid "<option>-w</option>, <option>--add-subgids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+msgid "No checks will be performed with regard to <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/login.defs."
+msgstr ""
+
+#: usermod.8.xml:440(term)
+msgid "<option>-W</option>, <option>--del-subgids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:444(para)
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:447(para)
+msgid "This option may be specified multiple times to remove multiple ranges to a users account. When both <option>--del-subgids</option> and <option>--add-subgids</option> are specified, the removal of all subordinate gid ranges happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>&nbsp;<replaceable>SEUSER</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+
+#: usermod.8.xml:467(para)
+msgid "A blank <replaceable>SEUSER</replaceable> will remove the SELinux user mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title) groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr ""
+
+#: usermod.8.xml:479(para)
+msgid "You must make certain that the named user is not executing any processes when this command is being executed if the user's numerical user ID, the user's name, or the user's home directory is being changed. <command>usermod</command> checks this on Linux. On other platforms it only uses utmp to check if the user is logged in."
+msgstr ""
+
+#: usermod.8.xml:486(para)
+msgid "You must change the owner of any <command>crontab</command> files or <command>at</command> jobs manually."
+msgstr ""
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr ""
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "The mail spool directory. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted. If not specified, a compile-time default is used."
+msgstr ""
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term) su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr ""
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para) su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid "Defines the location of the users mail spool files relatively to their home directory."
+msgstr ""
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para) su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid "The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are used by <command>useradd</command>, <command>usermod</command>, and <command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para) su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid "If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</replaceable>, they are also used to define the <envar>MAIL</envar> environment variable."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term) pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term) grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term) groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para) pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para) grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para) groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para) chgpasswd.8.xml:32(para)
+msgid "Maximum members per group entry. When the maximum is reached, a new group entry (line) is started in <filename>/etc/group</filename> (with the same name, same password, and same GID)."
+msgstr ""
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para) pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para) grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para) groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para) chgpasswd.8.xml:37(para)
+msgid "The default value is 0, meaning that there are no limits in the number of members in a group."
+msgstr ""
+
+#. Note: on HP, split groups have the same ID, but different
+#. names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para) pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para) grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para) groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para) chgpasswd.8.xml:43(para)
+msgid "This feature (split group) permits to limit the length of lines in the group file. This is useful to make sure that lines for NIS groups are not larger than 1024 characters."
+msgstr ""
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para) pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para) grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para) groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para) chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para) pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para) grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para) groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para) chgpasswd.8.xml:51(para)
+msgid "Note: split groups may not be supported by all tools (even in the Shadow toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid "If <filename>/etc/subuid</filename> exists, the commands <command>useradd</command> and <command>newusers</command> (unless the user already have subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+msgid "The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid "If <filename>/etc/subuid</filename> exists, the commands <command>useradd</command> and <command>newusers</command> (unless the user already have subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+msgid "The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr ""
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting) useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting) login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid "\nif ( UID is less than 1000) {\n use /etc/tcb/user\n} else if ( UID is less than 1000000) {\n kilos = UID / 1000\n use /etc/tcb/:kilos/user\n make symlink /etc/tcb/user to the above directory\n} else {\n megas = UID / 1000000\n kilos = ( UID / megas * 1000000 ) / 1000\n use /etc/tcb/:megas/:kilos/user\n make symlink /etc/tcb/user to the above directory\n}\n "
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid "If <replaceable>yes</replaceable>, the location of the user tcb directory to be created will not be automatically set to /etc/tcb/user, but will be computed depending on the UID of the user, according to the following algorithm: <placeholder-1/>"
+msgstr ""
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename) useradd.8.xml:726(filename) su.1.xml:382(filename) pwconv.8.xml:253(filename) passwd.1.xml:423(filename) newusers.8.xml:424(filename) login.access.5.xml:124(filename) login.1.xml:389(filename) groupmod.8.xml:220(filename) groupadd.8.xml:248(filename) chsh.1.xml:182(filename) chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename) chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr ""
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para) su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr ""
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename) useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+msgid "/etc/subgid"
+msgstr ""
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para) newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename) useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+msgid "/etc/subuid"
+msgstr ""
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para) newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition=\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname) userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr ""
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr ""
+
+#: userdel.8.xml:85(para)
+msgid "The <command>userdel</command> command modifies the system account files, deleting all entries that refer to the user name <emphasis remap=\"I\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr ""
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr ""
+
+#: userdel.8.xml:103(para)
+msgid "This option forces the removal of the user account, even if the user is still logged in. It also forces <command>userdel</command> to remove the user's home directory and mail spool, even if another user uses the same home directory or if the mail spool is not owned by the specified user. If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</emphasis> in <filename>/etc/login.defs</filename> and if a group exists with the same name as the deleted user, then this group will be removed, even if it is still the primary group of another user."
+msgstr ""
+
+#: userdel.8.xml:116(para)
+msgid "<emphasis>Note:</emphasis> This option is dangerous and may leave your system in an inconsistent state."
+msgstr ""
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr ""
+
+#: userdel.8.xml:133(para)
+msgid "Files in the user's home directory will be removed along with the home directory itself and the user's mail spool. Files located in other file systems will have to be searched for and deleted manually."
+msgstr ""
+
+#: userdel.8.xml:139(para)
+msgid "The mail spool is defined by the <option>MAIL_DIR</option> variable in the <filename>login.defs</filename> file."
+msgstr ""
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr ""
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr ""
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid "If defined, this command is run when removing a user. It should remove any at/cron/print jobs etc. owned by the user to be removed (passed as the first argument)."
+msgstr ""
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr ""
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid "\n#! /bin/sh\n\n# Check for the required argument.\nif [ $# != 1 ]; then\n\techo \"Usage: $0 username\"\n\texit 1\nfi\n\n# Remove cron jobs.\ncrontab -r -u $1\n\n# Remove at jobs.\n# Note that it will remove any jobs owned by the same UID,\n# even if it was shared by a different username.\nAT_SPOOL_DIR=/var/spool/cron/atjobs\nfind $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n\n# Remove print jobs.\nlprm $1\n\n# All done.\nexit 0\n "
+msgstr ""
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid "Here is an example script, which removes the user's cron, at and print jobs: <placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr ""
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable setting of the umask group bits to be the same as owner bits (examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is the same as gid, and username is the same as the primary group name."
+msgstr ""
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If set to <replaceable>yes</replaceable>, <command>userdel</command> will remove the user's group if it contains no more members, and <command>useradd</command> will create by default a group with the name of the user."
+msgstr ""
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title) pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title) groupmod.8.xml:235(title) groupdel.8.xml:158(title) groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr ""
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable) su.1.xml:410(replaceable) pwck.8.xml:298(replaceable) passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable) groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable) groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr ""
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para) passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para) groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr ""
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable) su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum) pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum) passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum) login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable) groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum) expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum) chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr ""
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr ""
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable) pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable) grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable) groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable) chage.1.xml:295(replaceable)
+msgid "2"
+msgstr ""
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para) grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para) groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr ""
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable) pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable) groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr ""
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr ""
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr ""
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable) groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable) groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr ""
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para) groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr ""
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr ""
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr ""
+
+#: userdel.8.xml:231(para)
+msgid "The <command>userdel</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:282(para)
+msgid "<command>userdel</command> will not allow you to remove an account if there are running processes which belong to this account. In that case, you may have to kill those processes or lock the user's password or account and remove the account later. The <option>-f</option> option can force the deletion of this account."
+msgstr ""
+
+#: userdel.8.xml:289(para)
+msgid "You should manually check all file systems to ensure that no files remain owned by this user."
+msgstr ""
+
+#: userdel.8.xml:293(para)
+msgid "You may not remove any NIS attributes on a NIS client. This must be performed on the NIS server."
+msgstr ""
+
+#: userdel.8.xml:296(para)
+msgid "If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</command> will delete the group with the same name as the user. To avoid inconsistencies in the passwd and group databases, <command>userdel</command> will check that this group is not used as a primary group for another user, and will just warn without deleting the group otherwise. The <option>-f</option> option can force the deletion of this group."
+msgstr ""
+
+#: userdel.8.xml:309(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition=\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname) useradd.8.xml:86(command) useradd.8.xml:93(command) useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr ""
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr ""
+
+#: useradd.8.xml:107(para)
+msgid "When invoked without the <option>-D</option> option, the <command>useradd</command> command creates a new user account using the values specified on the command line plus the default values from the system. Depending on command line options, the <command>useradd</command> command will update system files and may also create the new user's home directory and copy initial files."
+msgstr ""
+
+#: useradd.8.xml:116(para)
+msgid "By default, a group will also be created for the new user (see <option>-g</option>, <option>-N</option>, <option>-U</option>, and <option>USERGROUPS_ENAB</option>)."
+msgstr ""
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr ""
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid "<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:133(para)
+msgid "The default base directory for the system if <option>-d</option>&nbsp;<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</replaceable> is concatenated with the account name to define the home directory. If the <option>-m</option> option is not used, <replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+
+#: useradd.8.xml:140(para)
+msgid "If this option is not specified, <command>useradd</command> will use the base directory specified by the <option>HOME</option> variable in <filename>/etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+
+#: useradd.8.xml:154(para)
+msgid "Any text string. It is generally a short description of the login, and is currently used as the field for the user's full name."
+msgstr ""
+
+#: useradd.8.xml:162(term)
+msgid "<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:166(para)
+msgid "The new user will be created using <replaceable>HOME_DIR</replaceable> as the value for the user's login directory. The default is to append the <replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> and use that as the login directory name. The directory <replaceable>HOME_DIR</replaceable> does not have to exist but will not be created if it is missing."
+msgstr ""
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr ""
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr ""
+
+#: useradd.8.xml:196(para)
+msgid "If not specified, <command>useradd</command> will use the default expiry date specified by the <option>EXPIRE</option> variable in <filename>/etc/default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+
+#: useradd.8.xml:209(para)
+msgid "The number of days after a password expires until the account is permanently disabled. A value of 0 disables the account as soon as the password has expired, and a value of -1 disables the feature."
+msgstr ""
+
+#: useradd.8.xml:215(para)
+msgid "If not specified, <command>useradd</command> will use the default inactivity period specified by the <option>INACTIVE</option> variable in <filename>/etc/default/useradd</filename>, or -1 by default."
+msgstr ""
+
+#: useradd.8.xml:228(para)
+msgid "The group name or number of the user's initial login group. The group name must exist. A group number must refer to an already existing group."
+msgstr ""
+
+#: useradd.8.xml:233(para)
+msgid "If not specified, the behavior of <command>useradd</command> will depend on the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</filename>. If this variable is set to <replaceable>yes</replaceable> (or <option>-U/--user-group</option> is specified on the command line), a group will be created for the user, with the same name as her loginname. If the variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-group</option> is specified on the command line), useradd will set the primary group of the new user to the value specified by the <option>GROUP</option> variable in <filename>/etc/default/useradd</filename>, or 100 by default."
+msgstr ""
+
+#: useradd.8.xml:255(para)
+msgid "A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the <option>-g</option> option. The default is for the user to belong only to the initial group."
+msgstr ""
+
+#: useradd.8.xml:272(term)
+msgid "<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:276(para)
+msgid "The skeleton directory, which contains files and directories to be copied in the user's home directory, when the home directory is created by <command>useradd</command>."
+msgstr ""
+
+#: useradd.8.xml:281(para)
+msgid "This option is only valid if the <option>-m</option> (or <option>--create-home</option>) option is specified."
+msgstr ""
+
+#: useradd.8.xml:285(para)
+msgid "If this option is not set, the skeleton directory is defined by the <option>SKEL</option> variable in <filename>/etc/default/useradd</filename> or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr ""
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:301(para)
+msgid "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</option>, <option>UID_MAX</option>, <option>UMASK</option>, <option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: <option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable> can be used when creating system account to turn off password aging, even though system account has no password at all. Multiple <option>-K</option> options can be specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr ""
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr ""
+
+#: useradd.8.xml:327(para)
+msgid "By default, the user's entries in the lastlog and faillog databases are reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr ""
+
+#: useradd.8.xml:339(para)
+msgid "Create the user's home directory if it does not exist. The files and directories contained in the skeleton directory (which can be defined with the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+
+#: useradd.8.xml:345(para)
+msgid "By default, if this option is not specified and <option>CREATE_HOME</option> is not enabled, no home directories are created."
+msgstr ""
+
+#: useradd.8.xml:353(term)
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr ""
+
+#: useradd.8.xml:357(para)
+msgid "Do no create the user's home directory, even if the system wide setting from <filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set to <replaceable>yes</replaceable>."
+msgstr ""
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr ""
+
+#: useradd.8.xml:370(para)
+msgid "Do not create a group with the same name as the user, but add the user to the group specified by the <option>-g</option> option or by the <option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid "The default behavior (if the <option>-g</option>, <option>-N</option>, and <option>-U</option> options are not specified) is defined by the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+
+#: useradd.8.xml:390(para)
+msgid "This option is only valid in combination with the <option>-u</option> option."
+msgstr ""
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid "The encrypted password, as returned by <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to disable the password."
+msgstr ""
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr ""
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr ""
+
+#: useradd.8.xml:425(para)
+msgid "System users will be created with no aging information in <filename>/etc/shadow</filename>, and their numeric identifiers are chosen in the <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in <filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-<option>UID_MAX</option> (and their <option>GID</option> counterparts for the creation of groups)."
+msgstr ""
+
+#: useradd.8.xml:434(para)
+msgid "Note that <command>useradd</command> will not create a home directory for such a user, regardless of the default setting in <filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>). You have to specify the <option>-m</option> options if you want a home directory for a system account to be created."
+msgstr ""
+
+#: useradd.8.xml:461(para)
+msgid "The name of the user's login shell. The default is to leave this field blank, which causes the system to select the default login shell specified by the <option>SHELL</option> variable in <filename>/etc/default/useradd</filename>, or an empty string by default."
+msgstr ""
+
+#: useradd.8.xml:475(para)
+msgid "The numerical value of the user's ID. This value must be unique, unless the <option>-o</option> option is used. The value must be non-negative. The default is to use the smallest ID value greater than or equal to <option>UID_MIN</option> and greater than every other user."
+msgstr ""
+
+#: useradd.8.xml:482(para)
+msgid "See also the <option>-r</option> option and the <option>UID_MAX</option> description."
+msgstr ""
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr ""
+
+#: useradd.8.xml:493(para)
+msgid "Create a group with the same name as the user, and add the user to this group."
+msgstr ""
+
+#: useradd.8.xml:510(para)
+msgid "The SELinux user for the user's login. The default is to leave this field blank, which causes the system to select the default SELinux user."
+msgstr ""
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr ""
+
+#: useradd.8.xml:521(para)
+msgid "When invoked with only the <option>-D</option> option, <command>useradd</command> will display the current default values. When invoked with <option>-D</option> plus other options, <command>useradd</command> will update the default values for the specified options. Valid default-changing options are:"
+msgstr ""
+
+#: useradd.8.xml:534(para)
+msgid "The path prefix for a new user's home directory. The user's name will be affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new user's home directory name, if the <option>-d</option> option is not used when creating a new account."
+msgstr ""
+
+#: useradd.8.xml:541(para)
+msgid "This option sets the <option>HOME</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr ""
+
+#: useradd.8.xml:553(para)
+msgid "This option sets the <option>EXPIRE</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:564(para)
+msgid "The number of days after a password has expired before the account will be disabled."
+msgstr ""
+
+#: useradd.8.xml:568(para)
+msgid "This option sets the <option>INACTIVE</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:579(para)
+msgid "The group name or ID for a new user's initial group (when the <option>-N/--no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> variable is set to <replaceable>no</replaceable> in <filename>/etc/login.defs</filename>). The named group must exist, and a numerical group ID must have an existing entry."
+msgstr ""
+
+#: useradd.8.xml:588(para)
+msgid "This option sets the <option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr ""
+
+#: useradd.8.xml:602(para)
+msgid "This option sets the <option>SHELL</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr ""
+
+#: useradd.8.xml:615(para)
+msgid "The system administrator is responsible for placing the default user files in the <filename>/etc/skel/</filename> directory (or any other skeleton directory specified in <filename>/etc/default/useradd</filename> or on the command line)."
+msgstr ""
+
+#: useradd.8.xml:624(para)
+msgid "You may not add a user to a NIS or LDAP group. This must be performed on the corresponding server."
+msgstr ""
+
+#: useradd.8.xml:629(para)
+msgid "Similarly, if the username already exists in an external user database such as NIS or LDAP, <command>useradd</command> will deny the user account creation request."
+msgstr ""
+
+#: useradd.8.xml:635(para)
+msgid "Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes. They can end with a dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr ""
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr ""
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid "Indicate if a home directory should be created by default for new users."
+msgstr ""
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid "This setting does not apply to system users, and can be overridden on the command line."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term) groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term) groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para) groupadd.8.xml:35(para)
+msgid "Range of group IDs used for the creation of regular groups by <command>useradd</command>, <command>groupadd</command>, or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para) groupadd.8.xml:40(para)
+msgid "The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid "The maximum number of days a password may be used. If the password is older than this, a password change will be forced. If not specified, -1 will be assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid "The minimum number of days allowed between password changes. Any password changes attempted sooner than this will be rejected. If not specified, -1 will be assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid "The number of days warning given before a password expires. A zero means warning is given only upon the day of expiration, a negative value means no warning is given. If not specified, no warning will be provided."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term) groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term) groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para) groupadd.8.xml:33(para)
+msgid "Range of group IDs used for the creation of system groups by <command>useradd</command>, <command>groupadd</command>, or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para) groupadd.8.xml:38(para)
+msgid "The default value for <option>SYS_GID_MIN</option> (resp. <option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid "Range of user IDs used for the creation of system users by <command>useradd</command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid "The default value for <option>SYS_UID_MIN</option> (resp. <option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr ""
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid "If <replaceable>yes</replaceable>, newly created tcb shadow files will be group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid "Range of user IDs used for the creation of regular users by <command>useradd</command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid "The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "The file mode creation mask is initialized to this value. If not specified, the mask will be initialized to 022."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "<command>useradd</command> and <command>newusers</command> use this mask to set the mode of the home directory they create"
+msgstr ""
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "It is also used by <command>login</command> to define users' initial umask. Note that this mask can be overridden by the user's GECOS line (if <option>QUOTAS_ENAB</option> is set) or by the specification of a limit with the <emphasis>K</emphasis> identifier in <citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid "It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr ""
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr ""
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr ""
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr ""
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum) pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable) grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable) groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr ""
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para) groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr ""
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable) passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable) groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr ""
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr ""
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para) groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr ""
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable) groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr ""
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr ""
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr ""
+
+#: useradd.8.xml:794(replaceable)
+msgid "14"
+msgstr ""
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid "The <command>useradd</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: useradd.8.xml:805(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition=\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib) login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr ""
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum) pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum) passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable) login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum) limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum) grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr ""
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo) porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo) login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo) limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo) faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr ""
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr ""
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr ""
+
+#: suauth.5.xml:76(para)
+msgid "The file <filename>/etc/suauth</filename> is referenced whenever the su command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, no-wrap
+msgid "\n 1) the user su is targeting\n "
+msgstr ""
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid "2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+
+#: suauth.5.xml:92(para)
+msgid "The file is formatted like this, with lines starting with a # being treated as comment lines and ignored;"
+msgstr ""
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid "\n to-id:from-id:ACTION\n "
+msgstr ""
+
+#: suauth.5.xml:101(para)
+msgid "Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by a list of usernames delimited by \",\"."
+msgstr ""
+
+#: suauth.5.xml:107(para)
+msgid "from-id is formatted the same as to-id except the extra word <emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> appears one or more group names, delimited by \",\". It is not sufficient to have primary group id of the relevant group, an entry in <citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</manvolnum></citerefentry> is necessary."
+msgstr ""
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr ""
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr ""
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr ""
+
+#: suauth.5.xml:137(para)
+msgid "The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr ""
+
+#: suauth.5.xml:148(para)
+msgid "For the su command to be successful, the user must enter his or her own password. They are told this."
+msgstr ""
+
+#: suauth.5.xml:156(para)
+msgid "Note there are three separate fields delimited by a colon. No whitespace must surround this colon. Also note that the file is examined sequentially line by line, and the first applicable rule is used without examining the file further. This makes it possible for a system administrator to exercise as fine control as he or she wishes."
+msgstr ""
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr ""
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid "\n # sample /etc/suauth file\n #\n # A couple of privileged usernames may\n # su to root with their own password.\n #\n root:chris,birddog:OWNPASS\n #\n # Anyone else may not su to root unless in\n # group wheel. This is how BSD does things.\n #\n root:ALL EXCEPT GROUP wheel:DENY\n #\n # Perhaps terry and birddog are accounts\n # owned by the same person.\n # Access can be arranged between them\n # with no password.\n #\n terry:birddog:NOPASS\n birddog:terry:NOPASS\n #\n "
+msgstr ""
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr ""
+
+#: suauth.5.xml:204(para)
+msgid "There could be plenty lurking. The file parser is particularly unforgiving about syntax errors, expecting no spurious whitespace (apart from beginning and end of lines), and a specific token delimiting different things."
+msgstr ""
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr ""
+
+#: suauth.5.xml:214(para)
+msgid "An error parsing the file is reported using <citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+
+#: suauth.5.xml:223(para)
+msgid "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib) porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command) login.defs.5.xml:446(term)
+msgid "su"
+msgstr ""
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo) passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo) login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo) gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo) chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo) chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr ""
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr ""
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable) login.1.xml:115(replaceable)
+msgid "username"
+msgstr ""
+
+#: su.1.xml:100(para)
+msgid "The <command>su</command> command is used to become another user during a login session. Invoked without a <option>username</option>, <command>su</command> defaults to becoming the superuser. The optional argument <option>-</option> may be used to provide an environment similar to what the user would expect had the user logged in directly."
+msgstr ""
+
+#: su.1.xml:109(para)
+msgid "Additional arguments may be provided after the username, in which case they are supplied to the user's login shell. In particular, an argument of <option>-c</option> will cause the next argument to be treated as a command by most command interpreters. The command will be executed by the shell specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+
+#: su.1.xml:118(para)
+msgid "You can use the <option>--</option> argument to separate <command>su</command> options from the arguments supplied to the shell."
+msgstr ""
+
+#: su.1.xml:123(para)
+msgid "The user will be prompted for a password, if appropriate. Invalid passwords will produce an error message. All attempts, both valid and invalid, are logged to detect abuse of the system."
+msgstr ""
+
+#: su.1.xml:128(para)
+msgid "The current environment is passed to the new shell. The value of <envar>$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the superuser. This may be changed with the <option>ENV_PATH</option> and <option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid "A subsystem login is indicated by the presence of a \"*\" as the first character of the login shell. The given home directory will be used as the root of a new file system which the user is actually logged into."
+msgstr ""
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr ""
+
+#: su.1.xml:150(term)
+msgid "<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</replaceable>"
+msgstr ""
+
+#: su.1.xml:154(para)
+msgid "Specify a command that will be invoked by the shell using its <option>-c</option>."
+msgstr ""
+
+#: su.1.xml:158(para)
+msgid "The executed command will have no controlling terminal. This option cannot be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr ""
+
+#: su.1.xml:172(para)
+msgid "Provide an environment similar to what the user would expect had the user logged in directly."
+msgstr ""
+
+#: su.1.xml:176(para)
+msgid "When <option>-</option> is used, it must be specified before any <option>username</option>. For portability it is recommended to use it as last option, before any <option>username</option>. The other forms (<option>-l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr ""
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr ""
+
+#: su.1.xml:202(para)
+msgid "If <option>--preserve-environment</option> is used, the shell specified by the <envar>$SHELL</envar> environment variable."
+msgstr ""
+
+#: su.1.xml:209(para)
+msgid "The shell indicated in the <filename>/etc/passwd</filename> entry for the target user."
+msgstr ""
+
+#: su.1.xml:215(para)
+msgid "<filename>/bin/sh</filename> if a shell could not be found by any above method."
+msgstr ""
+
+#: su.1.xml:192(para)
+msgid "The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:220(para)
+msgid "If the target user has a restricted shell (i.e. the shell field of this user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/etc/shells</filename>), then the <option>--shell</option> option or the <envar>$SHELL</envar> environment variable won't be taken into account, unless <command>su</command> is called by root."
+msgstr ""
+
+#: su.1.xml:231(term)
+msgid "<option>-m</option>, <option>-p</option>, <option>--preserve-environment</option>"
+msgstr ""
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr ""
+
+#: su.1.xml:242(para)
+msgid "reset according to the <filename>/etc/login.defs</filename> options <option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr ""
+
+#: su.1.xml:253(para)
+msgid "reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was set."
+msgstr ""
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:262(para)
+msgid "If the target user has a restricted shell, this option has no effect (unless <command>su</command> is called by root)."
+msgstr ""
+
+#: su.1.xml:271(para)
+msgid "The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> environment variables are reset."
+msgstr ""
+
+#: su.1.xml:280(para)
+msgid "If <option>--login</option> is not used, the environment is copied, except for the variables above."
+msgstr ""
+
+#: su.1.xml:287(para)
+msgid "If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> environment variables are copied if they were set."
+msgstr ""
+
+#: su.1.xml:297(para)
+msgid "If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</envar>, and <envar>$MAIL</envar> environment variables are set according to the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, <option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</option> (see below)."
+msgstr ""
+
+#: su.1.xml:310(para)
+msgid "If <option>--login</option> is used, other environment variables might be set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr ""
+
+#: su.1.xml:266(para)
+msgid "Note that the default behavior for the environment is the following: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:332(para)
+msgid "This version of <command>su</command> has many compilation options, only some of which may be in use at any particular site."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, either full pathname of a file containing device names (one per line) or a \":\" delimited list of device names. Root logins will be allowed only upon these devices."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "List of groups to add to the user's supplementary groups set when logging in on the console (as determined by the CONSOLE setting). Default is none. <placeholder-1/> Use with caution - it is possible for users to gain permanent access to these groups, even when not logged in on the console."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Indicate if login is allowed if we can't cd to the home directory. Default is no."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "If set to <replaceable>yes</replaceable>, the user will login in the root (<filename>/</filename>) directory if it is not possible to cd to her home directory."
+msgstr ""
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr ""
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid "If set, it will be used to define the HZ environment variable when a user login. The value must be preceded by <replaceable>HZ=</replaceable>. A common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid "The <envar>HZ</envar> environment variable is only set when the user (the superuser) logs in with <command>sulogin</command>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If this file exists and is readable, login environment will be read from it. Every line should be in the form name=value."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If set, it will be used to define the PATH environment variable when a regular user login. The value is a colon separated list of paths (for example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by <replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/bin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If set, it will be used to define the PATH environment variable when the superuser login. The value is a colon separated list of paths (for example <replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be preceded by <replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If set, it will be used to define the TZ environment variable when a user login. The value can be the name of a timezone preceded by <replaceable>TZ=</replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the full path to the file containing the timezone specification (for example <filename>/etc/tzname</filename>)."
+msgstr ""
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid "If a full path is specified but the file does not exist or cannot be read, the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term) chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para) chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid "The string used for prompting a password. The default is to use \"Password: \", or a translation of that string. If you set this variable, the prompt will not be translated."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para) chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid "If the string contains <replaceable>%s</replaceable>, this will be replaced by the user's name."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid "You should disable it if the shell startup files already check for mail (\"mailx -e\" or equivalent)."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable setting of resource limits from <filename>/etc/limits</filename> and ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, the command name to display when running \"su -\". For example, if this is defined as \"su\" then a \"ps\" will display the command is \"-su\". If not defined, then \"ps\" would display the name of the shell actually being run, e.g. something like \"-sh\"."
+msgstr ""
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid "If <replaceable>yes</replaceable>, the user must be listed as a member of the first gid 0 group in <filename>/etc/group</filename> (called <replaceable>root</replaceable> on most Linux systems) to be able to <command>su</command> to uid 0 accounts. If the group doesn't exist or is empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>su</command> activity - in addition to sulog file logging."
+msgstr ""
+
+#: su.1.xml:392(para)
+msgid "On success, <command>su</command> returns the exit value of the command it executed."
+msgstr ""
+
+#: su.1.xml:396(para)
+msgid "If this command was terminated by a signal, <command>su</command> returns the number of this signal plus 128."
+msgstr ""
+
+#: su.1.xml:400(para)
+msgid "If su has to kill the command (because it was asked to terminate, and the command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr ""
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr ""
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr ""
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr ""
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr ""
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr ""
+
+#: su.1.xml:405(para)
+msgid "Some exit values from <command>su</command> are independent from the executed command: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:439(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr ""
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr ""
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr ""
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr ""
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr ""
+
+#: sg.1.xml:82(para)
+msgid "The <command>sg</command> command works similar to <command>newgrp</command> but accepts a command. The command will be executed with the <filename>/bin/sh</filename> shell. With most shells you may run <command>sg</command> from, you need to enclose multi-word commands in quotes. Another difference between <command>newgrp</command> and <command>sg</command> is that some shells treat <command>newgrp</command> specially, replacing themselves with a new instance of a shell that <command>newgrp</command> creates. This doesn't happen with <command>sg</command>, so upon exit from a <command>sg</command> command you are returned to your previous group ID."
+msgstr ""
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr ""
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+
+#: sg.1.xml:141(para)
+msgid "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition=\"gshadow\">, <citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname) shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname) pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr ""
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr ""
+
+#: shadow.5.xml:70(para)
+msgid "<filename>shadow</filename> is a file which contains the password information for the system's accounts and optional aging information."
+msgstr ""
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid "This file must not be readable by regular users if password security is to be maintained."
+msgstr ""
+
+#: shadow.5.xml:81(para)
+msgid "Each line of this file contains 9 fields, separated by colons (<quote>:</quote>), in the following order:"
+msgstr ""
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr ""
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr ""
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid "Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+
+#: shadow.5.xml:103(para)
+msgid "If the password field contains some string that is not a valid result of <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means)."
+msgstr ""
+
+#: shadow.5.xml:110(para)
+msgid "This field may be empty, in which case no passwords are required to authenticate as the specified login name. However, some applications which read the <filename>/etc/shadow</filename> file may decide not to permit any access at all if the password field is empty."
+msgstr ""
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+msgid "A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked."
+msgstr ""
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr ""
+
+#: shadow.5.xml:130(para)
+msgid "The date of the last password change, expressed as the number of days since Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:134(para)
+msgid "The value 0 has a special meaning, which is that the user should change her password the next time she will log in the system."
+msgstr ""
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr ""
+
+#: shadow.5.xml:148(para)
+msgid "The minimum password age is the number of days the user will have to wait before she will be allowed to change her password again."
+msgstr ""
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr ""
+
+#: shadow.5.xml:162(para)
+msgid "The maximum password age is the number of days after which the user will have to change her password."
+msgstr ""
+
+#: shadow.5.xml:166(para)
+msgid "After this number of days is elapsed, the password may still be valid. The user should be asked to change her password the next time she will log in."
+msgstr ""
+
+#: shadow.5.xml:171(para)
+msgid "An empty field means that there are no maximum password age, no password warning period, and no password inactivity period (see below)."
+msgstr ""
+
+#: shadow.5.xml:176(para)
+msgid "If the maximum password age is lower than the minimum password age, the user cannot change her password."
+msgstr ""
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr ""
+
+#: shadow.5.xml:187(para)
+msgid "The number of days before a password is going to expire (see the maximum password age above) during which the user should be warned."
+msgstr ""
+
+#: shadow.5.xml:192(para)
+msgid "An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr ""
+
+#: shadow.5.xml:203(para)
+msgid "The number of days after a password has expired (see the maximum password age above) during which the password should still be accepted (and the user should update her password during the next login)."
+msgstr ""
+
+#: shadow.5.xml:209(para)
+msgid "After expiration of the password and this expiration period is elapsed, no login is possible using the current user's password. The user should contact her administrator."
+msgstr ""
+
+#: shadow.5.xml:214(para)
+msgid "An empty field means that there are no enforcement of an inactivity period."
+msgstr ""
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr ""
+
+#: shadow.5.xml:225(para)
+msgid "The date of expiration of the account, expressed as the number of days since Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:229(para)
+msgid "Note that an account expiration differs from a password expiration. In case of an account expiration, the user shall not be allowed to login. In case of a password expiration, the user is not allowed to login using her password."
+msgstr ""
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr ""
+
+#: shadow.5.xml:238(para)
+msgid "The value 0 should not be used as it is interpreted as either an account with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr ""
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr ""
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr ""
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr ""
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid "Note that this file is used by the tools of the shadow toolsuite, but not by all user and password management tools."
+msgstr ""
+
+#: shadow.5.xml:284(para)
+msgid "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr ""
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr ""
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr ""
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr ""
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr ""
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr ""
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr ""
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr ""
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis) shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ""
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr ""
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr ""
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr ""
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr ""
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr ""
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr ""
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr ""
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr ""
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr ""
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr ""
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr ""
+
+#: shadow.3.xml:119(para)
+msgid "<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the shadow password file, <filename>/etc/shadow</filename>. The structure in the <emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid "struct spwd {\n char\t\t*sp_namp; /* user login name */\n char\t\t*sp_pwdp; /* encrypted password */\n long int\t\tsp_lstchg; /* last password change */\n long int\t\tsp_min; /* days until change allowed. */\n long int\t\tsp_max; /* days before change required */\n long int\t\tsp_warn; /* days warning for expiration */\n long int\t\tsp_inact; /* days before account inactive */\n long int\t\tsp_expire; /* date when account expires */\n unsigned long int\tsp_flag; /* reserved for future use */\n}\n "
+msgstr ""
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr ""
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+
+#: shadow.3.xml:154(para)
+msgid "sp_warn - days before password is to expire that user is warned of pending password expiration"
+msgstr ""
+
+#: shadow.3.xml:159(para)
+msgid "sp_inact - days after password expires that account is considered inactive and disabled"
+msgstr ""
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr ""
+
+#: shadow.3.xml:175(para)
+msgid "<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, <emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</emphasis> returns the next entry from the file, and <emphasis>fgetspent</emphasis> returns the next entry from the given stream, which is assumed to be a file of the proper format. <emphasis>sgetspent</emphasis> returns a pointer to a <emphasis>struct spwd</emphasis> using the provided string as input. <emphasis>getspnam</emphasis> searches from the current position in the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+
+#: shadow.3.xml:188(para)
+msgid "<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used to begin and end, respectively, access to the shadow password file."
+msgstr ""
+
+#: shadow.3.xml:194(para)
+msgid "The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines should be used to insure exclusive access to the <filename>/etc/shadow</filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for the remainder of the initial 15 seconds. Should either attempt fail after a total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both locks are acquired 0 is returned."
+msgstr ""
+
+#: shadow.3.xml:209(para)
+msgid "Routines return NULL if no more entries are available or if an error occurs during processing. Routines which have <emphasis>int</emphasis> as the return value return 0 for success and -1 for failure."
+msgstr ""
+
+#: shadow.3.xml:219(para)
+msgid "These routines may only be used by the superuser as access to the shadow password file is restricted."
+msgstr ""
+
+#: shadow.3.xml:239(para)
+msgid "<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname) pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr ""
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr ""
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr ""
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr ""
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr ""
+
+#: pwconv.8.xml:106(para)
+msgid "The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:111(para)
+msgid "<command>pwconv</command> does not work with <option>USE_TCB</option> enabled. To convert to tcb passwords, you should first use <command>pwconv</command> to convert to shadowed passwords by disabling <option>USE_TCB</option> in <filename>login.defs</filename> and then convert to tcb password using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> in <filename>login.defs</filename>.)"
+msgstr ""
+
+#: pwconv.8.xml:121(para)
+msgid "The <command>pwunconv</command> command creates <emphasis remap=\"I\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and <emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:127(para)
+msgid "<command>pwunconv</command> does not work with <option>USE_TCB</option> enabled. You should first switch back from tcb to shadowed passwords using <command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+
+#: pwconv.8.xml:136(para)
+msgid "The <command>grpconv</command> command creates <emphasis remap=\"I\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:142(para)
+msgid "The <command>grpunconv</command> command creates <emphasis remap=\"I\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and <emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:149(para)
+msgid "These four programs all operate on the normal and shadow password and group files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, <filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:156(para)
+msgid "Each program acquires the necessary locks before conversion. <command>pwconv</command> and <command>grpconv</command> are similar. First, entries in the shadowed file which don't exist in the main file are removed. Then, shadowed entries which don't have `x' as the password in the main file are updated. Any missing shadowed entries are added. Finally, passwords in the main file are replaced with `x'. These programs can be used for initial conversion as well to update the shadowed file if the main file is edited by hand."
+msgstr ""
+
+#: pwconv.8.xml:167(para)
+msgid "<command>pwconv</command> will use the values of <emphasis remap=\"I\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login.defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:176(para)
+msgid "Likewise <command>pwunconv</command> and <command>grpunconv</command> are similar. Passwords in the main file are updated from the shadowed file. Entries which exist in the main file but not in the shadowed file are left alone. Finally, the shadowed file is removed. Some password aging information is lost by <command>pwunconv</command>. It will convert what it can."
+msgstr ""
+
+#: pwconv.8.xml:188(para)
+msgid "The options which apply to the <command>pwconv</command>, <command>pwunconv</command>, <command>grpconv</command>, and <command>grpunconv</command> commands are:"
+msgstr ""
+
+#: pwconv.8.xml:217(para)
+msgid "Errors in the password or group files (such as invalid or duplicate entries) may cause these programs to loop forever or fail in other strange ways. Please run <command>pwck</command> and <command>grpck</command> to correct any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+
+#: pwconv.8.xml:228(para)
+msgid "The following configuration variable in <filename>/etc/login.defs</filename> changes the behavior of <command>grpconv</command> and <command>grpunconv</command>:"
+msgstr ""
+
+#: pwconv.8.xml:236(para)
+msgid "The following configuration variables in <filename>/etc/login.defs</filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+
+#: pwconv.8.xml:263(para)
+msgid "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></citerefentry><phrase condition=\"tcb\">, <citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command) login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr ""
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr ""
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle) passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle) passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr ""
+
+#: pwck.8.xml:93(para)
+msgid "The <command>pwck</command> command verifies the integrity of the users and authentication information. It checks that all entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</option> is enabled)</phrase> have the proper format and contain valid data. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors."
+msgstr ""
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr ""
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr ""
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr ""
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr ""
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr ""
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr ""
+
+#: pwck.8.xml:127(para)
+msgid "<filename>shadow</filename> checks are enabled when a second file parameter is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr ""
+
+#: pwck.8.xml:137(para)
+msgid "every passwd entry has a matching shadow entry, and every shadow entry has a matching passwd entry"
+msgstr ""
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr ""
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr ""
+
+#: pwck.8.xml:156(para)
+msgid "The checks for correct number of fields and unique user name are fatal. If the entry has the wrong number of fields, the user will be prompted to delete the entire line. If the user does not answer affirmatively, all further checks are bypassed. An entry with a duplicated user name is prompted for deletion, but the remaining checks will still be made. All other errors are warning and the user is encouraged to run the <command>usermod</command> command to correct the error."
+msgstr ""
+
+#: pwck.8.xml:167(para)
+msgid "The commands which operate on the <filename>/etc/passwd</filename> file are not able to alter corrupted or duplicated entries. <command>pwck</command> should be used in those circumstances to remove the offending entry."
+msgstr ""
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid "The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr ""
+
+#: pwck.8.xml:194(para)
+msgid "Report errors only. The warnings which do not require any action from the user won't be displayed."
+msgstr ""
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr ""
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr ""
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr ""
+
+#: pwck.8.xml:223(para)
+msgid "Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename> by UID."
+msgstr ""
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+
+#: pwck.8.xml:234(para)
+msgid "By default, <command>pwck</command> operates on the files <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may select alternate files with the <replaceable>passwd</replaceable> and <replaceable>shadow</replaceable> parameters."
+msgstr ""
+
+#: pwck.8.xml:243(para)
+msgid "Note that when <option>USE_TCB</option> is enabled, you cannot specify an alternative <replaceable>shadow</replaceable> file. In future releases, this parameter could be replaced by an alternate TCB directory."
+msgstr ""
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr ""
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr ""
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr ""
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr ""
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr ""
+
+#: pwck.8.xml:294(para)
+msgid "The <command>pwck</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: pwck.8.xml:345(para)
+msgid "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr ""
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+
+#: porttime.5.xml:70(para)
+msgid "<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, user names, and permitted login times."
+msgstr ""
+
+#: porttime.5.xml:75(para)
+msgid "Each entry consists of three colon separated fields. The first field is a comma separated list of tty devices, or an asterisk to indicate that all tty devices are matched by this entry. The second field is a comma separated list of user names, or an asterisk to indicated that all user names are matched by this entry. The third field is a comma separated list of permitted access times."
+msgstr ""
+
+#: porttime.5.xml:84(para)
+msgid "Each access time entry consists of zero or more days of the week, abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr ""
+
+#: porttime.5.xml:99(para)
+msgid "The following entry allows access to user <emphasis remap=\"B\">jfh</emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr ""
+
+#: porttime.5.xml:107(para)
+msgid "The following entries allow access only to the users <emphasis>root</emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> at any time. This illustrates how the <filename>/etc/porttime</filename> file is an ordered list of access times. Any other user would match the second entry which does not permit access at any time."
+msgstr ""
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid "\n console:root,oper:Al0000-2400\n console:*:\n "
+msgstr ""
+
+#: porttime.5.xml:121(para)
+msgid "The following entry allows access for the user <emphasis>games</emphasis> on any port during non-working hours."
+msgstr ""
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr ""
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr ""
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr ""
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr ""
+
+#: passwd.5.xml:70(para)
+msgid "<filename>/etc/passwd</filename> contains one line for each user account, with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr ""
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr ""
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr ""
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr ""
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr ""
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr ""
+
+#: passwd.5.xml:100(para)
+msgid "The encrypted password field may be blank, in which case no password is required to authenticate as the specified login name. However, some applications which read the <filename>/etc/passwd</filename> file may decide not to permit <emphasis>any</emphasis> access at all if the <emphasis>password</emphasis> field is blank. If the <emphasis>password</emphasis> field is a lower-case <quote>x</quote>, then the encrypted password is actually stored in the <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there <emphasis>must</emphasis> be a corresponding line in the <filename>/etc/shadow</filename> file, or else the user account is invalid. If the <emphasis>password</emphasis> field is any other string, then it will be treated as an encrypted password, as specified by <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:119(para)
+msgid "The comment field is used by various system utilities, such as <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:125(para)
+msgid "The home directory field provides the name of the initial working directory. The <command>login</command> program uses this information to set the value of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+
+#: passwd.5.xml:131(para)
+msgid "The command interpreter field provides the name of the user's command language interpreter, or the name of the initial program to execute. The <command>login</command> program uses this information to set the value of the <envar>$SHELL</envar> environmental variable. If this field is empty, it defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr ""
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr ""
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr ""
+
+#: passwd.5.xml:170(para)
+msgid "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr ""
+
+#: passwd.1.xml:89(para)
+msgid "The <command>passwd</command> command changes passwords for user accounts. A normal user may only change the password for his/her own account, while the superuser may change the password for any account. <command>passwd</command> also changes the account or associated password validity period."
+msgstr ""
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr ""
+
+#: passwd.1.xml:99(para)
+msgid "The user is first prompted for his/her old password, if one is present. This password is then encrypted and compared against the stored password. The user has only one chance to enter the correct password. The superuser is permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+
+#: passwd.1.xml:107(para)
+msgid "After the password has been entered, password aging information is checked to see if the user is permitted to change the password at this time. If not, <command>passwd</command> refuses to change the password and exits."
+msgstr ""
+
+#: passwd.1.xml:114(para)
+msgid "The user is then prompted twice for a replacement password. The second entry is compared against the first and both are required to match in order for the password to be changed."
+msgstr ""
+
+#: passwd.1.xml:120(para)
+msgid "Then, the password is tested for complexity. As a general guideline, passwords should consist of 6 to 8 characters including one or more characters from each of the following sets:"
+msgstr ""
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr ""
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr ""
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr ""
+
+#: passwd.1.xml:138(para)
+msgid "Care must be taken not to include the system default erase or kill characters. <command>passwd</command> will reject any password which is not suitably complex."
+msgstr ""
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr ""
+
+#: passwd.1.xml:148(para)
+msgid "The security of a password depends upon the strength of the encryption algorithm and the size of the key space. The legacy <emphasis>UNIX</emphasis> System encryption method is based on the NBS DES algorithm. More recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). The size of the key space depends upon the randomness of the password which is selected."
+msgstr ""
+
+#: passwd.1.xml:157(para)
+msgid "Compromises in password security normally result from careless password selection or handling. For this reason, you should not select a password which appears in a dictionary or which must be written down. The password should also not be a proper name, your license number, birth date, or street address. Any of these may be used as guesses to violate system security."
+msgstr ""
+
+#: passwd.1.xml:166(para)
+msgid "You can find advice on how to choose a strong password on http://en.wikipedia.org/wiki/Password_strength"
+msgstr ""
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr ""
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr ""
+
+#: passwd.1.xml:184(para)
+msgid "This option can be used only with <option>-S</option> and causes show status for all users."
+msgstr ""
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr ""
+
+#: passwd.1.xml:195(para)
+msgid "Delete a user's password (make it empty). This is a quick way to disable a password for an account. It will set the named account passwordless."
+msgstr ""
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr ""
+
+#: passwd.1.xml:207(para)
+msgid "Immediately expire an account's password. This in effect can force a user to change his/her password at the user's next login."
+msgstr ""
+
+#: passwd.1.xml:220(term)
+msgid "<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:224(para)
+msgid "This option is used to disable an account after the password has been expired for a number of days. After a user account has had an expired password for <replaceable>INACTIVE</replaceable> days, the user may no longer sign on to the account."
+msgstr ""
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr ""
+
+#: passwd.1.xml:237(para)
+msgid "Indicate password change should be performed only for expired authentication tokens (passwords). The user wishes to keep their non-expired tokens as before."
+msgstr ""
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr ""
+
+#: passwd.1.xml:249(para)
+msgid "Lock the password of the named account. This option disables a password by changing it to a value which matches no possible encrypted value (it adds a ´!´ at the beginning of the password)."
+msgstr ""
+
+#: passwd.1.xml:255(para)
+msgid "Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key). To disable the account, administrators should use <command>usermod --expiredate 1</command> (this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+
+#: passwd.1.xml:269(term)
+msgid "<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid "Set the minimum number of days between password changes to <replaceable>MIN_DAYS</replaceable>. A value of zero for this field indicates that the user may change his/her password at any time."
+msgstr ""
+
+#: passwd.1.xml:291(term)
+msgid "<option>-r</option>, <option>--repository</option>&nbsp;<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr ""
+
+#: passwd.1.xml:317(para)
+msgid "Display account status information. The status information consists of 7 fields. The first field is the user's login name. The second field indicates if the user account has a locked password (L), has no password (NP), or has a usable password (P). The third field gives the date of the last password change. The next four fields are the minimum age, maximum age, warning period, and inactivity period for the password. These ages are expressed in days."
+msgstr ""
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr ""
+
+#: passwd.1.xml:335(para)
+msgid "Unlock the password of the named account. This option re-enables a password by changing the password back to its previous value (to the value before using the <option>-l</option> option)."
+msgstr ""
+
+#: passwd.1.xml:344(term)
+msgid "<option>-w</option>, <option>--warndays</option>&nbsp;<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:348(para)
+msgid "Set the number of days of warning before a password change is required. The <replaceable>WARN_DAYS</replaceable> option is the number of days prior to the password expiring that a user will be warned that his/her password is about to expire."
+msgstr ""
+
+#: passwd.1.xml:357(term)
+msgid "<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:361(para)
+msgid "Set the maximum number of days a password remains valid. After <replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+
+#: passwd.1.xml:373(para)
+msgid "Password complexity checking may vary from site to site. The user is urged to select a password as complex as he or she feels comfortable with."
+msgstr ""
+
+#: passwd.1.xml:378(para)
+msgid "Users may not be able to change their password on a system if NIS is enabled and they are not logged into the NIS server."
+msgstr ""
+
+#: passwd.1.xml:383(para)
+msgid "<command>passwd</command> uses PAM to authenticate users and to change their passwords."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term) gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr ""
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para) gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid "This defines the system default encryption algorithm for encrypting passwords (if no algorithm are specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para) gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid "It can take one of these values: <replaceable>DES</replaceable> (default), <replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, <replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></phrase>."
+msgstr ""
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para) gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid "Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para) newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para) login.defs.5.xml:47(para) login.defs.5.xml:53(para) login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para) gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para) chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para) chgpasswd.8.xml:62(para)
+msgid "Note: This only affect the generation of group passwords. The generation of user passwords is done by PAM and subject to the PAM configuration. It is recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term) gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para) gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid "Indicate if passwords must be encrypted using the MD5-based algorithm. If set to <replaceable>yes</replaceable>, new passwords will be encrypted using the MD5-based algorithm compatible with the one used by recent releases of FreeBSD. It supports passwords of unlimited length and longer salt strings. Set to <replaceable>no</replaceable> if you need to copy encrypted passwords to other systems which don't understand the new algorithm. Default is <replaceable>no</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para) gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid "This variable is superseded by the <option>ENCRYPT_METHOD</option> variable or by any command line option used to configure the encryption algorithm."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para) gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid "Number of significant characters in the password for crypt(). <option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to <replaceable>yes</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term) gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term) gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para) gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid "When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</replaceable> or <replaceable>SHA512</replaceable>, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para) gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid "With a lot of rounds, it is more difficult to brute forcing the password. But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para) gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid "If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para) gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para) gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid "If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or <option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be used."
+msgstr ""
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para) gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid "If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</option>, the highest value will be used."
+msgstr ""
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr ""
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr ""
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr ""
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr ""
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr ""
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr ""
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+
+#: passwd.1.xml:439(para)
+msgid "The <command>passwd</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: passwd.1.xml:490(para)
+msgid "<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition=\"no_pam\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname) nologin.8.xml:59(command)
+msgid "nologin"
+msgstr ""
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr ""
+
+#: nologin.8.xml:65(para)
+msgid "The <command>nologin</command> command displays a message that an account is not available and exits non-zero. It is intended as a replacement shell field for accounts that have been disabled."
+msgstr ""
+
+#: nologin.8.xml:70(para)
+msgid "To disable all logins, investigate <citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:79(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr ""
+
+#: nologin.8.xml:91(para)
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr ""
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname) newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr ""
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr ""
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr ""
+
+#: newusers.8.xml:97(para)
+msgid "The <command>newusers</command> command reads a <replaceable>file</replaceable> (or the standard input by default) and uses this information to update a set of existing users or to create new users. Each line is in the same format as the standard password file (see <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>) with the exceptions explained below:"
+msgstr ""
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr ""
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr ""
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr ""
+
+#: newusers.8.xml:116(para)
+msgid "It can be the name of a new user or the name of an existing user (or a user created before by <command>newusers</command>). In case of an existing user, the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr ""
+
+#: newusers.8.xml:130(para)
+msgid "This field will be encrypted and used as the new value of the encrypted password."
+msgstr ""
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr ""
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr ""
+
+#: newusers.8.xml:144(para)
+msgid "If the field is empty, a new (unused) UID will be defined automatically by <command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr ""
+
+#: newusers.8.xml:152(para)
+msgid "If this field contains the name of an existing user (or the name of a user created before by <command>newusers</command>), the UID of the specified user will be used."
+msgstr ""
+
+#: newusers.8.xml:158(para)
+msgid "If the UID of an existing user is changed, the files ownership of the user's file should be fixed manually."
+msgstr ""
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr ""
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:172(para)
+msgid "If this field contains the name of an existing group (or a group created before by <command>newusers</command>), the GID of this group will be used as the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:178(para)
+msgid "If this field is a number, this number will be used as the primary group ID of the user. If no groups exist with this GID, a new group will be created with this GID, and the name of the user."
+msgstr ""
+
+#: newusers.8.xml:184(para)
+msgid "If this field is empty, a new group will be created with the name of the user and a GID will be automatically defined by <command>newusers</command> to be used as the primary group ID for the user and as the GID for the new group."
+msgstr ""
+
+#: newusers.8.xml:190(para)
+msgid "If this field contains the name of a group which does not exist (and was not created before by <command>newusers</command>), a new group will be created with the specified name and a GID will be automatically defined by <command>newusers</command> to be used as the primary group ID for the user and GID for the new group."
+msgstr ""
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr ""
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr ""
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr ""
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr ""
+
+#: newusers.8.xml:218(para)
+msgid "If this field does not specify an existing directory, the specified directory is created, with ownership set to the user being created or updated and its primary group."
+msgstr ""
+
+#: newusers.8.xml:223(para)
+msgid "If the home directory of an existing user is changed, <command>newusers</command> does not move or copy the content of the old directory to the new location. This should be done manually."
+msgstr ""
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr ""
+
+#: newusers.8.xml:236(para)
+msgid "This field defines the shell of the user. No checks are performed on this field."
+msgstr ""
+
+#: newusers.8.xml:244(para)
+msgid "<command>newusers</command> first tries to create or change all the specified users, and then write these changes to the user or group databases. If an error occurs (except in the final writes to the databases), no changes are committed to the databases."
+msgstr ""
+
+#: newusers.8.xml:250(para)
+msgid "During this first pass, users are created with a locked password (and passwords are not changed for the users which are not created). A second pass is used to update the passwords using PAM. Failures to update a password are reported, but will not stop the other password updates."
+msgstr ""
+
+#: newusers.8.xml:258(para)
+msgid "This command is intended to be used in a large system environment where many accounts are updated at a single time."
+msgstr ""
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr ""
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr ""
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid "The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods."
+msgstr ""
+
+#: newusers.8.xml:296(para)
+msgid "System users will be created with no aging information in <filename>/etc/shadow</filename>, and their numeric identifiers are chosen in the <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in <filename>login.defs</filename>, instead of <option>UID_MIN</option>-<option>UID_MAX</option> (and their <option>GID</option> counterparts for the creation of groups)."
+msgstr ""
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr ""
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid "The value 0 means that the system will choose the default number of rounds for the crypt method (5000)."
+msgstr ""
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid "A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid "By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: newusers.8.xml:351(para)
+msgid "The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid "You should make sure the passwords and the encryption method respect the system's password policy."
+msgstr ""
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr ""
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:452(para)
+msgid "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition=\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname) newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr ""
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr ""
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable) groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr ""
+
+#: newgrp.1.xml:78(para)
+msgid "The <command>newgrp</command> command is used to change the current group ID during a login session. If the optional <option>-</option> flag is given, the user's environment will be reinitialized as though the user had logged in, otherwise the current environment, including current working directory, remains unchanged."
+msgstr ""
+
+#: newgrp.1.xml:86(para)
+msgid "<command>newgrp</command> changes the current real group ID to the named group, or to the default group listed in <filename>/etc/passwd</filename> if no group name is given. <command>newgrp</command> also tries to add the group to the user groupset. If not root, the user will be prompted for a password if she does not have a password (in <filename>/etc/shadow</filename> if this user has an entry in the shadowed password file, or in <filename>/etc/passwd</filename> otherwise) and the group does, or if the user is not listed as a member and the group has a password. The user will be denied access if the group password is empty and the user is not listed as a member."
+msgstr ""
+
+#: newgrp.1.xml:100(para)
+msgid "If there is an entry for this group in <filename>/etc/gshadow</filename>, then the list of members and the password of this group will be taken from this file, otherwise, the entry in <filename>/etc/group</filename> is considered."
+msgstr ""
+
+#: newgrp.1.xml:152(para)
+msgid "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition=\"gshadow\">, <citerefentry condition=\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname) logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr ""
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr ""
+
+#: logoutd.8.xml:76(para)
+msgid "<command>logoutd</command> enforces the login time and port restrictions specified in <filename>/etc/porttime</filename>. <command>logoutd</command> should be started from <filename>/etc/rc</filename>. The <filename>/var/run/utmp</filename> file is scanned periodically and each user name is checked to see if the named user is permitted on the named port at the current time. Any login session which is violating the restrictions in <filename>/etc/porttime</filename> is terminated."
+msgstr ""
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr ""
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr ""
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr ""
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr ""
+
+#: login.defs.5.xml:135(para)
+msgid "The <filename>/etc/login.defs</filename> file defines the site-specific configuration for the shadow password suite. This file is required. Absence of this file will not prevent system operation, but will probably result in undesirable operation."
+msgstr ""
+
+#: login.defs.5.xml:142(para)
+msgid "This file is a readable text file, each line of the file describing one configuration parameter. The lines consist of a configuration name and value, separated by whitespace. Blank lines and comment lines are ignored. Comments are introduced with a \"#\" pound sign and the pound sign must be the first non-white character of the line."
+msgstr ""
+
+#: login.defs.5.xml:150(para)
+msgid "Parameter values may be of four types: strings, booleans, numbers, and long numbers. A string is comprised of any printable characters. A boolean should be either the value <replaceable>yes</replaceable> or <replaceable>no</replaceable>. An undefined boolean parameter or one with a value other than these will be given a <replaceable>no</replaceable> value. Numbers (both regular and long) may be either decimal values, octal values (precede the value with <replaceable>0</replaceable>) or hexadecimal values (precede the value with <replaceable>0x</replaceable>). The maximum value of the regular and long numeric parameters is machine-dependent."
+msgstr ""
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid "If <replaceable>yes</replaceable>, the <command>chfn</command> program will require authentication before making any changes, unless run by the superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid "This parameter specifies which values in the <emphasis remap=\"I\">gecos</emphasis> field of the <filename>/etc/passwd</filename> file may be changed by regular users using the <command>chfn</command> program. It can be any combination of letters <replaceable>f</replaceable>, <replaceable>r</replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, for Full name, Room number, Work phone, and Home phone, respectively. For backward compatibility, <replaceable>yes</replaceable> is equivalent to <replaceable>rwh</replaceable> and <replaceable>no</replaceable> is equivalent to <replaceable>frwh</replaceable>. If not specified, only the superuser can make any changes. The most restrictive setting is better achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid "If <replaceable>yes</replaceable>, the <command>chsh</command> program will require authentication before making any changes, unless run by the superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal ERASE character (<replaceable>010</replaceable> = backspace, <replaceable>0177</replaceable> = DEL)."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para) login.1.xml:37(para)
+msgid "The value can be prefixed \"0\" for an octal value, or \"0x\" for an hexadecimal value."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of <filename>/var/log/faillog</filename> login failure info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If set, <command>login</command> will execute this shell instead of the users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file can inhibit all the usual chatter during the login sequence. If a full pathname is specified, then hushed mode will be enabled if the user's name or shell are found in the file. If not a full pathname, then hushed mode will be enabled if the file exists in the user's home directory."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Note: logging unknown usernames may be a security issue if an user enter her password instead of her login name."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid "This will most likely be overridden by PAM, since the default pam_unix module has its own built in of 3 retries. However, this is a safe fallback in case you are using an authentication module that does not enforce PAM_MAXTRIES."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, \":\" delimited list of \"message of the day\" files to be displayed upon login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, name of file whose presence will inhibit non-root logins. The contents of this file should be a message indicating why logins are inhibited."
+msgstr ""
+
+#: login.defs.5.xml:208(para)
+msgid "<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and <option>PASS_WARN_AGE</option> are only used at the time of account creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking of time restrictions specified in <filename>/etc/porttime</filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid "The terminal permissions: the login tty will be owned by the <option>TTYGROUP</option> group, and the permissions will be set to <option>TTYPERM</option>."
+msgstr ""
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid "By default, the ownership of the terminal is set to the user's primary group and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid "<option>TTYGROUP</option> can be either the name of a group or a numeric group identifier."
+msgstr ""
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid "If you have a <command>write</command> program which is \"setgid\" to a special group which owns the terminals, define TTYGROUP to the group number and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign TTYPERM to either 622 or 600."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, file which maps tty line to TERM environment parameter. Each line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr ""
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr ""
+
+#: login.defs.5.xml:242(para)
+msgid "The following cross references show which programs in the shadow password suite use which parameters."
+msgstr ""
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle) chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr ""
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase) login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr ""
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle) chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr ""
+
+#: login.defs.5.xml:257(para)
+msgid "<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle) chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr ""
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid "ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition=\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle) chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr ""
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr ""
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle) chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr ""
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr ""
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle) gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr ""
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle) groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr ""
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr ""
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle) groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr ""
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para) login.defs.5.xml:329(para) login.defs.5.xml:336(para) login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr ""
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle) groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr ""
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle) groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr ""
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle) grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr ""
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle) login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command) login.1.xml:118(command)
+msgid "login"
+msgstr ""
+
+#: login.defs.5.xml:356(para)
+msgid "<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME <phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR <phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</phrase> USERGROUPS_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr ""
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:393(para)
+msgid "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+
+#: login.defs.5.xml:411(para)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:422(para)
+msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:431(para)
+msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:448(para)
+msgid "<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME <phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition=\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr ""
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:474(para)
+msgid "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:490(para)
+msgid "MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:500(para)
+msgid "MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:519(para)
+msgid "Much of the functionality that used to be provided by the shadow password suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is no longer used by <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by <citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, and <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the corresponding PAM configuration files instead."
+msgstr ""
+
+#: login.defs.5.xml:535(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr ""
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr ""
+
+#: login.access.5.xml:71(para)
+msgid "The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, host) combinations and/or (user, tty) combinations for which a login will be either accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:77(para)
+msgid "When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is scanned for the first entry that matches the (user, host) combination, or, in case of non-networked logins, the first entry that matches the (user, tty) combination. The permissions field of that table entry determines whether the login will be accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:85(para)
+msgid "Each line of the login access control table has three fields separated by a \":\" character:"
+msgstr ""
+
+#: login.access.5.xml:90(para)
+msgid "<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+
+#: login.access.5.xml:94(para)
+msgid "The first field should be a \"<emphasis>+</emphasis>\" (access granted) or \"<emphasis>-</emphasis>\" (access denied) character. The second field should be a list of one or more login names, group names, or <emphasis>ALL</emphasis> (always matches). The third field should be a list of one or more tty names (for non-networked logins), host names, domain names (begin with \"<literal>.</literal>\"), host addresses, internet network numbers (end with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or <emphasis>LOCAL</emphasis> (matches any string that does not contain a \"<literal>.</literal>\" character). If you run NIS you can use @netgroupname in host or user patterns."
+msgstr ""
+
+#: login.access.5.xml:108(para)
+msgid "The <emphasis>EXCEPT</emphasis> operator makes it possible to write very compact rules."
+msgstr ""
+
+#: login.access.5.xml:113(para)
+msgid "The group file is searched only when a name does not match that of the logged-in user. Only groups are matched in which users are explicitly listed: the program does not look at a user's primary group id value."
+msgstr ""
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr ""
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg) login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr ""
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable) login.1.xml:120(replaceable)
+msgid "host"
+msgstr ""
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr ""
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr ""
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr ""
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr ""
+
+#: login.1.xml:126(para)
+msgid "The <command>login</command> program is used to establish a new session with the system. It is normally invoked automatically by responding to the <emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. <command>login</command> may be special to the shell and may not be invoked as a sub-process. When called from a shell, <command>login</command> should be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause the user to exit from the current shell (and thus will prevent the new logged in user to return to the session of the caller). Attempting to execute <command>login</command> from any shell but the login shell will produce an error message."
+msgstr ""
+
+#: login.1.xml:140(para)
+msgid "The user is then prompted for a password, where appropriate. Echoing is disabled to prevent revealing the password. Only a small number of password failures are permitted before <command>login</command> exits and the communications link is severed."
+msgstr ""
+
+#: login.1.xml:147(para)
+msgid "If password aging has been enabled for your account, you may be prompted for a new password before proceeding. You will be forced to provide your old password and the new password before continuing. Please refer to <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry> for more information."
+msgstr ""
+
+#: login.1.xml:156(para)
+msgid "After a successful login, you will be informed of any system messages and the presence of mail. You may turn off the printing of the system message file, <filename>/etc/motd</filename>, by creating a zero-length file <filename>.hushlogin</filename> in your login directory. The mail message will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to the condition of your mailbox."
+msgstr ""
+
+#: login.1.xml:167(para)
+msgid "Your user and group ID will be set according to their values in the <filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and <envar>$MAIL</envar> are set according to the appropriate fields in the password entry. Ulimit, umask and nice values may also be set according to entries in the GECOS field."
+msgstr ""
+
+#: login.1.xml:176(para)
+msgid "On some installations, the environmental variable <envar>$TERM</envar> will be initialized to the terminal type on your tty line, as specified in <filename>/etc/ttytype</filename>."
+msgstr ""
+
+#: login.1.xml:182(para)
+msgid "An initialization script for your command interpreter may also be executed. Please see the appropriate manual section for more information on this function."
+msgstr ""
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid "The <command>login</command> program is NOT responsible for removing users from the utmp file. It is the responsibility of <citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>init</refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent ownership of a terminal session. If you use <command>login</command> from the shell prompt without <command>exec</command>, the user you use will continue to appear to be logged in even after you log out of the \"subsession\"."
+msgstr ""
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr ""
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr ""
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr ""
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr ""
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr ""
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr ""
+
+#: login.1.xml:252(para)
+msgid "The <option>-r</option>, <option>-h</option> and <option>-f</option> options are only used when <command>login</command> is invoked by root."
+msgstr ""
+
+#: login.1.xml:261(para)
+msgid "This version of <command>login</command> has many compilation options, only some of which may be in use at any particular site."
+msgstr ""
+
+#: login.1.xml:266(para)
+msgid "The location of files is subject to differences in system configuration."
+msgstr ""
+
+#: login.1.xml:282(para)
+msgid "As with any program, <command>login</command>'s appearance can be faked. If non-trusted users have physical access to a machine, an attacker could use this to obtain the password of the next person coming to sit in front of the machine. Under Linux, the SAK mechanism can be used by users to initiate a trusted path and prevent this kind of attack."
+msgstr ""
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr ""
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr ""
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr ""
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr ""
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr ""
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr ""
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr ""
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr ""
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr ""
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr ""
+
+#: login.1.xml:399(para)
+msgid "<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr ""
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr ""
+
+#: limits.5.xml:73(para)
+msgid "The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</filename> by default or LIMITS_FILE defined <filename>config.h</filename>) describes the resource limits you wish to impose. It should be owned by root and readable by root account only."
+msgstr ""
+
+#: limits.5.xml:81(para)
+msgid "By default no quota is imposed on 'root'. In fact, there is no way to impose limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr ""
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr ""
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr ""
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr ""
+
+#: limits.5.xml:99(para)
+msgid "The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of resource limits. Each limit consists of a letter identifier followed by a numerical limit."
+msgstr ""
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr ""
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr ""
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr ""
+
+#: limits.5.xml:111(para)
+msgid "F: maximum file size (KB)"
+msgstr ""
+
+#: limits.5.xml:112(para)
+msgid "K: file creation mask, set by <citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr ""
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr ""
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr ""
+
+#: limits.5.xml:123(para)
+msgid "P: process priority, set by <citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr ""
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr ""
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr ""
+
+#: limits.5.xml:134(para)
+msgid "For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid <emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following entries are equivalent:"
+msgstr ""
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid "\n username L2D2048N5\n username L2 D2048 N5\n "
+msgstr ""
+
+#: limits.5.xml:145(para)
+msgid "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of the line is considered a limit string, thus comments are not allowed. An invalid limits string will be rejected (not considered) by the <command>login</command> program."
+msgstr ""
+
+#: limits.5.xml:152(para)
+msgid "The default entry is denoted by username \"<emphasis>*</emphasis>\". If you have multiple <emphasis remap=\"I\">default</emphasis> entries in your <emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the default entry."
+msgstr ""
+
+#: limits.5.xml:159(para)
+msgid "The limits specified in the form \"<replaceable>@group</replaceable>\" apply to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+
+#: limits.5.xml:165(para)
+msgid "If more than one line with limits for a user exist, only the first line for this user will be considered."
+msgstr ""
+
+#: limits.5.xml:170(para)
+msgid "If no lines are specified for a user, the last <replaceable>@group</replaceable> line matching a group whose the user is a member of will be considered, or the last line with default limits if no groups contain the user."
+msgstr ""
+
+#: limits.5.xml:177(para)
+msgid "To completely disable limits for a user, a single dash \"<emphasis>-</emphasis>\" will do."
+msgstr ""
+
+#: limits.5.xml:182(para)
+msgid "To disable a limit for a user, a single dash \"<replaceable>-</replaceable>\" can be used instead of the numerical value for this limit."
+msgstr ""
+
+#: limits.5.xml:188(para)
+msgid "Also, please note that all limit settings are set PER LOGIN. They are not global, nor are they permanent. Perhaps global limits will come, but for now this will have to do ;)"
+msgstr ""
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr ""
+
+#: limits.5.xml:207(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname) lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr ""
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+
+#: lastlog.8.xml:80(para)
+msgid "<command>lastlog</command> formats and prints the contents of the last login log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</emphasis> will be printed. The default (no flags) causes lastlog entries to be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr ""
+
+#: lastlog.8.xml:97(term)
+msgid "<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:101(para)
+msgid "Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:107(term)
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr ""
+
+#: lastlog.8.xml:111(para)
+msgid "Clear lastlog record of a user. This option can be used only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:138(term)
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr ""
+
+#: lastlog.8.xml:142(para)
+msgid "Set lastlog record of a user to the current time. This option can be used only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid "<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:153(para)
+msgid "Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr ""
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid "The users can be specified by a login name, a numerical user ID, or a <replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</replaceable> of users can be specified with a min and max values (<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+
+#: lastlog.8.xml:179(para)
+msgid "If the user has never logged in the message <emphasis>** Never logged in**</emphasis> will be displayed instead of the port and time."
+msgstr ""
+
+#: lastlog.8.xml:184(para)
+msgid "Only the entries for the current users of the system will be displayed. Other entries may exist for users that were deleted previously."
+msgstr ""
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title) chage.1.xml:231(title)
+msgid "NOTE"
+msgstr ""
+
+#: lastlog.8.xml:193(para)
+msgid "The <filename>lastlog</filename> file is a database which contains info on the last login of each user. You should not rotate it. It is a sparse file, so its size on the disk is usually much smaller than the one shown by \"<command>ls -l</command>\" (which can indicate a really big file if you have in <filename>passwd</filename> users with a high UID). You can display its real size with \"<command>ls -s</command>\"."
+msgstr ""
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr ""
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr ""
+
+#: lastlog.8.xml:217(para)
+msgid "Large gaps in UID numbers will cause the lastlog program to run longer with no output to the screen (i.e. if in lastlog database there is no entries for users with UID between 170 and 800 lastlog will appear to hang as it processes entries with UIDs 171-799)."
+msgstr ""
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr ""
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr ""
+
+#: gshadow.5.xml:59(para)
+msgid "<filename>/etc/gshadow</filename> contains the shadowed information for group accounts."
+msgstr ""
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr ""
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr ""
+
+#: gshadow.5.xml:90(para)
+msgid "If the password field contains some string that is not a valid result of <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or *, users will not be able to use a unix password to access the group (but group members do not need the password)."
+msgstr ""
+
+#: gshadow.5.xml:97(para)
+msgid "The password is used when a user who is not a member of the group wants to gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+
+#: gshadow.5.xml:103(para)
+msgid "This field may be empty, in which case only the group members can gain the group permissions."
+msgstr ""
+
+#: gshadow.5.xml:113(para)
+msgid "This password supersedes any password specified in <filename>/etc/group</filename>."
+msgstr ""
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr ""
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr ""
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+
+#: gshadow.5.xml:130(para)
+msgid "Administrators also have the same permissions as the members (see below)."
+msgstr ""
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr ""
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+
+#: gshadow.5.xml:146(para)
+msgid "You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+
+#: gshadow.5.xml:175(para)
+msgid "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>grpconv</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr ""
+
+#: grpck.8.xml:84(para)
+msgid "The <command>grpck</command> command verifies the integrity of the groups information. It checks that all entries in <filename>/etc/group</filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</filename></phrase> have the proper format and contain valid data. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors."
+msgstr ""
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr ""
+
+#: grpck.8.xml:104(para)
+msgid "a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/group</filename> only)</phrase>"
+msgstr ""
+
+#: grpck.8.xml:111(para)
+msgid "a valid list of members <phrase condition=\"gshadow\"> and administrators</phrase>"
+msgstr ""
+
+#: grpck.8.xml:117(para)
+msgid "a corresponding entry in the <filename>/etc/gshadow</filename> file (respectively <filename>/etc/group</filename> for the <filename>gshadow</filename> checks)"
+msgstr ""
+
+#: grpck.8.xml:125(para)
+msgid "The checks for correct number of fields and unique group name are fatal. If an entry has the wrong number of fields, the user will be prompted to delete the entire line. If the user does not answer affirmatively, all further checks are bypassed. An entry with a duplicated group name is prompted for deletion, but the remaining checks will still be made. All other errors are warnings and the user is encouraged to run the <command>groupmod</command> command to correct the error."
+msgstr ""
+
+#: grpck.8.xml:136(para)
+msgid "The commands which operate on the <filename>/etc/group</filename><phrase condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and <filename>/etc/gshadow</filename> files</phrase> are not able to alter corrupted or duplicated entries. <command>grpck</command> should be used in those circumstances to remove the offending entries."
+msgstr ""
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr ""
+
+#: grpck.8.xml:165(para)
+msgid "Execute the <command>grpck</command> command in read-only mode. This causes all questions regarding changes to be answered <emphasis>no</emphasis> without user intervention."
+msgstr ""
+
+#: grpck.8.xml:187(para)
+msgid "Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+
+#: grpck.8.xml:196(para)
+msgid "By default, <command>grpck</command> operates on <filename>/etc/group</filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</filename></phrase>. The user may select alternate files with the <emphasis remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</emphasis> parameters.</phrase>"
+msgstr ""
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr ""
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr ""
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr ""
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr ""
+
+#: grpck.8.xml:246(para)
+msgid "The <command>grpck</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: grpck.8.xml:291(para)
+msgid "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition=\"gshadow\"><citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname) groups.1.xml:70(command)
+msgid "groups"
+msgstr ""
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr ""
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr ""
+
+#: groups.1.xml:79(para)
+msgid "The <command>groups</command> command displays the current group names or ID values. If the value does not have a corresponding entry in <filename>/etc/group</filename>, the value will be displayed as the numerical group value. The optional <emphasis remap=\"I\">user</emphasis> parameter will display the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+
+#: groups.1.xml:91(para)
+msgid "Systems which do not support concurrent group sets will have the information from <filename>/etc/group</filename> reported. The user must use <command>newgrp</command> or <command>sg</command> to change his current real and effective group ID."
+msgstr ""
+
+#: groups.1.xml:113(para)
+msgid "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>getgid</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr ""
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr ""
+
+#: groupmod.8.xml:81(para)
+msgid "The <command>groupmod</command> command modifies the definition of the specified <replaceable>GROUP</replaceable> by modifying the appropriate entry in the group database."
+msgstr ""
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr ""
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid "<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</replaceable>"
+msgstr ""
+
+#: groupmod.8.xml:100(para)
+msgid "The group ID of the given <replaceable>GROUP</replaceable> will be changed to <replaceable>GID</replaceable>."
+msgstr ""
+
+#: groupmod.8.xml:104(para)
+msgid "The value of <replaceable>GID</replaceable> must be a non-negative decimal integer. This value must be unique, unless the <option>-o</option> option is used."
+msgstr ""
+
+#: groupmod.8.xml:110(para)
+msgid "Users who use the group as primary group will be updated to keep the group as their primary group."
+msgstr ""
+
+#: groupmod.8.xml:114(para)
+msgid "Any files that have the old group ID and must continue to belong to <replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+
+#: groupmod.8.xml:120(para)
+msgid "No checks will be performed with regard to the <option>GID_MIN</option>, <option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or <option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: groupmod.8.xml:135(term)
+msgid "<option>-n</option>, <option>--new-name</option>&nbsp;<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+
+#: groupmod.8.xml:139(para)
+msgid "The name of the group will be changed from <replaceable>GROUP</replaceable> to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+
+#: groupmod.8.xml:150(para)
+msgid "When used with the <option>-g</option> option, allow to change the group <replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr ""
+
+#: groupmod.8.xml:236(para)
+msgid "The <command>groupmod</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: groupmod.8.xml:287(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr ""
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr ""
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr ""
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr ""
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr ""
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr ""
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr ""
+
+#: groupmems.8.xml:86(para)
+msgid "The <command>groupmems</command> command allows a user to administer his/her own group membership list without the requirement of superuser privileges. The <command>groupmems</command> utility is for systems that configure its users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+
+#: groupmems.8.xml:94(para)
+msgid "Only the superuser, as administrator, can use <command>groupmems</command> to alter the memberships of other groups."
+msgstr ""
+
+#: groupmems.8.xml:101(para)
+msgid "The options which apply to the <command>groupmems</command> command are:"
+msgstr ""
+
+#: groupmems.8.xml:107(term)
+msgid "<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:109(para)
+msgid "Add a user to the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para) groupmems.8.xml:157(para)
+msgid "If the <filename>/etc/gshadow</filename> file exist, and the group has no entry in the <filename>/etc/gshadow</filename> file, a new entry will be created."
+msgstr ""
+
+#: groupmems.8.xml:118(term)
+msgid "<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:121(para)
+msgid "If the <filename>/etc/gshadow</filename> file exist, the user will be removed from the list of members and administrators of the group."
+msgstr ""
+
+#: groupmems.8.xml:134(term)
+msgid "<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr ""
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr ""
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr ""
+
+#: groupmems.8.xml:181(para)
+msgid "The <command>groupmems</command> executable should be in mode <literal>2770</literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</emphasis>. The system administrator can add users to group <emphasis>groups</emphasis> to allow or disallow them using the <command>groupmems</command> utility to manage their own group membership list."
+msgstr ""
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid "\n\t$ groupadd -r groups\n\t$ chmod 2770 groupmems\n\t$ chown root.groups groupmems\n\t$ groupmems -g groups -a gk4\n "
+msgstr ""
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr ""
+
+#: groupmems.8.xml:230(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr ""
+
+#: groupdel.8.xml:81(para)
+msgid "The <command>groupdel</command> command modifies the system account files, deleting all entries that refer to <replaceable>GROUP</replaceable>. The named group must exist."
+msgstr ""
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr ""
+
+#: groupdel.8.xml:117(para)
+msgid "You may not remove the primary group of any existing user. You must remove the user before you remove the group."
+msgstr ""
+
+#: groupdel.8.xml:121(para)
+msgid "You should manually check all file systems to ensure that no files remain owned by this group."
+msgstr ""
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr ""
+
+#: groupdel.8.xml:159(para)
+msgid "The <command>groupdel</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: groupdel.8.xml:198(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr ""
+
+#: groupadd.8.xml:85(para)
+msgid "The <command>groupadd</command> command creates a new group account using the values specified on the command line plus the default values from the system. The new group will be entered into the system files as needed."
+msgstr ""
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr ""
+
+#: groupadd.8.xml:104(para)
+msgid "This option causes the command to simply exit with success status if the specified group already exists. When used with <option>-g</option>, and the specified GID already exists, another (unique) GID is chosen (i.e. <option>-g</option> is turned off)."
+msgstr ""
+
+#: groupadd.8.xml:118(para)
+msgid "The numerical value of the group's ID. This value must be unique, unless the <option>-o</option> option is used. The value must be non-negative. The default is to use the smallest ID value greater than or equal to <option>GID_MIN</option> and greater than every other group."
+msgstr ""
+
+#: groupadd.8.xml:124(para)
+msgid "See also the <option>-r</option> option and the <option>GID_MAX</option> description."
+msgstr ""
+
+#: groupadd.8.xml:141(para)
+msgid "Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+
+#: groupadd.8.xml:146(para)
+msgid "Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+
+#: groupadd.8.xml:150(para)
+msgid "Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr ""
+
+#: groupadd.8.xml:195(para)
+msgid "The numeric identifiers of new system groups are chosen in the <option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in <filename>login.defs</filename>, instead of <option>GID_MIN</option>-<option>GID_MAX</option>."
+msgstr ""
+
+#: groupadd.8.xml:258(para)
+msgid "Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes. They can end with a dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+
+#: groupadd.8.xml:267(para)
+msgid "You may not add a NIS or LDAP group. This must be performed on the corresponding server."
+msgstr ""
+
+#: groupadd.8.xml:271(para)
+msgid "If the groupname already exists in an external group database such as NIS or LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr ""
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr ""
+
+#: groupadd.8.xml:280(para)
+msgid "The <command>groupadd</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: groupadd.8.xml:325(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr ""
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr ""
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr ""
+
+#: gpasswd.1.xml:95(para)
+msgid "The <command>gpasswd</command> command is used to administer <filename>/etc/group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</filename></phrase>. Every group can have <phrase condition=\"gshadow\">administrators,</phrase> members and a password."
+msgstr ""
+
+#: gpasswd.1.xml:103(para)
+msgid "System administrators can use the <option>-A</option> option to define group administrator(s) and the <option>-M</option> option to define members. They have all rights of group administrators and members."
+msgstr ""
+
+#: gpasswd.1.xml:108(para)
+msgid "<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group administrator</phrase><phrase condition=\"no_gshadow\">a system administrator</phrase> with a group name only prompts for the new password of the <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:115(para)
+msgid "If a password is set the members can still use <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr ""
+
+#: gpasswd.1.xml:124(para)
+msgid "Group passwords are an inherent security problem since more than one person is permitted to know the password. However, groups are a useful tool for permitting co-operation between different users."
+msgstr ""
+
+#: gpasswd.1.xml:135(para)
+msgid "Except for the <option>-A</option> and <option>-M</option> options, the options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr ""
+
+#: gpasswd.1.xml:147(term)
+msgid "<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:151(para)
+msgid "Add the <replaceable>user</replaceable> to the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:160(term)
+msgid "<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:164(para)
+msgid "Remove the <replaceable>user</replaceable> from the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:181(term)
+msgid "<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr ""
+
+#: gpasswd.1.xml:199(para)
+msgid "Remove the password from the named <replaceable>group</replaceable>. The group password will be empty. Only group members will be allowed to use <command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr ""
+
+#: gpasswd.1.xml:215(para)
+msgid "Restrict the access to the named <replaceable>group</replaceable>. The group password is set to \"!\". Only group members with a password will be allowed to use <command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:227(term)
+msgid "<option>-A</option>, <option>--administrators</option>&nbsp;<replaceable>user</replaceable>,..."
+msgstr ""
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr ""
+
+#: gpasswd.1.xml:239(term)
+msgid "<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</replaceable>,..."
+msgstr ""
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr ""
+
+#: gpasswd.1.xml:253(para)
+msgid "This tool only operates on the <filename>/etc/group</filename><phrase condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot change any NIS or LDAP group. This must be performed on the corresponding server."
+msgstr ""
+
+#: gpasswd.1.xml:298(para)
+msgid "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition=\"gshadow\">, <citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname) faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle) faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr ""
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+
+#: faillog.8.xml:79(para)
+msgid "<command>faillog</command> displays the contents of the failure log database (<filename>/var/log/faillog</filename>). It can also set the failure counters and limits. When <command>faillog</command> is run without arguments, it only displays the faillog records of the users who had a login failure."
+msgstr ""
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr ""
+
+#: faillog.8.xml:98(para)
+msgid "Display (or act on) faillog records for all users having an entry in the <filename>faillog</filename> database."
+msgstr ""
+
+#: faillog.8.xml:102(para)
+msgid "The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+
+#: faillog.8.xml:106(para)
+msgid "In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty."
+msgstr ""
+
+#: faillog.8.xml:111(para)
+msgid "With the <option>-l</option>, <option>-m</option>, <option>-r</option>, <option>-t</option> options, the users' records are changed, even if the user does not exist on the system. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+
+#: faillog.8.xml:128(term)
+msgid "<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</replaceable>"
+msgstr ""
+
+#: faillog.8.xml:132(para)
+msgid "Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid "Write access to <filename>/var/log/faillog</filename> is required for this option."
+msgstr ""
+
+#: faillog.8.xml:143(term)
+msgid "<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</replaceable>"
+msgstr ""
+
+#: faillog.8.xml:147(para)
+msgid "Set the maximum number of login failures after the account is disabled to <replaceable>MAX</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:151(para)
+msgid "Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not placing a limit on the number of failed logins."
+msgstr ""
+
+#: faillog.8.xml:156(para)
+msgid "The maximum failure count should always be 0 for <emphasis>root</emphasis> to prevent a denial of services attack against the system."
+msgstr ""
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr ""
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr ""
+
+#: faillog.8.xml:195(para)
+msgid "Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:206(para)
+msgid "Display faillog record or maintains failure counters and limits (if used with <option>-l</option>, <option>-m</option> or <option>-r</option> options) only for the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:224(para)
+msgid "When none of the <option>-l</option>, <option>-m</option>, or <option>-r</option> options are used, <command>faillog</command> displays the faillog record of the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:233(para)
+msgid "<command>faillog</command> only prints out users with no successful login since the last failure. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the <option>-u</option> flag, or print out all users with the <option>-a</option> flag."
+msgstr ""
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr ""
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr ""
+
+#: faillog.8.xml:256(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>faillog</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr ""
+
+#: faillog.5.xml:70(para)
+msgid "<filename>/var/log/faillog</filename> maintains a count of login failures and the limits for each account."
+msgstr ""
+
+#: faillog.5.xml:74(para)
+msgid "The file contains fixed length records, indexed by numerical UID. Each record contains the count of login failures since the last successful login; the maximum number of failures before the account is disabled; the line on which the last login failure occurred; the date of the last login failure; and the duration (in seconds) during which the account will be locked after a failure."
+msgstr ""
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr ""
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid "\nstruct\tfaillog {\n\tshort fail_cnt;\n\tshort fail_max;\n\tchar fail_line[12];\n\ttime_t fail_time;\n\tlong fail_locktime;\n};"
+msgstr ""
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib) chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname) expiry.1.xml:74(command)
+msgid "expiry"
+msgstr ""
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr ""
+
+#: expiry.1.xml:83(para)
+msgid "The <command>expiry</command> command checks (<option>-c</option>) the current password expiration and forces (<option>-f</option>) changes when required. It is callable as a normal user command."
+msgstr ""
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr ""
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr ""
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr ""
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr ""
+
+#: chsh.1.xml:85(para)
+msgid "The <command>chsh</command> command changes the user login shell. This determines the name of the user's initial login command. A normal user may only change the login shell for her own account; the superuser may change the login shell for any account."
+msgstr ""
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr ""
+
+#: chsh.1.xml:130(para)
+msgid "If the <option>-s</option> option is not selected, <command>chsh</command> operates in an interactive fashion, prompting the user with the current login shell. Enter the new value to change the shell, or leave the line blank to use the current one. The current shell is displayed between a pair of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chsh.1.xml:141(para)
+msgid "The only restriction placed on the login shell is that the command name must be listed in <filename>/etc/shells</filename>, unless the invoker is the superuser, and then any value may be added. An account with a restricted login shell may not change her login shell. For this reason, placing <filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is discouraged since accidentally changing to a restricted shell would prevent the user from ever changing her login shell back to its original value."
+msgstr ""
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr ""
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr ""
+
+#: chsh.1.xml:192(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr ""
+
+#: chpasswd.8.xml:83(para)
+msgid "The <command>chpasswd</command> command reads a list of user name and password pairs from standard input and uses this information to update a group of existing users. Each line is of the format:"
+msgstr ""
+
+#: chpasswd.8.xml:88(para)
+msgid "<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</emphasis>"
+msgstr ""
+
+#: chpasswd.8.xml:92(para)
+msgid "By default the passwords must be supplied in clear-text, and are encrypted by <command>chpasswd</command>. Also the password age will be updated, if present."
+msgstr ""
+
+#: chpasswd.8.xml:97(para)
+msgid "The default encryption algorithm can be defined for the system with the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables of <filename>/etc/login.defs</filename>, and can be overwritten with the <option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:105(para)
+msgid "By default, passwords are encrypted by PAM, but (even if not recommended) you can select a different encryption method with the <option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:111(para)
+msgid "<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</phrase><command>chpasswd</command> first updates all the passwords in memory, and then commits all the changes to disk if no errors occurred for any user."
+msgstr ""
+
+#: chpasswd.8.xml:117(para)
+msgid "When PAM is used to encrypt the passwords (and update the passwords in the system database) then if a password cannot be updated <command>chpasswd</command> continues updating the passwords of the next users, and will return an error code on exit."
+msgstr ""
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid "This command is intended to be used in a large system environment where many accounts are created at a single time."
+msgstr ""
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr ""
+
+#: chpasswd.8.xml:137(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>&nbsp;<replaceable>METHOD</replaceable>"
+msgstr ""
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr ""
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr ""
+
+#: chpasswd.8.xml:152(para)
+msgid "By default (if none of the <option>-c</option>, <option>-m</option>, or <option>-e</option> options are specified), the encryption method is defined by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr ""
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr ""
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr ""
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid "Use MD5 encryption instead of DES when the supplied passwords are not encrypted."
+msgstr ""
+
+#: chpasswd.8.xml:200(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</replaceable>"
+msgstr ""
+
+#: chpasswd.8.xml:219(para)
+msgid "By default, the number of rounds is defined by the <option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid "Remember to set permissions or umask to prevent readability of unencrypted files by other users."
+msgstr ""
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr ""
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr ""
+
+#: chpasswd.8.xml:286(para)
+msgid "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr ""
+
+#: chgpasswd.8.xml:79(para)
+msgid "The <command>chgpasswd</command> command reads a list of group name and password pairs from standard input and uses this information to update a set of existing groups. Each line is of the format:"
+msgstr ""
+
+#: chgpasswd.8.xml:84(para)
+msgid "<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</emphasis>"
+msgstr ""
+
+#: chgpasswd.8.xml:88(para)
+msgid "By default the supplied password must be in clear-text, and is encrypted by <command>chgpasswd</command>."
+msgstr ""
+
+#: chgpasswd.8.xml:92(para)
+msgid "The default encryption algorithm can be defined for the system with the <option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</filename>, and can be overwritten with the <option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chgpasswd.8.xml:106(para)
+msgid "The options which apply to the <command>chgpasswd</command> command are:"
+msgstr ""
+
+#: chgpasswd.8.xml:238(para)
+msgid "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr ""
+
+#: chfn.1.xml:85(para)
+msgid "The <command>chfn</command> command changes user fullname, office room number, office phone number, and home phone number information for a user's account. This information is typically printed by <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></citerefentry> and similar programs. A normal user may only change the fields for her own account, subject to the restrictions in <filename>/etc/login.defs</filename>. (The default configuration is to prevent users from changing their fullname.) The superuser may change any field for any account. Additionally, only the superuser may use the <option>-o</option> option to change the undefined portions of the GECOS field."
+msgstr ""
+
+#: chfn.1.xml:99(para)
+msgid "These fields must not contain any colons. Except for the <emphasis remap=\"I\">other</emphasis> field, they should not contain any comma or equal sign. It is also recommended to avoid non-US-ASCII characters, but this is only enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> field is used to store accounting information used by other applications."
+msgstr ""
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr ""
+
+#: chfn.1.xml:117(term)
+msgid "<option>-f</option>, <option>--full-name</option>&nbsp;<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr ""
+
+#: chfn.1.xml:125(term)
+msgid "<option>-h</option>, <option>--home-phone</option>&nbsp;<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr ""
+
+#: chfn.1.xml:133(term)
+msgid "<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</replaceable>"
+msgstr ""
+
+#: chfn.1.xml:137(para)
+msgid "Change the user's other GECOS information. This field is used to store accounting information used by other applications, and can be changed only by a superuser."
+msgstr ""
+
+#: chfn.1.xml:145(term)
+msgid "<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</replaceable>"
+msgstr ""
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr ""
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr ""
+
+#: chfn.1.xml:173(term)
+msgid "<option>-w</option>, <option>--work-phone</option>&nbsp;<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr ""
+
+#: chfn.1.xml:181(para)
+msgid "If none of the options are selected, <command>chfn</command> operates in an interactive fashion, prompting the user with the current values for all of the fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a pair of <emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</command> prompts for the current user account."
+msgstr ""
+
+#: chfn.1.xml:226(para)
+msgid "<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr ""
+
+#: chage.1.xml:82(para)
+msgid "The <command>chage</command> command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password."
+msgstr ""
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr ""
+
+#: chage.1.xml:97(term)
+msgid "<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</replaceable>"
+msgstr ""
+
+#: chage.1.xml:101(para)
+msgid "Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area)."
+msgstr ""
+
+#: chage.1.xml:109(term)
+msgid "<option>-E</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+
+#: chage.1.xml:113(para)
+msgid "Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the system administrator before being able to use the system again."
+msgstr ""
+
+#: chage.1.xml:121(para)
+msgid "Passing the number <emphasis remap=\"I\">-1</emphasis> as the <replaceable>EXPIRE_DATE</replaceable> will remove an account expiration date."
+msgstr ""
+
+#: chage.1.xml:135(term)
+msgid "<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>"
+msgstr ""
+
+#: chage.1.xml:139(para)
+msgid "Set the number of days of inactivity after a password has expired before the account is locked. The <replaceable>INACTIVE</replaceable> option is the number of days of inactivity. A user whose account is locked must contact the system administrator before being able to use the system again."
+msgstr ""
+
+#: chage.1.xml:146(para)
+msgid "Passing the number <emphasis remap=\"I\">-1</emphasis> as the <replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr ""
+
+#: chage.1.xml:164(term)
+msgid "<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</replaceable>"
+msgstr ""
+
+#: chage.1.xml:176(term)
+msgid "<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</replaceable>"
+msgstr ""
+
+#: chage.1.xml:180(para)
+msgid "Set the maximum number of days during which a password is valid. When <replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> is less than the current day, the user will be required to change his/her password before being able to use his/her account. This occurrence can be planned for in advance by use of the <option>-W</option> option, which provides the user with advance warning."
+msgstr ""
+
+#: chage.1.xml:189(para)
+msgid "Passing the number <emphasis remap=\"I\">-1</emphasis> as <replaceable>MAX_DAYS</replaceable> will remove checking a password's validity."
+msgstr ""
+
+#: chage.1.xml:209(term)
+msgid "<option>-W</option>, <option>--warndays</option>&nbsp;<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+
+#: chage.1.xml:213(para)
+msgid "Set the number of days of warning before a password change is required. The <replaceable>WARN_DAYS</replaceable> option is the number of days prior to the password expiring that a user will be warned his/her password is about to expire."
+msgstr ""
+
+#: chage.1.xml:222(para)
+msgid "If none of the options are selected, <command>chage</command> operates in an interactive fashion, prompting the user with the current values for all of the fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a pair of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chage.1.xml:232(para)
+msgid "The <command>chage</command> program requires a shadow password file to be available."
+msgstr ""
+
+#: chage.1.xml:236(para)
+msgid "The <command>chage</command> command is restricted to the root user, except for the <option>-l</option> option, which may be used by an unprivileged user to determine when his/her password or account is due to expire."
+msgstr ""
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr ""
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr ""
+
+#: chage.1.xml:279(para)
+msgid "The <command>chage</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+
diff --git a/man/po/sv.po b/man/po/sv.po
new file mode 100644
index 0000000..b09740d
--- /dev/null
+++ b/man/po/sv.po
@@ -0,0 +1,9714 @@
+msgid ""
+msgstr ""
+"Project-Id-Version: man pages for shadow 4.0.18\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:41+0200\n"
+"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
+"Language-Team: Swedish <debian-l10n-swedish@lists.debian.org>\n"
+"Language: sv\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+# Swedish translation of shadow manpage.
+# Copyright (C) 2006 THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the shadow package.
+# Daniel Nylander <po@danielnylander.se>, 2006.
+#
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Systemhanteringskommandon"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+#, fuzzy
+#| msgid "shadow"
+msgid "shadow-utils"
+msgstr "shadow"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr "redigera lösenordet, grupp, skugglösenord eller skuggruppfil"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "flaggor"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "BESKRIVNING"
+
+#: vipw.8.xml:90(para)
+#, fuzzy
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<command>vipw</command> and <command>vigr</command> redigerar filerna "
+"<filename>/etc/passwd</filename> och <filename>/etc/group</filename>, "
+"respektive. Med flaggan <option>-s</option>, kommer de att redigera "
+"skuggversionerna av dessa filer, <filename>/etc/shadow</filename> och "
+"<filename>/etc/gshadow</filename>, respektive. Programmen kommer att ställa "
+"in de lämpliga lås som behövs för att förhindra att filerna skadas. När de "
+"letar efter en redigerare kommer programmen att första försöka med "
+"miljövariabeln <envar>$VISUAL</envar>, sedan miljövariabeln <envar>$EDITOR</"
+"envar> och till sist standardredigeraren, <citerefentry><refentrytitle>vi</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "FLAGGOR"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Flaggorna som gäller för kommandona <command>vipw</command> och "
+"<command>vigr</command> är:"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Redigera gruppdatabasen."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Visa hjälpmeddelande och avsluta."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Redigera lösenordsdatabasen."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Tyst läge."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Redigera shadow- eller gshadow-databasen."
+
+#: vipw.8.xml:156(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr ""
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr ""
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+#, fuzzy
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+#, fuzzy
+#| msgid ""
+#| "Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#| "manvolnum></citerefentry> for details on how this string is interpreted."
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Referera till <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> för detaljer om hur "
+"denna sträng tolkas."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr ""
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr ""
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr ""
+
+#: vipw.8.xml:186(option)
+#, fuzzy
+#| msgid "HYSTORY"
+msgid "EDITOR"
+msgstr "HISTORIK"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr ""
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "FILER"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Gruppkontoinformation."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Säker gruppkontoinformation."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Användarkontoinformation."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Säker användarkontoinformation."
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "SE OCKSÃ…"
+
+#: vipw.8.xml:226(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>login</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "ändra ett användarkonto"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "INLOGGNINGSNAMN"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Kommandot <command>usermod</command> ändrar systemkontofiler enligt det som "
+"anges på kommandoraden."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>usermod</command> är:"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+#, fuzzy
+#| msgid ""
+#| "Add the user to the supplemental group(s). Use only with <option>-G</"
+#| "option> option."
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Lägg till användaren till tilläggsgrupp(er). Använd endast med flaggan "
+"<option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMMENTAR</"
+"replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"Det nya värdet för användarens kommentarsfält i lösenordsfilen. Vanligtvis "
+"ändras det med verktyget <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: usermod.8.xml:128(para)
+#, fuzzy
+#| msgid "user home directory"
+msgid "The user's new login directory."
+msgstr "användarens hemkatalog"
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>UTGÃ…NGSDATUM</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+#, fuzzy
+#| msgid ""
+#| "Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/"
+#| "shadow</filename> by UID."
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Sorterar poster i <filename>/etc/passwd</filename> och <filename>/etc/"
+"shadow</filename> efter UID."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: usermod.8.xml:164(para)
+#, fuzzy
+#| msgid ""
+#| "The number of days after a password has expired before the account will "
+#| "be disabled."
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Antalet dagar efter att ett lösenord har gått ut innan kontot kommer att "
+"inaktiveras."
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GRUPP</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GRUPP1</"
+"replaceable>[<emphasis remap=\"I\">,GRUPP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GRUPPN</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;"
+"<replaceable>NYTT_INLOGGNINGSNAMN</replaceable>"
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Lås en användares lösenord. Detta sätter ett \"!\" i början av det "
+"krypterade lösenordet som effektivt inaktiverar lösenordet. Du kan inte "
+"använda denna flagga med <option>-p</option> eller <option>-U</option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+
+#: usermod.8.xml:253(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+
+#: usermod.8.xml:261(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>LÖSENORD</"
+"replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"Det krypterade lösenordet, som returneras av "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SKAL</"
+"replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr ""
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Låser upp en användares lösenord. Detta tar bort det inledande \"!\" i det "
+"krypterade lösenordet. Du kan inte använda denna flagga med <option>-p</"
+"option> eller <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: usermod.8.xml:444(para)
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+#| "replaceable>"
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SKAL</"
+"replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "TÄNK PÅ"
+
+#: usermod.8.xml:479(para)
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+#, fuzzy
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+#, fuzzy
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"Om <option>--preserve-environment</option> används, anges skalet med "
+"miljövariabeln <envar>$SHELL</envar>."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+
+#. Note: on HP, split groups have the same ID, but different
+#. names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "GID_MIN (nummer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "GID_MAX (nummer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "GID_MIN (nummer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "UID_MIN (nummer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "UID_MAX (nummer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "UID_MIN (nummer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+" use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+" kilos = UID / 1000\n"
+" use /etc/tcb/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" use /etc/tcb/:megas/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+" "
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr ""
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "ta bort ett användarkonto och relaterade filer"
+
+#: userdel.8.xml:85(para)
+#, fuzzy
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"Kommandot <command>userdel</command> ändrar i systemkontofilerna, tar bort "
+"alla poster som refererar till <emphasis remap=\"I\">login_name</emphasis>. "
+"Den angivna användaren måste finnas."
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>userdel</command> är:"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Notera:</emphasis> Denna flagga är farlig och kan göra att ditt "
+"system försätts i ett inkonsistent tillstånd."
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+
+#: userdel.8.xml:158(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "USERDEL_CMD (sträng)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr ""
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+" "
+msgstr ""
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "AVSLUTNINGSVÄRDEN"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "lyckad"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "kan inte uppdatera lösenordsfilen"
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "ogiltig kommandosyntax"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "angiven användare finns inte"
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "användaren är för närvarande inloggad"
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "kan inte uppdatera gruppfilen"
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "kan inte ta bort hemkatalogen"
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>userdel</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"Du får inte ta bort några NIS-attribut på en NIS-klient. Detta måste "
+"genomföras på NIS-servern."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"skapa en ny användare eller uppdatera standardinformation för nya användare"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>useradd</command> är:"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+
+#: useradd.8.xml:178(term)
+#, fuzzy
+#| msgid "<option>-d</option>, <option>--delete</option>"
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: useradd.8.xml:182(para)
+#, fuzzy
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr "Ändrar standardvärden"
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+
+#: useradd.8.xml:272(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+#| "replaceable>"
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SKAL</"
+"replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+
+#: useradd.8.xml:281(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr ""
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides /etc/login.defs defaults (UID_MIN, UID_MAX, UMASK, "
+#| "PASS_MAX_DAYS and others). <placeholder-1/> Example: <option>-K </"
+#| "option>&nbsp;<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</"
+#| "replaceable> can be used when creating system account to turn off "
+#| "password ageing, even though system account has no password at all. "
+#| "Multiple <option>-K</option> options can be specified, e.g.: <option>-K </"
+#| "option>&nbsp;<replaceable>UID_MIN</replaceable>=<replaceable>100</"
+#| "replaceable>&nbsp;<option>-K</option>&nbsp;<replaceable>UID_MAX</"
+#| "replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Åsidosätter standardvärden för /etc/login.defs (UID_MIN, UID_MAX, UMASK, "
+"PASS_MAX_DAYS och others). <placeholder-1/> Exempel: <option>-K</"
+"option>&nbsp;<replaceable>LÖSEN_MAX_DAGAR</replaceable>=<replaceable>-1</"
+"replaceable> kan användas när systemkonton skapas för att stänga av "
+"lösenordsåldring, även om systemkontot inte har något lösenord alls. Flera "
+"av flaggan <option>-K</option> kan anges, t.ex.: <option>-K</option>&nbsp;"
+"<replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;"
+"<option>-K</option>&nbsp;<replaceable>UID_MAX</"
+"replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+#, fuzzy
+#| msgid "<option>-l</option>, <option>--list</option>"
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr ""
+
+#: useradd.8.xml:327(para)
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+
+#: useradd.8.xml:366(term)
+#, fuzzy
+#| msgid "<option>-g</option>, <option>--group</option>"
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+
+#: useradd.8.xml:390(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+#, fuzzy
+#| msgid ""
+#| "The encrypted password, as returned by "
+#| "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Det krypterade lösenordet, som returneras av "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr ""
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: useradd.8.xml:434(para)
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+
+#: useradd.8.xml:482(para)
+#, fuzzy
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: useradd.8.xml:489(term)
+#, fuzzy
+#| msgid "<option>-g</option>, <option>--group</option>"
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Ändrar standardvärden"
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "Datumet när användarkontot blir inaktiverat."
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"Antalet dagar efter att ett lösenord har gått ut innan kontot kommer att "
+"inaktiveras."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr ""
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "NOTERINGAR"
+
+#: useradd.8.xml:615(para)
+#, fuzzy
+#| msgid ""
+#| "The system administrator is responsible for placing the default user "
+#| "files in the <filename>/etc/skel/</filename> directory."
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"Systemadministratören är ansvarig för att placera standardanvändarfiler i "
+"katalogen <filename>/etc/skel/</filename>."
+
+#: useradd.8.xml:624(para)
+#, fuzzy
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Du får inte lägga till en användare till en NIS-grupp. Detta måste "
+"genomföras på NIS-servern."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+
+#: useradd.8.xml:635(para)
+#, fuzzy
+#| msgid ""
+#| "Usernames must begin with a lower case letter or an underscore, and only "
+#| "lower case letters, underscores, dashes, and dollar signs may follow. In "
+#| "regular expression terms: [a-z_][a-z0-9_-]*[$]"
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Användarnamn måste börja med en gemen bokstav eller ett understreck och får "
+"endast innehålla gemener, understreck, minustecken och på slutet ett dollar-"
+"tecken. I reguljära uttryckstermer: [a-z_][a-z0-9_-]*[$]"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr ""
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+#, fuzzy
+msgid "<option>GID_MAX</option> (number)"
+msgstr "GID_MAX (nummer)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+#, fuzzy
+msgid "<option>GID_MIN</option> (number)"
+msgstr "GID_MIN (nummer)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "PASS_MAX_DAYS (nummer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "PASS_MIN_DAYS (nummer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "PASS_WARN_AGE (nummer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+#, fuzzy
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "GID_MAX (nummer)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+#, fuzzy
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "GID_MIN (nummer)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "UID_MAX (nummer)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "UID_MIN (nummer)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>UID_MAX</option> (number)"
+msgstr "UID_MAX (nummer)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>UID_MIN</option> (number)"
+msgstr "UID_MIN (nummer)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+#, fuzzy
+msgid "<option>UMASK</option> (number)"
+msgstr "UMASK (nummer)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Standardvärden för skapande av konto."
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Katalog som innehåller standardfiler."
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "ogiltigt argument till flagga"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID används redan (och inget <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "angiven grupp finns inte"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "användarnamnet används redan"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "kan inte skapa hemkatalog"
+
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>useradd</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Filformat och konversioner"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "detaljerad kontrollfil för su"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" 1) the user su is targeting\n"
+" "
+msgstr ""
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Filen är i följande format, med de rader som inleds med # behandlas som "
+"kommentarsrader och ignoreras;"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" to-id:from-id:ACTION\n"
+" "
+msgstr ""
+"\n"
+" till-id:från-id:ÅTGÄRD\n"
+" "
+
+#: suauth.5.xml:101(para)
+#, fuzzy
+#| msgid ""
+#| "Where to-id is either the word <emphasis>ALL</emphasis>, a list of "
+#| "usernames delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> "
+#| "followed by a list of usernames delimited by \",\""
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Där till-id är antingen ordet <emphasis>ALL</emphasis>, en lista med "
+"användarnamn separerade med \",\" eller orden <emphasis>ALL EXCEPT</"
+"emphasis> följt av en lista med användarnamn separerade med \",\""
+
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"från-id är formaterad på samma sätt som till-id förutom att det extra ordet "
+"<emphasis>GROUP</emphasis> känns igen. <emphasis>ALL EXCEPT GROUP</emphasis> "
+"är helt giltigt också. Efterföljande till <emphasis>GROUP</emphasis> kan "
+"vara ett eller flera gruppnamn, separerade med \",\". Det är inte "
+"tillräckligt att ha primärt grupp-id för den relevanta gruppen, en post i "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> är nödvändigt."
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "Åtgärden kan endast vara en av följande för närvarande stödda flaggor."
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr "Försöket att använda su stoppades före ett lösenord har efterfrågats."
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+"Försöket att använda su lyckades helt automatiskt; inget lösenord har "
+"efterfrågats."
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"För att su-kommandot ska lyckas måste användaren mata in sitt egna lösenord. "
+"De blir frågade att göra detta."
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "EXEMPEL"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" # sample /etc/suauth file\n"
+" #\n"
+" # A couple of privileged usernames may\n"
+" # su to root with their own password.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Anyone else may not su to root unless in\n"
+" # group wheel. This is how BSD does things.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Perhaps terry and birddog are accounts\n"
+" # owned by the same person.\n"
+" # Access can be arranged between them\n"
+" # with no password.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+msgstr ""
+"\n"
+" # exempelfil för /etc/suauth\n"
+" #\n"
+" # Ett par priviligerade användarnamn som \n"
+" # kan su till root med sina egna lösenord.\n"
+" #\n"
+" root:bosse,birddog:OWNPASS\n"
+" #\n"
+" # Alla andra kan inte su till root om de inte finns\n"
+" # gruppen wheel. Det är så BSD gör saker.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Kanske terry och birddog är konton som\n"
+" # ägs av samma person.\n"
+" # Tillgång kan ges mellan dem utan\n"
+" # lösenord.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "FEL"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSTIK"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Användarkommandon"
+
+#: su.1.xml:82(refpurpose)
+#, fuzzy
+msgid "change user ID or become superuser"
+msgstr "ändra användar-id eller bli superanvändare"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "användarnamn"
+
+#: su.1.xml:100(para)
+#, fuzzy
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"<command>su</command> används för att bli en annan användare under en "
+"inloggningssession. Om det startas utan <option>användarnamn</option>, "
+"väljer <command>su</command> superanvändaren. Det valfria argumentet "
+"<option>-</option> kan användas för att tillhandahålla en miljö som liknar "
+"den som användaren skulle förvänta sig om användaren hade loggat in direkt."
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Du kan använda argumentet <option>--</option> för att separera flaggorna "
+"till <command>su</command> från de argument som skickas till skalet."
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Användaren kommer att frågas efter ett lösenord, om det är lämpligt. "
+"Ogiltiga lösenord kommer att ge ett felmeddelande. Alla försök, både giltiga "
+"och ogiltiga, loggas för att detektera misskötsel av systemet."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>su</command> är:"
+
+#: su.1.xml:150(term)
+#, fuzzy
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMMENTAR</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr "Ange ett kommando som ska startas av skalet med <option>-c</option>."
+
+#: su.1.xml:158(para)
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"Tillhandahåll en miljö som liknar den som användaren skulle förvänta sig om "
+"användaren loggat in direkt."
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"När <option>-</option> används måste den anges som den sista flaggan för "
+"<command>su</command>. De andra formerna (<option>-l</option> och <option>--"
+"login</option>) har inte denna restriktion."
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "Skalet som ska startas."
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "Skalet angivet med --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"Om <option>--preserve-environment</option> används, anges skalet med "
+"miljövariabeln <envar>$SHELL</envar>."
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"<filename>/bin/sh</filename> om ett skal inte kunde hittas med någon "
+"ovanstående metod."
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr ""
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr ""
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+
+#: su.1.xml:236(para)
+#, fuzzy
+#| msgid "Preserve the current environment."
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Behåll den aktuella miljön."
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Om målanvändaren har ett begränsat skal har denna flagga ingen effekt "
+"(såvida inte <command>su</command> har startats av root)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr ""
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Denna version av <command>su</command> har många kompileringsflaggor, kanske "
+"bara några används på specifika system."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>CONSOLE</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+#, fuzzy
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+#, fuzzy
+#| msgid ""
+#| "The file is formatted like this, with lines starting with a # being "
+#| "treated as comment lines and ignored;"
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+"Filen är i följande format, med de rader som inleds med # behandlas som "
+"kommentarsrader och ignoreras;"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SU_NAME</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr ""
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr ""
+
+#: su.1.xml:422(replaceable)
+#, fuzzy
+#| msgid "12"
+msgid "126"
+msgstr "12"
+
+#: su.1.xml:424(para)
+#, fuzzy
+#| msgid "execute command as different group ID"
+msgid "The requested command was not found"
+msgstr "kör kommando med annat grupp-id"
+
+#: su.1.xml:428(replaceable)
+#, fuzzy
+#| msgid "12"
+msgid "127"
+msgstr "12"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr ""
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:439(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>sh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>"
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "kör kommando med annat grupp-id"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "grupp <placeholder-1/> kommando"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+
+#: sg.1.xml:141(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>login</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+#: shadow.5.xml:65(refpurpose)
+#, fuzzy
+#| msgid "the password file"
+msgid "shadowed password file"
+msgstr "lösenordsfilen"
+
+#: shadow.5.xml:70(para)
+#, fuzzy
+#| msgid ""
+#| "<filename>/etc/gshadow</filename> contains the shadowed information for "
+#| "group accounts. It contains lines with the following colon-separated "
+#| "fields:"
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>/etc/gshadow</filename> innehåller skuggad gruppkontoinformation. "
+"Den innehåller rader med följande kolonseparerade fält:"
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Denna fil får inte vara läsbar av vanliga användare om lösenordssäkerheten "
+"ska upprätthållas."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "inloggningsnamn"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "krypterat lösenord"
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Referera till <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> för detaljer om hur "
+"denna sträng tolkas."
+
+#: shadow.5.xml:103(para)
+#, fuzzy
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Referera till <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> för detaljer om hur "
+"denna sträng tolkas."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+
+#: shadow.5.xml:127(emphasis)
+#, fuzzy
+#| msgid "days before password may be changed"
+msgid "date of last password change"
+msgstr "dagar innan lösenordet får ändras"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:134(para)
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+
+#: shadow.5.xml:146(emphasis)
+#, fuzzy
+#| msgid "Password Changes"
+msgid "minimum password age"
+msgstr "Lösenordsändringar"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+
+#: shadow.5.xml:160(emphasis)
+#, fuzzy
+#| msgid "Password Changes"
+msgid "maximum password age"
+msgstr "Lösenordsändringar"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+
+#: shadow.5.xml:184(emphasis)
+#, fuzzy
+#| msgid "Password Changes"
+msgid "password warning period"
+msgstr "Lösenordsändringar"
+
+#: shadow.5.xml:187(para)
+#, fuzzy
+#| msgid ""
+#| "The number of days after a password has expired before the account will "
+#| "be disabled."
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"Antalet dagar efter att ett lösenord har gått ut innan kontot kommer att "
+"inaktiveras."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr ""
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr ""
+
+#: shadow.5.xml:222(emphasis)
+#, fuzzy
+#| msgid "User account information."
+msgid "account expiration date"
+msgstr "Användarkontoinformation."
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:229(para)
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr ""
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:246(emphasis)
+#, fuzzy
+#| msgid "a reserved field"
+msgid "reserved field"
+msgstr "ett reserverat fält"
+
+#: shadow.5.xml:248(para)
+#, fuzzy
+#| msgid "sp_flag - reserved for future use"
+msgid "This field is reserved for future use."
+msgstr "sp_flag - reserverat för framtida användning"
+
+#: shadow.5.xml:270(filename)
+#, fuzzy
+#| msgid "/etc/shadow"
+msgid "/etc/shadow-"
+msgstr "/etc/shadow"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr ""
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+
+#: shadow.5.xml:284(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>"
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Biblioteksanrop"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr ""
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAX"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*name"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FIL"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* user login name */\n"
+" char\t\t*sp_pwdp; /* encrypted password */\n"
+" long int\t\tsp_lstchg; /* last password change */\n"
+" long int\t\tsp_min; /* days until change allowed. */\n"
+" long int\t\tsp_max; /* days before change required */\n"
+" long int\t\tsp_warn; /* days warning for expiration */\n"
+" long int\t\tsp_inact; /* days before account inactive */\n"
+" long int\t\tsp_expire; /* date when account expires */\n"
+" unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+" "
+msgstr ""
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "Betydelsen av varje fält är:"
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - reserverat för framtida användning"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr "konvertera till och från skugglösenord och grupper"
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+
+#: pwconv.8.xml:188(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>vipw</command> and <command>vigr</"
+#| "command> commands are:"
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Flaggorna som gäller för kommandona <command>vipw</command> och "
+"<command>vigr</command> är:"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+
+#: pwconv.8.xml:263(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "validera integriteten för lösenordsfiler"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "Kontroller görs för att validera att varje post har:"
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "korrekt antal fält"
+
+#: pwck.8.xml:111(para)
+#, fuzzy
+#| msgid "a unique user name"
+msgid "a unique and valid user name"
+msgstr "ett unikt användarnamn"
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "en giltig identifierare för användare och grupp"
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "en giltig primär grupp"
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "en giltig hemkatalog"
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "ett giltigt inloggningsskal"
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr ""
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+
+#: pwck.8.xml:146(para)
+#, fuzzy
+#| msgid "the correct number of fields"
+msgid "shadow entries have the correct number of fields"
+msgstr "korrekt antal fält"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr ""
+
+#: pwck.8.xml:152(para)
+#, fuzzy
+#| msgid "days before password may be changed"
+msgid "the last password changes are not in the future"
+msgstr "dagar innan lösenordet får ändras"
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+#, fuzzy
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>pwck</command> är:"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--remove</option>"
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "Starta kommandot <command>pwck</command> i skrivskyddat läge."
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+#, fuzzy
+#| msgid "<option>-s</option>, <option>--shadow</option>"
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"Sorterar poster i <filename>/etc/passwd</filename> och <filename>/etc/"
+"shadow</filename> efter UID."
+
+#: pwck.8.xml:227(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+
+#: pwck.8.xml:243(para)
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "en eller flera felaktiga lösenordsposter"
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "kan inte öppna lösenordsfiler"
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "kan inte låsa lösenordsfiler"
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "kan inte uppdatera lösenordsfiler"
+
+#: pwck.8.xml:336(para)
+#, fuzzy
+#| msgid "can't open password files"
+msgid "can't sort password files"
+msgstr "kan inte öppna lösenordsfiler"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>pwck</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> innehåller en lista av tty-"
+"enheter, användarnamn och tillåtna inloggningstider."
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "EXEMPEL"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"Följande post tillåter åtkomst för användaren <emphasis remap=\"B\">jfh</"
+"emphasis> på varje port under veckodagar från 09.00 till 17.00."
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"De följande posterna tillåter åtkomst endast till användarna <emphasis>root</"
+"emphasis> och <emphasis>oper</emphasis> på <filename>/dev/console</filename> "
+"när som helst. Detta illustrerar hur filen <filename>/etc/porttime</"
+"filename> är en ordnad lista för åtkomsttider. Alla andra användare skulle "
+"matcha den andra poster, vilken inte tillåter någon åtkomst oavsett tid."
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+msgstr ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"Fölajnde post tillåter åtkomst för användaren <emphasis>games</emphasis> på "
+"valfri port men inte under arbetstid."
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "Fil som innehåller portåtkomst"
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "lösenordsfilen"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> innehåller en rad för varje användarkonto "
+"men sju fält separerade med kolontecken (<quote>:</quote>). Dessa fält är:"
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "valfritt krypterat lösenord"
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "numeriskt användar-id"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "numeriskt grupp-id"
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "användarnamn eller kommentarsfält"
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "användarens hemkatalog"
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr ""
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr ""
+
+#: passwd.5.xml:156(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/passwd-"
+msgstr "/etc/passwd"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr ""
+
+#: passwd.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "ändra användarlösenord"
+
+#: passwd.1.xml:89(para)
+#, fuzzy
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"<command>passwd</command> ändrar lösenord för användarkonton. En vanlig "
+"användare kan endast ändra lösenordet för sitt egna konto men "
+"superanvändaren kan ändra lösenord för alla konton. <command>passwd</"
+"command> ändrar även kontoinformation, såsom det fullständiga namnet för "
+"användaren, användarens inloggningsskal eller hans/hennes utgångsdatum för "
+"lösenordet och intervall."
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Lösenordsändringar"
+
+#: passwd.1.xml:99(para)
+#, fuzzy
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"Användaren frågas först efter hans/hennes gamla lösenord, om det finns "
+"något. Detta lösenord krypteras sedan och jämförs mot det lagrade "
+"lösenordet. Användaren har endast en chans att ange det korrekta lösenordet. "
+"Superanvändaren tillåts kringgå detta steg så att bortglömda lösenord kan "
+"ändras."
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"Efter att lösenordet har matats in kontrolleras lösenordets "
+"åldringsinformation för att se om användaren tillåts att ändra lösenord för "
+"tillfället. Om inte, nekar <command>passwd</command> att ändra lösenordet "
+"och avslutas."
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"Användaren frågas sedan två gånger efter ett ersättande lösenord. Den andra "
+"inmatningen jämförs mot den första och båda måste stämma överens för att "
+"lösenordet ska ändras."
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"Sedan testas lösenordet för sin komplexitet. Som en allmän riktlinje bör "
+"lösenord innehålla 6 till 8 tecken och inkluderas ett eller flera tecken "
+"från var och en av följande punkter:"
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "gemena bokstäver ur alfabetet"
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "siffrorna 0 till 9"
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "skiljetecken"
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"Tänk på att inte inkludera systemets standardtecken för radering eller döda. "
+"<command>passwd</command> kommer att neka alla lösenord som inte har lämplig "
+"komplexitet."
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Tips för användarlösenord"
+
+#: passwd.1.xml:148(para)
+#, fuzzy
+#| msgid ""
+#| "The security of a password depends upon the strength of the encryption "
+#| "algorithm and the size of the key space. The <emphasis>UNIX</emphasis> "
+#| "System encryption method is based on the NBS DES algorithm and is very "
+#| "secure. The size of the key space depends upon the randomness of the "
+#| "password which is selected."
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"Säkerhet i ett lösenord beror på styrkan på krypteringsalgoritmen och "
+"nyckellängden. Krypteringsmetoden för <emphasis>UNIX-system</emphasis> är "
+"baserad på NBS DES-algoritmen och är mycket säker. Längden på nyckeln är "
+"beroende på slumpmässigheten för det valda lösenordet."
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"Problem i lösenordssäkerheten brukar normalt komma från slarvigt valda "
+"lösenord eller hantering. Av denna anledning bör du inte välja ett lösenord "
+"som finns i en ordbok eller som måste skrivas ner. Lösenordet bör heller "
+"inte vara ett korrekt namn, ditt personnummer, födelsedatum eller "
+"gatuadress. Dessa kan användas som gissningar för att ta sig in i systemet."
+
+#: passwd.1.xml:166(para)
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>passwd</command> är:"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Denna flagga kan endast användas med <option>-S</option> och gör att status "
+"visas för alla användare."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Ta bort en användares lösenord (gör det blankt). Detta är ett snabbt sätt "
+"att inaktivera ett lösenord för ett konto. Det kommer att ta bort det "
+"angivna kontots lösenord."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Lösenordet för ett konto sätts omedelbart som utgånget. Detta kan tvinga en "
+"användare att ändra sitt lösenord vid nästa inloggningsförsök."
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Denna flagga används för att inaktivera ett konto efter att lösenordet har "
+"varit utgånget i ett antal dagar. Efter att ett användarkonto har haft ett "
+"utgånget lösenord i <replaceable>INAKTIV</replaceable> dagar får användaren "
+"inte längre logga in med detta konto."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+#: passwd.1.xml:237(para)
+#, fuzzy
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Indikera lösenordsändring bör endast genomföras för utgångna "
+"autentiseringslösenord. Användaren önskar behålla sitt icke-utgångna "
+"lösenord som tidigare."
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+#, fuzzy
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Lås angivet konto. Denna flagga inaktiverar ett konto genom att ändra "
+"lösenordet till ett värde som inte matchar något möjligt krypterat värde."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+
+#: passwd.1.xml:269(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-m</option>, <option>--mindays</option>&nbsp;"
+#| "<replaceable>MIN_DAYS</replaceable>"
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAGAR</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Sätter minimalt antal dagar mellan lösenordsändringar till "
+"<replaceable>MIN_DAGAR</replaceable>. Ett nollvärde för detta fält betyder "
+"att användaren kan ändra sitt lösenord när som helst."
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;<replaceable>FÖRRÅD</"
+"replaceable>"
+
+#: passwd.1.xml:295(para)
+#, fuzzy
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr "ändra lösenord i förrådet <replaceable>FÖRRÅD</replaceable>"
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+#, fuzzy
+#| msgid ""
+#| "Display account status information. The status information consists of 7 "
+#| "fields. The first field is the user's login name. The second field "
+#| "indicates if the user account is locked (L), has no password (NP), or has "
+#| "a usable password (P). The third field gives the date of the last "
+#| "password change. The next four fields are the minimum age, maximum age, "
+#| "warning period, and inactivity period for the password. These ages are "
+#| "expressed in days."
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Visa statusinformation för konto. Statusinformationen innehåller 7 fält. "
+"Första fältet är användarens inloggningsnamn. Det andra fältet indikerar om "
+"användarkontot är låst (L), saknar lösenord (NP) eller har ett användbart "
+"lösenord (P). Det tredje fältet anger datumet för senaste "
+"lösenordsändringen. De nästa fyra fälten är minimal ålder, maximal ålder, "
+"varningsperiod och inaktivitetsperiod för lösenordet. Dessa åldrar anges i "
+"dagar."
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+#, fuzzy
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Lås upp angivet konto. Denna flagga återaktiverar ett konto genom att ändra "
+"tillbaka lösenordet till dess tidigare värde (till värdet före användning av "
+"flaggan <option>-l</option>)."
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>VARN_DAGAR</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"Sätter antalet dagar för varning före ett lösenord behöver ändras. Flaggan "
+"<replaceable>VARN_DAGAR</replaceable> är antalet dagar före användaren "
+"varnas om att lösenordet är på väg att bli utgånget."
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAGAR</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"Sätter maximalt antal dagar som ett lösenord ska vara giltigt. Efter "
+"<replaceable>MAX_DAGAR</replaceable> krävs det att lösenordet ändras."
+
+#: passwd.1.xml:373(para)
+#, fuzzy
+#| msgid ""
+#| "Not all options may be supported. Password complexity checking may vary "
+#| "from site to site. The user is urged to select a password as complex as "
+#| "he or she feels comfortable with. Users may not be able to change their "
+#| "password on a system if NIS is enabled and they are not logged into the "
+#| "NIS server."
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"Inte alla flaggor kanske stöds. Kontroll av lösenordskomplexiteten kan "
+"variera mellan olika system. Användare rekommenderas att välja ett lösenord "
+"som är så komplext som han eller hon känner sig komfortabel med. Användare "
+"kanske inte kan ändra sina lösenord på ett system om NIS är aktiverat och de "
+"inte är inloggade mot NIS-servern."
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr ""
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+#, fuzzy
+#| msgid ""
+#| "Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option> -K </"
+#| "option>&nbsp;<replaceable>GID_MAX</replaceable>=<replaceable>499</"
+#| "replaceable>"
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Exempel: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "PASS_WARN_AGE (nummer)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "PASS_MAX_DAYS (nummer)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "PASS_MIN_DAYS (nummer)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+
+#: passwd.1.xml:429(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr ""
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "Ã¥tkomst nekad"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "ogiltig kombination av flaggor"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "oväntat fel, ingenting har genomförts"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "oväntat fel, filen <filename>passwd</filename> saknas"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr "Filen <filename>passwd</filename> är upptagen, försök igen"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>passwd</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "vägra snällt en inloggning"
+
+#: nologin.8.xml:65(para)
+#, fuzzy
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"<command>nologin</command> visar ett meddelande om att kontot inte är "
+"tillgängligt och avslutas med icke-noll-status. Det är tänkt som ett "
+"ersättande skalfält för konton som har inaktiverats."
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"För att inaktivera alla inloggningar, undersök "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+#, fuzzy
+#| msgid "HYSTORY"
+msgid "HISTORY"
+msgstr "HISTORIK"
+
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "Kommandot <command>nologin</command> dök upp i BSD 4.4."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "uppdatera och skapa nya användare satsvis"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr ""
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr ""
+
+#: newusers.8.xml:110(emphasis)
+#, fuzzy
+#| msgid "group_name"
+msgid "pw_name"
+msgstr "gruppnamn"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr ""
+
+#: newusers.8.xml:116(para)
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Detta fält kommer att krypteras och användas som det nya värdet för det "
+"krypterade lösenordet."
+
+#: newusers.8.xml:138(emphasis)
+#, fuzzy
+#| msgid "pw_gid"
+msgid "pw_uid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr ""
+
+#: newusers.8.xml:144(para)
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr ""
+
+#: newusers.8.xml:152(para)
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr ""
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr ""
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr ""
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr ""
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Detta kommando är tänkt att användas i större systemmiljöer där många konton "
+"uppdateras på samma gång."
+
+#: newusers.8.xml:266(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>usermod</command> command are:"
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>usermod</command> är:"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+#, fuzzy
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+#, fuzzy
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Inmatningsfilen måste skyddas eftersom den innehåller okrypterade lösenord."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+
+#: newusers.8.xml:430(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/passwd"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "logga in i en ny grupp"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "grupp"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+
+#: newgrp.1.xml:152(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+#, fuzzy
+#| msgid "Enforce login time restrictions"
+msgid "enforce login time restrictions"
+msgstr "Upprätthåll tidsbegränsningar för inloggningar"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Lista på aktuella inloggningssessioner."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr ""
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Följande konfigurationsposter tillhandahålls:"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+#, fuzzy
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+#, fuzzy
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+#, fuzzy
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "UMASK (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "PASS_MIN_DAYS (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "GID_MAX (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "GID_MIN (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "GID_MAX (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+
+#: login.defs.5.xml:208(para)
+#, fuzzy
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"PASS_MAX_DAYS, PASS_MIN_DAYS och PASS_WARN_AGE används endast när kontot "
+"skapas. Alla ändringar av dessa inställningar påverkar inte existerande "
+"konton."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+#, fuzzy
+msgid "<option>TTYPERM</option> (string)"
+msgstr "USERDEL_CMD (sträng)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ULIMIT</option> (number)"
+msgstr "UID_MIN (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr ""
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr ""
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr ""
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr ""
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+#, fuzzy
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHFN_AUTH CHFN_RESTRICT"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+#, fuzzy
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr ""
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:383(term)
+#, fuzzy
+#| msgid "newgrp"
+msgid "newgrp / sg"
+msgstr "newgrp"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:431(para)
+#, fuzzy
+#| msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK"
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:463(term)
+#, fuzzy
+msgid "sulogin"
+msgstr "login"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:519(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr ""
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr ""
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "värd"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr ""
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "Genomför inte autentisering, användaren är förautentiserad."
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Namnet på fjärrvärden för denna inloggning."
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Behåll miljö."
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "Genomför automatiskt inloggningsprotokoll för rlogin."
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Lista på tidigare inloggningssessioner."
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "Fil för dagens systemmeddelande."
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "Förhindra icke-rootanvändare från att logga in."
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "Lista på terminaltyper."
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "Tysta ner utskrift av systemmeddelanden."
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "definition av resursbegränsningar"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr "Varje rad beskriver en begränsning för användaren i formatet:"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "user LIMITS_STRING"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr ""
+
+#: limits.5.xml:96(emphasis)
+#, fuzzy
+#| msgid "user LIMITS_STRING"
+msgid "@group LIMITS_STRING"
+msgstr "user LIMITS_STRING"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "De giltiga identifierarna är:"
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A: maximal adressrymd (KB)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D: maximal datastorlek (KB)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F: maximal filstorlek (KB)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L: maximalt antal inloggningar för denna användare"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N: maximalt antal öppna filer"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr ""
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P: processprioritet, inställd av <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S: maximal stackstorlek (KB)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T: maximal processortid (MIN)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U: maximalt antal processer"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+msgstr ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+
+#: limits.5.xml:145(para)
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+
+#: limits.5.xml:165(para)
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+
+#: limits.5.xml:170(para)
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>lastlog</command> är:"
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAGAR</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAGAR</"
+"replaceable>"
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr ""
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "NOTERA"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "Databastider för tidigare användarinloggningar."
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "skuggad gruppfil"
+
+#: gshadow.5.xml:59(para)
+#, fuzzy
+#| msgid ""
+#| "<filename>/etc/gshadow</filename> contains the shadowed information for "
+#| "group accounts. It contains lines with the following colon-separated "
+#| "fields:"
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"<filename>/etc/gshadow</filename> innehåller skuggad gruppkontoinformation. "
+"Den innehåller rader med följande kolonseparerade fält:"
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "gruppnamn"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr ""
+
+#: gshadow.5.xml:90(para)
+#, fuzzy
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Referera till <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> för detaljer om hur "
+"denna sträng tolkas."
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The new value of the user's password file comment field. It is normally "
+#| "modified using the <citerefentry><refentrytitle>chfn</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Det nya värdet för användarens kommentarsfält i lösenordsfilen. Vanligtvis "
+"ändras det med verktyget <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr ""
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+#, fuzzy
+#| msgid "comma-separated list of group members"
+msgid "It must be a comma-separated list of user names."
+msgstr "kommaseparerad lista med gruppmedlemmar"
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr ""
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+
+#: gshadow.5.xml:175(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "validera integriteten för gruppfiler"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+
+#: grpck.8.xml:101(para)
+#, fuzzy
+#| msgid "a unique group name"
+msgid "a unique and valid group name"
+msgstr "ett unikt gruppnamn"
+
+#: grpck.8.xml:104(para)
+#, fuzzy
+#| msgid ""
+#| "Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/"
+#| "shadow</filename> by UID."
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"Sorterar poster i <filename>/etc/passwd</filename> och <filename>/etc/"
+"shadow</filename> efter UID."
+
+#: grpck.8.xml:111(para)
+#, fuzzy
+#| msgid "a valid list of members and administrators"
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr "en giltig lista med medlemmar och administratörer"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+
+#: grpck.8.xml:152(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>pwck</command> command are:"
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>pwck</command> är:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+
+#: grpck.8.xml:187(para)
+#, fuzzy
+#| msgid ""
+#| "Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/"
+#| "shadow</filename> by UID."
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"Sorterar poster i <filename>/etc/passwd</filename> och <filename>/etc/"
+"shadow</filename> efter UID."
+
+#: grpck.8.xml:196(para)
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "en eller flera felaktiga grupposter"
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "kan inte öppna gruppfiler"
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "kan inte låsa gruppfiler"
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "kan inte uppdatera gruppfiler"
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>grpck</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "visa aktuella gruppnamn"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "användare"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "ändra en gruppdefinition på systemet"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GRUPP"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>groupmod</command> är:"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;<replaceable>NY_GRUPP</"
+"replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+
+#: groupmod.8.xml:150(para)
+#, fuzzy
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "gruppnamnet används redan"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>groupmod</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "administrera medlemmar av en användares primära grupp"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "användarnamn"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "gruppnamn"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+
+#: groupmems.8.xml:94(para)
+#, fuzzy
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Endast superanvändaren, som administratör, kan använda <command>groupmems</"
+"command> för att göra ändringar i medlemskap för andra grupper."
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>groupmems</command> är:"
+
+#: groupmems.8.xml:107(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#| "replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add a new user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Lägg till en ny användare till gruppens medlemslista."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+
+#: groupmems.8.xml:118(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAGAR</"
+"replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Ta bort en användare från gruppen medlemslista."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+
+#: groupmems.8.xml:134(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+#| "replaceable>"
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+#, fuzzy
+msgid "The superuser can specify which group membership list to modify."
+msgstr "Superanvändaren kan ange vilken grupps medlemslista som ska ändras."
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "Lista gruppens medlemslista."
+
+#: groupmems.8.xml:154(term)
+#, fuzzy
+#| msgid "<option>-e</option>, <option>--expire</option>"
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "Rensa alla användare från gruppens medlemslista."
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr ""
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "säker gruppkontoinformation"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "ta bort en grupp"
+
+#: groupdel.8.xml:81(para)
+#, fuzzy
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"Kommandot <command>userdel</command> ändrar i systemkontofilerna, tar bort "
+"alla poster som refererar till <emphasis remap=\"I\">login_name</emphasis>. "
+"Den angivna användaren måste finnas."
+
+#: groupdel.8.xml:89(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>groupmod</command> command are:"
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>groupmod</command> är:"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Du får inte ta bort den primära gruppen för någon existerande användare. Du "
+"måste ta bort användaren innan du tar bort gruppen."
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "kan inte ta bort användarens primära grupp"
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>groupdel</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>"
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "skapa en ny grupp"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>groupadd</command> är:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+
+#: groupadd.8.xml:124(para)
+#, fuzzy
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Åsidosätter standardvärden i <filename>/etc/login.defs</filename> (GID_MIN, "
+"GID_MAX och andra). Flera flaggor av <option>-K</option> kan anges."
+
+#: groupadd.8.xml:146(para)
+#, fuzzy
+#| msgid ""
+#| "Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option> -K </"
+#| "option>&nbsp;<replaceable>GID_MAX</replaceable>=<replaceable>499</"
+#| "replaceable>"
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Exempel: <option>-Koption>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Notera: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> fungerar ännu inte."
+
+#: groupadd.8.xml:161(para)
+#, fuzzy
+msgid "This option permits to add a group with a non-unique GID."
+msgstr "Denna flagga tillåter att en grupp med ett icke-unikt GID läggs till."
+
+#: groupadd.8.xml:192(para)
+#, fuzzy
+#| msgid "create a new group"
+msgid "Create a system group."
+msgstr "skapa en ny grupp"
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+
+#: groupadd.8.xml:258(para)
+#, fuzzy
+#| msgid ""
+#| "Usernames must begin with a lower case letter or an underscore, and only "
+#| "lower case letters, underscores, dashes, and dollar signs may follow. In "
+#| "regular expression terms: [a-z_][a-z0-9_-]*[$]"
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Användarnamn måste börja med en gemen bokstav eller ett understreck och får "
+"endast innehålla gemener, understreck, minustecken och på slutet ett dollar-"
+"tecken. I reguljära uttryckstermer: [a-z_][a-z0-9_-]*[$]"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+
+#: groupadd.8.xml:267(para)
+#, fuzzy
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Du får inte lägga till en användare till en NIS-grupp. Detta måste "
+"genomföras på NIS-servern."
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID inte unikt (när <option>-o</option> inte används)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "gruppnamn inte unikt"
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>groupadd</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+#, fuzzy
+#| msgid "-r <placeholder-1/>"
+msgid "administer <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+#, fuzzy
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "-K <placeholder-1/>=<placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+#, fuzzy
+msgid "option"
+msgstr "flaggor"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:115(para)
+#, fuzzy
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Referera till <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> för detaljer om hur "
+"denna sträng tolkas."
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Noteringar angående grupplösenord"
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+
+#: gpasswd.1.xml:135(para)
+#, fuzzy
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:142(para)
+#, fuzzy
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>passwd</command> är:"
+
+#: gpasswd.1.xml:147(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#| "replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:160(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAGAR</"
+"replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:181(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--remove</option>"
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:211(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:227(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-m</option>, <option>--mindays</option>&nbsp;"
+#| "<replaceable>MIN_DAYS</replaceable>"
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAGAR</"
+"replaceable>"
+
+#: gpasswd.1.xml:231(para)
+#, fuzzy
+msgid "Set the list of administrative users."
+msgstr "kommaseparerad lista med gruppadministratörer"
+
+#: gpasswd.1.xml:239(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAGAR</"
+"replaceable>"
+
+#: gpasswd.1.xml:243(para)
+#, fuzzy
+msgid "Set the list of group members."
+msgstr "kommaseparerad lista med gruppmedlemmar"
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+
+#: gpasswd.1.xml:298(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>faillog</command> är:"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+
+#: faillog.8.xml:102(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+
+#: faillog.8.xml:128(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-l</option>, <option>--lock-time</option>&nbsp;<replaceable>SEC</"
+#| "replaceable>"
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-time</option>&nbsp;<replaceable>SEK</"
+"replaceable>"
+
+#: faillog.8.xml:132(para)
+#, fuzzy
+#| msgid ""
+#| "Lock account to <replaceable>SEC</replaceable> seconds after failed login."
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"LÃ¥s kontot <replaceable>SEK</replaceable> sekunder efter misslyckad "
+"inloggning."
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+#: faillog.8.xml:147(para)
+#, fuzzy
+#| msgid ""
+#| "Set the maximum number of days a password remains valid. After "
+#| "<replaceable>MAX_DAYS</replaceable>, the password is required to be "
+#| "changed."
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"Sätter maximalt antal dagar som ett lösenord ska vara giltigt. Efter "
+"<replaceable>MAX_DAGAR</replaceable> krävs det att lösenordet ändras."
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr ""
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:224(para)
+#, fuzzy
+#| msgid ""
+#| "The <option>-r</option>, <option>-h</option> and <option>-f</option> "
+#| "options are only used when <command>login</command> is invoked by root."
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr ""
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr ""
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "Strukturen för filen är:"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "kontrollera och upprätthåll policy för lösenordsutgång"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+
+#: expiry.1.xml:92(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>pwck</command> command are:"
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>pwck</command> är:"
+
+#: expiry.1.xml:97(term)
+#, fuzzy
+#| msgid "<option>-L</option>, <option>--lock</option>"
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: expiry.1.xml:99(para)
+#, fuzzy
+#| msgid "check and enforce password expiration policy"
+msgid "Check the password expiration of the current user."
+msgstr "kontrollera och upprätthåll policy för lösenordsutgång"
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "ändra inloggningsskal"
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>chsh</command> är:"
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Lista på giltiga inloggningsskal."
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "uppdatera lösenord i satsläge"
+
+#: chpasswd.8.xml:83(para)
+#, fuzzy
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"<command>chgpasswd</command> läser en lista på gruppnamn och lösenordspar "
+"från standard in och använder denna information för att uppdatera en "
+"uppsättning redan existerande grupper. Varje rad är i formatet:"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">användarnamn</emphasis>:<emphasis remap=\"I"
+"\">lösenord</emphasis>"
+
+#: chpasswd.8.xml:92(para)
+#, fuzzy
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Som standard måste det insända lösenordet vara i klartext. "
+"Standardkrypteringsalgoritmen är DES."
+
+#: chpasswd.8.xml:97(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:111(para)
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>chpasswd</command> är:"
+
+#: chpasswd.8.xml:137(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-c</option>, <option>--comment</option>&nbsp;"
+#| "<replaceable>COMMENT</replaceable>"
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMMENTAR</"
+"replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr ""
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr ""
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Insända lösenord är i ett krypterat format."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"Använd MD5-kryptering istället för DES när insända lösenord inte är "
+"krypterade."
+
+#: chpasswd.8.xml:200(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-w</option>, <option>--warndays</option>&nbsp;"
+#| "<replaceable>WARN_DAYS</replaceable>"
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>VARN_DAGAR</replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Kom ihåg att ställa in rättigheter eller umask för att förhindra läsning av "
+"okrypterade filer för andra användare."
+
+#: chpasswd.8.xml:276(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/passwd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr ""
+
+#: chpasswd.8.xml:286(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "uppdatera grupplösenord i satsläge"
+
+#: chgpasswd.8.xml:79(para)
+#, fuzzy
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"<command>chgpasswd</command> läser en lista på gruppnamn och lösenordspar "
+"från standard in och använder denna information för att uppdatera en "
+"uppsättning redan existerande grupper. Varje rad är i formatet:"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">gruppnamn</emphasis>:<emphasis remap=\"I\">lösenord</"
+"emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+#, fuzzy
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Som standard måste det insända lösenordet vara i klartext. "
+"Standardkrypteringsalgoritmen är DES."
+
+#: chgpasswd.8.xml:92(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>chgpasswd</command> är:"
+
+#: chgpasswd.8.xml:238(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "ändra verkligt användarnamn och information"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+
+#: chfn.1.xml:112(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>chsh</command> command are:"
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>chsh</command> är:"
+
+#: chfn.1.xml:117(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>"
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;"
+"<replaceable>INLOGGNINGSNAMN</replaceable>"
+
+#: chfn.1.xml:121(para)
+#, fuzzy
+#| msgid "Changing the default values"
+msgid "Change the user's full name."
+msgstr "Ändrar standardvärden"
+
+#: chfn.1.xml:125(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr ""
+
+#: chfn.1.xml:133(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+
+#: chfn.1.xml:145(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr ""
+
+#: chfn.1.xml:165(term)
+#, fuzzy
+#| msgid "<option>-h</option>, <option>--help</option>"
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr ""
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "ändra åldringsinformation för användarlösenord"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>chage</command> är:"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>SISTA_DAG</"
+"replaceable>"
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>UTGÃ…NGSDATUM</replaceable>"
+
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Visa kontots åldringsinformation"
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAGAR</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAGAR</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>VARN_DAGAR</replaceable>"
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Programmet <command>chage</command> kräver att en skugglösenordsfil finns "
+"tillgänglig."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "kan inte hitta skugglösenordsfilen"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>chage</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr "Daniel Nylander <po@danielnylander.se>, 2006."
+
+#, fuzzy
+#~| msgid "-"
+#~ msgid "-M"
+#~ msgstr "-"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "kan inte skapa postkö"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "nya_användare"
+
+#~ msgid "full_name"
+#~ msgstr "fullständigt_namn"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "rumsnummer"
+
+#~ msgid "work_ph"
+#~ msgstr "arbetstelefon"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "hemtelefon"
+
+#~ msgid "other"
+#~ msgstr "övrigt"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#~ "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "Note: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> doesn't work yet."
+#~ msgstr ""
+#~ "Notera: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> fungerar ännu inte."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+#~ msgstr "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+
+#, fuzzy
+#~| msgid "Supplied passwords are in encrypted form."
+#~ msgid "The supplied passwords must be in clear-text."
+#~ msgstr "Insända lösenord är i ett krypterat format."
+
+#, fuzzy
+#~ msgid "and <placeholder-1/> files"
+#~ msgstr "-a <placeholder-1/>"
+
+#~ msgid "encrypted password file"
+#~ msgstr "krypterad lösenordsfil"
+
+#~ msgid "comma-separated list of group administrators"
+#~ msgstr "kommaseparerad lista med gruppadministratörer"
+
+#~ msgid "days since Jan 1, 1970 that password was last changed"
+#~ msgstr "dagar sedan 1:a januari, 1970 som lösenordet senast ändrades"
+
+#~ msgid "days after which password must be changed"
+#~ msgstr "dagar efter vilket lösenordet måste ändras"
+
+#~ msgid "days before password is to expire that user is warned"
+#~ msgstr "dagar innan lösenordet går ut som användaren varnas"
+
+#~ msgid "days after password expires that account is disabled"
+#~ msgstr "dagar efter att lösenordet gått ut och kontot inaktiveras"
+
+#~ msgid "days since Jan 1, 1970 that account is disabled"
+#~ msgstr "dagar sedan 1:a januari 1970 som kontot är inaktiverat"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#, fuzzy
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-a"
+#~ msgstr "-a"
+
+#~ msgid "-d"
+#~ msgstr "-d"
+
+#~ msgid "-g"
+#~ msgstr "-g"
+
+#~ msgid "GID"
+#~ msgstr "GID"
+
+#~ msgid "-o"
+#~ msgstr "-o"
+
+#~ msgid "KEY"
+#~ msgstr "NYCKEL"
+
+#~ msgid "VALUE"
+#~ msgstr "VÄRDE"
+
+#~ msgid "-K <placeholder-1/>=<placeholder-2/>"
+#~ msgstr "-K <placeholder-1/>=<placeholder-2/>"
+
+#, fuzzy
+#~ msgid "-R"
+#~ msgstr "-"
+
+#, fuzzy
+#~ msgid "<option>-A</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+#, fuzzy
+#~ msgid "<option>-M</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+#~ msgid ""
+#~ "Your password must be easily remembered so that you will not be forced to "
+#~ "write it on a piece of paper. This can be accomplished by appending two "
+#~ "small words together and separating each with a special character or "
+#~ "digit. For example, Pass%word."
+#~ msgstr ""
+#~ "Ditt lösenord måste vara lätt att komma ihåg så att du inte behöver "
+#~ "skriva ner det på en papperslapp. Detta kan göras genom att lägga till "
+#~ "två små ord tillsammans och separera dem med ett specialtecken eller "
+#~ "siffra. Till exempel, Pass%word."
+
+#~ msgid ""
+#~ "Other methods of construction involve selecting an easily remembered "
+#~ "phrase from literature and selecting the first or last letter from each "
+#~ "word. An example of this is:"
+#~ msgstr ""
+#~ "Andra metoder för att konstruera lösenord är att välja en literär fras "
+#~ "som är lätt att komma ihåg och välja den första eller sista bokstaven "
+#~ "från varje ord. Ett exempel på detta är:"
+
+#~ msgid "Ask not for whom the bell tolls"
+#~ msgstr "Fråga inte för vem klockorna ringer klockan 3"
+
+#~ msgid "which produces"
+#~ msgstr "som blir"
+
+#~ msgid "An4wtbt"
+#~ msgstr "Fifvkrk3"
+
+#~ msgid ""
+#~ "You may be reasonably sure few crackers will have included this in their "
+#~ "dictionaries. You should, however, select your own methods for "
+#~ "constructing passwords and not rely exclusively on the methods given here."
+#~ msgstr ""
+#~ "Du kan vara hyffsat säker på att få hackare har inkluderat detta i sina "
+#~ "ordböcker. Du bör dock välja dina egna metoder för att konstruera "
+#~ "lösenord och inte enbart förlita dig på de metoder som anges här."
+
+#~ msgid ""
+#~ "The <option>-t</option> flag overrides the use of <option>-u</option>."
+#~ msgstr ""
+#~ "Flaggan <option>-t</option> åsidosätter användningen av <option>-u</"
+#~ "option>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "MAIL_DIR USERDEL_CMD"
+#~ msgstr "MAIL_DIR USERDEL_CMD"
+
+#~ msgid "MAIL_DIR"
+#~ msgstr "MAIL_DIR"
+
+#~ msgid "CHFN_AUTH"
+#~ msgstr "CHFN_AUTH"
+
+#~ msgid "GID_MAX GID_MIN"
+#~ msgstr "GID_MAX GID_MIN"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "-R <placeholder-1/>"
+#~ msgstr "-R <placeholder-1/>"
+
+#~ msgid "user,"
+#~ msgstr "användare,"
+
+#~ msgid "-A <placeholder-1/>"
+#~ msgstr "-A <placeholder-1/>"
+
+#~ msgid "-M <placeholder-1/>"
+#~ msgstr "-M <placeholder-1/>"
diff --git a/man/po/zh_CN.po b/man/po/zh_CN.po
new file mode 100644
index 0000000..fd4c4ca
--- /dev/null
+++ b/man/po/zh_CN.po
@@ -0,0 +1,9435 @@
+#
+# YunQiang Su <wzssyqa@gmail.com>, 2010, 2011, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow-man-pages VERSION\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:42+0200\n"
+"Last-Translator: YunQiang Su <wzssyqa@gmail.com>\n"
+"Language-Team: Chinese (simplified) <i18n-zh@googlegroups.com>\n"
+"Language: zh_CN\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bits\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "系统管ç†å‘½ä»¤"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr "编辑密ç ã€ç»„ã€å½±å­å¯†ç æˆ–å½±å­ç»„文件。"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "选项"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "æè¿°"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<command>vipw</command> 和 <command>vigr</command> 命令分别编辑 <filename>/"
+"etc/passwd</filename> 和 <filename>/etc/group</filename> 文件。使用 <option>-"
+"s</option> 标识时,将编辑这些文件的影å­ç‰ˆï¼Œå³åˆ†åˆ«ä¸º <filename>/etc/shadow</"
+"filename> å’Œ <filename>/etc/gshadow</filename>。这些程åºå°†è®¾ç½®ç›¸åº”çš„é”,以防"
+"止文件æŸå。寻找编辑器时,首先å°è¯•çŽ¯å¢ƒå˜é‡ <envar>$VISUAL</envar>,然åŽæ˜¯çŽ¯å¢ƒ"
+"å˜é‡ <envar>$EDITOR</envar>,最åŽæ˜¯é»˜è®¤ç¼–辑器 "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>。"
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "选项"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"<command>vipw</command> å’Œ <command>vigr</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "编辑 group æ•°æ®åº“。"
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "现实帮助信æ¯å¹¶é€€å‡ºã€‚"
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "编辑 passwd æ•°æ®åº“。"
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "安é™æ¨¡å¼ã€‚"
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+#, fuzzy
+#| msgid ""
+#| "Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+#| "replaceable>."
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"å‘å为 <replaceable>group</replaceable> 的组中添加用户 <replaceable>user</"
+"replaceable>。"
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "编辑 shadow 或 gshadow æ•°æ®åº“。"
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "指定è¦ç¼–辑哪个用户的 tcb å½±å­æ–‡ä»¶ã€‚"
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "é…置文件"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"在 <filename>/etc/login.defs</filename> 中有如下é…ç½®å˜é‡ï¼Œå¯ä»¥ç”¨æ¥æ›´æ”¹æ­¤å·¥å…·"
+"的行为:"
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (boolean)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"如果 <replaceable>yes</replaceable>,将会使用 "
+"<citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> å½±å­å¯†ç æ–¹æ¡ˆã€‚"
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "环境å˜é‡"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "è¦ä½¿ç”¨çš„编辑器。"
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr "<option>VISUAL</option> 没有设置的情况下,使用的编辑器。"
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "文件"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "组账户信æ¯ã€‚"
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "安全组账户信æ¯ã€‚"
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "用户账户信æ¯ã€‚"
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "安全用户账户信æ¯ã€‚"
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "å‚è§"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "修改一个用户账户"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "登录"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"<command>usermod</command> 修改系统账户文件和在命令行上指定的相关更改。"
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr "<command>usermod</command> å¯ä»¥æŽ¥å—的选项有:"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr "将用户添加到附加组。åªèƒ½å’Œ <option>-G</option> 选项一起使用。"
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"用户密ç æ–‡ä»¶ä¸­æ³¨é‡Šå­—段的新值。通常使用 <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> 工具对其进行修改。"
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "用户的新登录目录。"
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"如果给了 <option>-m</option> 选项,当å‰ä¸»ç›®å½•çš„内容将会移动到新主目录中,如果"
+"ä¸å­˜åœ¨ï¼Œåˆ™åˆ›å»ºã€‚"
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"用户账户将被ç¦ç”¨çš„日期。日期以 <emphasis remap=\"I\">YYYY-MM-DD</emphasis> æ ¼"
+"å¼æŒ‡å®šã€‚"
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr "空 <replaceable>EXPIRE_DATE</replaceable> å‚æ•°å°†ç¦ç”¨è´¦æˆ·è¿‡æœŸã€‚"
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"此选项需è¦ä¸€ä¸ª <filename>/etc/passwd</filename> æ–‡ä»¶ã€‚å¦‚æžœæ²¡æœ‰ï¼Œå°†ä¼šåˆ›å»ºä¸€æ¡ "
+"<filename>/etc/shadow</filename> 项目。"
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr "密ç è¿‡æœŸä¹‹åŽï¼Œè´¦æˆ·è¢«å½»åº•ç¦ç”¨ä¹‹å‰çš„天数。"
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr "0 表示密ç è¿‡æœŸæ—¶ï¼Œç«‹å³ç¦ç”¨è´¦æˆ·ï¼›-1 表示ä¸ä½¿ç”¨è¿™ä¸ªåŠŸèƒ½ã€‚"
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr "用户的新åˆå§‹ç™»å½•ç»„的组å或数字代å·ã€‚此组必须存在。"
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr "用户主目录中,属于原æ¥çš„主组的文件将转交新组所有。"
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr "主目录之外的文件所属的组必须手动修改。"
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"用户还属于的附加组列表。组之间使用逗å·åˆ†éš”,没有空格。这些组需è¦éµå®ˆå’Œ "
+"<option>-g</option> 选项中给的组åŒæ ·çš„é™åˆ¶ã€‚"
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"如果用户当å‰æ˜¯ä¸€ä¸ªç»„çš„æˆå‘˜ï¼Œè€Œè¿™ä¸ªç»„没有列在这里,用户将被从那个组里便删除。"
+"这个行为å¯ä»¥é€šè¿‡ <option>-a</option> 选项修改,这使用户追加到给出的附加组列表"
+"中。"
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"用户的å称将会从 <replaceable>LOGIN</replaceable> 修改为 "
+"<replaceable>NEW_LOGIN</replaceable>。ä¸ä¼šæ›´æ”¹åˆ«çš„任何东西。特别是,用户的主"
+"目录å和邮件池也需è¦æ‰‹åŠ¨ä¿®æ”¹ä»¥å’Œæ–°ç™»å½•å对应。"
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"é”定用户的密ç ã€‚这会在用户加密的密ç ä¹‹å‰æ”¾ç½®ä¸€ä¸ªâ€œ!â€ï¼Œå¯ä»¥å¿«é€Ÿç¦ç”¨å¯†ç ã€‚您å¯ä»¥"
+"å’Œ <option>-p</option> 或 <option>-U</option> é…åˆä½¿ç”¨æ­¤é€‰é¡¹ã€‚"
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"注æ„:如果希望é”定账户(ä¸ä»…仅是通过密ç è®¿é—®),您也需è¦è®¾ç½® "
+"<replaceable>EXPIRE_DATE</replaceable> 为 <replaceable>1</replaceable>。"
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr "将用户的主目录移动到新ä½ç½®ã€‚"
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"这个选项åªæœ‰å’Œ <option>-d</option> (或 <option>--home</option>) 选项组åˆä½¿ç”¨"
+"æ—¶æ‰æœ‰æ•ˆã€‚"
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"<command>usermod</command> 会改写文件的属主并å¤åˆ¶æ¨¡å¼ã€ACL 和扩展属性,但是ç¨"
+"åŽä¹Ÿå¯èƒ½éœ€è¦æ‰‹åŠ¨ä¿®æ”¹ã€‚"
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr "使用 <option>-u</option> 选项时,å¯ä»¥å°†ç”¨æˆ· ID 改为éžå”¯ä¸€çš„值。"
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"å·²ç»åŠ å¯†è¿‡çš„密ç ï¼Œå°±åƒ <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> 返回的那样。"
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">注æ„:</emphasis>ä¸æŽ¨è使用这个选项,因为密ç (或加密"
+"过的密ç )会被用户通过列出这个过程而看到。"
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"密ç å°†ä¼šå†™åˆ°æœ¬åœ°çš„ <filename>/etc/passwd</filename> 或 <filename>/etc/"
+"shadow</filename> 文件。这å¯èƒ½ä¼šä¸Žæ‚¨çš„机器有所ä¸åŒï¼Œè¿™æ ¹æ® PAM é…置中的密ç æ•°"
+"æ®åº“é…置而定。"
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr "您应该确ä¿å¯†ç ç¬¦åˆç³»ç»Ÿçš„密ç æ”¿ç­–。"
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"用户的新登录 shell çš„å称。将此字段设置为空会让系统选择默认的登录 shell。"
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "用户 ID 的新数值。"
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"这个值必须是唯一的,除éžä½¿ç”¨äº† <option>-o</option> 选项,必须是éžè´Ÿå€¼ã€‚"
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr "用户的邮箱,用户主目录中属于此用户的文件的属主 ID 也将自动更改。"
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr "用户主目录之外文件所有æƒå¿…须手动修å¤ã€‚"
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"ä¸ä¼šå¯¹ <filename>/etc/login.defs</filename> 中的 <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option> 和 "
+"<option>SYS_UID_MAX</option> 进行检查。"
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"解é”用户的密ç ã€‚这将移除加密的密ç ä¹‹å‰çš„“!â€ã€‚您å¯ä»¥å°†æ­¤é€‰é¡¹å’Œ <option>-p</"
+"option> 或 <option>-L</option> é…åˆä½¿ç”¨ã€‚"
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"注æ„:如果您希望解é”账户(ä¸åªæ˜¯ä½¿ç”¨å¯†ç è®¿é—®),您也应该设置 "
+"<replaceable>EXPIRE_DATE</replaceable> (例如设置为 <replaceable>99999</"
+"replaceable>,或者 <filename>/etc/default/useradd</filename> 中的 "
+"<option>EXPIRE</option> 值)。"
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"ä¸ä¼šå¯¹ <filename>/etc/login.defs</filename> 中的 <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option> 和 "
+"<option>SYS_UID_MAX</option> 进行检查。"
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "The default behavior (if the <option>-g</option>, <option>-N</option>, "
+#| "and <option>-U</option> options are not specified) is defined by the "
+#| "<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+#| "filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"如果没有指定 <option>-g</option>, <option>-N</option> 和 <option>-U</option> "
+"选项,默认行为由 <filename>/etc/login.defs</filename> 中的 "
+"<option>USERGROUPS_ENAB</option> å˜é‡æŒ‡å®šã€‚"
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+
+#: usermod.8.xml:444(para)
+#, fuzzy
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr "移除用户登录的所有 SELinux 用户映射。"
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr "用户登陆的 SELinux 用户。"
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"空的 <replaceable>SEUSER</replaceable> 将移除用户 <replaceable>LOGIN</"
+"replaceable> 的 SELinux 用户映射(如果有)。"
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "CAVEATS"
+
+#: usermod.8.xml:479(para)
+#, fuzzy
+#| msgid ""
+#| "You must make certain that the named user is not executing any processes "
+#| "when this command is being executed if the user's numerical user ID, the "
+#| "user's name, or the user's home directory is being changed. "
+#| "<command>usermod</command> checks this on Linux, but only check if the "
+#| "user is logged in according to utmp on other architectures."
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+"如果è¦æ›´æ”¹ç”¨æˆ·çš„æ•°å­— IDã€ç”¨æˆ·å或主目录,需è¦ç¡®ä¿å…许命令时,用户没有执行任何"
+"进程。<command>usermod</command> 会在 Linux 上进行检查;但是在其它平å°ä¸Šï¼Œä»…"
+"ä»…æ ¹æ® utmp 检查用户是å¦å·²ç»ç™»å½•ã€‚"
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"您必须手动更改 <command>crontab</command> 文件或 <command>at</command> 作业的"
+"属主。"
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr "您必须更改 NIS æœåŠ¡å™¨ä¸Šçš„ NIS 相关内容。"
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (string)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"邮箱目录。修改或删除用户账户时需è¦å¤„ç†é‚®ç®±ï¼Œå¦‚果没有指定,将使用编译时指定的"
+"默认值。"
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (string)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr "定义用户邮箱文件的ä½ç½®(相对于主目录)。"
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"<option>MAIL_DIR</option> and <option>MAIL_FILE</option> å˜é‡ç”± "
+"<command>useradd</command>,<command>usermod</command> 和 <command>userdel</"
+"command> 用于创建ã€ç§»åŠ¨æˆ–删除用户邮箱。"
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"如果 <option>MAIL_CHECK_ENAB</option> 设置为 <replaceable>yes</replaceable>,"
+"它们也被用于定义 <envar>MAIL</envar> 环境å˜é‡ã€‚"
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"æ¯ä¸ªç»„æ¡ç›®çš„最大æˆå‘˜æ•°ã€‚达到最大值时,在 <filename>/etc/group</filename> 开始"
+"一个新æ¡ç›®(è¡Œ)(使用åŒæ ·çš„å称,åŒæ ·çš„密ç ï¼ŒåŒæ ·çš„ GID)。"
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr "默认值是 0,æ„味ç€ç»„中的æˆå‘˜æ•°æ²¡æœ‰é™åˆ¶ã€‚"
+
+#. Note: on HP, split groups have the same ID, but different
+#. names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"此功能(分割组)å…许é™åˆ¶ç»„æ–‡ä»¶ä¸­çš„è¡Œé•¿åº¦ã€‚è¿™å¯¹äºŽç¡®ä¿ NIS 组的行比长于 1024 å­—"
+"符。"
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr "如果è¦å¼ºåˆ¶è¿™ä¸ªé™åˆ¶ï¼Œå¯ä»¥ä½¿ç”¨ 25。"
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"注æ„:分割组å¯èƒ½ä¸å—所有工具的支æŒ(甚至在 Shadow 工具集中)。您ä¸åº”该使用这个"
+"å˜é‡ï¼Œé™¤éžçœŸçš„需è¦ã€‚"
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (number)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (number)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (number)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"<option>SYS_GID_MIN</option> 和 <option>SYS_GID_MAX</option> 的默认值分别是 "
+"101 和 <option>GID_MIN</option>-1。"
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (number)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (number)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (number)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"<option>SYS_UID_MIN</option> 和 <option>SYS_UID_MAX</option> 的默认值分别是 "
+"101 和 <option>UID_MIN</option>-1。"
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (boolean)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+" use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+" kilos = UID / 1000\n"
+" use /etc/tcb/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" use /etc/tcb/:megas/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+" "
+msgstr ""
+"\n"
+"if ( UID is less than 1000) {\n"
+" use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+" kilos = UID / 1000\n"
+" use /etc/tcb/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" use /etc/tcb/:megas/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+" "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"如果是 <replaceable>yes</replaceable>,è¦åˆ›å»ºç”¨æˆ· tcb 目录ä¸ä¼šè‡ªåŠ¨è®¾ç½®ä¸º /"
+"etc/tcb/user,但是会根æ®ç”¨æˆ·çš„ UID 计算,根æ®çš„算法如下:<placeholder-1/>"
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr "Shadow 密ç å¥—件é…置。"
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "删除用户账户和相关文件"
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"<command>userdel</command> 修改系统账户文件,删除与用户å <emphasis remap=\"I"
+"\">LOGIN</emphasis> 相关的所以项目。给出的用户å必须存在。"
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr "<command>userdel</command> å¯ä»¥ä½¿ç”¨çš„选项有:"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"此选项强制删除用户账户,甚至用户ä»ç„¶åœ¨ç™»å½•çŠ¶æ€ã€‚它也强制 <command>userdel</"
+"command> 删除用户的主目录和邮箱,å³ä½¿å…¶å®ƒç”¨æˆ·ä¹Ÿä½¿ç”¨åŒä¸€ä¸ªä¸»ç›®å½•æˆ–邮箱ä¸å±žäºŽæŒ‡"
+"定的用户。如果 <filename>/etc/login.defs</filename> 中的 "
+"<option>USERGROUPS_ENAB</option> 定义为 <emphasis remap=\"I\">yes</"
+"emphasis>,并且如果有一个和用户åŒå的组,也会删除此组,å³ä½¿å®ƒä»ç„¶æ˜¯åˆ«çš„用户的"
+"主组。"
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr "<emphasis>注æ„:</emphasis>此选项å±é™©ï¼Œå¯èƒ½ä¼šç ´å系统的稳定性。"
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"用户主目录中的文件将éšç”¨æˆ·ä¸»ç›®å½•å’Œç”¨æˆ·é‚®ç®±ä¸€èµ·åˆ é™¤ã€‚在其它文件系统中的文件必"
+"须手动æœç´¢å¹¶åˆ é™¤ã€‚"
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"邮箱在 <filename>login.defs</filename> 文件中的 <option>MAIL_DIR</option> å˜"
+"é‡ä¸­å®šä¹‰ã€‚"
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr "移除用户登录的所有 SELinux 用户映射。"
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (string)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"如果定义了,这是删除账户时执行的命令。它应该移除所有属于此用户的的 at/cron/"
+"print 等作业(作为第一个å‚数传递)。"
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr "这个脚本的返回值并ä¸è¢«å¸¦åˆ°è´¦æˆ·ä¸­åŽ»ã€‚"
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+" "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# 检查需è¦çš„å‚æ•°\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# 移除 cron 作业\n"
+"crontab -r -u $1\n"
+"\n"
+"# 移除 at 作业\n"
+"# 注æ„这将移除所有属于åŒä¸€ä¸ª UID 的作业\n"
+"# å³ä½¿æ­¤ ID 由多个用户å共享\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# 移除 print 作业\n"
+"lprm $1\n"
+"\n"
+"# 全部完æˆ\n"
+"exit 0\n"
+" "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"这是一个示例脚本,它移除用户的 cronã€at å’Œ print 作业:<placeholder-1/>"
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (boolean)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"如果 uid å’Œ gid 相åŒï¼Œç”¨æˆ·å和主用户å也相åŒï¼Œä½¿éž root 组的组掩ç ä½å’Œå±žä¸»ä½"
+"ç›¸åŒ (如:022 -&gt; 002, 077 -&gt; 007)。"
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"如果设置为 <replaceable>yes</replaceable>,如果组中没有æˆå‘˜äº†ï¼Œ"
+"<command>userdel</command> 将移除此用户组,<command>useradd</command> 创建用"
+"户时,也会创建一个åŒå的默认组。"
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "退出值"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "æˆåŠŸ"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "无法更新密ç æ–‡ä»¶"
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "无效的命令语法"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "指定的用户ä¸å­˜åœ¨"
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "用户已ç»ç™»å½•"
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "无法更新组文件"
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "无法删除主目录"
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>userdel</command> 命令使用如下值退出:<placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"如果æŸè´¦æˆ·æœ‰æ­£åœ¨è¿è¡Œçš„进程,<command>userdel</command> ä¸ä¼šå…许此账户。此时,"
+"您å¯èƒ½å¿…é¡»è¦æ€æ­»é‚£å†™è¿›ç¨‹æˆ–者é”定用户的密ç å’Œè´¦æˆ·ï¼Œå¹¶ç¨åŽå†åˆ é™¤è´¦æˆ·ã€‚<option>-"
+"f</option> 选项å¯ä»¥å¼ºåˆ¶æ­¤åˆ é™¤è´¦æˆ·ã€‚"
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr "您应该手动检查所以文件系统,以确ä¿æ²¡æœ‰é—留此用户的文件。"
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr "您ä¸èƒ½åœ¨ NIS 客户端上移除任何 NIS 属性。这必须在 NIS æœåŠ¡å™¨ä¸Šæ‰§è¡Œã€‚"
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"如果在 <filename>/etc/login.defs</filename> 中 <option>USERGROUPS_ENAB</"
+"option> 设置为 <emphasis remap=\"I\">yes</emphasis>, <command>userdel</"
+"command> 将删除åŒå组。为了é¿å…æŸå passwd å’Œ group æ•°æ®åº“,"
+"<command>userdel</command> 将会检查这个主是å¦è¢«åˆ«çš„用户用作主组,如果有,将åª"
+"å‘出警告并ä¸åˆ é™¤æ­¤ç»„。<option>-f</option> 选项å¯ä»¥å¼ºåˆ¶åˆ é™¤æ­¤ç»„。"
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr "创建一个新用户或更新默认新用户信æ¯"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"如果使用时ä¸å¸¦ <option>-D</option> 选项,<command>useradd</command> 命令使用"
+"命令行上指定的值和系统的默认值创建一个新用户。根æ®å‘½ä»¤è¡Œé€‰é¡¹ï¼Œ"
+"<command>useradd</command> 命令也会更新系统文件和创建新用户的主目录并å¤åˆ¶åˆå§‹"
+"文件。"
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"默认上,也会为用户创建组 (察看 <option>-g</option>, <option>-N</option>, "
+"<option>-U</option>,和 <option>USERGROUPS_ENAB</option>)。"
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr "<command>useradd</command> å¯ä»¥ä½¿ç”¨çš„选项有:"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"如果没有使用 <option>-d</option>&nbsp;<replaceable>HOME_DIR</replaceable>,则"
+"使用默认的基目录。<replaceable>BASE_DIR</replaceable> 加上账户å就是主目录。"
+"如果没有使用 <option>-m</option> 选项,<replaceable>BASE_DIR</replaceable> 必"
+"须已ç»å­˜åœ¨ã€‚"
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"如果选项没有指定,<command>useradd</command> 将使用 <filename>/etc/default/"
+"useradd</filename> 中的 <option>HOME</option> å˜é‡ï¼Œæˆ–者默认的 <filename>/"
+"home</filename>。"
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr "任何字符串。通常是关于登录的简短æ述,当å‰ç”¨äºŽç”¨æˆ·å…¨å。"
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"将创建新用户,并使用 <replaceable>HOME_DIR</replaceable> 作为用户登陆目录的"
+"值。默认值是将 <replaceable>LOGIN</replaceable> å附加到 "
+"<replaceable>BASE_DIR</replaceable> åŽé¢ï¼Œå¹¶ä½¿ç”¨è¿™ä½œä¸ºç™»é™†ç›®å½•ã€‚目录ä¸ä¸€å®šå¿…"
+"须已ç»å­˜åœ¨ <replaceable>HOME_DIR</replaceable>,但是会在需è¦æ—¶åˆ›å»ºã€‚"
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr "看下边,“更改默认值â€å­èŠ‚。"
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"如果没有指定,<command>useradd</command> 将使用 <filename>/etc/default/"
+"useradd</filename> 中 <option>EXPIRE</option> å˜é‡æŒ‡å®šçš„默认过期日期,或者一"
+"个空字符串(ä¸è¿‡æœŸ)。"
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"密ç è¿‡æœŸåŽï¼Œè´¦æˆ·è¢«å½»åº•ç¦ç”¨ä¹‹å‰çš„天数。0 表示立å³ç¦ç”¨ï¼Œ-1 表示ç¦ç”¨è¿™ä¸ªåŠŸèƒ½ã€‚"
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"如果未指定,<command>useradd</command> 将使用 <filename>/etc/default/"
+"useradd</filename> 中的 <option>INACTIVE</option> 指定的默认ç¦ç”¨å‘¨æœŸï¼Œæˆ–者默"
+"认为 -1。"
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"用户åˆå§‹ç™»é™†ç»„的组å或å·ç ã€‚组å必须已ç»å­˜åœ¨ã€‚组å·ç å¿…须指代已ç»å­˜åœ¨çš„组。"
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"如果没有指定, <command>useradd</command> 的行为将ä¾èµ–于 <filename>/etc/"
+"login.defs</filename> 文件中的 <option>USERGROUPS_ENAB</option> å‚数。如果此"
+"å‚数设置为了 <replaceable>yes</replaceable> (或者在命令行上指定了 <option>-"
+"U/--user-group</option>),将会为用户创建一个组,组å和登录å相åŒã€‚如果选项设"
+"置为了 <replaceable>no</replaceable> (或者在命令行上指定了 <option>-N/--no-"
+"user-group</option>),useradd 会把新用户的主组设置为 <filename>/etc/default/"
+"useradd</filename> 中 <option>GROUP</option> å˜é‡æŒ‡å®šçš„值,å†æˆ–者默认是 100。"
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"用户还属于的附加组列表。æ¯ä¸ªç»„都用逗å·éš”开,没有中间的空格。这里的组å—到了 "
+"<option>-g</option> 选项给定的组åŒæ ·çš„é™åˆ¶ã€‚默认上,用户åªå±žäºŽåˆå§‹ç»„。"
+
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"骨架目录,包å«ä½¿ç”¨ <command>useradd</command> 创建用户时,è¦å¤åˆ¶åˆ°ç”¨æˆ·ä¸»ç›®å½•"
+"中的文件和目录。"
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"这个选项åªæœ‰åœ¨æŒ‡å®š <option>-m</option> (或 <option>--create-home</option>) 选"
+"项时æ‰æœ‰æ•ˆã€‚"
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"如果此项没有设置,骨架目录使用 <filename>/etc/default/useradd</filename> 中"
+"çš„ <option>SKEL</option> çš„å˜é‡æˆ–默认为 <filename>/etc/skel</filename>。"
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "如果å¯ä»¥ï¼Œä¹Ÿå¤åˆ¶ ACL 和扩展属性。"
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"默认覆盖 <filename>/etc/login.defs</filename> (<option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>UMASK</option>, <option>PASS_MAX_DAYS</"
+"option> åŠå…¶å®ƒ)。<placeholder-1/> 例如:<option>-K</option>&nbsp;"
+"<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable> å¯ä»¥ç”¨"
+"于创建一个密ç ä¸ä¼šè¿‡æœŸçš„系统账户,å³ä½¿ç³»ç»Ÿè´¦æˆ·æ²¡æœ‰å¯†ç ã€‚å¯ä»¥æŒ‡å®šå¤šä¸ª "
+"<option>-K</option> 选项,如:<option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "ä¸è¦å°†ç”¨æˆ·æ·»åŠ åˆ°æœ€è¿‘登录和登录失败数æ®åº“。"
+
+#: useradd.8.xml:327(para)
+#, fuzzy
+#| msgid ""
+#| "By default, the user's entries in the lastlog and faillog databases are "
+#| "resetted to avoid reusing the entry from a previously deleted user."
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"默认上,最近登录和登录失败中用户的æ¡ç›®ä¼šè¢«é‡ç½®ï¼Œä»¥é¿å…é‡æ–°ä½¿ç”¨å…ˆå‰åˆ é™¤çš„用户"
+"çš„æ¡ç›®ã€‚"
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"如果ä¸å­˜åœ¨ï¼Œåˆ™åˆ›å»ºç”¨æˆ·ä¸»ç›®å½•ã€‚骨架目录中的文件和目录(å¯ä»¥ä½¿ç”¨ <option>-k</"
+"option> 选项指定),将会å¤åˆ¶åˆ°ä¸»ç›®å½•ã€‚"
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"默认上,如果没有指定此选项并且 <option>CREATE_HOME</option> 没有å¯ç”¨ï¼Œä¸ä¼šåˆ›"
+"建主目录。"
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"ä¸åˆ›å»ºç”¨æˆ·ä¸»ç›®å½•ï¼Œå³ä½¿ç³»ç»Ÿåœ¨ <filename>/etc/login.defs</filename> 中的设置 "
+"(<option>CREATE_HOME</option>) 为 <replaceable>yes</replaceable>。"
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"ä¸è¦åˆ›å»ºåŒå组,而是将用户添加到 <option>-g</option> é€‰é¡¹æŒ‡å®šçš„ç»„ï¼Œæˆ–æ ¹æ® "
+"<filename>/etc/default/useradd</filename> 中的 <option>GROUP</option> å˜é‡ã€‚"
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"如果没有指定 <option>-g</option>, <option>-N</option> 和 <option>-U</option> "
+"选项,默认行为由 <filename>/etc/login.defs</filename> 中的 "
+"<option>USERGROUPS_ENAB</option> å˜é‡æŒ‡å®šã€‚"
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr "å…许使用é‡å¤çš„ UID 创建用户账户。"
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr "此选项åªæœ‰å’Œ <option>-u</option> 选项组åˆä½¿ç”¨æ‰æœ‰æ•ˆã€‚"
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"加密了的密ç ï¼Œå°±åƒ <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> 的返回值。默认为ç¦ç”¨å¯†"
+"ç ã€‚"
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "创建一个系统账户。"
+
+#: useradd.8.xml:425(para)
+#, fuzzy
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"系统用户创建时,ä¸ä¼šåœ¨ <filename>/etc/shadow</filename> 中有年龄信æ¯ï¼Œæ•°å­—æ ‡"
+"识符会在 <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> 之间选å–,"
+"这两个值在 <filename>/etc/login.defs</filename> 中定义,而ä¸æ˜¯æ™®é€šç”¨æˆ·çš„ "
+"<option>UID_MIN</option>-<option>UID_MAX</option> (and their <option>GID</"
+"option> counterparts for the creation of groups)。"
+
+#: useradd.8.xml:434(para)
+#, fuzzy
+#| msgid ""
+#| "Note that <command>useradd</command> will not create a home directory for "
+#| "such an user, regardless of the default setting in <filename>/etc/login."
+#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+#| "<option>-m</option> options if you want a home directory for a system "
+#| "account to be created."
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+"注æ„:<command>useradd</command> ä¸ä¼šä¸ºè¿™ç§ç”¨æˆ·åˆ›å»ºä¸»ç›®å½•ï¼Œæ— è®º <filename>/"
+"etc/login.defs</filename> (<option>CREATE_HOME</option>) 中是的默认设置是怎"
+"样。如果想为è¦åˆ›å»ºçš„系统账户创建主目录,需è¦æŒ‡å®š <option>-m</option> 选项。"
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"用户的登录 shell åã€‚é»˜è®¤ä¸ºç•™ç©ºï¼Œè®©ç³»ç»Ÿæ ¹æ® <filename>/etc/default/useradd</"
+"filename> 中的 <option>SHELL</option> å˜é‡é€‰æ‹©é»˜è®¤çš„登录 shell,默认为空字符"
+"串。"
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"用户 ID 的数字值。此值必须为唯一的,除éžä½¿ç”¨äº† <option>-o</option> 选项。此值"
+"å¿…é¡»éžè´Ÿï¼Œé»˜è®¤ä½¿ç”¨å¤§äºŽç­‰äºŽ <option>UID_MIN</option>,且大于任何其他用户 ID 最"
+"å°å€¼ã€‚"
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr "请å‚考 <option>-r</option> 选项和 <option>UID_MAX</option> çš„æ述。"
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr "创建一个和用户åŒå的组,并将用户添加到组中。"
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"用户登陆的 SELinux 用户。默认为留空,这会造æˆç³»ç»Ÿé€‰æ‹©é»˜è®¤çš„ SELinux 用户。"
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "更改默认值"
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"åªå¸¦ <option>-D</option> 选项使用时,<command>useradd</command> 将显示当å‰çš„"
+"默认值。<option>-D</option> 和其它选项é…åˆä½¿ç”¨æ—¶ï¼Œ<command>useradd</command> "
+"将为指定的选项更新默认值。有效的“更改默认值â€é€‰é¡¹æœ‰ï¼š"
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"新用户主目录的路径å‰ç¼€ã€‚如果创建新账户时,没有使用 <option>-d</option> 选项,"
+"用户的å称将会缀在 <replaceable>BASE_DIR</replaceable> çš„åŽè¾¹å½¢æˆæ–°ç”¨æˆ·çš„主目"
+"录å。"
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"这个选择在 <filename>/etc/default/useradd</filename> 中设置 <option>HOME</"
+"option> 选项。"
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "ç¦ç”¨æ­¤ç”¨æˆ·è´¦æˆ·çš„日期。"
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"此选项在 <filename>/etc/default/useradd</filename> 中设置 <option>EXPIRE</"
+"option> å˜é‡ã€‚"
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr "密ç è¿‡æœŸåˆ°è´¦æˆ·è¢«ç¦ç”¨ä¹‹å‰çš„天数。"
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"这个选项在 <filename>/etc/default/useradd</filename> 中设置 "
+"<option>INACTIVE</option> å˜é‡ã€‚"
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"新用户åˆå§‹ç»„的组å或 ID (使用了 <option>-N/--no-user-group</option> 或者 "
+"<filename>/etc/login.defs</filename> 中的å˜é‡ <option>USERGROUPS_ENAB</"
+"option> 设置为 <replaceable>no</replaceable> 时)。给出的组必须存在,并且数字"
+"组 ID 必须有一个已ç»å­˜åœ¨çš„项。"
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"这个选项在 <filename>/etc/default/useradd</filename> 中设置 <option>GROUP</"
+"option> å˜é‡ã€‚"
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "新用户的登录 shell å。"
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"这个选项在 <filename>/etc/default/useradd</filename> 设置 <option>SHELL</"
+"option> å˜é‡ã€‚"
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "注æ„:"
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"系统管ç†å‘˜è´Ÿè´£å°†é»˜è®¤çš„用户文件放在 <filename>/etc/skel/</filename> 目录中(或"
+"者命令行上ã€<filename>/etc/default/useradd</filename> 中指定的任何其它目录)。"
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr "您å¯èƒ½ä¸èƒ½æƒ³ NIS 组或 LDAP 组添加用户。这åªèƒ½åœ¨ç›¸åº”æœåŠ¡å™¨ä¸Šè¿›è¡Œã€‚"
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"相似地,如果用户åå·²ç»å­˜åœ¨äºŽå¤–部用户数æ®åº“中,比如 NIS 或 LDAP,"
+"<command>useradd</command> 将拒ç»åˆ›å»ºç”¨æˆ·è´¦æˆ·çš„请求。"
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"用户å必须以一个å°å†™å­—æ¯æˆ–下划线开始,跟éšå°å†™å­—符ã€æ•°å­—ã€ä¸‹åˆ’线或连字符的组"
+"åˆã€‚å¯ä»¥ä»¥ç¾Žå…ƒç¬¦å·ç»“æŸã€‚用正则表达å¼è¡¨ç¤ºå°±æ˜¯ï¼š[a-z_][a-z0-9_-]*[$]?"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "用户åä¸èƒ½è¶…过 32 个字符长。"
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (boolean)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr "指示是å¦åº”该为新用户默认创建主目录。"
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr "此设置并ä¸åº”用到系统用户,并且å¯ä»¥ä½¿ç”¨å‘½ä»¤è¡Œè¦†ç›–。"
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (number)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (number)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"<command>useradd</command>,<command>groupadd</command> 或 "
+"<command>newusers</command> 创建的常规组的组 ID 的范围。"
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"<option>GID_MIN</option> 和 <option>GID_MAX</option> 的默认值分别是 1000 和 "
+"60000。"
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (number)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"一个密ç å¯ä»¥ä½¿ç”¨çš„最大天数。如果密ç æ¯”这旧,将会强迫更改密ç ã€‚如果ä¸æŒ‡å®šï¼Œå°±"
+"å‡å®šä¸º -1,这会ç¦ç”¨è¿™ä¸ªé™åˆ¶ã€‚"
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (number)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"两次更改密ç æ—¶é—´çš„最å°é—´éš”。将会拒ç»ä»»ä½•æ—©äºŽæ­¤çš„更改密ç çš„å°è¯•ã€‚如果ä¸æŒ‡å®šï¼Œ"
+"å‡å®šä¸º -1,将会ç¦ç”¨è¿™ä¸ªé™åˆ¶ã€‚"
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (number)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"密ç è¿‡æœŸä¹‹å‰ç»™å‡ºè­¦å‘Šçš„天数。0 表示åªæœ‰åªåœ¨è¿‡æœŸçš„当天警告,负值表示ä¸è­¦å‘Šã€‚如"
+"果没有指定,ä¸ä¼šç»™è­¦å‘Šã€‚"
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (number)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (number)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"<command>useradd</command>ã€<command>groupadd</command> 或 "
+"<command>newusers</command> 创建的系统组的组 ID 的范围。"
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"<option>SYS_GID_MIN</option> 和 <option>SYS_GID_MAX</option> 的默认值分别是 "
+"101 和 <option>GID_MIN</option>-1。"
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (number)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (number)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"<command>useradd</command> 或 <command>newusers</command> 创建的系统用户的用"
+"户 ID 的范围。"
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"<option>SYS_UID_MIN</option> 和 <option>SYS_UID_MAX</option> 的默认值分别是 "
+"101 和 <option>UID_MIN</option>-1。"
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (boolean)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"如果为 <replaceable>yes</replaceable>,新创建的 tcb å½±å­æ–‡ä»¶æ‰€å±žçš„组将是 "
+"<replaceable>auth</replaceable>。"
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (number)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (number)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"<command>useradd</command> 或 <command>newusers</command> 创建的普通用户的用"
+"户 ID 的范围。"
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"<option>UID_MIN</option> 和 <option>UID_MAX</option> 的默认值分别是 1000 和 "
+"60000。"
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (number)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr "文件模å¼åˆ›å»ºæŽ©ç åˆå§‹åŒ–为此值。如果没有指定,掩ç åˆå§‹åŒ–为 022。"
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"<command>useradd</command> å’Œ <command>newusers</command> 使用此掩ç è®¾ç½®å®ƒä»¬"
+"创建的用户主目录的模å¼ã€‚"
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"也被 <command>login</command> 用于指定用户的åˆå§‹ umask。注æ„,此掩ç å¯ä»¥è¢«ç”¨"
+"户的 GECOS 行覆盖(当设置了 <option>QUOTAS_ENAB</option> æ—¶),也å¯ä»¥è¢«å¸¦ "
+"<emphasis>K</emphasis> 指示符的 <citerefentry><refentrytitle>limits</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> 定义的é™åˆ¶å€¼è¦†ç›–。"
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr "也被 <command>pam_umask</command> 用作默认 umask 值。"
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "账户创建的默认值。"
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "包å«é»˜è®¤æ–‡ä»¶çš„目录。"
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "给了选项一个无效的å‚æ•°"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID å·²ç»ä½¿ç”¨ (且没有 <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "指定的组ä¸å­˜åœ¨"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "用户å已被使用"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "无法创建主目录"
+
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>useradd</command> å¯ä»¥è¿”回如下值:<placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "文件格å¼å’Œè½¬åŒ–"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "详细的 su 控制文件"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"执行 su å‘½ä»¤æ—¶ï¼Œæ€»æ˜¯æ ¹æ® <filename>/etc/suauth</filename>,å¯ä»¥æ›´æ”¹ su 命令的"
+"行为,规则是:"
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, fuzzy, no-wrap
+#| msgid ""
+#| "\n"
+#| " 1) the user su is targetting\n"
+#| " "
+msgid ""
+"\n"
+" 1) the user su is targeting\n"
+" "
+msgstr ""
+"\n"
+" 1) su 到的用户\n"
+" "
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr "2) 执行 su 命令的用户 (或者他å¯èƒ½å±žäºŽçš„组)"
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr "文件格å¼ä¸ºï¼šä»¥ # 开头的行视为注视,并被忽略;"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" to-id:from-id:ACTION\n"
+" "
+msgstr ""
+"\n"
+" to-id:from-id:ACTION\n"
+" "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"此处的 to-id å¯ä»¥æ˜¯ï¼š<emphasis>ALL</emphasis>,逗å·(,) 分隔的用户å列表或者 "
+"<emphasis>ALL EXCEPT</emphasis> åŽè·Ÿé€—å·åˆ†éš”的用户å列表。"
+
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"from-id æ ¼å¼å’Œ to-id 相åŒï¼Œä½†æ˜¯å¯ä»¥å¤šè¯†åˆ«ä¸€ä¸ªè¯ <emphasis>GROUP</emphasis>。"
+"<emphasis>ALL EXCEPT GROUP</emphasis> 也是有效的。<emphasis>GROUP</emphasis> "
+"åŽè¾¹æ˜¯ä¸€ä¸ªæˆ–更多的组å称,使用逗å·(,)分隔。ä¸å…‰è¦æœ‰ç›¸å…³ä¸»ç»„çš„ ID,也需è¦åœ¨ "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> 中有一个æ¡ç›®ã€‚"
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "动作åªå¯ä»¥ä½¿ç”¨å¦‚下当å‰æ”¯æŒçš„选项。"
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr "su çš„å°è¯•åœ¨è¯¢é—®å¯†ç ä¹‹å‰å°±è¢«æ‹’ç»ã€‚"
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr "su å°è¯•è‡ªåŠ¨æˆåŠŸï¼Œè€Œä¸”ä¸è¯¢é—®å¯†ç ã€‚"
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr "为了æˆåŠŸæ‰§è¡Œ su,用户必须æ供自己的密ç ã€‚将会æ示他们这样。"
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"注æ„,有三个用冒å·åˆ†å‰²çš„字段。冒å·æ—è¾¹ä¸èƒ½æœ‰ç©ºæ ¼ã€‚也请注æ„,这个文件会被一行"
+"一行地ä¾æ¬¡æ£€æŸ¥ï¼Œä¼šä½¿ç”¨ç¬¬ä¸€ä¸ªå¯ç”¨çš„规则,而ä¸ä¼šç»§ç»­æ£€æŸ¥æ–‡ä»¶ã€‚è¿™å¯ä»¥è®©ç³»ç»Ÿç®¡ç†"
+"员使系统尽é‡ç¬¦åˆå…¶æœŸæœ›ã€‚"
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "示例"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" # sample /etc/suauth file\n"
+" #\n"
+" # A couple of privileged usernames may\n"
+" # su to root with their own password.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Anyone else may not su to root unless in\n"
+" # group wheel. This is how BSD does things.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Perhaps terry and birddog are accounts\n"
+" # owned by the same person.\n"
+" # Access can be arranged between them\n"
+" # with no password.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+msgstr ""
+"\n"
+" # 示例 /etc/suauth 文件\n"
+" #\n"
+" # 有两个用户å¯ä»¥ä½¿ç”¨è‡ªå·±çš„å¯†ç  su æˆ root\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # 任何其他人都ä¸èƒ½ su æˆ root,除éžåœ¨ wheel 组中。\n"
+" # BSD 就是这样实现这个功能的。\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # 或许 terry å’Œ birddog 是属于åŒä¸€ä¸ªäººçš„账户\n"
+" # 两个账户直接互相 su,ä¸éœ€è¦å¯†ç \n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "缺陷"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"å¯èƒ½ä¼šæœ‰å¾ˆå¤šæ½œåœ¨é—®é¢˜ã€‚文件解æžå™¨å°¤å…¶ä¸èƒ½å®¹å¿è¯­æ³•é”™è¯¯ï¼Œä¸èƒ½æœ‰æ— æ„义的空白符(除"
+"了行首和行尾),并且使用特定的标记分割ä¸åŒçš„事情。"
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr ""
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"此文件的解æžé”™è¯¯ä¼šä½¿ç”¨ <citerefentry><refentrytitle>syslogd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> 作为 AUTH 中的 ERR 级别"
+"报告。"
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "用户命令"
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "更改用户 ID 或æˆä¸ºè¶…级用户"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "用户å"
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"<command>su</command> 用于让用户在登录期间å˜æˆå¦å¤–一个用户。åŽè¾¹ä¸å¸¦ "
+"<option>username</option> 使用时,<command>su</command> 默认会å˜æˆè¶…级用户。"
+"å¯é€‰çš„选项 <option>-</option>,å¯ä»¥ç”¨äºŽæ供一个类似于用户直接登录的环境,用户"
+"å¯èƒ½æœŸæœ›æ˜¯è¿™æ ·çš„。"
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"附加å‚æ•°å¯ä»¥åœ¨ç”¨æˆ·å之åŽæ供,这时,将会把他们æ供给用户的登录 shell。特别"
+"地,å‚æ•° <option>-c</option> 将会使下一个å‚数被多数命令解释器视为命令。这个命"
+"令会被 <filename>/etc/passwd</filename> 中为目标用户指定的 shell 执行。"
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"您å¯ä»¥ä½¿ç”¨ <option>--</option> å‚æ•°å°† <command>su</command> 选项和æ供给 "
+"shell çš„å‚数分隔开æ¥ã€‚"
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"如果åˆé€‚,将æ示用户输入一个密ç ã€‚输入无效的密ç ä¼šäº§ç”Ÿä¸€ä¸ªé”™è¯¯æ¶ˆæ¯ã€‚所有的å°"
+"试,无论æˆåŠŸè¿˜æ˜¯å¤±è´¥ï¼Œéƒ½ä¼šè¢«è®°å½•ï¼Œä»¥æ£€æµ‹å¯¹ç³»ç»Ÿçš„滥用。"
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"当å‰çŽ¯å¢ƒä¼šä¼ é€’给新 shell。对于普通用户,<envar>$PATH</envar> 的值é‡ç½®ä¸º "
+"<filename>/bin:/usr/bin</filename>,而对于超级用户则是 <filename>/sbin:/bin:/"
+"usr/sbin:/usr/bin</filename>ã€‚è¿™ä¼šéš <filename>/etc/login.defs</filename> 中"
+"çš„ <option>ENV_PATH</option> å’Œ <option>ENV_SUPATH</option> 值改å˜ã€‚"
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"在登录 shell 中以第一个字符是“*â€æ ‡æ³¨çš„是å­ç³»ç»Ÿç™»å½•ã€‚给定的主目录将被用于用户"
+"实际登录的新文件系统的根。"
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "<command>su</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr "通过使用其 <option>-c</option> 选项,指定一个由 shell è¿è¡Œçš„命令。"
+
+#: su.1.xml:158(para)
+#, fuzzy
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"执行的命令将ä¸ä¼šæ‹¥æœ‰æŽ§åˆ¶ç»ˆç«¯ã€‚此选项ä¸èƒ½ç”¨äºŽæ‰§è¡Œéœ€è¦æŽ§åˆ¶ TTY 的交互程åºã€‚"
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr "æ供一个类似于用户直接登录的环境,用户å¯èƒ½ä¼šå¸Œæœ›è¿™æ ·ã€‚"
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"使用了 <option>-</option> 时,它必须是 <command>su</command> 的最åŽä¸€ä¸ªå‚数。"
+"其它形å¼(<option>-l</option> å’Œ <option>--login</option>) 没有这个é™åˆ¶ã€‚"
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "将使用的 shell。"
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "通过 --shell 指定的 shell。"
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"如果使用了 <option>--preserve-environment</option>,shell 将由 <envar>"
+"$SHELL</envar> 环境å˜é‡æŒ‡å®šã€‚"
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr "在 <filename>/etc/passwd</filename> 的相应项中为目标用户指定的 shell。"
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"如果无法通过以上办法找到一个 shell,则使用 <filename>/bin/sh</filename>。"
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr "使用的 shell 在如下中选择(高优先级在å‰):<placeholder-1/>"
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"如果目标用户的 shell 是有é™åˆ¶çš„(å³ï¼Œ<filename>/etc/passwd</filename> 中用户项"
+"中的 shell 字段没有在 <filename>/etc/shells</filename> 中列出),那么 "
+"<option>--shell</option> 选项或 <envar>$SHELL</envar> 环境å˜é‡ä¸ä¼šå¸¦å…¥è´¦æˆ·ï¼Œ"
+"é™¤éž <command>su</command> 是被 root 调用的。"
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"æ ¹æ® <filename>/etc/login.defs</filename> 中的 <option>ENV_PATH</option> or "
+"<option>ENV_SUPATH</option> 选项é‡è®¾ (请往下看)"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"如果已ç»è®¾ç½®äº†ï¼Œé‡è®¾ <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>。"
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "ä¿ç•™å½“å‰çŽ¯å¢ƒï¼Œé™¤éžï¼š<placeholder-1/>"
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"如果用户的 shell å—é™ï¼Œæ­¤é€‰é¡¹æ— æ•ˆ (除éžæ˜¯ root 调用的 <command>su</"
+"command>)。"
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, 和 <envar>$IFS</envar> 这些环"
+"境å˜é‡ä¼šè¢«é‡ç½®ã€‚"
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr "如果没有使用 <option>--login</option>,å¤åˆ¶çŽ¯å¢ƒï¼Œä¸Šè¿°å‡ ä¸ªå˜é‡é™¤å¤–。"
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"如果使用了 <option>--login</option>,如果设置了 <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar> 和 <envar>$XAUTHORITY</envar>,这"
+"些环境å˜é‡ä¹Ÿä¼šè¢«é‡ç½®ã€‚"
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"如果使用了 <option>--login</option>,环境å˜é‡ <envar>$TZ</envar>, <envar>"
+"$HZ</envar>, and <envar>$MAIL</envar> ä¹Ÿä¼šæ ¹æ® <filename>/etc/login.defs</"
+"filename> 中的选项 <option>ENV_TZ</option>, <option>ENV_HZ</option>, "
+"<option>MAIL_DIR</option> å’Œ <option>MAIL_FILE</option> é‡ç½® (请看下边)。"
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"如果使用了 <option>--login</option>,其它环境å˜é‡å¯èƒ½ä¼šæ ¹æ® "
+"<option>ENVIRON_FILE</option> 文件æ¥è®¾ç½®(请看下边)。"
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr "其它环境å¯èƒ½ç”± PAM 模å—设置。"
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr "注æ„,环境的默认行为如下:<placeholder-1/>"
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"此版本的 <command>su</command> 有很多编译选项,在æŸäº›æœºå™¨ä¸Šï¼Œå¯èƒ½åªä½¿ç”¨äº†å…¶ä¸­"
+"的一部分。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"如果定义了,或者是包å«è®¾å¤‡å(没行一个)的文件的完整路径å,或者是“:â€åˆ†éš”的设备"
+"å列表。将åªä¼šåœ¨è¿™å†™è®¾å¤‡ä¸Šå…许 root 登录。"
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr "如果没有定义,å¯ä»¥åœ¨ä»»ä½•è®¾å¤‡ä¸Šä½¿ç”¨ root。"
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "指定的设备时ä¸å¸¦ /dev/ å‰ç¼€ã€‚"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"在控制å°ç™»å½•æ—¶ï¼Œæ·»åŠ åˆ°ç”¨æˆ·é™„加组集中的组列表(就如 CONSOLE 所确定的)。默认是"
+"无。<placeholder-1/> 使用时需è¦æ³¨æ„:这å¯èƒ½ä½¿ç”¨æˆ·èŽ·å–这些组的永久æƒé™ï¼Œç”šè‡³ç™»"
+"录到的ä¸æ˜¯æ­¤æŽ§åˆ¶å°æ—¶ã€‚"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (boolean)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr "如果ä¸èƒ½ cd 到主目录时,说明是å¦å…许登录。默认是å¦ã€‚"
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"如果设置为 <replaceable>yes</replaceable>,如果ä¸èƒ½ cd 到主目录时,用户将会登"
+"录到根目录(<filename>/</filename>)。"
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (string)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"如果设置了,将会用于在用户登录时定义 HZ 环境å˜é‡ã€‚值必须以 <replaceable>HZ=</"
+"replaceable> 开头。Linux 上的常用值是 <replaceable>HZ=100</replaceable>。"
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"<envar>HZ</envar> 环境å˜é‡åªæœ‰å½“用户(超级用户)使用 <command>sulogin</"
+"command> 登录时æ‰è®¾ç½®ã€‚"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"如果此文件存在,并且å¯è¯»ï¼Œå°†ä¼šä»Žä¸­è¯»å–登录环境。所有行都必须是 name=value çš„"
+"æ ¼å¼ã€‚"
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr "以 # 开头的行将视为注释,并被忽略。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when a "
+#| "regular user login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/bin:/usr/bin</replaceable>). The default value is "
+#| "<replaceable>PATH=/bin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"如果设置了,它将用于定义普通用户登录时的 PATH 环境å˜é‡ã€‚此值å¯ä»¥ç”¨ "
+"<replaceable>PATH=</replaceable> 开头,或者是冒å·åˆ†éš”的路径列表 (例如 "
+"<replaceable>/bin:/usr/bin</replaceable>)。默认的值是 <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when the "
+#| "superuser login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>). The default "
+#| "value is <replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"如果设置了,它将用于定义超级用户登录时的 PATH 环境å˜é‡ã€‚此值å¯ä»¥ç”¨ "
+"<replaceable>PATH=</replaceable> 开头,或者是冒å·åˆ†éš”的路径列表 (例如 "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>)。默认值是 "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"如果设置了,它将用于在用户登录时定义 TZ 环境å˜é‡ã€‚此值å¯ä»¥æ˜¯ä»¥ "
+"<replaceable>TZ=</replaceable> 开头的时区å(例如 <replaceable>TZ=CST6CDT</"
+"replaceable>),或者是包å«æ—¶åŒºè§„则的文件完整路径(例如 <filename>/etc/tzname</"
+"filename>)。"
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"如果将完整路径指定为了一个ä¸å­˜åœ¨æˆ–ä¸å¯è¯»çš„文件,则默认使用 "
+"<replaceable>TZ=CST6CDT</replaceable>。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"此字符串用于æ示输入密ç ã€‚默认是 \"Password: \",或者翻译了的结果(汉语中翻译"
+"为了“密ç ï¼šâ€)。如果设置了此å˜é‡ï¼Œæ示ä¸ä¼šè¢«ç¿»è¯‘。"
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr "å¦‚æžœå­—ç¬¦ä¸²åŒ…å« <replaceable>%s</replaceable>,将会被用户å替æ¢ã€‚"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (boolean)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr "å¯ç”¨ç™»å½•æ—¶æ£€æŸ¥å’ŒçŽ°å®žé‚®ç®±çŠ¶æ€ã€‚"
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"如果 shell çš„å¯åŠ¨æ–‡ä»¶å·²ç»æ£€æŸ¥äº†é‚®ä»¶(\"mailx -e\" 或者其它åŒåŠŸèƒ½çš„工具),您应"
+"该ç¦ç”¨å®ƒã€‚"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (boolean)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "Enable setting of ulimit, umask, and niceness from passwd gecos field."
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr "å…许在 passwd çš„ gecos 字段设置 ulimitã€umask å’Œ niceness。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr "如果定义了,所有的 su 活动都会记录到此文件。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"如果定义了,就是è¿è¡Œâ€œsu -â€æ—¶æ˜¾ç¤ºçš„命令å称。例如,如果定义为“suâ€ï¼Œé‚£ä¹ˆâ€œpsâ€ä¼š"
+"显示此命令为“-suâ€ã€‚如果没有定义,“psâ€å°†ä¼šæ˜¾ç¤ºå®žé™…执行的 shell,例如类似于“-"
+"shâ€ã€‚"
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (boolean)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"如果为 <replaceable>yes</replaceable>,用户必须在 <filename>/etc/group</"
+"filename> 中别设定为 GID 为 0 的组(在大部分 Linux ä¸Šå« <replaceable>root</"
+"replaceable>)çš„æˆå‘˜ã€‚"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (boolean)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr "除了 sulog 文件日志,也为 <command>su</command> 活动å¯ç”¨â€œsyslogâ€æ—¥å¿—。"
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr "æˆåŠŸæ—¶ï¼Œ<command>su</command> 返回执行的命令的退出值。"
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr "如果命令被信å·ç»“æŸï¼Œ<command>su</command> 返回此信å·çš„ç¼–å·åŠ  128。"
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"如果 su å¿…é¡»è¦æ€æ­»æ­¤å‘½ä»¤(因为已ç»è¦æ±‚它结æŸï¼Œå¯æ˜¯å´æ²¡æœ‰åŠæ—¶ç»“æŸ),"
+"<command>su</command> 返回 255。"
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "æˆåŠŸ (åªæœ‰ <option>--help</option>)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "系统或者认è¯å¤±è´¥"
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "è¦æ±‚的命令ä¸å­˜åœ¨"
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "请求的命令ä¸èƒ½æ‰§è¡Œ"
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr "<command>su</command> 中的æŸäº›é€€å‡ºå€¼ä¸Žæ‰§è¡Œçš„命令无关:<placeholder-1/>"
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "以ä¸åŒçš„组 ID 执行命令"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "组 <placeholder-1/> 命令"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"<command>sg</command> 命令类似于 <command>newgrp</command>,但是å¯ä»¥æŽ¥å—一个"
+"命令。这个命令将会使用 <filename>/bin/sh</filename> shell æ¥æ‰§è¡Œã€‚对于您å¯ä»¥"
+"使用 <command>sg</command> å¯åŠ¨çš„多数 shell,您需è¦å°†å¤šä¸ªè¯çš„命令用引å·å¼•èµ·"
+"æ¥ã€‚<command>newgrp</command> å’Œ <command>sg</command> 之间的å¦å¤–一个ä¸åŒç‚¹æ˜¯"
+"æŸäº› shell 对 <command>newgrp</command> 有特殊对待,会使用 <command>newgrp</"
+"command> 创建的一个新的 shell 实例替æ¢è‡ªèº«ã€‚è¿™ä¸ä¼šå‘生在 <command>sg</"
+"command> 身上,所以从 <command>sg</command> 退出åŽï¼Œæ‚¨ä¼šè¿”回到先å‰çš„组 ID。"
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (boolean)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr "å…许“syslogâ€è®°å½• <command>sg</command> 的活动。"
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "å½±å­åŒ–了的密ç æ–‡ä»¶"
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>shadow</filename> 是一个文件,它包å«ç³»ç»Ÿè´¦æˆ·çš„密ç ä¿¡æ¯å’Œå¯é€‰çš„年龄"
+"ä¿¡æ¯ã€‚"
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr "如果没有维护好密ç å®‰å…¨ï¼Œæ­¤æ–‡ä»¶ç»å¯¹ä¸èƒ½è®©æ™®é€šç”¨æˆ·å¯è¯»ã€‚"
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"此文件的æ¯è¡ŒåŒ…括 9 个字段,使用åŠè§’å†’å· (<quote>:</quote>) 分隔,顺åºå¦‚下:"
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "登录å"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr "必须是有效的账户å,且已ç»å­˜åœ¨äºŽç³»ç»Ÿä¸­ã€‚"
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "加密了的密ç "
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"请å‚考 <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> æ¥äº†è§£å…³äºŽè§£æžæ­¤å­—符串的细节信æ¯ã€‚"
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"如果密ç å­—段包å«ä¸€äº›ä¸æ˜¯ <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> åˆæ³•ç»“果的字符,比如 ! "
+"或 *,用户将无法使用 unix 密ç ç™»å½•(但是å¯ä»¥é€šè¿‡å…¶å®ƒæ–¹æ³•ç™»å½•ç³»ç»Ÿ)。"
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"此字段å¯ä»¥ä¸ºç©ºï¼Œæ­¤æ—¶è®¤è¯ä¸ºç‰¹å®šçš„登录å时,ä¸è¦æ±‚密ç ã€‚ç„¶è€Œï¼Œä¸€äº›è¯»å– "
+"<filename>/etc/shadow</filename> 文件的应用程åºï¼Œåœ¨å¯†ç å­—段为空时,å¯èƒ½å†³å®šç¦"
+"止任何访问。"
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "A password field which starts with a exclamation mark means that the "
+#| "password is locked. The remaining characters on the line represent the "
+#| "password field before the password was locked."
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"以å¹å·å¼€å§‹çš„密ç å­—段æ„味ç€å¯†ç è¢«é”定。该行的剩余字符表示é”定之å‰çš„密ç ã€‚"
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "最åŽä¸€æ¬¡æ›´æ”¹å¯†ç çš„日期"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr "最近一次更改密ç çš„时间,表示从1970å¹´1月1日开始的天数。"
+
+#: shadow.5.xml:134(para)
+#, fuzzy
+#| msgid ""
+#| "The value 0 has a special meaning, which is that the user should change "
+#| "her pasword the next time she will log in the system."
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr "0 有特殊æ„æ€ï¼Œè¡¨ç¤ºç”¨æˆ·åº”该在下次登录系统时更改密ç ã€‚"
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr "空字段表示密ç å¹´é¾„功能被ç¦ç”¨ã€‚"
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "密ç çš„最å°å¹´é¾„"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"最å°å¯†ç å¹´é¾„是指,用户一次更改密ç ä¹‹åŽï¼Œè¦ç­‰å¤šé•¿æ—¶é—´æ‰å†æ¬¡è¢«å…许更改密ç ã€‚"
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr "空字段或 0 表示没有最å°å¯†ç å¹´é¾„。"
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "最大密ç å¹´é¾„"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr "最大密ç å¹´é¾„是指,这写天之åŽï¼Œç”¨æˆ·å¿…须更改密ç ã€‚"
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr "这写天之åŽï¼Œå¯†ç ä»ç„¶å¯ç”¨ã€‚用户将会在下次登录的时候被è¦æ±‚更改密ç ã€‚"
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"空字段表示没有最大密ç å¹´é¾„,没有密ç è­¦å‘Šæ—¶é—´æ®µï¼Œæ²¡æœ‰å¯†ç ç¦ç”¨æ—¶é—´æ®µ(请看下"
+"边)。"
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr "如果最大密ç å¹´é¾„å°äºŽæœ€å°å¯†ç å¹´é¾„,用户将会ä¸èƒ½æ›´æ”¹å¯†ç ã€‚"
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "密ç è­¦å‘Šæ—¶é—´æ®µ"
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr "密ç è¿‡æœŸä¹‹å‰ï¼Œæå‰è­¦å‘Šç”¨æˆ·çš„的天数(请å‚考上边的密ç çš„最大年龄)。"
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr "空字段或者 0 表示没有密ç è­¦å‘ŠæœŸã€‚"
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "密ç ç¦ç”¨æœŸ"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"密ç è¿‡æœŸ(查看上边的密ç æœ€å¤§å¹´é¾„)åŽï¼Œä»ç„¶æŽ¥å—此密ç çš„天数(在此期间,用户应该在"
+"下次登录时修改密ç )。"
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"密ç åˆ°æœŸå¹¶ä¸”过了这个宽é™æœŸä¹‹åŽï¼Œä½¿ç”¨ç”¨æˆ·çš„当å‰çš„密ç å°†ä¼šä¸èƒ½ç™»å½•ã€‚用户需è¦è”"
+"系系统管ç†å‘˜ã€‚"
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr "空字段表示没有强制密ç è¿‡æœŸã€‚"
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "账户过期日期"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr "账户过期的日期,表示从1970年1月1日开始的天数。"
+
+#: shadow.5.xml:229(para)
+#, fuzzy
+#| msgid ""
+#| "Note that an account expiration differs from a password expiration. In "
+#| "case of an acount expiration, the user shall not be allowed to login. In "
+#| "case of a password expiration, the user is not allowed to login using her "
+#| "password."
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"注æ„,账户过期ä¸åŒäºŽå¯†ç è¿‡æœŸã€‚账户过期时,用户将ä¸è¢«å…许登录;密ç è¿‡æœŸæ—¶ï¼Œç”¨"
+"户将ä¸è¢«å…许使用其密ç ç™»å½•ã€‚"
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "空字段表示账户永ä¸è¿‡æœŸã€‚"
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr "应该é¿å…使用 0,因为它既能ç†è§£æˆæ°¸ä¸è¿‡æœŸä¹Ÿèƒ½ç†è§£æˆåœ¨1970å¹´1月1日过期。"
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "ä¿ç•™å­—段"
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "此字段ä¿ç•™ä½œå°†æ¥ä½¿ç”¨ã€‚"
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "/etc/shadow 的备份文件。"
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"注æ„,此文件由 shadow 工具集使用,而ä¸æ˜¯æ‰€æœ‰çš„用户和密ç ç®¡ç†å·¥å…·éƒ½ä¼šä½¿ç”¨ã€‚"
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "库函数调用"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "加密密ç æ–‡ä»¶å·¥å…·å‡½æ•°"
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAX"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*name"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FILE"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> å¤„ç† shadow 密ç æ–‡ä»¶ <filename>/etc/"
+"shadow</filename> 的内容。<emphasis remap=\"I\">#include</emphasis> 文件中的"
+"结构是:"
+
+#: shadow.3.xml:124(programlisting)
+#, fuzzy, no-wrap
+msgid ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* user login name */\n"
+" char\t\t*sp_pwdp; /* encrypted password */\n"
+" long int\t\tsp_lstchg; /* last password change */\n"
+" long int\t\tsp_min; /* days until change allowed. */\n"
+" long int\t\tsp_max; /* days before change required */\n"
+" long int\t\tsp_warn; /* days warning for expiration */\n"
+" long int\t\tsp_inact; /* days before account inactive */\n"
+" long int\t\tsp_expire; /* date when account expires */\n"
+" unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+" "
+msgstr ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* 用户登录å */\n"
+" char\t\t*sp_pwdp; /* åŠ å¯†è¿‡çš„å¯†ç  */\n"
+" long int\t\tsp_lstchg; /* 最近密ç æ›´æ”¹æ—¥æœŸ */\n"
+" long int\t\tsp_min; /* 到å…许更改密ç è¿˜æœ‰å¤šå°‘天 */\n"
+" long int\t\tsp_max; /* 到è¦æ±‚更改密ç è¿˜æœ‰å¤šå°‘天 */\n"
+" long int\t\tsp_warn; /* 警告过期的天数 */\n"
+" long int\t\tsp_inact; /* 账户éžæ´»åŠ¨ä¹‹å‰çš„天数 */\n"
+" long int\t\tsp_expire; /* 账户过期的日期 */\n"
+" unsigned long int\tsp_flag; /* ä¿ç•™åšä»¥åŽä½¿ç”¨ */\n"
+"}\n"
+" "
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "æ¯ä¸ªå­—段的å«ä¹‰æ˜¯ï¼š"
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr "sp_namp - 指å‘以 null 结æŸçš„用户å的指针"
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr "sp_pwdp - æŒ‡å‘ null 结æŸçš„密ç çš„指针"
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr "sp_lstchg - 最近更改密ç çš„日期(日期计算方法是从1970å¹´1月1日开始的天数)"
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr ""
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"<emphasis>setspent</emphasis> å’Œ <emphasis>endspent</emphasis> 分别用æ¥å¼€å§‹å’Œ"
+"结æŸå¯¹å½±å­å¯†ç æ–‡ä»¶çš„访问。"
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"需è¦ä½¿ç”¨ <emphasis>lckpwdf</emphasis> å’Œ <emphasis>ulckpwdf</emphasis> 函数æ¥"
+"ç¡®ä¿å¯¹ <filename>/etc/shadow</filename> 文件的互斥访问。<emphasis>lckpwdf</"
+"emphasis> 使用 <emphasis>pw_lock</emphasis> æ¥èŽ·å–一个最长为 15 秒的é”,然åŽ"
+"继续使用 <emphasis>spw_lock</emphasis> æ¥èŽ·å–长度为开始的 15 秒时间的剩余é‡çš„"
+"第二把é”。总计 15 秒之åŽï¼Œæ— è®ºå“ªä¸ªå¤±è´¥ï¼Œ<emphasis>lckpwdf</emphasis> 都返回 "
+"-1。两把é”都获å–æˆåŠŸæ—¶ï¼Œè¿”回 0。"
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"如果没有更多æ¡ç›®äº†æˆ–者处ç†æ—¶å‡ºé”™ï¼Œæ­¤å‡½æ•°è¿”回 NULL。使用 <emphasis>int</"
+"emphasis> 类型返回值的函数返回 0 表示æˆåŠŸï¼Œ-1 表示失败。"
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr "这些函数åªèƒ½ç”±è¶…级用户使用,因为对影å­å¯†ç æ–‡ä»¶çš„访问是å—é™çš„。"
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr "在影å­å¯†ç å’Œç»„以åŠå…¶å®ƒç›´æŽ¥è½¬æ¢"
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"<command>pwconv</command> 命令使用 <emphasis remap=\"I\">passwd</emphasis> 以"
+"åŠå¯é€‰å¹¶å·²ç»å­˜åœ¨çš„ <emphasis remap=\"I\">shadow</emphasis> æ¥åˆ›å»º <emphasis "
+"remap=\"I\">shadow</emphasis>。"
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"<command>pwconv</command> ä¸èƒ½åœ¨å¯ç”¨ <option>USE_TCB</option> æ—¶ä¸èƒ½å·¥ä½œã€‚è¦"
+"转æ¢åˆ° tcb 密ç ï¼Œæ‚¨é¦–先需è¦é€šè¿‡åœ¨ <filename>login.defs</filename> ç¦ç”¨ "
+"<option>USE_TCB</option> 并使用 <command>pwconv</command> 转æ¢åˆ°å½±å­å¯†ç ï¼Œç„¶"
+"åŽå†ä½¿ç”¨ <command>tcb_convert</command> 转æ¢åˆ° tcb 密ç (并且在 "
+"<filename>login.defs</filename> 中é‡æ–°å¯ç”¨ <option>USE_TCB</option>)。"
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"<command>pwunconv</command> 命令使用 <emphasis remap=\"I\">passwd</emphasis> "
+"å’Œ <emphasis remap=\"I\">shadow</emphasis> æ¥åˆ›å»º <emphasis remap=\"I"
+"\">passwd</emphasis>,然åŽç§»é™¤ <emphasis remap=\"I\">shadow</emphasis>。"
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"<command>pwunconv</command> 在å¯ç”¨ <option>USE_TCB</option> æ—¶ä¸èƒ½å·¥ä½œã€‚首先"
+"需è¦ä½¿ç”¨ <command>tcb_unconvert</command> 从 tcb 切æ¢å›žå½±å­å¯†ç ï¼Œç„¶åŽä½¿ç”¨ "
+"<command>pwunconv</command> 在 <filename>login.defs</filename> 中ç¦ç”¨ "
+"<option>USE_TCB</option>。"
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"<command>grpconv</command> 从 <emphasis remap=\"I\">group</emphasis> å’Œå¯èƒ½å­˜"
+"在的 <emphasis remap=\"I\">gshadow</emphasis> 创建 <emphasis remap=\"I"
+"\">gshadow</emphasis>。"
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"<command>grpunconv</command> 命令从 <emphasis remap=\"I\">group</emphasis> "
+"和 <emphasis remap=\"I\">gshadow</emphasis> 创建 <emphasis remap=\"I"
+"\">group</emphasis>,然åŽç§»é™¤ <emphasis remap=\"I\">gshadow</emphasis>。"
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"这四个程åºéƒ½å¯ä»¥æ“作普通或影å­å¯†ç å’Œç»„文件:<filename>/etc/passwd</"
+"filename>, <filename>/etc/group</filename>, <filename>/etc/shadow</filename> "
+"和 <filename>/etc/gshadow</filename>。"
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"转æ¢å‰ï¼Œæ¯ä¸ªç¨‹åºéƒ½ä¼šèŽ·å–需è¦çš„é”。<command>pwconv</command> å’Œ "
+"<command>grpconv</command> 也类似。首先删除,存在于在影å­æ–‡ä»¶ä¸­ï¼Œä½†åœ¨ä¸»æ–‡ä»¶ä¸­"
+"å´æ²¡æœ‰çš„æ¡ç›®ï¼›ç„¶åŽï¼Œæ›´æ–°åœ¨ä¸»æ–‡ä»¶ä¸­ä¸ä½¿ç”¨â€œxâ€ä½œä¸ºå¯†ç çš„å½±å­æ¡ç›®ï¼Œä¼šæ·»åŠ æ‰€æœ‰ç¼ºå¤±"
+"çš„æ¡ç›®ï¼›æœ€åŽï¼Œå°†ä¸»æ–‡ä»¶ä¸­çš„密ç æ›¿æ¢ä¸ºâ€œxâ€ã€‚这两个工具å¯ä»¥ç”¨äºŽåˆå§‹è½¬æ¢ä»¥åŠæ ¹æ®æ‰‹"
+"动编辑的主文件更新影å­æ–‡ä»¶ã€‚"
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"<command>pwconv</command> å‘ <filename>/etc/shadow</filename> 添加æ¡ç›®æ—¶ï¼Œå°†"
+"使用<filename>/etc/login.defs</filename> 中的 <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis> "
+"和 <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> 值。"
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"<command>pwunconv</command> 和 <command>grpunconv</command> 与此类似。主文件"
+"中的密ç ä¼šæ ¹æ®å½±å­æ–‡ä»¶æ›´æ–°ã€‚在主文件中存在,但ä¸åœ¨å½±å­æ–‡ä»¶ä¸­çš„æ¡ç›®å•ç‹¬ç•™ä¸‹ã€‚"
+"最åŽï¼Œç§»é™¤å½±å­æ–‡ä»¶ã€‚一些密ç å¹´é¾„ä¿¡æ¯ä¼šå› ä¸º <command>pwunconv</command> 而丢"
+"失。它åªè½¬æ¢å®ƒå¯ä»¥è½¬æ¢çš„。"
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"<command>pwconv</command>, <command>pwunconv</command>, <command>grpconv</"
+"command> å’Œ <command>grpunconv</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"在 passwd 或 group 文件中有错误(比如,有é‡å¤æ¡ç›®)å¯èƒ½ä¼šé€ æˆè¿™äº›ç¨‹åºæ­»å¾ªçŽ¯æˆ–者"
+"以奇怪的方å¼å¤±è´¥ã€‚在转æ¢è‡ªï¼Œæˆ–转æ¢åˆ°å½±å­å¯†ç æˆ–组文件å‰ï¼Œè¯·è¿è¡Œ "
+"<command>pwck</command> å’Œ <command>grpck</command> æ¥ä¿®æ­£æ­¤ç±»é”™è¯¯ã€‚"
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"<filename>/etc/login.defs</filename> 中的如下é…ç½®å˜é‡æ”¹å˜ <command>grpconv</"
+"command> 和 <command>grpunconv</command> 的行为:"
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"<filename>/etc/login.defs</filename> 中的如下é…ç½®å˜é‡æ”¹å˜ <command>pwconv</"
+"command> 的行为:"
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "检查密ç æ–‡ä»¶çš„完整性"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"<command>pwck</command> 命令检查用户åŠå…¶è®¤è¯ä¿¡æ¯çš„完整性。它检查 <filename>/"
+"etc/passwd</filename> 和 <filename>/etc/shadow</filename><phrase condition="
+"\"tcb\">(或者在 <option>USE_TCB</option> å¯ç”¨æ—¶ï¼Œ<filename>/etc/tcb</"
+"filename> 中的文件)</phrase> æ ¼å¼æ­£ç¡®ã€æ•°æ®æœ‰æ•ˆã€‚将会æ示用户删除格å¼ä¸æ­£ç¡®æˆ–"
+"者有其它错误的项。"
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "检查的项目有:"
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "正确的字段数"
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "一个唯一且有效的用户å"
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "一个有效的用户和组标识符"
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "有效的主组"
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "有效的主目录"
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "有效的登录 shell"
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"当指定第二个文件å‚数或 <filename>/etc/shadow</filename> 在系统中存在时,å¯ç”¨ "
+"<filename>shadow</filename> 检查。"
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "这些检查是:"
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr "æ¯ä¸ªå¯†ç é¡¹éƒ½æœ‰å¯¹åº”çš„å½±å­ç›¸ï¼Œå之亦然。"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr "密ç åœ¨å½±å­åŒ–了的文件中指定"
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "å½±å­é¡¹æœ‰æ­£ç¡®çš„字段数。"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "å½±å­é¡¹åœ¨å½±å­æ–‡ä»¶ä¸­æ˜¯å”¯ä¸€çš„"
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "最åŽä¸€æ¬¡çš„密ç æ›´æ”¹æ—¶é—´ä¸æ˜¯è¢«è®¾æˆäº†ä¸€ä¸ªå°†æ¥çš„时间。"
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"æ“作 <filename>/etc/passwd</filename> 文件的这些命令ä¸èƒ½è­¦å‘ŠæŸå或é‡å¤çš„æ¡"
+"目,这些情况下,应该使用 <command>pwck</command> æ¥ç§»é™¤è¿™å†™æœ‰é—®é¢˜çš„æ¡ç›®ã€‚"
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr "<option>-r</option> å’Œ <option>-s</option> 选项ä¸èƒ½è”åˆä½¿ç”¨ã€‚"
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr "<command>pwck</command> 选项å¯ä»¥æŽ¥å—的选项有:"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr "åªæŠ¥å‘Šé”™è¯¯ã€‚ä¸æ˜¾ç¤ºé‚£äº›ä¸éœ€è¦ç”¨æˆ·æ“作的警告。"
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "在åªè¯»æ¨¡å¼ä¸‹æ‰§è¡Œ <command>pwck</command>。"
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"æ ¹æ® UID 在 <filename>/etc/passwd</filename> å’Œ <filename>/etc/shadow</"
+"filename> 对项目进行排åºã€‚"
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr "å¯ç”¨ <option>USE_TCB</option> 是,本选项无效。"
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"默认上,<command>pwck</command> æ“作文件 <filename>/etc/passwd</filename> å’Œ "
+"<filename>/etc/shadow</filename><phrase condition=\"tcb\"> (或者在 "
+"<filename>/etc/tcb</filename> 中的文件)</phrase>。用户也å¯ä»¥ä½¿ç”¨ "
+"<replaceable>passwd</replaceable> å’Œ <replaceable>shadow</replaceable> å‚æ•°æ¥"
+"选择替代文件。"
+
+#: pwck.8.xml:243(para)
+#, fuzzy
+#| msgid ""
+#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+#| "alternative <replaceable>shadow</replaceable> file. In future releases, "
+#| "this paramater could be replaced by an alternate TCB directory."
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+"注æ„,<option>USE_TCB</option> å¯ç”¨æ—¶ï¼Œæ‚¨ä¸èƒ½æŒ‡å®šå¦å¤–çš„ <replaceable>shadow</"
+"replaceable>。以åŽçš„版本中,此å‚æ•°å¯èƒ½ä¼šè¢«æ›¿æ¢æˆä¸€ä¸ªå¦å¤–çš„ TCB 目录。"
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "一个或多个错误的密ç æ¡ç›®"
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "无法打开密ç æ–‡ä»¶"
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "无法é”定密ç æ–‡ä»¶"
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "无法更新密ç æ–‡ä»¶"
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "无法在密ç æ–‡ä»¶ä¸­æŽ’åº"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>pwck</command> 命令有如下返回值:<placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr "端å£è®¿é—®æ—¶é—´æ–‡ä»¶"
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> 包å«ä¸€ä¸ª tty 设备ã€ç”¨æˆ·åå’Œå…许登录"
+"时间的列表。"
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"æ¯é¡¹åŒ…å«ä¸‰ä¸ªç”±å†’å·åˆ†éš”的字段。第一个字段是逗å·åˆ†éš”çš„ tty 设备列表,或者星å·è¡¨"
+"示匹é…所有终端。第二个字段是逗å·åˆ†éš”的用户å列表,或者星å·è¡¨ç¤ºåŒ¹é…所有用户"
+"å。第三个字段是逗å·åˆ†éš”的访问许å¯æ—¶é—´ã€‚"
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"æ¯æ¡è®¿é—®æ—¶é—´åŒ…å«ä¸€å‘¨çš„ 0 天或多天,缩写为 <emphasis>Su</emphasis>, "
+"<emphasis>Mo</emphasis>, <emphasis>Tu</emphasis>, <emphasis>We</emphasis>, "
+"<emphasis>Th</emphasis>, <emphasis>Fr</emphasis> 和 <emphasis>Sa</emphasis>,"
+"éšåŽæ˜¯è¿žå­—符分隔的一组时间,缩写 <emphasis>Wk</emphasis> å¯ä»¥ç”¨äºŽè¡¨ç¤ºå‘¨ä¸€åˆ°å‘¨"
+"五,<emphasis>Al</emphasis> å¯ä»¥ç”¨äºŽè¡¨ç¤ºæ²¡ä¸€å¤©ã€‚如果没有制定周几,将会å‡å®šä¸º "
+"<emphasis>Al</emphasis>。"
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "示例"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"下é¢çš„æ¡ç›®å…许在工作日的上åˆä¹ç‚¹åˆ°ä¸‹åˆäº”点在任何端å£ä¸Šè®¿é—®ç”¨æˆ· <emphasis "
+"remap=\"B\">jfh</emphasis>。"
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"下é¢è¿™æ¡ä»»ä½•æ—¶é—´ï¼Œåªå…许用户 <emphasis>root</emphasis> å’Œ <emphasis>oper</"
+"emphasis> 在 <filename>/dev/console</filename> 登录。这也是说 <filename>/etc/"
+"porttime</filename> 文件是一个访问时间的有åºåˆ—表。任何匹é…第二æ¡çš„其他用户都"
+"ä¸ä¼šè¢«å…许访问。"
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+msgstr ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"如下项å…许,在éžå·¥ä½œæ—¶é—´åœ¨ä»»ä½•ç«¯å£ä¸Šä½¿ç”¨ç”¨æˆ· <emphasis>games</emphasis>。"
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "包å«äº†ç«¯å£è®¿é—®ä¿¡æ¯çš„文件。"
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "密ç æ–‡ä»¶"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> 为æ¯ä¸ªç”¨æˆ·è´¦æˆ·åŒ…å«ä¸€è¡Œï¼ŒåŒ…å«ä½¿ç”¨å†’å· "
+"(<quote>:</quote>) 分隔的七个字段,分别是:"
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "å¯é€‰çš„加密åŽçš„密ç "
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "数字用户 ID"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "数字组 ID"
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "用户å和注释字段"
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "用户主目录"
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "å¯é€‰çš„用户命令解释器"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"加密的密ç å­—段å¯ä»¥ä¸ºç©ºï¼Œæ­¤æ—¶ä½¿ç”¨æŒ‡å®šçš„登录å登录时ä¸ä¼šè¦æ±‚认è¯ã€‚然而,如果 "
+"<emphasis>password</emphasis> ä¸ºç©ºï¼Œä¸€äº›è¯»å– <filename>/etc/passwd</"
+"filename> 文件的程åºå¯èƒ½ä¼šä¸å…许 <emphasis>任何</emphasis> 访问。如果 "
+"<emphasis>password</emphasis> 字段是一个å°å†™çš„ <quote>x</quote>,那么加密的密"
+"ç å®žé™…上存储于 <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> 中;在 <filename>/etc/"
+"shadow</filename> 文件中 <emphasis>å¿…é¡»</emphasis> 有对应的行,å¦åˆ™ç”¨æˆ·è´¦æˆ·å°±"
+"会无效。如果 <emphasis>password</emphasis> 字段是其他任何字符串,将会被视为加"
+"密过的密ç ï¼Œå¦‚ <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> 中的说明。"
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"此注释字段被多个系统工具使用,例如 <citerefentry><refentrytitle>finger</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>。"
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"主目录字段æ供了åˆå§‹å·¥ä½œç›®å½•çš„å称。<command>login</command> 程åºæ ¹æ®æ­¤ä¿¡æ¯è®¾"
+"ç½® <envar>$HOME</envar> 环境å˜é‡ã€‚"
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"命令解释器字段æ供了用户命令语言解释器的å称,或者开始时执行的程åºçš„å称。"
+"<command>login</command> 程åºä½¿ç”¨æ­¤ä¿¡æ¯è®¾ç½® <envar>$SHELL</envar> 环境å˜é‡çš„"
+"值。如果字段为空,默认值为 <filename>/bin/sh</filename>。"
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "å¯é€‰çš„加密åŽçš„密ç æ–‡ä»¶"
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "/etc/passwd 的备份文件。"
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "更改用户密ç "
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"<command>passwd</command> 命令用æ¥æ›´æ”¹ç”¨æˆ·è´¦æˆ·çš„密ç ã€‚普通用户通常åªæ›´æ”¹å…¶è‡ª"
+"己账户的密ç ï¼Œè€Œè¶…级用户å¯ä»¥æ›´æ”¹ä»»ä½•è´¦æˆ·çš„密ç ã€‚<command>passwd</command> 也"
+"更改账户或相关的密ç æœ‰æ•ˆæœŸã€‚"
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "密ç æ›´æ”¹"
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"如果有旧密ç ï¼Œé¦–å…ˆæ示用户输入旧密ç ã€‚加密这个密ç ç„¶åŽå’Œå­˜å‚¨çš„密ç è¿›è¡Œæ¯”较。"
+"用户åªæœ‰ä¸€æ¬¡æœºä¼šè¾“入正确密ç ã€‚å…许超级用户略过这个步骤,以便更改忘记了的密"
+"ç ã€‚"
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"输入了密ç ä¹‹åŽï¼Œä¼šæ£€æŸ¥å¯†ç å¹´é¾„ä¿¡æ¯ï¼Œä»¥æŸ¥çœ‹æ­¤æ—¶æ˜¯å¦å…许用户更改密ç ã€‚如果ä¸å…"
+"许,<command>passwd</command> æ‹’ç»æ›´æ”¹å¯†ç ï¼Œç„¶åŽé€€å‡ºã€‚"
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"æ示用户输入两次新密ç ã€‚第二次和第一次进行比较,并且需è¦ç›¸åŒæ‰èƒ½æ›´æ”¹å¯†ç ã€‚"
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"然åŽï¼Œæµ‹è¯•å¯†ç çš„负责程度。一般æ¥è®²ï¼Œå¯†ç åº”è¯¥åŒ…å« 6 到 8 ä½å­—符,从下边的一个"
+"或多个集åˆä¸­é€‰æ‹©ï¼š"
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "å°å†™å­—æ¯"
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "数字 0 到 9"
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "标点符å·"
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"å¿…é¡»è¦ç•™æ„ä¸èƒ½åŒ…å«ç³»ç»Ÿé»˜è®¤çš„擦除和æ€æ­»å­—符。<command>passwd</command> 会拒ç»"
+"å¤æ‚度ä¸æ»¡è¶³è¦æ±‚的密ç ã€‚"
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "关于用户密ç çš„æ示"
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"密ç çš„安全性ä¾èµ–于加密算法的强度和密钥空间的大å°ã€‚旧的 <emphasis>UNIX</"
+"emphasis> 系统加密算法基于 NBS DES 算法。推è使用更新的算法(查看 "
+"<option>ENCRYPT_METHOD</option>)。密钥空间的大å°ä¾èµ–于选择的密ç çš„éšæœºæ€§ã€‚"
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"由于粗心地或处ç†é€‰æ‹©å¯†ç ï¼Œä¼šå±åŠå¯†ç çš„安全。由于这个原因,您ä¸åº”该选择出现在"
+"è¯å…¸ä¸­æˆ–者必须è¦å†™ä¸‹æ¥æ‰èƒ½è®°ä½çš„密ç ã€‚密ç ä¹Ÿä¸åº”该是一个åå­—ã€è®¸å¯è¯å·ã€ç”Ÿæ—¥"
+"或者街é“å·ã€‚所有这些å¯ä»¥ç”¨äºŽçŒœæµ‹æ¥æŸå®³ç³»ç»Ÿå®‰å…¨ã€‚"
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"您å¯ä»¥åœ¨åœ¨ http://zh.wikipedia.org/zh-cn/密ç å¼ºåº¦ 找到怎样选择强壮密ç çš„建"
+"议。"
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "<command>passwd</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr "此选项åªèƒ½å’Œ <option>-S</option> 一起使用,æ¥æ˜¾ç¤ºæ‰€æœ‰ç”¨æˆ·çš„状æ€ã€‚"
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"删除用户密ç (让它为空)。这是ç¦ç”¨ä¸€ä¸ªç”¨æˆ·å¯†ç çš„快速方法。它将设置给出å称的账"
+"户。"
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr "让一个账户的密ç ç«‹å³è¿‡æœŸã€‚è¿™å¯ä»¥å¼ºåˆ¶ä¸€ä¸ªç”¨æˆ·ä¸‹æ¬¡ç™»å½•æ—¶æ›´æ”¹å¯†ç ã€‚"
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"此选项用于在密ç è¿‡æœŸä¸€å®šå¤©æ•°ä¹‹åŽç¦ç”¨è´¦æˆ·ã€‚一个用户账户密ç å·²ç»è¿‡æœŸ "
+"<replaceable>INACTIVE</replaceable> 天之åŽï¼Œç”¨æˆ·å°†ä¸èƒ½å†ç™»å½•è¿›è´¦æˆ·ã€‚"
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"表示密ç æ›´æ”¹åªåº”该因为认è¯å£ä»¤(密ç )过期更改。用户希望ä¿æŒä»–们尚未过期的å£"
+"令。"
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"é”定指定账户的密ç ã€‚此选项通过将密ç æ›´æ”¹ä¸ºä¸€ä¸ªä¸å¯èƒ½ä¸ŽåŠ å¯†å€¼åŒ¹é…的值æ¥ç¦ç”¨(它"
+"在密ç å¼€å¤´æ·»åŠ ä¸€ä¸ªâ€œ!â€)。"
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"注æ„,这并没有ç¦ç”¨æ­¤è´¦æˆ·ã€‚用户ä»ç„¶å¯ä»¥é€šè¿‡å…¶å®ƒè®¤è¯æ–¹å¼(如 SSH 密ç )æ¥ç™»å½•ã€‚è¦"
+"ç¦ç”¨æ­¤è´¦æˆ·ï¼Œç®¡ç†å‘˜éœ€è¦ä½¿ç”¨ <command>usermod --expiredate 1</command> (设置账"
+"户的过期时间为1970年1月2日)。"
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr "被é”定了密ç çš„用户ä¸å…许更改密ç ã€‚"
+
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"在密ç æ›´æ”¹ä¹‹é—´çš„最å°å¤©æ•°è®¾ç½®ä¸º <replaceable>MIN_DAYS</replaceable>。此字段中"
+"çš„ 0 值表示用户å¯ä»¥åœ¨ä»»ä½•æ—¶é—´æ›´æ”¹å…¶å¯†ç ã€‚"
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr "在 <replaceable>REPOSITORY</replaceable> 中更改密ç "
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"显示账户状æ€ä¿¡æ¯ã€‚状æ€ä¿¡æ¯åŒ…å« 7 个字段。首个字段是用户的登录å,第二个字段表"
+"示用户账户是å¦å·²ç»é”定密ç (L)ã€æ²¡æœ‰å¯†ç  (NP)或者密ç å¯ç”¨(P),第三个字段给出最"
+"åŽä¸€æ¬¡æ›´æ”¹å¯†ç çš„日期。接下æ¥çš„四个字段分别是密ç çš„最å°å¹´é¾„ã€æœ€å¤§å¹´é¾„ã€è­¦å‘ŠæœŸ"
+"å’Œç¦ç”¨æœŸã€‚这些年龄以天为å•ä½è®¡ç®—。"
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"解é”指定用户的密ç ã€‚æ­¤æ“作通过将密ç æ”¹å›žå…ˆå‰å€¼(改回使用 <option>-l</option> "
+"之å‰çš„值)é‡æ–°å¯ç”¨å¯†ç ã€‚"
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"设置在è¦æ±‚更改密ç ä¹‹å‰è­¦å‘Šçš„天数。<replaceable>WARN_DAYS</replaceable> 选项是"
+"在密ç è¿‡æœŸä¹‹å‰æå‰è­¦å‘Šçš„天数。"
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"设置密ç ä»ç„¶æœ‰æ•ˆçš„最大天数。<replaceable>MAX_DAYS</replaceable> 之åŽï¼Œå¯†ç ä¼š"
+"è¦æ±‚更改。"
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr "密ç å¤æ‚性检查在æ¯å°æœºå™¨é—´ä¸åŒã€‚用户应该选择适åˆçš„å°½é‡å¤æ‚的密ç ã€‚"
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"在å¯åŠ¨äº† NIS 的系统上,如果没有登录 NIS æœåŠ¡å™¨ï¼Œç”¨æˆ·æˆ–许ä¸èƒ½æ›´æ”¹è‡ªå·±çš„密ç ã€‚"
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr "<command>passwd</command> 使用 PAM æ¥è®¤è¯ç”¨æˆ·ä»¥åŠæ›´æ”¹å¯†ç ã€‚"
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (string)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr "这定义了系统加密密ç çš„默认算法(如果没有在命令行上指定算法)。"
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"å¯ä»¥ä½¿ç”¨å¦‚下值:<replaceable>DES</replaceable> (default), <replaceable>MD5</"
+"replaceable><phrase condition=\"sha_crypt\">, <replaceable>SHA256</"
+"replaceable>, <replaceable>SHA512</replaceable></phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr "注æ„,此å‚数会覆盖 <option>MD5_CRYPT_ENAB</option> å˜é‡ã€‚"
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"注æ„:这åªå½±å“组密ç çš„产生。用户密ç çš„产生是由 PAM å’Œ PAM é…置负责的。建议设"
+"置此å˜é‡å’Œ PAM é…置一致。"
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (boolean)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"表示密ç æ˜¯å¦å¿…须使用基于 MD5 的算法加密。如果设为 <replaceable>yes</"
+"replaceable>,新密ç å°†ä½¿ç”¨å¯ä»¥å’Œæ–°ç‰ˆ FreeBSD 兼容的基于 MD5 的算法加密。它支"
+"æŒæ— é™é•¿åº¦çš„密ç ä»¥åŠæ›´é•¿çš„ç›å­—符串。如果您需è¦å°†åŠ å¯†çš„密ç å¤åˆ¶åˆ°å…¶å®ƒä¸ç†è§£æ–°"
+"算法的系统,设置为 <replaceable>no</replaceable>。默认值是 <replaceable>no</"
+"replaceable>。"
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+#, fuzzy
+#| msgid ""
+#| "This variable is superceded by the <option>ENCRYPT_METHOD</option> "
+#| "variable or by any command line option used to configure the encryption "
+#| "algorithm."
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"æ­¤å˜é‡å·²ç»è¢« <option>ENCRYPT_METHOD</option> å˜é‡æˆ–者用于é…置加密算法的命令行"
+"选项å–代。"
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr "æ­¤å˜é‡å·²ç»åºŸå¼ƒã€‚您应该使用 <option>ENCRYPT_METHOD</option>。"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr "对密ç æ›´æ”¹å¯ç”¨é™„加检查。"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (boolean)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr "如果是 root,警告弱密ç ï¼Œä½†æ˜¯ä»ç„¶å…许使用。"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (number)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr "å¯ä»¥å°è¯•æ›´æ”¹å¯†ç çš„最大次数(太容易)。"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (number)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (number)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"crypt() 的有效字符ä½æ•°ã€‚<option>PASS_MAX_LEN</option> 默认是 8,除éžæ‚¨è‡ªå·±çš„ "
+"crypt() 更好,å¦åˆ™ä¸è¦æ›´æ”¹ã€‚如果 <option>MD5_CRYPT_ENAB</option> 设为 "
+"<replaceable>yes</replaceable>,会被忽略。"
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"<option>ENCRYPT_METHOD</option> 设为 <replaceable>SHA256</replaceable> 或 "
+"<replaceable>SHA512</replaceable> 时,此项确定加密算法默认使用 SHA 轮转数目"
+"(当轮转数没有通过命令行指定时)。"
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"使用很多轮转,会让暴力破解更加困难。但是需è¦æ³¨æ„,认è¯ç”¨æˆ·æ—¶ä¹Ÿä¼šéœ€è¦æ›´å¤šçš„ "
+"CPU 资æºã€‚"
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr "如果没有指定,libc 会选择默认的轮转数(5000)。"
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr "值必须在 1000 - 999,999,999 之间。"
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"如果åªè®¾ç½®äº†ä¸€ä¸ª <option>SHA_CRYPT_MIN_ROUNDS</option> 或 "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> 值,就会使用这个值。"
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"如果 <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; "
+"<option>SHA_CRYPT_MAX_ROUNDS</option>,将会使用大的那个。"
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "<command>passwd</command> çš„ PAM é…置。"
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "æƒé™ä¸å¤Ÿ"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "无效的选项组åˆ"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "æ„外的失败,什么也没有åšã€‚"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "æ„外的失败,<filename>passwd</filename> 文件丢失"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr "<filename>passwd</filename> 文件忙,请é‡è¯•"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>passwd</command> 命令退出,并返回如下值:<placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "礼貌地拒ç»ç™»å½•"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"<command>nologin</command> 命令显示一个信æ¯ï¼Œè¯´è´¦æˆ·ä¸å¯ç”¨ç„¶åŽè¿”回éžé›¶å€¼ã€‚它用"
+"于代替已ç»ç¦ç”¨çš„账户的 shell 字段。"
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"如果è¦ç¦ç”¨æ‰€æœ‰ç™»å½•ï¼Œè¯·å‚考 <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>。"
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "历å²"
+
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "<command>nologin</command> 首次出现于 BSD 4.4。"
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "批é‡æ›´æ–°å’Œåˆ›å»ºæ–°ç”¨æˆ·"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "文件"
+
+#: newusers.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The <command>newusers</command> command reads a file of user name and "
+#| "clear-text password pairs and uses this information to update a group of "
+#| "existing users or to create new users. Each line is in the same format as "
+#| "the standard password file (see <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>) with the "
+#| "exceptions explained below:"
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"<command>newusers</command> 命令读å–用户å和明文密ç å¯¹æ–‡ä»¶ï¼Œå¹¶ä½¿ç”¨æ­¤ä¿¡æ¯æ›´æ–°"
+"一系列现有用户或创建新用户。æ¯è¡Œå’Œæ ‡å‡†çš„ password 文件使用åŒæ ·çš„æ ¼å¼(å‚考 "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>),除了下边这些区别:"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "这是用户的用户å。"
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "It can be the name of a new user or the name of an existing user (or an "
+#| "user created before by <command>newusers</command>). In case of an "
+#| "existing user, the user's information will be changed, otherwise a new "
+#| "user will be created."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"æ—¢å¯ä»¥æ˜¯æ–°ç”¨æˆ·å也å¯ä»¥æ˜¯çŽ°æœ‰ç”¨æˆ·å(也å¯ä»¥æ˜¯ <command>newusers</command> 以å‰"
+"创建的用户)。现有用户时,将会更改用户信æ¯ï¼Œå¦åˆ™ä¼šåˆ›å»ºæ–°ç”¨æˆ·ã€‚"
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr "此字段将被加密然åŽç”¨äºŽåŠ å¯†åŽå¯†ç çš„新值。"
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr "pw_uid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "此字段用于定义用户的 UID。"
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"如果此字段为空,<command>newusers</command> 会自动确定一个新的(未使用的)UID。"
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr "如果此字段包å«ä¸€ä¸ªæ•°å­—,此数字会用于 UID。"
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"如果此字段包å«å·²ç»ä½¿ç”¨äº†çš„用户å(或者 <command>newusers</command> 在å‰è¾¹å·²ç»"
+"创建的一个用户),将会使用指定用户的 UID。"
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr "如果一个现有用户更改了 UID,此用户的文件所有æƒéœ€è¦æ‰‹åŠ¨ä¿®å¤ã€‚"
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr "此字段用于定义用户的主组 ID。"
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"如果此字段包å«ä¸€ä¸ªçŽ°æœ‰ç»„的组å(或者 <command>newusers</command> 在å‰è¾¹åˆ›å»ºçš„"
+"一个组),此组的 GID 会被用于åšæ­¤ç”¨æˆ·çš„主组 ID。"
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"如果此字段是一个数字,此数字会被用作此用户的主组 ID。如果没有对应此 GID 的现"
+"有组,将会使用此 GID 创建一个新组,å称和用户å相åŒã€‚"
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"如果此字段为空,将会使用用户å作为组å,<command>newusers</command> 自动确定"
+"的一个 GID 作为主组 ID æ¥åˆ›å»ºä¸€ä¸ªæ–°ç»„。"
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"如果此字段包å«ä¸€ä¸ªä¸å­˜åœ¨çš„组的åå­—(也没有由 <command>newusers</command> 在å‰"
+"边创建),将使用指定的组åå’Œ <command>newusers</command> 自动确定的 GID 创建一"
+"个组,并作为用户的主组。"
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "此字段å¤åˆ¶åˆ°ç”¨æˆ·çš„ GECOS 字段。"
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr "此字段用于定义用户的主目录。"
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"如果此字段指定的ä¸æ˜¯çŽ°æœ‰çš„目录,将会创建指定的目录,所有æƒè®¾ç½®ä¸ºåˆ›å»ºæˆ–æ›´æ–°çš„"
+"用户åŠå…¶ä¸»ç»„。"
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"如果现有用户的主目录å˜æ›´ï¼Œ<command>newusers</command> ä¸ä¼šç§»åŠ¨æˆ–者å¤åˆ¶æ—§ç›®å½•"
+"的内容到新ä½ç½®ã€‚这需è¦æ‰‹åŠ¨å®Œæˆã€‚"
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr "此字段定义了用户的 shell。对此字段ä¸è¿›è¡Œä»»ä½•æ£€æŸ¥ã€‚"
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"<command>newusers</command> 首先å°è¯•åˆ›å»ºæˆ–更改所有指定的用户,然åŽå°†è¿™äº›æ›´æ”¹"
+"写入用户或组数æ®åº“。如果å‘生错误(除éžæ˜¯åœ¨æœ€åŽå†™å…¥æ•°æ®åº“过程中),ä¸ä¼šæœ‰ä»»ä½•æ›´"
+"改。"
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr "此命令一般用于在大型的应用环境中,对大é‡è´¦æˆ·è¿›è¡Œä¸€æ¬¡æ€§æ›´æ–°ã€‚"
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "<command>newusers</command> 命令å¯ä»¥ä½¿ç”¨çš„选项有:"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "使用指定的方法加密密ç ã€‚"
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"å¯ç”¨çš„方法有 DES, MD5, NONE, and SHA256 或 SHA512,å‰æ是您的 libc 支æŒè¿™å†™æ–¹"
+"法。"
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "使用指定次数的轮转æ¥åŠ å¯†å¯†ç ã€‚"
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr "值 0 表示让系统为加密方法选择默认的轮转次数 (5000)。"
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr "ä¼šå¼ºåˆ¶æœ€å° 1,000,最大 9,9999,9999"
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr "您åªå¯ä»¥å¯¹ SHA256 或 SHA512 使用此选项。"
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"默认,轮转数由 <filename>/etc/login.defs</filename> 文件中的 "
+"SHA_CRYPT_MIN_ROUNDS å’Œ SHA_CRYPT_MAX_ROUNDS å˜é‡ç¡®å®šã€‚"
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr "输入文件必须å—到ä¿æŠ¤ï¼Œå› ä¸ºå®ƒåŒ…å«æœªåŠ å¯†çš„密ç ã€‚"
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr "您需è¦ç¡®ä¿ä½ å—和加密方法符åˆç³»ç»Ÿçš„密ç ç­–略。"
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "<command>newusers</command> çš„ PAM é…置。"
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "登录到一个新组"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "group"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "强制登录时间é™åˆ¶"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "当å‰ç™»å½•ä¼šè¯çš„列表。"
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "å½±å­å¯†ç å¥—件é…ç½®"
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "æ供如下é…置项:"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (boolean)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"如果为 <replaceable>yes</replaceable>,<command>chfn</command> 进行任何更改å‰"
+"都è¦è¦æ±‚认è¯ï¼Œé™¤éžç”±è¶…级用户è¿è¡Œã€‚"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (string)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (boolean)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"如果 <replaceable>yes</replaceable>,<command>chsh</command> 程åºåœ¨åšä»»ä½•æ›´æ”¹"
+"之å‰éƒ½ä¼šè¦æ±‚认è¯ï¼Œé™¤éžæ˜¯ä»¥è¶…级用户身份è¿è¡Œçš„。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"终端擦除字符 (<replaceable>010</replaceable> = backspace, <replaceable>0177</"
+"replaceable> = DEL)。"
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr "此值å¯ä»¥ä½¿ç”¨å‰ç¼€â€œ0â€è¡¨ç¤ºå…«è¿›åˆ¶ï¼Œâ€œ0xâ€è¡¨ç¤ºå六进制。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr "登录失败åŽï¼Œç­‰å¾…多少秒æ‰å†å…许登录。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (boolean)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr "å…许登录并显示 <filename>/var/log/faillog</filename> 登录失败信æ¯ã€‚"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"如果设置了,<command>login</command> 将执行此 shell 而ä¸æ˜¯åœ¨ <filename>/etc/"
+"passwd</filename> 中指定的用户 shell。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr "如果定义,登录失败会以 utmp æ ¼å¼è®°å½•åœ¨æ­¤æ–‡ä»¶ä¸­ã€‚"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr "如果定义了,此文件将在æ¯æ¬¡çš„登录æ示之å‰çŽ°å®žã€‚"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr "终端 KILL 字符 (<replaceable>025</replaceable> = CTRL/U)。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (boolean)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr "å…许记录和显示 /var/log/lastlog 登录时间信æ¯ã€‚"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (boolean)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "å…许记录æˆåŠŸç™»å½•ã€‚"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr "在记录到登录失败时,å…许记录未知用户å。"
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"注æ„:如果用户ä¸å°å¿ƒå°†å¯†ç è¾“入到了登录å中,记录未知用户åå¯èƒ½æ˜¯ä¸€ä¸ªå®‰å…¨éš"
+"患。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr "密ç é”™è¯¯æ—¶ï¼Œé‡è¯•çš„最大次数。"
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+#, fuzzy
+#| msgid ""
+#| "This will most likely be overridden by PAM, since the default pam_unix "
+#| "module has it's own built in of 3 retries. However, this is a safe "
+#| "fallback in case you are using an authentication module that does not "
+#| "enforce PAM_MAXTRIES."
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"这很有å¯èƒ½è¢« PAM 覆盖,因为默认的 pam_unix 模å—有其内建 3 次é‡æ–°å°è¯•ã€‚然而,"
+"在您使用一个没有强制 PAM_MAXTRIES 的认è¯æ¨¡å—时,这是一个安全å馈。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "最大登录时间(以秒为å•ä½)。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr "如果定义了,登录时显示“:â€åˆ†éš”的“message of the dayâ€ã€‚"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid "Enable checking of time restrictions specified in /etc/porttime."
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr "å¯ç”¨åœ¨ /etc/porttime 中指定的时间é™åˆ¶æ£€æŸ¥ã€‚"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (string)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (string)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "默认 <command>ulimit</command> 值。"
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "交å‰å¼•ç”¨"
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr "如下交å‰å¼•ç”¨æ˜¾ç¤ºå½±å­å¯†ç å¥—件哪个程åºä½¿ç”¨å“ªä¸ªå‚数。"
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN "
+"UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK "
+"USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "登录访问控制表"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr "登录访问控制表的æ¯ä¸€è¡Œæœ‰â€œ:â€åˆ†éš”的三个字段:"
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr "<emphasis>EXCEPT</emphasis> æ“作符让编写éžå¸¸å¤æ‚的规则,æˆä¸ºå¯èƒ½ã€‚"
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "在系统上å¯åŠ¨å›žè¯"
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "主机"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"命令解释器的åˆå§‹åŒ–脚本也å¯èƒ½æ‰§è¡Œã€‚请å‚考手册中相应的章节æ¥èŽ·å–关于此功能的更"
+"多信æ¯ã€‚"
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "ä¸è¦æ‰§è¡Œè®¤è¯ï¼Œç”¨æˆ·å·²ç»é¢„认è¯è¿‡ã€‚"
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr "注æ„:此时,<replaceable>username</replaceable> 是强制的。"
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "此登录的远程主机å。"
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "ä¿ç•™çŽ¯å¢ƒã€‚"
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "为 rlogin (远程登录)执行 autologin (自动登录)å议。"
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"<option>-r</option>, <option>-h</option> and <option>-f</option> åªèƒ½ç”¨äºŽ "
+"root 使用 <command>login</command> 时。"
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"此版本的 <command>login</command> 有很多编译选项,åªæœ‰ä¸€éƒ¨åˆ†å¯ä»¥åœ¨ä»»ä½•ç«™ç‚¹ä½¿"
+"用。"
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr "文件的ä½ç½®ç”±ç³»ç»Ÿé…置决定。"
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "å…ˆå‰çš„登录会è¯åˆ—表。"
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr ""
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "é˜»æ­¢éž root 用户登录。"
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "终端类型列表。"
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "阻止现实系统信æ¯ã€‚"
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "资æºé™åˆ¶æè¿°"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr "æ¯è¡Œä»¥å¦‚下格å¼å¯¹ä¸€ä¸ªç”¨æˆ·æè¿°é™åˆ¶ï¼š"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "user LIMITS_STRING"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "或如下格å¼ï¼š"
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@group LIMITS_STRING"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"<emphasis>LIMITS_STRING</emphasis> 是一个串è”的资æºé™åˆ¶åˆ—表。æ¯æ¡é™åˆ¶ç”±ä¸€ä¸ªå­—"
+"æ¯æŒ‡ç¤ºç¬¦å’Œè·Ÿéšçš„æ•°å­—é™åˆ¶ç»„æˆã€‚"
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "å¯ç”¨çš„指示符有:"
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A:最大地å€ç©ºé—´ (KB)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr "Cï¼šæœ€å¤§è½¬å‚¨æ–‡ä»¶å¤§å° (KB)"
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D:最大数æ®å¤§å° (KB)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F:最大文件尺寸 (KB)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K:文件创建掩ç ï¼Œç”± <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry> 设置。"
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr "I:最高 nice 级别,(0...39 对应 20...-19)"
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L:此用户的最大登录数"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N:最大的文件打开数"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O:最大实时优先级"
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P:进程优先级,由 <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry> 设置。"
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S:最大栈尺寸 (KB)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T:最大 CPU 时间 (分钟)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U:最大处ç†å™¨æ•°ç›®"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"例如,<emphasis remap=\"I\">L2D2048N5</emphasis> 就是有效的 "
+"<emphasis>LIMITS_STRING</emphasis>。为了阅读方便,如下项表示åŒæ ·çš„æ„æ€ï¼š"
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+msgstr ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+
+#: limits.5.xml:145(para)
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+
+#: limits.5.xml:165(para)
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+
+#: limits.5.xml:170(para)
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr "è¦å®Œå…¨ç¦ç”¨å¯¹ä¸€ä¸ªç”¨æˆ·çš„é™åˆ¶ï¼Œå¯ä»¥ä»…ä»…åªä½¿ç”¨ä¸€ä¸ªçŸ­çº¿â€œ-â€ã€‚"
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr "报告所有用户的最近登录情况,或者指定用户的最近登录情况"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr "<command>lastlog</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr "åªæ˜¾ç¤ºè€äºŽ <emphasis remap=\"I\">DAYS</emphasis> 的最近登录记录。"
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "This option is only valid in combination with the <option>-d</option> (or "
+#| "<option>--home</option>) option."
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+"这个选项åªæœ‰å’Œ <option>-d</option> (或 <option>--home</option>) 选项组åˆä½¿ç”¨"
+"æ—¶æ‰æœ‰æ•ˆã€‚"
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr "åªçŽ°å®žæ–°äºŽ <emphasis remap=\"I\">DAYS</emphasis> 的最近登录记录。"
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr "现实指定用户的最近登录记录。"
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"如果用户从æ¥æ²¡æœ‰ç™»å½•è¿‡ï¼Œå°†ä¼šæ˜¾ç¤º <emphasis>** 从未登录 **</emphasis> 而ä¸æ˜¯ç«¯"
+"å£å’Œæ—¶é—´ã€‚"
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "注æ„"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr ""
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "å½±å­åŒ–了的组文件"
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr "<filename>/etc/gshadow</filename> 包å«å½±å­åŒ–了的组账户信æ¯ã€‚"
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr "此文件的æ¯è¡ŒåŒ…å«é€—å·åˆ†éš”的如下字段:"
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "组å"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "必须是系统中已ç»å­˜åœ¨çš„有效组。"
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The password is used when an user who is not a member of the group wants "
+#| "to gain the permissions of this group (see "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>)."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"此密ç ç”¨äºŽä¸æ˜¯æ­¤ç»„æˆå‘˜çš„用户获å–此组的æƒé™ã€‚(å‚考 "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> )。"
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr "此字段å¯ä»¥ä¸ºç©ºï¼Œæ­¤æ—¶ï¼Œåªæœ‰ç»„æˆå‘˜å¯ä»¥èŽ·å–组æƒé™ã€‚"
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr "此密ç å–代 <filename>/etc/group</filename> 中指定的任何密ç ã€‚"
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "管ç†å‘˜"
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "必须是一个逗å·åˆ†éš”的用户å列表。"
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr "管ç†å‘˜å¯ä»¥æ›´æ”¹ç»„密ç å’Œæˆå‘˜ã€‚"
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr "管ç†å‘˜ä¹Ÿæœ‰æˆå‘˜ä¸€æ ·çš„æƒé™(请看下边)。"
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "æˆå‘˜"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr "æˆå‘˜å¯ä»¥å…密ç è®¿é—®ç»„。"
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "检查组文件的完整性"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "一个唯一且有效的组å"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"有效的组标识符 <phrase condition=\"gshadow\"> (仅 <filename>/etc/group</"
+"filename>)</phrase>"
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr "有效的æˆå‘˜å’Œ <phrase condition=\"gshadow\">管ç†å‘˜</phrase> 列表。"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "<command>grpck</command> å¯ä»¥æŽ¥å—的选项有:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"æ ¹æ® GID 在 <filename>/etc/group</filename><phrase condition=\"gshadow\"> å’Œ "
+"<filename>/etc/gshadow</filename></phrase> 中进行排åºã€‚"
+
+#: grpck.8.xml:196(para)
+#, fuzzy
+#| msgid ""
+#| "By default, <command>pwck</command> operates on the files <filename>/etc/"
+#| "passwd</filename> and <filename>/etc/shadow</filename><phrase condition="
+#| "\"tcb\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The "
+#| "user may select alternate files with the <replaceable>passwd</"
+#| "replaceable> and <replaceable>shadow</replaceable> parameters."
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"默认上,<command>pwck</command> æ“作文件 <filename>/etc/passwd</filename> å’Œ "
+"<filename>/etc/shadow</filename><phrase condition=\"tcb\"> (或者在 "
+"<filename>/etc/tcb</filename> 中的文件)</phrase>。用户也å¯ä»¥ä½¿ç”¨ "
+"<replaceable>passwd</replaceable> å’Œ <replaceable>shadow</replaceable> å‚æ•°æ¥"
+"选择替代文件。"
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "一个或多个å掉的组æ¡ç›®"
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "无法打开组文件"
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "无法é”定组文件"
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "无法更新组文件"
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>grpck</command> å¯ä»¥è¿”回如下值:<placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "现实当å‰ç»„å"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "用户"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr ""
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GROUP"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr "<command>groupmod</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+
+#: groupmod.8.xml:120(para)
+#, fuzzy
+#| msgid ""
+#| "The default behavior (if the <option>-g</option>, <option>-N</option>, "
+#| "and <option>-U</option> options are not specified) is defined by the "
+#| "<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+#| "filename>."
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"如果没有指定 <option>-g</option>, <option>-N</option> 和 <option>-U</option> "
+"选项,默认行为由 <filename>/etc/login.defs</filename> 中的 "
+"<option>USERGROUPS_ENAB</option> å˜é‡æŒ‡å®šã€‚"
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "组åå·²ç»åœ¨ä½¿ç”¨"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>groupmod</command> 命令å¯ä»¥è¿”回如下值:<placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "用户主组的管ç†å‘˜æˆå‘˜"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "user_name"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "group_name"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr "<command>groupmems</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "将一个用户添加到组æˆå‘˜åˆ—表。"
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "从组æˆå‘˜åˆ—表中删除用户。"
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"如果 <filename>/etc/gshadow</filename> 文件存在,用户将会被从组æˆå‘˜å’Œç®¡ç†å‘˜ä¸­"
+"移除。"
+
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr "超级用户å¯ä»¥æŒ‡å®šä¿®æ”¹å“ªä¸ªç»„的组æˆå‘˜åˆ—表。"
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "列出组æˆå‘˜ã€‚"
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "从组æˆå‘˜åˆ—表中删除所有用户。"
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr ""
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "安全组账户信æ¯"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "删除一个组"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"<command>userdel</command> 修改系统账户文件,删除与 <replaceable>GROUP</"
+"replaceable> 相关的所有项目。给出的组å必须存在。"
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "<command>groupdel</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr "您ä¸èƒ½ç§»é™¤çŽ°æœ‰ç”¨æˆ·çš„主组。在移除此组之å‰ï¼Œå¿…须先移除此用户。"
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr "您需è¦æ‰‹åŠ¨æ£€æŸ¥æ‰€æœ‰æ–‡ä»¶ç³»ç»Ÿï¼Œä»¥ç¡®ä¿æ²¡æœ‰é—留的属于此组的文件。"
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "ä¸èƒ½ç§»é™¤ç”¨æˆ·çš„主组"
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>groupdel</command> 命令以如下值退出:<placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "创建一个新组"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "<command>groupadd</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+
+#: groupadd.8.xml:118(para)
+#, fuzzy
+#| msgid ""
+#| "The numerical value of the user's ID. This value must be unique, unless "
+#| "the <option>-o</option> option is used. The value must be non-negative. "
+#| "The default is to use the smallest ID value greater than 999 and greater "
+#| "than every other user. Values between 0 and 999 are typically reserved "
+#| "for system accounts."
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"用户 ID 的数字值。此值必须为唯一的,出å‘使用了 <option>-o</option> 选项。此值"
+"å¿…é¡»éžè´Ÿï¼Œé»˜è®¤ä½¿ç”¨å¤§äºŽ 999,且大于任何其他用户 ID 最å°å€¼ã€‚0 到 999 之间的值一"
+"般ä¿ç•™åšç³»ç»Ÿè´¦æˆ·ã€‚"
+
+#: groupadd.8.xml:124(para)
+#, fuzzy
+#| msgid ""
+#| "Except for the <option>-A</option> and <option>-M</option> options, the "
+#| "options cannot be combined."
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"除了 <option>-A</option> å’Œ <option>-M</option> 选项,其它选项ä¸èƒ½è”åˆä½¿ç”¨ã€‚"
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"示例:<option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"注æ„:<option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> å°šä¸èƒ½å·¥ä½œã€‚"
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr "此选项å…许添加一个使用éžå”¯ä¸€ GID 的组。"
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "创建一个系统组。"
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"组å必须以å°å†™å­—æ¯æˆ–者下划线开头,跟éšå°å†™å­—æ¯ã€ä¸‹åˆ’线或短横线。å¯ä»¥ç”±ç¾Žå…ƒç¬¦"
+"å·ç»“æŸã€‚用正则表达å¼å°±æ˜¯ï¼š[a-z_][a-z0-9_-]*[$]?"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr "组å最长为 &GROUP_NAME_MAX_LENGTH; 个字符。"
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID ä¸å”¯ä¸€ (没有使用 <option>-o</option>)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "组åä¸å”¯ä¸€"
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>groupadd</command> å¯èƒ½ä»¥å¦‚下值退出:<placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "管ç†å‘˜ <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "管ç†å‘˜ <placeholder-1/> å’Œ <placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "选项"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "请注æ„组密ç "
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"除了 <option>-A</option> å’Œ <option>-M</option> 选项,其它选项ä¸èƒ½è”åˆä½¿ç”¨ã€‚"
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "这些选项ä¸èƒ½ç»„åˆä½¿ç”¨ã€‚"
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr "<command>gpasswd</command> å¯ä»¥æŽ¥å—的选项有:"
+
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"å‘å为 <replaceable>group</replaceable> 的组中添加用户 <replaceable>user</"
+"replaceable>。"
+
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"从å为 <replaceable>group</replaceable> 的组中移除用户 <replaceable>user</"
+"replaceable>。"
+
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "设置有管ç†æƒé™çš„用户列表。"
+
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "设置组æˆå‘˜åˆ—表。"
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr "显示登录失败记录或设置登录失败é™åˆ¶"
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr "<command>faillog</command> å¯ä»¥æŽ¥å—的选项有:"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr "用户的范围å¯ä»¥ä½¿ç”¨ <option>-u</option> 选项é™åˆ¶ã€‚"
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr "登录失败åŽé”定账户 <replaceable>SEC</replaceable> 秒。"
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr "此选项è¦æ±‚对 <filename>/var/log/faillog</filename> 有写入æƒé™ã€‚"
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "é‡ç½®ç™»å½•å¤±è´¥è®¡æ•°ã€‚"
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr "显示新于 <replaceable>DAYS</replaceable> 的登录失败记录。"
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr ""
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "登录失败的日志文件"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "文件的结构是:"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr ""
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr "<command>expiry</command> 选项å¯ä»¥æŽ¥å—的选项有:"
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr ""
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr "如果用户密ç è¿‡æœŸï¼Œåˆ™å¼ºåˆ¶ç”¨æˆ·ä¿®æ”¹å¯†ç ã€‚"
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "更改登录 shell"
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "<command>chsh</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "å¯ç”¨çš„登录 shell 的列表。"
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "批é‡æ›´æ–°å¯†ç "
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"默认必须明文æ供密ç ï¼Œç„¶åŽç”± <command>chpasswd</command> 加密。如果存在密ç å¹´"
+"龄信æ¯ï¼Œä¹Ÿä¼šæ›´æ–°ä¹‹ã€‚"
+
+#: chpasswd.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "ENCRYPT_METHOD variable of <filename>/etc/login.defs</filename>, and can "
+#| "be overwiten with the <option>-e</option>, <option>-m</option>, or "
+#| "<option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"默认加密算法å¯ä»¥é€šè¿‡ <filename>/etc/login.defs</filename> çš„ ENCRYPT_METHOD "
+"å˜é‡è®¾ç½®ï¼Œå¹¶ä¸”å¯ä»¥ä½¿ç”¨ <option>-e</option>, <option>-m</option> 或 <option>-"
+"c</option> 选项覆盖。"
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:111(para)
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr "此命令一般用于需è¦ä¸€æ¬¡åˆ›å»ºå¾ˆå¤šç”¨æˆ·çš„大型系统。"
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr "<command>chpasswd</command> å¯ä»¥æŽ¥å—的选项有:"
+
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "å¯ç”¨çš„方法有 DES,MD5 å’Œ NONE。"
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "默认,使用 PAM æ¥åŠ å¯†å¯†ç ã€‚"
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "æ供的密ç æ˜¯å·²ç»åŠ å¯†äº†çš„"
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr "如果æ供的密ç æ²¡æœ‰åŠ å¯†ï¼Œåˆ™ä½¿ç”¨ MD5 加密而ä¸æ˜¯ DES。"
+
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr "è®°ä½è¦è®¾ç½®æƒé™æˆ–者掩ç æ¥é˜»æ­¢å…¶å®ƒç”¨æˆ·å¯¹æœªåŠ å¯†æ–‡ä»¶çš„读å–。"
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "<command>chpasswd</command> çš„ PAM é…置。"
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "批é‡æ›´æ–°ç»„密ç "
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"<command>chgpasswd</command> 命令从标准输入读å–一系列组å和密ç å¯¹ï¼Œå¹¶ä½¿ç”¨æ­¤ä¿¡"
+"æ¯æ›´æ–°è¿™äº›å­˜åœ¨çš„组。æ¯è¡Œçš„æ ¼å¼å¦‚下:"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"默认上,æ供的密ç å¿…须是明ç æ–‡æœ¬ï¼Œç„¶åŽç”± <command>chgpasswd</command> 加密。"
+
+#: chgpasswd.8.xml:92(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "ENCRYPT_METHOD variable of <filename>/etc/login.defs</filename>, and can "
+#| "be overwiten with the <option>-e</option>, <option>-m</option>, or "
+#| "<option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"默认加密算法å¯ä»¥é€šè¿‡ <filename>/etc/login.defs</filename> çš„ ENCRYPT_METHOD "
+"å˜é‡è®¾ç½®ï¼Œå¹¶ä¸”å¯ä»¥ä½¿ç”¨ <option>-e</option>, <option>-m</option> 或 <option>-"
+"c</option> 选项覆盖。"
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr "<command>chgpasswd</command> å¯ä»¥æŽ¥å—的选项有:"
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "更改真å和信æ¯"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "<command>chfn</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "更改用户的全å"
+
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr ""
+
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr ""
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr ""
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "更改用户密ç è¿‡æœŸä¿¡æ¯"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "<command>chage</command> 命令å¯ä»¥æŽ¥å—的选项有:"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"<replaceable>EXPIRE_DATE</replaceable> 设置为 <emphasis remap=\"I\">-1</"
+"emphasis> 会移除账户的过期日期。"
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"<replaceable>INACTIVE</replaceable> 设置为 <emphasis remap=\"I\">-1</"
+"emphasis> 会移除账户ç¦ç”¨åŠŸèƒ½ã€‚"
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "现实账户年龄信æ¯ã€‚"
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+#, fuzzy
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"设置密ç æœ‰æ•ˆçš„最大天数。<replaceable>MAX_DAYS</replaceable> 加 "
+"<replaceable>LAST_DAY</replaceable> å°äºŽå½“å‰æ—¥æœŸæ—¶ï¼Œä¼šè¦æ±‚用户更改密ç ï¼Œå¦åˆ™"
+"ä¸èƒ½ä½¿ç”¨æ­¤è´¦æˆ·ã€‚"
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"<replaceable>MAX_DAYS</replaceable> 设置为 <emphasis remap=\"I\">-1</"
+"emphasis> 会移除密ç æœ‰æ•ˆæ€§æ£€æŸ¥ã€‚"
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+
+#: chage.1.xml:213(para)
+#, fuzzy
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"设置在è¦æ±‚更改密ç ä¹‹å‰å‡ å¤©å¼€å§‹è­¦å‘Šã€‚<replaceable>WARN_DAYS</replaceable> 选项"
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"如果没有选择任何选项,<command>chage</command> 会进入交互模å¼ï¼Œä»¥æ‰€æœ‰å­—段的当"
+"å‰å€¼æ示用户。输入一个新值å¯ä»¥æ›´æ”¹è¿™äº›å­—段,或者留空使用当å‰å€¼ã€‚当å‰å€¼å‡ºçŽ°åœ¨ "
+"<emphasis>[ ]</emphasis> 标记对里。"
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr "<command>chage</command> 需è¦æœ‰ä¸€ä¸ªå½±å­å¯†ç æ–‡ä»¶æ‰å¯ç”¨ã€‚"
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"åªæœ‰ root æ‰å¯ä»¥ä½¿ç”¨ <command>chage</command>,一个特殊情况是 <option>-l</"
+"option> 选项,用æ¥è®©éžç‰¹æƒç”¨æˆ·è§‰å¾—自己的密ç æˆ–账户何时过期。"
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "无法找到影å­å¯†ç æ–‡ä»¶"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>chage</command> 命令有如下退出值:<placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr "YunQiang Su <wzssyqa@gmail.com>, 2010."
+
+#~ msgid "-M"
+#~ msgstr "-M"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "无法创建邮箱"
+
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "用户登录使用的 SELinux 用户。默认值就留空,会让系统选择默认的 SELinux 用"
+#~ "户。"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "新用户"
+
+#~ msgid "full_name"
+#~ msgstr "full_name"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "room_no"
+
+#~ msgid "work_ph"
+#~ msgstr "work_ph"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "home_ph"
+
+#~ msgid "other"
+#~ msgstr "其它"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
diff --git a/man/porttime.5.xml b/man/porttime.5.xml
new file mode 100644
index 0000000..e28ce60
--- /dev/null
+++ b/man/porttime.5.xml
@@ -0,0 +1,149 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1989 - 1990, Julianne Frances Haugh
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='porttime.5'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1989</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>porttime</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>porttime</refname>
+ <refpurpose>port access time file</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ <emphasis remap='I'>porttime</emphasis> contains a list of tty
+ devices, user names, and permitted login times.
+ </para>
+
+ <para>
+ Each entry consists of three colon separated fields. The first field
+ is a comma separated list of tty devices, or an asterisk to indicate
+ that all tty devices are matched by this entry. The second field is a
+ comma separated list of user names, or an asterisk to indicated that
+ all user names are matched by this entry. The third field is a comma
+ separated list of permitted access times.
+ </para>
+
+ <para>
+ Each access time entry consists of zero or more days of the week,
+ abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>,
+ <emphasis>Tu</emphasis>, <emphasis>We</emphasis>,
+ <emphasis>Th</emphasis>, <emphasis>Fr</emphasis>, and
+ <emphasis>Sa</emphasis>, followed by a pair of times separated by a
+ hyphen. The abbreviation <emphasis>Wk</emphasis> may be used to
+ represent Monday thru Friday, and <emphasis>Al</emphasis> may be used
+ to indicate every day. If no days are given, <emphasis>Al</emphasis>
+ is assumed.
+ </para>
+ </refsect1>
+
+ <refsect1 id='examples'>
+ <title>EXAMPLES</title>
+ <para>
+ The following entry allows access to user <emphasis
+ remap='B'>jfh</emphasis> on every port during weekdays from 9am to
+ 5pm.
+ </para>
+
+ <para> *:jfh:Wk0900-1700</para>
+
+ <para>
+ The following entries allow access only to the users
+ <emphasis>root</emphasis> and <emphasis>oper</emphasis> on
+ <filename>/dev/console</filename> at any time. This illustrates how
+ the <filename>/etc/porttime</filename> file is an ordered list of
+ access times. Any other user would match the second entry which does
+ not permit access at any time.
+ </para>
+
+ <programlisting>
+ console:root,oper:Al0000-2400
+ console:*:
+ </programlisting>
+
+ <para>
+ The following entry allows access for the user
+ <emphasis>games</emphasis> on any port during non-working hours.
+ </para>
+
+ <para> *:games:Wk1700-0900,SaSu0000-2400</para>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/porttime</filename></term>
+ <listitem>
+ <para>File containing port access.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/pt_BR/Makefile.am b/man/pt_BR/Makefile.am
new file mode 100644
index 0000000..f0773a7
--- /dev/null
+++ b/man/pt_BR/Makefile.am
@@ -0,0 +1,12 @@
+
+mandir = @mandir@/pt_BR
+
+man_MANS = \
+ man1/gpasswd.1 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmod.8 \
+ man5/passwd.5 \
+ man5/shadow.5
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/pt_BR/man1/gpasswd.1 b/man/pt_BR/man1/gpasswd.1
new file mode 100644
index 0000000..cccb459
--- /dev/null
+++ b/man/pt_BR/man1/gpasswd.1
@@ -0,0 +1,93 @@
+.\" Copyright 1996, Rafal Maszkowski, rzm@pdi.net
+.\"
+.\" É permitida a confecção e distribuição deste manual, devidamente
+.\" acompanhado dos avisos de direitos autorais e desta permissão
+.\" em todas as cópias.
+.\"
+.\" É permitida a cópia e distribuição de versões modificadas deste manual
+.\" sob as condições acima, e que todo o trabalho derivado seja distribuido
+.\" sob as mesmas condições deste manual.
+.\"
+.\" Uma vez que o kernel do Linux e suas bibliotecas estão constantemente
+.\" mudando, esta página de manual poderá estar incorreta ou desatualizada.
+.\" O(s) autor(es) não assumem responsabilidade por erros ou omissões,
+.\" ou por danos resultantes do uso das informações aqui contidas.
+.\"
+.\" Versões formatadas ou processadas deste manual, desacompanhadas dos
+.\" fontes, devem conter a autorização e os direitos autorais dos autores do
+.\" trabalho.
+.\"
+.\" Você deve receber uma cópia da Licença Pública GNU
+.\" junto com este manual; caso contrário, escreva para a Free Software
+.\" Foundation, Inc., 675 mass Ave, Cambridge, MA 02139 USA ou
+.\" em português na Conectiva Informática \- http://www.conectiva.com.br
+.\"
+.\" $Id$
+.\"
+.TH GPASSWD 1
+.SH NOME
+gpasswd \- administra o arquivo \fI/etc/group\fR
+.br
+.SH SINOPSE
+\fBgpasswd\fR \fIgrupo\fR
+.br
+\fBgpasswd \-a\fR \fIusuário\fR \fIgrupo\fR
+.br
+\fBgpasswd \-d\fR \fIusuário\fR \fIgrupo\fR
+.br
+\fBgpasswd \-R\fR \fIgrupo\fR
+.br
+.B gpasswd
+.B \-r
+\fIgrupo\fR
+.br
+.B gpasswd
+.RB [ \-A
+\fIusuário\fR,...]
+.RB [ \-M
+\fIusuário\fR,...]
+\fIgrupo\fR
+.br
+.SH DESCRIÇÃO
+O
+.B gpasswd
+é utilizado para administrar o arquivo \fI/etc/group\fR (e o arquivo
+\fI/etc/gshadow\fR, caso compilado com SHADOWGRP).
+Todos os grupos podem ter administradores, membros e uma senha. O
+administrador do sistema pode usar a opção \fB\-A\fR para definir o
+administrador do grupo e \fB\-M\fR para definir os membros e todos os seus
+direitos assim como os do administrador.
+.PP
+Administradores de grupos podem adicionar e excluir usuários utilizando as
+opções \fB\-a\fR e \fB\-d\fR respectivamente. Administradores podem usar a opção
+\fB\-r\fR para remover a senha de um grupo. Quando não há senhas definidas
+para um grupo, somente os membros do grupo podem usar o comando
+.BR newgrp (1)
+para adicionar novos usuários ao grupo . A opção \fB\-R\fR
+desabilita o acesso ao grupo através do comando
+.BR newgrp (1)
+.
+.PP
+O
+.B gpasswd
+executado pelo administrador do grupo seguido pelo nome
+solicitará a senha do grupo. Caso o comando
+.BR newgrp (1)
+esteja habilitado para outros usuários do grupo sem o uso de senha, não
+membros podem também executar o comando, informando porém a senha do grupo.
+.SH ARQUIVOS
+\fI/etc/group\fR \- informações do grupo
+.br
+\fI/etc/gshadow\fR \- informações do grupo em arquivo shadow
+.SH VEJA TAMBÉM
+.BR newgrp (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR grpck (8)
+.SH TRADUÇÃO E REVISÃO PARA A LÃNGUA PORTUGUESA
+Sandro Nunes Henrique <sandro@conectiva.com.br> (tradução)
+.br
+Rodrigo Stulzer Lopes <rodrigo@conectiva.com.br> (revisão)
+.br
+Guilherme de S. Pastore <gpastore@colband.com.br> (revisão)
diff --git a/man/pt_BR/man5/passwd.5 b/man/pt_BR/man5/passwd.5
new file mode 100644
index 0000000..211c789
--- /dev/null
+++ b/man/pt_BR/man5/passwd.5
@@ -0,0 +1,133 @@
+.\" -*- nroff -*-
+.\" Copyright (c) 1993 Michael Haardt (michael@moria.de), Fri Apr 2 11:32:09 MET DST 1993
+.\"
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.\" Modified Mon Jan 5 20:24:40 MET 1998 by Michael Haardt
+.\" (michael@cantor.informatik.rwth-aachen.de)
+.TH PASSWD 5 "5/01/1998" "" "Formatos de Arquivo"
+.SH NOME
+passwd \- arquivo de senhas
+.SH DESCRIÇÃO
+.B Passwd
+é um arquivo texto, que contém a lista de contas do sistema,
+fornecendo para cada conta qualquer informação útil como identificação numérica do usuário,
+identificação numérica do grupo, diretório do usuário, interpretador de comandos, etc.
+Freqüentemente ele contém as senhas criptografadas para cada conta.
+Ele deveria ter permissão total de leitura (muitos utilitários, como
+.BR ls (1)
+usa-o para mapear as identificações dos usuários para nome de usuários), mas
+a permissão de escrita é apenas para o superusuário.
+.PP
+Nos bons e velhos dias não havia grandes problemas com esta permissão total
+de leitura. Todos podiam ler as senhas criptografadas, mas o hardware era
+muito lento para quebrar as senhas bem escolhidas, e além disso, a suposição fundamental
+usada era que toda comunidade de usuários era amigável. Atualmente muitas
+pessoas executam alguma versão da suite shadow password, onde
+.I /etc/passwd
+tem *'s ao invéz de senhas criptografadas, e as senhas criptorafadas estão em
+.I /etc/shadow
+o qual é legível apenas para o superusuário.
+.PP
+Apesar de que senhas shadow serem usadas, muitos administradores de
+sistemas usam
+estrelas no campo de senhas criptografadas para ter certeza que este usuário
+autentique-se a si mesmo(a) usando uma senha. (Mas veja as Notas abaixo.)
+.PP
+Se você cria um nova conta, primeiro coloque asteriscos no campo de
+senhas, então use
+.BR passwd (1)
+para seleciona-lá.
+.PP
+Há apenas um lançamento por linha, e cada linha tem o formato:
+.sp
+.RS
+account:password:UID:GID:GECOS:directory:shell
+.RE
+.sp
+As descrições dos campos são:
+.sp
+.RS
+.TP 1.0in
+.I account
+o nome dos usuários do sistema. Ele não deveria conter letras maiúsculas.
+.TP
+.I password
+a senha criptografada do usuários ou asteriscos.
+.TP
+.I UID
+a identificação numérica do usuário.
+.TP
+.I GID
+a identificação do grupo primário para este usuário.
+.TP
+.I GECOS
+Este campo é opcional e somente usado para propósitos informativos.
+Usualmente, ele contém o nome completo do usuário. GECOS significa General Electric
+Comprehensive Operating System, que foi renomeado para GCOS quando
+a divissão de grandes sistemas da GE foi vendida para Honeywell. Dennis Ritchie havia
+relatado: "Algumas vezes nós mandamos uma saída para a impressora ou trabalhos em lote
+para um máquina GCOS. O campo gcos no arquivo de senhas estava no lugar
+para esconder a informação para o $IDENTcard. Não elegante."
+.TP
+.I directory
+o diretório do usuário ($HOME).
+.TP
+.I shell
+o interpretador de comando usados depois do login (se vazio, usa o
+.BR /bin/sh ).
+Se selecionado um executável que não existe, o usuário ficará incapaz de
+logar através de
+.BR login (1).
+.RE
+.SH NOTAS
+Se você quiser criar grupos de usuários, as GIDs devem ser iguais e devem
+ter um lançamento no \fI/etc/group\fP, ou o grupo não existe.
+.PP
+Se a senha criptografada é selecionada como asteriscos, o usuário ficará
+apto para logar usando
+.BR login (1),
+mas talvez logar usando
+.BR rlogin (1),
+executar processos existentes e iniciar novos através de
+.BR rsh (1)
+ou
+.BR cron (1)
+ou
+.BR at (1)
+ou filtros de correio, etc. Tentativa para fechar um conta por simples
+mudança do campo
+shell produz o mesmo resultado e adicionalmente permite o uso de
+.BR su (1).
+.SH ARQUIVOS
+.I /etc/passwd
+.SH "VEJA TAMBÉM"
+.BR passwd (1),
+.BR login (1),
+.BR su (1),
+.BR group (5),
+.BR shadow (5)
+.SH TRADUZIDO POR LDP-BR em 21/08/2000.
+\&\fR\&\f(CWAndré L. Fassone Canova <lonelywolf@blv.com.br> (tradução)\fR
+\&\fR\&\f(CWRoberto Selbach Teixeira <robteix@zaz.com.br> (revisão)\fR
diff --git a/man/pt_BR/man5/shadow.5 b/man/pt_BR/man5/shadow.5
new file mode 100644
index 0000000..8f7c395
--- /dev/null
+++ b/man/pt_BR/man5/shadow.5
@@ -0,0 +1,81 @@
+.\" $Id$
+.\" Copyright 1989 \- 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH SHADOW 5
+.SH NOME
+shadow \- arquivo de senhas criptografadas
+.SH DESCRIÇÃO
+.I shadow
+contém as informações de senhas criptografadas das contas dos usuários e opcionalmente a informação de idade da senha.
+Contém:
+.IP "" .5i
+Nome de acesso.
+.IP "" .5i
+Senha criptografada.
+.IP "" .5i
+Dias decorridos entre 1 de janeiro de 1970 e a última alteração da senha.
+.IP "" .5i
+Número de dias até que a senha deva ser alterada.
+.IP "" .5i
+Número de dias após o qual a senha deve ser alterada.
+.IP "" .5i
+Número de dias antes da expiração da senha no qual o usuário será avisado.
+.IP "" .5i
+Número de dias após a expiração da senha que a conta deve ser desabilitada.
+.IP "" .5i
+Dias decorridos entre 1 de janeiro de 1970 e a data em que a conta foi desabilitada.
+.IP "" .5i
+Campo reservado.
+.PP
+O campo senha deve ser preenchido. A senha criptografada consiste de 13 a 24 caracteres entre os 64 caracteres alfabéticos \- de a até z e de A até Z, além de 0 a 9, \. e /. Verifique em \fBcrypt\fR(3) por maiores detalhes de como esta cadeia de caracteres é interpretada.
+.PP
+A data da última mudança da senha é dada pelo número de dias desde 1 de janeiro de 1970. A senha não pode ser alterada novamente até que um determinado número de dias tenha se passado, e deve ser alterada após um número máximo de dias. Se o número mínimo de dias for maior que o número máximo, a senha não pode ser alterada pelo usuário.
+.PP
+uma conta é considerada inativa e desabilitada se a senha não foi alterada dentro de um determinado número de dias após a expiração das senhas. Uma conta poderá ser desabilitada ainda no dia especificado, independentemente de qualquer informação de expiração da senha.
+.PP
+Esta informação sobrepõe\-se a qualquer senha ou idade de senha presente no arquivo.
+.PP
+Este arquivo não poderá ser acessado por usuários comuns, caso deseje manter a segurança das senhas.
+.SH ARQUIVOS
+\fI/etc/passwd\fR \- informações das contas de usuários
+.br
+\fI/etc/shadow\fR \- senhas de usuários criptografadas
+.SH VEJA TAMBÉM
+.BR chage (1),
+.BR login (1),
+.BR passwd (1),
+.BR su (1),
+.BR shadow (3),
+.BR passwd (5),
+.BR pwconv (8),
+.BR pwunconv (8),
+.BR sulogin (8)
+.SH AUTOR
+Julianne Frances Haugh (jfh@tab.com)
+.SH TRADUÇÃO E REVISÃO PARA A LÃNGUA PORTUGUESA
+Sandro Nunes Henrique <sandro@conectiva.com.br> (tradução)
+Rodrigo Stulzer Lopes <rodrigo@conectiva.com.br> (revisão)
diff --git a/man/pt_BR/man8/groupadd.8 b/man/pt_BR/man8/groupadd.8
new file mode 100644
index 0000000..7ac0303
--- /dev/null
+++ b/man/pt_BR/man8/groupadd.8
@@ -0,0 +1,83 @@
+.\" Copyright 1991, Julianne Frances Haugh
+.\" Todos os direitos reservados.
+.\"
+.\" É permitida a confecção e distribuição deste manual, devidamente
+.\" acompanhado dos avisos de direitos autorais e desta permissão
+.\" em todas as cópias.
+.\"
+.\" É permitida a cópia e distribuição de versões modificadas deste manual
+.\" sob as condições acima, e que todo o trabalho derivado seja distribuído
+.\" sob as mesmas condições deste manual.
+.\"
+.\" Uma vez que o kernel do Linux e suas bibliotecas estão constantemente
+.\" mudando, esta página de manual poderá estar incorreta ou desatualizada.
+.\" O(s) autor(es) não assumem responsabilidade por erros ou omissões,
+.\" ou por danos resultantes do uso das informações aqui contidas.
+.\"
+.\" Versões formatadas ou processadas deste manual, desacompanhadas dos
+.\" fontes, devem conter a autorização e os direitos autorais dos autores do
+.\" trabalho.
+.\"
+.\" Você deve receber uma cópia da Licença Pública GNU
+.\" junto com este manual; caso contrário, escreva para a Free Software
+.\" Foundation, Inc., 675 mass Ave, Cambridge, MA 02139 USA ou
+.\" em português na Conectiva Informática Ltda. \- http://www.conectiva.com.br
+.\"
+.\"
+.\"
+.\" $Id$
+.\"
+.TH GROUPADD 8
+.SH NOME
+groupadd \- Criar um novo grupo
+.SH SINOPSE
+\fBgroupadd\fR [\fB\-g\fR \fIgid\fR [\fB\-o\fR]] [\fB\-f\fR] \fIgrupo\fR
+.SH DESCRIÇÃO
+O comando \fBgroupadd\fR cria um novo grupo usando valores especificados na
+linha de comando e os valores padrões do sistema. O novo grupo será criado
+nos arquivos do sistema, conforme o requerido. As opções que aplicam\-se ao
+comando \fBgroupadd\fR são
+.IP \fB\-f\fR
+Este é o indicador \fIforce\fR . Ele não irá parar o processamento do
+\fBgroupadd\fR e não finalizará o programa, caso um grupo que esteja sendo
+criado já exista no sistema. Neste caso, o grupo não será alterado(ou
+adicionado novamente).
+.IP "\fB\-g \fIgid\fR"
+A identificação numérica do grupo é denominada ID. Este valor deve ser
+único, a menos que a opção \fB\-o\fR seja usada. O valor deve ser não
+negativo, e o padrão é o menor valor maior que 500 e o maior que qualquer
+outro grupo. Valores entre 0 e 999 são tipicamente reservados para \fIcontas
+do sistema\fR.
+.IP \fB\-r\fR
+Este indicador instrui \fBgroupadd\fR a adicionar uma \fIconta do sistema
+\fR. A primeira identificação de grupo \fI(gid)\fR menor que 999 será
+automaticamente selecionada a menos que a opção \fB\-g\fR seja informada
+também.
+.BR
+Esta é uma informação disponibilizada pela Red Hat Software.
+.BR
+Esta opção também modifica o modo como a opção \fB\-g\fR funciona. Ao
+solicitar um \fIgid\fR que não seja único e ao não informar a opção
+\fB\-o\fR, a criação do grupo , a criação terá o comportamento padrão
+(adicionando um grupo como se as opções \fB\-g\fR ou \fB\-o\fR \fBnão\fR
+fossem especificadas).
+.BR
+.SH ARQUIVOS
+\fI/etc/group\fR \- informações sobre o grupo
+.br
+\fI/etc/gshadow\fR \- informações seguras sobre o grupo
+.br
+.SH VEJA TAMBÉM
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH AUTOR
+Julianne Frances Haugh (jfh@tab.com)
+.SH TRADUÇÃO E REVISÃO PARA A LÃNGUA PORTUGUESA
+Sandro Nunes Henrique <sandro@conectiva.com.br> (tradução)
+Rodrigo Stulzer Lopes <rodrigo@conectiva.com.br> (revisão)
diff --git a/man/pt_BR/man8/groupdel.8 b/man/pt_BR/man8/groupdel.8
new file mode 100644
index 0000000..61292e6
--- /dev/null
+++ b/man/pt_BR/man8/groupdel.8
@@ -0,0 +1,59 @@
+.\" Copyright 1991 \- 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Todos os direitos reservados.
+.\"
+.\" É permitida a confecção e distribuição deste manual, devidamente
+.\" acompanhado dos avisos de direitos autorais e desta permissão
+.\" em todas as cópias.
+.\"
+.\" É permitida a cópia e distribuição de versões modificadas deste manual
+.\" sob as condições acima, e que todo o trabalho derivado seja distribuído
+.\" sob as mesmas condições deste manual.
+.\"
+.\" Uma vez que o kernel do Linux e suas bibliotecas estão constantemente
+.\" mudando, esta página de manual poderá estar incorreta ou desatualizada.
+.\" O(s) autor(es) não assumem responsabilidade por erros ou omissões,
+.\" ou por danos resultantes do uso das informações aqui contidas.
+.\"
+.\" Versões formatadas ou processadas deste manual, desacompanhadas dos
+.\" fontes, devem conter a autorização e os direitos autorais dos autores do
+.\" trabalho.
+.\"
+.\" Você deve receber uma cópia da Licença Pública GNU
+.\" junto com este manual; caso contrário, escreva para a Free Software
+.\" Foundation, Inc., 675 mass Ave, Cambridge, MA 02139 USA ou
+.\" em português na Conectiva Informática Ltda. \- http://www.conectiva.com.br.\"
+.\"
+.\" $Id$
+.\"
+.TH GROUPDEL 8
+.SH NOME
+groupdel \- Apaga um grupo
+.SH SINOPSE
+.B groupdel
+.I grupo
+.SH DESCRIÇÃO
+O comando \fBgroupdel\fR modifica os arquivos de contas do sistema, apagando todas as referências ao \fIgrupo\fR. O grupo a ser apagado deve existir.
+.PP
+Deve\-se manualmente checar os sistemas de arquivos para garantir que nenhum dos arquivos permanece com o grupo ou com a sua identificação.
+.SH DICAS
+Não se deve remover o grupo primário de um grupo existente. Deve\-se remover os usuários, antes de se remover o grupo.
+.SH ARQUIVOS
+\fI/etc/group\fR \- informações do grupo
+.br
+\fI/etc/gshadow\fR \- informações seguras do grupo
+.SH VEJA TAMBÉM
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH AUTOR
+Julianne Frances Haugh (jfh@tab.com)
+.SH TRADUÇÃO E REVISÃO PARA A LÃNGUA PORTUGUESA
+Sandro Nunes Henrique <sandro@conectiva.com.br> (tradução)
+Rodrigo Stulzer Lopes <rodrigo@conectiva.com.br> (revisão)
diff --git a/man/pt_BR/man8/groupmod.8 b/man/pt_BR/man8/groupmod.8
new file mode 100644
index 0000000..fec97d1
--- /dev/null
+++ b/man/pt_BR/man8/groupmod.8
@@ -0,0 +1,61 @@
+.\" $Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" Todos os direitos reservados.
+.\"
+.\" É permitida a confecção e distribuição deste manual, devidamente
+.\" acompanhado dos avisos de direitos autorais e desta permissão
+.\" em todas as cópias.
+.\"
+.\" É permitida a cópia e distribuição de versões modificadas deste manual
+.\" sob as condições acima, e que todo o trabalho derivado seja distribuído
+.\" sob as mesmas condições deste manual.
+.\"
+.\" Uma vez que o kernel do Linux e suas bibliotecas estão constantemente
+.\" mudando, esta página de manual poderá estar incorreta ou desatualizada.
+.\" O(s) autor(es) não assumem responsabilidade por erros ou omissões,
+.\" ou por danos resultantes do uso das informações aqui contidas.
+.\"
+.\" Versões formatadas ou processadas deste manual, desacompanhadas dos
+.\" fontes, devem conter a autorização e os direitos autorais dos autores do
+.\" trabalho.
+.\"
+.\" Você deve receber uma cópia da Licença Pública GNU
+.\" junto com este manual; caso contrário, escreva para a Free Software
+.\" Foundation, Inc., 675 mass Ave, Cambridge, MA 02139 USA ou
+.\" em português na Conectiva Informática Ltda. \- http://www.conectiva.com.br
+.TH GROUPMOD 8
+.SH NOME
+groupmod \- Modifica um grupo
+.SH SINOPSE
+\fBgroupmod\fR [\fB\-g\fR \fIgid\fR [\fB\-o\fR]] [\fB\-n\fR \fInome_grupo\fR] \fIgrupo\fR
+.SH DESCRIÇÃO
+O comando \fBgroupmod\fR modifica os arquivos de contas do sistema para as
+novas configuraXXes informadas na linha de comando. As opXXes que aplicam\-se
+ao comando \fIgroupmod\fR sXo:
+.IP "\fB\-g\fR \fIgid\fR"
+O valor numXrico de identificaXXo do grupo X denominada GID. Este valor deve
+ser Xnico, a menos que a opXXo \fB\-o\fR seja usada. O valor dever ser nXo
+negativo. Valores entre 0 e 999 sXo tipicamente reservados para grupos do
+sistema. Quaisquer arquivos com uma identificaXXo antiga de grupo devem ter
+o ID mudado manualmente.
+.IP "\fB\-n\fR \fInome_grupo\fR"
+O nome do grupo irá ser alterado de \fIgroup\fR para
+\fInome_grupo\fR.
+.SH ARQUIVOS
+\fI/etc/group\fR \- Informações do grupo
+.br
+\fI/etc/gshadow\fR \- informações seguras do grupo
+.SH VEJA TAMBÉM
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH AUTOR
+Julianne Frances Haugh (jfh@tab.com)
+.SH TRADUÇÃO E REVISÃO PARA A LÃNGUA PORTUGUESA
+Sandro Nunes Henrique <sandro@conectiva.com.br> (tradução)
+Rodrigo Stulzer Lopes <rodrigo@conectiva.com.br> (revisão)
diff --git a/man/pwck.8.xml b/man/pwck.8.xml
new file mode 100644
index 0000000..25952df
--- /dev/null
+++ b/man/pwck.8.xml
@@ -0,0 +1,363 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1992 , Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
+<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
+<!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+<!ENTITY TCB_AUTH_GROUP SYSTEM "login.defs.d/TCB_AUTH_GROUP.xml">
+<!ENTITY TCB_SYMLINKS SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
+<!ENTITY USE_TCB SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='pwck.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1992</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>pwck</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>pwck</refname>
+ <refpurpose>verify integrity of password files</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>pwck</command>
+ <arg choice='opt'>options</arg>
+ <arg choice='opt'>
+ <arg choice='plain'>
+ <replaceable>passwd</replaceable>
+ </arg>
+ <arg choice='opt'>
+ <arg choice='plain'>
+ <replaceable>shadow</replaceable>
+ </arg>
+ </arg>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>pwck</command> command verifies the integrity of the
+ users and authentication information. It checks that all entries in
+ <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>
+ <phrase condition="tcb">(or the files in
+ <filename>/etc/tcb</filename>, when <option>USE_TCB</option> is
+ enabled)</phrase>
+ have the proper format and contain valid data.
+ The user is prompted to delete entries that are
+ improperly formatted or which have other uncorrectable errors.
+ </para>
+
+ <para>Checks are made to verify that each entry has:</para>
+ <itemizedlist mark='bullet'>
+ <listitem>
+ <para>the correct number of fields</para>
+ </listitem>
+ <listitem>
+ <para>a unique and valid user name</para>
+ </listitem>
+ <listitem>
+ <para>a valid user and group identifier</para>
+ </listitem>
+ <listitem>
+ <para>a valid primary group</para>
+ </listitem>
+ <listitem>
+ <para> a valid home directory</para>
+ </listitem>
+ <listitem>
+ <para>a valid login shell</para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
+ <filename>shadow</filename> checks are enabled when a second file
+ parameter is specified or when <filename>/etc/shadow</filename>
+ exists on the system.
+ </para>
+ <para>
+ These checks are the following:
+ </para>
+ <itemizedlist mark='bullet'>
+ <listitem>
+ <para>
+ every passwd entry has a matching shadow entry, and every shadow
+ entry has a matching passwd entry
+ </para>
+ </listitem>
+ <listitem>
+ <para>passwords are specified in the shadowed file</para>
+ </listitem>
+ <listitem>
+ <para>shadow entries have the correct number of fields</para>
+ </listitem>
+ <listitem>
+ <para>shadow entries are unique in shadow</para>
+ </listitem>
+ <listitem>
+ <para>the last password changes are not in the future</para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
+ The checks for correct number of fields and unique user name are
+ fatal. If the entry has the wrong number of fields, the user will be
+ prompted to delete the entire line. If the user does not answer
+ affirmatively, all further checks are bypassed. An entry with a
+ duplicated user name is prompted for deletion, but the remaining
+ checks will still be made. All other errors are warning and the user
+ is encouraged to run the <command>usermod</command> command to correct
+ the error.
+ </para>
+
+ <para>
+ The commands which operate on the <filename>/etc/passwd</filename>
+ file are not able to alter corrupted or duplicated entries.
+ <command>pwck</command> should be used in those circumstances to
+ remove the offending entry.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The <option>-r</option> and <option>-s</option> options cannot be
+ combined.
+ </para>
+ <para>
+ The options which apply to the <command>pwck</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-q</option>, <option>--quiet</option></term>
+ <listitem>
+ <para>
+ Report errors only. The warnings which do not require any
+ action from the user won't be displayed.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-r</option>, <option>--read-only</option></term>
+ <listitem>
+ <para>
+ Execute the <command>pwck</command> command in read-only mode.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-s</option>, <option>--sort</option></term>
+ <listitem>
+ <para>
+ Sort entries in <filename>/etc/passwd</filename> and
+ <filename>/etc/shadow</filename> by UID.
+ </para>
+ <para condition="tcb">
+ This option has no effect when <option>USE_TCB</option> is enabled.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ By default, <command>pwck</command> operates on the files
+ <filename>/etc/passwd</filename> and
+ <filename>/etc/shadow</filename><phrase condition="tcb"> (or the
+ files in <filename>/etc/tcb</filename>)</phrase>.
+ The user may select alternate files with the
+ <replaceable>passwd</replaceable> and
+ <replaceable>shadow</replaceable> parameters.
+ </para>
+ <para condition="tcb">
+ Note that when <option>USE_TCB</option> is enabled, you cannot
+ specify an alternative <replaceable>shadow</replaceable> file. In
+ future releases, this parameter could be replaced by an alternate
+ TCB directory.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &PASS_MAX_DAYS;
+ &PASS_MIN_DAYS;
+ &PASS_WARN_AGE;
+ &TCB_AUTH_GROUP;
+ &TCB_SYMLINKS;
+ &USE_TCB;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='exit_values'>
+ <title>EXIT VALUES</title>
+ <para>
+ The <command>pwck</command> command exits with the following values:
+ <variablelist>
+ <varlistentry>
+ <term><replaceable>0</replaceable></term>
+ <listitem>
+ <para>success</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>1</replaceable></term>
+ <listitem>
+ <para>invalid command syntax</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>2</replaceable></term>
+ <listitem>
+ <para>one or more bad password entries</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>3</replaceable></term>
+ <listitem>
+ <para>can't open password files</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>4</replaceable></term>
+ <listitem>
+ <para>can't lock password files</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>5</replaceable></term>
+ <listitem>
+ <para>can't update password files</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>6</replaceable></term>
+ <listitem>
+ <para>can't sort password files</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/pwconv.8.xml b/man/pwconv.8.xml
new file mode 100644
index 0000000..3e26498
--- /dev/null
+++ b/man/pwconv.8.xml
@@ -0,0 +1,281 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
+<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
+<!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+<!ENTITY USE_TCB SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='pwconv.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Marek</firstname>
+ <surname>Michałkiewicz</surname>
+ <contrib>Creation, 1996</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>pwconv</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>pwconv</refname>
+ <refname>pwunconv</refname>
+ <refname>grpconv</refname>
+ <refname>grpunconv</refname>
+ <refpurpose>convert to and from shadow passwords and groups</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>pwconv</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <command>pwunconv</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <command>grpconv</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <command>grpunconv</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>pwconv</command> command creates <emphasis
+ remap='I'>shadow</emphasis> from <emphasis remap='I'>passwd</emphasis>
+ and an optionally existing <emphasis remap='I'>shadow</emphasis>.
+ </para>
+ <para condition="tcb">
+ <command>pwconv</command> does not work with
+ <option>USE_TCB</option> enabled. To convert to tcb passwords, you
+ should first use <command>pwconv</command> to convert to shadowed
+ passwords by disabling <option>USE_TCB</option> in
+ <filename>login.defs</filename> and then convert to tcb password
+ using <command>tcb_convert</command> (and re-enable
+ <option>USE_TCB</option> in <filename>login.defs</filename>.)
+ </para>
+
+ <para>
+ The <command>pwunconv</command> command creates <emphasis
+ remap='I'>passwd</emphasis> from <emphasis remap='I'>passwd</emphasis>
+ and <emphasis remap='I'>shadow</emphasis> and then removes <emphasis
+ remap='I'>shadow</emphasis>.
+ </para>
+ <para condition="tcb">
+ <command>pwunconv</command> does not work with
+ <option>USE_TCB</option> enabled. You should first switch back from
+ tcb to shadowed passwords using <command>tcb_unconvert</command>,
+ and then disable <option>USE_TCB</option> in
+ <filename>login.defs</filename> before using
+ <command>pwunconv</command>.
+ </para>
+
+ <para>
+ The <command>grpconv</command> command creates <emphasis
+ remap='I'>gshadow</emphasis> from <emphasis remap='I'>group</emphasis>
+ and an optionally existing <emphasis remap='I'>gshadow</emphasis>.
+ </para>
+
+ <para>
+ The <command>grpunconv</command> command creates <emphasis
+ remap='I'>group</emphasis> from <emphasis remap='I'>group</emphasis>
+ and <emphasis remap='I'>gshadow</emphasis> and then removes <emphasis
+ remap='I'>gshadow</emphasis>.
+ </para>
+
+ <para>
+ These four programs all operate on the normal and shadow password and
+ group files: <filename>/etc/passwd</filename>,
+ <filename>/etc/group</filename>, <filename>/etc/shadow</filename>, and
+ <filename>/etc/gshadow</filename>.
+ </para>
+
+ <para>
+ Each program acquires the necessary locks before conversion.
+ <command>pwconv</command> and <command>grpconv</command> are similar.
+ First, entries in the shadowed file which don't exist in the main file
+ are removed. Then, shadowed entries which don't have `x' as the
+ password in the main file are updated. Any missing shadowed entries
+ are added. Finally, passwords in the main file are replaced with `x'.
+ These programs can be used for initial conversion as well to update
+ the shadowed file if the main file is edited by hand.
+ </para>
+
+ <para>
+ <command>pwconv</command> will use the values of <emphasis
+ remap='I'>PASS_MIN_DAYS</emphasis>, <emphasis
+ remap='I'>PASS_MAX_DAYS</emphasis>, and <emphasis
+ remap='I'>PASS_WARN_AGE</emphasis> from
+ <filename>/etc/login.defs</filename> when adding new entries to
+ <filename>/etc/shadow</filename>.
+ </para>
+
+ <para>
+ Likewise <command>pwunconv</command> and <command>grpunconv</command>
+ are similar. Passwords in the main file are updated from the shadowed
+ file. Entries which exist in the main file but not in the shadowed
+ file are left alone. Finally, the shadowed file is removed. Some
+ password aging information is lost by <command>pwunconv</command>. It
+ will convert what it can.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>pwconv</command>,
+ <command>pwunconv</command>, <command>grpconv</command>, and
+ <command>grpunconv</command> commands are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='bugs'>
+ <title>BUGS</title>
+ <para>
+ Errors in the password or group files (such as invalid or duplicate
+ entries) may cause these programs to loop forever or fail in other
+ strange ways. Please run <command>pwck</command> and
+ <command>grpck</command> to correct any such errors before converting
+ to or from shadow passwords or groups.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variable in
+ <filename>/etc/login.defs</filename> changes the behavior of
+ <command>grpconv</command> and <command>grpunconv</command>:
+ </para>
+ <variablelist>
+ &MAX_MEMBERS_PER_GROUP;
+ </variablelist>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of
+ <command>pwconv</command>:
+ </para>
+ <variablelist>
+ &PASS_MAX_DAYS;
+ &PASS_MIN_DAYS;
+ &PASS_WARN_AGE;
+ &USE_TCB;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry><phrase condition="tcb">,
+ <citerefentry>
+ <refentrytitle>tcb_convert</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>tcb_unconvert</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry></phrase>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/ru/Makefile.am b/man/ru/Makefile.am
new file mode 100644
index 0000000..8a776a8
--- /dev/null
+++ b/man/ru/Makefile.am
@@ -0,0 +1,66 @@
+
+mandir = @mandir@/ru
+
+man_MANS = \
+ man1/chage.1 \
+ man1/chfn.1 \
+ man8/chgpasswd.8 \
+ man8/chpasswd.8 \
+ man1/chsh.1 \
+ man1/expiry.1 \
+ man5/faillog.5 \
+ man8/faillog.8 \
+ man3/getspnam.3 \
+ man1/gpasswd.1 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmems.8 \
+ man8/groupmod.8 \
+ man1/groups.1 \
+ man8/grpck.8 \
+ man8/grpconv.8 \
+ man8/grpunconv.8 \
+ man5/gshadow.5 \
+ man8/lastlog.8 \
+ man1/login.1 \
+ man5/login.defs.5 \
+ man8/logoutd.8 \
+ man1/newgrp.1 \
+ man8/newusers.8 \
+ man8/nologin.8 \
+ man1/passwd.1 \
+ man5/passwd.5 \
+ man8/pwck.8 \
+ man8/pwconv.8 \
+ man8/pwunconv.8 \
+ man1/sg.1 \
+ man3/shadow.3 \
+ man5/shadow.5 \
+ man1/su.1 \
+ man5/suauth.5 \
+ man8/useradd.8 \
+ man8/userdel.8 \
+ man8/usermod.8 \
+ man8/vigr.8 \
+ man8/vipw.8
+
+man_nopam = \
+ man5/limits.5 \
+ man5/login.access.5 \
+ man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+ $(man_MANS) \
+ man1/id.1 \
+ man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/sg.1.xml b/man/sg.1.xml
new file mode 100644
index 0000000..012d9a5
--- /dev/null
+++ b/man/sg.1.xml
@@ -0,0 +1,166 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 , Julianne Frances Haugh
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY SYSLOG_SG_ENAB SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='sg.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>sg</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>sg</refname>
+ <refpurpose>execute command as different group ID</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>sg</command>
+ <arg choice='opt'>- </arg>
+ <arg choice='opt'>group
+ <arg choice='opt'>-c </arg>
+ command
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>sg</command> command works similar to
+ <command>newgrp</command> but accepts a command. The command will be
+ executed with the <filename>/bin/sh</filename> shell. With most shells
+ you may run <command>sg</command> from, you need to enclose multi-word
+ commands in quotes. Another difference between
+ <command>newgrp</command> and <command>sg</command> is that some
+ shells treat <command>newgrp</command> specially, replacing themselves
+ with a new instance of a shell that <command>newgrp</command> creates.
+ This doesn't happen with <command>sg</command>, so upon exit from a
+ <command>sg</command> command you are returned to your previous group
+ ID.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &SYSLOG_SG_ENAB;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>id</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry><phrase condition="gshadow">,
+ <citerefentry>
+ <refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>
+ </phrase>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/shadow.3.xml b/man/shadow.3.xml
new file mode 100644
index 0000000..edc46d5
--- /dev/null
+++ b/man/shadow.3.xml
@@ -0,0 +1,248 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1989 - 1993, Julianne Frances Haugh
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='shadow.3'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1989</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>shadow</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class="sectdesc">Library Calls</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>shadow</refname>
+ <refname>getspnam</refname>
+ <refpurpose>encrypted password file routines</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='syntax'>
+ <title>SYNTAX</title>
+ <para>
+ <emphasis>#include &lt;shadow.h&gt;</emphasis>
+ </para>
+
+ <para>
+ <emphasis>struct spwd *getspent();</emphasis>
+ </para>
+
+ <para>
+ <emphasis>struct spwd *getspnam(char</emphasis> <emphasis
+ remap='I'>*name</emphasis><emphasis>);</emphasis>
+ </para>
+
+ <para>
+ <emphasis>void setspent();</emphasis>
+ </para>
+
+ <para>
+ <emphasis>void endspent();</emphasis>
+ </para>
+
+ <para>
+ <emphasis>struct spwd *fgetspent(FILE</emphasis> <emphasis
+ remap='I'>*fp</emphasis><emphasis>);</emphasis>
+ </para>
+
+ <para>
+ <emphasis>struct spwd *sgetspent(char</emphasis> <emphasis
+ remap='I'>*cp</emphasis><emphasis>);</emphasis>
+ </para>
+
+ <para>
+ <emphasis>int putspent(struct spwd</emphasis> <emphasis
+ remap='I'>*p,</emphasis> <emphasis>FILE</emphasis> <emphasis
+ remap='I'>*fp</emphasis><emphasis>);</emphasis>
+ </para>
+
+ <para>
+ <emphasis>int lckpwdf();</emphasis>
+ </para>
+
+ <para>
+ <emphasis>int ulckpwdf();</emphasis>
+ </para>
+ </refsect1>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ <emphasis remap='I'>shadow</emphasis> manipulates the contents of the
+ shadow password file, <filename>/etc/shadow</filename>. The structure
+ in the <emphasis remap='I'>#include</emphasis> file is:
+ </para>
+ <programlisting>struct spwd {
+ char *sp_namp; /* user login name */
+ char *sp_pwdp; /* encrypted password */
+ long int sp_lstchg; /* last password change */
+ long int sp_min; /* days until change allowed. */
+ long int sp_max; /* days before change required */
+ long int sp_warn; /* days warning for expiration */
+ long int sp_inact; /* days before account inactive */
+ long int sp_expire; /* date when account expires */
+ unsigned long int sp_flag; /* reserved for future use */
+}
+ </programlisting>
+ <para>The meanings of each field are:</para>
+ <itemizedlist mark='bullet'>
+ <listitem>
+ <para>sp_namp - pointer to null-terminated user name</para>
+ </listitem>
+ <listitem>
+ <para>sp_pwdp - pointer to null-terminated password</para>
+ </listitem>
+ <listitem>
+ <para>sp_lstchg - days since Jan 1, 1970 password was last changed</para>
+ </listitem>
+ <listitem>
+ <para>sp_min - days before which password may not be changed</para>
+ </listitem>
+ <listitem>
+ <para>sp_max - days after which password must be changed</para>
+ </listitem>
+ <listitem>
+ <para>sp_warn - days before password is to expire that user is warned of
+ pending password expiration
+ </para>
+ </listitem>
+ <listitem>
+ <para>sp_inact - days after password expires that account is considered
+ inactive and disabled
+ </para>
+ </listitem>
+ <listitem>
+ <para>sp_expire - days since Jan 1, 1970 when account will be disabled</para>
+ </listitem>
+ <listitem>
+ <para>sp_flag - reserved for future use</para>
+ </listitem>
+ </itemizedlist>
+
+ </refsect1>
+
+ <refsect1 id='description2'>
+ <title>DESCRIPTION</title>
+ <para>
+ <emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>,
+ <emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis>
+ each return a pointer to a <emphasis>struct spwd</emphasis>.
+ <emphasis>getspent</emphasis> returns the next entry from the file,
+ and <emphasis>fgetspent</emphasis> returns the next entry from the
+ given stream, which is assumed to be a file of the proper format.
+ <emphasis>sgetspent</emphasis> returns a pointer to a <emphasis>struct
+ spwd</emphasis> using the provided string as input.
+ <emphasis>getspnam</emphasis> searches from the current position in
+ the file for an entry matching <emphasis>name</emphasis>.
+ </para>
+
+ <para>
+ <emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be
+ used to begin and end, respectively, access to the shadow password
+ file.
+ </para>
+
+ <para>
+ The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis>
+ routines should be used to insure exclusive access to the
+ <filename>/etc/shadow</filename> file. <emphasis>lckpwdf</emphasis>
+ attempts to acquire a lock using <emphasis>pw_lock</emphasis> for up
+ to 15 seconds. It continues by attempting to acquire a second lock
+ using <emphasis>spw_lock</emphasis> for the remainder of the initial
+ 15 seconds. Should either attempt fail after a total of 15 seconds,
+ <emphasis>lckpwdf</emphasis> returns -1. When both locks are acquired
+ 0 is returned.
+ </para>
+ </refsect1>
+
+ <refsect1 id='diagnostics'>
+ <title>DIAGNOSTICS</title>
+ <para>
+ Routines return NULL if no more entries are available or if an error
+ occurs during processing. Routines which have <emphasis>int</emphasis>
+ as the return value return 0 for success and
+ -1 for failure.
+ </para>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ These routines may only be used by the superuser as access to the
+ shadow password file is restricted.
+ </para>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>getpwent</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/shadow.5.xml b/man/shadow.5.xml
new file mode 100644
index 0000000..5d20511
--- /dev/null
+++ b/man/shadow.5.xml
@@ -0,0 +1,314 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1989 - 1990, Julianne Frances Haugh
+ Copyright (c) 2007 - 2009, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='shadow.5'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1989</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>shadow</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>shadow</refname>
+ <refpurpose>shadowed password file</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ <filename>shadow</filename> is a file which contains the password
+ information for the system's accounts and optional aging
+ information.
+ </para>
+
+ <para>
+ This file must not be readable by regular users if password security
+ is to be maintained.
+ </para>
+
+ <para>
+ Each line of this file contains 9 fields, separated by colons
+ (<quote>:</quote>), in the following order:
+ </para>
+
+ <variablelist>
+ <varlistentry>
+ <term><emphasis role="bold">login name</emphasis></term>
+ <listitem>
+ <para>
+ It must be a valid account name, which exist on the system.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis role="bold">encrypted password</emphasis></term>
+ <listitem>
+ <para>
+ Refer to <citerefentry><refentrytitle>crypt</refentrytitle>
+ <manvolnum>3</manvolnum></citerefentry> for details on how
+ this string is interpreted.
+ </para>
+ <para>
+ If the password field contains some string that is not a valid
+ result of <citerefentry><refentrytitle>crypt</refentrytitle>
+ <manvolnum>3</manvolnum></citerefentry>, for instance ! or *,
+ the user will not be able to use a unix password to log in
+ (but the user may log in the system by other means).
+ </para>
+ <para>
+ This field may be empty, in which case no passwords are
+ required to authenticate as the specified login name.
+ However, some applications which read the
+ <filename>/etc/shadow</filename> file may decide not to permit
+ any access at all if the password field is empty.
+ </para>
+ <para>
+ A password field which starts with an exclamation mark means
+ that the password is locked. The remaining characters on the
+ line represent the password field before the password was
+ locked.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis role="bold">date of last password change</emphasis>
+ </term>
+ <listitem>
+ <para>
+ The date of the last password change, expressed as the number
+ of days since Jan 1, 1970.
+ </para>
+ <para>
+ The value 0 has a special meaning, which is that the user
+ should change her password the next time she will log in the
+ system.
+ </para>
+ <para>
+ An empty field means that password aging features are
+ disabled.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis role="bold">minimum password age</emphasis></term>
+ <listitem>
+ <para>
+ The minimum password age is the number of days the user will
+ have to wait before she will be allowed to change her password
+ again.
+ </para>
+ <para>
+ An empty field and value 0 mean that there are no minimum
+ password age.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis role="bold">maximum password age</emphasis></term>
+ <listitem>
+ <para>
+ The maximum password age is the number of days after which the
+ user will have to change her password.
+ </para>
+ <para>
+ After this number of days is elapsed, the password may still
+ be valid. The user should be asked to change her password the
+ next time she will log in.
+ </para>
+ <para>
+ An empty field means that there are no maximum password age,
+ no password warning period, and no password inactivity period
+ (see below).
+ </para>
+ <para>
+ If the maximum password age is lower than the minimum password
+ age, the user cannot change her password.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis role="bold">password warning period</emphasis>
+ </term>
+ <listitem>
+ <para>
+ The number of days before a password is going to expire (see
+ the maximum password age above) during which the user should
+ be warned.
+ </para>
+ <para>
+ An empty field and value 0 mean that there are no password
+ warning period.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis role="bold">password inactivity period</emphasis>
+ </term>
+ <listitem>
+ <para>
+ The number of days after a password has expired (see the
+ maximum password age above) during which the password should
+ still be accepted (and the user should update her password
+ during the next login).
+ </para>
+ <para>
+ After expiration of the password and this expiration period is
+ elapsed, no login is possible using the current user's
+ password. The user should contact her administrator.
+ </para>
+ <para>
+ An empty field means that there are no enforcement of an
+ inactivity period.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis role="bold">account expiration date</emphasis>
+ </term>
+ <listitem>
+ <para>
+ The date of expiration of the account, expressed as the number
+ of days since Jan 1, 1970.
+ </para>
+ <para>
+ Note that an account expiration differs from a password
+ expiration. In case of an account expiration, the user shall
+ not be allowed to login. In case of a password expiration,
+ the user is not allowed to login using her password.
+ </para>
+ <para>
+ An empty field means that the account will never expire.
+ </para>
+ <para>
+ The value 0 should not be used as it is interpreted as either
+ an account with no expiration, or as an expiration on Jan 1,
+ 1970.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis role="bold">reserved field</emphasis></term>
+ <listitem>
+ <para>This field is reserved for future use.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow-</filename></term>
+ <listitem>
+ <para>Backup file for /etc/shadow.</para>
+ <para>
+ Note that this file is used by the tools of the shadow
+ toolsuite, but not by all user and password management tools.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/su.1.xml b/man/su.1.xml
new file mode 100644
index 0000000..24143c3
--- /dev/null
+++ b/man/su.1.xml
@@ -0,0 +1,453 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1989 - 1990, Julianne Frances Haugh
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CONSOLE SYSTEM "login.defs.d/CONSOLE.xml">
+<!ENTITY CONSOLE_GROUPS SYSTEM "login.defs.d/CONSOLE_GROUPS.xml">
+<!ENTITY DEFAULT_HOME SYSTEM "login.defs.d/DEFAULT_HOME.xml">
+<!ENTITY ENV_HZ SYSTEM "login.defs.d/ENV_HZ.xml">
+<!ENTITY ENVIRON_FILE SYSTEM "login.defs.d/ENVIRON_FILE.xml">
+<!ENTITY ENV_PATH SYSTEM "login.defs.d/ENV_PATH.xml">
+<!ENTITY ENV_SUPATH SYSTEM "login.defs.d/ENV_SUPATH.xml">
+<!ENTITY ENV_TZ SYSTEM "login.defs.d/ENV_TZ.xml">
+<!ENTITY LOGIN_STRING SYSTEM "login.defs.d/LOGIN_STRING.xml">
+<!ENTITY MAIL_CHECK_ENAB SYSTEM "login.defs.d/MAIL_CHECK_ENAB.xml">
+<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY QUOTAS_ENAB SYSTEM "login.defs.d/QUOTAS_ENAB.xml">
+<!ENTITY SULOG_FILE SYSTEM "login.defs.d/SULOG_FILE.xml">
+<!ENTITY SU_NAME SYSTEM "login.defs.d/SU_NAME.xml">
+<!ENTITY SU_WHEEL_ONLY SYSTEM "login.defs.d/SU_WHEEL_ONLY.xml">
+<!ENTITY SYSLOG_SU_ENAB SYSTEM "login.defs.d/SYSLOG_SU_ENAB.xml">
+<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='su.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1989</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>su</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>su</refname>
+ <refpurpose>change user ID or become superuser</refpurpose>
+ </refnamediv>
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>su</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ <arg choice='opt'>
+ <arg choice='plain'>
+ <replaceable>username</replaceable>
+ </arg>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>su</command> command is used to become another user during
+ a login session. Invoked without a <option>username</option>,
+ <command>su</command> defaults to
+ becoming the superuser. The optional argument <option>-</option> may
+ be used to provide an environment similar to what the user would
+ expect had the user logged in directly.
+ </para>
+
+ <para>
+ Additional arguments may be provided after the username, in which case
+ they are supplied to the user's login shell. In particular, an
+ argument of <option>-c</option> will cause the next argument to be
+ treated as a command by most command interpreters. The command will be
+ executed by the shell specified in <filename>/etc/passwd</filename>
+ for the target user.
+ </para>
+
+ <para>
+ You can use the <option>--</option> argument to separate
+ <command>su</command> options from the arguments supplied to the shell.
+ </para>
+
+ <para>The user will be prompted for a password, if appropriate. Invalid
+ passwords will produce an error message. All attempts, both valid and
+ invalid, are logged to detect abuse of the system.
+ </para>
+
+ <para>
+ The current environment is passed to the new shell. The value of
+ <envar>$PATH</envar> is reset to <filename>/bin:/usr/bin</filename>
+ for normal users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename>
+ for the superuser. This may be changed with the
+ <option>ENV_PATH</option> and <option>ENV_SUPATH</option>
+ definitions in <filename>/etc/login.defs</filename>.
+ </para>
+
+ <para>
+ A subsystem login is indicated by the presence of a "*" as the first
+ character of the login shell. The given home directory will be used as
+ the root of a new file system which the user is actually logged into.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>The options which apply to the <command>su</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Specify a command that will be invoked by the shell using its
+ <option>-c</option>.
+ </para>
+ <para>
+ The executed command will have no controlling terminal. This
+ option cannot be used to execute interactive programs which
+ need a controlling TTY.
+ <!-- This avoids TTY hijacking when su is used to lower
+ privileges -->
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-</option>, <option>-l</option>, <option>--login</option>
+ </term>
+ <listitem>
+ <para>
+ Provide an environment similar to what the user would expect had
+ the user logged in directly.
+ </para>
+ <para>
+ When <option>-</option> is used, it must be specified before any
+ <option>username</option>. For portability it is recommended
+ to use it as last option, before any
+ <option>username</option>. The other forms
+ (<option>-l</option> and <option>--login</option>)
+ do not have this restriction.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>
+ </term>
+ <listitem>
+ <para>The shell that will be invoked.</para>
+ <para>
+ The invoked shell is chosen from (highest priority first):
+ <!--This should be an ordered list, but lists inside another
+ list does not work well with current docbook.
+ - nekral - 2009.06.03 -->
+ <variablelist>
+ <varlistentry><term></term><listitem>
+ <para>The shell specified with --shell.</para>
+ </listitem></varlistentry>
+ <varlistentry><term></term><listitem>
+ <para>
+ If <option>--preserve-environment</option> is used, the
+ shell specified by the <envar>$SHELL</envar> environment
+ variable.
+ </para>
+ </listitem></varlistentry>
+ <varlistentry><term></term><listitem>
+ <para>
+ The shell indicated in the <filename>/etc/passwd</filename>
+ entry for the target user.
+ </para>
+ </listitem></varlistentry>
+ <varlistentry><term></term><listitem>
+ <para><filename>/bin/sh</filename> if a shell could not be
+ found by any above method.</para>
+ </listitem></varlistentry>
+ </variablelist>
+ </para>
+ <para>
+ If the target user has a restricted shell (i.e. the shell field of
+ this user's entry in <filename>/etc/passwd</filename> is not
+ listed in <filename>/etc/shells</filename>), then the
+ <option>--shell</option> option or the <envar>$SHELL</envar>
+ environment variable won't be taken into account, unless
+ <command>su</command> is called by root.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-m</option>, <option>-p</option>,
+ <option>--preserve-environment</option>
+ </term>
+ <listitem>
+ <para>
+ Preserve the current environment, except for:
+ <variablelist>
+ <varlistentry>
+ <term><envar>$PATH</envar></term>
+ <listitem>
+ <para>
+ reset according to the
+ <filename>/etc/login.defs</filename> options
+ <option>ENV_PATH</option> or
+ <option>ENV_SUPATH</option> (see below);
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><envar>$IFS</envar></term>
+ <listitem>
+ <para>
+ reset to
+ <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>,
+ if it was set.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ <para>
+ If the target user has a restricted shell, this option has no
+ effect (unless <command>su</command> is called by root).
+ </para>
+ <para>
+ Note that the default behavior for the environment is the
+ following:
+ <variablelist>
+ <varlistentry><term></term><listitem>
+ <para>
+ The <envar>$HOME</envar>, <envar>$SHELL</envar>,
+ <envar>$USER</envar>, <envar>$LOGNAME</envar>,
+ <envar>$PATH</envar>, and <envar>$IFS</envar>
+ environment variables are reset.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry><term></term><listitem>
+ <para>
+ If <option>--login</option> is not used, the
+ environment is copied, except for the variables above.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry><term></term><listitem>
+ <para>
+ If <option>--login</option> is used, the
+ <envar>$TERM</envar>, <envar>$COLORTERM</envar>,
+ <envar>$DISPLAY</envar>, and
+ <envar>$XAUTHORITY</envar> environment variables are
+ copied if they were set.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="no_pam"><term></term><listitem>
+ <para>
+ If <option>--login</option> is used, the
+ <envar>$TZ</envar>, <envar>$HZ</envar>, and
+ <envar>$MAIL</envar> environment
+ variables are set according to the
+ <filename>/etc/login.defs</filename>
+ options <option>ENV_TZ</option>,
+ <option>ENV_HZ</option>, <option>MAIL_DIR</option>, and
+ <option>MAIL_FILE</option> (see below).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="no_pam"><term></term><listitem>
+ <para>
+ If <option>--login</option> is used, other environment
+ variables might be set by the
+ <option>ENVIRON_FILE</option> file (see below).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="pam"><term></term><listitem>
+ <para>
+ Other environments might be set by PAM modules.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ This version of <command>su</command> has many compilation options,
+ only some of which may be in use at any particular site.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &CONSOLE;
+ &CONSOLE_GROUPS;
+ &DEFAULT_HOME;
+ <phrase condition="no_pam">&ENV_HZ;</phrase>
+ &ENVIRON_FILE;
+ &ENV_PATH;
+ &ENV_SUPATH;
+ &ENV_TZ;
+ <phrase condition="no_pam">&LOGIN_STRING;</phrase>
+ &MAIL_CHECK_ENAB;
+ <phrase condition="no_pam">&MAIL_DIR;</phrase>
+ &QUOTAS_ENAB;
+ &SULOG_FILE;
+ &SU_NAME;
+ &SU_WHEEL_ONLY;
+ &SYSLOG_SU_ENAB;
+ <phrase condition="no_pam">&USERGROUPS_ENAB;</phrase>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='exit_values'>
+ <title>EXIT VALUES</title>
+ <para>
+ On success, <command>su</command> returns the exit value of the
+ command it executed.
+ </para>
+ <para>
+ If this command was terminated by a signal, <command>su</command>
+ returns the number of this signal plus 128.
+ </para>
+ <para>
+ If su has to kill the command (because it was asked to terminate,
+ and the command did not terminate in time), <command>su</command>
+ returns 255.
+ </para>
+ <para>
+ Some exit values from <command>su</command> are independent from the
+ executed command:
+ <variablelist>
+ <varlistentry>
+ <term><replaceable>0</replaceable></term>
+ <listitem>
+ <para>success (<option>--help</option> only)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>1</replaceable></term>
+ <listitem>
+ <para>System or authentication failure</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>126</replaceable></term>
+ <listitem>
+ <para>The requested command was not found</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>127</replaceable></term>
+ <listitem>
+ <para>The requested command could not be executed</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para><citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/suauth.5.xml b/man/suauth.5.xml
new file mode 100644
index 0000000..97ef6d1
--- /dev/null
+++ b/man/suauth.5.xml
@@ -0,0 +1,229 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1996 , Marek Michałkiewicz
+ Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='suauth.5'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Marek</firstname>
+ <surname>Michałkiewicz</surname>
+ <contrib>Creation, 1996</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>suauth</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>suauth</refname>
+ <refpurpose>detailed su control file</refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>/etc/suauth</command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The file <filename>/etc/suauth</filename> is referenced whenever the
+ su command is called. It can change the behaviour of the su command,
+ based upon:
+ </para>
+
+ <!-- .RS -->
+ <literallayout remap='.nf'>
+ 1) the user su is targeting
+ </literallayout>
+ <!-- .fi -->
+ <para>
+ 2) the user executing the su command (or any groups he might be
+ a member of)
+ </para>
+
+ <para>
+ The file is formatted like this, with lines starting with a # being
+ treated as comment lines and ignored;
+ </para>
+
+ <literallayout remap='RS'>
+ to-id:from-id:ACTION
+ </literallayout>
+
+ <para>
+ Where to-id is either the word <emphasis>ALL</emphasis>, a list of
+ usernames delimited by "," or the words <emphasis>ALL
+ EXCEPT</emphasis> followed by a list of usernames delimited by ",".
+ </para>
+
+ <para>
+ from-id is formatted the same as to-id except the extra word
+ <emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT
+ GROUP</emphasis> is perfectly valid too. Following
+ <emphasis>GROUP</emphasis> appears one or more group names, delimited
+ by ",". It is not sufficient to have primary group id of the relevant
+ group, an entry in
+ <citerefentry><refentrytitle>/etc/group</refentrytitle>
+ <manvolnum>5</manvolnum></citerefentry> is necessary.
+ </para>
+
+ <para>
+ Action can be one only of the following currently supported options.
+ </para>
+ <variablelist remap='TP'>
+ <varlistentry>
+ <term>
+ <emphasis>DENY</emphasis>
+ </term>
+ <listitem>
+ <para>The attempt to su is stopped before a password is
+ even asked for.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis>NOPASS</emphasis>
+ </term>
+ <listitem>
+ <para>
+ The attempt to su is automatically successful; no password is
+ asked for.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <emphasis>OWNPASS</emphasis>
+ </term>
+ <listitem>
+ <para>
+ For the su command to be successful, the user must enter his or
+ her own password. They are told this.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>
+ Note there are three separate fields delimited by a colon. No
+ whitespace must surround this colon. Also note that the file is
+ examined sequentially line by line, and the first applicable rule is
+ used without examining the file further. This makes it possible for a
+ system administrator to exercise as fine control as he or she wishes.
+ </para>
+ </refsect1>
+
+ <refsect1 id='example'>
+ <title>EXAMPLE</title>
+ <literallayout remap='.nf'>
+ # sample /etc/suauth file
+ #
+ # A couple of privileged usernames may
+ # su to root with their own password.
+ #
+ root:chris,birddog:OWNPASS
+ #
+ # Anyone else may not su to root unless in
+ # group wheel. This is how BSD does things.
+ #
+ root:ALL EXCEPT GROUP wheel:DENY
+ #
+ # Perhaps terry and birddog are accounts
+ # owned by the same person.
+ # Access can be arranged between them
+ # with no password.
+ #
+ terry:birddog:NOPASS
+ birddog:terry:NOPASS
+ #
+ </literallayout>
+ <!-- .fi -->
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/suauth</filename></term>
+ <listitem><para></para></listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='bugs'>
+ <title>BUGS</title>
+ <para>
+ There could be plenty lurking. The file parser is particularly
+ unforgiving about syntax errors, expecting no spurious whitespace
+ (apart from beginning and end of lines), and a specific token
+ delimiting different things.
+ </para>
+ </refsect1>
+
+ <refsect1 id='diagnostics'>
+ <title>DIAGNOSTICS</title>
+ <para>
+ An error parsing the file is reported using
+ <citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ as level ERR on facility AUTH.
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/subgid.5.xml b/man/subgid.5.xml
new file mode 100644
index 0000000..ffdb7d8
--- /dev/null
+++ b/man/subgid.5.xml
@@ -0,0 +1,139 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 2013 Eric W. Biederman
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='subgid.5'>
+ <refmeta>
+ <refentrytitle>subgid</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>subgid</refname>
+ <refpurpose>the subordinate gid file</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ Each line in <filename>/etc/subgid</filename> contains
+ a user name and a range of subordinate group ids that user
+ is allowed to use.
+
+ This is specified with three fields delimited by colons
+ (<quote>:</quote>).
+ These fields are:
+ </para>
+ <itemizedlist mark='bullet'>
+ <listitem>
+ <para>login name or UID</para>
+ </listitem>
+ <listitem>
+ <para>numerical subordinate group ID</para>
+ </listitem>
+ <listitem>
+ <para>numerical subordinate group ID count</para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
+ This file specifies the group IDs that ordinary users can use, with
+ the <command>newgidmap</command> command, to configure gid mapping
+ in a user namespace.
+ </para>
+
+ <para>
+ Multiple ranges may be specified per user.
+ </para>
+
+ <para>
+ When large number of entries (10000-100000 or more) are defined in
+ <filename>/etc/subgid</filename>, parsing performance penalty will
+ become noticeable. In this case it is recommended to use UIDs
+ instead of login names. Benchmarks have shown speed-ups up to 20x.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/subgid</filename></term>
+ <listitem>
+ <para>Per user subordinate group IDs.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/subgid-</filename></term>
+ <listitem>
+ <para>Backup file for /etc/subgid.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newgidmap</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newuidmap</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>user_namespaces</refentrytitle><manvolnum>7</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/subuid.5.xml b/man/subuid.5.xml
new file mode 100644
index 0000000..2890661
--- /dev/null
+++ b/man/subuid.5.xml
@@ -0,0 +1,139 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 2013 Eric W. Biederman
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='subuid.5'>
+ <refmeta>
+ <refentrytitle>subuid</refentrytitle>
+ <manvolnum>5</manvolnum>
+ <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>subuid</refname>
+ <refpurpose>the subordinate uid file</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ Each line in <filename>/etc/subuid</filename> contains
+ a user name and a range of subordinate user ids that user
+ is allowed to use.
+
+ This is specified with three fields delimited by colons
+ (<quote>:</quote>).
+ These fields are:
+ </para>
+ <itemizedlist mark='bullet'>
+ <listitem>
+ <para>login name or UID</para>
+ </listitem>
+ <listitem>
+ <para>numerical subordinate user ID</para>
+ </listitem>
+ <listitem>
+ <para>numerical subordinate user ID count</para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
+ This file specifies the user IDs that ordinary users can use, with
+ the <command>newuidmap</command> command, to configure uid mapping
+ in a user namespace.
+ </para>
+
+ <para>
+ Multiple ranges may be specified per user.
+ </para>
+
+ <para>
+ When large number of entries (10000-100000 or more) are defined in
+ <filename>/etc/subuid</filename>, parsing performance penalty will
+ become noticeable. In this case it is recommended to use UIDs
+ instead of login names. Benchmarks have shown speed-ups up to 20x.
+ </para>
+
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/subuid</filename></term>
+ <listitem>
+ <para>Per user subordinate user IDs.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/subuid-</filename></term>
+ <listitem>
+ <para>Backup file for /etc/subuid.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newgidmap</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newuidmap</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newusers</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>user_namespaces</refentrytitle><manvolnum>7</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/sulogin.8.xml b/man/sulogin.8.xml
new file mode 100644
index 0000000..432232c
--- /dev/null
+++ b/man/sulogin.8.xml
@@ -0,0 +1,178 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1989 - 1992, Julianne Frances Haugh
+ Copyright (c) 2007 - 2008, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENV_HZ SYSTEM "login.defs.d/ENV_HZ.xml">
+<!ENTITY ENV_TZ SYSTEM "login.defs.d/ENV_TZ.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='sulogin.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1989</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>sulogin</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>sulogin</refname>
+ <refpurpose>Single-user login</refpurpose>
+ </refnamediv>
+
+ <refsect1 id='syntax'>
+ <title>SYNTAX</title>
+ <para><command>sulogin</command> [<emphasis remap='I'>tty-device</emphasis>]
+ </para>
+ </refsect1>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>sulogin</command> command is invoked by <command>init</command>
+ prior to allowing the user access to the system when in single user mode.
+ This feature may only be available on certain systems where
+ <command>init</command> has been modified accordingly, or where the
+ <filename>/etc/inittab</filename> has an entry for a single user
+ login.
+ </para>
+
+ <para>The user is prompted</para>
+
+ <para>Type control-d to proceed with normal startup,
+ <!-- .br -->
+ (or give root password for system maintenance):
+ </para>
+
+ <para>
+ Input and output will be performed with the standard file descriptors
+ unless the optional device name argument is provided.
+ </para>
+
+ <para>
+ If the user enters the correct root password, a login session is
+ initiated. When <emphasis>EOF</emphasis> is pressed instead, the
+ system enters multi-user mode.
+ </para>
+
+ <para>
+ After the user exits the single-user shell, or presses
+ <emphasis>EOF</emphasis>, the system begins the initialization process
+ required to enter multi-user mode.
+ </para>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ This command can only be used if <command>init</command> has been
+ modified to call <command>sulogin</command> instead of
+ <filename>/bin/sh</filename>, or if the user has set the <emphasis
+ remap='I'>inittab</emphasis> to support a single user login. For
+ example, the line:
+ </para>
+
+ <para>co:s:respawn:/etc/sulogin /dev/console</para>
+
+ <para>should execute the sulogin command in single user mode.</para>
+
+ <para>
+ As complete an environment as possible is created. However, various
+ devices may be unmounted or uninitialized and many of the user
+ commands may be unavailable or nonfunctional as a result.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &ENV_HZ;
+ &ENV_TZ;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>init</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/sv/Makefile.am b/man/sv/Makefile.am
new file mode 100644
index 0000000..e64b7bc
--- /dev/null
+++ b/man/sv/Makefile.am
@@ -0,0 +1,49 @@
+mandir = @mandir@/sv
+
+# 2012.01.28 - activate manpages with more than 50% translated messages
+man_MANS = \
+ man1/chage.1 \
+ man1/chsh.1 \
+ man1/expiry.1 \
+ man5/faillog.5 \
+ man8/faillog.8 \
+ man3/getspnam.3 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmems.8 \
+ man8/groupmod.8 \
+ man1/groups.1 \
+ man8/grpck.8 \
+ man5/gshadow.5 \
+ man8/lastlog.8 \
+ man8/logoutd.8 \
+ man1/newgrp.1 \
+ man8/nologin.8 \
+ man1/passwd.1 \
+ man5/passwd.5 \
+ man8/pwck.8 \
+ man1/sg.1 \
+ man3/shadow.3 \
+ man5/suauth.5 \
+ man8/userdel.8 \
+ man8/vigr.8 \
+ man8/vipw.8
+
+man_nopam = \
+ man5/limits.5 \
+ man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+ $(man_MANS) \
+ man1/id.1
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/tr/Makefile.am b/man/tr/Makefile.am
new file mode 100644
index 0000000..8d8b916
--- /dev/null
+++ b/man/tr/Makefile.am
@@ -0,0 +1,18 @@
+mandir = @mandir@/tr
+
+man_MANS = \
+ man1/chage.1 \
+ man1/chfn.1 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmod.8 \
+ man1/login.1 \
+ man1/passwd.1 \
+ man5/passwd.5 \
+ man5/shadow.5 \
+ man1/su.1 \
+ man8/useradd.8 \
+ man8/userdel.8 \
+ man8/usermod.8
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/tr/man1/chage.1 b/man/tr/man1/chage.1
new file mode 100644
index 0000000..16bbbb1
--- /dev/null
+++ b/man/tr/man1/chage.1
@@ -0,0 +1,90 @@
+
+
+.\" Copyright 1990 - 1994 Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH chage 1 "" "" ""
+.nh
+.SH Ä°SÄ°M
+chage -
+kullanıcı parolasının son kullanma tarihini değiştirir
+
+.SH KULLANIM
+
+.nf
+
+\fBchage\fR [\fB-m \fR\fIasgari-gün-sayısı\fR] [\fB-M \fR\fIazami-gün-sayısı\fR] [\fB-d \fR\fIson-gün\fR]
+ [\fB-I \fR\fIpasif\fR] [\fB-E \fR\fIson-tarih\fR] [\fB-W \fR\fIuyarı-gün-sayısı\fR] \fIkullanıcı\fR
+
+\fBchage -l \fR\fIkullanıcı\fR
+
+.fi
+
+
+
+.SH AÇIKLAMA
+
+
+\fBchage\fR, parolanın son değiştirilme tarihinden, değiştirilmesi gerekecek olan güne kadar geçen sürenin gün cinsinde miktarını değiştirir. Bu bilgi, sistem tarafından, kullanıcının ne zaman parolasını değiştirmesi gerektiğini bulmakta kullanılır. Bu komut root kullanıcıya tahsis edilmiştir. Sadece \fB-l\fR seçeneği, normal kullanıcılar tarafından, parola ve hesaplarının son kullanma tarihini görmek amacı ile kullanılabilir.
+
+\fB-m\fR seçeneği ile belirtilen \fIasgari-gün-sayısı\fR´nın değeri, parola değişiklikleri arasında geçecek asgari gün sayısıdır. Buraya sıfır değeri verilirse, kullanıcı istediği bir zaman parolasını değiştirebilir.
+
+\fB-M\fR seçeneği ile belirtilen \fIazami-gün-sayısı\fR´nın değeri, parolanın geçerliliğinin biteceği güne kadar geçecek zamanın gün cinsinden miktarıdır. \fIazami-gün-sayısı\fR artı \fIson-gün\fR, içinde bulunulan günden az ise, kullanıcı hesabını kullanmadan önce parolasını değiştirmek zorunda kalacaktır. Bu olay, \fB-W\fR seçeneğini kullanılarak da ayarlanabilir. Bu seçenek sayesinde kullanıcıya bu olay hakkında uyarı mesajı verebilirsiniz.
+
+\fB-d\fR seçeneği ile, \fIson-gün\fR´ün değeri 1 Ocak 1970´den parolanın son değişeceği güne kadar olan gün sayısıdır. YYYY-AA-GG biçiminde bir tarih olarak da belirtilebilir (veya yaşadığınız bölgede kabul edilen tarih biçimi ile).
+
+\fB-E\fR seçeneği, kullanıcı hesabının hangi tarihten sonra erişilemez olduğunu ayarlamak için kullanılır. \fIson-tarih\fR´in değeri; 1 Ocak 1970´den hesabın kilitleneceği güne kadar olan sürenin gün cinsinden miktarıdır. YYYY-AA-GG biçiminde bir tarih olarak da belirtilebilir (veya yaşadığınız bölgede kabul edilen tarih biçimi ile). Hesabı kilitlenen bir kullanıcının hesabını tekrar kullanabilmesi için, mutlaka sistem yöneticisine baş vurması gerekmektedir.
+
+\fB-I\fR seçeneği, bir parolanın pasif hale geçmesi ile hesabın kilitlenmesi arasında geçecek olan gün miktarını ayarlamak için kullanılır. \fIpasif\fR seçeneği, pasif geçecek gün sayısıdır. 0 (sıfır) değeri bu özelliği etkisizleştirir. Hesabı kilitlenen bir kullanıcının hesabını tekrar kullanabilmesi için, mutlaka sistem yöneticisine baş vurması gerekmektedir.
+
+\fB-W\fR seçeneği, bir parola değişikliğinin gerekeceği günden kaç gün önce uyarı verileceğini ayarlamak için kullanılır. \fIuyarı-gün-sayısı\fR seçeneği, kullanıcının parolasının geçersiz kalmasından önce kullanıcının uyarılacağı gün sayısıdır.
+
+Şayet hiçbir seçenek belirtilmezse, \fBchage\fR etkileşimli kipe geçer. O an için geçerli olan bütün değerleri ekrana yazar. Bu alanlardaki değerleri değiştirmek için yeni değerler girilir. Şayet geçerli değerleri kullanmak istiyorsanız bu satırları boş bırakın. Geçerli değerler \fB[ ]\fR işaretleri arasında gösterilir.
+
+.SH SINIRLAMALAR
+
+\fBchage\fR uygulamasının /etc/shadow dosyasına ihtiyacı vardır. Şayet parolalar /etc/passwd dosyası içinde saklanıyorsa, \fBchage\fR uygulamasının işlevselliği ortadan kalkar.
+
+.SH Ä°LGÄ°LÄ° DOYALAR
+
+/etc/passwd - kullanıcı hesabı bilgileri
+.br
+/etc/shadow - gölge parolalı kullanıcı hesabı bilgileri
+
+.SH Ä°LGÄ°LÄ° DOYALAR
+
+\fBpasswd\fR(5),
+\fBshadow\fR(5)
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Kasım 2003
+
diff --git a/man/tr/man1/chfn.1 b/man/tr/man1/chfn.1
new file mode 100644
index 0000000..a867ed9
--- /dev/null
+++ b/man/tr/man1/chfn.1
@@ -0,0 +1,79 @@
+
+
+.\" chfn.1 -- change your finger information
+.\" (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\" this program is free software. you can redistribute it and
+.\" modify it under the terms of the gnu general public license.
+.\" there is no warranty.
+
+.TH chfn 1 "13 Ekim 1994" "chfn " "Linux Başvuru Kılavuzu"
+.nh
+.SH Ä°SÄ°M
+chfn -
+kiÅŸisel bilgilerinizi deÄŸiÅŸtirir
+
+.SH KULLANIM
+
+.nf
+
+\fBchfn\fR [ \fB-f \fR\fIAdı-Soyadı\fR ] [ \fB-o \fR\fIİşyeri\fR ] [ \fB-p \fR\fIİş-telefonu\fR ]
+ [ \fB-h \fR\fIEv-telefonu\fR ] [ \fB-u\fR ] [ \fB-v\fR ] [ \fIkullanıcı\fR ]
+
+.fi
+
+
+
+.SH AÇIKLAMA
+
+\fBchfn\fR, kişisel bilgilerinizi değiştirmek için kullanılır. Bu bilgiler /etc/passwd dosyası içinde saklanır ve \fBfinger\fR komutu aracılığı ile ekrana gönderilir. Linux \fBfinger\fR komutu; \fBchfn\fR tarafından değiştirilebilen dört bilgi alanı görüntüler: adınız ve soyadınız, işyeriniz, iş telefon numaranız ve ev telefon numaranız.
+.SS KOMUT SATIRI
+
+Dört parçadan oluşan bu bilgilerin herhangi biri komut satırından belirtilebilir. Şayet komut satırından bilgi girilmemiş ise, \fBchfn\fR etkileşimli kipe geçecektir.
+.SS ETKİLEŞİMLİ KİP
+
+Etkileşimli kipte, \fBchfn\fR, her bir alan için kullanıcıdan veri girmesini isteyecektir. Bu alanlara yeni bilgi girebilir ya da eski bilgiyi korumak için enter tuşuna basıp devam edebilirsiniz. Alanları boş bırakmak için \fBnone\fR kelimesini giriniz.
+
+.SH SEÇENEKLER
+
+
+.br
+.ns
+.TP
+\fB-f\fR, \fB--full-name\fR
+Ad ve soyadı belirtilir.
+
+.TP
+\fB-o\fR, \fB--office\fR
+İşyeri ya da işyerindeki bölümünüz.
+
+.TP
+\fB-p\fR, \fB--office-phone\fR
+Ä°ÅŸ telefonunuz.
+
+.TP
+\fB-h\fR, \fB--home-phone\fR
+Ev telefonunuz.
+
+.TP
+\fB-u\fR, \fB--help\fR
+Bu kullanım bilgisi görüntüler ve çıkar.
+
+.TP
+\fB-v\fR, \fB--version\fR
+Sürüm bilgilerini görüntüler ve çıkar.
+
+.PP
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBfinger\fR(1),
+\fBpasswd\fR(5).
+
+.SH YAZAN
+
+Salvatore Valente <svalente (at) mit.edu> tarafından yazılmıştır.
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Aralık 2003
+
diff --git a/man/tr/man1/login.1 b/man/tr/man1/login.1
new file mode 100644
index 0000000..491a97d
--- /dev/null
+++ b/man/tr/man1/login.1
@@ -0,0 +1,114 @@
+
+
+.\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu)
+.\" May be distributed under the GNU General Public License
+
+.TH login 1 "4 Kasım 1996" "Util-linux 1.6" "Linux Yazılımcılarının Kılavuzu"
+.nh
+.SH Ä°SÄ°M
+login -
+Kullanıcının sisteme girişini sağlar.
+
+.SH KULLANIM
+
+
+\fBlogin\fR [ \fIisim\fR ]
+.br
+\fBlogin -p\fR
+.br
+\fBlogin -h\fR \fIkonakismi\fR
+.br
+\fBlogin -f\fR \fIisim\fR
+
+
+.SH AÇIKLAMA
+
+\fBlogin\fR, bir sisteme bağlanmak için kullanılır. Ayrıca, istenilen bir anda, bir kullanıcı adından başka birine geçiş yapmak içinde kullanılabilir (günümüzdeki pek çok kabuk, yerleşik olarak bu özelliği desteklemektedir).
+
+Herhangi bir argüman belirtilmemişse, \fBlogin\fR kullanıcı adını soracaktır.
+
+Şayet kullanıcı root değilse, ve eğer /etc/nologin dosyası varsa, bu dosyanın içeriği ekrana basılacak ve \fBlogin\fR sonlandırılacaktır. Bu genellikle, sistem kapanırken, yapılacak bağlantıları önlemek için kullanılır.
+
+Şayet kullanıcı için /etc/usertty içinde özel erişim kısıtlamaları tanımlanmışsa, kullanıcı bu şartları karşılamak zorundadır. Aksi taktirde bağlantı girişimi reddedilecek ve bir \fBsyslog\fR iletisi üretilecektir. Daha fazla bilgi için "Özel Erişim Kısıtlamaları" bölümüne bakınız.
+
+Şayet kullanıcı root ise, /etc/securetty içinde listelenen uçbirimlerden birisini kullanarak bağlanmak zorundadır. Giriş hataları \fBsyslog\fR tarafından kaydedilir.
+
+Bütün bu şartlar kontrol edildikten sonra, parola istenecek ve kontrol edilecektir (şayet bu kullanıcı için parola gerekli ise). \fBlogin\fR sonlandırılmadan önce, 10 giriş denemesine izin vardır, fakat ilk üç denemeden sonra isteğe karşılık verme süresi uzayacaktır. Bağlantı hataları \fBsyslog\fR üzerinden rapor edilecektir. Bu, ayrıca başarılı root bağlantılarını raporlamak içinde kullanılır.
+
+Şayet .hushlogin dosyası varsa, bir "hızlı" bağlantı gerçekleştirilir (bu özellik; e-posta kontrolünü, en son bağlantı zamanının ve günün iletisinin ekrana basılmasını engeller). Diğer yandan, şayet /var/log/lastlog dosyası varsa, son bağlantı zamanı ekrana basılacaktır (ve o anki bağlantı kaydedilecektir).
+
+Uçbirimin UID ve GID ayarlarını yapmak gibi, rastgele yönetim işleri yapılır. Şayet daha önceden belirtilmişse, TERM ortam değişkeni korunur (\fB-p\fR seçeneği kullanılmışsa diğer çevre değişkenleri de korunur). Daha sonra HOME, PATH, SHELL, TERM, MAIL ve LOGNAME ortam değişkenleri ayarlanır. PATH değişkeni normal kullanıcılar için öntanımlı olarak /usr/local/bin:/bin:/usr/bin:. ve root kullanıcı için /bin:/usr/sbin:/usr/bin'dir. Son olarak, şayet bu bir "hızlı" bağlantı değilse; günün iletisi görüntülenir, kullanıcıya ait /var/spool/mail içindeki dosya kontrol edilir ve şayet dosya uzunluğu sıfırdan farklı ise bir ileti görüntülenir (şayet bu dosyanın uzunluğu sıfırdan farklı ise, kullanıcıya bir ileti gelmiş demektir).
+
+Daha sonra kullanıcı kabuğu başlatılır. Şayet \fB/etc/passwd\fR içinde kullanıcı için bir kabuk tanımlı değilse, \fB/bin/sh\fR kullanılır. Şayet /etc/passwd içinde bir dizin tanımlı değilse, ev dizini olarak \fB/\fR (kök) dizini kullanılır (yukarıda bahsedilen .hushlogin dosyası için ev dizinine bakılır).
+
+
+.SH SEÇENEKLER
+
+
+.br
+.ns
+.TP
+\fB-p\fR
+\fBgetty\fR(8) tarafından kullanılır, ortam değişkenlerinin korunmasını sağlar.
+
+.TP
+\fB-f\fR
+İkinci bağlantı doğrulamasını atlamak için kullanılır. Özellikle root kullanıcı için çalışmaz ve Linux altında da çalıştığı görülmemiştir.
+
+.TP
+\fB-h\fR
+Diğer sunucular tarafından (\fBtelnetd\fR(8) gibi) uzak sunucunun adını, \fBlogin\fR´e bildirmek için kullanılır, bundan dolayı, utmp ve wtmp içine yerleştirilebilir. Bu seçenek sadece root kullanıcı içindir.
+
+.PP
+
+.SH ÖZEL ERİŞİM KISITLAMALARI
+
+/etc/securetty dosyası, root kullanıcının bağlantı yapabileceği, uçbirim isimlerinin listesini içerir. Her bir satırda, /dev/ öneki olmaksızın bir tty aygıtının adı belirtilmelidir. Şayet bu dosya yoksa, root kullanıcı herhangi bir uçbirim üzerinden bağlanabilir.
+
+Günümüzde çoğu Linux sistemi PAM (Pluggable Authentication Modules - Eklenebilir Kimlik Kantlama Modülleri) kullanmaktadır. PAM kullanılmayan sistemlerde /etc/usertty dosyası, belirlenen kullanıcılar için, ek erişim kısıtlamaları içerir. Şayet bu dosya yoksa, ek erişim kısıtlamaları yüklenemez. Bu dosya çeşitli bölümler içerir. Üç çeşit bölüm türü münkündür: CLASSES, GROUPS ve USERS. CLASSES bölümü uçbirim sınıflarının ve sunucu adlarının şablonlarını içerir. GROUPS bölümü her bir grup için, USERS bölümü ise her bir kullanıcı için izin verilen uçbirimleri ve sunucuları tanımlar.
+
+Bu dosya içindeki her bir satır en fazla 255 karaktere sahip olabilir. Açıklamalar \fB#\fR ile başlar ve satır sonuna kadar devam eder.
+
+.SS CLASSES Bölümü
+
+Bir CLASSES bölümü bir satırın başında tamamen büyük harflerden oluşmuş CLASSES dizgesi ile başlar. Yeni bir bölümün başlangıcına veya dosyanın sonuna kadar her bir satır sekmeler ya da boşluklar tarafından ayrılmış sözcük dizilimleri içerir. Her bir satır uçbirim sınıfları ve sunucu şablonları içerir.
+
+Satır başındaki sözcük, satırın kalanında tanımlanmış uçbirimler ve sunucu şablonları için ortak sınıf ismidir. Bu sınıf ismi GROUPS veya USERS bölümlerinde kullanılabilir. Yinelenmiş sınıflar oluşturma hatasından korunmak için sınıf isimleri tanımlamaların içinde kullanılmamalıdır.
+
+Örnek bir CLASSES bölümü:
+
+.nf
+
+CLASSES
+sinif1 tty1 tty2
+sinif2 tty3 @.foo.com
+
+.fi
+
+
+Burada \fIsinif1\fR ve \fIsinif2\fR sınıfları sağ taraflarındakilerle tanımlanmıştır.
+
+.SS GROUPS Bölümü
+
+Bir GROUPS bölümü; her bir UNIX grubu için izin verilen uçbirim ve
+sunucuları tanımlar. Şayet bir kullanıcı /etc/passwd ve /etc/group dosyalarındaki tanımlara göre göre bir UNIX grubunun üyesi ise ve bu grup /etc/usertty içindeki GROUPS bölümünde belirtilmiş ise, kullanıcıya erişim izni verilmiş demektir.
+
+Bir CLASSES bölümü bir satırın başında tamamen büyük harflerden oluşmuş CLASSES dizgesi ile başlar.
+Bir GROUPS bölümü bir satırda tamamen büyük harflerden oluşmuş GROUPS
+yazısı ile başlar ve devam eden tüm satırlar, boşluklar veya tablar ile ayrılmış, kelimeler dizileridir. Satırdaki ilk kelime grup adı ve diğer kelimeler; grup elemanlarına bağlantı için izin verilen ttys´ler ve sunuculardır. Bu tanımlamalar önceki bölümde( CLASSES bölümünde) açıklanan sınıfları içerebilirler.
+
+
+.SH TEMÄ°NÄ°
+
+\fBlogin\fR, e2fsprogs paketinin bir parçasıdır ve
+.br
+http://e2fsprogs.sourceforge.net adresinden temin edilebilir.
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchattr\fR(1)
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Kasım 2003
+
diff --git a/man/tr/man1/passwd.1 b/man/tr/man1/passwd.1
new file mode 100644
index 0000000..afc461a
--- /dev/null
+++ b/man/tr/man1/passwd.1
@@ -0,0 +1,172 @@
+
+
+.\" Copyright Red Hat, Inc., 1998, 1999, 2002.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, and the entire permission notice in its entirety,
+.\" including the disclaimer of warranties.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. The name of the author may not be used to endorse or promote
+.\" products derived from this software without specific prior
+.\" written permission.
+.\"
+.\" ALTERNATIVELY, this product may be distributed under the terms of
+.\" the GNU Public License, in which case the provisions of the GPL are
+.\" required INSTEAD OF the above restrictions. (This clause is
+.\" necessary due to a potential bad interaction between the GPL and
+.\" the restrictions contained in a BSD-style copyright.)
+.\"
+.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+.\" WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.\" Copyright (c) Cristian Gafton, 1998, <gafton@redhat.com>
+.\"
+
+.TH passwd 1 "3 Ocak 1998" "Red Hat Linux" "Kullanıcı Araçları"
+.nh
+.SH Ä°SÄ°M
+passwd -
+kullanıcının parolasını günceller
+
+.SH KULLANIM
+
+.nf
+
+\fBpasswd \fR[\fB-k\fR] [\fB-l\fR] [\fB-u \fR[\fB-f\fR]] [\fB-d\fR] [\fB-n \fR\fIasgari_ömür\fR] [\fB-x \fR\fIazami_ömür\fR]
+ [\fB-w \fR\fIuyarı_süresi\fR] [\fB-i \fR\fIaskı_süresi\fR] [\fB-S\fR] [\fIkullanıcı\fR]
+
+.fi
+
+
+
+.SH AÇIKLAMA
+
+\fBpasswd\fR, bir kullanıcının parolasını günceller
+
+\fBpasswd\fR, \fBLinux-PAM API\fR´si aracılığı ile çalışmak üzere ayarlanmıştır. Aslında, \fBpasswd\fR, kendisini Linux-Pam ile birlikte bir "passdw" servisi olarak başlatır ve yetkilendirme için ayarlanmış parola modüllerini kullanır. Daha sonra kullanıcının parolası güncellenir.
+
+Bu servis için, Linux-PAM ayar dosyası, basitçe, şu şekilde olurdu:
+
+.nf
+
+#
+# bir parola güncellenmeden önce, bu önerilen parolanın sağlamlığını
+# kontrol eden passwd servis girdisi.
+#
+passwd password requisite \
+ /usr/lib/security/pam_cracklib.so retry=3
+passwd password required \
+ /usr/lib/security/pam_unix.so use_authtok
+#
+
+.fi
+
+
+NOT: Bu uygulamanın düzgün çalışması için, diğer modül türlerine ihtiyaç yoktur.
+
+.SH SEÇENEKLER
+
+
+.br
+.ns
+.TP
+\fB-k\fR
+Bu seçenek, güncellemenin, sadece geçerlilik süresi bitmiş parolaları kapsadığı anlamaına gelir. Kullanıcı geçerlilik süresi dolmamış parolalarını kullanmaya devam edebilir.
+
+.TP
+\fB-l\fR
+Bu seçeneği sadece root kullanıcı kullanabilir. Belirtilen hesabı
+kilitlemeye yarar. Kilitleme işlemi; şifrelenmiş parolanın sözdizimi geçersiz hale getirilerek uygulanır (şifreli sözdiziminin başına ! getirmek suretiyle).
+
+.TP
+\fB--stdin\fR
+Bu seçenek, yeni parolanın borulanabilen standart girdiden okunacağı anlamına gelir.
+
+.TP
+\fB-u\fR
+\fB-l\fR seçeneğinin tersidir. Kilitlenmiş hesap parolalarının önündeki ! önekini kaldırarak, hesabı kullanıma açar. Bu seçenek, sadece root kullanıcıya tahsis edilmiştir. Öntanımlı olarak, \fBpassdw\fR, parolasız bir hesap oluşturmayı reddedecektir (parola olarak sadece ! işaretine sahip bir hesabın kilidini kaldıramaz). \fB-f\fR seçeneği, bu korumayı aşmak için kullanılabilir.
+
+.TP
+\fB-d\fR
+Bu seçenek, bir hesabın parolasını yok etmenin en kolay ve hızlı yoludur. Belirtilen hesabın parolasız açılmasını sağlar. Sadece root kullanıcı bu seçeneği kullanabilir.
+
+.TP
+\fB-n\fR
+Kullanıcının hesabı parola için bir geçerlilik süresi tanımlanmasını destekliyorsa, bu seçenekle parolanın geçerli olduğu asgari süre gün cinsinden belirtilebilir. Sadece root kullanıcı bu seçeneği kullanabilir.
+
+.TP
+\fB-x\fR
+Kullanıcının hesabı parola için bir geçerlilik süresi tanımlanmasını destekliyorsa, bu seçenekle parolanın geçerli olduğu azami süre gün cinsinden belirtilebilir. Sadece root kullanıcı bu seçeneği kullanabilir.
+
+.TP
+\fB-w\fR
+Kullanıcının hesabı parola için bir geçerlilik süresi tanımlanmasını destekliyorsa, bu seçenekle, kullanıcının parolasının zamanaşımına uğrayacağı tarihten kaç gün önceden itibaren uyarılacağı gün cinsinden belirtilebilir. Sadece root kullanıcı bu seçeneği kullanabilir.
+
+.TP
+\fB-i\fR
+Kullanıcının hesabı parola için bir geçerlilik süresi tanımlanmasını destekliyorsa, kullanıcı parolası zamanaşımına uğradıktan sonra kullanıcı hesabı tamamen iptal edilene kadar kaç gün süreyle bekleneceği belirtilir. Sadece root kullanıcı bu seçeneği kullanabilir.
+
+.PP
+
+.SH İKİ ÖNEMLİ KURAL
+.SS Parolanızı koruyun
+
+Parolanızı herhangi bir yere not etmeyin. Bunun yerine ezberinizde tutun. Parolanızı şifrelenmemiş bir dosya içine yazıp, ortalıkta bırakmayın. Birbirinden bağımsız parolalar kullanın. Her yere aynı parola ile üye olmayın. Bilgisayar destek veya satış görevlileri ile parolanızı paylaşmayın. Parolanızı yazarken, kimsenin sizi izlemesine izin vermeyin. Güvenli olduğuna inanmadığınız bir sistemden, parolanız aracılığı ile giriş yapmayın. Parolanız için geçerlilik süreleri tahsis edin ve parolanızı düzenli olarak değiştirin. Bir sistemdeki parolanız sizin her şeyinizdir. Bu konuda paronoyak davranmak, vurdumduymazlıktan daha mantıklı bir yöntemdir.
+
+.SS Tahmin edilmesi güç bir parola seçin
+
+\fBpasswd\fR, sizin kötü bir parola seçmenizi önlemeye çalışacaktır, fakat bu çok güvenilir bir sistem değildir. Parolalarınızı, mantıklı bir şekilde oluşturun. Herhangi bir sözlükte (hangi dilde olursa olsun) bulunabilecek kelimeler kullanmayın. Çocuğunuzun, en sevdiğiniz film kahramanınızın, evcil hayvanlarınızın, ana-babanızın, mekanların ve ünlü kişilerin adlarını parola olarak seçmeyin. Telefon numarası, araç plakanız, doğum tarihiniz, SSK numaranız gibi başkaları tarafından ulaşılabilecek bilgileri, parola olarak kullanmayınız. Basit şablonlu parolalardan uzak durun. Bunun yerine, küçük ve büyük harflerin karışımından oluşan ve mümkünse içerisinde rakamlar bulunan parolalar seçin. Uzun parolalar kullanın. Noktalama işaretlerinin kullanıldığı kelime çiftleri oldukça iyi bir seçim olacaktır. Uzun ve akılda kalır bir cümlenin ilk harflerinden oluşmuş anlamsız bir kelime de oldukça iyi bir seçim sayılır.
+
+
+
+Sistem, sizi bu iki kurala uymak konusunda biraz zorlayacaktır ama buradaki en önemli etken "insan"dır. Sistemlerin daha güvenli hale gelmesini sağlayan en önemli etken uyanık kullanıcılardır.
+
+.SH ÇIKIŞ DURUMU
+
+Çıkış durumu olarak \fB0\fR, işlemin başarıyla tamamlandığını gösterir. Hata oluştuğu durumlarda \fB1\fR ile çıkar. Metin olarak çıktılanabilen hatalar standart hataya yazılır.
+
+.SH UYUMLULUK
+
+Linux-PAM (Linux için Eklenebilir Kimlik Kanıtlama modülleri).
+.br
+Şayet, elinizdeki Linux-PAM sürümü, Linux dosya sistemi standartları ile uyumlu ise, modülleri /usr/lib/security dizini (örnekte gösterilen) yerine /lib/security altında bulabilirsiniz.
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+\fB/etc/pam.d/passwd\fR - \fBLinux-PAM\fR yapılandırma dosyası
+
+.SH YAZILIM HATALARI
+
+Bilinen herhangi bir yazılım hatası yoktur.
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBpam_chauthok\fR(2),
+\fBpam\fR(8).
+
+\fBLinux-PAM\fR ile bu uygulamanın birlikte nasıl yapılandırıldığı hakkında daha ayrıntılı bilgiyi
+.br
+http://parc.power.net/morgan/Linux-PAM/index.html
+.br
+adresindeki, \fBLinux-PAM System Administrators´ Guide\fR içinde bulabilirsiniz.
+
+.SH YAZAN
+
+Cristian Gafton <gafton (at) redhat.com> tarafından yazılmıştır.
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Aralık 2003
+
diff --git a/man/tr/man1/su.1 b/man/tr/man1/su.1
new file mode 100644
index 0000000..332c142
--- /dev/null
+++ b/man/tr/man1/su.1
@@ -0,0 +1,84 @@
+
+.TH su 1 "Eylül 2001" "GNU sh-utils 2.0.11" "FSF"
+.nh
+.SH Ä°SÄ°M
+su -
+başka bir kullanıcı ve grup kimliği ile bir kabuk çalıştırır
+
+.SH KULLANIM
+
+
+\fBsu\fR [\fISEÇENEK\fR]... [-] [\fIKULLANICI\fR [\fIARGÜMANLAR\fR]...]
+
+
+
+.SH AÇIKLAMA
+
+Etkin kullanıcı ve grup kimliğini \fIKULLANICI\fR´nınkilerle ile değiştirir.
+
+
+
+.br
+.ns
+.TP
+\fB-\fR, \fB-l\fR, \fB--login\fR
+Kabuğu, giriş kabuğu haline dönüştürür.
+
+.TP
+\fB-c\fR, \fB--commmand\fR=\fIKOMUT \fR
+Kabuğa \fB-c\fR ile tek bir \fIKOMUT\fR aktarır.
+
+.TP
+\fB-f\fR, \fB--fast\fR
+Kabuğa \fB-f\fR aktarır (csh veya tcsh için).
+
+.TP
+\fB-m\fR, \fB--preserve-environment\fR
+Ortam değişkenlerini sıfırlamaz.
+
+.TP
+\fB-p\fR
+\fB-m\fR ile aynıdır.
+
+.TP
+\fB-s\fR, \fB--shell\fR=\fIKABUK \fR
+/etc/shells izin verdiği taktirde \fIKABUK\fR kabuğunu çalıştırır.
+
+.TP
+\fB--help\fR
+Bu yardım metnini görüntüler ve çıkar.
+
+.TP
+\fB--version\fR
+Sürüm bilgilerini görüntüler ve çıkar.
+
+.PP
+
+
+Tek başına \fB-\fR verilirse \fB-l\fR verilmiş gibi işlem yapılır. \fIKULLANICI\fR belirtilmezse, kullanıcı root kabul edilir.
+
+.SH YAZAN
+
+David MacKenzie tarafından yazılmıştır.
+.SH GERÄ°BÄ°LDÄ°RÄ°M
+
+Lütfen, böcekleri ve hataları <bug-sh-utils (at) gnu.org> adresine bildirin.
+.SH TELÄ°F HAKKI
+
+Telif hakkı © 2000 Free Software Foundation, Inc.
+.br
+Bu bir serbest yazılımdır; kopyalama koşulları için kaynak koduna bakınız. Hiçbir garantisi yoktur; hatta SATILABİLİRLİĞİ veya ŞAHSİ KULLANIMINIZA UYGUNLUĞU için bile garanti verilmez.
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBsu\fR komutu ile ilgili kapsamlı bir kılavuz Texinfo olarak mevcuttur. Şayet \fBinfo\fR ve \fBsu\fR yazılımları düzgün bir şekilde sisteminizde mevcutsa, aşağıdaki komut ile bu kılavuzu görüntüleyebilirsiniz.
+
+.IP
+
+\fBinfo su\fR
+.PP
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Kasım 2003
+
diff --git a/man/tr/man5/passwd.5 b/man/tr/man5/passwd.5
new file mode 100644
index 0000000..2c5348b
--- /dev/null
+++ b/man/tr/man5/passwd.5
@@ -0,0 +1,113 @@
+
+
+.\" Copyright (c) 1993 Michael Haardt (michael@moria.de), Fri Apr 2 11:32:09 MET DST 1993
+.\"
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.\" Modified Mon Jan 5 20:24:40 MET 1998 by Michael Haardt
+.\" (michael@cantor.informatik.rwth-aachen.de)
+
+.TH passwd 5 "5 Ocak 1998" "" "Dosya biçimleri"
+.nh
+.SH Ä°SÄ°M
+passwd -
+parola dosyası
+
+.SH AÇIKLAMA
+
+
+
+
+
+
+\fBpasswd\fR bir metin dosyasıdır. Sistem hesaplarının bir listesini tutar. Kullanıcı kimliği, grup kimliği, ev dizini, kabuk ve benzeri bilgileri ihtiva eder. Sıklıkla, her bir hesap için şifrelenmiş parolayı da içerir. Herkes tarafından okunma iznine sahiptir (pek çok uygulama bu dosyayı kullanır, mesela \fBls\fR(1), kullanıcı ismi ile kullanıcı kimlğini birbirine eşlemek için kullanır) ama sadece süper kullanıcının yazma izni vardır.
+
+Eski güzel günlerde, bu okuma izni ile ilgili büyük bir sorun yoktu. Herkes bu şifreli parolaları okuyabiliyordu ama iyi seçilmiş bir parolayı kırmak için yeterli donanım gücü yoktu ve kullanıcı grubu oldukça iyi niyetliydi. Günümüzde ise, pek çok kullanıcı gölgeli parola sistemini kullanmakta, /etc/passwd içinde parolanın yerinde bir `*´ görünmekte ve şifreli parola /etc/shadow içinde saklanmaktadır. Bu dosya sadece süper kullanıcı tarafından okunabilir.
+
+Gölgeli parolanın kullanılıp kullanılmadığına bakılmaksızın, pek çok sistem yöneticisi, şifrelenmiş parola alanında bir yıldız kullanır. Böylece bu kullanıcının bir parola kullanarak yetki almasını önler. (Yine de aşağıdaki \fBEK BİLGİ\fR bölümüne bakınız.
+
+Şayet yeni bir kullanıcı hesabı oluşturuyorsanız, ilk olarak parola alanına bir yıldız koyunuz, daha sonra \fBpasswd\fR(1)komutu ile parolayı belirleyin.
+
+Her satırda bir girdi yapılır ve her satır şu biçimdedir:
+.RS
+
+hesap:parola:UID:GID:GECOS:dizin:kabuk
+.RE
+
+Bu alanların açıklamaları şunlardır:
+
+
+.br
+.ns
+.TP
+\fIhesap\fR
+Kullanıcının sistemdeki adı. Büyük harf içermemelidir.
+
+.TP
+\fIparola\fR
+Şifreli kullanıcı parolası veya bir yıldız işareti.
+
+.TP
+\fIUID\fR
+Sayısal kullanıcı kimliği
+
+.TP
+\fIGID\fR
+Bu kullanıcının sayısal birincil grup kimliği
+
+.TP
+\fIGECOS\fR
+Bu alan seçime bağlıdır ve sadece bilgilendirme amacı
+ile kullanılır. Genellikle kullanıcının tam adı yazılır. GECOS´un anlamı General Electric Comprehensive Operating System´dir. General Electric´in büyük sistem bölümü Honeywell´e satıldığı zaman GCOS olarak yeniden adlandırılmıştır. Dennis Ritchie´nin bildirdiğine göre: "bazı zamanlar yazıcı çıktılarını veya toplu işleri GCOS makineye gönderiyoruz. Parola dosyasındaki gcos alanı $IDENTcard için bilgileri biriktirme alanı olarak kullanılır. Zariflik olsun diye oraya konmamıştır."
+
+.TP
+\fIdizin\fR
+Kullanıcının $HOME dizinidir.
+
+.TP
+\fIkabuk\fR
+Sisteme girişte kullanılacak kabuk (belirtilmemişse \fB/bin/sh\fR kullanılır). Şayet olmayan bir uygulama belirtilirse, kullanıcı \fBlogin\fR(1) ile sisteme bağlanamaz.
+
+.PP
+.SH EK BÄ°LGÄ°
+
+Şayet bir kullanıcı grubu oluşturmak istiyorsanız, Grup numaraları aynı olmak zorundadır ve /etc/group dosyasında bir girdisi olmalıdır. Aksi taktirde bir grup oluşturulmaz.
+
+Şayet şifreli parola bir yıldız ile betimlenmişse, kullanıcı \fBlogin\fR(1)'i kullanarak bağlanamaz ama hala \fBrlogin\fR(1)'i kullanarak bağlanabilir, varolan bir süreci çalıştırabilir, \fBrsh\fR(1), \fBcron\fR(1), \fBat\fR(1) veya posta süzgeçleri üzerinden yenilerini başlatabilir. Kabuk alanını değiştirerek bir hesabı kapatmaya çalışmak da aynı sonucu verir ve ek olarak \fBsu\fR(1) komutunun kullanımına izin verir.
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+/etc/passwd
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBlogin\fR(1),
+\fBpasswd\fR(1),
+\fBsu\fR(1),
+\fBgroup\fR(5),
+\fBshadow\fR(5).
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/tr/man5/shadow.5 b/man/tr/man5/shadow.5
new file mode 100644
index 0000000..8c56f05
--- /dev/null
+++ b/man/tr/man5/shadow.5
@@ -0,0 +1,96 @@
+
+
+.\" Copyright 1989 - 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH shadow 5 "" "" ""
+.nh
+.SH Ä°SÄ°M
+shadow -
+şifreli parola dosyası
+
+.SH AÇIKLAMA
+
+\fBshadow\fR kullanıcı hesaplarının şifreli parola bilgilerini ve isteğe bağlı parola dönemsellik bilgilerini içerir.
+
+
+.IP
+
+Kullanıcı adı
+
+Åžifreli parola
+
+1 Ocak 1970´den parolanın en son değiştiği güne kadar geçen gün sayısı
+
+Parolanın değişmesi gerekecek güne kadar olan sürenin gün sayısı
+
+Parolanın değişmesi gereken günden sonraki sürenin gün sayısı
+
+Parolanın zaman aşımından önce kullanıcının uyarılacağı gün sayısı
+
+Parolanın zaman aşımından hesabın kapatılacağı güne kadar geçecek sürenin gün sayısı
+
+1 ocak 1970´den hesabın kapatılacağı güne kadar geçen sürenin gün sayısı
+
+Bir yedek alan
+
+.PP
+Parola alanı mutlaka dolu olmalıdır. Şifreli parola alanı 64 karakterlik
+bir alfabeden (a´dan z´ye, A´dan Z´ye, 0´dan 9´a, "." Ve "/" den oluşan bir alfabe) seçilen 13 ila 24 karakterden oluşur. Bu dizgenin nasıl yorumlandığını görmek için \fBcrypt\fR(3)'e bakınız.
+
+Parolanın en son değiştiği günün tarihi, 1 Ocak 1970´den beri geçen gün sayısı olarak belirtilir. Geçerli gün sayısı geçmeden parolanın tekrar değiştirilmesi önlenebilir ve belirli bir gün sayısı geçtikten sonra parolanın değişmesi için kullanıcı zorlanabilir. Şayet gerekli en az gün sayısı en çok gün sayısından daha büyük ise, parola kullanıcı tarafından değiştirilemez.
+
+Şayet parola son kullanım tarihinden sonra belirtilen süre içinde değiştirilmez ise, kullanıcı hesabı kapatılır. Parola son kullanım tarihinden bağımsız olarak, bir kullanıcı hesabı belirtilen sürenin sonunda kapatılabilir.
+
+Bu bilgiler, /etc/passwd dosyasında da varsa, /etc/shadow dosyasındaki bilgiler geçerlidir.
+
+Parola güvenliği açısından bu dosya için normal kullanıcılara okuma izni kapalı olmalıdır.
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+/etc/passwd - kullanıcı hesap bilgileri
+.br
+/etc/shadow - şifreli kullanıcı parolaları
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchage\fR(1),
+\fBlogin\fR(1),
+\fBpasswd\fR(1),
+\fBsu\fR(1),
+\fBpasswd\fR(5),
+\fBpwconv\fR(8),
+\fBpwunconv\fR(8),
+\fBsulogin\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/tr/man8/groupadd.8 b/man/tr/man8/groupadd.8
new file mode 100644
index 0000000..1568ae2
--- /dev/null
+++ b/man/tr/man8/groupadd.8
@@ -0,0 +1,97 @@
+
+
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH groupadd 8 "" "" ""
+.nh
+.SH Ä°SÄ°M
+groupadd -
+yeni bir grup oluÅŸturur
+
+.SH KULLANIM
+
+.nf
+
+\fBgroupadd\fR [\fB-g \fR\fIgrup-kimliÄŸi\fR [\fB-o\fR]] [\fB-r\fR] [\fB-f\fR] \fIgrup\fR
+
+.fi
+
+
+.SH AÇIKLAMA
+
+\fBgroupadd\fR komutu, komut satırından tanımlanan bilgiler ve sistemdeki öntanımlı bilgiler eşliğinde yeni bir grup oluşturur. Yeni grup, gerekli sistem dosyalarına girilir. \fBgroupadd\fR komutuna uygulanacak seçenekler şunlardır:
+
+
+
+.br
+.ns
+.TP
+\fB-g \fR\fIgrup-kimliÄŸi\fR
+Grubu tanımlayan numara. \fB-o\fR seçeneği belirtilmediği sürece bu numara benzersiz olmalıdır. Negatif bir değer atanamaz. Öntanımlı olarak 500´den ve diğer bütün tanımlı grup numaralarından daha büyük olan en küçük sayı kullanılır. 0 ile 499 arasındaki değerler, geleneksel olarak, \fIsistem hesapları\fR için ayrılır.
+
+.TP
+\fB-r\fR
+Bu seçenek \fBgroupadd\fR komutuna bir \fIsistem hesabı\fR eklemesini söyler. \fB-g\fR seçeneği belirtilmediği sürece, 499´dan küçük olan olası bir grup numarası atanır. Bu seçenek Red Hat tarafından eklenmiştir.
+
+.TP
+\fB-f\fR
+Zorlama seçeneği. Bu seçenek, \fBgroupadd\fR komutunun eklemeye çalıştığı grup sistemde halihazırda var ise, bir hata vererek çıkmasını sağlar. Böyle bir durumda grup değişmeyecek veya tekrar eklenmeyecektir.
+
+Bu seçenek aynı zamanda, \fB-g\fR seçeneğinin çalışma şeklini düzenler. Benzersiz olmayan bir grup numarası istediğiniz ve \fB-o\fR seçeneğini vermediğiniz zaman, grup oluşturma işlemi, standart şekline (\fB-g\fR veya \fB-o\fR seçeneği tanımlanmadığı durumda bir grup ekler gibi) geri dönecektir. Bu seçenek Red Hat tarafından eklenmiştir.
+
+.PP
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+.nf
+
+\fB/etc/group\fR - grupların hesap bilgileri
+\fB/etc/gshadow\fR - güvenli grup bilgileri
+
+.fi
+
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/tr/man8/groupdel.8 b/man/tr/man8/groupdel.8
new file mode 100644
index 0000000..eda77ac
--- /dev/null
+++ b/man/tr/man8/groupdel.8
@@ -0,0 +1,77 @@
+
+
+.\" Copyright 1991 - 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH groupdel 8 "" "" ""
+.nh
+.SH Ä°SÄ°M
+groupdel -
+bir grubu siler
+
+.SH KULLANIM
+\fBgroupdel \fR\fIgrup\fR
+
+.SH AÇIKLAMA
+
+\fBgroupdel\fR komutu, sistem hesap dosyalarını düzenler ve \fIgrup\fR olarak belirtilen gruba ait bütün girdileri siler. Silinmek istenen grup, sistemde varolmalıdır.
+
+Silme işleminden sonra, silinen grup numarasına ait herhangi bir dosya kalmadığından emin olmak için bütün dosya sistemlerini kontrol etmelisiniz.
+
+.SH YETERSÄ°ZLÄ°KLER
+
+Varolan herhangi bir kullanıcının birincil grubunu silemeyebilirsiniz. Grubu silmeden önce bu kullanıcıyı sistemden kaldırmak zorundasınız.
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+.nf
+
+\fB/etc/group\fR - grupların hesap bilgileri
+\fB/etc/gshadow\fR - güvenli grup bilgileri
+
+.fi
+
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgroupadd\fR(8),
+\fBgroupmod\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/tr/man8/groupmod.8 b/man/tr/man8/groupmod.8
new file mode 100644
index 0000000..f55a05d
--- /dev/null
+++ b/man/tr/man8/groupmod.8
@@ -0,0 +1,91 @@
+
+
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH groupmod 8 "" "" ""
+.nh
+.SH Ä°SÄ°M
+groupmod -
+bir grubun niteliklerini düzenler
+
+.SH KULLANIM
+
+.nf
+
+\fBgroupmod\fR [\fB-g \fR\fIgrup-kimliÄŸi\fR [\fB-o\fR]] [\fB-n \fR\fIgrup-ismi\fR] \fIgrup\fR
+
+.fi
+
+
+.SH AÇIKLAMA
+
+\fBgroupmod\fR komutu, komut satırından tanımlanan bir gruba ait bilgilerdeki değişiklikleri, sistem hesap dosyaları üzerinde değiştirmek için kullanılır. Bu komuta verilebilecek seçenekler şunlardır:
+
+
+
+.br
+.ns
+.TP
+\fB-g \fR\fIgrup-kimliÄŸi\fR
+Grubu tanımlayan numara. \fB-o\fR seçeneği belirtilmediği sürece bu numara benzersiz olmalıdır. Negatif bir değer atanamaz. 0 ile 99 arasında değerler, geleneksel olarak, sistem grupları için ayrılmıştır. Dosya grup numarası, eski grup numarası olan bütün dosyaların dosya grup numaraları el ile değiştirilmelidir.
+
+.TP
+\fB-n \fR\fIgrup-ismi\fR
+\fIgrup\fR ile belirtilen grubun alacağı yeni grup adını tanımlar.
+
+.PP
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+.nf
+
+\fB/etc/group\fR - grupların hesap bilgileri
+\fB/etc/gshadow\fR - güvenli grup bilgileri
+
+.fi
+
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/tr/man8/useradd.8 b/man/tr/man8/useradd.8
new file mode 100644
index 0000000..379b2d3
--- /dev/null
+++ b/man/tr/man8/useradd.8
@@ -0,0 +1,195 @@
+
+
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH useradd 8 "" "" ""
+.nh
+.SH Ä°SÄ°M
+useradd -
+yeni bir kullanıcı oluşturur veya öntanımlı yeni kullanıcı bilgilerini günceller
+
+.SH KULLANIM
+
+.nf
+
+\fBuseradd\fR [\fB-c \fR\fIaçıklama\fR] [\fB-d \fR\fIevdizini\fR]
+ [\fB-e \fR\fIbitiş_tarihi\fR] [\fB-f \fR\fIaskı_süresi\fR]
+ [\fB-g \fR\fIbirincil_grup\fR] [\fB-G \fR\fIgrup\fR[,...]]
+ [\fB-m \fR[\fB-k \fR\fIiskelet_dizin\fR] | \fB-M\fR] [\fB-p \fR\fIparola\fR]
+ [\fB-s \fR\fIkabuk\fR] [\fB-u \fR\fIkull_kiml\fR [ \fB-o\fR]] [\fB-n\fR] [\fB-r\fR] \fIkullanıcı\fR
+
+.fi
+
+
+.nf
+
+\fBuseradd -D\fR [\fB-g \fR\fIöntanımlı_grup\fR] [\fB-b \fR\fIöntanımlı_ev\fR]
+ [\fB-f \fR\fIöntanımlı_askı_süresi\fR] [\fB-e \fR\fIöntanımlı_bitiş_tarihi\fR]
+ [\fB-s \fR\fIöntanımlı_kabuk\fR]
+
+.fi
+
+
+.SH AÇIKLAMA
+.SS Yeni Kullanıcıların Oluşturulması
+
+\fB-D\fR seçeneği belitilmeden çağrıldığında, \fBuseradd\fR komutu, komut satırında tanımlanan değerleri ve sistemdeki öntanımlı değerleri kullanarak yeni bir kullanıcı oluşturur. Komut satırında belirtilen seçeneklere bağlı olarak, gerekli sistem dosyalarına yeni kullanıcının bilgileri girilir; ev dizini oluşturulur; ilk dosyalar kopyalanır. Red Hat Linux´da kullanılan sürümünde, \fB-n\fR seçeneği belirtilmediği sürece, oluşturulan her kullanıcı için yeni bir grup oluşturulur. Kullanabileceğiniz seçenekler şunlardır:
+
+
+
+.br
+.ns
+.TP
+\fB-c \fR\fIaçıklama\fR
+Yeni kullanıcının parola dosyasındaki açıklama alanı.
+
+.TP
+\fB-d \fR\fIevdizini\fR
+Oluşturulan yeni kullanıcının sisteme girişte kullanacağı ev dizinini belirtir. Öntanımlı olarak, \fIkullanıcı\fR ismi \fIöntanımlı_ev\fR'e eklenecek ve sisteme giriş dizini ismi olarak kullanılacaktır.
+
+.TP
+\fB-e \fR\fIbitiÅŸ_tarihi\fR
+Kullanıcı hesabının son kullanma tarihini belirtir. Tarih YYYY-AA-GG (Y: yıl, A: ay, G: gün) şeklinde belirtilir.
+
+.TP
+\fB-f \fR\fIaskı_süresi\fR
+Kullanıcı parolasının son kullanma tarihinden itibaren, bu hesabın
+tamamen kapatılacağı tarihe kadar geçecek olan sürenin gün cinsinden değeri belirtilir. Bu değer 0 olarak belirtilirse, parolanın son kullanma tarihinde hesap kapatılır. -1 değeri verilirse, bu özellik iptal edilmiş olur. -1 değeri öntanımlı değerdir.
+
+.TP
+\fB-g \fR\fIbirincil_grup\fR
+Kullanıcının üyesi olacağı birincil grubun adı veya numarası belirtilir. Belirtilen grup, sistemde önceden tanımlanmış olmalıdır. Şayet grup numarası belirtilmiş ise, bu numara sistemde var olan bir gruba ait olmalıdır. Olmayan gruba ait bir isim veya numara kullanamazsınız. Öntanımlı değer 1 dir.
+
+.TP
+\fB-g \fR\fIgrup\fR[,...]
+Kullanıcının üyesi olacağı ilave gruplar belirtilir. Her grup, diğerinden virgül ile ayrılır, arada boşluk bırakılmaz. Burada tanımlanan gruplar, \fB-g\fR ile tanımlanan grubun kısıtlamalarına tabidirler. Öntanımlı olarak, kullanıcının sadece \fIbirincil_grup\fR üyesi olduğu kabul edilir.
+
+.TP
+\fB-m\fR
+Şayet sistemde kullanıcının ev dizini yok ise, yeni bir dizin oluşturulur. Eğer \fB-k\fR seçeneği belirtilmişse \fIiskelet_dizin\fR içindeki dosyalar ev dizinine kopyalanır. Aksi taktirde /etc/skel içindeki dosyalar kullanılır. \fIiskelet_dizin\fR veya /etc/skel içindeki bütün dizinler, ev dizininde de oluşturulur. \fB-k\fR seçeneği, sadece \fB-m\fR seçeneği ile birlikte kullanıldığında etkilidir. Öntanımlı olarak, dizin oluşturulmaz ve dosyalar kopyalanmaz.
+
+.TP
+\fB-M\fR
+/etc/login.defs içinde tanımlı bütün sistemi kapsayan ayarlarda ev dizininin yaratılması gerektiği belirtilmiş olsa bile, kullanıcı ev dizini oluşturulmaz.
+
+.TP
+\fB-n\fR
+Öntanımlı olarak, oluşturulan yeni kullanıcı ile aynı adlı yeni bir grup oluşturulur. Bu seçenek belirtilir ise, bu Red Hat Linux´a özel davranış kapatılmış olur.
+
+.TP
+\fB-r\fR
+Bu seçenek, yeni bir sistem hesabı açmak için kullanılır. Böylece, /etc/login.defs içinde belirtilen UID_MIN değerinden daha küçük kullanıcı kimlikli kullanıcı oluşturulabilir. /etc/login.defs içindeki öntanımlı değerler ne olursa olsun, \fBuseradd\fR komutu böyle bir kullanıcı için ev dizini oluşturmayacaktır. Oluşturulacak sistem hesabı için bir ev dizini istiyorsanız, \fB-m\fR seçeneğini kullanmak zorundasınız. Bu, Red Hat tarafından eklenmiş bir seçenektir.
+
+.TP
+\fB-p \fR\fIparola\fR
+\fBcrypt\fR(3) tarafından döndürülen şifrelenmiş paroladır. Öntanımlı olarak hesap kapalıdır.
+
+.TP
+\fB-s \fR\fIkabuk\fR
+Kullanıcının sisteme girişte kullanacağı kabuğun adıdır. Öntanımlı olarak bu değer boştur, böylece sistemin öntanımlı kabuğunun seçilmesi sağlanır.
+
+.TP
+\fB-u \fR\fIkull_kiml\fR
+Kullanıcı kimliğinin sayısal değeridir. Bu değer, \fB-o\fR seçeneği kullanılmadığı sürece, eşsiz olmalıdır. Değer mutlaka pozitif bir sayı olmalıdır. Öntanımlı olarak, diğer kullanıcıların numaralarından ve 99´dan büyük, en küçük numara kullanılır. 0 ile 99 arasındaki değerler sistem hesapları için ayrılmıştır.
+
+.PP
+.SS Öntanımlı Değerlerin Değiştirilmesi
+
+
+\fB-D\fR seçeneği ile birlikte kullanıldığı zaman, \fBuseradd\fR ya geçerli değerleri görüntüler, ya da öntanımlı değerleri, komut satırından belirtilenler ile günceller. Kullanabileceğiniz seçenekler şunlardır:
+
+
+.br
+.ns
+.TP
+\fB-b \fR\fIöntanımlı_ev\fR
+Yeni bir kullanıcının ev dizini için ilk dosyayolu önekini belirtir. \fIYeni bir hesap açarken \fB-d\fR seçeneği belirtilmemişse\fR, yeni kullanıcının adı \fIöntanımlı_ev\fR'in sonuna eklenir ve yeni dizin oluşturulur.
+
+.TP
+\fB-e \fR\fIöntanımlı_bitiş_tarihi\fR
+Kullanıcı hesabının kapatılacağı tarih.
+
+.TP
+\fB-f \fR\fIöntanımlı_askı_süresi\fR
+Kullanıcı parolasının son kullanma tarihinden itibaren, bu hesabın tamamen kapatılacağı tarihe kadar geçecek olan sürenin gün cinsinden değeri.
+
+.TP
+\fB-g \fR\fIöntanımlı_grup\fR
+Yeni bir kullanıcı için birincil grup adı veya grup kimliği. Belirtilen grup ismi sistemde mevcut olmalı ve sayısal grup kimliği için mevcut bir girdi bulunmalıdır.
+
+.TP
+\fB-s \fR\fIöntanımlı_kabuk\fR
+Yeni bir kullanıcının sisteme girişte kullanacağı kabuğun adı. Belirtilen kabuk gelecekte açılacak bütün yeni hesaplarda kullanılır.
+
+.PP
+
+Şayet herhangi bir seçenek belirtilmezse, \fBuseradd\fR geçerli öntanımlı değerleri görüntüleyecektir.
+
+.SH NOTLAR
+
+/etc/skel dizinindeki öntanımlı dosyaların yerleştirilmesi sistem yöneticilerinin sorumluluğundadır. \fBuseradd\fR komutunun bu sürümü, Red Hat tarafından, Red Hat kullanıcı/grup uyumluluğunu sağlayamak için düzenlenmiştir.
+
+.SH YETERSÄ°ZLÄ°KLER
+
+NIS grubuna kullanıcı ekleyemezsiniz. Bu NIS sunucusu üzerinde yapılmalıdır.
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+.nf
+
+\fB/etc/passwd\fR - kullanıcı hesabı bilgileri
+\fB/etc/shadow\fR - güvenli kullanıcı hesabı bilgileri
+\fB/etc/group\fR - grup bilgileri
+\fB/etc/gshadow\fR - güvenli grup bilgileri
+\fB/etc/default/useradd\fR - öntanımlı bilgiler
+\fB/etc/login.defs\fR - sistem genelinde geçerli kurallar
+\fB/etc/skel\fR - öntanımlı dosyaları içeren dizin
+
+.fi
+
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBcrypt\fR(3),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Aralık 2003
+
diff --git a/man/tr/man8/userdel.8 b/man/tr/man8/userdel.8
new file mode 100644
index 0000000..b6f5919
--- /dev/null
+++ b/man/tr/man8/userdel.8
@@ -0,0 +1,94 @@
+
+
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH userdel 8 "" "" ""
+.nh
+.SH Ä°SÄ°M
+userdel -
+Bir kullanıcı hesabını ve onunla ilgili dosyaları siler
+
+.SH KULLANIM
+
+.nf
+
+\fBuserdel\fR [ \fB-r\fR ] \fIkullanıcı\fR
+
+.fi
+
+
+.SH AÇIKLAMA
+
+\fBuserdel\fR, userdel komutu, \fIkullanıcı\fR ile belirtilen hesabı silerek, sistem hesap dosyalarını değiştirir. Silinmeye çalışan \fIkullanıcı\fR hesabı, sistemde var olan bir hesap olmalıdır. Var olmayan bir hesabı silemezsiniz.
+
+
+
+.br
+.ns
+.TP
+\fB-r\fR
+Kullanıcının ev dizinindeki dosyalar, ev dizininin kendisi ve
+kullanıcının posta havuzu silinir. Diğer dosya sistemlerinde bulunan dosyalar silinmez. Bu nedenle bu dosyaları bulmak ve onları silmek sistem yöneticisinin görevidir.
+
+.PP
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+.nf
+
+/etc/passwd - kullanıcı hesap bilgileri
+/etc/shadow - güvenli kullanıcı hesap bilgileri
+/etc/group - grup bilgileri
+
+.fi
+
+
+.SH YETERSÄ°ZLÄ°KLER
+
+Kullanıcı sisteme bağlı ise, \fBuserdel\fR komutu ile bu hesabı
+kaldıramazsınız. Silmeye çalıştığınız hesaba ait çalışan bütün süreçleri öldürmek zorundasınız. Bir NIS istemcisindeki NIS özniteliklerini kaldıramayabilirsiniz. Bu işlem, NIS sunucu üzerinde gerçekleştirilmelidir.
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBuseradd\fR(8),
+\fBusermod\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Aralık 2003
+
diff --git a/man/tr/man8/usermod.8 b/man/tr/man8/usermod.8
new file mode 100644
index 0000000..6980829
--- /dev/null
+++ b/man/tr/man8/usermod.8
@@ -0,0 +1,142 @@
+
+
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH usermod 8 "" "" ""
+.nh
+.SH Ä°SÄ°M
+usermod -
+bir kullanıcı hesabını düzenler
+
+.SH KULLANIM
+
+.nf
+
+\fBusermod\fR [\fB-c \fR\fIaçıklama\fR] [\fB-d \fR\fIevdizini \fR[\fB-m\fR]]
+ [\fB-e \fR\fIbitiş_tarihi\fR] [\fB-f \fR\fIaskı_süresi\fR]
+ [\fB-g \fR\fIbirincil_grup\fR] [\fB-G \fR\fIgrup\fR[,...]]
+ [\fB-l \fR\fIkullanıcı-adı\fR] [\fB-p \fR\fIparola\fR]
+ [\fB-s \fR\fIkabuk\fR] [\fB-u \fR\fIkull_kiml\fR [\fB-o\fR]] [\fB-L\fR|\fB-U\fR] \fIkullanıcı\fR
+
+.fi
+
+
+.SH AÇIKLAMA
+
+\fBusermod\fR komutu, sistem hesap dosyalarını düzenlemeye, üzerlerinde değişiklik yapmaya yarar. Bu komuta uygulanabilecek seçenekler şunlardır:
+
+
+
+.br
+.ns
+.TP
+\fB-c \fR\fIaçıklama\fR
+Kullanıcı parola dosyasındaki açıklama alanına girilecek yeni değeri belirtir. Normalde \fBchfn\fR(1) komutu ile düzenlenir.
+
+.TP
+\fB-d \fR\fIevdizini\fR
+Kullanıcının sisteme girişte kullanacağı ev dizinini belirtir. Şayet \fB-m\fR seçeneği belirtilmiş ise, kullanıcının hali hazırda kullanmakta olduğu ev dizininin içeriği yeni oluşturulan ev dizinine aktarılır.
+
+.TP
+\fB-e \fR\fIbitiÅŸ_tarihi\fR
+Kullanıcı hesabının son kullanma tarihini belirtir. Tarih YYYY-AA-GG (Y: yıl, A: ay, G: gün) şeklinde belirtilir.
+
+.TP
+\fB-f \fR\fIaskı_süresi\fR
+Kullanıcı parolasının son kullanma tarihinden itibaren, bu hesabın
+tamamen kapatılacağı tarihe kadar geçecek olan sürenin gün cinsinden değeri belirtilir. Bu değer 0 olarak belirtilirse, parolanın son kullanma tarihinde hesap kapatılır. -1 değeri verilirse, bu özellik iptal edilmiş olur. -1 değeri öntanımlı değerdir.
+
+.TP
+\fB-g \fR\fIbirincil_grup\fR
+Kullanıcının üyesi olacağı birincil grubun adı veya numarası belirtilir. Belirtilen grup, sistemde önceden tanımlanmış olmalıdır. Öntanımlı değer 1 dir.
+
+.TP
+\fB-g \fR\fIgrup\fR[,...]
+Kullanıcının üyesi olacağı ilave gruplar belirtilir. Her grup, diğerinden virgül ile ayrılır, arada boşluk bırakılmaz. Burada tanımlanan gruplar, \fB-g\fR ile tanımlanan grubun kısıtlamalarına tabidirler. Şayet kullanıcı listelenen gruplar haricinde bir grubun da üyesi ise, kullanıcı bu gruptan çıkarılır.
+
+.TP
+\fB-l \fR\fIkullanıcı-adı\fR
+Sisteme girişte kullanıcının kullanacağı yeni isim. Sadece isim değişir, başka hiçbir şey değişmez. Kullanıcının ev dizininin ismi, yeni kullanıcı ismi ile bağlantı yapılmasını sağlamak için \fIkullanıcı-adı\fR ile tanımlanan yeni isme dönüşür.
+
+.TP
+\fB-p \fR\fIparola\fR
+\fBcrypt\fR(3) tarafından döndürülen şifrelenmiş paroladır.
+
+.TP
+\fB-s \fR\fIkabuk\fR
+Kullanıcının sisteme girişte kullanacağı kabuğun adıdır. Bu alan boş bırakılırsa, sistemin öntanımlı kabuğunun seçilmesi sağlanır.
+
+.TP
+\fB-u \fR\fIkull_kiml\fR
+Kullanıcı kimliğinin sayısal değeridir. Bu değer, \fB-o\fR seçeneği kullanılmadığı sürece, eşsiz olmalıdır. Değer mutlaka pozitif bir sayı olmalıdır. 0 ile 99 arsındaki değerler sistem hesapları için ayrılmıştır. Bu değer değiştirildiği zaman; kullanıcının sahip olduğu bütün dosyaların ve kullanıcı ev dizinini kök dizin olarak kabul ederek, kullanıcı ev dizininin altındaki hiyeraşik yapı içindeki bütün dosyaların kullanıcı numarası otomatik olarak değişir. Kullanıcı ev dizininin dışındaki dosyaların kullanıcı iyelik numarası kullanıcı tarafından değiştirilmelidir.
+
+.TP
+\fB-L\fR
+Kullanıcı parolasını kilitler. Parolayı devre dışı bırakmak için, şifreli parolanın önüne '!' işareti koyar. Bu seçeneği \fB-p\fR veya \fB-U\fR seçenekleri ile birlikte kullanamazsınız.
+
+.TP
+\fB-U\fR
+Devre dışı bırakılmış bir kullanıcı parolasını tekrar açar. Yaptığı iş şifreli parolanın önündeki '!' işaretini kaldırmaktır. Bu seçeneği \fB-p\fR veya \fB-L\fR seçenekleri ile birlikte kullanamazsınız.
+
+.PP
+.SH YETERSÄ°ZLÄ°KLER
+
+\fBusermod\fR komutu ile, sisteme bağlı bir kullanıcının adını
+değiştiremezsiniz. Kullanıcının tanımlayıcı numarasını değiştirmeye kalktığınız zaman, kullanıcının herhangi bir süreç çalıştırmadığından emin olun. Herhangi bir \fBcrontab\fR dosyasının sahibini kendiniz değiştirmelisiniz. Çalışan herhangi bir işin sahibini de kendiniz değiştirmelisiniz. NIS sunuculardaki NIS ile alakalı bütün değişiklikleri kendiniz yapmalısınız
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+.nf
+
+\fB/etc/passwd\fR - kullanıcı hesabı bilgileri
+\fB/etc/shadow\fR - güvenli kullanıcı hesabı bilgileri
+\fB/etc/group\fR - grup bilgileri
+
+.fi
+
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBcrypt\fR(3),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/useradd.8.xml b/man/useradd.8.xml
new file mode 100644
index 0000000..8d56301
--- /dev/null
+++ b/man/useradd.8.xml
@@ -0,0 +1,849 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CREATE_HOME SYSTEM "login.defs.d/CREATE_HOME.xml">
+<!ENTITY GID_MAX SYSTEM "login.defs.d/GID_MAX.xml">
+<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
+<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
+<!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+<!ENTITY SUB_GID_COUNT SYSTEM "login.defs.d/SUB_GID_COUNT.xml">
+<!ENTITY SUB_UID_COUNT SYSTEM "login.defs.d/SUB_UID_COUNT.xml">
+<!ENTITY SYS_GID_MAX SYSTEM "login.defs.d/SYS_GID_MAX.xml">
+<!ENTITY SYS_UID_MAX SYSTEM "login.defs.d/SYS_UID_MAX.xml">
+<!ENTITY UID_MAX SYSTEM "login.defs.d/UID_MAX.xml">
+<!ENTITY UMASK SYSTEM "login.defs.d/UMASK.xml">
+<!ENTITY TCB_AUTH_GROUP SYSTEM "login.defs.d/TCB_AUTH_GROUP.xml">
+<!ENTITY TCB_SYMLINKS SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
+<!ENTITY USE_TCB SYSTEM "login.defs.d/USE_TCB.xml">
+<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='useradd.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>useradd</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>useradd</refname>
+ <refpurpose>create a new user or update default new user information</refpurpose>
+ </refnamediv>
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>useradd</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ <arg choice='plain'><replaceable>LOGIN</replaceable></arg>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <command>useradd</command>
+ <arg choice='plain'>-D </arg>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <command>useradd</command>
+ <arg choice='plain'>-D </arg>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ When invoked without the <option>-D</option> option, the
+ <command>useradd</command> command creates a new user account using
+ the values specified on the command line plus the default values from
+ the system. Depending on command line options, the
+ <command>useradd</command> command
+ will update system files and may also create the new user's home
+ directory and copy initial files.
+ </para>
+ <para>
+ By default, a group will also be created for the new user (see
+ <option>-g</option>, <option>-N</option>, <option>-U</option>, and
+ <option>USERGROUPS_ENAB</option>).
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>The options which apply to the <command>useradd</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The default base directory for the system if <option>-d</option>&nbsp;<replaceable>HOME_DIR</replaceable> is not specified.
+ <replaceable>BASE_DIR</replaceable> is
+ concatenated with the account name to define the home directory.
+ If the <option>-m</option> option is not used,
+ <replaceable>BASE_DIR</replaceable> must exist.
+ </para>
+ <para>
+ If this option is not specified, <command>useradd</command>
+ will use the base directory specified by the
+ <option>HOME</option> variable in
+ <filename>/etc/default/useradd</filename>, or
+ <filename>/home</filename> by default.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Any text string. It is generally a short description of the
+ login, and is currently used as the field for the user's full
+ name.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The new user will be created using
+ <replaceable>HOME_DIR</replaceable> as the value for the user's
+ login directory. The default is to append the
+ <replaceable>LOGIN</replaceable> name to
+ <replaceable>BASE_DIR</replaceable> and use that as the login
+ directory name. The directory <replaceable>HOME_DIR</replaceable>
+ does not have to exist but will not be created if it is missing.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-D</option>, <option>--defaults</option>
+ </term>
+ <listitem>
+ <para>
+ See below, the subsection "Changing the default values".
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-e</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The date on which the user account will be disabled. The date is
+ specified in the format <emphasis remap='I'>YYYY-MM-DD</emphasis>.
+ </para>
+ <para>
+ If not specified, <command>useradd</command> will use the
+ default expiry date specified by the <option>EXPIRE</option>
+ variable in <filename>/etc/default/useradd</filename>, or
+ an empty string (no expiry) by default.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The number of days after a password expires until the account is
+ permanently disabled. A value of 0 disables the account as soon
+ as the password has expired, and a value of -1 disables the
+ feature.
+ </para>
+ <para>
+ If not specified, <command>useradd</command> will use the
+ default inactivity period specified by the
+ <option>INACTIVE</option> variable in
+ <filename>/etc/default/useradd</filename>, or -1 by default.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The group name or number of the user's initial login group. The
+ group name must exist. A group number must refer to an already
+ existing group.
+ </para>
+ <para>
+ If not specified, the behavior of <command>useradd</command>
+ will depend on the <option>USERGROUPS_ENAB</option> variable
+ in <filename>/etc/login.defs</filename>. If this variable is
+ set to <replaceable>yes</replaceable> (or
+ <option>-U/--user-group</option> is specified on the command
+ line), a group will be created for the user, with the same
+ name as her loginname. If the variable is set to
+ <replaceable>no</replaceable> (or
+ <option>-N/--no-user-group</option> is specified on the
+ command line), useradd will set the primary group of the new
+ user to the value specified by the <option>GROUP</option>
+ variable in <filename>/etc/default/useradd</filename>, or
+ 100 by default.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</replaceable>[<emphasis remap='I'>,GROUP2,...</emphasis>[<emphasis remap='I'>,GROUPN</emphasis>]]]
+ </term>
+ <listitem>
+ <para>
+ A list of supplementary groups which the user is also a member
+ of. Each group is separated from the next by a comma, with no
+ intervening whitespace. The groups are subject to the same
+ restrictions as the group given with the <option>-g</option>
+ option. The default is for the user to belong only to the
+ initial group.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The skeleton directory, which contains files and directories
+ to be copied in the user's home directory, when the home
+ directory is created by <command>useradd</command>.
+ </para>
+ <para>
+ This option is only valid if the <option>-m</option> (or
+ <option>--create-home</option>) option is specified.
+ </para>
+ <para>
+ If this option is not set, the skeleton directory is defined
+ by the <option>SKEL</option> variable in
+ <filename>/etc/default/useradd</filename> or, by default,
+ <filename>/etc/skel</filename>.
+ </para>
+ <para>
+ If possible, the ACLs and extended attributes are copied.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</replaceable>=<replaceable>VALUE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Overrides <filename>/etc/login.defs</filename> defaults
+ (<option>UID_MIN</option>, <option>UID_MAX</option>,
+ <option>UMASK</option>, <option>PASS_MAX_DAYS</option>
+ and others).
+ <para>
+ </para>
+ Example: <option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable>
+ can be used when creating system account to turn off password
+ aging, even though system account has no password at all.
+ Multiple <option>-K</option> options can be specified, e.g.:
+ <option>-K</option>&nbsp;<replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;
+ <option>-K</option>&nbsp;<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>
+ </para>
+ <!--para>
+ Note: <option>-K</option>&nbsp;<replaceable>UID_MIN</replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>
+ doesn't work yet.
+ </para-->
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-l</option>, <option>--no-log-init</option></term>
+ <listitem>
+ <para>
+ Do not add the user to the lastlog and faillog databases.
+ </para>
+ <para>
+ By default, the user's entries in the lastlog and faillog
+ databases are reset to avoid reusing the entry from a previously
+ deleted user.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-m</option>, <option>--create-home</option>
+ </term>
+ <listitem>
+ <para>
+ Create the user's home directory if it does not exist.
+ The files and directories contained in the skeleton directory
+ (which can be defined with the <option>-k</option> option)
+ will be copied to the home directory.
+ </para>
+ <para>
+ By default, if this option is not specified and
+ <option>CREATE_HOME</option> is not enabled, no home
+ directories are created.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-M</option>, <option>--no-create-home</option>
+ </term>
+ <listitem>
+ <para>
+ Do no create the user's home directory, even if the system
+ wide setting from <filename>/etc/login.defs</filename>
+ (<option>CREATE_HOME</option>) is set to
+ <replaceable>yes</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-N</option>, <option>--no-user-group</option>
+ </term>
+ <listitem>
+ <para>
+ Do not create a group with the same name as the user, but
+ add the user to the group specified by the <option>-g</option>
+ option or by the <option>GROUP</option> variable in
+ <filename>/etc/default/useradd</filename>.
+ </para>
+ <para>
+ The default behavior (if the <option>-g</option>,
+ <option>-N</option>, and <option>-U</option> options are not
+ specified) is defined by the <option>USERGROUPS_ENAB</option>
+ variable in <filename>/etc/login.defs</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-o</option>, <option>--non-unique</option>
+ </term>
+ <listitem>
+ <para>Allow the creation of a user account with a duplicate (non-unique) UID.</para>
+ <para>
+ This option is only valid in combination with the
+ <option>-u</option> option.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The encrypted password, as returned by <citerefentry>
+ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>. The default is to disable the password.
+ </para>
+ <para>
+ <emphasis role="bold">Note:</emphasis> This option is not
+ recommended because the password (or encrypted password) will
+ be visible by users listing the processes.
+ </para>
+ <para>
+ You should make sure the password respects the system's
+ password policy.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-r</option>, <option>--system</option>
+ </term>
+ <listitem>
+ <para>
+ Create a system account.
+ </para>
+ <para>
+ System users will be created with no aging information in
+ <filename>/etc/shadow</filename>, and their numeric
+ identifiers are chosen in the
+ <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>
+ range, defined in <filename>/etc/login.defs</filename>, instead of
+ <option>UID_MIN</option>-<option>UID_MAX</option> (and their
+ <option>GID</option> counterparts for the creation of groups).
+ </para>
+ <para>
+ Note that <command>useradd</command> will not create a home
+ directory for such a user, regardless of the default setting
+ in <filename>/etc/login.defs</filename>
+ (<option>CREATE_HOME</option>). You have to specify the
+ <option>-m</option> options if you want a home directory for a
+ system account to be created.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The name of the user's login shell. The default is to leave this
+ field blank, which causes the system to select the default login
+ shell specified by the <option>SHELL</option> variable in
+ <filename>/etc/default/useradd</filename>, or an empty string
+ by default.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The numerical value of the user's ID. This value must be unique,
+ unless the <option>-o</option> option is used. The value must be
+ non-negative. The default is to use the smallest ID value
+ greater than or equal to <option>UID_MIN</option> and greater
+ than every other user.
+ </para>
+ <para>
+ See also the <option>-r</option> option and the
+ <option>UID_MAX</option> description.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-U</option>, <option>--user-group</option>
+ </term>
+ <listitem>
+ <para>
+ Create a group with the same name as the user, and
+ add the user to this group.
+ </para>
+ <para>
+ The default behavior (if the <option>-g</option>,
+ <option>-N</option>, and <option>-U</option> options are not
+ specified) is defined by the <option>USERGROUPS_ENAB</option>
+ variable in <filename>/etc/login.defs</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-Z</option>, <option>--selinux-user</option>&nbsp;<replaceable>SEUSER</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The SELinux user for the user's login. The default is to leave this
+ field blank, which causes the system to select the default SELinux
+ user.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <refsect2 id='changing_the_default_values'>
+ <title>Changing the default values</title>
+ <para>
+ When invoked with only the <option>-D</option> option,
+ <command>useradd</command> will display the current default values.
+ When invoked with <option>-D</option> plus other options,
+ <command>useradd</command> will update the default values for the
+ specified options. Valid default-changing options are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The path prefix for a new user's home directory. The
+ user's name will be affixed to the end of
+ <replaceable>BASE_DIR</replaceable> to form the new user's
+ home directory name, if the <option>-d</option> option is not used
+ when creating a new account.
+ </para>
+ <para>
+ This option sets the <option>HOME</option> variable in
+ <filename>/etc/default/useradd</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-e</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>
+ </term>
+ <listitem>
+ <para>The date on which the user account is disabled.</para>
+ <para>
+ This option sets the <option>EXPIRE</option> variable in
+ <filename>/etc/default/useradd</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The number of days after a password has expired before the
+ account will be disabled.
+ </para>
+ <para>
+ This option sets the <option>INACTIVE</option> variable in
+ <filename>/etc/default/useradd</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The group name or ID for a new user's initial group (when
+ the <option>-N/--no-user-group</option> is used or when the
+ <option>USERGROUPS_ENAB</option> variable is set to
+ <replaceable>no</replaceable> in
+ <filename>/etc/login.defs</filename>). The named
+ group must exist, and a numerical group ID must have an
+ existing entry.
+ </para>
+ <para>
+ This option sets the <option>GROUP</option> variable in
+ <filename>/etc/default/useradd</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The name of a new user's login shell.
+ </para>
+ <para>
+ This option sets the <option>SHELL</option> variable in
+ <filename>/etc/default/useradd</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ </refsect2>
+ </refsect1>
+
+ <refsect1 id='notes'>
+ <title>NOTES</title>
+ <para>The system administrator is responsible for placing the default
+ user files in the <filename>/etc/skel/</filename> directory (or any
+ other skeleton directory specified in
+ <filename>/etc/default/useradd</filename> or on the command line).
+ </para>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ You may not add a user to a NIS or LDAP group. This must be
+ performed on the corresponding server.
+ </para>
+
+ <para>
+ Similarly, if the username already exists in an external user
+ database such as NIS or LDAP, <command>useradd</command> will deny
+ the user account creation request.
+ </para>
+
+ <para>
+ Usernames must start with a lower case letter or an underscore,
+ followed by lower case letters, digits, underscores, or dashes.
+ They can end with a dollar sign.
+ In regular expression terms: [a-z_][a-z0-9_-]*[$]?
+ </para>
+ <para>
+ Usernames may only be up to 32 characters long.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &CREATE_HOME;
+ &GID_MAX; <!-- documents also GID_MIN -->
+ &MAIL_DIR;
+ &MAX_MEMBERS_PER_GROUP;
+ &PASS_MAX_DAYS;
+ &PASS_MIN_DAYS;
+ &PASS_WARN_AGE;
+ &SUB_GID_COUNT; <!-- documents also SUB_GID_MAX and SUB_GID_MIN -->
+ &SUB_UID_COUNT; <!-- documents also SUB_UID_MAX and SUB_UID_MIN -->
+ &SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
+ &SYS_UID_MAX; <!-- documents also SYS_UID_MIN -->
+ &TCB_AUTH_GROUP;
+ &TCB_SYMLINKS;
+ &UID_MAX; <!-- documents also UID_MIN -->
+ &UMASK;
+ &USE_TCB;
+ &USERGROUPS_ENAB;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/default/useradd</filename></term>
+ <listitem>
+ <para>Default values for account creation.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/skel/</filename></term>
+ <listitem>
+ <para>Directory containing default files.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term><filename>/etc/subgid</filename></term>
+ <listitem>
+ <para>Per user subordinate group IDs.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term><filename>/etc/subuid</filename></term>
+ <listitem>
+ <para>Per user subordinate user IDs.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='exit_values'>
+ <title>EXIT VALUES</title>
+ <para>
+ The <command>useradd</command> command exits with the following values:
+ <variablelist>
+ <varlistentry>
+ <term><replaceable>0</replaceable></term>
+ <listitem>
+ <para>success</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>1</replaceable></term>
+ <listitem>
+ <para>can't update password file</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>2</replaceable></term>
+ <listitem>
+ <para>invalid command syntax</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>3</replaceable></term>
+ <listitem>
+ <para>invalid argument to option</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>4</replaceable></term>
+ <listitem>
+ <para>UID already in use (and no <option>-o</option>)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>6</replaceable></term>
+ <listitem>
+ <para>specified group doesn't exist</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>9</replaceable></term>
+ <listitem>
+ <para>username already in use</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>10</replaceable></term>
+ <listitem>
+ <para>can't update group file</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>12</replaceable></term>
+ <listitem>
+ <para>can't create home directory</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>14</replaceable></term>
+ <listitem>
+ <para>can't update SELinux user mapping</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <phrase condition="subids">
+ <citerefentry>
+ <refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ </phrase>
+ <citerefentry>
+ <refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/userdel.8.xml b/man/userdel.8.xml
new file mode 100644
index 0000000..3f95a8d
--- /dev/null
+++ b/man/userdel.8.xml
@@ -0,0 +1,349 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY TCB_SYMLINKS SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
+<!ENTITY USE_TCB SYSTEM "login.defs.d/USE_TCB.xml">
+<!ENTITY USERDEL_CMD SYSTEM "login.defs.d/USERDEL_CMD.xml">
+<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='userdel.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>userdel</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>userdel</refname>
+ <refpurpose>delete a user account and related files</refpurpose>
+ </refnamediv>
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>userdel</command>
+ <arg choice='opt'>options</arg>
+ <arg choice='plain'>
+ <replaceable>LOGIN</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>userdel</command> command modifies the system account
+ files, deleting all entries that refer to the user name <emphasis
+ remap='I'>LOGIN</emphasis>. The named user must exist.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>userdel</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-f</option>, <option>--force</option>
+ </term>
+ <listitem>
+ <para>
+ This option forces the removal of the user account, even if the
+ user is still
+ logged in. It also forces <command>userdel</command> to remove
+ the user's home directory and mail spool, even if another
+ user uses the same home directory or if the mail spool is not
+ owned by the specified user. If
+ <option>USERGROUPS_ENAB</option> is defined to <emphasis
+ remap='I'>yes</emphasis> in <filename>/etc/login.defs</filename>
+ and if a group exists with the same name as the deleted user,
+ then this group will be removed, even if it is still the primary
+ group of another user.
+ </para>
+ <para>
+ <emphasis>Note:</emphasis> This option is dangerous and may leave
+ your system in an inconsistent state.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-r</option>, <option>--remove</option>
+ </term>
+ <listitem>
+ <para>
+ Files in the user's home directory will be removed along with
+ the home directory itself and the user's mail spool. Files
+ located in other file systems will have to be searched for and
+ deleted manually.
+ </para>
+ <para>
+ The mail spool is defined by the <option>MAIL_DIR</option>
+ variable in the <filename>login.defs</filename> file.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-Z</option>, <option>--selinux-user</option>
+ </term>
+ <listitem>
+ <para>
+ Remove any SELinux user mapping for the user's login.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &MAIL_DIR; <!-- documents also MAIL_FILE -->
+ &MAX_MEMBERS_PER_GROUP;
+ &TCB_SYMLINKS;
+ &USE_TCB;
+ &USERDEL_CMD;
+ &USERGROUPS_ENAB;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term><filename>/etc/subgid</filename></term>
+ <listitem>
+ <para>Per user subordinate group IDs.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term><filename>/etc/subuid</filename></term>
+ <listitem>
+ <para>Per user subordinate user IDs.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='exit_values'>
+ <title>EXIT VALUES</title>
+ <para>
+ The <command>userdel</command> command exits with the following values:
+ <variablelist>
+ <varlistentry>
+ <term><replaceable>0</replaceable></term>
+ <listitem>
+ <para>success</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>1</replaceable></term>
+ <listitem>
+ <para>can't update password file</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>2</replaceable></term>
+ <listitem>
+ <para>invalid command syntax</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>6</replaceable></term>
+ <listitem>
+ <para>specified user doesn't exist</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>8</replaceable></term>
+ <listitem>
+ <para>user currently logged in</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>10</replaceable></term>
+ <listitem>
+ <para>can't update group file</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>12</replaceable></term>
+ <listitem>
+ <para>can't remove home directory</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ <command>userdel</command> will not allow you to remove an account if
+ there are running processes which belong to this account. In that
+ case, you may have to kill those processes or lock the user's
+ password or account and remove the account later. The
+ <option>-f</option> option can force the deletion of this account.
+ </para>
+ <para>
+ You should manually check all file systems to ensure that no files
+ remain owned by this user.
+ </para>
+ <para>You may not remove any NIS attributes on a NIS client. This must
+ be performed on the NIS server.
+ </para>
+ <para>If <option>USERGROUPS_ENAB</option> is defined to <emphasis
+ remap='I'>yes</emphasis> in <filename>/etc/login.defs</filename>,
+ <command>userdel</command> will delete the group with the same name
+ as the user. To avoid inconsistencies in the passwd and group
+ databases, <command>userdel</command> will check that this group is
+ not used as a primary group for another user, and will just warn
+ without deleting the group otherwise. The <option>-f</option> option
+ can force the deletion of this group.
+ </para>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para><citerefentry>
+ <refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <phrase condition="subids">
+ <citerefentry>
+ <refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ </phrase>
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/usermod.8.xml b/man/usermod.8.xml
new file mode 100644
index 0000000..6cd469c
--- /dev/null
+++ b/man/usermod.8.xml
@@ -0,0 +1,606 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY SUB_GID_COUNT SYSTEM "login.defs.d/SUB_GID_COUNT.xml">
+<!ENTITY SUB_UID_COUNT SYSTEM "login.defs.d/SUB_UID_COUNT.xml">
+<!ENTITY TCB_SYMLINKS SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
+<!ENTITY USE_TCB SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='usermod.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Julianne Frances</firstname>
+ <surname>Haugh</surname>
+ <contrib>Creation, 1991</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>usermod</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>usermod</refname>
+ <refpurpose>modify a user account</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>usermod</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ <arg choice='plain'><replaceable>LOGIN</replaceable></arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>usermod</command> command modifies the system account
+ files to reflect the changes that are specified on the command line.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>usermod</command> command
+ are:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>-a</option>, <option>--append</option>
+ </term>
+ <listitem>
+ <para>
+ Add the user to the supplementary group(s). Use only with the
+ <option>-G</option> option.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The new value of the user's password file comment field. It is
+ normally modified using the <citerefentry>
+ <refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> utility.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The user's new login directory.
+ </para>
+ <para>
+ If the <option>-m</option>
+ option is given, the contents of the current home directory will
+ be moved to the new home directory, which is created if it does
+ not already exist.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-e</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The date on which the user account will be disabled. The date is
+ specified in the format <emphasis remap='I'>YYYY-MM-DD</emphasis>.
+ </para>
+ <para>
+ An empty <replaceable>EXPIRE_DATE</replaceable> argument will
+ disable the expiration of the account.
+ </para>
+ <para>
+ This option requires a <filename>/etc/shadow</filename> file.
+ A <filename>/etc/shadow</filename> entry will be created if
+ there were none.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The number of days after a password expires until the account is
+ permanently disabled.
+ </para>
+ <para>
+ A value of 0 disables the account as soon
+ as the password has expired, and a value of -1 disables the
+ feature.
+ </para>
+ <para>
+ This option requires a <filename>/etc/shadow</filename> file.
+ A <filename>/etc/shadow</filename> entry will be created if
+ there were none.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The group name or number of the user's new initial login group.
+ The group must exist.
+ </para>
+ <para>
+ Any file from the user's home directory owned by the previous
+ primary group of the user will be owned by this new group.
+ </para>
+ <para>
+ The group ownership of files outside of the user's home directory
+ must be fixed manually.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</replaceable>[<emphasis remap='I'>,GROUP2,...</emphasis>[<emphasis remap='I'>,GROUPN</emphasis>]]]
+ </term>
+ <listitem>
+ <para>
+ A list of supplementary groups which the user is also a member
+ of. Each group is separated from the next by a comma, with no
+ intervening whitespace. The groups are subject to the same
+ restrictions as the group given with the <option>-g</option>
+ option.
+ </para>
+ <para>
+ If the user is currently a member of a group which is
+ not listed, the user will be removed from the group. This
+ behaviour can be changed via the <option>-a</option> option, which
+ appends the user to the current supplementary group list.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The name of the user will be changed from
+ <replaceable>LOGIN</replaceable> to
+ <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In
+ particular, the user's home directory or mail spool should
+ probably be renamed manually to reflect the new login name.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-L</option>, <option>--lock</option>
+ </term>
+ <listitem>
+ <para>
+ Lock a user's password. This puts a '!' in front of the
+ encrypted password, effectively disabling the password. You
+ can't use this option with <option>-p</option> or
+ <option>-U</option>.
+ </para>
+ <para>
+ Note: if you wish to lock the account (not only access with a
+ password), you should also set the
+ <replaceable>EXPIRE_DATE</replaceable> to
+ <replaceable>1</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-m</option>, <option>--move-home</option>
+ </term>
+ <listitem>
+ <para>
+ Move the content of the user's home directory to the new
+ location.
+ </para>
+ <para>
+ This option is only valid in combination with the
+ <option>-d</option> (or <option>--home</option>) option.
+ </para>
+ <para>
+ <command>usermod</command> will try to adapt the ownership of the
+ files and to copy the modes, ACL and extended attributes, but
+ manual changes might be needed afterwards.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-o</option>, <option>--non-unique</option>
+ </term>
+ <listitem>
+ <para>
+ When used with the <option>-u</option> option, this option
+ allows to change the user ID to a non-unique value.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The encrypted password, as returned by <citerefentry>
+ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>.
+ </para>
+ <para>
+ <emphasis role="bold">Note:</emphasis> This option is not
+ recommended because the password (or encrypted password) will
+ be visible by users listing the processes.
+ </para>
+ <para condition="pam">
+ The password will be written in the local
+ <filename>/etc/passwd</filename> or
+ <filename>/etc/shadow</filename> file. This might differ from the
+ password database configured in your PAM configuration.
+ </para>
+ <para>
+ You should make sure the password respects the system's
+ password policy.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The name of the user's new login shell. Setting this field to
+ blank causes the system to select the default login shell.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The new numerical value of the user's ID.
+ </para>
+ <para>
+ This value must be unique,
+ unless the <option>-o</option> option is used. The value must be
+ non-negative.
+ </para>
+ <para>
+ The user's mailbox, and any files which the user owns and which are
+ located in the user's home
+ directory will have the file user ID changed automatically.
+ </para>
+ <para>
+ The ownership of files outside of the user's home directory
+ must be fixed manually.
+ </para>
+ <para>
+ No checks will be performed with regard to the
+ <option>UID_MIN</option>, <option>UID_MAX</option>,
+ <option>SYS_UID_MIN</option>, or <option>SYS_UID_MAX</option>
+ from <filename>/etc/login.defs</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-U</option>, <option>--unlock</option>
+ </term>
+ <listitem>
+ <para>
+ Unlock a user's password. This removes the '!' in front of the
+ encrypted password. You can't use this option with
+ <option>-p</option> or <option>-L</option>.
+ </para>
+ <para>
+ Note: if you wish to unlock the account (not only access with a
+ password), you should also set the
+ <replaceable>EXPIRE_DATE</replaceable> (for example to
+ <replaceable>99999</replaceable>, or to the
+ <option>EXPIRE</option> value from
+ <filename>/etc/default/useradd</filename>).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term>
+ <option>-v</option>, <option>--add-subuids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Add a range of subordinate uids to the user's account.
+ </para>
+ <para>
+ This option may be specified multiple times to add multiple ranges to a users account.
+ </para>
+ <para>
+ No checks will be performed with regard to
+ <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</option>, or
+ <option>SUB_UID_COUNT</option> from /etc/login.defs.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term>
+ <option>-V</option>, <option>--del-subuids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Remove a range of subordinate uids from the user's account.
+ </para>
+ <para>
+ This option may be specified multiple times to remove multiple ranges to a users account.
+ When both <option>--del-subuids</option> and <option>--add-subuids</option> are specified,
+ the removal of all subordinate uid ranges happens before any subordinate uid range is added.
+ </para>
+ <para>
+ No checks will be performed with regard to
+ <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</option>, or
+ <option>SUB_UID_COUNT</option> from /etc/login.defs.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term>
+ <option>-w</option>, <option>--add-subgids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Add a range of subordinate gids to the user's account.
+ </para>
+ <para>
+ This option may be specified multiple times to add multiple ranges to a users account.
+ </para>
+ <para>
+ No checks will be performed with regard to
+ <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</option>, or
+ <option>SUB_GID_COUNT</option> from /etc/login.defs.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term>
+ <option>-W</option>, <option>--del-subgids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Remove a range of subordinate gids from the user's account.
+ </para>
+ <para>
+ This option may be specified multiple times to remove multiple ranges to a users account.
+ When both <option>--del-subgids</option> and <option>--add-subgids</option> are specified,
+ the removal of all subordinate gid ranges happens before any subordinate gid range is added.
+ </para>
+ <para>
+ No checks will be performed with regard to
+ <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</option>, or
+ <option>SUB_GID_COUNT</option> from /etc/login.defs.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-Z</option>, <option>--selinux-user</option>&nbsp;<replaceable>SEUSER</replaceable>
+ </term>
+ <listitem>
+ <para>
+ The new SELinux user for the user's login.
+ </para>
+ <para>
+ A blank <replaceable>SEUSER</replaceable> will remove the
+ SELinux user mapping for user <replaceable>LOGIN</replaceable>
+ (if any).
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ You must make certain that the named user is
+ not executing any processes when this command is being executed if the
+ user's numerical user ID, the user's name, or the user's home
+ directory is being changed. <command>usermod</command> checks this
+ on Linux. On other platforms it only uses utmp to check if the user is logged in.
+ </para>
+ <para>
+ You must change the owner of any <command>crontab</command> files or
+ <command>at</command> jobs manually.
+ </para>
+ <para>
+ You must make any changes involving NIS on the NIS server.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &MAIL_DIR; <!-- documents also MAIL_FILE -->
+ &MAX_MEMBERS_PER_GROUP;
+ &SUB_GID_COUNT; <!-- documents also SUB_GID_MAX and SUB_GID_MIN -->
+ &SUB_UID_COUNT; <!-- documents also SUB_UID_MAX and SUB_UID_MIN -->
+ &TCB_SYMLINKS;
+ &USE_TCB;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/login.defs</filename></term>
+ <listitem>
+ <para>Shadow password suite configuration.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term><filename>/etc/subgid</filename></term>
+ <listitem>
+ <para>Per user subordinate group IDs.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="subids">
+ <term><filename>/etc/subuid</filename></term>
+ <listitem>
+ <para>Per user subordinate user IDs.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <phrase condition="subids">
+ <citerefentry>
+ <refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ </phrase>
+ <citerefentry>
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/vipw.8.xml b/man/vipw.8.xml
new file mode 100644
index 0000000..810ef59
--- /dev/null
+++ b/man/vipw.8.xml
@@ -0,0 +1,250 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1997 , Marek Michałkiewicz
+ Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY USE_TCB SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='vipw.8'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Marek</firstname>
+ <surname>Michałkiewicz</surname>
+ <contrib>Creation, 1997</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>KÅ‚oczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>vipw</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>vipw</refname>
+ <refname>vigr</refname>
+ <refpurpose>
+ edit the password, group, shadow-password or shadow-group file
+ </refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>vipw</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <command>vigr</command>
+ <arg choice='opt'>
+ <replaceable>options</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>vipw</command> and <command>vigr</command> commands edits
+ the files <filename>/etc/passwd</filename> and
+ <filename>/etc/group</filename>, respectively. With the
+ <option>-s</option> flag, they will edit the shadow versions of those
+ files, <filename>/etc/shadow</filename> and
+ <filename>/etc/gshadow</filename>, respectively. The programs will set
+ the appropriate locks to prevent file corruption. When looking for an
+ editor, the programs will first try the environment variable
+ <envar>$VISUAL</envar>, then the environment variable
+ <envar>$EDITOR</envar>, and finally the default editor,
+ <citerefentry><refentrytitle>vi</refentrytitle>
+ <manvolnum>1</manvolnum></citerefentry>.
+ </para>
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para>
+ The options which apply to the <command>vipw</command> and
+ <command>vigr</command> commands are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-g</option>, <option>--group</option></term>
+ <listitem>
+ <para>Edit group database.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-p</option>, <option>--passwd</option></term>
+ <listitem>
+ <para>Edit passwd database.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-q</option>, <option>--quiet</option></term>
+ <listitem>
+ <para>Quiet mode.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>-s</option>, <option>--shadow</option></term>
+ <listitem>
+ <para>Edit shadow or gshadow database.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="tcb">
+ <term><option>-u</option>, <option>--user</option></term>
+ <listitem>
+ <para>Indicates which user's tcb shadow file to edit.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='configuration' condition="tcb">
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &USE_TCB;
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='environment'>
+ <title>ENVIRONMENT</title>
+ <variablelist>
+ <varlistentry>
+ <term><option>VISUAL</option></term>
+ <listitem>
+ <para>Editor to be used.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>EDITOR</option></term>
+ <listitem>
+ <para>Editor to be used if <option>VISUAL</option> is not set.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/passwd</filename></term>
+ <listitem>
+ <para>User account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><filename>/etc/shadow</filename></term>
+ <listitem>
+ <para>Secure user account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>
+ <citerefentry condition="tcb">
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry condition="tcb">
+ <refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>.
+ </para>
+ </refsect1>
+</refentry>
diff --git a/man/zh_CN/Makefile.am b/man/zh_CN/Makefile.am
new file mode 100644
index 0000000..e9d8f2c
--- /dev/null
+++ b/man/zh_CN/Makefile.am
@@ -0,0 +1,66 @@
+
+mandir = @mandir@/zh_CN
+
+man_MANS = \
+ man1/chage.1 \
+ man1/chfn.1 \
+ man8/chgpasswd.8 \
+ man8/chpasswd.8 \
+ man1/chsh.1 \
+ man1/expiry.1 \
+ man5/faillog.5 \
+ man8/faillog.8 \
+ man3/getspnam.3 \
+ man1/gpasswd.1 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmems.8 \
+ man8/groupmod.8 \
+ man1/groups.1 \
+ man8/grpck.8 \
+ man8/grpconv.8 \
+ man8/grpunconv.8 \
+ man5/gshadow.5 \
+ man8/lastlog.8 \
+ man1/login.1 \
+ man5/login.defs.5 \
+ man8/logoutd.8 \
+ man1/newgrp.1 \
+ man8/newusers.8 \
+ man8/nologin.8 \
+ man1/passwd.1 \
+ man5/passwd.5 \
+ man8/pwck.8 \
+ man8/pwconv.8 \
+ man8/pwunconv.8 \
+ man1/sg.1 \
+ man3/shadow.3 \
+ man5/shadow.5 \
+ man1/su.1 \
+ man5/suauth.5 \
+ man8/useradd.8 \
+ man8/userdel.8 \
+ man8/usermod.8 \
+ man8/vigr.8 \
+ man8/vipw.8
+
+man_nopam = \
+ man5/limits.5 \
+ man5/login.access.5 \
+ man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+ $(man_MANS) \
+ man1/id.1 \
+ man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/zh_TW/Makefile.am b/man/zh_TW/Makefile.am
new file mode 100644
index 0000000..c36ed2c
--- /dev/null
+++ b/man/zh_TW/Makefile.am
@@ -0,0 +1,18 @@
+# man pages encoded in Big5
+mandir = @mandir@/zh_TW
+
+man_MANS = \
+ man1/chfn.1 \
+ man1/chsh.1 \
+ man8/chpasswd.8 \
+ man1/newgrp.1 \
+ man8/groupadd.8 \
+ man8/groupdel.8 \
+ man8/groupmod.8 \
+ man5/passwd.5 \
+ man1/su.1 \
+ man8/useradd.8 \
+ man8/userdel.8 \
+ man8/usermod.8
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/zh_TW/man1/chfn.1 b/man/zh_TW/man1/chfn.1
new file mode 100644
index 0000000..b84668f
--- /dev/null
+++ b/man/zh_TW/man1/chfn.1
@@ -0,0 +1,58 @@
+.\" $Id$
+.\" (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\" this program is free software. you can redistribute it and
+.\" modify it under the terms of the gnu general public license.
+.\" there is no warranty.
+.TH CHFN 1 "October 13 1994" "chfn" "Linux Reference Manual"
+.SH å稱
+chfn \- 改 變 ä½  çš„ finger 訊 æ¯
+.SH 語法
+.B chfn
+[\ \-f\ full\-name\ ] [\ \-o\ office\ ] [\ \-p\ office\-phone\ ]
+[\ \-h\ home\-phone\ ] [\ \-u\ ] [\ \-v\ ] [\ username\ ]
+.SH æè¿°
+.B chfn
+是 用 來 改 變 ä½  çš„ finger 訊 æ¯ ã€‚ 訊 æ¯ æ˜¯ å­˜ 放 在
+.I /etc/passwd 檔 å…§ 。 å¯ è—‰ ç”±
+.B finger
+來 顯 示 ä½  çš„ 訊 æ¯ ã€‚ Linux
+.B finger
+命 令 會 顯 示 å›› 段 訊 æ¯ ï¼Œ 這 些 訊 æ¯ å‡ å¯ è—‰ ç”±
+.B chfn
+改 變
+: 真 實 姓 å , å·¥ 作 地 點 é›» 話 , åŠ ä½  家 çš„ é›» 話 。
+.SS 命令列
+æ¯ ä¸€ 段 訊 æ¯ å‡ å¯ åœ¨ 命 令 列 上 指 定 。 如 æ²’ 有 給 定 訊 æ¯ ï¼Œ
+.B chfn
+進 å…¥ 交 談 模 å¼
+.SS INTERACTIVE MODE
+交談模å¼
+.B chfn
+會 在 æ¯ ä¸€ 欄 å‰ æ 示 。 在 æ 示 ç‹€ æ…‹ 下 , ä½  å°± å¯ è¼¸ å…¥ æ–° çš„ 訊 æ¯ æˆ–
+是 按 return 而 ä¸ æ”¹ 變 。
+輸 入 "none" 則 表 示 該 欄 空 白 。
+.SH é¸é …
+.TP
+.I "\-f, \-\-full\-name"
+真 實 姓 å
+.TP
+.I "\-h, \-\-home\-phone"
+家 裡 的 電 話
+.TP
+.I "\-o, \-\-office"
+辦 工 室 號 碼
+.TP
+.I "\-p, \-\-office\-phone"
+辦 公 室 電 話
+.TP
+.I "\-u, \-\-help"
+秀 出 使 用 說 明 短 訊 。
+.TP
+.I "\-v, \-\-version"
+秀 出 版 本 訊 æ¯ ã€‚
+.SH "相關文件"
+.BR finger (1),
+.BR passwd (5)
+.SH 作者
+Salvatore Valente <svalente@mit.edu>
diff --git a/man/zh_TW/man1/chsh.1 b/man/zh_TW/man1/chsh.1
new file mode 100644
index 0000000..2a934c0
--- /dev/null
+++ b/man/zh_TW/man1/chsh.1
@@ -0,0 +1,45 @@
+.\" $Id$
+.\" (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\" this program is free software. you can redistribute it and
+.\" modify it under the terms of the gnu general public license.
+.\" there is no warranty.
+.TH CHSH 1 "October 13 1994" "chsh" "Linux Reference Manual"
+.SH å稱
+chsh \- æ›´æ›ä½ ç™»å…¥æ™‚所用的shell
+.SH 語法
+.B chsh
+[\ \-s\ shell\ ] [\ \-l\ ] [\ \-u\ ] [\ \-v\ ] [\ username\ ]
+.SH æè¿°
+.B chsh
+用來更æ›ä½ ç™»å…¥æ™‚所用的shell
+。在命令列沒指定shell。
+.B chsh
+會æ示一個給你。
+.SS 有效的shell
+.B chsh
+å¯ç”¨æŒ‡å®šè·¯å¾‘å…¨åçš„æ–¹å¼ä¾†æŒ‡å®šä»»ä½•ä¸€å€‹å¯åŸ·è¡Œçš„檔案。
+然而,如果此 shell並沒紀錄在
+.I /etc/shells
+檔上,則chsh會æ出警告訊æ¯ã€‚
+.SH é¸é …
+.TP
+.I "\-l, \-\-list\-shells"
+列出紀錄在
+.I /etc/shells
+的shell。
+.TP
+.I "\-s, \-\-shell"
+變更你的登入shell.
+.TP
+.I "\-u, \-\-help"
+使用短訊。
+.TP
+.I "\-v, \-\-version"
+版本資訊
+.SH "相關文件"
+.BR login (1),
+.BR passwd (5),
+.BR shells (5)
+.SH 作者
+Salvatore Valente <svalente@mit.edu>
diff --git a/man/zh_TW/man1/newgrp.1 b/man/zh_TW/man1/newgrp.1
new file mode 100644
index 0000000..3fb79f6
--- /dev/null
+++ b/man/zh_TW/man1/newgrp.1
@@ -0,0 +1,38 @@
+.\" Original author unknown. This man page is in the public domain.
+.\" Modified Sat Oct 9 17:46:48 1993 by faith@cs.unc.edu
+.TH NEWGRP 1 "9 October 1993" "Linux 1.2" "Linux Programmer's Manual"
+
+.SH NAME
+newgrp \- 登入到新的使用者組中
+
+.SH "總覽 (SYNOPSIS)"
+.BI "newgrp [ " group " ]"
+
+.SH "æè¿° (DESCRIPTION)"
+.B Newgrp
+改變 調用者 的 使用者組標識, 類似於
+.BR login (1).
+調用者 ä»èˆŠ 登入 在 系統 中, 當å‰ç›®éŒ„ 也ä¸è®Š, 但是 檔案的訪å•æ¬Šé™ å°‡ 根據
+新的 使用者組 ID 計算.
+.LP
+如果 沒有 指定 使用者組, GID å°‡ è®Šæˆ ç™»å…¥ çš„ GID.
+.LP
+
+.SH "檔案 (FILES)"
+.I /etc/group
+.br
+.I /etc/passwd
+
+.SH "å¦è¦‹ (SEE ALSO)"
+.BR login "(1), " group (5)
+
+.SH "作者 (AUTHOR)"
+Originally by Michael Haardt. Currently maintained by
+Peter Orbaek (poe@daimi.aau.dk).
+
+.SH "[中文版維護人]"
+.B å¾æ˜Ž <xuming@users.sourceforge.net>
+.SH "[中文版最新更新]"
+.BR 2003/05/13
+.SH "《中國Linux論壇man手冊é ç¿»è­¯è¨ˆåŠƒã€‹"
+.BI http://cmpp.linuxforum.net
diff --git a/man/zh_TW/man1/su.1 b/man/zh_TW/man1/su.1
new file mode 100644
index 0000000..964d3d2
--- /dev/null
+++ b/man/zh_TW/man1/su.1
@@ -0,0 +1,62 @@
+.TH SU "1" "1999年8月" "GNU sh-utils 2.0" FSF
+.SH NAME(å稱)
+su \- é‹è¡Œæ›¿æ›ä½¿ç”¨è€…和組標識的shell
+.SH SYNOPSIS(總覽)
+.B su
+[\fIOPTION\fR]... [\fI-\fR] [\fIUSER \fR[\fIARG\fR]...]
+.SH DESCRIPTION(æè¿°)
+.PP
+.PP
+修改有效使用者標識和組標識為USER的.
+.TP
+-, \fB\-l\fR, \fB\-\-login\fR
+使得shell為å¯ç™»å…¥çš„shell
+.TP
+\fB\-c\fR, \fB\-\-commmand\fR=\fICOMMAND\fR
+傳éžå–®å€‹COMMAND給\fB\-c\fRçš„shell.
+.TP
+\fB\-f\fR, \fB\-\-fast\fR
+傳éž\fB\-f\fR給shell(é‡å°csh或tcsh)
+.TP
+\fB\-m\fR, \fB\-\-preserve\-environment\fR
+ä¸é‡ç½®ç’°å¢ƒè®Šé‡
+.TP
+\fB\-p\fR
+與\fB\-m\fRåŒ
+.TP
+\fB\-s\fR, \fB\-\-shell\fR=\fISHELL\fR
+如果/etc/shellså…許\,é‹è¡ŒSHELL.
+.TP
+\fB\-\-help\fR
+顯示幫助並退出
+.TP
+\fB\-\-version\fR
+輸出版本信æ¯ä¸¦é€€å‡º
+.PP
+單一的-æ„味著\fB\-l\fR.如果沒有給定USER,則å‡å®šç‚ºroot.
+.SH (報告BUGS)
+報告bugs,請發郵件到bug-sh-utils@gnu.org.
+.SH (å¦è¦‹)
+以Texinfo手冊形å¼ç¶­è­·çš„
+.B su
+完全文件.如果你正確地安è£äº†
+.B info
+和
+.B echo
+命令
+.IP
+.B info su
+.PP
+應該å¯ä»¥ä½¿ä½ è¨ªå•åˆ°æ•´å€‹æ‰‹å†Š.
+.SH COPYRIGHT(版權)
+版權所有 \(co 1999 Free Software Foundation, Inc.
+.br
+這是自由軟體;åƒçœ‹è¤‡è£½æ¢ä»¶çš„æºæª”案.ä¸ä½œä»»ä½•æ“”ä¿,æ›´ä¸ç”¨èªªå•†å“性或者基於特殊目的的é©
+用性.
+
+.SH "[中文版維護人]"
+.B riser <boomer@ccidnet.com>
+.SH "[中文版最新更新]"
+.BR 2001/08/08
+.SH "《中國linux論壇man手冊é ç¿»è­¯è¨ˆåŠƒã€‹:"
+.BI http://cmpp.linuxforum.net
diff --git a/man/zh_TW/man5/passwd.5 b/man/zh_TW/man5/passwd.5
new file mode 100644
index 0000000..57b5ea3
--- /dev/null
+++ b/man/zh_TW/man5/passwd.5
@@ -0,0 +1,132 @@
+.\" Copyright (c) 1993 Michael Haardt (michael@moria.de), Fri Apr 2 11:32:09 MET DST 1993
+.\" Chinese Version Copyright Scorpio, www.linuxforum.net, 2000
+.\"
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.\" Modified Mon Jan 5 20:24:40 MET 1998 by Michael Haardt
+.\" (michael@cantor.informatik.rwth-aachen.de)
+.TH PASSWD 5 "January 5, 1998" "" "File formats"
+.SH NAME å稱
+passwd \- 密碼檔案
+.SH æè¿°
+.B Passwd
+是個純文字檔, 它包å«äº†ä¸€å€‹ç³»çµ±å¸³æˆ¶åˆ—表,
+給出æ¯å€‹å¸³æˆ¶ä¸€äº›æœ‰ç”¨çš„ä¿¡æ¯ï¼Œæ¯”如使用者 ID,組 ID, 家目錄, shell,ç­‰.
+通常它也包å«äº†æ¯å€‹ä½¿ç”¨è€…經éŽåŠ å¯†çš„密碼.
+它通常應該是å¯è®€çš„(許\多命令,工具程å¼ï¼Œåƒ
+.BR ls (1)
+用它åšä½¿ç”¨è€… Id 到使用者å稱的映射),但是åªå…許\超級使用者有寫方å¼æ¬Šé™.
+.PP
+在éŽåŽ»ç¾Žå¥½çš„æ—¥å­è£ï¼Œé€™ç¨®ä¸€èˆ¬çš„讀許\å¯æ²’有什麼大å•é¡Œ.
+æ¯å€‹äººéƒ½èƒ½è®€åˆ°åŠ å¯†äº†çš„密碼,因為硬體太慢以至於ä¸èƒ½è§£é–‹ä¸€å€‹
+ç²¾é¸çš„密碼,å¦å¤–,這基本å‡å®šæ˜¯ç‚ºå‹å¥½çš„使用團體使用的.
+ç¾åœ¨ï¼Œè¨±\多人é‹è¡Œä¸€äº›ç‰ˆæœ¬çš„å½±å­å¯†ç¢¼å¥—件,它們在
+.I /etc/passwd
+的密碼域è£æ˜¯ *,而ä¸å†æ˜¯åŠ å¯†çš„å£ä»¤ï¼Œ
+加密的å£ä»¤æ”¾åœ¨
+.I /etc/shadow
+中,那個檔案åªæœ‰è¶…級使用者能讀.
+.PP
+ä¸ç®¡æ˜¯å¦ä½¿ç”¨äº†å½±å­å¯†ç¢¼ï¼Œè¨±\多系統管ç†å“¡ä½¿ç”¨ä¸€å€‹æ˜Ÿè™Ÿåœ¨åŠ å¯†çš„密碼字段
+以確ä¿ä½¿ç”¨è€…ä¸èƒ½é‘’別他(她)自己的密碼. (見下é¢çš„注æ„)
+.PP
+如果你建立了一個新的登入,首先放個星號在密碼字段,
+然後使用
+.BR passwd (1)
+設置它.
+.PP
+(密碼檔案)è£æ¯è¡Œä¸€æ¢è¨˜éŒ„,並且æ¯è¡Œæœ‰é€™æ¨£çš„æ ¼å¼ï¼š
+.sp
+.RS
+account:password:UID:GID:GECOS:directory:shell
+(帳號:密碼:使用者ID:組ID:一般的信æ¯:目錄:shell)
+.RE
+.sp
+字段æ述如下:
+.sp
+.RS
+.TP 1.0in
+.I account
+使用者在系統中的å字,它ä¸èƒ½åŒ…å«å¤§å¯«å­—æ¯.
+.TP
+.I password
+加密的使用者密碼,或者星號。
+.TP
+.I UID
+使用者 ID 數。
+.TP
+.I GID
+使用者的主è¦çµ„ ID 數。
+.TP
+.I GECOS
+這字段是å¯é¸çš„,通常為了存放信æ¯ç›®çš„而設的.
+通常,它包å«äº†ä½¿ç”¨è€…çš„å…¨å. GECOS æ„æ€æ˜¯é€šç”¨é›»æ°£ç¶œåˆä½œæ¥­ç³»çµ±ï¼ˆGeneral Electric
+Comprehensive Operating System), 當 GE 的大型系統部分割售賣給 Honeywell
+時它被改為 GCOS. Dennis Ritchie 作éŽå ±å‘Šï¼š"有時我們發é€å°åˆ·å“或批é“作業到
+GCOS機器時,gcos 字段打斷了 $IDENT å¡çš„ä¿¡æ¯ï¼Œä¸å¤ªç¾Žè§€ã€‚"(譯者:我想是太長å§ï¼‰
+.TP
+.I directory
+使用者的 $HOME 目錄.
+.TP
+.I shell
+登入時é‹è¡Œçš„程å¼ï¼ˆå¦‚果空的,使用
+.BR /bin/sh ).
+如果設為ä¸å­˜åœ¨çš„執行(程å¼ï¼‰ï¼Œä½¿ç”¨è€…ä¸èƒ½é€šéŽ
+.BR login (1)
+登入.
+.RE
+.SH 注æ„
+如果你想建立使用者組,他們的 GID 必須相等並且一定是在
+\fI/etc/group\fP的一æ¢è¨˜éŒ„, è¦ä¸ç„¶çµ„å°±ä¸å­˜åœ¨ï¼Ž
+.PP
+如果加密密碼設æˆæ˜Ÿè™Ÿï¼Œä½¿ç”¨è€…å°‡ä¸èƒ½ç”¨
+.BR login (1)
+來登入, 但ä¾ç„¶å¯ä»¥ç”¨
+.BR rlogin (1)
+登入, 通éŽ
+.BR rsh (1)
+或者
+.BR cron (1)
+或者
+.BR at (1)
+或者 mail éŽæ¿¾å™¨ç­‰ç¨‹å¼é‹è¡Œå·²æœ‰çš„進程和開始新的等.
+試圖通éŽç°¡å–®æ”¹è®Š shell 字段鎖ä½ä¸€å€‹ä½¿ç”¨è€…çµæžœæ˜¯ä¸€æ¨£çš„,
+而且還附上了使用
+.B su(1)
+的權é™ï¼Ž
+.SH 相關檔案
+.I /etc/passwd
+.SH "åˆè¦‹"
+.BR passwd (1),
+.BR login (1),
+.BR su (1),
+.BR group (5),
+.BR shadow (5)
+.br
+.SH "[中文版維護人]"
+.B Scorpio <rawk@chinese.com>
+.SH "[中文版最新更新]"
+.B 2000/11/26
+.SH "《中國linux論壇man手冊é ç¿»è­¯è¨ˆåŠƒã€‹:"
+.BI http://cmpp.linuxforum.net
diff --git a/man/zh_TW/man8/chpasswd.8 b/man/zh_TW/man8/chpasswd.8
new file mode 100644
index 0000000..068cf95
--- /dev/null
+++ b/man/zh_TW/man8/chpasswd.8
@@ -0,0 +1,69 @@
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"; 中文版版權所有 soloman, Laser www.linuxforum.net 2000
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.TH CHPASSWD 8
+.SH NAME
+chpasswd \- æˆæ‰¹æ›´æ–°ä½¿ç”¨è€…çš„å£ä»¤
+.SH 總覽
+chpasswd [\-e]
+.SH æè¿°
+.B chpasswd
+從系統的標準輸入讀入使用者的å稱和å£ä»¤ï¼Œ
+並利用這些信æ¯ä¾†æ›´æ–°ç³»çµ±ä¸Šå·²å­˜åœ¨çš„使用者的å£ä»¤ã€‚
+在沒有用 \-e 這個開關é¸é …的情æ³ä¸‹ï¼Œå£ä»¤å°‡æŒ‰æ˜Žæ–‡çš„å½¢å¼æŽ¥æ”¶ã€‚
+如果使用了 \-e é¸é …,å£ä»¤å°‡åªèƒ½ä»¥åŠ å¯†çš„æ–¹å¼å‚³éžã€‚
+æ¯è¡Œçš„具體格å¼å¦‚下所示:
+.sp 1
+ \fI使用者å\fR:\fIæ–°å£ä»¤\fR
+.sp 1
+使用者å必須是系統上已存在的使用者。
+輸入的密碼在必è¦æ™‚進行加密處ç†ï¼Œ
+如果å£ä»¤æª”案具有時間特性,則åŒæ™‚更新。
+.PP
+此命令é©ç”¨æ–¼å¤§åž‹çš„系統,在此類系統中,
+使用者一般都是一次åŒæ™‚生æˆçš„,而用 adduser å’Œ
+passwd å£ä»¤ä¾†å°å…¶ä¸€ä¸€é€²è¡Œè¨­ç½®ä¸€èˆ¬èªªå¾€å¾€æ¯”較慢。
+.SH 注æ„事項
+.\" The \fBmkpasswd\fR command must be executed afterwards to update the
+.\" DBM password files.
+.\" This command may be discarded in favor of the newusers(8) command.
+因為å¯ä»¥ä½¿ç”¨æª”案é‡å®šå‘進行輸入,
+å³ï¼šchpasswd &lt; user&amp;passwd-filename,
+如果輸入檔案是按éžåŠ å¯†æ–¹å¼å‚³éžçš„話,請å°è©²æª”案進行é©ç•¶çš„加密。
+.SH åˆè¦‹
+passwd(1),useradd(8),newuser(8)
+.SH 作者
+Julianne Frances Haugh (jfh@bga.com)
+
+.SH "[中文版維護人]"
+.B 所羅門 <solomen@email.com.cn>
+.SH "[中文版最新更新]"
+2000/11/26
+.SH "[中國 Linux 論壇 man 手冊é ç¿»è­¯è¨ˆåŠƒ]"
+.BI http://cmpp.linuxforum.net
+
diff --git a/man/zh_TW/man8/groupadd.8 b/man/zh_TW/man8/groupadd.8
new file mode 100644
index 0000000..b88cb0a
--- /dev/null
+++ b/man/zh_TW/man8/groupadd.8
@@ -0,0 +1,88 @@
+.\" $Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH GROUPADD 8
+.SH å稱
+groupadd \- 建 立 新 群 組
+.SH 語法
+\fBgroupadd\fR [\fB\-g\fR \fIgid\fR [\fB\-o\fR]] [\fB\-f\fR] \fIgroup\fR
+.SH æè¿°
+\fBgroupadd\fR
+å¯ æŒ‡ 定 群 組 å 稱 來 建 ç«‹ æ–° çš„ 群 組 帳 號 。
+需 è¦ æ™‚ å¯ å¾ž ç³» çµ± 中 å– å¾— æ–° 群 組 值 。
+\fBgroupadd\fR 有 下 列 é¸ é … å¯ ç”¨ 。
+.IP \fB\-f\fR
+This is \fIforce\fR flag.
+新 增 一 個 已 經 存 在 的 群 組 帳 號 , 系 統 會 出
+ç¾ éŒ¯ 誤 訊 æ¯ ç„¶ 後 çµ æŸ \fBgroupadd\fR 。
+ 如 æžœ 是 這 樣 çš„ 情 æ³ ï¼Œ ä¸ æœƒ æ–° 增 這 個 群 組
+( 如 æžœ 是 這 個 情 æ³ ä¸‹ , ç³» çµ± ä¸ æœƒ å† æ–° 增 一 次 )
+.br
+也 å¯ åŒ æ™‚ 加 上 \fB\-g\fR é¸ é …
+當 你 加 上 一 個 \fIgid\fR , 此 時 \fIgid\fR
+å°± ä¸ ç”¨ 是 唯 一 值 , å¯ ä¸ åŠ  \fB\-o\fR åƒ æ•¸ ,
+建 好 群 組 後 會 顯 çµ æžœ
+(adding a group as neither \fB\-g\fR or \fB\-o\fR options were
+specified).
+
+.IP "\fB\-g \fIgid\fR"
+group's ID 值 。
+除 éž ä½¿ 用 \fB\-o\fR åƒ æ•¸ ä¸ ç„¶ 該 值 å¿… é ˆ 是 唯 一 , ä¸ å¯ ç›¸ åŒ ã€‚
+數 值 ä¸ å¯ ç‚º è²  。
+é  è¨­ 為 最 å° ä¸ å¾— å° æ–¼ 500 而 é€ æ¬¡ 增 加 。 0~999 傳 çµ± 上
+是 ä¿ ç•™ 給 \fI系統帳號\fR 使 用 。
+.IP \fB\-r\fR
+æ­¤ åƒ æ•¸ 是 用 來 建 ç«‹ \fI系統帳號\fR 。
+的 UID 會 比 定 義 在 系 統 檔 上 /etc/login.defs.
+çš„ UID_MIN 來 çš„ å° ã€‚ 注 æ„ useradd æ­¤ 用 法 所 建
+ç«‹ çš„ 帳 號 ä¸ æœƒ 建 ç«‹ 使 用 者 ç›® 錄 , 也 ä¸ æœƒ
+在 乎 紀 錄 在 /etc/login.defs. 的 定 義 值 。 如
+æžœ ä½  想 è¦ æœ‰ 使 用 者 ç›® 錄 é ˆ é¡ å¤– 指 定 \-m åƒ
+數 來 建 ç«‹ ç³» çµ± 帳 號 。 這 是 RED HAT é¡ å¤– 增
+設 çš„ é¸ é … 。
+它 會 自 å‹• 幫 ä½  é¸ å®š 一 個 å° æ–¼ 999 çš„ \fIgif\fR
+ä¸ éœ€ è¦ å† åŠ  上 \fB\-g\fR åƒ æ•¸ 。
+.br
+這 是 RED HAT é¡ å¤– 增 設 çš„ é¸ é … 。
+
+.br
+這 是 RED HAT é¡ å¤– 增 設 çš„ é¸ é … 。
+.SH 檔案
+\fI/etc/group\fR \- 群 組 資 訊
+.br
+\fI/etc/gshadow\fR \- 群 組 資 訊 加 密
+.SH 相關文件
+.BR chfn (1),
+.BR chsh (1),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8),
+.BR passwd (1),
+.BR groupdel (8),
+.BR groupmod (8)
+.SH 作者
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/zh_TW/man8/groupdel.8 b/man/zh_TW/man8/groupdel.8
new file mode 100644
index 0000000..ad79a2d
--- /dev/null
+++ b/man/zh_TW/man8/groupdel.8
@@ -0,0 +1,55 @@
+.\" $Id$
+.\" Copyright 1991 - 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH GROUPDEL 8
+.SH å稱
+groupdel \- 刪除群組
+.SH 語法
+.B groupdel
+.I group
+.SH æè¿°
+\fBgroupdel\fR 命令會修改系統帳號檔,會刪除所有已經存在的\fIgroup\fR.
+群組å須存在。
+.PP
+你須手動確èªä¸€ä¸‹æ‰€æœ‰çš„檔案系統確ä¿æœ‰æ²’有檔案還是沒修正群組å變æˆç¾¤çµ„ID。
+.SH 警告
+如果有任何一個群組的使用者在線上的話就ä¸èƒ½ç§»é™¤è©²ç¾¤çµ„。
+最好先移除使用者後å†ç§»é™¤ç¾¤çµ„。
+.SH 檔案
+\fI/etc/group\fR \- 群組資訊
+\fI/etc/gshadow\fR \- 群組資訊加密
+.SH 相關文件
+.BR chfn (1),
+.BR chsh (1),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupmod (8)
+.SH 作者
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/zh_TW/man8/groupmod.8 b/man/zh_TW/man8/groupmod.8
new file mode 100644
index 0000000..2c1dae7
--- /dev/null
+++ b/man/zh_TW/man8/groupmod.8
@@ -0,0 +1,63 @@
+.\" $Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH GROUPMOD 8
+.SH å稱
+groupmod \- 修 改 群 組
+.SH 語法
+\fBgroupmod\fR [\fB\-g\fR \fIgid \fR[\fB\-o\fR]] [\fB\-n\fR \fIgroup_name \fR] \fIgroup\fR
+.SH æè¿°
+
+\fBgroupmod\fR 命 令 會 åƒ ç…§ ä½  命 令 列 上 指 定 çš„ 部 份
+ä¿® 改 ç³» çµ± 帳 號 檔 。 下 列 為 \fIgroupmod\fR å¯ é¸ ç”¨ çš„ åƒ æ•¸ 。
+
+.IP "\fB\-g\fR \fIgid\fR"
+群 組 I D 值 。
+å¿… é ˆ 為 唯 一 çš„ ID 值 , 除 éž ç”¨ \-o é¸ é … 。
+數 å­— ä¸ å¯ ç‚º è²  å€¼ã€‚é  è¨­ 為 最
+å° ä¸ å¾— å° æ–¼ 999 而 é€ æ¬¡ 增 加 。 0~ 499 傳 çµ± 上
+是 ä¿ ç•™ 給 ç³» çµ± 帳 號 使 用 。
+如 果 有 檔 案 使 用 舊 的 群 組 ID , 而 這 時 候 你 新 增 的 群 組 ID
+æ° å¥½ 與 舊 çš„ 相 åŒ ï¼Œ 這 樣 çš„ 話
+ä½  è¦ æ‰‹ å‹• 改 一 下 這 些 檔 案 çš„ 群 組 ID 。
+.IP "\fB\-n\fR \fIgroup_name\fR"
+æ›´ 改 群 組 å 。
+.SH 檔案
+\fI/etc/group\fR \- 群 組 資 訊
+.br
+\fI/etc/gshadow\fR \- 群 組 資 訊 加 密
+.SH 相關文件
+.BR chfn (1),
+.BR chsh (1),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupdel (8)
+.SH 作者
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/zh_TW/man8/useradd.8 b/man/zh_TW/man8/useradd.8
new file mode 100644
index 0000000..a0bfd0b
--- /dev/null
+++ b/man/zh_TW/man8/useradd.8
@@ -0,0 +1,184 @@
+.\" $Id$
+.\" Copyright 1991 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH USERADD 8
+.SH å 稱
+useradd \- 帳 號 建 立 或 更 新 新 使 用 者 的 資 訊
+.SH 語 法
+.TP 8
+.B useradd
+.\" .RB [ \-A
+.\" .RI { method | \fBDEFAULT\fR "},... ]"
+.RB [ \-c
+.IR comment ]
+.RB [ \-d
+.IR home_dir ]
+.br
+.RB [ \-e
+.IR expire_date ]
+.RB [ \-f
+.IR inactive_time ]
+.br
+.RB [ \-g
+.IR initial_group ]
+.RB [ \-G
+.IR group [,...]]
+.br
+.RB [ \-m " [" \-k
+.IR skeleton_dir ] " |" " " \-M ]
+.RB [ \-s
+.IR shell ]
+.br
+.RB [ \-u
+.IR uid " ["
+.BR \-o ]]
+.RB [ \-n ]
+.RB [ \-r ]
+.I login
+.TP 8
+\fBuseradd\fR \fB\-D\fR [\fB\-g\fR \fIdefault_group\fR] [\fB\-b\fR \fIdefault_home\fR]
+.br
+[\fB\-f\fR \fIdefault_inactive\fR] [\fB\-e\fR \fIdefault_expire_date\fR]
+.br
+[\fB\-s\fR \fIdefault_shell\fR]
+.SH æ è¿°
+.SS 新 帳 號 建 立
+當 ä¸ åŠ  \fB\-D\fR åƒ æ•¸ , \fBuseradd\fR 指 令 使 用 命 令 列 來 指 定
+æ–° 帳 號 çš„ 設 定 值 and 使 用 ç³» çµ± 上 çš„ é  è¨­ 值 .
+新 使 用 者 帳 號 將 產 生 一 些 系 統 檔 案 , 使 用 者 目 錄 建 立 ,
+拷 備 起 始 檔 案 等
+, 這 些 å‡ å¯ ä»¥ 利 用 命 令列 é¸ é … 指 定 。 æ­¤ 版 本 為 Red Hat Linux æ ä¾›
+, å¯ å¹« æ¯ å€‹ æ–° 加 å…¥ çš„ 使 用 者 建 ç«‹ 個 別 çš„ group , 毋 é ˆ æ·» 加 \fB\-n\fR
+é¸ é … 。
+\fBuseradd\fR å¯ ä½¿ 用 çš„ é¸ é … 為
+.IP "\fB\-c\fR \fIcomment\fR"
+新 帳 號 password 檔 的 說 明 欄 。
+.IP "\fB\-d\fR \fIhome_dir\fR"
+æ–° 帳 號 æ¯ æ¬¡ ç™» å…¥ 時 所 使 用 çš„ \fIhome_dir\fR 。
+é  è¨­ 值 為 \fIdefault_home\fR å…§ \fIlogin\fR å 稱 , 並 當 æˆ ç™» å…¥ 時 ç›® 錄
+å 稱 。
+.IP "\fB\-e\fR \fIexpire_date\fR"
+帳 號 終 æ­¢ æ—¥ 期 。 æ—¥ 期 çš„ 指 定 æ ¼ å¼ ç‚º \fIMM/DD/YY\fR 。
+.IP "\fB\-f\fR \fIinactive_days\fR"
+帳 號 éŽ æœŸ å¹¾ æ—¥ 後 æ°¸ ä¹… åœ æ¬Š 。
+當 值 為 0 時 帳 號 則 ç«‹ 刻 被 åœ æ¬Š 。
+而 當 值 為 \-1 時 則 é—œ é–‰ æ­¤ 功\ 能 , é  è¨­ 值 為 \-1
+.IP "\fB\-g\fR \fIinitial_group\fR"
+group å 稱 或 以 數 å­— 來 åš ç‚º 使 用 者 ç™» å…¥ èµ· 始 群 組 (group) 。
+群 組 å é ˆ 為 ç¾ æœ‰ å­˜ 在 çš„ å 稱 。
+群 組 數 å­— 也 é ˆ 為 ç¾ æœ‰ å­˜ 在 çš„ 群 組 。
+é  è¨­ çš„ 群 組 數 å­— 為 1 。
+.IP "\fB\-G\fR \fIgroup,[...]\fR"
+定 義 æ­¤ 使 用 者 為 æ­¤ 一 å † groups çš„ æˆ å“¡ 。
+æ¯ å€‹ 群 組 使 用 "," å€ æ ¼ é–‹ 來 , ä¸ å¯ ä»¥ 夾 雜 空 白 å­— å…ƒ 。
+ 群 組 å åŒ \fB\-g\fR é¸ é … çš„ é™ åˆ¶ 。
+定 義 值 為 使用 者 的 起 始 群 組 。
+.IP \fB\-m\fR
+使 用 者 ç›® 錄 如 ä¸ å­˜ 在 則 自 å‹• 建 ç«‹ 。
+如 使 用 \fB\-k\fR é¸ é … \fIskeleton_dir\fR å…§ çš„ 檔 案 å°‡ 複 製 至 使 用 者 ç›®
+錄 下 。
+然 而 在 \fI/etc/skel\fR ç›® 錄 下 çš„ 檔 案 也 會 複 製 éŽ åŽ» å– ä»£ 。
+ä»» 何 在 \fIskeleton_dir\fR or \fI/etc/skel\fR çš„ ç›® 錄 也 相 åŒ æœƒ 在 使 用 者
+目 錄 下 一 一 建 立 。
+The \fB\-k\fR åŒ \fB\-m\fR
+ä¸ å»º ç«‹ ç›® 錄 以 åŠ ä¸ è¤‡ 製 ä»» 何 檔 案 為 é  è¨­ 值 。
+.IP \fB\-M\fR
+ä¸ å»º ç«‹ 使 用 者 ç›® 錄 , å³ ä½¿ \fI/etc/login.defs\fR ç³» çµ± 檔 設 定 è¦ å»º
+立 使 用 者 目 錄 。
+.IP \fB\-n\fR
+é  è¨­ 值 使 用 者 群 組 與 使 用 者 å 稱 會 相 åŒ ã€‚ æ­¤ é¸ é … å°‡ å– æ¶ˆ æ­¤ é 
+設 值 。
+.IP \fB\-r\fR
+æ­¤ åƒ æ•¸ 是 用 來 建 ç«‹ ç³» çµ± 帳 號 。 ç³» çµ± 帳 號 çš„ UID 會 比 定 義 在 ç³»
+統 檔 上 \fI/etc/login.defs\fR.
+çš„ UID_MIN 來 çš„ å° ã€‚ 注 æ„ \fBuseradd\fR æ­¤ 用 法 所 建 ç«‹ çš„ 帳 號 ä¸ æœƒ
+建 立 使 用 者 目 錄
+, 也 ä¸ æœƒ 在 乎 ç´€ 錄 在 \fI/etc/login.defs\fR. çš„ 定 義 值 。
+如 æžœ ä½  想 è¦ æœ‰ 使 用 者 ç›® 錄 é ˆ é¡ å¤– 指 定 \fB\-m\fR åƒ æ•¸ 來 建 ç«‹ ç³»
+統 帳 號 。
+這 是 RED HAT é¡ å¤– 增 設 çš„ é¸ é … 。
+.IP "\fB\-s\fR \fIshell\fR"
+使 用 者 ç™» å…¥ 後 使 用 çš„ shell å 稱 。
+é  è¨­ 為 ä¸ å¡« 寫 , 這 樣 ç³» çµ± 會 幫 ä½  指 定 é  è¨­ çš„ ç™» å…¥ shell 。
+.IP "\fB\-u\fR \fIuid\fR"
+使 用 者 çš„ ID 值 。 å¿… é ˆ 為 唯 一 çš„ ID 值 , 除 éž ç”¨ \fI\-o\fR é¸ é … 。
+數 å­— ä¸ å¯ ç‚º è²  å€¼ã€‚é  è¨­ 為 最 å° ä¸ å¾— å° æ–¼ 999 而 é€ æ¬¡ 增 加 。
+0~ 999 傳 çµ± 上 是 ä¿ ç•™ 給 ç³» çµ± 帳 號 使 用 。
+
+.SS 改 變 é  è¨­ 值
+當 \fB\-D\fR é¸ é … 出 ç¾ æ™‚ , \fBuseradd\fR 秀 出 ç¾ åœ¨ çš„ é  è¨­ 值 , 或 是 è—‰
+ç”±
+命 令 列 çš„ æ–¹ å¼ æ›´ æ–° é  è¨­ 值 。
+å¯ ç”¨ é¸ é … 為 :
+.IP "\fB\-b\fR \fIdefault_home\fR"
+定 義 使 用 者 所 屬 ç›® 錄 çš„ å‰ ä¸€ 個 ç›® 錄 。
+使 用 者 å 稱 會 附 加 在 \fIdefault_home\fR 後 é¢
+用 來 建 立 新 使 用 者 的 目 錄 。
+當 然 使 用 \fB\-d\fI 後 則 æ­¤ é¸ é … ç„¡ 效 。
+.IP "\fB\-e\fR \fIdefault_expire_date\fR"
+使 用 者 帳 號 åœ æ­¢ æ—¥ 期 。
+.IP "\fB\-f\fR \fIdefault_inactive\fR"
+帳 號 éŽ æœŸ å¹¾ æ—¥ 後 åœ æ¬Š 。
+.IP "\fB\-g\fR \fIdefault_group\fR"
+æ–° 帳 號 èµ· 始 群 組 å 或 ID 。
+群 組 å é ˆ 為 ç¾ æœ‰ å­˜ 在 çš„ å 稱 。
+群 組 I D 也 é ˆ 為 ç¾ æœ‰ å­˜ 在 çš„ 群 組 。
+.IP "\fB\-s\fR \fIdefault_shell\fR"
+使 用 者 ç™» å…¥ 後 使 用 çš„ shell å 稱 。
+往 後 新 加 入 的 帳 號 都 將 使 用 此 shell.
+.PP
+如 ä¸ æŒ‡ 定 ä»» 何 åƒ æ•¸ , \fBuseradd\fR 顯 示 ç›® å‰ é  è¨­ çš„ 值 。
+.SH 注 記
+ç³» çµ± 管 ç† è€… 有 義 å‹™ 在 \fI/etc/skel\fR ç›® 錄 下 放 ç½® 使 用 者 定 義 檔 。
+.br
+此 版 本 『useradd〠由 Red Hat 修 改 。
+.SH è­¦ å‘Š
+ä¸ å¯ æ–° 增 使 用 者 æ–¼ NIS 群 組 中 。
+ä½  å¿… é ˆ 在 NIS 伺 æœ å™¨ 上 執 è¡Œ 。
+.SH 檔 案
+\fI/etc/passwd\fR \- 使 用 者 帳 號 資 訊
+.br
+\fI/etc/shadow\fR \- 使 用 者 帳 號 資 訊 加 密
+.br
+\fI/etc/group\fR \- 群 組 資 訊
+.br
+\fI/etc/default/useradd\fR \- 定 義 資 訊
+.br
+\fI/etc/login.defs\fR \- 系 統 廣 義 設 定
+.br
+\fI/etc/skel/\fR \- å…§ å« å®š 義 檔 çš„ ç›® 錄
+.SH SEE ALSO
+.BR chfn (1),
+.BR chsh (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR passwd (1),
+.BR userdel (8),
+.BR usermod (8)
+.SH AUTHOR
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/zh_TW/man8/userdel.8 b/man/zh_TW/man8/userdel.8
new file mode 100644
index 0000000..1a255d5
--- /dev/null
+++ b/man/zh_TW/man8/userdel.8
@@ -0,0 +1,65 @@
+.\" $Id$
+.\" Copyright 1991 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH USERDEL 8
+.SH å稱
+userdel \- 刪 除 使 用 者 帳 號 åŠ ç›¸ é—œ 檔 案
+.SH 語法
+.B userdel
+[\fB\-r\fR]
+.I login
+.SH æè¿°
+\fBuserdel\fR 命 令 修 改 系 統 帳 號 檔
+刪 除 所 有 \fIlogin\fR 會 åƒ è€ƒ çš„ 部 份 。
+使 用 者 å 稱 å¿… 須是 å­˜ 在 çš„ 。
+.IP \fB\-r\fR
+使 用 者 ç›® 錄 下 çš„ 檔 案 一 並 移 除 。 在 å…¶ ä»– ä½ ç½® 上 çš„ 檔
+案 也 將 一 一 找 出 並 刪 除 。
+.SH 檔案
+\fI/etc/passwd\fR \- 使 用 者 帳 號 資 料
+.br
+\fI/etc/shadow\fR \- 使 用 者 帳 號 資 訊 加 密
+.br
+\fI/etc/group\fR \- 群 組 資 訊
+.SH 警告
+\fBuserdel\fR ä¸ å… è¨± ä½  移 除 æ­£ 在線 上
+的 使 用 者 帳 號 。
+ä½  å¿… é ˆ ç  æŽ‰ æ­¤ 帳 號 ç¾ åœ¨ 在 ç³» çµ± 上 執 è¡Œ çš„ 程 åº æ‰ èƒ½ 進 è¡Œ 帳 號
+刪 除 。
+ä¸ èƒ½ 在 NIS client 端 移 除 NIS 屬 性 çš„ æ± è¥¿ 。
+這 å‹• åš é ˆ 在 NIS server 端 上 執 è¡Œ 。
+.SH SEE ALSO
+.BR chfn (1),
+.BR chsh (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR passwd (1),
+.BR useradd (8),
+.BR usermod (8)
+.SH 作者
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/zh_TW/man8/usermod.8 b/man/zh_TW/man8/usermod.8
new file mode 100644
index 0000000..1c52785
--- /dev/null
+++ b/man/zh_TW/man8/usermod.8
@@ -0,0 +1,129 @@
+.\" $Id$
+.\" Copyright 1991 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH USERMOD 8
+.SH å稱
+usermod \- 修 改 使 用 者 帳 號
+.SH 語法
+.TP 8
+.B usermod
+.\" .RB [ \-A
+.\" .RI { method | \fBDEFAULT\fR "},... ]"
+.RB [ \-c
+.IR comment ]
+.RB [ \-d
+.IR home_dir " ["
+.BR \-m ]]
+.br
+.RB [ \-e
+.IR expire_date ]
+.RB [ \-f
+.IR inactive_time ]
+.br
+.RB [ \-g
+.IR initial_group ]
+.RB [ \-G
+.IR group [,...]]
+.br
+.RB [ \-l
+.IR login_name ]
+.RB [ \-s
+.IR shell ]
+.br
+.RB [ \-u
+.IR uid " ["
+.BR \-o ]]
+.I login
+.SH æè¿°
+\fBusermod\fR 命 令 會 åƒ ç…§ ä½  命 令 列 上 指 定 çš„ 部 份 ä¿® 改 ç³» çµ± 帳
+號 檔 。 下 列 為 \fBusermod\fR å¯ é¸ ç”¨ çš„ åƒ æ•¸ 。
+
+.\" .IP "\fB\-A \fImethod\fR|\fBDEFAULT\fR"
+.\" The new value of the user's authentication method.
+.\" The authentication method is the name of a program which is responsible
+.\" for validating the user's identity.
+.\" The string \fBDEFAULT\fR may be used to change the user's authentication
+.\" method to the standard system password method.
+.IP "\fB\-c\fR \fIcomment\fR"
+更 新 使 用 者 帳 號 password 檔 中 的 注 解 欄
+, 一 般 是 使 用 \fBchfn\fR(1) 來 修 改 。
+.IP "\fB\-d\fR \fIhome_dir\fR"
+更 新 使 用 者 新 的 登 入 目 錄 。
+如 æžœ 給 定 \fB\-m\fR é¸ é … , 使 用 者 舊 ç›® 錄 會 æ¬ åˆ° æ–° çš„ ç›® 錄 去
+,如 舊 ç›® 錄 ä¸ å­˜ 在 則 建 個 æ–° çš„ 。
+.IP "\fB\-e\fR \fIexpire_date\fR"
+加 上 使 用 者 帳 號 åœ æ­¢ æ—¥ 期 。 æ—¥ 期 æ ¼ å¼ ç‚º \fIMM/DD/YY\fR.
+.IP "\fB\-f\fR \fIinactive_days\fR"
+帳 號 éŽ æœŸ å¹¾ æ—¥ 後 æ°¸ ä¹… åœ æ¬Šã€‚ç•¶ 值 為 0 時
+帳 號 則 ç«‹ 刻 被 åœ æ¬Š 。 而 當 值 為 \-1 時 則 關閉此功\能
+ã€‚é  è¨­ 值 為 \-1。
+.IP "\fB\-g\fR \fIinitial_group\fR"
+æ›´ æ–° 使 用 者 æ–° çš„ èµ· 始 ç™» å…¥ 群 組 。 群 組 å é ˆ å·² å­˜ 在
+。群 組 ID å¿… é ˆ åƒ ç…§ æ—¢ 有 çš„ çš„ 群 組 。 群 組 ID é  è¨­ 值 為 1 。
+.IP "\fB\-G\fR \fIgroup,[...]\fR"
+定 義 使 用 者 為 一 å † groups çš„ æˆ å“¡ 。 æ¯
+個 群 組 使 用 "," å€ æ ¼ é–‹ 來 , ä¸ å¯ ä»¥ 夾 雜 空
+白 å­— å…ƒ 。 群 組 å åŒ \-g é¸ é … çš„ é™ åˆ¶ 。
+如 æžœ 使 用 者 ç¾ åœ¨ çš„ 群 組 ä¸ å† æ­¤ 列 , 則 å°‡ 使 用 者 ç”± 該
+群 組 中 移 除 。
+.IP "\fB\-l\fR \fIlogin_name\fR"
+變 æ›´ 使 用 者 \fIlogin\fR 時 çš„ å 稱 為 \fIlogin_name\fR 。
+å…¶ æ–¼ ä¸ è®Š 。 特 別 是 , 使 用 者 ç›® 錄 å 應 該 也 會 è·Ÿ è‘— æ›´ å‹• æˆ æ–°
+çš„ ç™» å…¥ å 。
+.IP "\fB\-s\fR \fIshell\fR"
+指 定 æ–° ç™» å…¥ shell 。 如 æ­¤ 欄 ç•™ 白 , ç³» çµ± å°‡ é¸ ç”¨ ç³» çµ± é  è¨­ shell 。
+.IP "\fB\-u\fR \fIuid\fR"
+使 用 者 ID 值 。必 é ˆ 為 唯 一 çš„ ID 值 , 除 éž ç”¨ \fI\-o\fR é¸ é … 。 數
+å­— ä¸ å¯ ç‚º è²  å€¼ã€‚é  è¨­ 為 最 å° ä¸ å¾— å° æ–¼ 999 而 é€ æ¬¡
+增 加 。 0~ 999 傳 çµ± 上 是 ä¿ ç•™ 給 ç³» çµ± 帳 號 使 用 。
+使 用 者 目 錄 樹 下 所 有 的 檔 案 目 錄 其 user ID 會 自 動 改 變 。
+放 在 使 用 者 ç›® 錄 外 çš„ 檔 案 則 è¦ è‡ª è¡Œ 手 å‹• æ›´ å‹• 。
+.SH 警告
+\fBusermod\fR ä¸ å… è¨± ä½  改 變 æ­£ 在線 上 çš„ 使 用 者 帳 號 å 稱 。
+當 usermod 用 來 改 變 user ID, å¿… é ˆ 確 èª é€™ å user æ²’ 在 é›» è…¦ 上 執
+è¡Œ ä»» 何 程 åºã€‚
+你 需 手 動 更 改 使 用 者 的 crontab 檔 。
+也 需 手 動 更 改 使 用 者 的 at 工 作 檔 。
+採 用 NIS server 須 在 server 上 更 動 相 關 的 NIS 設 定 。
+
+.SH 檔案
+\fI/etc/passwd\fR \- 使 用 者 帳 號 資 訊
+.br
+\fI/etc/shadow\fR \- 使 用 者 帳 號 資 訊 加 密
+.br
+\fI/etc/group\fR \- 群 組 資 訊
+.SH 相關文件
+.BR chfn (1),
+.BR chsh (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR passwd (1),
+.BR useradd (8),
+.BR userdel (8)
+.SH 作者
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/po/LINGUAS b/po/LINGUAS
new file mode 100644
index 0000000..460ec38
--- /dev/null
+++ b/po/LINGUAS
@@ -0,0 +1,38 @@
+bs
+ca
+cs
+da
+de
+dz
+el
+es
+eu
+fi
+fr
+gl
+he
+hu
+id
+it
+ja
+kk
+km
+ko
+nb
+ne
+nl
+nn
+pl
+pt
+pt_BR
+ro
+ru
+sk
+sq
+sv
+tl
+tr
+uk
+vi
+zh_CN
+zh_TW
diff --git a/po/Makevars b/po/Makevars
new file mode 100644
index 0000000..c2b35f8
--- /dev/null
+++ b/po/Makevars
@@ -0,0 +1,31 @@
+# Makefile variables for PO directory in any package using GNU gettext.
+
+# Usually the message domain is the same as the package name.
+DOMAIN = $(PACKAGE)
+
+# These two variables depend on the location of this directory.
+subdir = po
+top_builddir = ..
+
+# These options get passed to xgettext.
+XGETTEXT_OPTIONS = --keyword=_ --keyword=N_ --no-location
+
+# This is the copyright holder that gets inserted into the header of the
+# $(DOMAIN).pot file. Set this to the copyright holder of the surrounding
+# package. (Note that the msgstr strings, extracted from the package's
+# sources, belong to the copyright holder of the package.) Translators are
+# expected to transfer the copyright for their translations to this person
+# or entity, or to disclaim their copyright. The empty string stands for
+# the public domain; in this case the translators are expected to disclaim
+# their copyright.
+COPYRIGHT_HOLDER = Free Software Foundation, Inc.
+
+# This is the list of locale categories, beyond LC_MESSAGES, for which the
+# message catalogs shall be used. It is usually empty.
+EXTRA_LOCALE_CATEGORIES =
+
+MSGID_BUGS_ADDRESS = pkg-shadow-devel@lists.alioth.debian.org
+
+MSGMERGE += --previous
+MSGMERGE_UPDATE += --previous
+
diff --git a/po/POTFILES.in b/po/POTFILES.in
new file mode 100644
index 0000000..1758f49
--- /dev/null
+++ b/po/POTFILES.in
@@ -0,0 +1,116 @@
+# List of files which contain translatable strings.
+
+lib/commonio.c
+lib/encrypt.c
+lib/fields.c
+lib/fputsx.c
+lib/getdef.c
+lib/get_gid.c
+lib/getlong.c
+lib/get_uid.c
+lib/groupio.c
+lib/groupmem.c
+lib/gshadow.c
+lib/lockpw.c
+lib/nscd.c
+lib/port.c
+lib/pwauth.c
+lib/pwio.c
+lib/pwmem.c
+lib/selinux.c
+lib/semanage.c
+lib/sgetgrent.c
+lib/sgetpwent.c
+lib/sgetspent.c
+lib/sgroupio.c
+lib/shadow.c
+lib/shadowio.c
+lib/shadowmem.c
+lib/spawn.c
+lib/tcbfuncs.c
+lib/utent.c
+libmisc/addgrps.c
+libmisc/age.c
+libmisc/audit_help.c
+libmisc/basename.c
+libmisc/chkname.c
+libmisc/chowndir.c
+libmisc/chowntty.c
+libmisc/cleanup.c
+libmisc/cleanup_group.c
+libmisc/cleanup_user.c
+libmisc/console.c
+libmisc/copydir.c
+libmisc/entry.c
+libmisc/env.c
+libmisc/failure.c
+libmisc/find_new_gid.c
+libmisc/find_new_uid.c
+libmisc/getgr_nam_gid.c
+libmisc/getrange.c
+libmisc/hushed.c
+libmisc/isexpired.c
+libmisc/limits.c
+libmisc/list.c
+libmisc/log.c
+libmisc/loginprompt.c
+libmisc/mail.c
+libmisc/motd.c
+libmisc/myname.c
+libmisc/obscure.c
+libmisc/pam_pass.c
+libmisc/pwd2spwd.c
+libmisc/pwdcheck.c
+libmisc/pwd_init.c
+libmisc/remove_tree.c
+libmisc/rlogin.c
+libmisc/root_flag.c
+libmisc/salt.c
+libmisc/setugid.c
+libmisc/setupenv.c
+libmisc/shell.c
+libmisc/strtoday.c
+libmisc/sub.c
+libmisc/sulog.c
+libmisc/ttytype.c
+libmisc/tz.c
+libmisc/ulimit.c
+libmisc/utmp.c
+libmisc/valid.c
+libmisc/xgetXXbyYY.c
+libmisc/xmalloc.c
+libmisc/yesno.c
+src/chage.c
+src/chfn.c
+src/chgpasswd.c
+src/chpasswd.c
+src/chsh.c
+src/expiry.c
+src/faillog.c
+src/gpasswd.c
+src/groupadd.c
+src/groupdel.c
+src/groupmems.c
+src/groupmod.c
+src/groups.c
+src/grpck.c
+src/grpconv.c
+src/grpunconv.c
+src/id.c
+src/lastlog.c
+src/login.c
+src/login_nopam.c
+src/logoutd.c
+src/newgrp.c
+src/newusers.c
+src/passwd.c
+src/pwck.c
+src/pwconv.c
+src/pwunconv.c
+src/suauth.c
+src/su.c
+src/sulogin.c
+src/useradd.c
+src/userdel.c
+src/usermod.c
+src/vipw.c
diff --git a/po/bs.po b/po/bs.po
new file mode 100644
index 0000000..219fa70
--- /dev/null
+++ b/po/bs.po
@@ -0,0 +1,2419 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Free Software Foundation, Inc.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2004-05-09 12:03+0100\n"
+"Last-Translator: Safir Šećerović <sapphire@linux.org.ba>\n"
+"Language-Team: Bosnian <lokal@lugbih.org>\n"
+"Language: bs\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Å ifra:"
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s's Å ifra: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr ""
+
+msgid "Warning: too many groups\n"
+msgstr ""
+
+msgid "Your password has expired."
+msgstr "Vaša šifra je istekla."
+
+msgid "Your password is inactive."
+msgstr "Vaša šifra je neaktivna."
+
+msgid "Your login has expired."
+msgstr "VaÅ¡ raÄun je istekao."
+
+msgid " Contact the system administrator."
+msgstr ""
+
+msgid " Choose a new password."
+msgstr " Izaberite novu Å¡ifru."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "VaÅ¡a Å¡ifra istiÄe za in %ld dana.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "VaÅ¡a Å¡ifra istiÄe sutra."
+
+msgid "Your password will expire today."
+msgstr "VaÅ¡a Å¡ifra istiÄe danas."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: "
+msgstr ""
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr ""
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+msgstr[1] ""
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+
+msgid "Too many logins.\n"
+msgstr "Previše prijavljivanja.\n"
+
+msgid "You have new mail."
+msgstr "Imate novu poštu."
+
+msgid "No mail."
+msgstr "Nema pošte."
+
+msgid "You have mail."
+msgstr "Imate poštu."
+
+msgid "no change"
+msgstr ""
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Neispravna Å¡ifra: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr ""
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr ""
+
+#, fuzzy
+msgid "passwd: password unchanged\n"
+msgstr "Å ifra:"
+
+msgid "passwd: password updated successfully\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Mijenjam Å¡ifru za grupu %s\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr ""
+
+msgid "No directory, logging in with HOME=/"
+msgstr ""
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr ""
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr ""
+
+msgid "Unable to determine your tty name."
+msgstr ""
+
+msgid "No"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+
+msgid "Minimum Password Age"
+msgstr "Minimalna trajnost Å¡ifre"
+
+msgid "Maximum Password Age"
+msgstr "Maskimalna trajnost Å¡ifre"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr ""
+
+msgid "Password Expiration Warning"
+msgstr "Upozorenje o isteku Å¡ifre"
+
+msgid "Password Inactive"
+msgstr "Å ifra neaktivna"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Datum isteka raÄuna (GGGG-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr ""
+
+#, fuzzy
+msgid "never"
+msgstr "Nikad"
+
+msgid "password must be changed"
+msgstr ""
+
+#, fuzzy
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Å ifra:"
+
+#, fuzzy
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Å ifra neaktivna"
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr ""
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: PAM: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: Pokušajte ponovo kasnije\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Puno ime i prezime"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr ""
+
+msgid "Room Number"
+msgstr "Broj sobe"
+
+msgid "Work Phone"
+msgstr "Poslovni telefon"
+
+msgid "Home Phone"
+msgstr "Kućni telefon"
+
+msgid "Other"
+msgstr "Ostalo"
+
+msgid "Cannot change ID to root.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr ""
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: grupa %s postoji\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr ""
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr ""
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr ""
+
+#, c-format
+msgid " [%lus left]"
+msgstr ""
+
+#, c-format
+msgid " [%lds lock]"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Nepoznat korisnik: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+
+msgid "The options cannot be combined.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Mijenjam Å¡ifru za grupu %s\n"
+
+msgid "New Password: "
+msgstr "Nova Å¡ifra:"
+
+msgid "Re-enter new password: "
+msgstr "Ponovo unesite novu Å¡ifru:"
+
+msgid "They don't match; try again"
+msgstr "One se ne slažu; pokušajte ponovo"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Pokušajte ponovo kasnije\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Dodajem korisnika %s grupi %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Uklanjam korisnika %s iz grupe %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr ""
+
+msgid "invalid group file entry"
+msgstr ""
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr ""
+
+#, fuzzy
+msgid "duplicate group entry"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr ""
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr ""
+
+msgid "duplicate shadow group entry"
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr ""
+
+msgid "Usage: id\n"
+msgstr ""
+
+msgid " groups="
+msgstr ""
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr ""
+
+msgid "Username Port Latest"
+msgstr ""
+
+msgid "**Never logged in**"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr ""
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr ""
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr ""
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s login: "
+msgstr ""
+
+msgid "login: "
+msgstr ""
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr ""
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr ""
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr ""
+
+#, c-format
+msgid " from %.*s"
+msgstr ""
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+msgid "Usage: logoutd\n"
+msgstr ""
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr ""
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Stara Å¡ifra:"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+msgid "too many groups\n"
+msgstr ""
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "nepoznata grupa: %s\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Stara Å¡ifra:"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+msgid "New password: "
+msgstr "Nova Å¡ifra:"
+
+msgid "Try again."
+msgstr "Pokušajte ponovo."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Upozorenje: slaba šifra (unesite je ponovo ako je ipak želite koristiti)."
+
+msgid "They don't match; try again.\n"
+msgstr "One se ne slažu; pokušajte ponovo\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "Mijenjam Å¡ifru za grupu %s\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: password changed.\n"
+msgstr "Å ifra:"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Upozorenje o isteku Å¡ifre"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid password file entry"
+msgstr "Stara Å¡ifra:"
+
+msgid "duplicate password entry"
+msgstr ""
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Adding user %s to group %s\n"
+msgid "user '%s': no group %lu\n"
+msgstr "Dodajem korisnika %s grupi %s\n"
+
+#, fuzzy, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "no tcb directory for %s\n"
+msgstr "Mijenjam Å¡ifru za grupu %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr ""
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr ""
+
+msgid "duplicate shadow password entry"
+msgstr ""
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr ""
+
+msgid "Password authentication bypassed.\n"
+msgstr ""
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr ""
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr ""
+
+#, fuzzy
+msgid "(Enter your own password)"
+msgstr "Ponovo unesite novu Å¡ifru:"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr ""
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr ""
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "Cannot execute %s\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, fuzzy
+msgid "No password file"
+msgstr "Nova Å¡ifra:"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr ""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+
+msgid "Entering System Maintenance Mode"
+msgstr ""
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr ""
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr ""
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: no options\n"
+msgstr "%s: nepoznat Älan %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr ""
+
+msgid "failed to change mailbox owner"
+msgstr ""
+
+msgid "failed to rename mailbox"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "Å ifra:"
+
+msgid "failed to create scratch directory"
+msgstr ""
+
+msgid "failed to drop privileges"
+msgstr ""
+
+msgid "Couldn't get file context"
+msgstr ""
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr ""
+
+msgid "Couldn't make backup"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr ""
+
+msgid "failed to unlink scratch file"
+msgstr ""
+
+msgid "failed to stat edited file"
+msgstr ""
+
+msgid "failed to allocate memory"
+msgstr ""
+
+msgid "failed to create backup file"
+msgstr ""
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "Vaša šifra je istekla."
+
+#, fuzzy
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "Broj sobe"
+
+#, fuzzy
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "Poslovni telefon"
+
+#, fuzzy
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "Kućni telefon"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "nepoznata grupa: %s\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Nepoznat korisnik: %s\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: nepoznat Älan %s\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Nova Å¡ifra:"
+
+#~ msgid "Sorry."
+#~ msgstr "Žalim."
diff --git a/po/ca.po b/po/ca.po
new file mode 100644
index 0000000..064a62f
--- /dev/null
+++ b/po/ca.po
@@ -0,0 +1,3722 @@
+# Shadow Catalan translation.
+# Guillem Jover <guillem@debian.org>, 2004, 2005, 2006.
+# Innocent De Marchi <tangram.peces@gmail.com>, 2011-2012
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-01-22 18:25+0100\n"
+"Last-Translator: Innocent De Marchi <tangram.peces@gmail.com>\n"
+"Language-Team: Catalan <debian-l10n-catalan@lists.debian.org>\n"
+"Language: ca\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=n!=1;\n"
+"X-Poedit-Language: Catalan\n"
+"X-Poedit-Country: SPAIN\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Diverses entrades de nom «%s» a %s. Corregiu això amb «pwck» o «grpck».\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "el mètode «crypt» no és compatible amb «libcrypt»? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "error en la configuració - no és possible analitzar el valor %s: «%s»"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "No s'ha pogut reservar espai per a la informació de configuració.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"error de configuració - element «%s» desconegut (notifiqueu-ho a "
+"l'administrador)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd no ha acabat correctament (senyal %d)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: «nscd» ha sortit amb l'estat %d"
+
+msgid "Password: "
+msgstr "Contrasenya: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Contrasenya de l'usuari %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "No es pot generar l'identificador de gestió SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "No és possible gestionar la directiva SELinux\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "No es pot llegir el magatzem de directives de SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "No es pot establir la connexió de gestió SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "No es pot iniciar la transacció SELinux\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "No es pot consultar el «seuser» per a %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "No s'ha pogut definir el «serange» per a %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "No es pot establir «sename» per a %s.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "No es pot modificar el mapatge d'inici de sessió per a %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "No es pot generar el mapatge d'inici de sessió SELinux per a %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "No s'ha pogut establir el nom per a %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "No s'ha pogut establir l'usuari SELinux per a %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "No s'ha pogut afegir l'assignació de connexió per a %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "No es pot iniciar el gestor SELinux\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "No es pot generar la clau SELinux de l'usuari.\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "No es pot verificar l'usuari de SELinux\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "No es pot modificar l'assignació d'usuaris de SELinux\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "No es pot afegir l'assignació de l'usuari de SELinux\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "No es pot validar la transacció SELinux\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"L'assignació d'inici de sessió per a %s no està definida, seleccionau «OK» "
+"si s'utilitzava l'assignació per defecte\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"L'assignació d'inici de sessió per a %s està definida a la directiva de "
+"seguretat, no és possible eliminar-la\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "No es pot eliminar el mapatge d'inici de sessió per a %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: s'ha exhaurit la memòria\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: no es pot generar el fitxer %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s no és ni un directori ni un enllaç simbòlic.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: no es pot llegir l'enllaç simbòlic %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: enllaç simbòlic sospitosament llarg: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: no es pot crear el directori %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: no es pot canviar el propietari de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: no es pot canviar el mode de %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: desvincular: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: no es pot eliminar el directori %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: no es pot reanomenar %s a %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: no es pot eliminar %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: no es pot generar l'enllaç simbòlic %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: no es pot canviar els propietaris de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: no es pot «lstat» %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: advertència, els usuaris %s no tenen el fitxer «tcb shadow».\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: emergència: el fitxer «tcb sahdow» %s no és un fitxer regular amb "
+"st_nlink=1.\n"
+"El compte queda bloquejat.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: reanomena: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: no es pot obrir el fitxer %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Avís: el grup %s és desconegut\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Avís: hi ha massa grups\n"
+
+msgid "Your password has expired."
+msgstr "La vostra contrasenya ha caducat."
+
+msgid "Your password is inactive."
+msgstr "La vostra contrasenya està inactiva."
+
+msgid "Your login has expired."
+msgstr "El vostre accés ha caducat."
+
+msgid " Contact the system administrator."
+msgstr " Contacteu amb l'administrador del sistema."
+
+msgid " Choose a new password."
+msgstr " Escolliu una nova contrasenya."
+
+msgid "You must change your password."
+msgstr "Ha de canviar la contrasenya."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "La vostra contrasenya caduca en %ld dies.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "La vostra contrasenya caduca demà."
+
+msgid "Your password will expire today."
+msgstr "La vostra contrasenya caduca avui."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "No es pot obrir la interfície d'auditoria - cancel·lant.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+"No es pot canviar el propietari o la manera d'entrada estàndard de «tty»: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: ha fallat el desbloqueig de %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Desbordament d'entorn\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "No podeu canviar $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"S'ha produït %d fallada des de l'últim accés.\n"
+"L'últim va ser %s en %s.\n"
+msgstr[1] ""
+"S'han produït %d fallades des de l'últim accés.\n"
+"L'últim va ser %s en %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Configuració incorrecta: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuració incorrecta: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: no es pot assignar memòria: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: no es pot obtenir un GID de sistema únic (no hi ha més GID disponibles)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: no es pot obtenir un GID únic (no hi ha més GID disponibles)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Configuració incorrecta: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuració incorrecta: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: no es pot obtenir un UID únic (no hi ha més UID disponibles)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: no es pot obtenir un GID únic (no hi ha més GID disponibles)\n"
+
+msgid "Too many logins.\n"
+msgstr "Massa entrades.\n"
+
+msgid "You have new mail."
+msgstr "Teniu correu nou."
+
+msgid "No mail."
+msgstr "No hi ha correu."
+
+msgid "You have mail."
+msgstr "Teniu correu."
+
+msgid "no change"
+msgstr "no hi ha canvis"
+
+msgid "a palindrome"
+msgstr "un palíndrom"
+
+msgid "case changes only"
+msgstr "només canvis de majúscules/minúscules"
+
+msgid "too similar"
+msgstr "massa similar"
+
+msgid "too simple"
+msgstr "massa senzilla"
+
+msgid "rotated"
+msgstr "rotada"
+
+msgid "too short"
+msgstr "massa curta"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "La contrasenya és incorrecta: %s."
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() ha fallat, error %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: contrasenya sense canvis\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: s'ha actualitzat la contrasenya satisfactòriament\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "La contrasenya és incorrecta per a «%s».\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: múltiples opcions «--root»\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: l'opció '%s' requereix un argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: ha fallat la rebaixa de privilegis (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: camí «chroot» incorrecta «%s»\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: no es pot accedir al directori «chroot» %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: no es pot accedir al directori «chroot» %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: no es pot executar «chroot» en el directori %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Valor incorrecta d'ENCRYPT_METHOD: «%s».\n"
+"Valor per defecte a DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "No es pot canviar al directori «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "No hi ha directori, s'està iniciant sessió amb HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "No es pot executar %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "El directori arrel «%s» no és vàlid\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "No es pot canviar el directori arrel a «%s»\n"
+
+msgid "Unable to determine your tty name."
+msgstr "No s'ha pogut determinar el nom del vostre tty."
+
+msgid "No"
+msgstr "No"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] USUARI\n"
+"\n"
+"Opcions:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday ÚLTIM_DIA estableix la data de l'últim canvi de "
+"contrasenya\n"
+" a ÚLTIM_DIA\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate DATA_EXPIRACIÓ\n"
+" estableix la data de caducitat del\n"
+" compte a DATA_EXPIRACIÓ\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr " -h, --help mostra aquesta ajuda i acaba\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INACTIVA estableix la contrasenya com inactiva "
+"després\n"
+" de INACTIVA dies de caducitat \n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+" -l, --list mostra informació d'envelliment del compte\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays DIES_MÃN estableix el número mínim de dies abans\n"
+" del canvi de contrasenya a DIES_MÃN\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays DIES_MÀX estableix el número màxim de dies abans\n"
+" del canvi de contrasenya a DIES_MÀX\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+" -R, --root CHROOT_DIR fes «chroot» en el directori CHROOT_DIR \n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays DIES_AVÃS estableix els dies d'avís de caducitat\n"
+" a DIES_AVÃS\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Introduïu el nou valor, o premeu INTRO per al predeterminat"
+
+msgid "Minimum Password Age"
+msgstr "Duració mínima de la contrasenya"
+
+msgid "Maximum Password Age"
+msgstr "Duració màxima de la contrasenya"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Últim canvi de contrasenya (AAAA-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Avís de caducitat de la contrasenya"
+
+msgid "Password Inactive"
+msgstr "Contrasenya inactiva"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data de caducitat per al compte (AAAA-MM-YY)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Últim canvi de contrasenya\t\t\t\t: "
+
+msgid "never"
+msgstr "mai"
+
+msgid "password must be changed"
+msgstr "s'ha de canviar la contrasenya"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "La contrasenya caduca\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Contrasenya inactiva\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "El compte caduca\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Número mínim de dies entre canvis de contrasenya\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Número màxim de dies entre canvis de contrasenya\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Número de dies d'avís abans que la contrasenya caduqui\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: la data «%s» no és vàlida\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: l'argument numèric «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: no inclogueu «l» amb altres assenyaladors\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: S'ha denegat el permís.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: No es pot determinar el seu nom d'usuari.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: no es pot blocar %s, intenteu-ho més tard\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: no es pot obrir el fitxer %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: fallada en escriure els canvis a: %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: el fitxer de contrasenyes ombra no és present\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: l'usuari «%s» no existeix a %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "S'està canviant la informació de caducitat per a %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: s'ha produït un error en canviar els camps\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [LOGIN]\n"
+"\n"
+"Opcions:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr " -f, --full-name FULL_NAME canviar el nom complet de l'usuari\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+" -h, --home-phone HOME_PHONE canvia el número de telèfon domestic de "
+"l'usuari\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+" -o, --other OTHER_INFO canvia altres informacions «GECOS» de "
+"l'usuari\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+" -r, --room ROOM_NUMBER canviar el número d'espai de l'usuari\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+" -u, --help mostra aquest missatge d'ajuda i surt\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+" -w, --work-phone WORK_PHONE canvia el número de telèfon del treball de "
+"l'usuari\n"
+
+msgid "Full Name"
+msgstr "Nom complet"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Número d'espai"
+
+msgid "Work Phone"
+msgstr "Telèfon de la feina"
+
+msgid "Home Phone"
+msgstr "Telèfon de casa"
+
+msgid "Other"
+msgstr "Altre"
+
+msgid "Cannot change ID to root.\n"
+msgstr "No es pot canviar l'ID al de root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: nom amb caràcters que no són ASCII: «%s»\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: el nom no és vàlid: «%s»\n"
+
+# traducció dubtosa
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: número d'habitació amb caràcters que no són ASCII: «%s»\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: el número d'habitació no és vàlid: «%s»\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: el telèfon de la feina no és vàlid: «%s»\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: el telèfon de casa no és vàlid: «%s»\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: «%s» conté caràcters que no són ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: «%s» conté caràcters no permesos\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: l'usuari «%s» no existeix\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: no s'ha pogut canviar l'usuari «%s» al client NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» és el mestre NIS per a aquest client.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "S'està canviant la informació d'usuari per a %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: els camps són massa llargs\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions]\n"
+"\n"
+"Opcions:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method METHOD el mètode de xifratge (un de %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+" -e, --encrypted les contrasenyes subministrades són "
+"xifrades\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 encriptar la contrasenya en text clar amb\n"
+" l'algorisme MD5\n"
+
+# traducció dubtosa
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds nombre de passos SHA pel\n"
+" algorisme de xifratge SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: el senyalador %s només és permet amb el senyalador %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: els senyaladors -c, -e, i -m són exclusius\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: mètode de xifratge no està implementat: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: línia %d: la línia és massa llarga\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: línia %d: manca la nova contrasenya\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Error en escriure %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: línia %d: el grup «%s» no existeix\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: línia %d: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: s'ha detectat un error, els canvis s'han ignorat\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (línia %d, usuari %s) contrasenya sense canviar\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: línia %d: l'usuari «%s» no existeix\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell INTÈRPRET nou intèrpret d'accés per al compte "
+"d'usuari\n"
+
+msgid "Login Shell"
+msgstr "Intèrpret d'accés"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "No podeu canviar l'intèrpret («shell») per a «%s».\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "S'està canviant l'intèrpret d'accés per a %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: L'entrada no és vàlida: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s no és un intèrpret («shell») vàlid.\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Advertència: %s no existeix\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Advertència: %s no és executable\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check comprova la caducitat de la contrasenya de "
+"l'usuari\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force força el canvi de la contrasenya de "
+"l'usuari\n"
+" si ha caducat\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: opcions %s i %s conflictes\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: no s'esperava l'argument: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all mostra els registres «faillog» per a tots "
+"els usuaris\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs SEC després d'una identificació fallida, "
+"bloqueja el compte durant SEC segons\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAX estableix el nombre màxim d'identificacions "
+"fallides a MAX\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset restableix els comptadors d'errors "
+"d'identificació\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DAYS mostra els registres «faillog» de menys de "
+"DAYS dies\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user LOGIN/RANGE mostra el registre «faillog» o manté els "
+"comptadors\n"
+" de fallides i els límits (si s'utilitza amb "
+"-r, -m,\n"
+" o -i) només per l'identificador/s LOGIN "
+"especificats\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: No s'ha pogut obtenir l'entrada de la UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Usuari Fallades Màxim Últim A\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus restants]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [blocat %lds]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+"%s: Ha fallat el restabliment del recompte de fallades per a l'UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: S'ha produït un error en establir el màxim per a l'UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Errada en establir «locktime» per a l'UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Usuari o rang desconegut: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: No es pot obtenir la mida de %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Error en escriure %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] GRUP\n"
+"\n"
+"Opcions:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add USER afegir USER al GROUP\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete USER elimina USER del GROUP\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+" -Q, --root CHROOT_DIR fes «chroot» en el directori CHROOT_DIR\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+" -r, --remove-password elimina la contrasenya del grup GROUP\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict restringeix l'accés als membres del grup "
+"GROUP\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+" -M, --members USER,... estableix el llistat de membres del grup "
+"GROUP\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" estableix la llista d'administradors del "
+"grup GROUP\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"Amb l'excepció de les opcions «-A» i «-M», no és possible combinar opcions.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "No es pot combinar opcions.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: es requereixen contrasenyes ombra de grups per a «-A»\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: el grup «%s» no existeix a %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: Error durant el tancament (en mode de lectura) de %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "S'està canviant la contrasenya per al grup %s\n"
+
+msgid "New Password: "
+msgstr "Nova contrasenya: "
+
+msgid "Re-enter new password: "
+msgstr "Tornau a escriure la nova contrasenya: "
+
+msgid "They don't match; try again"
+msgstr "No coincideixen; intenteu-ho de nou."
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Intenteu-ho de nou més tard.\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "S'està afegint l'usuari %s al grup %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "S'està eliminant l'usuari %s del grup %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: l'usuari «%s» no és membre de %s\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: No és un tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] GRUP\n"
+"\n"
+"Opcions:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force sortir correctament si el grup ja existeix,\n"
+" i calcel·lar «-g» si ja s'utilitza el GID\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID fes servir GID pel nou grup\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key KEY=VALUE substitueix els valors predeterminats de «/"
+"etc/login.defs»\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique permet crear grups amb duplicats\n"
+" (no únics) GID\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password PASSWORD fes servir aquesta contrasenya xifrada pel "
+"nou grup\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system genera un compte del sistema\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: «%s» no és un nom de grup vàlid\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: l'ID de grup «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: «-K» requereix CLAU=VALOR\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: el grup «%s» ja existeix\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: el GID '%lu ja existeix\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: no es pot configurar el servei de neteja.\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -r, --reset restableix els comptadors d'errors "
+"d'identificació\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: no es pot eliminar l'entrada «%s» de %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: no es pot eliminar el grup primari de l'usuari «%s»\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: el grup «%s» no existeix\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: el grup «%s» és un grup NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s és el mestre NIS\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: l'usuari «%s» és membre de %s\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: s'ha exhaurit la memòria. No es pot actualitzar %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [acció]\n"
+"\n"
+"Opcions:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group groupname canvia el nom de grup en lloc del grup de "
+"l'usuari\n"
+" (només «root»)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Accions:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add username afegeix el nom d'usuari als membres del "
+"grup\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete username elimina el nom d'usuari dels membres del "
+"grup\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge elimina tots els membres del grup\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list llista els membres del grup\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: el seu nom de grup no concorda amb el seu nom d'usuari\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s:només l'usuari «root» pot fer servir l'opció -g/--group\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID canvia l'ID del grup per GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name NEW_GROUP canvia el nom del grup per NEW_GROUP\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique permet utilitzar un duplicat (no únics) GID\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password PASSWORD canvia la contrasenya per aquesta (xifrada)\n"
+" PASSWORD\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: el nom de grup «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: el grup %s no és un grup NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: usuari %s desconegut\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [grup [grup_ombra]]\n"
+"\n"
+"Opcions:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [grup]\n"
+"\n"
+"Opcions:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only visualitza els errors i avisos\n"
+" però sense canviar els fitxers\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort ordena les entrades per UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: «-s» i «-r» són incompatibles\n"
+
+msgid "invalid group file entry"
+msgstr "l'entrada del fitxer de grup no és vàlida"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "voleu eliminar la línia «%s»? "
+
+msgid "duplicate group entry"
+msgstr "l'entrada de grup està duplicada"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "el nom de grup «%s» no és vàlid\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "el nom de grup «%lu» no és vàlid\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grup %s: no existeix l'usuari %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "voleu eliminar el membre «%s»? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "no hi ha cap entrada coincident al fitxer de grup en %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "voleu afegir el grup «%s» a %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"el grup %s té una entrada a %s, però el seu camp de contrasenya a %s no "
+"està establert a «x»\n"
+
+msgid "invalid shadow group file entry"
+msgstr "l'entrada del fitxer de grup ombra no és vàlida"
+
+msgid "duplicate shadow group entry"
+msgstr "entrada de grup ombra duplicada"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grup ombra %s: no existeix l'usuari administratiu %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "voleu eliminar el membre administratiu «%s»? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grup ombra %s: no existeix l'usuari %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: el fitxer s'ha actualitzat\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: no hi ha canvis\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: no es pot eliminar %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Forma d'ús: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Forma d'ús: id\n"
+
+msgid " groups="
+msgstr " grups="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before DIES mostra només els registres de lastlog més\n"
+" antics que DIES\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -a, --all mostra els registres «faillog» per a tots "
+"els usuaris\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -a, --all mostra els registres «faillog» per a tots "
+"els usuaris\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DIES mostra només els registres de lastlog més\n"
+" recents que DIES\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user USUARI mostra el registre de lastlog de l'USUARI\n"
+
+msgid "Username Port From Latest"
+msgstr "Usuari Port Des de Últim"
+
+msgid "Username Port Latest"
+msgstr "Usuari Port Últim"
+
+msgid "**Never logged in**"
+msgstr "**No ha entrat mai**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: No s'ha pogut obtenir l'entrada de la UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: no es pot actualitzar el fitxer de contrasenyes\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Forma d'ús: %s [-p] [nom]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h ordinador] [-f nom]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r ordinador\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "error de configuració - no es pot analitzar el valor %s: '%d'"
+
+msgid "Invalid login time"
+msgstr "El temps d'accés no és vàlid"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema tancat per a manteniment rutinari"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[S'ha evitat la desconnexió -- l'accés de «root» està permès]."
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: no es pot treballar sense ésser administrador\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"No hi ha entrada utmp. Heu d'executar «login» des del «sh» de nivell més baix"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"L'accés ha caducat després de %u segons.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: fallada de PAM, s'està cancel·lant: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s usuari: "
+
+msgid "login: "
+msgstr "usuari: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "S'ha excedit el nombre màxim d'intents (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "accés: cancel·lat a petició del PAM\n"
+
+msgid "Login incorrect"
+msgstr "Accés incorrecta"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "No es pot trobar l'usuari (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s usuari: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fallada al fer fork: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY ha fallat a %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Avís: accés reactivat després d'un bloqueig temporal."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Últim accés: %s a %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Última accés: %.19s a %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " des de %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"temps d'accés excedit\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Forma d'ús: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Forma d'ús: newgrp [-] [grup]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Forma d'ús: sg grup [[-c] ordre]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Error en escriure %s: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Contrasenya no vàlida.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fallada al fer fork: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: el GID »%lu« no existeix\n"
+
+msgid "too many groups\n"
+msgstr "hi ha massa grups\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system genera els comptes del sistema\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: el grup «%s» és un grup «shadow», però no existeix a /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: l'ID d'usuari «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: el nom d'usuari «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: línia %d: la línia no és vàlida\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: no es pot actualitzar l'entrada per a l'usuari %s (no apareix a la base "
+"de dades de contrasenyes)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: línia %d: no es pot generar l'usuari\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: línia %d: no es pot generar el grup\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: line %d: l'usuari «%s» no existeix a %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: línia %d: no es pot actualitzar la contrasenya\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr ""
+"%s: línia %d: no s'ha pogut generar el directori «%s» (ordre mkdir): %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr ""
+"%s: línia %d: no s'ha pogut canviar el propietari (ordre «chown») %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: línia %d: no es pot actualitzar l'entrada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: no es pot generar l'usuari\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: no es pot actualitzar el fitxer de grups\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all informa de l'estat de la contrasenya\n"
+" per a tots els comptes\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+" -d, --delete esborra la contrasenya per al compte\n"
+" anomenat\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire força la caducitat de la contrasenya per\n"
+" al compte anomenat\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens canvia la contrasenya només si ha caducat\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INACTIU estableix la contrasenya a inactiva després\n"
+" d'INACTIU dies de caducitat\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -l, --lock bloca el compte anomenat\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays DIES_MÃN estableix els dies mínims abans del canvi\n"
+" de contrasenya a DIES_MÃN\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet mode silenciós\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr " -r, --repository DIPÃ’SIT canvia la contrasenya en el DIPÃ’SIT\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status informa de l'estat de la contrasenya per\n"
+" al compte anomenat\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr " -u, --unlock desbloca el compte anomenat\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays DIES_AVÃS estableix els dies d'avís de caducitat\n"
+" a DIES_AVÃS\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays DIES_MÀX estableix els dies màxims abans del canvi\n"
+" de contrasenya a DIES_MÀX\n"
+
+msgid "Old password: "
+msgstr "Contrasenya antiga: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduïu la nova contrasenya (un mínim de %d caràcters)\n"
+"Feu servir una combinació de lletres majúscules i minúscules i números.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduïu la nova contrasenya (un mínim de %d i un màxim de %d caràcters)\n"
+"Feu servir una combinació de lletres majúscules i minúscules i\n"
+"números.\n"
+
+msgid "New password: "
+msgstr "Contrasenya nova:"
+
+msgid "Try again."
+msgstr "Intenteu-ho de nou."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Avís: contrasenya feble (introduïu-la de nou per fer-la servir igualment)."
+
+msgid "They don't match; try again.\n"
+msgstr "No coincideixen; intenteu-ho de nou.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "No es pot canviar la contrasenya de %s.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Encara no es pot canviar la contrasenya de %s.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: el desbloqueig de la contrasenya deixarà el compte sense contrasenya.\n"
+"Heu d'establir una contrasenya amb «usermod-p» per desblocar la contrasenya "
+"d'aquest compte.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: el dipòsit %s no és admès\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s no està autoritzat per canviar la contrasenya de %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: No podeu veure o canviar la informació de la contrasenya per a %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "S'està canviant la contrasenya per a %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "No s'ha canviat la contrasenya per a %s.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: S'ha canviat la contrasenya.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: la informació de caducitat de la contrasenya ha canviat.\n"
+
+# NOTE: passwd is a file (/etc/passwd)
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [fitxer «/etc/passwd»]\n"
+"\n"
+"Opcions:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [passwd [shadow]]\n"
+"\n"
+"Opcions:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet informa només dels errors\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: no hi ha un fitxer «shadow» alternatiu permès quan USE_TCB està "
+"habilitat.\n"
+
+msgid "invalid password file entry"
+msgstr "l'entrada del fitxer de contrasenyes no és vàlida"
+
+msgid "duplicate password entry"
+msgstr "l'entrada de contrasenya està duplicada"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "el nom d'usuari «%s» no és vàlid\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "l'ID d'usuari «%lu» no és vàlid\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "usuari «%s»: no existeix el grup %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "usuari «%s»: el directori «%s» no existeix\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "usuari «%s»: el programa «%s» no existeix\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "no es troba el directori «tcb» per a %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "genera el directori «tcb» per a %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "ha fallat la generació del directori «tcb» per a %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: no es pot blocar el fitxer %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "cap entrada del fitxer de contrasenyes concorda amb %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "voleu afegir l'usuari «%s» a %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"l'usuari %s té una entrada a %s, però el seu camp de contrasenya a %s no "
+"està establert a «x»\n"
+
+msgid "invalid shadow password file entry"
+msgstr "l'entrada del fitxer de contrasenyes ombra no és vàlida"
+
+msgid "duplicate shadow password entry"
+msgstr "entrada de contrasenya ombra duplicada"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "usuari %s: l'últim canvi de contrasenya s'ha produït en el futur\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: no es pot ordenar les entrades en el fitxer %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: no es pot treballar amb el «tcb» habilitat\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: ha fallat el canvi del mode %s a 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "L'accés de «su» a aquest compte està DENEGAT.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "S'ha evitat l'autenticació de contrasenya.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Si us plau introduïu la VOSTRA contrasenya com a autenticació.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: no es pot blocar el «shell» de l'usuari\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: senyal de mal funcionament\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: el senyal emmascara un error\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sessió acabada, finalitzant el «shell»..."
+
+msgid " ...killed.\n"
+msgstr "...mort.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr "...esperant al fill per acabar.\n"
+
+msgid " ...terminated.\n"
+msgstr "...acabat.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Forma d'ús: su [opcions] [USUARI]\n"
+"\n"
+"Opcions:\n"
+" -c, --command ORDRE passa l'ORDRE a l'intèrpret d'ordres\n"
+" invocat\n"
+" -h, --help mostra aquest missatge d'ajuda i acaba\n"
+" -, -l, --login fes de l'intèrpret d'ordres un d'accés\n"
+" -m, -p,\n"
+" --preserve-environment manté les variables d'entorn,\n"
+" i el mateix intèrpret d'ordres\n"
+" -s, --shell INTÈRPRET fes servir INTÈRPRET en comptes del\n"
+" predeterminat a passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorat)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "No esteu autoritzats a usar «su %s»\n"
+
+msgid "(Enter your own password)"
+msgstr "(Introduïu la vostra pròpia contrasenya)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: l'autenticació ha fallat\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: No estau autoritzat a usar «su» en aquest moment\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "No hi ha entrada de contrasenya per a l'usuari «%s»\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: s'ha d'executar des d'un terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: error %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: No es pot deixar anar el terminal de control\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "No es pot executar %s\n"
+
+msgid "No password file"
+msgstr "No hi ha fitxer de contrasenyes"
+
+msgid "TIOCSCTTY failed"
+msgstr "ha fallat TIOCSCTTY"
+
+msgid "No password entry for 'root'"
+msgstr "No hi ha entrada de contrasenya per a «root»"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Pitgeu «control-d» per continuar amb l'inici normal del sistema,\n"
+"(o introduïu la contrasenya de «root» per a manteniment del sistema):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "S'està entrant en mode de manteniment del sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s va ser generat, però no és possible eliminar-ho\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: la configuració %s a %s serà ignorada\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: no es pot crear un fitxer nou de preferències predeterminades\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: no es pot obrir un fitxer nou de preferències predeterminades\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: línia massa llarga a %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: no es pot generar l'enllaç simbòlic %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: reanomena %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: el grup «%s» és un grup NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: s'han especificat massa grups (màx de %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] LOGIN\n"
+" %s -D\n"
+" %s -D [opcions]\n"
+"\n"
+"Opcions:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir BASE_DIR directori base per al directori arrel del\n"
+" compte nou\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment COMMENT camp GECOS del nou compte\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir HOME_DIR directori arrel del nou compte\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults imprimeix o canvia la configuració "
+"predeterminada de l'usuari afegit\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr " -e, --expiredate EXPIRE_DATE data de venciment del nou compte\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr " -f, --inactive INACTIVE període d'inactivitat del nou compte\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid GROUP nom o ID del grup primari del nou\n"
+" compte\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups GROUPS llista dels grups suplementaris del nou\n"
+" compte\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+" -k, --skel SKEL_DIR fer servir aquesta branca de directori "
+"alternativa\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init no afegir l'usuari al darrer informe i\n"
+" a la base de dades dels informes d'errades\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+" -m, --create-home genera el directori arrel dels usuaris\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+" -M, --no-create-home no genera el directori arrel dels usuaris\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group no genera el grup amb el mateix nom de\n"
+" l'usuari\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique permetre generar usuaris amb duplicació\n"
+" (no únics) UID\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr " -p, --password PASSWORD contrasenya xifrada del nou compte\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell SHELL «shell» d'entrada del nou compte\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID ID d'usuari del nou compte\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group generar un grup amb el mateix nom que "
+"l'usuari\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SEUSER utilitzar un «SEUSER» específic per a "
+"l'assignació d'usuaris «SELinux»\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: el directori base «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: el comentari «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: el directori personal «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: les contrasenyes ombra són requerides per a «-e»\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: les contrasenyes ombra són requerides per a «-f»\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: el camp «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: l'intèrpret «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z requereix nucli «SELinux» habilitat\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+"%s: ha fallat el restabliment de l'entrada del registre d'errors de UID %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: ha fallat el restabliment del darrer registre de UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: no es pot crear el directori %s\n"
+
+msgid "Creating mailbox file"
+msgstr "S'està creant la bústia de correu"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"No s'ha trobat el grup «mail». S'està creant la bústia de correu de "
+"l'usuariamb mode 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "S'estan establint els permisos de la bústia de correu"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: l'usuari «%s» existeix\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: el grup %s existeix, si voleu afegir aquest usuari a aquest grup, useu «-"
+"g».\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: no es pot generar l'usuari\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: el UID %lu no és únic\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: no es pot generar el directori «tcb» per a %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: no es pot generar el grup\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: no es pot generar l'usuari\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: no es pot generar el grup\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: avís: el directori personal ja existeix.\n"
+"No s'hi copiarà cap fitxer del directori skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: avís: falla el nom d'usuari %s a %s a l'assignació d'usuaris «SELinux».\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force força l'eliminació de fitxers, encara que\n"
+" no siguin propietat de l'usuari\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove elimina el directori personal i la cua\n"
+" de correu\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user elimina totes les assignacions SELinux per a "
+"l'usuari\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: no s'ha pogut eliminar el grup %s degut a què no és el grup primari de "
+"l'usuari %s\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: no s'eliminarà el grup %s degut a que hi ha usuaris assignats.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: no es pot eliminar el grup %s, que és el grup primari per un altre "
+"usuari.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: no es pot eliminar l'entrada «%s» de %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s no s'ha trobat la cua de correu (%s)\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: avís: no es pot eliminar %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s no és propietat de %s, no s'elimina\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: No és possible assignar memòria, l'entrada «tcb» de %s no s'elimina.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: no es poden eliminar autoritzacions: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: no es pot eliminar el contingut de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: no es pot eliminar els fitxers «tcb» de %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: l'usuari %s és un usuari NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: no s'ha trobat el directori personal (%s) de %s \n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: no s'elimina el directori %s (eliminaria el directori personal de "
+"l'usuari %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: s'ha produït un error en eliminar el directori %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: avís: ha fallat l'eliminació del nom d'usuari %s de l'assignació "
+"d'usuaris SELinux.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment COMENTARI nou valor per al camp GECOS\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home DIR_PERSONAL nou directori personal per al nou compte\n"
+" d'usuari\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate DATA_CADUCITAT estableix la data de caducitat del compte\n"
+" a DATA_CADUCITAT\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INACTIU estableix la contrasenya a inactiva després\n"
+" d'INACTIU dies de caducitat\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid GRUP força l'ús de GRUP com a nou grup inicial\n"
+" d'accés\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups GRUPS llista de GRUPS addicionals\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append afegeix l'usuari als GRUPS addicionals\n"
+" llistats amb la opció -G sense eliminar-los\n"
+" d'altres grups\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login NEW_LOGIN nou nom d'usuari\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -l, --login USUARI nou valor per al nom d'usuari\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home mou els continguts del directori personal\n"
+" a la nova ubicació (usar només amb -d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr " -o, --non-unique permet usar UID duplicats (no únics)\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password CONTRASENYA usa contrasenya xifrada per a la nova\n"
+" contrasenya\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID nou UID per al compte d'usuari\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock desbloca el compte d'usuari\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user SEUSER nova assignació SELinux per al compte "
+"d'usuari\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: el desbloqueig de la contrasenya de l'usuari deixarà el compte sense "
+"contrasenya.\n"
+"Ha d'establir una contrasenya amb «usermod-p» per desbloquejar la "
+"contrasenya de l'usuari.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: l'usuari «%s» ja existeix a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: la data «%s» no és vàlida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: la data «%s» no és vàlida\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: sense opcions\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: els indicadors -L, -p, i -U són exclusius\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: les contrasenyes ombra són obligatòries per a «-e» i «-f»\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID '%lu' ja existeix\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s no està autoritzat per canviar la contrasenya de %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: el directori %s ja existeix\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: El directori arrel d'usuari anterior (%s) no és un directori. No s'ha "
+"eliminat i no s'han generat els directoris arrels d'usuaris.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: No s'ha pogut canviar la propietat del directori d'inici"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: avís: no s'ha pogut eliminar completament l'antic directori personal %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: no es pot reanomenar el directori %s a %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: ha fallat la còpia de l'entrada del darrer registre de l'usuari %lu al "
+"usuari %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: ha fallat la còpia de l'entrada del registre d'errors del usuari %lu al "
+"usuari %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: avís: %s no és propietat de %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "no s'ha pogut canviar el propietari de la bústia de correu"
+
+msgid "failed to rename mailbox"
+msgstr "no s'ha pogut reanomenar la bústia de correu"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Heu modificat %s.\n"
+"Cal que modifiqueu %s per mantenir la consistència.\n"
+"Feu servir l'ordre «%s» per fer-ho.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group edita la base de dades del grup\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+" -p, --passwd edita la base de dades de contrasenyes\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+" -s, --shadow edita la base de dades «shadow» o «gshadow»\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+" -u, --user usuaris «tcb» que poden editar el fitxer "
+"«shadow»\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: fallida en eliminar %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: no s'ha canviat %s\n"
+
+msgid "failed to create scratch directory"
+msgstr "no s'ha pogut generar el directori temporal"
+
+msgid "failed to drop privileges"
+msgstr "fallida en eliminar els permisos"
+
+msgid "Couldn't get file context"
+msgstr "No s'ha pogut obtenir el context del fitxer"
+
+msgid "setfscreatecon () failed"
+msgstr "ha fallat setfscreatecon()"
+
+msgid "failed to gain privileges"
+msgstr "fallida en obtenir els permisos"
+
+msgid "Couldn't lock file"
+msgstr "No s'ha pogut blocar el fitxer"
+
+msgid "Couldn't make backup"
+msgstr "No s'ha pogut fer una còpia de seguretat"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: «nscd» ha sortit amb l'estat %d"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "no s'ha pogut obrir el fitxer de treball («scratch file»)"
+
+msgid "failed to unlink scratch file"
+msgstr "no s'ha pogut desvincular el fitxer de treball "
+
+msgid "failed to stat edited file"
+msgstr "no s'ha pogut comptabilitzar el fitxer editat"
+
+msgid "failed to allocate memory"
+msgstr "no es pot assignar memòria"
+
+msgid "failed to create backup file"
+msgstr "no es pot generar el fitxer de còpia de seguretat"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: no es pot restaurar %s: %s (els seus canvis estan a %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: no es pot trobar el directori «tcb» per %s\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr " -c, --crypt-method el mètode d'encriptat (un de %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Forma d'ús: vipw [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) ha fallat\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: chage [opcions] [USUARI]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -d, --lastday ÚLTIM_DIA estableix l'últim canvi de "
+#~ "contrasenya\n"
+#~ " a ÚLTIM_DIA\n"
+#~ " -E, --expiredate DATA_EXPIRACIÓ estableix la data d'expiració del\n"
+#~ " compte a DATA_EXPIRACIÓ\n"
+#~ " -h, --help mostra aquesta ajuda i acaba\n"
+#~ " -I, --inactive INACTIVA estableix la contrasenya inactiva\n"
+#~ " després d'expiració a INACTIVA\n"
+#~ " -l, --list mostra informació d'envelliment del\n"
+#~ " compte\n"
+#~ " -m, --mindays DIES_MÃN estableix el número mínim de dies "
+#~ "abans\n"
+#~ " de canvi de contrasenya a DIES_MÃN\n"
+#~ " -M, --maxdays DIES_MÀX estableix el número màxim de dies "
+#~ "abans\n"
+#~ " de canvi de contrasenya a DIES_MÀX\n"
+#~ " -W, --warndays DIES_AVÃS estableix els dies d'avís d'expiració\n"
+#~ " a DIES_AVÃS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: l'autenticació PAM ha fallat\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Forma d'ús: %s [-f nom_complet] [-r num_habitació] [-w tel_feina]\n"
+#~ "\t[-h tel_casa] [-o altre] [usuari]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Forma d'ús: %s [-f nom_complet] [-r num_habitació] [-w tel_feina]\n"
+#~ "[-h tel_casa]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Forma d'ús: %s [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -c, --crypt-method mètode de xifrat (un de %s)\n"
+#~ " -e, --encrypted les contrasenyes proveïdes estan "
+#~ "xifrades\n"
+#~ " -h, --help mostra aquest missatge d'ajuda i acaba\n"
+#~ " -m, --md5 xifra la contrasenya en text pla fent "
+#~ "servir\n"
+#~ " l'algorisme MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: chsh [opcions] [USUARI]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -h, --help mostra aquest missatge d'ajuda i acaba\n"
+#~ " -s, --shell INTÈRPRET nou intèrpret d'accés per al compte "
+#~ "d'usuari\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Forma d'ús: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: Errada en l'obtenció de l'entrada per UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "informe d'error: no es pot obrir %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: No és possible obtenir la mida de %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Forma d'ús: groupdel grup\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Forma d'ús: %s [-r] [-s] [grup [grup_ombra]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Forma d'ús: %s [-r] [-s] [grup]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: «-s» i «-r» són incompatibles\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Forma d'ús: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Forma d'ús: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: lastlog [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -b, --before DIES mostra només els registres de lastlog "
+#~ "més\n"
+#~ " antics que DIES\n"
+#~ " -h, --help mostra aquest missatge d'ajuda i acaba\n"
+#~ " -t, --time DIES mostra només els registres de lastlog "
+#~ "més\n"
+#~ " recents que DIES\n"
+#~ " -u, --user USUARI mostra el registre de lastlog per a\n"
+#~ " l'usuari amb USUARI especific\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: passwd [opcions] [USUARI]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -a, --all informa de l'estat de la contrasenya\n"
+#~ " per a tots els comptes\n"
+#~ " -d, --delete esborra la contrasenya per al compte\n"
+#~ " anomenat\n"
+#~ " -e, --expire força la caducitat de la contrasenya per\n"
+#~ " al compte anomenat\n"
+#~ " -h, --help mostra aquest missatge d'ajuda i acaba\n"
+#~ " -k, --keep-tokens canvia la contrasenya només si ha "
+#~ "caducat\n"
+#~ " -i, --inactive INACTIU estableix la contrasenya a inactiva "
+#~ "després\n"
+#~ " d'INACTIU dies de caducitat\n"
+#~ " -l, --lock bloca el compte anomenat\n"
+#~ " -n, --mindays DIES_MÃN estableix els dies mínims abans del "
+#~ "canvi\n"
+#~ " de contrasenya a DIES_MÃN\n"
+#~ " -q, --quiet mode silenciós\n"
+#~ " -r, --repository REPOSITORI canvia la contrasenya en el REPOSITORI\n"
+#~ " -S, --status informa de l'estat de la contrasenya per\n"
+#~ " al compte anomenat\n"
+#~ " -u, --unlock desbloca el compte anomenat\n"
+#~ " -w, --warndays DIES_AVÃS estableix els dies d'avís de caducitat\n"
+#~ " a DIES_AVÃS\n"
+#~ " -x, --maxdays DIES_MÀX estableix els dies màxims abans del "
+#~ "canvi\n"
+#~ " de contrasenya a DIES_MÀX\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Forma d'ús: %s [-q] [-r] [contrasenya]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Forma d'ús: %s [-q] [-r] [-s] [contrasenya [ombra]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Forma d'ús: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Forma d'ús: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "El identificador és desconegut: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "No hi ha intèrpret d'ordres\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: userdel [opcions] USUARI\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -f, --force força l'eliminació de fitxers, encara "
+#~ "que\n"
+#~ " no siguin propietat de l'usuari\n"
+#~ " -h, --help mostra aquesta ajuda i acaba\n"
+#~ " -r, --remove elimina el directori personal i la cua\n"
+#~ " de correu\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: l'usuari %s està actualment dins el sistema\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Forma d'ús: usermod [opcions] USUARI\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -c, --comment COMENTARI nou valor per al camp GECOS\n"
+#~ " -d, --home DIR_PERSONAL nou directori personal per al nou compte\n"
+#~ " d'usuari\n"
+#~ " -e, --expiredate DATA_CADUCIT estableix la data de caducitat del "
+#~ "compte\n"
+#~ " a DATA_CADUCITAT\n"
+#~ " -f, --inactive INACTIU estableix la contrasenya a inactiva "
+#~ "després\n"
+#~ " d'INACTIU dies de caducitat\n"
+#~ " -g, --gid GRUP força l'ús de GRUP com a nou grup "
+#~ "inicial\n"
+#~ " d'accés\n"
+#~ " -G, --groups GRUPS llista de GRUPS addicionals\n"
+#~ " -a, --append afegeix l'usuari als GRUPS addicionals\n"
+#~ " llistats amb la opció -G sense eliminar-"
+#~ "los\n"
+#~ " d'altres grups\n"
+#~ " -h, --help mostra aquest missatge d'ajuda i surt\n"
+#~ " -l, --login USUARI nou valor per al nom d'usuari\n"
+#~ " -L, --lock bloca el compte d'usuari\n"
+#~ " -m, --move-home mou els continguts del directori "
+#~ "personal\n"
+#~ " a la nova ubicació (usar només amb -d)\n"
+#~ " -o, --non-unique permet usar UID duplicats (no únics)\n"
+#~ " -p, --password CONTRASENYA usa contrasenya xifrada per a la nova\n"
+#~ " contrasenya\n"
+#~ " -s, --shell INTÈRPRET nou intèrpret d'accés per al compte "
+#~ "d'usuari\n"
+#~ " -u, --uid UID nou UID per al compte d'usuari\n"
+#~ " -U, --unlock desbloca el compte d'usuari\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: no s'han especificat assenyaladors\n"
+
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: vipw [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -g, --group edita la base de dades de grup\n"
+#~ " -h, --help mostra aquest missatge d'ajuda i acaba\n"
+#~ " -p, --passwd edita la base de dades de passwd\n"
+#~ " -q, --quiet mode silenciós\n"
+#~ " -s, --shadow edita la base de dades de shadow o "
+#~ "gshadow\n"
+#~ "\n"
+
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Forma d'ús: %s [entrada]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: no es pot crear %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: no es pot fer canviar el propietari a %s\n"
+
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: faillog [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -a, --all mostra els registres de faillog de tots "
+#~ "els\n"
+#~ " usuaris\n"
+#~ " -h, --help mostra aquest missatge d'ajuda i acaba\n"
+#~ " -l, --lock-time SEG bloca durant SEG segons després d'una\n"
+#~ " fallada d'accés\n"
+#~ " -m, --maximum MÀX especifica els comptadors màxims de\n"
+#~ " fallades d'accés a MÀX\n"
+#~ " -r, --reset reinicialitza els comptadors de fallades\n"
+#~ " d'accés\n"
+#~ " -t, --time DIES mostra registres de faillog més recents "
+#~ "que\n"
+#~ " DIES\n"
+#~ " -u, --user USUARI mostra registre de faillog o manté\n"
+#~ " comptadors de fallades i límits (si es "
+#~ "fa\n"
+#~ " servir amb les opcions -r, -m o -l) "
+#~ "només\n"
+#~ " per a l'usuari amb USUARI\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: groupadd [opcions] GRUP\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -f, --force força la sortida amb un estat d'èxit si "
+#~ "el\n"
+#~ " grup especificat ja existeix\n"
+#~ " -g, --gid GID usa GID per al nou grup\n"
+#~ " -h, --help mostra aquest missatge d'ajuda i acaba\n"
+#~ " -K, --key CLAU=VALOR substitueix els valors predeterminats de\n"
+#~ " /etc/login.defs\n"
+#~ " -o, --non-unique permet crear grups amb GID duplicats\n"
+#~ " (no únics)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: groupmod [opcions] GRUP\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -g, --gid GID força l'ús del nou GID per a GRUP\n"
+#~ " -h, --help mostra aquest missatge d'ajuda i acaba\n"
+#~ " -n, --new-name NOU_GRUP força l'ús del nom NOU_GRUP per a GRUP\n"
+#~ " -o, --non-unique permet usar GID duplicats (no únics) per\n"
+#~ " a GRUP\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Forma d'ús: useradd [opcions] USUARI\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -b, --base-dir DIR_BASE directori base per al directori "
+#~ "personal\n"
+#~ " del nou compte d'usuari\n"
+#~ " -c, --comment COMENTARI estableix el camp GECOS per al nou\n"
+#~ " compte d'usuari\n"
+#~ " -d, --home-dir DIR_PERSONAL directori personal per al nou compte\n"
+#~ " -D, --defaults mostra o guarda les modificacions a "
+#~ "les\n"
+#~ " d'usuari configuracions "
+#~ "predeterminades\n"
+#~ " de useradd\n"
+#~ " -e, --expiredate DATA_CADUCITAT estableix la data de caducitat del\n"
+#~ " compte a DATA_CADUCITAT\n"
+#~ " -f, --inactive INACTIU estableix la contrasenya a inactiva\n"
+#~ " després\n"
+#~ " d'INACTIU dies de caducitat\n"
+#~ " -g, --gid GRUP força l'ús del GRUP per al nou compte\n"
+#~ " creat\n"
+#~ " -G, --groups GRUPS llista de grups suplementaris per al "
+#~ "nou\n"
+#~ " compte d'usuari\n"
+#~ " -h, --help mostra aquest missatge d'ajuda i "
+#~ "acaba\n"
+#~ " -k, --skel DIR_SKEL especifica un directori skel "
+#~ "alternatiu\n"
+#~ " -K, --key CLAU=VALOR substitueix els valors predeterminats "
+#~ "de\n"
+#~ " /etc/login.defs\n"
+#~ " -m, --create-home crea el directori personal per al nou\n"
+#~ " compte d'usuari\n"
+#~ " -o, --non-unique permet crear usuaris amb UID "
+#~ "duplicats\n"
+#~ " (no únics)\n"
+#~ " -p, --password CONTRASENYA usa contrasenya xifrada per al nou\n"
+#~ " compte d'usuari\n"
+#~ " -s, --shell INTÈRPRET l'intèrpret d'accés per al nou compte\n"
+#~ " d'usuari\n"
+#~ " -u, --uid UID força l'ús de UID per al nou compte\n"
+#~ " d'usuari\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "S'ha establert la contrasenya a caducada."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: no es pot actualitzar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNom complet: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNúmero d'habitació: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelèfon de la feina: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelèfon de casa: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "No s'ha pogut blocar el fitxer de contrasenyes; intenteu-ho més tard\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "No s'ha pogut obrir el fitxer de contrasenyes.\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s: no s'ha trobat %s a «/etc/passwd»\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Error en actualitzar l'entrada de la contrasenya.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "No es poden confirmar els canvis del fitxer de contrasenyes.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "No s'ha pogut desblocar el fitxer de contrasenyes.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de grups\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grups\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: no s'ha pogut blocar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: no s'ha pogut obrir el fitxer de contrasenyes ombra\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en actualitzar el fitxer de contrasenyes ombra\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: s'ha produït un error en actualitzar l'entrada de grup\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: línia %d: el grup %s és desconegut\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: línia %d: no es pot actualitzar l'entrada\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: no s'ha pogut blocar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en actualitzar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en actualitzar el fitxer de contrasenyes\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: línia %d: l'usuari %s és desconegut\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr ""
+#~ "%s: línia %d: no s'ha pogut actualitzar l'entrada de la contrasenya\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: l'usuari és desconegut\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "L'usuari és desconegut: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Forma d'ús: %s [-r|-R] grup\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a usuari] grup\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d usuari] grup\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A usuari,...] [-M usuari,...] grup\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M usuari,...] grup\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: no es pot obtenir el bloqueig\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr ""
+#~ "%s: no es pot obtenir el bloqueig del fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: no es pot obrir el fitxer\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer ombra\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: no es pot desblocar el fitxer\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: no es pot actualitzar l'entrada\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr ""
+#~ "%s: no es pot actualitzar l'entrada del fitxer de contrasenyes ombra\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "El grup és desconegut: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: no es pot obrir el fitxer\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: no s'ha pogut obrir el fitxer de contrasenyes ombra\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Qui sou?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: El membre %s és desconegut\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: s'ha produït un error en afegir la nova entrada de grup\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de grup\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de grups ombra\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de grup\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grup\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de grup ombra\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grup ombra\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: el GID %u no és únic\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: s'ha produït un error en eliminar l'entrada de grup\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: s'ha produït un error en eliminar l'entrada de grup ombra\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: no es pot eliminar el grup primari de l'usuari.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "No s'han trobat els membres a borrar\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr "Forma d'ús: groupmems -a úsuari | -d úsuari | -D | -l [-g grup]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Només el superusuari pot afegir members a grups diferents\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "És requereix accés de grup\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "No és propietari principal del grup actual\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "l'autenticació PAM ha fallat per\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "No es pot blocar el fitxer de grup\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "No es pot obrir el fitxer de grup\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: no s'ha trobat %s a «/etc/group»\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u no és un GID únic\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s no és un nom únic\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de contrasenyes\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de contrasenyes\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: no es pot d'obrir el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: no es pot actualitzar l'entrada ombra per a %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: no es pot actualitzar l'entrada per al grup %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de grups ombra\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grups ombra\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: no es pot eliminar el grup ombra %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: no es pot actualitzar el fitxer de grups ombra\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: no es pot eliminar el fitxer de grups ombra\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "El UID és desconegut: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "El GID és desconegut: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: el grup %s no existeix\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: l'usuari %s no existeix\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: el nom d'usuari «%s» no és vàlid\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: no es pot blocar «/etc/passwd».\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: no es pot blocar «/etc/passwd».\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: no es pot blocar «/etc/passwd».\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: no es pot blocar «/etc/passwd».\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: no es poden obrir els fitxers\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: s'ha produït un error en actualitzar el fitxer\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: no es pot actualitzar l'entrada de la contrasenya per a %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: no es pot eliminar l'entrada ombra per a %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: no es pot actualitzar el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: no es pot actualitzar l'entrada per a l'usuari %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: no es pot eliminar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: el GID %s és desconegut\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: el grup %s és desconegut\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: sense memòria a update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de contrasenyes\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: s'ha produït un error en blocar el fitxer de grups\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: s'ha produït un error en obrir el fitxer de grups\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: s'ha produït un error en blocar el fitxer de grups ombra\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: s'ha produït un error en obrir el fitxer de grups ombra\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en afegir la nova entrada de contrasenya\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en afegir la nova entrada de contrasenya ombra\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: avís: CREATE_HOME no està suportat, si us plau useu «-m» en el seu "
+#~ "lloc.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: s'ha produït un error en actualitzar l'entrada de grup\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: s'ha produït un error en actualitzar l'entrada de grup\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grups\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grups ombra\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: s'ha produït un error en eliminar l'entrada de contrasenya\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en eliminar l'entrada de contrasenya ombra\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: s'ha produït un error en afegir la nova entrada de grup\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: l'UID %lu no és únic\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: s'ha produït un error en canviar l'entrada de contrasenya\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: s'ha produït un error en eliminar l'entrada de contrasenya\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en eliminar l'entrada de contrasenya ombra\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: no es pot obtenir un GID únic\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " a «%.100s» des de «%.200s»"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " a «%.100s»"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: línia %d: no es pot crear el UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: el nom %s no és únic\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: chpasswd [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -e, --encrypted\tles contrasenyes proveïdes estan xifrades\n"
+#~ " -h, --help\t\tmostra aquest missatge d'ajuda i acaba\n"
+#~ " -m, --md5\t\tusa xifrat MD5 en comptes de DES quan les contrasenyes\n"
+#~ "\t\t\tproveïdes no estan xifrades\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "No hi ha fitxer de contrasenyes\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Disculpeu.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Disculpeu, la contrasenya per a %s encara no es pot canviar.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Disculpeu."
diff --git a/po/cs.po b/po/cs.po
new file mode 100644
index 0000000..7828ebe
--- /dev/null
+++ b/po/cs.po
@@ -0,0 +1,3686 @@
+# Czech translation of shadow-utils.
+# Jiří Pavlovský <pavlovsk@ff.cuni.cz>, 1999-2000
+# Miroslav Kuře <kurem@debian.cz>, 2004-2014
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.2\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2014-08-22 17:05+0200\n"
+"PO-Revision-Date: 2014-08-24 15:07+0200\n"
+"Last-Translator: Miroslav Kure <kurem@debian.cz>\n"
+"Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n"
+"Language: cs\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Zjištěno několik záznamů pojmenovaných „%s“ v souboru %s. Napravte to prosím "
+"pomocí pwck nebo grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "typ šifry není knihovnou libcrypt podporován? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "konfiguraÄní chyba - nelze zpracovat hodnotu %s: „%s“"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Nelze alokovat dostatek místa pro konfiguraÄní údaje.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"konfiguraÄní chyba - neznámá položka „%s“ (informujte správce systému)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd nebyl ukonÄen normálnÄ› (signál %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd skonÄil se stavem %d\n"
+
+msgid "Password: "
+msgstr "Heslo: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Heslo uživatele %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Nelze vytvořit spojení k SELinuxovému semanage\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "Politika SELinuxu není řízená\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Nelze Äíst úložiÅ¡tÄ› SELinux politik\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Nelze navázat spojení k SELinuxovému semanage\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Nelze zahájit SELinux transakci\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Dotaz na „seuser“ uživatele %s selhal\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Nelze nastavit „serange“ uživatele %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Nelze nastavit „sename“ uživatele %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Nelze změnit mapování uživatele %s na SEuživatele\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Nelze vytvořit mapování uživatele %s na SEuživatele\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Nelze nastavit jméno uživatele %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Nelze nastavit SELinux uživatele pro %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Nelze přidat mapování uživatele %s na SEuživatele\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Nelze inicializovat správu SELinuxu\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Nelze vytvoÅ™it uživatelský klÃ­Ä k SELinuxu\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Nelze ověřit SELinux uživatele\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Nelze změnit mapování na SELinuxového uživatele\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Nelze přidat mapování na SELinuxového uživatele\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Nelze dokonÄit SELinuxovou transakci\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Mapování uživatele %s není definováno, OK, pokud bylo použito výchozí "
+"mapování\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr "Mapování uživatele %s je definováno v politice, nemůže být smazáno\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Nelze smazat mapování pro uživatele %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: došla paměť\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: nelze zavolat stat %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s není ani adresář, ani symbolický odkaz.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Nelze Äíst symbolický odkaz %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Podezřele dlouhý symbolický odkaz: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Nelze vytvořit adresář %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Nelze změnit vlastníka %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Nelze změnit oprávnění k %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: smazání: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Nelze odstranit adresář %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Nelze přejmenovat %s na %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Nelze odstranit %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Nelze vytvořit symbolický odkaz %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Nelze změnit vlastníky %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Nelze zavolat lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Varování, uživatel %s nemá v tcb svůj soubor shadow.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Krizový stav: shadow v tcb uživatele %s není běžným souborem "
+"(st_nlink=1).\n"
+"ÚÄet je ponechán zamknutý.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: vytvoření adresáře: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Nelze otevřít %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Varování: neznámá skupina %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Varování: příliš mnoho skupin\n"
+
+msgid "Your password has expired."
+msgstr "Platnost vašeho hesla vypršela."
+
+msgid "Your password is inactive."
+msgstr "Vaše heslo je vypnuto."
+
+msgid "Your login has expired."
+msgstr "Platnost vaÅ¡eho úÄtu vyprÅ¡ela."
+
+msgid " Contact the system administrator."
+msgstr " Kontaktujte správce systému."
+
+msgid " Choose a new password."
+msgstr " Zvolte nové heslo."
+
+msgid "You must change your password."
+msgstr "Musíte si změnit heslo."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Platnost vašeho hesla vyprší za %ld dnů.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Platnost vašeho hesla vyprší zítra."
+
+msgid "Your password will expire today."
+msgstr "Platnost vašeho hesla vyprší dnes."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Nelze otevřít auditní rozhraní - konÄím.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Nelze změnit vlastníka nebo oprávnění k tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: nepodařilo se odemknout %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "PÅ™eteÄení prostÅ™edí\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Nemůžete změnit $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d selhání od posledního přihlášení.\n"
+"Poslední: %s na %s.\n"
+msgstr[1] ""
+"%d selhání od posledního přihlášení.\n"
+"Poslední: %s na %s.\n"
+msgstr[2] ""
+"%d selhání od posledního přihlášení.\n"
+"Poslední: %s na %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Neplatné nastavení: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Neplatné nastavení: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: selhala alokace paměti: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: Nelze získat jedineÄné systémové GID (volná GID neexistují)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Nelze získat jedineÄné GID (volná GID neexistují)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SUB_GID_MIN (%lu), SUB_GID_MAX (%lu), "
+"SUB_GID_COUNT (%lu)\n"
+msgstr ""
+"%s: Neplatné nastavení: SUB_GID_MIN (%lu), SUB_GID_MAX (%lu), "
+"SUB_GID_COUNT (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique subordinate GID range\n"
+msgstr "%s: Nelze získat jedineÄný rozsah podřízených GID\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SUB_UID_MIN (%lu), SUB_UID_MAX (%lu), "
+"SUB_UID_COUNT (%lu)\n"
+msgstr ""
+"%s: Neplatné nastavení: SUB_UID_MIN (%lu), SUB_UID_MAX (%lu), "
+"SUB_UID_COUNT (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique subordinate UID range\n"
+msgstr "%s: Nelze získat jedineÄný rozsah podřízených UID\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Neplatné nastavení: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Neplatné nastavení: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: Nelze získat jedineÄné systémové UID (volná UID neexistují)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Nelze získat jedineÄné UID (volná UID neexistují)\n"
+
+#, c-format
+msgid "%s: Not enough arguments to form %u mappings\n"
+msgstr "%s: Nedostatek argumentů pro vytvoření %u mapování\n"
+
+#, c-format
+msgid "%s: Memory allocation failure\n"
+msgstr "%s: Chyba alokace paměti\n"
+
+#, c-format
+msgid "%s: snprintf failed!\n"
+msgstr "%s: snprintf selhalo!\n"
+
+#, c-format
+msgid "%s: open of %s failed: %s\n"
+msgstr "%s: otevření %s selhalo: %s\n"
+
+#, c-format
+msgid "%s: write to %s failed: %s\n"
+msgstr "%s: zápis do %s selhal: %s\n"
+
+msgid "Too many logins.\n"
+msgstr "Příliš mnoho přihlášení.\n"
+
+msgid "You have new mail."
+msgstr "Máte novou poštu."
+
+msgid "No mail."
+msgstr "Nemáte žádnou poštu."
+
+msgid "You have mail."
+msgstr "Máte poštu."
+
+msgid "no change"
+msgstr "beze změny"
+
+msgid "a palindrome"
+msgstr "palindrom"
+
+msgid "case changes only"
+msgstr "pouze změna velikosti písmen"
+
+msgid "too similar"
+msgstr "příliš podobné"
+
+msgid "too simple"
+msgstr "příliš jednoduché"
+
+msgid "rotated"
+msgstr "rotované"
+
+msgid "too short"
+msgstr "příliš krátké"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Chybné heslo: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: volání pam_start() selhalo, chyba %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: heslo nebylo změněno\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: heslo bylo úspěšně změněno\n"
+
+#, c-format
+msgid "%s: PAM modules requesting echoing are not supported.\n"
+msgstr ""
+"%s: PAM moduly vyžadující zobrazování zpětné vazby nejsou podporovány.\n"
+
+#, c-format
+msgid "%s: conversation type %d not supported.\n"
+msgstr "%s: typ konverzace %d není podporován.\n"
+
+#, c-format
+msgid "%s: (user %s) pam_start failure %d\n"
+msgstr "%s: (uživatel %s) chyba pam_start %d\n"
+
+#, c-format
+msgid ""
+"%s: (user %s) pam_chauthtok() failed, error:\n"
+"%s\n"
+msgstr ""
+"%s: (uživatel %s) volání pam_chauthtok() selhalo, chyba:\n"
+"%s\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Chybné heslo pro %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: násobné použití --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: volba „%s“ vyžaduje argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: selhalo odevzdání privilegií (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: neplatná cesta k chrootu „%s“\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: nelze přistoupit k chroot adresáři %s: %s\n"
+
+#, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: nelze přejít (chdir) do chroot adresáře %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: nelze změnit kořen (chroot) na adresář %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Neplatná hodnota ENCRYPT_METHOD: „%s“.\n"
+"Používám DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Nelze přejít do „%s“\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Žádný adresář, nastavuji HOME na /"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s nelze spustit"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Chybný kořenový adresář „%s“\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Nelze změnit kořenový adresář na „%s“\n"
+
+#, c-format
+msgid "%s: user %s is currently logged in\n"
+msgstr "%s: uživatel %s je právě přihlášen\n"
+
+#, c-format
+msgid "%s: user %s is currently used by process %d\n"
+msgstr "%s: uživatel %s je momentálně používán procesem %d\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Nelze zjistit vaše uživatelské jméno."
+
+msgid "No"
+msgstr "Ne"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] ÚČET\n"
+"\n"
+"Volby:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday POSL_DEN nastaví datum poslední změny hesla na "
+"POSL_DEN\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate EXP_DATUM nastaví datum vyprÅ¡ení úÄtu na EXP_DATUM\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive NEAKTIV zablokuje úÄet po NEAKTIV dnech od vyprÅ¡ení\n"
+" platnosti hesla\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr " -l, --list zobrazí informace o úÄtu\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays MIN_DNÅ® nastaví minimální poÄet dnů pÅ™ed zmÄ›nou\n"
+" hesla na MIN_DNÅ®\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays MAX_DNÅ® nastaví maximální poÄet dnů pÅ™ed zmÄ›nou\n"
+" hesla na MAX_DNÅ®\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -R, --root CHROOT_ADRESÃŘ adresář, do kterého pÅ™ejít\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays VAR_DNŮ nastaví varování o expiraci na VAR_DNŮ\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Zadejte novou hodnotu, nebo stiskněte ENTER pro použití implicitní hodnoty"
+
+msgid "Minimum Password Age"
+msgstr "Minimální stáří hesla"
+
+msgid "Maximum Password Age"
+msgstr "Maximální stáří hesla"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Poslední změna hesla (RRRR-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Varování o vypršení platnosti hesla"
+
+msgid "Password Inactive"
+msgstr "Vypnuté heslo"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "VyprÅ¡ení platnosti úÄtu (RRRR-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Poslední změna hesla\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nikdy"
+
+msgid "password must be changed"
+msgstr "heslo musí být změněno"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Platnost hesla vyprší\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Vypnuté heslo\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Platnost úÄtu vyprší\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimální poÄet dnů mezi zmÄ›nami hesla\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maximální poÄet dnů mezi zmÄ›nami hesla\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "PoÄet varovných dnů pÅ™ed vyprÅ¡ením platnosti hesla\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: chybné datum „%s“\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: chybný numerický argument „%s“\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: nepoužívejte „l“ s ostatními parametry\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Přístup odmítnut.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: vaše uživatelské jméno nelze zjistit.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: nelze zamknout %s, zkuste to opět později.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: nelze otevřít %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: chyba při zápisu změn do %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: selhala příprava nového %s záznamu „%s“\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: soubor se stínovými hesly není přítomen\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: uživatel „%s“ v %s neexistuje\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Měním informace o uživateli %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: chyba při změně položek\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [ÚČET]\n"
+"\n"
+"Volby:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr " -f, --full-name CELÉ_JMÉNO změní uživatelovo celé jméno\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr " -h, --home-phone TEL_DOMÅ® zmÄ›ní užvatelovo tel. Äíslo domů\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr " -o, --other JINÉ_INFORMACE změní uživatelovy ostatní informace\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr " -r, --room ÄŒÃSLO_MÃSTNOSTI zmÄ›ní uživatelovo Äíslo místnosti\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr " -u, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+" -w, --work-phone TEL_ZAMÄšSTN zmÄ›ní uživatelovo tel. Äíslo do kanceláře\n"
+
+msgid "Full Name"
+msgstr "Celé jméno"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Číslo místnosti"
+
+msgid "Work Phone"
+msgstr "Telefon do zaměstnání"
+
+msgid "Home Phone"
+msgstr "Telefon domů"
+
+msgid "Other"
+msgstr "Ostatní"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Nelze změnit ID na root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: jméno obsahuje jiné znaky než ASCII: „%s“\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: chybné jméno: „%s“\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: Äíslo místnosti obsahuje jiné znaky než ASCII: „%s“\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: chybné Äíslo místnosti: „%s“\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: chybné telefonní Äíslo do zamÄ›stnání: „%s“\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: chybné telefonní Äíslo domů: „%s“\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: „%s“ obsahuje jiné znaky než ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: „%s“ obsahuje nepovolené znaky\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: uživatel „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: uživatele „%s“ nelze na NIS klientu změnit.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: „%s“ je hlavním NIS serverem pro tohoto klienta.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Měním informace o uživateli %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: položka je příliš dlouhá\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby]\n"
+"\n"
+"Volby:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method TYP typ Å¡ifry (jeden z %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr " -e, --encrypted zadaná hesla jsou zašifrovaná\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 zašifruje nešifrované heslo\n"
+" algoritmem MD5\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr " -s, --sha-rounds poÄet SHA iterací algoritmu SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: pÅ™epínaÄ %s je povolen pouze s pÅ™epínaÄem %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: pÅ™epínaÄe -c, -e a -m se navzájem vyluÄují\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: nepodporovaný typ šifry: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: řádek %d je příliš dlouhý\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: řádek %d: chybí nové heslo\n"
+
+#, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: nepodařilo se zašifrovat heslo se solí „%s“: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: řádek %d: skupina „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: řádek %d: selhala příprava nového %s záznamu „%s“\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: chyba, změny budou ignorovány\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (řádek %d: uživatel %s) heslo nebylo změněno\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: řádek %d: uživatel „%s“ neexistuje\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr " -s, --shell SHELL nový přihlašovací shell uživatele\n"
+
+msgid "Login Shell"
+msgstr "Přihlašovací shell"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Nemůžete změnit shell pro „%s“.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Měním přihlašovací shell pro %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: chybná položka %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s není platný shell\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Varování: %s neexistuje\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Varování: %s se nedá spustit\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check zkontroluje expiraci uživatelova hesla\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force vynutí změnu hesla pokud uživatelovo heslo\n"
+" expirovalo\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: volby %s a %s kolidují\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: neoÄekávaný argument: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all zobrazí záznamy faillogu o všech "
+"uživatelích\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs SEK po neúspěšném pÅ™ihlášení zamkne úÄet na SEC\n"
+" sekund\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAX nastaví maximální poÄet chybných pÅ™ihlášení\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset vynuluje poÄitadla chybných pÅ™ihlášení\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DNŮ zobrazí záznamy faillogu novější než DNŮ\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user ÚČET/ROZSAH zobrazí záznamy faillogu nebo upraví\n"
+" poÄitadla a limity chybných pÅ™ihlášení\n"
+" pouze pro zadané uživatele (s volbami -r, -"
+"m\n"
+" nebo -l)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: nepodařilo se získat záznam pro UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Uživatel Chyb Maximum Poslední Odkud\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus zbývá]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds zámek]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: nepodaÅ™ilo se vynulovat poÄet chybných pÅ™ihlášení pro UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: nepodařilo se nastavit maximum pro UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: nepodařilo se nastavit délku zamknutí pro UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Neznámý uživatel nebo rozsah: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: nelze zjistit velikost %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Selhal zápis %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volba] SKUPINA\n"
+"\n"
+"Volby:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add UŽIVATEL přidá UŽIVATELE do SKUPINY\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete UŽIVATEL odstraní UŽIVATELE ze SKUPINY\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root CHROOT_ADRESÃŘ adresář, do kterého pÅ™ejít\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password odstraní heslo SKUPINY\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr " -R, --restrict povolí přístup ke SKUPINÄš jen Älenům\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr " -M, --members UŽIVATEL,... nastaví seznam Älenů SKUPINY\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators SPRÃVCE,...\n"
+" nastaví seznam správců SKUPINY\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Kromě voleb -A a -M není možné volby kombinovat.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Volby se nedají kombinovat.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: pÅ™epínaÄ -A funguje pouze se stínovými hesly skupin\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: skupina „%s“ v %s neexistuje\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: chyba pÅ™i zavírání databáze %s otevÅ™ené jen pro Ätení\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Měním heslo skupiny %s\n"
+
+msgid "New Password: "
+msgstr "Nové heslo: "
+
+msgid "Re-enter new password: "
+msgstr "Zadejte opět nové heslo: "
+
+msgid "They don't match; try again"
+msgstr "Neshodují se; zkuste to znovu"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Zkuste to později\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Přidávám uživatele %s do skupiny %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Odstraňuji uživatele %s ze skupiny %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: uživatel „%s“ není Älenem „%s“\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Nejedná se o tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] SKUPINA\n"
+"\n"
+"Volby:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force skonÄí úspÄ›chem pokud již skupina existuje,\n"
+" zruší -g pokud je již GID použito\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID pro novou skupinu použije GID\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key KLÃÄŒ=HODNOTA pÅ™ebije výchozí nastavení /etc/login.defs\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique povolí vytvoření skupiny s duplicitním\n"
+" (nejedineÄným) GID\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password HESLO pro novou skupinu použije šifrované heslo\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system vytvoří systémový úÄet\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: „%s“ není platným jménem skupiny\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: neplatné ID skupiny „%s“\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: parametr -K vyžaduje argument typu KLÃÄŒ=HODNOTA\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: skupina „%s“ již existuje\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID „%lu“ již existuje\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: nelze nastavit úklidovou službu.\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: nelze odstranit záznam „%s“ z %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: nelze odstranit primární skupinu uživatele „%s“.\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: skupina „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: skupina „%s“ je NIS skupinou\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s je hlavním NIS serverem\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: uživatel „%s“ je již Älenem „%s“\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Nedostatek paměti. Nelze aktualizovat %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [akce]\n"
+"\n"
+"Volby:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group skupina místo uživatelovy skupiny změní zadanou\n"
+" skupinu (pouze root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Akce:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr " -a, --add uživatel pÅ™idá uživatele mezi Äleny skupiny\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete uživatel odebere uživateli Älenství ve skupinÄ›\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+" -p, --purge ze skupiny odstraní všechny uživatele\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list vypíše Äleny skupiny\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: vaše skupina neodpovídá vašemu uživatelskému jménu\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: volbu -g/--group může používat pouze root\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID změní ID skupiny na GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name NOVÃ_SKUPINA zmÄ›ní jméno na NOVÃ_SKUPINA\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique povolí použití duplicitního\n"
+" (nejedineÄného) GID\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr " -p, --password HESLO změní heslo na (šifrované) HESLO\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: neplatné jméno skupiny „%s“\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: skupina %s je NIS skupinou\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: neznámý uživatel %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [soubor se skupinami [soubor se stínovými skupinami]]\n"
+"\n"
+"Volby:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [soubor se skupinami]\n"
+"\n"
+"Volby:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only zobrazí chyby a varování\n"
+" ale soubory nemění\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort řadí záznamy podle UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s a -r nejsou sluÄitelné\n"
+
+msgid "invalid group file entry"
+msgstr "chybná položka v souboru se skupinami"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "smazat řádek „%s“?"
+
+msgid "duplicate group entry"
+msgstr "tato položka se v souboru se skupinami vyskytuje vícekrát"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "jméno skupiny „%s“ je chybné\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ID skupiny „%lu“ je chybné\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "skupina %s: uživatel %s neexistuje\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "smazat Älena „%s“? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "žádný záznam v souboru se skupinami %s neodpovídá\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "přidat skupinu „%s“ do %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"skupina %s má záznam v %s, ale její pole s heslem v %s není nastaveno na "
+"„x“\n"
+
+msgid "invalid shadow group file entry"
+msgstr "chybná položka v souboru se stínovými skupinami"
+
+msgid "duplicate shadow group entry"
+msgstr "duplikovaná položka v souboru se stínovými skupinami"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "stínová skupina %s: administrátor %s neexistuje\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "smazat administrátora „%s“? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "stínová skupina %s: uživatel %s neexistuje\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: soubory byly aktualizovány\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: žádné změny nebyly provedeny\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: nelze smazat %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Použití: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Použití: id\n"
+
+msgid " groups="
+msgstr " skupiny="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before DNŮ zobrazí záznamy lastlogu starší než DNŮ\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DNŮ zobrazí záznamy lastlogu novější než DNŮ\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user ÚČET zobrazí záznamy lastlogu pro uživatele ÚČET\n"
+
+msgid "Username Port From Latest"
+msgstr "Uživatel Port Z Naposledy"
+
+msgid "Username Port Latest"
+msgstr "Uživatel Port Naposledy"
+
+msgid "**Never logged in**"
+msgstr "**Nikdy nebyl přihlášen**"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Použití: %s [-p] [jméno]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h poÄítaÄ] [-f jméno]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r poÄítaÄ\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "konfiguraÄní chyba - nelze zpracovat hodnotu %s: „%d“"
+
+msgid "Invalid login time"
+msgstr "Chybný Äas pÅ™ihlášení"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systém byl uzavřen kvůli pravidelné údržbě."
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Odpojení pÅ™eskoÄeno -- uživatel root smí být pÅ™ihlášen.]"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"VyprÅ¡el Äasový limit pro pÅ™ihlášení (%u sekund).\n"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Bez efektivních oprávnění uživatele root nelze pracovat\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr "utmp záznam neexistuje. Musíte spustit „login“ z nejnižšího „sh“"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Chyba PAM, konÄím: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "Přihlašovací jméno na %s: "
+
+msgid "login: "
+msgstr "Přihlašovací jméno: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maximální poÄet pokusů vyÄerpán (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM vyžádal přerušení\n"
+
+msgid "Login incorrect"
+msgstr "Chybné přihlášení"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Nelze nalézt uživatele (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"Přihlašovací jméno na %s: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: chyba rozdvojení: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY selhalo na %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Varování: po doÄasném zákazu je pÅ™ihlaÅ¡ování opÄ›t povoleno."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Poslední přihlášení: %s na %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Poslední přihlášení: %.19s na %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " z %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"Čas přihlášení vypršel\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Použití: logoutd\n"
+
+#, c-format
+msgid "%s: gid range [%lu-%lu) -> [%lu-%lu) not allowed\n"
+msgstr "%s: rozsah gid [%lu-%lu) -> [%lu-%lu) není povolen\n"
+
+#, c-format
+msgid ""
+"usage: %s <pid> <gid> <lowergid> <count> [ <gid> <lowergid> <count> ] ... \n"
+msgstr ""
+"použití: %s <pid> <gid> <spodnígid> <poÄet> [ <gid> <spodnígid> <poÄet> ] ...\n"
+
+#, c-format
+msgid "%s: Could not open proc directory for target %u\n"
+msgstr "%s: Nelze otevřít proc adresář cílového procesu %u\n"
+
+#, c-format
+msgid "%s: Could not stat directory for target %u\n"
+msgstr "%s: Nelze zavolat stat na adresář cílového procesu %u\n"
+
+#, c-format
+msgid "%s: Target %u is owned by a different user\n"
+msgstr "%s: Cílový proces %u je vlastněn jiným uživatelem\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Použití: newgrp [-] [skupina]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Použití: sg skupina [[-c] příkaz]\n"
+
+#, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: nepodařilo se zašifrovat heslo s předchozí solí: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Neplatné heslo.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: chyba rozdvojení: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID „%lu“ neexistuje\n"
+
+msgid "too many groups\n"
+msgstr "příliš mnoho skupin\n"
+
+#, c-format
+msgid "%s: uid range [%lu-%lu) -> [%lu-%lu) not allowed\n"
+msgstr "%s: rozsah uid [%lu-%lu) -> [%lu-%lu) není povolen\n"
+
+#, c-format
+msgid ""
+"usage: %s <pid> <uid> <loweruid> <count> [ <uid> <loweruid> <count> ] ... \n"
+msgstr ""
+"použití: %s <pid> <uid> <spodníuid> <poÄet> [ <uid> <spodníuid> <poÄet> ] ...\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system vytvoří systémový úÄet\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: skupina „%s“ je stínovou skupinou, ale neexistuje v /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: chybné uživatelské ID „%s“\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: chybné uživatelské jméno „%s“\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: řádek %d: chybný řádek\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: položku pro uživatele %s nelze aktualizovat (není v passwd databázi)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: řádek %d: nelze vytvořit uživatele\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: řádek %d: nelze vytvořit skupinu\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: řádek %d: uživatel „%s“ v %s neexistuje\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: řádek %d: heslo nelze aktualizovat\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: řádek %d: volání mkdir %s selhalo: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: řádek %d: volání chown %s selhalo: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: řádek %d: položku nelze aktualizovat\n"
+
+#, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: příprava nového záznamu %s selhala\n"
+
+#, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: nelze nalézt rozsah podřízených uživatelů\n"
+
+#, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: nelze nalézt rozsah podřízených skupin\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr " -a, --all vypíše stav hesel na vÅ¡ech úÄtech\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr " -d, --delete pro zadaný úÄet smaže heslo\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire pro zadaný úÄet vynutí expiraci hesla\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens změní heslo pouze pokud mu vypršela\n"
+" platnost\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive NEAKTIV zablokuje úÄet po NEAKTIV dnech od\n"
+" vypršení platnosti hesla\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -l, --lock zamkne heslo zadaného úÄtu\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_DNÅ® nastaví minimální poÄet dnů pÅ™ed zmÄ›nou\n"
+" hesla na MIN_DNÅ®\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet tichý režim\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr " -r, --repository REPOSITÃŘ zmÄ›ní heslo v repositáři REPOSITÃŘ\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr " -S, --status pro zadaný úÄet vypíše stav hesla\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr " -u, --unlock odemkne heslo zadaného úÄtu\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays VAR_DNŮ nastaví varování o expiraci na VAR_DNŮ\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAX_DNÅ® nastaví maximální poÄet dnů pÅ™ed zmÄ›nou\n"
+" hesla na MAX_DNÅ®\n"
+
+msgid "Old password: "
+msgstr "Staré heslo: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Zadejte nové heslo (minimální délka %d znaků).\n"
+"Použijte kombinaci velkých a malých písmen s Äíslicemi.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Zadejte nové heslo (poÄet znaků v intervalu %d až %d).\n"
+"Použijte kombinaci velkých a malých písmen s Äíslicemi.\n"
+
+msgid "New password: "
+msgstr "Nové heslo: "
+
+msgid "Try again."
+msgstr "Zkuste to znovu."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Varování: slabé heslo (chcete-li jej opravdu použít, zadejte jej znovu)."
+
+msgid "They don't match; try again.\n"
+msgstr "Neshodují se; zkuste to znovu.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Heslo uživatele %s nelze změnit.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Heslo uživatele %s nelze zatím změnit.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s odemknutí hesla by znamenalo mít úÄet bez hesla.\n"
+"Pro odemknutí hesla tohoto úÄtu byste mÄ›li nastavit heslo pomocí usermod -"
+"p.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: úložna %s není podporována\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s není oprávněn změnit heslo %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Nemůžete prohlížet nebo měnit heslo uživatele %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Měním heslo uživatele %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Heslo uživatele %s nebylo změněno.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: heslo bylo změněno.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: informace o vypršení platnosti hesla byly změněny.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [soubor s hesly]\n"
+"\n"
+"Volby:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [soubor s hesly [soubor se stínovými hesly]]\n"
+"\n"
+"Volby:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet vypíše pouze chyby\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: při použití USE_TCB není povolen žádný alternativní soubor shadow.\n"
+
+msgid "invalid password file entry"
+msgstr "chybná položka v souboru s hesly"
+
+msgid "duplicate password entry"
+msgstr "duplikovaná položka v souboru s hesly"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "chybné uživatelské jméno „%s“\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "chybné uživatelské ID „%lu“\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "uživatel „%s“: skupina %lu neexistuje\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "uživatel „%s“: adresář „%s“ neexistuje\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "uživatel „%s“: program „%s“ neexistuje\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "tcb adresář uživatele %s neexistuje\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "vytvořit tcb adresář pro uživatele %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "nepodařilo se vytvořit tcb adresář uživatele %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: nelze uzamknout %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "žádný záznam v souboru s hesly %s neodpovídá\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "přidat uživatele „%s“ do %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"uživatel %s má záznam v %s, ale jeho pole s heslem v %s není nastaveno na "
+"„x“\n"
+
+msgid "invalid shadow password file entry"
+msgstr "chybná položka v souboru se stínovými hesly"
+
+msgid "duplicate shadow password entry"
+msgstr "duplikovaná položka v souboru se stínovými hesly"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "uživatel %s: poslední změna hesla v budoucnosti\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: nelze seřadit záznamy v %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: nelze pokraÄovat s povoleným tcb\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: nepodařilo se změnit oprávnění %s na 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Z tohoto úÄtu je přístup k su ZAKÃZÃN.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Ověřování heslem vynecháno.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Pro ověření zadejte VAŠE vlastní heslo.\n"
+
+msgid " ...killed.\n"
+msgstr " ...zabit.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...Äeká na ukonÄení potomka.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Nelze rozdvojit uživatelský shell\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: chyba signálu\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: chyba maskování signálu\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sezení skonÄeno, ukonÄuji shell..."
+
+msgid " ...terminated.\n"
+msgstr " ...ukonÄen.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Použití: su [volby] [ÚČET]\n"
+"\n"
+"Volby:\n"
+" -c, --command PŘÃKAZ vyvolanému shellu pÅ™edá PŘÃKAZ\n"
+" -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+" -, -l, --login nastaví shell jako přihlašovací\n"
+" -m, -p,\n"
+" --preserve-environment zachová proměnné prostředí a ponechá\n"
+" souÄasný shell\n"
+" -s, --shell SHELL místo výchozího shellu definovaného\n"
+" v passwd použije SHELL\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignoruji)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Nejste oprávněn používat su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Zadejte své heslo)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Chyba ověření\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Toto Äasu nejste oprávnÄ›ni používat su\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "V databázi není záznam pro uživatele „%s“\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: musí být spuštěno z terminálu\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: chyba %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Nelze odevzdat řídící terminál\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "%s nelze spustit\n"
+
+msgid "No password file"
+msgstr "Soubor s hesly neexistuje"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY selhalo"
+
+msgid "No password entry for 'root'"
+msgstr "V databázi není položka pro uživatele 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Stiskněte control-d pro normální spuštění systému,\n"
+"(nebo zadejte heslo uživatele root pro údržbu systému):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Vstupuji do režimu údržby systému"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s byl vytvořen, ale nemůže být odstraněn\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: nastavení %s v %s bude ignorováno\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: nelze vytvořit nový soubor s výchozími hodnotami\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: nelze otevřít nový soubor s výchozími hodnotami\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: příliš dlouhý řádek v %s: %s..."
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Nelze vytvořit záložní soubor (%s): %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: přejmenovat: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: skupina „%s“ je NIS skupinou.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: zadáno příliš mnoho skupin (max %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] ÚČET\n"
+" %s -D\n"
+" %s -D [volby]\n"
+"\n"
+"Volby:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir ZÃKL_ADR základní adresář pro domovský adresář "
+"nového\n"
+" uživatelského úÄtu\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment KOMENTÃŘ pole GECOS nového úÄtu\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir DOMOV_ADR domovský adresář nového úÄtu\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults vypíše nebo změní výchozí nastavení\n"
+" programu useradd\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr " -e, --expiredate EXP_DATUM datum vyprÅ¡ení platnosti nového úÄtu\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive NEAKTIV doba neaktivity pro blokaci nového úÄtu\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid SKUPINA jméno nebo ID primární skupiny nového úÄtu\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups SKUPINY seznam dodateÄných skupin, do kterých\n"
+" má nový úÄet patÅ™it\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr " -k, --skel VZOR_ADR použije alternativní vzorový adresář\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init nepřidá uživatele do databází lastlog\n"
+" a faillog\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr " -m, --create-home vytvoří domovský adresář uživatele\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr " -M, --no-create-home nevytvoří domovský adresář uživatele\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group nevytvoří skupinu se stejným jménem jako\n"
+" uživatel\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique povolí vytvoření uživatele s duplicitním\n"
+" (nejedineÄným) UID\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr " -p, --password HESLO zaÅ¡ifrované heslo nového úÄtu\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell SHELL pÅ™ihlaÅ¡ovací shell nového úÄtu\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID uživatelské ID nového úÄtu\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group vytvoří skupinu se stejným jménem jako\n"
+" uživatel\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SEUŽIVATEL pro mapování na SELinuxového uživatele\n"
+" použije SEUŽIVATELe\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: chybný základní adresář „%s“\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: chybný komentář „%s“\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: chybný domácí adresář „%s“\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: pÅ™epínaÄ -e vyžaduje stínová hesla\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: pÅ™epínaÄ -f vyžaduje stínová hesla\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: chybná položka „%s“\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: chybný shell „%s“\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z vyžaduje jádro s povoleným SELinuxem\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: nepodařilo se vynulovat faillog záznam UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: nepodařilo se vynulovat lastlog záznam UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: selhala příprava nového záznamu %s\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: adresář %s nelze vytvořit\n"
+
+msgid "Creating mailbox file"
+msgstr "Vytvářím poštovní schránku"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Skupina „mail“ nebyla nalezena. Vytvářím uživatelovu poštovní schránku s "
+"právy 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Nastavuji oprávnění k poštovní schránce"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: uživatel „%s“ již existuje\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: skupina %s existuje - chcete-li přidat uživatele do této skupiny, "
+"použijte -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: nelze vytvořit uživatele\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu není jedineÄné\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: vytvoření tcb adresáře uživatele %s selhalo\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: nelze vytvořit skupinu\n"
+
+#, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: nelze vytvořit podřízená uživatelská ID\n"
+
+#, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: nelze vytvořit podřízená skupinová ID\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: varování: domovský adresář již existuje.\n"
+"Nekopíruji do něj žádné soubory z adresáře skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: varování: mapování uživatele %s na uživatele SELinuxu %s selhalo.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force vynutí odstranění souborů,\n"
+" i když je uživatel nevlastní\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove odstraní domovský adresář a poštovní\n"
+" schránku\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user odstraní všechna mapování uživatele na\n"
+" uživatele SELinuxu\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: skupina %s nebyla odstraněna, protože není primární skupinou uživatele "
+"%s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: skupina %s nebyla odstranÄ›na, protože obsahuje další Äleny.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: skupina %s je primární skupinou jiného uživatele a nelze ji odstranit.\n"
+
+#, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: nelze odstranit záznam %lu z %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s poštovní schránka (%s) nebyla nalezena\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: varování: nelze smazat %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: vlastníkem %s není %s, nemažu jej\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: nelze alokovat paměť, tcb záznam uživatele %s nebyl odtraněn.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Nelze odevzdat privilegia: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Nelze odstranit obsah %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Nelze odstranit tcb soubory uživatele %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: uživatel %s je NIS uživatelem\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: domovský adresář uživatele %s (%s) nebyl nalezen\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: adresář %s nebudu mazat (je to domácí adresář uživatele %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: chyba při mazání adresáře %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: varování: odstranění mapování uživatele %s na SELinuxového uživatele "
+"selhalo.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment KOMENTÃŘ nová hodnota pole GECOS\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr " -d, --home-dir DOMOV_ADR nový domovský adresář uživatele\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate EXP_DATUM nastaví vyprÅ¡ení platnosti úÄtu na "
+"EXP_DATUM\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive NEAKTIV zablokuje úÄet po NEAKTIV dnech od vyprÅ¡ení\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr " -g, --gid SKUPINA nastaví novou primární SKUPINU\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+" -G, --groups SKUPINY nový seznam dodateÄných skupin, do kterých\n"
+" má úÄet patÅ™it\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append přidá uživatele do dalších SKUPIN zadaných\n"
+" volbou -G; neruší Älenství v ostatních sk.\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login NOVÃ_ÚČET nová hodnota pÅ™ihlaÅ¡ovacího jména\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock zamkne uživatelský úÄet\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home přesune obsah původního domovského adresáře\n"
+" do nového umístění (používejte pouze s -d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique povolí vytvoření uživatele s duplicitním\n"
+" (nejedineÄným) UID\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr " -p, --password HESLO použije nové zašifrované heslo\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID nové UID pro uživatelský úÄet\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock odemkne uživatelský úÄet\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr " -v, --add-subuids PRVNÃ-POSL pÅ™idá rozsah podřízených uid\n"
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr " -V, --del-subuids PRVNÃ-POSL odstraní rozsah podřízených uid\n"
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr " -w, --add-subgids PRVNÃ-POSL pÅ™idá rozsah podřízených gid\n"
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr " -W, --del-subgids PRVNÃ-POSL odstraní rozsah podřízených gid\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user SEUŽIVATEL nové mapování uživatelského úÄtu na\n"
+" uživatele SELinuxu\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s odemknutí uživatelova hesla by znamenalo mít úÄet bez hesla.\n"
+"Pro odemknutí hesla tohoto uživatele byste měli nastavit heslo pomocí "
+"usermod -p.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: uživatel „%s“ již v %s existuje\n"
+
+#, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: neplatný rozsah podřízených uid „%s“\n"
+
+#, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: neplatný rozsah podřízených gid „%s“\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: žádné volby\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: pÅ™epínaÄe -L, -p a -U se navzájem vyluÄují\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: pÅ™epínaÄe -e a -f vyžadují stínová hesla\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID „%lu“ již existuje\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s neexistuje, nemůžete použít pÅ™epínaÄ %s ani %s\n"
+
+#, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: odebrání rozsahu uid %lu-%lu z „%s“ selhalo\n"
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: přidání rozsahu uid %lu-%lu z „%s“ selhalo\n"
+
+#, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: odebrání rozsahu gid %lu-%lu z „%s“ selhalo\n"
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: přidání rozsahu gid %lu-%lu z „%s“ selhalo\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: adresář %s již existuje\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Předchozí domovský adresář (%s) nebyl adresářem. Nebyl tedy odstraněn a "
+"nebyly vytvořeny domovské adresáře.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Nepodařilo se změnit vlastníka domovského adresáře"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: varování: selhalo úplné odstranění domovského adresáře %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: adresář %s nelze na %s přejmenovat\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: nepodařilo se zkopírovat lastlog záznamy uživatele %lu uživateli %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: nepodařilo se zkopírovat faillog záznamy uživatele %lu uživateli %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: varování: vlastníkem %s není %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "chyba při změně vlastníka poštovní schránky"
+
+msgid "failed to rename mailbox"
+msgstr "chyba při přejmenovávání poštovní schránky"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Změnili jste %s.\n"
+"Z důvodu konzistence byste měli změnit i %s.\n"
+"Můžete to provést příkazem „%s“.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group upraví databázi skupin\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd upraví databázi hesel\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr " -s, --shadow upraví databázi shadow nebo gshadow\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr " -u, --user upraví tcb shadow soubor uživatele\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: selhalo odstranění %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s je beze změny\n"
+
+msgid "failed to create scratch directory"
+msgstr "vytvoÅ™ení doÄasného adresáře selhalo"
+
+msgid "failed to drop privileges"
+msgstr "odevzdání privilegií selhalo"
+
+msgid "Couldn't get file context"
+msgstr "Nelze získat kontext souboru"
+
+msgid "setfscreatecon () failed"
+msgstr "Volání setfscreatecon() selhalo"
+
+msgid "failed to gain privileges"
+msgstr "nepodařilo se získat privilegia"
+
+msgid "Couldn't lock file"
+msgstr "Soubor nelze zamknout"
+
+msgid "Couldn't make backup"
+msgstr "Zálohování nelze provést"
+
+#, c-format
+msgid "%s: %s: %s\n"
+msgstr "%s: %s: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s skonÄil se stavem %d\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr "%s: %s byl zabit signálem %d\n"
+
+msgid "failed to open scratch file"
+msgstr "otevÅ™ení doÄasného souboru selhalo"
+
+msgid "failed to unlink scratch file"
+msgstr "doÄasný soubor se nepodaÅ™ilo smazat"
+
+msgid "failed to stat edited file"
+msgstr "na upravovaný soubor se nepodařilo zavolat stat()"
+
+msgid "failed to allocate memory"
+msgstr "nepodařilo se alokovat paměť"
+
+msgid "failed to create backup file"
+msgstr "vytvoření záložního souboru selhalo"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %s nelze obnovit: %s (změny jsou v %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: nepodařilo se nalézt tcb adresář uživatele %s\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr " -c, --crypt-method typ Å¡ifry (jeden z %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Použití: vipw [volby]\n"
+#~ "\n"
+#~ "Volby:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "volání malloc(%d) selhalo\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: chage [volby] ÚČET\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -d, --lastday POSL_DEN nastaví datum poslední změny hesla na "
+#~ "POSL_DEN\n"
+#~ " -E, --expiredate EXP_DATUM nastaví datum vyprÅ¡ení úÄtu na EXP_DATUM\n"
+#~ " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -I, --inactive NEAKTIV zablokuje úÄet po NEAKTIV dnech od "
+#~ "vypršení\n"
+#~ " platnosti hesla\n"
+#~ " -l, --list zobrazí informace o úÄtu\n"
+#~ " -m, --mindays MIN_DNÅ® nastaví minimální poÄet dnů pÅ™ed zmÄ›nou\n"
+#~ " hesla na MIN_DNÅ®\n"
+#~ " -M, --maxdays MAX_DNÅ® nastaví maximální poÄet dnů pÅ™ed zmÄ›nou\n"
+#~ " hesla na MAX_DNÅ®\n"
+#~ " -W, --warndays VAR_DNŮ nastaví varování o expiraci na VAR_DNŮ\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: ověření pomocí PAM selhalo\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Použití: %s [-f jméno] [-r Äíslo místnosti] [-w telefon do zamÄ›stnání]\n"
+#~ "\t[-h telefon domů] [-o ostatní] [uživatel]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Použití: %s [-f jméno] [-r Äíslo místnosti] [-w telefon do zamÄ›stnání]\n"
+#~ "\t[-h telefon domů]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použití: %s [volby]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -c, --crypt-method typ Å¡ifry (jeden z %s)\n"
+#~ " -e, --encrypted zadaná hesla jsou zašifrovaná\n"
+#~ " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -m, --md5 zašifruje nešifrované heslo\n"
+#~ " algoritmem MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: chsh [volby] [ÚČET]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -s, --shell SHELL nový přihlašovací shell uživatele\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Použití: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: Nepodařilo se získat záznam pro UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: Nelze otevřít %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Nelze zjistit velikost %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Použití: groupdel skupina\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr ""
+#~ "Použití: %s [-r] [-s] [soubor se skupinami [soubor se stínovými "
+#~ "skupinami]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Použití: %s [-r] [-s] [soubor se skupinami]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s a -r nejsou sluÄitelné\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Použití: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Použití: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: lastlog [volby]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -b, --before DNŮ zobrazí záznamy lastlogu starší než DNŮ\n"
+#~ " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -t, --time DNŮ zobrazí záznamy lastlogu novější než DNŮ\n"
+#~ " -u, --user ÚČET zobrazí záznamy lastlogu pro uživatele "
+#~ "ÚČET\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: passwd [volby] [ÚČET]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -a, --all vypíše stav hesel na vÅ¡ech úÄtech\n"
+#~ " -d, --delete pro zadaný úÄet smaže heslo\n"
+#~ " -e, --expire pro zadaný úÄet vynutí expiraci hesla\n"
+#~ " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -k, --keep-tokens změní heslo pouze pokud mu vypršela\n"
+#~ " platnost\n"
+#~ " -i, --inactive NEAKTIV zablokuje úÄet po NEAKTIV dnech od\n"
+#~ " vypršení platnosti hesla\n"
+#~ " -l, --lock zamkne heslo zadaného úÄtu\n"
+#~ " -n, --mindays MIN_DNÅ® nastaví minimální poÄet dnů pÅ™ed zmÄ›nou\n"
+#~ " hesla na MIN_DNÅ®\n"
+#~ " -q, --quiet tichý režim\n"
+#~ " -r, --repository REPOSITÃŘ zmÄ›ní heslo v repositáři REPOSITÃŘ\n"
+#~ " -S, --status pro zadaný úÄet vypíše stav hesla\n"
+#~ " -u, --unlock odemkne heslo zadaného úÄtu\n"
+#~ " -w, --warndays VAR_DNŮ nastaví varování o expiraci na VAR_DNŮ\n"
+#~ " -x, --maxdays MAX_DNÅ® nastaví maximální poÄet dnů pÅ™ed zmÄ›nou\n"
+#~ " hesla na MAX_DNÅ®\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr ""
+#~ "Použití: %s [-q] [-r] [-s] [soubor s hesly [soubor se stínovými hesly]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Použití: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Použití: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Neznámé id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Žádný shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: userdel [volby] ÚČET\n"
+#~ "\n"
+#~ "VOLBY:\n"
+#~ " -f, --force vynutí odstranění souborů,\n"
+#~ " i když je uživatel nevlastní\n"
+#~ " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -r, --remove odstraní domovský adresář a poštovní\n"
+#~ " schránku\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použití: usermod [volby] ÚČET\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -c, --comment KOMENTÃŘ nová hodnota pole GECOS\n"
+#~ " -d, --home-dir DOMOV_ADR nový domovský adresář uživatele\n"
+#~ " -e, --expiredate EXP_DATUM nastaví vyprÅ¡ení platnosti úÄtu na "
+#~ "EXP_DATUM\n"
+#~ " -f, --inactive NEAKTIV zablokuje úÄet po NEAKTIV dnech od "
+#~ "vypršení\n"
+#~ " -g, --gid SKUPINA nastaví novou primární SKUPINU\n"
+#~ " -G, --groups SKUPINY nový seznam dodateÄných skupin, do "
+#~ "kterých\n"
+#~ " má úÄet patÅ™it\n"
+#~ " -a, --append přidá uživatele do dalších SKUPIN "
+#~ "zadaných\n"
+#~ " volbou -G; neruší Älenství v ostatních "
+#~ "sk.\n"
+#~ " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -l, --login NOVÃ_ÚČET nová hodnota pÅ™ihlaÅ¡ovacího jména\n"
+#~ " -L, --lock zamkne uživatelský úÄet\n"
+#~ " -m, --move-home přesune obsah původního domovského "
+#~ "adresáře\n"
+#~ " do nového umístění (používejte pouze s -"
+#~ "d)\n"
+#~ " -o, --non-unique povolí vytvoření uživatele s duplicitním\n"
+#~ " (nejedineÄným) UID\n"
+#~ " -p, --password HESLO použije nové zašifrované heslo\n"
+#~ " -s, --shell SHELL nový přihlašovací shell uživatele\n"
+#~ " -u, --uid UID nové UID pro uživatelský úÄet\n"
+#~ " -U, --unlock odemkne uživatelský úÄet\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: žádné pÅ™epínaÄe\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --add USER add USER to GROUP\n"
+#~ " -d, --delete USER remove USER from GROUP\n"
+#~ " -r, --remove-password remove the GROUP's password\n"
+#~ " -R, --restrict restrict access to GROUP to its members\n"
+#~ " -M, --members USER,... set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: %s [volby] SKUPINA\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -a, --add UŽIVATEL přidá UŽIVATELE do SKUPINY\n"
+#~ " -d, --delete UŽIVATEL odstraní UŽIVATELE ze SKUPINY\n"
+#~ " -r, --remove-password odstraní heslo SKUPINY\n"
+#~ " -R, --restrict povolí přístup ke SKUPINÄš jen Älenům\n"
+#~ " -M, --members UŽIVATEL,... nastaví seznam Älenů SKUPINY\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group groupname change groupname instead of the user's "
+#~ "group\n"
+#~ " (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ " -a, --add username add username to the members of the group\n"
+#~ " -d, --delete username remove username from the members of the "
+#~ "group\n"
+#~ " -p, --purge purge all members from the group\n"
+#~ " -l, --list list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: groupmems [volby] [akce]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -g, --group skupina místo uživatelovy skupiny změní zadanou\n"
+#~ " skupinu (pouze root)\n"
+#~ "\n"
+#~ "Akce:\n"
+#~ " -a, --add uživatel pÅ™idá uživatele mezi Äleny skupiny\n"
+#~ " -d, --delete uživatel odebere uživateli Älenství ve skupinÄ›\n"
+#~ " -p, --purge ze skupiny odstraní všechny uživatele\n"
+#~ " -l, --list vypíše Äleny skupiny\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Použití: useradd [volby] ÚČET\n"
+#~ "\n"
+#~ "Volby:\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %s nelze vytvořit\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: volání chown pro %s selhalo\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: faillog [volby]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -a, --all zobrazí záznamy faillogu o všech "
+#~ "uživatelích\n"
+#~ " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -l, --lock-time SEK po neúspěšném pÅ™ihlášení zamkne úÄet na "
+#~ "SEC\n"
+#~ " sekund\n"
+#~ " -m, --maximum MAX nastaví maximální poÄet chybných "
+#~ "přihlášení\n"
+#~ " na MAX\n"
+#~ " -r, --reset vynuluje poÄitadla chybných pÅ™ihlášení\n"
+#~ " -t, --time DNŮ zobrazí záznamy faillogu novější než DNŮ\n"
+#~ " -u, --user ÚČET zobrazí záznamy faillogu nebo upraví\n"
+#~ " poÄitadla a limity chybných pÅ™ihlášení\n"
+#~ " pouze pro uživatele ÚČET (s volbami -r, -"
+#~ "m\n"
+#~ " nebo -l)\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: groupadd [volby] SKUPINA\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -f, --force vynutí úspěšný návratový kód i když\n"
+#~ " zadaná skupina existuje\n"
+#~ " -g, --gid GID pro novou skupinu použije GID\n"
+#~ " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -K, --key KLÃÄŒ=HODNOTA pÅ™ebije výchozí nastavení /etc/login."
+#~ "defs\n"
+#~ " -o, --non-unique povolí vytvoření skupiny s duplicitním\n"
+#~ " (nejedineÄným) GID\n"
+#~ " -p, --password HESLO pro novou skupinu použije šifrované "
+#~ "heslo\n"
+#~ " -r, --system vytvoří systémový úÄet\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: groupmod [volby] SKUPINA\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -g, --gid GID pro SKUPINU vynutí nové GID\n"
+#~ " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -n, --new-name NOVÃ_SKUPINA vnutí SKUPINÄš jméno NOVÃ_SKUPINA\n"
+#~ " -o, --non-unique povolí skupině použít duplicitní\n"
+#~ " (nejedineÄné) GID\n"
+#~ " -p, --password HESLO pro SKUPINU použije šifrované heslo\n"
+#~ "\n"
+
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~| " home directory\n"
+#~| " -c, --comment COMMENT set the GECOS field for the new user "
+#~| "account\n"
+#~| " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~| " -D, --defaults print or save modified default useradd\n"
+#~| " configuration\n"
+#~| " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -g, --gid GROUP force use GROUP for the new user "
+#~| "account\n"
+#~| " -G, --groups GROUPS list of supplementary groups for the "
+#~| "new\n"
+#~| " user account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~| " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~| " -l, --no-log-init do not add the user to the lastlog and\n"
+#~| " faillog databases\n"
+#~| " -m, --create-home create home directory for the new user\n"
+#~| " account\n"
+#~| " -M, --no-create-home do not create user's home directory\n"
+#~| " (overrides /etc/login.defs)\n"
+#~| " -N, --no-user-group do not create a group with the same name "
+#~| "as\n"
+#~| " the user\n"
+#~| " -o, --non-unique allow create user with duplicate\n"
+#~| " (non-unique) UID\n"
+#~| " -p, --password PASSWORD use encrypted password for the new user\n"
+#~| " account\n"
+#~| " -r, --system create a system account\n"
+#~| " -s, --shell SHELL the login shell for the new user "
+#~| "account\n"
+#~| " -u, --uid UID force use the UID for the new user "
+#~| "account\n"
+#~| " -U, --user-group create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použití: useradd [volby] ÚČET\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -b, --base-dir ZÃKL_ADR základní adresář domovského adresáře "
+#~ "nového\n"
+#~ " uživatelského úÄtu\n"
+#~ " -c, --comment KOMENTÃŘ nastaví pole GECOS nového úÄtu\n"
+#~ " -d, --home-dir DOMOV_ADR domovský adresář nového úÄtu\n"
+#~ " -D, --defaults vypíše nebo nastaví výchozí nastavení\n"
+#~ " programu useradd\n"
+#~ " -e, --expiredate EXP_DATUM nastaví vyprÅ¡ení platnosti úÄtu na "
+#~ "EXP_DATUM\n"
+#~ " -f, --inactive NEAKTIV zablokuje úÄet po NEAKTIV dnech od "
+#~ "vypršení\n"
+#~ " -g, --gid SKUPINA vynutí použití této skupiny pro nový "
+#~ "úÄet\n"
+#~ " -G, --groups SKUPINY seznam dodateÄných skupin, do kterých\n"
+#~ " má nový úÄet patÅ™it\n"
+#~ " -h, --help zobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -k, --skel VZOR_ADR zadá alternativní vzorový adresář\n"
+#~ " -K, --key KLÃÄŒ=HODNOTA pÅ™ebije výchozí nastavení /etc/login."
+#~ "defs\n"
+#~ " -l, --no-log-init nepřidá uživatele do databází lastlog\n"
+#~ " a faillog\n"
+#~ " -m, --create-home vytvoří domovský adresář pro nový\n"
+#~ " uživatelský úÄet\n"
+#~ " -M, --no-create-home nevytvoří domovský adresář uživatele\n"
+#~ " (přebíjí nastavení /etc/login.defs)\n"
+#~ " -N, --no-user-group nevytvoří skupinu se stejným jménem jako\n"
+#~ " uživatel\n"
+#~ " -o, --non-unique povolí vytvoření uživatele s duplicitním\n"
+#~ " (nejedineÄným) UID\n"
+#~ " -p, --password HESLO použije pro nový úÄet zadané zaÅ¡ifrované\n"
+#~ " heslo\n"
+#~ " -r, --system vytvoří systémový úÄet\n"
+#~ " -s, --shell SHELL pÅ™ihlaÅ¡ovací shell nového úÄtu\n"
+#~ " -u, --uid UID vynutí použití tohoto UID pro nový úÄet\n"
+#~ " -U, --user-group vytvoří skupinu se stejným jménem jako\n"
+#~ " uživatel\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -r, --system create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použití: %s [volby] [vstup]\n"
+#~ "\n"
+#~ " -c, --crypt-method typ Å¡ifry (jeden z %s)\n"
+#~ " -r, --system vytvoří systémové úÄty\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Heslu byla nastavena vypršená platnost."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: soubor s hesly nelze zamknout\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: soubor s hesly nelze otevřít\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze zamknout\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze otevřít\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze přepsat\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: soubor s hesly nelze přepsat\n"
+
+#~ msgid "%s: can't update password file\n"
+#~ msgstr "%s: soubor s hesly nelze aktualizovat\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze aktualizovat\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tCelé jméno: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tČíslo místnosti: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelefon do zaměstnání: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelefon domů: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Nelze zamknout soubor s hesly; zkuste to později.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Soubor s hesly nelze otevřít.\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s: %s se v /etc/passwd nenalézá\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Chyba při aktualizaci položky v souboru s hesly.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Nelze provést změny v souboru s hesly.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Soubor s hesly nelze odemknout.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: soubor se skupinami nelze zamknout\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: soubor se skupinami nelze otevřít\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: soubor stínových skupin nelze zamknout\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze otevřít\n"
+
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: chyba při aktualizaci souboru se stínovými skupinami\n"
+
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: chyba při aktualizaci souboru se skupinami\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: řádek %d: neznámá skupina %s\n"
+
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: řádek %d: položku nelze aktualizovat skupinu\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze zamknout\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: chyba při aktualizaci souboru se stínovými hesly\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: chyba při aktualizaci souboru s hesly\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: řádek %d: neznámý uživatel %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: řádek %d: položku v souboru s hesly nelze aktualizovat\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: neznámý uživatel\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Neznámý uživatel: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Použití: %s [r|-R] skupina\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a uživatel] skupina\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d uživatel] skupina\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A uživatel,...] [-M uživatel,...] skupina\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M uživatel,...] skupina\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: nelze získat zámek\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: nelze získat zámek pro soubor se stínovými hesly\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: nelze přepsat soubor se stínovými hesly\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: nelze odemknout soubor\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: nelze aktualizovat položku\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: nelze aktualizovat položku souboru se stínovými hesly\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "neznámá skupina %s\n"
+
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: nelze zavřít soubor\n"
+
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze zavřít\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Kdo jste?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: neznámý Älen %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: chyba při přidávání nové skupiny\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: soubor se skupinami nelze přepsat\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze přepsat\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: soubor se skupinami nelze zamknout\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: soubor se skupinami nelze otevřít\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze zamknout\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze otevřít\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u není jedineÄné\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: chyba při odstraňování položky ze souboru se skupinami\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr ""
+#~ "%s: chyba při odstraňování položky ze souboru se stínovými skupinami\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: primární skupinu uživatele nelze odstranit.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "ÄŒlen urÄený pro odstranÄ›ní nebyl nalezen\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Použití: groupmems -a uživatel | -d uživatel | -D | -l [-g skupina]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "PÅ™idávat Äleny do jiných skupin může pouze uživatel root\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Je vyžadován skupinový přístup\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Nejste vlastníkem aktuální skupiny\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "Ověření pomocí PAM selhalo\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Soubor se skupinami nelze zamknout\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Soubor se skupinami nelze zavřít\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s se v /etc/group nenalézá\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u není jedineÄné gid\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: jméno %s není jedineÄné\n"
+
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: soubor s hesly nelze přepsat\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: soubor s hesly nelze zamknout\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: soubor s hesly nelze otevřít\n"
+
+#~ msgid ""
+#~ "%s: cannot change the primary group of user '%s' from %u to %u, since it "
+#~ "is not in the passwd file.\n"
+#~ msgstr ""
+#~ "%s: nelze změnit primární skupinu uživatele „%s“ z %u na %u, protože se "
+#~ "nenachází v souboru passwd.\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: položku %s souboru se stínovými hesly nelze aktualizovat\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: položku skupiny %s nelze odstranit\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze zamknout\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze otevřít\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: položku stínové skupiny %s nelze odstranit\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze aktualizovat\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: soubor se stínovými hesly skupin nelze smazat\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "neznámé UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "neznámé GID: %lu\n"
+
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: skupinové ID „%s“ není platné\n"
+
+#~ msgid ""
+#~ "%s: group %s created, failure during the creation of the corresponding "
+#~ "gshadow group\n"
+#~ msgstr ""
+#~ "%s: skupina %s byla vytvořena, ale nastala chyba při vytváření "
+#~ "odpovídající stínové skupiny\n"
+
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: uživatelské ID „%s“ není platné\n"
+
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: neplatné uživatelské jméno „%s“\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: soubor /etc/passwd nelze zamknout.\n"
+
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: soubor /etc/shadow nelze zamknout.\n"
+
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: soubor /etc/group nelze zamknout.\n"
+
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: soubor /etc/gshadow nelze zamknout.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: soubory nelze otevřít\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: chyba při aktualizaci souborů\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: položku souboru s hesly pro uživatele %s nelze aktualizovat\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: soubor s hesly nelze zamknout\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: soubor s hesly nelze otevřít\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: položku souboru s hesly pro uživatele %s nelze odstranit\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: soubor s hesly nelze aktualizovat\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: položku pro uživatele %s nelze aktualizovat\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: nemůžete smazat soubor se stínovými hesly\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: neznámé GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: neznámá skupina %s\n"
+
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr ""
+#~ "%s: Nedostatek paměti. Nelze aktualizovat databázi stínových skupin.\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: soubor s hesly nelze přepsat\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze přepsat\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze zamknout\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze otevřít\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: chyba při zamykání souboru se skupinami\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: chyba při otevírání souboru se skupinami\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: chyba při zamykání souboru se stínovými hesly\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: chyba při otevírání souboru se stínovými hesly\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: chyba při vytváření nové položky v souboru s hesly\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: chyba při vytváření nové položky v souboru se stínovými hesly\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: varování: CREATE_HOME není podporováno, použijte pÅ™epínaÄ -m\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: položku souboru se skupinami nelze aktualizovat\n"
+
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: chyba při aktualizaci stínové skupiny\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: soubor se skupinami nelze otevřít\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze otevřít\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: chyba při odstraňování položky ze souboru s hesly\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: chyba při odstraňování položky ze souboru se stínovými hesly\n"
+
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: chyba při přidávání nové stínové skupiny\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu není jedineÄné\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: chyba při změně položky v souboru s hesly\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: chyba při odstraňování položky ze souboru s hesly\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: chyba při odstraňování položky ze souboru se stínovými hesly\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " na „%.100s“ z „%.200s“"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " na „%.100s“"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: řádek %d: nelze vytvořit UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: jméno %s není jedineÄné\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: chgpasswd [volby]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ " -e, --encrypted\tzadaná hesla jsou zašifrovaná\n"
+#~ " -h, --help\t\tzobrazí tuto nápovÄ›du a skonÄí\n"
+#~ " -m, --md5\t\tpokud zadaná hesla nejsou zašifrovaná,\n"
+#~ "\t\t\tpoužije místo DES algoritmus MD5\n"
+#~ "\n"
+
+#~ msgid "No password.\n"
+#~ msgstr "Žádné heslo.\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Lituji.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Lituji, ale heslo pro %s nelze ještě změnit.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Lituji."
diff --git a/po/da.po b/po/da.po
new file mode 100644
index 0000000..75dc020
--- /dev/null
+++ b/po/da.po
@@ -0,0 +1,2628 @@
+# Danish translation shadow.
+# Copyright (C) 2011 Free Software Foundation, Inc.
+# This file is distributed under the same license as the shadow package.
+# Claus Hindsgaul <claus.hindsgaul@gmail.com>, 2004, 2005, 2006.
+# Joe Hansen (joedalton2@yahoo.dk), 2011, 2012.
+#
+# konventioner:
+# audit -> overvågning
+# entry, entries -> punkt, punkter
+# exist -> findes
+# locktime -> låsetid
+# mapping -> kortlægning (oversættelse)
+# quiet -> tavs
+# record -> post
+# scratch -> scratch
+# shadow -> skygge
+# unlock -> åbne
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-01-26 23:57+0100\n"
+"Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n"
+"Language-Team: Danish <debian-l10n-danish@lists.debian.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Flere punkter med navnet »%s« i %s. Ret venligst dette med pwck eller "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "cryptmetode er ikke understøttet af libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "konfigurationsfejl - kan ikke fortolke %s-værdi: »%s«"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Kunne ikke frigøre plads til opsætningsoplysninger.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "opsætningsfejl - ukendt punkt »%s« (informer administrator)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd afsluttedes ikke normalt (signal %d)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd afsluttede med status %d"
+
+msgid "Password: "
+msgstr "Adgangskode: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s's adgangskode: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Kan ikke oprette SELinux-håndteringshåndtag\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux-politik ikke håndteret\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Kan ikke læse SELinux-politiklageret\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Kan ikke etablere SELinux-håndteringsforbindelse\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Kan ikke begynde SELinux-transaktion\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Kunne ikke forespørge seuser for %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Kunne ikke angive serange for %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Kunne ikke angive sename for %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Kunne ikke ændre logingkortlægningen for %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Kan ikke oprette SELinux-logindkortlægning for %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Kunne ikke angive navn for %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Kunne ikke angive SELinux-bruger for %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Kunne ikke tilføje logindkortlægning for %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Kan ikke initialisere SELinux-håntering\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Kan ikke oprette SELinux-brugernøgle\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Kan ikke verificere SELinux-brugeren\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Kan ikke ændre SELinux-brugerkortlægning\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Kan ikke tilføje SELinux-brugerkortlægning\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Kan ikke indsende SELinux-transaktion\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Logindkortlægning for %s er ikke defineret, o.k. hvis standardkortlægning "
+"blev brugt\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr "Logindkortlægning for %s er defineret i politik, kan ikke slettes\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Kunne ikke slette logindkortlægning for %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: Hukommelse opbrugt\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: Kan ikke stat %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s er hverken en mappe eller en symbolsk henvisning.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Kan ikke omdøbe symbolsk henvisning %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Mistænkelig lang symbolsk henvisning: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Kan ikke oprette mappen %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Kan ikke ændre ejer af %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Kan ikke ændre tilstand for %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: Fjern henvisning: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Kan ikke fjerne mappen %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Kan ikke omdøbe %s til %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Kan ikke fjerne %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Kan ikke oprette symbolsk henvisning %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Kan ibkke ændre ejere af %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Kan ikke lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Advarsel, bruger %s har ingen tcb-skyggefil.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Nødsituation: %s's tcb-skygge er ikke en regulær fil med st_nlink=1.\n"
+"Kontoen forbliver låst.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Kan ikke åbne %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Advarsel: Ukendt gruppe %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Advarsel: For mange grupper\n"
+
+msgid "Your password has expired."
+msgstr "Din adgangskode er udløbet."
+
+msgid "Your password is inactive."
+msgstr "Din adgangskode er inaktiv."
+
+msgid "Your login has expired."
+msgstr "Din adgangskode er udløbet."
+
+msgid " Contact the system administrator."
+msgstr " Kontakt systemadministratoren."
+
+msgid " Choose a new password."
+msgstr " Vælg en ny adgangskode."
+
+msgid "You must change your password."
+msgstr "Du skal ændre din adgangskode."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Din adgangskode udløber om %ld dage.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Din adgangskode udløber i morgen."
+
+msgid "Your password will expire today."
+msgstr "Din adgangskode udløber i dag."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Kan ikke åbne overvågningsbrugerflade (audit) - afbryder.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Kan ikke ændre ejer eller tilstand af tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: Kunne ikke åbne %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Miljøoverløb\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Du kan ikke ændre $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d fejl siden sidste logind.\n"
+"Sidst var %s, %s.\n"
+msgstr[1] ""
+"%d fejl siden sidste logind.\n"
+"Sidst var %s, %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Ugyldig opsætning: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ugyldig opsætning: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: kunne ikke tildele hukommelse: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Kan ikke indhente unik system-GID (ikke flere tilgængelige GID'er)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Kan ikke indhente unik GID (ikke flere tilgængelige GID'er)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Ugyldig opsætning: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ugyldig opsætning: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Kan ikke indhente unik system-UIK (ikke flere tilgængelige UID'er)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Kan ikke indhente unik UID (ikke flere tilgængelige UID'er)\n"
+
+msgid "Too many logins.\n"
+msgstr "Logget på for mange gange.\n"
+
+msgid "You have new mail."
+msgstr "Du har ny post."
+
+msgid "No mail."
+msgstr "Ingen post."
+
+msgid "You have mail."
+msgstr "Du har post."
+
+msgid "no change"
+msgstr "ingen ændring"
+
+msgid "a palindrome"
+msgstr "et palindrom"
+
+msgid "case changes only"
+msgstr "kun versalændringer"
+
+msgid "too similar"
+msgstr "for ens"
+
+msgid "too simple"
+msgstr "for simpelt"
+
+msgid "rotated"
+msgstr "omrokeret"
+
+msgid "too short"
+msgstr "for kort"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Ugyldig adgangskode: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() mislykkedes, fejl %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: Adgangskode uændret\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: adgangskoden blev opdateret\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Ugyldig adgangskode for %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: flere tilvalg for --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: tilvalg »%s« kræver et argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: Kunne ikke afgive rettigheder (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: Ugyldig chroot-sti »%s«\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: Kan ikke tilgå chroot-mappe %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: Kan ikke tilgå chroot-mappe %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: Kan ikke chroot til mappe %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Ugyldig ENCRYPT_METHOD-værdi: »%s«.\n"
+"Vælger standard DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Kunne ikke skifte mappe til »%s«\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Ingen mappe, logger på med HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Kan ikke udføre %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ugyldig rodmappe »%s«\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Kan ikke ændre rodmappen til »%s«\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Kan ikke afgøre dit tty-navn."
+
+msgid "No"
+msgstr "Nej"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] LOGIND\n"
+"\n"
+"Tilvalg:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday SIDSTE_DAG sæt seneste adgangskodeændring til "
+"SIDSTE_DAG\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate UDLØBSDATO sæt kontoens udløbsdato til UDLØBSDATO\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr " -h, --help vis denne hjælpetekst og afslut\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INAKTIVT sæt inaktiv adgangskode efter udløb til\n"
+" INAKTIVT\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr " -l, --list vis forældelsesoplysninger for konto\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays MIN_DAGE sæt minimalt antal dage inden\n"
+" adgangskodeændring til MIN_DAGE\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays MAKS_DAGE sæt maksimalt antal dage inden\n"
+" adgangskodeændring til MAKS_DAGE\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -R, --root CHROOT_MAPPE mappe at chroote ind i\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays VARSELSDAGE sæt antallet af udløbsvarselsdage til\n"
+" VARSELSDAGE\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Angiv ny værdi eller tryk RETUR for standardværdien"
+
+msgid "Minimum Password Age"
+msgstr "Minimal alder for adgangskode"
+
+msgid "Maximum Password Age"
+msgstr "Maksimal alder for adgangskode"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Sidste ændring af adgangskode (ÅÅÅÅ-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Advarsel om udløb af adgangskode"
+
+msgid "Password Inactive"
+msgstr "Adgangskode inaktiv"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Udløbsdato for konto (ÅÅÅÅ-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Sidste ændring af adgangskode\t\t\t\t\t: "
+
+msgid "never"
+msgstr "aldrig"
+
+msgid "password must be changed"
+msgstr "adgangskoden skal ændres"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Adgangskode udløber\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Adgangskode inaktiv\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Konto udløber\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimalt antal dage mellem ændring af adgangskoden\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maksimalt antal dage mellem ændring af adgangskoden\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Antal dages forvarsel om adgangskodens udløb\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: Ugyldig dato »%s«\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: Ugyldig numerisk parameter »%s«\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: Medtag ikke »l« med andre flag\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Adgang nægtet.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Kan ikke afgøre dit brugernavn.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: Kan ikke låse %s; prøv igen senere.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: Kan ikke åbne %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: Kunne ikke skrive ændringer til %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: Skyggeadgangskodefilen findes ikke\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: Brugeren »%s« findes ikke i %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Ændrer forældelsesoplysninger for %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: Fejl ved ændring af felter\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [LOGIND]\n"
+"\n"
+"Tilvalg:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr " -f, --full-name FULDE_NAVN skift brugers fulde navn\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr " -h, --home-phone HJEMMETEL. skift brugers hjemmetelefonnr.\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+" -o, --other ANDEN_INFO skift brugers andre GECOS-information\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr " -r, --room VÆRELSESNUMMER skift brugers værelsesnummer\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr " -u, --help vis denne hjælpetekst og afslut\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr " -w, --work-phone ARBEJDSTEL. skift brugers kontortelefonnr.\n"
+
+msgid "Full Name"
+msgstr "Fulde navn"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Værelsesnummer"
+
+msgid "Work Phone"
+msgstr "Arbejdstelefon"
+
+msgid "Home Phone"
+msgstr "Telefon"
+
+msgid "Other"
+msgstr "Andet"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Kan ikke ændre id til root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: Navn med ikke-ASCII-tegn: »%s«\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: Ugyldigt navn: »%s«\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: Værelsesnummer med ikke-ASCII-tegn: »%s«\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: Ugyldigt værelsesnummer: »%s«\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: Ugyldig arbejdstelefon: »%s«\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: Ugyldig hjemmetelefon: »%s«\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: »%s« indeholder ikke-ASCII-tegn\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: »%s« indeholder ugyldige tegn\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: Brugeren »%s« findes ikke\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: Kan ikke ændre brugeren »%s« på NIS-klienten.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: »%s« er NIS-masteren for denne klient.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Ændrer brugeroplysninger for %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: Felter for lange\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg]\n"
+"\n"
+"Tilvalg:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method METODE crypt-metoden (en af %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr " -e, --encrypted angivne adgangskoder er krypterede\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 krypter adgangskoden med klartekst med brug "
+"af\n"
+" MD5-algoritmen\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds antal SHA-runder for SHA*\n"
+" crypt-algoritmerne\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: Flaget %s er kun tilladt med flaget %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: Flagene -c, -e og -m udelukker hinanden\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: Crypt-metode er ikke understøttet: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: Linje %d: Linjen er for lang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: Linje %d: Mangler ny adgangskode\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Kunne ikke skrive %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: Linje %d: Gruppe »%s« findes ikke\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Linje %d: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: Fejl opdaget, ændringerne blev ignoreret\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (Linje %d, bruger %s) adgangskode ikke ændret\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: Linje %d: Bruger »%s« findes ikke\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr " -s, --shell SKAL ny logindskal for brugerkontoen\n"
+
+msgid "Login Shell"
+msgstr "Logindskal"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Du kan ikke ændre skallen for »%s«.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Ændrer logindskallen for %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Ugyldigt punkt: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s er en ugyldig skal\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Advarsel: %s findes ikke\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Advarsel: %s er ikke kørbar\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check kontroller udløb for brugerens adgangskode\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force fremtving ændring af adgangskode hvis "
+"brugerens adgangskode\n"
+" er udløbet\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: Tilvalg %s og %s er i konflikt\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: Uventet argument: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr " -a, --all vis faillog-poster for alle brugere\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs SEK efter mislykket logind lås konto for SEK "
+"sekunder\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAKS angiv maksimum for mislykkede logind til "
+"MAKS\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset nulstil tælleren for mislykkede logind\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr " -t, --time DAGE vis faillog-poster nyere end DAGE\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user LOGIN/RANGE vis kun faillog-poster eller fejltællere "
+"for\n"
+" vedligehold og begrænsninger (hvis brugt med "
+"-r,\n"
+" -m, eller -l) for de angivne LOGIND'ER\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Kunne ikke indhente punktet for UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Logind Fejl Maksimum Seneste Tid\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus tilbage]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lås]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Kunne ikke nulstille fejlantal for UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Kunne ikke angive maks for UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Kunne ikke angive låsetid for UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Ukendt bruger eller interval: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Kan ikke indhente størrelsen for %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Kunne ikke skrive %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] GRUPPE\n"
+"\n"
+"Tilvalg:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add BRUGER tilføj BRUGER til GRUPPE\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete BRUGER fjern BRUGER fra GRUPPE\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root CHROOT_MAPPE mappe at chroote ind i\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password fjern GRUPPENS adgangskode\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict begræns adgang til GRUPPE til gruppens "
+"medlemmer\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr " -M, --members BRUGER,... angiv medlemslisten for GRUPPE\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" angiv administratorlisten for GRUPPE\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"Med undtagelse af tilvalgene -A og -M kan tilvalgene ikke kombineres.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Tilvalgene kan ikke kombineres.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: Adgangskode for shadowgruppe er krævet for -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: Gruppen »%s« findes ikke i %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: Fejl under lukning af skrivebeskyttet %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Ændrer adgangskoden for gruppen %s\n"
+
+msgid "New Password: "
+msgstr "Ny adgangskode: "
+
+msgid "Re-enter new password: "
+msgstr "Gentag ny adgangskode: "
+
+msgid "They don't match; try again"
+msgstr "De er ikke ens. Prøv igen"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Prøv igen senere\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Tilføjer brugeren %s til gruppen %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Fjerner brugeren %s fra gruppen %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: Brugeren »%s« er ikke medlem af »%s«\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Ikke en tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] GRUPPE\n"
+"\n"
+"Tilvalg:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force afslut hvis gruppen allerede findes,\n"
+" og afbryd -g hvis GID'en allerede bruges\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID anvend GID for den nye gruppe\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr " -K, --key NØGLE=VÆRDI overskriv /etc/login.defs-standarder\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique tillad at oprette grupper med den samme\n"
+" (ikke unikke) GID\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password ADGANGSKODE brug denne krypterede adgangskode for den "
+"nye gruppe\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system opret en systemkonto\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: »%s« er ikke et gyldigt gruppenavn\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: Ugyldigt gruppe-id »%s«\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K kræver NØGLE=VÆRDI\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: gruppen »%s« findes allerede\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID »%lu« findes allerede\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Kan ikke opsætte tjenesten cleanup.\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -r, --reset nulstil tælleren for mislykkede logind\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: Kan ikke fjerne punkt »%s« fra %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: Kan ikke fjerne den primære gruppe for bruger »%s«.\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: Gruppe »%s« findes ikke\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: Gruppe »%s« er en NIS-gruppe.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s er NIS-masteren\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: Bruger »%s« er allerede medlem af »%s«\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Ikke nok hukommelse. Kan ikke opdatere %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [handling]\n"
+"\n"
+"Tilvalg:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group groupname ændr gruppenavn i stedet for brugerens "
+"gruppe\n"
+" (kun root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Handlinger:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add brugernavn tilføj brugernavn til medlemmer af gruppen\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete brugernavn fjern brugernavn fra medlemmer af gruppen\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+" -p, --purge afinstaller alle medlemmer fra gruppen\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list vis medlemmer af gruppen\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: Dit gruppenavn svarer ikke overens med dit brugernavn\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: Kun root kan bruge tilvalget -g/--group\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID ændr gruppe-id'et til GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name NY_GRUPPE ændr navnet til NY_GRUPPE\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique tillad at bruge en tilsvarende (der ikke er "
+"unik) GID\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password ADGANGSKODE ændr adgangskoden til denne (krypteret)\n"
+" ADGANGSKODE\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: Ugyldigt gruppenavn »%s«\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: Gruppen %s er en NIS-gruppe\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: Ukendt bruger %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [gruppe [gskygge]]\n"
+"\n"
+"Tilvalg:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [gruppe]\n"
+"\n"
+"Tilvalg:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only vis fejl og advarsler\n"
+" men ændr ikke filer\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort sorter punkter efter UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s og -r er ikke kompatible\n"
+
+msgid "invalid group file entry"
+msgstr "ugyldig gruppefilspunkt"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "slet linjen »%s«? "
+
+msgid "duplicate group entry"
+msgstr "gruppepunktet er en dublet"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ugyldigt gruppenavn »%s«\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ugyldigt gruppe-id »%lu«\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "gruppe %s: ingen bruger %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "slet medlemmet »%s«? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "intet tilsvarende gruppefilspunkt i %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "tilføj gruppe »%s« i %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"gruppe %s har et punkt i %s, men dennes adgangskodefelt i %s er ikke angivet "
+"til »x«\n"
+
+msgid "invalid shadow group file entry"
+msgstr "ugyldigt skyggegruppefilspunkt"
+
+msgid "duplicate shadow group entry"
+msgstr "skyggegruppepunkt er en dublet"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "skyggegruppen %s: ingen administratorbruger %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "slet administratormedlemmet »%s«? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "skyggegruppen %s: Ingen bruger %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: Filerne er blevet opdateret\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: Ingen ændringer\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: Kan ikke slette %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Brug: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Brug: id\n"
+
+msgid " groups="
+msgstr " grupper="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before DAGE vis kun lastlog-poster, der er ældre\n"
+" end DAGE\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr " -a, --all vis faillog-poster for alle brugere\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr " -a, --all vis faillog-poster for alle brugere\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DAGE vis kun lastlog-poster, der er nyere\n"
+" end DAGE\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user LOGIND vis lastlog-poster for brugeren med\n"
+" det angivne LOGIND\n"
+
+msgid "Username Port From Latest"
+msgstr "Brugernavn Port Fra Seneste"
+
+msgid "Username Port Latest"
+msgstr "Brugernavn Port Seneste"
+
+msgid "**Never logged in**"
+msgstr "**Har aldrig logget på**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Kunne ikke indhente punktet for UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: Kunne ikke nulstille lastlog-punktet for UID %lu: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Brug: %s [-p] [navn]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h vært] [-f navn]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r vært\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "konfigurationsfejl - kan ikke fortolke %s-værdi: »%d«"
+
+msgid "Invalid login time"
+msgstr "Ugyldig logindtid"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systemet er lukket for rutinemæssig vedligehold"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Afbrød ikke forbindelsen - root-logind er tilladt.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Kan umuligt arbejde uden effektiv root\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr "Intet utmp-punkt. Du skal køre »login« fra det laveste »sh-niveau«"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Logind udløb efter %u sekunder.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM-fejl, afbryder: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s logind: "
+
+msgid "login: "
+msgstr "logind: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maksimalt antal forsøg overgået (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM har anmodet om afbrydelse\n"
+
+msgid "Login incorrect"
+msgstr "Forkert logind"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Kan ikke finde bruger (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s logind: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: Fejl under forgrening: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY mislykkedes på %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Advarsel: Logind genetableret efter midlertidig udelukkelse."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Sidst logget på: %s på %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Sidst logget på: %.19s på %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " fra %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"logindtid overskredet\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Brug: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Brug: newgrp [-] [gruppe]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Brug: sg gruppe [[-c] kommando]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Kunne ikke skrive %s: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Ugyldig adgangskode.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fejl under forgrening: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID »%lu« findes ikke\n"
+
+msgid "too many groups\n"
+msgstr "for mange grupper\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system opret systemkontoer\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: gruppe »%s« er en skyggegruppe, men findes ikke i /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: Ugyldigt bruger-id »%s«\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: Ugyldigt brugernavn »%s«\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: Linje %d: Ugyldig linje\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: Kan ikke opdatere punktet for brugeren %s (ikke i passwd-databasen)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: Linje %d: Kan ikke oprette bruger\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: Linje %d: Kan ikke oprette gruppe\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: Linje %d: Bruger »%s« findes ikke i %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: Linje %d: Kan ikke opdatere adgangskode\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: Linje %d: mkdir %s fejlede: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: Linje %d: chown %s fejlede: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: Linje %d: Kan ikke opdatere punktet\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: Kan ikke oprette bruger\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: Kan ikke oprette gruppe\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all rapporter alle kontis adgangskodestatus\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+" -d, --delete slet den navngivne kontos adgangskode\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire gennemtving udløb af den navngivne kontos\n"
+" adgangskode\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens skift kun adgangskode, hvis den er udløbet\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INAKTIVE set udløbne adgangskoder til INAKTIVE\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -l, --lock læs den navngivne konto\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_DAGE angiv minimale antal dage inden skift af\n"
+" adgangskode til MIN_DAGE\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet tavs tilstand\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+" -r, --repository SAMLING skift adgangskode i samlingen SAMLING\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status raporter den navngivne kontos\n"
+" adgangskodestatus\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+" -u, --unlock åbn adgangskoden på den navngivne konto\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr " -w, --warndays ADVAR_DAGE advar om udløb i ADVAR_DAGE dage\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAKS_DAGE sæt det maksimale antal dage inden skift af\n"
+" adgangskode til MAKS_DAGE\n"
+
+msgid "Old password: "
+msgstr "Gammel adgangskode: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Angiv ny adgangskode (mindst %d tegn)\n"
+"Brug en kombination af små og store bogstaver samt tal.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Angiv ny adgangskode (mindst %d, højst %d tegn)\n"
+"Brug en kombination af små og store bogstaver samt tal.\n"
+
+msgid "New password: "
+msgstr "Ny adgangskode: "
+
+msgid "Try again."
+msgstr "Prøv igen."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Advarsel: Svag adgangskode (skriv den igen for at bruge den alligevel)."
+
+msgid "They don't match; try again.\n"
+msgstr "De er ikke ens; prøv igen.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Adgangskoden for %s kan ikke ændres.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Adgangskoden for %s kan endnu ikke ændres.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: Åbning af adgangskode vil medføre en konto uden adgangskode.\n"
+"Du bør angive en adgangskode med usermod -p for at åbne adgangskoden for "
+"denne konto.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: Arkiv %s understøttes ikke\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s er ikke godkendt til at ændre adgangskoden på %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Du har ikke lov til at se adgangskodeoplysninger for %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Ændrer adgangskode for %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Adgangskoden for %s er uændret.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: Adgangskode ændret.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: Information om udløb af adgangskode blev ændret.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [adgangskode]\n"
+"\n"
+"Tilvalg:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [adgangskode [skygge]]\n"
+"\n"
+"Tilvalg:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet rapporter kun fejl\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr "%s: Ingen alternativ skyggefil er tilladt, når USE_TCB er aktiveret.\n"
+
+msgid "invalid password file entry"
+msgstr "ugyldig linje i adgangskodepunkt"
+
+msgid "duplicate password entry"
+msgstr "adgangskodepunkt er en dublet"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ugyldigt brugernavn »%s«\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "ugyldigt bruger-id »%lu«\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "bruger »%s«: Ingen gruppe %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "bruger »%s«: Mappen »%s« findes ikke\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "bruger »%s«: Programmet »%s« findes ikke\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "ingen tcb-mappe for %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "opret tcb-mappe for %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "kan ikke oprette tcb-mappe for %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: Kan ikke låse %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "intet tilsvarende adgangskodepunkt i %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "tilføj brugeren »%s« i %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"bruger %s har et punkt i %s, men dets adgangskodefelt i %s er ikke angivet "
+"til »x«\n"
+
+msgid "invalid shadow password file entry"
+msgstr "ugyldigt punkt i skyggeadgangskodefil"
+
+msgid "duplicate shadow password entry"
+msgstr "skyggeadgangskodepunkt er en dublet"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "bruger %s: seneste ændring af adgangskoden skete i fremtiden\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: Kan ikke sortere punkter i %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: Kan ikke arbejde med tcb aktiveret\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: Kunne ikke ændre tilstanden for %s til 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Adgang til at udføre su til den konto er NÆGTET.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Gik uden om adgangskodegodkendelse.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Angiv din EGEN adgangskode som godkendelse.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Kan ikke forgrene brugerskal\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: Forkert signal\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: Forkert signalmasking\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Session termineret, terminerer skal..."
+
+msgid " ...killed.\n"
+msgstr " ...dræbt.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...venter på at underproces termineres.\n"
+
+msgid " ...terminated.\n"
+msgstr " ...termineret.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Brug: su [tilvalg] [LOGIND]\n"
+"\n"
+"Tilvalg:\n"
+" -c, --command KOMMANDO videregiv KOMMANDO til den startede skal\n"
+" -h, --help vis denne hjælpebesked og afslut\n"
+" -, -l, --login gør skallen til en logind-skal\n"
+" -m, -p,\n"
+" --preserve-environment nulstil ikke miljøvariable, og behold\n"
+" den samme skal\n"
+" -s, --shell SKAL benyt SKAL i stedet for standard-skallen\n"
+" i passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignoreret)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Du er ikke autoriseret til at su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Angiv din adgangskode)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Godkendelse mislykkedes\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Du er ikke autoriseret til at su på det tidspunkt\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Intet adgangskodepunkt for bruger »%s«\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: Skal køres fra en terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: Fejl %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Kan ikke fjerne den kontrollerende terminal\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Kan ikke udføre %s\n"
+
+msgid "No password file"
+msgstr "Ingen adgangskodefil"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY mislykkedes"
+
+msgid "No password entry for 'root'"
+msgstr "Intet adgangskodepunkt for »root«"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Tryk control-d for at fortsætte den normale opstart,\n"
+"(eller angiv root-adgangskoden for systemvedligehold):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "GÃ¥r i systemvedligeholdelsestilstand"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s blev oprettet, men kunne ikke fjernes\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: Konfigurationen %s i %s vil blive ignoreret\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: Kan ikke oprette ny standardværdifil\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: Kan ikke åbne ny standardværdifil\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: Linje for lang i %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Kan ikke oprette symbolsk henvisning %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: Omdøb: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: Gruppen »%s« er en NIS-gruppe.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: Der er angivet for mange grupper (højst %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] LOGIND\n"
+" %s -D\n"
+" %s -D [tilvalg]\n"
+"\n"
+"Tilvalg:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir BASIS_MAP basismappe for hjemmemappen på den nye\n"
+" konto\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment KOMMENTAR GECOS-felt på den nye konto\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir HJEMMEMAPPE hjemmemappe på den nye konto\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults udskriv eller ændr standard for "
+"konfigurationen af useradd\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr " -e, --expiredate UDLØBSDATO udløbsdato på den nye konto\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive INAKTIVE inaktiv periode for adgangskode på den nye "
+"konto\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid GRUPPE navn eller id på den primære gruppe på den "
+"nye\n"
+" konto\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups GROUPS liste af suplementære grupper for den nye\n"
+" konto\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr " -k, --skel SKEL_DIR brug denne alternative skeletmappe\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init tilføj ikke brugeren til lastlog- og \n"
+" faillog-databaserne\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr " -m, --create-home opret brugerens hjemmemappe\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr " -M, --no-create-home opret ikke brugerens hjemmemappe\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group opret ikke en gruppe med det samme navn som\n"
+" brugeren\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique tillad oprettelse af brugere med ens\n"
+" (der ikke er unik) UID\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+" -p, --password ADGANGSKODE krypteret adgangskode for den nye konto\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell SKAL logindskal for den nye konto\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID bruger-id for den nye konto\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group opret en gruppe med det samme navn som "
+"brugeren\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SE_BRUGER brug en specifik SE_BRUGER for "
+"kortlægningen af SELinux-brugere\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: Ugyldig basismappe »%s«\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: Ugyldig kommentar »%s«\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: Ugyldig hjemmemappe »%s«\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: Der kræves skyggeadgangskoder for -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: Der kræves skyggeadgangskoder for -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: Ugyldigt felt »%s«\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: Ugyldig skal »%s«\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z kræver SELinux-aktiveret kerne\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: Kunne ikke nulstille faillog-punktet for UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: Kunne ikke nulstille lastlog-punktet for UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: Kan ikke oprette mappen %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Opretter postboksfil"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Gruppen »mail« blev ikke fundet. Opretter brugerens postboksfil med "
+"tilstanden 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Indstiller postboksfilens rettigheder"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: Brugeren »%s« findes allerede\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: Gruppen %s findes - brug -g hvis du vil tilføje denne bruger til den "
+"gruppe.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: Kan ikke oprette bruger\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu er ikke unik\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Kan ikke oprette tcv-mappe for %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: Kan ikke oprette gruppe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: Kan ikke oprette bruger\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: Kan ikke oprette gruppe\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: Advarsel: Hjemmemappen findes allerede.\n"
+"Kopierer ikke nogen filer til den fra skelet-mappen.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: Advarsel: Brugernavnet %s til %s SELinux-brugerkortlægning mislykkedes.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force gennemtving fjernelse af filer,\n"
+" selvom de ikke ejers af brugeren\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr " -r, --remove fjern home-mappen og postkøen\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user fjern alle SELinux-brugerkortlægninger for "
+"brugeren\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: Gruppe %s er ikke fjernet, da den ikke er den primære gruppe for bruger "
+"%s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: Gruppe %s er ikke fjernet da gruppen har andre medlemmer.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Gruppe %s er den primære gruppe for en anden bruger og fjernes ikke.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: Kan ikke fjerne punkt »%s« fra %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s postkø (%s) er ikke fundet\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: Advarsel: Kan ikke fjerne %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ejes ikke af %s, fjerner ikke\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: Kan ikke allokere hukommelse, tcb-punkt for %s blev ikke fjernet.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Kan ikke smide privilegier: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Kan ikke fjerne indholdet af %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Kan ikke fjerne tcb-filer for %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: Brugeren %s er en NIS-bruger\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s hjemmemappe (%s) er ikke fundet\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: Fjerner ikke mappen %s (det ville fjerne hjemmemappen for brugeren %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: Fejl under fjernelse af mappen %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: Advarsel: Brugernavnet %s for fjernelse af SELinux-brugerkortlægning "
+"mislykkedes.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment KOMMENTAR ny værdi til GECOS-feltet\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr " -d, --home-dir HJEMMEMAPPE den nye brugerkontos hjemmemappe\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate UDLØBSDATO sæt kontoens udløbsdato til UDLØBSDATO\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INAKTIV sæt inaktiv adgangskode til INAKTIV efter\n"
+" udløb\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid GRUPPE gennemtving brugen af GRUPPE til den nye\n"
+" primære gruppe\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups GRUPPER ny liste med supplerende grupper\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append tilføj brugeren til de supplementære "
+"GRUPPER\n"
+" nævnt af tilvalget -G uden at fjerne "
+"personen\n"
+" fra andre grupper\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login NYT_LOGIND ny værdi til logindnavnet\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock lås brugerkontoen\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home flyt indholdet af hjemmemappen til den nye\n"
+" placering (brug kun sammen med -d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique tillad oprettelse af ens (der ikke er unik) "
+"UID\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password ADGANGSKODE brug krypteret adgangskode til den nye\n"
+" adgangskode\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID ny UID til brugerkontoen\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock åbn brugerkontoen\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user SEUSER ny SELinux-brugerkortlægning for "
+"brugerkontoen\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: Fjernelse af lås på brugerens adgangskode vil medføre en konto uden "
+"adgangskode.\n"
+"Du bør angive en adgangskode med usermod -p for at åbne lås for denne "
+"brugers adgangskode.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: Brugeren »%s« findes allerede i %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: Ugyldig dato »%s«\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: Ugyldig dato »%s«\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: Ingen tilvalg\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: Flagene -L, -p og -U udelukker hinanden\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: Skyggeadgangskoder kræves for -e og -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID »%lu« findes allerede\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s er ikke godkendt til at ændre adgangskoden på %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: Mappen %s findes\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Den tidligere hjemmemappe (%s) var ikke en mappe. Den fjernes ikke og "
+"ingen hjemmemappe oprettes.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Kunne ikke ændre ejerskab af hjemmemappen"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: Advarsel: Kunne ikke fjerne den gamle hjemmemappe %s fuldstændigt"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: Kan ikke omdøbe mappen %s til %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Kunne ikke kopiere lastlog-punktet for bruger %lu til bruger %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Kunne ikke kopiere faillog-punktet for bruger %lu til bruger %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: Advarsel: %s ejes ikke af %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "kunne ikke ændre postkassens ejer"
+
+msgid "failed to rename mailbox"
+msgstr "kunne ikke omdøbe postkasse"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Du har ændret %s.\n"
+"Du skal måske ændre %s for konsistens.\n"
+"Brug venligst kommandoen »%s« til dette.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group rediger gruppedatabase\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd rediger passwd-database\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+" -s, --shadow rediger skygge- eller gskyggedatabase\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+" -u, --user hvilken brugers tcb-skyggefil at redigere\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: Kunne ikke fjerne %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s er uændret\n"
+
+msgid "failed to create scratch directory"
+msgstr "kunne ikke oprette scratch-mappe"
+
+msgid "failed to drop privileges"
+msgstr "kunne ikke afgive rettigheder"
+
+msgid "Couldn't get file context"
+msgstr "Kunne ikke indhente filkontekst"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () mislykkedes"
+
+msgid "failed to gain privileges"
+msgstr "kunne ikke opnå rettigheder"
+
+msgid "Couldn't lock file"
+msgstr "Kunne ikke låse filen"
+
+msgid "Couldn't make backup"
+msgstr "Kunne ikke lave sikkerhedskopi"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nscd afsluttede med status %d"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "kunne ikke åbne scratch-fil"
+
+msgid "failed to unlink scratch file"
+msgstr "kunne ikke fjerne henvisning for scratch-fil"
+
+msgid "failed to stat edited file"
+msgstr "kunne ikke stat redigeret fil"
+
+msgid "failed to allocate memory"
+msgstr "kunne ikke tildele hukommelse"
+
+msgid "failed to create backup file"
+msgstr "kunne ikke oprette sikkerhedskopifil"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: Kan ikke gendanne %s: %s (dine ændringer er i %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: Kunne ikke finde tcb-mappe for %s\n"
diff --git a/po/de.po b/po/de.po
new file mode 100644
index 0000000..e2b0cd7
--- /dev/null
+++ b/po/de.po
@@ -0,0 +1,2533 @@
+# shadow de.po
+# Copyright (C) 1999 Free Software Foundation, Inc.
+# Frank Schmid <frank@cs-schmid.de>, 2002
+# Holger Wansing <linux@wansing-online.de>, 2006, 2008, 2009, 2011, 2012, 2014.
+# Patches, suggestions, etc welcome.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.2-2\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2012-05-20 19:52+0200\n"
+"PO-Revision-Date: 2014-07-27 23:06+0200\n"
+"Last-Translator: Holger Wansing <hwansing@mailbox.org>\n"
+"Language-Team: German <debian-l10n-german@lists.debian.org>\n"
+"Language: de\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Mehrere Einträge namens »%s« in %s. Bitte beheben Sie dies mit pwck oder "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "Verschlüsselungsmethode von libcrypt nicht unterstützt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "Konfigurationsfehler - Wert für %s kann nicht ausgewertet werden: »%s«"
+
+msgid "Could not allocate space for config info.\n"
+msgstr ""
+"Es konnte kein Speicherplatz für Konfigurationsinformationen reserviert "
+"werden.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"Konfigurationsfehler - Element »%s« unbekannt (Administrator verständigen).\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd wurde nicht normal beendet (Signal %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd wurde mit Status %d beendet\n"
+
+msgid "Password: "
+msgstr "Passwort: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Passwort von %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "SELinux-Management-Handhabung kann nicht erstellt werden\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux-Richtlinie nicht verwaltet\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "SELinux-Richtlinien-Speicher kann nicht gelesen werden\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "SELinux-Management-Verbindung kann nicht aufgebaut werden\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "SELinux-Vorgang kann nicht gestartet werden\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "seuser für %s konnte nicht abgefragt werden\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "serange für %s konnte nicht gesetzt werden\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "sename für %s konnte nicht gesetzt werden\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Login-Zuordnung für %s konnte nicht verändert werden\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "SELinux-Login-Zuordnung für %s kann nicht erstellt werden\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Name für %s konnte nicht gesetzt werden\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "SELinux-Benutzer für %s konnte nicht gesetzt werden\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Login-Zuordnung für %s konnte nicht hinzugefügt werden\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "SELinux-Management kann nicht initialisiert werden\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "SELinux-Benutzerschlüssel kann nicht erstellt werden\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "SELinux-Benutzer kann nicht verifiziert werden\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "SELinux-Benutzer-Zuordnung kann nicht verändert werden\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "SELinux-Benutzer-Zuordnung kann nicht hinzugefügt werden\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "SELinux-Vorgang kann nicht eingepflegt werden\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Login-Zuordnung für %s ist nicht definiert; dies ist OK, falls die Standard-"
+"Zuordnung verwendet wurde\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"Login-Zuordnung für %s ist in der Richtlinie definiert, kann nicht gelöscht "
+"werden\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Login-Zuordnung für %s konnte nicht gelöscht werden"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: Speicher erschöpft\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: %s kann nicht mit stat abgefragt werden: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s ist weder ein Verzeichnis noch eine symbolische Verknüpfung.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Symbolische Verknüpfung %s kann nicht gelesen werden: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Verdächtig lange symbolische Verknüpfung: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Verzeichnis %s kann nicht erstellt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Eigentümer von %s kann nicht geändert werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Berechtigungen von %s können nicht geändert werden: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: Löschen (unlink): %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Verzeichnis %s kann nicht entfernt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: %s kann nicht in %s umbenannt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: %s kann nicht entfernt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Symbolische Verknüpfung %s kann nicht erstellt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Eigentümer von %s können nicht geändert werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: %s kann nicht mit lstat abgefragt werden: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Warnung: Benutzer %s hat keine tcb-shadow-Datei.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Ernstes Problem: %ss tcb-shadow ist keine reguläre Datei mit "
+"st_nlink=1.\n"
+"Der Benutzerzugang bleibt gesperrt.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir (Verzeichnis erstellen): %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %s kann nicht geöffnet werden: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Warnung: unbekannte Gruppe %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Warnung: zu viele Gruppen\n"
+
+msgid "Your password has expired."
+msgstr "Ihr Passwort ist abgelaufen."
+
+msgid "Your password is inactive."
+msgstr "Ihr Passwort ist inaktiv."
+
+msgid "Your login has expired."
+msgstr "Ihr Benutzerzugang ist abgelaufen."
+
+msgid " Contact the system administrator."
+msgstr " Verständigen Sie den Systemadministrator."
+
+msgid " Choose a new password."
+msgstr " Wählen Sie ein neues Passwort."
+
+msgid "You must change your password."
+msgstr "Sie müssen Ihr Passwort ändern."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Ihr Passwort läuft in %ld Tagen ab.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Ihr Passwort läuft morgen ab."
+
+msgid "Your password will expire today."
+msgstr "Ihr Passwort läuft heute ab."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Audit-Schnittstelle konnte nicht geöffnet werden - Abbruch.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Eigentümer oder Modus von tty stdin kann nicht geändert werden: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: Entsperren von %s fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Umgebungsüberlauf\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Sie dürfen $%s nicht ändern.\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d Fehlversuch seit letzter Anmeldung.\n"
+"Der letzte war am %s auf %s.\n"
+msgstr[1] ""
+"%d Fehlversuche seit letzter Anmeldung.\n"
+"Der letzte war am %s auf %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Ungültige Konfiguration: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ungültige Konfiguration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: Speicherreservierung fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: Keine einmalige System-GID bekommen (keine GIDs mehr verfügbar)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Keine einmalige GID bekommen (keine GIDs mehr verfügbar)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Ungültige Konfiguration: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ungültige Konfiguration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: Keine einmalige System-UID bekommen (keine UIDs mehr verfügbar)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Keine einmalige UID bekommen (keine UIDs mehr verfügbar)\n"
+
+msgid "Too many logins.\n"
+msgstr "Zu viele Anmeldungen.\n"
+
+msgid "You have new mail."
+msgstr "Neue E-Mails vorhanden."
+
+msgid "No mail."
+msgstr "Keine E-Mails vorhanden."
+
+msgid "You have mail."
+msgstr "E-Mails vorhanden."
+
+msgid "no change"
+msgstr "keine Änderungen"
+
+msgid "a palindrome"
+msgstr "ein Palindrom"
+
+msgid "case changes only"
+msgstr "nur Änderungen bei Groß-/Kleinschreibung"
+
+msgid "too similar"
+msgstr "zu ähnlich"
+
+msgid "too simple"
+msgstr "zu einfach"
+
+msgid "rotated"
+msgstr "rotiert"
+
+msgid "too short"
+msgstr "zu kurz"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Schlechtes Passwort: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() fehlgeschlagen, Fehler %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: Passwort nicht geändert\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: Passwort erfolgreich geändert\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Falsches Passwort für %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: mehrfache »--root«-Optionen\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: Option »%s« erfordert ein Argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: Fehler beim Entfernen der Privilegien (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: Ungültiger chroot-Pfad »%s«\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: auf chroot-Verzeichnis %s kann nicht zugegriffen werden: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: chroot-Wechsel in Verzeichnis %s nicht möglich: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Ungültiger Wert für ENCRYPT_METHOD: »%s«.\n"
+"Standard DES wird gewählt.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Es konnte nicht in das Verzeichnis »%s« gewechselt werden.\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Kein Verzeichnis, Anmeldung mit HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s konnte nicht ausgeführt werden"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ungültiges root-Verzeichnis »%s«\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "root-Verzeichnis kann nicht auf »%s« geändert werden.\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Ihr tty-Name konnte nicht festgestellt werden."
+
+msgid "No"
+msgstr "Nein"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] BENUTZERZUGANG\n"
+"\n"
+"Optionen:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday LETZTER_TAG Tag der letzten Passwortänderung auf\n"
+" LETZTER_TAG setzen\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate ABL_DATUM Ablaufdatum des Benutzerzugangs auf\n"
+" ABL_DATUM setzen\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr " -h, --help Diese Hilfe anzeigen, sonst nichts\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INAKTIV Passwort nach Ablauf von INAKTIV\n"
+" deaktivieren\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+" -l, --list Informationen zu Ablaufdaten usw. anzeigen\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays MIN_TAGE Minimale Anzahl der Tage vor\n"
+" Passwortänderung auf MIN_TAGE setzen\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays MAX_TAGE Maximale Anzahl der Tage vor\n"
+" Passwortänderung auf MAX_TAGE setzen\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -R, --root CHROOT_VERZ Verzeichnis für chroot\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays WARN_TAGE Anzahl der Tage für Ablaufwarnung auf\n"
+" WARN_TAGE setzen\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Geben Sie einen neuen Wert an oder drücken Sie ENTER für den Standardwert"
+
+msgid "Minimum Password Age"
+msgstr "Minimales Passwortalter"
+
+msgid "Maximum Password Age"
+msgstr "Maximales Passwortalter"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Letzte Passwortänderung (JJJJ-MM-TT)"
+
+msgid "Password Expiration Warning"
+msgstr "Passwortablaufwarnung"
+
+msgid "Password Inactive"
+msgstr "Passwort inaktiv"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Ablaufdatum des Benutzerzugangs (JJJJ-MM-TT)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Letzte Passwortänderung\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nie"
+
+msgid "password must be changed"
+msgstr "Passwort muss geändert werden"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Passwort läuft ab\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Passwort inaktiv\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Benutzerzugang läuft ab\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimale Anzahl der Tage zwischen Passwortänderungen\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maximale Anzahl der Tage zwischen Passwortänderungen\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Anzahl Tage, an denen vor Passwortablauf gewarnt wird\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: Ungültiges Datum »%s«\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: Ungültiges numerisches Argument »%s«\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: benutzen Sie »l« nicht mit anderen Optionen.\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Erlaubnis verweigert.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Ihr Benutzername konnte nicht bestimmt werden.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr ""
+"%s: %s konnte nicht gesperrt werden; versuchen Sie es später noch einmal.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: %s konnte nicht geöffnet werden.\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: Fehler beim Schreiben der Änderungen nach %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Vorbereiten des neuen %s-Eintrags »%s« fehlgeschlagen.\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: shadow-Passwortdatei ist nicht vorhanden.\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: Benutzer »%s« ist in %s nicht vorhanden.\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Passwortalterung für %s wird geändert.\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: Fehler beim Ändern der Felder\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] [BENUTZERZUGANG]\n"
+"\n"
+"Optionen:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr " -f, --full-name VOLLST_NAME Vollständigen Benutzernamen ändern\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+" -h, --home-phone TEL_PRIVAT Private Telefonnummer des Benutzers ändern\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+" -o, --other SONSTIGE_INFO Sonst. GECOS-Information des Benutzers "
+"ändern\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr " -r, --room ZIMMERNUMMER Zimmernummer des Benutzers ändern\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr " -u, --help Diese Hilfe anzeigen, sonst nichts\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+" -w, --work-phone TEL_GESCH Geschäftl. Telefonnummer des Benutzers "
+"ändern\n"
+
+msgid "Full Name"
+msgstr "Vollständiger Name"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Zimmernummer"
+
+msgid "Work Phone"
+msgstr "Telefon geschäftlich"
+
+msgid "Home Phone"
+msgstr "Telefon privat"
+
+msgid "Other"
+msgstr "Sonstiges"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ID konnte nicht auf root geändert werden.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: Name mit Zeichen, die nicht zum ASCII-Zeichensatz gehören: »%s«\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: Ungültiger Name: »%s«\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+"%s: Zimmernummer mit Zeichen, die nicht zum ASCII-Zeichensatz gehören: »%s«\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: Ungültige Zimmernummer: »%s«\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: Ungültige Telefon-Nr. (geschäftlich): »%s«\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: Ungültige Telefon-Nr. (privat): »%s«\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: »%s« enthält Zeichen, die nicht zum ASCII-Zeichensatz gehören.\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: »%s« enthält ungültige Zeichen.\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: Benutzer »%s« ist nicht vorhanden.\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: Benutzer »%s« auf dem NIS-Client konnte nicht geändert werden.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: »%s« ist der NIS-Master für diesen Client.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Benutzerinformationen für %s werden geändert.\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: Felder zu lang\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen]\n"
+"\n"
+"Optionen:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+" -c, --crypt-method METHODE Verschlüsselungsmethode (eine der\n"
+" folgenden: %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+" -e, --encrypted Angegebene Passwörter sind verschlüsselt\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 Die Klartext-Passwörter mittels MD5-\n"
+" Algorithmus verschlüsseln\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds Anzahl der SHA-Runden für den SHA*-\n"
+" Verschlüsselungs-Algorithmus\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s ist nur zusammen mit %s erlaubt.\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e und -m können nur exklusiv genutzt werden.\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: Nicht unterstützte Verschlüsselungsmethode: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: Zeile %d: Zeile zu lang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: Zeile %d: Neues Passwort fehlt\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: Zeile %d: Gruppe »%s« existiert nicht\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Zeile %d: Neuer %s-Eintrag »%s« konnte nicht vorbereitet werden.\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: Fehler entdeckt, Änderungen verworfen\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (Zeile %d, Benutzer %s) Passwort nicht geändert\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: Zeile %d: Benutzer »%s« ist nicht vorhanden.\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell SHELL Neue Login-Shell für den Benutzerzugang\n"
+
+msgid "Login Shell"
+msgstr "Login-Shell"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Sie dürfen die Shell für »%s« nicht ändern.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Login-Shell für %s wird geändert.\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Ungültiger Eintrag: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s ist eine ungültige Shell\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Warnung: %s ist nicht vorhanden.\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Warnung: %s nicht ausführbar.\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check Ablauf des Benutzerpassworts überprüfen\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force Passwortänderung erzwingen, wenn das "
+"Benutzer-\n"
+" passwort abgelaufen ist\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: Optionen %s und %s stehen im Konflikt zueinander.\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: Unerwartetes Argument: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all Aufzeichnungen fehlgeschlagener Anmeldungen\n"
+" für alle Benutzer anzeigen\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-time SEK Den Benutzerzugang nach fehlgeschlagener\n"
+" Anmeldung für SEK Sekunden sperren\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAX Maximal mögliche Anzahl fehlgeschlagener\n"
+" Anmeldungen auf MAX setzen\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset Zähler fehlgeschlagener Anmeldungen\n"
+" zurücksetzen\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time TAGE Aufzeichnungen fehlgeschlagener Anmeldungen\n"
+" anzeigen, die jünger als TAGE sind\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user BENUTZERZUGANG/ Aufzeichnungen fehlgeschlagener Anmeldungen\n"
+" BEREICH anzeigen bzw. Verwalten von Zählern und Be-\n"
+" schränkungen (falls mit Optionen -r, -m "
+"oder\n"
+" -l aufgerufen) nur für BENUTZERZUGANG\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Auslesen des Eintrags für UID %lu fehlgeschlagen\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Login Fehlver. Maximum Letzter Auf\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus übrig]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds Sperre]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+"%s: Zurücksetzen des Zählers fehlgeschlagener Anmeldungen für UID %lu "
+"fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Setzen des Max-Werts für UID %lu fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Setzen der Sperrzeit für UID %lu fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Unbekannter Benutzer oder Bereich: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Auslesen der Größe von %s fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Schreiben von %s fehlgeschlagen: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Option] GRUPPE\n"
+"\n"
+"Optionen:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add BENUTZER BENUTZER zu GRUPPE hinzufügen\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete BENUTZER BENUTZER aus GRUPPE entfernen\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root CHROOT_VERZ Verzeichnis für chroot\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password Passwort der GRUPPE entfernen\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict Zugriff zu GRUPPE auf ihre Mitglieder\n"
+" beschränken\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+" -M, --members BENUTZER,... Liste der Mitglieder von GRUPPE setzen\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" Liste der Administratoren für GRUPPE setzen\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Außer für -A und -M können die Optionen nicht kombiniert werden.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Die Optionen können nicht kombiniert werden.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: shadow-Gruppenpasswörter für -A erforderlich\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: Gruppe »%s« existiert nicht in %s.\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: Fehler beim Schließen von %s im Nur-Lese-Modus\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Passwort für die Gruppe %s wird geändert.\n"
+
+msgid "New Password: "
+msgstr "Neues Passwort: "
+
+msgid "Re-enter new password: "
+msgstr "Passwort wiederholen: "
+
+msgid "They don't match; try again"
+msgstr "Keine Ãœbereinstimmung; versuchen Sie es noch einmal."
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Versuchen Sie es später noch einmal.\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Benutzer %s wird zur Gruppe %s hinzugefügt.\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Benutzer %s wird aus der Gruppe %s entfernt.\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: Benutzer »%s« ist kein Mitglied von »%s«.\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Kein tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] GRUPPE\n"
+"\n"
+"Optionen:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force Ohne Fehler beenden, falls die Gruppe\n"
+" bereits existiert\n"
+" und Operation für -g abbrechen, falls die\n"
+" GID bereits verwendet wird\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID GID für die neue Gruppe benutzen\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key SCHLÃœSSEL=WERT Die Vorgabewerte in /etc/login.defs\n"
+" überschreiben\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique Erstellen einer Gruppe mit nicht\n"
+" einmaliger (doppelter) GID erlauben\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password PASSWORT Dieses verschlüsselte PASSWORT für die\n"
+" neue Gruppe verwenden\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system Eine Systemgruppe erstellen\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: »%s« ist kein gültiger Gruppenname.\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: Ungültige Gruppen-ID »%s«\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K erfordert SCHLÃœSSEL=WERT\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: Gruppe »%s« existiert bereits.\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID »%lu« existiert bereits.\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Ihr Benutzername konnte nicht bestimmt werden.\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: Eintrag »%s« konnte nicht aus %s entfernt werden.\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: Primäre Gruppe des Benutzers »%s« konnte nicht entfernt werden.\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: Gruppe »%s« existiert nicht.\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: Gruppe »%s« ist eine NIS-Gruppe.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s ist der NIS-Master.\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: Benutzer »%s« ist bereits ein Mitglied von »%s«.\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Zu wenig Speicher. %s kann nicht aktualisiert werden.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen [Aktion]\n"
+"\n"
+"Optionen:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group Gruppenname Gruppenname ändern statt der Gruppe des\n"
+" Benutzers (nur root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Aktionen:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add Benutzername Benutzername zu den Mitgliedern der Gruppe\n"
+" hinzufügen\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete Benutzername Benutzername aus der Liste der Gruppen-\n"
+" mitglieder entfernen\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+" -p, --purge Alle Mitglieder aus der Gruppe entfernen\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list Die Mitglieder der Gruppe auflisten\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: Ihr Gruppenname passt nicht zu Ihrem Benutzername.\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: Nur root kann die Option -g/--group nutzen.\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID Die Gruppen-ID auf GID ändern\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+" -n, --new-name NEUE_GRUPPE Den Gruppennamen auf NEUE_GRUPPE ändern\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique Verwenden einer nicht einmaligen "
+"(doppelten)\n"
+" GID erlauben\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password PASSWORT Das Passwort auf dieses (verschlüsselte)\n"
+" PASSWORT ändern\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: Ungültiger Gruppenname »%s«\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: Gruppe %s ist eine NIS-Gruppe.\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: Unbekannter Benutzer %s\n"
+
+# NOTE: group is a file (/etc/group)
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] [Gruppe [gshadow]]\n"
+"\n"
+"Optionen:\n"
+
+# NOTE: group is a file (/etc/group)
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] [Gruppe]\n"
+"\n"
+"Optionen:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only Fehler und Warnungen anzeigen,\n"
+" aber keine Dateien verändern\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort Einträge nach UID sortieren\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s und -r sind nicht kompatibel.\n"
+
+msgid "invalid group file entry"
+msgstr "Ungültiger Eintrag in group-Datei"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "Zeile »%s« löschen?"
+
+msgid "duplicate group entry"
+msgstr "Doppelter Gruppeneintrag"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "Ungültiger Gruppenname »%s«\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "Ungültige Gruppen-ID »%lu«\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "Gruppe %s: Kein Benutzer %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "Mitglied »%s« löschen?"
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "Kein passender group-Datei-Eintrag in %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "Gruppe »%s« zu %s hinzufügen?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"Für Gruppe %s existiert ein Eintrag in %s, aber ihr Passwort-Feld in %s ist "
+"nicht auf »x« gesetzt\n"
+
+msgid "invalid shadow group file entry"
+msgstr "Ungültiger Eintrag in shadow-group-Datei"
+
+msgid "duplicate shadow group entry"
+msgstr "Doppelter Eintrag für shadow-Gruppe"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "shadow-Gruppe %s: Benutzer %s ist kein Administrator.\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "Administratives Mitglied »%s« löschen? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "shadow-Gruppe %s: Kein Benutzer %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: Die Dateien wurden aktualisiert.\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: Keine Änderungen\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: %s kann nicht gelöscht werden.\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Aufruf: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Aufruf: id\n"
+
+msgid " groups="
+msgstr " Gruppen="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before TAGE Nur lastlog-Aufzeichnungen zeigen, die "
+"älter\n"
+" als TAGE sind\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time TAGE Nur lastlog-Aufzeichnungen zeigen, die "
+"jünger\n"
+" als TAGE sind\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user BENUTZERZUGANG lastlog-Eintrag für BENUTZERZUGANG anzeigen\n"
+
+msgid "Username Port From Latest"
+msgstr "Benutzername Port Von Letzter"
+
+msgid "Username Port Latest"
+msgstr "Benutzername Port Letzter"
+
+msgid "**Never logged in**"
+msgstr "**Noch nie angemeldet**"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Aufruf: %s [-p] [Name]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h Rechner] [-f Name]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r Rechner\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "Konfigurationsfehler - Wert für %s kann nicht ausgewertet werden: »%d«"
+
+msgid "Invalid login time"
+msgstr "Ungültige Login-Zeit"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"System wegen planmäßigen Wartungsarbeiten geschlossen"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Trennung abgebrochen -- root-Login erlaubt.]"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Login nach %u Sekunden wegen\n"
+"Zeitüberschreitung abgebrochen.\n"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Arbeit ohne effektive root-Rechte eventuell nicht möglich\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Kein utmp-Eintrag. Sie müssen »login« vom niedrigsten »sh«-Level ausführen."
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM-Fehler, Abbruch: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s Login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maximale Anzahl der Versuche überschritten (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: Abbruch durch PAM angefordert\n"
+
+msgid "Login incorrect"
+msgstr "Login fehlerhaft"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Benutzer kann nicht gefunden werden (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s Login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: Fehler bei Prozessaufspaltung (fork): %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY auf %s fehlgeschlagen"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Warnung: Login nach temporärer Sperre reaktiviert."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Letztes Login: %s auf %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Letztes Login: %.19s auf %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " von %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"Login-Zeit überschritten\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Aufruf: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Aufruf: newgrp [-] [Gruppe]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Aufruf: sg Gruppe [[-c] Befehl]\n"
+
+msgid "Invalid password.\n"
+msgstr "Ungültiges Passwort.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: Fehler bei Prozessaufspaltung (fork): %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID »%lu« existiert nicht.\n"
+
+msgid "too many groups\n"
+msgstr "zu viele Gruppen\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system Systemzugänge erzeugen\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: Gruppe »%s« ist eine shadow-Gruppe, existiert aber nicht in /etc/group.\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: Ungültige Benutzer-ID »%s«\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: Ungültiger Benutzername »%s«\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: Zeile %d: Ungültige Zeile\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: Eintrag für Benutzer %s kann nicht aktualisiert werden (ist nicht in der "
+"passwd-Datenbank).\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: Zeile %d: Benutzer kann nicht erstellt werden.\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: Zeile %d: Gruppe kann nicht erstellt werden.\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: Zeile %d: Benutzer »%s« existiert nicht in %s.\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: Zeile %d: Passwort kann nicht aktualisiert werden.\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: Zeile %d: mkdir %s (Verzeichnis erstellen) fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: Zeile %d: chown %s (Eigentümer ändern) fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: Zeile %d: Eintrag kann nicht aktualisiert werden.\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all Passwort-Status für alle Benutzerzugänge\n"
+" anzeigen\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+" -d, --delete Passwort für den Benutzerzugang löschen\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire Ablauf des Passworts für den Benutzerzugang\n"
+" erzwingen\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr " -k, --keep-tokens Passwort nur ändern falls abgelaufen\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INAKTIV Passwort nach Ablauf von INAKTIV\n"
+" deaktivieren\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -l, --lock Benutzerzugang sperren\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_TAGE Minimale Anzahl der Tage vor\n"
+" Passwortänderung auf MIN_TAGE setzen\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet Nicht so geschwätzig verhalten\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr " -r, --repository REPOSITORY Passwort ändern in REPOSITORY\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status Passwort-Status des Benutzerzugangs "
+"anzeigen\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr " -u, --unlock Benutzerzugang entsperren\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays WARN_TAGE Anzahl der Tage für Ablaufwarnung auf\n"
+" WARN_TAGE setzen\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAX_TAGE Maximale Anzahl der Tage vor\n"
+" Passwortänderung auf MAX_TAGE setzen\n"
+
+msgid "Old password: "
+msgstr "Altes Passwort: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Geben Sie das neue Passwort ein (mindestens %d Zeichen).\n"
+"Bitte benutzen Sie eine Kombination aus Groß- und Kleinbuchstaben\n"
+"sowie Ziffern.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Geben Sie das neue Passwort ein (mindestens %d, höchstens %d Zeichen).\n"
+"Bitte benutzen Sie eine Kombination aus Groß- und Kleinbuchstaben\n"
+"sowie Ziffern.\n"
+
+msgid "New password: "
+msgstr "Neues Passwort: "
+
+msgid "Try again."
+msgstr "Versuchen Sie es noch einmal."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Warnung: Schwaches Passwort (geben Sie es noch einmal ein,\n"
+"um es trotzdem zu verwenden)."
+
+msgid "They don't match; try again.\n"
+msgstr "Nicht identisch; versuchen Sie es noch einmal.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Das Passwort für %s kann nicht geändert werden.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Das Passwort für %s kann noch nicht geändert werden.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: Das Passwort zu entsperren würde zu einem Benutzerzugang ohne\n"
+"Passwort führen. Sie sollten mit usermod -p ein Passwort setzen, um das\n"
+"Passwort für diesen Benutzerzugang zu entsperren.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: Repository %s nicht unterstützt\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s ist nicht berechtigt, das Passwort von %s zu ändern.\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: Sie dürfen die Passwortinformationen für %s nicht anzeigen oder ändern.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Passwort für %s wird geändert.\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Das Passwort für %s wurde nicht geändert.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: Passwort geändert.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: Passwortablauf-Informationen geändert.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] [Passwort]\n"
+"\n"
+"Optionen:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] [Passwort [shadow]]\n"
+"\n"
+"Optionen:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet Nur Fehler melden\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: keine alternative shadow-Datei erlaubt, wenn USE_TCB aktiviert ist.\n"
+
+msgid "invalid password file entry"
+msgstr "Ungültiger Eintrag in Passwortdatei"
+
+msgid "duplicate password entry"
+msgstr "Doppelter Passworteintrag"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "Ungültiger Benutzername »%s«\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "Ungültige Benutzer-ID »%lu«\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "Benutzer »%s«: Keine Gruppe %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "Benutzer »%s«: Verzeichnis »%s« existiert nicht.\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "Benutzer »%s«: Programm »%s« existiert nicht.\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "kein tcb-Verzeichnis für %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "tcb-Verzeichnis für %s erstellen?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "Erstellen von tcb-Verzeichnis für %s fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %s kann nicht gesperrt werden.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "Kein passender Passwortdatei-Eintrag in %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "Benutzer »%s« zu %s hinzufügen? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"Für Benutzer %s existiert ein Eintrag in %s, aber sein Passwort-Feld in %s "
+"ist nicht auf »x« gesetzt.\n"
+
+msgid "invalid shadow password file entry"
+msgstr "Ungültiger shadow-Passwortdatei-Eintrag"
+
+msgid "duplicate shadow password entry"
+msgstr "Doppelter shadow-Passwort-Eintrag"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "Benutzer %s: Letzte Passwortänderung liegt in der Zukunft.\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: Einträge in %s können nicht sortiert werden.\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: Arbeit mit aktivierter tcb-Funktionalität nicht möglich\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: Änderung des Modus' von %s auf 0600 fehlgeschlagen\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Zugriff mit su zu diesem Benutzerzugang VERWEIGERT.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Passwort-Authentifizierung umgangen.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Bitte geben Sie Ihr EIGENES Passwort als Authentifizierung ein.\n"
+
+msgid " ...killed.\n"
+msgstr " ... abgeschossen.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ... Warten auf Beendigung des Kindprozesses.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Prozessaufspaltung (fork) für Benutzer-Shell nicht möglich\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: Signal-Fehlfunktion\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: Signalmaskierungs-Fehlfunktion\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sitzung abgebrochen, Shell wird beendet ..."
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid " ...terminated.\n"
+msgstr " ... abgebrochen.\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Aufruf: su [Optionen] [BENUTZERZUGANG]\n"
+"\n"
+"Optionen:\n"
+" -c, --command BEFEHL BEFEHL an aufgerufene Shell weiterleiten\n"
+" -h, --help Diese Hilfe anzeigen, sonst nichts\n"
+" -, -l, --login Die Shell als Login-Shell starten\n"
+" -m, -p,\n"
+" --preserve-environment Umgebungsvariablen nicht zurücksetzen und\n"
+" die Shell beibehalten\n"
+" -s, --shell SHELL SHELL anstatt der Vorgabe aus passwd\n"
+" benutzen\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignoriert)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "su %s ist Ihnen nicht erlaubt.\n"
+
+msgid "(Enter your own password)"
+msgstr "(Geben Sie Ihr eigenes Passwort ein)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Authentifizierung fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: su ist Ihnen derzeit nicht erlaubt.\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Kein Passworteintrag für Benutzer »%s«\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: Muss von einem Terminal gestartet werden.\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: Fehler %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Das kontrollierende Terminal kann nicht abgebrochen werden\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "%s konnte nicht ausgeführt werden\n"
+
+msgid "No password file"
+msgstr "Keine Passwortdatei"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY fehlgeschlagen"
+
+msgid "No password entry for 'root'"
+msgstr "Kein Passworteintrag für »root«"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Geben Sie Strg-D ein, um mit dem normalen Startvorgang fortzufahren\n"
+"(oder geben Sie zur Systemwartung das root-Passwort ein):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Wechsel in den Systemwartungsmodus"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s wurde erstellt, konnte aber nicht entfernt werden\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: die %s-Konfiguration in %s wird ignoriert.\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: Neue defaults-Datei kann nicht erzeugt werden.\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: Neue defaults-Datei kann nicht geöffnet werden.\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: Zeile zu lang in %s: %s..."
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Sicherungsdatei kann nicht erstellt werden (%s): %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: Umbenennen: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: Die Gruppe »%s« ist eine NIS-Gruppe.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: Zu viele Gruppen angegeben (max. %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] BENUTZERZUGANG\n"
+" %s -D\n"
+" %s -D [Optionen]\n"
+"\n"
+"Optionen:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir BASIS_VERZ Basisverzeichnis für das\n"
+" Home-Verzeichnis des neuen Benutzers\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+" -c, --comment KOMMENTAR KOMMENTAR für das GECOS-Feld des neuen\n"
+" Benutzers\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir HOME_VERZ Home-Verzeichnis des neuen Benutzers\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults Anzeigen oder Speichern der modifizierten\n"
+" Standardkonfiguration für useradd\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+" -e, --expiredate ABL_DATUM Das Ablaufdatum des neuen Benutzerzugangs\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive INAKTIV Passwort nach Ablauf von INAKTIV "
+"deaktivieren\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid GRUPPE Name oder ID der primären Gruppe des neuen\n"
+" Benutzerzugangs\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups GRUPPEN Liste der zusätzlichen Gruppen für den\n"
+" neuen Benutzerzugang\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+" -k, --skel SKEL_VERZ Ein alternatives skeleton-Verzeichnis\n"
+" (Vorlagenverzeichnis) verwenden\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init Den Benutzer nicht zu den lastlog- und\n"
+" faillog-Datenbanken hinzufügen\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+" -m, --create-home Home-Verzeichnis des neuen Benutzers "
+"erstellen\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+" -M, --no-create-home Kein Home-Verzeichnis für den Benutzer\n"
+" erstellen\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group Keine Gruppe mit dem gleichen Namen wie dem\n"
+" des Benutzers erstellen\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique Benutzer mit doppelter (nicht einmaliger)\n"
+" UID erlauben\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+" -p, --password PASSWORT Verschlüsseltes Passwort für den neuen\n"
+" Benutzerzugang\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+" -s, --shell SHELL Die Login-Shell des neuen Benutzerzugangs\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+" -u, --uid UID Benutzer-ID (UID) des neuen Benutzerzugangs\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group Eine Gruppe mit dem gleichen Namen wie dem\n"
+" des Benutzers erstellen\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SEBENUTZER Den Benutzernamen SEBENUTZER für die "
+"SELinux-\n"
+" Benutzer-Zuordnung verwenden\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: Ungültiges Basis-Verzeichnis »%s«\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: Ungültiger Kommentar »%s«\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: Ungültiges Home-Verzeichnis »%s«\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: shadow-Passwörter für -e erforderlich\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: shadow-Passwörter für -f erforderlich\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: Ungültiges Feld »%s«\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: Ungültige Shell »%s«\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z erfordert einen Kernel, in dem SELinux aktiviert ist.\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: Zurücksetzen des faillog-Eintrags für UID %lu fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: Zurücksetzen des lastlog-Eintrags für UID %lu fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: Verzeichnis %s kann nicht erstellt werden.\n"
+
+msgid "Creating mailbox file"
+msgstr "Erzeugen der Mailbox-Datei"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Gruppe »mail« nicht gefunden. Mailbox-Datei des Benutzers mit Modus 0600 "
+"wird erzeugt.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Zugriffsrechte der Mailboxdatei werden gesetzt"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: Benutzer »%s« existiert bereits\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: Gruppe %s existiert - wenn Sie den Benutzer zur Gruppe hinzufügen\n"
+"möchten, benutzen Sie -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: Benutzer kann nicht erstellt werden\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu ist nicht einmalig\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Erstellen des tcb-Verzeichnisses für %s fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: Gruppe kann nicht erzeugt werden\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: Warnung: Das Home-Verzeichnis existiert bereits.\n"
+"Es werden keine Dateien vom skel-Verzeichnis dorthin kopiert.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: Warnung: Die SELinux-Benutzer-Zuordnung des Benutzernamens %s zu %s ist\n"
+"fehlgeschlagen.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force Entfernen von Dateien erzwingen, auch wenn\n"
+" sie nicht Eigentum des zu löschenden\n"
+" Benutzers sind\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove Entferne Home-Verzeichnis und\n"
+" Mail-Warteschlange\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user Jede SELinux-Benutzer-Zuordnung für\n"
+" den Benutzer entfernen\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: Gruppe %s nicht entfernt, da es nicht die primäre Gruppe des Benutzers "
+"%s ist.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: Gruppe %s nicht entfernt, da sie noch andere Mitglieder hat.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Gruppe %s ist die primäre Gruppe eines anderen Benutzers und wird\n"
+"nicht entfernt.\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s Mail-Warteschlange (%s) nicht gefunden\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: Warnung: %s kann nicht gelöscht werden: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s nicht im Besitz von %s, wird nicht gelöscht.\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: Speicher kann nicht reserviert werden, tcb-Eintrag für %s nicht "
+"entfernt.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Privilegien können nicht entfernt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Inhalt von %s kann nicht gelöscht werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: tcb-Dateien für %s können nicht gelöscht werden: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: Benutzer %s ist ein NIS-Benutzer.\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s-Home-Verzeichnis (%s) nicht gefunden\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: Verzeichnis %s wird nicht gelöscht (würde das Home-Verzeichnis des\n"
+"Benutzers %s löschen).\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: Fehler beim Löschen des Verzeichnisses %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: Warnung: Die Löschung der SELinux-Benutzer-Zuordnung für Benutzername %s "
+"ist fehlgeschlagen.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment KOMMENTAR Neuer KOMMENTAR im GECOS-Feld\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home HOME_DIR Neues Home-Verzeichnis für den Benutzer-\n"
+" zugang\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr " -e, --expiredate ABL_DATUM Ablaufdatum auf ABL_DATUM setzen\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INAKTIV Passwort nach Ablauf von INAKTIV\n"
+" deaktivieren\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid GRUPPE Erzwinge GRUPPE als neue primäre Gruppe\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups GRUPPEN Neue Liste zusätzlicher GRUPPEN\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append Benutzer zu zusätzlichen Gruppen "
+"hinzufügen,\n"
+" die mit der Option -G angegeben werden, "
+"ohne\n"
+" ihn dabei aus anderen Gruppen zu entfernen\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+" -l, --login NEUER_NAME Neuer Wert für den Namen des "
+"Benutzerzugangs\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock Den Benutzerzugang sperren\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home Den Inhalt des Home-Verzeichnisses an den\n"
+" neuen Ort verschieben (nur mit -d benutzen)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique Benutzung von doppelter (nicht einmaliger)\n"
+" UID erlauben\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password PASSWORD Ein verschlüsseltes Passwort als neues\n"
+" Passwort verwenden\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID Neue UID des Benutzerzugangs\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock Den Benutzerzugang entsperren\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user SEUSER neue SELinux-Benutzer-Zuordnung für den\n"
+" Benutzerzugang\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: Das Passwort dieses Benutzer zu entsperren würde zu einem "
+"Benutzerzugang\n"
+"ohne Passwort führen. Sie sollten mit usermod -p ein Passwort setzen, um\n"
+"diesen Benutzerzugang zu entsperren.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: Benutzer »%s« existiert bereits in %s.\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: keine Optionen\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p und -U können nur exklusiv genutzt werden.\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: shadow-Passwörter für -e und -f erforderlich\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID »%lu« existiert bereits\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: Verzeichnis %s existiert\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Das vorherige Home-Verzeichnis (%s) war kein Verzeichnis. Es wird nicht "
+"gelöscht und keine Home-Verzeichnisse werden erzeugt.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Ändern des Eigentümers vom Home-Verzeichnis fehlgeschlagen"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: Warnung: Altes Home-Verzeichnis %s kann nicht komplett gelöscht werden"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: Verzeichnis %s kann nicht in %s umbenannt werden\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Kopieren des lastlog-Eintrags von Benutzer %lu zu Benutzer %lu "
+"fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Kopieren des faillog-Eintrags von Benutzer %lu zu Benutzer %lu "
+"fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: Warnung: %s nicht im Besitz von %s.\n"
+
+msgid "failed to change mailbox owner"
+msgstr "Fehler beim Ändern des mailbox-Besitzers"
+
+msgid "failed to rename mailbox"
+msgstr "Fehler beim Umbenennen von mailbox"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Sie haben %s verändert.\n"
+"Aus Konsistenzgründen müssen Sie unter Umständen auch %s ändern.\n"
+"Bitte nutzen Sie dazu den Befehl »%s«.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group Gruppen-Datenbank editieren\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd passwd-Datenbank editieren\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+" -s, --shadow shadow- oder gshadow-Datenbank editieren\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+" -u, --user Die tcb-shadow-Datei welches Benutzers\n"
+" editiert werden soll\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: Entfernen von %s fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s ist unverändert.\n"
+
+msgid "failed to create scratch directory"
+msgstr "Erzeugen des scratch-Verzeichnisses fehlgeschlagen"
+
+msgid "failed to drop privileges"
+msgstr "Entfernen der Privilegien fehlgeschlagen"
+
+msgid "Couldn't get file context"
+msgstr "Dateikontext konnte nicht empfangen werden"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () fehlgeschlagen"
+
+msgid "failed to gain privileges"
+msgstr "Anlegen der Privilegien fehlgeschlagen"
+
+msgid "Couldn't lock file"
+msgstr "Datei konnte nicht gesperrt werden"
+
+msgid "Couldn't make backup"
+msgstr "Sicherung konnte nicht erstellt werden"
+
+msgid "failed to open scratch file"
+msgstr "Öffnen der scratch-Datei fehlgeschlagen"
+
+msgid "failed to unlink scratch file"
+msgstr "Löschen (unlink) der scratch-Datei fehlgeschlagen"
+
+msgid "failed to stat edited file"
+msgstr "stat-Abfrage der editierten Datei fehlgeschlagen"
+
+msgid "failed to allocate memory"
+msgstr "Speicherreservierung fehlgeschlagen"
+
+msgid "failed to create backup file"
+msgstr "Erzeugen der Sicherungsdatei fehlgeschlagen"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+"%s: Wiederherstellung von %s fehlgeschlagen: %s\n"
+"(Ihre Änderungen befinden sich in %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: tcb-Verzeichnis für %s konnte nicht gefunden werden\n"
+
diff --git a/po/dz.po b/po/dz.po
new file mode 100644
index 0000000..c9ecebd
--- /dev/null
+++ b/po/dz.po
@@ -0,0 +1,3501 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.17\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2006-06-01 15:28+0530\n"
+"Last-Translator: Jurmey Rabgay <jur_gay@yahoo.com>\n"
+"Language-Team: dzongkha <pgeyleg@dit.gov.bt>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n!=1);\n"
+"X-Poedit-Language: dzongkha\n"
+"X-Poedit-Country: bhutan\n"
+"X-Poedit-SourceCharset: utf-8\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "རིམ་སྒྲིག་བརྡ་དོན་གྱི་དོན་ལུ་ བར་སྟོང་སྤྲོད་མ་ཚུགསà¼\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "རིམ་སྒྲིག་འཚོལ་བ་-མ་ཤེས་པའི་རྣམ་གྲངས་ '%s'(བདག་སà¾à¾±à½¼à½„་པ་བརྡ་བསà¾à½´à½£à¼‹à½ à½–ད་)à¼\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "ཆོག་ཡིག་:"
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s's ཆོག་ཡིག་:"
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "རིམ་སྒྲིག་བརྡ་དོན་གྱི་དོན་ལུ་ བར་སྟོང་སྤྲོད་མ་ཚུགསà¼\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s གི་དོན་ལུ་ རྒས་པའི་བརྡ་དོན་བསྒྱུར་བཅོས་འབད་དོà¼\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: à½à¾±à½¼à½‘་ཀྱི་ལག་ལེན་པའི་མིང་ གà½à½“་འབེབས་བཟོ་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: གྲལ་à½à½²à½‚་ %d:ལག་ལེན་པ་ %sའཚོལ་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: དྲན་ཚད་ལས་བརྒལ་བà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: ཡིག་སྣོད་ %sའདི་ དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: ནུས་མེད་à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à¼‹ '%s'à¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s འདི་ %s ལུ་ བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: ཉེན་བརྡ་:རྩ་བསà¾à¾²à½‘་གà½à½„་མི་ཚུགསà¼"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: ཉེན་བརྡ་:རྩ་བསà¾à¾²à½‘་གà½à½„་མི་ཚུགསà¼"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་:%s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s འདི་ %s ལུ་ བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s འདི་ %s ལུ་ བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: ཉེན་བརྡ་:རྩ་བསà¾à¾²à½‘་གà½à½„་མི་ཚུགསà¼"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: ཉེན་བརྡ་:རྩ་བསà¾à¾²à½‘་གà½à½„་མི་ཚུགསà¼"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: ཡིག་སྣོད་ %sའདི་ དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་ དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་:%s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: ཡིག་སྣོད་%s à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "ཉེན་བརྡ་:མ་ཤེས་པའི་སྡེ་ཚན་%s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "ཉེན་བརྡ་:སྡེ་ཚན་མང་དྲགས་པ་\n"
+
+msgid "Your password has expired."
+msgstr "à½à¾±à½¼à½‘་ཀྱི་ཆོག་ཡིག་འདི་ དུས་ཡོལ་ནུག"
+
+msgid "Your password is inactive."
+msgstr "à½à¾±à½¼à½‘་ཀྱི་ཆོག་ཡིག་འདི་ ནུས་མེད་ཨིན་པསà¼"
+
+msgid "Your login has expired."
+msgstr "à½à¾±à½¼à½‘་ཀྱི་ནང་བསà¾à¾±à½¼à½‘་འདི་ དུས་ཡོལ་ནུག"
+
+msgid " Contact the system administrator."
+msgstr "རིམ་ལུགས་བདག་སà¾à¾±à½¼à½„་པ་ལུ་ འབྲེལ་བ་འà½à½–à¼"
+
+msgid " Choose a new password."
+msgstr "ཆོག་ཡིག་གསརཔ་ཅིག་གདམསà¼"
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "à½à¾±à½¼à½‘་ཀྱི་ཆོག་ཡིག་འདི་ ཉིནམ་%ldནང་ དུས་ཡོལ་ནི་མསà¼\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "à½à¾±à½¼à½‘་ཀྱི་ཆོག་ཡིག་འདི་ ནངས་པར་དུས་ཡོལ་ནི་མསà¼"
+
+msgid "Your password will expire today."
+msgstr "à½à¾±à½¼à½‘་ཀྱི་ཆོག་ཡིག་འདི་ ད་རིས་དུས་ཡོལ་ནི་མསà¼"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "ཊི་ཊི་à½à½ à½²à¼‹ %s བསྒྱུར་བཅོས་འབད་མ་ཚུགསà¼"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: ས་སྒོ་ཚུ་རིང་དྲགས་པསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "མà½à½ à¼‹à½ à½à½¼à½¢à¼‹à½£à½´à½‘་སོང་བà¼\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr ""
+"à½à¾±à½¼à½‘་ཀྱིས་ $%s\n"
+"བསྒྱུར་བཅོས་འབད་མི་ཚུགསཔ་འོང་à¼\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"མཇུག་མམ་གྱི་ནང་བསà¾à¾±à½¼à½‘་འབད་ཞིནམ་ལས་ཚུར་ %dའà½à½´à½¦à¼‹à½¤à½¼à½¢à¼\n"
+"མཇུག་མམ་ %s འདི་ %s གུ་ཨིན་པསà¼\n"
+msgstr[1] ""
+"མཇུག་མམ་གྱི་ནང་བསà¾à¾±à½¼à½‘་འབད་ཞིནམ་ལས་ཚུར་ %dའà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½šà½´à¼\n"
+"མཇུག་མམ་ %s འདི་ %s གུ་ཨིན་པསà¼\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "ཡིག་སྒྲོམ་བདག་པོ་སོར་ནི་ལུ་ འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: à½à½´à½“་མོང་ ཡུ་ཨའི་ཌི་འà½à½¼à½–་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: à½à½´à½“་མོང་མ་ཡིན་པའི་ ཇི་ཨའི་ཌི་འà½à½¼à½–་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: à½à½´à½“་མོང་ ཡུ་ཨའི་ཌི་འà½à½¼à½–་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: à½à½´à½“་མོང་ ཡུ་ཨའི་ཌི་འà½à½¼à½–་མི་ཚུགསà¼\n"
+
+msgid "Too many logins.\n"
+msgstr "ནང་བསà¾à¾±à½¼à½‘་མང་དྲགས་པà¼\n"
+
+msgid "You have new mail."
+msgstr "à½à¾±à½¼à½‘་ལུ་ཡིག་འཕྲིན་གསརཔ་ཅིག་འདུག"
+
+msgid "No mail."
+msgstr "ཡིག་འཕྲིན་མེདà¼"
+
+msgid "You have mail."
+msgstr "à½à¾±à½¼à½‘་ལུ་ཡིག་འཕྲིན་འདུག"
+
+msgid "no change"
+msgstr "བསྒྱུར་བཅོས་མེདà¼"
+
+msgid "a palindrome"
+msgstr "མདུན་རྒྱབ་སྒྲ་དང་དོན་གཅིག་à½à½´à¼‹à½–ཀླག་རུང་བ་ཅིག"
+
+msgid "case changes only"
+msgstr "ཡི་གུ་རà¾à¾±à½„མ་ཅིག་བསྒྱུར་བཅོས་འབདà½à¼‹à½¨à½²à½“à¼"
+
+msgid "too similar"
+msgstr "ཤིན་à½à½´à¼‹à½†à¼‹à½ à½‘ྲ་བà¼"
+
+msgid "too simple"
+msgstr "ཤིན་à½à½´à¼‹à½ à½‡à½˜à¼‹à½¦à½˜à¼"
+
+msgid "rotated"
+msgstr "བསྒྱིར་ཡོདཔà¼"
+
+msgid "too short"
+msgstr "à½à½´à½„་དྲགས་པà¼"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "ཆོག་ཡིག་བྱང་ཉེས་:%s"
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "ཆོག་ཡིག་:པམ་སི་ཊཊི་()འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔ་(_s) འཛོལ་བ་ %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "ཆོག་ཡིག་: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "ཆོག་ཡིག་སོར་ཡོདཔà¼"
+
+msgid "passwd: password updated successfully\n"
+msgstr "ཆོག་ཡིག་:ཆོག་ཡིག་འདི་མà½à½¢à¼‹à½ à½à¾±à½¼à½£à¼‹à½¦à¾¦à½ºà¼‹ དུས་མà½à½´à½“་བཟོ་ཡིà¼\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "%s གི་དོན་ལུ་ བདེན་མེད་ཀྱི་ཆོག་ཡིག\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་ à½à¾±à½²à½˜à¼‹à½‚ྱི་བརྒྱུད་འཕྲིན་: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "'%s'ལུ་ སི་ཌི་འབད་མ་ཚུགས་\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "སྣོད་à½à½¼à¼‹à½˜à½ºà½‘་ à½à¾±à½²à½˜à¼‹à½‘ང་བཅས་ ནང་བསà¾à¾±à½¼à½‘་འབད་དོ་=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%sལག་ལེན་འà½à½–་མི་ཚུགསà¼"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "ནུས་མེད་རྩ་བའི་སྣོད་à½à½¼à¼‹ '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr " '%s'ལུ་ རྩ་བའི་སྣོད་à½à½¼à¼‹à½–སྒྱུར་བཅོས་འབད་མི་ཚུགསà¼\n"
+
+msgid "Unable to determine your tty name."
+msgstr "à½à¾±à½¼à½‘་ཀྱི་ཊི་ཊི་à½à½ à½²à¼‹à½˜à½²à½„་ གà½à½“་འབེབས་བཟོ་མ་ཚུགསà¼"
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "མེནà¼\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "བེ་ལུ་གསརཔ་བཙུགས་ ཡང་ཅིན་ སྔོན་སྒྲིག་གི་དོན་ལུ་ ENTERལུ་ཨེབསà¼"
+
+msgid "Minimum Password Age"
+msgstr "ཆོག་ཡིག་ལོ་ཉུང་མà½à½ à¼"
+
+msgid "Maximum Password Age"
+msgstr "ཆོག་ཡིག་ལོ་མང་མà½à½ à¼"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "མཇུག་གི་ཆོག་ཡིག་བསྒྱུར་བཅོས་(à½à½ à½²à¼‹à½à½ à½²à¼‹à½à½ à½²à¼‹à½à½ à½²à¼‹-ཨེམ་ཨེམ་-ཌི་ཌི་)à¼"
+
+msgid "Password Expiration Warning"
+msgstr "ཆོག་ཡིག་དུས་ཡོལ་ཉེན་བརྡà¼"
+
+msgid "Password Inactive"
+msgstr "ཆོག་ཡིག་ནུས་མེདà¼"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "རྩིས་à½à½¼à½ à½²à¼‹à½‘ུས་ཡོལ་ཚེས་གྲངས་(à½à½ à½²à¼‹à½à½ à½²à¼‹à½à½ à½²à¼‹à½à½ à½²à¼‹-ཨེམ་ཨེམ་-ཌི་ཌི་)à¼"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "མཇུག་གི་ཆོག་ཡིག་བསྒྱུར་བཅོས་\t\t\t\t\t: "
+
+msgid "never"
+msgstr "ནམ་ཡང་"
+
+msgid "password must be changed"
+msgstr "ཆོག་ཡིག་འདི་བསྒྱུར་བཅོས་འབད་དགོ"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "ཆོག་ཡིག་དུས་ཡོལà½à¼‹à½¨à½²à½“་\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "ཆོག་ཡིག་ནུས་མེད་\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "རྩིས་à½à½¼à¼‹à½‘ུས་ཡོལà½à¼‹à½¨à½²à½“་\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "ཆོག་ཡིག་བསྒྱུར་བཅོས་\t\tབར་ནའི་ཉིན་གྲངས་ཉུང་མà½à½ à¼‹:%ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "ཆོག་ཡིག་བསྒྱུར་བཅོས་\t\tབར་ནའི་ཉིན་གྲངས་མང་མà½à½ à¼‹:%ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "ཆོག་ཡིག་དུས་མ་ཡོལ་བའི་ཧེ་མ་ ཉེན་བརྡའི་ཉིན་གྲངས་\t:%ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ནུས་མེད་ཚེས་གྲངས་ '%s'à¼\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ནུས་མེད་ཨང་གྲངས་སྒྲུབ་རྟགས་ '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: ཟུར་རྟགས་གཞན་མི་དང་གཅིག་à½à½¢à¼‹ \"l\" གྲངས་སུ་མི་བཙུགསà¼\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: སྣང་བ་ཉན་མ་བà½à½´à½–à¼\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: à½à¾±à½¼à½‘་ཀྱི་ལག་ལེན་པའི་མིང་ གà½à½“་འབེབས་བཟོ་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s:ཡིག་སྣོད་ཚུ་ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགས་ དོ་རུང་ཤུལ་ལས་འབད་རྩོལ་བསà¾à¾±à½ºà½‘à¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: ཡིག་སྣོད་%s à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: à½à¼‹à½¦à¾¤à½ºà½£à¼‹à½–་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹:%s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་འདི་ མིན་འདུག\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ མེདà¼\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s གི་དོན་ལུ་ རྒས་པའི་བརྡ་དོན་བསྒྱུར་བཅོས་འབད་དོà¼\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: ས་སྒོ་ཚུ་བསྒྱུར་བཅོས་འབད་བའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "མིང་ཆ་ཚང་à¼"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "à½à½„་མིག་ཨང་à¼"
+
+msgid "Work Phone"
+msgstr "ལཱ་གི་བརྒྱུད་འཕྲིནà¼"
+
+msgid "Home Phone"
+msgstr "à½à¾±à½²à½˜à¼‹à½‚ྱི་བརྒྱུད་འཕྲིནà¼"
+
+msgid "Other"
+msgstr "གཞནà¼"
+
+msgid "Cannot change ID to root.\n"
+msgstr "རྩ་བ་ལུ་ ཨའི་ཌི་ བསྒྱུར་བཅོས་འབད་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་མིང་:'%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་à½à½„་མིག་ཨང་:'%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་ལཱ་གི་བརྒྱུད་འཕྲིན་: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་ à½à¾±à½²à½˜à¼‹à½‚ྱི་བརྒྱུད་འཕྲིན་: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' ནང་ལུ་ à½à¾²à½²à½˜à½¦à¼‹à½ à½‚ལ་ཡིག་ཆ་ཚུ་ཡོདà¼\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' ནང་ལུ་ à½à¾²à½²à½˜à½¦à¼‹à½ à½‚ལ་ཡིག་ཆ་ཚུ་ཡོདà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ མེདà¼\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: ཨེན་ཨའི་ཨེསི་ ཞབས་à½à½¼à½‚་སྤྱོད་མི་གུ་ ལག་ལེན་པ་ '%s' བསྒྱུར་བཅོས་འབད་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' འདི་ ཞབས་à½à½¼à½‚་སྤྱོད་མི་འདི་གི་དོན་ལུ་ ཨེན་ཨའི་ཨེསི་ ཨམ་ཨིནà¼\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%sགི་དོན་ལུ་ ལག་ལེན་པའི་བརྡ་དོན་ བསྒྱུར་བཅོས་འབད་དོà¼\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: ས་སྒོ་ཚུ་རིང་དྲགས་པསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: -a ཟུར་རྟགས་འདི་ -Gཟུར་རྟགས་དང་གཅིག་à½à½¢à¼‹à½¢à¾à¾±à½„མ་ཅིག་ཆོག\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: གྲལ་à½à½²à½‚་ %d: གྲལ་à½à½²à½‚་རིང་དྲགས་པསà¼\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: གྲལ་à½à½²à½‚་ %d: ཆོག་ཡིག་གསརཔ་ བརླག་སྟོར་ཞུགས་པà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: སྡེ་ཚན་ %sམེདà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: གྲལ་à½à½²à½‚་ %d: à½à½¼à¼‹à½–ཀོད་དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: འཛོལ་བ་སà¾à¾±à½¼à½“་འཛིན་འབད་ཡི་ བསྒྱུར་བཅོས་ཚུ་སྣང་མེད་བཞག་ཡིà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ མེདà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ མེདà¼\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "ནང་བསà¾à¾±à½¼à½‘་ཀྱི་ཤལà¼"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "à½à¾±à½¼à½‘་ཀྱིས་ %sགི་དོན་ལུ་ ཤལ་བསྒྱུར་བཅོས་མི་འབདà½à¼‹à½ à½¼à½„་à¼\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%sགི་དོན་ལུ་ ནང་བསà¾à¾±à½¼à½‘་ཤལ་ བསྒྱུར་བཅོས་འབད་དོà¼\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: ནུས་མེད་ཀྱི་à½à½¼à¼‹à½–ཀོད་:%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s འདི་ནུས་མེད་ཀྱི་ཤལ་ཨིནà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ མེདà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: ཉེན་བརྡ་: %s འདི་ %s གིས་ བདག་དབང་བཟུངམ་མེནà¼\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: རེ་བ་མ་བསà¾à¾±à½ºà½‘་པའི་སྒྲུབ་རྟགས་:%s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "ནང་བསà¾à¾±à½¼à½‘་ མང་མà½à½ à½²à¼‹à½˜à½‡à½´à½‚་མà½à½ à¼‹à½ à½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹ ཨཱོན༠\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds གཡོན་]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds ལྡེ་མིག་]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "མ་ཤེས་པའི་ལག་ལེན་པ་:%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s འདི་ %s ལུ་ བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "%sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་མི་ཚུགསà¼\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "%sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -Aགི་དོན་ལུ་ གྱིབ་མའི་སྡེ་ཚན་ཆོག་ཡིག་ཚུ་དགོ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: སྡེ་ཚན་ %sམེདà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: à½à¼‹à½¦à¾¤à½ºà½£à¼‹à½–་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹:%s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "སྡེ་ཚན་ %sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་དོà¼\n"
+
+msgid "New Password: "
+msgstr "ཆོག་ཡིག་གསརཔ་:"
+
+msgid "Re-enter new password: "
+msgstr "ཆོག་ཡིག་གསརཔ་ ལོག་བཙུགས་:"
+
+msgid "They don't match; try again"
+msgstr "དེ་ཚུ་མà½à½´à½“་སྒྲིག་མིན་འདུག་ དོ་རུང་འབད་རྩོལ་བསà¾à¾±à½ºà½‘à¼"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: དོ་རུང་ཤུལ་ལས་འབད་རྩོལ་བསà¾à¾±à½ºà½‘à¼\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "སྡེ་ཚན་ %sལུ་ ལག་ལེན་པ་ %sà½à¼‹à½¦à¾à½¼à½„་འབད་དོà¼\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "སྡེ་ཚན་ %sནང་ལས་ ལག་ལེན་པ་ %sརྩ་བསà¾à¾²à½‘་གà½à½„་དོà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ མེདà¼\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: ཊི་ཊི་à½à½ à½²à¼‹à½˜à½ºà½“à¼\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s འདི་ ནུས་ཅན་གྱི་སྡེ་ཚན་མིང་མེན་པསà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "ནུས་མེད་སྡེཚན་གྱི་མིང་ '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K གིས་ ལྡེ་མིག་=བེ་ལུ་ དགོཔ་ཨིནà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: སྡེ་ཚན་ %sཡོདཔ་ཨིནà¼\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: à½à¾±à½¼à½‘་ཀྱི་ལག་ལེན་པའི་མིང་ གà½à½“་འབེབས་བཟོ་མི་ཚུགསà¼\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s འདི་ %s ལུ་ བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: ཨེན་ཨའི་ཨེསི་ ཞབས་à½à½¼à½‚་སྤྱོད་མི་གུ་ ལག་ལེན་པ་ '%s' བསྒྱུར་བཅོས་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: སྡེ་ཚན་ %sམེདà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: སྡེ་ཚན་ '%s' འདི་ ཨེན་ཨའི་ཨེསི་སྡེ་ཚན་ཨིནà¼\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %sའདི་ ཨེན་ཇི་ཨེསི་ ཨམ་ཨིནà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ ཨེན་ཨའི་ཨེསི་ ལག་ལེན་པ་ཅིག་ཨིནà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: དུས་མà½à½´à½“་སྡེ་ཚན་ནང་ལུ་ དྲན་ཚད་ལས་བརྒལ་བà¼\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "ནུས་མེད་སྡེཚན་གྱི་མིང་ '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: སྡེ་ཚན་ %s འདི་ ཨེན་ཇི་ཨེསི་ སྡེ་ཚན་ཨིནà¼\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: མ་ཤེས་པའི་ལག་ལེན་པ་%s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s དང་ -r གཉིས་མà½à½´à½“་འགྱུར་ཅན་མེནà¼\n"
+
+msgid "invalid group file entry"
+msgstr "ནུས་མེད་སྡེ་ཚན་à½à½¼à¼‹à½–ཀོདà¼"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "གྲལ་à½à½²à½‚་ '%s'བà½à½¼à½“་གà½à½„་ནི་ཨིན་ན?"
+
+msgid "duplicate group entry"
+msgstr "སྡེ་ཚན་à½à½¼à¼‹à½–ཀོད་ བརྫུན་མ་བཟོà¼"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ནུས་མེད་སྡེཚན་གྱི་མིང་ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "ནུས་མེད་སྡེཚན་གྱི་མིང་ '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "སྡེ་ཚན་ %s: ལག་ལེན་པ་ %sམེདà¼\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "ཨང་གྲངས་ '%s' བà½à½¼à½“་གà½à½„་ནི་ཨིན་ན?"
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "%sནང་ མà½à½´à½“་སྒྲིག་སྡེ་ཚན་གྱི་ཡིག་སྣོད་à½à½¼à¼‹à½–ཀོད་མེདà¼\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "%sནང་ སྡེ་ཚན་ '%s' à½à¼‹à½¦à¾à½¼à½„་འབད་ནི་ཨིན་ན?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "ནུས་མེད་གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་à½à½¼à¼‹à½–ཀོདà¼"
+
+msgid "duplicate shadow group entry"
+msgstr "ངོ་བཤུས་གྱིབ་མའི་སྡེ་ཚན་à½à½¼à¼‹à½–ཀོདà¼"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "གྱིབ་མའི་སྡེ་ཚན་%s: བདག་སà¾à¾±à½¼à½„་གི་ལག་ལེན་པ་ %sམེདà¼\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "བདག་སà¾à¾±à½¼à½„་གི་ཨང་གྲངས་ '%s' བà½à½¼à½“་གà½à½„་ནི་ཨིན་ན?"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "གྱིབ་མའི་སྡེ་ཚན་%s: ལག་ལེན་པ་%sམེདà¼\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: ཡིག་སྣོད་ཚུ་དུས་མà½à½´à½“་བཟོ་ཡིà¼\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: སོར་ནི་མེདà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: ཡིག་སྣོད་ %sའདི་ དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "ལག་ལེནཔ་:id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "ལག་ལེན་པ་: id\n"
+
+msgid " groups="
+msgstr "སྡེ་ཚན་="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "ལག་ལེན་པའི་མིང་ འདྲེན་ལམ་ ལས་ མཇུག་མà½à½ à¼"
+
+msgid "Username Port Latest"
+msgstr "ལག་ལེན་པའི་མིང་ འདྲེན་ལམ་ མཇུག་མà½à½ à¼"
+
+msgid "**Never logged in**"
+msgstr "**ནམ་ཡང་ནང་བསà¾à¾±à½¼à½‘་མ་འབད་**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ དུས་མà½à½´à½“་བཟོ་མ་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "ལག་ལེན་: %s [-p] [མིང་]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h host] [-f name]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "ནུས་མེད་ནང་བསà¾à¾±à½¼à½‘་ཀྱི་དུས་ཚོདà¼"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"རྒྱུན་ལས་རྒྱུན་སà¾à¾±à½¼à½„་གི་དོན་ལུ་ རིམ་ལུགས་à½à¼‹à½–སྡམས་ཅིà¼"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[མà½à½´à½‘་བà½à½¼à½‚་ཟུར་à½à½ºà¼‹à½ à½‚ྱོ་ཡོདཔ་ --རྩ་བའི་ནང་བསà¾à¾±à½¼à½‘་མི་ཆོག]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"utmpà½à½¼à¼‹à½–ཀོད་མིན་འདུག à½à¾±à½¼à½‘་ཀྱིས་ གནས་རིམ་དམའ་ཤོས་\"sh\"གི་ནང་ལས་ \"login\"ལག་ལེན་འà½à½–་དགོ"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"%d སà¾à½¢à¼‹à½†à½‚་གི་ཤུལ་མར་ ནང་བསà¾à¾±à½¼à½‘་ངལ་མཚམས་བྱུང་ཡོདཔà¼\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "ནང་བསà¾à¾±à½¼à½‘་: པི་ཨེ་ཨེམ་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹ བར་བཤོལ་དོ་: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s ནང་བསà¾à¾±à½¼à½‘་: "
+
+msgid "login: "
+msgstr "ནང་བསà¾à¾±à½¼à½‘་: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "འབད་རྩོལ་གྱི་ཨང་གྲངས་མང་མà½à½ à¼‹à½£à¾·à½‚་ཡོདཔ་(%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "ནང་བསà¾à¾±à½¼à½‘་:པི་ཨུ་ཨེམ་གྱིས་ཞུ་ཡོད་པའི་བར་བཤོལà¼\n"
+
+msgid "Login incorrect"
+msgstr "ནང་བསà¾à¾±à½¼à½‘་བདེན་མེདà¼"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: གྲལ་à½à½²à½‚་ %d:ལག་ལེན་པ་ %sའཚོལ་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s ནང་བསà¾à¾±à½¼à½‘་: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: à½à¼‹à½¦à¾¤à½ºà½£à¼‹à½–་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹:%s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "ཉེན་བརྡ་:གནས་སà¾à½–ས་ལྡེ་མིག་བརà¾à¾±à½–ས་པའི་ཤུལ་ལུ་ ལོག་སྟེ་ནང་བསà¾à¾±à½¼à½‘་ལྕོགས་ཅན་བཟོ་ཡོདཔà¼"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "མཇུག་གི་ནང་བསà¾à¾±à½¼à½‘་: %s གུ་ %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "མཇུག་གི་ནང་བསà¾à¾±à½¼à½‘་: %.19s གུ་ %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " %.*sལསà¼"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"ནང་བསà¾à¾±à½¼à½‘་དུས་ཚོད་ལྷག་ཡོདཔà¼\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "ལག་ལེན་པ་: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "ལག་ལེན་: newgrp [-][ སྡེ་ཚན་]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "ལག་ལེན་: sg group [[-c]བརྡ་བཀོད་ ]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "ཆོག་ཡིག་རྙིངམ་:"
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: à½à¼‹à½¦à¾¤à½ºà½£à¼‹à½–་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹:%s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ མེདà¼\n"
+
+msgid "too many groups\n"
+msgstr "སྡེ་ཚན་མང་དྲགས་པà¼\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: སྡེ་ཚན་ %sམེདà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ནུས་མེད་ལག་ལེན་པའི་མིང་ '%s'à¼\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: ནུས་མེད་ལག་ལེན་པའི་མིང་ '%s'à¼\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s:གྲལ་à½à½²à½‚་%d: ནུས་མེད་གྲལ་à½à½²à½‚་\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: ལག་ལེན་པ་%sགི་དོན་ལུ་ à½à½¼à¼‹à½–ཀོད་དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: གྲལ་à½à½²à½‚་ %d: ཇི་ཨའི་ཌི་ གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: གྲལ་à½à½²à½‚་ %d: ཇི་ཨའི་ཌི་ གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ མེདà¼\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: གྲལ་à½à½²à½‚་ %d: ཆོག་ཡིག་དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: གྲལ་à½à½²à½‚་ %d: mkdir འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: གྲལ་à½à½²à½‚་ %d: chown འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: གྲལ་à½à½²à½‚་ %d: à½à½¼à¼‹à½–ཀོད་དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: %sགསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "ཆོག་ཡིག་རྙིངམ་:"
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr "ཆོག་ཡིག་གསརཔ་བཙུགས་(%d གི་ཉུང་མà½à½ à¼‹ %dཡིག་འབྲུའི་མང་མà½à½ à¼‹)à¼\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr "ཆོག་ཡིག་གསརཔ་བཙུགས་(%d གི་ཉུང་མà½à½ à¼‹ %dཡིག་འབྲུའི་མང་མà½à½ à¼‹)à¼\n"
+
+msgid "New password: "
+msgstr "ཆོག་ཡིག་གསརཔ་:"
+
+#, fuzzy
+msgid "Try again."
+msgstr "ལོག་འབད་རྩོལ་བསà¾à¾±à½ºà½‘་:"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"ཉེན་བརྡ་:ནུས་མེད་ཀྱི་ཆོག་ཡིག་(ག་དེ་ཨིན་རུང་ལག་ལེན་འà½à½–་ནིའི་དོན་ལས་ ལོག་བཙུགས་)à¼"
+
+msgid "They don't match; try again.\n"
+msgstr "དེ་ཚུ་མà½à½´à½“་སྒྲིག་མིན་འདུག་ ལོག་འབད་རྩོལ་བསà¾à¾±à½ºà½‘à¼\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: མཛོད་གནས་ %sའདི་ རྒྱབ་སà¾à¾±à½¼à½¢à¼‹à½˜à¼‹à½ à½–ད་བསà¼\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: à½à¾±à½¼à½‘་ཀྱིས་ %sགི་དོན་ལུ་ ཆོག་ཡིག་བརྡ་དོན་མ་བལྟ་འོང་ ཡང་ན་ ལེགས་བཅོས་མ་འབདà½à¼‹à½ à½¼à½„་à¼\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་དོà¼\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr " %sགི་དོན་ལུ་ ཆོག་ཡིག་འདི་མ་སོར་བསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "ཆོག་ཡིག་སོར་ཡོདཔà¼"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "ཆོག་ཡིག་དུས་ཡོལ་ཉེན་བརྡà¼"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "ནུས་མེད་ཀྱི་ཆོག་ཡིག་ཡིག་སྣོད་à½à½¼à¼‹à½–ཀོདà¼"
+
+msgid "duplicate password entry"
+msgstr "ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་རྫུན་མà¼"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ནུས་མེད་ལག་ལེན་པའི་མིང་ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "ནུས་མེད་ལག་ལེན་པའི་མིང་ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "ལག་ལེན་པ་ %s: སྡེ་ཚན་ %uམེདà¼\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "ལག་ལེན་པ་ %s: སྣོད་à½à½¼à¼‹ %s མེདà¼\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "ལག་ལེན་པ་ %s: ལས་རིམ་%s མེདà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: ཡིག་སྣོད་ %sའདི་ ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "%sནང་ མà½à½´à½“་སྒྲིག་ཡོད་པའི་ཆོག་ཡིག་ཡིག་སྣོད་à½à½¼à¼‹à½–ཀོད་མེདà¼\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "%sནང་ ལག་ལེན་པ་ '%s' à½à¼‹à½¦à¾à½¼à½„་འབད་ནི་ཨིན་ན?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "ནུས་མེད་གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་à½à½¼à¼‹à½–ཀོདà¼"
+
+msgid "duplicate shadow password entry"
+msgstr "གྱིབ་མའི་ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་རྫུན་མà¼"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "ལག་ལེན་པ་ %s: མ་འོངས་པ་ནང་ མཇུག་གི་ཆོག་ཡིག་སོར་ནིà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: ཡིག་སྣོད་%s à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: ཡིག་སྣོད་ལོག་འབྲི་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "རྩིས་à½à½¼à¼‹à½‘ེ་ལུ་ ཟླ་ལུ་འཛུལ་སྤྱོད་འབད་ནི་ ཉན་མ་བà½à½´à½–་པསà¼\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "ཆོག་ཡིག་བདེན་བཤད་ཟུར་ལས་འགྱོ་ཡོདཔà¼\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "à½à¾±à½¼à½‘་རའི་ཆོག་ཡིག་འདི་ བདེན་བཤད་སྦེ་བཙུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: ཡིག་སྣོད་ %sའདི་ ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"ལག་ལེན་: ཟླ་ [གདམ་à½à¼‹à½šà½´à¼‹] [ནང་བསà¾à¾±à½¼à½‘་]\n"
+"\n"
+"གདམ་à½à¼‹à½šà½´à¼‹:\n"
+" -c, --command COMMAND\t\t ལས་བཀོལ་འབད་ཡོད་པའི་ཤལ་ལུ་ བརྡ་བཀོད་རྩིས་སྤྲོད་འབདà¼\n"
+" -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+" -, -l, --login\t\t ཤལ་འདི་ ནང་བསà¾à¾±à½¼à½‘་ཤལ་བཟོà¼\n"
+" -m, -p,\n"
+" --preserve-environment\t མà½à½ à¼‹à½ à½à½¼à½¢à¼‹à½ à½‚ྱུར་ཅན་ཚུ་ སླར་གཞི་སྒྲིག་མ་འབད་དགོཔ་དང་ \n"
+"\t\t\t\tཤལ་ཅོག་འà½à½‘པ་སྦེ་བཞག\n"
+" -s, --shell SHELL\t\t ཆོག་ཡིག་ནང་ སྔོན་སྒྲིག་གི་ཚབ་ལུ་ ཤལ་ལག་ལེན་འà½à½–à¼\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(སྣང་མེད་བཞག་ཡོདཔ་)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "à½à¾±à½¼à½‘་ ཟླ་%sལུ་ དབང་སྤྲོད་མ་འབདà¼\n"
+
+msgid "(Enter your own password)"
+msgstr "(à½à¾±à½¼à½‘་རའི་ཆོག་ཡིག་རà¾à¾±à½„མ་ཅིག་བཙུགས་)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: པི་ཨེ་ཨེམ་ བདེན་བཤད་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "à½à¾±à½¼à½‘་ ཟླ་%sལུ་ དབང་སྤྲོད་མ་འབདà¼\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "'རྩ་བ་'གི་དོན་ལུ་ ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་མེདà¼"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: ཊར་མི་ནཱལ་ལས་གཡོག་བཀོལ་དགོ\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start:འཛོལ་བ་%d(_s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s འདི་ %s ལུ་ བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "%sལག་ལེན་འà½à½–་མི་ཚུགསà¼"
+
+msgid "No password file"
+msgstr "ཆོག་ཡིག་ཡིག་སྣོད་མེདà¼"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "'རྩ་བ་'གི་དོན་ལུ་ ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་མེདà¼"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"སྤྱིར་བà½à½„་འགོ་བཙུགས་ཀྱི་à½à½¼à½‚་ལས་ འཕྲོ་མà½à½´à½‘་ནིའི་དོན་ལུ་ ཚད་འཛིན་-ཌི་ ཡིག་དཔར་རà¾à¾±à½–ས་\n"
+"(ཡང་ན་ རིམ་ལུགས་རྒྱུན་སà¾à¾±à½¼à½„་གི་དོན་ལུ་ རྩ་བའི་ཆོག་ཡིག་ཅིག་བྱིན་):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "རིམ་ལུགས་རྒྱུན་སà¾à¾±à½¼à½„་à½à½–ས་ལམ་བཙུགས་དོà¼"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: སྔོན་སྒྲིག་ཡིག་སྣོད་གསརཔ་ གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: སྔོན་སྒྲིག་ཡིག་སྣོད་གསརཔ་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: གྲལ་à½à½²à½‚་ %d: chown འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་:%s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: སྡེ་ཚན་ '%s' འདི་ ཨེན་ཨའི་ཨེསི་སྡེ་ཚན་ཨིནà¼\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: སྡེ་ཚན་མང་རབས་ཅིག་གསལ་བཀོད་འབད་ཡོདཔ་(མང་མà½à½ à¼‹ %d)à¼\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ནུས་མེད་གཞི་རྟེན་སྣོད་à½à½¼à¼‹'%s'à¼\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ནུས་མེད་བསམ་བཀོད་ '%s'à¼\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ནུས་མེད་à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à¼‹ '%s'à¼\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: -e ལུ་དགོས་མà½à½¼à¼‹à½¡à½¼à½‘་པའི་གྱིབ་མའི་ཆོག་ཡིག་ཚུà¼\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: -f ལུ་དགོས་མà½à½¼à¼‹à½¡à½¼à½‘་པའི་གྱིབ་མའི་ཆོག་ཡིག་ཚུà¼\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་ས་སྒོ་ '%s'à¼\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ནུས་མེད་ཤལ་ '%s'à¼\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+msgid "Creating mailbox file"
+msgstr "ཡིག་སྒྲོམ་ཡིག་སྣོད་ གསར་བསà¾à¾²à½´à½“་འབད་དོà¼"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"སྡེ་ཚན་'mail' མ་à½à½¼à½–༠༠༦༠༠ à½à½–ས་ལམ་དང་བཅས་ ལག་ལེན་པའི་ཡིག་སྒྲ྄ོམ་ཡིག་སྣོད་ གསར་བསà¾à¾²à½´à½“་འབད་དོà¼\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "ཡིག་སྒྲོམ་ཡིག་སྣོད་གྱི་གནང་བ་ གཞི་སྒྲིག་འབད་དོà¼"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: ལག་ལེན་པ་ %sཡོདཔ་ཨིནà¼\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: སྡེ་ཚན་%s ཡོདཔ་ཨིན་-à½à¾±à½¼à½‘་ཀྱིས་ ལག་ལེན་པ་འདི་སྡེ་ཚན་དེ་ནང་ à½à¼‹à½¦à¾à½¼à½„་བརà¾à¾±à½–་ནི་ཨིན་པ་ཅིན་ -g ལག་"
+"ལེན་འà½à½–à¼\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: %sགསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: ཡུ་ཨའི་ཌི་ %uའདི་ à½à½´à½“་མོང་མེནà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: %sགསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: %sགསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: %sགསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: ཉེན་བརྡ་:à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à¼‹à½ à½‘ི་ཧེ་མ་ལས་རང་ཡོདཔ་ཨིནà¼\n"
+"འདི་ནང་ལུ་ སི་ཀེལ་སྣོད་à½à½¼à¼‹à½“ང་ལས་ ཡིག་སྣོད་ག་ཅི་ཡང་འདྲ་བཤུས་མ་བརà¾à¾±à½–་ནིà¼\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: ཨེན་ཨའི་ཨེསི་ ཞབས་à½à½¼à½‚་སྤྱོད་མི་གུ་ ལག་ལེན་པ་ '%s' བསྒྱུར་བཅོས་འབད་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: ལག་ལེན་པ་གཞན་གྱི་དོན་ལུ་ གཞི་རིམ་སྡེ་ཚན་ཅིག་ཨིན་མི་སྡེ་ཚན་ %sའདི་ རྩ་བསà¾à¾²à½‘་གà½à½„་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s འདི་ %s ལུ་ བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: ནུས་མེད་à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à¼‹ '%s'à¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: ཉེན་བརྡ་:རྩ་བསà¾à¾²à½‘་གà½à½„་མི་ཚུགསà¼"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %sགིས་བདག་དབང་མ་བཟུང་མི་ %sའདི་ རྩ་བསà¾à¾²à½‘་གà½à½„་ནི་མེདà¼\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s འདི་ %s ལུ་ བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་མི་ཚུགསà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s འདི་ %s ལུ་ བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ ཨེན་ཨའི་ཨེསི་ ལག་ལེན་པ་ཅིག་ཨིནà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: ནུས་མེད་à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à¼‹ '%s'à¼\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %sའདི་ རྩ་བསà¾à¾²à½‘་གà½à½„་ནི་མེད་(ལག་ལེན་པ་%sགི་à½à¾±à½²à½˜à¼‹à½ à½‘ི་ རྩ་བསà¾à¾²à½‘་གà½à½„་འོང་)à¼\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹%s རྩ་བསà¾à¾²à½‘་གà½à½„་པའི་སà¾à½–ས་ལུ་ འཛོལ་བà¼\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: ལག་ལེན་པ་ %sཡོདཔ་ཨིནà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: ནུས་མེད་ཚེས་གྲངས་ '%s'à¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: ནུས་མེད་ཚེས་གྲངས་ '%s'à¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: ཡིག་སྣོད་%s à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e aདང་ -f གཉིས་ལུ་དངོས་མà½à½¼à¼‹à½¡à½¼à½‘་པའི་གྱིབ་མའི་ཆོག་ཡིག་ཚུà¼\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %sའདི་ཡོདཔཨིནà¼\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: ཉེན་བརྡ་: à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à¼‹%sརྙིངམ་འདི་ མà½à½¢à¼‹à½ à½à¾±à½¼à½£à¼‹à½¦à¾¦à½ºà¼‹à½¢à¾©à¼‹à½–སà¾à¾²à½‘་གà½à½„་ནི་ལུ་ འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: སྣོད་à½à½¼à¼‹ %s འདི་ %s ལུ་ བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་མི་ཚུགསà¼\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: ཉེན་བརྡ་: %s འདི་ %s གིས་ བདག་དབང་བཟུངམ་མེནà¼\n"
+
+msgid "failed to change mailbox owner"
+msgstr "ཡིག་སྒྲོམ་བདག་པོ་སོར་ནི་ལུ་ འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼"
+
+msgid "failed to rename mailbox"
+msgstr "ཡིག་སྒྲོམ་གྱི་བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་ནི་ལུ་ འཛོལ་བà¼"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %sའདི་ བསྒྱུར་བཅོས་མ་འབད་བསà¼\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "ཡིག་སྒྲོམ་གྱི་བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་ནི་ལུ་ འཛོལ་བà¼"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "ཡིག་སྣོད་ལྡེ་མིག་བརà¾à¾±à½–ས་མ་ཚུགསà¼"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: à½à½ºà¼‹à½‘བང་(%s)ཚུ་བཀོག་ནིའི་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+msgid "Couldn't lock file"
+msgstr "ཡིག་སྣོད་ལྡེ་མིག་བརà¾à¾±à½–ས་མ་ཚུགསà¼"
+
+msgid "Couldn't make backup"
+msgstr "རྒྱབ་à½à½‚་བཟོ་མ་ཚུགསà¼"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: /etc/passwd ནང་ལུ་ %s མ་à½à½¼à½–à¼\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à¼‹à½šà½´à½‚སà¼\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: ས་སྒོ་ཚུ་རིང་དྲགས་པསà¼\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "ཡིག་སྒྲོམ་གྱི་བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་ནི་ལུ་ འཛོལ་བà¼"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "ཡིག་སྒྲོམ་བདག་པོ་སོར་ནི་ལུ་ འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "ཡིག་སྒྲོམ་གྱི་བསà¾à¾±à½¢à¼‹à½˜à½²à½„་བà½à½‚ས་ནི་ལུ་ འཛོལ་བà¼"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %sསོར་ཆུད་འབད་མ་ཚུགས་: %s (à½à¾±à½¼à½‘་ཀྱི་བསྒྱུར་བཅོས་ཚུ་ %sནང་ཨིན་)à¼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: ནུས་མེད་གཞི་རྟེན་སྣོད་à½à½¼à¼‹'%s'à¼\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་:chage[གདམ་à½à¼‹à½šà½´à¼‹]user\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -d, ---lastday LAST_DAY\t མཇུག་མམ་གྱི་ཆོག་ཡིག་འདི་ LAST_DAYལུ་ བསྒྱུར་བཅོས་གཞི་སྒྲིག་"
+#~ "འབདà¼\n"
+#~ " -E, --expiredate EXPIRE_DATE\t རྩིས་à½à½¼à½ à½²à¼‹à½‘ུས་ཡོལ་ཚེས་གྲངས་འདི་ཚུ་ EXPIRE_DATE ལུ་ "
+#~ "བསྒྱུར་བཅོས་གཞི་སྒྲིག་འབདà¼\n"
+#~ " -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་ བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -I, --inactive INACTIVE\t དུས་ཡོལ་ \n"
+#~ "\t\t\t\tto INACTIVE གི་ཤུལ་མ་ཆོག་ཡིག་ནུས་མེད་འདི་ གཞི་སྒྲིག་འབདà¼\n"
+#~ " -l, --list\t\t\t རྩིས་à½à½¼à¼‹à½¢à¾’ས་པའི་བརྡ་དོན་ སྟོནà¼\n"
+#~ " -m, --mindays MIN_DAYS\t ཉིན་གྲངས་ཉུང་མà½à½ à¼‹à½ à½‘ི་ཚུ་ ཆོག་ཡིག་\n"
+#~ "\t\t\t\tགི་ཧེ་མར་ MIN_DAYSལུ་བསྒྱུར་བཅོས་ གཞི་སྒྲིག་འབདà¼\n"
+#~ " -M, --maxdays MAX_DAYS\t ཉིན་གྲངས་མང་མà½à½ à¼‹à½ à½‘ི་ཚུ་ ཆོག་ཡིག་\n"
+#~ "\t\t\t\tགི་ཧེ་མར་ MAX_DAYSལུ་ བསྒྱུར་བཅོས་ གཞི་སྒྲིག་འབདà¼\n"
+#~ " -W, --warndays WARN_DAYS\t དུས་ཡོལ་ཉེན་བརྡའི་ཉིནམ་འདི་ཚུ་ WARN_DAYSལུ་ གཞི་སྒྲིག་"
+#~ "འབདà¼\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: པི་ཨེ་ཨེམ་ བདེན་བཤད་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "ལག་ལེན་:%s[-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] user]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "ལག་ལེན་:%s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: chpasswd [གདམ་à½à¼‹à½šà½´à¼‹]\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -e, --encrypted\t བཀྲམ་སྤེལ་འབད་ཡོད་པའི་ཆོག་ཡིག་ཚུ་ གསང་བཟོས་མ་འབད་ཡོདཔà¼\n"
+#~ " -h, --help\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་ བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -m, --md5\t\t བཀྲམ་སྤེལ་འབད་ཡོད་པའི་\t\t\tཆོག་ཡིག་ཚུ་ གསང་བཟོས་མ་ཡིན་པའི་སà¾à½–ས་ལུ་ ཌི་"
+#~ "ཨི་ཨེསི་གི་ཚབ་ལུ་ ཨེབ་ཌི་ ༥ གསང་བཟོ་ ལག་ལེན་འà½à½–à¼\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: userdel [གདམ་à½à¼‹à½šà½´à¼‹] ནང་བསà¾à¾±à½¼à½‘་\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -f, --force\t\t\t ལག་ལེན་པ་གིས་བདག་དབང་མ་བཟུང་སྟེ་འབད་རུང་ ཡིག་སྣོད་བང་བཙོང་སྟེ་རྩ་"
+#~ "བསà¾à¾²à½‘་གà½à½„་à¼\n"
+#~ " -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -r, --remove\t\t\t à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à¼‹à½‘ང་ཡིག་འཕྲིན་འཕྲལ་གསོག་རྩ་བསà¾à¾²à½‘་གà½à½„་à¼\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "ལག་ལེན་: དུས་ཡོལ་{-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: ཡིག་སྣོད་%s à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "ལག་ལེན་:groupdel སྡེ་ཚནà¼\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "ལག་ལེན་:%s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "ལག་ལེན་: %s [-r] [-s] [སྡེ་ཚན་]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s དང་ -r གཉིས་མà½à½´à½“་འགྱུར་ཅན་མེནà¼\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "ལག་ལེན་:groupdel སྡེ་ཚནà¼\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "ལག་ལེན་:groupdel སྡེ་ཚནà¼\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: lastlog [གདམ་à½à¼‹à½šà½´à¼‹]\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -b, --before DAYS\t ཉིན་གྲངས་ལས་རྙིང་པའི་lastlogདྲན་à½à½¼à¼‹à½šà½´à¼‹à½¢à¾à¾±à½„མ་ཅིག་ དཔར་བསà¾à¾²à½´à½“་འབདà¼\n"
+#~ " -h, --help\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -t, --time DAYS\t ཉིན་གྲངས་ལས་ལྷག་པའི་འཕྲལ་གྱི་ lastlogདྲན་à½à½¼à¼‹à½šà½´à¼‹à½¢à¾à¾±à½„མ་ཅིག་ དཔར་བསà¾à¾²à½´à½“་"
+#~ "འབདà¼\n"
+#~ " -u, ---user LOGIN\t ལག་ལེན་པའི་དོན་ལུ་ གསལ་བཀོད་འབད་ཡོད་པའི་ནང་བསà¾à¾±à½¼à½‘་དང་བཅས་ "
+#~ "lastlog དྲན་à½à½¼à¼‹ དཔར་བསà¾à¾²à½´à½“་འབདà¼\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: passwd [གདམ་à½à¼‹à½šà½´à¼‹] [ནང་བསà¾à¾±à½¼à½‘་]\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -a, --all\t\t\t རྩིས་à½à½¼à¼‹à½†à¼‹à½˜à½‰à½˜à¼‹à½‚ྱི་གུ་ ཆོག་ཡིག་གནས་ཚད་ སྙན་ཞུ་འབདà¼\n"
+#~ " -d, --delete\t\t\t མིང་བà½à½‚ས་ཡོད་པའི་རྩིས་à½à½¼à½ à½²à¼‹à½‘ོན་ལུ་ ཆོག་ཡིག་བà½à½¼à½“་གà½à½„་à¼\n"
+#~ " -e, --expire\t\t\t མིང་བà½à½‚ས་ཡོད་པའི་རྩིས་à½à½¼à½ à½²à¼‹à½‘ོན་ལུ་ ཆོག་ཡིག་གི་དུས་ཡོལ་བང་བཙོང་à¼\n"
+#~ " -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -k, --keep-tokens\t\t དུས་ལས་ཡོལ་སོང་པ་ཅིན་རà¾à¾±à½„མ་ཅིག་ ཆོག་ཡིག་སོརà¼\n"
+#~ " -i, --inactive INACTIVE\t ཆོག་ཡིག་འདི་ནུས་མེད་ལུ་ དུས་ཡོལ་\n"
+#~ "\t\t\t\t གི་ཤུལ་མར་ ནུས་མེད་སྦེ་གཞི་སྒྲིག་འབདà¼\n"
+#~ " -l, --lock\t\t\t མིང་བà½à½‚ས་ཡོད་པའི་རྩིས་à½à½¼à¼‹ ལྡེ་མིག་རà¾à¾±à½–སà¼\n"
+#~ " -n, --mindays MIN_DAYS\t ཆོག་ཡིག་ \n"
+#~ "\t\t\t\tའདི་ MIN_DAYSལུ་མ་བསྒྱུར་བའི་ཧེ་མ་ ཉིན་གྲངས་ཉུང་མà½à½ à¼‹à½‚ཞི་སྒྲིག་འབད༠-q, --quiet"
+#~ "\t\t\t à½à½´à¼‹à½¦à½²à½˜à¼‹à½¦à½²à½˜à¼‹à½‚ྱི་à½à½–ས་ལམà¼\n"
+#~ " -r, --repository REPOSITORY\t REPOSITORYམཛོད་གནས་ནང་ལུ་ ཆོག་ཡིག་སོརà¼\n"
+#~ " -s, --status\t\t\t མིང་བà½à½‚ས་ཡོད་པའི་རྩིས་à½à½¼à½ à½²à¼‹à½‚ུ་ ཆོག་ཡིག་སྙན་ཞུ་འབདà¼\n"
+#~ " -u, --unlock\t\t\t མིང་བà½à½‚ས་ཡོད་པའི་རྩིས་à½à½¼à¼‹à½ à½‘ི་ ལྡེ་མིག་ཕྱེà¼\n"
+#~ " -w, --warndays WARN_DAYS\t WARN_DAYSལུ་ དུས་ཡོལ་ཉེན་བརྡའི་ཉིན་གྲངས་ གཞི་སྒྲིག་"
+#~ "འབདà¼\n"
+#~ " -x, --maxdays MAX_DAYS\t ཆོག་ཡིག་ \n"
+#~ "\t\t\t\tའདི་ MAX_DAYSལུ་ བསྒྱུར་བཅོས་མ་འབད་བའི་ཧེ་མ་ ཉིན་གྲངས་ཉུང་མà½à½ à¼‹ གཞི་སྒྲིག་འབདà¼\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "ལག་ལེན་:%s [-q] [-r] [-s] [passwd [གྱིབ་མ་]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "ལག་ལེན་:%s [-q] [-r] [-s] [passwd [གྱིབ་མ་]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "ལག་ལེན་པ་: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "ལག་ལེན་པ་: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "མ་ཤེས་པའི་ཨའི་ཌི་:%s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "ཤལ་མེདà¼\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: userdel [གདམ་à½à¼‹à½šà½´à¼‹] ནང་བསà¾à¾±à½¼à½‘་\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -f, --force\t\t\t ལག་ལེན་པ་གིས་བདག་དབང་མ་བཟུང་སྟེ་འབད་རུང་ ཡིག་སྣོད་བང་བཙོང་སྟེ་རྩ་"
+#~ "བསà¾à¾²à½‘་གà½à½„་à¼\n"
+#~ " -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -r, --remove\t\t\t à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à¼‹à½‘ང་ཡིག་འཕྲིན་འཕྲལ་གསོག་རྩ་བསà¾à¾²à½‘་གà½à½„་à¼\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: ལག་ལེན་པ་ %sའདི་ ད་ལྟོ་རང་ནང་བསà¾à¾±à½¼à½‘་འབད་ཡིà¼\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: usermod [གདམ་à½à¼‹à½šà½´à¼‹] ནང་བསà¾à¾±à½¼à½‘་\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -a, --append GROUP\t\t ལྷན་à½à½–ས་སྡེ་ཚན་ལུ་ ལག་ལེན་པ་མཇུག་བསྣོད་འབད༠\n"
+#~ " -c, --comment COMMENT\t\t ཇི་ཨི་སི་ཨོ་ཨེསི་ ས་སྒོའི་བེ་ལུ་གསརཔà¼\n"
+#~ " -d, --home HOME_DIR\t\t ལག་ལེན་པའི་རྩིས་à½à½¼à¼‹à½‚སརཔ་གི་དོན་ལུ་ ནང་བསà¾à¾±à½¼à½‘་སྣོད་à½à½¼à¼‹à½‚སརཔà¼\n"
+#~ " -e, --expiredate EXPIRE_DATE\t EXPIRE_DATEལུ་ རྩིས་à½à½¼à½ à½²à¼‹à½‘ུས་ཡོལ་ཚེས་གྲངས་ གཞི་སྒྲིག་"
+#~ "འབདà¼\n"
+#~ " -f, ---inactive INACTIVE\t INACTIVEལུ་ དུས་ཡོལ་ \n"
+#~ " \t\t\t\tགི་ཤུལ་མ་ ཆོག་ཡིག་ནུས་མེད་སྦེ་ གཞི་སྒྲིག་འབདà¼\n"
+#~ " -g, ---gid GROUP\t\t འགོ་à½à½¼à½‚་ནང་བསà¾à¾±à½¼à½‘་སྡེ་ཚན་གསརཔ་སྦེ་ སྡེ་ཚན་འདི་བང་ཅན་སྦེ་ལག་ལེན་"
+#~ "འà½à½–à¼\n"
+#~ " -G, --groups GROUPS\t\t ལྷན་à½à½–ས་སྡེ་ཚན་གྱི་à½à½¼à¼‹à½¡à½²à½‚\n"
+#~ " -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -l, --login LOGIN\t\t ནང་བསà¾à¾±à½¼à½‘་མིང་གི་བེ་ལུ་གསརཔà¼\n"
+#~ " -L, --lock\t\t\t ལག་ལེན་པའི་རྩིས་à½à½¼à¼‹ ལྡེ་མིག་རà¾à¾±à½–སà¼\n"
+#~ " -m, --move-home\t\t à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à½ à½²à¼‹à½“ང་དོན་ཚུ་ \n"
+#~ " \t\t\t\t གནས་à½à½¼à½„ས་ (-dདང་རà¾à¾±à½„མ་ཅིག་)གསརཔ་ལུ་སྤོà¼\n"
+#~ " -o, --non-unique\t\t ཡུ་ཨའི་ཌི་ རྫུན་མ་(à½à½´à½“་མོང་)ལག་ལེན་གྱི་à½à½¼à½‚་ལས་ འབད་བཅུག\n"
+#~ " -p, --password PASSWORD\t ཆོག་ཡིག་གསརཔ་གི་དོན་ལུ་ གསང་བཟོས་ཆོག་ཡིག་ལག་ལེན་འà½à½–à¼\n"
+#~ " -s, --shell SHELL\t\t ལག་ལེན་པའི་རྩིས་à½à½¼à½ à½²à¼‹à½‘ོན་ལུ་ ནང་བསà¾à¾±à½¼à½‘་ཤལ་གསརཔà¼\n"
+#~ " -u, --uid UID\t\t\t ལག་ལེན་པའི་རྩིས་à½à½¼à½ à½²à¼‹à½‘ོན་ལུ་ ཡུ་ཨི་ཌི་གསརཔà¼\n"
+#~ " -U, --unlock\t\t\t ལག་ལེན་པའི་རྩིས་à½à½¼à¼‹ ལྡེ་མིག་ཕྱེà¼\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: ཟུར་རྟགས་ཚུ་གྲ་སྒྲིག་མིན་འདུག\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: vipw [གདམ་à½à¼‹à½šà½´à¼‹]\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -g, --group\t\t\t སྡེ་ཚན་གནད་སྡུད་གཞི་རྟེན་ ཞུན་དག་འབདà¼\n"
+#~ " -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -p, --passwd\t\t\t ཆོག་ཡིག་གནད་སྡུད་གཞི་རྟེན་ ཞུན་དག་འབདà¼\n"
+#~ " -q, --quiet\t\t\t à½à½´à¼‹à½¦à½²à½˜à¼‹à½¦à½²à½˜à¼‹à½‚ྱི་à½à½–ས་ལམà¼\n"
+#~ " -s, --shadow\t\t\t གྱིབ་མ་ ཡང་ན་ gshadowགནད་སྡུད་གཞི་རྟེན་ ཞུན་དག་འབདà¼\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %sགསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: %s chownའབད་མི་ཚུགསà¼\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་པ་:faillog [གདམ་à½à¼‹à½šà½´à¼‹]\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -a, --all\t\t\t ལག་ལེན་ཆ་མཉམ་གྱི་དོན་ལུ་ faillog དྲན་à½à½¼à¼‹à½šà½´à¼‹à½–ཀྲམ་སྟོན་འབདà¼\n"
+#~ " -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་ བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -l, --lock-time SEC\t\t ནང་བསà¾à¾±à½¼à½‘་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་བའི་ཤུལ་ལུ་ SECདཀར་ཆག་ཚུ་ལུ་ ལྡེ་མིག་"
+#~ "རྩིས་à½à½¼à¼\n"
+#~ " -m, --maximum MAX\t\t MAX ལུ་ འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོད་པའི་ནང་བསà¾à¾±à½¼à½‘་གདོང་ལན་ གཞི་སྒྲིག་འབདà¼\n"
+#~ " -r, --reset\t\t\t ནང་བསà¾à¾±à½¼à½‘་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½šà½´à¼‹à½‚ི་གདོང་ལན་ སླར་གཞི་སྒྲིག་འབདà¼\n"
+#~ " -t, --time DAYS\t\t DAYSལས་ལྷག་པའི་འཕྲལ་གྱི་ཕེཡེ་ལོག་དྲན་à½à½¼à¼‹à½šà½´à¼‹ བཀྲམ་སྟོན་འབདà¼\n"
+#~ " -u, --user LOGIN\t\t ཕེ་ཡེ་ལོག་དྲན་à½à½¼à¼‹à½–ཀྲམ་སྟོན་འབད་ ཡངན་ འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½‚དོང་ལན་\n"
+#~ "\t\t\t\tཚུ་ རྒྱུན་སà¾à¾±à½¼à½„་འབདà½à¼‹à½¨à½²à½“མ་དང་ ལག་ལེན་པའི་དོན་ལུ་ ནང་བསà¾à¾±à½¼à½‘་ཀྱི་à½à½¼à½‚་ལས་ \n"
+#~ "\t\t\t\tརà¾à¾±à½„མ་ཅིག་ བཅད་མཚམས་( -r, -m ཡང་ན་ -l optionsདང་བཅས་ལག་ལེན་འà½à½–་ཡོད་པ་"
+#~ "ཅིན་)བཟོà½à¼‹à½¨à½²à½“à¼\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་:groupadd [གདམ་à½à¼‹à½šà½´à¼‹]སྡེ་ཚནà¼\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -f, --force\t\t གསལ་བཀོད་འབད་ཡོད་པའི་ \n"
+#~ "\t\t\t\t སྡེ་ཚན་འདི་ཧེ་མ་ལས་ཡོད་པ་ཅིན་ མà½à½¢à¼‹à½ à½à¾±à½¼à½£à¼‹à½‚ནས་ཚད་ཀྱི་à½à½¼à½‚་ལས་ བང་ཅན་སྦེ་ཕྱིར་འà½à½¼à½“་"
+#~ "འབདà¼\n"
+#~ " -g, --gid GID\t\t སྡེ་ཚན་གསརཔ་གི་དོན་ལུ་ ཇི་ཨིའ་ཌི་ལག་ལེན་འà½à½–à¼\n"
+#~ " -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -k, --key KEY=VALUE\t\t /etc/login.defs སྔོན་སྒྲིག་ཚུ་ ཟུར་བཞག་འབདà½à¼‹à½¨à½²à½“à¼\n"
+#~ " -o, --non-unique\t\t ངོ་བཤུས་ \n"
+#~ " \t\t\t\t(à½à½´à½“་མོང་པ་)ཇི་ཨའི་ཌི་དང་བཅས་ སྡེ་ཚན་གསར་བསà¾à¾²à½´à½“་འབད་བཅུག\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་:groupadd [གདམ་à½à¼‹à½šà½´à¼‹]སྡེ་ཚནà¼\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -f, --force\t\t གསལ་བཀོད་འབད་ཡོད་པའི་ \n"
+#~ "\t\t\t\t སྡེ་ཚན་འདི་ཧེ་མ་ལས་ཡོད་པ་ཅིན་ མà½à½¢à¼‹à½ à½à¾±à½¼à½£à¼‹à½‚ནས་ཚད་ཀྱི་à½à½¼à½‚་ལས་ བང་ཅན་སྦེ་ཕྱིར་འà½à½¼à½“་"
+#~ "འབདà¼\n"
+#~ " -g, --gid GID\t\t སྡེ་ཚན་གསརཔ་གི་དོན་ལུ་ ཇི་ཨིའ་ཌི་ལག་ལེན་འà½à½–à¼\n"
+#~ " -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -k, --key KEY=VALUE\t\t /etc/login.defs སྔོན་སྒྲིག་ཚུ་ ཟུར་བཞག་འབདà½à¼‹à½¨à½²à½“à¼\n"
+#~ " -o, --non-unique\t\t ངོ་བཤུས་ \n"
+#~ " \t\t\t\t(à½à½´à½“་མོང་པ་)ཇི་ཨའི་ཌི་དང་བཅས་ སྡེ་ཚན་གསར་བསà¾à¾²à½´à½“་འབད་བཅུག\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: useradd [གདམ་à½à¼‹à½šà½´à¼‹] ནང་བསà¾à¾±à½¼à½‘་\n"
+#~ "\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -b, --base-dir BASE_DIR\t ལག་ལེན་པའི་རྩིས་à½à½¼à¼‹à½‚སརཔ་ \n"
+#~ "\t\t\t\t à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à½ à½²à¼‹à½‘ོན་ལུ་ གཞི་རྟེན་སྣོད་à½à½¼à¼\n"
+#~ " -c, --comment COMMENT\t\t ལག་ལེན་པའི་རྩིས་à½à½¼à¼‹à½‚སརཔ་གི་དོན་ལུ་ ཇི་ཨི་སི་ཨོ་ཨེསི་ས་སྒོ་ གཞི་"
+#~ "སྒྲིག་འབདà¼\n"
+#~ " -d, --home-dir HOME_DIR\t ལག་ལེན་པའི་རྩིས་à½à½¼à¼‹à½‚སརཔ་གི་དོན་ལུ་ à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à¼\n"
+#~ " -D, --defaults\t\t ལེགས་བཅོས་འབད་ཡོད་པའི་སྔོན་སྒྲིག་ useradd\n"
+#~ "\t\t\t\t རིམ་སྒྲིག་འདི་ དཔར་བསà¾à¾²à½´à½“་འབད་ཡང་ན་ སྲུངས༠\n"
+#~ " -e, --expiredate EXPIRE_DATE\t EXPIRE_DATEལུ་ རྩིས་à½à½¼à½ à½²à¼‹à½‘ུས་ཡོལ་ཚེས་གྲངས་ གཞི་"
+#~ "སྒྲིག་འབདà¼\n"
+#~ " -f, --inactive INACTIVE\t དུས་ཡོལ་ \n"
+#~ "\t\t\t\t གི་ཤུལ་མར་ INACTIVEལུ་ ཆོག་ཡིག་ནུས་མེད་སྦེ་གཞི་སྒྲིག་འབདà¼\n"
+#~ " -g, --gid GROUP\t\t ལག་ལེན་པའི་རྩིས་à½à½¼à¼‹à½‚སརཔ་གི་དོན་ལུ་ བང་བཅོང་à½à½¼à½‚་ལས་ སྡེ་ཚན་ལག་ལེན་"
+#~ "འà½à½–à¼\n"
+#~ " -G, --groups GROUPS\t\t \n"
+#~ " \t\t\t\tལག་ལེན་པའི་རྩིས་à½à½¼à¼‹à½‚སརཔ་གི་དོན་ལུ་ ལྷན་à½à½–ས་སྡེབ་ཚན་གྱི་à½à½¼à¼‹à½¡à½²à½‚\n"
+#~ " -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -k, --skel SKEL_DIR \t\t à½à½–ས་གཞན་སི་ཀེལ་སྣོད་à½à½¼à¼‹à½…ིག་ གསལ་བཀོད་འབདà¼\n"
+#~ " -K, --key KEY=VALUE\t\t /etc/login.defs སྔོན་སྒྲིག་ ཟུར་བཞག་འབདà½à¼‹à½¨à½²à½“à¼\n"
+#~ " -m, --create-home\t\t ལག་ལེན་པ་ \n"
+#~ " \t\t\t\tརྩིས་à½à½¼à¼‹à½‚སརཔ་གི་དོན་ལུ་ à½à¾±à½²à½˜à¼‹à½‚ྱི་སྣོད་à½à½¼à¼‹à½‚སར་བསà¾à¾²à½´à½“་འབདà¼\n"
+#~ " -o, --non-unique\t\t \t\t\t\t(à½à½´à½“་མོང་) ཡུ་ཨའི་ཌི་ རྫུན་མ་\n"
+#~ "གི་à½à½¼à½‚་ལས་ ལག་ལེན་པ་གསར་བསà¾à¾²à½´à½“་འབད་བཅུག\n"
+#~ " -p, --password PASSWORD\t ལག་ལེན་པ་གསརཔ་\n"
+#~ " \t\t\t\tརྩིས་à½à½¼à½ à½²à¼‹à½‘ོན་ལུ་ གསང་བཟོས་ཆོག་ཡིགལག་ལེན་འà½à½–à¼\n"
+#~ " -s, --shell SHELL\t\t ལག་ལེན་པའི་རྩིས་à½à½¼à¼‹à½‚སརཔ་གི་དོན་ལུ་ ནང་བསà¾à¾±à½¼à½‘་ཀྱི་ཤལà¼\n"
+#~ " -u, --uid UID\t\t\t ལག་ལེན་པའི་རྩིས་à½à½¼à¼‹à½‚སརཔ་གི་དོན་ལུ་ ཡུ་ཨའི་ཌི་འདི་ བང་ཅན་སྦེ་ལག་"
+#~ "ལེན་འà½à½–à¼\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "ཆོག་ཡིག་དུས་ཡོལ་ནིའི་དོན་ལས་་གཞི་སྒྲིག་འབད་ཡོདཔà¼"
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མ་ཚུགསà¼\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ ལོག་འབྲི་མ་ཚུགསà¼\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ ལོག་འབྲི་མ་ཚུགསà¼\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ དུས་མà½à½´à½“་བཟོ་མ་ཚུགསà¼\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tམིང་ཆ་ཚང་: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tà½à½„་མིག་ཨང་: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tལཱ་གི་བརྒྱུད་འཕྲིན་: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tà½à¾±à½²à½˜à¼‹à½‚ྱི་བརྒྱུད་འཕྲིན་: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "ཆོག་ཡིག་ཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགས་ ཤུལ་ལས་ལོག་སྟེ་འབད་རྩོལ་སà¾à¾±à½ºà½‘à¼\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "ཆོག་ཡིག་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་དུས་མà½à½´à½“་འབདà½à¼‹à½‘་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "ཆོག་ཡིག་ཡིག་སྣོད་བསྒྱུར་བཅོས་ཚུ་ དང་ལེན་འབད་མི་ཚུགསà¼\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "ཆོག་ཡིག་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ལྡེ་མིག་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: gshadowཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་དུས་མà½à½´à½“་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: སྡེ་ཚན་à½à½¼à¼‹à½–ཀོད་དུས་མà½à½´à½“་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: གྲལ་à½à½²à½‚་ %d: མ་ཤེས་པའི་སྡེ་ཚན་ %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: གྲལ་à½à½²à½‚་ %d: à½à½¼à¼‹à½–ཀོད་དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་དུས་མà½à½´à½“་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་དུས་མà½à½´à½“་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: གྲལ་à½à½²à½‚་ %d: མ་ཤེས་པའི་ལག་ལེན་པ་%s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: གྲལ་à½à½²à½‚་ %d: ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་ དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: མ་ཤེས་པའི་ལག་ལེན་པà¼\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "མ་ཤེས་པའི་ལག་ལེན་པ་:%s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "ལག་ལེན་པ་: %s [-r|-R] སྡེ་ཚནà¼\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a user] སྡེ་ཚནà¼\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d user] སྡེ་ཚནà¼\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A user,...] [-M user,...] སྡེ་ཚནà¼\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M user,...] སྡེ་ཚནà¼\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: གྱིབ་མ་ལྡེ་མིག་ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: ཡིག་སྣོད་à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་ལོག་འབྲི་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: ཡིག་སྣོད་ལྡེ་མིག་ཕྱེ་མིཚུགསà¼\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: à½à½¼à¼‹à½–ཀོད་ དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: གྱིབ་མའི་à½à½¼à¼‹à½–ཀོད་ དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "མ་ཤེས་པའི་སྡེ་ཚན་:%s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: ཡིག་སྣོད་à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "à½à¾±à½¼à½‘་ག་སྨོ?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: མ་ཤེས་པའི་འà½à½´à½¦à¼‹à½˜à½²à¼‹ %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: སྡེ་ཚན་à½à½¼à¼‹à½–ཀོད་གསརཔ་à½à¼‹à½¦à¾à½¼à½„་འབད་བའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ ལོག་འབྲི་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ ལོག་འབྲི་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མ་ཚུགསà¼\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མ་ཚུགསà¼\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: ཇི་ཨའི་ཌི་ %uའདི་ à½à½´à½“་མོང་པ་ཨིནà¼\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: སྡེ་ཚན་à½à½¼à¼‹à½–ཀོད་རྩ་བསà¾à¾²à½‘་གà½à½„་པའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་à½à½¼à¼‹à½–ཀོད་རྩ་བསà¾à¾²à½‘་གà½à½„་པའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: ལག་ལེན་པའི་གཞི་རིམ་སྡེ་ཚན་ རྩ་བསà¾à¾²à½‘་གà½à½„་མི་ཚུགསà¼\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: པི་ཨེ་ཨེམ་ བདེན་བཤད་འà½à½´à½¦à¼‹à½¤à½¼à½¢à¼‹à½–ྱུང་ཡོདཔà¼\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མ་ཚུགསà¼\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s འདི་ /etc/groupནང་མི་འà½à½¼à½–à¼\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u འདི་ à½à½´à½“་མོང་གི་ཇི་ཨའི་ཌི་མེནà¼\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s འདི་ à½à½´à½“་མོང་གི་མིང་མེནà¼\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་འདི་ ལོག་འབྲི་མི་བà½à½´à½–à¼\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་འདི་ ལྡེ་མིག་བརà¾à¾±à½–་མ་ཚུགསà¼\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: %sགི་དོན་ལུ་ གྱིབ་མའི་à½à½¼à¼‹à½–ཀོད་ དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: སྡེ་ཚན་ %sགི་དོན་ལུ་ à½à½¼à¼‹à½–ཀོད་དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ %sབསà¾à¾²à½‘་གà½à½„་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ བà½à½¼à½“་གà½à½„་མི་ཚུགསà¼\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "མ་ཤེས་པའི་ ཇི་ཨའི་ཌི་:%u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "མ་ཤེས་པའི་ ཇི་ཨའི་ཌི་:%lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: སྡེ་ཚན་ %sམེདà¼\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: ལག་ལེན་པ་ %sའདི་ མེདà¼\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: ནུས་མེད་ལག་ལེན་པའི་མིང་ '%s'à¼\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: /etc/passwd ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: /etc/passwd ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: /etc/passwd ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: /etc/passwd ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: ཡིག་སྣོད་ཚུ་à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: ཡིག་སྣོད་དུས་མà½à½´à½“་བཟོ་བའི་སà¾à½–ས་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: %sགི་དོན་ལུ་ ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: %sགི་དོན་ལུ་ གྱིབ་མའི་à½à½¼à¼‹à½–ཀོད་ རྩ་བསà¾à¾²à½‘་གà½à½„་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: ལག་ལེན་པ་%sགི་དོན་ལུ་ à½à½¼à¼‹à½–ཀོད་དུས་མà½à½´à½“་བཟོ་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ བà½à½¼à½“་གà½à½„་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: མ་ཤེས་པའི་ཇི་ཨའི་ཌི་ %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: མ་ཤེས་པའི་སྡེ་ཚན་ %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: དུས་མà½à½´à½“་gshadowནང་ལུ་ དྲན་ཚད་ལས་བརྒལ་བà¼\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་འདི་ ལོག་འབྲི་མི་བà½à½´à½–à¼\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་འདི་ ལོག་འབྲི་མི་བà½à½´à½–à¼\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ ལྡེ་མིག་བརà¾à¾±à½–་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་འདི་ ལྡེ་མིག་བརà¾à¾±à½–་པའི་བསྒང་ལུ་འཛོལ་བà¼\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་à½à¼‹à½•à¾±à½ºà¼‹à½–འི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ལྡེ་མིག་བརà¾à¾±à½–་པའི་བསྒང་ལུ་ འཛོལབà¼\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་à½à¼‹à½•à¾±à½ºà¼‹à½–འི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་གསརཔ་à½à¼‹à½¦à¾à½¼à½„་འབད་བའི་སà¾à½–ས་ལུ་འཛོལ་བà¼\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་གསརཔ་ à½à¼‹à½¦à¾à½¼à½„་འབད་བའི་སà¾à½–ས་ལུ་འཛོལ་བà¼\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: ཉེན་བརྡ་: CREATE_HOME རྒྱབ་སà¾à¾±à½¼à½¢à¼‹à½˜à¼‹à½ à½–ད་ དེའི་ཚབ་ལུ་ -mལག་ལེན་འà½à½–་གནང་à¼\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: སྡེ་ཚན་à½à½¼à¼‹à½–ཀོད་དུས་མà½à½´à½“་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: སྡེ་ཚན་à½à½¼à¼‹à½–ཀོད་དུས་མà½à½´à½“་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ à½à¼‹à½•à¾±à½ºà¼‹à½˜à½²à¼‹à½šà½´à½‚སà¼\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་བà½à½¼à½“་གà½à½„་པའི་སà¾à½–ས་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་à½à½¼à¼‹à½–ཀོད་བོà½à½“་གà½à½„་པའི་སà¾à½–ས་ལུ་ འཛོལ་བà¼\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: སྡེ་ཚན་à½à½¼à¼‹à½–ཀོད་གསརཔ་à½à¼‹à½¦à¾à½¼à½„་འབད་བའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %luའདི་ à½à½´à½“་མོང་ཨིནà¼\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་སོར་བའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་རྩ་བསà¾à¾²à½‘་གà½à½„་པའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་à½à½¼à¼‹à½–ཀོད་རྩ་བསà¾à¾²à½‘་གà½à½„་པའི་བསྒང་ལུ་ འཛོལ་བà¼\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: à½à½´à½“་མོང་མ་ཡིན་པའི་ ཇི་ཨའི་ཌི་འà½à½¼à½–་མི་ཚུགསà¼\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr "'%.200s'ནང་ལས་ '%.100s'གུ"
+
+#~ msgid " on '%.100s'"
+#~ msgstr "'%.100s'གུ"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: གྲལ་à½à½²à½‚་ %d: ཡུ་ཨའི་ཌི་ གསར་བསà¾à¾²à½´à½“་འབད་མི་ཚུགསà¼\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: མིང་ %s འདི་ à½à½´à½“་མོང་པ་ཨིནà¼\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་:chgpasswd [གདམ་à½à¼‹à½šà½´à¼‹]\n"
+#~ "གདམ་à½à¼‹à½šà½´à¼‹:\n"
+#~ " -e, --encrypted\t བཀྲམ་སྤེལ་འབད་ཡོད་པའི་ཆོག་ཡིག་ཚུ་ གསང་བ་བཟོ་ཡོདཔà¼\n"
+#~ " -h, --help\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་ མཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འà½à½¼à½“་འབདà¼\n"
+#~ " -m, --md5\t\t བཀྲམ་སྟོན་\n"
+#~ "འབད་ཡོད་པའི་\t\t\t ཆོག་ཡིག་ཚུ་གསང་བཟོས་མེན་པ་ཅིན་ ཌི་ཨི་ཨེསི་གི་ཚབ་ལུ་ ཨེམ་ཌི་ ༥ གསང་ ལག་"
+#~ "ལེན་འà½à½–à¼\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "ཆོག་ཡིག་ཡིག་སྣོད་མེདà¼\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "དགོངསམ་མ་à½à¾²à½ºà½£à¼\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "དགོསངམ་མ་à½à¾²à½ºà½£à¼‹ %s གི་དོན་ལུ་ ཆོག་ཡིག་འདི་ད་རུང་ཡང་སོར་མི་བà½à½´à½–à¼\n"
+
+#~ msgid "Sorry."
+#~ msgstr "དགོངསམ་མ་à½à¾²à½ºà½£à¼"
diff --git a/po/el.po b/po/el.po
new file mode 100644
index 0000000..28e7d07
--- /dev/null
+++ b/po/el.po
@@ -0,0 +1,3743 @@
+# translation of shadow_po_el.po to Greek
+# Shadow Password Suite
+# Greek Translation by Nikos Mavroyanopoulos
+# Thanks to Simos Xenitelis (S.Xenitellis@rhbnc.ac.uk) for his
+# comments about making this translation better.
+# Kostas Papadimas <pkst@gnome.org>, 2005.
+# Konstantinos Margaritis <markos@debian.org>, 2006.
+# Thomas Vasileiou <thomas-v@wildmail.com>, 2012.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow_po_el\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-01-21 00:22+0200\n"
+"Last-Translator: Thomas Vasileiou <thomas-v@wildmail.com>\n"
+"Language-Team: Greek <debian-l10n-greek@lists.debian.org>\n"
+"Language: el\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: KBabel 1.10.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "η μέθοδος κÏυπτογÏάφησης δεν υποστηÏίζεται από το libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "λάθος διαμόÏφωση - δεν μποÏεί να αναλυθεί η τιμή %s : '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Αδυναμία δέσμευσης χώÏου για πληÏοφοÏίες διαμόÏφωσης.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"σφάλμα διαμόÏφωσης - άγνωστο αντικείμενο '%s' (ειδοποιήστε το διαχειÏιστή)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: το nscd δεν τεÏμάτισε κανονικά (σήμα %d)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: το ncsd τεÏμάτισε με κατάσταση εξόδου %d"
+
+msgid "Password: "
+msgstr "Συνθηματικό: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Του %s το Συνθηματικό: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Δεν μποÏÏŽ να δημιουÏγήσω διαχειÏιστή του SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "Η πολιτική του SELinux δεν διαχειÏίζεται\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Αδυναμία ανάγνωσης της αποθηκευμένης πολιτικής του SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Αδυναμία δημιουÏγίας σÏνδεση διαχείÏισης του SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Αδυναμία εκκίνησης συναλλαγής SELinux\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Αδυναμία ανάκτησης του χÏήστη SE για το %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Αδυναμία ÏÏθμισης του πεδίου SE για το %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Αδυναμία ÏÏθμισης του ονόματος SE για το χÏήστη %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Αδυναμία Ï„Ïοποποίησης της χαÏτογÏάφησης σÏνδεσης για το χÏήστη %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Αδυναμία δημιουÏγίας χαÏτογÏάφησης σÏνδεσης SELinux για το χÏήστη %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Αδυναμία ÏÏθμισης του ονόματος χÏήστη %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Αδυναμία ÏÏθμισης του SELinux χÏήστη %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Αδυναμία Ï€Ïοσθήκης χαÏτογÏάφηση σÏνδεσης για το χÏήστη %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Αδυναμία εκκίνησης της διαχείÏισης SELinux\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Αδυναμία δημιουÏγίας ÎºÎ»ÎµÎ¹Î´Î¹Î¿Ï Î³Î¹Î± το χÏήστη SELinux\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Ο SELinux χÏήστης δεν μποÏεί να επαληθευτεί\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Αδυναμία Ï„Ïοποποίησης της χαÏτογÏάφησης χÏήστη SELinux\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Αδυναμία Ï€Ïοσθήκης της χαÏτογÏάφησης χÏήστη SELinux\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Αδυναμία παÏάδοσης της συναλλαγής SELinux\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Δεν έχει οÏιστεί χαÏτογÏάφηση σÏνδεσης για τον χÏήστη %s, είναι ΟΚ εάν "
+"χÏησιμοποιηθεί η Ï€ÏοκαθοÏισμένη χαÏτογÏάφηση\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"Η χαÏτογÏάφηση σÏνδεσης για το χÏήστη %s καθοÏίζεται από το πλαίσιο της "
+"πολιτική και δεν μποÏεί να διαγÏαφεί\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Αδυναμία διαγÏαφής της χαÏτογÏάφησης σÏνδεσης για το χÏήστη %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: δεν υπάÏχει ελεÏθεÏη μνήμη\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: Αδυναμία εκτέλεσης του stat %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: το %s δεν είναι οÏτε κατάλογος οÏτε συμβολικός σÏνδεσμος\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Αδυναμία ανάγνωσης του ÏƒÏ…Î¼Î²Î¿Î»Î¹ÎºÎ¿Ï ÏƒÏ…Î½Î´Î­ÏƒÎ¼Î¿Ï… %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Ύποπτα μεγάλος συμβολικός σÏνδεσμος: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Αδυναμία δημιουÏγίας καταλόγου %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Αδυναμία αλλαγής ιδιοκτήτη του %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Αδυναμία αλλαγής Ï„Ïόπο λειτουÏγίας του %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: αποσÏνδεση: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Αδυναμία διαγÏαφής του καταλόγου %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Αδυναμία μετονομασίας του %s σε %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Αδυναμία διαγÏαφής %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Αδυναμία δημιουÏγίας ÏƒÏ…Î¼Î²Î¿Î»Î¹ÎºÎ¿Ï ÏƒÏ…Î½Î´Î­ÏƒÎ¼Î¿Ï… %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Αδυναμία αλλαγή ιδιοκτητών του %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Αδυναμία εκτέλεσης του lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr ""
+"%s: ΠÏοειδοποίηση, δεν υπάÏχει tcb αÏχείο σκιωδών συνθηματικών για το χÏήστη "
+"%s.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Επείγον: το tcb αÏχείο σκιωδών συνθηματικών του %s δεν φέÏει το σÏνηθες "
+"st_nlink=1.\n"
+"Ο λογαÏιασμός θα παÏαμείνει κλειδωμένος.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Αδυναμία ανοίγματος αÏχείου %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "ΠÏοειδοποίηση: άγνωστη ομάδα %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "ΠÏοειδοποίηση: Πολλές ομάδες\n"
+
+msgid "Your password has expired."
+msgstr "Το συνθηματικό σας έχει λήξει."
+
+msgid "Your password is inactive."
+msgstr "Το συνθηματικό σας είναι ανενεÏγό."
+
+msgid "Your login has expired."
+msgstr "Ο κωδικός εισόδου σας έχει λήξει."
+
+msgid " Contact the system administrator."
+msgstr " Επικοινωνήστε με τον διαχειÏιστή του συστήματος."
+
+msgid " Choose a new password."
+msgstr " Επιλέξτε ένα νέο συνθηματικό."
+
+msgid "You must change your password."
+msgstr "ΠÏέπει να αλλάξετε το συνθηματικό σας."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Το συνθηματικό σας θα λήξει σε %ld μέÏες.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Το συνθηματικό σας θα λήξει αÏÏιο."
+
+msgid "Your password will expire today."
+msgstr "Το συνθηματικό σας θα λήξει σήμεÏα."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Αδυναμία εγκαθίδÏυσης διεπαφής ελέγχου - ματαίωσης.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Αδυναμία αλλαγής ιδιοκτήτη ή Ï„Ïόπο λειτουÏγίας του tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: Αποτυχία ξεκλειδώματος %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "ΥπεÏχείλιση πεÏιβάλλοντος\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Δεν μποÏείτε να αλλάξετε το $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d αποτυχία από την τελευταία είσοδο.\n"
+" Η τελευταία ήταν στις %s στο %s.\n"
+msgstr[1] ""
+"%d αποτυχίες από την τελευταία είσοδο.\n"
+" Η τελευταία ήταν στις %s στο %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Μη έγκυÏη διαμόÏφωση: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Μη έγκυÏη διαμόÏφωση: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: αποτυχία εκχώÏησης μνήμης: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: αδυναμία λήψης Î¼Î¿Î½Î±Î´Î¹ÎºÎ¿Ï GID συστήματος (δεν υπάÏχουν διαθέσιμα GID)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: αδυναμία λήψης Î¼Î¿Î½Î±Î´Î¹ÎºÎ¿Ï GID (δεν υπάÏχουν διαθέσιμα GID)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Μη έγκυÏη διαμόÏφωση: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Μη έγκυÏη διαμόÏφωση: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: αδυναμία λήψης Î¼Î¿Î½Î±Î´Î¹ÎºÎ¿Ï UID συστήματος (δεν υπάÏχουν διαθέσιμα UID)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: αδυναμία λήψης Î¼Î¿Î½Î±Î´Î¹ÎºÎ¿Ï UID (δεν υπάÏχουν διαθέσιμα UID)\n"
+
+msgid "Too many logins.\n"
+msgstr "Πολλές είσοδοι στο σÏστημα.\n"
+
+msgid "You have new mail."
+msgstr "Έχετε νέα γÏάμματα."
+
+msgid "No mail."
+msgstr "Κανένα γÏάμμα."
+
+msgid "You have mail."
+msgstr "Έχετε γÏάμματα."
+
+msgid "no change"
+msgstr "καμιά αλλαγή"
+
+msgid "a palindrome"
+msgstr "μια παλινδÏόμηση"
+
+msgid "case changes only"
+msgstr "αλλαγές κεφαλαίων/πεζών μόνο"
+
+msgid "too similar"
+msgstr "αÏκετά παÏόμοιο"
+
+msgid "too simple"
+msgstr "Ï€Î¿Î»Ï Î±Ï€Î»ÏŒ"
+
+msgid "rotated"
+msgstr "κυλιόμενο"
+
+msgid "too short"
+msgstr "Ï€Î¿Î»Ï ÏƒÏντομο"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Κακό συνθηματικό: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "συνθηματικό: pam_start() απέτυχε, σφάλμα %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "συνθηματικό: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: Το συνθηματικό παÏέμεινε όπως είχε\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: το συνθηματικό ενημεÏώθηκε επιτυχώς\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Εσφαλμένο συνθηματικό για %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: πολλαπλές επιλογές --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: η επιλογή '%s' απαιτεί μία τιμή\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: αποτυχία απόÏÏιψης Ï€Ïονομίων (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: διαδÏομή chroot μη έγκυÏη '%s'\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: αδυναμία Ï€Ïοσπέλαση του καταλόγου chroot %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: αδυναμία Ï€Ïοσπέλαση του καταλόγου chroot %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr ""
+"%s: αδυναμία αλλαγής του Ï†Î±Î¹Î½Î¿Î¼ÎµÎ½Î¹ÎºÎ¿Ï Î³Î¿Î½Î¹ÎºÎ¿Ï ÎºÎ±Ï„Î±Î»ÏŒÎ³Î¿Ï… (chroot) %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Μη έγκυÏη τιμή για το ENCRYPT_METHOD: '%s'.\n"
+"Επιλέγεται η Ï€ÏοκαθοÏισμένη DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Αδυναμία αλλαγής καταλόγου στον '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "ΧωÏίς κατάλογο, εισαγωγή με ΜΗΤΡΙΚΟ_ΚΑΤΑΛΟΓΟ=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Αδυναμία εκτέλεσης %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Μη έγκυÏος Ï€ÏωταÏχικός κατάλογος '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Αδυναμία αλλαγής του Ï€ÏωταÏÏ‡Î¹ÎºÎ¿Ï ÎºÎ±Ï„Î±Î»ÏŒÎ³Î¿Ï… σε '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Δεν είναι δυνατόν να καθοÏιστεί το όνομα tty."
+
+msgid "No"
+msgstr "Όχι"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ΧÏήση: %s [επιλογές] ΟÎΟΜΑ\n"
+"\n"
+"Επιλογές:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday ΤΕΛΕΤΑΙΑ_ΗΜΕΡΑ καθοÏίζει την ημέÏα της τελευταίας "
+"αλλαγής ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÎµ ΤΕΛΕΤΑΙΑ_ΗΜΕΡΑ\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate ΗΜΕΡΟΜΗÎΙΑ_ΛΗΞΗΣ καθοÏίζει την ημεÏομηνία λήξης του "
+"λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï ÏƒÎµ ΗΜΕΡΟΜΗÎΙΑ_ΛΗΞΗΣ\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+" -h, --help Ï€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματος βοήθειας και "
+"έξοδος\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive ΜΗ_ΕÎΕΡΓΟ καθοÏίζει το συνθηματικό μετά την λήξη\n"
+" σε ΜΗ_ΕÎΕΡΓΟ\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+" -l, --list Ï€Ïοβολή πληÏοφοÏιών ηλικίας λογαÏιασμών\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays ΕΛΑΧ_ΗΜΕΡΕΣ καθοÏίζει ελάχιστο αÏιθμό ημεÏών Ï€Ïιν το "
+"συνθηματικό\n"
+" αλλάξει σε ΕΛΑΧ_ΗΜΕΡΕΣ\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays ΜΕΓ_ΗΜΕΡΕΣ καθοÏίζει μέγιστο αÏιθμό ημεÏών Ï€Ïιν το "
+"συνθηματικό\n"
+" αλλάξει σε ΜΕΓ_ΗΜΕΡΕΣ\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+" -R, --root ΚΑΤΑΛΟΓΟΣ_CHROOT κατάλογος στον οποίο να εφαÏμοστεί "
+"chroot\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays ΠΡΟΕΙΔ_ΗΜΕΡΕΣ καθοÏίζει τις ημέÏες Ï€Ïοειδοποίησης Ï€Ïιν "
+"τη λήξη σε ΠΡΟΕΙΔ_ΗΜΕΡΕΣ\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Εισάγετε την νέα τιμή, ή πιέστε ENTER για την Ï€ÏοκαθοÏισμένη"
+
+msgid "Minimum Password Age"
+msgstr "ΜικÏότεÏη διάÏκεια συνθηματικοÏ"
+
+msgid "Maximum Password Age"
+msgstr "Μέγιστη διάÏκεια συνθηματικοÏ"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Τελευταία αλλαγή ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï (ΧΧΧΧ-ΜΜ-ΗΗ)"
+
+msgid "Password Expiration Warning"
+msgstr "ΠÏοειδοποίηση λήξης συνθηματικοÏ"
+
+msgid "Password Inactive"
+msgstr "ΑνενεÏγό συνθηματικό"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "ΗμεÏομηνία Λήξης ΛογαÏÎ¹Î±ÏƒÎ¼Î¿Ï (ΧΧΧΧ-ΜΜ-ΗΗ)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Τελευταία αλλαγή ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï \t\t\t\t\t: "
+
+msgid "never"
+msgstr "Ποτέ"
+
+msgid "password must be changed"
+msgstr "το συνθηματικό Ï€Ïέπει να αλλαχθεί"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Το συνθηματικό λήγει\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "ΑνενεÏγό συνθηματικό\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Ο λογαÏιασμός λήγει\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Ελάχιστος αÏιθμός ημεÏών Î¼ÎµÏ„Î±Î¾Ï Ï„Ï‰Î½ αλλαγών συνθηματικοÏ\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Μέγιστος αÏιθμός ημεÏών Î¼ÎµÏ„Î±Î¾Ï Ï„Ï‰Î½ αλλαγών συνθηματικοÏ\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "ΑÏιθμός ημεÏών Ï€Ïιν τη λήξη του συνθηματικοÏ\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: Μη έγκυÏη ημεÏομηνία '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: Μη έγκυÏη αÏιθμητική παÏάμετÏος '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: Îα μην συμπεÏιλαμβάνετε το \"l\" με τις άλλες ενδείξεις\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: άδεια αποÏÏίφθηκε\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Δεν είναι δυνατόν να καθοÏιστεί το όνομα χÏήστη σας.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: αδυναμία κλειδώματος %s. Δοκιμάστε αÏγότεÏα.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: αδυναμία ανοίγματος του %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: σφάλμα κατά την εγγÏαφή των αλλαγών στο %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: αποτυχία Ï€Ïοετοιμασίας της νέας εγγÏαφής %s '%s'\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: Το αÏχείο σκιωδών συνθηματικών δεν υπάÏχει\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: Ο χÏήστης '%s' δεν υπάÏχει στο %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Αλλαγή πληÏοφοÏιών χÏόνου για τον %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: Σφάλμα κατά την αλλαγή πεδίων\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ΧÏήση: %s [επιλογές] [ΟÎΟΜΑ]\n"
+"\n"
+"Επιλογές:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+" -f, --full-name ΠΛΗΡΕΣ_ΟÎΟΜΑ αλλαγή του πλήÏες ονόματος του χÏήστη\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+" -h, --home-phone ΤΗΛ_ΟΙΚΕΙΑΣ αλλαγή του τηλεφώνου οικείας του χÏήστη\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+" -o, --other ΑΛΛΕΣ_ΠΛΗΡ αλλαγή των υπόλοιπων πληÏοφοÏιών GECOS του "
+"χÏήστη\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+" -r, --room ΑΡΙΘΜΟΣ_ΔΩΜ αλλαγή του αÏÎ¹Î¸Î¼Î¿Ï Î´Ï‰Î¼Î±Ï„Î¯Î¿Ï… του χÏήστη\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+" -u, --help Ï€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματός βοήθειας και "
+"έξοδος\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+" -w, --work-phone ΤΗΛ_ΕΡΓΑΣΙΑΣ αλλαγή του τηλεφώνου εÏγασίας του χÏήστη\n"
+
+msgid "Full Name"
+msgstr "ΠλήÏες όνομα"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "ΑÏιθμός δωματίου"
+
+msgid "Work Phone"
+msgstr "Τηλέφωνο ΕÏγασίας"
+
+msgid "Home Phone"
+msgstr "Τηλέφωνο Οικίας"
+
+msgid "Other"
+msgstr "Άλλο"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Αδυναμία αλλαγής ταυτότητας χÏήστη σε root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: όνομα με χαÏακτήÏες μη-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: Μη έγκυÏο όνομα: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: αÏιθμός δωματίου με χαÏακτήÏες μη-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: Μη έγκυÏος αÏιθμός δωματίου: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: Μη έγκυÏο τηλέφωνο εÏγασίας: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: Μη έγκυÏο τηλέφωνο οικίας: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' πεÏιέχει μη-ASCII χαÏακτήÏες\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' πεÏιέχει μη έγκυÏους χαÏακτήÏες\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: Ο χÏήστης '%s' δεν υπάÏχει\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: αδυναμία αλλαγής χÏήστη '%s' στον εξυπηÏετητή NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' είναι ο κÏÏιος διακομιστής NIS γι'αυτόν τον εξυπηÏετοÏμενο.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Αλλαγή πληÏοφοÏιών χÏήστη για τον %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: Î Î¿Î»Ï Î¼Î±ÎºÏιά πεδία\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ΧÏήση: %s [επιλογές]\n"
+"\n"
+"Επιλογές:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method ΜΕΘΟΔΟΣ μέθοδος κÏυπτογÏάφησης (μία από %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+" -e, --encrypted τα παÏεχόμενα συνθηματικά είναι "
+"κÏυπτογÏαφημένα\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 κÏυπτογÏάφηση το κειμένου του συνθηματικοÏ\n"
+" με χÏήση του αλγόÏιθμου MD5\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds αÏιθμός κÏκλων SHA για τους \n"
+" αλγόÏιθμους κÏυπτογÏάφησης SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: η σημαία %s επιτÏέπεται μόνο με τη σημαία %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: οι σημαίες -c, -e, και -m είναι αποκλειστικές\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: η μέθοδος κÏυπτογÏάφησης δεν υποστηÏίζεται: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: γÏαμμή %d: Ï€Î¿Î»Ï Î¼ÎµÎ³Î¬Î»Î· γÏαμμή\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: γÏαμμή %d: έλλειψη νέου συνθηματικοÏ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Αποτυχία εγγÏαφής %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: γÏαμμή %d: η ομάδα '%s' δεν υπάÏχει\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: γÏαμμή %d: αδυναμία Ï€Ïοετοιμασίας της νέας εισόδου %s '%s'\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: ΑνιχνεÏτηκε σφάλμα, οι αλλαγές αγνοήθηκαν\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (γÏαμμή %d, χÏήστης %s) το συνθηματικό δεν άλλαξε\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: γÏαμμή %d: ο χÏήστης '%s' δεν υπάÏχει\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell ΦΛΟΙΟΣ νέος φλοιός εισόδου για λογαÏιασμό του "
+"χÏήστη\n"
+
+msgid "Login Shell"
+msgstr "Κέλυφος Εισόδου"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Δεν μποÏείτε να αλλάξετε το φλοιό για το(ν) '%s'.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Αλλαγή του Ï†Î»Î¿Î¹Î¿Ï Î³Î¹Î± τον %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Μη έγκυÏη καταχώÏηση: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: ο %s δεν είναι έγκυÏος φλοιός.\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: ΠÏοειδοποίηση: ο χÏήστης %s δεν υπάÏχει\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: ΠÏοειδοποίηση: το %s δεν είναι εκτελέσιμο\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check έλεγχος για τη λήξη του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Ï„Î¿Ï… "
+"χÏήστη\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force εξαναγκασμένη αλλαγή συνθηματικοÏ, εάν το "
+"συνθηματικό\n"
+" του χÏήστη έχει λήξει\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: συγκÏουόμενες επιλογές %s και %s\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: μη έγκυÏη παÏάμετÏος: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all Ï€Ïοβολή των εγγÏαφών του faillog για όλους "
+"τους χÏήστες\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs ΔΕΥΤ κλείδωμα του λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï Î³Î¹Î± ΔΕΥΤ "
+"δευτεÏόλεπτα, μετά από αποτυχημένη είσοδο\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum ΜΕΓ καθοÏισμός του μέγιστου αÏÎ¹Î¸Î¼Î¿Ï Î±Ï€Î¿Ï„Ï…Ï‡Î·Î¼Î­Î½Ï‰Î½ "
+"εισόδων σε ΜΕΓ\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset επαναφοÏά μετÏητή αποτυχημένων εισόδων\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time ΗΜΕΡΕΣ Ï€Ïοβολή των εγγÏαφών του faillog των "
+"τελευταίων ΗΜΕΡΕΣ ημεÏών\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user ΟÎΟΜΑ/ΕΥΡΟΣ Ï€Ïοβολή των εγγÏαφών του faillog ή "
+"διατήÏηση\n"
+" των μετÏητών και των οÏίων (εάν "
+"χÏησιμοποιηθεί με τα -r, -m,\n"
+" ή -l) μόνο για το συγκεκÏιμένο όνομα (ή "
+"ονόματα)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Aδυναμία ανάκτησης της εγγÏαφής UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Login Αποτυχίες Μέγιστο Τελευταία Στις\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus απέμειναν]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds κλείδωμα]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Αποτυχία επαναφοÏάς λανθασμένης μέτÏησης UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Αποτυχία καθοÏÎ¹ÏƒÎ¼Î¿Ï Î¼Î­Î³Î¹ÏƒÏ„Î¿Ï… για το UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Αποτυχία καθοÏÎ¹ÏƒÎ¼Î¿Ï Ï‡Ïόνου κλειδώματος για το UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Άγνωστος χÏήστης ή πεδίο: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Αδυναμία ανάκτησης μεγέθους του %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Αποτυχία εγγÏαφής %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ΧÏήση: %s [επιλογές] ΟΜΑΔΑ\n"
+"\n"
+"Επιλογές:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add ΧΡΗΣΤΗ Ï€Ïοσθήκη ΧΡΗΣΤΗ στην ΟΜΑΔΑ\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete ΧΡΗΣΤΗ διαγÏαφή ΧΡΗΣΤΗ από την ΟΜΑΔΑ\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root ΚΑΤ_CHROOT κατάλογος όπου εκτελείται το chroot\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password διαγÏαφή του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Ï„Î·Ï‚ ΟΜΑΔΑΣ\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict πεÏιοÏισμός Ï€Ïόσβασης στην ΟΜΑΔΑ και τα μέλη "
+"της\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+" -M, --members USER,... καθοÏισμός της λίστας μελών της ΟΜΑΔΑΣ\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ΔΙΑΧΕΙΡ,...\n"
+" καθοÏισμός του διαχειÏιστή της ΟΜΑΔΑΣ\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Εκτός των επιλογών -Α και -Μ, οι υπόλοιπες δεν συνδυάζονται.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Οι επιλογές δεν συνδυάζονται.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: σκιώδη συνθηματικά ομάδων απαιτοÏνται για το -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: Η ομάδα %s δεν υπάÏχει στο %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: αποτυχία κατά το κλείσιμο του αÏχείου μόνο για ανάγνωση %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Αλλαγή του συνθήματος για την ομάδα %s\n"
+
+msgid "New Password: "
+msgstr "Îέο Συνθηματικό: "
+
+msgid "Re-enter new password: "
+msgstr "Εισάγετε ξανά το νέο συνθηματικό: "
+
+msgid "They don't match; try again"
+msgstr "Δεν ταιÏιάζουν. Δοκιμάστε ξανά"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Ξαναδοκιμάστε αÏγότεÏα\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "ΠÏοσθήκη του χÏήστη %s στην ομάδα %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "ΔιαγÏαφή του χÏήστη %s από την ομάδα %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: ο χÏήστης %s δεν είναι μέλος του '%s'\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Δεν είναι tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ΧÏήση: %s [επιλογές] ΟΜΑΔΑ\n"
+"\n"
+"Επιλογές:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force επιτυχής έξοδος εάν υπάÏχει ήδη η ομάδα,\n"
+" και ακÏÏωση της επιλογής -g εάν το GID "
+"χÏησιμοποιείται ήδη\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+" -g, --gid GID χÏήση του GID για την καινοÏÏγια ομάδα\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key ΚΛΕΙΔΙ=ΤΙΜΗ παÏάκαμψη των Ï€Ïοεπιλογών του /etc/login."
+"defs\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique επιτÏέπει τη δημιουÏγία ομάδων με\n"
+" μη μοναδικό GID\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password ΣΥÎΘΗΜΑΤΙΚΟ χÏήση του κÏυπτογÏαφημένου ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï "
+"για τη νέα ομάδα\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system δημιουÏγία λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï ÏƒÏ…ÏƒÏ„Î®Î¼Î±Ï„Î¿Ï‚\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: Το '%s' δεν είναι έγκυÏο όνομα ομάδας\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: Μη έγκυÏο ID ομάδας '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K απαιτεί KEY=VALUE\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: Η ομάδα '%s' υπάÏχει\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: το GID '%lu' υπάÏχει\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Δεν ήταν δυνατή η ÏÏθμιση της υπηÏεσίας εκκαθάÏισης.\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -r, --reset επαναφοÏά μετÏητή αποτυχημένων εισόδων\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: αδυναμία απομάκÏυνσης της εγγÏαφής '%s' από το %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: αδυναμία απομάκÏυνσης της Ï€ÏωταÏχικής ομάδας χÏηστών '%s'\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: Η ομάδα '%s' δεν υπάÏχει\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: Η ομάδα '%s' είναι NIS ομάδα.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: Ο %s είναι ο κÏÏιος διακομιστής NIS\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: Ο χÏήστης '%s' είναι ήδη μέλος του '%s'\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Δεν υπάÏχει ελεÏθεÏη μνήμη. Αδυναμία ενημέÏωσης του %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ΧÏήση: %s [επιλογές] [ενέÏγεια]\n"
+"\n"
+"Επιλογές:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group groupname αλλαγή του ονόματος της ομάδας αντί αλλαγής "
+"της\n"
+" ομάδας του χÏήστη (μόνο ο χÏήστης root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "ΕνέÏγειες:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add username Ï€Ïοσθήκη του ονόματος χÏήστη στα μέλη της "
+"ομάδας\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete username διαγÏαφή ονόματος χÏήστη από τα μέλη της "
+"ομάδας\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge διαγÏαφή όλων των μελών της ομάδας\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list λίστα όλων των μελών της ομάδας\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: το όνομα της ομάδας σας δεν ταιÏιάζει με το όνομα σας\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: μόνο ο root μποÏεί να χÏησιμοποιήσει την επιλογή -g/--group\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID αλλαγή του ID της ομάδας σε GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name ÎΕΑ_ΟΜΑΔΑ αλλαγή του ονόματος σε ÎΕΑ_ΟΜΑΔΑ\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr " -o, --non-unique επιτÏέπει τη χÏήση μη μοναδικών GID\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password ΣΥÎΘΗΜΑΤΙΚΟ αλλαγή του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÎµ "
+"(κÏυπτογÏαφημένο)\n"
+" ΣΥÎΘΗΜΑΤΙΚΟ\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: μη έγκυÏο όνομα ομάδας '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: Η ομάδα %s είναι NIS ομάδα\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: άγνωστος χÏήστης %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ΧÏήση: %s [επιλογές] [ομάδα [gshadow]]\n"
+"\n"
+"Επιλογές:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ΧÏήση: %s [επιλογές] [ομάδα]\n"
+"\n"
+"Επιλογές:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only Ï€Ïοβολή λαθών και Ï€Ïοειδοποιήσεων\n"
+" χωÏίς να γίνεται αλλαγή στα αÏχεία\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort ταξινόμηση εγγÏαφών κατά UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s και -r είναι ασÏμβατα\n"
+
+msgid "invalid group file entry"
+msgstr "Μη έγκυÏη καταχώÏηση στο αÏχείο ομάδων"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "διαγÏαφή γÏαμμής '%s'; "
+
+msgid "duplicate group entry"
+msgstr "αντιγÏαφή καταχώÏησης στο αÏχείο ομάδων"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "Μη έγκυÏο όνομα ομάδας '%s'\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "Μη έγκυÏο ID ομάδας '%lu'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "ομάδα %s: δεν υπάÏχει χÏήστης %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "διαγÏαφή μέλους '%s'; "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "δεν βÏέθηκε καταχώÏηση στο αÏχείο ομάδων %s που να ταιÏιάζει\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "να Ï€Ïοστεθεί η ομάδα '%s' στο %s; "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"η ομάδα %s έχει καταχώÏιση στο %s, αλλά στο πεδίο ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÏ„Î¿ %s δεν "
+"έχει τεθεί 'x'\n"
+
+msgid "invalid shadow group file entry"
+msgstr "Μη έγκυÏη καταχώÏηση στο αÏχείο σκιωδών συνθηματικών ομάδων"
+
+msgid "duplicate shadow group entry"
+msgstr "αντιγÏαφή καταχώÏησης στο αÏχείο σκιωδών συνθηματικών ομάδων"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "σκιώδης ομάδα %s: Δεν υπάÏχει διαχειÏιστής χÏήστης %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "διαγÏαφή διαχειÏÎ¹ÏƒÏ„Î¹ÎºÎ¿Ï Î¼Î­Î»Î¿Ï…Ï‚ '%s'; "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "σκιώδης ομάδα %s: δεν υπάÏχει χÏήστης %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: τα αÏχεία ανανεώθηκαν\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: καμιά αλλαγή\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: αδυναμία διαγÏαφής του %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "ΧÏήση: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "ΧÏήση: id\n"
+
+msgid " groups="
+msgstr " ομάδες="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before ΗΜΕΡΕΣ Ï€Ïοβολή των εγγÏαφών του lastlog που είναι "
+"παλαιότεÏες από ΗΜΕΡΕΣ\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -a, --all Ï€Ïοβολή των εγγÏαφών του faillog για όλους "
+"τους χÏήστες\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -a, --all Ï€Ïοβολή των εγγÏαφών του faillog για όλους "
+"τους χÏήστες\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time ΗΜΕΡΕΣ Ï€Ïοβολή των εγγÏαφών του lastlog των "
+"τελευταίων ΗΜΕΡΕΣ ημεÏών\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user ΟÎΟΜΑ Ï€Ïοβολή των εγγÏαφών του lastlog για το "
+"συγκεκÏιμένο ΟÎΟΜΑ\n"
+
+msgid "Username Port From Latest"
+msgstr "Όνομα_ΧÏήστη ΘÏÏα Από Τελευταία"
+
+msgid "Username Port Latest"
+msgstr "Όνομα_ΧÏήστη ΘÏÏα Τελευταία"
+
+msgid "**Never logged in**"
+msgstr "**Καμιά είσοδος στο σÏστημα**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Aδυναμία ανάκτησης της εγγÏαφής UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: αδυναμία ανανέωσης αÏχείου συνθηματικών\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "ΧÏήση: %s [-p] [όνομα]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h σÏστημα] [-f όνομα]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r σÏστημα\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "σφάλμα διαÏÏÏθμισης - αδυναμία ανάλυσης της τιμής %s: '%d'"
+
+msgid "Invalid login time"
+msgstr "Εσφαλμένη ÏŽÏα εισόδου"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Το σÏστημα έκλεισε για συντήÏηση Ïουτίνας"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[ΠαÏάκαμψη αποσÏνδεσης -- Η είσοδος του root επετÏάπη.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Μάλλον δεν είναι δυνατή η λειτουÏγία χωÏίς ενεÏγό χÏήστη root\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Δεν υπάÏχει καταχώÏιση utmp. ΠÏέπει να εκτελέσετε \"login\" από το \"sh\" "
+"του πιο Ï‡Î±Î¼Î·Î»Î¿Ï ÎµÏ€Î¹Ï€Î­Î´Î¿Ï…"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Η διαδικασία εισόδου τεÏματίστηκε μετά από %u δευτεÏόλεπτα.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: αποτυχία PAM, εγκατάλειψη: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "ΥπεÏέβη ο μέγιστος αÏιθμός Ï€Ïοσπαθειών (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: αίτημα ακÏÏωσης από το PAM\n"
+
+msgid "Login incorrect"
+msgstr "Διαδικασία εισόδου απέτυχε"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Αδυναμία εÏÏεσης χÏήστη (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: αποτυχία διχάλωσης: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "το TIOCSCTTY απέτυχε στο %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"ΠÏοειδοποίηση: Η είσοδος επανενεÏγοποιήθηκε μετά από Ï€ÏοσωÏινό αποκλεισμό."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Τελευταία είσοδος: %s στο %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Τελευταία είσοδος: %.19s στο %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " από %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"υπέÏβαση οÏίου χÏόνου εισόδου\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "ΧÏήση: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "ΧÏήση: newgrp [-] [ομάδα]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "ΧÏήση: sg ομάδα [[-c] εντολή]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Αποτυχία εγγÏαφής %s: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Λάθος συνθηματικό.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: αποτυχία διχάλωσης: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: Ο GID '%lu' δεν υπάÏχει\n"
+
+msgid "too many groups\n"
+msgstr "πάÏα πολλές ομάδες\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system δημιουÏγία λογαÏιασμών συστήματος\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: Η ομάδα '%s' είναι σκιώδης ομάδα, αλλά δεν υπάÏχει στο /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: μη έγκυÏο ID χÏήστη '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: μη έγκυÏο όνομα χÏήστη '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: γÏαμμή %d: μη έγκυÏη γÏαμμή\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: αδυναμία ανανέωσης καταχώÏησης για το χÏήστη %s (δεν βÏέθηκε στη βάση "
+"δεδομένων του passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: γÏαμμή %d: αδυναμία δημιουÏγίας χÏήστη\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: γÏαμμή %d: αδυναμία δημιουÏγίας ομάδας\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: γÏαμμή %d: Ο χÏήστης '%s' δεν υπάÏχει στο %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: γÏαμμή %d: αδυναμία ανανέωση συνθηματικοÏ\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: γÏαμμή %d: αποτυχία δημιουÏγίας καταλόγου %s (mkdir) : %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: γÏαμμή %d: αποτυχία αλλαγής ιδιοκτήτη %s (chown): %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: γÏαμμή %d: αδυναμία ανανέωσης καταχώÏησης\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: αποτυχία Ï€Ïοετοιμασίας της νέας εγγÏαφής %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: αδυναμία δημιουÏγίας του χÏήστη\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: αδυναμία ανανέωσης για το αÏχείο ομάδων\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all Ï€Ïοβολή της κατάστασης των συνθηματικών για "
+"όλους τους λογαÏιασμοÏÏ‚\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+" -d, --delete διαγÏαφή του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î³Î¹Î± τον "
+"ονομαζόμενο λογαÏιασμό\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire εξαναγκασμένη λήξη του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Ï„Î¿Ï… "
+"ονομαζόμενου λογαÏιασμοÏ\n"
+
+#, fuzzy
+#| msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -e, --encrypted τα παÏεχόμενα συνθηματικά είναι "
+"κÏυπτογÏαφημένα\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive ΜΗ_ΕÎΕΡΓΟ καθιστά το συνθηματικό μη ενεÏγό μετά\n"
+" τη λήξη σε ΜΗ_ΕÎΕΡΓΟ\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+" -l, --lock κλείδωμα του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î³Î¹Î± τον "
+"ονομαζόμενο λογαÏιασμό\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays ΕΛΑΧ_ΗΜΕΡΕΣ καθοÏισμός του ελάχιστου αÏÎ¹Î¸Î¼Î¿Ï Î·Î¼ÎµÏών "
+"Ï€Ïιν την\n"
+" αλλαγή του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÎµ ΕΛΑΧ_ΗΜΕΡΕΣ\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet σιωπηλή λειτουÏγία\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+" -r, --repository ΑΠΟΘΗΚΗ αλλαγή του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÏ„Î·Î½ ΑΠΟΘΗΚΗ "
+"(repository)\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status αναφοÏά της κατάστασης του ονομαζόμενου "
+"λογαÏιασμοÏ\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+" -u, --unlock ξεκλείδωμα του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Ï„Î¿Ï… ονομαζόμενου "
+"λογαÏιασμοÏ\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays ΠΡΟΕΙΔ_ΗΜΕΡΕΣ καθοÏισμός των ημεÏών Ï€Ïοειδοποίησης "
+"Ï€Ïιν από τη λήξη σε ΠΡΟΕ_ΗΜΕΡΕΣ\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays ΜΕΓ_ΗΜΕΡΕΣ καθοÏισμός του μέγιστου αÏÎ¹Î¸Î¼Î¿Ï Î·Î¼ÎµÏών "
+"Ï€Ïιν\n"
+" την αλλαγή του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÎµ ΜΕΓ_ΗΜΕΡΕΣ\n"
+
+msgid "Old password: "
+msgstr "Παλιό Συνθηματικό: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Εισάγετε το νέο συνθηματικό (ελάχιστο %d χαÏακτήÏες)\n"
+"ΠαÏακαλώ χÏησιμοποιήστε ένα συνδυασμό από κεφαλαία και μικÏά γÏάμματα\n"
+"καθώς και αÏιθμοÏÏ‚.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Εισάγετε το νέο συνθηματικό (ελάχιστο %d, μέγιστο %d χαÏακτήÏες)\n"
+"ΠαÏακαλώ χÏησιμοποιήστε ένα συνδυασμό από κεφαλαία και μικÏά γÏάμματα\n"
+"καθώς και αÏιθμοÏÏ‚.\n"
+
+msgid "New password: "
+msgstr "Îέο Συνθηματικό: "
+
+msgid "Try again."
+msgstr "Ξαναδοκιμάστε."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"ΠÏοσοχή: αδÏναμο συνθηματικό (εισάγετε το πάλι για να το χÏησιμοποιήσετε)."
+
+msgid "They don't match; try again.\n"
+msgstr "Δεν ταιÏιάζουν. Δοκιμάστε ξανά.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Το συνθηματικό για τον %s δεν μποÏεί να αλλάξει.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Το συνθηματικό για το χÏήστη %s δεν μποÏεί να αλλάξει.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: το ξεκλείδωμα του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î¸Î± οδηγήσει σε λογαÏιασμό χωÏίς "
+"συνθηματικό.\n"
+"ΠÏέπει να καθοÏίσετε ένα συνθηματικό με χÏήση του usermod -p, ώστε να "
+"ξεκλειδώσετε το συνθηματικό για αυτό το λογαÏιασμό.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: η αποθήκη %s δεν υποστηÏίζεται\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+"%s: ο χÏήστης %s δεν είναι εξουσιοδοτημένος να αλλάξει το συνθηματικό του "
+"%s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Δεν μποÏείτε να δείτε αλλάξετε το συνθηματικό του %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Αλλαγή ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î³Î¹Î± τον %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Το συνθηματικό για τον %s δεν άλλαξε.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: το συνθηματικό άλλαξε.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: αλλαγή πληÏοφοÏιών λήξης συνθηματικοÏ.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ΧÏήση: %s [επιλογές] [passwd]\n"
+"\n"
+"Επιλογές:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ΧÏήση: %s [επιλογές] [passwd [shadow]]\n"
+"\n"
+"Επιλογές:\n"
+
+#, fuzzy
+#| msgid " -q, --quiet quiet mode\n"
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet σιωπηλή λειτουÏγία\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: δεν επιτÏέπεται η χÏήση ÎµÎ½Î±Î»Î»Î±ÎºÏ„Î¹ÎºÎ¿Ï Î±Ïχείου σκιωδών συνθηματικών όταν η "
+"επιλογή USE_TCB είναι ενεÏγοποιημένη.\n"
+
+msgid "invalid password file entry"
+msgstr "Μη έγκυÏη καταχώÏηση στο αÏχείο συνθηματικών"
+
+msgid "duplicate password entry"
+msgstr "διπλότυπη καταχώÏιση στο αÏχείο συνθηματικών"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "Μη έγκυÏο όνομα χÏήστη '%s'\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "Μη έγκυÏο ID χÏήστη '%lu'\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "χÏήστης %s: καμιά ομάδα %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "χÏήστης '%s': ο κατάλογος '%s' δεν υπάÏχει\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "χÏήστης '%s': το Ï€ÏόγÏαμμα '%s' δεν υπάÏχει\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "δεν υπάÏχει κατάλογος tcb για το χÏήστη %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "δημιουÏγία καταλόγου tcb για το χÏήστη %s;"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "αδυναμία δημιουÏγίας καταλόγου tcb για το χÏήστη %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: αδυναμία κλειδώματος του αÏχείου %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr ""
+"δεν βÏέθηκε καταχώÏιση στο αÏχείο συνθηματικών που να ταιÏιάζει με το %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "Ï€Ïοσθήκη του χÏήστη '%s' στο %s;"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"ο χÏήστης %s έχει εγγÏαφεί στο %s, αλλά το πεδίο ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÏ„Î¿ %s δεν "
+"έχει την τιμή 'x'\n"
+
+msgid "invalid shadow password file entry"
+msgstr "Μη έγκυÏη καταχώÏιση στο αÏχείο σκιωδών συνθηματικών"
+
+msgid "duplicate shadow password entry"
+msgstr "διπλότυπη καταχώÏιση στο αÏχείο σκιωδών συνθηματικών"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "χÏήστης %s: τελευταία αλλαγή ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÏ„Î¿ μέλλον\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: αδυναμία ταξινόμησης των εγγÏαφών στο %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: δεν μποÏÏŽ να εÏγαστώ με το tcb ενεÏγοποιημένο\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: αδυναμία αλλαγής της κατάστασης από %s σε 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "ΠÏόσβαση στη su σε αυτόν τον λογαÏιασμό ΑΡÎΗΘΗΚΕ.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "ΠαÏάκαμψη εξακÏίβωσης με συνθηματικό.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "ΠαÏακαλώ εισάγετε το ΔΙΚΟ σας συνθηματικό για εξακÏίβωση.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: αδυναμία διχάλωσης του Ï†Î»Î¿Î¹Î¿Ï Ï„Î¿Ï… χÏήστη\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: δυσλειτουÏγία σήματος\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: δυσλειτουÏγία μασκαÏίσμος του σήματος\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "ΣυνεδÏία τεÏματίστηκε, τεÏματισμός φλοιοÏ..."
+
+msgid " ...killed.\n"
+msgstr " ...σκοτώθηκε.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr " ...τεÏματίστηκε.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"ΧÏήση: su [επιλογές] [ΟÎΟΜΑ]\n"
+"\n"
+"Επιλογές:\n"
+" -c, --command ΕÎΤΟΛΗ εκτέλεση της ΕÎΤΟΛΗΣ στο καλοÏμενο κέλυφος\n"
+" -h, --help Ï€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματος βοήθειας και "
+"έξοδος\n"
+" -, -l, --login κάνει το κέλυφος ένα κέλυφος εισόδου\n"
+" -m, -p,\n"
+" --preserve-environment δεν γίνεται αÏχικοποίηση μεταβλητών\n"
+" πεÏιβάλλοντος, και διατηÏεί το ίδιο κέλυφος\n"
+" -s, --shell ΦΛΟΙΟΣ χÏήση ΦΛΟΙΟΣ αντί του Ï€Ïοεπιλεγμένου στο\n"
+" passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Αγνοήθηκε)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Δεν έχετε άδεια για su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Εισάγετε το δικό σας συνθηματικό)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Αποτυχία εξακÏίβωσης\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Δεν έχετε άδεια για su τη δεδομένη στιγμή\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Δεν υπάÏχει καταχώÏηση ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î³Î¹Î± το χÏήστη '%s'\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: Ï€Ïέπει να εκτελεστεί από τεÏματικό\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: σφάλμα %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: αδυναμία απόÏÏιψης τεÏÎ¼Î±Ï„Î¹ÎºÎ¿Ï ÎµÎ»Î­Î³Ï‡Î¿Ï…\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Αδυναμία εκτέλεσης %s\n"
+
+msgid "No password file"
+msgstr "Δεν υπάÏχει αÏχείο συνθηματικών"
+
+msgid "TIOCSCTTY failed"
+msgstr "το TIOCSCTTY απέτυχε"
+
+msgid "No password entry for 'root'"
+msgstr "Δεν υπάÏχει καταχώÏηση ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î³Î¹Î± το χÏήστη 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"ΠληκτÏολογήστε control-d για να συνεχίσετε με την κανονική έναÏξη,\n"
+"(ή δώστε το συνθηματικό του root για συντήÏηση του συστήματος):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "ΈναÏξη Κατάστασης ΣυντήÏησης Συστήματος"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: το %s δημιουÏγήθηκε, αλλά δεν μποÏεί να διαγÏαφεί\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: η %s διαμόÏφωση στο %s θα αγνοηθεί\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: αδυναμία δημιουÏγίας νέου αÏχείου Ï€ÏοκαθοÏισμένων Ïυθμίσεων\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: αδυναμία ανοίγματος νέου αÏχείου Ï€ÏοκαθοÏισμένων Ïυθμίσεων\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: Ï€Î¿Î»Ï Î¼Î±ÎºÏιά γÏαμμή στο %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Αδυναμία δημιουÏγίας ÏƒÏ…Î¼Î²Î¿Î»Î¹ÎºÎ¿Ï ÏƒÏ…Î½Î´Î­ÏƒÎ¼Î¿Ï… %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: μετονομασία: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: Η ομάδα '%s' είναι NIS ομάδα.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: ΠÏοσδιοÏίστηκαν υπεÏβολικές ομάδες (μεγ. %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ΧÏήση: %s [επιλογές] ΟÎΟΜΑ\n"
+" %s -D\n"
+" %s -D [επιλογές]\n"
+"\n"
+"Επιλογές:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir ΒΑΣΙΚΟΣ_ΚΑΤ βασικός κατάλογος για τον αÏχικό κατάλογο "
+"του χÏήστη γιατον\n"
+" καινοÏÏγιο λογαÏιασμό\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment ΣΧΟΛΙΟ πεδίο GECOS του νέου λογαÏιασμοÏ\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+" -d, --home-dir ΑΡΧ_ΚΑΤ αÏχικός κατάλογος χÏήστη για τον νέο "
+"λογαÏιασμό\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults εκτÏπωση ή αλλαγή της Ï€ÏοκαθοÏισμένης "
+"διαμόÏφωσης useradd\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr " -e, --expiredate ΗΜΕΡ_ΛΗΞΗΣ ημεÏομηνία λήξης του νέου λογαÏιασμοÏ\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive ΜΗ_ΕÎΕΡΓΟ πεÏίοδος μη ενεÏγοποίησης του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï "
+"για τον νέο λογαÏιασμό\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid ΟΜΑΔΑ όνομα ή ID για της Ï€ÏωτεÏουσας ομάδας του\n"
+" νέου λογαÏιασμοÏ\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups ΟΜΑΔΕΣ λίστα των συμπληÏωματικών ομάδων του\n"
+" νέου λογαÏιασμοÏ\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+" -k, --skel ΠΡΟΤ_ΚΑΤ χÏήση ÎµÎ½Î±Î»Î»Î±ÎºÏ„Î¹ÎºÎ¿Ï Ï€Ïότυπου καταλόγου\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init μη Ï€Ïοσθήκη του χÏήστη στις βάσης δεδομένων\n"
+" lastlog και faillog\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr " -m, --create-home δημιουÏγία αÏÏ‡Î¹ÎºÎ¿Ï ÎºÎ±Ï„Î±Î»ÏŒÎ³Î¿Ï… χÏήστη\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+" -M, --no-create-home μη δημιουÏγία αÏÏ‡Î¹ÎºÎ¿Ï ÎºÎ±Ï„Î±Î»ÏŒÎ³Î¿Ï… χÏήστη\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group να μην δημιουÏγηθεί ομάδα με το ίδιο όνομα\n"
+" με αυτό του χÏήστη\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique επιτÏέπει τη δημιουÏγία χÏηστών με το ίδιο\n"
+" (μη μοναδικό) UID\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+" -p, --password ΣΥÎΘΗΜΑΤΙΚΟ κÏυπτογÏαφημένο συνθηματικό του νέου "
+"λογαÏιασμοÏ\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell ΦΛΟΙΟΣ φλοιός εισόδου του νέου λογαÏιασμοÏ\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID ID χÏήστη του νέου λογαÏιασμοÏ\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group δημιουÏγεί μία ομάδα με το ίδιο όνομα με "
+"αυτό του χÏήστη\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user ΧΡΗΣΤΗΣ_SE χÏήση συγκεκÏιμένου ΧΡΗΣΤΗΣ_SE για την "
+"χαÏτογÏάφηση χÏήστη SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: Μη έγκυÏος κατάλογος βάσης '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: Μη έγκυÏο σχόλιο '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: Μη έγκυÏος αÏχικός κατάλογος χÏήστη '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: σκιώδη συνθηματικά απαιτοÏνται για το -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: σκιώδη συνθηματικά απαιτοÏνται για -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: Μη έγκυÏο πεδίο '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: Μη έγκυÏος φλοιός '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z απαιτεί πυÏήνα με ενεÏγοποιημένο το SELinux\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: αποτυχία επαναφοÏάς της καταχώÏησης στο faillog του UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: αποτυχία επαναφοÏάς της καταχώÏησης στο lastlog του UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: αποτυχία Ï€Ïοετοιμασίας της νέας εγγÏαφής %s '%s'\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: αδυναμία δημιουÏγίας καταλόγου %s\n"
+
+msgid "Creating mailbox file"
+msgstr "ΔημιουÏγία αÏχείου mailbox"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Δεν βÏέθηκε η ομάδα 'mail'. ΔημιουÏγία αÏχείου mailbox σε κατάσταση 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "ΡÏθμιση αδειών του αÏχείου mailbox"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: Ο χÏήστης '%s' υπάÏχει ήδη\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: ομάδα %s υπάÏχει - αν θέλετε να Ï€Ïοσθέσετε αυτόν το χÏήστη σε αυτή την "
+"ομάδα, χÏησιμοποιήστε -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: αδυναμία δημιουÏγίας του χÏήστη\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: Το UID %lu δεν είναι μοναδικό\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Αδυναμία δημιουÏγίας tcb καταλόγου για το χÏήστη %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: αδυναμία δημιουÏγίας ομάδας\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: αδυναμία δημιουÏγίας του χÏήστη\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: αδυναμία δημιουÏγίας ομάδας\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: Ï€Ïοειδοποίηση: ο αÏχικός κατάλογος χÏήστη υπάÏχει ήδη.\n"
+"Δεν έγινε αντιγÏαφή σε αυτό οποιουδήποτε καταλόγου skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: Ï€Ïοειδοποίηση: απέτυχε η Ï€Ïοσθήκη του χÏήστη %s στην χαÏτογÏάφηση "
+"SELinux %s.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force εξαναγκασμένη απομάκÏυνση αÏχείων,\n"
+" ακόμα και εάν ο χÏήστης δεν είναι ιδιοκτήτης "
+"τους\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove απομάκÏυνση αÏÏ‡Î¹ÎºÎ¿Ï ÎºÎ±Ï„Î±Î»ÏŒÎ³Î¿Ï… χÏήστη και "
+"ουÏάς ταχυδÏομείου\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user απομακÏÏνει κάθε χαÏτογÏάφηση χÏήστη SELinux "
+"για τον χÏήστη\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: η ομάδα %s δεν διαγÏάφηκε γιατί δεν είναι Ï€ÏωταÏχική ομάδα του χÏήστη "
+"%s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: η ομάδα %s δεν αφαιÏέθηκε γιατί πεÏιέχει και άλλα μέλη.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: η ομάδα %s είναι Ï€ÏωταÏχική ομάδα για άλλο χÏήστη και δεν διαγÏάφηκε.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: αδυναμία απομάκÏυνσης της εγγÏαφής '%s' από το %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s η ουÏά του ταχυδÏομείου (%s) δεν βÏέθηκε\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: Ï€Ïοειδοποίηση: αδυναμία διαγÏαφής %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: Το %s δεν ανήκει στον %s, δεν αφαιÏείται\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: Αδυναμία εκχώÏησης μνήμης, η εγγÏαφή tcb για τον χÏήστη %s δεν έχει "
+"διαγÏαφεί.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Αδυναμία απόÏÏιψης Ï€Ïονομίων: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Αδυναμία διαγÏαφής των πεÏιεχομένων του %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Αδυναμία διαγÏαφής των αÏχείων tcb για το χÏήστη %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: Ο χÏήστης %s είναι NIS χÏήστης\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s ο αÏχικός κατάλογος χÏήστη (%s) δεν βÏέθηκε\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: Δεν διαγÏάφεται ο κατάλογος %s (θα αφαιÏοÏσε τον αÏχικό κατάλογο του "
+"χÏήστη %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: Σφάλμα κατά την διαγÏαφή του καταλόγου %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: Ï€Ïοειδοποίηση: η απομάκÏυνση του ονόματος χÏήστη %s από την χαÏτογÏάφηση "
+"χÏηστών του SELinux απέτυχε.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment ΣΧΟΛΙΟ νέα τιμή του πεδίου GECOS\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home ΑΡΧ_ΚΑΤ νέος αÏχικός κατάλογος χÏήστη για τον "
+"λογαÏιασμό\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate ΗΜΕΡ_ΛΗΞΗΣ καθοÏισμός της ημεÏομηνίας λήξης του "
+"λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï ÏƒÎµ ΗΜΕΡ_ΛΗΞΗΣ\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive ΜΗ_ΕÎΕΡΓΟ καθοÏισμός ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î¼ÎµÏ„Î¬ τη λήξη\n"
+" σε ΜΗ_ΕÎΕΡΓΟ\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid ΟΜΑΔΑ εξαναγκασμός χÏήσης της ΟΜΑΔΑ ως κÏÏια "
+"ομάδα\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+" -G, --groups ΟΜΑΔΕΣ νέα λίστα με τις συμπληÏωματικές ΟΜΑΔΕΣ\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append Ï€Ïοσθήκη του χÏήστη στις συμπληÏωματικές "
+"ΟΜΑΔΕΣ\n"
+" που Ï€ÏοσδιοÏίζονται από την επιλογή -G, \n"
+" χωÏίς να διαγÏάφεται από τις άλλες ομάδες\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login ÎΕΟ_ΟÎΟΜΑ νέο όνομα χÏήστη\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock κλείδωμα του λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï Ï„Î¿Ï… χÏήστη\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home μετακίνηση των πεÏιεχομένων του αÏÏ‡Î¹ÎºÎ¿Ï "
+"καταλόγου του χÏήστη\n"
+" σε νέα τοποθεσία (χÏήση μόνο με την επιλογή -"
+"d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr " -o, --non-unique επιτÏέπει τη χÏήση μη Î¼Î¿Î½Î±Î´Î¹ÎºÎ¿Ï UID\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password ΣΥÎΘΗΜΑΤΙΚΟ χÏήση κÏυπτογÏαφημένου ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Ï‰Ï‚ "
+"νέο συνθηματικό\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID νέο UID για το λογαÏιασμό του χÏήστη\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+" -U, --unlock ξεκλείδωμα του λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï Ï„Î¿Ï… χÏήστη\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user ΧΡΗΣΤΗΣ_SE νέα χαÏτογÏάφηση χÏήστη SELinux για το "
+"λογαÏιασμό του χÏήστη\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: το ξεκλείδωμα του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Ï„Î¿Ï… χÏήστη θα οδηγοÏσε σε λογαÏιασμό "
+"χωÏίς συνθηματικό.\n"
+"ΠÏέπει να εισάγετε ένα συνθηματικό με χÏήση του usermod -p ώστε να "
+"ξεκλειδώσετε το συνθηματικό του συγκεκÏιμένου χÏήστη.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: Ο χÏήστης %s υπάÏχει ήδη στο %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: Μη έγκυÏη ημεÏομηνία '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: Μη έγκυÏη ημεÏομηνία '%s'\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: χωÏίς επιλογές\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: οι σημαίες -L, -p, και -U είναι αποκλειστικές\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: σκιώδη συνθηματικά απαιτοÏνται για το -e και -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: το UID '%lu' υπάÏχει ήδη\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+"%s: ο χÏήστης %s δεν είναι εξουσιοδοτημένος να αλλάξει το συνθηματικό του "
+"%s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: ο κατάλογος %s υπάÏχει\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Ο Ï€ÏοηγοÏμενος αÏχικός κατάλογος (%s) δεν είναι κατάλογος. Δεν "
+"διαγÏάφηκε οÏτε νέοι αÏχικοί κατάλογοι δημιουÏγήθηκαν.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Αδυναμία αλλαγής ιδιοκτήτη του αÏÏ‡Î¹ÎºÎ¿Ï ÎºÎ±Ï„Î±Î»ÏŒÎ³Î¿Ï… του χÏήστη"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: Ï€Ïοειδοποίηση: αποτυχία ολοκληÏωτικής απομάκÏυνσης του Ï€Î±Î»Î¹Î¿Ï Î±ÏÏ‡Î¹ÎºÎ¿Ï "
+"καταλόγου %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: αδυναμία μετονομασίας του καταλόγου %s σε %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: αποτυχία αντιγÏαφής της εγγÏαφής του lastlog από το χÏήστη %lu στο "
+"χÏήστη %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: αποτυχία αντιγÏαφής της εγγÏαφής του faillog από το χÏήστη %lu στο "
+"χÏήστη %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: Ï€Ïοειδοποίηση: Το %s δεν ανήκει στον %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "αποτυχία αλλαγής του ιδιοκτήτη του γÏαμματοκιβωτίου"
+
+msgid "failed to rename mailbox"
+msgstr "αποτυχία μετονομασίας γÏαμματοκιβωτίου"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: αποτυχία Ï€Ïοετοιμασίας της νέας εγγÏαφής %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: αποτυχία Ï€Ïοετοιμασίας της νέας εγγÏαφής %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: αποτυχία Ï€Ïοετοιμασίας της νέας εγγÏαφής %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: αποτυχία Ï€Ïοετοιμασίας της νέας εγγÏαφής %s '%s'\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Έχετε αλλάξει το %s.\n"
+"Ίσως χÏειάζεται να αλλάξετε το %s για λόγους συνέπειας.\n"
+"Για να το επιτÏχετε, χÏησιμοποιήστε την εντολή '%s'.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group επεξεÏγασία βάσης δεδομένων ομάδων\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd επεξεÏγασία βάσης δεδομένων κωδικών\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+" -s, --shadow επεξεÏγασία βάσης δεδομένων shadow ή "
+"gshadow\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+" -u, --user επιλογή χÏήστη, του οποίου το αÏχείο σκιωδών "
+"συνθηματικών tcb θα επεξεÏγαστεί\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: αποτυχία απομάκÏυνσης του %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: Το %s δεν άλλαξε\n"
+
+msgid "failed to create scratch directory"
+msgstr "αποτυχία δημιουÏγίας Ï€ÏοσωÏÎ¹Î½Î¿Ï ÎºÎ±Ï„Î±Î»ÏŒÎ³Î¿Ï…"
+
+msgid "failed to drop privileges"
+msgstr "αποτυχία απόÏÏιψης Ï€Ïονομίων"
+
+msgid "Couldn't get file context"
+msgstr "Αδυναμία ανάκτησης πεÏιεχομένων αÏχείου"
+
+msgid "setfscreatecon () failed"
+msgstr "αποτυχία του setfscreatecon ()"
+
+msgid "failed to gain privileges"
+msgstr "αποτυχία απόκτησης Ï€Ïονομίων"
+
+msgid "Couldn't lock file"
+msgstr "Αδυναμία ξεκλειδώματος αÏχείου"
+
+msgid "Couldn't make backup"
+msgstr "Αδυναμία δημιουÏγίας αντιγÏάφου ασφαλείας "
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: το ncsd τεÏμάτισε με κατάσταση εξόδου %d"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "αποτυχία ανοίγματος Ï€ÏοσωÏÎ¹Î½Î¿Ï Î±Ïχείου"
+
+msgid "failed to unlink scratch file"
+msgstr "αποτυχία αποσÏνδεσης του Ï€ÏοσωÏÎ¹Î½Î¿Ï Î±Ïχείου"
+
+msgid "failed to stat edited file"
+msgstr "αποτυχία εκτέλεσης της εφαÏμογής stat για το επεξεÏγασμένο αÏχείο"
+
+msgid "failed to allocate memory"
+msgstr "αποτυχία κατανομής μνήμης"
+
+msgid "failed to create backup file"
+msgstr "αποτυχία δημιουÏγίας αντίγÏαφου ασφαλείας"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: αδυναμία επαναφοÏάς %s: %s (οι αλλαγές είναι στο %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: αποτυχία εÏÏεσης καταλόγου tcb %s\n"
+
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "ΧÏήση: %s [είσοδος]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "Η κλήση malloc(%d) απέτυχε\n"
+
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ΧÏήση: change [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY ÏÏθμιση τελευταίας αλλαγής ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï "
+#~ "σε\n"
+#~ " LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE ÏÏθμιση ημεÏομηνίας λήξης λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï ÏƒÎµ\n"
+#~ " EXPIRE_DATE\n"
+#~ " -h, --help Ï€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματος βοήθειας και\n"
+#~ " έξοδος\n"
+#~ " -I, --inactive INACTIVE ÏÏθμιση ανενεÏÎ³Î¿Ï ÎºÏ‰Î´Î¹ÎºÎ¿Ï Î¼ÎµÏ„Î¬ από τη "
+#~ "λήξη\n"
+#~ " του σε INACTIVE\n"
+#~ " -l, --list Ï€Ïοβολή πληÏοφοÏιών ηλικίας λογαÏιασμοÏ\n"
+#~ " -m, --mindays MIN_DAYS ÏÏθμιση ελάχιστου αÏÎ¹Î¸Î¼Î¿Ï Î·Î¼ÎµÏών Ï€Ïιν "
+#~ "την\n"
+#~ " αλλαγή ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÎµ MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS ÏÏθμιση μέγιστου αÏÎ¹Î¸Î¼Î¿Ï Î·Î¼ÎµÏών Ï€Ïιν την\n"
+#~ " αλλαγή ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÎµ MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS ÏÏθμιση Ï€Ïοειδοποιήσεων ημεÏών λήξης σε\n"
+#~ " WARN_DAYS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: Αποτυχία εξακÏίβωσης PAM\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "ΧÏήση: %s [-f πλήÏες_όνομα] [-r αÏίθμ_δωματίου] [-w τηλ_εÏγασίας]\n"
+#~ "\t[-h τηλ_οικίας] [-o άλλο] [χÏήστης]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "ΧÏήση: %s [-f πλήÏες_όνομα] [-r αÏιθμ_δωματίου] [-w τηλ_δωματίου]\n"
+#~ "[-h τηλ_οικίας]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ΧÏήση: chpasswd [options]\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ " -e, --encrypted τα παÏεχόμενα συνθηματικά είναι\n"
+#~ " κÏυπτογÏαφημένα\n"
+#~ " -h, --help Ï€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματος βοήθειας και\n"
+#~ " έξοδος\n"
+#~ " -m, --md5 χÏήση κÏυπτογÏάφησης MD5 αντί για DES "
+#~ "όταν\n"
+#~ " τα παÏεχόμενα συνθηματικά δεν είναι\n"
+#~ " κÏυπτογÏαφημένα\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "ΧÏήση: expiry {-f|-c}\n"
+
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: αδυναμία ανοίγματος αÏχείου %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "ΧÏήση: groupdel ομάδα\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "ΧÏήση: %s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "ΧÏήση: %s [-r] [-s] [group]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s και -r είναι ασÏμβατα\n"
+
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "ΧÏήση: groupdel ομάδα\n"
+
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "ΧÏήση: groupdel ομάδα\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ΧÏήση: lastlog [options]\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ " -b, --before DAYS εκτÏπωση μόνο των τελευταίων εγγÏαφών\n"
+#~ " lastlog παλαιότεÏων από DAYS\n"
+#~ " -h, --help Ï€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματος βοήθειας και\n"
+#~ " έξοδος\n"
+#~ " -t, --time DAYS εκτÏπωση μόνο των τελευταίων εγγÏαφών\n"
+#~ " lastlog πιο Ï€Ïόσφατων από από DAYS\n"
+#~ " -u, --user LOGIN εκτÏπωση τελευταίας εγγÏαφής lastlog για\n"
+#~ " χÏήστη με καθοÏισμένο LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ΧÏήση: passwd [options] [login]\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ " -a, --all αναφοÏά κατάστασης συνθηματικών για "
+#~ "όλους\n"
+#~ " τους λογαÏιασμοÏÏ‚\n"
+#~ " -d, --delete διαγÏαφή ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î³Î¹Î± το "
+#~ "συγκεκÏιμένο\n"
+#~ " λογαÏιασμό\n"
+#~ " -e, --expire εξαναγκασμός λήξης του ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î³Î¹Î± "
+#~ "το\n"
+#~ " συγκεκÏιμένο λογαÏιασμό\n"
+#~ " -h, --help Ï€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματος βοήθειας και\n"
+#~ " έξοδος\n"
+#~ " -k, --keep-tokens αλλαγή ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î¼ÏŒÎ½Î¿ αν αυτό έχει "
+#~ "λήξει\n"
+#~ " -i, --inactive INACTIVE ÏÏθμιση ανενεÏÎ³Î¿Ï ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î¼ÎµÏ„Î¬ τη "
+#~ "λήξη\n"
+#~ " του σε ΑÎΕÎΕΡΓΟ\n"
+#~ " -l, --lock κλείδωμα του συγκεκÏιμένου λογαÏιασμοÏ\n"
+#~ " -n, --mindays MIN_DAYS ÏÏθμιση ελάχιστου αÏÎ¹Î¸Î¼Î¿Ï Î·Î¼ÎµÏών Ï€Ïιν "
+#~ "την\n"
+#~ " αλλαγή ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÎµ MIN_DAYS\n"
+#~ " -q, --quiet σιωπηÏή λειτουÏγία\n"
+#~ " -r, --repository REPOSITORY αλλαγή ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÏ„Î¿ REPOSITORY\n"
+#~ " repository\n"
+#~ " -S, --status αναφοÏά κατάστασης ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î³Î¹Î± το\n"
+#~ " συγκεκÏιμένο λογαÏιασμό\n"
+#~ " -u, --unlock ξεκλείδωμα του συγκεκÏιμένου λογαÏιασμοÏ\n"
+#~ " -w, --warndays WARN_DAYS ÏÏθμιση ημεÏών Ï€Ïοειδοποίησης λήξης σε\n"
+#~ " WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS ÏÏθμιση μέγιστου αÏÎ¹Î¸Î¼Î¿Ï Î·Î¼ÎµÏών Ï€Ïιν την\n"
+#~ " αλλαγή ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï ÏƒÎµ MAX_DAYS\n"
+#~ "\n"
+
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "ΧÏήση: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "ΧÏήση: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "ΧÏήση: id\n"
+
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "ΧÏήση: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Άγνωστη ταυτότητα: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Δεν υπάÏχει φλοιός\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: Ο χÏήστης %s βÏίσκεται στο σÏστημα\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ΧÏήση: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ " -a, --append GROUP Ï€Ïοσθήκη του χÏήστη σε συμπληÏωματική "
+#~ "ΟΜΑΔΑ\n"
+#~ " -c, --comment COMMENT νέα τιμή του πεδίου GECOS\n"
+#~ " -d, --home HOME_DIR νλεος κατάλογος εισόδου για το νέο\n"
+#~ " λογαÏιασμό χÏήστη\n"
+#~ " -e, --expiredate EXPIRE_DATE ÏÏθμιση ημεÏομηνίας λήξης λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï ÏƒÎµ\n"
+#~ " EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE ÏÏθμιση ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Ï‰Ï‚ ανενεÏÎ³Î¿Ï Î¼ÎµÏ„Î¬ "
+#~ "από\n"
+#~ " τη λήξη του σε ΑÎΕÎΕΡΓΟ\n"
+#~ " -g, --gid GROUP εξαναγκασμός χÏήσης ΟΜΑΔΑΣ ως τη νέα "
+#~ "αÏχική\n"
+#~ " ομάδα εισόδου\n"
+#~ " -G, --groups GROUPS λίστα των συμπληÏωματικών ΟΜΑΔΩÎ\n"
+#~ " -h, --help Ï€Ïοβολή του μηνÏματος βοήθειας και "
+#~ "έξοδος\n"
+#~ " -l, --login LOGIN νέα τιμή του ονόματος εισόδου\n"
+#~ " -L, --lock κλείδωμα του λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï Ï‡Ïήστη\n"
+#~ " -m, --move-home μετακινεί τα πεÏιεχόμενα του αÏχικοÏ\n"
+#~ " καταλόγου στη νέατοποθεσία (χÏήση μόνο με "
+#~ "-d)\n"
+#~ " -o, --non-unique επιτÏέπει τη χÏήση διπλότυπου (μη "
+#~ "μοναδικοÏ) UID\n"
+#~ " -p, --password PASSWORD χÏήση κÏυπτογÏαφημένου ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î³Î¹Î± "
+#~ "το\n"
+#~ " νέο συνθηματικό\n"
+#~ " -s, --shell SHELL νέο κέλυφος εισόδου για το λογαÏιασμό "
+#~ "χÏήστη\n"
+#~ " -u, --uid UID νέο UID για το λογαÏιασμό χÏήστη\n"
+#~ " -U, --unlock ξεκλείδωμα του λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï Ï‡Ïήστη\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: Δεν δόθηκαν ενδείξεις\n"
+
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ΧÏήση: vipw [options]\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ " -g, --group επεξεÏγασία βάσης δεδομένων ομάδας\n"
+#~ " -h, --help Ï€Ïοβολή κειμένου βοήθειας και έξοδος\n"
+#~ " -p, --passwd επεξεÏγασία βάσης δεδομένων κωδικών\n"
+#~ " -q, --quiet σιωπηλή λειτουÏγία\n"
+#~ " -s, --shadow επεξεÏγασία βάσης δεδομένων shadow ή "
+#~ "gshadow\n"
+#~ "\n"
+
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "ΧÏήση: %s [είσοδος]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: αδυναμία δημιουÏγίας του %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: Αδυναμία αλλαγής ιδιοκτήτη(chown) του %s\n"
+
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all Ï€Ïοβολή καταγÏαφής faillog για όλους "
+#~ "τους\n"
+#~ " χÏήστες\n"
+#~ " -h, --help Ï€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματος βοήθειας και\n"
+#~ " έξοδος\n"
+#~ " -l, --lock-time SEC μετά από αποτυχημένη είσοδο κλείδωμα\n"
+#~ " λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï Î³Î¹Î± SEC δευτεÏόλεπτα\n"
+#~ " -m, --maximum MAX ÏÏθμιση μέγιστου αÏÎ¹Î¸Î¼Î¿Ï ÎºÎ±Ï„Î±Î¼Î­Ï„Ïησης\n"
+#~ " αποτυχημένων Ï€Ïοσπαθειών εισόδου σε MAX\n"
+#~ " -r, --reset αÏχικοποίηση της καταμέτÏησης "
+#~ "αποτυχημένων\n"
+#~ " Ï€Ïοσπαθειών εισόδου\n"
+#~ " -t, --time DAYS Ï€Ïοβολή εγγÏαφών faillog πιο Ï€Ïόσφατων "
+#~ "από DAYS\n"
+#~ " -u, --user LOGIN Ï€Ïοβάλλει τις εγγÏαφές faillog ή\n"
+#~ " διαχειÏίζεται τα ÏŒÏια καταμέτÏησης\n"
+#~ " αποτυχημένων εισόδων (αν χÏησιμοποιηθεί\n"
+#~ " με τις επιλογές -r, -m ή -l) μόνο\n"
+#~ " για το χÏήστη με LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ΧÏήση: groupadd [options] group\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ " -f, --force εξαναγκασμός εξόδου με κατάσταση "
+#~ "επιτυχίας\n"
+#~ " αν η καθοÏισμένη ομάδα υπάÏχει ήδη\n"
+#~ " -g, --gid GID χÏήση GID για τη νέα ομάδα\n"
+#~ " -h, --help Ï€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματος βοήθειας και\n"
+#~ " έξοδος\n"
+#~ " -K, --key KEY=VALUE παÏάκαμψη Ï€Ïοεπιλογών /etc/login.defs\n"
+#~ " -o, --non-unique επιτÏέπει τη δημιουÏγία ομάδας με "
+#~ "διπλότυπο\n"
+#~ " (μη-μοναδικό) GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ΧÏήση: groupadd [options] group\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ " -f, --force εξαναγκασμός εξόδου με κατάσταση "
+#~ "επιτυχίας\n"
+#~ " αν η καθοÏισμένη ομάδα υπάÏχει ήδη\n"
+#~ " -g, --gid GID χÏήση GID για τη νέα ομάδα\n"
+#~ " -h, --help Ï€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματος βοήθειας και\n"
+#~ " έξοδος\n"
+#~ " -K, --key KEY=VALUE παÏάκαμψη Ï€Ïοεπιλογών /etc/login.defs\n"
+#~ " -o, --non-unique επιτÏέπει τη δημιουÏγία ομάδας με "
+#~ "διπλότυπο\n"
+#~ " (μη-μοναδικό) GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ΧÏήση: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ " -b, --base-dir BASE_DIR ο βασικός κατάλογος για τον αÏχικό "
+#~ "κατάλογο\n"
+#~ " λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï Î½Î­Î¿Ï… χÏήστη\n"
+#~ " -c, --comment COMMENT ÏÏθμιση του πεδίου GECOS για το "
+#~ "λογαÏιασμό\n"
+#~ " νέου χÏήστη\n"
+#~ " -d, --home-dir HOME_DIR ο αÏχικός κατάλογος για το λογαÏιασμό "
+#~ "νέου\n"
+#~ " χÏήστη\n"
+#~ " -D, --defaults εκτÏπωση ή αποθήκευση Ï„Ïοποποιημένης\n"
+#~ " Ï€Ïοεπιλεγμένης ÏÏθμισης tÏ€Ïοσθήκης "
+#~ "χÏήστη\n"
+#~ " -e, --expiredate EXPIRE_DATE ÏÏθμιση ημεÏομηνίας λήξης λογαÏÎ¹Î±ÏƒÎ¼Î¿Ï ÏƒÎµ\n"
+#~ " EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE ÏÏθμιση ανενεÏÎ³Î¿Ï ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î¼ÎµÏ„Î¬ τη "
+#~ "λήξη\n"
+#~ " σε ΑÎΕÎΕΡΓΟ\n"
+#~ " -g, --gid GROUP εξαναγκασμός χÏήσης GROUP για το νέο\n"
+#~ " λογαÏιασμό χÏήστη\n"
+#~ " -G, --groups GROUPS Ï€Ïοβολή λίστας συμπληÏωματικών ομάδων "
+#~ "για\n"
+#~ " το νέο λογαÏιασμό χÏήστη\n"
+#~ " -h, --help Ï€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματος βοήθειας και\n"
+#~ " έξοδος\n"
+#~ " -k, --skel SKEL_DIR καθοÏισμός ενός ÎµÎ½Î±Î»Î»Î±ÎºÏ„Î¹ÎºÎ¿Ï ÎºÎ±Ï„Î¬Î»Î¿Î³Î¿Ï… "
+#~ "skel\n"
+#~ " -K, --key KEY=VALUE παÏάκαμψη Ï€Ïοεπιλογών /etc/login.defs\n"
+#~ " -m, --create-home δημιουÏγία αÏÏ‡Î¹ÎºÎ¿Ï ÎºÎ±Ï„Î±Î»ÏŒÎ³Î¿Ï… για το νέο\n"
+#~ " λογαÏιασμό χÏήστη\n"
+#~ " -o, --non-unique επιτÏέπει τη δημιουÏγία χÏήστη με "
+#~ "διπλότυπο\n"
+#~ " (μη μοναδικό) UID\n"
+#~ " -p, --password PASSWORD χÏήση κÏυπτογÏαφημένου ÎºÏ‰Î´Î¹ÎºÎ¿Ï Î³Î¹Î± το "
+#~ "νέο\n"
+#~ " λογαÏιασμό χÏήστη\n"
+#~ " -s, --shell SHELL το κέλυφος σÏνδεσης για το νέο "
+#~ "λογαÏιασμό\n"
+#~ " χÏήστη\n"
+#~ " -u, --uid UID εξαναγκασμός χÏήσης του UID για το νέο\n"
+#~ " λογαÏιασμό χÏήστη\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Το συνθηματικό έχει Ïυθμιστεί να λήξει."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του αÏχείου συνθηματικών\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του αÏχείου συνθηματικών\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: αδυναμία επανεγγÏαφής αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: αδυναμία επανεγγÏαφής αÏχείου συνθηματικών\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: αδυναμία ανανέωσης του αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tΠλήÏες Όνομα: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tΑÏιθμός δωματίου: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tΤηλέφωνο ΕÏγασίας: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tΤηλέφωνο Οικίας: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "Αδυναμία κλειδώματος του αÏχείου συνθηματικών. Δοκιμάστε αÏγότεÏα.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Αδυναμία ανοίγματος του αÏχείου συνθηματικών.\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s: Ο %s δεν βÏέθηκε στο /etc/passwd\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Σφάλμα κατά την ανανέωση καταχώÏησης στο αÏχείο συνθηματικών.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Αδυναμία εισαγωγής των αλλαγών στο αÏχείο συνθηματικών.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Αδυναμία ξεκλειδώματος του αÏχείου συνθηματικών\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του αÏχείου ομάδων\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του αÏχείου ομάδων\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του αÏχείου σκιωδών συνθηματικών\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την ανανέωση καταχωÏήσεων στο αÏχείο σκιωδών "
+#~ "συνθηματικών\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: Σφάλμα κατά την ανανέωση καταχώÏισης ομάδας\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: γÏαμμή %d: άγνωστος χÏήστης %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: γÏαμμή %d: αδυναμία ανανέωσης καταχώÏησης\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την ανανέωση καταχωÏήσεων στο αÏχείο σκιωδών "
+#~ "συνθηματικών\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: Σφάλμα κατά την ανανέωση καταχωÏήσεων στο αÏχείο συνθηματικών\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: γÏαμμή %d: άγνωστος χÏήστης %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: γÏαμμή %d: αδυναμία ανανέωσης καταχώÏησης συνθηματικοÏ\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: άγνωστος χÏήστης\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Άγνωστος χÏήστης: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "ΧÏήση: %s [-r|-R] ομάδα\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a χÏήστης] ομάδα\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d χÏήστης] ομάδα\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A χÏήστης,...] [-M χÏήστης,...] ομάδα\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M χÏήστης,...] ομάδα\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: Αδυναμία δημιουÏγίας κλειδώματος\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr ""
+#~ "%s: Αδυναμία δημιουÏγίας κλειδώματος του αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του αÏχείου\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: αδυναμία επανεγγÏαφής αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: αδυναμία ξεκλειδώματος αÏχείου\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: αδυναμία ανανέωσης καταχώÏησης\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr ""
+#~ "%s: αδυναμία ανανέωσης καταχώÏησης στο αÏχείο σκιωδών συνθηματικών\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "άγνωστη ομάδα: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του αÏχείου\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Ποιος είσαι;\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: άγνωστο μέλος %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: Σφάλμα κατά την Ï€Ïοσθήκη νέας καταχώÏησης στο αÏχείο ομάδων\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: αδυναμία επανεγγÏαφής του αÏχείου ομάδων\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: αδυναμία επανεγγÏαφής του αÏχείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: Αδυναμία κλειδώματος του αÏχείου ομάδων\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: Αδυναμία ανοίγματος του αÏχείου ομάδων\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: Αδυναμία κλειδώματος του αÏχείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: Αδυναμία ανοίγματος του αÏχείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: Το GID %u δεν είναι μοναδικό\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: Σφάλμα κατά την διαγÏαφή καταχώÏησης ομάδας\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την αφαίÏεση καταχώÏησης στο αÏχείο σκιωδών συνθηματικών "
+#~ "ομάδων\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: αδυναμία αφαίÏεσης της Ï€ÏωταÏχικής ομάδας του χÏήστη.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: Αποτυχία εξακÏίβωσης PAM\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: Αδυναμία κλειδώματος του αÏχείου ομάδων\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος αÏχείου ομάδων\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: Ο %s δεν βÏέθηκε στο /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: Το %u δεν είναι μοναδικό GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: Το %s δεν είναι μοναδικό όνομα\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: αδυναμία επανεγγÏαφής του αÏχείου συνθηματικών\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: Αδυναμία κλειδώματος του αÏχείου συνθηματικών\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: Αδυναμία ανοίγματος του αÏχείου συνθηματικών\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr ""
+#~ "%s: αδυναμία ανανέωσης καταχώÏησης στο αÏχείο σκιωδών συνθηματικών για "
+#~ "τον %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: αδυναμία ανανέωσης καταχώÏησης για την ομάδα %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του αÏχείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του αÏχείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr ""
+#~ "%s: αδυναμία αφαίÏεσης της ομάδας %s, από το αÏχείο σκιωδών "
+#~ "συνθηματικών\n"
+#~ "ομάδων\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: αδυναμία ανανέωσης του αÏχείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr ""
+#~ "%s: Δεν είναι δυνατόν να διαγÏαφεί το αÏχείο σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "άγνωστο UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "άγνωστο GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: Η ομάδα %s δεν υπάÏχει\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: Ο χÏήστης %s δεν υπάÏχει\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: Μη έγκυÏο όνομα χÏήστη `%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: αδυναμία ανοίγματος των αÏχείων\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: Σφάλμα κατά την ενημέÏωση αÏχείων\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: αδυναμία ανανέωσης καταχώÏησης ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î³Î¹Î± τον %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του αÏχείου συνθηματικών\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του αÏχείου συνθηματικών\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr ""
+#~ "%s: αδυναμία απομάκÏυνσης καταχώÏησης σκιώδους ÏƒÏ…Î½Î¸Î·Î¼Î±Ï„Î¹ÎºÎ¿Ï Î³Î¹Î± τον %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: αδυναμία ανανέωσης αÏχείου συνθηματικών\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: αδυναμία ανανέωσης καταχώÏησης για τον χÏήστη %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: Δεν είναι δυνατόν να διαγÏαφεί το αÏχείο σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: άγνωστο GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: άγνωστη ομάδα %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: στο update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: αδυναμία επανεγγÏαφής του αÏχείου συνθηματικών\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: αδυναμία επανεγγÏαφής του αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος αÏχείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: Σφάλμα κατά το κλείδωμα του αÏχείου ομάδων\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: Σφάλμα κατά το άνοιγμα του αÏχείου ομάδων\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά το κλείδωμα του αÏχείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά το άνοιγμα του αÏχείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την Ï€Ïοσθήκη νέας καταχώÏησης στο αÏχείο συνθηματικών\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την Ï€Ïοσθήκη νέας καταχώÏησης στο αÏχείο σκιωδών "
+#~ "συνθηματικών\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: Ï€Ïοειδοποίηση: το CREATE_HOME δεν υποστηÏίζεται, παÏακαλώ "
+#~ "χÏησιμοποιήστε το -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: Σφάλμα κατά την ανανέωση καταχώÏισης ομάδας\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: Σφάλμα κατά την ανανέωση καταχώÏισης ομάδας\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος αÏχείου ομάδων\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος αÏχείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: Σφάλμα κατά την διαγÏαφή καταχώÏησης στο αÏχείο συνθηματικών\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την διαγÏαφή καταχώÏησης στο αÏχείο σκιωδών συνθηματικών\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: Σφάλμα κατά την Ï€Ïοσθήκη νέας καταχώÏησης στο αÏχείο ομάδων\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: Το uid %lu δεν είναι μοναδικό\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: Σφάλμα κατά την αλλαγή καταχώÏησης συνθηματικοÏ\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: Σφάλμα κατά την αφαίÏεση καταχώÏησης στο αÏχείο συνθηματικών\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την αφαίÏεση καταχώÏησης στο αÏχείο σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: αδυναμία λήψης Î¼Î¿Î½Î±Î´Î¹ÎºÎ¿Ï GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " στο `%.100s' από `%.200s'"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr " στο `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: γÏαμμή %d: αδυναμία δημιουÏγίας UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: Το όνομα %s δεν είναι μοναδικό\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ΧÏήση: chpasswd [επιλογές]\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ " -e, --encrypted\tτα παÏεχόμενα συνθηματικά είναι κÏυπτογÏαφημένα\n"
+#~ " -h, --help\t\tÏ€Ïοβολή Î±Ï…Ï„Î¿Ï Ï„Î¿Ï… μηνÏματος βοήθειας και έξοδος\n"
+#~ " -m, --md5\t\tχÏήση κÏυπτογÏάφησης MD5 αντί για DES όταν τα παÏεχόμενα\n"
+#~ "\t\t\tσυνθηματικά δεν είναι κÏυπτογÏαφημένα\n"
+#~ "\n"
+
+#~ msgid "No password.\n"
+#~ msgstr "Δεν υπάÏχει συνθηματικό\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Λυπάμαι.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Συγνώμη, το συνθηματικό για τον %s δεν μποÏεί να αλλάξει ακόμη.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Λυπάμαι."
diff --git a/po/es.po b/po/es.po
new file mode 100644
index 0000000..42ef765
--- /dev/null
+++ b/po/es.po
@@ -0,0 +1,3750 @@
+# shadow po translation to Spanish
+# Copyright (C) 2004, 2011 Free Software Foundation, Inc.
+# This file is distributed under the same license as the shadow package.
+#
+# Changes:
+# - Initial translation
+# Rubén Porras Campo <nahoo@inicia.es>, 2004
+#
+# - Updates
+# Ricardo Mones <ricardo.mones@hispalinux.es>, 2004
+# Francisco Javier Cuadrado <fcocuadrado@gmail.com>, 2011
+#
+# Traductores, si no conocen el formato PO, merece la pena leer la
+# documentación de gettext, especialmente las secciones dedicadas a este
+# formato, por ejemplo ejecutando:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+#
+# Equipo de traducción al español, por favor lean antes de traducir
+# los siguientes documentos:
+#
+# - El proyecto de traducción de Debian al español
+# http://www.debian.org/intl/spanish/
+# especialmente las notas y normas de traducción en
+# http://www.debian.org/intl/spanish/notas
+#
+# - La guía de traducción de po's de debconf:
+# /usr/share/doc/po-debconf/README-trans
+# o http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.4.2\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2011-11-23 23:56+0100\n"
+"Last-Translator: Francisco Javier Cuadrado <fcocuadrado@gmail.com>\n"
+"Language-Team: Debian l10n Spanish <debian-l10n-spanish@lists.debian.org>\n"
+"Language: es\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Hay varias entradas con el nombre «%s» en %s. Por favor, corríjalo "
+"utilizando pwck o grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "¿libcrypt no permite utilizar el método de cifrado? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "error de configuración, no se pudo procesar el valor %s: «%s»"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "No se pudo reservar espacio para la información de configuración.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"error de configuración, elemento «%s» desconocido (informe al "
+"administrador)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Contraseña: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Contraseña de %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "No se pudo reservar espacio para la información de configuración.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Cambiando la información de la edad para %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: no se pudo determinar su nombre de usuario.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: línea %d: no se puede encontrar el usuario %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: sin memoria\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: no se pudo realizar «stat» a %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s no es ni un directorio ni un enlace simbólico.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: no se pudo leer el enlace simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: enlace simbólico sospechosamente largo: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: no se pudo crear el directorio %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: no se pudo cambiar el dueño de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: no se pudo cambiar el modo de %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: unlink: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: no se pudo eliminar el directorio %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: no se pudo renombrar %s a %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: no se pudo eliminar %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s no se pudo crear el enlace simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: no se pudieron cambiar los dueños de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: no se pudo realizar «lstat» a %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: aviso, el usuario %s no tiene un fichero «tcb shadow».\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: emergencia: el tcb oculto de %s no es un fichero normal con st_nlink=1.\n"
+"La cuenta se queda bloqueada.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: no se pudo abrir %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Aviso: grupo %s desconocido\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Aviso: demasiados grupos\n"
+
+msgid "Your password has expired."
+msgstr "Su contraseña ha caducado."
+
+msgid "Your password is inactive."
+msgstr "Su contraseña está inactiva."
+
+msgid "Your login has expired."
+msgstr "Su acceso ha caducado."
+
+msgid " Contact the system administrator."
+msgstr " Contacte con el administrador."
+
+msgid " Choose a new password."
+msgstr " Elija una contraseña nueva."
+
+msgid "You must change your password."
+msgstr "Debe cambiar su contraseña."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Su contraseña caducará en %ld días.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Su contraseña caducará mañana."
+
+msgid "Your password will expire today."
+msgstr "Su contraseña caducará hoy."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "No se pudo abrir la interfaz de auditoría, abortando.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+"No se pudo cambiar el dueño o el modo de la tty de la entrada estándar "
+"(stdin): %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: se produjo un fallo al desbloquear %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Desbordamiento de entorno\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "No debe cambiar $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d fallo desde el último acceso.\n"
+"El último fue %s en %s.\n"
+msgstr[1] ""
+"%d fallos desde el último acceso.\n"
+"El último fue %s en %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: configuración incorrecta: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: configuración incorrecta: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: se produjo un fallo al reservar memoria: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: no se pudo obtener un GID único del sistema (no hay más GID "
+"disponibles)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: no se pudo obtener un GID único (no hay más GID disponibles)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: configuración incorrecta: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: configuración incorrecta: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: no se pudo obtener un UID único del sistema (no hay más UID "
+"disponibles)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: no se pudo obtener un UID único (no hay más UID disponibles)\n"
+
+msgid "Too many logins.\n"
+msgstr "Demasiados accesos.\n"
+
+msgid "You have new mail."
+msgstr "Tiene correo nuevo."
+
+msgid "No mail."
+msgstr "Sin correo."
+
+msgid "You have mail."
+msgstr "Tiene correo."
+
+msgid "no change"
+msgstr "sin cambios"
+
+msgid "a palindrome"
+msgstr "un palíndromo"
+
+msgid "case changes only"
+msgstr "sólo cambios de mayúsculas/minúsculas"
+
+msgid "too similar"
+msgstr "demasiado similar"
+
+msgid "too simple"
+msgstr "demasiado simple"
+
+msgid "rotated"
+msgstr "rotada"
+
+msgid "too short"
+msgstr "demasiado corta"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Contraseña incorrecta: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() falló, error %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: no se ha cambiado la contraseña\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: contraseña actualizada correctamente\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Contraseña incorrecta para %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: se produjo un fallo al desprenderse de los privilegios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: teléfono de casa incorrecto: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: no se pudo crear el directorio %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: no se pudo crear el directorio %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to create tcb directory for %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: se produjo un fallo al crear el directorio tcb para %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"El valor de ENCRYPT_METHOD no es válido: «%s».\n"
+"Se usará DES, el valor predeterminado.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Incapaz de cambiar el directorio a «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Sin directorio, accediendo con HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "No se puede ejecutar %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Directorio raíz «%s» incorrecto\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "No se pudo cambiar el directorio raíz a «%s»\n"
+
+msgid "Unable to determine your tty name."
+msgstr "No se pudo determinar el nombre de su tty."
+
+msgid "No"
+msgstr "No"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] USUARIO\n"
+"\n"
+"Opciones:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday ÚLTIMO_DÃA establece el día del último cambio de la\n"
+" contraseña a ÚLTIMO_DÃA\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate FECHA_CAD establece la fecha de caducidad a FECHA_CAD\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+" -h, --help muestra este mensaje de ayuda y termina\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INACTIVA deshabilita la cuenta después de INACTIVA\n"
+" días de la fecha de caducidad\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+" -l, --list muestra la información de la edad de la "
+"cuenta\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays DÃAS_MIN establece el número mínimo de días antes de\n"
+" cambiar la contraseña a DÃAS_MIN\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays DÃAS_MAX establece el número máximo de días antes de\n"
+" cambiar la contraseña a DÃAS_MAX\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays DÃAS_AVISO establece los días de aviso de expiración a\n"
+" DÃAS_AVISO\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Introduzca el nuevo valor, o pulse INTRO para usar el valor predeterminado"
+
+msgid "Minimum Password Age"
+msgstr "Duración mínima de la contraseña"
+
+msgid "Maximum Password Age"
+msgstr "Duración máxima de la contraseña"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Último cambio de contraseña (AAAA-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Aviso de caducidad de la contraseña"
+
+msgid "Password Inactive"
+msgstr "Contraseña inactiva"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Fecha de caducidad de la cuenta (AAAA-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Último cambio de contraseña\t\t\t\t\t:"
+
+msgid "never"
+msgstr "nunca"
+
+msgid "password must be changed"
+msgstr "se debe cambiar la contraseña"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "La contraseña caduca\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Contraseña inactiva\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "La cuenta caduca\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Número de días mínimo entre cambio de contraseña\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Número de días máximo entre cambio de contraseña\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Número de días de aviso antes de que caduque la contraseña\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: fecha «%s» incorrecta\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argumento numérico incorrecto «%s»\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: no incluya «l» junto a otras opciones\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: permiso denegado.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: no se pudo determinar su nombre de usuario.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: no se pudo bloquear %s, inténtelo de nuevo.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: no se pudo abrir %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: se produjo un fallo al escribir los cambios a %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: el fichero de contraseñas ocultas no está presente\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: el usuario «%s» no existe en %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Cambiando la información de la edad para %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: error cambiando los campos\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [USUARIO]\n"
+"\n"
+"Opciones:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+" -u, --help muestra este mensaje de ayuda y termina\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nombre completo"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Número de habitación"
+
+msgid "Work Phone"
+msgstr "Teléfono del trabajo"
+
+msgid "Home Phone"
+msgstr "Teléfono de casa"
+
+msgid "Other"
+msgstr "Otro"
+
+msgid "Cannot change ID to root.\n"
+msgstr ""
+"No se puede cambiar el identificador al usuario del administrador («root»).\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: el nombre contiene caracteres ilegales (no ASCII): «%s»\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nombre incorrecto: «%s»\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: la habitación contiene caracteres ilegales (no ASCII): «%s»\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: nombre de habitación incorrecto: «%s»\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: teléfono del trabajo incorrecto: «%s»\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: teléfono de casa incorrecto: «%s»\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: «%s» contiene caracteres ilegales (que no son ASCII)\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: «%s» contiene caracteres ilegales\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: el usuario «%s» no existe\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: no se pudo cambiar el usuario «%s» en el cliente NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» es el NIS maestro para este cliente.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Cambiando la información de usuario para %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: campos demasiado largos\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones]\n"
+"\n"
+"Opciones:\n"
+
+#, fuzzy, c-format
+#| msgid " -c, --crypt-method <METHOD> the crypt method (one of %s)\n"
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method <MÉTODO> el método de cifrado (uno de %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+" -e, --encrypted se cifran las contraseñas proporcionadas\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 cifra la contraseña en claro utilizando\n"
+" el algoritmo MD5\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds número de rondas SHA para los algoritmos\n"
+" de cifrado SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: la opción %s sólo está permitida junto a la opción %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: las opciones -c, -e y -m son exclusivas\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: método de cifrado no compatible: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: línea %d: línea demasiado larga\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: línea %d: falta la nueva contraseña\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: se produjo un fallo al eliminar %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: línea %d: el grupo «%s» no existe\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+"%s: línea %d: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: error detectado, cambios ignorados\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (línea %d, usuario %s) la contraseña no ha cambiado\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: línea %d: el usuario «%s» no existe\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell CONSOLA nueva consola de acceso para la cuenta del\n"
+" usuario\n"
+
+msgid "Login Shell"
+msgstr "Consola de acceso"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "No debería cambiar la consola para «%s».\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Cambiando la consola de acceso para %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: entrada incorrecta: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s es una consola incorrecta.\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: aviso: %s no existe\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: aviso: %s no es un ejecutable\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: las opciones %s y %s están en conflicto\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: argumento inesperado: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all muestra los registros de faillog para\n"
+" todos los usuarios\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs SEG después de fallar al acceder la cuenta se\n"
+" bloqueará después de SEG segundos\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAX establece el máximo número de accesos "
+"fallidos\n"
+" a MAX\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset reinicia el contador de accesos fallidos\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DÃAS muestra los registros de faillog más "
+"recientes\n"
+" que DÃAS\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user USUARIO/RANGO muestra los registros de faillog o mantiene\n"
+" los contadores y límites de fallos (si se\n"
+" utiliza con -r, -m o -l) sólo para el "
+"USUARIO\n"
+" indicado\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Se produjo un fallo al conseguir la entrada para el UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Usuario Fallos Máximo Último Activo\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [faltan %lus]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr "[bloqueados %lds]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+"%s: se produjo un fallo al reiniciar el contador de fallos para el UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: se produjo un fallo al establecer max para el UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr ""
+"%s: se produjo un fallo al establecer el tiempo de bloqueo para el UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: usuario o rango desconocido: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: no se pudo conseguir el tamaño de %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: se produjo un fallo al eliminar %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] GRUPO\n"
+"\n"
+"Opciones:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add USUARIO añade USUARIO al GRUPO\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete USUARIO elimina USUARIO del GRUPO\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password elimina la contraseña de GRUPO\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict restringe el acceso a GRUPO a sus miembros\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+" -M, --members USUARIO,... establece la lista de miembros de GRUPO\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" establece la lista de administradores de "
+"GRUPO\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Excepto las opciones -A y -M, las opciones no se pueden combinar.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Las opciones no se pueden combinar.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: se requieren contraseñas de los grupos de shadow para -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: el grupo «%s» no existe en %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: se produjo un fallo al cerrar el %s de sólo lectura\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Cambiando la contraseña para el grupo %s\n"
+
+msgid "New Password: "
+msgstr "Nueva contraseña: "
+
+msgid "Re-enter new password: "
+msgstr "Vuelva a introducir la nueva contraseña: "
+
+msgid "They don't match; try again"
+msgstr "No concuerdan, inténtelo de nuevo"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: inténtelo más tarde\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Añadiendo al usuario %s al grupo %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Eliminando al usuario %s del grupo %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: el usuario «%s» no es miembro de «%s»\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: No es una tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] GRUPO\n"
+"\n"
+"Opciones:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force termina si el grupo ya existe, y cancela -g\n"
+" si el GID ya se está en uso\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID utiliza GID para el nuevo grupo\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key CLAVE=VALOR sobrescribe los valores predeterminados de\n"
+" «/etc/login.defs»\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique permite crear grupos con GID (no únicos)\n"
+" duplicados\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password CONTRASEÑA utiliza esta contraseña cifrada para el "
+"nuevo\n"
+" grupo\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system crea una cuenta del sistema\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: «%s» no es un nombre de grupo válido\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: identificador de grupo «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K requiere CLAVE=VALOR\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: el grupo «%s» ya existe\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: el GID «%lu» ya existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: no se pudo determinar su nombre de usuario.\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -r, --reset reinicia el contador de accesos fallidos\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: no se pudo eliminar la entrada «%s» de %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: no se pudo eliminar el grupo primario del usuario «%s»\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: el grupo «%s» no existe\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: el grupo «%s» es un grupo NIS\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s es el NIS maestro\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: el usuario «%s» ya es un miembro de «%s»\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: sin memoria. No se pudo actualizar %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [acción]\n"
+"\n"
+"Opciones:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group GRUPO cambia el nombre del grupo en lugar del "
+"grupo\n"
+" del usuario (sólo lo puede hacer el\n"
+" administrador)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Acciones:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add USUARIO añade USUARIO a los miembros del grupo\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete USUARIO elimina USUARIO de la lista de miembros del\n"
+" grupo\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge purga todos los miembros del grupo\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list lista los miembros del grupo\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: su nombre de grupo no coincide con su nombre de usuario\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: sólo el administrador puede utilizar la opción -g/--group\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+" -g, --gid GID cambia el identificador del grupo a GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name GRUPO_NUEVO cambia el nombre a GRUPO_NUEVO\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique permite utilizar un GID duplicado (no "
+"único)\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password CONTRASEÑA cambia la contraseña a CONTRASEÑA (cifrada)\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: nombre del grupo «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: el grupo %s es un grupo NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: usuario desconocido %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [grupo [gshadow]]\n"
+"\n"
+"Opciones:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [group]\n"
+"\n"
+"Opciones:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s y -r son incompatibles\n"
+
+msgid "invalid group file entry"
+msgstr "entrada del fichero de grupos incorrecta"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "¿desea eliminar la línea «%s»? "
+
+msgid "duplicate group entry"
+msgstr "entrada de grupo duplicada"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nombre de grupo «%s» incorrecto\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "identificador de grupo «%lu» incorrecto\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupo %s: no existe el usuario %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "¿desea eliminar el miembro «%s»? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "no hay entradas coincidentes en el fichero de grupos en «%s»\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "¿desea añadir el grupo «%s» en %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"el grupo %s tiene una entrada en %s, pero su campo de contraseña en %s no "
+"está establecido a «x»\n"
+
+msgid "invalid shadow group file entry"
+msgstr "entrada del fichero shadow de grupos incorrecta"
+
+msgid "duplicate shadow group entry"
+msgstr "entrada del fichero shadow de grupos duplicada"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grupo de shadow %s: no existe el usuario administrativo %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "¿desea eliminar el miembro administrativo «%s»? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupo de shadow %s: no existe el usuario %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: los ficheros se han actualizado\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: sin cambios\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: no se pudo borrar %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Modo de uso: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Modo de uso: id\n"
+
+msgid " groups="
+msgstr "grupos="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before DÃAS muestra los registros de «lastlog» "
+"anteriores\n"
+" a DÃAS\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -a, --all muestra los registros de faillog para\n"
+" todos los usuarios\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -a, --all muestra los registros de faillog para\n"
+" todos los usuarios\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DÃAS muestra sólo los registros de «lastlog» más\n"
+" recientes que DÃAS\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user USUARIO muestra el registro de «lastlog» del "
+"USUARIO\n"
+
+msgid "Username Port From Latest"
+msgstr "Nombre Puerto De Último"
+
+msgid "Username Port Latest"
+msgstr "Nombre Puerto Último"
+
+msgid "**Never logged in**"
+msgstr "**Nunca ha accedido**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Se produjo un fallo al conseguir la entrada para el UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: no puedo actualizar el fichero de contraseñas\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Modo de uso: %s [-p] [nombre]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h máquina] [-f nombre]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r máquina\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "error de configuración, no se pudo procesar el valor %s: «%d»"
+
+msgid "Invalid login time"
+msgstr "Tiempo de acceso incorrecto"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema cerrado por mantenimiento rutinario"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Desconexión evitada -- acceso del administrador («root») permitido.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: posiblemente no se puede trabajar sin el administrador\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr "Sin entrada utmp. Debe ejecutar «login» desde el nivel «sh» más bajo"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"El acceso caducó después de %u segundos.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: fallo de PAM, abortando: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s nombre: "
+
+msgid "login: "
+msgstr "nombre: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Número de intentos máximo excedido (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: petición abortada por PAM\n"
+
+msgid "Login incorrect"
+msgstr "Identificación incorrecta"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: línea %d: no se puede encontrar el usuario %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s nombre: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: se produjo un fallo en la llamada a fork: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSTTY falló en %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Aviso: acceso restablecido después de un cierre temporal."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Último acceso: %s en %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Último acceso: %.19s en %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " desde %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"tiempo de acceso excedido\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Modo de uso: logout\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Modo de uso: newgrp [-] [grupo]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Modo de uso: sg grupo [[-c] orden]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: se produjo un fallo al eliminar %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Contraseña incorrecta.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: se produjo un fallo al realizar el «fork»: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: el GID «%lu» no existe\n"
+
+msgid "too many groups\n"
+msgstr "demasiados grupos\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system crea cuentas del sistema\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: el grupo «%s» es un grupo oculto, pero no existe en «/etc/group»\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: identificador de usuario «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nombre de usuario «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: línea %d: línea incorrecta\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: no se pudo actualizar la entrada del usuario %s (no está en la base de "
+"datos de passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: línea %d: no se pudo crear el usuario\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: línea %d: no se pudo crear el grupo\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: línea %d: el usuario «%s» no existe en %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: línea %d: no se puede actualizar la contraseña\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: línea %d: mkdir %s falló: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: línea %d: chown %s falló: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: línea %d: no se puede actualizar la entrada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: no se pudo crear el usuario\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: no se puede actualizar el fichero de grupo\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all informa del estado de las contraseñas de\n"
+" todas las cuentas\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+" -d, --delete borra la contraseña para la cuenta indicada\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire fuerza a que la contraseña de la cuenta\n"
+" caduque\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens cambia la contraseña sólo si ha caducado\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INACTIVO establece la contraseña inactiva después de\n"
+" caducar a INACTIVO\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+" -l, --lock bloquea la contraseña de la cuenta indicada\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays DÃAS_MIN establece el número mínimo de días antes\n"
+" de que se cambie la contraseña a DÃAS_MIN\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet modo silencioso\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+" -r, --repository REP cambia la contraseña en el repositorio REP\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status informa del estado de la contraseña la "
+"cuenta\n"
+" indicada\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+" -u, --unlock desbloquea la contraseña de la cuenta "
+"indicada\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays DÃAS_AVISO establece el aviso de caducidad a "
+"DÃAS_AVISO\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays DÃAS_MAX establece el número máximo de días antes de\n"
+" cambiar la contraseña a DÃAS_MAX\n"
+
+msgid "Old password: "
+msgstr "Contraseña antigua: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduzca la nueva contraseña (con un mínimo de %d caracteres)\n"
+"Por favor, use una combinación de letras mayúsculas, minúsculas y números.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduzca la nueva contraseña (con un mínimo de %d caracteres y un máximo "
+"de %d)\n"
+"Por favor, use una combinación de letras mayúsculas, minúsculas y números.\n"
+
+msgid "New password: "
+msgstr "Nueva contraseña: "
+
+msgid "Try again."
+msgstr "Inténtelo de nuevo."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Aviso: contraseña débil (introdúzcala de nuevo para usarla de todos modos)."
+
+msgid "They don't match; try again.\n"
+msgstr "No concuerdan, inténtelo de nuevo.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "No se puede cambiar la contraseña para %s.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Todavía no se puede cambiar la contraseña de %s.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: desbloquear la contraseña dejaría una cuenta sin contraseña.\n"
+"Debería establecer una contraseña mediante «usermod -p» para desbloquear la "
+"contraseña de esta cuenta.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: repositorio %s no soportado\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s no está autorizado a cambiar la contraseña de %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: no debe ver o cambiar la información de la contraseña para %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Cambiando la contraseña para %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "La contraseña para %s no se ha modificado.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: contraseña cambiada.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: información de caducidad de la contraseña cambiada.\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "Usage: %s [options] [action]\n"
+#| "\n"
+#| "Options:\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [acción]\n"
+"\n"
+"Opciones:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [passwd [shadow]]\n"
+"\n"
+"Opciones:\n"
+
+#, fuzzy
+#| msgid " -q, --quiet quiet mode\n"
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet modo silencioso\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: no se permite un fichero oculto alternativo cuando USE_TCB está "
+"habilitado.\n"
+
+msgid "invalid password file entry"
+msgstr "entrada del fichero de contraseñas incorrecta"
+
+msgid "duplicate password entry"
+msgstr "entrada de contraseña duplicada"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nombre de usuario «%s» incorrecto\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "identificador «%lu» de usuario incorrecto\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "usuario «%s»: no existe el grupo %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "usuario «%s»: el directorio «%s» no existe\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "usuario «%s»: el programa «%s» no existe\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "no existe el directorio tcb para %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "¿desea crear el directorio tcb para %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "se produjo un fallo al crear el directorio tcb para %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: no se pudo bloquear %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "ninguna entrada del fichero de contraseñas concuerda con %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "¿desea añadir el usuario «%s» a «%s»?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"el usuario %s tiene una entrada en %s, pero su campo de la contraseña en %s "
+"no está establecido a «x»\n"
+
+msgid "invalid shadow password file entry"
+msgstr "entrada del fichero shadow de contraseñas incorrecta"
+
+msgid "duplicate shadow password entry"
+msgstr "entrada del fichero shadow de contraseñas duplicada"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr ""
+"usuario %s: el último cambio de la contraseña se produjo en el futuro\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: no se pudieron ordenar las entradas en %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: no puede funcionar con tcb activado\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: se produjo un fallo al cambiar el modo de %s a 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "El acceso a «su» en esa cuenta se ha DENEGADO.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Autenticación de contraseña evitada.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Por favor, introduzca su PROPIA contraseña como autenticación.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: no se pudo realizar el «fork» de la consola del usuario\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: funcionamiento incorrecto de la señal\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: funcionamiento incorrecto del enmascaramiento de la señal\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sesión finalizada, parando la consola ..."
+
+msgid " ...killed.\n"
+msgstr " ... finalizado.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ... esperando a que el hijo finalice.\n"
+
+msgid " ...terminated.\n"
+msgstr " ... parada.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Modo de uso: su [opciones] [USUARIO]\n"
+"\n"
+"Opciones:\n"
+" -c, --command ORDEN pasa la ORDEN a la consola invocada\n"
+" -h, --help muestra este mensaje de ayuda y termina\n"
+" -, -l, --login hace que la consola sea una de acceso\n"
+" -m, -p,\n"
+" --preserve-environment no reinicia las variables de entorno, y\n"
+" mantiene la misma consola\n"
+" -s, --shell CONSOLA usa CONSOLA en lugar de la predeterminada "
+"en\n"
+" passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorado)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "No está autorizado a usar su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Introduzca su propia contraseña)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: se produjo un fallo en la autenticación\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: no está autorizado a usar su en este momento\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Sin entrada de contraseña para el administrador («root»)"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: debe ejecutarse desde un terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: error %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot remove the content of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: no se pudo eliminar el contenido de %s: %s\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "No se puede ejecutar %s\n"
+
+msgid "No password file"
+msgstr "Sin fichero de contraseñas"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY falló"
+
+msgid "No password entry for 'root'"
+msgstr "Sin entrada de contraseña para el administrador («root»)"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Pulse control-d para continuar con un arranque normal del sistema,\n"
+"(o introduzca la contraseña del administrador («root») para entrar en el "
+"modo de mantenimiento del sistema):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Entrando en el modo de mantenimiento del sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: se creó %s, pero no se pudo eliminar\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: se ignorará la configuración %s en %s\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+"%s: no se puede crear un nuevo fichero de preferencias predeterminadas\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+"%s: no se puede abrir un nuevo fichero de preferencias predeterminadas\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: línea demasiado larga en %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s no se pudo crear el enlace simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: renombrar: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: el grupo «%s» es un grupo NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: demasiados grupos especificados (el máximo es %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] USUARIO\n"
+" %s -D\n"
+" %s -D [opciones]\n"
+"\n"
+"Opciones:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir DIR_BASE directorio base para el directorio personal\n"
+" de la nueva cuenta\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment COMENTARIO campo GECOS de la nueva cuenta\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+" -d, --home-dir DIR_PERSONAL directorio personal de la nueva cuenta\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults imprime o cambia la configuración\n"
+" predeterminada de useradd\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+" -e, --expiredate FECHA_CADUCIDAD fecha de caducidad de la nueva cuenta\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive INACTIVO periodo de inactividad de la contraseña\n"
+" de la nueva cuenta\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid GRUPO nombre o identificador del grupo primario "
+"de\n"
+" la nueva cuenta\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups GRUPOS lista de grupos suplementarios de la nueva\n"
+" cuenta\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+" -k, --skel DIR_SKEL utiliza este directorio «skeleton» "
+"alternativo\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init no añade el usuario a las bases de datos de\n"
+" lastlog y faillog\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+" -m, --create-home crea el directorio personal del usuario\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+" -M, --no-create-home no crea el directorio personal del usuario\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group no crea un grupo con el mismo nombre que el\n"
+" usuario\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique permite crear usuarios con identificadores\n"
+" (UID) duplicados (no únicos)\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+" -p, --password CONTRASEÑA contraseña cifrada de la nueva cuenta\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell CONSOLA consola de acceso de la nueva cuenta\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+" -u, --uid UID identificador del usuario de la nueva "
+"cuenta\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group crea un grupo con el mismo nombre que el\n"
+" usuario\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user USUARIO_SE utiliza el usuario indicado para el "
+"usuario\n"
+" de SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: directorio base «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: comentario «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: directorio personal («home») «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: se requieren contraseñas de shadow para -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: se requieren contraseñas de shadow para -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: campo «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: consola «%s» incorrecta\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z necesita que el núcleo tenga activado SELinux\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+"%s: se produjo un fallo al reiniciar la entrada de faillog del UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+"%s: se produjo un fallo al reiniciar la entrada de lastlog del UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: no se puede crear el directorio %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Creando el fichero del buzón de correo"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"No se encontró el grupo «mail». Se creará el fichero del buzón de correo del "
+"usuario con el modo 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Estableciendo los permisos del fichero del buzón de correo"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: el usuario «%s» ya existe\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: el grupo %s existe - si quiere añadir este usuario a ese grupo, use -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: no se pudo crear el usuario\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: el UID %lu no es único\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: se produjo un fallo al crear el directorio tcb para %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: no se puede crear el grupo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: no se pudo crear el usuario\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: no se puede crear el grupo\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: aviso: el directorio personal ya existe.\n"
+"No se va a copiar ningún fichero del directorio «skel» en él.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: aviso: no se pudo relacionar el nombre del usuario %s con el usuario %s "
+"de SELinux.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force forzar la eliminación de los ficheros,\n"
+" incluso si no pertenecen al usuario\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove elimina el directorio personal y el buzón "
+"de\n"
+" correo\n"
+
+#, fuzzy
+#| msgid ""
+#| " -Z, --selinux-user new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user nuevo usuario de SELinux para la cuenta del\n"
+" usuario\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: no se pudo eliminar el grupo primario del usuario «%s»\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s: grupo %s es el grupo primario de otro usuario y no se eliminará.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: no se pudo eliminar la entrada «%s» de %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s home directory (%s) not found\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s directorio personal (%s) no encontrado\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: aviso: no se puede eliminar %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s no pertenece a %s, no se eliminará\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: no se pudo reservar memoria, la entrada tcb %s no se eliminó.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: no se pudo desprender los privilegios: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: no se pudo eliminar el contenido de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: no se pudieron eliminar los ficheros tcb para %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: el usuario %s es un usuario NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s directorio personal (%s) no encontrado\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: no se elimina el directorio %s (eliminaría el directorio personal del "
+"usuario %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: error eliminando el directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: aviso: no se pudo relacionar el nombre del usuario %s con el usuario %s "
+"de SELinux.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment COMENTARIO nuevo valor del campo GECOS\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home DIR_PERSONAL nuevo directorio personal del nuevo usuario\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate FECHA_EXPIR establece la fecha de caducidad de la\n"
+" cuenta a FECHA_EXPIR\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INACTIVO establece el tiempo de inactividad después\n"
+" de que caduque la cuenta a INACTIVO\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid GRUPO fuerza el uso de GRUPO para la nueva cuenta\n"
+" de usuario\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups GRUPOS lista de grupos suplementarios\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login NOMBRE nuevo nombre para el usuario\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock bloquea la cuenta de usuario\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home mueve los contenidos del directorio\n"
+" personal al directorio nuevo (usar sólo\n"
+" junto con -d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique permite usar UID duplicados (no únicos)\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password CONTRASEÑA usar la contraseña cifrada para la nueva "
+"cuenta\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+" -u, --uid UID fuerza el uso del UID para la nueva cuenta\n"
+" de usuario\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock desbloquea la cuenta de usuario\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -Z, --selinux-user new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user nuevo usuario de SELinux para la cuenta del\n"
+" usuario\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: desbloquear la contraseña dejaría una cuenta sin contraseña.\n"
+"Debería establecer una contraseña mediante «usermod -p» para desbloquear la "
+"contraseña de esta cuenta.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: el usuario «%s» ya existe en %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: fecha «%s» incorrecta\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: fecha «%s» incorrecta\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: no se pudo abrir %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: las opciones -L, -p y -U son exclusivas\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: se necesitan contraseñas de shadow para -e y -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: el UID «%lu» ya existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s no está autorizado a cambiar la contraseña de %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: el directorio %s existe\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: el directorio personal anterior (%s) no era un directorio. No se "
+"eliminará y no se crearán directorios personales.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: se produjo un fallo al cambiar el dueño del directorio personal"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: aviso: no se pudo eliminar completamente el directorio personal previo %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: no se puede renombrar el directorio %s a %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: se produjo un fallo al copiar la entrada de lastlog del usuario %lu al "
+"usuario %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: se produjo un fallo al copiar la entrada de faillog del usuario %lu al "
+"usuario %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: aviso: %s no pertenece a %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "se produjo un fallo al cambiar el propietario del buzón de correo"
+
+msgid "failed to rename mailbox"
+msgstr "se produjo un fallo al cambiar el nombre del buzón de correo"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Ha modificado %s.\n"
+"Puede que necesite modificar %s por consistencia.\n"
+"Por favor, utilice la orden «%s» para hacerlo.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group edita la base de datos del grupo\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd edita la base de datos de «passwd»\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+" -s, --shadow edita la base de datos shadow o gshadow\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+" -u, --user indica que fichero tcb de shadow del "
+"usuario\n"
+" editar\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: se produjo un fallo al eliminar %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: no se ha cambiado %s\n"
+
+msgid "failed to create scratch directory"
+msgstr "se produjo un fallo al crear el directorio temporal"
+
+msgid "failed to drop privileges"
+msgstr "se produjo un fallo al desprenderse de los privilegios"
+
+msgid "Couldn't get file context"
+msgstr "No se pudo conseguir el contexto del fichero"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () falló"
+
+msgid "failed to gain privileges"
+msgstr "se produjo un fallo al obtener privilegios"
+
+msgid "Couldn't lock file"
+msgstr "No se puede bloquear el fichero"
+
+msgid "Couldn't make backup"
+msgstr "No se puede realizar una copia de seguridad"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: no se encontró %s en /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "se produjo un fallo al abrir el fichero temporal"
+
+msgid "failed to unlink scratch file"
+msgstr "se produjo un fallo al borrar el fichero temporal"
+
+msgid "failed to stat edited file"
+msgstr "se produjo un fallo al realizar el «stat» del fichero editado"
+
+msgid "failed to allocate memory"
+msgstr "se produjo un fallo al reservar memoria"
+
+msgid "failed to create backup file"
+msgstr "se produjo un fallo al crear la copia de seguridad del fichero"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: no se puede restaurar %s: %s (sus cambios están en %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: se produjo un fallo al buscar el directorio tcb de %s\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr " -c, --crypt-method el método de cifrado (uno de %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Modo de uso: vipw [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) falló\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: chage [opciones] [USUARIO]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -d, --lastday ÚLTIMO_DÃA establece el día del último cambio de la\n"
+#~ " contraseña a ÚLTIMO_DÃA\n"
+#~ " -E, --expiredate FECHA_CAD establece la fecha de caducidad a "
+#~ "FECHA_CAD\n"
+#~ " -h, --help muestra este mensaje de ayuda y termina\n"
+#~ " -I, --inactive INACTIVA deshabilita la cuenta después de "
+#~ "INACTIVA\n"
+#~ " días de la fecha de caducidad\n"
+#~ " -l, --list muestra la información de la edad de la "
+#~ "cuenta\n"
+#~ " -m, --mindays DÃAS_MIN establece el número mínimo de días antes "
+#~ "de\n"
+#~ " cambiar la contraseña a DÃAS_MIN\n"
+#~ " -M, --maxdays DÃAS_MAX establece el número máximo de días antes "
+#~ "de\n"
+#~ " cambiar la contraseña a DÃAS_MAX\n"
+#~ " -W, --warndays DÃAS_AVISO establece los días de aviso de expiración "
+#~ "a\n"
+#~ " DÃAS_AVISO\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: la autenticación PAM falló\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Modo de uso: %s [-f nombre_completo] [-r num_habitación] [-w "
+#~ "telf_trabajo]\n"
+#~ "\t[-h telf_casa] [-o otro] [usuario]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Modo de uso: %s [-f nombre_completo] [-r num_habitación] [-w "
+#~ "telf_trabajo]\n"
+#~ "\t[-h telf_casa]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Modo de uso: %s [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -c, --crypt-method el método de cifrado (uno de %s)\n"
+#~ " -e, --encrypted las contraseñas proporcionadas están "
+#~ "cifradas\n"
+#~ " -h, --help muestra este mensaje de ayuda y termina\n"
+#~ " -m, --md5 usa el algoritmo MD5 para cifrar las\n"
+#~ " contraseñas\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: chsh [opciones] [USUARIO]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -h, --help muestra este mensaje de ayuda y termina\n"
+#~ " -s, --shell CONSOLA nueva consola de acceso para la cuenta "
+#~ "del\n"
+#~ " usuario\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Modo de uso: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr ""
+#~ "faillog: se produjo un fallo al conseguir la entrada para el UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: no se pudo abrir %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: no se pudo conseguir el tamaño de %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Modo de uso: groupdel grupo\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Modo de uso: %s [-r] [-s] [grupo [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Modo de uso: %s [-r] [-s] [grupo]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s y -r son incompatibles\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Modo de uso: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Modo de uso: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: lastlog [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -b, --before DÃAS muestra los registros de «lastlog» "
+#~ "anteriores\n"
+#~ " a DÃAS\n"
+#~ " -h, --help muestra este mensaje de ayuda y termina\n"
+#~ " -t, --time DÃAS muestra sólo los registros de «lastlog» "
+#~ "más\n"
+#~ " recientes que DÃAS\n"
+#~ " -u, --user USUARIO muestra el registro de «lastlog» del "
+#~ "USUARIO\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: passwd [opciones] [USUARIO]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all informa del estado de las contraseñas de\n"
+#~ " todas las cuentas\n"
+#~ " -d, --delete borra la contraseña para la cuenta "
+#~ "indicada\n"
+#~ " -e, --expire fuerza a que la contraseña de la cuenta\n"
+#~ " caduque\n"
+#~ " -h, --help muestra este mensaje de ayuda y termina\n"
+#~ " -k, --keep-tokens cambia la contraseña sólo si ha caducado\n"
+#~ " -i, --inactive INACTIVO establece la contraseña inactiva después "
+#~ "de\n"
+#~ " caducar a INACTIVO\n"
+#~ " -l, --lock bloquea la contraseña de la cuenta "
+#~ "indicada\n"
+#~ " -n, --mindays DÃAS_MIN establece el número mínimo de días antes\n"
+#~ " de que se cambie la contraseña a "
+#~ "DÃAS_MIN\n"
+#~ " -q, --quiet modo silencioso\n"
+#~ " -r, --repository REP cambia la contraseña en el repositorio "
+#~ "REP\n"
+#~ " -S, --status informa del estado de la contraseña la "
+#~ "cuenta\n"
+#~ " indicada\n"
+#~ " -u, --unlock desbloquea la contraseña de la cuenta "
+#~ "indicada\n"
+#~ " -w, --warndays DÃAS_AVISO establece el aviso de caducidad a "
+#~ "DÃAS_AVISO\n"
+#~ " -x, --maxdays DÃAS_MAX establece el número máximo de días antes "
+#~ "de\n"
+#~ " cambiar la contraseña a DÃAS_MAX\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Modo de uso: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Modo de uso: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Modo de uso: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Modo de uso: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id desconocido: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Sin consola\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: userdel [opciones] USUARIO\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -f, --force forzar la eliminación de los ficheros,\n"
+#~ " incluso si no pertenecen al usuario\n"
+#~ " -h, --help muestra este mensaje de ayuda y termina\n"
+#~ " -r, --remove elimina el directorio personal y el buzón "
+#~ "de\n"
+#~ " correo\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: el usuario %s está actualmente identificado en el sistema\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Modo de uso: usermod [opciones] USUARIO\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -c, --comment COMENTARIO nuevo valor del campo GECOS\n"
+#~ " -d, --home DIR_PERSONAL nuevo directorio personal del nuevo "
+#~ "usuario\n"
+#~ " -e, --expiredate FECHA_EXPIR establece la fecha de caducidad de la\n"
+#~ " cuenta a FECHA_EXPIR\n"
+#~ " -f, --inactive INACTIVO establece el tiempo de inactividad "
+#~ "después\n"
+#~ " de que caduque la cuenta a INACTIVO\n"
+#~ " -g, --gid GRUPO fuerza el uso de GRUPO para la nueva "
+#~ "cuenta\n"
+#~ " de usuario\n"
+#~ " -G, --groups GRUPOS lista de grupos suplementarios\n"
+#~ " -h, --help muestra este mensaje de ayuda y termina\n"
+#~ " -l, --login NOMBRE nuevo nombre para el usuario\n"
+#~ " -L, --lock bloquea la cuenta de usuario\n"
+#~ " -m, --move-home mueve los contenidos del directorio\n"
+#~ " personal al directorio nuevo (usar sólo\n"
+#~ " junto con -d)\n"
+#~ " -o, --non-unique permite usar UID duplicados (no únicos)\n"
+#~ " -p, --password CONTRASEÑA usar la contraseña cifrada para la nueva "
+#~ "cuenta\n"
+#~ " -s, --shell CONSOLA la consola de acceso para la nueva cuenta "
+#~ "de\n"
+#~ " usuario\n"
+#~ " -u, --uid UID fuerza el uso del UID para la nueva "
+#~ "cuenta\n"
+#~ " de usuario\n"
+#~ " -U, --unlock desbloquea la cuenta de usuario\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: no se ha proporcionado ninguna opción\n"
+
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: vipw [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -g, --group edita la base de datos con los grupos\n"
+#~ " -h, --help muestra este mensaje de ayuda y termina\n"
+#~ " -p, --passwd edita la base de datos con las "
+#~ "contraseñas\n"
+#~ " -q, --quiet modo silencioso\n"
+#~ " -s, --shadow edita la base de datos shadow o gshadow\n"
+#~ "\n"
+
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Modo de uso: %s [entrada]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: no se puede crear %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: no se puede chown %s\n"
+
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: faillog [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -a, --all muestra los registros de faillog para\n"
+#~ " todos los usuarios\n"
+#~ " -h, --help muestra este mensaje de ayuda y termina\n"
+#~ " -l, --lock-time SEC después de un fallo de acceso bloquea\n"
+#~ " la cuenta SEC segundos\n"
+#~ " -m, --maximum MAX establece el número máximo de accesos\n"
+#~ " fallidos a MAX\n"
+#~ " -r, --reset reinicia los contadores de accesos "
+#~ "fallidos\n"
+#~ " -t, --time ND muestra los registros de faillog para "
+#~ "los\n"
+#~ " últimos ND días\n"
+#~ " -u, --user USUARIO muestra el registro de faillog o "
+#~ "mantiene\n"
+#~ " los contadores de fallos y los límites\n"
+#~ " (si se usan las opciones -r, -m o -l)\n"
+#~ " para el usuario USUARIO\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: groupadd [opciones] grupo\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -f, --force fuerza una salida con un estado de éxito\n"
+#~ " si el grupo especificado existe\n"
+#~ " -g, --gid GID usa GID para el nuevo grupo\n"
+#~ " -h, --help muestra esta ayuda y termina\n"
+#~ " -K, --key NOMBRE=VALOR prevalece sobre el valor predeterminado "
+#~ "de\n"
+#~ " /etc/login.defs\n"
+#~ " -o, --non-unique permite crear grupos con un GID "
+#~ "duplicado\n"
+#~ " (que no es único)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: groupadd [opciones] grupo\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -f, --force fuerza una salida con un estado de éxito\n"
+#~ " si el grupo especificado existe\n"
+#~ " -g, --gid GID usa GID para el nuevo grupo\n"
+#~ " -h, --help muestra esta ayuda y termina\n"
+#~ " -K, --key NOMBRE=VALOR prevalece sobre el valor predeterminado "
+#~ "de\n"
+#~ " /etc/login.defs\n"
+#~ " -o, --non-unique permite crear grupos con un GID "
+#~ "duplicado\n"
+#~ " (que no es único)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Modo de uso: useradd [opciones] USUARIO\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -b, --base-dir DIR_BASE directorio base para el nuevo directorio\n"
+#~ " personal\n"
+#~ " -c, --comment COMENTARIO comentarios para el nuevo usuario (campo "
+#~ "GECOS)\n"
+#~ " -d, --home-dir DIR_PERSONAL directorio personal para el nuevo "
+#~ "usuario\n"
+#~ " -D, --defaults muestra o salva la configuración\n"
+#~ " predeterminada modificada para useradd\n"
+#~ " -e, --expiredate FECHA_EXPIR establece la fecha de caducidad de la\n"
+#~ " cuenta a FECHA_EXPIR\n"
+#~ " -f, --inactive INACTIVO establece el tiempo de inactividad "
+#~ "después\n"
+#~ " de que caduque la cuenta a INACTIVO\n"
+#~ " -g, --gid GRUPO forzar el uso de GRUPO para la nueva "
+#~ "cuenta\n"
+#~ " de usuario\n"
+#~ " -G, --groups GRUPOS lista de grupos suplementarios para la "
+#~ "nueva\n"
+#~ " cuenta de usuario\n"
+#~ " -h, --help muestra esta ayuda y termina\n"
+#~ " -k, --skel DIR_SKEL especifica un directorio skel "
+#~ "alternativo\n"
+#~ " -K, --key LLAVE=VALOR modifica los valores predeterminados de\n"
+#~ " /etc/login.defs\n"
+#~ " -m, --create-home crea el directorio personal para la "
+#~ "nueva\n"
+#~ " cuenta de usuario\n"
+#~ " -o, --non-unique permitir crear usuarios con UIDs "
+#~ "duplicadas\n"
+#~ " -p, --password CONTRASEÑA usar la contraseña cifrada CONTRASEÑA "
+#~ "para\n"
+#~ " la nueva cuenta\n"
+#~ " -s, --shell SHELL la shell de entrada para la nueva cuenta\n"
+#~ " de usuario\n"
+#~ " -u, --uid UID forzar el uso del UID para la nueva "
+#~ "cuenta\n"
+#~ " de usuario\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Contraseña caducada."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: no puedo bloquear el fichero de contraseñas\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: no puedo abrir el fichero de contraseñas\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: no puedo bloquear el fichero de contraseñas ocultas\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: no puedo abrir el fichero de contraseñas ocultas\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: no se puede reescribir el fichero de contraseñas ocultas\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: no se puede reescribir el fichero de contraseñas\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: no puedo actualizar el fichero de contraseñas ocultas\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNombre completo: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNúmero de habitación: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTeléfono del trabajo:% s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTeléfono de casa: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "No se puede bloquear el fichero de contraseñas, inténtelo más tarde.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "No se puede abrir el fichero de contraseñas.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Error actualizando la entrada de la contraseña.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "No se pueden remitir los cambios del fichero de contraseñas.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "No se puede desbloquear el fichero de contraseñas.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: no se puede bloquear el fichero de grupos\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: no se puede abrir el fichero de grupos\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: no se puede abrir el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: no se puede abrir el fichero de contraseñas ocultas (shadow)\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: error actualizando el fichero de contraseñas ocultas (shadow)\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: error actualizando la entrada del grupo\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: línea %d: grupo desconocido %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: línea %d: no se puede actualizar la entrada\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr ""
+#~ "%s: no se puede bloquear el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: error actualizando el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: error actualizando el fichero de contraseñas\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: línea %d: usuario desconocido %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: línea %d: no se puede actualizar la entrada de la contraseña\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: usuario desconocido\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Usuario desconocido: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Modo de uso: %s [-r|-R] grupo\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a usuario] grupo\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d usuario] grupo\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A usuario,...] [-M usuario,...] grupo\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M usuario,...] grupo\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: no se puede obtener el bloqueo\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: no se puede obtener el bloqueo de shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: no se puede abrir el fichero\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: no se puede reescribir el fichero oculto (shadow)\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: no se puede desbloquear el fichero\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: no se puede actualizar la entrada\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: no se puede actualizar la entrada oculta (shadow)\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "grupo desconocido: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: no se puede abrir el fichero\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: no se puede abrir el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "¿Quién es?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: miembro desconocido %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: error añadiendo entrada nueva de grupo\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: no se puede reescribir el fichero grupos\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: no se puede reescribir el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: incapaz de bloquear el fichero de grupos\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: incapaz de abrir el fichero de grupos\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: incapaz de bloquear el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: incapaz de abrir el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: el GID %u no es único\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: error eliminando la entrada del grupo\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: error eliminando entrada del grupo oculto (shadow)\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: no se puede eliminar el grupo primario del usuario.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: Autenticación PAM fallida\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: incapaz de bloquear el fichero de grupos\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: no se puede abrir el fichero de grupos\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: no se encontró %s en /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u no es un GID único\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s no es un nombre único\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: no se puede reescribir el fichero de contraseñas\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: incapaz de bloquear el fichero de contraseñas\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: incapaz de abrir el fichero de contraseñas\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: no se puede actualizar la entrada oculta (shadow) para %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: no se puede actualizar la entrada para el grupo %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: no se puede bloquear el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: no se puede abrir el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: no se puede eliminar el grupo oculto (shadow) %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: no se puede actualizar el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: no se puede eliminar el fichero de grupos oculto\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "UID desconocido: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID desconocido: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: el grupo %s no existe\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: el usuario %s no existe\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nombre de usuario `%s' incorrecto\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: no se puede bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: no se puede bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: no se puede bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: no se puede bloquear /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: no se pueden abrir los ficheros\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: error actualizando los ficheros\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: no se puede actualizar la entrada de la contraseña para %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: no se puede bloquear el fichero passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: no se puede abrir el fichero passwd\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: no se puede eliminar la entrada oculta (shadow) para %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: no se puede actualizar el fichero passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: no se puede actualizar la entrada para el usuario %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr ""
+#~ "%s: no se puede eliminar el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: GID %s desconocido\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: grupo %s desconocido\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: sin memoria en update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: no se puede reescribir el fichero de contraseñas\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr ""
+#~ "%s: no se puede reescribir el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr ""
+#~ "%s: no se puede bloquear el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: no se puede abrir el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: error bloqueando el fichero de grupos\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: error abriendo el fichero de grupos\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: error bloqueando el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: error abriendo el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: error añadiendo entrada de contraseña nueva\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: error añadiendo entrada de contraseña oculta (shadow) nueva\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: aviso: CREATE_HOME no está soportado, por favor, use -m en su lugar.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: error actualizando la entrada del grupo\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: error actualizando la entrada del grupo\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: no se puede abrir el fichero de grupos\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: no se puede abrir el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: error eliminando la entrada de contraseña\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: error eliminando la entrada de contraseña oculta (shadow)\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: error añadiendo entrada nueva de grupo\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: el uid %lu no es único\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: error cambiando la entrada de la contraseña\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: error eliminando la entrada de la contraseña\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: error eliminando entrada de contraseña oculta (shadow)\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: no se puede obtener un GID único\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " en «%.100s» desde «%.200s»"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " en «%.100s»"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: línea %d: no se puede crear UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: el nombre %s no es único\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: chgpasswd [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ " -e, --encrypted\tlas contraseñas proporcionadas están cifradas\n"
+#~ " -h, --help\t\tmuestra este mensaje de ayuda y termina\n"
+#~ " -m, --md5\t\tusa cifrado MD5 en vez de DES cuando las\n"
+#~ " contraseñas proporcionadas no estén cifradas\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "No hay fichero de contraseñas\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Disculpe.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Disculpe, aún no puede cambiarse la contraseña para %s.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Disculpe."
diff --git a/po/eu.po b/po/eu.po
new file mode 100644
index 0000000..a464302
--- /dev/null
+++ b/po/eu.po
@@ -0,0 +1,3312 @@
+# translation of eu.po to Euskara
+# Copyright (C) 2004, 2005, 2006, 2008, 2009 Free Software Foundation, Inc.
+#
+# Piarres Beobide <pi@beobide.net>, 2004, 2005, 2006, 2008, 2009.
+# Inaki Larranga Murgoitio <dooteo@euskalgnu.org>, 2005.
+msgid ""
+msgstr ""
+"Project-Id-Version: eu\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2011-11-26 19:42+0100\n"
+"Last-Translator: Piarres Beobide <pi@beobide.net>\n"
+"Language-Team: Euskara <debian-l10n-eu@lists.debian.org>\n"
+"Language: eu\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Pootle 1.2.1\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"'%s' izeneko sarrera anitz %s-en. Mesedez konpondu pwck edo grpck "
+"erabiliaz.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "libcrypt-ek onartzen ez duen kriptografia metodoa? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "konfigurazio errorea - ezin da %s balioa analizatu: '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Ezin izan da lekua esleitu, konfigurazioaren informaziorako.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"konfigurazio errorea - %s item ezezaguna (eman honen berri "
+"administratzaileari)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Pasahitza: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s (r)en pasahitza: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Ezin izan da lekua esleitu, konfigurazioaren informaziorako.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s(r)en data informazioa aldatzen\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: memoriarik ez\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: ezin da %s ezabatu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s home directory (%s) not found\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s etxe-direktorioa (%s) ez dago\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: ezin da '%s' sarrera %s-tik kendu\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "lastlog: Ezinda %s-ren tamaina eskuratu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s\n"
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: abisua: ezin da %s ezabatu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: berrizendatu: %s: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: ezin da %s direktorioa %s gisa izenez aldatu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: ezin da %s direktorioa %s gisa izenez aldatu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s\n"
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: abisua: ezin da %s ezabatu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "lastlog: Ezinda %s-ren tamaina eskuratu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: ezin da %s ezabatu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: (line %d, user %s) password not changed\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: `(%d lerroa, %s erabiltzailea) pasahitza ez da aldatu\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: berrizendatu: %s: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: ezin da %s ireki\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Abisua: %s talde ezezaguna\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Abisua: talde gehiegi\n"
+
+msgid "Your password has expired."
+msgstr "Pasahitza iraungi egin da."
+
+msgid "Your password is inactive."
+msgstr "Pasahitza ezgaitua dago."
+
+msgid "Your login has expired."
+msgstr "Erabiltzaile-izena iraungi egin da."
+
+msgid " Contact the system administrator."
+msgstr " Jarri harremanetan sistema administratzailearekin."
+
+msgid " Choose a new password."
+msgstr " Aukeratu pasahitz berria."
+
+msgid "You must change your password."
+msgstr "Zure pasahitza aldatu behar duzu."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Pasahitza %ld egun barru iraungi egingo da.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Pasahitza bihar iraungi egingo da."
+
+msgid "Your password will expire today."
+msgstr "Pasahitza gaur iraungi egingo da."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Ezin da auditatzeko interfazea ireki - uzten.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Ezin da tty sarrera-estandar modu edo jabea aldatu: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: huts %s desblokeatzean\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Inguruneak gainezka egin du\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Ez zenuke $%s aldatu beharko\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d hutsegite azken saio hasieratik.\n"
+"Azkena %s izan zen %s(e)n.\n"
+msgstr[1] ""
+"%d hutsegite azken saio hasieratik.\n"
+"Azkena %s izan zen %s(e)n.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "huts egin du postontzia jabez aldatzean"
+
+#, fuzzy, c-format
+#| msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Ezin da sistema UID bakarra lortu (ez dago UID erabilgarri gehiago)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Ezin da GID bakarra lortu (ez dago GID erabilgarri gehiago)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Ezin da sistema UID bakarra lortu (ez dago UID erabilgarri gehiago)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: ezin da UID bakarra lortu (ez dago UID erabilgarri gehiago)\n"
+
+msgid "Too many logins.\n"
+msgstr "Gehiegizko saio hasierak.\n"
+
+msgid "You have new mail."
+msgstr "Mezu berria duzu."
+
+msgid "No mail."
+msgstr "Mezurik ez."
+
+msgid "You have mail."
+msgstr "Mezua duzu."
+
+msgid "no change"
+msgstr "aldaketarik gabe"
+
+msgid "a palindrome"
+msgstr "palindromoa"
+
+msgid "case changes only"
+msgstr "Maiuskulak/minuskula bakarrik aldatu da"
+
+msgid "too similar"
+msgstr "antzekoegia"
+
+msgid "too simple"
+msgstr "sinpleegia"
+
+msgid "rotated"
+msgstr "aldirokoa"
+
+msgid "too short"
+msgstr "laburregia"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Pasahitz okerra: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() huts egin du, errorea: %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: pasahitza ez da aldatu\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: pasahitza ongi eguneratu da\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "%s(r)en pasahitz okerra.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: huts baimenak kentzerakoan (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: etxeko tlf baliogabea: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"ENCRYPT_METHOD balio baliogabea: '%s'.\n"
+"DES-era lehenesten.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Ezin da '%s'-ra direktorioa aldatu\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Direktoriorik ez, HOME=/ erabiliz saioa hasiko da"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Ezin izan da %s exekutatu"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Baliogabeko erro direktorioa '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Ezin da erro direktorioa '%s'-ra aldatu\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Ezin da zure tty izena zehaztu."
+
+msgid "No"
+msgstr "Ez"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] IZENA\n"
+"\n"
+"Aukerak:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr " -d, --lastday AZKEN_EGUNA ezarri pasahitz aldaketa AZKEN_EGUNA\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate IRAUNGITZE_DATA\n"
+" ezarri kontu iraungitze data\n"
+" IRAUNGITZE_DATA-ra\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+" -h, --help laguntza mezu hau bistarazi eta irten\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INACTIVE ezarri pasahitza ezgaitua bezala\n"
+" -INACTIVE iraungitzean\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr " -l, --list kontu denbora informazioa bistarazi\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays GUTXI_EGUN pasahitz aldaketa gutxieneko data\n"
+" GUTXI_EGUN-era aldatu\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays GEHI_EGUN pasashitz aldaketa gehienezko data\n"
+" GEHI_EGUN-era aldatu\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays ABISU_EGUN iraungitze abisua ABISU_EGUN-era ezarri\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Idatzi balio berria, edo sakatu 'Sartu' tekla lehenetsirako"
+
+msgid "Minimum Password Age"
+msgstr "Pasahitzaren gutxiengo iraupena"
+
+msgid "Maximum Password Age"
+msgstr "Pasahitzaren gehienezko iraupena"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Azken pasahitz aldaketa (UUUU-HH-EE)"
+
+msgid "Password Expiration Warning"
+msgstr "Pasahitza iraungitzearen abisua"
+
+msgid "Password Inactive"
+msgstr "Pasahitza ezgaitua"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Kontuaren iraungitze data (UUUU-HH-EE)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Azken pasahitz aldaketa\t\t\t\t\t: "
+
+msgid "never"
+msgstr "Inoiz ere ez"
+
+msgid "password must be changed"
+msgstr "Pasahitza aldatu egin behar da"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Pasahitz iraungitze data\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Pasahitza ezgaitu egingo da\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Kontua iraungitzeko data\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Gutxiengo egunak, pasahitza aldatzeko\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Gehienezko egunak, pasahitza aldatzeko\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Abisuen egun kopurua, pasahitza iraungi aurretik\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: '%s' data baliogabea\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s:baliogabeko zenbakizko '%s' argumentua\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: ez erabili \"l\" beste bandera batzuekin\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: baimena ukatua.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: ezin da %s blokeatu; saiatu geroago.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: ezin da %s ireki\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: huts %s-en aldaketak idazterakoan\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: huts %s sarrera berria prestatzean '%s'\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: ezin da itzalpeko (shadow) pasahitz fitxategia ez dago\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: `%s' erabiltzailea ez da %s-en existitzen\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s(r)en data informazioa aldatzen\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: errorea eremuak aldatzean\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [IZENA]\n"
+"\n"
+"Aukerak:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+" -u, --help laguntza mezu hau bistarazi eta irten\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Izen osoa"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Gela zenbakia"
+
+msgid "Work Phone"
+msgstr "Laneko telefonoa"
+
+msgid "Home Phone"
+msgstr "Etxeko telefonoa"
+
+msgid "Other"
+msgstr "Bestelakoa"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Ezin izan da IDa root-era aldatu.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: ASCII ez diren karaktereak dituen izena: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: izen baliogabea: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: ASCII ez diren karaktereak dituen gela zenbakia: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: gela zenbaki baliogabea: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: laneko tlf baliogabea: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: etxeko tlf baliogabea: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s'(e)k ASCII ez diren karaktereak ditu\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s'(e)k karaktere baliogabeak ditu\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: '%s' erabiltzailea ez da existitzen\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: ezin da NIS bezeroko '%s' erabiltzailea aldatu.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' da bezero honen NIS nagusia.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%s(r)en erabiltzaile informazioa aldatzen\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: eremu luzegiak\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak]\n"
+"\n"
+"Aukerak:\n"
+
+#, fuzzy, c-format
+#| msgid " -c, --crypt-method the crypt method (one of %s)\n"
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method zifratze metodoa (%s-etako bat)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr " -e, --encrypted emandako pasahitzak zifraturik daude\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 zifratu testu laueko pasahitza MD5\n"
+" algoritmoa erabiliaz\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds SHA* kriptografia algoritmoentzako\n"
+" SHA erronda kopurua\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s bandera bakarrik %s banderarekin onartzen da\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e, eta -m banderak esklusiboak dira\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: onartzen ez den kriptografia metodoa: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: %d. lerroa: lerro luzegia\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: %d. lerroa: pasahitz berria falta da\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: huts %s kentzerakoan\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: %d lerroa: '%s' taldea ez da existitzen\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: %d lerroa: huts %s sarrera berria prestatzean '%s'\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s:errorea atzeman da, aldaketak alde batera utzi dira\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: `(%d lerroa, %s erabiltzailea) pasahitza ez da aldatu\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: %d lerroa: '%s' erabiltzailea ez da existitzen\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell SHELL erabiltzaile kontuaren saio shell berria\n"
+
+msgid "Login Shell"
+msgstr "Saio-hasierako shell-a"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Ez zenuke '%s'-(r)en shell-a aldatu behar.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%s(r)en saio-hasierako shell-a aldatzen\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: baliogabeko sarrera: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s shell baliogabea da\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user '%s' does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: '%s' erabiltzailea ez da existitzen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: abisua: %s ez dago %s(r)en jabegoan\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: %s eta %s aukerak elkar-jotzen dute\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: argumentu esperogabea: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all erabiltzaile guztien faillog-en\n"
+" erregistroak bistaratzen ditu\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs SEG saio-hasieran hutsegin ondoren kontua "
+"zenbat\n"
+" segundutan blokeatuta egongo den\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum GEH saio-hasierako GEHiengo hutsegite kopurua\n"
+" ezartzeko\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset saio-hasierako hutsegiteen kontatzailea\n"
+" berrezartzeko\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time EGUNAK EGUNAK baino berriagoak diren faillog-en\n"
+" erregistroak bistaratzeko\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user SAIOA faillog-en erregistroak bistaratzeko edo\n"
+" hutsegiteen kontatzailea eta ERABILTZAILEA\n"
+" izeneko erabiltzailearen(-r, -m edo -l\n"
+" aukerekin erabiltzen bada) mantentzeko\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Huts %lu UIDaren sarrera eskuratzean\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Saio-hasiera Hutsegiteak Gehienezkoa Azkena Aktiboa\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus falta]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds blokeatuta]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Errorea %lu UIDaren huts kontua berrabiaraztean\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Huts %lu UIDarentzat max ezartzean\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Huts %lu UIDarentzat blokeo-ordua ezartzean\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Eremu edo erabiltzaile ezezaguna: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Ezinda %s-ren tamaina eskuratu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: huts %s kentzerakoan\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukera] TALDEA\n"
+"\n"
+"Aukerak:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add ERAB Gehitu ERABiltzailea TALDEra\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete ERAB kendu ERABiltzailea TALDEtik\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -r, --remove-password TALDEaren pasahitaz kendu\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict mugatu sarrera TALDEra bere partaideetara\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr " -M, --members ERAB,... ezarri TALDEaren partaideen zerrenda\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" ezarri TALDEaren kudeatzaile zerrenda\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "-A eta -M auekrekin kenduta, aukerak ezin dira nahastu.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Aukera hauek ezin dira nahastu.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -A erabiltzeko itzalpeko talde-pasahitza eskatzen da\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: '%s' taldea ez da existitzen %s-(e)n\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: huts irakurketa-soileko %s ixtean\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "%s taldearen pasahitza aldatzen\n"
+
+msgid "New Password: "
+msgstr "Pasahitz berria: "
+
+msgid "Re-enter new password: "
+msgstr "Berretsi pasahitz berria: "
+
+msgid "They don't match; try again"
+msgstr "Ez dira berdinak, saiatu berriro"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Saiatu geroago\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "%s erabiltzailea %s taldean gehitzen\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "%s erabiltzailea %s taldetik kentzen\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: '%s' erabiltzailea ez da existitzen '%s'-ko partaide\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: ez da tty\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "Usage: %s [options]\n"
+#| "\n"
+#| "Options:\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] TALDEA\n"
+"\n"
+"Aukerak:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force Indartu arrakastatsuki amaitzea nahiz\n"
+" ezarritako taldea aurretik egon\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID GID erabili talde berrirako\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key KEY=BALIO /etc/login.defs lehenespenak gainidatzi\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique onartu bikoizutiko (ez bakarra) GID-a duen\n"
+" taldea sortzea\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password PASSWORD enkriptatutako pasahitza erabili talde "
+"berrirako\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system sistema kontu bat sortu\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' ez da baliozko talde-izena\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: '%s' talde ID baliogabea\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K KEY=BALIOA eskatzen du\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: '%s' taldea badago dagoeneko\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: '%lu' GIDa badago dagoeneko\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -r, --reset saio-hasierako hutsegiteen kontatzailea\n"
+" berrezartzeko\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: ezin da '%s' sarrera %s-tik kendu\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: Ezin da '%s' erabiltzailearen talde nagusia kendu\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: '%s' taldea ez da existitzen\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: '%s' taldea NIS talde bat da\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s NIS nagusia da\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: '%s' erabiltzailea '%s' taldeko partaide da dagoeneko\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: memoriarik ez. Ezin da %s eguneratu.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [ekintza]\n"
+"\n"
+"Aukerak:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group groupname aldatu talde-izena erabiltzailearen taldea "
+"ordez\n"
+" (root bakarrik)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Ekintzak:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add erabiltzailea gehitu erabiltzaile-izena taldearen "
+"partaideetara\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete erabiltzailea kendu erabiltzaile-izena taldearen "
+"partaideetatik\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge garbitu talde baten partaide guztiak\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list taldearen partaideak zerrendatu\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: zure talde-izena ez da erabiltzaile-izenaren berdina\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: root-ek bakarrik erabili dezake -g/--group aukera\n"
+
+#, fuzzy
+#| msgid " -r, --system create system accounts\n"
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -r, --system sortu sistema kontuak\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: '%s' talde izen baliogabea\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: %s taldea NIS talde bat da\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: %s erabiltzaile ezezaguna\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [taldea [gshadow]]\n"
+"\n"
+"Aukerak:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [taldea]\n"
+"\n"
+"Aukerak:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s eta -r ezin dira batera erabili\n"
+
+msgid "invalid group file entry"
+msgstr "baliogabeko talde-fitxategiko sarrera"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "'%s' lerroa ezabatu? "
+
+msgid "duplicate group entry"
+msgstr "bikoiztu taldearen sarrera"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "'%s' baliogabeko talde-izena\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "'%lu' talde ID baliogabea\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "%s taldea: %s erabiltzailea ez dago\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "'%s' kidea ezabatu? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "ez dago bat datorren talde fitxategi sarrerarik %s-(e)n\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "'%s' taldea %s(e)n gehitu? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"%s taldeak %s-n sarrera bat du, baina %s-ko pasahitza eremua ez dago 'x' "
+"bezala ezarririk\n"
+
+msgid "invalid shadow group file entry"
+msgstr "Baliogabeko itzalpeko talde-fitxategiko sarrera"
+
+msgid "duplicate shadow group entry"
+msgstr "bikoiztutako itzalpeko taldearen sarrera"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "%s itzalpeko taldea: ez dago %s erabiltzaile administratzailea\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "'%s' kide administratzailea kendu? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "%s itzalpeko taldea: %s erabiltzailea ez dago\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: fitxategiak eguneratu dira\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: aldaketarik gabe\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: ezin da %s ezabatu\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Erabilera: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Erabilera: id\n"
+
+msgid " groups="
+msgstr " taldeak="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before EGUN EGUN kopurua baino zaharragoak diren\n"
+" erregistroak\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -a, --all erabiltzaile guztien faillog-en\n"
+" erregistroak bistaratzen ditu\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -a, --all erabiltzaile guztien faillog-en\n"
+" erregistroak bistaratzen ditu\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time EGUNAK EGUNAK baino berriagoak diren erregistroak\n"
+" bakarrik bistaratzen ditu\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user IZENA IZENA duen erabiltzailearen lastlog\n"
+" erregistroa bistaratzen du\n"
+
+msgid "Username Port From Latest"
+msgstr "Erabiltzaile-izena Ataka Nondik Azkena"
+
+msgid "Username Port Latest"
+msgstr "Erabiltzaile-izena Ataka Azkena"
+
+msgid "**Never logged in**"
+msgstr "**Inoiz ez du saiorik hasi**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Huts %lu UIDaren sarrera eskuratzean\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: huts %lu UIDaren lastlog sarrera berrezartzean: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Erabilera: %s [-p] [izena]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h ostalaria] [-f izena]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r ostalaria\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "konfigurazio errorea - ezin da %s balioa analizatu: '%d'"
+
+msgid "Invalid login time"
+msgstr "Baliogabeko saio-hasieraren denbora"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema aldiko mantenuagatik itxita"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Deskonexioa saltatuta -- root-ek saio-hastea baimenduta.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Ezingo du ziurrenik funtzionatu erro efektibo bat gabe\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Ez dago utmp sarrerarik. \"login\" \"sh\" maila baxuenetik exekutatu beharko "
+"zenuke"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Saio-hasiera denboraz kanpo %u segundo igarotakoan.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "saio hasiera: PAM hutsa, uzten: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s izena: "
+
+msgid "login: "
+msgstr "izena: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Saiakera muga gainditu da (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "Saioa hastea: PAM-ek uztea eskatu du\n"
+
+msgid "Login incorrect"
+msgstr "Izen okerra"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s izena: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: huts zatitzerakoan: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY huts %s-en"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"Abisua: saio-hasiera berriro gaitu egingo da aldi bateko blokeoaren ondoren."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Azken saio-hasiera: %s %s(e)n"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Azken saio-hasiera: %.19s %s(e)n"
+
+#, c-format
+msgid " from %.*s"
+msgstr " %.*s(e)tik"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"saio hasiera denbora pasa da\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Erabilera: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Erabilera: newgrp [-] [taldea]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Erabilera: sg taldea [[-c] komandoa]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: huts %s kentzerakoan\n"
+
+msgid "Invalid password.\n"
+msgstr "Pasahitz baliogabea.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: huts zatitzerakoan: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: `%lu' GIDa ez da existitzen\n"
+
+msgid "too many groups\n"
+msgstr "talde gehiegi\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system sortu sistema kontuak\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: '%s' taldea itzalpeko talde bat da, baina ez dago /etc/group-en\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: '%s' erabiltzaile ID baliogabea\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: '%s' erabiltzaile-izen baliogabea\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: %d lerroa: lerro baliogabea\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: ezin da %s erabiltzailearen sarrera eguneratu (ez dago pasahitz "
+"datubasean)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: %d lerroa: ezin da erabiltzailea sortu\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: %d lerroa: ezin da taldea sortu\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: %d lerroa: `%s' erabiltzailea ez da existitzen %s-en\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: %d lerroa: ezin da pasahitza eguneratu\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: %d lerroa: mkdir %s-ek huts egin du: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: %d lerroa: chown %s-ek huts egin du: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: %d lerroa: ezin da sarrera eguneratu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: huts %s sarrera berria prestatzean '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: ezin da erabiltzailea sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: ezin da taldea sortu\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all kontu guztien pasahitzen egoera erreportea\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr " -d, --delete emandako kontuaren pasahitza ezabatu\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire emandako kontuaren pasahitzaren\n"
+" iraungitzea behartu\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens pasahitza iraungirik bakarrik badago\n"
+" aldatu\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INAKTIBO ezarri iraungiriko pasahitz ezgaitzea\n"
+" INAKTIBO-ra\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -l, --lock emandako kontua blokeatu\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays GUTXI_EGUN ezarri pasahitz aldaketa gutxieneko data\n"
+" GUTXI_EGUN-ra\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet ixilik modua\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+" -r, --repository ERREPOSITORIOA\n"
+" ERREPOSITORIOA errepositorioko pashitza\n"
+" aldatu\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status emandako kontuaren pasahitz egoera\n"
+" erreportea egin\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr " -u, --unlock emandako kontuaren blokeoa kendu\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays ABISU_EGUN ezarri iraungitze abisu data ABISU_EGUN-era\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays GEHI_EGUN ezarri pasahitz aldatu aurretik gehienezko\n"
+" egun kopurua GEHI_EGUN-era\n"
+
+msgid "Old password: "
+msgstr "Pasahitz zaharra: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Sartu pasahitz berria (gutxienez %d eta karaktere)\n"
+"Erabili maiuskulen, minuskulen eta zenbakien arteko konbinazioa.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Sartu pasahitz berria (gutxienez %d eta gehienez %d karaktere)\n"
+"Erabili maiuskulen, minuskulen eta zenbakien arteko konbinazioa.\n"
+
+msgid "New password: "
+msgstr "Pasahitz berria: "
+
+msgid "Try again."
+msgstr "Saiatu berriro."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Oharra: pasahitza ahula da (sartu berriro erabiltzen jarraitzeko)."
+
+msgid "They don't match; try again.\n"
+msgstr "Ez dira berdinak, saiatu berriro.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s(r)en pasahitzak ezin dira aldatu.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s(r)en pasahitza ezin dira aldatu oraindik.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: taldea desblokeatzeak pasahitz gabeko kontu baten emaitza izan dezake\n"
+"Erabiltzaile hau desblokeatzeko usermod -p erabiliaz pasahitz bat ezarri "
+"behar duzu.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: %s biltegia ez da onartzen\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s ez dago %s-ren pasahitza aldatzeko baimendurik\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Ez zenuke %s(r)en shell-a aldatu behar.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s(r)en pasahitza aldatzen\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s(r)en pasahitza aldatu gabe dago.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: pasahitza aldatuta.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: pasahitz iraungitzea informazioa aldatua.\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "Usage: %s [options]\n"
+#| "\n"
+#| "Options:\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [pasahitza]\n"
+"\n"
+"Aukerak:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [pasahitza [itzalpekoa]]\n"
+"\n"
+"Aukerak:\n"
+
+#, fuzzy
+#| msgid " -r, --system create system accounts\n"
+msgid " -q, --quiet report errors only\n"
+msgstr " -r, --system sortu sistema kontuak\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "Baliogabeko pasahitzen fitxategiko sarrera"
+
+msgid "duplicate password entry"
+msgstr "bikoiztutako pasahitz sarrera"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "%s erabiltzaile-izen baliogabea\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "'%lu' erabiltzaile ID baliogabea\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "'%s' erabiltzailea: ez da %lu talderik\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "'%s' erabiltzailea: '%s' direktorioa ez da existitzen\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "'%s' erabiltzailea: '%s' programa ez da existitzen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: ezin da %s ireki\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "ez dago bat datorren pasahitz sarrerarik %s(e)n\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "'%s' erabiltzailea %s(e)n gehitu? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"%s erabiltzaileak sarrera bat du %s-en baina %s-ko pasahitza ereemua ez dago "
+"'x' gisa ezarririk\n"
+
+msgid "invalid shadow password file entry"
+msgstr "baliogabeko itzalpeko pasahitz-fitxategiko sarrera"
+
+msgid "duplicate shadow password entry"
+msgstr "bikoiztutako itzalpeko pasahitz-fitxategiko sarrera"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "%s erabiltzailea: pasahitza etorkizunean aldatu zen azken aldiz\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: ezin dira %s fitxategiko sarrerak ordenatu\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: huts %s-ren modua 0600-ra aldatzean\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "kontu honentzako 'su' sarbidea UKATUTA.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Pasahitz autentifikazioa saltatuta.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Sartu zure pasahitz PROPIOA autentifikazio gisa.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Erabilera: su [aukerak] [IZENA]\n"
+"\n"
+"Aukerak:\n"
+" -c, --command KOMANDOA deituriko shell-ari KOMANDOA pasa\n"
+" -h, --help laguntza testu hau bistarazi eta irten\n"
+" -, -l, --login shell-a saio shell bihurtu\n"
+" -m, -p,\n"
+" --preserve-environment ez ingurune aldagaiak berezarri eta "
+"mantendu\n"
+" shell berdina\n"
+" -s, --shell SHELL SHELL erabili lehenetsiaren ordez\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ez ikusi egin zaio)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Ez duzu 'su %s' exekutatzeko baimenik\n"
+
+msgid "(Enter your own password)"
+msgstr "(zure pasahitza idatzi)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: ¡autentifikazio errorea\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Ez duzu orain su erabiltzeko baimenik\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Ez dago 'root'-en pasahitzik"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: terminal batetik exekutatu behar da\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: %d errorea\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "lastlog: Ezinda %s-ren tamaina eskuratu: %s\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Ezin izan da %s exekutatu\n"
+
+msgid "No password file"
+msgstr "Ez dago pasahitz-fitxategirik"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY huts egin du"
+
+msgid "No password entry for 'root'"
+msgstr "Ez dago 'root'-en pasahitzik"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Sakatu Kontrol+d teklak hasiera arrunta erabiltzeko,\n"
+"(edo idatzi root-en pasahitza sistemaren mantentze-lanetarako):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Sistemaren mantentze-lanetako moduan sartzen"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: %s konfigurazioa %s-n dagoena alde batetara utziko da\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: ezin da lehenespen fitxategi berria sortu\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: ezin da lehenespen fitxategi berria ireki\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: lerro luzeegia %s-n: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: berrizendatu: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: taldea '%s' NIS talde bat da.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: talde gehiegi zehaztu dira (geh. %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] IZENA\n"
+" %s -D\n"
+" %s -D [aukerak]\n"
+"\n"
+"Aukerak:\n"
+
+#, fuzzy
+#| msgid ""
+#| " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#| " home directory\n"
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir BASE_DIR Erabiltzaile kontu berriaren etxe\n"
+" direktorioaren oinarri direktorioa\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SEERAB erabili SEUSER zehatz bat SELinux "
+"erabiltzaile mapatzearentzat\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: oinarrizko '%s' direktorio baliogabea\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: '%s' iruzkin baliogabea\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: '%s' etxe-direktorio baliogabea\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: -e itzalpeko pasahitza eskatzen du\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: -f itzalpeko pasahitza eskatzen du\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: '%s' eremu baliogabea\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: '%s' shell baliogabea\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z-ek SELinux gaituriko kernel bat behar du\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: huts %lu UIDaren faillog erregistroa berrezartzean: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: huts %lu UIDaren lastlog sarrera berrezartzean: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: huts %s sarrera berria prestatzean '%s'\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+msgid "Creating mailbox file"
+msgstr "Postakutxa fitxategia sortzen"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Ez da 'mail' taldea aurkitu. Erabiltzaile postakutxa fitxategia 0600 moduan\n"
+"sortzen.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Postakutxa fitxategi baimenak ezartzen"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: '%s' erabiltzailea badago dagoeneko\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: %s taldea badago - erabiltzaile hau talde honetan gehitzeko -g erabili.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: ezin da erabiltzailea sortu\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: %lu UIDa ez da bakarra\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: ezin da taldea sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: ezin da erabiltzailea sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: ezin da taldea sortu\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: abisua: etxe direktorioa badago dagoeneko.\n"
+"Ez da bertara skel direktorioko fitxategirik kopiatuko.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: abisua: %s erabiltzaile izena %s SELinux erabiltzailera mapatzean huts "
+"egin du.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force fitxategien ezabatzea indartu nahiz ez\n"
+" erabiltzailearenak izan\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove etxe direktorioa eta posta hilara ezabatu\n"
+
+#, fuzzy
+#| msgid ""
+#| " -Z, --selinux-user new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user SELinux erabiltzaile mapatze berria "
+"erabiltzailearen kontuarentzat\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: Ezin da '%s' erabiltzailearen talde nagusia kendu\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: ezin da %s taldea ezabatu beste erabiltzaile baten talde nagusia bait "
+"da.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: ezin da '%s' sarrera %s-tik kendu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s home directory (%s) not found\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s etxe-direktorioa (%s) ez dago\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: abisua: ezin da %s ezabatu: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ez dago %s(r)en jabetzan. ez da ezabatuko\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: huts baimenak kentzerakoan (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "lastlog: Ezinda %s-ren tamaina eskuratu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: ezin da '%s' sarrera %s-tik kendu\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: %s erabiltzailea NIS erabiltzaile bat da\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s etxe-direktorioa (%s) ez dago\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: ez da %s direktorioa ezabatuko (%s(r)en etxea ezabatuko luke)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: errorea %s direktorioa ezabatzean\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: abisua: %s erabiltzaile izena %s SELinux erabiltzailera mapatzean huts "
+"egin du.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment IRUZKINA GECOS eremuaren balio berria\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home-dir ETXE_DIR erabiltzaile kontu berriaren etxe "
+"direktorioa\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr " -e, --expiredate IRAUNG_DATA kontu iraungitze data ezarri\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INAKTIBO iraungitze ondorengo pasahitz ezgaitzea\n"
+" to INAKTIBO-ra ezarri\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid TALDE erabiltzaile kontu berriarekin TALDE\n"
+" erabiltzea behartu\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+" -G, --groups TALDEAK erabiltzaile kontu berriaren talde\n"
+" gehigarriak bistarazi\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append gehitu erabiltzailea -G aukerak zehaztutako "
+"talde\n"
+" gehigarrietara beste taldeetatik kendu gabe\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login IZENA saio hasiera izenaren balio berria\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock erabiltzaile kontua blokeatu\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home etxe direktorioaren edukia kokapen berrira\n"
+" mugitu (--d-rekin bakarrik erabilgarri)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique onartu UID bikoiztuak (ez bakarrak) "
+"erabiltzea\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password PASAHITZA Enkriptaturiko pasahitza erabili pasahitz\n"
+" berriarentzat\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID erabiltzaile kontuaren UID berria\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock erabiltzaile kontua desblokeatu\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -Z, --selinux-user new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user SELinux erabiltzaile mapatze berria "
+"erabiltzailearen kontuarentzat\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: erabiltzaile pasahitza desblokeatzeak pasahitz gabeko kontu baten "
+"emaitza izan dezake\n"
+"Erabiltzaile pasahitz hau desblokeatzeko usermod -p erabiliaz pasahitz bat "
+"ezarri behar duzu.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: '%s' erabiltzailea badago dagoeneko %s-n\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: '%s' data baliogabea\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: '%s' data baliogabea\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: ezin da %s ireki\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p, eta -U banderak esklusiboak dira\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e eta -f aukerek itzalpeko pasahitzak eskatzen dute\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: '%lu' UIDa badago dagoeneko\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s ez dago %s-ren pasahitza aldatzeko baimendurik\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: %s direktorioa badago\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: abisua: huts %s etxe direktorio zaharra guztiz ezabatzerakoan"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: ezin da %s direktorioa %s gisa izenez aldatu\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: huts %lu erabiltzailearen lastlog sarrera %lu erabiltzailera kopiatzean: "
+"%s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: huts %lu erabiltzailearen faillog sarrera %lu erabiltzailera kopiatzean: "
+"%s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: abisua: %s ez dago %s(r)en jabegoan\n"
+
+msgid "failed to change mailbox owner"
+msgstr "huts egin du postontzia jabez aldatzean"
+
+msgid "failed to rename mailbox"
+msgstr "huts egin du postontzia izenez aldatzean"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: huts %s sarrera berria prestatzean '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: huts %s sarrera berria prestatzean '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: huts %s sarrera berria prestatzean '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: huts %s sarrera berria prestatzean '%s'\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"%s eraldatu duzu\n"
+"Konsistetziagatik %s eraldatu behar duzu.\n"
+"Mesedez erabili '%s' komandoa horretarako.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group talde datu-basea editatu\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd pasahitz datu-basea editatu\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr " -s, --shadow shadow edo gshadow datubasea editatu\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: huts %s kentzerakoan\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s ez da aldatu\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "huts egin du postontzia izenez aldatzean"
+
+msgid "failed to drop privileges"
+msgstr "huts baimenak kentzerakoan"
+
+msgid "Couldn't get file context"
+msgstr "Ezin da fitxategi testuingurua eskuratu"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () -ek huts egin du"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: huts baimenak kentzerakoan (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Ezin da fitxategia blokeatu"
+
+msgid "Couldn't make backup"
+msgstr "Ezin izan da babeskopiarik egin"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to open scratch file"
+msgstr "huts egin du postontzia izenez aldatzean"
+
+#, fuzzy
+#| msgid "%s: failed to unlock %s\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: huts %s desblokeatzean\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "huts egin du postontzia izenez aldatzean"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "huts egin du postontzia jabez aldatzean"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "huts egin du postontzia izenez aldatzean"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: ezin da %s leheneratu: %s (zure aldaketak %s(e)n daude)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: oinarrizko '%s' direktorio baliogabea\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr " -c, --crypt-method zifratze metodoa (%s-etako bat)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Erabilera: vipw [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) huts egin du\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: chage [aukerak] [IZENA]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -d, --lastday AZKEN_EGUNA ezarri pasahitz aldaketa AZKEN_EGUNA\n"
+#~ " -E, --expiredate IRAUNGITZE_DATA ezarri kontu iraungitze data\n"
+#~ " IRAUNGITZE_DATA-ra\n"
+#~ " -h, --help laguntza mezu hau bistarazi eta "
+#~ "irten\n"
+#~ " -I, --inactive INACTIVE ezarri pasahitza ezgaitua bezala\n"
+#~ " -INACTIVE iraungitzean\n"
+#~ " -l, --list kontu denbora informazioa bistarazi\n"
+#~ " -m, --mindays GUTXI_EGUN pasahitz aldaketa gutxieneko data\n"
+#~ " GUTXI_EGUN-era aldatu\n"
+#~ " -M, --maxdays GEHI_EGUN pasashitz aldaketa gehienezko data\n"
+#~ " GEHI_EGUN-era aldatu\n"
+#~ " -W, --warndays ABISU_EGUN iraungitze abisua ABISU_EGUN-era "
+#~ "ezarri\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM autentifikazioak huts egin du\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Erabilera: %s [-f izen_osoa] [-r gela_zenb] [-w lan_tlf]\n"
+#~ "\t[-h etxe_tlf] [-o bestelakoa] [erabiltzaile-izena]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Erabilera: %s [-f izen_osoa] [-r gela_zb] [-w lan_tlf] [-h etxe_tlf]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Erabilera: %s [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -c, --crypt-method kriptografia metodoa (%s-etako bat)\n"
+#~ " -e, --encrypted emandako pasahitzak enkripatzen dira\n"
+#~ " -h, --help laguntzako mezu hau erakutsi eta irten\n"
+#~ " egiten da\n"
+#~ " -m, --md5 erabili MD5 enkriptatze algoritmoa ,\n"
+#~ " pasahitzak enkriptatuta ez daudenean\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: chsh [aukerak] [IZENA]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -h, --help laguntza testu hau bistarazi eta irten\n"
+#~ " -r, --shell IZENA erabiltzaile kontukoaren shell berria\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Erabilera: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "huts-erregistroa: Huts %lu UID-arentat sarrera eskuratzean\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "huts-erregistroa: Ezin da %s ireki: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "huts-erregistroa: Ezinda %s tamaina eskuratu: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Erabilera: groupdel taldea\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Erabilera: %s [-r] [-s] [taldea [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Erabilera: %s [-r] [-s] [taldea]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s eta -r ezin dira batera erabili\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Erabilera: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Erabilera: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: lastlog [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -b, --before EGUN EGUN kopurua baino zaharragoak diren\n"
+#~ " erregistroak\n"
+#~ " -h, --help laguntzako mezu hau bistaratu eta irten\n"
+#~ " egiten da\n"
+#~ " -t, --time EGUNAK EGUNAK baino berriagoak diren "
+#~ "erregistroak\n"
+#~ " bakarrik bistaratzen ditu\n"
+#~ " -u, --user IZENA IZENA duen erabiltzailearen lastlog\n"
+#~ " erregistroa bistaratzen du\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: passwd [aukerak] [IZENA]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -a, --all kontu guztien pasahitzen egoera "
+#~ "erreportea\n"
+#~ " -d, --delete emandako kontuaren pasahitza ezabatu\n"
+#~ " -e, --expire emandako kontuaren pasahitzaren\n"
+#~ " iraungitzea behartu\n"
+#~ " -h, --help laguntza mezu hau bistarazi eta irten\n"
+#~ " -k, --keep-tokens pasahitza iraungirik bakarrik badago\n"
+#~ " aldatu\n"
+#~ " -i, --inactive INAKTIBO ezarri iraungiriko pasahitz ezgaitzea\n"
+#~ " INAKTIBO-ra\n"
+#~ " -l, --lock emandako kontua blokeatu\n"
+#~ " -n, --mindays GUTXI_EGUN ezarri pasahitz aldaketa gutxieneko "
+#~ "data\n"
+#~ " GUTXI_EGUN-ra\n"
+#~ " -q, --quiet ixilik modua\n"
+#~ " -r, --repository ERREPOSITORIOA ERREPOSITORIOA errepositorioko "
+#~ "pashitza\n"
+#~ " aldatu\n"
+#~ " -S, --status emandako kontuaren pasahitz egoera\n"
+#~ " erreportea egin\n"
+#~ " -u, --unlock emandako kontuaren blokeoa kendu\n"
+#~ " -w, --warndays ABISU_EGUN ezarri iraungitze abisu data "
+#~ "ABISU_EGUN-era\n"
+#~ " -x, --maxdays GEHI_EGUN ezarri pasahitz aldatu aurretik "
+#~ "gehienezko\n"
+#~ " egun kopurua GEHI_EGUN-era\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Erabilera: %s [-q] [-r] [-s] [pasahitza [itzalpekoa]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Erabilera: %s [-q] [-r] [-s] [pasahitza [itzalpekoa]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Erabilera: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Erabilera: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "ID ezezaguna: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Ez dago shell-a\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: userdel [aukerak] IZENA\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -f, --force fitxategien ezabatzea indartu nahiz ez\n"
+#~ " erabiltzailearenak izan\n"
+#~ " -h, --help laguntza testu hau bistarazi eta irten\n"
+#~ " -r, --remove etxe direktorioa eta posta hilara "
+#~ "ezabatu\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: une honetan %s erabiltzaileak saioan sartuta dago\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Erabilera: usermod [aukerak] IZENA\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -c, --comment IRUZKINA GECOS eremuaren balio berria\n"
+#~ " -d, --home-dir ETXE_DIR erabiltzaile kontu berriaren etxe "
+#~ "direktorioa\n"
+#~ " -e, --expiredate IRAUNG_DATA kontu iraungitze data ezarri\n"
+#~ " -f, --inactive INAKTIBO iraungitze ondorengo pasahitz ezgaitzea\n"
+#~ " to INAKTIBO-ra ezarri\n"
+#~ " -g, --gid TALDE erabiltzaile kontu berriarekin TALDE\n"
+#~ " erabiltzea behartu\n"
+#~ " -G, --groups TALDEAK erabiltzaile kontu berriaren talde\n"
+#~ " gehigarriak bistarazi\n"
+#~ " -a, --append gehitu erabiltzailea -G aukerak "
+#~ "zehaztutako talde\n"
+#~ " gehigarrietara beste taldeetatik kendu "
+#~ "gabe\n"
+#~ " -h, --help laguntza mezu hau bistarazi eta irten\n"
+#~ " -l, --login IZENA saio hasiera izenaren balio berria\n"
+#~ " -L, --lock erabiltzaile kontua blokeatu\n"
+#~ " -m, --move-home etxe direktorioaren edukia kokapen "
+#~ "berrira\n"
+#~ " mugitu (--d-rekin bakarrik erabilgarri)\n"
+#~ " -o, --non-unique onartu UID bikoiztuak (ez bakarrak) "
+#~ "erabiltzea\n"
+#~ " -p, --password PASAHITZA Enkriptaturiko pasahitza erabili "
+#~ "pasahitz\n"
+#~ " berriarentzat\n"
+#~ " -s, --shell SHELL erabiltzaile kontuaren saio shell berria\n"
+#~ " -u, --uid UID erabiltzaile kontuaren UID berria\n"
+#~ " -U, --unlock erabiltzaile kontua desblokeatu\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: ez da banderarik eman\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: vipw [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -g, --group talde datu-basea editatu\n"
+#~ " -h, --help laguntza testu hau bistarazi eta irten\n"
+#~ " -p, --passwd pasahitz datu-basea editatu\n"
+#~ " -q, --quiet ixiltasun modua\n"
+#~ " -s, --shadow shadow edo gshadow datubasea editatu\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --add USER add USER to GROUP\n"
+#~ " -d, --delete USER remove USER from GROUP\n"
+#~ " -r, --remove-password remove the GROUP's password\n"
+#~ " -R, --restrict restrict access to GROUP to its members\n"
+#~ " -M, --members USER,... set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: %s [aukera] TALDEA\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -a, --add ERAB Gehitu ERABiltzailea TALDEra\n"
+#~ " -d, --delete ERAB kendu ERABiltzailea TALDEtik\n"
+#~ " -r, --remove-password TALDEaren pasahitaz kendu\n"
+#~ " -R, --restrict mugatu sarrera TALDEra bere "
+#~ "partaideetara\n"
+#~ " -M, --members ERAB,... ezarri TALDEaren partaideen zerrenda\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group groupname change groupname instead of the user's "
+#~ "group\n"
+#~ " (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ " -a, --add username add username to the members of the group\n"
+#~ " -d, --delete username remove username from the members of the "
+#~ "group\n"
+#~ " -p, --purge purge all members from the group\n"
+#~ " -l, --list list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: groupmems [aukerak] [ekintza]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -g, --group groupname aldatu talde-izena erabiltzailearen "
+#~ "taldea ordez\n"
+#~ " (root bakarrik)\n"
+#~ "\n"
+#~ "Ekintzak:\n"
+#~ " -a, --add erabiltzailea gehitu erabiltzaile-izena taldearen "
+#~ "partaideetara\n"
+#~ " -d, --delete erabiltzailea kendu erabiltzaile-izena taldearen "
+#~ "partaideetatik\n"
+#~ " -p, --purge garbitu talde baten partaide guztiak\n"
+#~ " -l, --list taldearen partaideak zerrendatu\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: %s [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Erabilera: %s [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: ezin da %s sortu\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s:ezin da %s jabez aldatu\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: faillog [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -a, --all erabiltzaile guztien faillog-en\n"
+#~ " erregistroak bistaratzen ditu\n"
+#~ " -h, --help laguntzako mezu hau bistarazi eta irten\n"
+#~ " -l, --lock-time SEG saio-hasieran hutsegin ondoren kontua "
+#~ "zenbat\n"
+#~ " segundutan blokeatuta egongo den\n"
+#~ " -m, --maximum GEH saio-hasierako GEHiengo hutsegite "
+#~ "kopurua\n"
+#~ " ezartzeko\n"
+#~ " -r, --reset saio-hasierako hutsegiteen kontatzailea\n"
+#~ " berrezartzeko\n"
+#~ " -t, --time EGUNAK EGUNAK baino berriagoak diren faillog-en\n"
+#~ " erregistroak bistaratzeko\n"
+#~ " -u, --user SAIOA faillog-en erregistroak bistaratzeko edo\n"
+#~ " hutsegiteen kontatzailea eta "
+#~ "ERABILTZAILEA\n"
+#~ " izeneko erabiltzailearen(-r, -m edo -l\n"
+#~ " aukerekin erabiltzen bada) mantentzeko\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: groupadd [aukerak] TALDEA\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -f, --force Indartu arrakastatsuki amaitzea nahiz\n"
+#~ " ezarritako taldea aurretik egon\n"
+#~ " -g, --gid GID GID erabili talde berrirako\n"
+#~ " -h, --help laguntza hau bistarazi eta irten\n"
+#~ " -K, --key KEY=BALIO /etc/login.defs lehenespenak gainidatzi\n"
+#~ " -o, --non-unique onartu bikoizutiko (ez bakarra) GID-a "
+#~ "duen\n"
+#~ " taldea sortzea\n"
+#~ " -p, --password PASSWORD enkriptatutako pasahitza erabili talde "
+#~ "berrirako\n"
+#~ " -r, --system sistema kontu bat sortu\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: groupmod [aukerak] TALDEA\n"
+#~ "\n"
+#~ "Aukerak::\n"
+#~ " -g, --gid GID taldearentzat GID berria erabiltzea "
+#~ "indartu\n"
+#~ " -h, --help laguntza hau bistarazi eta irten\n"
+#~ " -K, --new-name TALDE_BERRIA Taldearentzat TALDE_BERRI izena\n"
+#~ " erabiltzea indartu\n"
+#~ " -o, --non-unique onartu TALDEAK bikoizutiko (ez bakarra) "
+#~ "GID-a erabiltzea\n"
+#~ " -p, --password PASSWORD enkriptatutako pasahitza erabili pasahitz "
+#~ "berrirako\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Erabilera: useradd [aukerak] IZENA\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ " -b, --base-dir BASE_DIR Erabiltzaile kontu berriaren etxe\n"
+#~ " direktorioaren oinarri direktorioa\n"
+#~ " -c, --comment IRUZKINA erabiltzaile kontu berriaren GECOS "
+#~ "ezarri\n"
+#~ " -d, --home-dir HOME_DIR erabiltzaile kontu berriaren etxe\n"
+#~ " direktorioa\n"
+#~ " -D, --defaults bistarazi edo gorde aldaturiko\n"
+#~ " lehenetsiriko useradd konfigurazioa\n"
+#~ " -e, --expiredate IRAUNG_DATA kontu iraungitze data ezarri\n"
+#~ " -f, --inactive EZAKTIBO ezarri pasahitza ez-aktibo gisa EZAKTIBO "
+#~ "iarungitzearen\n"
+#~ " ondoren\n"
+#~ " -g, --gid TALDE erabiltzaile kontu berriarekin TALDE\n"
+#~ " erabiltzea behartu\n"
+#~ " -G, --groups TALDEAK erabiltzaile kontu berriaren talde\n"
+#~ " gehiarriak bistarazi\n"
+#~ " -h, --help laguntza mezu hau bistarazi eta irten\n"
+#~ " -k, --skel SKEL_DIR beste skel direktorio bat ezarri\n"
+#~ " -K, --key KEY=BALIO lehenetsiriko /etc/login.defs gainidatzi\n"
+#~ " -l, --no-log-init ez gehitu erabiltzailea lastlog eta "
+#~ "faillog\n"
+#~ " datu-baseetara\n"
+#~ " -m, --create-home erabiltzaile kontu berriarentzar etxe\n"
+#~ " direktorioa sortu\n"
+#~ " -M, --no-create-home ez sortu erabiltzailearen etxe-"
+#~ "direktorioa\n"
+#~ " (/etc/login.defs gainidazten du)\n"
+#~ " -N, --no-user-group ez sortu erabiltzailearen izen berdineko\n"
+#~ " talde bat\n"
+#~ " -o, --non-unique onartu erabiltzailea sortzea "
+#~ "bikoizturiko\n"
+#~ " (ez-bakarra) UIDa erabiliaz\n"
+#~ " -p, --password PASAHITZA enkriptatutako pasahitza erabili "
+#~ "erabiltzaile\n"
+#~ " berri kontuarentzat\n"
+#~ " -r, --system sistema kontu bat sortu\n"
+#~ " -s, --shell SHELL Erabiltzaile kontu berriaren sarrera "
+#~ "shell-a\n"
+#~ " -u, --uid UID behartu UID erabiltzea erabiltzaile kontu "
+#~ "berriarentzat\n"
+#~ " -U, --user-group sortu erabiltzailearen izen berdineko "
+#~ "talde bat\n"
+#~ "%s\n"
diff --git a/po/fi.po b/po/fi.po
new file mode 100644
index 0000000..b177bdc
--- /dev/null
+++ b/po/fi.po
@@ -0,0 +1,3609 @@
+# Finnish translation for shadow.
+# Copyright (C) 2004-2007 Free Software Foundation, Inc.
+# Tommi Vainikainen <Tommi.Vainikainen@iki.fi>, 2004-2007.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18.1\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-24 22:54+0100\n"
+"Last-Translator: Tommi Vainikainen <thv+debian@iki.fi>\n"
+"Language-Team: Finnish <debian-l10n-finnish@lists.debian.org>\n"
+"Language: fi\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Asetustiedoille ei voi varata tilaa.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "asetusvirhe - tuntematon kohta \"%s\" (kerro ylläpidolle)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Salasana: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Käyttäjän %s salasana: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Asetustiedoille ei voi varata tilaa.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Muutetaan käyttäjän %s vanhenemistietoja\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Käyttäjätunnusta ei voi selvittää.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: rivi %d: käyttäjää %s ei löydy\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: muisti loppui\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: tiedostoa %s ei voi päivittää\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: virheellinen kotihakemisto \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: varoitus: ei voi poistaa tiedostoa "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: varoitus: ei voi poistaa tiedostoa "
+
+# Kannattaako tuota kääntää, siinä viitataan rename()-funktioon...
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: varoitus: ei voi poistaa tiedostoa "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: varoitus: ei voi poistaa tiedostoa "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: tiedostoa %s ei voi päivittää\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: varjotiedostoa ei voi päivittää\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+# Kannattaako tuota kääntää, siinä viitataan rename()-funktioon...
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Varoitus: tuntematon ryhmä %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Varoitus: liian monta ryhmää\n"
+
+msgid "Your password has expired."
+msgstr "Salasanasi on vanhentunut."
+
+msgid "Your password is inactive."
+msgstr "Salasanasi ei ole käytössä."
+
+msgid "Your login has expired."
+msgstr "Käyttäjätunnuksesi on vanhentunut."
+
+msgid " Contact the system administrator."
+msgstr " Ota yhteys järjestelmän ylläpitoon."
+
+msgid " Choose a new password."
+msgstr " Valitse uusi salasana."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Salasanasi vanhenee %ld päivässä.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Salasanasi vanhenee huomenna."
+
+msgid "Your password will expire today."
+msgstr "Salasanasi vanhenee tänään."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Päätettä %s ei voi vaihtaa"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: kentät liian pitkiä\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Ympäristön ylivuoto\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Et voi muuttaa muuttujaa $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"Edellisen kirjautumisen jälkeen %d epäonnistunut yritys.\n"
+"Viimeisin oli %s päätteellä %s.\n"
+msgstr[1] ""
+"Edellisen kirjautumisen jälkeen %d epäonnistunutta yritystä.\n"
+"Viimeisin oli %s päätteellä %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "postilaatikon omistajan vaihtaminen epäonnistui"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: ei saa ainutkertaista UID:tä\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: ei saa ainutkertaista GID:iä\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: ei saa ainutkertaista UID:tä\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: ei saa ainutkertaista UID:tä\n"
+
+msgid "Too many logins.\n"
+msgstr "Liian monta sisäänkirjautumista.\n"
+
+msgid "You have new mail."
+msgstr "Sinulle on uutta postia."
+
+msgid "No mail."
+msgstr "Ei postia."
+
+msgid "You have mail."
+msgstr "Sinulle on postia."
+
+msgid "no change"
+msgstr "ei muutoksia"
+
+msgid "a palindrome"
+msgstr "palidromi"
+
+msgid "case changes only"
+msgstr "vain kirjainkoon muutoksia"
+
+msgid "too similar"
+msgstr "liian samankaltainen"
+
+msgid "too simple"
+msgstr "liian yksinkertainen"
+
+msgid "rotated"
+msgstr "pyöräytetty"
+
+msgid "too short"
+msgstr "liian lyhyt"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Huono salasana: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() epäonnistui, virhe %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Salasana vaihdettu."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: salasanan päivitys onnistui\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Väärä salasana käyttäjälle \"%s\".\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: virheellinen kotipuhelin: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Ei voi vaihtaa hakemistoon \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Ei hakemistoa, sisäänkirjaudutaan siten, että HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Ei voi suorittaa %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Virheellinen juurihakemisto \"%s\"\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Ei voi vaihtaa juurihakemistoksi \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Tty-päätteesi nimeä ei voi selvittää."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Ei\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Syötä uusi arvo tai paina ENTER jättääksesi oletuksen"
+
+msgid "Minimum Password Age"
+msgstr "Salasanan ikä vähintään"
+
+msgid "Maximum Password Age"
+msgstr "Salasanan ikä korkeintaan"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Viimeisin salasanan vaihto (VVVV-KK-PP)"
+
+msgid "Password Expiration Warning"
+msgstr "Salasanan vanhenemisvaroitus"
+
+msgid "Password Inactive"
+msgstr "Salasana pois käytöstä"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Tunnuksen vanhenemispäiväys (VVVV-KK-PP)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Edellinen salasanan vaihto\t\t\t\t\t: "
+
+msgid "never"
+msgstr "ei koskaan"
+
+msgid "password must be changed"
+msgstr "salasana täytyy vaihtaa"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Salasana vanhenee\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Salasana pois käytöstä\t\t\t\t\t:"
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Tunnus vanhenee\t\t\t\t\t:"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Salasanan vaihtamisten välillä vähintään päiviä\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Salasanan vaihtamisten välillä korkeintaan päiviä\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Montako päivää varoitetaan ennen salasanan vanhenemista\t\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: virheellinen päiväys \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: virheellinen numeroargumentti \"%s\"\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: älä sisällytä \"l\" muiden lippujen kanssa\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Lupa evätty.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Käyttäjätunnusta ei voi selvittää.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: tiedostoja ei voi lukita, yritä myöhemmin uudelleen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: fork-kutsu epäonnistui: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: varjosalasanatiedostoa ei ole\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Muutetaan käyttäjän %s vanhenemistietoja\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: virhe muutettaessa kenttiä\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Koko nimi"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Huonenumero"
+
+msgid "Work Phone"
+msgstr "Työpuhelin"
+
+msgid "Home Phone"
+msgstr "Kotipuhelin"
+
+msgid "Other"
+msgstr "Muu"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Ei voi vaihtaa tunnusta pääkäyttäjäksi.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: virheellinen nimi: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: virheellinen huonenumero: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: virheellinen työpuhelin: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: virheellinen kotipuhelin: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" sisältää ei-sallittuja merkkejä\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" sisältää ei-sallittuja merkkejä\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: ei voi vaihtaa käyttäjää \"%s\" NIS-asiakkaalla.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: \"%s\" on NIS-palvelin tälle asiakkaalle.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Muutetaan käyttäjän %s tietoja\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: kentät liian pitkiä\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: Valitsinta -a voi käyttää VAIN yhdessä valitsimen -G kanssa\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: rivi %d: rivi on liian pitkä\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: rivi %d: uusi salasana puuttuu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: ryhmää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: rivi %d: tietuetta ei voi päivittää\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: virhe havaittu, muutokset ohitetaan\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Sisäänkirjautumiskuori"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Et voi muuttaa käyttäjän %s kuorta.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Muutetaan käyttäjän %s sisäänkirjautumiskuorta\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Virheellinen tietue: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s on virheellinen kuori.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: varoitus: tiedoston %s omistaja ei ole %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: odottamaton argumentti: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Tunnus Epäonn. Enint. Edellinen Päätteellä\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds jäljellä]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lukittu]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Tuntematon käyttäjä: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Käyttäjän %s salasanaa ei voi vaihtaa.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Käyttäjän %s salasanaa ei voi vaihtaa.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: varjoryhmäsalanat vaaditaan valitsimelle -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: ryhmää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: fork-kutsu epäonnistui: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Vaihdetaan ryhmän %s salasana\n"
+
+msgid "New Password: "
+msgstr "Uusi salasana: "
+
+msgid "Re-enter new password: "
+msgstr "Toista uusi salasana: "
+
+msgid "They don't match; try again"
+msgstr "Ne eivät täsmää. Yritä uudelleen"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Yritä myöhemmin uudelleen\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Lisätään käyttäjä %s ryhmään %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Poistetaan käyttäjä %s ryhmästä %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Ei ole pääte\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s ei ole kelpo ryhmänimi\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "virheellinen ryhmänimi \"%s\"\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K vaatii AVAIN=ARVO\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: ryhmä %s on olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Jäsen on jo olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Käyttäjätunnusta ei voi selvittää.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: ei voi vaihtaa käyttäjää \"%s\" NIS-asiakkaalla.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: ryhmää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: ryhmä \"%s\" on NIS-ryhmä.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: isäntä %s on NIS-palvelin\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: käyttäjä %s on NIS-käyttäjä\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: muisti loppui funktiossa update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "virheellinen ryhmänimi \"%s\"\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: ryhmä %s on NIS-ryhmä\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: Tuntematon käyttäjä %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: valitsimet -s ja -r eivät sovi yhteen\n"
+
+msgid "invalid group file entry"
+msgstr "virheellinen ryhmätiedostotietue"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "poista rivi \"%s\"? "
+
+msgid "duplicate group entry"
+msgstr "kaksinkertainen ryhmätietue"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "virheellinen ryhmänimi \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "virheellinen ryhmänimi \"%s\"\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "ryhmä %s: ei käyttäjää %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "poista jäsen \"%s\"? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "ei täsmäävää ryhmätiedostotietuetta tiedostossa %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "lisää ryhmä \"%s\" tiedostoon %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "virheellinen tietue varjoryhmätiedostossa"
+
+msgid "duplicate shadow group entry"
+msgstr "kaksinkertainen varjoryhmätietue"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "varjoryhmä %s: käyttäjä %s ei kuulu ylläpitoon\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "poista ylläpidon jäsen \"%s\"? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "varjoryhmä %s: ei käyttäjää %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: tiedostot päivitettiin\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: ei muutoksia\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: tiedostoa %s ei voi päivittää\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Käyttö: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Käyttö: id\n"
+
+msgid " groups="
+msgstr " ryhmät="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "Käyttäjä Portti Mistä Viimeksi"
+
+msgid "Username Port Latest"
+msgstr "Käyttäjä Portti Viimeksi"
+
+msgid "**Never logged in**"
+msgstr "**Ei koskaan kirjautunut sisään**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: salasanatiedostoa ei voi päivittää\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Käyttö: %s [-p] [nimi]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h isäntä] [-f nimi]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r isäntä\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Virheellinen kirjautumisaika"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Järjestelmä on suljettu ylläpidon ajaksi"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Yhteydenkatkaisu ohitettu -- pääkäyttäjän kirjautuminen sallittu.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr "Ei utmp-tietuetta. Suorita \"login\" alimman tason kuoresta"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Sisäänkirjautuminen keskeytetty %d sekunnin jälkeen.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM-virhe, keskeytetään: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s-tunnus: "
+
+msgid "login: "
+msgstr "tunnus: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Suurin sallittu määrä yrityksiä ylitetty (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: keskeytyspyyntö PAM:sta\n"
+
+msgid "Login incorrect"
+msgstr "Sisäänkirjautuminen epäonnistui"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: rivi %d: käyttäjää %s ei löydy\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s-tunnus: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fork-kutsu epäonnistui: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"Varoitus: sisäänkirjautuminen uudelleen käytössä hetkellisen eston jälkeen."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Edellinen kirjautuminen: %s päätteellä %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Edellinen kirjautuminen: %.19s päätteellä %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " osoitteesta %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"sisäänkirjautumisaika ylitetty\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Käyttö: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Käyttö: newgrp [-] [ryhmä]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Käyttö: sg ryhmä [[-c] komento]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Vanha salasana: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fork-kutsu epäonnistui: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+msgid "too many groups\n"
+msgstr "liian monta ryhmää\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: ryhmää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: virheellinen käyttäjätunnus \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: virheellinen käyttäjätunnus \"%s\"\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: rivi %d: virheellinen rivi\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: käyttäjän %s tietuetta ei voi päivittää\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: rivi %d: GIDiä ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: rivi %d: GIDiä ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: rivi %d: salasanaa ei voi päivittää\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: rivi %d: mkdir epäonnistui\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: rivi %d: chown epäonnistui\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: rivi %d: tietuetta ei voi päivittää\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: ryhmätiedostoa ei voi päivittää\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Vanha salasana: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Syötä uusi salasana (vähintään %d ja korkeintaan %d merkkiä)\n"
+"Käytäthän salasanassa numeroita sekä pien- ja suuraakkosia.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Syötä uusi salasana (vähintään %d ja korkeintaan %d merkkiä)\n"
+"Käytäthän salasanassa numeroita sekä pien- ja suuraakkosia.\n"
+
+msgid "New password: "
+msgstr "Uusi salasana: "
+
+msgid "Try again."
+msgstr "Yritä uudelleen."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Varoitus: heikko salasana (syötä uudelleen käyttääksesi joka tapauksessa)."
+
+msgid "They don't match; try again.\n"
+msgstr "Ne eivät täsmää. Yritä uudelleen.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Käyttäjän %s salasanaa ei voi vaihtaa.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Käyttäjän %s salasanaa ei voi vaihtaa.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: tietolähdettä %s ei tueta\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Et voi katsoa tai muokata käyttäjän %s salasanatietoja.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Vaihdetaan salasana käyttäjälle %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Käyttäjän %s salasanaa ei vaihdettu.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Salasana vaihdettu."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Salasanan vanhenemisvaroitus"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "virheellinen sanasanatiedostotietue"
+
+msgid "duplicate password entry"
+msgstr "kaksinkertainen salasanatietue"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "virheellinen käyttäjätunnus \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "virheellinen käyttäjätunnus \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "käyttäjä %s: ei ryhmää %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "käyttäjä %s: hakemistoa %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "käyttäjä %s: kuorta %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "ei täsmäävää salasanatiedostotietuetta tiedostossa %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "lisää käyttäjä \"%s\" tiedostoon %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "virheellinen tietue varjosalasanatiedostossa"
+
+msgid "duplicate shadow password entry"
+msgstr "kaksinkertainen varjosalasanatietue"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "käyttäjä %s: viimeisin salasanan vaihto tapahtunut tulevaisuudessa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: tiedostoa ei voi uudelleenkirjoittaa\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Tunnuksen vaihtaminen täksi käyttäjäksi EVÄTTY.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Salasanatodennus ohitettu.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Syötä OMA salasanasi todennukseksi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Käyttö: su [valitsimet] [TUNNUS]\n"
+"\n"
+"Valitsimet:\n"
+" -c, --command KOMENTO Välitä KOMENTO käynnistyvälle kuorelle\n"
+" -h, --help Näytä tämä ohje ja lopeta\n"
+" -, -l, --login Tee kuoresta sisäänkirjautumiskuori\n"
+" -m, -p,\n"
+" --preserve-environment Älä tyhjää ympäristömuuttujia ja säilytä\n"
+" sama kuori\n"
+" -s, --shell KUORI Käytä kuorta KUORI passwd:n oletuksen "
+"sijaan\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ohitettu)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Sinulla ei ole lupaa asettua käyttäjäksi %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Syötä oma salasanasi)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM-todennus epäonnistui\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Sinulla ei ole lupaa asettua käyttäjäksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Ei salasanatietuetta pääkäyttäjälle (\"root\")"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: täytyy suorittaa päätteessä\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: virhe %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Ei voi suorittaa %s"
+
+msgid "No password file"
+msgstr "Ei salasanatiedosto"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Ei salasanatietuetta pääkäyttäjälle (\"root\")"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Paina ctrl-d jatkaaksesi normaalia käynnistystä,\n"
+"(tai syötä pääkäyttäjän salasana järjestelmän ylläpitämiseksi):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Siirrytään järjestelmän ylläpitotilaan"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: uutta defaults-tiedostoa ei voi luoda\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: uutta defaults-tiedostoa ei voi avata\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: rivi %d: chown epäonnistui\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+# Kannattaako tuota kääntää, siinä viitataan rename()-funktioon...
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: ryhmä \"%s\" on NIS-ryhmä.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: liian monta ryhmää määritelty (korkeintaan %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: virheellinen perushakemisto \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: virheellinen kommentti \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: virheellinen kotihakemisto \"%s\"\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: varjosalasanat vaaditaan valitsimelle -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: varjosalasanat vaaditaan valitsimelle -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: virheellinen kenttä \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: virheellinen kuori \"%s\"\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+msgid "Creating mailbox file"
+msgstr "Luodaan postilaatikkotiedosto"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Ryhmää \"mail\" ei löytynyt. Luodaan käyttäjälle postilaatikkotiedosto 0600-"
+"oikeuksin.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Asetetaan postilaatikkotiedoston oikeudet"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: käyttäjä %s on olemassa\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: ryhmä %s on olemassa - jos haluat lisätä tämän käyttäjän ryhmään, käytä "
+"valitsinta -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u ei ole ainutkertainen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: varoitus: kotihakemisto on jo olemassa.\n"
+"Ei kopioida yhtään tiedostoa sinne skel-hakemistosta.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: ei voi vaihtaa käyttäjää \"%s\" NIS-asiakkaalla.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Ryhmää %s ei voi poistaa, koska se on toisen käyttäjän ensisijainen "
+"ryhmä.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: virheellinen kotihakemisto \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: varoitus: ei voi poistaa tiedostoa "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: tiedoston %s omistaja ei ole %s, ei poisteta\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: käyttäjä %s on NIS-käyttäjä\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: virheellinen kotihakemisto \"%s\"\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: ei poisteta hakemistoa %s (poistettaisiin käyttäjän %s kotihakemisto)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: virhe poistettaessa hakemistoa %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: käyttäjä %s on olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: virheellinen päiväys \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: virheellinen päiväys \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: varjosalasanat vaaditaan valitsimille -e ja -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Jäsen on jo olemassa\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: hakemisto %s on olemassa\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: varoitus: vanhan kotihakemiston %s täydellinen poistaminen epäonnistui"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: varoitus: tiedoston %s omistaja ei ole %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "postilaatikon omistajan vaihtaminen epäonnistui"
+
+msgid "failed to rename mailbox"
+msgstr "postilaatikon uudelleennimeäminen epäonnistui"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: tiedostoa %s ei muutettu\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "postilaatikon uudelleennimeäminen epäonnistui"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Tiedostoa ei voi lukita"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Tiedostoa ei voi lukita"
+
+msgid "Couldn't make backup"
+msgstr "Tiedostoa ei voi varmuuskopioida"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: Käyttäjää %s ei löydy tiedostosta /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Ryhmätiedostoa ei voi avata\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: kentät liian pitkiä\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "postilaatikon uudelleennimeäminen epäonnistui"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "postilaatikon omistajan vaihtaminen epäonnistui"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "postilaatikon uudelleennimeäminen epäonnistui"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+"%s: tiedostoa %s ei voi palauttaa: %s (muutoksesi ovat tiedostossa %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: virheellinen perushakemisto \"%s\"\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Käyttö: %s [syöte]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) epäonnistui\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: chage [valitsimet] [TUNNUS]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -d, --lastday VIIM_PVM Aseta edelliseksi salasanan "
+#~ "vaihtopäiväksi\n"
+#~ " VIIM_PVM\n"
+#~ " -E, --expiredate VANH_PVM Aseta tilin vanhenemispäiväykseksi "
+#~ "VANH_PVM\n"
+#~ " -h, --help Näytä tämä ohje ja lopeta\n"
+#~ " -I, --inactive POISKÄYTÖSTÄ Ota salasana pois käytöstä POISKÄYTÖSTÄ\n"
+#~ " päivää vanhenemisen jälkeen\n"
+#~ " -l, --list Näytä tilin vanhenemistiedot\n"
+#~ " -m, --mindays MIN_PÄIVIÄ Aseta pienimmäksi sallittuksi määräksi\n"
+#~ " päiviä ennen salasanan vaihtamista "
+#~ "MIN_PÄIVIÄ\n"
+#~ " -M, --maxdays MAX_PÄIVIÄ Aseta suurimmaksi sallituksi määräksi "
+#~ "päiviä\n"
+#~ " ennen salasanan vaihtamista MAX_PÄIVIÄ\n"
+#~ " -W, --warndays VAR_PÄIVIÄ Aseta vanhenemisen varoitusajaksi "
+#~ "VAR_PÄIVIÄ\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM-todennus epäonnistui\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Käyttö: %s [-f koko_nimi] [-r huonenro] [-w työpuh]\n"
+#~ "\t[-h kotipuh] [-o muu] [käyttäjä]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "Käyttö: %s [-f koko_nimi] [-r huonenro] [-w työpuh] [-h kotipuh]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Käyttö: chpasswd [valitsimet]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -e, --encrypted Annetut salasanat ovat salakirjoitettuja\n"
+#~ " -h, --help Näytä tämä ohje ja lopeta\n"
+#~ " -m, --md5 Käytä MD5:tä eikä DES:iä kun annetut\n"
+#~ " salasanat eivät ole salakirjoitettuja\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: chsh [valitsimet] [TUNNUS]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -h, --help Näytä tämä ohje ja poistu\n"
+#~ " -s, --shell KUORI Aseta uusi sisäänkirjautumiskuori "
+#~ "käyttäjälle\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Käyttö: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Käyttö: groupdel ryhmä\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Käyttö: %s [-r] [-s] [ryhmä [ryhmävarjo]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Käyttö: %s [-r] [-s] [ryhmä]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: valitsimet -s ja -r eivät sovi yhteen\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Käyttö: groupdel ryhmä\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Käyttö: groupdel ryhmä\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: lastlog [valitsimet]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -b, --before PÄIVÄÄ Tulosta vain PÄIVÄÄ vanhemmat lastlog-"
+#~ "tietueet\n"
+#~ " -t, --time PÄIVÄÄ Tulosta vain PÄIVÄÄ tuoreemmat lastlog-"
+#~ "tietueet\n"
+#~ " -u, --login TUNNUS Tulosta lastlog-tietue käyttäjälle TUNNUS\n"
+#~ " -h, --help Näytä tämä ohje ja lopeta\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all report password status on all accounts\n"
+#~| " -d, --delete delete the password for the named "
+#~| "account\n"
+#~| " -e, --expire force expire the password for the named "
+#~| "account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --keep-tokens change password only if expired\n"
+#~| " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --lock lock the named account\n"
+#~| " -n, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -r, --repository REPOSITORY change password in REPOSITORY "
+#~| "repository\n"
+#~| " -S, --status report password status on the named "
+#~| "account\n"
+#~| " -u, --unlock unlock the named account\n"
+#~| " -w, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| " -x, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: passwd [valitsimet] [TUNNUS]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -a, --all Ilmoita jokaisen tunnuksen "
+#~ "salasanatilanne\n"
+#~ " -d, --delete Poista annetun tunnuksen salasana\n"
+#~ " -e, --expire Aseta annetun tunnuksen salasana\n"
+#~ " vanhentuneeksi\n"
+#~ " -h, --help Näytä tämä ohje ja lopeta\n"
+#~ " -k, --keep-tokens Vaihda vain vanhentunut salasana\n"
+#~ " -i, --inactive POISKÄYTÖSTÄ Ota salasana pois käytöstä POISKÄYTÖSTÄ\n"
+#~ " päivää vanhenemisen jälkeen\n"
+#~ " -l, --lock Lukitse annettu tunnus\n"
+#~ " -n, --mindays VÄH_PÄIVÄ Aseta vähin määrä päiviä ennen kuin\n"
+#~ " salasanan voi vaihtaa VÄH_PÄIVÄksi\n"
+#~ " -q, --quiet Hiljainen toiminta\n"
+#~ " -r, --repository TIETOLÄHDE Vaihda salasana tietolähteessä "
+#~ "TIETOLÄHDE\n"
+#~ " -S, --status Ilmoita annetun tunnuksen salasanan tila\n"
+#~ " -u, --unlock Avaa annetun tunnuksen lukitus\n"
+#~ " -w, --warndays VAR_PÄIVÄÄ Aseta varoituspäiviksi VAR_PÄIVÄÄ ennen\n"
+#~ " vanhentumista\n"
+#~ " -x, --maxdays KORK_PÄIVÄ Aseta korkein määrä päivä ennen kuin\n"
+#~ " salasana täytyy vaihtaa KORK_PÄIVÄksi\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Käyttö: %s [-q] [-r] [-s] [passwd [varjo]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Käyttö: %s [-q] [-r] [-s] [passwd [varjo]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Käyttö: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Käyttö: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Tuntematon id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Ei kuorta\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: userdel [valitsimet] TUNNUS\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -f, --force Pakota tiedostojen poisto vaikkei niitä\n"
+#~ " omistaisikaan käyttäjä\n"
+#~ " -h, --help Näytä tämä ohje ja poistu\n"
+#~ " -r, --remove Poista kotihakemistoja ja postilaatikko\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: käyttäjä %s on nyt sisäänkirjautuneena\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Käyttö: usermod [valitsimet] TUNNUS\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -a, --append RYHMÄ Lisää käyttäjä ryhmään RYHMÄ\n"
+#~ " (käytetään vain valitsimen -G kanssa)\n"
+#~ " -c, --comment KOMMENTTI Aseta GECOS-kenttään uusi arvo\n"
+#~ " -d, --home KOTIHAK Käyttäjätunnuksen uusi kotihakemisto\n"
+#~ " -e, --expiredate VANH_PVM Aseta tilin vanhenemispäiväykseksi "
+#~ "VANH_PVM\n"
+#~ " -f, --inactive POISKÄYTÖSTÄ Ota salasana pois käytöstä POISKÄYTÖSTÄ\n"
+#~ " päivää vanhenemisen jälkeen\n"
+#~ " -g, --gid RYHMÄ Aseta RYHMÄ uudeksi "
+#~ "sisäänkirjautumisryhmäksi\n"
+#~ " -G, --groups RYHMÄT Luettelo lisäryhmistä\n"
+#~ " -h, --help Näytä tämä ohje ja lopeta\n"
+#~ " -l, --login TUNNUS Uusi arvo tunnukseksi\n"
+#~ " -L, --lock Lukitse annettu tunnus\n"
+#~ " -m, --move-home Siirrä kotihakemiston sisältö uuteen\n"
+#~ " sijaintiin (käytä vain yhdessä "
+#~ "valitsimen\n"
+#~ " -d kanssa)\n"
+#~ " -o, --non-unique Salli UID:n uudelleenkäyttö (ei-uniikki "
+#~ "UID)\n"
+#~ " -p, --password SALASANA Käytä salakirjoitettua salasanaa\n"
+#~ " -s, --shell KUORI Käyttäjätunnuksen uusi "
+#~ "sisäänkirjautumiskuori\n"
+#~ " -u, --uid UID Uusi UID käyttäjätunnukselle\n"
+#~ " -U, --unlock Avaa annetun tunnuksen lukitus\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: lippuja ei annettu\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: vipw [valitsimet]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -g, --group Muokkaa ryhmätietokantaa\n"
+#~ " -h, --help Näytä tämä ohje ja lopeta\n"
+#~ " -p, --passwd Muokkaa passwd-tietokantaa\n"
+#~ " -q, --quiet Hiljainen toiminta\n"
+#~ " -s, --shadow Muokkaa shadow- tai gshadow-tietokantaa\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Käyttö: %s [syöte]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: tiedoston %s omistajaa ei voi asettaa\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: faillog [valitsimet]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -a, --all Näytä faillog-tietueet kaikille "
+#~ "käyttäjille\n"
+#~ " -h, --help Näytä tämä ohje ja lopeta\n"
+#~ " -l, --lock-time SEK Lukitse epäonnistuneen kirjautumisen "
+#~ "jälkeen\n"
+#~ " tunnus SEK sekunniksi\n"
+#~ " -m, --maximum MAX Aseta sallittujen kirjautumisyritysten\n"
+#~ " laskureiksi MAX\n"
+#~ " -r, --reset Nollaa kirjautumisyrityslaskurit\n"
+#~ " -t, --time PÄIVIÄ Näytä PÄIVIÄ uudemmat faillog-tietueet\n"
+#~ " -u, --user TUNNUS Näytä faillog-tietue tai muuta\n"
+#~ " kirjautumisyrityslaskureita (kun\n"
+#~ " käytetään -r, -m tai -l-valitsimilla)\n"
+#~ " vain käyttäjälle TUNNUS\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: groupadd [valitsimet] RYHMÄ\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -f, --force poistu onnistuneella arvolla vaikka "
+#~ "annettu\n"
+#~ " ryhmä olisikin jo olemassa\n"
+#~ " -g, --gid RYHMÄID käytä RYHMÄID:tä uudelle ryhmälle\n"
+#~ " -h, --help näytä tämä ohjeviesti ja poistu\n"
+#~ " -K, --key AVAIN=ARVO ohita /etc/login.defs:n oletusarvot\n"
+#~ " -o, --non-unique salli ryhmän luominen (ei-uniikilla)\n"
+#~ " kopio-RYHMÄID:llä\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: groupmod [valitsimet] RYHMÄ\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -g, --gid RYHMÄID käytä RYHMÄID:tä tälle ryhmälle\n"
+#~ " -h, --help näytä tämä ohjeviesti ja poistu\n"
+#~ " -n, --new-name UUSI_RYHMÄ aseta UUSI_RYHMÄ nimeksi RYHMÄlle\n"
+#~ " -o, --non-unique salli saman RYHMÄID:n käyttäminen "
+#~ "RYHMÄlle\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Käyttö: useradd [valitsimet] TUNNUS\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -b, --base-dir YLÄHAK Ylähakemisto uuden käyttäjätunnuksen\n"
+#~ " kotihakemistolle\n"
+#~ " -c, --comment KOMMENTTI Aseta GECOS-kenttä uudelle "
+#~ "käyttäjätunnukselle\n"
+#~ " -d, --home-dir KOTIHAK Uuden käyttäjätunnuksen kotihakemisto\n"
+#~ " -D, --defaults Tulosta tai tallenna useradd-työkalun\n"
+#~ " oletusasetukset\n"
+#~ " -e, --expiredate VANH_PVM Aseta tilin vanhenemispäiväykseksi "
+#~ "VANH_PVM\n"
+#~ " -f, --inactive POISKÄYTÖSTÄ Ota salasana pois käytöstä POISKÄYTÖSTÄ\n"
+#~ " päivää vanhenemisen jälkeen\n"
+#~ " -g, --gid RYHMÄ Valitse itse RYHMÄ uudelle "
+#~ "käyttäjätunnukselle\n"
+#~ " -G, --groups RYHMÄT Luettelo lisäryhmistä uudelle\n"
+#~ " käyttäjätunnukselle\n"
+#~ " -h, --help Näytä tämä ohje ja lopeta\n"
+#~ " -k, --skel MALLIHAK Määritä vaihtoehtoinen mallihakemisto\n"
+#~ " -K, --key AVAIN=ARVO Kumoa /etc/login.defs-oletusarvot\n"
+#~ " -m, --create-home Luo kotihakemisto uudelle "
+#~ "käyttäjätunnukselle\n"
+#~ " -o, --non-unique Salli UID:n uudelleenkäyttö (ei-uniikki "
+#~ "UID)\n"
+#~ " luotaessa käyttäjätunnus\n"
+#~ " -p, --password SALASANA Käytä salakirjoitettua salasanaa uudelle\n"
+#~ " käyttäjätunnukselle\n"
+#~ " -s, --shell KUORI Uuden käyttäjätunnuksen "
+#~ "sisäänkirjautumiskuori\n"
+#~ " -u, --uid UID Valitse itse UID uudelle "
+#~ "käyttäjätunnukselle\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Salasana asetettu vanhenemaan."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi päivittää\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tKoko nimi: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tHuonenumero: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTyöpuhelin: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tKotipuhelin: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Salasanatiedostoa ei voi lukita. Yritä myöhemmin uudelleen.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Salasanatiedostoa ei voi avata.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Virhe päivitettäessä salasanatietuetta.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Salasanatiedoston muutoksia ei voi tallentaa.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Salasanatiedoston lukitusta ei voi avata.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: gshadow-tiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: varjotiedostoa ei voi avata\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: virhe päivitettäessä varjotiedostoa\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: virhe päivitettäessä ryhmätietuetta\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: rivi %d: tuntematon ryhmä %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: rivi %d: tietuetta ei voi päivittää\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: varjotiedostoa ei voi lukita\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: virhe päivitettäessä varjotiedostoa\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: virhe päivitettäessä salasanatiedostoa\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: rivi %d: tuntematon käyttäjä %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: rivi %d: salasanatietuetta ei voi päivittää\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: tuntematon käyttäjä\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Tuntematon käyttäjä: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Käyttö: %s [-r|-R] ryhmä\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a käyttäjä] ryhmä\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d käyttäjä] ryhmä\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A käyttäjä,...] [-M käyttäjä,...] ryhmä\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M käyttäjä,...] ryhmä\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: ei voi lukita\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: varjoa ei voi lukita\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: tiedosta ei voi avata\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: varjotiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: tiedoston lukkoa ei voi avata\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: tietuetta ei voi päivittää\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: varjotietuetta ei voi päivittää\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "tuntematon ryhmä: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: tiedosta ei voi avata\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: varjotiedostoa ei voi avata\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Kuka olet?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: tuntematon jäsen %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: virhe lisättäessä uutta ryhmätietuetta\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi lukita\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi lukita\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u ei ole ainutkertainen\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: virhe poistettaessa ryhmätietuetta\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: virhe poistettaessa varjoryhmätietuetta\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: käyttäjän ensisijaista ryhmää ei voi poistaa\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Poistettavaa jäsentä ei löytynyt\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr "Käyttö: groupmems -a tunnus | -d tunnus | -D | -l [-g ryhmännimi]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Vain pääkäyttäjä voi lisätä jäseniä eri ryhmiin\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Ryhmäoikeus vaaditaan\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Et ole nykyisen ryhmän ensisijainen omistaja\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM-todennus epäonnistui\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Ryhmätiedostoa ei voi lukita\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Ryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: Ryhmää %s ei löydy tiedostosta /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u ei ole ainutkertainen GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s ei ole ainutkertainen nimi\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi lukita\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: varjotietuetta ryhmälle %s ei voi päivittää\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: ryhmän %s tietuetta ei voi päivittää\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: varjoryhmää %s ei voi poistaa\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi päivittää\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi poistaa\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "tuntematon UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "tuntematon GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: ryhmää %s ei ole olemassa\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: virheellinen käyttäjätunnus \"%s\"\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: tiedostoa /etc/passwd ei voi lukita.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: tiedostoa /etc/passwd ei voi lukita.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: tiedostoa /etc/passwd ei voi lukita.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: tiedostoa /etc/passwd ei voi lukita.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: tiedostoja ei voi avata\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: virhe päivitettäessä tiedostoja\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: salasanatietuetta %s ei voi päivittää\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: passwd-tiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: passwd-tiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: varjotietuetta %s ei voi poistaa\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi päivittää\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: käyttäjän %s tietuetta ei voi päivittää\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi poistaa\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: tuntematon GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: tuntematon ryhmä %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: muisti loppui funktiossa update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi lukita\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi avata\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: virhe lukittaessa ryhmätiedostoa\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: virhe avattaessa ryhmätiedostoa\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: virhe lukittaessa varjoryhmätiedostoa\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: virhe avattaessa varjoryhmätiedostoa\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: virhe lisättäessä uutta salasanatietuetta\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: virhe lisättäessä uutta varjosalasanatietuetta\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: varoitus: CREATE_HOME ei tuettu, käytä -m sen sijaan.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: virhe päivitettäessä ryhmätietuetta\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: virhe päivitettäessä ryhmätietuetta\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: virhe poistettaessa salasanatietuetta\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: virhe poistettaessa varjosalasanatietuetta\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: virhe lisättäessä uutta ryhmätietuetta\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu ei ole ainutkertainen\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: virhe muutettaessa salasanatietuetta\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: virhe poistettaessa salasanatietuetta\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: virhe poistettaessa varjosalasanatietuetta\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: ei saa ainutkertaista GID:iä\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " päätteeltä \"%.100s\" osoitteesta \"%.200s\""
+
+#~ msgid " on '%.100s'"
+#~ msgstr " päätteeltä \"%.100s\""
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: rivi %d: UID:tä ei voi luoda\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: nimi %s ei ole ainutkertainen\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: chgpasswd [valitsimet]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ " -e, --encrypted\tAnnetut salasanat ovat salakirjoitettuja\n"
+#~ " -h, --help\t\tNäytä tämä ohje ja lopeta\n"
+#~ " -m, --md5\t\tKäytä MD5:tä eikä DES:iä kun annetut salasanat\n"
+#~ "\t\t\teivät ole salakirjoitettuja\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Ei salasanatiedosto\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Pahoittelen.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Pahoittelen, käyttäjän %s salasanaa ei voi vaihtaa vielä.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Pahoittelen."
diff --git a/po/fr.po b/po/fr.po
new file mode 100644
index 0000000..8e91334
--- /dev/null
+++ b/po/fr.po
@@ -0,0 +1,11112 @@
+# translation of shadow-man.po to French
+# French translation of the shadow's man pages
+# Traduction des pages de manuel livrées avec shadow
+# Copyright (C) 2011-2013 Debian French l10n team <debian-l10n-french@lists.debian.org>
+#
+# Certaines pages étaient déjà traduites:
+# chpasswd: Amand Tihon <amand@alrj.org>
+# faillog(5): Pascal Terjan <CMoi@tuxfamily.org>
+#
+# Nicolas FRANÇOIS <nicolas.francois@centraliens.net>, 2004-2009.
+# Jean-Luc Coulon <jean-luc.coulon@wanadoo.fr>, 2008.
+# ABBAS.B <abelkcem@hotmail.com>, 2009.
+# chage: Olivier Marin, 2001.
+# chsh, groups, passwd(1), passwd(5): Christophe Blaess, 1997.
+# gpasswd: Maxime Mastin, 2001.
+# shadow(5): Thierry Vignaud <tvignaud@mandrakesoft.com>, 1999.
+# useradd: Frédéric Delanoy, 2000.
+# Christian Perrier <bubulle@debian.org>, 2009, 2012.
+# Thomas Blein <tblein@tblein.eu>, 2011, 2012, 2013, 2015.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow-man-pages 4.0.18\n"
+"POT-Creation-Date: 2014-05-09 12:53+0200\n"
+"PO-Revision-Date: 2015-08-04 21:59+0200\n"
+"Last-Translator: Thomas Blein <tblein@tblein.eu>\n"
+"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
+"Language: fr\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Lokalize 1.5\n"
+"X-Poedit-Language: French\n"
+"X-Poedit-Country: FRANCE\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr "Marek"
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr "Michałkiewicz"
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr "Création, 1997"
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr "Thomas"
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname)
+#: newusers.8.xml:60(surname) newgrp.1.xml:46(surname)
+#: logoutd.8.xml:45(surname) login.defs.5.xml:110(surname)
+#: login.access.5.xml:46(surname) login.1.xml:78(surname)
+#: limits.5.xml:47(surname) lastlog.8.xml:46(surname) grpck.8.xml:46(surname)
+#: groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname)
+#: expiry.1.xml:49(surname) chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr "KÅ‚oczko"
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr "kloczek@pld.org.pl"
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib)
+#: newusers.8.xml:62(contrib) newgrp.1.xml:48(contrib)
+#: logoutd.8.xml:47(contrib) login.defs.5.xml:112(contrib)
+#: login.access.5.xml:48(contrib) login.1.xml:80(contrib)
+#: limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) grpck.8.xml:48(contrib)
+#: groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib)
+#: expiry.1.xml:51(contrib) chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib)
+#: chfn.1.xml:50(contrib) chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr "Mainteneur de shadow-utils, 2000 - 2007"
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr "Nicolas"
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname)
+#: gshadow.5.xml:39(surname) grpck.8.xml:52(surname) groups.1.xml:51(surname)
+#: groupmod.8.xml:52(surname) groupmems.8.xml:55(surname)
+#: groupdel.8.xml:52(surname) groupadd.8.xml:54(surname)
+#: gpasswd.1.xml:56(surname) faillog.8.xml:51(surname)
+#: faillog.5.xml:51(surname) expiry.1.xml:55(surname) chsh.1.xml:54(surname)
+#: chpasswd.8.xml:55(surname) chgpasswd.8.xml:51(surname)
+#: chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr "François"
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr "nicolas.francois@centraliens.net"
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib)
+#: gshadow.5.xml:42(contrib) grpck.8.xml:54(contrib) groups.1.xml:53(contrib)
+#: groupmod.8.xml:54(contrib) groupmems.8.xml:57(contrib)
+#: groupdel.8.xml:54(contrib) groupadd.8.xml:56(contrib)
+#: gpasswd.1.xml:58(contrib) faillog.8.xml:53(contrib)
+#: faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) chsh.1.xml:56(contrib)
+#: chpasswd.8.xml:57(contrib) chgpasswd.8.xml:53(contrib)
+#: chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr "Mainteneur de shadow-utils, 2007 - maintenant"
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Commandes de gestion du système"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr "Éditer les fichiers passwd, group, shadow ou gshadow"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg)
+#: passwd.1.xml:79(replaceable) newusers.8.xml:87(replaceable)
+#: lastlog.8.xml:73(replaceable) grpck.8.xml:72(arg)
+#: groupmod.8.xml:73(replaceable) groupdel.8.xml:73(replaceable)
+#: groupadd.8.xml:75(replaceable) faillog.8.xml:72(replaceable)
+#: chsh.1.xml:75(replaceable) chpasswd.8.xml:76(replaceable)
+#: chgpasswd.8.xml:72(replaceable) chfn.1.xml:75(replaceable)
+#: chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "options"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "DESCRIPTION"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<command>vipw</command> et <command>vigr</command> permettent de modifier "
+"les fichiers <filename>/etc/passwd</filename> et <filename>/etc/group</"
+"filename>, respectivement. Avec l'option <option>-s</option>, ils permettent "
+"d'éditer les versions cachées de ces fichiers : <filename>/etc/shadow</"
+"filename> et <filename>/etc/gshadow</filename>, respectivement. Ces "
+"programmes placent les verrous nécessaires afin d'éviter toute corruption "
+"des fichiers. L'éditeur utilisé est choisi d'abord en fonction de la "
+"variable d'environnement <envar>$VISUAL</envar>, puis de la variable "
+"d'environnement <envar>$EDITOR</envar>. À défaut, l'éditeur, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> est utilisé quand ces variables ne sont pas définies."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title)
+#: groupdel.8.xml:88(title) groupadd.8.xml:93(title) gpasswd.1.xml:134(title)
+#: faillog.8.xml:89(title) expiry.1.xml:91(title) chsh.1.xml:95(title)
+#: chpasswd.8.xml:130(title) chgpasswd.8.xml:105(title) chfn.1.xml:111(title)
+#: chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "OPTIONS"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Les options applicables aux commandes <command>vipw</command> et "
+"<command>vigr</command> sont :"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Éditer la base de données de groupes."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:107(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:111(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Afficher un message d'aide et quitter."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Éditer la base de données passwd."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Mode silencieux."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:115(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+#| msgid ""
+#| "<option>-R</option>, <option>--root</option><replaceable>CHROOT_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>RÉP_CHROOT</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:119(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Appliquer les changements dans le répertoire <replaceable>RÉP_CHROOT</"
+"replaceable> et utiliser les fichiers de configuration du répertoire "
+"<replaceable>RÉP_CHROOT</replaceable>."
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Éditer les bases de données shadow ou gshadow."
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "Indique l'utilisateur dont le fichier shadow de tcb doit être édité."
+
+#: vipw.8.xml:165(title) usermod.8.xml:497(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title)
+#: gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title)
+#: chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "CONFIGURATION"
+
+#: vipw.8.xml:166(para) usermod.8.xml:498(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"Les variables de configuration suivantes dans <filename>/etc/login.defs</"
+"filename> modifient le comportement de cet outil :"
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (booléen)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Si <replaceable>yes</replaceable> (« oui »), le schéma de mot de passe "
+"shadow de <citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> sera utilisé."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "ENVIRONNEMENT"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "L'éditeur à utiliser"
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr "L'éditeur à utiliser si <option>VISUAL</option> n'est pas définie."
+
+#: vipw.8.xml:195(title) usermod.8.xml:514(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title)
+#: limits.5.xml:196(title) lastlog.8.xml:182(title) gshadow.5.xml:156(title)
+#: grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title)
+#: groupmems.8.xml:211(title) groupdel.8.xml:140(title)
+#: groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title)
+#: faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title)
+#: chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title)
+#: chage.1.xml:256(title)
+msgid "FILES"
+msgstr "FICHIERS"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:517(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename)
+#: newusers.8.xml:412(filename) newgrp.1.xml:136(filename)
+#: gshadow.5.xml:159(filename) grpck.8.xml:224(filename)
+#: groups.1.xml:103(filename) groupmod.8.xml:208(filename)
+#: groupmems.8.xml:214(filename) groupdel.8.xml:143(filename)
+#: groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename)
+#: gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename)
+#: chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:519(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Informations sur les groupes."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:523(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:525(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Informations sécurisées sur les groupes."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:535(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:537(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Informations sur les comptes des utilisateurs."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:541(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:543(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Informations sécurisées sur les comptes utilisateurs."
+
+#: vipw.8.xml:225(title) usermod.8.xml:562(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "VOIR AUSSI"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr "Julianne Frances"
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname)
+#: passwd.1.xml:47(surname) newusers.8.xml:55(surname)
+#: newgrp.1.xml:41(surname) logoutd.8.xml:40(surname)
+#: login.defs.5.xml:105(surname) login.1.xml:73(surname)
+#: lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname)
+#: groupmod.8.xml:41(surname) groupdel.8.xml:41(surname)
+#: groupadd.8.xml:43(surname) faillog.8.xml:40(surname)
+#: faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname)
+#: chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr "Haugh"
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr "Création, 1991"
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "Modifier un compte utilisateur"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "LOGIN"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"La commande <command>usermod</command> modifie les fichiers d'administration "
+"des comptes du système selon les modifications qui ont été indiquées sur la "
+"ligne de commande."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>usermod</command> sont :"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Ajouter l'utilisateur aux groupes supplémentaires. N'utilisez cette option "
+"qu'avec l'option <option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+#| msgid ""
+#| "<option>-c</option>, <option>--comment</option><replaceable>COMMENT</"
+#| "replaceable>"
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;"
+"<replaceable>COMMENTAIRE</replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"La nouvelle valeur du champ de commentaire du fichier de mots de passe pour "
+"l'utilisateur. Il est normalement modifié en utilisant l'utilitaire "
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: usermod.8.xml:124(term)
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option><replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>RÉP_PERSO</"
+"replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "Le nouveau répertoire personnel de l'utilisateur."
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Si l'option <option>-m</option> est fournie, le contenu du répertoire "
+"personnel actuel sera déplacé dans le nouveau répertoire personnel, qui sera "
+"créé si nécessaire."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+#| msgid ""
+#| "<option>-e</option>, <option>--expiredate</"
+#| "option><replaceable>EXPIRE_DATE</replaceable>"
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Date à laquelle le compte utilisateur sera désactivé. La date est indiquée "
+"dans le format <emphasis remap=\"I\">AAAA-MM-JJ</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"Un paramètre <replaceable>DATE_FIN_VALIDITÉ</replaceable> vide désactivera "
+"l'expiration du compte."
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Cette option nécessite un fichier <filename>/etc/shadow</filename>. Une "
+"entrée <filename>/etc/shadow</filename> sera créée si il n'y en avait pas."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+#| msgid ""
+#| "<option>-f</option>, <option>--inactive</option><replaceable>INACTIVE</"
+#| "replaceable>"
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Nombre de jours suivant la fin de validité d'un mot de passe après lequel le "
+"compte est définitivement désactivé."
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"Une valeur de 0 désactive le compte dès que le mot de passe a dépassé sa fin "
+"de validité, et une valeur de -1 désactive cette fonctionnalité."
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+#| msgid ""
+#| "<option>-g</option>, <option>--gid</option><replaceable>GROUP</"
+#| "replaceable>"
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUPE</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+"l'utilisateur. Le groupe doit exister."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+"Tout fichier du répertoire personnel de l'utilisateur appartenant au groupe "
+"primaire précédent de l'utilisateur appartiendra à ce nouveau groupe."
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+"Le groupe propriétaire des fichiers en dehors du répertoire personnel de "
+"l'utilisateur doit être modifié manuellement."
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+#| msgid ""
+#| "<option>-G</option>, <option>--groups</option><replaceable>GROUP1</"
+#| "replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap="
+#| "\"I\">,GROUPN</emphasis>]]]"
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUPE1</"
+"replaceable>[<emphasis remap=\"I\">,GROUPE2,...</emphasis>[<emphasis remap="
+"\"I\">,GROUPEN</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"Liste de groupes supplémentaires auxquels appartient également "
+"l'utilisateur. Chaque groupe est séparé du suivant par une virgule, sans "
+"espace entre eux. Les groupes sont soumis aux mêmes restrictions que celles "
+"de l'option <option>-g</option>."
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"Si l'utilisateur fait actuellement partie d'un groupe qui n'est pas listé, "
+"l'utilisateur sera supprimé du groupe. Ce comportement peut être modifié par "
+"l'option <option>-a</option>, qui permet d'ajouter l'utilisateur à la liste "
+"actuelle des groupes supplémentaires."
+
+#: usermod.8.xml:220(term)
+#| msgid ""
+#| "<option>-l</option>, <option>--login</option><replaceable>NEW_LOGIN</"
+#| "replaceable>"
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;"
+"<replaceable>NOUVEAU_LOGIN</replaceable>"
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Le nom de l'utilisateur passera de <replaceable>LOGIN</replaceable> à "
+"<replaceable>NOUVEAU_LOGIN</replaceable>. Rien d'autre ne sera modifié. En "
+"particulier, le nom du répertoire personnel et l'emplacement de la boîte aux "
+"lettres de l'utilisateur devrontprobablement être changés pour refléter le "
+"nouveau nom de connexion."
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Verrouiller le mot de passe d'un utilisateur. Cette option ajoute un « ! » "
+"devant le mot de passe chiffré, ce qui désactive le mot de passe. Vous ne "
+"pouvez pas utiliser cette option avec <option>-p</option> ou <option>-U</"
+"option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"Remarque : pour verrouiller le compte (et pas seulement l'accès au compte "
+"par un mot de passe), il est également nécessaire de placer "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> à <replaceable>1</replaceable>."
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+"Déplacer le contenu du répertoire personnel de l'utilisateur vers un nouvel "
+"emplacement."
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"Cette option ne fonctionne que lorsqu'elle est combinée avec l'option "
+"<option>-d</option> (ou <option>--home</option>)."
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"<command>usermod</command> essayera d'adapter les permissions des fichiers "
+"et de copier les modes, ACL et attributs étendus. Cependant, vous risquez de "
+"devoir procéder à des modifications vous-même."
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+"En combinaison avec l'option <option>-u</option>, cette option permet de "
+"changer l'identifiant utilisateur vers une valeur déjà utilisée."
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+#| msgid ""
+#| "<option>-p</option>, <option>--password</option><replaceable>PASSWORD</"
+#| "replaceable>"
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;"
+"<replaceable>MOT_DE_PASSE</replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"Mot de passe chiffré, comme renvoyé par <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">Remarque :</emphasis> l'utilisation de cette option "
+"est déconseillée car le mot de passe (ou le mot de passe chiffré) peut être "
+"visible des utilisateurs qui affichent la liste des processus. "
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"Le mot de passe sera écrit dans le fichier <filename>/etc/passwd</filename> "
+"local ou le fichier <filename>/etc/shadow</filename>. Cela peut être "
+"différent de la base de données de mots de passe définie dans la "
+"configuration de PAM."
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+"Il est nécessaire de vérifier si le mot de passe respecte la politique de "
+"mots de passe du système."
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+#| msgid ""
+#| "<option>-s</option>, <option>--shell</option><replaceable>SHELL</"
+#| "replaceable>"
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;"
+"<replaceable>INTERPRÉTEUR</replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Nom du nouvel interpréteur de commandes initial (« login shell ») de "
+"l'utilisateur. Si ce champ est vide, le système sélectionnera l'interpréteur "
+"de commandes initial par défaut."
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--uid</option><replaceable>UID</replaceable>"
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "La valeur numérique de l'identifiant de l'utilisateur."
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"Cette valeur doit être unique, à moins que l'option <option>-o</option> ne "
+"soit utilisée. La valeur ne doit pas être négative."
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+"La boîte aux lettres et tous les fichiers possédés par l'utilisateur et qui "
+"sont situés dans son répertoire personnel verront leur identifiant "
+"d'utilisateur automatiquement modifié."
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+"Le propriétaire des fichiers en dehors du répertoire personnel de "
+"l'utilisateur doit être modifié manuellement."
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, ou "
+"<option>SYS_UID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Déverrouiller le mot de passe d'un utilisateur. Cela supprime le « ! » situé "
+"devant le mot de passe chiffré. Vous ne pouvez pas utiliser cette option "
+"avec <option>-p</option> ou <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"Remarque : pour déverrouiller le compte (et pas seulement l'accès au compte "
+"via un mot de passe), vous devriez définir la valeur "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> (par exemple à "
+"<replaceable>99999</replaceable> ou à la valeur <option>EXPIRE</option> dans "
+"<filename>/etc/default/useradd</filename>)."
+
+#: usermod.8.xml:384(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option><replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-sub-uids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-v</option>, <option>--add-sub-uids</option>&nbsp;"
+"<replaceable>PREMIER</replaceable>-<replaceable>DERNIER</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr "Ajouter une plage d'identifiants subordonnés au compte utilisateur."
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+"Cette option peut être spécifiée plusieurs fois pour ajouter plusieurs "
+"plages à un compte utilisateur."
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>SUB_UID_MIN</"
+"option>, <option>SUB_UID_MAX</option>, ou <option>SUB_UID_COUNT</option> du "
+"fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:402(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option><replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-sub-uids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-V</option>, <option>--del-sub-uids</option>&nbsp;"
+"<replaceable>PREMIER</replaceable>-<replaceable>DERNIER</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr "Retirer une plage d'identifiants subordonnés d'un compte utilisateur."
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-sub-uids</option> and <option>--add-"
+"sub-uids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+"Cette option peut être spécifiée plusieurs fois pour retirer plusieurs "
+"plages à un compte utilisateur. Quand les deux options <option>--del-sub-"
+"uids</option> et <option>--add-sub-uids</option> sont spécifiées en même "
+"temps, le retrait de l'ensemble des plages d'identifiants subordonnés est "
+"effectué avant l'ajout des plages d'identifiants subordonnés."
+
+#: usermod.8.xml:422(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option><replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-sub-gids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--add-sub-gids</option>&nbsp;"
+"<replaceable>PREMIER</replaceable>-<replaceable>DERNIER</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+"Ajouter une plage d'identifiants de groupe subordonnés au compte utilisateur."
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#| msgid ""
+#| "No checks will be performed with regard to the <option>GID_MIN</option>, "
+#| "<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+#| "<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>SUB_GID_MIN</"
+"option>, <option>SUB_GID_MAX</option>, ou<option>SUB_SYS_GID_COUNT</option> "
+"du fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:440(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option><replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-sub-gids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--del-sub-gids</option>&nbsp;"
+"<replaceable>PREMIER</replaceable>-<replaceable>DERNIER</replaceable>"
+
+#: usermod.8.xml:444(para)
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+"Retirer une plage d'identifiants de groupe subordonnés d'un compte "
+"utilisateur."
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-sub-gids</option> and <option>--add-"
+"sub-gids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+"Cette option peut être spécifiée plusieurs fois pour retirer plusieurs "
+"plages à un compte utilisateur. Quand les deux options <option>--del-sub-"
+"gids</option> et <option>--add-sub-gids</option> sont spécifiées en même "
+"temps, le retrait de l'ensemble des plages d'identifiants de groupe "
+"subordonnés est effectué avant l'ajout des plages d'identifiants de groupe "
+"subordonnés."
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+#| msgid ""
+#| "<option>-Z</option>, <option>--selinux-user</option><replaceable>SEUSER</"
+#| "replaceable>"
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>UTILISATEUR_SELINUX</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+"Le nouvel utilisateur SELinux utilisé pour la connexion de l'utilisateur."
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"Un paramètre <replaceable>SEUSER</replaceable> vide éliminera l'association "
+"de l'utilisateur SELinux pour l'utilisateur <replaceable>LOGIN</replaceable> "
+"(si spécifiée)"
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:194(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title)
+#: gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "AVERTISSEMENTS"
+
+#: usermod.8.xml:479(para)
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux, but only check if the user "
+"is logged in according to utmp on other architectures."
+msgstr ""
+"Il est nécessaire de contrôler que l'identifiant indiqué n'a pas de "
+"processus en cours d'exécution si cette commande est utilisée pour modifier "
+"l'identifiant numérique de l'utilisateur, son identifiant (login) ou son "
+"répertoire personnel. <command>usermod</command> effectue ce contrôle sous "
+"Linux mais vérifie seulement les informations d'utmp sur les autres "
+"architectures."
+
+#: usermod.8.xml:487(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"Il est nécessaire de changer manuellement le propriétaire des fichiers "
+"<command>crontab</command> ou des travaux programmés par <command>at</"
+"command>."
+
+#: usermod.8.xml:491(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+"Les modifications qui concernent NIS doivent être effectuées sur le serveur "
+"NIS."
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (chaîne de caractères)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"Répertoire d'attente des courriels (« mail spool directory »). Ce paramètre "
+"est nécessaire pour manipuler les boîtes à lettres lorsque le compte d'un "
+"utilisateur est modifié ou supprimé. S'il n'est pas spécifié, une valeur par "
+"défaut définie à la compilation est utilisée."
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (chaîne de caractères)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+"Définir l'emplacement des boîtes aux lettres des utilisateurs relativement à "
+"leur répertoire personnel."
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"Les paramètres <option>MAIL_DIR</option> et <option>MAIL_FILE</option> sont "
+"utilisés par <command>useradd</command>, <command>usermod</command> et "
+"<command>userdel</command> pour créer, déplacer ou supprimer les boîtes aux "
+"lettres des utilisateurs."
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"Si <option>MAIL_CHECK_ENAB</option> est réglé sur <replaceable>yes</"
+"replaceable>, ces variables servent également à définir la variable "
+"d'environnement <envar>MAIL</envar>."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (nombre)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"Nombre maximum de membres par entrée de groupe. Lorsque le maximum est "
+"atteint, une nouvelle entrée de groupe (ligne) est démarrée dans <filename>/"
+"etc/group</filename> (avec le même nom, même mot de passe, et même GID)."
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+"La valeur par défaut est 0, ce qui signifie qu'il n'y a pas de limites pour "
+"le nombre de membres dans un groupe."
+
+#. Note: on HP, split groups have the same ID, but different
+#. names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"Cette fonctionnalité (groupe découpé) permet de limiter la longueur des "
+"lignes dans le fichier de groupes. Ceci est utile pour s'assurer que les "
+"lignes pour les groupes NIS ne sont pas plus grandes que 1024 caractères."
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+"Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25."
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"Remarque : les groupes découpés ne sont peut-être pas pris en charge par "
+"tous les outils (même dans la suite d'outils Shadow). Vous ne devriez pas "
+"utiliser cette variable, sauf si vous en avez vraiment besoin."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SUB_GID_MIN</option> (nombre)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SUB_GID_MAX</option> (nombre)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SUB_GID_MIN</option> (nombre)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+"Si <filename>/etc/subuid</filename> existe, les commandes <command>useradd</"
+"command> et <command>newusers</command> (sauf si l'utilisateur a déjà des "
+"identifiants de groupe subordonnés) allouent <option>SUB_GID_COUNT</option> "
+"identifiants de groupe inutilisés à partir de la plage <option>SUB_GID_MIN</"
+"option> à <option>SUB_GID_MAX</option> pour chaque nouvel utilisateur."
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Les valeurs par défaut pour <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option> et <option>SUB_GID_COUNT</option> sont "
+"respectivement 100000, 600100000 and 10000."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SUB_UID_MIN</option> (nombre)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SUB_UID_MAX</option> (nombre)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SUB_UID_COUNT</option> (nombre)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+"Si <filename>/etc/subuid</filename> existe, les commandes <command>useradd</"
+"command> et <command>newusers</command> (sauf si l'utilisateur a déjà des "
+"identifiants subordonnés) allouent <option>SUB_UID_COUNT</option> "
+"identifiants inutilisés à partir de la plage <option>SUB_UID_MIN</option> à "
+"<option>SUB_UID_MAX</option> pour chaque nouvel utilisateur."
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Les valeurs par défaut pour <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option> et <option>SUB_UID_COUNT</option> sont "
+"respectivement 100000, 600100000 and 10000."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (booléen)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+" use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+" kilos = UID / 1000\n"
+" use /etc/tcb/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" use /etc/tcb/:megas/:kilos/user\n"
+" make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+" "
+msgstr ""
+"\n"
+"si ( UID est inférieur à 1000) {\n"
+" utiliser /etc/tcb/user\n"
+"} sinon, et si ( UID est inférieur à 1000000) {\n"
+" kilos = UID / 1000\n"
+" utiliser /etc/tcb/:kilos/user\n"
+" faire un lien symbolique de /etc/tcb/user vers le répertoire précédent\n"
+"} sinon {\n"
+" megas = UID / 1000000\n"
+" kilos = ( UID / megas * 1000000 ) / 1000\n"
+" utiliser /etc/tcb/:megas/:kilos/user\n"
+" faire un lien symbolique de /etc/tcb/user vers le répertoire précédent\n"
+"}\n"
+" "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"Si <replaceable>yes</replaceable> (« oui »), l'emplacement du répertoire tcb "
+"de l'utilisateur à créer ne sera pas automatiquement configuré à /etc/tcb/"
+"user, mais sera calculé en fonction de l'UID de l'utilisateur, à l'aide de "
+"l'algorithme suivant : <placeholder-1/>"
+
+#: usermod.8.xml:529(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:531(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr ""
+"Configuration de la suite des mots de passe cachés « shadow password »."
+
+#: usermod.8.xml:547(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/subgid"
+
+#: usermod.8.xml:549(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr "Identifiants de groupe subordonnés par utilisateur."
+
+#: usermod.8.xml:553(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/subuid"
+
+#: usermod.8.xml:555(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr "Identifiants subordonnés par utilisateur."
+
+#: usermod.8.xml:563(para)
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "supprimer un compte utilisateur et les fichiers associés"
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"La commande <command>userdel</command> modifie les fichiers d'administration "
+"des comptes du système, en supprimant les entrées qui se réfèrent à "
+"<emphasis remap=\"I\">LOGIN</emphasis>. L'utilisateur nommé doit exister."
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr ""
+"Les options disponibles de la commande <command>userdel</command> sont :"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"Cette option impose la suppression de l'utilisateur, même s'il est encore "
+"connecté. Elle force également <command>userdel</command> à supprimer son "
+"répertoire personnel et sa file d'attente des courriels, même si un autre "
+"utilisateur utilise le même répertoire personnel ou si l'utilisateur précisé "
+"n'est pas le propriétaire de la file d'attente des courriels. Si "
+"<emphasis>USERGROUPS_ENAB</emphasis> vaut <emphasis remap=\"I\">yes</"
+"emphasis> dans <filename>/etc/login.defs</filename> et si un groupe existe "
+"avec le même nom que l'utilisateur supprimé, alors ce groupe sera supprimé, "
+"même s'il s'agit du groupe primaire d'un autre utilisateur."
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Remarque :</emphasis> Cette option est dangereuse, elle peut "
+"laisser votre système dans un état incohérent."
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"Les fichiers présents dans le répertoire personnel de l'utilisateur seront "
+"supprimés en même temps que le répertoire lui-même, ainsi que le répertoire "
+"d'attente des courriels. Vous devrez rechercher et éliminer vous-même les "
+"fichiers situés dans d'autres systèmes de fichiers."
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"Le répertoire d'attente des courriels est défini par la variable "
+"<option>MAIL_DIR</option> dans <filename>login.defs</filename>."
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+"Élimine toute association avec tout utilisateur SELinux pour la connexion de "
+"l'utilisateur."
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (chaîne de caractères)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"Si définie, la commande est exécutée lors de la suppression d'un "
+"utilisateur. Elle pourra supprimer toutes les tâches périodiques cron ou at, "
+"tous les travaux d'impression, etc. de l'utilisateur (qui sera fourni comme "
+"premier paramètre)."
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr "Le code de retour du script n'est pas pris en compte."
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+" "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+" "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"Voici un script exemple, qui supprime le fichier d'entrée de cron et d'at "
+"ainsi que les travaux d'impression en attente ;<placeholder-1/>"
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (booléen)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"Activer la mise en place de bits de masque de groupe (« umask group bits ») "
+"identiques à ceux du propriétaire (exemple : 022 -&gt; 002, 077 -&gt; 007) "
+"pour les utilisateurs non privilégiés, si l'UID est identique au GID et que "
+"l'identifiant de connexion est identique au groupe principal."
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"Si cette variable est configurée à <replaceable>yes</replaceable>, "
+"<command>userdel</command> supprimera le groupe de l'utilisateur s'il ne "
+"contient pas d'autres membres, et <command>useradd</command> créera par "
+"défaut un groupe portant le nom de l'utilisateur."
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "VALEURS DE RETOUR"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "succès"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum)
+#: chfn.1.xml:61(manvolnum) chage.1.xml:59(manvolnum)
+#: chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "impossible de mettre à jour le fichier des mots de passe"
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "erreur de syntaxe"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "l'utilisateur indiqué n'existe pas"
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "l'utilisateur est actuellement connecté"
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "impossible de mettre à jour le fichier des groupes"
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "impossible de supprimer le répertoire personnel"
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>userdel</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"<command>userdel</command> ne permet pas la suppression d'un compte si des "
+"processus actifs lui appartiennent encore. Dans ce cas, il peut être "
+"nécessaire de tuer ces processus ou de simplement verrouiller le mot de "
+"passe ou le compte de l'utilisateur, afin de supprimer le compte plus tard. "
+"L'option <option>-f</option> permet de forcer la suppression du compte."
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+"Vous devez vérifier vous-même qu'aucun fichier possédé par l'utilisateur ne "
+"subsiste sur tous les systèmes de fichiers."
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"Vous ne pouvez supprimer aucun attribut NIS d'un client NIS. Cela doit être "
+"effectué sur le serveur NIS."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"Si <option>USERGROUPS_ENAB</option> vaut <emphasis remap=\"I\">yes</"
+"emphasis> (« oui ») dans <filename>/etc/login.defs</filename>, "
+"<command>userdel</command> supprimera le groupe ayant le même nom que "
+"l'utilisateur. Afin d'éviter des incohérences entre les fichiers passwd et "
+"group, <command>userdel</command> vérifiera que le groupe n'est pas utilisé "
+"comme groupe primaire d'un autre utilisateur ; si c'est le cas un "
+"avertissement sera affiché et le groupe ne sera pas supprimé. L'option "
+"<option>-f</option> permet d'imposer la suppression du groupe."
+
+#: userdel.8.xml:309(para)
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"créer un nouvel utilisateur ou modifier les informations par défaut "
+"appliquées aux nouveaux utilisateurs"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"Quand elle est invoquée sans l'option <option>-D</option>, la commande "
+"<command>useradd</command> crée un nouveau compte utilisateur qui utilise "
+"les valeurs indiquées sur la ligne de commande et les valeurs par défaut du "
+"système. En fonction des options de la ligne de commande, la commande "
+"<command>useradd</command> fera la mise à jour des fichiers du système, elle "
+"pourra créer le répertoire personnel et copier les fichiers initiaux."
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"Par défaut, un groupe sera également créé pour le nouvel utilisateur (voir "
+"<option>-g</option>, <option>-N</option>, <option>-U</option>, et "
+"<option>USERGROUPS_ENAB</option>)"
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>useradd</command> sont :"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+#| msgid ""
+#| "<option>-b</option>, <option>--base-dir</option><replaceable>BASE_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>RÉP_BASE</"
+"replaceable>"
+
+#: useradd.8.xml:133(para)
+#| msgid ""
+#| "The default base directory for the system if <option>-d</"
+#| "option><replaceable>HOME_DIR</replaceable> is not specified. "
+#| "<replaceable>BASE_DIR</replaceable> is concatenated with the account name "
+#| "to define the home directory. If the <option>-m</option> option is not "
+#| "used, <replaceable>BASE_DIR</replaceable> must exist."
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"Répertoire de base par défaut du système si l'option <option>-d</"
+"option>&nbsp;<replaceable>RÉP_PERSO</replaceable> n'est pas spécifiée. "
+"<replaceable>RÉP_BASE</replaceable> est concaténé avec le nom du compte pour "
+"définir le répertoire personnel. Quand l'option <option>-m</option> n'est "
+"pas utilisée, <replaceable>RÉP_BASE</replaceable> doit exister."
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"Si cette option n'est pas précisée, <command>useradd</command> utilisera le "
+"répertoire de base précisé par la variable <option>HOME</option> dans "
+"<filename>/etc/default/useradd</filename> ou <filename>/home</filename> par "
+"défaut."
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+"Toute chaîne de texte. C'est généralement une description courte du compte, "
+"elle est actuellement utilisée comme champ pour le nom complet de "
+"l'utilisateur."
+
+#: useradd.8.xml:162(term)
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option><replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>RÉP_PERSO</"
+"replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"Le nouvel utilisateur sera créé en utilisant <replaceable>RÉP_PERSO</"
+"replaceable> comme valeur de répertoire de connexion de l'utilisateur. Le "
+"comportement par défaut est de concaténer <replaceable>UTILISATEUR</"
+"replaceable> au répertoire <replaceable>RÉP_BASE</replaceable>, et de "
+"l'utiliser en tant que nom de répertoire de connexion. Il n'est pas "
+"nécessaire que le répertoire <replaceable>RÉP_PERSO</replaceable> existe "
+"mais il ne sera pas créé s'il n'existe pas."
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr ""
+"Consultez ci-dessous la sous-section « Modifier les valeurs par défaut »."
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"Si non précisé, <command>useradd</command> utilisera la date d'expiration "
+"par défaut précisée par la variable <option>EXPIRE</option> dans <filename>/"
+"etc/default/useradd</filename> ou une chaîne vide (pas d'expiration) par "
+"défaut."
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"Nombre de jours suivant la fin de validité d'un mot de passe après lequel le "
+"compte est définitivement désactivé. Une valeur de 0 désactive le compte dès "
+"que le mot de passe a dépassé sa fin de validité, et une valeur de -1 "
+"désactive cette fonctionnalité."
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"Si non précisé, <command>useradd</command> utilisera la période d'inactivité "
+"par défaut précisée par la variable <option>INACTIVE</option> dans "
+"<filename>/etc/default/useradd</filename>, ou -1 par défaut."
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+"l'utilisateur. Le nom du groupe doit exister. Un numéro de groupe doit se "
+"référer à un groupe déjà existant."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"Si non précisé, le comportement de <command>useradd</command> dépendra de la "
+"variable <option>USERGROUPS_ENAB</option> dans <filename>/etc/login.defs</"
+"filename>. Si cette variable est configurée à <replaceable>yes</replaceable> "
+"(ou si <option>-U/--user-group</option> est précisée sur la ligne de "
+"commandes), un groupe sera créé pour l'utilisateur, avec le même nom que son "
+"identifiant. Si la variable est configurée à <replaceable>no</replaceable> "
+"(ou si <option>-N/--no-user-group</option> est précisé sur la ligne de "
+"commandes), useradd configurera le groupe primaire du nouvel utilisateur à "
+"la valeur précisée par la variable <option>GROUP</option> dans <filename>/"
+"etc/default/useradd</filename>, ou 100 par défaut."
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"Liste de groupes supplémentaires auxquels appartient également "
+"l'utilisateur. Chaque groupe est séparé du suivant par une virgule, sans "
+"espace entre eux. Les groupes sont soumis aux mêmes restrictions que celles "
+"de l'option <option>-g</option>. Le comportement par défaut pour "
+"l'utilisateur est de n'appartenir qu'au groupe initial."
+
+#: useradd.8.xml:272(term)
+#| msgid ""
+#| "<option>-k</option>, <option>--skel</option><replaceable>SKEL_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;"
+"<replaceable>RÉP_SQUELETTE</replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"Le répertoire squelette, qui contient les fichiers et répertoires qui seront "
+"copiés dans le répertoire personnel de l'utilisateur, quand le répertoire "
+"personnel est créé par <command>useradd</command>."
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"Cette option n'est valable que si l'option <option>-m</option> (ou <option>--"
+"create-home</option>) est utilisée."
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"Si cette option n'est pas précisée, le répertoire squelette est défini par "
+"la variable <option>SKEL</option> dans <filename>/etc/default/useradd</"
+"filename> ou, par défaut, <filename>/etc/skel</filename>."
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "Si possible, les ACL et les attributs étendus seront copiés."
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option><replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>CLÉ</"
+"replaceable>=<replaceable>VALEUR</replaceable>"
+
+#: useradd.8.xml:301(para)
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K </option><replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K </option><replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable><option>-K </"
+#| "option><replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password ageing, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> peut être utilisé pour la "
+"création de comptes système pour désactiver la gestion de la durée de "
+"validité des mots de passe, même si les comptes système n'ont pas de mot de "
+"passe. Plusieurs options <option>-K</option> peuvent être précisées, comme "
+"par exemple : <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable> <option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "N'ajoute pas l'utilisateur aux bases de données lastlog et faillog."
+
+#: useradd.8.xml:327(para)
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"resetted to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"Par défaut, les entrées de l'utilisateur dans les bases de données lastlog "
+"et faillog sont remises à zéro pour éviter de réutiliser les entrées d'un "
+"utilisateur précédemment supprimé."
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"Créé le répertoire personnel de l'utilisateur s'il n'existe pas. Les "
+"fichiers et les répertoires contenus dans le répertoire squelette (qui peut "
+"être défini avec l'option <option>-k</option>) sera copié dans le répertoire "
+"personnel."
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"Par défaut, si cette option n'est pas précisée et si <option>CREATE_HOME</"
+"option> n'est pas activée, aucun répertoire personnel ne sera créé."
+
+#: useradd.8.xml:354(option)
+msgid "-M"
+msgstr "-M"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"Ne crée pas le répertoire personnel de l'utilisateur, même si la "
+"configuration globale au système contenue dans <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>) est configurée à <replaceable>yes</"
+"replaceable>."
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"Ne crée pas de groupe avec le même nom que celui de l'utilisateur, mais "
+"ajoute l'utilisateur au groupe précisé par l'option <option>-g</option> ou "
+"par la variable <option>GROUP</option> dans <filename>/etc/default/useradd</"
+"filename>."
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Le comportement par défaut (si les options <option>-g</option>, <option>-N</"
+"option>, et <option>-U</option> ne sont pas précisées) est défini par la "
+"variable <option>USERGROUPS_ENAB</option> dans <filename>/etc/login.defs</"
+"filename>."
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+"Permet de créer un compte d'utilisateur avec un identifiant (« UID ») "
+"dupliqué (non unique)."
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr "Cette option n'est valable qu'avec l'option <option>-u</option>."
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Le mot de passe chiffré, comme renvoyé par "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>. Le comportement par défaut est de désactiver le mot de passe."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "Créer un compte système."
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Les utilisateurs système seront créés sans information d'expiration dans "
+"<filename>/etc/shadow</filename>, et leur identifiant numérique est choisi "
+"dans l'intervalle <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, "
+"défini dans <filename>/etc/login.defs</filename>, au lieu de "
+"<option>UID_MIN</option>-<option>UID_MAX</option> (et leurs équivalents "
+"<option>GID</option> pour la création des groupes)."
+
+#: useradd.8.xml:434(para)
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such an user, regardless of the default setting in <filename>/etc/login."
+"defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+"<option>-m</option> options if you want a home directory for a system "
+"account to be created."
+msgstr ""
+"Notez que <command>useradd</command> ne créera pas de répertoire personnel "
+"pour ces utilisateurs, indépendamment de la configuration par défaut dans "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>). Vous "
+"devez préciser l'option <option>-m</option> si vous voulez qu'un répertoire "
+"personnel soit créé pour un compte système."
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"Le nom de l'interpréteur de commandes initial de l'utilisateur (« login "
+"shell »). Le comportement par défaut est de laisser ce champ vide. Le "
+"système sélectionnera alors l'interpréteur par défaut indiqué par la "
+"variable <option>SHELL</option> dans <filename>/etc/default/useradd</"
+"filename>, ou une chaîne vide par défaut."
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"La valeur numérique de l'identifiant de l'utilisateur. Cette valeur doit "
+"être unique, sauf si l'option <option>-o</option> est utilisée. La valeur ne "
+"doit pas être négative. Le comportement par défaut est d'utiliser la plus "
+"petite valeur d'identifiant à la fois supérieure ou égale à <option>UID_MIN</"
+"option> et supérieure aux identifiants de tous les autres utilisateurs."
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Voir aussi aussi l'option <option>-r</option> et la description de "
+"<option>UID_MAX</option>."
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+"Crée un groupe avec le même nom que celui de l'utilisateur, et ajoute "
+"l'utilisateur à ce groupe."
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"L'utilisateur SELinux utilisé pour la connexion de l'utilisateur. Le "
+"comportement par défaut est de laisser ce champ vide. Le système "
+"sélectionnera alors l'utilisateur SELinux par défaut."
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Modifier les valeurs par défaut"
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"Quand il est invoqué avec seulement l'option <option>-D</option>, "
+"<command>useradd</command> affichera les valeurs actuelles par défaut. Quand "
+"il est invoqué avec l'option <option>-D</option> et d'autres options, "
+"<command>useradd</command> mettra à jour les valeurs par défaut des options "
+"précisées. Les options valables sont :"
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"Préfixe du chemin des répertoires personnels pour les nouveaux utilisateurs. "
+"Le nom de l'utilisateur sera attaché à la fin de <replaceable>RÉP_PERSO</"
+"replaceable> pour créer le nom du nouveau répertoire personnel si l'option "
+"<option>-d</option> n'est pas utilisée pendant la création d'un nouveau "
+"compte."
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>HOME</option> dans <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "Date à laquelle le compte utilisateur sera désactivé."
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>EXPIRE</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"Nombre de jours après la fin de validité d'un mot de passe avant que le "
+"compte ne soit désactivé."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>INACTIVE</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"Le nom ou l'identifiant du groupe pour le groupe principal d'un nouvel "
+"utilisateur (quand l'option <option>-N/--no-user-group</option> est utilisée "
+"ou quand la variable <option>USERGROUPS_ENAB</option> est configurée à "
+"<replaceable>no</replaceable> dans <filename>/etc/login.defs</filename>). Le "
+"nom du groupe doit exister, et un identifiant de groupe numérique doit avoir "
+"une entrée existante."
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>GROUP</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "Le nom de l'interpréteur de commandes du nouvel utilisateur."
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>SHELL</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "NOTES"
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"L'administrateur système doit se charger de placer les fichiers par défaut "
+"dans le répertoire <filename>/etc/skel</filename> (ou tout autre répertoire "
+"de modèles indiqué dans <filename>/etc/default/useradd</filename> ou sur la "
+"ligne de commande)."
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Vous ne pouvez pas ajouter d'utilisateur à un groupe NIS ou LDAP. Cela doit "
+"être effectué sur le serveur correspondant."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"De la même façon, si le nom de l'utilisateur existe dans une base de données "
+"externe, telle que NIS ou LDAP, <command>useradd</command> refusera de créer "
+"le compte d'utilisateur."
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Les noms d'utilisateur doivent commencer par une lettre minuscule ou un "
+"tiret bas (« underscore »), et seuls des lettres minuscules, des chiffres, "
+"des « underscore », ou des tirets peuvent suivre. Ils peuvent se terminer "
+"par un signe dollar. Soit, sous la forme d'une expression rationnelle : [a-"
+"z_][a-z0-9_-]*[$]?"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "Les noms d'utilisateur sont limités à 16 caractères."
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (boolean)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+"Indiquer si un répertoire personnel doit être créé par défaut pour les "
+"nouveaux utilisateurs."
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Ce réglage ne s'applique pas pour les utilisateurs système, et peut être "
+"annulé sur la ligne de commande."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (nombre)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (nombre)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques de groupes que les commandes "
+"<command>useradd</command>, <command>groupadd</command> ou "
+"<command>newusers</command> peuvent utiliser pour la création des groupes "
+"normaux."
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"La valeur par défaut pour <option>GID_MIN</option> (respectivement "
+"<option>GID_MAX</option>) est 1000 (respectivement 60000)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"Nombre maximum de jours de validité d'un mot de passe. Après cette durée, "
+"une modification du mot de passe est obligatoire. S'il n'est pas précisé, la "
+"valeur de -1 est utilisée (ce qui enlève toute restriction)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"Nombre minimum de jours autorisé avant la modification d'un mot de passe. "
+"Toute tentative de modification du mot de passe avant cette durée est "
+"rejetée. S'il n'est pas précisé, la valeur de -1 est utilisée (ce qui enlève "
+"toute restriction)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"Nombre de jours durant lesquels l'utilisateur recevra un avertissement avant "
+"que son mot de passe n'arrive en fin de validité. Une valeur négative "
+"signifie qu'aucun avertissement n'est donné. S'il n'est pas précisé, aucun "
+"avertissement n'est donné."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (nombre)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (nombre)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques de groupes que les commandes "
+"<command>useradd</command>, <command>groupadd</command> ou "
+"<command>newusers</command> peuvent utiliser pour la création de groupes "
+"système."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"La valeur par défaut pour <option>SYS_GID_MIN</option> (respectivement "
+"<option>SYS_GID_MAX</option>) est 101 (respectivement <option>GID_MIN</"
+"option>-1)."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (nombre)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (nombre)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques d'utilisateurs que les commandes "
+"<command>useradd</command> ou <command>newusers</command> peuvent utiliser "
+"pour la création d'utilisateurs système."
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"La valeur par défaut pour <option>SYS_UID_MIN</option> (respectivement "
+"<option>SYS_UID_MAX</option>) est 101 (respectivement <option>UID_MIN</"
+"option>-1)."
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (booléen)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"Si <replaceable>yes</replaceable>, le fichier shadow de tcb nouvellement "
+"créé appartiendra au groupe <replaceable>auth</replaceable>."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (nombre)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (nombre)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques d'utilisateurs que les commandes "
+"<command>useradd</command> ou <command>newusers</command> peuvent utiliser "
+"pour la création d'utilisateurs normaux."
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"La valeur par défaut de <option>UID_MIN</option> (respectivement "
+"<option>UID_MAX</option>) est 1000 (respectivement 60000)."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (nombre)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+"Valeur d'initialisation du masque de permissions. S'il n'est pas précisé, le "
+"masque des permissions sera initialisé à 022."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"<command>useradd</command> et <command>newusers</command> utilisent ce "
+"masque pour définir les permissions d'accès des répertoires personnels "
+"qu'ils créent."
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Il est également utilisé par <command>login</command> pour définir l'umask "
+"initial de l'utilisateur. Veuillez noter que cet umask peut être redéfini "
+"par les GECOS de l'utilisateur (si <option>QUOTAS_ENAB</option> est activé) "
+"ou en précisant une limite avec l'identifiant <emphasis>K</emphasis> dans "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+"Il est également utilisé par <command>pam_umask</command> en tant que valeur "
+"d'umask par défaut."
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Valeurs par défaut pour la création de comptes."
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Répertoire contenant les fichiers par défaut."
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "paramètre non valable pour l'option"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID déjà utilisé (et pas d'option <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "le groupe spécifié n'existe pas"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "nom d'utilisateur déjà utilisé"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "impossible de créer le répertoire personnel"
+
+#: useradd.8.xml:794(replaceable)
+msgid "14"
+msgstr "14"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr "Impossible de mettre à jour la correspondance d'utilisateur SELinux"
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>useradd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr "Création, 1996"
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Formats et conversions de fichiers"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "Fichier de contrôle détaillé de su"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"Le fichier <filename>/etc/suauth</filename> est lu chaque fois que su est "
+"exécuté. Il permet de modifier le comportement de la commande su, en "
+"fonction de :"
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" 1) the user su is targetting\n"
+" "
+msgstr ""
+"\n"
+" 1) l'utilisateur cible de su\n"
+" "
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+"2) l'utilisateur qui exécute la commande su (ou un groupe dont il est membre)"
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Le fichier est formaté de la façon suivante (les lignes commençant par un "
+"« # » sont des commentaires, et sont ignorées) :"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" to-id:from-id:ACTION\n"
+" "
+msgstr ""
+"\n"
+" vers-id:par-id:ACTION\n"
+" "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Où vers-id peut être le mot <emphasis>ALL</emphasis>, une liste de noms "
+"d'utilisateurs séparés par une virgule ou <emphasis>ALL EXCEPT</emphasis> "
+"suivi d'une liste d'utilisateurs séparés par une virgule."
+
+#: suauth.5.xml:107(para)
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is neccessary."
+msgstr ""
+"par-id utilise le même format que vers-id, mais accepte également le mot-clé "
+"<emphasis>GROUP</emphasis>. <emphasis>ALL EXCEPT GROUP</emphasis> est "
+"également accepté. <emphasis>GROUP</emphasis> est suivi d'un ou plusieurs "
+"noms de groupes, séparés par une virgule. Il n'est pas suffisant d'avoir "
+"comme groupe primaire le groupe approprié : une entrée dans "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> est nécessaire."
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "Les valeurs d'ACTION valables sont :"
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+"La tentative de changement d'utilisateur est arrêtée avant que le mot de "
+"passe ne soit demandé."
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+"La tentative est automatiquement réussie. Aucun mot de passe n'est demandé."
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"Pour que la commande su soit réussie, l'utilisateur doit entrer son propre "
+"mot de passe. Ceci lui est demandé."
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"Notez qu'il y a trois champs séparés par un « deux-points ». Ne pas accoler "
+"d'espace à ce « deux-points ». Notez aussi que le fichier est examiné "
+"séquentiellement ligne par ligne, et que la première règle applicable est "
+"utilisée sans que le reste du fichier ne soit examiné. Ceci permet à "
+"l'administrateur système de définir un contrôle aussi fin qu'il le souhaite."
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "EXEMPLE"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+" # sample /etc/suauth file\n"
+" #\n"
+" # A couple of privileged usernames may\n"
+" # su to root with their own password.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Anyone else may not su to root unless in\n"
+" # group wheel. This is how BSD does things.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # Perhaps terry and birddog are accounts\n"
+" # owned by the same person.\n"
+" # Access can be arranged between them\n"
+" # with no password.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+msgstr ""
+"\n"
+" # exemple de fichier /etc/suauth\n"
+" #\n"
+" # Deux utilisateurs privilégiés peuvent\n"
+" # devenir root avec leur propre mot de passe.\n"
+" #\n"
+" root:chris,birddog:OWNPASS\n"
+" #\n"
+" # Les autres ne peuvent pas de venir root avec\n"
+" # su, à l'exception des membres du groupe wheel.\n"
+" # Ceci correspond au comportement des BSD.\n"
+" #\n"
+" root:ALL EXCEPT GROUP wheel:DENY\n"
+" #\n"
+" # terry et birddog sont des comptes possédés\n"
+" # par la même personne.\n"
+" # Un accès sans mot passe est aménagé\n"
+" # entre ces deux comptes.\n"
+" #\n"
+" terry:birddog:NOPASS\n"
+" birddog:terry:NOPASS\n"
+" #\n"
+" "
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "BOGUES"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"Il en reste sans doute beaucoup. L'analyseur du fichier est particulièrement "
+"impitoyable avec les erreurs de syntaxe. Il n'autorise d'espace qu'en début "
+"et fin de ligne, et seul le délimiteur spécifique doit être utilisé."
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSTICS"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"Une erreur dans l'analyse du fichier est reportée via "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> au niveau ERR dans la catégorie AUTH."
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib)
+#: passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib)
+#: faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr "Création, 1989"
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Commandes utilisateur"
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "Changer d'identifiant d'utilisateur ou devenir superutilisateur"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "nom_utilisateur"
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"La commande <command>su</command> permet de devenir un autre utilisateur "
+"pour la durée d'une session. Invoqué sans nom d'<option>utilisateur</"
+"option>, le comportement par défaut de <command>su</command>est de devenir "
+"superutilisateur. Le paramètre optionnel <option>-</option> permet d'obtenir "
+"un environnement similaire à celui que l'utilisateur aurait obtenu lors "
+"d'une connexion directe."
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"Des paramètres supplémentaires peuvent être fournis après le nom de "
+"l'utilisateur. Dans ce cas, ils sont donnés à l'interpréteur de commandes de "
+"connexion de l'utilisateur. En particulier, le paramètre « <option>-c</"
+"option> » considère que le paramètre suivant est une commande pour la "
+"plupart des interpréteurs de commandes. La commande sera exécutée par "
+"l'interpréteur indiqué dans <filename>/etc/passwd</filename> pour "
+"l'utilisateur cible."
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Vous pouvez utiliser le paramètre <option>--</option> pour séparer les "
+"options de <command>su</command> des paramètres fournis par l'interpréteur "
+"de commandes."
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Un mot de passe sera demandé à l'utilisateur, si nécessaire. Les mots de "
+"passe incorrects produisent un message d'erreur. Toutes les tentatives, "
+"réussies ou non, sont enregistrées afin de détecter tout abus du système."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"L'environnement actuel est fourni au nouvel interpréteur de commandes. La "
+"valeur de <envar>$PATH</envar> est réinitialisée à <filename>/bin:/usr/bin</"
+"filename> pour les utilisateurs normaux, ou à <emphasis>/sbin:/bin:/usr/"
+"sbin:/usr/bin</emphasis> pour le superutilisateur. Ce comportement peut être "
+"modifié avec les paramètres <emphasis>ENV_PATH</emphasis> et "
+"<emphasis>ENV_SUPATH</emphasis> dans <filename>/etc/login.defs</filename>. "
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"Une connexion à un sous-système est indiquée par la présence d'un « * » "
+"comme premier caractère de l'interpréteur de commandes initial. Le "
+"répertoire personnel sera utilisé comme racine d'un nouveau système de "
+"fichiers dans lequel l'utilisateur sera connecté."
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Les options applicables à la commande <command>su</command> sont :"
+
+#: su.1.xml:150(term)
+#| msgid ""
+#| "<option>-c</option>, <option>--command</option><replaceable>COMMAND</"
+#| "replaceable>"
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMANDE</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+"Indiquer une commande qui sera invoquée par l'interpréteur de commandes en "
+"utilisant son option <option>-c</option>"
+
+#: su.1.xml:158(para)
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"La commande exécutée n'aura aucun terminal de contrôle. Cette option ne peut "
+"pas être utilisée pour exécuter des programmes interactifs qui ont besoin "
+"d'un terminal de contrôle."
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"Fournir à l'utilisateur un environnement similaire à celui qu'il aurait "
+"obtenu s'il s'était connecté directement."
+
+#: su.1.xml:176(para)
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"Lorsque <option>-</option> est utilisé, il doit être indiqué avant tout "
+"<option>username</option>. Pour des questions de compatibilité il est "
+"recommandé de l'utiliser en dernière option, avant tout <option>username</"
+"option>. Les autres formes (<option>-l</option> et <option>--login</option>) "
+"ne présentent pas cette restriction."
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "Interpréteur de commande devant être appelé."
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "Interpréteur de commande indiqué par --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"Si <option>--preserve-environment</option> est utilisé, l'interpréteur de "
+"commandes indiqué par la variable d'environnement <envar>$SHELL</envar> sera "
+"utilisé."
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+"Interpréteur de commandes indiqué dans <filename>/etc/passwd</filename> pour "
+"l'utilisateur cible."
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"<filename>/bin/sh</filename> si aucun interpréteur de commandes ne peut être "
+"trouvé par l'une des méthodes ci-dessus."
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+"L'interpréteur de commandes à appeler est choisi parmi (le choix de plus "
+"haute priorité en tête) : <placeholder-1/>"
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"Si l'utilisateur cible possède un interpréteur de commande restreint (par "
+"exemple, le champ de l'interpréteur de commande dans <filename>/etc/passwd</"
+"filename> n'est pas renseigné dans <filename>/etc/shells</filename>), alors, "
+"ni l'option <option>--shell</option> ni la variable d'environnement <envar>"
+"$SHELL</envar> ne seront prises en compte à moins que <command>su</command> "
+"ne soit appelé par le superutilisateur."
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"réinitialise suivant les options <option>ENV_PATH</option> ou "
+"<option>ENV_SUPATH</option> dans <filename>/etc/login.defs</filename> (voir "
+"ci-dessous) :"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"réinitialise à <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, s'il "
+"a été défini."
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Préserver l'environnement actuel, sauf pour : <placeholder-1/>"
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Si l'utilisateur cible possède un interpréteur de commandes restreint, cette "
+"option n'a aucun effet (à moins que <command>su</command> ne soit appelé par "
+"le superutilisateur)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"Les variables d'environnement <envar>$HOME</envar>, <envar>$SHELL</envar>, "
+"<envar>$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar> et "
+"<envar>$IFS</envar> sont réinitialisées."
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+"Si <option>--login</option> n'est pas utilisée, l'environnement est copié "
+"sauf pour les variables ci-dessus."
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"Si <option>--login</option> est utilisée, les variables d'environnement "
+"<envar>$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar> et "
+"<envar>$XAUTHORITY</envar> sont copiées si elles ont été définies."
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"Si <option>--login</option> est utilisée, les variables d'environnement "
+"<envar>$TZ</envar>, <envar>$HZ</envar> et <envar>$MAIL</envar> sont "
+"configurées en accord avec les options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option> et <option>MAIL_FILE</"
+"option> de <filename>/etc/login.defs</filename> (voir ci-dessous)."
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"Si <option>--login</option> est utilisée, les autres variables "
+"d'environnement peuvent être configurées par le fichier "
+"<option>ENVIRON_FILE</option> (voir ci-dessous)."
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr "D'autres environnements peuvent être configurés par des modules PAM."
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+"Notez que le comportement par défaut pour l'environnement est le suivant : "
+"<placeholder-1/>"
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Cette version de <command>su</command> a de nombreuses options de "
+"compilation. Seules certaines d'entre elles peuvent avoir été activées sur "
+"votre site."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"Si définie, soit un chemin complet du fichier contenant les noms de "
+"périphériques (un par ligne), soit une liste de noms du périphérique "
+"délimitée par des « : ». Les connexions d'un administrateur ne seront "
+"autorisées que depuis ces périphériques."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+"S'il n'est pas défini, root pourra se connecter depuis n'importe quel "
+"périphérique."
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "Le périphérique doit être précisé sans le préfixe /dev/."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"Une liste de groupes à rajouter aux groupes supplémentaires de l'utilisateur "
+"lors d'une connexion sur une console (déterminé par le paramètre CONSOLE). "
+"Par défaut, aucun groupe n'est ajouté. <placeholder-1/> À utiliser avec "
+"précaution : il est possible que les utilisateurs aient un accès permanent à "
+"ces groupes, et cela même s'ils ne sont pas connectés sur la console."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"Indiquer si la connexion est permise si on ne peut pas accéder au répertoire "
+"personnel. Le réglage par défaut est « no »."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"Si elle est configurée à <replaceable>yes</replaceable>, l'utilisateur va se "
+"connecter dans le répertoire racine (<filename>/</filename>) s'il n'est pas "
+"possible d'accéder à son répertoire personnel."
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (chaîne de caractères)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement HZ "
+"lorsqu'un utilisateur se connecte. La valeur doit être précédée par "
+"<replaceable>HZ=</replaceable>. Une valeur commune sur Linux est "
+"<replaceable>HZ=100</replaceable>."
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"La variable d'environnement <envar>HZ</envar> est uniquement définie quand "
+"l'utilisateur (le super-utilisateur) se connecte avec <command>sulogin</"
+"command>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"Si ce fichier existe et est lisible, l'environnement de connexion sera lu à  "
+"partir de lui. Chaque ligne doit être sous la forme nom=valeur."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+"Les lignes commençant par un « # » sont considérées comme des commentaires, "
+"et sont ignorées."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement PATH "
+"quand un utilisateur ordinaire se connecte. La valeur est une liste de "
+"chemins séparés par des deux points (par exemple <replaceable>/bin:/usr/bin</"
+"replaceable>) et peut être précédée par <replaceable>PATH=</replaceable>. La "
+"valeur par défaut est <replaceable>PATH=/bin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement PATH "
+"quand le super-utilisateur se connecte. La valeur est une liste de chemins "
+"séparés par deux points (par exemple <replaceable>/sbin:/bin:/usr/sbin:/usr/"
+"bin</replaceable>) et peut être précédée par <replaceable>PATH=</"
+"replaceable>. La valeur par défaut est <replaceable>PATH=/sbin:/bin:/usr/"
+"sbin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement TZ quand "
+"un utilisateur se connecte. La valeur peut être le nom d'un fuseau horaire "
+"précédé par <replaceable>TZ=</replaceable> (par exemple "
+"<replaceable>TZ=CST6CDT</replaceable>), ou le chemin complet vers le fichier "
+"contenant la spécification du fuseau horaire (par exemple <filename>/etc/"
+"tzname</filename>)."
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"Si un chemin complet est spécifié mais que le fichier n'existe pas ou ne "
+"peut pas être lu, la valeur par défaut utilisée est <replaceable>TZ=CST6CDT</"
+"replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"La chaîne de caractères utilisée pour l'invite de mot de passe. La valeur "
+"par défaut est d'utiliser \"Password: \" (« mot de passe : »), ou une "
+"traduction de cette chaîne. Si vous définissez cette variable, l'invite ne "
+"sera pas traduite."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+"Si la chaîne contient <replaceable>%s</replaceable>, ces caractères seront "
+"remplacés par le nom de l'utilisateur."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+"Activer le contrôle et l'affichage du statut de la boîte aux lettres durant "
+"la connexion."
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"Vous devriez le désactiver si les fichiers de démarrage de l'interpréteur de "
+"commandes vérifient déjà la présence de courriers (« mail -e » ou "
+"équivalent)."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+"Activer la mise en place de limites de resources depuis <filename>/etc/"
+"limits</filename> et ulimit, umask et niveau nice depuis les champs gecos de "
+"passwd."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr "Si définie, les activités de su seront enregistrées dans le fichier."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"Si définie, le nom de la commande à afficher lorsque « su - » est exécutée. "
+"Par exemple, si elle est définie à « su » alors un « ps » affichera la "
+"commande comme « -su ». Si non définie, alors « ps » affichera le nom du "
+"shell qui sera en fait exécuté, par exemple quelque chose comme « -sh »."
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (booléen)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"Si <replaceable>yes</replaceable>, l'utilisateur doit faire partie des "
+"membres du groupe avec le premier gid 0 dans <filename>/etc/group</filename> "
+"(appelé <replaceable>root</replaceable> sur la plupart des systèmes Linux) "
+"pour être capable de <command>su</command> vers des comptes à uid 0. Si ce "
+"groupe n'existe pas ou est vide, personne ne pourra <command>su</command> "
+"vers un uid 0."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+"Activer la journalisation « syslog » de l'activité de <command>su</command> "
+"- en plus de la journalisation sulog."
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+"En cas de succès, <command>su</command> renvoie la valeur de sortie de la "
+"commande qu'il a exécutée."
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+"Si cette commande s'est terminée par un signal, <command>su</command> y "
+"ajoute 128 et renvoie le résultat."
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"Si <command>su</command> doit tuer la commande (parce qu'il a été demandé de "
+"terminer et que la commande ne s'est pas terminée à temps), <command>su</"
+"command> renvoie 255."
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "succès (<option>--help</option> uniquement)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "Échec système ou d'authentification"
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "La commande demandée n'a pas été trouvée."
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "La commande demandée n'a pas pu être exécutée."
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+"Certaines valeurs de retour de <command>su</command> sont indépendantes de "
+"la commande exécutée : <placeholder-1/>"
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "exécuter une commande avec un autre identifiant de groupe"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "groupe <placeholder-1/> commande"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"La commande <command>sg</command> fonctionne de la même manière que "
+"<command>newgrp</command>, mais prend une commande comme paramètre. Cette "
+"commande sera exécutée avec un interpréteur de commandes <filename>/bin/sh</"
+"filename>. Avec la plupart des interpréteurs de commandes permettant "
+"d'exécuter <command>sg</command>, si la commande comporte plusieurs mots, il "
+"faut la placer entre des guillemets (« \" »). Une autre différence entre "
+"<command>newgrp</command> et <command>sg</command> est que certains "
+"interpréteurs de commandes traitent <command>newgrp</command> de façon "
+"particulière, en se remplaçant eux-mêmes par une nouvelle instance d'un "
+"interpréteur que <command>newgrp</command> crée. Ceci n'est pas le cas de "
+"<command>sg</command>, ce qui permet de retrouver le groupe précédent à la "
+"sortie de <command>sg</command>."
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (booléen)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+"Activer la journalisation « syslog » de l'activité de <command>sg</command>."
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "fichier des mots de passe cachés"
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>shadow</filename> est un fichier qui contient les informations "
+"cachées concernant les mots de passe des utilisateurs et leurs dates de "
+"validité."
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Ce fichier ne doit pas être accessible en lecture par les utilisateurs "
+"normaux afin de maintenir la sécurité des mots de passe, en particuliers "
+"pour prévenir les attaques par dictionnaires."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"Chaque ligne de ce fichier contient 9 champs, séparés par des deux-points "
+"(<quote>:</quote>), dans l'ordre suivant :"
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "nom de connexion de l'utilisateur (« login »)"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr "Ce doit être un nom de compte valable, qui existe sur le système."
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "mot de passe chiffré"
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Consultez <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> pour plus d'informations sur le traitement de "
+"cette chaîne."
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Si le champ du mot de passe contient une chaîne qui ne peut pas être un "
+"résultat valable de <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si elle "
+"contient les caractères ! ou *, alors l'utilisateur ne pourra pas utiliser "
+"son mot de passe UNIX pour se connecter (mais il se peut que l'utilisateur "
+"puisse se connecter au système par d'autres moyens)."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"Ce champ peut être vide. Dans ce cas aucun mot de passe n'est nécessaire "
+"pour s'authentifier avec l'identifiant de connexion indiqué. Cependant, "
+"certaines applications qui lisent le fichier <filename>/etc/shadow</"
+"filename> peuvent n'autoriser aucun accès si le mot de passe est vide."
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+msgid ""
+"A password field which starts with a exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"Un champ de mot de passe qui commence avec un point d'exclamation indique "
+"que le mot de passe est bloqué. Les caractères restants sur la ligne "
+"représentent le champ de mot de passe avant que le mot de passe n'ait été "
+"bloqué."
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "date du dernier changement de mot de passe"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"La date du dernier changement de mot de passe, exprimée en nombre de jours "
+"depuis le 1er janvier 1970."
+
+#: shadow.5.xml:134(para)
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"pasword the next time she will log in the system."
+msgstr ""
+"La valeur 0 a une signification particulière : l'utilisateur devra changer "
+"son mot de passe la prochaine fois qu'il se connectera au système."
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+"Un champ vide indique que les fonctionnalités de vieillissement de mot de "
+"passe sont désactivées."
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "âge minimum du mot de passe"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"L'âge minimum du mot de passe est la durée (en jour) que l'utilisateur devra "
+"attendre avant de pouvoir le changer de nouveau."
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+"Un champ vide ou une valeur de 0 signifie qu'il n'y a pas d'âge minimum pour "
+"le mot de passe."
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "âge maximum du mot de passe"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+"L'âge maximum du mot de passe est la durée (en jour) après laquelle "
+"l'utilisateur devra changer son mot de passe."
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+"Une fois cette durée écoulée, le mot de passe restera valable. Il sera "
+"demandé à l'utilisateur de le changer la prochaine fois qu'il se connectera."
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"Un champ vide signifie qu'il n'y a pour le mot de passe aucune limite d'âge, "
+"aucune période d'avertissement d'expiration et aucune période d'inactivité "
+"(voir ci-dessous)."
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+"Si l'âge maximum du mot de passe est plus petit que l'âge minimum du mot de "
+"passe, l'utilisateur ne pourra pas changer son mot de passe."
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "période d'avertissement d'expiration du mot de passe"
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"La durée (en jour) pendant laquelle l'utilisateur sera averti avant que le "
+"mot de passe n'expire (voir l'âge maximum du mot de passe ci-dessus)."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+"Un champ vide ou une valeur de 0 signifie qu'il n'y aura pas de période "
+"d'avertissement d'expiration du mot de passe."
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "période d'inactivité du mot de passe"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"La durée (en jour) pendant laquelle le mot de passe sera quand même accepté "
+"après son expiration (voir l'âge maximum du mot de passe ci-dessus). "
+"L'utilisateur devra mettre à jour son mot de passe à la prochaine connexion."
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"Après expiration du mot de passe suivie de la période d'expiration, plus "
+"aucune connexion n'est possible en utilisant le mot de passe de "
+"l'utilisateur. L'utilisateur doit contacter son administrateur."
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr "Un champ vide signifie qu'aucune période d'inactivité n'est imposée."
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "date de fin de validité du compte"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"La date d'expiration du compte, exprimé en nombre de jours depuis le "
+"1er janvier 1970."
+
+#: shadow.5.xml:229(para)
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an acount expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"Veuillez noter que l'expiration d'un compte diffère de l'expiration d'un mot "
+"de passe. En cas d'expiration d'un compte, l'utilisateur ne sera plus "
+"autorisé à se connecter. En cas d'expiration d'un mot de passe, "
+"l'utilisateur n'est pas autorisé à se connecter en utilisant son mot de "
+"passe."
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "Un champ vide signifie que le compte n'expirera jamais."
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+"La valeur 0 ne doit pas être utilisée puisqu'elle peut être interprétée soit "
+"comme un compte sans expiration, soit comme ayant expiré le 1er janvier 1970."
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "champ réservé"
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Ce champ est réservé pour une utilisation future."
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "Fichier de sauvegarde pour /etc/shadow."
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Notez que ce fichier est utilisé par les outils de la suite d'outils shadow, "
+"mais pas par tous les outils de gestion d'utilisateurs et de mot de passes."
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Appels de bibliothèque"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "routines d'utilisation des mots de passe cachés"
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAX"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*nom"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FICHIER"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> manipule le contenu du fichier des "
+"mots de passe cachés, <filename>/etc/shadow</filename>. La structure définie "
+"dans le fichier inclus est :"
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* user login name */\n"
+" char\t\t*sp_pwdp; /* encrypted password */\n"
+" long int\t\tsp_lstchg; /* last password change */\n"
+" long int\t\tsp_min; /* days until change allowed. */\n"
+" long int\t\tsp_max; /* days before change required */\n"
+" long int\t\tsp_warn; /* days warning for expiration */\n"
+" long int\t\tsp_inact; /* days before account inactive */\n"
+" long int\t\tsp_expire; /* date when account expires */\n"
+" unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+" "
+msgstr ""
+"struct spwd {\n"
+" char\t\t*sp_namp; /* nom de connexion de l'utilisateur */\n"
+" char\t\t*sp_pwdp; /* mot de passe chiffré */\n"
+" long int\t\tsp_lstchg; /* dernier changement de mot de passe */\n"
+" long int\t\tsp_min; /* jours avant de pouvoir changer de mot de passe "
+"*/\n"
+" long int\t\tsp_max; /* jours avant l'obligation de changer de mot de "
+"passe */\n"
+" long int\t\tsp_warn; /* jours d'avertissement avant la fin de validité "
+"*/\n"
+" long int\t\tsp_inact; /* jours avant que le compte soit inactif */\n"
+" long int\t\tsp_expire; /* date de fin de validité du compte */\n"
+" unsigned long int\tsp_flag; /* réservé pour une utilisation future */\n"
+"}\n"
+" "
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "La signification de chaque champ est la suivante :"
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+"sp_namp - pointeur vers le nom d'utilisateur terminé par un zéro binaire "
+"(« null-terminated »)"
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+"sp_pwdp - pointeur vers le mot de passe terminé par un zéro binaire (« null-"
+"terminated »)"
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+"sp_lstchg - nombre de jours, comptés à partir du 1er janvier 1970, depuis la "
+"dernière modification du mot de passe"
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+"sp_min - nombre de jours pendant lesquels le mot de passe ne peut pas être "
+"changé"
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+"sp_max - nombre maximal de jours avant que le mot de passe doive être changé"
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+"sp_warn - nombre de jours avant que le mot de passe n'arrive en fin de "
+"validité pendant lesquels l'utilisateur est averti de la fin prochaine de la "
+"validité de son mot de passe"
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+"sp_inact - nombre de jours après la fin de validité du mot de passe avant de "
+"considérer que le compte est inactif et soit désactivé"
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+"sp_expire - nombre de jours, comptés à partir du 1er janvier 1970, après "
+"lesquels le compte sera désactivé"
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - réservé pour une utilisation future"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+"<emphasis>Getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, et <emphasis>sgetspent</emphasis> renvoient "
+"tous un pointeur vers une structure <emphasis>struct spwd</emphasis>. "
+"<emphasis>Getspent</emphasis> renvoie l'entrée suivante du fichier, et "
+"<emphasis>fgetspent</emphasis> renvoie l'entrée suivante du flux qui est "
+"considéré comme étant un fichier au format correct. <emphasis>Sgetspent</"
+"emphasis> renvoie un pointeur vers une structure <emphasis>struct spwd</"
+"emphasis> en utilisant la chaîne de caractère fournie en entrée. "
+"<emphasis>Getspnam</emphasis> cherche à partir de la position courante une "
+"entrée correspondant à <emphasis>nom</emphasis> dans le fichier fourni en "
+"entrée."
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"<emphasis>Setspent</emphasis> et <emphasis>endspent</emphasis> peuvent être "
+"utilisés pour débuter et terminer l'accès au fichier de mots de passe cachés."
+
+# TBD: vérifier tous les remap
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"Les fonctions <emphasis>lckpwdf</emphasis> et <emphasis>ulckpwdf</emphasis> "
+"doivent être utilisées pour garantir un accès exclusif au fichier <filename>/"
+"etc/shadow</filename>. <emphasis>Lckpwdf</emphasis> essaie de placer un "
+"verrou avec <emphasis>pw_lock</emphasis> pendant 15 secondes. Il essaie "
+"ensuite de placer un second verrou en utilisant <emphasis>spw_lock</"
+"emphasis> pendant le reste de ces 15 secondes. Si un de ces verrous ne peut "
+"être placé, <emphasis>lckpwdf</emphasis> renvoie -1. Quand les deux verrous "
+"peuvent être placés, la valeur 0 est renvoyée."
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"Les fonctions renvoient NULL si plus aucune entrée n'est disponible ou si "
+"une erreur est survenue lors du traitement. Les fonctions dont la valeur de "
+"retour est un <emphasis>int</emphasis> renvoient 0 en cas de succès et -1 en "
+"cas d'échec."
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+"Ces fonctions peuvent n'être utilisées que par le superutilisateur car "
+"l'accès au fichier de mots de passe cachés est restreint."
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command)
+#: login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command)
+#: login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command)
+#: login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr ""
+"Convertir vers ou depuis les fichiers de mots de passe ou de groupe cachés"
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"La commande <command>pwconv</command> crée le fichier <emphasis remap=\"I"
+"\">shadow</emphasis> à partir du fichier <emphasis remap=\"I\">passwd</"
+"emphasis> et d'un éventuel fichier <emphasis remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"<command>pwconv</command> ne fonctionne pas avec <option>USE_TCB</option> "
+"activée. Pour convertir les mots de passe vers tcb, vous devez d'abord "
+"utiliser <command>pwconv</command> pour les convertir vers les mots de passe "
+"cachés en désactivant <option>USE_TCB</option> dans <filename>login.defs</"
+"filename> puis les convertir en mots de passe tcb avec <command>tcb_convert</"
+"command> (et en réactivant <option>USE_TCB</option> dans <filename>login."
+"defs</filename>)."
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"La commande <command>pwunconv</command> crée le fichier <emphasis remap=\"I"
+"\">passwd</emphasis> à partir des fichiers <emphasis remap=\"I\">passwd</"
+"emphasis> et <emphasis remap=\"I\">shadow</emphasis> puis supprime <emphasis "
+"remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"<command>pwunconv</command> ne fonctionne pas avec <option>USE_TCB</option> "
+"activé. Vous devez d'abord convertir les mots de passe depuis tcb vers des "
+"mots de passe cachés en utilisant <command>tcb_unconvert</command> puis "
+"désactiver <option>USE_TCB</option> dans <filename>login.defs</filename> "
+"avant d'utiliser <command>pwunconv</command>."
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"La commande <command>grpconv</command> crée <emphasis remap=\"I\">gshadow</"
+"emphasis> à partir de <emphasis remap=\"I\">group</emphasis> et d'un "
+"éventuel fichier <emphasis remap=\"I\">gshadow</emphasis>."
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"La commande <command>grpunconv</command> crée <emphasis remap=\"I\">group</"
+"emphasis> à partir des fichiers <emphasis remap=\"I\">group</emphasis> et "
+"<emphasis remap=\"I\">gshadow</emphasis> puis supprime <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"Ces quatre programmes opèrent sur les fichiers de mots de passe et "
+"d'informations sur les groupes cachés ou non : <filename>/etc/passwd</"
+"filename>, <filename>/etc/group</filename>, <filename>/etc/shadow</"
+"filename>, et <filename>/etc/gshadow</filename>."
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"Chaque programme place les verrous nécessaires avant d'effectuer la "
+"conversion. <command>pwconv</command> et <command>grpconv</command> sont "
+"similaires. Dans un premier temps, les entrées du fichier de mots de passe "
+"cachés (<filename>/etc/shadow</filename> ou <filename>/etc/gshadow</"
+"filename>) qui n'existent pas dans le fichier principal (<filename>passwd</"
+"filename> ou <filename>group</filename>), sont retirées. Ensuite, les "
+"entrées du fichier <filename>shadow</filename> n'ayant pas pour mot de passe "
+"« x » dans le fichier <filename>passwd</filename> sont mises à jour. Enfin, "
+"les mots de passe du fichier <filename>passwd</filename> sont remplacés par "
+"« x ». Ces programmes peuvent être utilisés pour une première conversion, ou "
+"bien pour une mise à jour, si les fichiers principaux [ NdT : non cachés ] "
+"ont été édités à la main."
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"Lors de l'ajout de nouvelles entrées dans <filename>/etc/shadow</filename>, "
+"<command>pwconv</command> utilisera les valeurs de <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"et <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> définies dans le fichier "
+"<filename>/etc/login.defs</filename>."
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"De même, <command>pwunconv</command> et <command>grpunconv</command> sont "
+"similaires. Les mots de passe des fichiers principaux sont mis à jour à "
+"partir des fichiers d'informations cachées (« shadowed file »). Les entrées "
+"existant dans un fichier principal, mais pas dans le fichier caché sont "
+"laissées. Enfin, le fichier caché est supprimé. Certaines informations d'âge "
+"des mots de passe sont perdues par <command>pwunconv</command>. Il ne "
+"convertit que ce qu'il peut."
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Les options applicables aux commandes <command>pwconv</command>, "
+"<command>pwunconv</command>, <command>grpconv</command> et "
+"<command>grpunconv</command> sont :"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"Des erreurs dans les fichiers de mots de passe ou d'informations sur les "
+"groupes (comme des entrées invalides ou redondantes) peuvent conduire ces "
+"programmes à boucler indéfiniment ou à échouer d'une manière tout aussi "
+"étrange. Veuillez exécuter <command>pwck</command> et <command>grpck</"
+"command> pour corriger ces erreurs avant de lancer toute conversion."
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"La variable de configuration suivante dans <filename>/etc/login.defs</"
+"filename> change le comportement de <command>grpconv</command> et "
+"<command>grpunconv</command> :"
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"Les variables de configuration suivantes dans <filename>/etc/login.defs</"
+"filename> changent le comportement de <command>pwconv</command> :"
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr "Création, 1992"
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "Vérifier l'intégrité des fichiers de mots de passe"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command)
+#: login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"La commande <command>pwck</command> vérifie l'intégrité des informations du "
+"système concernant les utilisateurs et leur mots de passe. Toutes les "
+"entrées des fichiers <filename>/etc/passwd</filename> et <filename>/etc/"
+"shadow</filename> sont vérifiées afin de s'assurer qu'elles ont le bon "
+"format et qu'elles contiennent des données valables dans chaque champ. Une "
+"confirmation de l'utilisateur sera demandée pour détruire les entrées mal "
+"formatées ou ayant d'autres erreurs non récupérables."
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "Voici les vérifications effectuées :"
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "nombre correct de champs ;"
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "unicité et validité des noms d'utilisateur ;"
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "validité des identifiants d'utilisateur et de groupe ;"
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "validité du groupe primaire ;"
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "validité du répertoire personnel ;"
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "validité de l'interpréteur de commandes initial (« login shell »)."
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"Les vérifications de <filename>shadow</filename> sont activées quand un "
+"second paramètre de fichier est indiqué ou quand <filename>/etc/shadow</"
+"filename> existe sur le système."
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "Ces vérifications sont les suivantes :"
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+"chaque entrée de passwd a une entrée correspondante dans shadow, et chaque "
+"entrée shadow a une entrée passwd correspondante ;"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+"les mots de passe sont indiqués dans le fichier des mot de passe cachés ;"
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "les entrées de shadow ont le bon nombre de champs ;"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "les entrées de shadow sont uniques dans shadow ;"
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "la date du dernier changement de mot de passe n'est pas dans le futur."
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+"Une erreur dans le nombre de champs ou la non unicité d'un nom d'utilisateur "
+"sera fatale. Si le nombre de champs n'est pas correct, il sera demandé à "
+"l'utilisateur de supprimer la ligne. Si l'utilisateur ne répond pas par "
+"l'affirmative, les vérifications suivantes ne seront pas effectuées. Il sera "
+"également demandé de supprimer les entrées correspondant aux noms "
+"d'utilisateur redondants, mais dans ce cas, les autres vérifications seront "
+"effectuées. Toutes les autres erreurs ne sont que des avertissements et "
+"l'utilisateur est encouragé à utiliser <command>usermod</command> pour les "
+"corriger."
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"Les commandes qui opèrent sur le fichier <filename>/etc/passwd</filename> ne "
+"peuvent pas modifier les entrées corrompues ou redondantes. <command>pwck</"
+"command> doit être utilisé dans ce cas pour retirer ces entrées."
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Les options <option>-r</option> et <option>-s</option> ne peuvent pas être "
+"combinées."
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>pwck</command> sont :"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+"Ne signaler que les erreurs. Les avertissements qui ne nécessitent pas une "
+"action de la part de l'utilisateur ne seront pas affichés."
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "Permet d'exécuter <command>pwck</command> dans le mode lecture seule."
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"Trie les entrées de <filename>/etc/passwd</filename> et <filename>/etc/"
+"shadow</filename> par UID."
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+"Cette option n'a aucun effet quand <option>USE_TCB</option> est activée."
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"Par défaut, <command>pwck</command> opère sur les fichiers <filename>/etc/"
+"passwd</filename> et <filename>/etc/shadow</filename><phrase condition="
+"\"tcb> (ou les fichiers dans <filename>/etc/tcb</filename>)</phrase>. "
+"L'utilisateur peut spécifier d'autres fichiers avec les paramètres "
+"<replaceable>passwd</replaceable> et <replaceable>shadow</replaceable>."
+
+#: pwck.8.xml:243(para)
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"paramater could be replaced by an alternate TCB directory."
+msgstr ""
+"Veuillez noter que quand <option>USE_TCB</option> est activée, vous ne "
+"pouvez pas indiquer de fichier <replaceable>shadow</replaceable> alternatif. "
+"Dans les prochaines versions, ce paramètre pourra être remplacé par un "
+"répertoire TCB alternatif."
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "une entrée de mot de passe ou plus est incorrecte"
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "impossible d'ouvrir les fichiers de mots de passe"
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "impossible de verrouiller les fichiers de mots de passe"
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "impossible de mettre à jour les fichiers des mots de passe"
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "impossible de trier les fichiers de mots de passe"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>pwck</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+"Fichier de configuration des droits d'accès en fonction de la date et de "
+"l'heure"
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> contient une liste de tty, noms "
+"d'utilisateurs, et horaires d'accès autorisés."
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"Chaque entrée consiste en trois champs séparés par un caractère deux-points "
+"« : ». Le premier champ est une liste de tty séparés par des virgules, ou un "
+"astérisque « * » pour indiquer que l'entrée correspond à toutes les tty. Le "
+"second champ est une liste de noms d'utilisateurs, ou un astérisque pour "
+"indiquer que cette entrée correspond à n'importe quel utilisateur. Le "
+"troisième champ est une liste d'horaires d'accès autorisés."
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"Chaque horaire d'accès consiste en zéro ou plusieurs abréviations de jours "
+"de la semaine : <emphasis>Su</emphasis> (dimanche), <emphasis>Mo</emphasis> "
+"(lundi), <emphasis>Tu</emphasis> (mardi), <emphasis>We</emphasis> "
+"(mercredi), <emphasis>Th</emphasis> (jeudi), <emphasis>Fr</emphasis> "
+"(vendredi), <emphasis>Sa</emphasis> (samedi), suivi d'un couple d'horaires "
+"séparés par un tiret. L'abréviation <emphasis>Wk</emphasis> peut être "
+"utilisée pour représenter les jours de la semaine du lundi au vendredi, et "
+"<emphasis>Al</emphasis> permet de spécifier l'ensemble des jours de la "
+"semaine. Par défaut, si aucun jour n'est spécifié, <emphasis>Al</emphasis> "
+"est utilisé."
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "EXEMPLES"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"L'entrée suivante autorise l'accès à l'utilisateur <emphasis remap=\"B"
+"\">jfh</emphasis> sur n'importe quel port pendant la semaine de 9 heures à "
+"17 heures."
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"L'entrée suivante autorise l'accès à /dev/console uniquement aux "
+"utilisateurs <emphasis>root</emphasis> et <emphasis>oper</emphasis> à "
+"n'importe quelle heure. Ceci permet de montrer l'importance de l'ordre des "
+"entrées dans le fichier <filename>/etc/porttime</filename>. Les autres "
+"utilisateurs ne satisferont que la deuxième entrée, qui n'autorise aucun "
+"accès."
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+msgstr ""
+"\n"
+" console:root,oper:Al0000-2400\n"
+" console:*:\n"
+" "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"L'entrée suivante autorise l'accès à tous les ports pour l'utilisateur "
+"<emphasis>games</emphasis>, en dehors des heures de travail."
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "Fichier contenant le port d'accès."
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "fichier des mots de passe"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> contient différentes informations sur les "
+"comptes utilisateurs. Ces informations consistent en sept champs séparés par "
+"des deux-points (« : ») :"
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "un mot de passe chiffré optionnel"
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "l'identifiant numérique de l'utilisateur"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "l'identifiant numérique du groupe de l'utilisateur"
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "le nom complet de l'utilisateur ou un champ de commentaires"
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "le répertoire personnel de l'utilisateur"
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "l'interpréteur de commandes de l'utilisateur (optionnel)"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Le champ du mot de passe chiffré peut être vide. Dans ce cas, aucun mot de "
+"passe n'est nécessaire pour s'authentifier avec le compte donné. Cependant, "
+"certaines applications qui lisent le fichier <filename>/etc/passwd</"
+"filename> peuvent décider de ne donner aucun accès si le <emphasis>mot de</"
+"emphasis> passe est vide. Si le mot de passe est un <quote>x</quote> "
+"minuscule, alors le mot de passe chiffré se trouve dans le fichier "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> ; il <emphasis>doit</emphasis> y avoir une ligne "
+"correspondante dans le fichier <filename>shadow</filename>, sinon le compte "
+"de l'utilisateur n'est pas valide. Si le mot de passe est constitué d'une "
+"autre chaîne, alors il est considéré comme un mot de passe chiffré, comme "
+"indiqué dans <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Le champ de commentaire est utilisé par différents utilitaires système, tels "
+"que <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"Le champ du répertoire personnel de l'utilisateur correspond au nom du "
+"répertoire de travail initial. <command>login</command> utilise cette "
+"information pour définir la valeur de la variable d'environnement <envar>"
+"$HOME</envar>."
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"Le champ de l'interpréteur de commandes correspond au nom de l'interpréteur "
+"de commandes de l'utilisateur, ou au nom d'un programme initial à exécuter. "
+"<command>login</command> utilise cette information pour définir la valeur de "
+"la variable d'environnement <envar>$SHELL</envar>. Si ce champ est vide, "
+"<filename>/bin/sh</filename> est utilisé par défaut."
+
+# TBC: file ?
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "un mot de passe chiffré optionnel"
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "Fichier de sauvegarde de /etc/passwd."
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "Modifier le mot de passe d'un utilisateur"
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"La commande <command>passwd</command> modifie les mots de passe des comptes "
+"d'utilisateurs. Un utilisateur normal ne peut changer que son propre mot de "
+"passe, alors que le superutilisateur peut changer le mot de passe associé à "
+"n'importe quel compte. <command>passwd</command> modifie également les dates "
+"de fin de validité du compte ou du mot de passe associé."
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Modifications du mot de passe"
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"Dans un premier temps, l'utilisateur doit fournir son ancien mot de passe, "
+"s'il en avait un. Ce mot de passe est ensuite chiffré puis comparé avec le "
+"mot de passe enregistré. L'utilisateur n'a droit qu'à un seul essai pour "
+"entrer le mot de passe correct. Le superutilisateur peut contourner cette "
+"première étape de manière à changer les mots de passe ayant été oubliés."
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"Une fois que le mot de passe a été entré, les informations de limite de "
+"validité du mot de passe sont vérifiées pour s'assurer que l'utilisateur est "
+"autorisé à modifier son mot de passe à cet instant. Dans le cas contraire, "
+"<command>passwd</command> refuse de changer le mot de passe, et quitte."
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"Le nouveau mot de passe sera demandé deux fois à l'utilisateur. Le second "
+"mot de passe est comparé avec le premier. Ces deux mots de passe devront "
+"être identiques pour que le mot de passe soit changé."
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"La complexité de ce mot de passe est alors testée. Comme ligne de conduite "
+"générale, un mot de passe doit toujours être constitué de 6 à 8 caractères "
+"en en choisissant un ou plus parmi chacun des ensembles suivants :"
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "caractères alphabétiques minuscules"
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "chiffres de 0 à 9"
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "marques de ponctuation"
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"Il faudra faire attention à ne pas utiliser les caractères de suppression ou "
+"d'effacement. <command>passwd</command> rejettera tout mot de passe dont la "
+"complexité ne sera pas suffisante."
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Astuces pour les mots de passe"
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"La sécurité d'un mot de passe repose sur la force de l'algorithme de "
+"chiffrement et sur la taille de l'espace de clés utilisé. La méthode de "
+"chiffrement des systèmes <emphasis>UNIX</emphasis> est basée sur "
+"l'algorithme NBS DES. Des méthodes plus récentes sont maintenant "
+"recommandées (voir <option>ENCRYPT_METHOD</option>). La taille de l'espace "
+"de clés dépend de l'aléa du mot de passe utilisé."
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"Les compromissions de la sécurité des mots de passe résultent le plus "
+"souvent d'une négligence dans le choix du mot de passe, ou lors de son "
+"utilisation. Pour cette raison, vous ne devez pas sélectionner de mot de "
+"passe apparaissant dans un dictionnaire ou devant être écrit. Le mot de "
+"passe ne doit pas non plus être un nom propre, un numéro minéralogique, une "
+"date de naissance, ou une adresse. En effet ceux-ci pourraient être devinés "
+"pour violer la sécurité du système."
+
+#: passwd.1.xml:166(para)
+msgid ""
+"You can find advices on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"Vous pouvez trouver des conseils sur la façon choisir un mot de passe "
+"robuste sur http://en.wikipedia.org/wiki/Password_strength (en anglais)."
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>passwd</command> sont :"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+# NOTE: pas clair
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Cette option ne peut être utilisée qu'avec <option>-S</option> et permet "
+"d'afficher l'état des mots de passe pour tous les utilisateurs."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Supprimer le mot de passe (le rendre vide) d'un utilisateur. C'est une façon "
+"rapide de supprimer l'authentification par mot de passe pour un compte. Il "
+"rend le compte indiqué sans mot de passe."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Annuler immédiatement la validité du mot de passe d'un compte. Ceci permet "
+"d'obliger un utilisateur à changer son mot de passe lors de sa prochaine "
+"connexion."
+
+#: passwd.1.xml:220(term)
+#| msgid ""
+#| "<option>-i</option>, <option>--inactive</option><replaceable>INACTIVE</"
+#| "replaceable>"
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+# NOTE: Only this user account
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Cette option permet de désactiver un compte quelques temps après expiration "
+"de son mot de passe. <replaceable>DURÉE_INACTIVITÉ</replaceable> jours après "
+"expiration de son mot de passe, l'utilisateur ne pourra plus se connecter "
+"avec ce compte."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+# NOTE: pas clair
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Indiquer que la modification de mot de passe ne sera effectuée que lors de "
+"l'expiration des jetons d'authentification (mots de passe). C'est utile dans "
+"le cas où l'utilisateur voudrait conserver ses jetons d'authentification "
+"encore valables."
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Verrouiller le mot de passe du compte indiqué. Cette option désactive un mot "
+"de passe en le modifiant par une valeur qui ne correspond pas à un mot de "
+"passe chiffré possible (cela ajoute un « ! » au début du mot de passe)."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"Veuillez noter que cela ne désactive pas le compte. L'utilisateur peut "
+"toujours se connecter en utilisant une autre méthode d'authentification (par "
+"exemple une clé SSH). Pour désactiver un compte, les administrateurs "
+"devraient utiliser <command>usermod --expiredate 1</command> (cela définit "
+"la date d'expiration du compte au 2 janvier 1970)."
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+"Les utilisateurs avec un mot de passe verrouillé ne sont pas autorisés à le "
+"changer."
+
+#: passwd.1.xml:269(term)
+#| msgid ""
+#| "<option>-n</option>, <option>--mindays</option><replaceable>MIN_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>JOURS_MIN</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Définir le nombre minimum de jours entre chaque changement de mot de passe à "
+"<replaceable>MIN_DAYS</replaceable>. Une valeur de zéro pour ce champ "
+"indique que l'utilisateur peut changer son mot de passe quand il le souhaite."
+
+#: passwd.1.xml:291(term)
+#| msgid ""
+#| "<option>-r</option>, <option>--repository</"
+#| "option><replaceable>REPOSITORY</replaceable>"
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+"Modifier le mot de passe dans la base <replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Afficher l'état d'un compte. Cet état est constitué de 7 champs. Le premier "
+"champ est le nom du compte. Le second champ indique si le mot de passe est "
+"bloqué (L), n'a pas de mot de passe (NP) ou a un mot de passe utilisable "
+"(P). Le troisième champ donne la date de dernière modification du mot de "
+"passe. Les quatre champs suivants sont : la durée minimum avant "
+"modification, la durée maximum de validité, la durée d'avertissement, et la "
+"durée d'inactivité autorisée pour le mot de passe. Les durées sont exprimées "
+"en jours."
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Déverrouiller le mot de passe du compte indiqué. Cette option réactive un "
+"mot de passe en remettant le mot de passe à sa valeur précédente (la valeur "
+"présente avant l'utilisation de l'option <option>-l</option>)."
+
+#: passwd.1.xml:344(term)
+#| msgid ""
+#| "<option>-w</option>, <option>--warndays</option><replaceable>WARN_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DURÉE_AVERTISSEMENT</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"Configurer le nombre de jours d'avertissement avant que le changement de mot "
+"de passe ne soit obligatoire. La valeur <replaceable>DURÉE_AVERTISSEMENT</"
+"replaceable> est le nombre de jours précédant la fin de validité pendant "
+"lesquels un utilisateur sera prévenu que son mot de passe est sur le point "
+"d'arriver en fin de validité."
+
+#: passwd.1.xml:357(term)
+#| msgid ""
+#| "<option>-x</option>, <option>--maxdays</option><replaceable>MAX_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>JOURS_MAX</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"Configurer le nombre maximum de jours pendant lesquels un mot de passe reste "
+"valable. Après <replaceable>JOURS_MAX</replaceable>, le mot de passe devra "
+"être modifié."
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"La vérification de la complexité des mots de passe peut varier d'un site à "
+"l'autre. Il est vivement conseillé aux utilisateurs de choisir un mot de "
+"passe aussi complexe que possible dans la limite de ce qu'il est capable de "
+"mémoriser. "
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"Il se peut que les utilisateurs ne puissent pas changer leur mot de passe "
+"sur un système si NIS est activé et qu'ils ne sont pas connectés au serveur "
+"NIS."
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+"<command>passwd</command> utilise PAM pour authentifier les utilisateurs et "
+"modifier leur mot de passe."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (chaîne de caractères)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+"Définir les algorithmes de chiffrement par défaut du système pour coder les "
+"mots de passes (si aucun algorithme n'a été indiqué sur la ligne de "
+"commandes)."
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Les valeurs suivantes sont acceptées : <replaceable>DES</replaceable> (par "
+"défaut), <replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+"Remarque : ce paramètre remplace la variable <option>MD5_CRYPT_ENAB</option>."
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"Remarque : cela n'affecte que la création des mots de passe de groupe. La "
+"création de mot de passe des utilisateurs est effectuée par PAM en fonction "
+"de la configuration de PAM. Il est recommandé de définir cette variable en "
+"cohérence avec la configuration de PAM."
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (booléen)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"Indiquer si un mot de passe doit être chiffré en utilisant l'algorithme basé "
+"sur MD5. Si configurée à <replaceable>yes</replaceable>, les nouveaux mots "
+"de passe seront chiffrés en utilisant l'algorithme basé sur MD5 compatible "
+"avec celui utilisé par les versions récentes de FreeBSD. Il gère des mots de "
+"passe de longueur illimitée et des chaînes de salage plus longues. "
+"Configurez-la à <replaceable>no</replaceable> pour copier les mots de passe "
+"chiffrés sur d'autres systèmes qui ne comprennent pas le nouvel algorithme. "
+"la valeur par défaut est <replaceable>no</replaceable>."
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"Cette variable est écrasée par la variable <option>ENCRYPT_METHOD</option> "
+"ou par toute option de la ligne de commande utilisée pour configurer "
+"l'algorithme de chiffrement."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+"Cette variable est obsolète. Vous devriez utiliser <option>ENCRYPT_METHOD</"
+"option>."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (booléen)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr ""
+"Activer des vérifications supplémentaires lors des changements de mot de "
+"passe."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (booléen)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"Avertir en cas de mots de passe faibles (mais les accepte quand même) si "
+"vous êtes superutilisateur."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (nombre)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+"Nombre maximum d'essais pour changer de mot de passe si refusé (trop facile)."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (nombre)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (nombre)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"Nombre de caractères significatifs dans le mot de passe pour crypt(). La "
+"valeur par défaut de <option>PASS_MAX_LEN</option> est 8. Ne la changez pas "
+"à moins que votre crypt() ne soit meilleur. Ceci est ignoré si "
+"<option>MD5_CRYPT_ENAB</option> est configurée à <replaceable>yes</"
+"replaceable>."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (nombre)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (nombre)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"Quand <option>ENCRYPT_METHOD</option> est configurée à <replaceable>SHA256</"
+"replaceable> ou <replaceable>SHA512</replaceable>, cela définit le nombre de "
+"rounds de SHA utilisés par l'algorithme de chiffrement par défaut (quand le "
+"nombre de rounds n'est pas précisé sur la ligne de commande)."
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"Avec beaucoup de rounds, il est plus difficile de trouver le mot de passe "
+"avec une attaque par force brute. Veuillez remarquer que plus de ressources "
+"processeur seront nécessaires pour authentifier les utilisateurs."
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+"Si non précisée, la libc utilisera le nombre de rounds par défaut (5000)."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+"Les valeurs doivent être comprises dans l'intervalle 1 000 - 999 999 999."
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"Si une seule des variables <option>SHA_CRYPT_MIN_ROUNDS</option> ou "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> est configurée, alors cette valeur "
+"sera utilisée."
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"Si <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, la valeur la plus élevée sera utilisée."
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "Configuration de PAM pour <command>passwd</command>."
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "permission refusée"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "combinaison d'options non valable"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "échec inattendu, rien n'a été fait"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "échec inattendu, le fichier <filename>passwd</filename> est manquant"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+"fichier <filename>passwd</filename> en cours d'utilisation, veuillez "
+"réessayer plus tard"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>passwd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "refuser poliment une connexion"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"La commande <command>nologin</command> affiche un message indiquant que le "
+"compte n'est pas disponible et retourne avec un code non nul. Elle peut être "
+"placée dans le champ indiquant l'interpréteur de commandes pour les comptes "
+"qui ont été désactivés."
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"Pour désactiver toutes les connexions, veuillez consulter "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "HISTORIQUE"
+
+#: nologin.8.xml:91(para)
+msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgstr "La commande <command>nologin</command> est apparue avec BSD 4.4."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "Mettre à jour, ou créer de nouveaux utilisateurs par lots"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "fichier"
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"La commande <command>newusers</command> lit un "
+"<replaceable>fichier<replaceable> (ou l'entrée standard par défaut) et "
+"utilise ces informations pour mettre à jour un groupe d'utilisateurs "
+"existants ou pour créer de nouveaux utilisateurs. Chaque ligne est au même "
+"format que le fichier des mots de passe (consultez "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) avec les exceptions suivantes :"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "C'est le nom de l'utilisateur."
+
+#: newusers.8.xml:116(para)
+msgid ""
+"It can be the name of a new user or the name of an existing user (or an user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Il peut s'agir du nom d'un nouvel utilisateur ou du nom d'un utilisateur "
+"existant (ou d'un utilisateur créé précédemment par <command>newusers</"
+"command>). Dans le cas d'un utilisateur existant, les informations de "
+"l'utilisateur seront modifiées, sinon un nouvel utilisateur sera créé."
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Ce champ sera chiffré et utilisé comme nouvelle valeur du mot de passe "
+"chiffré."
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr "pw_uid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Ce champ est utilisé pour définir l'UID de l'utilisateur."
+
+#: newusers.8.xml:144(para)
+msgid ""
+"If the field is empty, an new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"Si ce champ est vide, un nouvel UID (non utilisé) sera défini "
+"automatiquement par <command>newusers</command>."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr "Si ce champ contient un nombre, ce nombre sera utilisé comme UID."
+
+#: newusers.8.xml:152(para)
+msgid ""
+"If this field contains the name of an existing user (or the name of an user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"Si ce champ contient le nom d'un utilisateur existant (ou le nom d'un "
+"utilisateur créé précédemment par <command>newusers</command>), l'UID de "
+"l'utilisateur indiqué sera utilisé."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"Si l'UID d'un utilisateur existant est modifié, vous devrez configurer vous-"
+"même le propriétaire des fichiers de l'utilisateur."
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+"Ce champ est utilisé pour définir l'identifiant du groupe primaire de "
+"l'utilisateur."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"Si ce champ contient le nom d'un groupe existant (ou d'un groupe créé "
+"précédemment par <command>newusers</command>), le GID de ce groupe sera "
+"utilisé comme identifiant de groupe primaire pour l'utilisateur."
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"Si ce champ est un nombre, ce nombre sera utilisé comme identifiant de "
+"groupe primaire de cet utilisateur. Si aucun groupe n'existe avec ce GID, un "
+"nouveau groupe sera créé avec ce GID et le nom de l'utilisateur."
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"Si ce champ est vide, un nouveau groupe sera créé avec le nom de "
+"l'utilisateur et un GID sera automatiquement défini par <command>newusers</"
+"command> pour être utilisé comme identifiant de groupe primaire pour "
+"l'utilisateur et comme GID pour le nouveau groupe."
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"Si le champ contient le nom d'un groupe qui n'existe pas (et qui n'a pas été "
+"créé précédemment par <command>newusers</command>), un nouveau groupe sera "
+"créé avec le nom indiqué et un GID sera automatiquement défini par "
+"<command>newusers</command> pour être utilisé comme identifiant de groupe "
+"primaire pour l'utilisateur et comme identifiant pour le nouveau groupe."
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Ce champ est copié dans le champ GECOS de l'utilisateur."
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr ""
+"Ce champ est utilisé pour définir le répertoire personnel de l'utilisateur."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"Si ce champ n'indique pas de répertoire existant, le répertoire indiqué est "
+"créé, avec comme propriétaire l'utilisateur en cours de création ou mis à "
+"jour et son groupe primaire."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"Si le répertoire personnel d'un utilisateur existant est modifié, "
+"<command>newusers</command> ne déplace ni ne copie le contenu de l'ancien "
+"répertoire personnel à la nouvelle place. Vous devrez effectuer cela vous-"
+"même."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"Ce champ définit l'interpréteur de commande de l'utilisateur. Aucune "
+"vérification n'est effectuée sur ce champ."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"<command>newusers</command> essayera d'abord de créer ou de modifier tous "
+"les utilisateurs indiqués puis écrira ces modifications dans les bases de "
+"données d'utilisateurs et de groupes. Si une erreur survient (en dehors de "
+"l'écriture finale des bases de données), aucune modification ne sera "
+"propagée dans les bases de données."
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+"Lors du premier passage, les utilisateurs sont créés avec un mot de passe "
+"verrouillé (les mots de passe ne sont pas modifiés pour les utilisateurs non "
+"créés). Un second passage est utilisé pour mettre à jour les mots de passe "
+"en utilisant PAM. Les échecs de mise à jour des mots de passe sont signalés, "
+"mais n'empêchent pas les mises à jour des autres mots de passe."
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Cette commande a été conçue pour les gros systèmes pour lesquels un grand "
+"nombre de comptes sont mis à jour en même temps."
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>newusers</command> sont :"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "Utiliser la méthode précisée pour chiffrer les mots de passe."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"Les méthodes disponibles sont DES, MD5, NONE et SHA256 ou SHA512 si votre "
+"libc prend en charge ces méthodes."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Les utilisateurs système seront créés sans information d'âge dans <filename>/"
+"etc/shadow</filename> et leurs identifiants numériques sont choisis dans "
+"l'intervalle <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, "
+"défini dans <filename>login.defs</filename>, au lieu de <option>UID_MIN</"
+"option>-<option>UID_MAX</option> (et leur <option>GID</option> correspondant "
+"pour la création de groupes)."
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "Utiliser le nombre de rounds précisé pour chiffrer les mots de passe."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"La valeur 0 signifie que le système choisira la valeur par défaut du nombre "
+"de rounds pour la méthode de chiffrement (5 000)."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+"Une valeur minimale de 1 000 et une valeur maximale de 999 999 999 seront "
+"imposées."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Vous ne pouvez utiliser cette méthode qu'avec les méthodes de chiffrement "
+"SHA256 ou SHA512."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut, le nombre de rounds est défini par les variables "
+"SHA_CRYPT_MIN_ROUNDS et SHA_CRYPT_MAX_ROUNDS dans <filename>/etc/login.defs</"
+"filename>."
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Le fichier d'entrée doit être correctement protégé puisqu'il contient des "
+"mots de passe en clair."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Vous devez vous assurer que les mots de passe et la méthode de chiffrement "
+"respectent la politique de mot de passe du système."
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "Configuration de PAM pour <command>newusers</command>."
+
+#: newusers.8.xml:452(para)
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "se connecter avec un nouveau groupe"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "groupe"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"La commande <command>newgrp</command> permet de changer l'identifiant de "
+"groupe de l'utilisateur au cours d'une session. Si l'option <option>-</"
+"option> est fournie, l'environnement de l'utilisateur est réinitialisé, "
+"comme si l'utilisateur venait de se connecter. Sinon, l'environnement "
+"actuel, y compris le répertoire de travail actuel est conservé."
+
+# NOTE:
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+"<command>newgrp</command> change l'identifiant de groupe réel actuel à la "
+"valeur du groupe indiqué, ou au groupe par défaut défini dans <filename>/etc/"
+"passwd</filename> si aucun nom de groupe n'est fourni. <command>newgrp</"
+"command> essaiera également d'ajouter le groupe à l'ensemble des groupes de "
+"l'utilisateur. Si l'utilisateur n'est pas superutilisateur, un mot de passe "
+"lui sera demandé s'il n'utilise pas de mot de passe (dans <filename>/etc/"
+"shadow</filename>, si cet utilisateur a une entrée dans le fichier des mots "
+"de passe cachés, ou dans <filename>/etc/passwd</filename> sinon), mais que "
+"le groupe en a un, ou si l'utilisateur n'est pas dans la liste des membres "
+"de ce groupe et que ce groupe utilise un mot de passe. L'accès sera refusé "
+"si le mot de passe du groupe est vide et que l'utilisateur ne fait pas "
+"partie de ses membres."
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+"S'il y a une entrée pour ce groupe dans <filename>/etc/gshadow</filename>, "
+"alors la liste des membres et le mot de passe de ce groupe seront pris dans "
+"ce fichier, sinon, l'entrée du fichier <filename>/etc/group</filename> est "
+"utilisée."
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "Imposer les restrictions de connexion dans le temps"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"<command>logoutd</command> impose les restrictions (sur les ports, la date "
+"et l'heure de connexion) spécifiées dans <filename>/etc/porttime</filename>. "
+"<command>logoutd</command> doit être démarré depuis <filename>/etc/rc</"
+"filename>. Il analyse le fichier <filename>/var/run/utmp</filename> "
+"régulièrement et, pour chaque utilisateur, il vérifie que ce nom "
+"d'utilisateur est autorisé à être connecté à ce port à ce moment. Toute "
+"session en violation avec les restrictions de <filename>/etc/porttime</"
+"filename> est terminée."
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Liste des sessions de connexion en cours."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "configuration de la suite des mots de passe cachés « shadow password »"
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+"Le fichier <filename>/etc/login.defs</filename> définit la configuration de "
+"la suite shadow password (mots de passe cachés) pour le système. Ce fichier "
+"est indispensable. Son absence n'empêchera pas le système de fonctionner, "
+"mais aura probablement des conséquences indésirables."
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Ce fichier est un fichier texte, dont chaque ligne décrit un paramètre de "
+"configuration. Les lignes consistent en un nom et une valeur, séparés par "
+"une espace. Les lignes blanches et les lignes de commentaires sont ignorées. "
+"Les commentaires commencent par un caractère « # », qui doit être le premier "
+"caractère non blanc de la ligne."
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+"Les valeurs des paramètres sont de quatre types : chaînes de caractères, "
+"booléens, nombres et nombres longs. Une chaîne de caractères est constituée "
+"de n'importe quels caractères imprimables. Un booléen est soit "
+"<replaceable>yes</replaceable> (oui), soit <replaceable>no</replaceable> "
+"(non). Un paramètre booléen non défini, ou défini avec une valeur autre que "
+"celles-là prendra la valeur <replaceable>no</replaceable>. Un nombre (normal "
+"ou long) peut être soit décimal, soit octal (en précédant la valeur d'un "
+"<replaceable>0</replaceable>), ou encore hexadécimal (en précédant la valeur "
+"de <replaceable>0x</replaceable>). La valeur maximale des paramètres "
+"numériques normaux ou longs dépend de la machine."
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Les paramètres de configuration suivants sont fournis :"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (booléen)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"La valeur <replaceable>yes</replaceable> indique que le programme "
+"<command>chfn</command> nécessitera une authentification avant de procéder à "
+"tout changement, à moins qu'ils ne soient exécutés par le superutilisateur."
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+"Ce paramètre précise quelles valeurs du champ <emphasis remap=\"I\">gecos</"
+"emphasis> du fichier <filename>passwd</filename> peuvent être modifiées par "
+"les utilisateurs ordinaires à l'aide du programme <command>chfn</command>. "
+"Il est constitué d'une combinaison de lettres parmi <replaceable>f</"
+"replaceable>, <replaceable>r</replaceable>, <replaceable>w</replaceable> et "
+"<replaceable>h</replaceable>, correspondant respectivement au nom complet, "
+"au numéro de bureau, au numéro de téléphone professionnel et au numéro de "
+"téléphone personnel. Pour des raisons de compatibilité avec des versions "
+"antérieures, <replaceable>yes</replaceable> est équivalent à "
+"<replaceable>rwh</replaceable> et <replaceable>no</replaceable> à "
+"<replaceable>frwh</replaceable>. S'il n'est pas précisé, seul le "
+"superutilisateur peut effectuer des modifications. Pour une configuration "
+"encore plus restrictive, il sera préférable de ne pas installer "
+"<command>chfn</command> avec l'indicateur SUID positionné."
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (booléen)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"La valeur <replaceable>yes</replaceable> indique que le programme "
+"<command>chsh</command> nécessitera une authentification avant de procéder à "
+"tout changement, à moins qu'ils ne soient exécutés par le superutilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Le caractère ERASE du terminal (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+"La valeur peut être préfixée par « 0 » pour une valeur octale, ou « 0x » "
+"pour une valeur hexadécimale."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+"Le délai en secondes avant qu'un nouvel essai soit permis après un échec de "
+"connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+"Activer l'enregistrement et l'affichage des informations d'échec de "
+"connexion de <filename>/var/log/faillog</filename>"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"Si définie, <command>login</command> exécutera cet interpréteur de commandes "
+"au lieu de l'interpréteur de l'utilisateur spécifié dans <filename>/etc/"
+"passwd</filename>."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+"Si définie, les échecs de connexion seront enregistrés dans le fichier sous "
+"le format utmp"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+"Si définie, le fichier peut désactiver tous les affichages habituels durant "
+"la séquence de connexion. Si un nom de chemin complet est spécifié, alors le "
+"mode taiseux sera activé si le nom ou l'interpréteur de commandes de "
+"l'utilisateur sont trouvés dans le fichier. Si ce n'est pas un nom de chemin "
+"complet, alors le mode taiseux sera activé si le fichier existe dans le "
+"répertoire personnel de l'utilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr "Si définie, le fichier sera affiché avant chaque invite de connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+"Le caractère KILL du terminal (<replaceable>025</replaceable> = CTRL/U)."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+"Activer la journalisation et l'affichage des informations de dernière "
+"connexion de /var/log/lastlog."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "Activer la journalisation des connexions réussies."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+"Activer l'affichage des noms d'utilisateurs inconnus quand les échecs de "
+"connexions sont enregistrés."
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Remarque : la journalisation des noms d'utilisateurs inconnus peut être un "
+"problème de sécurité si un utilisateur entre son mot de passe au lieu de son "
+"nom d'utilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+"Le nombre maximum de tentatives de connexion en cas de mauvais mot de passe."
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"Ce sera probablement écrasé par PAM, puisque le module pam_unix est réglé en "
+"dur pour n'effectuer que 3 tentatives. Toutefois, il s'agit d'une solution "
+"de repli au cas où vous utilisez un module d'authentification qui ne fait "
+"pas appliquer PAM_MAXTRIES."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "Le temps maximum en secondes pour la connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+"Si définie, liste délimitée par des « : » de fichiers de « message du jour » "
+"à afficher lors de la connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+"Si définie, nom de fichier dont la présence empêchera les connexions de "
+"quelqu'un d'autre que le superutilisateur. Le contenu de ces fichiers doit "
+"être un message indiquant pourquoi les connexions sont désactivées."
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"Les paramètres <option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</"
+"option> et <option>PASS_WARN_AGE</option> ne sont utilisés qu'au moment de "
+"la création d'un compte. Les changements n'affecteront pas les comptes "
+"existants."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+"Activer la vérification des restrictions de temps précisées dans <filename>/"
+"etc/porttime</filename>."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+"Les permissions de terminal : la connexion tty appartiendra au groupe "
+"<option>TTYGROUP</option> et les permissions seront configurées à "
+"<option>TTYPERM</option>."
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"Par défaut, le propriétaire du terminal est configuré au groupe primaire de "
+"l'utilisateur et les permissions sont configurées à <replaceable>0600</"
+"replaceable>."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+"<option>TTYGROUP</option> peut être le nom d'un groupe ou un identifiant "
+"numérique de groupe."
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+"Si vous avez un programme <command>write</command> qui est « setgid » à un "
+"groupe spécial auquel les terminaux appartiennent, définissez TTYGROUP comme "
+"l'identifiant numérique du groupe et TTYPERM à 0620. Autrement laissez "
+"TTYGROUP décommenté et TTYPERM configuré soit à 622 soit à 600."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+"Si définie, fichier qui lie les lignes de tty à la variable d'environnement "
+"TERM. Chaque ligne du fichier est dans un format ressemblant à « vt100 "
+"tty01 »."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "Valeur par défaut d'<command>ulimit</command>."
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "RÉFÉRENCES CROISÉES"
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"Les références croisées ci-dessous montrent quels sont les paramètres "
+"utilisés par les différents programmes de la suite shadow password."
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+#: login.defs.5.xml:393(para)
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+#: login.defs.5.xml:474(para)
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"La plupart des fonctionnalités qui étaient fournies par les mots de passe "
+"cachés (« shadow password ») sont désormais gérées par PAM. De ce fait, "
+"<filename>/etc/login.defs</filename> n'est plus utilisé par "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> et moins utilisé par <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> et "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>. Veuillez plutôt vous référer aux fichiers de configuration de "
+"PAM correspondant."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "table de contrôle des connexions"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+"Le fichier <emphasis remap=\"I\">login.access</emphasis> permet de spécifier "
+"des paires (utilisateur, hôte) et/ou (utilisateur, tty) pour lesquelles "
+"toute connexion sera soit acceptée soit refusée."
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+"Lorsqu'un utilisateur se connecte, le fichier <emphasis remap=\"I\">login."
+"access</emphasis> est lu jusqu'à la première entrée correspondant à la paire "
+"(utilisateur, hôte) ou, dans le cas d'une connexion ne passant pas par le "
+"réseau, à la première entrée correspondant au couple (utilisateur, tty). Le "
+"champ des permissions de la table pour cette entrée détermine alors si la "
+"connexion doit être acceptée ou refusée."
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"Chaque ligne de la table de contrôle des connexions (« login access control "
+"table ») est composée de trois champs séparés par le caractère « : » :"
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I"
+"\">utilisateurs</emphasis>:<emphasis remap=\"I\">origines</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+"Le premier champ est soit un « <emphasis>+</emphasis> » (accès autorisé), "
+"soit un « <emphasis>-</emphasis> » (accès refusé). Le second champ est une "
+"liste d'un ou plusieurs noms d'utilisateurs ou de groupes, ou <emphasis>ALL</"
+"emphasis> (correspond à tous les utilisateurs). Le troisième champ est une "
+"liste d'un ou plusieurs noms de tty (pour les connexions hors réseau), noms "
+"d'hôtes, noms de domaines (commençant par un « <literal>.</literal> »), "
+"adresses d'hôte, adresses de sous-réseau (terminant par un « <literal>.</"
+"literal> »), <emphasis>ALL</emphasis> (pour spécifier n'importe quelle "
+"connexion), ou <emphasis>LOCAL</emphasis> (correspond à n'importe quelle "
+"chaîne ne contenant pas de « <literal>.</literal> »). Si vous utilisez NIS, "
+"vous pouvez utiliser @nomdegroupe pour les motifs d'utilisateur et d'hôte."
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+"L'opérateur <emphasis>EXCEPT</emphasis> permet d'écrire des règles très "
+"compactes."
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+"Le fichier d'informations sur les groupes (/etc/group) n'est utilisé que "
+"lorsqu'un nom ne correspond à aucun des utilisateurs connectés. Seuls les "
+"groupes pour lesquels la liste des utilisateurs est spécifiée sont "
+"utilisés : le programme ne recherche pas parmi les groupes primaires des "
+"utilisateurs."
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "Démarrer une session sur le système"
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "hôte"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+"Le programme <command>login</command> permet d'établir une nouvelle session "
+"sur le système. Il est généralement invoqué après avoir répondu à l'invite "
+"de connexion <emphasis remap=\"I\">login:</emphasis> sur le terminal de "
+"l'utilisateur. <command>login</command> peut être spécifique à "
+"l'interpréteur de commandes et ne devrait pas être invoqué comme un sous-"
+"processus. Lorsqu'il est appelé depuis un interpréteur de commande, "
+"<command>login</command> doit être exécuté comme <emphasis remap=\"B\">>exec "
+"login</emphasis>, ce qui entraîne la sortie de l'interpréteur de commandes "
+"en cours (et ainsi empêche le nouvel utilisateur connecté de retourner à la "
+"session de l'appelant). L'exécution de <command>login</command> depuis un "
+"interpréteur de commandes autre qu'un interpréteur de commandes initial "
+"(« login shell ») produira un message d'erreur."
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+"Un mot de passe est ensuite demandé à l'utilisateur. L'affichage du mot de "
+"passe est désactivé pour éviter de révéler le mot de passe. Seul un petit "
+"nombre d'échecs est permis avant que <command>login</command> ne quitte et "
+"que la liaison ne soit interrompue."
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+"Si une date de fin de validité du mot de passe a été définie pour ce compte, "
+"un nouveau mot de passe pourra vous être demandé. Votre ancien mot de passe "
+"et votre nouveau mot de passe vous seront alors demandés avant de pouvoir "
+"continuer. Veuillez lire la page de manuel "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> pour plus d'informations."
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+"Après une connexion réussie, vous serez informé des messages du système et "
+"de la présence de courrier. Vous pouvez désactiver l'affichage du message du "
+"système (<filename>/etc/motd</filename>), en créant un fichier vide "
+"<filename>.hushlogin</filename> dans le répertoire de votre compte. Le "
+"message concernant les courriers sera « <emphasis>You have new mail.</"
+"emphasis> », « <emphasis>You have mail.</emphasis> », ou « <emphasis>No Mail."
+"</emphasis> » suivant l'état de votre boîte aux lettres."
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+"Vos identifiants d'utilisateur et de groupe seront définis en fonction des "
+"valeurs spécifiées dans le fichier <filename>/etc/passwd</filename>. Les "
+"valeurs des variables d'environnement <emphasis>$HOME</emphasis>, <emphasis>"
+"$SHELL</emphasis>, <emphasis>$PATH</emphasis>, <emphasis>$LOGNAME</"
+"emphasis>, et <emphasis>$MAIL</emphasis> seront définies en fonction des "
+"champs appropriés de l'entrée qui vous correspond. Les valeurs d'ulimit, "
+"d'umask et de nice pourront également être affectées en fonction des entrées "
+"du champ GECOS."
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+"Sur certains systèmes, la variable d'environnement <emphasis>$TERM</"
+"emphasis> sera initialisée au type de terminal de votre tty, comme spécifié "
+"dans <filename>/etc/ttytype</filename>."
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"Un script d'initialisation pour votre interpréteur de commandes pourra "
+"également être exécuté. Veuillez vous référer à la section de manuel "
+"appropriée pour plus d'informations sur cette fonctionnalité."
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+"Le programme <command>login</command> n'est PAS responsable de la "
+"suppression d'utilisateurs dans le fichier utmp. Les responsables du "
+"nettoyage de l'appartenance des sessions de terminal sont "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> et <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>. Si vous utilisez "
+"<command>login</command> depuis un interpréteur de commandes sans "
+"<command>exec</command>, l'utilisateur que vous utilisez continuera à "
+"apparaître comme étant connecté même après s'être déconnecté de cette « sous-"
+"session »."
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "Ne pas réaliser d'authentification. L'utilisateur est pré-authentifié."
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+"Remarque : Dans ce cas, <replaceable>username</replaceable> est nécessaire."
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Nom de l'hôte distant pour cette connexion."
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Préserver l'environnement."
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr ""
+"Exécuter le protocole de connexion automatique (autologin) pour rlogin."
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Les options <option>-r</option>, <option>-h</option> et <option>-f</option> "
+"ne peuvent être utilisées que par root."
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Cette version de <command>login</command> comporte de nombreuses options de "
+"compilation. Seules certaines d'entre elles peuvent avoir été activées sur "
+"votre site."
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+"L'emplacement des fichiers peut varier suivant la configuration du système."
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+"Comme pour n'importe quel programme, l'apparence de <command>login</command> "
+"peut être imitée. Si des utilisateurs non sûrs ont un accès physique à la "
+"machine, un attaquant pourrait utiliser cet accès pour obtenir le mot de "
+"passe de la personne qui s'assiérait ensuite face à l'écran. Sous Linux, le "
+"mécanisme SAK peut être utilisé par les utilisateurs pour initier un chemin "
+"de confiance et prévenir ce genre d'attaques."
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Liste des sessions de connexion précédentes."
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "Fichier contenant le message du système."
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "Empêcher les utilisateurs non-root de se connecter."
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "Liste des types de terminaux."
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "Supprimer l'affichage des messages du système."
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr "Luca"
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr "Berra"
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "définition des limites de ressources"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+"Le fichier <emphasis remap=\"I\">limits</emphasis> (<filename>/etc/limits</"
+"filename> par défaut ou LIMITS_FILE définit dans <filename>config.h</"
+"filename>) décrit les limites de ressource que vous voulez imposer. Il doit "
+"être possédé et ne doit être lisible que par le compte root."
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+"Par défaut, aucun quota (aucune limite) n'est imposé à « root ». En fait, il "
+"n'est pas possible d'imposer de cette façon de limite aux comptes root ou "
+"équivalents (comptes ayant un UID de 0)."
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr ""
+"Chaque ligne décrit une limite pour un utilisateur, elle est de la forme "
+"suivante :"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "utilisateur LISTE_DE_LIMITES"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "ou sous la forme :"
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@groupe LISTE_DE_LIMITES"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"Où <emphasis>LISTE_DE_LIMITES</emphasis> est une chaîne construite par la "
+"concaténation d'une liste de limites de ressource. Chaque limite consiste en "
+"une lettre (identifiant le type de limite) et une valeur numérique."
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "Les identifiants possibles sont :"
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A : espace d'adressage maximal (en kilo octets)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+"C : taille maximale d'un fichier image de la mémoire (« core », en kilo "
+"octets)"
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr ""
+"D : taille maximale du segment de données d'un programme (en kilo octets)"
+
+#: limits.5.xml:111(para)
+msgid "F: maximum filesize (KB)"
+msgstr "F : taille maximale des fichiers (en kilo octets)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K : masque de création de fichier, défini par "
+"<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></"
+"citerefentry>."
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr "I : valeur nice maximum (0..39 qui sera traduit en 20..-19)"
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L : nombre maximal de connexions simultanées pour cet utilisateur"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+"M : taille maximale de mémoire verrouillée (« locked-in-memory », en kilo "
+"octets)"
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N : nombre maximal de fichiers ouverts"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O : priorité temps réel maximale"
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P : priorité des processus, défini par "
+"<citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+"R : taille maximale de la mémoire résidente (« resident set size », en kilo "
+"octets)"
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S : taille maximale de la pile (en kilo octets)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T : temps processeur maximal consommé (en minutes)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U : nombre maximal de processus"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"Par exemple, <emphasis remap=\"I\">L2D2048N5</emphasis> est une chaîne "
+"<emphasis>LISTE_DE_LIMITES</emphasis> valable. Pour faciliter la lecture, "
+"les entrées suivantes sont équivalentes :"
+
+# NOTE: elle va pas cette chaîne
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+" username L2D2048N5\n"
+" username L2 D2048 N5\n"
+" "
+msgstr ""
+"\n"
+" utilisateur L2D2048N5\n"
+" utilisateur L2 D2048 N5\n"
+" "
+
+#: limits.5.xml:145(para)
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. A "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+"Attention : tout ce qui suit <emphasis remap=\"I\">utilisateur</emphasis> "
+"est considéré comme une limite de chaîne. Les commentaires ne sont pas "
+"autorisés. Une chaîne de limites non valable sera rejetée (non utilisée) par "
+"le programme <command>login</command>."
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+"L'entrée par défaut est représentée par un utilisateur dénommé "
+"« <emphasis>*</emphasis> ». Si plusieurs entrées par défaut sont présentes "
+"dans le fichier de limites, alors seule la dernière sera prise en compte."
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"Les limites précisées sous la forme « <replaceable>@groupe</replaceable> » "
+"s'appliquent aux membres du <replaceable>groupe</replaceable> précisé."
+
+#: limits.5.xml:165(para)
+msgid ""
+"If more than one line with limits for an user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"Si plusieurs lignes avec des limites pour un utilisateur existent, seule la "
+"première ligne pour cet utilisateur sera prise en compte."
+
+#: limits.5.xml:170(para)
+msgid ""
+"If no lines are specified for an user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+"Si aucune ligne n'est précisée pour l'utilisateur, la dernière ligne "
+"<replaceable>@groupe</replaceable> correspondant à un groupe auquel "
+"l'utilisateur appartient sera prise en compte, ou la dernière ligne avec les "
+"limites par défaut si aucun groupe ne contient l'utilisateur."
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+"Un simple tiret « <emphasis>-</emphasis> » sera suffisant pour désactiver "
+"toute limite à un utilisateur, "
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+"Afin de désactiver une limite pour un utilisateur, un simple tiret "
+"« <replaceable>-</replaceable> » peut être utilisé au lieu d'une valeur "
+"numérique pour cette limite."
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+"Notez également que les limites ne sont configurées que PAR CONNEXION. Il "
+"n'y a pas de limite globale ou permanente. Des limites globales pourraient "
+"voir le jour, mais pour l'instant, il faut faire sans."
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+"signaler les connexions les plus récentes de tous les utilisateurs ou d'un "
+"utilisateur donné"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"<command>lastlog</command> affiche le contenu du journal des dernières "
+"connexions (<filename>/var/log/lastlog</filename>). Les champs "
+"<emphasis>Utilisateur</emphasis>, <emphasis>Port</emphasis>, date de "
+"<emphasis>Dernière</emphasis> connexion sont affichés. Par défaut (aucune "
+"option de spécifiée), les entrées de lastlog sont affichées triées par ordre "
+"d'apparition dans <filename>/etc/passwd</filename>."
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>lastlog</command> sont :"
+
+#: lastlog.8.xml:97(term)
+#| msgid ""
+#| "<option>-b</option>, <option>--before</option><replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>JOURS</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"N'afficher que les entrées du fichier lastlog plus anciennes que <emphasis "
+"remap=\"I\">JOURS</emphasis>."
+
+#: lastlog.8.xml:127(term) faillog.8.xml:192(term)
+#| msgid ""
+#| "<option>-t</option>, <option>--time</option><replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>JOURS</"
+"replaceable>"
+
+#: lastlog.8.xml:131(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"Afficher les entrées du fichier lastlog plus récentes que <emphasis remap=\"I"
+"\">JOURS</emphasis>."
+
+#: lastlog.8.xml:138(term) faillog.8.xml:202(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option><replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: lastlog.8.xml:142(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr "N'afficher que les entrées correspondant aux utilisateurs indiqués."
+
+#: lastlog.8.xml:145(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+"Les utilisateurs peuvent être précisés par un nom de connexion, un "
+"identifiant numérique d'utilisateur ou un <replaceable>INTERVALLE</"
+"replaceable> d'utilisateurs. Cet <replaceable>INTERVALLE</replaceable> "
+"d'utilisateurs peut être précisé avec des valeurs minimale et maximale "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), seulement une valeur maximale "
+"(<replaceable>-UID_MAX</replaceable>) ou une valeur minimale "
+"(<replaceable>UID_MIN-</replaceable>)."
+
+#: lastlog.8.xml:157(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"Dans le cas où l'utilisateur ne s'est jamais connecté, le message "
+"« <emphasis>**Never logged in**</emphasis> » (« <emphasis>**Jamais "
+"connecté**</emphasis> ») est affiché à la place des champs <emphasis>Port</"
+"emphasis> et date de <emphasis>Dernière</emphasis> connexion."
+
+#: lastlog.8.xml:162(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+"Seules les entrées pour les utilisateurs actuels du système seront "
+"affichées. D'autres entrées peuvent exister pour les utilisateurs supprimés "
+"précédemment."
+
+#: lastlog.8.xml:170(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "NOTE"
+
+#: lastlog.8.xml:171(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Le fichier <filename>lastlog</filename> est une base de données qui contient "
+"des informations concernant la dernière connexion de chaque utilisateur. "
+"Vous n'avez pas à faire de rotation (avec <command>logrotate</command>) sur "
+"ce fichier. C'est un fichier « creux », donc sa taille sur le disque est "
+"bien plus petite que celle affichée par « <command>ls -l</command> » (qui "
+"peut indiquer un très gros fichier si vous avez des utilisateurs avec des "
+"UID élevés). Vous pouvez afficher sa taille réelle avec « <command>ls -s</"
+"command> »."
+
+#: lastlog.8.xml:185(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:187(para)
+msgid "Database times of previous user logins."
+msgstr ""
+"Base de données de l'heure des connexions précédentes des utilisateurs."
+
+#: lastlog.8.xml:195(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"S'il y a des trous importants dans les valeurs des UID, <command>lastlog</"
+"command> s'exécutera plus lentement, sans affichage à l'écran (par exemple, "
+"s'il n'y a pas d'entrée pour les utilisateurs ayant un UID compris entre 170 "
+"et 800 dans base de données lastlog, le programme lastlog semblera bloqué "
+"comme s'il traitait les entrées correspondant aux UID 171 à 799)."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr "Création, 2005"
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "informations cachées sur les groupes"
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"<filename>/etc/gshadow</filename> contient les informations cachées sur les "
+"groupes."
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+"Chaque ligne de ce fichier contient les champs suivants, séparés par des "
+"deux-points (« : ») :"
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "nom du groupe"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "Ce doit être un nom de groupe valable, qui existe sur le système."
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Si le champ du mot de passe contient une chaîne qui ne peut pas être un "
+"résultat valable de <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si elle "
+"contient les caractères « ! » ou « * », les utilisateurs ne pourront pas "
+"utiliser le mot de passe UNIX pour accéder au groupe (mais les membres du "
+"groupe n'ont pas besoin de mot de passe)."
+
+#: gshadow.5.xml:97(para)
+msgid ""
+"The password is used when an user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Le mot de passe est utilisé quand un utilisateur non membre du groupe veut "
+"obtenir les permissions de ce groupe (consultez "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>)."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+"Ce champ peut être vide. Dans ce cas seuls les membres du groupe peuvent "
+"obtenir les permissions du groupe."
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+"Ce mot de passe remplace tout mot de passe indiqué dans <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "administrateurs"
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "Ce champ doit être une liste d'utilisateurs, séparés par des virgules."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+"Les administrateurs peuvent modifier le mot de passe ou les membres du "
+"groupe."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"Les administrateurs peuvent aussi avoir les mêmes permissions que les "
+"membres (voir ci-dessous)."
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "membres"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+"Les membres peuvent accéder au groupe sans qu'un mot de passe ne leur soit "
+"demandé."
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Vous devez utiliser la même liste d'utilisateurs que dans <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "Vérifier l'intégrité des fichiers d'administration des groupes"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+"La commande <command>grpck</command> vérifie l'intégrité des informations "
+"sur les groupes du système. Toutes les entrées de <filename>/etc/group</"
+"filename> <phrase condition=\"gshadow\"> et <filename>/etc/gshadow</"
+"filename></phrase> sont vérifiées afin de s'assurer qu'elles ont le bon "
+"format et qu'elles contiennent des données valables dans chaque champ. Une "
+"confirmation de l'utilisateur sera demandée pour détruire les entrées mal "
+"formatées ou ayant d'autres erreurs non récupérables."
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "unicité et validité des noms de groupe ;"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"validité des identifiants de groupe <phrase condition=\"gshadow\"> "
+"(seulement <filename>/etc/group</filename>)</phrase> ;"
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+"validité de la liste de membres <phrase condition=\"gshadow\"> et "
+"d'administrateurs</phrase> ;"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+"correspondance d'entrée dans le fichier <filename>/etc/gshadow</filename> "
+"(respectivement <filename>/etc/group</filename> pour les vérifications de "
+"<filename>gshadow</filename>)."
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+"Une erreur dans le nombre de champs ou la non unicité d'un nom de groupe "
+"sera fatale. Si le nombre de champs n'est pas correct, il sera demandé à "
+"l'utilisateur de supprimer la ligne. Si l'utilisateur ne répond pas par "
+"l'affirmative, les vérifications suivantes ne seront pas effectuées. Il sera "
+"également demandé de supprimer les entrées correspondant aux noms de groupe "
+"redondants, mais dans ce cas, les autres vérifications seront effectuées. "
+"Toutes les autres erreurs ne sont que des avertissements et l'utilisateur "
+"est encouragé à utiliser <command>groupmod</command> pour les corriger."
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+"Les commandes qui opèrent sur <phrase condition=\"no_gshadow\">le fichier</"
+"phrase> <phrase condition=\"gshadow\">les fichiers</phrase> <filename>/etc/"
+"group</filename> <phrase condition=\"gshadow\">et <filename>/etc/gshadow</"
+"filename></phrase> ne peuvent pas modifier les entrées corrompues ou "
+"redondantes. <command>grpck</command> doit être utilisée dans ce cas pour "
+"supprimer ces entrées."
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>grpck</command> sont :"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+"Exécute la commande <command>grpck</command> en mode lecture seule. Cela "
+"signifie qu'à toutes les questions concernant des modifications il sera "
+"répondu <emphasis>no</emphasis> sans l'intervention de l'utilisateur."
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"Trie les entrées de <filename>/etc/group</filename> <phrase condition="
+"\"gshadow\">et <filename>/etc/gshadow</filename></phrase> par GID."
+
+#: grpck.8.xml:196(para)
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"Par défaut, <command>grpck</command> opère sur <filename>/etc/group</"
+"filename> <phrase condition=\"gshadow\">et <filename>/etc/gshadow</"
+"filename></phrase>. L'utilisateur peut préciser d'autres fichiers avec "
+"<phrase condition=\"no_gshadow\">le paramètre</phrase><phrase condition="
+"\"gshadow\">les paramètres</phrase> <emphasis remap=\"I\">group</emphasis> "
+"<phrase condition=\"gshadow\"> et <emphasis remap=\"I\">shadow</emphasis></"
+"phrase>."
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "une entrée de groupe ou plus est incorrecte"
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "impossible d'ouvrir les fichiers group"
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "impossible de verrouiller les fichiers group"
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "impossible de mettre à jour les fichiers group"
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>grpck</command> renvoie les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "Afficher la liste des groupes auxquels appartient l'utilisateur"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "utilisateur"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+"La commande <command>groups</command> affiche la liste des noms de groupe "
+"(ou leur identifiant numérique) de l'utilisateur courant. Si une valeur n'a "
+"pas d'entrée correspondante dans <filename>/etc/group</filename>, "
+"l'identifiant numérique du groupe est affiché. Le paramètre optionnel "
+"<emphasis remap=\"I\">utilisateur</emphasis> permet d'afficher la liste des "
+"groupes pour cet utilisateur."
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+"Sur les systèmes qui ne gèrent pas l'appartenance à plusieurs groupes, "
+"seules les informations contenues dans <filename>/etc/group</filename> sont "
+"affichées. L'utilisateur doit utiliser <command>newgrp</command> ou "
+"<command>sg</command> pour modifier l'identifiant de groupe réel et effectif."
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "Modifier la définition d'un groupe du système"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GROUPE"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"La commande <command>groupmod</command> modifie la définition du "
+"<replaceable>GROUPE</replaceable> spécifié en modifiant l'entrée "
+"correspondante de la base de données des groupes."
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupmod</command> sont :"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+#| msgid ""
+#| "<option>-g</option>, <option>--gid</option><replaceable>GID</replaceable>"
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"L'identifiant numérique du groupe <replaceable>GROUPE</replaceable> sera "
+"modifié vers <emphasis remap=\"I\">GID</emphasis>."
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"La valeur de <replaceable>GID</replaceable> doit être un nombre décimal "
+"positif. Cette valeur doit être unique, à moins que l'option <option>-o</"
+"option> ne soit utilisée."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"Les utilisateurs qui utilisent ce groupe comme groupe primaire seront mis à "
+"jour pour garder le groupe comme groupe primaire."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+"Vous devrez modifier vous-même l'identifiant de groupe des fichiers ayant "
+"l'ancien identifiant de groupe qui doivent continuer à appartenir au "
+"<replaceable>GROUPE</replaceable>."
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, ou "
+"<option>SYS_GID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: groupmod.8.xml:135(term)
+#| msgid ""
+#| "<option>-n</option>, <option>--new-name</option><replaceable>NEW_GROUP</"
+#| "replaceable>"
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NOUVEAU_NOM_GROUPE</replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Le nom du groupe sera modifié de <emphasis remap=\"I\">GROUPE</emphasis> "
+"vers <emphasis remap=\"I\">NOUVEAU_NOM_GROUPE</emphasis>."
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"En combinaison avec l'option <option>-g</option>, cette option permet de "
+"changer l'identifiant du groupe (<replaceable>GID</replaceable>) vers une "
+"valeur déjà utilisée."
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "nom de groupe déjà utilisé"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupmod</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr "George"
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr "Kraft"
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr "IV"
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr "Création, 2000"
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "Administrer les membres du groupe primaire d'un utilisateur"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "nom_utilisateur"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "nom_groupe"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+"La commande <command>groupmems</command> permet à un utilisateur "
+"d'administrer la liste des membres de son propre groupe sans avoir les "
+"privilèges du superutilisateur. L'utilitaire <command>groupmems</command> a "
+"été conçu pour les systèmes qui configurent leurs utilisateurs de telle "
+"sorte qu'ils soient responsables de leur groupe primaire (par exemple guest/"
+"guest)."
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Seul le superutilisateur, en tant qu'administrateur, peut utiliser "
+"<command>groupmems</command> pour modifier la liste des membres d'un autre "
+"groupe."
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupmems</command> sont :"
+
+#: groupmems.8.xml:107(term)
+#| msgid ""
+#| "<option>-a</option>, <option>--add</option><replaceable>user_name</"
+#| "replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;"
+"<replaceable>nom_utilisateur</replaceable>"
+
+#: groupmems.8.xml:109(para)
+msgid "Add an user to the group membership list."
+msgstr "Ajouter un utilisateur à la liste des membres du groupe."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"Si le fichier <filename>/etc/gshadow</filename> existe, et que le groupe n'y "
+"a pas d'entrée, une nouvelle entrée sera créée."
+
+#: groupmems.8.xml:118(term)
+#| msgid ""
+#| "<option>-d</option>, <option>--delete</option><replaceable>user_name</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>nom_utilisateur</replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Supprimer un utilisateur de la liste des membres du groupe."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"Si le fichier <filename>/etc/gshadow</filename> existe, l'utilisateur sera "
+"retiré de la liste des membres et des administrateurs du groupe."
+
+#: groupmems.8.xml:134(term)
+#| msgid ""
+#| "<option>-g</option>, <option>--group</option><replaceable>group_name</"
+#| "replaceable>"
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>nom_groupe</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+"Le superutilisateur peut préciser la liste des membres du groupe à modifier."
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "Afficher la liste des membres du groupe."
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "Supprimer tous les utilisateurs de la liste des membres du groupe."
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr "CONFIGURATION"
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+"L'exécutable <command>groupmems</command> doit être installé en mode "
+"<literal>2770</literal> avec pour utilisateur <emphasis>root</emphasis> et "
+"pour groupe <emphasis>groups</emphasis>. L'administrateur système peut "
+"ajouter des utilisateurs au groupe <emphasis>groups</emphasis> pour leur "
+"permettre ou leur interdire d'utiliser <command>groupmems</command> pour "
+"gérer leur propre liste de membres du groupe."
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+" "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "informations cachées sur les groupes"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "Supprimer un groupe"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"La commande <command>groupdel</command> modifie les fichiers "
+"d'administration des comptes du système, en supprimant les entrées qui se "
+"réfèrent à <replaceable>groupe</replaceable>. Le groupe indiqué doit exister."
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupdel</command> sont :"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Vous ne pouvez pas supprimer le groupe primaire d'un utilisateur existant. "
+"Vous devez supprimer l'utilisateur auparavant."
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Vous devriez vérifier vous-même qu'aucun fichier possédé par le groupe ne "
+"subsiste sur tous les systèmes de fichiers."
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "impossible de supprimer le groupe primaire d'un utilisateur existant"
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupdel</command> renvoie les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "Créer un nouveau groupe"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+"La commande <command>groupadd</command> crée un nouveau compte de groupe en "
+"utilisant les valeurs spécifiées sur la ligne de commande et les valeurs par "
+"défaut du système. Le nouveau groupe sera inséré dans les fichiers du "
+"système selon les besoins."
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupadd</command> sont :"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+"Avec cette option, la commande quittera juste avec un état de succès si le "
+"groupe indiqué existe déjà. Avec l'option <option>-g</option>, si "
+"l'identifiant de groupe indiqué existe déjà, un autre identifiant de groupe "
+"(non utilisé) sera choisi (c.-à-d. que <option>-g</option> est désactivée)."
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"La valeur numérique de l'identifiant du groupe (« group ID » ou GID). Cette "
+"valeur doit être unique, sauf si l'option <option>-o</option> est utilisée. "
+"La valeur ne doit pas être négative. Par défaut, le plus petit identifiant "
+"supérieur au <option>GID_MIN</option> et aux identifiants des groupes "
+"existants est utilisé."
+
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Voir aussi aussi la description des options <option>-r</option> et "
+"<option>GID_MAX</option>."
+
+# NOTE: missing <filename>
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Surcharger les valeurs par défaut du fichier <filename>/etc/login.defs</"
+"filename> (GID_MIN, GID_MAX et autres). L'option <option>-K</option> peut "
+"être indiquée plusieurs fois."
+
+#: groupadd.8.xml:146(para)
+#| msgid ""
+#| "Example: <option>-K </option><replaceable>GID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable><option>-K </"
+#| "option><replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Exemple : <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+#| msgid ""
+#| "Note: <option>-K </option><replaceable>GID_MIN</"
+#| "replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+#| "replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Remarque : <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> ne fonctionne pas pour l'instant."
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+"Cette option permet d'ajouter un groupe avec un identifiant (« GID ») déjà "
+"utilisé."
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "Créer un groupe système."
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+"Les identifiants numériques des nouveaux groupes systèmes sont choisis dans "
+"l'intervalle <option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option>, "
+"défini dans <filename>login.defs</filename>, au lieu de <option>GID_MIN</"
+"option>-<option>GID_MAX</option>"
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Les noms de groupe doivent commencer par une lettre minuscule ou un tiret "
+"bas (« underscore »), et seuls des lettres minuscules, des chiffres, des "
+"« underscore », ou des tirets peuvent suivre. Ils peuvent se terminer par un "
+"signe dollar. Soit, sous la forme d'une expression rationnelle : [a-z_][a-"
+"z0-9_-]*[$]?"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr "Les noms de groupe sont limités à &GROUP_NAME_MAX_LENGTH; caractères."
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Vous ne pouvez pas ajouter d'utilisateur à un groupe NIS ou LDAP. Cela doit "
+"être effectué sur le serveur correspondant."
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+"Si le nom du groupe existe dans une base de données externe, telle que NIS "
+"ou LDAP, <command>groupadd</command> refusera de créer le groupe."
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID déjà utilisé (et <option>-o</option> n'est pas utilisé)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "nom de groupe déjà utilisé"
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupadd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr "Rafal"
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr "Maszkowski"
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "Administrer <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "Administrer <placeholder-1/> et <placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "option"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+"La commande <command>gpasswd</command> est utilisée pour administrer "
+"<filename>/etc/group</filename><phrase condition=\"gshadow\"> et <filename>/"
+"etc/gshadow</filename></phrase>. Chaque groupe peut avoir <phrase condition="
+"\"gshadow\">des administrateurs,</phrase> des membres et un mot de passe."
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+"Les administrateurs système peuvent utiliser l'option <option>-A</option> "
+"pour définir un ou des administrateurs de groupe et l'option <option>-M</"
+"option> pour définir les membres. Ils ont tous les droits des "
+"administrateurs et membres du groupe."
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+"<command>gpasswd</command> appelée par <phrase condition=\"gshadow\">un "
+"administrateur de groupe</phrase><phrase condition=\"no_gshadow\">un "
+"administrateur système</phrase> avec un nom de groupe demande seulement le "
+"nouveau mot de passe du <replaceable>groupe</replaceable>."
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Si un mot de passe est configuré, les membres peuvent toujours utiliser "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> sans mot de passe. Les non membres doivent fournir le mot de "
+"passe."
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Notes sur les mots de passe de groupe"
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+"Les mots de passe de groupe représentent naturellement un risque en matière "
+"de sécurité, puisque plusieurs personnes ont connaissance du mot de passe. "
+"Cependant, les groupes sont utiles pour permettre la coopération entre "
+"différents utilisateurs."
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"À part les options <option>-A</option> et <option>-M</option>, les options "
+"ne peuvent pas être combinées."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "Les options ne peuvent pas être combinées."
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>gpasswd</command> sont :"
+
+#: gpasswd.1.xml:147(term)
+#| msgid ""
+#| "<option>-a</option>, <option>--add</option><replaceable>user</replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>utilisateur</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Ajouter l'<replaceable>utilisateur</replaceable> à ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:160(term)
+#| msgid ""
+#| "<option>-d</option>, <option>--delete</option><replaceable>user</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"Enlever l'<replaceable>utilisateur</replaceable> de ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:181(term)
+#| msgid ""
+#| "<option>-Q</option>, <option>--root</option><replaceable>CHROOT_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>RÉP_CHROOT</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+"Enlever le mot de passe pour ce <replaceable>groupe</replaceable>. Le mot de "
+"passe du groupe sera vide. Seuls les membres du groupe seront autorisés à "
+"utiliser <command>newgrp</command> pour rejoindre ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Restreindre l'accès à ce <replaceable>groupe</replaceable>. Le mot de passe "
+"du groupe est défini à « ! ». Seuls les membres du groupe seront autorisés à "
+"utiliser <command>newgrp</command> pour rejoindre ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:227(term)
+#| msgid ""
+#| "<option>-A</option>, <option>--administrators</option><replaceable>user</"
+#| "replaceable>,..."
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>,..."
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "Configurer la liste des administrateurs."
+
+#: gpasswd.1.xml:239(term)
+#| msgid ""
+#| "<option>-M</option>, <option>--members</option><replaceable>user</"
+#| "replaceable>,..."
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>,..."
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "Configurer la liste des membres du groupe."
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+"Cet outil ne fonctionne que sur <phrase condition=\"no_gshadow\">le fichier</"
+"phrase><phrase condition=\"gshadow\">les fichiers</phrase> <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\"> et <filename>/etc/gshadow</"
+"filename></phrase>. Par conséquent vous ne pouvez modifier aucun groupe NIS "
+"ou LDAP. Cela doit être effectué sur le serveur correspondant."
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+"Examiner le fichier faillog, et configurer les limites d'échecs de connexion"
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+"<command>faillog</command> affiche le contenu du journal des échecs de "
+"connexion (<filename>/var/log/faillog</filename>). Il peut aussi configurer "
+"le décompte et les limitations de ces échecs. Exécuter <command>faillog</"
+"command> sans argument n'affiche que la liste des échecs des utilisateurs "
+"qui ont déjà eu un échec de connexion."
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>faillog</command> sont :"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+"Afficher (ou agir sur) les enregistrements d'erreurs de connexion pour tous "
+"les utilisateurs ayant une entrée dans la base de données <filename>faillog</"
+"filename>."
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+"La liste des utilisateurs peut être limitée avec l'option <option>-u</"
+"option>."
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+"En mode affichage, toujours limitée aux utilisateurs existants, mais "
+"l'affichage des entrées d'erreur de connexion est imposé même si elles sont "
+"vides."
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+"Avec les options <option>-l</option>, <option>-m</option>, <option>-r</"
+"option> ou <option>-t</option> les enregistrements des utilisateurs sont "
+"modifiés, même si l'utilisateur n'existe pas sur le système. C'est utile "
+"pour remettre à zéro les enregistrements des utilisateurs qui ont été "
+"supprimés ou pour mettre en place une politique préventive pour un ensemble "
+"d'utilisateurs."
+
+#: faillog.8.xml:128(term)
+#| msgid ""
+#| "<option>-l</option>, <option>--lock-secs</option><replaceable>SEC</"
+#| "replaceable>"
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+
+# NOTE: s/to/during/
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"Verrouiller le compte pendant <replaceable>SEC</replaceable> secondes après "
+"un échec de connexion."
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+"L'accès en écriture sur <filename>/var/log/faillog</filename> est nécessaire "
+"pour cette option."
+
+#: faillog.8.xml:143(term)
+#| msgid ""
+#| "<option>-m</option>, <option>--maximum</option><replaceable>MAX</"
+#| "replaceable>"
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"Configurer le nombre maximum d'échecs de connexion après lequel le compte "
+"sera désactivé à <replaceable>MAX</replaceable>."
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+"Sélectionner une valeur <replaceable>MAX</replaceable> de 0 a pour effet de "
+"ne placer aucune limite sur le nombre d'échecs de connexion."
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+"Le compteur d'erreurs maximum doit toujours être 0 pour <emphasis>root</"
+"emphasis> afin d'éviter les attaques de type déni de service sur le système."
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "Remettre à zéro le compteur d'échecs de connexion."
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+"Afficher les entrées de faillog plus récentes que <replaceable>JOURS</"
+"replaceable>."
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+"Afficher l'entrée de faillog ou maintient le décompte et les limitations "
+"(suivant que l'option <option>-l</option>, <option>-m</option> ou <option>-"
+"r</option> est utilisée) seulement pour les utilisateurs indiqués."
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"Quand aucune des options <option>-l</option>, <option>-m</option> ou "
+"<option>-r</option> n'est utilisée, <command>faillog</command> affiche "
+"l'enregistrement des échecs de connexion des utilisateurs précisés."
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+"<command>faillog</command> n'affiche que les utilisateurs n'ayant pas eu de "
+"connexion réussie depuis leur dernier échec. Pour afficher un utilisateur "
+"ayant eu une connexion réussie depuis son dernier échec, vous devez "
+"explicitement demander cet utilisateur avec l'option <option>-u</option>, ou "
+"demander l'affichage de tous les utilisateurs avec l'option <option>-a</"
+"option>."
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr "Journal des échecs de connexion."
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "journal des échecs de connexion"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+"<filename>/var/log/faillog</filename> maintient un compte des échecs de "
+"connexion et les limites pour chaque compte."
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+"Le fichier contient un nombre constant d'enregistrements, triés par "
+"identifiant d'utilisateur numérique. Chaque enregistrement contient le "
+"nombre d'échecs de connexion depuis la dernière connexion réussie, le nombre "
+"maximum d'échecs de connexion avant désactivation du compte, la ligne sur "
+"laquelle a eu lieu le dernier échec de connexion, la date du dernier échec "
+"de connexion et la durée (en seconde) pendant laquelle le compte sera "
+"verrouillé après un échec."
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "La structure du fichier est la suivante :"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt;\n"
+"\tshort fail_max;\n"
+"\tchar fail_line[12];\n"
+"\ttime_t fail_time;\n"
+"\tlong fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort fail_cnt; /* compteur des échecs */\n"
+"\tshort fail_max; /* nb max avant désactivation */\n"
+"\tchar fail_line[12]; /* ligne du dernier échec */\n"
+"\ttime_t fail_time; /* date du dernier échec */\n"
+"\tlong fail_locktime;};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr "Création, 1990"
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "Vérifier et sécuriser la durée de validité des mots de passe"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"Avec l'option <option>-c</option>, <command>expiry</command> vérifie la "
+"validité du mot de passe de l'utilisateur actuel, et force (avec l'option "
+"<option>-f</option>) des modifications si nécessaire. Il peut être appelé "
+"par un utilisateur normal."
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>expiry</command> sont :"
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr ""
+"Vérifier la durée de validité du mot de passe de l'utilisateur courant."
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+"Forcer le changement du mot de passe si l'utilisateur courant possède un mot "
+"de passe qui a expiré."
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "Changer l'interpréteur de commandes initial"
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"La commande <command>chsh</command> modifie l'interpréteur de commandes "
+"initial (« login shell ») de l'utilisateur qui sera invoqué lors des "
+"connexions de l'utilisateur. Un utilisateur normal ne peut changer que "
+"l'interpréteur associé à son propre compte. Le superutilisateur peut changer "
+"l'interpréteur de commandes initial de n'importe quel compte."
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Les options applicables à la commande <command>chsh</command> sont :"
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Quand l'option <option>-s</option> n'est pas sélectionnée, <command>chsh</"
+"command> opère de façon interactive, demandant à l'utilisateur quel doit "
+"être le nouvel interpréteur de commandes initial (« login shell »). "
+"L'utilisateur pourra entrer une nouvelle valeur pour modifier "
+"l'interpréteur, ou laisser la ligne blanche pour conserver l'interpréteur "
+"actuel. L'interpréteur actuel est indiqué entre crochets (<emphasis>[ ]</"
+"emphasis>)."
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"La seule restriction placée sur l'interpréteur de commandes initial (« login "
+"shell ») est que cette commande doit faire partie de <filename>/etc/shells</"
+"filename>, à moins qu'elle ne soit invoquée par le superutilisateur, qui "
+"peut ajouter n'importe quelle valeur. Un compte avec un interpréteur de "
+"commandes initial restreint ne peut pas changer son interpréteur. Pour cette "
+"raison, il est déconseillé de placer <filename>/bin/rsh</filename> dans "
+"<filename>/etc/shells</filename>, puisqu'une modification accidentelle vers "
+"un interpréteur restreint empêchera alors l'utilisateur de revenir ensuite à "
+"l'interpréteur précédent."
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Liste des interpréteurs de commandes initiaux valables."
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "Mettre à jour des mots de passe par lot"
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"La commande <command>chpasswd</command> lit une liste de paires de noms "
+"d'utilisateurs et de mots de passe depuis l'entrée standard et utilise ces "
+"informations pour mettre à jour un groupe d'utilisateurs existants. Chaque "
+"ligne est au format suivant :"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nom_utilisateur</emphasis>:<emphasis remap=\"I"
+"\">mot_de_passe</emphasis>"
+
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Par défaut, les mots de passe doivent être fournis en clair, et sont "
+"chiffrés par <command>chpasswd</command>. L'âge du mot de passe sera "
+"également mis à jour, s'il est présent."
+
+#: chpasswd.8.xml:97(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwitten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"L'algorithme de chiffrement par défaut peut être défini pour le système à "
+"l'aide des variables <option>ENCRYPT_METHOD</option> ou "
+"<option>MD5_CRYPT_ENAB</option> de <filename>/etc/login.defs</filename>, et "
+"peut être surchargé par les options <option>-e</option>, <option>-m</option> "
+"ou <option>-c</option>"
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"Par défaut les mots de passe sont chiffrés par PAM, mais (même si cela est "
+"déconseillé) vous pouvez sélectionner une méthode de chiffrement différente "
+"avec les options <option>-e</option>, <option>-m</option> ou <option>-c</"
+"option>."
+
+#: chpasswd.8.xml:111(para)
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occured for "
+"any user."
+msgstr ""
+"<phrase condition=\"pam\">Sauf quand PAM est utilisé pour chiffrer les mots "
+"de passe, </phrase><command>chpasswd</command> modifie d'abord tous les mots "
+"de passe en mémoire, puis propage toutes les modifications sur le disque si "
+"aucune erreur n'a eu lieu, quelque soit l'utilisateur."
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+"Quand PAM est utilisé pour chiffrer les mots de passe (et pour mettre à jour "
+"les mots de passe dans la base de données du système), si aucun mot de passe "
+"ne peut être mis à jour, <command>chpasswd</command> continuera la mise à "
+"jour des mots de passe pour les utilisateurs suivants, et renverra un code "
+"d'erreur en sortie."
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Cette commande est destinée aux gros systèmes pour lesquels un nombre "
+"importants de comptes sont créés en une seule fois."
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chpasswd</command> sont :"
+
+#: chpasswd.8.xml:137(term)
+#| msgid ""
+#| "<option>-c</option>, <option>--crypt-method</option><replaceable>METHOD</"
+#| "replaceable>"
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>MÉTHODE</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "Les méthodes disponibles sont DES, MD5 et NONE."
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "Par défaut, PAM est utilisé pour chiffrer les mots de passe."
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut (si aucune des options <option>-c</option>, <option>-m</option> "
+"ou <option>-e</option> n'est précisée), la méthode de chiffrement est "
+"définie par les variables <option>ENCRYPT_METHOD</option> ou "
+"<option>MD5_CRYPT_ENAB</option> de <filename>/etc/login.defs</filename>."
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Indiquer que les mots de passe fournis sont chiffrés."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"Permettre d'utiliser le chiffrement MD5, plutôt que DES, lorsque les mots de "
+"passe fournis ne sont pas chiffrés."
+
+#: chpasswd.8.xml:200(term)
+#| msgid ""
+#| "<option>-s</option>, <option>--sha-rounds</option><replaceable>ROUNDS</"
+#| "replaceable>"
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut, le nombre de rounds est défini par les variables "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> et <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> dans <filename>/etc/login.defs</filename>."
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Pensez à configurer les permissions ou umask afin d'empêcher la lecture des "
+"fichiers non chiffrés par les autres utilisateurs."
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "Configuration de PAM pour <command>chpasswd</command>."
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr "Création, 2006"
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "Mettre à jour par lot des mots de passe des groupes"
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"La commande <command>chgpasswd</command> lit une liste de paires de noms de "
+"groupes et de mots de passe depuis l'entrée standard et utilise ces "
+"informations pour mettre à jour un ensemble de groupes existants. Chaque "
+"ligne est au format suivant :"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nom_utilisateur</emphasis>:<emphasis remap=\"I"
+"\">mot_de_passe</emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Par défaut, le mot de passe doit être fourni en clair, et est chiffré par "
+"<command>chgpasswd</command>."
+
+#: chgpasswd.8.xml:92(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwiten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"L'algorithme de chiffrement peut être défini pour le système avec la "
+"variable <option>ENCRYPT_METHOD</option> de <filename>/etc/login.defs</"
+"filename> et peut être surchargé avec les options <option>-e</option>, "
+"<option>-m</option> ou <option>-c</option>."
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chgpasswd</command> sont :"
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "Modifier le nom complet et les informations associées à un utilisateur"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+"La commande <command>chfn</command> modifie le nom complet d'un utilisateur, "
+"son numéro de bureau, son numéro de téléphone professionnel, son extension, "
+"et son numéro de téléphone personnel. Ces informations sont généralement "
+"affichées par <citerefentry><refentrytitle>finger</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> ou d'autres programmes "
+"similaires. Un utilisateur normal ne peut modifier que les informations "
+"associées à son propre compte, avec les restrictions précisées dans "
+"<filename>/etc/login.defs</filename>. (Par défaut, les utilisateurs ne "
+"peuvent pas modifier leur nom complet). Le superutilisateur peut modifier "
+"n'importe quel champ pour n'importe quel compte. De plus, seul le "
+"superutilisateur peut utiliser l'option <option>-o</option> pour modifier "
+"les parties non précisées du champ GECOS."
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+"Ces champs ne doivent contenir aucun « : ». À l'exception du champ <emphasis "
+"remap=\"I\">autre</emphasis>, ils ne doivent contenir aucune virgule ou "
+"signe égal. Il est également recommandé d'éviter les caractères non US-"
+"ASCII, mais cela n'est imposé que pour les numéros de téléphone. Le champ "
+"<emphasis remap=\"I\">autre</emphasis> est utilisé pour garder des "
+"informations de compte utilisées par d'autres applications."
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Les options applicables à la commande <command>chfn</command> sont :"
+
+#: chfn.1.xml:117(term)
+#| msgid ""
+#| "<option>-f</option>, <option>--full-name</option><replaceable>FULL_NAME</"
+#| "replaceable>"
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>NOM_COMPLET</replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "Modifier le nom complet de l'utilisateur."
+
+#: chfn.1.xml:125(term)
+#| msgid ""
+#| "<option>-h</option>, <option>--home-phone</"
+#| "option><replaceable>HOME_PHONE</replaceable>"
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>TEL_PERSO</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "Modifier le numéro de téléphone personnel de l'utilisateur."
+
+#: chfn.1.xml:133(term)
+#| msgid ""
+#| "<option>-o</option>, <option>--other</option><replaceable>OTHER</"
+#| "replaceable>"
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>AUTRE</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"Modifier les informations GECO de l'utilisateur. Ce champ est utilisé pour "
+"enregistrer les informations de l'utilisateur utilisées par d'autres "
+"applications et peut être changé seulement par un superutilisateur."
+
+#: chfn.1.xml:145(term)
+#| msgid ""
+#| "<option>-r</option>, <option>--room</option><replaceable>ROOM_NUMBER</"
+#| "replaceable>"
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>NUMÉRO_DE_BUREAU</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "Modifier le numéro de bureau de l'utilisateur."
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+#| msgid ""
+#| "<option>-w</option>, <option>--work-phone</"
+#| "option><replaceable>WORK_PHONE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>TEL_PRO</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "Modifier le numéro de téléphone professionnel de l'utilisateur."
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+"Si aucune option n'est sélectionnée, <command>chfn</command> opère de "
+"manière interactive, demandant à l'utilisateur d'entrer les valeurs "
+"actuelles de chacun des champs. Entrer une nouvelle valeur pour la modifier, "
+"ou de laisser une ligne blanche pour conserver la valeur actuelle. La valeur "
+"actuelle est indiquée entre crochets (<emphasis remap=\"B\">[ ]</emphasis>). "
+"En l'absence d'option, <command>chfn</command> opère sur l'utilisateur "
+"actuel."
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "Modifier les informations de validité d'un mot de passe"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"La commande <command>chage</command> modifie le nombre de jours entre les "
+"changements de mot de passe et la date du dernier changement. Ces "
+"informations sont utilisées par le système pour déterminer si un utilisateur "
+"doit changer son mot de passe."
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chage</command> sont :"
+
+#: chage.1.xml:97(term)
+#| msgid ""
+#| "<option>-d</option>, <option>--lastday</option><replaceable>LAST_DAY</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;"
+"<replaceable>DERNIER_JOUR</replaceable>"
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"Configurer le nombre du jour, à compter du 1er janvier 1970, où le mot de "
+"passe a été changé la dernière fois. La date peut aussi être exprimée dans "
+"le format AAAA-MM-JJ (ou le format utilisé plus communément dans votre "
+"région)."
+
+#: chage.1.xml:109(term)
+#| msgid ""
+#| "<option>-E</option>, <option>--expiredate</"
+#| "option><replaceable>EXPIRE_DATE</replaceable>"
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable>"
+
+# NOTE: s/date//
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"Configurer la date, ou le nombre de jours à compter du 1er janvier 1970, à "
+"partir de laquelle le compte de l'utilisateur ne sera plus accessible. La "
+"date peut aussi être exprimée dans le format AAAA-MM-JJ (ou le format plus "
+"communément utilisé dans votre région). Un utilisateur dont le compte est "
+"bloqué doit contacter l'administrateur système pour pouvoir utiliser à "
+"nouveau le système."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> aura pour effet de supprimer la "
+"date de fin de validité."
+
+#: chage.1.xml:135(term)
+#| msgid ""
+#| "<option>-I</option>, <option>--inactive</option><replaceable>INACTIVE</"
+#| "replaceable>"
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"Configurer le nombre de jours d'inactivité, après qu'un mot de passe ait "
+"dépassé la date de fin de validité, avant que le compte ne soit bloqué. La "
+"valeur <replaceable>DURÉE_INACTIVITÉ</replaceable> est le nombre de jours "
+"d'inactivité. Un utilisateur dont le compte est bloqué doit contacter "
+"l'administrateur système avant de pouvoir utiliser de nouveau le système."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>DURÉE_INACTIVITÉ</replaceable> supprime la durée d'inactivité "
+"pour un compte."
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Afficher les informations sur l'âge des comptes."
+
+#: chage.1.xml:164(term)
+#| msgid ""
+#| "<option>-m</option>, <option>--mindays</option><replaceable>MIN_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>JOURS_MIN</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+#| msgid ""
+#| "<option>-M</option>, <option>--maxdays</option><replaceable>MAX_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>JOURS_MAX</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"Configurer le nombre maximum de jours pendant lesquels un mot de passe est "
+"valable. Quand <replaceable>JOURS_MAX</replaceable> plus "
+"<replaceable>DERNIER_JOUR</replaceable> est inférieur à la date actuelle, "
+"l'utilisateur est obligé de changer son mot de passe avant de pouvoir "
+"utiliser son compte. Cet événement peut être déclenché plus tôt grâce à "
+"l'option <option>-W</option> qui prévient l'utilisateur à l'avance par un "
+"message d'alerte."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>JOURS_MAX</replaceable> supprime la vérification de validité."
+
+#: chage.1.xml:209(term)
+#| msgid ""
+#| "<option>-W</option>, <option>--warndays</option><replaceable>WARN_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DURÉE_AVERTISSEMENT</replaceable>"
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"Configurer le nombre de jours d'avertissement avant que le changement de mot "
+"de passe ne soit obligatoire. La valeur <replaceable>DURÉE_AVERTISSEMENT</"
+"replaceable> est le nombre de jours précédant la fin de validité pendant "
+"lesquels un utilisateur sera prévenu que son mot de passe est sur le point "
+"d'arriver en fin de validité."
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Si aucune de ces options n'est donnée, <command>chage</command> utilise un "
+"mode interactif, demandant confirmation à l'utilisateur pour les valeurs de "
+"tous les champs. Entrez la nouvelle valeur pour modifier la valeur du champ, "
+"ou laissez la ligne vide pour conserver la valeur actuelle. La valeur "
+"actuelle est affichée entre crochets."
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Le programme <command>chage</command> nécessite l'utilisation d'un fichier "
+"de mots de passe cachés (« shadow password file »)."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"La commande <command>chage</command> est réservée à l'utilisateur root, sauf "
+"pour l'option <option>-l</option>, qui peut être utilisée par un utilisateur "
+"non privilégié pour lui permettre de savoir quand son mot de passe ou son "
+"compte arrivera en fin de validité."
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "impossible de trouver le fichier des mots de passe cachés"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>chage</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+"Nicolas FRANÇOIS <nicolas.francois@centraliens.net>, 2005-2010Thomas Blein "
+"<tblein@tblein.eu>, 2011-2012Debian French l10n team <debian-l10n-"
+"french@lists.debian.org>, 2011-2012"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "Kłoczko"
+#~ msgstr "KÅ‚oczko"
+
+#~ msgid "François"
+#~ msgstr "François"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "impossible de créer le répertoire d'attente des courriels"
+
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "Identifiant SELinux du nouvel utilisateur. Cette valeur est vide par "
+#~ "défaut et, dans ce cas, le système sélectionnera l'utilisateur SELinux "
+#~ "par défaut."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "nouveaux_utilisateurs"
+
+#~ msgid "full_name"
+#~ msgstr "nom_complet"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "no_bureau"
+
+#~ msgid "work_ph"
+#~ msgstr "tel_bureau"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "tel_perso"
+
+#~ msgid "other"
+#~ msgstr "autre"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
+
+#~ msgid ""
+#~ "Note: <option>-K </option><replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> doesn't work yet."
+#~ msgstr ""
+#~ "Note : <option>-K</option> <replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> ne fonctionne pas pour "
+#~ "l'instant."
+
+#~ msgid "It can take one of these values: <placeholder-1/>"
+#~ msgstr "Il peut prendre une de ces valeurs : <placeholder-1/>"
+
+#~ msgid "The supplied passwords must be in clear-text."
+#~ msgstr "Les mots de passe doivent être fournis en clair."
+
+#~ msgid ""
+#~ "The encrypted password, as returned by "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. The default is to disable the account."
+#~ msgstr ""
+#~ "Le mot de passe chiffré, comme renvoyé par "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. Le comportement par défaut est de désactiver "
+#~ "le compte."
+
+# NOTE: shadowed, not encrypted
+#~ msgid "encrypted password file"
+#~ msgstr "fichier des mots de passe cachés"
+
+#~ msgid "comma-separated list of group administrators"
+#~ msgstr "liste d'administrateurs du groupe séparés par des virgules"
+
+#~ msgid ""
+#~ "The group name and password fields must be filled. The encrypted password "
+#~ "consists of characters from the 64-character alphabet a thru z, A thru Z, "
+#~ "0 thru 9, \\. and /. Refer to <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry> for details on how "
+#~ "this string is interpreted. If the password field contains some string "
+#~ "that is not valid result of <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or "
+#~ "*, the user will not be able to use a unix password to log in, subject to "
+#~ "<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum></"
+#~ "citerefentry>."
+#~ msgstr ""
+#~ "Les champs « nom du groupe » et « mot de passe » doivent être remplis. Le "
+#~ "mot de passe chiffré comprend 13 caractères pris dans l'alphabet de 64 "
+#~ "caractères a-z, A-Z, 0-9, \\. et /. Consultez "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry> pour plus d'informations sur le traitement de "
+#~ "cette chaîne. Si le champ du mot de passe contient une chaîne qui ne peut "
+#~ "pas être un résultat valable de <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si "
+#~ "elle contient les caractères ! ou *, alors l'utilisateur ne pourra pas "
+#~ "utiliser son mot de passe UNIX pour se connecter. Ceci peut dépendre de "
+#~ "<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum></"
+#~ "citerefentry>."
+
+#, fuzzy
+#~ msgid ""
+#~ "The group ID of the given <replaceable>GROUP</replaceable> will be "
+#~ "changed to <replaceable>GID</replaceable>. The value of <replaceable>GID</"
+#~ "replaceable> must be a non-negative decimal integer. This value must be "
+#~ "unique, unless the <option>-o</option> option is used. Values between 0 "
+#~ "and 999 are typically reserved for system groups. Any files that have the "
+#~ "old group ID and must continue to belong to <replaceable>GROUP</"
+#~ "replaceable>, must have their group ID changed manually."
+#~ msgstr ""
+#~ "Indiquer la nouvelle Valeur numérique de l'identifiant du "
+#~ "<replaceable>GROUPE</replaceable> (« group ID » ou GID). La valeur de "
+#~ "<replaceable>GID</replaceable> doit être un entier décimal non négatif. "
+#~ "Cette valeur doit être unique, à moins que l'option <option>-o</option> "
+#~ "ne soit utilisée. Les valeurs comprises entre 0 et 999 sont généralement "
+#~ "réservées aux comptes système. Vous devrez modifier vous-même le groupe "
+#~ "propriétaire de tous les fichiers possédés par ce groupe."
+
+#~ msgid ""
+#~ "Note: if you use PAM, it is recommended to set this variable consistently "
+#~ "with the PAM modules configuration."
+#~ msgstr ""
+#~ "Remarque : si vous utilisez PAM, il est recommandé d'ajuster cette "
+#~ "variable de façon cohérente avec la configuration des modules PAM."
+
+#~| msgid ""
+#~| "<command>usermod</command> will not allow you to change the name of a "
+#~| "user who is logged in. You must make certain that the named user is not "
+#~| "executing any processes when this command is being executed if the "
+#~| "user's numerical user ID is being changed. You must change the owner of "
+#~| "any <command>crontab</command> files manually. You must change the owner "
+#~| "of any <command>at</command> jobs manually. You must make any changes "
+#~| "involving NIS on the NIS server."
+#~ msgid ""
+#~ "<command>usermod</command> will not allow you to change the name of an "
+#~ "user who is logged in. You must make certain that the named user is not "
+#~ "executing any processes when this command is being executed if the user's "
+#~ "numerical user ID is being changed. You must change the owner of any "
+#~ "<command>crontab</command> files manually. You must change the owner of "
+#~ "any <command>at</command> jobs manually. You must make any changes "
+#~ "involving NIS on the NIS server."
+#~ msgstr ""
+#~ "<command>Usermod</command> ne vous permet pas de modifier le nom d'un "
+#~ "utilisateur qui est actuellement connecté. Vous devez vous assurer que "
+#~ "l'utilisateur nommé n'est pas en train d'exécuter un quelconque programme "
+#~ "lorsque cette commande est exécutée si l'UID numérique de l'utilisateur "
+#~ "est modifié. Vous devez modifier vous-même le nom du propriétaire de tous "
+#~ "les fichiers <command>crontab</command> et des tâches <command>at</"
+#~ "command>. Vous devez effectuer toutes les modifications impliquant NIS "
+#~ "sur le serveur NIS."
+
+#~ msgid ""
+#~ "<command>userdel</command> will not allow you to remove an account if the "
+#~ "user is currently logged in. You must kill any running processes which "
+#~ "belong to an account that you are deleting."
+#~ msgstr ""
+#~ "<command>Userdel</command> ne vous permet pas de supprimer un compte si "
+#~ "l'utilisateur en question est actuellement connecté. Vous devez tuer tous "
+#~ "les processus en cours d'exécution appartenant à l'utilisateur que vous "
+#~ "êtes en train de supprimer."
+
+#~ msgid ""
+#~ "The group name or number of the user's new initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1."
+#~ msgstr ""
+#~ "Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+#~ "l'utilisateur. Le nom du groupe doit exister. Un numéro de groupe doit se "
+#~ "référer à un groupe déjà existant. Le numéro de groupe par défaut est de "
+#~ "1."
+
+#~ msgid ""
+#~ "The group name or number of the user's initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1 or whatever is specified in <filename>/etc/"
+#~ "default/useradd</filename>."
+#~ msgstr ""
+#~ "Nom ou ou numéro du groupe de connexion initial de l'utilisateur. Le nom "
+#~ "du groupe doit exister. Un numéro de groupe doit se référer à un groupe "
+#~ "existant. Le numéro de groupe par défaut est de 1, ou la valeur indiquée "
+#~ "dans <filename>/etc/default/useradd</filename>."
+
+#~ msgid ""
+#~ "The group name or ID for a new user's initial group. The named group must "
+#~ "exist, and a numerical group ID must have an existing entry."
+#~ msgstr ""
+#~ "Nom de groupe ou identifiant numérique du groupe initial d'un nouvel "
+#~ "utilisateur. Le groupe spécifié doit exister, et un identifiant de groupe "
+#~ "numérique doit déjà exister."
+
+#~ msgid "days since Jan 1, 1970 that password was last changed"
+#~ msgstr ""
+#~ "nombre de jours, comptés à partir du 1er janvier 1970, depuis le dernier "
+#~ "changement de mot de passe"
+
+#~ msgid "days after which password must be changed"
+#~ msgstr "nombre de jours après lesquels le mot de passe doit être changé"
+
+#~ msgid "days before password is to expire that user is warned"
+#~ msgstr ""
+#~ "nombre de jours avant la fin de validité du mot de passe et pendant "
+#~ "lesquels l'utilisateur est averti"
+
+#~ msgid "days after password expires that account is disabled"
+#~ msgstr ""
+#~ "nombre de jours après la fin de validité provoquant la désactivation du "
+#~ "compte"
+
+#~ msgid "days since Jan 1, 1970 that account is disabled"
+#~ msgstr ""
+#~ "nombre de jours, comptés à partir du 1er janvier 1970, depuis que le "
+#~ "compte est désactivé"
+
+#, fuzzy
+#~ msgid ""
+#~ "The password field must be filled. The encrypted password consists of 13 "
+#~ "to 24 characters from the 64 character alphabet a thru z, A thru Z, 0 "
+#~ "thru 9, \\. and /. Optionally it can start with a \"$\" character. This "
+#~ "means the encrypted password was generated using another (not DES) "
+#~ "algorithm. For example if it starts with \"$1$\" it means the MD5-based "
+#~ "algorithm was used."
+#~ msgstr ""
+#~ "Le champ « mot de passe » doit être rempli. Le mot de passe chiffré "
+#~ "comprend 13 à 24 caractères pris dans l'alphabet de 64 caractère : a-z, A-"
+#~ "Z, 0-9, \\. et /. Il peut optionellement commencer par un caractère "
+#~ "« $ ». Ceci signifie que le mot de passe a été généré par un autre "
+#~ "algorithme (autre que DES). Par exemple, s'il commence par « $1$ », "
+#~ "l'algorithme basé sur MD5 a été utilisé."
+
+#~ msgid ""
+#~ "The date of the last password change is given as the number of days since "
+#~ "Jan 1, 1970. The password may not be changed again until the proper "
+#~ "number of days have passed, and must be changed after the maximum number "
+#~ "of days. If the minimum number of days required is greater than the "
+#~ "maximum number of day allowed, this password may not be changed by the "
+#~ "user."
+#~ msgstr ""
+#~ "La date de dernière modification du mot de passe est donnée par le nombre "
+#~ "de jours écoulés depuis le 1er janvier 1970 jusqu'au dernier changement "
+#~ "du mot de passe. Un mot de passe ne peut pas être changé de nouveau avant "
+#~ "le nombre de jours indiqués, et doit être modifié avant le nombre maximal "
+#~ "de jours spécifié. Si le nombre minimal de jours requis est plus grand "
+#~ "que le nombre maximal de jours de validité, ce mot de passe ne peut pas "
+#~ "être changé par l'utilisateur."
+
+#~ msgid ""
+#~ "An account is considered to be inactive and is disabled if the password "
+#~ "is not changed within the specified number of days after the password "
+#~ "expires. An account will also be disabled on the specified day regardless "
+#~ "of other password expiration information."
+#~ msgstr ""
+#~ "Un compte est considéré comme inactif et est désactivé si le mot de passe "
+#~ "n'est pas changé dans l'intervalle indiqué après la fin de la validité du "
+#~ "mot de passe. Un compte est également désactivé le jour indiqué quels que "
+#~ "soient les autres informations de validité."
+
+#~ msgid ""
+#~ "This information supersedes any password or password age information "
+#~ "present in <filename>/etc/passwd</filename>."
+#~ msgstr ""
+#~ "Ces informations sont prioritaires sur tous les autres champs présents "
+#~ "dans <filename>/etc/passwd</filename>."
+
+#, fuzzy
+#~ msgid ""
+#~ "This field will be checked for existence as a directory, and a new "
+#~ "directory with this name will be created if it does not already exist. "
+#~ "The ownership of the directory will be set to be that of the user being "
+#~ "created or updated."
+#~ msgstr ""
+#~ "L'existence du répertoire indiqué dans ce champ est vérifiée, et dans le "
+#~ "cas contraire, le répertoire est créé. Le propriétaire du répertoire sera "
+#~ "l'utilisateur dont le compte est créé ou mis à jour."
+
+#~ msgid "Display faillog records for all users."
+#~ msgstr "Afficher les échecs de tous les utilisateurs."
+
+#~ msgid ""
+#~ "Set maximum number of login failures after the account is disabled to "
+#~ "<replaceable>MAX</replaceable>. Selecting <replaceable>MAX</replaceable> "
+#~ "value of 0 has the effect of not placing a limit on the number of failed "
+#~ "logins. The maximum failure count should always be 0 for <emphasis>root</"
+#~ "emphasis> to prevent a denial of services attack against the system."
+#~ msgstr ""
+#~ "Fixer le nombre maximum d'échecs de connexion après lesquels le compte "
+#~ "sera désactivé à <emphasis remap=\"I\">MAX</emphasis>. Une limite "
+#~ "<replaceable>MAX</replaceable> de 0 aura pour effet de ne pas placer de "
+#~ "limite d'échec. La limite pour l'utilisateur <emphasis>root</emphasis> "
+#~ "devrait toujours être 0 pour éviter tout risque de déni de service contre "
+#~ "le système."
+
+#~ msgid ""
+#~ "The user's home directory will be created if it does not exist. The files "
+#~ "contained in <replaceable>SKEL_DIR</replaceable> will be copied to the "
+#~ "home directory if the <option>-k</option> option is used, otherwise the "
+#~ "files contained in <filename>/etc/skel</filename> will be used instead. "
+#~ "Any directories contained in <replaceable>SKEL_DIR</replaceable> or "
+#~ "<filename>/etc/skel</filename> will be created in the user's home "
+#~ "directory as well. The <option>-k</option> option is only valid in "
+#~ "conjunction with the <option>-m</option> option. The default is to not "
+#~ "create the directory and to not copy any files."
+#~ msgstr ""
+#~ "Le répertoire personnel de l'utilisateur sera créé s'il n'existe pas "
+#~ "déjà. Les fichiers contenus dans <replaceable>rép_squelette</replaceable> "
+#~ "seront copiés dans le répertoire personnel si l'option <option>-k</"
+#~ "option> est employée ; sinon, les fichiers contenus dans <filename>/etc/"
+#~ "skel</filename> seront utilisés à la place. Tous les répertoires contenus "
+#~ "dans <replaceable>rép_squelette</replaceable> ou dans <filename>/etc/"
+#~ "skel</filename> seront également créés dans le répertoire personnel de "
+#~ "l'utilisateur. L'option <option>-k</option> n'est valable qu'en "
+#~ "conjonction avec l'option <option>-m</option>. Le comportement par défaut "
+#~ "est de ne pas créer le répertoire, et de ne copier aucun fichier."
+
+#~ msgid ""
+#~ "Your password must be easily remembered so that you will not be forced to "
+#~ "write it on a piece of paper. This can be accomplished by appending two "
+#~ "small words together and separating each with a special character or "
+#~ "digit. For example, Pass%word."
+#~ msgstr ""
+#~ "Vous devez pouvoir vous souvenir facilement de votre mot de passe, afin "
+#~ "de ne pas avoir à le noter sur un morceau de papier. Pour ce faire, on "
+#~ "peut choisir d'accoler deux mots en les séparant avec un caractère "
+#~ "spécial ou un chiffre. Par exemple, Mot2passe."
+
+#~ msgid ""
+#~ "Other methods of construction involve selecting an easily remembered "
+#~ "phrase from literature and selecting the first or last letter from each "
+#~ "word. An example of this is:"
+#~ msgstr ""
+#~ "D'autres méthodes de construction utilisent une phrase facile à se "
+#~ "rappeler, et consistent à sélectionner la première ou la dernière lettre "
+#~ "de chaque mot. Voici un exemple [ NdT : en anglais ] :"
+
+#~ msgid "Ask not for whom the bell tolls"
+#~ msgstr "Ask not for whom the bell tolls."
+
+#~ msgid "which produces"
+#~ msgstr "Ce qui donne :"
+
+#~ msgid "An4wtbt"
+#~ msgstr "An4wtbt."
+
+#~ msgid ""
+#~ "You may be reasonably sure few crackers will have included this in their "
+#~ "dictionaries. You should, however, select your own methods for "
+#~ "constructing passwords and not rely exclusively on the methods given here."
+#~ msgstr ""
+#~ "Vous pouvez raisonnablement être assuré que quelques crackers ont "
+#~ "désormais inclus ces mots de passe dans leurs dictionnaires. Vous pouvez "
+#~ "également utiliser votre propre méthode de construction de mots de passe "
+#~ "et ne pas compter exclusivement sur les méthodes proposées ici."
+
+#~ msgid ""
+#~ "The only restriction placed on the contents of the fields is that no "
+#~ "control characters may be present, nor any of comma, colon, or equal "
+#~ "sign. The <emphasis remap=\"I\">other</emphasis> field does not have this "
+#~ "restriction, and is used to store accounting information used by other "
+#~ "applications."
+#~ msgstr ""
+#~ "La seule restriction pour le contenu des champs est qu'ils ne doivent "
+#~ "contenir aucun caractère de contrôle, ni aucune virgule, deux-points ou "
+#~ "signe égal. Le champ <emphasis remap=\"I\">autre</emphasis> n'a pas cette "
+#~ "limitation et peut être utilisé pour enregistrer des informations sur le "
+#~ "compte pour d'autres applications."
+
+#~ msgid ""
+#~ "Range of user IDs to choose from for the <command>useradd</command> "
+#~ "program."
+#~ msgstr ""
+#~ "Plage d'identifiants numériques d'utilisateur que <command>useradd</"
+#~ "command> peut utiliser."
+
+#~ msgid ""
+#~ "The <option>-t</option> flag overrides the use of <option>-u</option>."
+#~ msgstr ""
+#~ "L'utilisation de l'option <option>-t</option> supplante l'option <option>-"
+#~ "u</option>."
+
+# NOTE: shadow => gshadow
+#~ msgid ""
+#~ "By default, <command>grpck</command> operates on the files <filename>/etc/"
+#~ "group</filename> and <filename>/etc/gshadow</filename>. The user may "
+#~ "select alternate files with the <emphasis remap=\"I\">group</emphasis> "
+#~ "and <emphasis remap=\"I\">shadow</emphasis> parameters. Additionally, the "
+#~ "user may execute the command in read-only mode by specifying the <option>-"
+#~ "r</option> flag. This causes all questions regarding changes to be "
+#~ "answered <emphasis>no</emphasis> without user intervention. "
+#~ "<command>grpck</command> can also sort entries in <filename>/etc/group</"
+#~ "filename> and <filename>/etc/gshadow</filename> by GID. To run it in sort "
+#~ "mode pass it <option>-s</option> flag. No checks are performed then, it "
+#~ "just sorts."
+#~ msgstr ""
+#~ "Par défaut, <command>grpck</command> opère sur les fichiers <filename>/"
+#~ "etc/group</filename> et <filename>/etc/gshadow</filename>. L'utilisateur "
+#~ "peut spécifier d'autres fichiers avec les paramètres <emphasis remap=\"I"
+#~ "\">group</emphasis> et <emphasis remap=\"I\">gshadow</emphasis>. De plus, "
+#~ "l'utilisateur peut exécuter les commandes en lecture seule en utilisant "
+#~ "l'option <option>-r</option>. Ceci aura pour conséquence de répondre "
+#~ "<emphasis>no</emphasis> à toutes les questions demandant des "
+#~ "modifications, sans intervention de l'utilisateur. <command>Grpck</"
+#~ "command> permet aussi de trier les entrées de <filename>/etc/group</"
+#~ "filename> et <filename>/etc/gshadow</filename> par GID. Pour effectuer ce "
+#~ "tri, utilisez l'option <option>-s</option>. Aucune vérification n'est "
+#~ "alors effectuée, les entrées sont seulement triées."
+
+#~ msgid ""
+#~ "The name of the new user's login shell. The named program will be used "
+#~ "for all future new user accounts."
+#~ msgstr ""
+#~ "Nom de l'interpréteur de commandes initial (« login shell ») d'un nouvel "
+#~ "utilisateur. Le programme nommé sera utilisé pour tous les futurs "
+#~ "nouveaux comptes utilisateur."
+
+#~ msgid ""
+#~ "Group administrator can add and delete users using <option>-a</option> "
+#~ "and <option>-d</option> options respectively. Administrators can use "
+#~ "<option>-r</option> option to remove group password. When no password is "
+#~ "set only group members can use <command>newgrp</command> to join the "
+#~ "group. Option <option>-R</option> disables access via a password to the "
+#~ "group through <command>newgrp</command> command (however members will "
+#~ "still be able to switch to this group)."
+#~ msgstr ""
+#~ "Un administrateur de groupe peut ajouter ou supprimer des utilisateurs en "
+#~ "utilisant respectivement les options <option>-a</option> et <option>-d</"
+#~ "option>. Les administrateurs peuvent utiliser l'option <option>-r</"
+#~ "option> pour supprimer le mot de passe d'un groupe. Lorsqu'aucun mot de "
+#~ "passe n'est défini, seuls les membres d'un groupe peuvent utiliser "
+#~ "<command>newgrp</command> pour utiliser ce groupe. L'option <option>-R</"
+#~ "option> désactive l'accès au groupe via la commande <command>newgrp</"
+#~ "command> (sauf pour les membres du groupe)."
+
+#, fuzzy
+#~ msgid ""
+#~ "This field must contain name of group. When specified an existing group "
+#~ "name the named user will be added as a new member of this group. If "
+#~ "specified non-existent non-numerical group name a new group will be "
+#~ "created."
+#~ msgstr ""
+#~ "Ce champ peut être le nom d'un groupe existant, ce qui permet d'ajouter "
+#~ "l'utilisateur désigné dans la liste des membres du groupe. Si un "
+#~ "identifiant de groupe inexistant est indiqué, un nouveau groupe est créé, "
+#~ "avec cet identifiant de groupe."
diff --git a/po/gl.po b/po/gl.po
new file mode 100644
index 0000000..2a47e8b
--- /dev/null
+++ b/po/gl.po
@@ -0,0 +1,3517 @@
+# Galician translation of shadow
+# Copyright (C) 1999, 2004, 2005 Free Software Foundation, Inc.
+# Jacobo Tarrio <jtarrio@debian.org>, 2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2006-07-18 23:27+0200\n"
+"Last-Translator: Jacobo Tarrio <jtarrio@debian.org>\n"
+"Language-Team: Galician <trasno@ceu.fi.udc.es>\n"
+"Language: gl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=n!=1;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Non se puido reservar espacio para a información de configuración.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"erro de configuración - elemento \"%s\" descoñecido (avise ao "
+"administrador)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Contrasinal: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Contrasinal de %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Non se puido reservar espacio para a información de configuración.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "A cambiar a información de caducidade de %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Non se pode determinar o seu nome de usuario.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: liña %d: non se pode atopar o usuario %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: memoria esgotada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: non se pode actualizar o ficheiro %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: directorio inicial \"%s\" non válido\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: aviso: non se pode eliminar "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: aviso: non se pode eliminar "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: aviso: non se pode eliminar "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: aviso: non se pode eliminar "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: non se pode actualizar o ficheiro %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: non se pode actualizar o ficheiro shadow\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: non se pode abrir o ficheiro %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Aviso: grupo %s descoñecido\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Aviso: hai grupos de máis\n"
+
+msgid "Your password has expired."
+msgstr "O seu contrasinal caducou."
+
+msgid "Your password is inactive."
+msgstr "O seu contrasinal está inactivo."
+
+msgid "Your login has expired."
+msgstr "O seu identificador de usuario caducou."
+
+msgid " Contact the system administrator."
+msgstr " Póñase en contacto co administrador do sistema."
+
+msgid " Choose a new password."
+msgstr " Escolla un novo contrasinal."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "O seu contrasinal ha caducar en %ld días.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "O seu contrasinal ha caducar mañá."
+
+msgid "Your password will expire today."
+msgstr "O seu contrasinal ha caducar hoxe."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Non se puido cambiar o tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: campos longos de máis\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Desbordamento nas variables de ambiente\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Non pode cambiar $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d fallo desde a última entrada.\n"
+"O último foi o %s en %s.\n"
+msgstr[1] ""
+"%d fallos desde a última entrada.\n"
+"O último foi o %s en %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "non se puido cambiar o propietario da caixa do correo"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: non se pode obter un UID único\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: non se pode obter un GID único\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: non se pode obter un UID único\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: non se pode obter un UID único\n"
+
+msgid "Too many logins.\n"
+msgstr "Entrou demasiadas veces.\n"
+
+msgid "You have new mail."
+msgstr "Ten novo correo."
+
+msgid "No mail."
+msgstr "Non hai correo."
+
+msgid "You have mail."
+msgstr "Ten correo."
+
+msgid "no change"
+msgstr "ningún cambio"
+
+msgid "a palindrome"
+msgstr "un palíndromo"
+
+msgid "case changes only"
+msgstr "só cambia maiúsculas/minúsculas"
+
+msgid "too similar"
+msgstr "semellantes de máis"
+
+msgid "too simple"
+msgstr "simple de máis"
+
+msgid "rotated"
+msgstr "rotado"
+
+msgid "too short"
+msgstr "curto de máis"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Contrasinal non válido: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: a chamada a pam_start() fallou, erro %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Cambiouse o contrasinal."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: o contrasinal actualizouse con éxito\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Contrasinal incorrecto para %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: teléfono da casa non válido: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Non se puido cambiar a \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Non hai un directorio, éntrase con HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Non se pode executar %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Directorio raíz \"%s\" non válido\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Non se pode cambiar o directorio raíz a \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Non se pode determinar o nome do seu tty."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Non\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Introduza o novo valor ou prema Intro para o valor por defecto"
+
+msgid "Minimum Password Age"
+msgstr "Idade mínima do contrasinal"
+
+msgid "Maximum Password Age"
+msgstr "Idade máxima do contrasinal"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Último cambio de contrasinal (AAAA-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Aviso de caducidade de contrasinal"
+
+msgid "Password Inactive"
+msgstr "Contrasinal inactivo"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data de caducidade da conta (AAAA-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Último cambio de contrasinal\t\t\t\t: "
+
+msgid "never"
+msgstr "nunca"
+
+msgid "password must be changed"
+msgstr "debe cambiarse o contrasinal"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "O contrasinal caduca\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Contrasinal inactivo\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "A conta caduca\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Número mínimo de días entre cambios de contrasinal\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Número máximo de días entre cambios de contrasinal\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Número de días de aviso antes de que caduque o contrasinal: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: data \"%s\" non válida\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argumento numérico \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: non inclúa \"l\" con outros indicadores\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Permiso denegado.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Non se pode determinar o seu nome de usuario.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: non se pode bloquear ficheiros, volva tentalo despois\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: non se pode abrir o ficheiro %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: fallo ao lanzar o proceso: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: o ficheiro de contrasinais shadow non está presente\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "A cambiar a información de caducidade de %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: erro ao cambiar os campos\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nome completo"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Número de cuarto"
+
+msgid "Work Phone"
+msgstr "Teléfono do traballo"
+
+msgid "Home Phone"
+msgstr "Teléfono da casa"
+
+msgid "Other"
+msgstr "Outro"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Non se pode cambiar o ID a root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nome non válido: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: número de cuarto non válido: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: teléfono do traballo non válido: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: teléfono da casa non válido: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" contén caracteres non válidos\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" contén caracteres non válidos\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: non se pode cambiar o usuario \"%s\" no cliente NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: \"%s\" é o mestre NIS deste cliente.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "A cambiar a información de usuario de %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: campos longos de máis\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: o modificador -a SÓ se admite co modificador -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: liña %d: liña longa de máis\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: liña %d: falla o novo contrasinal\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: o grupo %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: liña %d: non se pode actualizar a entrada\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: detectouse un erro, ignóranse os cambios\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: o usuario %s non existe\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Intérprete de ordes"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Non pode cambiar o intérprete de ordes de %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "A cambiar o intérprete de ordes de %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Entrada non válida: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s non é un intérprete de ordes válido.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: aviso: %s non pertence a %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: non se esperaba un argumento: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Usuario Fallos Máximo Último O\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [fallan %lds]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [bloqueado %lds]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Usuario descoñecido: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Non se pode cambiar o contrasinal de %s.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Non se pode cambiar o contrasinal de %s.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: precísase de contrasinais de grupo shadow para -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: o grupo %s non existe\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: fallo ao lanzar o proceso: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "A cambiar o contrasinal do grupo %s\n"
+
+msgid "New Password: "
+msgstr "Novo contrasinal: "
+
+msgid "Re-enter new password: "
+msgstr "Volva introducir o novo contrasinal: "
+
+msgid "They don't match; try again"
+msgstr "Non coinciden, volva tentalo"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Volva tentalo despois\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "A engadir o usuario %s ao grupo %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "A eliminar o usuario %s do grupo %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Non é un tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s non é un nome de grupo válido\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "nome de grupo \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K precisa de CLAVE=VALOR\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: o grupo %s existe\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "O membro xa existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Non se pode determinar o seu nome de usuario.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: non se pode cambiar o usuario \"%s\" no cliente NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: o grupo %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: o grupo \"%s\" é un grupo NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s é o mestre NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: o usuario %s é un usuario NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: esgotouse a memoria en update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "nome de grupo \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: o grupo %s é un grupo NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: usuario %s descoñecido\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s e -r son incompatibles\n"
+
+msgid "invalid group file entry"
+msgstr "entrada do ficheiro de grupos non válida"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "¿borrar a liña \"%s\"? "
+
+msgid "duplicate group entry"
+msgstr "entrada de grupo duplicada"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nome de grupo \"%s\" non válido\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "nome de grupo \"%s\" non válido\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupo %s: non existe o usuario %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "¿borrar o membro \"%s\"? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "non hai unha entrada do ficheiro de grupos que coincida en %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "¿engadir o grupo \"%s\" en %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "entrada do ficheiro de grupos shadow non válida"
+
+msgid "duplicate shadow group entry"
+msgstr "entrada de grupo shadow duplicada"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grupo shadow %s: non existe o usuario administrativo %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "¿borrar o membro administrativo \"%s\"? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupo shadow %s: non existe o usuario %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: actualizáronse os ficheiros\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: non hai cambios\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: non se pode actualizar o ficheiro %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Emprego: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Emprego: id\n"
+
+msgid " groups="
+msgstr " grupos="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "Usuario Porto Desde Última"
+
+msgid "Username Port Latest"
+msgstr "Usuario Porto Última"
+
+msgid "**Never logged in**"
+msgstr "**Nunca entrou**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: non se pode actualizar o ficheiro de contrasinais\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Emprego: %s [-p] [nome]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h servidor] [-f nome]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r servidor\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Hora de entrada non válida"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"O sistema está pechado por mantemento rutinario"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Omitida a desconexión -- permítese a entrada coma root.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Non hai unha entrada en utmp. Debe executar \"login\" dende o \"sh\" de "
+"nivel máis baixo"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"A entrada caducou despois de %d segundos.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Fallo en PAM, a abortar: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Superouse o número máximo de intentos (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: cancelación solicitada por PAM\n"
+
+msgid "Login incorrect"
+msgstr "Entrada incorrecta"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: liña %d: non se pode atopar o usuario %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fallo ao lanzar o proceso: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Aviso: vólvese permitir a entrada despois do bloqueo temporal."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Última entrada: %s en %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Última entrada: %.19s en %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " desde %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"superouse o tempo de entrada\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Emprego: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Emprego: newgrp [-] [grupo]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Emprego: sg grupo [[-c] orde]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Contrasinal antigo: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fallo ao lanzar o proceso: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: o usuario %s non existe\n"
+
+msgid "too many groups\n"
+msgstr "hai grupos de máis\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: o grupo %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: nome de usuario \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nome de usuario \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: liña %d: liña non válida\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: non se pode actualizar a entrada do usuario %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: liña %d: non se pode crear o GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: liña %d: non se pode crear o GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: liña %d: non se pode actualizar o contrasinal\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: liña %d: a chamada a mkdir fallou\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: liña %d: a chamada a chown fallou\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: liña %d: non se pode actualizar a entrada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: non se pode crear %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: non se pode actualizar o ficheiro de grupos\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Contrasinal antigo: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduza o novo contrasinal (mínimo de %d, máximo de %d caracteres)\n"
+"Empregue unha combinación de maiúsculas, minúsculas e números.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduza o novo contrasinal (mínimo de %d, máximo de %d caracteres)\n"
+"Empregue unha combinación de maiúsculas, minúsculas e números.\n"
+
+msgid "New password: "
+msgstr "Novo contrasinal: "
+
+msgid "Try again."
+msgstr "Volva tentalo."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Aviso: contrasinal feble (introdúzao outra vez para o empregar igualmente)."
+
+msgid "They don't match; try again.\n"
+msgstr "Non coinciden; volva tentalo.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Non se pode cambiar o contrasinal de %s.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Non se pode cambiar o contrasinal de %s.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: non se soporta o repositorio %s\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Non pode ver ou modificar a información de contrasinal de %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "A cambiar o contrasinal de %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Non se cambiou o contrasinal de %s\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Cambiouse o contrasinal."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Aviso de caducidade de contrasinal"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "entrada do ficheiro de contrasinais non válida"
+
+msgid "duplicate password entry"
+msgstr "entrada de contrasinal duplicada"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nome de usuario \"%s\" non válido\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "nome de usuario \"%s\" non válido\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "usuario %s: non existe o grupo %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "usuario %s: o directorio %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "usuario %s: o programa %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: non se pode bloquear o ficheiro %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "non hai unha entrada do ficheiro de contrasinais que coincida en %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "¿engadir o usuario \"%s\" en %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "entrada do ficheiro de contrasinais shadow non válida"
+
+msgid "duplicate shadow password entry"
+msgstr "entrada de contrasinal shadow duplicada"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "usuario %s: último cambio de contrasinal no futuro\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: non se pode abrir o ficheiro %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: non se pode rescribir o ficheiro\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "O acceso a su para esa conta está DENEGADO.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Omitiuse a autenticación por contrasinal.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Introduza O SEU PROPIO contrasinal para autenticación.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: non se pode bloquear o ficheiro %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Emprego: su [opcións] [USUARIO]\n"
+"\n"
+"Opcións:\n"
+" -c, --command ORDE\t\tpasa a ORDE ao intérprete de ordes executado\n"
+" -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+" -, -l, --login\t\tfai que o intérprete de ordes sexa de \"login\"\n"
+" -m, -p,\n"
+" --preserve-environment\tnon reinicia as variables de ambiente e\n"
+"\t\t\t\tmantén o mesmo intérprete de ordes\n"
+" -s, --shell INTÉRPRETE\temprega o INTÉRPRETE no canto do normal\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignórase)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Non está autorizado para facer su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Introduza o seu propio contrasinal)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: a autenticación con PAM fallou\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Non está autorizado para facer su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Non hai unha entrada de contrasinal para \"root\""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: débese executar dende un terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start(): erro %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Non se pode executar %s"
+
+msgid "No password file"
+msgstr "Non é un ficheiro de contrasinais"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Non hai unha entrada de contrasinal para \"root\""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Escriba control-d para seguir co inicio normal,\n"
+"(ou escriba o contrasinal de root para o mantemento do sistema):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "A entrar no modo de mantemento do sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: non se pode crear o novo ficheiro de valores por defecto\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: non se pode abrir o novo ficheiro de valores por defecto\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: liña %d: a chamada a chown fallou\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: o grupo \"%s\" é un grupo NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: especificáronse grupos de máis (máximo %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: directorio base \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: comentario \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: directorio inicial \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: precísase de contrasinais shadow para -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: precísase de contrasinais shadow para -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: campo \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: intérprete de ordes \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+msgid "Creating mailbox file"
+msgstr "A crear o ficheiro da caixa do correo"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Non se atopou o grupo \"mail\". Hase crear a caixa do correo do usuario co "
+"modo 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "A estabrecer os permisos do ficheiro da caixa do correo"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: o usuario %s existe\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: o grupo %s existe - se quere engadir este usuario a este grupo, empregue "
+"-g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: non se pode crear %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: o UID %u non é único\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: non se pode crear %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: non se pode crear %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: non se pode crear %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: aviso: o directorio inicial xa existe.\n"
+"Non se copia nel ningún ficheiro do directorio skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: non se pode cambiar o usuario \"%s\" no cliente NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Non se pode eliminar o grupo %s, que é o grupo primario de outro "
+"usuario.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: directorio inicial \"%s\" non válido\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: aviso: non se pode eliminar "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s non pertence a %s, non se elimina\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: o usuario %s é un usuario NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: directorio inicial \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: non se elimina o directorio %s (había eliminar o directorio inicial do "
+"usuario %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: erro ao borrar o directorio %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: o usuario %s existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: data \"%s\" non válida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: data \"%s\" non válida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: non se pode abrir o ficheiro %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: precísase de contrasinais de shadow para -e e -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "O membro xa existe\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: o directorio %s existe\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: aviso: non se puido eliminar completamente o vello directorio inicial %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: aviso: %s non pertence a %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "non se puido cambiar o propietario da caixa do correo"
+
+msgid "failed to rename mailbox"
+msgstr "non se puido cambiar o nome da caixa do correo"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s non ten cambios\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "non se puido cambiar o nome da caixa do correo"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Non se puido bloquear o ficheiro"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Non se puido bloquear o ficheiro"
+
+msgid "Couldn't make backup"
+msgstr "Non se puido facer unha copia de seguridade"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: non se atopou %s en /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Non se pode abrir o ficheiro de grupos\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: campos longos de máis\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "non se puido cambiar o nome da caixa do correo"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "non se puido cambiar o propietario da caixa do correo"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "non se puido cambiar o nome da caixa do correo"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: non se pode restaurar %s: %s (os seus cambios están en %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: directorio base \"%s\" non válido\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Emprego: %s [entrada]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "A chamada a malloc(%d) fallou\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: chage [opcións] [USUARIO]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -d, --lastday ÚLTIMO\t\tfixa o último cambio de\tcontrasinal ao\n"
+#~ "\t\t\t\tdía ÚLTIMO\n"
+#~ " -E, --expiredate CADUCA\tfixa a data de caducidade ao día CADUCA\n"
+#~ " -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -I, --inactive INACTIVO\tfixa o tempo de inactividade do contrasinal\n"
+#~ "\t\t\t\ttrala caducidade a INACTIVO\n"
+#~ " -l, --list\t\t\tamosa a información de caducidade das contas\n"
+#~ " -m, --mindays MÃNIMO\t\tfixa o número mínimo de días antes do\n"
+#~ "\t\t\t\tcambio de contrasinal a MÃNIMO\n"
+#~ " -M, --maxdays MÃXIMO\t\tfixa o número máximo de días antes do\n"
+#~ "\t\t\t\tcambio de contrasinal a MÃXIMO\n"
+#~ " -W, --warndays AVISO\t\tfixa o número de días de aviso de caducidade\n"
+#~ "\t\t\t\ta AVISO\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: a autenticación con PAM fallou\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Emprego: %s [-f nome] [-r num_cuarto] [-w tlf_traballo]\n"
+#~ "\t[-h tlf_casa] [-o outro] [usuario]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Emprego: %s [-f nome] [-r num_cuarto] [-w tlf_traballo] [-h tlf_casa]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Emprego: chpasswd [opcións]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -e, --encrypted\tos contrasinais fornecidos xa están cifrados\n"
+#~ " -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -m, --md5\t\tempregar cifrado MD5 no canto de DES se os\n"
+#~ "\t\t\tcontrasinais fornecidos non están cifrados\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: chsh [opcións] [USUARIO]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -s, --shell INTÉRPRETE\tnovo intérprete de ordes da conta de usuario\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Emprego: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: non se pode abrir o ficheiro %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Emprego: groupdel grupo\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Emprego: %s [-r] [-s] [grupo [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Emprego: %s [-r] [-s] [grupo]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s e -r son incompatibles\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Emprego: groupdel grupo\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Emprego: groupdel grupo\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: lastlog [opcións]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -b, --before DÃAS\tamosa só os rexistros de última entrada de máis\n"
+#~ "\t\t\tde DÃAS días\n"
+#~ " -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -t, --time DÃAS\tamosa só os rexistros de última entrada de menos\n"
+#~ "\t\t\tde DÃAS días\n"
+#~ " -u, --user USUARIO\tamosa o rexistro de última entrada do USUARIO\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: passwd [opcións] [USUARIO]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -a, --all\t\t\tinforma do estado dos contrasinais en tódalas contas\n"
+#~ " -d, --delete\t\t\telimina o contrasinal da conta indicada\n"
+#~ " -e, --expire\t\t\tfai caducar o contrasinal da conta indicada\n"
+#~ " -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -k, --keep-tokens\t\tcambia o contrasinal só se caducou\n"
+#~ " -i, --inactive INACT\t\tcambia o tempo de inactividade trala "
+#~ "caducidade\n"
+#~ "\t\t\t\tda conta a INACT\n"
+#~ " -l, --lock\t\t\tbloquea a conta indicada\n"
+#~ " -n, --mindays MÃN\tfixa o número mínimo de días antes do cambio de\n"
+#~ "\t\t\t\tcontrasinal a MÃN\n"
+#~ " -q, --quiet\t\t\tmodo silencioso\n"
+#~ " -r, --repository REP\t\tcambia o contrasinal do repositorio REP\n"
+#~ " -S, --status\t\t\tinforma do estado do contrasinal da conta indicada\n"
+#~ " -u, --unlock\t\t\tdesbloquea a conta indicada\n"
+#~ " -w, --warndays AVISO\tfixa o tempo de aviso antes da caducidade a "
+#~ "AVISO\n"
+#~ "\t\t\t\tdías\n"
+#~ " -x, --maxdays MÃX\t\tfixa o número máximo de días antes do cambio de\n"
+#~ "\t\t\t\tcontrasinal a MÃX\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Emprego: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Emprego: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Emprego: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Emprego: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id. descoñecido: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Non hai un intérprete de ordes\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: userdel [opcións] USUARIO\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -f, --force\t\t\ttamén elimina os ficheiros se non son do usuario\n"
+#~ " -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -r, --remove\t\t\telimina o directorio inicial e o correo\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: o usuario %s está conectado\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Emprego: usermod [opcións] USUARIO\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -a, --append GRUPO\t\tengade o usuario ao GRUPO suplementario\n"
+#~ "\t\t\t\t(emprégueo só con -G)\n"
+#~ " -c, --comment COMENTARIO\tnovo valor do campo GECOS\n"
+#~ " -d, --home DIR_INICIAL\tnovo directorio inicial da conta de usuario\n"
+#~ " -e, --expiredate DATA_CAD\tfixa a data de caducidade da conta a "
+#~ "DATA_CAD\n"
+#~ " -f, --inactive INACTIVA\tfixa o tempo de inactividade do contrasinal\n"
+#~ "\t\t\t\ttrala caducidade a INACTIVA\n"
+#~ " -g, --gid GRUPO\t\tusa o GRUPO coma novo grupo primario\n"
+#~ " -G, --groups GRUPOS\t\tnova lista de GRUPOS suplementarios\n"
+#~ " -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -l, --login NOVO_USUARIO\tnovo valor do nome de usuario\n"
+#~ " -L, --lock\t\t\tbloquea a conta do usuario\n"
+#~ " -m, --move-home\t\tmove o contido do directorio inicial á nova\n"
+#~ "\t\t\t\tlocalización (emprégueo só con -d)\n"
+#~ " -o, --non-unique\t\tpermite empregar UIDs duplicados (non únicos)\n"
+#~ " -p, --password CONTRASINAL\temprega o constrasinal cifrado coma novo\n"
+#~ "\t\t\t\tcontrasinal\n"
+#~ " -s, --shell INTÉRPRETE\tnovo intérprete de ordes da conta de usuario\n"
+#~ " -u, --uid UID\t\t\tnovo UID para a conta de usuario\n"
+#~ " -U, --unlock\t\t\tdesbloquea a conta do usuario\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: non se forneceu ningún modificador\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: vipw [opcións]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -g, --group\t\tedita a base de datos de grupos\n"
+#~ " -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -p, --passwd\t\tedita a base de datos de contrasinais\n"
+#~ " -q, --quiet\t\tmodo silencioso\n"
+#~ " -s, --shadow\t\tedita a base de datos shadow ou gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Emprego: %s [entrada]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: non se pode crear %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: non se pode cambiar o propietario de %s\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: faillog [opcións]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -a, --all\t\tamosa os rexistros de entradas fallidas\tpara\n"
+#~ "\t\t\ttódolos usuarios\n"
+#~ " -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -l, --lock-time SEG\tdespois dunha entrada fallida bloquea a conta\n"
+#~ "\t\t\tdurante SEG segundos\n"
+#~ " -m, --maximum MÃX\tfixa os contadores de máximas entradas fallidas a "
+#~ "MÃX\n"
+#~ " -r, --reset\t\treinicia os contadores de entradas fallidas\n"
+#~ " -t, --time DÃAS\tamosa os rexistros de entradas fallidas máis\n"
+#~ "\t\t\trecentes que DÃAS\n"
+#~ " -u, --user USUARIO\tamosa o rexistro de entradas fallidas ou mantén\n"
+#~ "\t\t\tos contadores de fallos e límites (se se emprega coas\n"
+#~ "\t\t\topcións -r, -m ou -l) só do USUARIO\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: groupadd [opcións] GRUPO\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -f, --force\t\tforza a saída con éxito se o grupo indicado xa existe\n"
+#~ " -g, --gid GID\t\temprega o GID para o novo grupo\n"
+#~ " -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -K, --key CLAVE=VALOR\tignora os valores de /etc/login.defs\n"
+#~ " -o, --non-unique\tpermite crear un grupo cun GID duplicado (non único)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: groupmod [opcións] GRUPO\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -g, --gid GID\t\t\temprega o GID para o novo grupo\n"
+#~ " -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -n, --new-name NOVO_GRUPO\tcambia o nome do GRUPO por NOVO_GRUPO\n"
+#~ " -o, --non-unique\t\tpermite crear un grupo cun GID duplicado\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Emprego: useradd [opcións] USUARIO\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -b, --base-dir DIR_BASE\tdirectorio base para o directorio inicial\n"
+#~ "\t\t\t\tda nova conta de usuario\n"
+#~ " -c, --comment COMENTARIO\tfixa o campo GECOS da nova conta de usuario\n"
+#~ " -d, --home-dir DIR_INICIAL\tdirectorio inicial da nova conta de "
+#~ "usuario\n"
+#~ " -D, --defaults\t\tamosa ou grave a configuración modificada\n"
+#~ "\t\t\t\tde useradd\n"
+#~ " -e, --expiredate DATA_CAD\tfixa a data de caducidade da conta a "
+#~ "DATA_CAD\n"
+#~ " -f, --inactive INACTIVA\tfixa o tempo de inactividade do contrasinal\n"
+#~ "\t\t\t\ttrala caducidade a INACTIVA\n"
+#~ " -g, --gid GRUPO\t\tusa o GRUPO para a nova conta de usuario\n"
+#~ " -G, --groups GRUPOS\t\tlista de grupos suplementarios para a nova\n"
+#~ "\t\t\t\tconta de usuario\n"
+#~ " -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -k, --skel DIR_SKEL\t\tespecifica un directorio \"skel\" alternativo\n"
+#~ " -K, --key CLAVE=VALOR\t\tomite os valores por defecto de /etc/login."
+#~ "defs\n"
+#~ " -m, --create-home\t\tcrea o directorio inicial para a nova conta\n"
+#~ "\t\t\t\tde usuario\n"
+#~ " -o, --non-unique\t\tpermite crear usuarios con UIDs duplicados\n"
+#~ "\t\t\t\t(non únicos)\n"
+#~ " -p, --password CONTRASINAL\temprega o CONTRASINAL cifrado para a nova\n"
+#~ "\t\t\t\tconta de usuario\n"
+#~ " -s, --shell INTÉRPRETE\to intérprete de ordes da nova conta de usuario\n"
+#~ " -u, --uid UID\t\t\tusa o UID para a nova conta de usuario\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Vai caducar o contrasinal."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: non se pode actualizar o ficheiro de contrasinais shadow\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNome completo: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNúmero de cuarto: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTeléfono do traballo: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTeléfono da casa: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "Non se pode bloquear o ficheiro de contrasinais; volva tentalo despois.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Non se pode abrir o ficheiro de contrasinais.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Erro ao actualizar a entrada de contrasinal.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Non se poden gravar os cambios no ficheiro de contrasinais.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Non se pode desbloquear o ficheiro de contrasinais.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de grupos\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: erro ao actualizar o ficheiro shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: erro ao actualizar a entrada do grupo\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: liña %d: grupo %s descoñecido\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: liña %d: non se pode actualizar a entrada\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro shadow\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: erro ao actualizar o ficheiro shadow\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: erro ao actualizar o ficheiro de contrasinais\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: liña %d: usuario %s descoñecido\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: liña %d: non se pode actualizar a entrada de contrasinal\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: usuario descoñecido\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Usuario descoñecido: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Emprego: %s [-r|-R] grupo\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a usuario] grupo\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d usuario] grupo\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A usuario,...] [-M usuario,...] grupo\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M usuario,...] grupo\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: non se pode obter un bloqueo\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: non se pode obter o bloqueo de shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de shadow\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: non se pode desbloquear o ficheiro\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: non se pode actualizar a entrada\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: non se pode actualizar a entrada de shadow\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "grupo descoñecido: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro shadow\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "¿Quen é vostede?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: membro %s descoñecido\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: erro ao engadir a entrada do novo grupo\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de grupos\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de grupos\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: o GID %u non é único\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada do grupo\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada do grupo shadow\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: non se pode eliminar o grupo primario do usuario.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Non se atopou o membro a eliminar\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr "Emprego: groupmems -a usuario | -d usuario | -D | -l [-g grupo]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Só o administrador pode engadir membros a distintos grupos\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Precísase de acceso a grupos\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Non é o propietario primario do grupo actual\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "A autenticación con PAM fallou para\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Non se pode bloquear o ficheiro de grupos\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Non se pode pechar o ficheiro de grupos\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: non se atopou %s en /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u non é un GID único\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s non é un nome único\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de contrasinais\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: non se pode actualizar a entrada shadow para %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: non se pode actualizar a entrada do grupo %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: non se pode eliminar o grupo shadow %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: non se pode actualizar o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: non se pode borrar o ficheiro de grupos shadow\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "UID descoñecido: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID descoñecido: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: o grupo %s non existe\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: o usuario %s non existe\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nome de usuario \"%s\" non válido\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: non se pode bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: non se pode bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: non se pode bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: non se pode bloquear /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: non se pode abrir ficheiros\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: erro ao actualizar os ficheiros\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: non se pode actualizar a entrada de contrasinal para %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: non se pode eliminar a entrada shadow para %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: non se pode actualizar o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: non se pode actualizar a entrada do usuario %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: non se pode borrar o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: GID %s descoñecido\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: grupo %s descoñecido\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: esgotouse a memoria en update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: erro ao bloquear o ficheiro de grupos\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: erro ao abrir o ficheiro de grupos\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: erro ao bloquear o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: erro ao abrir o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: erro ao engadir a nova entrada de contrasinal\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: erro ao engadir a nova entrada de contrasinal shadow\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: aviso: CREATE_HOME non está soportado, empregue -m no seu canto.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: erro ao actualizar a entrada do grupo\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: erro ao actualizar a entrada do grupo\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada de contrasinal\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada de contrasinal shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: erro ao engadir a entrada do novo grupo\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: o uid %lu non é único\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: erro ao cambiar a entrada de contrasinal\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada de contrasinal\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada de contrasinal shadow\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: non se pode obter un GID único\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " en \"%.100s\" desde \"%.200s\""
+
+#~ msgid " on '%.100s'"
+#~ msgstr " en \"%.100s\""
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: liña %d: non se pode crear o UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: o nome %s non é único\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: chgpasswd [opcións]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ " -e, --encrypted\tos contrasinais fornecidos xa están cifrados\n"
+#~ " -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ " -m, --md5\t\tempregar cifrado MD5 no canto de DES se os\n"
+#~ "\t\t\tcontrasinais fornecidos non están cifrados\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Non é un ficheiro de contrasinais\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Perdón.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Aínda non se pode cambiar o contrasinal de %s.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Perdón."
diff --git a/po/he.po b/po/he.po
new file mode 100644
index 0000000..ec42d1c
--- /dev/null
+++ b/po/he.po
@@ -0,0 +1,2554 @@
+# Hebrew translation of shadow.
+# Copyright (C) 2004 THE shadow'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the shadow package.
+# Lior Kaplan <webmaster@guides.co.il>, 2004.
+#
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2004-07-21 23:59+0300\n"
+"Last-Translator: Lior Kaplan <webmaster@guides.co.il>\n"
+"Language-Team: Hebrew <en@li.org>\n"
+"Language: he\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "×œ× ×™×›×•×œ להקצות ×ž×§×•× ×‘×©×‘×™×œ מידע על הקונפיגורציה.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "שגי×ת הגדרות - רכיב ×œ× ×™×“×•×¢ '%s' (הודע למנהל)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "סיסמה: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "הסיסמה של %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "×œ× ×™×›×•×œ להקצות ×ž×§×•× ×‘×©×‘×™×œ מידע על הקונפיגורציה.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "שנה מידע הזדקות בשביל %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: ×œ× ×™×›×•×œ לקבוע ×ת ×©× ×”×ž×©×ª×ž×© שלך.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: ×œ× ×™×›×•×œ לקבוע ×ת ×©× ×”×ž×©×ª×ž×© שלך.\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לכתוב מחדש קובץ סיסמ×ות\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't open shadow file\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לפתוח קובץ צל\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "×זהרה: קבוצה ×œ× ×ž×•×›×¨×ª %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "×זהרה: יותר מידי קבוצות\n"
+
+msgid "Your password has expired."
+msgstr "תוקף הסיסמה שלך פג."
+
+msgid "Your password is inactive."
+msgstr "הסיסמה שלך ××™× ×” פעילה."
+
+msgid "Your login has expired."
+msgstr "תוקף הכניסה שלך למערכת פג."
+
+msgid " Contact the system administrator."
+msgstr " צור קשר ×¢× ×ž× ×”×œ המערכת."
+
+msgid " Choose a new password."
+msgstr " בחר סיסמה חדשה."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "תוקף הסיסמה שלך יפוג בתוך %ld ימי×.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "תוקף הסיסמה שלך יפוג מחר."
+
+msgid "Your password will expire today."
+msgstr "תוקף הסיסמה שלך פג היו×."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "×œ× ×™×›×•×œ לשנות tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: שדות ××¨×•×›×™× ×ž×™×“×™\n"
+
+#, fuzzy, c-format
+msgid "%s: "
+msgstr "passwd: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "הצפת סביבה\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "×ינך רש××™ לשנות ×ת $%s\n"
+
+#, fuzzy, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] "%d שגי××” מ××– כניסה ×חרונה למערכת. ×”×חרונה היתה %s על %s.\n"
+msgstr[1] "%d שגי××” מ××– כניסה ×חרונה למערכת. ×”×חרונה היתה %s על %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: שדות ××¨×•×›×™× ×ž×™×“×™\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+msgid "Too many logins.\n"
+msgstr "יותר מידי כניסות למערכת.\n"
+
+msgid "You have new mail."
+msgstr "יש לך דו×ר חדש."
+
+msgid "No mail."
+msgstr "×ין דו×ר."
+
+msgid "You have mail."
+msgstr "יש לך דו×ר."
+
+msgid "no change"
+msgstr ""
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "סיסמה ×œ× ×˜×•×‘×”: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr ""
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+msgid "passwd: password unchanged\n"
+msgstr "סיסמה: "
+
+msgid "passwd: password updated successfully\n"
+msgstr ""
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: מספר טלפון בבית ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "×œ× ×™×›×•×œ לבצע cd ל-\"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "×ין ספריה, נכנס למערכת ×¢× HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "×œ× ×™×›×•×œ להריץ %s"
+
+#, fuzzy, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "×œ× ×™×›×•×œ לשנות ספרית שורש ל-\"%s\"\n"
+
+#, fuzzy
+msgid "Unable to determine your tty name."
+msgstr "%s: ×œ× ×™×›×•×œ לקבוע ×ת ×©× ×”×ž×©×ª×ž×© שלך.\n"
+
+msgid "No"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "הכנס ערך חדש, ×ו לחץ ENTER לברירת המחדל"
+
+msgid "Minimum Password Age"
+msgstr "גיל סיסמה מינימלי"
+
+msgid "Maximum Password Age"
+msgstr "גיל סיסמה מקסימלי"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "שינוי סיסמה ×חרון (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "×זהרת תוקף סיסמה"
+
+msgid "Password Inactive"
+msgstr "סיסמה ×œ× ×¤×¢×™×œ×”"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "ת×ריך תוקף חשבון (YYYY-MM-DD)"
+
+#, fuzzy
+msgid "Last password change\t\t\t\t\t: "
+msgstr "שינוי סיסמה ×חרון (YYYY-MM-DD)"
+
+#, fuzzy
+msgid "never"
+msgstr "××£ פע×"
+
+msgid "password must be changed"
+msgstr ""
+
+#, fuzzy
+msgid "Password expires\t\t\t\t\t: "
+msgstr "תוקף סיסמה:\t"
+
+#, fuzzy
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "חסור פעילות סיסמה:\t"
+
+#, fuzzy
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "תוקף חשבון:\t"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: הגישה × ×סרה\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: ×œ× ×™×›×•×œ לקבוע ×ת ×©× ×”×ž×©×ª×ž×© שלך.\n"
+
+#, fuzzy, c-format
+msgid "%s: PAM: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot lock the password file; try again later.\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "×œ× ×™×›×•×œ לנעול קובץ סיסמ×ות; נסה שוב מ×וחר יותר\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't open shadow file\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לפתוח קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: ×œ× ×™×›×•×œ לפתוח קובץ סיסמ×ות צל\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "שנה מידע הזדקות בשביל %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: שגי××” בשינוי שדות\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "×©× ×ž×œ×"
+
+#, fuzzy, c-format
+msgid "\t%s: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "Room Number"
+msgstr "מספר חדר"
+
+msgid "Work Phone"
+msgstr "מספר טלפון בעבודה"
+
+msgid "Home Phone"
+msgstr "מספר טלפון בבית"
+
+msgid "Other"
+msgstr "×חר"
+
+msgid "Cannot change ID to root.\n"
+msgstr "×œ× ×™×›×•×œ לשנות ID ל-root\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: מספר חדר ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: מספר טלפון בבית ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" מכיל ×ª×•×•×™× ×œ× ×—×•×§×™×™×\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" מכיל ×ª×•×•×™× ×œ× ×—×•×§×™×™×\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "משנה מידע בשביל המשתמש %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: שדות ××¨×•×›×™× ×ž×™×“×™\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: שורה %d: שורה ×רוכה מידי\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: שורה %d: חסרה סיסמה חדשה\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: שורה %d: משתמש ×œ× ×ž×•×›×¨ %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: שגי××” זוהתה, ×ž×ª×¢×œ× ×ž×©×™× ×•×™×™×\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: unknown user %s\n"
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: שורה %d: משתמש ×œ× ×ž×•×›×¨ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: unknown user %s\n"
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: שורה %d: משתמש ×œ× ×ž×•×›×¨ %s\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "מעטפת כניסה למערכת"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "×ינך רש××™ לשנות ×ת המעטפת בשביל %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "משנה מעטפת כניסה למערכת בשביל %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: רשומה ×œ× ×—×•×§×™×ª: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s ×”×™× ×ž×¢×˜×¤×ª ×œ× ×—×•×§×™×ª.\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr ""
+
+#, c-format
+msgid " [%lus left]"
+msgstr ""
+
+#, c-format
+msgid " [%lds lock]"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+
+msgid "The options cannot be combined.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr ""
+
+msgid "New Password: "
+msgstr ""
+
+msgid "Re-enter new password: "
+msgstr ""
+
+msgid "They don't match; try again"
+msgstr ""
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr ""
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr ""
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: ×œ× ×™×›×•×œ לקבוע ×ת ×©× ×”×ž×©×ª×ž×© שלך.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "שימוש: %s [-r|-R] group\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid group file entry"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr ""
+
+#, fuzzy
+msgid "duplicate group entry"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "invalid group name '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid shadow group file entry"
+msgstr "%s: שגי××” בעדכון קובץ צל\n"
+
+#, fuzzy
+msgid "duplicate shadow group entry"
+msgstr "%s: שגי××” בעדכון קובץ צל\n"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "שימוש: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "שימוש: id\n"
+
+msgid " groups="
+msgstr ""
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr ""
+
+msgid "Username Port Latest"
+msgstr ""
+
+msgid "**Never logged in**"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: ×œ× ×™×›×•×œ לעדכן קובץ סיסמ×ות\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "שימוש: %s [-p] [name]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr ""
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr ""
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s login: "
+msgstr ""
+
+msgid "login: "
+msgstr ""
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr ""
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: ×œ× ×™×›×•×œ לקבוע ×ת ×©× ×”×ž×©×ª×ž×© שלך.\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr ""
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr ""
+
+#, c-format
+msgid " from %.*s"
+msgstr ""
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "שימוש: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr ""
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "סיסמה ×œ× ×˜×•×‘×”: %s. "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+msgid "too many groups\n"
+msgstr ""
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: unknown user %s\n"
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: שורה %d: משתמש ×œ× ×ž×•×›×¨ %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: missing new password\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: שורה %d: חסרה סיסמה חדשה\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+msgid "New password: "
+msgstr ""
+
+msgid "Try again."
+msgstr ""
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+
+msgid "They don't match; try again.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "×ינך רש××™ לשנות ×ת המעטפת בשביל %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: password changed.\n"
+msgstr "סיסמה: "
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "×זהרת תוקף סיסמה"
+
+#, fuzzy, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "שימוש: %s [-p] [name]\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid password file entry"
+msgstr "×œ× ×™×›×•×œ לנעול קובץ סיסמ×ות; נסה שוב מ×וחר יותר"
+
+#, fuzzy
+msgid "duplicate password entry"
+msgstr "שגי××” בעדכון רשומת הסיסמה."
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "%s: שורה %d: משתמש ×œ× ×ž×•×›×¨ %s\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "no tcb directory for %s\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "create tcb directory for %s?"
+msgstr "×œ× ×™×›×•×œ לשנות ספרית שורש ל-\"%s\"\n"
+
+#, fuzzy, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "×œ× ×™×›×•×œ לשנות ספרית שורש ל-\"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't open shadow file\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: ×œ× ×™×›×•×œ לפתוח קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "×œ× ×™×›×•×œ לנעול קובץ סיסמ×ות; נסה שוב מ×וחר יותר\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid shadow password file entry"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ סיסמ×ות צל"
+
+#, fuzzy
+msgid "duplicate shadow password entry"
+msgstr "%s: ×œ× ×™×›×•×œ לעדכן קובץ סיסמ×ות צל"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לכתוב מחדש קובץ סיסמ×ות\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock shadow file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr ""
+
+msgid "Password authentication bypassed.\n"
+msgstr ""
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: ×œ× ×™×›×•×œ לקבוע ×ת ×©× ×”×ž×©×ª×ž×© שלך.\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s\n"
+msgstr "passwd: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr ""
+
+msgid "(Enter your own password)"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: זיהוי PAM נכשל\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr ""
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr ""
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "×œ× ×™×›×•×œ להריץ %s"
+
+#, fuzzy
+msgid "No password file"
+msgstr " בחר סיסמה חדשה.\n"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr ""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+
+msgid "Entering System Maintenance Mode"
+msgstr ""
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לכתוב מחדש קובץ סיסמ×ות\n"
+
+#, fuzzy, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr ""
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: ×œ× ×™×›×•×œ לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't open shadow file\n"
+msgid "%s: no options\n"
+msgstr "%s: ×œ× ×™×›×•×œ לפתוח קובץ צל\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr ""
+
+msgid "failed to change mailbox owner"
+msgstr ""
+
+msgid "failed to rename mailbox"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: שדות ××¨×•×›×™× ×ž×™×“×™\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "סיסמה: "
+
+msgid "failed to create scratch directory"
+msgstr ""
+
+#, fuzzy
+msgid "failed to drop privileges"
+msgstr "%s: מספר טלפון בעבודה ×œ× ×—×•×§×™: \"%s\"\n"
+
+msgid "Couldn't get file context"
+msgstr ""
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr ""
+
+msgid "Couldn't make backup"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s: %s\n"
+msgstr "passwd: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: שדות ××¨×•×›×™× ×ž×™×“×™\n"
+
+msgid "failed to stat edited file"
+msgstr ""
+
+msgid "failed to allocate memory"
+msgstr ""
+
+msgid "failed to create backup file"
+msgstr ""
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "ספרית שורש ×œ× ×—×•×§×™×ª \"%s\"\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) נכשל\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: זיהוי PAM נכשל\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "שימוש: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "שימוש: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "שימוש: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "שימוש: id\n"
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "תוקף הסיסמה שלך פג."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ סיסמ×ות\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לפתוח קובץ סיסמ×ות\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ סיסמ×ות צל\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לפתוח קובץ סיסמ×ות צל\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לכתוב מחדש קובץ סיסמ×ות צל\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לכתוב מחדש קובץ סיסמ×ות\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לעדכן קובץ סיסמ×ות צל\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\t×©× ×ž×œ×: %s\n"
+
+#, fuzzy
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "מספר חדר"
+
+#, fuzzy
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "מספר טלפון בעבודה"
+
+#, fuzzy
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "מספר טלפון בבית"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "×œ× ×™×›×•×œ לפתוח ×ת קובץ הסיסמ×ות.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "שגי××” בעדכון רשומת הסיסמה.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "×œ× ×™×›×•×œ לבצע ×©×™× ×•×™×™× ×‘×§×•×‘×¥ הסיסמ×ות.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "×œ× ×™×›×•×œ לשחרר נעילה של קובץ הסיסמ×ות.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: שגי××” בעדכון קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: שגי××” בעדכון קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: שגי××” בעדכון קובץ צל\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: שגי××” בעדכון קובץ סיסמ×ות\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: שורה %d: ×œ× ×™×›×•×œ לעדכן רשומת סיסמה\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לפתוח קובץ צל\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: זיהוי PAM נכשל\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "×œ× ×™×›×•×œ לבצע cd ל-\"%s\"\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "×œ× ×™×›×•×œ לשחרר נעילה של קובץ הסיסמ×ות.\n"
+
+#, fuzzy
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: ×©× ×œ× ×—×•×§×™: \"%s\"\n"
+
+#, fuzzy
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "%s: שורה %d: משתמש ×œ× ×ž×•×›×¨ %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: ×œ× ×™×›×•×œ לנעול קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: שורה %d: משתמש ×œ× ×ž×•×›×¨ %s\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: שגי××” בעדכון קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: שגי××” בעדכון קובץ צל\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr " בחר סיסמה חדשה.\n"
diff --git a/po/hu.po b/po/hu.po
new file mode 100644
index 0000000..310034b
--- /dev/null
+++ b/po/hu.po
@@ -0,0 +1,3641 @@
+# Gabor Kelemen <kelemeng@gnome.hu>, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-25 20:56+0100\n"
+"Last-Translator: SZERVÃC Attila <sas@321.hu>\n"
+"Language-Team: Hungarian <gnome@gnome.hu>\n"
+"Language: hu\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Poedit-Language: Hungarian\n"
+"X-Poedit-Country: HUNGARY\n"
+"X-Generator: KBabel 1.11.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Sikertelen helyfoglalás a beállítási infónak.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "beállítási hiba - ismeretlen '%s' elem (értesítsd a rendszergazdát)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Jelszó: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s jelszava: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Sikertelen helyfoglalás a beállítási infónak.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s elévülési információinak módosítása\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: A felhasználóneved megállapítása sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: %d. sor: nem találom e felhasználót: %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: a memória elfogyott\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: %s fájl nem frissíthető\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: érvénytelen saját könyvtár: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: figyelem: nem törölhető: "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: figyelem: nem törölhető: "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: átnevezés: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: figyelem: nem törölhető: "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: figyelem: nem törölhető: "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: %s fájl nem frissíthető\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: nem tudom frissíteni a \"shadow\" fájlt\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: átnevezés: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %s fájl nem nyitható meg\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Figyelem: ismeretlen %s csoport\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Figyelem: túl sok csoport\n"
+
+msgid "Your password has expired."
+msgstr "A jelszó lejárt"
+
+msgid "Your password is inactive."
+msgstr "A jelszó inaktív"
+
+msgid "Your login has expired."
+msgstr "A bejelentkezés lejárt"
+
+msgid " Contact the system administrator."
+msgstr " Fordulj a rendszergazdához."
+
+msgid " Choose a new password."
+msgstr " Adj új jelszót"
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "A jelszó %ld nap múlva lejár.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Jelszavad már csak holnapig érvényes"
+
+msgid "Your password will expire today."
+msgstr "Jelszavad érvényessége ma lejár"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Nem lehet a következő terminálra váltani: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: túl hosszú mezők\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Környezeti túlcsordulás\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Nem módosítható a következő: $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d hiba az utolsó bejelentkezés óta\n"
+"A legutóbbi: %s itt: %s\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "a postafiók tulajdonosának váltása sikertelen"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: nem kérhető le egyedi felhasználói azonosító\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: nem szerezhető be egyedi csoportazonosító\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: nem kérhető le egyedi felhasználói azonosító\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: nem kérhető le egyedi felhasználói azonosító\n"
+
+msgid "Too many logins.\n"
+msgstr "Túl sok bejelentkezés\n"
+
+msgid "You have new mail."
+msgstr "Új leveled érkezett"
+
+msgid "No mail."
+msgstr "Nincs leveled"
+
+msgid "You have mail."
+msgstr "Levelek kiolvasva"
+
+msgid "no change"
+msgstr "nem változott"
+
+msgid "a palindrome"
+msgstr "egy palindróma"
+
+msgid "case changes only"
+msgstr "csak változások esetén"
+
+msgid "too similar"
+msgstr "túl hasonló"
+
+msgid "too simple"
+msgstr "túl egyszerű"
+
+msgid "rotated"
+msgstr "fordított"
+
+msgid "too short"
+msgstr "túl rövid"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Rossz jelszó: %s."
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() sikertelen, hibakód: %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Jelszó módosítva."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: a jelszó sikeresen frissült\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Hibás jelszó ehhez: %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: érvénytelen otthoni telefonszám: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "nem lehet könyvtárat váltani ide: \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Ismeretlen könyvtár, bejelentkezés így: HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s nem futtatható"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Érvénytelen gyökérkönyvtár: \"%s\"\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Nem lehet a gyökérkönyvtárba váltani: \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Sikertelen tty név meghatározás."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Nem\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Add meg az új értéket vagy üss ENTER-t az alapértelmezetthez"
+
+msgid "Minimum Password Age"
+msgstr "Minimum jelszó-kor"
+
+msgid "Maximum Password Age"
+msgstr "Maximum jelszó-kor"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Utolsó jelszóváltás (ÉÉÉÉ-HH-NN)"
+
+msgid "Password Expiration Warning"
+msgstr "Jelszó elévülési figyelmeztetés"
+
+msgid "Password Inactive"
+msgstr "Inaktív jelszó"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Hozzáférés elévülési dátum (ÉÉÉÉ-HH-NN)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Utolsó jelszóváltás\t\t\t\t\t: "
+
+msgid "never"
+msgstr "soha"
+
+msgid "password must be changed"
+msgstr "jelszóváltás kötelező"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Jelszó lejár\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Jelszó inaktív\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Hozzáférés lejár\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "A jelszómódosítások közti legkevesebb nap\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "A jelszómódosítások közti legtöbb nap\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "A jelszó lejárata előtt figyelmeztetés napok száma\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: érvénytelen dátum: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: érvénytelen numerikus argumentum: \"%s\"\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: ne add meg más jelzőkkel a \"l\"-t\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Hozzáférés megtagadva.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: A felhasználóneved megállapítása sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: fájlok zárolása sikertelen, próbáld később\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: %s fájl nem nyitható meg\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: hiba a következő indításakor: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: nincs meg az árnyék jelszófájl\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s elévülési információinak módosítása\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: hiba a mezők módosításakor\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "TELJES Név"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Szobaszám"
+
+msgid "Work Phone"
+msgstr "Munkahelyi telefon"
+
+msgid "Home Phone"
+msgstr "Otthoni telefon"
+
+msgid "Other"
+msgstr "Egyéb"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Az ID nem cserélhető root-ra.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: érvénytelen név: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: érvénytelen szobaszám: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: érvénytelen munkahelyi telefonszám: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: érvénytelen otthoni telefonszám: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" illegális karaktereket tartalmaz\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" illegális karaktereket tartalmaz\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: `%s' felhasználó nem módosítható NIS kliensen.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: `%s' a NIS mester ehhez a klienshez.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%s felhasználói információinak cseréje\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: túl hosszú mezők\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: -a kapcsoló CSAK -G-vel megy\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: %d. sor: túl hosszú\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: %d. sor: hiányzó új jelszó\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: %s csoport nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: %d. sor: nem tudom frissíteni a bejegyzést\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: hibákat észleltem, a változások elvetve\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Bejelentkező héj"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Nem módosíthatod %s parancsértelmezőjét.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Bejelentkező héj ehhez: %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Érvénytelen bejegyzés: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s érvénytelen héj.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: figyelem: %s tulajdonosa nem %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: váratlan argumentum: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Név Hibás Maximális Legutóbbi Ezen\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds van hátra]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds zárolva]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Ismeretlen felhasználó: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "%s jelszava nem változtatható\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "%s jelszava nem változtatható\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: árnyék csoport jelszavak kellenek ehhez: -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: %s csoport nem létezik\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: hiba a következő indításakor: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "%s csoport jelszavának cseréje\n"
+
+msgid "New Password: "
+msgstr "Új jelszó: "
+
+msgid "Re-enter new password: "
+msgstr "Új jelszó ismét: "
+
+msgid "They don't match; try again"
+msgstr "Nem egyeznek; próbáld újra"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Próbáld később\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "%s felhasználó hozzáadása %s csoporthoz\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "%s felhasználó törlése %s csoportból\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Nem tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s rossz csoport név\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "érvénytelen csoportnév: `%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K KULCS=ÉRTÉK párost kíván\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: %s csoport létezik\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "A tag már létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: A felhasználóneved megállapítása sikertelen\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: `%s' felhasználó nem módosítható NIS kliensen.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: %s csoport nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: a(z) \"%s\" csoport egy NIS csoport.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s a NIS mester\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: %s egy NIS felhasználó\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: elfogyott a memória az update_group során\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "érvénytelen csoportnév: `%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: %s egy NIS csoport\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: ismeretlen %s felhasználó\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s és -r inkompatibilisek\n"
+
+msgid "invalid group file entry"
+msgstr "érvénytelen csoport fájl bejegyzés"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "törlöd a következő sort: `%s'? "
+
+msgid "duplicate group entry"
+msgstr "dupla csoport bejegyzés"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "érvénytelen csoportnév: `%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "érvénytelen csoportnév: `%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "%s csoport: nincs %s felhasználó\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "törlöd a következő tagot: `%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "nincs megfelelő csoportfájl bejegyzés a következőben: %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "hozzáadod a(z) %s csoportot a következőhöz: %s ?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "érvénytelen árnyék csoport fájl bejegyzés"
+
+msgid "duplicate shadow group entry"
+msgstr "dupla árnyék csoport bejegyzés"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "%s árnyék csoport: nincs %s adminisztratív felhasználó\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "törlöd az adminisztratív %s tagot? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "%s árnyék csoport: nincs %s felhasználó\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: fájlok frissítve\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: nincs változás\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: %s fájl nem frissíthető\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Használat: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Használat: id\n"
+
+msgid " groups="
+msgstr " csoportok="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "Felhasználónév Port Innen Legutóbb"
+
+msgid "Username Port Latest"
+msgstr "Felhasználónév Port Legutóbb"
+
+msgid "**Never logged in**"
+msgstr "**Sosem lépett be**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: a jelszófájl frissítése sikertelen\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Használat: %s [-p] [név]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h host] [-f név]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Érvénytelen bejelentkezési idő"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Rendszer lezárva rutin karbantartásra"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Leválasztás átlépve -- root bejelentkezés engedélyezett]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Nincs utmp bejegyzés. Futtasd a \"login\"-t a legalacsonyabb szintű \"sh\"-"
+"ból."
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"A bejelentkezés %d mp. után elkésett\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM hiba, törölve: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s bejelentkezés: "
+
+msgid "login: "
+msgstr "bejelentkezés: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Próbálkozások megengedett száma átlépve (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: a PAM törlést kért\n"
+
+msgid "Login incorrect"
+msgstr "Hibás bejelentkezés"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: %d. sor: nem találom e felhasználót: %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s bejelentkezés: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: hiba a következő indításakor: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Figyelem: a bejelentkezés ismét lehetséges az átmeneti kizárás után."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Utolsó bejelentkezés: %s ide: %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Utolsó bejelentkezés: %.19s ide: %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " innen: %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"bejelentkezési idő átlépve\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Használat: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Használat: newgrp [-] [csoport]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Használat: sg csoport [[-c] parancs]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Régi jelszó: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: hiba a következő indításakor: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+msgid "too many groups\n"
+msgstr "túl sok csoport\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: %s csoport nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: érvénytelen '%s' felhasználónév\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: érvénytelen '%s' felhasználónév\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: %d. sor: érvénytelen sor\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: nem tudom frissíteni %s felhasználó bejegyzését\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: %d. sor: GID létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: %d. sor: GID létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: %d. sor: jelszó frissítése sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: %d. sor: mkdir sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: %d. sor: chown sikertelen\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: %d. sor: nem tudom frissíteni a bejegyzést\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: %s létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: nem tudom frissíteni a csoport fájlt\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Régi jelszó: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Add meg az új jelszót (minimum %d, maximum %d karakter)\n"
+"Biztonság: kérlek használj vegyesen Nagy és kisbetűket és számokat.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Add meg az új jelszót (minimum %d, maximum %d karakter)\n"
+"Biztonság: kérlek használj vegyesen Nagy és kisbetűket és számokat.\n"
+
+msgid "New password: "
+msgstr "Új jelszó: "
+
+msgid "Try again."
+msgstr "Próbáld újra"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Figyelem: Gyenge jelszó! (add meg újra, ha tényleg ezt akarod)."
+
+msgid "They don't match; try again.\n"
+msgstr "Nem egyeznek; próbáld újra\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s jelszava nem változtatható\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s jelszava nem változtatható\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: %s tár nem támogatott\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: %s jelszavát nem olvashatod és cserélheted.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s jelszavának cseréje\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s jelszava változatlan.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Jelszó módosítva."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Jelszó elévülési figyelmeztetés"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "Érvénytelen jelszófájl bejegyzés"
+
+msgid "duplicate password entry"
+msgstr "dupla jelszó bejegyzés"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "érvénytelen '%s' felhasználó név\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "érvénytelen '%s' felhasználó név\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "%s felhasználó: nincs %u csoport\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "%s felhasználó: %s könyvtár nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "%s felhasználó: %s program nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %s fájl nem zárolható\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "nincs megfelelő jelszófájl bejegyzés a következőben: %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "hozzáadja \"%s\" felhasználót a következőbe: %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "érvénytelen árnyék jelszófájl bejegyzés"
+
+msgid "duplicate shadow password entry"
+msgstr "dupla árnyék jelszó bejegyzés"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "%s felhasználó: az utolsó jelszómódosítás időpontja a jövőben van\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: %s fájl nem nyitható meg\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: nem tudom újraírni a fájlt\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "A su-zás e hozzáféréshez ELUTASÃTVA.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Jelszó hitelesítés átlépve.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Add meg SAJÃT jelszavad a hitelesítéshez.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: %s fájl nem zárolható\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+# CHECK!
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Használat: su [kapcsolók] [NÉV]\n"
+"\n"
+"Kapcsolók:\n"
+" -c, --command PARANCS a PARANCS átadása a meghívott héjnak\n"
+" -h, --help kiírja e súgót és kilép\n"
+" -, -l, --login a héj bejelentkezési héjjá tétele\n"
+" -m, -p,\n"
+" --preserve-environment nem állítja vissza a környezeti változókat\n"
+" és megtartja ugyanazt a héjat\n"
+" -s, --shell HÉJ a HÉJ használata a\n"
+" passwd-ben megadott alapértelmezett helyett\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ãtlépve)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Nem vagy jogosult ehhez: su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Add meg saját jelszavad)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM hitelesítési hiba\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Nem vagy jogosult ehhez: su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Nincs 'root' jelszó bejegyzés"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: terminálból kell futnia\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: hiba: %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "%s nem futtatható"
+
+msgid "No password file"
+msgstr "Nincs jelszófájl"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Nincs 'root' jelszó bejegyzés"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Üsd le a control-d a szokásos indítás továbblépéséhez\n"
+"(vagy add meg a root jelszót a rendszer karbantartásához):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Belépés a rendszerkarbantartó módba"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: nem tudom létrehozni az új defaults fájlt\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: nem tudom megnyitni az új defaults fájlt\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: %d. sor: chown sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: átnevezés: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: a(z) \"%s\" csoport egy NIS csoport.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: túl sok csoport van megadva (max %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: érvénytelen alapkönyvtár: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: érvénytelen megjegyzés: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: érvénytelen saját könyvtár: \"%s\"\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: a -e árnyék jelszavakat vár\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: a -f árnyék jelszavakat vár\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: érvénytelen mező: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: érvénytelen parancsértelmező: \"%s\"\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+msgid "Creating mailbox file"
+msgstr "Postafiókfájl létrehozása"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"A \"mail\" csoport nem található. A felhasználó postafiókfájlja 0600 "
+"móddalkerül létrehozásra.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "A postafiókfájl jogosultságainak beállítása"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: %s felhasználó létezik\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: %s csoport létezik - ha e felhasználót e csoporthoz akarod adni, "
+"használd a -g-t.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: %s létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u nem egyedi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: %s létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: %s létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: %s létrehozása sikertelen\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: figyelem: a saját könyvtár már létezik.\n"
+"Nem másolok semmit bele a vázkönyvtárból.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: `%s' felhasználó nem módosítható NIS kliensen.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Nem tudom %s csoportot törölni, ami egy másik felhasználó elsődleges "
+"csoportja.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: érvénytelen saját könyvtár: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: figyelem: nem törölhető: "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s tulajdonosa nem %s, nem törlöm\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: %s egy NIS felhasználó\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: érvénytelen saját könyvtár: \"%s\"\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: nem törlöm %s könyvtárat (%s saját könyvtára)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: hiba %s könyvtár törlésekor\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: %s felhasználó létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: érvénytelen dátum: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: érvénytelen dátum: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: %s fájl nem nyitható meg\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e és -f árnyék jelszavakat vár\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "A tag már létezik\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: %s könyvtár létezik\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: figyelem: nem sikerült a régi %s saját könyvtár teljes törlése"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: figyelem: %s tulajdonosa nem %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "a postafiók tulajdonosának váltása sikertelen"
+
+msgid "failed to rename mailbox"
+msgstr "a postafiók átnevezése sikertelen"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s is változatlan\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "a postafiók átnevezése sikertelen"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Nem tudtam zárolni a fájlt"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Nem tudtam zárolni a fájlt"
+
+msgid "Couldn't make backup"
+msgstr "Nem tudtam biztonsági másolatot készíteni"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s nem található a /etc/passwd-ben\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Csoport fájl megnyitása sikertelen\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: túl hosszú mezők\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "a postafiók átnevezése sikertelen"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "a postafiók tulajdonosának váltása sikertelen"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "a postafiók átnevezése sikertelen"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: nem tudom visszaállítani %s-t: %s (módosításaid itt vannak: %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: érvénytelen alapkönyvtár: \"%s\"\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Használat: %s [bemenet]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "Sikertelen malloc(%d)\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: chage [kapcsolók] [NÉV]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -d, --lastday UTOLSÓ_NAP utolsó jelszómódosítás beállítása az\n"
+#~ " UTOLSÓ_NAPRA\n"
+#~ " -E, --expiredate LEJÃRATI_DÃTUM fiók lejárati dátumának beállítása a\n"
+#~ " LEJÃRATI_DÃTUMRA\n"
+#~ " -h, --help ezen súgószöveg megjelenítése és "
+#~ "kilépés\n"
+#~ " -I, --inactive INAKTÃV a jelszó inaktívvá tétele lejárat "
+#~ "után\n"
+#~ " az INAKTÃV értékre\n"
+#~ " -l, --list fiókelévülési információk "
+#~ "megjelenítése\n"
+#~ " -m, --mindays MIN_NAPOK napok minimális számának beállítása\n"
+#~ " jelszómódosítás előtt a MIN_NAPOK "
+#~ "értékre\n"
+#~ " -M, --maxdays MAX_NAPOK napok maximális számának beállítása\n"
+#~ " jelszómódosítás előtt a MAX_NAPOK "
+#~ "értékre\n"
+#~ " -W, --warndays FIGYELM_NAPOK a lejáratra figyelmeztetés napjai\n"
+#~ " számának beállítása FIGYELM_NAPOK-ra\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM hitelesítési hiba\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Használat: %s [-f TELJES_Név] [-r szobaszám] [-w munka_tel]\n"
+#~ "\t[-h otthoni_tel] [-o egyéb] [felhasználónév]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Használat: %s [-f TELJES_Név] [-r szobaszám] [-w munka_tel] \t[-h "
+#~ "otthoni_tel]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Használat: chpasswd [kapcsolók]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -e, --encrypted a megadott jelszavak titkosítottak\n"
+#~ " -h, --help ezen súgó megjelenítése és kilépés\n"
+#~ " -m, --md5 MD5 titkosítás használata DES helyett,ha "
+#~ "a\n"
+#~ " megadott jelszavak nem titkosítottak\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: chsh [kapcsolók] NÉV\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -h, --help kiírja e súgót és kilép\n"
+#~ " -s, --shell új bejelentkező héj a felhasználói "
+#~ "fiókhoz\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Használat: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: %s fájl nem nyitható meg\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Használat: groupdel csoport\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Használat: %s [-r] [-s] [csoport [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Használat: %s [-r] [-s] [csoport]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s és -r inkompatibilisek\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Használat: groupdel csoport\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Használat: groupdel csoport\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: lastlog [kapcsolók]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -b, --before NAP csak a NAPOK számánál régebbi lastlog\n"
+#~ " rekordok megjelenítése\n"
+#~ " -h, --help ezen súgószöveg megjelenítése és kilépés\n"
+#~ " -t, --time NAP csak a megadott NAPNÃL újabb lastlog\n"
+#~ " rekordok kiírása\n"
+#~ " -u, --user NÉV a megadott NEVŰ felhasználó lastlog\n"
+#~ " rekordjainak kiírása\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all report password status on all accounts\n"
+#~| " -d, --delete delete the password for the named "
+#~| "account\n"
+#~| " -e, --expire force expire the password for the named "
+#~| "account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --keep-tokens change password only if expired\n"
+#~| " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --lock lock the named account\n"
+#~| " -n, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -r, --repository REPOSITORY change password in REPOSITORY "
+#~| "repository\n"
+#~| " -S, --status report password status on the named "
+#~| "account\n"
+#~| " -u, --unlock unlock the named account\n"
+#~| " -w, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| " -x, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: passwd [kapcsolók] [NÉV]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -a, --all jelszóállapot jelentés az összes fiókon\n"
+#~ " -d, --delete a megadott fiók jelszavának törlése\n"
+#~ " -e, --expire a megadott fiók jelszava lejáratának\n"
+#~ " kényszerítése\n"
+#~ " -h, --help kiírja e súgót és kilép\n"
+#~ " -k, --keep-tokens a jelszót csak annak lejáratakor "
+#~ "módosítsa\n"
+#~ " -i, --inactive INAKTÃV a jelszó inaktívvá tétele lejárat után\n"
+#~ " az INAKTÃV értékre\n"
+#~ " -l, --lock a megadott fiók zárolása\n"
+#~ " -n, --mindays MIN_NAPOK napok minimális számának beállítása\n"
+#~ " jelszómódosítás előtt a MIN_NAPOK "
+#~ "értékre\n"
+#~ " -q, --quiet csendes mód\n"
+#~ " -r, --repository LERAKAT jelszó módosítása a LERAKAT lerakatban\n"
+#~ " -S, --status jelentés a megadott fiók "
+#~ "jelszóállapotáról\n"
+#~ " -u, --unlock a megadott fiók zárolásának feloldása\n"
+#~ " -w, --warndays FIGYELEM_NAPOK a lejáratra figyelmeztetés napjai "
+#~ "számának\n"
+#~ " -x, --maxdays MAX_NAPOK napok maximális számának beállítása\n"
+#~ " jelszómódosítás előtt a MAX_NAPOK "
+#~ "értékre\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Használat: %s [-q] [-r] [-s] [jelszó [árnyék]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Használat: %s [-q] [-r] [-s] [jelszó [árnyék]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Használat: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Használat: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Ismeretlen azonosító: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Nincs héj\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: userdel [kapcsolók] NÉV\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -f, --force fájlok eltávolításának kényszerítése, "
+#~ "még\n"
+#~ " ha nem a felhasználó a tulajdonos is\n"
+#~ " -h, --help ezen súgószöveg megjelenítése és kilépés\n"
+#~ " -r, --remove saját könyvtár és levelezési sor "
+#~ "eltávolítása\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: %s felhasználó most be van jelentkezve\n"
+
+# FIXME
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Használat: usermod [kapcsolók] NÉV\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -a, --append felhasználó adása a kiegészítő "
+#~ "CSOPORTHOZ\n"
+#~ " (csak -G-vel használd)\n"
+#~ " -c, --comment MEGJEGYZÉS a GECOS mező új értéke\n"
+#~ " -d, --home SAJÃT_KVT új bejelentkezési könyvtár az új\n"
+#~ " felhasználói\n"
+#~ " -e, --expiredate LEJÃRATI_DÃTUM fiók lejárati dátumának beállítása a\n"
+#~ " LEJÃRATI_DÃTUMRA\n"
+#~ " -f, --inactive INAKTÃV a jelszó inaktívvá tétele lejárat "
+#~ "után\n"
+#~ " az INAKTÃV értékre\n"
+#~ " -g, --gid CSOPORT a CSOPORT használatának kényszerítése\n"
+#~ " az új felhasználói fiókhoz\n"
+#~ " -G, --groups CSOPORTOK kiegészítő csoportok felsorolása az "
+#~ "új\n"
+#~ " felhasználói fiókhoz\n"
+#~ " -h, --help ezen súgószöveg megjelenítése és "
+#~ "kilépés\n"
+#~ " -l, --login NÉV a bejelentkezési név új értéke\n"
+#~ " -L, --lock a megadott fiók zárolása\n"
+#~ " -m, --move-home a saját könyvtár tartalmának "
+#~ "áthelyezése az\n"
+#~ " új helyre (csak a -d kapcsolóval "
+#~ "használd)\n"
+#~ " -o, --non-unique engedélyezi a csoport létrehozását "
+#~ "többször\n"
+#~ " szereplő (nem egyedi) GID értékkel\n"
+#~ " -p, --password JELSZÓ az új jelszó titkosított\n"
+#~ " -s, --shell PARANCSÉRTELMEZŠa PARANCSÉRTELMEZŠhasználata a\n"
+#~ " passwd-ben megadott alapértelmezett "
+#~ "helyett\n"
+#~ " -u, --uid UID új UID a felhasználó fiókjához\n"
+#~ " -U, --unlock a felhasználói fiók zárolásának "
+#~ "feloldása\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: nincs kapcsoló megadva\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: vipw [kapcsolók]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -g, --group csoportadatbázis szerkesztése\n"
+#~ " -h, --help ezen súgószöveg megjelenítése\n"
+#~ " -p, --passwd a passwd adatbázis szerkesztése\n"
+#~ " -q, --quiet csendes mód\n"
+#~ " -s, --shadow a shadow vagy gshadow adatbázis "
+#~ "szerkesztése\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Használat: %s [bemenet]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %s létrehozása sikertelen\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: chown %s sikertelen\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: faillog [kapcsolók]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -a, --all az összes felhasználó faillog "
+#~ "bejegyzésének\n"
+#~ " megjelenítése\n"
+#~ " -h, --help ezen súgószöveg megjelenítése és kilépés\n"
+#~ " -l, --lock-time MP a sikertelen bejelentkezés után a fiók\n"
+#~ " zárolása MP másodpercre\n"
+#~ " -m, --maximum MAX a sikertelen bejelentkezések "
+#~ "számlálójának\n"
+#~ " beállítása a MAX értékre\n"
+#~ " -r, --reset a bejelentkezési hibák számának "
+#~ "visszaállítása\n"
+#~ " -t, --time NAPOK az adott NAPOK számánál régebbi faillog\n"
+#~ " rekordok megjelenítése\n"
+#~ " -u, --user NÉV faillog rekord megjelenítése, vagy csak\n"
+#~ " (ha a -r, -m vagy -l kapcsolókkal "
+#~ "használja) a\n"
+#~ " NÉV bejelentkezési nevű felhasználó "
+#~ "számára\n"
+#~ " karbantartja a hibaszámlálókat és "
+#~ "értékeket.\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: groupadd [kapcsolók] CSOPORT\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -f, --force kilépés kényszerítése sikeres "
+#~ "állapottal,\n"
+#~ " ha a megadott csoport már létezik\n"
+#~ " -g, --gid GID a GID használata az új csoporthoz\n"
+#~ " -h, --help kiírja e súgót és kilép\n"
+#~ " -K, --key KULCS=ÉRTÉK felülbírálja az /etc/login.defs\n"
+#~ " alapértelmezéseit\n"
+#~ " -o, --non-unique engedélyezi a csoport létrehozását "
+#~ "többször\n"
+#~ " szereplő (nem egyedi) GID értékkel\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: groupmod [kapcsolók] CSOPORT\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -g, --gid GID a GID használata az új csoporthoz\n"
+#~ " -h, --help kiírja e súgót és kilép\n"
+#~ " -n, --new-name Új_CSOPORT a CSOPORTot az ÚJ_CSOPORT névre bírja\n"
+#~ " -o, --non-unique engedélyezi a CSOPORT létrehozását "
+#~ "többször\n"
+#~ " szereplő (nem egyedi) GID értékkel\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Használat: useradd [kapcsolók] NÉV\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -b, --base-dir ALAP_KVT az új felhasználói fiók saját\n"
+#~ " könyvtárának alapkönyvtára\n"
+#~ " -c, --comment MEGJEGYZÉS az új felhasználói fiók GECOS "
+#~ "mezőjének\n"
+#~ " beállítása\n"
+#~ " -d, --home-dir SAJÃT_KVT az új felhasználói fiók saját "
+#~ "könyvtára\n"
+#~ " -D, --defaults az alapértelmezett useradd "
+#~ "beállítások\n"
+#~ " kiírása vagy mentése\n"
+#~ " -e, --expiredate LEJÃRATI_DÃTUM a fiók lejárati dátumának beállítása\n"
+#~ " -f, --inactive INAKTÃV a jelszó inaktívvá tétele lejárat "
+#~ "után\n"
+#~ " az INAKTÃV értékre\n"
+#~ " -g, --gid CSOPORT a CSOPORT használatának kényszerítése\n"
+#~ " az új felhasználói fiókhoz\n"
+#~ " -G, --groups CSOPORTOK kiegészítő csoportok felsorolása az "
+#~ "új\n"
+#~ " felhasználói fiókhoz\n"
+#~ " -h, --help ezen súgószöveg megjelenítése és "
+#~ "kilépés\n"
+#~ " -k, --skel VÃZ_KVT alternatív vázkönyvtár megadása\n"
+#~ " -K, --key KULCS=ÉRTÉK felülbírálja az /etc/login.defs\n"
+#~ " alapértelmezéseit\n"
+#~ " -m, --create-home az új felhasználói fiók saját\n"
+#~ " könyvtárának létrehozása\n"
+#~ " -o, --non-unique engedélyezi a csoport létrehozását "
+#~ "többször\n"
+#~ " szereplő (nem egyedi) GID értékkel\n"
+#~ " -p, --password JELSZÓ titkosított jelszó használata az új\n"
+#~ " felhasználói fiókhoz\n"
+#~ " -s, --shell PARANCSÉRTELMEZŠa bejelentkezési parancsértelmező az\n"
+#~ " új felhasználói fiókhoz\n"
+#~ " -u, --uid UID az UID használatának kényszerítése az "
+#~ "új\n"
+#~ " felhasználói fiókhoz\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Jelszó lejárata beállítva."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: nem tudom zárolni a jelszófájlt\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: a jelszófájl nem nyitható meg\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: az árnyék jelszófájl zárolása sikertelen\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: az árnyék jelszófájl megnyitása sikertelen\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: az árnyék jelszófájl újraírása sikertelen\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: a jelszófájl újraírása sikertelen\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: az árnyék jelszófájl frissítése sikertelen\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tTELJES Név: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tSzobaszám: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tMunkahelyi telefon: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tOtthoni telefon: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Nem zárolható a jelszófájl; próbáld később\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "A jelszófájl nem nyitható meg.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Hiba a jelszó bejegyzés frissítésekor\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Nem tudom megtenni a jelszófájl módosításokat.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Nem tudom feloldani a jelszófájl zárolását.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: nem tudom lezárni a 'group' fájlt\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: nem tudom megnyitni a 'group' fájlt\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: nem tudom lezárni a 'gshadow' fájlt\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: nem tudom megnyitni a 'gshadow' fájlt\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: hiba az árnyék fájl frissítésekor\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: Hiba a csoport bejegyzés frissítésekor\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: %d.: ismeretlen %s csoport\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: %d. sor: nem tudom frissíteni a bejegyzést\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: nem tudom zárolni az árnyék fájlt\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: hiba az árnyék fájl frissítésekor\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: hiba a jelszófájl frissítésekor\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: %d. sor: ismeretlen %s felhasználó\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: %d. sor: a jelszó bejegyzés nem frissíthető\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: ismeretlen felhasználó\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Ismeretlen felhasználó: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Használat: %s [-r|-R] group\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a felhasználó] csoport\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d felhasználó] csoport\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A felhasználó,...] [-M felhasználó,...] csoport\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M felhasználó,...] csoport\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: nem szerezhető zár\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: nem szerezhető árnyékzár\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: nem tudom megnyitni a fájlt\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: nem tudom újraírni az árnyék fájlt\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: nem tudom feloldani a fájlt\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: nem tudom frissíteni a bejegyzést\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: nem tudom frissíteni az árnyék bejegyzést\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "ismeretlen csoport: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: nem tudom megnyitni a fájlt\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: nem tudom megnyitni a 'gshadow' fájlt\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Ki vagy?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: ismeretlen %s tag\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: hiba az új csoport bejegyzés hozzáadásakor\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: nem tudom újraírni a csoport fájlt\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: nem tudom újraírni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: nem tudom zárolni a csoport fájlt\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: nem tudom megnyitni a csoport fájlt\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: nem tudom zárolni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: nem tudom megnyitni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: %u GID nem egyedi\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: nem tudom törölni a csoport bejegyzést\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: nem tudom törölni az árnyék csoport bejegyzést\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: nem tudom törölni a felhasználó elsődleges csoportját\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Az eltávolítandó tag nem található\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Használat: groupmems -a felhasználónév | -d felhasználónév | -D | -l [-g "
+#~ "csoportnév]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Csak a root adhat tagokat különböző csoportokhoz\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Csoport hozzáférés kell\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Nem a jelen csoport elsődleges tulajdonosa\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM hitelesítési hiba ehhez:\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Csoport fájl zárolása sikertelen\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Csoport fájl bezárása sikertelen\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s nincs a /etc/group-ban\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u nem egyedi GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s nem egyedi név\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: nem tudom újraírni a jelszófájlt\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: nem tudom zárolni a jelszófájlt\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: nem tudom megnyitni a jelszófájlt\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: nem tudom frissíteni %s árnyék bejegyzését\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: nem tudom frissíteni %s csoport bejegyzését\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: nem tudom zárolni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: nem tudom megnyitni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: nem tudom törölni %s árnyék csoportot\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: nem tudom frissíteni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: nem tudom törölni az árnyék csoport fájlt\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "ismeretlen UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "ismeretlen GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: %s csoport nem létezik\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: %s felhasználó nem létezik\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: érvénytelen '%s' felhasználónév\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: nem tudom zárolni a /etc/passwd fájlt.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: nem tudom zárolni a /etc/passwd fájlt.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: nem tudom zárolni a /etc/passwd fájlt.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: nem tudom zárolni a /etc/passwd fájlt.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: fájlok megnyitása sikertelen\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: hiba a fájlok frissítésekor\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: nem tudom frissíteni %s jelszó bejegyzését\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: nem tudom lezárni a passwd fájlt\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: nem tudom megnyitni a passwd fájlt\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: nem tudom törölni %s árnyék bejegyzését\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: nem tudom frissíteni a \"passwd\" fájlt\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: nem tudom frissíteni %s felhasználó bejegyzését\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: nem tudom törülni az árnyék jelszófájlt\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: ismeretlen %s GID\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: ismeretlen %s csoport\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: elfogyott a memória az update_gshadow során\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: nem tudom újraírni a jelszófájlt\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: nem tudom újraírni az árnyék jelszófájlt\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: nem tudom zárolni az árnyék jelszófájlt\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: nem tudom megnyitni az árnyék jelszófájlt\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: hiba a csoportfájl zárolásakor\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: hiba a csoportfájl megnyitásakor\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: hiba az árnyék csoportfájl zárolásakor\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: hiba az árnyék csoportfájl megnyitásakor\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: hiba az új jelszó bejegyzés hozzáadásakor\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: hiba az új árnyék jelszó bejegyzés hozzáadásakor\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: figyelem: a CREATE_HOME nem támogatott, használd a -m-et helyette.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: Hiba a csoport bejegyzés frissítésekor\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: Hiba a csoport bejegyzés frissítésekor\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: nem tudom megnyitni a csoport fájlt\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: nem tudom megnyitni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: hiba a jelszó bejegyzés törlésekor\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: hiba az árnyék jelszó bejegyzés törlésekor\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: hiba az új csoport bejegyzés hozzáadásakor\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu nem egyedi\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: hiba a jelszó bejegyzés cseréjekor\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: hiba a jelszó bejegyzés törlésekor\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: hiba az árnyék jelszó bejegyzés törlésekor\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: nem szerezhető be egyedi csoportazonosító\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " erre: `%.100s' erről: `%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " erre: `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: %d. sor: UID létrehozása sikertelen\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: %s név nem egyedi\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: chgpasswd [kapcsolók]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ " -e, --encrypted\ta megadott jelszavak titkosítottak\n"
+#~ " -h, --help\t\tezen súgó megjelenítése és kilépés\n"
+#~ " -m, --md5\t\tMD5 titkosítás használata DES helyett,ha a megadott\n"
+#~ "\t\t\tjelszavak nem titkosítottak\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Nincs jelszófájl\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Bocs.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Bocsi, %s jelszava még nem változtatható...\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Bocs."
diff --git a/po/id.po b/po/id.po
new file mode 100644
index 0000000..8aae75e
--- /dev/null
+++ b/po/id.po
@@ -0,0 +1,3510 @@
+# Terjemahan Bahasa Indonesia: shadow
+# Parlin Imanuel Toh <parlin@ui.edu>, 2004.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.15\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-25 20:58+0100\n"
+"Last-Translator: Parlin Imanuel Toh <parlin_i@yahoo.com>\n"
+"Language-Team: Debian Indonesia <debid@yahoogroups.com>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Tidak dapat mengalokasikan ruang untuk informasi konfigurasi.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"Kesalahan konfigurasi - item tidak dikenal '%s' (beritahu administrator)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Kata sandi:"
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Kata sandi dari %s:"
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Tidak dapat mengalokasikan ruang untuk informasi konfigurasi.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Mengubah informasi umur akun untuk %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Tidak dapat menentukan nama pengguna anda.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: baris %d: tak menemukan pengguna %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: kehabisan memori\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: tidak dapat memperbaharui berkas %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: direktori rumah `%s' tak sah\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: perhatian: tak dapat menghapus "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: perhatian: tak dapat menghapus "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: ubah nama: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: perhatian: tak dapat menghapus "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: perhatian: tak dapat menghapus "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: tidak dapat memperbaharui berkas %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: tak dapat memperbaharui berkas shadow\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: ubah nama: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: tidak dapat membuka berkas %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Peringatan: grup tidak dikenal %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Peringatan: terlalu banyak grup\n"
+
+msgid "Your password has expired."
+msgstr "Kata sandi anda telah kadaluarsa."
+
+msgid "Your password is inactive."
+msgstr "Kata sandi anda tidak aktif."
+
+msgid "Your login has expired."
+msgstr "Login anda telah kadaluarsa."
+
+msgid " Contact the system administrator."
+msgstr " Hubungi administrator sistem."
+
+msgid " Choose a new password."
+msgstr " Pilih sebuah kata sandi baru."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Kata sandi anda akan kadaluarsa dalam %ld hari.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Kata sandi anda akan kadaluarsa besok."
+
+msgid "Your password will expire today."
+msgstr "Kata sandi anda akan kadaluarsa hari ini."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Tidak dapat mengubah tts %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: ruas terlalu panjang\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Lingkungan overflow\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Anda tidak boleh mengubah $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d sejak login terakhir.\n"
+"Terakhir %s pada %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "gagal mengganti pemilik kotak-surat"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: tidak bisa mendapatkan UID yang unik\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: tak mampu mendapatkan GID yang unik\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: tidak bisa mendapatkan UID yang unik\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: tidak bisa mendapatkan UID yang unik\n"
+
+msgid "Too many logins.\n"
+msgstr "Terlalu banyak login.\n"
+
+msgid "You have new mail."
+msgstr "Anda memiliki surat baru."
+
+msgid "No mail."
+msgstr "Tidak ada surat."
+
+msgid "You have mail."
+msgstr "Anda memiliki surat."
+
+msgid "no change"
+msgstr "tak ada perubahan"
+
+msgid "a palindrome"
+msgstr "sebuah palindrom"
+
+msgid "case changes only"
+msgstr "hanya perubahan huruf besar/kecil"
+
+msgid "too similar"
+msgstr "terlalu mirip"
+
+msgid "too simple"
+msgstr "terlalu sederhana"
+
+msgid "rotated"
+msgstr "pernah dipakai"
+
+msgid "too short"
+msgstr "terlalu pendek"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Kata sandi buruk: %s."
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() gagal, kesalahan nomor %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Password telah diubah."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: kata sandi diperbaharui dengan sukses\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Kata sandi tidak tepat untuk %s\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: telepon rumah tidak sah: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Tidak dapat cd ke \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Tidak terdapat direktori, masuk dengan HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Tidak dapat menjalankan %s"
+
+#, fuzzy, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Direktori root tidak sah \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Tidak dapat mengubah direktori root ke \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Tak dapat menentukan nama tty anda."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Tidak\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Masukkan nilai baru atau tekan ENTER untuk nilai bawaan"
+
+msgid "Minimum Password Age"
+msgstr "Umur Kata Sandi Minimal"
+
+msgid "Maximum Password Age"
+msgstr "Umur Kata Sandi Maksimal"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Penggantian Kata Sandi Terakhir (TTTT-MM-HH)"
+
+msgid "Password Expiration Warning"
+msgstr "Peringatan Kadaluarsanya Kata Sandi"
+
+msgid "Password Inactive"
+msgstr "Kata Sandi Tak-aktif"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Waktu Kadaluarsa Akun (TTTT-MM-HH)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Penggantian kata sandi terakhir\t\t\t\t\t: "
+
+msgid "never"
+msgstr "tak pernah"
+
+msgid "password must be changed"
+msgstr "password mesti diubah"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Kata sandi kadaluarsa\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Kata sandi tak aktif\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Akun kadaluarsa\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Jumlah hari minimum antara penggantian password\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Jumlah hari maksimum antara penggantian password\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Jumlah hari pemberian peringatan sebelum kadaluarsa\t: %ld\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: tanggal `%s' tak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argumen numerik tak sah `%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: jangan gabungkan \"l\" dengan flag lain\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: ijin ditolak.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Tidak dapat menentukan nama pengguna anda.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: tidak dapat mengunci berkas-berkas, coba lagi nanti\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: tidak dapat membuka berkas %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: gagal membuat proses: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: tak terdapat berkas kata sandi bayangan\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Mengubah informasi umur akun untuk %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: kesalahan saat mengubah ruas-ruas isian\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nama Lengkap"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Nomor Ruangan"
+
+msgid "Work Phone"
+msgstr "Telepon Kantor"
+
+msgid "Home Phone"
+msgstr "Telepon Rumah"
+
+msgid "Other"
+msgstr "Lain-lain"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Tidak dapat mengubah ID menjadi root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nama tidak sah: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: nomor ruang tidak sah: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: telepon kantor tidak sah: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: telepon rumah tidak sah: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" berisi karakter-karakter ilegal\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" berisi karakter-karakter ilegal\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: tidak dapat mengubah pengguna '%s' pada klien NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: `%s' merupakan master NIS untuk klien ini.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Mengubah informasi pengguna dari %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: ruas terlalu panjang\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: -a hanya diperbolehkan dengan -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: baris %d: baris terlalu panjang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: baris %d: kata sandi baru hilang\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: grup %s tidak ada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: baris %d: tak dapat memperbaharui entri\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: kesalahan terdeteksi, perubahan diabaikan\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Login Shell"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Anda tidak boleh mengubah shell untuk %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Mengubah login shell untuk %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Entri tidak sah: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s merupakan shell yang tidak sah.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: perhatian %s tak dimiliki oleh %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: argumen tak terduga: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Login Gagal Maks. Terakhir Pada\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds tersisa]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds terkunci]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Pengguna tak dikenal: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Kata sandi untuk %s tidak dapat diganti.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Kata sandi untuk %s tidak dapat diganti.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: kata sandi bayangan grup diperlukan untuk -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grup %s tidak ada\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: gagal membuat proses: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Mengubah kata sandi untuk grup %s\n"
+
+msgid "New Password: "
+msgstr "Kata sandi baru: "
+
+msgid "Re-enter new password: "
+msgstr "Masukkan lagi kata sandi baru: "
+
+msgid "They don't match; try again"
+msgstr "Kedua kata sandi tidak identik; coba lagi"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Coba lagi nanti\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Menambahkan pengguna %s ke grup %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Mengeluarkan pengguna %s dari grup %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Bukan sebuah tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: nama grup %s tidak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "nama grup `%s' tidak sah\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K memerlukan NAMA=NILAI\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grup %s telah ada\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Tidak dapat menentukan nama pengguna anda.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: tidak dapat mengubah pengguna '%s' pada klien NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grup %s tidak ada\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grup `%s' merupakan grup NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s merupakan master NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: pengguna %s merupakan pengguna NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: kehabisan memori saat update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "nama grup `%s' tidak sah\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: grup %s merupakan sebuah grup NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: pengguna %s tak dikenal\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s dan -r tidak kompatible\n"
+
+msgid "invalid group file entry"
+msgstr "entri berkas grup tidak sah"
+
+#, fuzzy, c-format
+msgid "delete line '%s'? "
+msgstr "hapus baris `%s'? "
+
+msgid "duplicate group entry"
+msgstr "entri grup berulang"
+
+#, fuzzy, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nama grup `%s' tidak sah\n"
+
+#, fuzzy, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "nama grup `%s' tidak sah\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grup %s: tak ada pengguna %s\n"
+
+#, fuzzy, c-format
+msgid "delete member '%s'? "
+msgstr "hapus anggota `%s'? "
+
+#, fuzzy, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "entri tidak ditemukan pada berkas grup\n"
+
+#, fuzzy, c-format
+msgid "add group '%s' in %s? "
+msgstr "grup bayangan %s: tak ada pengguna %s\n"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "entri berkas grup bayangan tidak sah"
+
+msgid "duplicate shadow group entry"
+msgstr "entri grup bayangan berulang"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grup bayangan %s: tak ada pengguna administratif %s\n"
+
+#, fuzzy, c-format
+msgid "delete administrative member '%s'? "
+msgstr "hapus anggota administratif `%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grup bayangan %s: tak ada pengguna %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: berkas-berkas telah diperbaharui\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: tak ada perubahan\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: tidak dapat memperbaharui berkas %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Penggunaan: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Penggunaan: id\n"
+
+msgid " groups="
+msgstr " grup="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "Nama pengguna Port Dari Terakhir"
+
+msgid "Username Port Latest"
+msgstr "Nama pengguna Port Terakhir"
+
+msgid "**Never logged in**"
+msgstr "**Tak pernah log in**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: tidak dapat memperbaharui berkas kata sandi\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Penggunaan: %s [-p] [nama]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h host] [-f nama]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Waktu login tidak sah"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistem ditutup untuk pengelolaan rutin"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Pemutusan hubungan diabaikan -- login root diperbolehkan.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Tanpa entri utmp. Anda mesti menjalankan \"login\" dari level terendah \"sh\""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Login time out setelah %d detik.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Kegagalan PAM, berhenti: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Jumlah pengulangan maksimum terlampaui (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: penghentian diminta oleh PAM\n"
+
+msgid "Login incorrect"
+msgstr "Login tidak tepat"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: baris %d: tak menemukan pengguna %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: gagal membuat proses: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Perhatian: login dibolehkan setelah penguncian sementara."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Login terakhir: %s pada %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Login terakhir: %.19s pada %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " dari %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"waktu login telah berlebihan\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Penggunaan: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Penggunaan: newgrp [-] [grup]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Penggunaan: sg grup [[-c] perintah]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Kata sandi lama: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: gagal membuat proses: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+msgid "too many groups\n"
+msgstr "terlalu banyak grup\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: grup %s tidak ada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: nama pengguna `%s' tak sah\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nama pengguna `%s' tak sah\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: baris %d: baris tidak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: tak dapat memperbaharui entri untuk pengguna %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: baris %d: tak dapat membuat GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: baris %d: tak dapat membuat GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: baris %d: tak dapat memperbaharui kata sandi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: baris %d: mkdir gagal\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: baris %d: chown gagal\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: baris %d: tak dapat memperbaharui entri\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: tak dapat membuat %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: tidak dapat memperbaharui berkas grup\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Kata sandi lama: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Masukkan password baru (minimim %d, maksimum %d karakter)\n"
+"Mohon gunakan kombinasi huruf besar, huruf kecil dan angka.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Masukkan password baru (minimim %d, maksimum %d karakter)\n"
+"Mohon gunakan kombinasi huruf besar, huruf kecil dan angka.\n"
+
+msgid "New password: "
+msgstr "kata sandi baru: "
+
+msgid "Try again."
+msgstr "Coba lagi."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Kata sandi lemah (masukkan lagi untuk tetap menggunakannya)."
+
+msgid "They don't match; try again.\n"
+msgstr "Kata sandi tidak sama; coba lagi.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Kata sandi untuk %s tidak dapat diganti.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Kata sandi untuk %s tidak dapat diganti.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: repositori %s tidak didukung\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Anda tak boleh melihat atau mengubah info kata sandi untuk %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Mengganti kata sandi untuk %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Kata sandi untuk %s tidak diubah.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Password telah diubah."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Peringatan Kadaluarsanya Kata Sandi"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "entri kata sandi tak sah"
+
+msgid "duplicate password entry"
+msgstr "entri kata sandi berduplikat"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nama pengguna tak sah '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "nama pengguna tak sah '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "pengguna %s: tak ada grup %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "pengguna %s: tak terdapat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "pengguna %s: tak terdapat program %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: tidak dapat mengunci berkas %s\n"
+
+#, fuzzy, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "tak terdapat entri kata sandi yang cocok\n"
+
+#, fuzzy, c-format
+msgid "add user '%s' in %s? "
+msgstr "grup bayangan %s: tak ada pengguna %s\n"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "entri kata sandi bayangan tak sah"
+
+msgid "duplicate shadow password entry"
+msgstr "entri kata sandi bayangan terduplikasi"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "pengguna %s: pergantian kata sandi terakhir terjadi dimasa depan\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: tidak dapat membuka berkas %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: tidak dapat menuliskan kembali berkas\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Akses su untuk account itu DITOLAK.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Otentikasi kata sandi diabaikan.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Silakan masukkan kata sandi anda SENDIRI sebagai otentikasi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: tidak dapat mengunci berkas %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Penggunaan: su [pilihan-pilihan] [login]\n"
+"\n"
+"Pilihan-pilihan:\n"
+" -c, --command PERINTAH berikan PERINTAH yang akan diberikan\n"
+" pada shell\n"
+" -h, --help tampilkan pesan bantuan ini dan keluar\n"
+" -, -l, --login buat shell menjadi shell login\n"
+" -m, -p,\n"
+" --preserve-environment jangan reset variabel lingkungan, dan\n"
+" pertahankan shell yang sama\n"
+" -s, --shell SHELL gunakan shell SHELL daripada bawaan\n"
+" di passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Diabaikan)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Anda tak diperbolehkan untuk su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Masukkan kata sandi anda sendiri)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: Otentikasi PAM gagal\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Anda tak diperbolehkan untuk su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Tak ada entri kata sandi untuk 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: mesti dijalankan dari sebuah terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: kesalahan %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Tidak dapat menjalankan %s"
+
+msgid "No password file"
+msgstr "Tak ada berkas kata sandi"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Tak ada entri kata sandi untuk 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Ketikkan control-d untuk melanjutkan startup normal,\n"
+"(atau berikan kata sandi root untuk pengelolaan sistem):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Memasuki Mode Pengelolaan Sistem"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: tak dapat membuat berkas-berkas bawaan yang baru\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: tak dapat membuka berkas-berkas bawaan yang baru\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: baris %d: chown gagal\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: ubah nama: %s"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grup `%s' merupakan grup NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: grup yang diberikan terlalu banyak (maks %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: direktori awal `%s' tak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: komentar `%s' tak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: direktori rumah `%s' tak sah\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: kata sandi bayangan dibutuhkan untuk -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: kata sandi banyangan diperlukan untuk -f\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ruas `%s' tak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: shell `%s' tak sah\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: pengguna %s telah ada\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: grup %s telah ada - jika ingin menambah pengguna ke grup itu, pakai -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: tak dapat membuat %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u tidak unik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: tak dapat membuat %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: tak dapat membuat %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: tak dapat membuat %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: perhatian: direktori rumah telah ada.\n"
+"Tak menyalin berkas apapun dari direktori skel ke situ.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: tidak dapat mengubah pengguna '%s' pada klien NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: tidak dapat menghapus grup %s yg merupakan grup utama dari pengguna "
+"lain.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: direktori rumah `%s' tak sah\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: perhatian: tak dapat menghapus "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s tak dimiliki oleh %s, tidak menghapus\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: pengguna %s merupakan pengguna NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: direktori rumah `%s' tak sah\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: tak menghapus dir %s (karena akan menghapus rumah dari %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: kesalahan saat menghapus direktori %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: pengguna %s telah ada\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: tanggal `%s' tak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: tanggal `%s' tak sah\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: tidak dapat membuka berkas %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: diperlukan kata sandi bayangan untuk -e dan -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: direktori %s telah ada\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: perhatian: gagal menghapus direktori rumah lama %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: perhatian %s tak dimiliki oleh %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "gagal mengganti pemilik kotak-surat"
+
+msgid "failed to rename mailbox"
+msgstr "gagal mengubah nama kotak-surat"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s tidak berubah\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "gagal mengubah nama kotak-surat"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Tidak dapat mengunci berkas"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Tidak dapat mengunci berkas"
+
+msgid "Couldn't make backup"
+msgstr "Tidak dapat membuat backup"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s tidak ditemukan pada /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s: tidak dapat membuka berkas grup\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: ruas terlalu panjang\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "gagal mengubah nama kotak-surat"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "gagal mengganti pemilik kotak-surat"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "gagal mengubah nama kotak-surat"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: tidak dapat mengembalikan %s: %s (perubahan ada dalam %s)\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: direktori awal `%s' tak sah\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Penggunaan: %s [input]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) gagal\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: chage [pilihan-pilihan] [NAMA-LOGIN]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ " -d, --lastday LAST_DAY atur pergantian password terakhir pada "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE atur kadaluarsa akun pada tanggal\n"
+#~ " EXPIRE_DATE\n"
+#~ " -h, --help tampilkan pesan bantuan ini dan keluar\n"
+#~ " -I, --inactive INACTIVE atur masa inaktif kata sandi setelah\n"
+#~ " kadaluarsa pada INACTIVE\n"
+#~ " -l, --list tampilkan informasi umur akun\n"
+#~ " -m, --mindays MIN_DAYS atur jumlah hari minimum sebelum kata "
+#~ "sandi\n"
+#~ " diganti menjadi MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS atur jumlah hari maksimum sebelum kata "
+#~ "sandi\n"
+#~ " diganti menjadi MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS atur hari peringatan kadaluarsa menjadi\n"
+#~ " WARN_DAYS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: Otentikasi PAM gagal\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Penggunaan: %s [-f nama_lkp] [-r no_ruang] [-w telp_ktr]\n"
+#~ "\t[-h telp_rmh] [-o lain_lain] [pengguna]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Penggunaan: %s [-f nama_lkp] [-r no_ruang] [-w telp_ktr] [-h telp_rmh]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Penggunaan: chpasswd [pilihan-pilihan]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ " -e, --encrypted kata sandi yang diberikan telah "
+#~ "terenkripsi\n"
+#~ " -h, --help tampilkan pesan bantuan ini dan keluar\n"
+#~ " -m, --md5 gunakan enkripsi MD5 daripada DES bila "
+#~ "kata\n"
+#~ " sandi yang diberikan tak terenkripsi\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Penggunaan: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: tidak dapat membuka berkas %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Penggunaan: groupdel grup\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Penggunaan: %s [-r] [-s] [grup [gbayangan]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Penggunaan: %s [-r] [-s] [grup]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s dan -r tidak kompatible\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Penggunaan: groupdel grup\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Penggunaan: groupdel grup\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: lastlog [pilihan-pilihan]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ " -b, --before HARI cetak hanya record lastlog yang lebih tua dari "
+#~ "HARI\n"
+#~ " -h, --help tampilkan pesan bantuan ini dan keluar\n"
+#~ " -t, --time HARI cetak hanya record lastlog yang lebih baru dari "
+#~ "HARI\n"
+#~ " -u, --user NAMA cetak record lastlog untuk pengguna dengan nama "
+#~ "NAMA\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: passwd [pilihan-pilihan] [nama-pengguna]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ " -a, --all laporkan status kata sandi untuk semua "
+#~ "akun\n"
+#~ " -d, --delete hapus password untuk pengguna yang "
+#~ "diberikan\n"
+#~ " -e, --expire paksakan kadaluarsa kata sandi untuk "
+#~ "akun\n"
+#~ " pengguna\n"
+#~ " -h, --help tampilkan pesan bantuan ini dan keluar\n"
+#~ " -k, --keep-tokens ganti kata sandi hanya bila telah "
+#~ "kadaluarsa\n"
+#~ " -i, --inactive INAKTIF atur masa inaktif kata sandi setelah\n"
+#~ " kadaluarsa pada INAKTIF\n"
+#~ " -l, --lock blok akun pengguna\n"
+#~ " -n, --mindays HARI_MIN atur jumlah hari minimum sebelum kata "
+#~ "sandi\n"
+#~ " diganti pada HARI_MIN\n"
+#~ " -q, --quiet mode tenang\n"
+#~ " -r, --repository REPOSITORI ubah kata sandi pada repositori "
+#~ "REPOSITORI\n"
+#~ " -S, --status laporkan status kata sandi dari akun "
+#~ "pengguna\n"
+#~ " -u, --unlock buka bloking akun pengguna\n"
+#~ " -w, --warndays HARI atur hari peringatan kadaluarsa pada "
+#~ "HARI\n"
+#~ " -x, --maxdays HARI_MAKS atur jumlah hari maksimum sebelum kata "
+#~ "sandi\n"
+#~ " diganti pada HARI_MAKS\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Penggunaan: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Penggunaan: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Penggunaan: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Penggunaan: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id tak dikenal: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Tak ada shell\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: pengguna %s saat ini sedang login\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Penggunaan: usermod [pilihan-pilihan] NAMA-LOGIN\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ " -a, --append GRUP tambahkan pengguna ke grup tambahan GRUP\n"
+#~ " -c, --comment KOMENTAR nilai baru dari ruas GECOS\n"
+#~ " -d, --home DIR_RUMAH direktori rumah baru dari pengguna baru\n"
+#~ " -e, --expiredate TANGGAL atur tanggal kadaluarsa akun pada "
+#~ "TANGGAL\n"
+#~ " -f, --inactive INAKTIF atur masa inaktif setelah kadaluarsa\n"
+#~ " pada INAKTIF\n"
+#~ " -g, --gid GRUP paksakan GRUP sebagai grup login awalan\n"
+#~ " -G, --groups GRUP-GRUP daftar grup-grup tambahan\n"
+#~ " -h, --help tampilkan pesan bantuan ini dan keluar\n"
+#~ " -l, --login LOGIN nilai baru dari nama pengguna\n"
+#~ " -L, --lock blok akun pengguna\n"
+#~ " -m, --move-home pindahkan isi direktori rumah ke lokasi "
+#~ "baru\n"
+#~ " (hanya gunakan dengan -d)\n"
+#~ " -o, --non-unique perbolehkan UID terduplikasi (tak-unik)\n"
+#~ " -p, --password PASSWORD gunakan kata sandi baru yang terenkripsi\n"
+#~ " -s, --shell SHELL shell login baru bagi pengguna\n"
+#~ " -u, --uid UID UID baru untuk pengguna\n"
+#~ " -U, --unlock buka bloking pengguna\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: tak diberikan tanda-tanda/bendera\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: vipw [pilihan-pilihan]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ " -g, --group sunting basisdata grup\n"
+#~ " -h, --help tampilkan pesan bantuan ini dan keluar\n"
+#~ " -p, --passwd sunting basisdata kata sandi\n"
+#~ " -q, --quiet mode tenang\n"
+#~ " -s, --shadow sunting basisdata shadow atau gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Penggunaan: %s [input]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: tak dapat membuat %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: tak dapat chown %s\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: faillog [pilihan-pilihan]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ " -a, --all tampilkan record faillog records untuk\n"
+#~ " semua pengguna\n"
+#~ " -h, --help tampilkan pesan bantuan ini dan keluar\n"
+#~ " -l, --lock-time DTK setelah kegagalan login blok akun selama\n"
+#~ " DTK detik\n"
+#~ " -m, --maximum MAX atur penghitung kegagalan login maksimum\n"
+#~ " pada MAX\n"
+#~ " -r, --reset reset penghitung kegagalan login\n"
+#~ " -t, --time HARI tampilkan record faillog yang lebih baru\n"
+#~ " dari HARI\n"
+#~ " -u, --user NAMA tampilkan record faillog atau atur\n"
+#~ " penghitung kegagalan dan batasnya (bila\n"
+#~ " digunakan dengan -r, -m atau -l) hanya\n"
+#~ " untuk pengguna dengan nama NAMA\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Usage: groupadd [pilihan-pilihan] namagroup\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ " -f, --force paksa status sukses saat keluar bila "
+#~ "grup\n"
+#~ " telah ada\n"
+#~ " -g, --gid GID gunakan GID untuk grup yang baru ini\n"
+#~ " -h, --help tampilkan pesan bantuan ini dan keluar\n"
+#~ " -K, --key KEY=VALUE ganti nilai bawaan pada /etc/login.defs\n"
+#~ " -o, --non-unique perbolehkan pembuatan grup dengan GID\n"
+#~ " terduplikasi (tak-unik)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Usage: groupadd [pilihan-pilihan] namagroup\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ " -f, --force paksa status sukses saat keluar bila "
+#~ "grup\n"
+#~ " telah ada\n"
+#~ " -g, --gid GID gunakan GID untuk grup yang baru ini\n"
+#~ " -h, --help tampilkan pesan bantuan ini dan keluar\n"
+#~ " -K, --key KEY=VALUE ganti nilai bawaan pada /etc/login.defs\n"
+#~ " -o, --non-unique perbolehkan pembuatan grup dengan GID\n"
+#~ " terduplikasi (tak-unik)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Penggunaan: useradd [pilihan-pilihan] NAMA-LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR direktori awal untuk direktori rumah "
+#~ "dari\n"
+#~ " pengguna baru\n"
+#~ " -c, --comment KOMENTAR atur ruas GECOS untuk pengguna baru\n"
+#~ " -d, --home-dir DIR_RUMAH direktori rumah untuk pengguna baru\n"
+#~ " -D, --defaults cetak atau simpan konfigurasi bawaan "
+#~ "useradd\n"
+#~ " -e, --expiredate KADALUARSA atur tanggal kadaluarsa pada KADALUARSA\n"
+#~ " -f, --inactive INAKTIF atur masa inaktif kata sandi setelah\n"
+#~ " kadaluarsa menjadi INAKTIF\n"
+#~ " -g, --gid GRUP paksakan grup GRUP untuk pengguna baru\n"
+#~ " -G, --groups GRUP-GRUP daftar grup-grup tambahan untuk\n"
+#~ " pengguna baru\n"
+#~ " -h, --help tampilkan pesan bantuan ini dan keluar\n"
+#~ " -k, --skel SKEL_DIR berikan direktori skel alternatif\n"
+#~ " -K, --key KEY=VALUE ganti nilai-nilai bawaan pada /etc/login."
+#~ "defs\n"
+#~ " -m, --create-home buat direktori rumah untuk pengguna baru\n"
+#~ " -o, --non-unique perbolehkan pembuatan pengguna dengan\n"
+#~ " UID terduplikasi (tak-unik)\n"
+#~ " -p, --password PASSWORD gunakan kata sandi terenkripsi untuk\n"
+#~ " pengguna baru\n"
+#~ " -s, --shell SHELL shell login untuk pengguna baru\n"
+#~ " -u, --uid UID paksakan uid UID untuk pengguna baru\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Kata sandi dibuat kadaluarsa."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas kata sandi\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: tidak dapat membuka berkas kata sandi\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas kata sandi bayangan\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: tidak dapat membuka berkas kata sandi bayangan\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: tidak dapat menulis kembali berkas kata sandi bayangan\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: tidak dapat menulis kembali berkas kata sandi\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: tidak dapat memperbaharui berkas kata sandi bayangan\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNama Lengkap: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNomor Ruangan: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelepon Kantor: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelepon Rumah: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Tidak dapat mengunci berkas kata sandi; coba lagi nanti.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Tidak dapat membuka berkas kata sandi.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Kesalahan saat memperbaharui entri kata sandi.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Tidak dapat menyimpan perubahan berkas kata sandi.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Tidak dapat membuka kunci berkas kata sandi.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas grup\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: tidak dapat membuka berkas grup\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: tidak dapat membuka berkas kata sandi bayangan\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: kesalahan saat memperbaharui berkas kata sandi bayangan\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: errot memperbaharui entri grup\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: baris %d: grup %s tak dikenal\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: baris %d: tak dapat memperbaharui entri\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas kata sandi bayangan\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: kesalahan saat memperbaharui berkas kata sandi bayangan\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: kesalahan saat memperbaharui berkas kata sandi\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: baris %d: pengguna %s tak dikenal\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: baris %d: tidak dapat memperbaharui entri kata sandi\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: pengguna tak dikenal\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Pengguna tak dikenal: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Penggunaan: %s [-r|-R] grup\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a pengguna] grup\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d pengguna] grup\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A pengguna,...] [-M pengguna,...] grup\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M pengguna,...] grup\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: tidak mendapatkan kunci\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: tidak mendapatkan kunci untuk berkas bayangan\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: tidak dapat membuka berkas\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: tidak dapat menuliskan kembali berkas bayangan\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: tidak dapat membuka kunci berkas\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: tidak dapat memperbaharui entri\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: tidak dapat memperbaharui entri bayangan\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "grup tak dikenal: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: tidak dapat membuka berkas\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: tidak dapat membuka berkas kata sandi bayangan\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Anda siapa?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: anggota tak dikenal %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: kesalahan saat menambahkan entri grup yang baru\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: tidak dapat menuliskan kembali berkas grup\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: tidak dapat menuliskan kembali berkas grup bayangan\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas grup\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: tidak dapat membuka berkas grup\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas grup bayangan\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: tidak dapat membuka berkas grup bayangan\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u tidak unik\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri grup\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri group bayangan\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: tidak dapat menghapus grup utama dari pengguna.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: Otentikasi PAM gagal\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas grup\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: tak dapat membuka berkas grup\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s tidak ditemukan dalam /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u bukan GID yang unik\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s bukan nama yang unik\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: tak dapat menulis kembali berkas kata sandi\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: tak dapat mengunci berkas kata sandi\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: tak dapat membuka berkas kata sandi\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: tidak dapat memperbaharui entri bayangan untuk %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: tidak dapat memperbaharui entri untuk grup %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas grup bayangan\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: tidak dapat membuka berkas grup banyangan\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: tidak dapat menghapus grup bayangan %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: tidak dapat memperbaharui berkas grup bayangan\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: tidak dapat menghapus berkas grup bayangan\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "UID tak dikenal: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID tidak dikenal: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: grup %s tidak ada\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: pengguna %s tak ada\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nama pengguna `%s' tak sah\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: tidak dapat mengunci /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: tidak dapat mengunci /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: tidak dapat mengunci /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: tidak dapat mengunci /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: tidak dapat membuka berkas-berkas\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: kesalahan saat memperbaharui berkas-berkas\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: tak dapat menghapus entri passwd untuk %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: tak dapat mengunci berkas passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: tak dapat membuka berkas passwd\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: tak dapat menghapus entri bayangan untuk %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: tak dapat memperbaharui berkas passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: tak dapat memperbaharui entri untuk pengguna %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: tak dapat menghapus berkas kata sandi bayangan\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: GID %s tak dikenal\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: grup %s tak dikenal\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: kehabisan memori saat update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: tak dapat menulis kembali berkas kata sandi\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: tak dapat menulis kembali berkas kata sandi bayangan\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: tak dapat mengunci berkas kata sandi bayangan\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: tak dapat membuka berkas kata sandi bayangan\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: kesalahan saat mengunci berkas grup\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: kesalahan saat membuka berkas grup\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: kesalahan saat mengunci berkas grup bayangan\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: kesalahan saat membuka berkas grup bayangan\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: kesalahan saat menambah entri baru kata sandi\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: kesalahan saat menambah entri baru kata sandi bayangan\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: perhatian: CREATE_HOME tak didukung, sebaiknya gunakan -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: errot memperbaharui entri grup\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: errot memperbaharui entri grup\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: tak dapat membuka berkas grup\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: tak dapat membuka berkas grup bayangan\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri kata sandi\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri kata sandi bayangan\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: kesalahan saat menambahkan entri grup yang baru\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu tak unik\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: kesalahan saat mengganti entri kata sandi\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri kata sandi\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri kata sandi bayangan\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: tak mampu mendapatkan GID yang unik\n"
+
+#, fuzzy
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " pada `%.100s' dari `%.200s'"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr " pada `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: baris %d: tak dapat membuat UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: nama %s tidak unik\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: chgpasswd [pilihan-pilihan]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ " -e, --encrypted\tkata sandi yang diberikan telah terenkripsi\n"
+#~ " -h, --help\t\ttampilkan pesan bantuan ini dan keluar\n"
+#~ " -m, --md5\t\tgunakan enkripsi MD5 daripada DES bila kata sandi\n"
+#~ "\t\t\tyang diberikan tak terenkripsi\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Tak ada berkas kata sandi\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Maaf.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Maaf, kata sandi untuk %s belum dapat diganti.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Maaf."
diff --git a/po/it.po b/po/it.po
new file mode 100644
index 0000000..ea7332a
--- /dev/null
+++ b/po/it.po
@@ -0,0 +1,3859 @@
+# Italian translations for shadow package.
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# This file is distributed under the same license as the shadow package.
+# Giuseppe Sacco <eppesuig@debian.org>, 2004.
+# Danilo Piazzalunga <danilopiazza@gmail.com>, 2004-2006.
+#
+# Convenzioni utilizzate per tradurre i termini più frequenti:
+#
+# “faillog (record)â€..................: «(record degli) accessi falliti»
+# “group fileâ€........................: «file dei gruppi»
+# “logged inâ€.........................: «collegato»
+# “loginâ€.............................: «accesso» (nella maggioranza dei casi)
+# “login†[user account]..............: «login»
+# “mail spoolâ€........................: «spool di posta»
+# “primary groupâ€.....................: «gruppo principale»
+# “shadow fileâ€.......................: «file shadow»
+# “shadow groupâ€......................: «gruppo shadow»
+# “(shadow) group fileâ€...............: «file dei gruppi (shadow)»
+# “shadow passwordâ€...................: «shadow password»
+# “(shadow) password fileâ€............: «file delle (shadow) password»
+# “superuserâ€.........................: «root» o «amministratore»
+# “user nameâ€.........................: «nome utente»
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.1\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2008-03-27 14:40+0100\n"
+"Last-Translator: Danilo Piazzalunga <danilopiazza@gmail.com>\n"
+"Language-Team: Italian <tp@lists.linux.it>\n"
+"Language: it\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Più di una voce chiamata «%s» in %s. Correggere il problema con pwck o "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "metodo di cifratura non supportato da libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Impossibile allocare spazio per le informazioni di configurazione.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"errore di configurazione: oggetto «%s» sconosciuto (avvisare "
+"l'amministratore)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Password: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Password di %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Impossibile allocare spazio per le informazioni di configurazione.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Modifica delle informazioni sulla durata dell'account di %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: impossibile determinare il proprio nome utente.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: riga %d: impossibile trovare l'utente %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: memoria esaurita\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: impossibile aggiornare il file %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: directory home «%s» non valida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: attenzione: impossibile rimuovere "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: attenzione: impossibile rimuovere "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: attenzione: impossibile rimuovere "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: attenzione: impossibile rimuovere "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: impossibile aggiornare il file %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: impossibile aggiornare il file shadow\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: impossibile aprire il file %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Attenzione: gruppo «%s» sconosciuto\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Attenzione: troppi gruppi\n"
+
+msgid "Your password has expired."
+msgstr "La password in uso è scaduta."
+
+msgid "Your password is inactive."
+msgstr "La password in uso è inattiva."
+
+msgid "Your login has expired."
+msgstr "Il login in uso è scaduto."
+
+msgid " Contact the system administrator."
+msgstr " Contattare l'amministratore del sistema."
+
+msgid " Choose a new password."
+msgstr " Scegliere una nuova password."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "La password in uso scadrà tra %ld giorni.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "La password in uso scadrà domani."
+
+msgid "Your password will expire today."
+msgstr "La password in uso scade oggi."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Impossibile cambiare i permessi al device %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: lunghezza dei campi eccessiva\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Dimensione dell'ambiente eccessiva\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Non si può modificare $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d tentativo fallito dall'ultimo accesso.\n"
+"L'ultimo è stato %s su %s.\n"
+msgstr[1] ""
+"%d tentativi falliti dall'ultimo accesso.\n"
+"L'ultimo è stato %s su %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "impossibile cambiare il proprietario della casella di posta"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "Impossibile ottenere un UID univoco (nessun UID disponibile)\n"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique GID (no more available GIDs)\n"
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "Impossibile ottenere un GID univoco (nessun GID disponibile)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "Impossibile ottenere un UID univoco (nessun UID disponibile)\n"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "Impossibile ottenere un UID univoco (nessun UID disponibile)\n"
+
+# NdT: Riferito al numero massimo di accessi concorrenti per un utente.
+msgid "Too many logins.\n"
+msgstr "Troppi accessi.\n"
+
+msgid "You have new mail."
+msgstr "C'è nuova posta."
+
+msgid "No mail."
+msgstr "Nessun messaggio di posta."
+
+msgid "You have mail."
+msgstr "C'è la solita posta."
+
+msgid "no change"
+msgstr "nessuna modifica"
+
+msgid "a palindrome"
+msgstr "palindromo"
+
+msgid "case changes only"
+msgstr "cambiano solo maiuscole/minuscole"
+
+msgid "too similar"
+msgstr "simile alla precedente"
+
+msgid "too simple"
+msgstr "troppo semplice"
+
+msgid "rotated"
+msgstr "rotazione"
+
+msgid "too short"
+msgstr "troppo corta"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Password non valida: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() ha restituito l'errore %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Password cambiata."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: password aggiornata correttamente\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Password sbagliata per %s\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: telefono di casa «%s» non valido\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Valore di ENCRYPT_METHOD «%s» non valido.\n"
+"Viene usato il valore predefinito, DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Impossibile spostarsi nella directory «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Directory non presente, accesso con HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Impossibile eseguire %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Directory root «%s» non valida\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Impossibile cambiare la directory root in «%s»\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Impossibile determinare il nome del terminale."
+
+msgid "No"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Inserire il nuovo valore o premere INVIO per quello predefinito"
+
+msgid "Minimum Password Age"
+msgstr "Durata minima della password"
+
+msgid "Maximum Password Age"
+msgstr "Durata massima della password"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Ultimo cambio della password (AAAA-MM-GG)"
+
+msgid "Password Expiration Warning"
+msgstr "Avviso di scadenza della password"
+
+msgid "Password Inactive"
+msgstr "Inattività della password"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data di scadenza dell'account (AAAA-MM-GG)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Ultimo cambio della password\t\t\t\t: "
+
+msgid "never"
+msgstr "mai"
+
+msgid "password must be changed"
+msgstr "la password deve essere cambiata"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Scadenza della password\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Inattività della password\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Scadenza dell'account\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Numero minimo di giorni tra i cambi di password\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Numero massimo di giorni tra i cambi di password\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Giorni di preavviso prima della scadenza della password\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: data «%s» non valida\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argomento numerico «%s» non valido\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: non includere «l» con altri flag\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Permesso negato.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: impossibile determinare il proprio nome utente.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot lock the password file; try again later.\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr ""
+"Impossibile fare il lock del file delle password; riprovare più tardi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: impossibile aprire il file %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failure forking: %s\n"
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: impossibile eseguire fork(): %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: manca il file delle shadow password\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Modifica delle informazioni sulla durata dell'account di %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: errore nel cambiare i campi\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nome completo"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Stanza n°"
+
+msgid "Work Phone"
+msgstr "Numero telefonico di lavoro"
+
+msgid "Home Phone"
+msgstr "Numero telefonico di casa"
+
+msgid "Other"
+msgstr "Altro"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Impossibile cambiare ID a root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nome «%s» non valido\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: numero di stanza «%s» non valido\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: telefono di lavoro «%s» non valido\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: telefono di casa «%s» non valido\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: «%s» contiene caratteri non ammessi\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: «%s» contiene caratteri non ammessi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: impossibile modificare l'utente «%s» sul client NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» è il NIS master per questo client.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Modifica delle informazioni relative all'utente %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: lunghezza dei campi eccessiva\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s flag is ONLY allowed with the %s flag\n"
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: è permesso usare il flag %s solo con il flag %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: i flag -c, -e e -m sono mutuamente esclusivi\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: metodo di cifratura «%s» non supportato\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: riga %d: riga troppo lunga\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: riga %d: manca la nuova password\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: gruppo «%s» inesistente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: riga %d: impossibile aggiornare la voce\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: rilevato un errore; le modifiche vengono ignorate\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Shell di login"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Non è permesso cambiare la shell di %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Cambio della shell di login di %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: voce «%s» non valida\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s non è una shell valida.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: l'utente %s non esiste\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: attenzione: %s non appartiene a %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: le opzioni %s e %s sono mutuamente esclusive\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: argomento «%s» non previsto\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+# NdT: Vedere faillog(5) per il significato dei campi. Il campo "On"
+# è il device tty su cui è avvenuto l'ultimo accesso fallito.
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Login Errori Massimo Ultimo accesso Su\n"
+
+# NdT: La «s» indica l'unità di misura (secondi).
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds rimasti]"
+
+# NdT: La «s» indica l'unità di misura (secondi).
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds blocco]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "Unknown user or range: %s\n"
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Utente o intervallo «%s» sconosciuto\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "La password di %s non può essere cambiata.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "La password di %s non può essere cambiata.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: l'opzione -A richiede le shadow password per i gruppi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: gruppo «%s» inesistente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failure forking: %s\n"
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: impossibile eseguire fork(): %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Cambio della password del gruppo %s\n"
+
+msgid "New Password: "
+msgstr "Nuova password: "
+
+msgid "Re-enter new password: "
+msgstr "Reimmettere la nuova password: "
+
+msgid "They don't match; try again"
+msgstr "Non corrispondono; provare di nuovo"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: riprovare più tardi\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Aggiunta dell'utente %s al gruppo %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Rimozione dell'utente %s dal gruppo %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: non è un terminale\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s non è un nome di gruppo valido\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid group name `%s'\n"
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: nome di gruppo «%s» non valido\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K richiede NOME=VALORE\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: gruppo «%s» già esistente\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Membro già esistente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: impossibile determinare il proprio nome utente.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot change the primary group of user '%s' from %u to %u.\n"
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr ""
+"%s: impossibile modificare il gruppo principale dell'utente «%s» da %u a "
+"%u.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: gruppo «%s» inesistente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: il gruppo «%s» è un gruppo NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s è il NIS master\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: l'utente %s è un utente NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Out of memory. Cannot update the group database.\n"
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: memoria esaurita. Impossibila aggiornare il database dei gruppi.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: invalid group name `%s'\n"
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: nome di gruppo «%s» non valido\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: il gruppo «%s» è un gruppo NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: utente «%s» sconosciuto\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Uso: %s [-r] [-s] [GRUPPO [GSHADOW]]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-r] [-s] [group]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Uso: %s [-r] [-s] [GRUPPO]\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s e -r sono incompatibili\n"
+
+msgid "invalid group file entry"
+msgstr "voce non valida nel file dei gruppi"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "eliminare la riga «%s»? "
+
+msgid "duplicate group entry"
+msgstr "voce duplicata nel file dei gruppi"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nome di gruppo «%s» non valido\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "nome di gruppo «%s» non valido\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "gruppo %s: nessun utente %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "eliminare il membro «%s»? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "nessuna voce corrispondente nel file dei gruppi %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "aggiungere il gruppo «%s» in %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "voce non valida nel file dei gruppi shadow"
+
+msgid "duplicate shadow group entry"
+msgstr "voce duplicata nel file dei gruppi shadow"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "gruppo shadow %s: nessun utente amministrativo %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "eliminare il membro amministrativo «%s»? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "gruppo shadow %s: nessun utente %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: i file sono stati aggiornati\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: nessuna modifica\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: impossibile aggiornare il file %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Uso: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Uso: id\n"
+
+msgid " groups="
+msgstr " gruppi="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "Nome utente Porta Da Ultimo accesso"
+
+msgid "Username Port Latest"
+msgstr "Nome utente Porta Ultimo accesso"
+
+msgid "**Never logged in**"
+msgstr "**Nessun accesso effettuato**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: impossibile aggiornare il file delle password\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Uso: %s [-p] [NOME]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h HOST] [-f NOME]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r HOST\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+# NdT: Non è l'ora giusta per accedere da questo tty (con questo utente).
+msgid "Invalid login time"
+msgstr "Orario di accesso non permesso"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema chiuso per lavori di ordinaria manutenzione"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Disconnessione obbligatoria evitata: root può accedere.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr "Nessuna voce utmp. Eseguire «login» dalla shell di livello più basso"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Login scaduto dopo %d secondi.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM ha restituito un errore: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Superato il numero massimo di tentativi (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM ha richiesto l'uscita immediata\n"
+
+msgid "Login incorrect"
+msgstr "Login non corretto"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: riga %d: impossibile trovare l'utente %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: impossibile eseguire fork(): %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY non riuscita su %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"Attenzione: accesso nuovamente abilitato dopo una proibizione temporanea."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Ultimo accesso: %s su %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Ultimo accesso: %.19s su %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " da %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"orario di accesso terminato\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Uso: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Uso: newgrp [-] [GRUPPO]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Uso: sg GRUPPO [[-c] COMANDO]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+msgid "Invalid password.\n"
+msgstr "Password non valida.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: impossibile eseguire fork(): %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+msgid "too many groups\n"
+msgstr "troppi gruppi\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: group %s is a shadow group, but does not exist in /etc/group\n"
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: il gruppo «%s» è un gruppo shadow, ma non esiste in /etc/group\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: nome utente «%s» non valido\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nome utente «%s» non valido\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: riga %d: riga non valida\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: impossibile aggiornare la voce dell'utente %s (non presente nel database "
+"delle password)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: riga %d: impossibile creare l'utente\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: riga %d: impossibile creare il gruppo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: riga %d: impossibile aggiornare la password\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: riga %d: la chiamata mkdir ha restituito un errore\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: riga %d: la chiamata chown ha restituito un errore\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: riga %d: impossibile aggiornare la voce\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: impossibile creare l'utente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: impossibile aggiornare il file dei gruppi\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid "Old password: "
+msgstr "Vecchia password: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Inserire la nuova password (minimo %d caratteri)\n"
+"Utilizzare una combinazione di lettere maiuscole, minuscole e numeri.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Inserire la nuova password (minimo %d caratteri, massimo %d)\n"
+"Utilizzare una combinazione di lettere maiuscole, minuscole e numeri.\n"
+
+msgid "New password: "
+msgstr "Nuova password: "
+
+msgid "Try again."
+msgstr "Provare di nuovo."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Attenzione: password troppo debole (inserirla di nuovo per usarla comunque)."
+
+msgid "They don't match; try again.\n"
+msgstr "Non corrispondono; provare di nuovo.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "La password di %s non può essere cambiata.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "La password di %s non può ancora essere cambiata.\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: unlocking the user would result in a passwordless account.\n"
+#| "You should set a password with usermod -p to unlock this user account.\n"
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: sbloccando l'utente si otterrebbe un account senza password.\n"
+"È necessario impostare una password con «usermod -p» per sbloccare questo "
+"account.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: repository %s non supportato\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: non è permesso vedere o cambiare le informazioni sulla password di %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Cambio della password di %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "La password di %s non è cambiata.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Password cambiata."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Avviso di scadenza della password"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Uso: %s [-q] [-r] [-s] [PASSWD [SHADOW]]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Uso: %s [-q] [-r] [-s] [PASSWD [SHADOW]]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "voce non valida nel file delle password"
+
+msgid "duplicate password entry"
+msgstr "voce duplicata nel file delle password"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nome utente «%s» non valido\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "nome utente «%s» non valido\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "utente %s: nessun gruppo %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "utente %s: la directory %s non esiste\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "utente %s: il programma %s non esiste\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: impossibile fare il lock del file %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "nessuna voce corrispondente nel file delle password %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "aggiungere l'utente «%s» in %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "voce non valida nel file delle shadow password"
+
+msgid "duplicate shadow password entry"
+msgstr "voce duplicata nel file delle shadow password"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "utente %s: l'ultimo cambio di password reca una data futura\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: impossibile aprire il file %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: impossibile riscrivere il file\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "L'accesso all'account tramite «su» è NEGATO.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Evitata l'autenticazione tramite password.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Inserire la PROPRIA password per autenticarsi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: impossibile fare il lock del file %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Uso: su [OPZIONI] [LOGIN]\n"
+"\n"
+"Opzioni:\n"
+" -c, --command COMANDO passa il COMANDO alla shell invocata\n"
+" -h, --help mostra questo messaggio di aiuto ed esce\n"
+" -, -l, --login rende la shell una shell di login\n"
+" -m, -p,\n"
+" --preserve-environment non azzera le variabili d'ambiente e\n"
+" mantiene la stessa shell\n"
+" -s, --shell SHELL usa la SHELL specificata anziché quella\n"
+" predefinita in passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorato)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Non si è autorizzati a diventare %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Immettere la propria password)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: autenticazione PAM non riuscita\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Non si è autorizzati a diventare %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Manca una voce per «root» nel file delle password"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: si deve avviare da un terminale\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: errore %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Impossibile eseguire %s"
+
+msgid "No password file"
+msgstr "Manca il file delle password"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY non riuscita"
+
+msgid "No password entry for 'root'"
+msgstr "Manca una voce per «root» nel file delle password"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Premere Ctrl-D per procedere con l'avvio regolare, oppure\n"
+"inserire la password di root per la manutenzione del sistema:"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Avvio modalità manutenzione del sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: impossibile creare il nuovo file dei valori predefiniti\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: impossibile aprire il nuovo file dei valori predefiniti\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: riga %d: la chiamata chown ha restituito un errore\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: il gruppo «%s» è un gruppo NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: troppi gruppi specificati (max %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: directory di base «%s» non valida\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: commento «%s» non valido\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: directory home «%s» non valida\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: le shadow password sono necessarie per -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: le shadow password sono necessarie per -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: campo «%s» non valido\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: shell «%s» non valida\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Creazione del file della casella di posta"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Impossibile trovare il gruppo «mail». Creazione del file della casella di "
+"posta dell'utente con il modo 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Impostazione dei permessi del file della casella di posta"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: l'utente «%s» esiste già\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: il gruppo «%s» esiste già; usare -g per aggiungere questo utente a tale "
+"gruppo.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: impossibile creare l'utente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u non univoco\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: impossibile creare il gruppo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: impossibile creare l'utente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: impossibile creare il gruppo\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: attenzione: la directory home esiste già.\n"
+"Non verrà copiato nessun file dalla directory skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot change the primary group of user '%s' from %u to %u.\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: impossibile modificare il gruppo principale dell'utente «%s» da %u a "
+"%u.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: impossibile rimuovere il gruppo «%s» in quanto gruppo principale di un "
+"altro utente.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: directory home «%s» non valida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: attenzione: impossibile rimuovere "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s non appartiene a %s, quindi non viene rimosso\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: l'utente %s è un utente NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: directory home «%s» non valida\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: la directory %s non viene rimossa (verrebbe eliminata la home "
+"dell'utente %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: errore nel rimuovere la directory %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -s, --sha-rounds il numero di passaggi SHA per gli\n"
+" algoritmi di cifratura SHA*\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: unlocking the user would result in a passwordless account.\n"
+#| "You should set a password with usermod -p to unlock this user account.\n"
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: sbloccando l'utente si otterrebbe un account senza password.\n"
+"È necessario impostare una password con «usermod -p» per sbloccare questo "
+"account.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: l'utente «%s» esiste già\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: data «%s» non valida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: data «%s» non valida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: impossibile aprire il file %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: i flag -L, -p e -U sono mutuamente esclusivi\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: le shadow password sono necessarie per le opzioni -e e -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Membro già esistente\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: la directory %s esiste già\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: attenzione: impossibile rimuovere completamente la vecchia directory "
+"home %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: attenzione: %s non appartiene a %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "impossibile cambiare il proprietario della casella di posta"
+
+msgid "failed to rename mailbox"
+msgstr "impossibile rinominare la casella di posta"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "You have modified %s.\n"
+#| "You may need to modify %s for consistency.\n"
+#| "Please use the command `%s' to do so.\n"
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"%s è stato modificato.\n"
+"Per coerenza, potrebbe essere necessario modificare anche %s.\n"
+"Usare il comando «%s» per compiere questa operazione.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s non modificato\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "impossibile rinominare la casella di posta"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Impossibile fare il lock del file"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Impossibile fare il lock del file"
+
+msgid "Couldn't make backup"
+msgstr "Impossibile effettuare il backup"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: impossibile trovare «%s» in /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Impossibile aprire il file dei gruppi\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: lunghezza dei campi eccessiva\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "impossibile rinominare la casella di posta"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "impossibile cambiare il proprietario della casella di posta"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "impossibile rinominare la casella di posta"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+"%s: impossibile ripristinare %s: %s (le modifiche effettuate sono in %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: directory di base «%s» non valida\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) non riuscita\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: chage [OPZIONI] [LOGIN]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ " -d, --lastday ULTIMO_CAMBIO imposta la data dell'ULTIMO_CAMBIO della\n"
+#~ " password\n"
+#~ " -E, --expiredate SCADENZA imposta la data di SCADENZA dell'account\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -i, --inactive INATTIVITÀ imposta il numero di giorni di "
+#~ "INATTIVITÀ\n"
+#~ " della password oltre la sua scadenza\n"
+#~ " -l, --list mostra le informazioni sulla durata\n"
+#~ " dell'account\n"
+#~ " -m, --mindays MINIMO imposta a il numero MINIMO di giorni tra "
+#~ "i\n"
+#~ " cambi di password\n"
+#~ " -M, --maxdays MASSIMO imposta il numero MASSIMO di giorni tra "
+#~ "i\n"
+#~ " cambi di password\n"
+#~ " -w, --warndays PREAVVISO imposta il numero di giorni di PREAVVISO\n"
+#~ " prima della scadenza della password\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: autenticazione PAM non riuscita\n"
+
+# NdT: L'output è allineato se "%s" == "chfn".
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Uso: %s [-f NOME_COMPLETO] [-r NUM_STANZA] [-w TEL_LAVORO]\n"
+#~ " [-h TEL_CASA] [-o ALTRO] [UTENTE]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Uso: %s [-f NOME_COMPLETO] [-r NUM_STANZA] [-w TEL_LAVORO] [-h TEL_CASA]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: %s [OPZIONI]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ " -c, --crypt-method il metodo di cifratura (uno di %s)\n"
+#~ " -e, --encrypted le password fornite sono cifrate\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -m, --md5 cifra la password in chiaro usando\n"
+#~ " l'algoritmo MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: chsh [OPZIONI] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -s, --shell SHELL nuova shell di login per l'utente\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Uso: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: impossibile aprire il file %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Uso: groupdel GRUPPO\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s e -r sono incompatibili\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Uso: groupdel GRUPPO\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Uso: groupdel GRUPPO\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: lastlog [OPZIONI]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ " -b, --before GIORNI mostra solo i record di ultimo accesso "
+#~ "più\n"
+#~ " vecchi di un numero di GIORNI\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -t, --time GIORNI mostra solo i record di ultimo accesso "
+#~ "più\n"
+#~ " recenti di un numero di GIORNI\n"
+#~ " -u, --user LOGIN mostra il record di ultimo accesso per\n"
+#~ " l'utente specificato da LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all report password status on all accounts\n"
+#~| " -d, --delete delete the password for the named "
+#~| "account\n"
+#~| " -e, --expire force expire the password for the named "
+#~| "account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --keep-tokens change password only if expired\n"
+#~| " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --lock lock the named account\n"
+#~| " -n, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -r, --repository REPOSITORY change password in REPOSITORY "
+#~| "repository\n"
+#~| " -S, --status report password status on the named "
+#~| "account\n"
+#~| " -u, --unlock unlock the named account\n"
+#~| " -w, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| " -x, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: passwd [OPZIONI] [LOGIN]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ " -a, --all mostra lo stato delle password di tutti "
+#~ "gli\n"
+#~ " account\n"
+#~ " -d, --delete elimina la password dell'account "
+#~ "specificato\n"
+#~ " -e, --expire segna come scaduta la password "
+#~ "dell'account\n"
+#~ " specificato\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -k, --keep-tokens cambia la password solo se è scaduta\n"
+#~ " -i, --inactive INATTIVITÀ imposta il numero di giorni di "
+#~ "INATTIVITÀ\n"
+#~ " della password oltre la sua scadenza\n"
+#~ " -l, --lock blocca l'account specificato\n"
+#~ " -n, --mindays MINIMO imposta a il numero MINIMO di giorni tra "
+#~ "i\n"
+#~ " cambi di password\n"
+#~ " -q, --quiet opera in modalità silenziosa\n"
+#~ " -r, --repository REPOSITORY cambia la password nel REPOSITORY\n"
+#~ " specificato\n"
+#~ " -S, --status mostra lo stato della password "
+#~ "dell'account\n"
+#~ " specificato\n"
+#~ " -u, --unlock sblocca l'account specificato\n"
+#~ " -w, --warndays PREAVVISO imposta il numero di giorni di PREAVVISO\n"
+#~ " prima della scadenza della password\n"
+#~ " -x, --maxdays MASSIMO imposta il numero MASSIMO di giorni tra "
+#~ "i\n"
+#~ " cambi di password\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Uso: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Uso: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id «%s» sconosciuto\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Nessuna shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: userdel [OPZIONI] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force rimuove comunuque i file, anche se non\n"
+#~ " appartengono all'utente\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -r, --remove rimuove directory home e spool di posta\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: l'utente %s è attualmente collegato\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: usermod [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -c, --comment COMMENT new value of the GECOS field\n"
+#~| " -d, --home HOME_DIR new home directory for the user account\n"
+#~| " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -g, --gid GROUP force use GROUP as new primary group\n"
+#~| " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~| " -a, --append append the user to the supplemental "
+#~| "GROUPS\n"
+#~| " mentioned by the -G option without "
+#~| "removing\n"
+#~| " him/her from other groups\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --login NEW_LOGIN new value of the login name\n"
+#~| " -L, --lock lock the user account\n"
+#~| " -m, --move-home move contents of the home directory to "
+#~| "the\n"
+#~| " new location (use only with -d)\n"
+#~| " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~| " -p, --password PASSWORD use encrypted password for the new "
+#~| "password\n"
+#~| " -s, --shell SHELL new login shell for the user account\n"
+#~| " -u, --uid UID new UID for the user account\n"
+#~| " -U, --unlock unlock the user account\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: usermod [OPZIONI] LOGIN\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ " -c, --comment COMMENTO imposta il nuovo valore del campo GECOS\n"
+#~ " -d, --home DIR_HOME imposta la nuova directory home "
+#~ "dell'utente\n"
+#~ " -e, --expiredate SCADENZA imposta la data di SCADENZA dell'account\n"
+#~ " -f, --inactive INATTIVITÀ imposta il numero di giorni di "
+#~ "INATTIVITÀ\n"
+#~ " della password oltre la sua scadenza\n"
+#~ " -g, --gid GRUPPO impone l'uso di GRUPPO come nuovo gruppo\n"
+#~ "iniziale\n"
+#~ " -G, --groups GRUPPI nuovo elenco di GRUPPI aggiuntivi\n"
+#~ " -a, --append aggiunge l'utente a ulteriori GRUPPI\n"
+#~ " specificati dall'opzione -G senza\n"
+#~ " rimuoverlo da altri gruppi\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -l, --login NUOVO_LOGIN imposta il nuovo nome di login "
+#~ "dell'utente\n"
+#~ " -L, --lock blocca l'account dell'utente\n"
+#~ " -m, --move-home sposta il contenuto della directory home\n"
+#~ " nella nuova posizione (usare solo con -"
+#~ "d)\n"
+#~ " -o, --non-unique permette di usare un UID duplicato (non\n"
+#~ " univoco)\n"
+#~ " -p, --password PASSWORD imposta la nuova PASSWORD cifrata\n"
+#~ " -s, --shell SHELL la nuova shell di login dell'utente\n"
+#~ " -u, --uid UID imposta il nuovo UID dell'utente\n"
+#~ " -U, --unlock sblocca l'account dell'utente\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: non è stata fornita nessuna opzione\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: vipw [OPZIONI]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ " -g, --group modifica il database dei gruppi\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -p, --passwd modifica il database delle password\n"
+#~ " -q, --quiet opera in modalità silenziosa\n"
+#~ " -s, --shadow modifica il database shadow o gshadow\n"
+#~ "\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: impossibile creare %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: chown di %s non riuscito\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: faillog [OPZIONI]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ " -a, --all mostra i record degli accessi falliti "
+#~ "per\n"
+#~ " tutti gli utenti\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -l, --lock-time SEC blocca l'account per SEC secondi dopo un\n"
+#~ " tentativo di accesso fallito\n"
+#~ " -m, --maximum MAX imposta a MAX il numero massimo di\n"
+#~ " tentativi di accesso falliti\n"
+#~ " -r, --reset azzera i conteggi degli accessi falliti\n"
+#~ " -t, --time GIORNI mostra i record degli accessi falliti "
+#~ "più\n"
+#~ " recenti di un numero di GIORNI\n"
+#~ " -u, --user LOGIN mostra il record degli accessi falliti "
+#~ "o,\n"
+#~ " se sono state usate con le opzioni -r, -"
+#~ "m\n"
+#~ " o -l, imposta conteggi e limiti solo per\n"
+#~ " l'utente specificato da LOGIN\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: groupadd [OPZIONI] GRUPPO\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ " -f, --force termina con successo anche se il gruppo\n"
+#~ " specificato esiste già\n"
+#~ " -g, --gid GID usa GID per il nuovo gruppo\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -K, --key CHIAVE=VALORE specifica un valore diverso da quello\n"
+#~ " predefinito in /etc/login.defs\n"
+#~ " -o, --non-unique permette di creare un gruppo con un GID\n"
+#~ " duplicato (non univoco)\n"
+#~ " -p, --password PASSWORD imposta la nuova PASSWORD cifrata\n"
+#~ " -r, --system crea un account di sistema\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: groupmod [OPZIONI] GRUPPO\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ " -g, --gid GID impone l'uso di GID per il GRUPPO\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -n, --new-name NUOVO_GRUPPO impone l'uso del nome NUOVO_GRUPPO per "
+#~ "il\n"
+#~ " GRUPPO\n"
+#~ " -o, --non-unique permette di che il GRUPPO usi un GID\n"
+#~ " duplicato (non univoco)\n"
+#~ " -p, --password PASSWORD imposta la nuova PASSWORD cifrata\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~| " home directory\n"
+#~| " -c, --comment COMMENT set the GECOS field for the new user "
+#~| "account\n"
+#~| " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~| " -D, --defaults print or save modified default useradd\n"
+#~| " configuration\n"
+#~| " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -g, --gid GROUP force use GROUP for the new user "
+#~| "account\n"
+#~| " -G, --groups GROUPS list of supplementary groups for the "
+#~| "new\n"
+#~| " user account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~| " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~| " -l, do not add the user to the lastlog and\n"
+#~| " faillog databases\n"
+#~| " -m, --create-home create home directory for the new user\n"
+#~| " account\n"
+#~| " -N, --no-user-group do not create a group with the same name "
+#~| "as\n"
+#~| " the user\n"
+#~| " -o, --non-unique allow create user with duplicate\n"
+#~| " (non-unique) UID\n"
+#~| " -p, --password PASSWORD use encrypted password for the new user\n"
+#~| " account\n"
+#~| " -r, --system create a system account\n"
+#~| " -s, --shell SHELL the login shell for the new user "
+#~| "account\n"
+#~| " -u, --uid UID force use the UID for the new user "
+#~| "account\n"
+#~| " -U, --user-group create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: useradd [OPZIONI] LOGIN\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ " -b, --base-dir DIR_BASE specifica la directory di base in cui "
+#~ "creare\n"
+#~ " la directory home per il nuovo account\n"
+#~ " -c, --comment COMMENTO imposta il campo GECOS per il nuovo "
+#~ "account\n"
+#~ " -d, --home-dir DIR_HOME specifica la directory home per il nuovo\n"
+#~ " account\n"
+#~ " -D, --defaults mostra o imposta i valori predefiniti "
+#~ "della\n"
+#~ " configurazione di useradd\n"
+#~ " -e, --expiredate SCADENZA imposta la data di SCADENZA dell'account\n"
+#~ " -f, --inactive INATTIVITÀ imposta il numero di giorni di "
+#~ "INATTIVITÀ\n"
+#~ " della password oltre la sua scadenza\n"
+#~ " -g, --gid GRUPPO impone l'uso di GRUPPO per il nuovo "
+#~ "account\n"
+#~ " -G, --groups GRUPPI elenco di GRUPPI aggiuntivi per il nuovo\n"
+#~ " account\n"
+#~ " -h, --help mostra questo messaggio di aiuto ed esce\n"
+#~ " -k, --skel DIR_SKEL specifica una directory skel alternativa\n"
+#~ " -K, --key CHIAVE=VALORE specifica un valore diverso da quello\n"
+#~ " predefinito in /etc/login.defs\n"
+#~ " -l non aggiunge l'utente ai database lastlog "
+#~ "e\n"
+#~ " faillog\n"
+#~ " -m, --create-home crea la directory home per il nuovo "
+#~ "account\n"
+#~ " -N, --no-user-group non crea un gruppo con lo stesso nome\n"
+#~ " dell'utente\n"
+#~ " -o, --non-unique permette di creare un utente con un UID\n"
+#~ " duplicato (non univoco)\n"
+#~ " -p, --password PASSWORD usa la PASSWORD cifrata per il nuovo "
+#~ "account\n"
+#~ " -r, --system crea un account di sistema\n"
+#~ " -s, --shell SHELL la shell di login per il nuovo account\n"
+#~ " -u, --uid UID impone l'uso di UID per il nuovo account\n"
+#~ " -U, --user-group crea un gruppo con lo stesso nome\n"
+#~ " dell'utente\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -r, --system create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: %s [OPZIONI] [INPUT]\n"
+#~ "\n"
+#~ " -c, --crypt-method il metodo di cifratura (uno di %s)\n"
+#~ " -r, --system crea gli account di sistema\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Password segnata come scaduta."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: impossibile fare il lock del file delle password\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: impossibile aprire il file delle password\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: impossibile fare il lock del file delle shadow password\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: impossibile aprire il file delle shadow password\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: impossibile riscrivere il file delle shadow password\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: impossibile riscrivere il file delle password\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: impossibile aggiornare il file delle shadow password\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNome completo: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tStanza n°: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tNumero telefonico di lavoro: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tNumero telefonico di casa: %s\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Impossibile aprire il file delle password.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Errore nell'aggiornare la voce nel file delle password.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Impossibile effettuare le modifiche al file delle password.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Impossibile togliere il lock dal file delle password.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: impossibile fare il lock del file dei gruppi\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: impossibile fare il lock del file gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: impossibile aprire il file shadow\n"
+
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: errore nell'aggiornare il file gshadow\n"
+
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: errore nell'aggiornare il file dei gruppi\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: riga %d: gruppo «%s» sconosciuto\n"
+
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: riga %d: impossibile aggiornare la voce nel file dei gruppi\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: impossibile fare il lock del file shadow\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: errore nell'aggiornare il file shadow\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: errore nell'aggiornare il file delle password\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: riga %d: utente «%s» sconosciuto\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr ""
+#~ "%s: riga %d: impossibile aggiornare la voce nel file delle password\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: utente sconosciuto\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Utente «%s» sconosciuto\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Uso: %s [-r|-R] GRUPPO\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a UTENTE] GRUPPO\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d UTENTE] GRUPPO\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A UTENTE,...] [-M UTENTE,...] GRUPPO\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M UTENTE,...] GRUPPO\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: impossibile fare il lock\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: impossibile fare il lock del file shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: impossibile aprire il file\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: impossibile riscrivere il file shadow\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: impossibile togliere il lock dal file\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: impossibile aggiornare la voce\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: impossibile aggiornare la voce nel file shadow\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "gruppo «%s» sconosciuto\n"
+
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: impossibile chiudere il file\n"
+
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: impossibile chiudere il file shadow\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Chi sei?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: membro «%s» sconosciuto\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: errore nell'aggiungere la nuova voce al file dei gruppi\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: impossibile riscrivere il file dei gruppi\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: impossibile riscrivere il file dei gruppi shadow\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: impossibile fare il lock del file dei gruppi\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: impossibile fare il lock del file dei gruppi shadow\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi shadow\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u non univoco\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file dei gruppi\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file dei gruppi shadow\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: impossibile rimuovere il gruppo principale dell'utente.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Impossibile trovare il membro da rimuovere\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Uso: groupmems -a NOME_UTENTE | -d NOME_UTENTE | -D | -l [ -g "
+#~ "NOME_GRUPPO]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Solo root può aggiungere membri a gruppi diversi\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "È necessario l'accesso al gruppo\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Non si è il proprietario principale del gruppo\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "Autenticazione PAM non riuscita per\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Impossibile fare il lock del file dei gruppi\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Impossibile chiudere il file dei gruppi\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: «%s» non trovato in /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u non è un GID univoco\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s non è un nome univoco\n"
+
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: impossibile riscrivere il file delle password\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: impossibile fare il lock del file delle password\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: impossibile aprire il file delle password\n"
+
+#~ msgid ""
+#~ "%s: cannot change the primary group of user '%s' from %u to %u, since it "
+#~ "is not in the passwd file.\n"
+#~ msgstr ""
+#~ "%s: impossibile modificare il gruppo principale dell'utente «%s» da %u a "
+#~ "%u, in quanto non è presente nel file delle password.\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: impossibile aggiornare la voce relativa a %s nel file shadow\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: impossibile aggiornare la voce del gruppo %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: impossibile fare il lock del file dei gruppi shadow\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi shadow\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: impossibile rimuovere il gruppo shadow %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: impossibile aggiornare il file dei gruppi shadow\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: impossibile eliminare il file dei gruppi shadow\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "UID %u sconosciuto\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID %lu sconosciuto\n"
+
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: ID gruppo «%s» non valido\n"
+
+#~ msgid ""
+#~ "%s: group %s created, failure during the creation of the corresponding "
+#~ "gshadow group\n"
+#~ msgstr ""
+#~ "%s: creato il gruppo «%s»; errore nel creare il corrispondente gruppo "
+#~ "gshadow\n"
+
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: ID utente «%s» non valido\n"
+
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nome utente «%s» non valido\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: impossibile fare il lock di /etc/passwd.\n"
+
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: impossibile fare il lock di /etc/shadow.\n"
+
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: impossibile fare il lock di /etc/group.\n"
+
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: impossibile fare il lock di /etc/gshadow.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: impossibile aprire i file\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: errore nell'aggiornare i file\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: impossibile aggiornare la voce relativa a %s nel file passwd\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: impossibile fare il lock del file passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: impossibile aprire il file passwd\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: impossibile rimuovere la voce relativa a %s dal file shadow\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: impossibile aggiornare il file passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: impossibile aggiornare la voce relativa all'utente %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: impossibile eliminare il file delle shadow password\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: GID «%s» sconosciuto\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: gruppo «%s» sconosciuto\n"
+
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr ""
+#~ "%s: memoria esaurita. Impossibile aggiornare il database dei grupppi "
+#~ "shadow.\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: impossibile riscrivere il file delle password\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: impossibile riscrivere il file delle shadow password\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: impossibile fare il lock del file delle shadow password\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: impossibile aprire il file delle shadow password\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: errore nel fare il lock del file dei gruppi\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: errore nell'aprire il file dei gruppi\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: errore nel fare il lock del file dei gruppi shadow\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: errore nell'aprire il file dei gruppi shadow\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: errore nell'aggiungere la nuova voce al file delle password\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr ""
+#~ "%s: errore nell'aggiungere la nuova voce al file delle shadow password\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: attenzione: CREATE_HOME non è supportata; usare -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: errore nell'aggiornare la voce nel file dei gruppi\n"
+
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: errore nell'aggiornare la voce nel file dei gruppi shadow\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi shadow\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file delle password\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file delle shadow password\n"
+
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr ""
+#~ "%s: errore nell'aggiungere la nuova voce al file dei gruppi shadow\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid «%lu» non univoco\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: errore nel cambio della voce nel file delle password\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file delle password\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file delle shadow password\n"
diff --git a/po/ja.po b/po/ja.po
new file mode 100644
index 0000000..3125e5f
--- /dev/null
+++ b/po/ja.po
@@ -0,0 +1,2890 @@
+# Shadow utils japanese message catalog
+# Copyright (C) YEAR Free Software Foundation, Inc.
+# Yasuyuki Furukawa <furukawa@vinelinux.org>, 2000.
+# revised by NAKANO Takeo <nakano@webmasters.gr.jp> since 2004-09-05
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.5\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-05-21 02:52+0900\n"
+"Last-Translator: NAKANO Takeo <nakano@webmasters.gr.jp>\n"
+"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
+"Language: ja\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"'%s' ã¨ã„ã†ã‚¨ãƒ³ãƒˆãƒªãŒ %s ã«è¤‡æ•°ã‚ã‚Šã¾ã™ã€‚pwck ã‹ grpck ã§ä¿®æ­£ã—ã¦ãã ã•ã„。\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "æš—å·åŒ–手法㌠libcrypt ã«ã‚ˆã£ã¦ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "設定エラー - %s ã®å€¤ '%s' ã‚’æ­£ã—ã解釈ã§ãã¾ã›ã‚“"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "設定情報用ã®ç©ºã容é‡ãŒç¢ºä¿ã§ãã¾ã›ã‚“ã§ã—ãŸã€‚\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "設定エラー: ä¸æ˜Žãªé …ç›® '%s' (管ç†è€…ã«é€£çµ¡ã—ã¦ãã ã•ã„)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd ã¯æ­£å¸¸ã«çµ‚了ã—ã¾ã›ã‚“ã§ã—㟠(シグナル %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd ã¯ã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ %d ã§çµ‚了ã—ã¾ã—ãŸ\n"
+
+msgid "Password: "
+msgstr "パスワード: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s ã®ãƒ‘スワード: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "SELinux ã®ç®¡ç†ãƒãƒ³ãƒ‰ãƒ«ã‚’作æˆã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux ãƒãƒªã‚·ãƒ¼ãŒç®¡ç†ã•ã‚Œã¦ã„ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "SELinux ã®ãƒãƒªã‚·ãƒ¼ä¿å­˜é ˜åŸŸã‚’読ã‚ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "SELinux ã®ç®¡ç†æŽ¥ç¶šãŒç¢ºç«‹ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "SELinux ã®ãƒˆãƒ©ãƒ³ã‚¶ã‚¯ã‚·ãƒ§ãƒ³ã‚’開始ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "%s ã® seuser ã®å•ã„åˆã‚ã›ãŒã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "%s ã® serange を設定ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "%s ã® sename を設定ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "%s ã®ãƒ­ã‚°ã‚¤ãƒ³ãƒžãƒƒãƒ”ングを修正ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s ã® SELinux ログインマッピングを生æˆã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "%s ã®åå‰ã‚’設定ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "%s ã® SELinux ユーザを設定ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "%s ã®ãƒ­ã‚°ã‚¤ãƒ³ãƒžãƒƒãƒ”ングを追加ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "SELinux ã®ç®¡ç†ã‚’åˆæœŸåŒ–ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "SELinux ã®ãƒ¦ãƒ¼ã‚¶ã‚­ãƒ¼ã‚’生æˆã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "ã“ã® SELinux ユーザを検証ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "SELinux ã®ãƒ¦ãƒ¼ã‚¶ãƒžãƒƒãƒ”ングを修正ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "SELinux ã®ãƒ¦ãƒ¼ã‚¶ãƒžãƒƒãƒ”ングを追加ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "SELinux ã®ãƒˆãƒ©ãƒ³ã‚¶ã‚¯ã‚·ãƒ§ãƒ³ã‚’コミットã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"%s ã®ãƒ­ã‚°ã‚¤ãƒ³ãƒžãƒƒãƒ”ングãŒå®šç¾©ã•ã‚Œã¦ã„ã¾ã›ã‚“。デフォルトã®ãƒžãƒƒãƒ”ングを\n"
+"用ã„ãŸãªã‚‰ã° OK ã§ã™ã€‚\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr "%s ã®ãƒ­ã‚°ã‚¤ãƒ³ãƒžãƒƒãƒ”ングã¯ãƒãƒªã‚·ãƒ¼ã§å®šç¾©ã•ã‚Œã¦ãŠã‚Šã€å‰Šé™¤ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "%s ã®ãƒ­ã‚°ã‚¤ãƒ³ãƒžãƒ”ングを削除ã§ãã¾ã›ã‚“"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: メモリãŒè¶³ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: %s ã®çŠ¶æ…‹ã‚’å–å¾—ã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s ã¯ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã§ã‚‚シンボリックリンクã§ã‚‚ã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: シンボリックリンク %s を読ã‚ã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: シンボリックリンクãŒé•·ã™ãŽã‚‹ã‚ˆã†ã§ã™: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: ディレクトリ %s を作æˆã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: %s ã®æ‰€æœ‰è€…を変更ã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: : %s ã®ãƒ¢ãƒ¼ãƒ‰ã‚’変更ã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: アンリンク: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: ディレクトリ %s を削除ã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: %s ã®åå‰ã‚’ %s ã«å¤‰æ›´ã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: %s を削除ã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: シンボリックリンク %s を作æˆã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: %s ã®æ‰€æœ‰è€…を変更ã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: %s ã‚’ lstat ã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: 警告: ユーザ %s ã«ã¯ tcb shadow ファイルãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: 緊急事態: %s ã® tcb shadow ㌠st_nlink=1 ã®é€šå¸¸ãƒ•ã‚¡ã‚¤ãƒ«ã§ã¯ã‚ã‚Šã¾ã›ã‚“。\n"
+"アカウントã¯ãƒ­ãƒƒã‚¯ã•ã‚ŒãŸã¾ã¾ã«ãªã‚Šã¾ã™ã€‚\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %s ã‚’é–‹ã‘ã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "警告: ä¸æ˜Žãªã‚°ãƒ«ãƒ¼ãƒ— %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "警告: グループãŒå¤šã™ãŽã¾ã™\n"
+
+msgid "Your password has expired."
+msgstr "ã‚ãªãŸã®ãƒ‘スワードã¯æœŸé™ãŒåˆ‡ã‚Œã¦ã„ã¾ã™ã€‚"
+
+msgid "Your password is inactive."
+msgstr "ã‚ãªãŸã®ãƒ‘スワードã¯ç¾åœ¨ä½¿ãˆã¾ã›ã‚“。"
+
+msgid "Your login has expired."
+msgstr "ã‚ãªãŸã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã¯æœŸé™ãŒåˆ‡ã‚Œã¾ã—ãŸã€‚"
+
+msgid " Contact the system administrator."
+msgstr " システム管ç†è€…ã«é€£çµ¡ã—ã¦ãã ã•ã„。"
+
+msgid " Choose a new password."
+msgstr " æ–°ã—ã„パスワードをé¸æŠžã—ã¦ãã ã•ã„。"
+
+msgid "You must change your password."
+msgstr "パスワードを変更ã—ã¦ãã ã•ã„。"
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "ã‚ãªãŸã®ãƒ‘スワードã¯ã‚㨠%ld æ—¥ã§æœŸé™ãŒåˆ‡ã‚Œã¾ã™ã€‚\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "ã‚ãªãŸã®ãƒ‘スワードã¯æ˜Žæ—¥ã§æœŸé™ãŒåˆ‡ã‚Œã¾ã™ã€‚"
+
+msgid "Your password will expire today."
+msgstr "ã‚ãªãŸã®ãƒ‘スワードã¯æœ¬æ—¥ã§æœŸé™ãŒåˆ‡ã‚Œã¾ã™ã€‚"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "audit インターフェースを開ã‘ã¾ã›ã‚“ - 終了ã—ã¾ã™ã€‚\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "tty stdin ã®æ‰€æœ‰è€…ã‹ãƒ¢ãƒ¼ãƒ‰ã‚’変更ã§ãã¾ã›ã‚“: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: %s ãŒã‚¢ãƒ³ãƒ­ãƒƒã‚¯ã§ãã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "環境変数領域ã®ã‚ªãƒ¼ãƒãƒ¼ãƒ•ãƒ­ãƒ¼\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "$%s を変更ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"最後ã®ãƒ­ã‚°ã‚¤ãƒ³ã‹ã‚‰ %d 回失敗。\n"
+"最後ã®ãƒ­ã‚°ã‚¤ãƒ³ã¯ %s (マシン %s)。\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: 設定ãŒä¸æ­£: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr "%s: 設定ãŒä¸æ­£: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: メモリ割当ã«å¤±æ•—ã—ã¾ã—ãŸ: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: ä»–ã¨é‡ãªã‚‰ãªã„システム GID ã‚’å–å¾—ã§ãã¾ã›ã‚“ (利用ã§ãã‚‹ GID ãŒã‚ã‚Šã¾ã›"
+"ã‚“)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+"%s: ä»–ã¨é‡ãªã‚‰ãªã„グループ ID ã‚’å–å¾—ã§ãã¾ã›ã‚“ (利用ã§ãã‚‹ GID ãŒã‚ã‚Šã¾ã›"
+"ã‚“)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: 設定ãŒä¸æ­£: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr "%s: 設定ãŒä¸æ­£: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: ä»–ã¨é‡ãªã‚‰ãªã„システム UID ã‚’å–å¾—ã§ãã¾ã›ã‚“ (利用ã§ãã‚‹ UID ãŒã‚ã‚Šã¾ã›"
+"ã‚“)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+"%s: ä»–ã¨é‡ãªã‚‰ãªã„ユーザ ID ã‚’å–å¾—ã§ãã¾ã›ã‚“ (利用ã§ãã‚‹ UID ãŒã‚ã‚Šã¾ã›ã‚“)\n"
+
+msgid "Too many logins.\n"
+msgstr "ログイン試行数ãŒåˆ¶é™ã‚’越ãˆã¾ã—ãŸã€‚\n"
+
+msgid "You have new mail."
+msgstr "æ–°ã—ã„メールãŒã‚ã‚Šã¾ã™ã€‚"
+
+msgid "No mail."
+msgstr "メールã¯ã‚ã‚Šã¾ã›ã‚“。"
+
+msgid "You have mail."
+msgstr "メールãŒã‚ã‚Šã¾ã™ã€‚"
+
+msgid "no change"
+msgstr "変更ã•ã‚Œã¦ã„ã¾ã›ã‚“"
+
+msgid "a palindrome"
+msgstr "回文ã§ã™"
+
+msgid "case changes only"
+msgstr "大文字å°æ–‡å­—ã—ã‹å¤‰æ›´ã•ã‚Œã¦ã„ã¾ã›ã‚“"
+
+msgid "too similar"
+msgstr "ä¼¼ã™ãŽã¦ã„ã¾ã™"
+
+msgid "too simple"
+msgstr "å˜ç´”ã™ãŽã¾ã™"
+
+msgid "rotated"
+msgstr "循環ã«ãªã£ã¦ã„ã¾ã™"
+
+msgid "too short"
+msgstr "短ã‹ã™ãŽã¾ã™"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "良ããªã„パスワードã§ã™: %s "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() ã«ã‚¨ãƒ©ãƒ¼ %d ã§å¤±æ•—ã—ã¾ã—ãŸ\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "パスワード: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: パスワードã¯å¤‰æ›´ã•ã‚Œã¾ã›ã‚“ã§ã—ãŸ\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: パスワードã¯æ­£ã—ãæ›´æ–°ã•ã‚Œã¾ã—ãŸ\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "%s ã®ãƒ‘スワードãŒæ­£ã—ãã‚ã‚Šã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: --root オプションãŒè¤‡æ•°ã‚ã‚Šã¾ã™\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: オプション '%s' ã«ã¯å¼•ã数を指定ã—ã¦ãã ã•ã„\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: 特権をè½ã¨ã›ã¾ã›ã‚“ã§ã—㟠(%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: chroot ã®ãƒ‘ス'%s' ãŒä¸æ­£ã§ã™\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: chroot ディレクトリ%s ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã¾ã›ã‚“: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: chroot ディレクトリ%s ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: ディレクトリ %s ã« chroot ã§ãã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"ENCRYPT_METHOD ã®å€¤ãŒæ­£ã—ãã‚ã‚Šã¾ã›ã‚“: '%s'\n"
+"デフォルト㮠DES を用ã„ã¾ã™ã€‚\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "'%s' ã¸ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’変更ã§ãã¾ã›ã‚“\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "ディレクトリãŒã‚ã‚Šã¾ã›ã‚“。HOME=/ ã¨ã—ã¦ãƒ­ã‚°ã‚¤ãƒ³ã—ã¾ã™"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s を実行ã§ãã¾ã›ã‚“"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "ルートディレクトリ '%s' ã¯ä¸æ­£ã§ã™\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "ルートディレクトリを '%s' ã¸å¤‰æ›´ã§ãã¾ã›ã‚“\n"
+
+msgid "Unable to determine your tty name."
+msgstr "ã‚ãªãŸã®ç«¯æœ« (tty) åを決定ã§ãã¾ã›ã‚“。"
+
+msgid "No"
+msgstr "No"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使ã„æ–¹: %s [オプション] LOGIN\n"
+"\n"
+"オプション:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday LAST_DAY パスワードã®æœ€çµ‚変更日を LAST_DAY ã«ã™ã‚‹\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate EXPIRE_DATE アカウント期é™åˆ‡ã‚Œã®æ—¥ã‚’ EXPIRE_DATE ã«ã™ã‚‹\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr " -h, --help ã“ã®ãƒ˜ãƒ«ãƒ—を表示ã—ã¦çµ‚了ã™ã‚‹\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INACTIVE パスワードを期é™åˆ‡ã‚Œå¾Œã«ç„¡åŠ¹åŒ–ã™ã‚‹æ—¥æ•°ã‚’\n"
+" INACTIVEã«ã™ã‚‹\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr " -l, --list アカウントã®çµŒæ™‚情報を表示ã™ã‚‹\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays MIN_DAYS パスワードãŒå¤‰æ›´ã§ãã‚‹ã¾ã§ã®æœ€çŸ­æ—¥æ•°ã‚’\n"
+" MIN_DAYS ã«å¤‰æ›´ã™ã‚‹\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays MAX_DAYS パスワードãŒå¤‰æ›´ã§ãる期間ã®æœ€é•·æ—¥æ•°ã‚’\n"
+" MAX_DAYS ã«å¤‰æ›´ã™ã‚‹\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -R, --root CHROOT_DIR chroot ã™ã‚‹ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒª\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays WARN_DAYS 期é™åˆ‡ã‚Œè­¦å‘Šã®æ—¥æ•°ã‚’ WARN_DAYS ã«ã™ã‚‹\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"æ–°ã—ã„値を入力ã—ã¦ãã ã•ã„。標準設定値を使ã†ãªã‚‰ãƒªã‚¿ãƒ¼ãƒ³ã‚’押ã—ã¦ãã ã•ã„"
+
+msgid "Minimum Password Age"
+msgstr "パスワード変更å¯èƒ½ã¾ã§ã®æœ€çŸ­æ—¥æ•°"
+
+msgid "Maximum Password Age"
+msgstr "パスワード変更å¯èƒ½æœŸé–“ã®æœ€é•·æ—¥æ•°"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "最後ã«ãƒ‘スワード変更ã—ãŸæ—¥ä»˜ (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "パスワード期é™åˆ‡ã‚Œè­¦å‘Šæ—¥æ•°"
+
+msgid "Password Inactive"
+msgstr "パスワード無効日数"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "アカウント期é™åˆ‡ã‚Œæ—¥ä»˜ (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "最終パスワード変更日\t\t\t\t:"
+
+msgid "never"
+msgstr "ãªã—"
+
+msgid "password must be changed"
+msgstr "パスワードã¯å¤‰æ›´ã—ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "パスワード期é™:\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "パスワード無効化中\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "アカウント期é™åˆ‡ã‚Œ\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "パスワードãŒå¤‰æ›´ã§ãã‚‹ã¾ã§ã®æœ€çŸ­æ—¥æ•°\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "パスワードを変更ã—ãªãã¦ã‚ˆã„最長日数\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "パスワード期é™ãŒåˆ‡ã‚Œã‚‹å‰ã«è­¦å‘Šã•ã‚Œã‚‹æ—¥æ•°\t\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: 日付 '%s' ã¯ä¸æ­£ã§ã™\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: 数値引数 '%s' ãŒæ­£ã—ãã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: \"l\" オプションã¯ä»–ã®ãƒ•ãƒ©ã‚°ã¨åŒæ™‚ã«ã¯æŒ‡å®šã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: 権é™ãŒã‚ã‚Šã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: ã‚ãªãŸã®ãƒ¦ãƒ¼ã‚¶åを判定ã§ãã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: %s をロックã§ãã¾ã›ã‚“。後ã§ã‚‚ã†ä¸€åº¦è©¦ã—ã¦ãã ã•ã„。\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: %s ã‚’é–‹ã‘ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: 変更を %s ã«æ›¸ãè¾¼ã‚ã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: %s ã®æ–°ã—ã„エントリ '%s' を準備ã§ãã¾ã›ã‚“ã§ã—ãŸã€‚\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: シャドウパスワードファイルãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: ユーザ %s 㯠%s ã«å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s ã®æœŸé™æƒ…報を変更中\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: フィールド変更ã®éš›ã«ã‚¨ãƒ©ãƒ¼ãŒèµ·ãã¾ã—ãŸ\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使ã„æ–¹: %s [オプション] [LOGIN]\n"
+"\n"
+"オプション:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr " -f, --full-name FULL_NAME ユーザã®ãƒ•ãƒ«ãƒãƒ¼ãƒ ã‚’変更ã™ã‚‹\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr " -h, --home-phone HOME_PHONE ユーザã®é›»è©±ç•ªå·ã‚’変更ã™ã‚‹\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr " -o, --other OTHER_INFO ユーザã®ä»–ã® GECOS 情報を変更ã™ã‚‹\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr " -r, --room ROOM_NUMBER ユーザã®éƒ¨å±‹ç•ªå·ã‚’変更ã™ã‚‹\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr " -u, --help ã“ã®ãƒ˜ãƒ«ãƒ—を表示ã—ã¦çµ‚了ã™ã‚‹\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr " -w, --work-phone WORK_PHONE ユーザã®è·å ´ã®é›»è©±ç•ªå·ã‚’変更ã™ã‚‹\n"
+
+msgid "Full Name"
+msgstr "フルãƒãƒ¼ãƒ "
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "部屋番å·"
+
+msgid "Work Phone"
+msgstr "è·å ´é›»è©±ç•ªå·"
+
+msgid "Home Phone"
+msgstr "自宅電話番å·"
+
+msgid "Other"
+msgstr "ãã®ä»–"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ID ã‚’ root ã¸å¤‰æ›´ã§ãã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: éž ASCII 文字ã®åå‰: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ユーザåãŒä¸æ­£ã§ã™: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: éž ASCII 文字ã®éƒ¨å±‹ç•ªå·: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: 部屋番å·ãŒä¸æ­£ã§ã™: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: è·å ´é›»è©±ç•ªå·ãŒä¸æ­£ã§ã™: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: 自宅電話番å·ãŒä¸æ­£ã§ã™: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' ã«ã¯éž ASCII 文字ãŒå«ã¾ã‚Œã¦ã„ã¾ã™\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' ã«ã¯åˆ©ç”¨ã§ããªã„文字ãŒå«ã¾ã‚Œã¦ã„ã¾ã™\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: ユーザ '%s' ã¯å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: NIS クライアントã§ã¯ãƒ¦ãƒ¼ã‚¶ '%s' を変更ã§ãã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' ãŒã“ã®ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã® NIS マスターã§ã™ã€‚\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%s ã®ãƒ¦ãƒ¼ã‚¶æƒ…報を変更中\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: 入力内容ãŒé•·éŽãŽã¾ã™\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使ã„æ–¹: %s [オプション]\n"
+"\n"
+"オプション:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method METHOD æš—å·åŒ–ã®æ–¹æ³• (%s ã®ã©ã‚Œã‹ã²ã¨ã¤)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr " -e, --encrypted 与ãˆãŸãƒ‘スワードを暗å·åŒ–ã™ã‚‹\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 平文テキストã®ãƒ‘スワードを\n"
+" MD5 アルゴリズムã§æš—å·åŒ–ã™ã‚‹\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds SHA* æš—å·åŒ–アルゴリズム㮠SHA ラウンド回数\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s フラグ㯠%s フラグã¨å…±ã«æŒ‡å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e, -m フラグã¯åŒæ™‚ã«æŒ‡å®šã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: サãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„æš—å·åŒ–手法ã§ã™: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: %d è¡Œ: è¡ŒãŒé•·éŽãŽã¾ã™\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: %d è¡Œ: æ–°è¦ãƒ‘スワードãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: %s ã«æ›¸ãè¾¼ã‚ã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: %d è¡Œ: グループ '%s' ã¯å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: %d è¡Œ: %s ã®æ–°ã—ã„エントリ '%s' を用æ„ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: エラーãŒæ¤œå‡ºã•ã‚Œã¾ã—ãŸã€‚変更ã¯è¡Œã„ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (%d 行目, ユーザ %s) パスワードã¯å¤‰æ›´ã•ã‚Œã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: %d 行目: ユーザ '%s' ã¯å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr " -s, --shell SHELL ユーザã®ã‚·ã‚§ãƒ«ã‚’æ–°ãŸã« SHELL ã«ã™ã‚‹\n"
+
+msgid "Login Shell"
+msgstr "ログインシェル"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "ã‚ãªãŸã¯ '%s' ã®ã‚·ã‚§ãƒ«ã‚’変更ã§ãã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%s ã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã‚’変更中\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: ä¸æ­£ãªã‚¨ãƒ³ãƒˆãƒª: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s ã¯ã‚·ã‚§ãƒ«ã«æŒ‡å®šã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: 警告: %s ã¯å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: 警告: %s ã¯å®Ÿè¡Œå¯èƒ½ã§ã¯ã‚ã‚Šã¾ã›ã‚“\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check ユーザã®ãƒ‘スワードã®æœŸé™åˆ‡ã‚Œã‚’ãƒã‚§ãƒƒã‚¯ã™ã‚‹\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force ユーザã®ãƒ‘スワードãŒæœŸé™åˆ‡ã‚Œã ã£ãŸã‚‰\n"
+" パスワード変更を強制ã™ã‚‹\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: オプション %s 㨠%s ã¯åŒæ™‚ã«æŒ‡å®šã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: ã“ã®å¼•ãæ•°ã¯ä¸æ­£ã§ã™: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr " -a, --all 全ユーザ㮠faillog 記録を表示ã™ã‚‹\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs SEC ログインã«å¤±æ•—ã—ãŸã‚‰ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã‚’\n"
+" SEC 秒ロックã™ã‚‹\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAX ログイン失敗カウンタã®æœ€å¤§å€¤ã‚’ MAX ã«ã™ã‚‹\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr " -r, --reset ログイン失敗ã®ã‚«ã‚¦ãƒ³ã‚¿ã‚’リセットã™ã‚‹\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DAYS ã“ã“ DAYS 日分㮠faillog 記録を表示ã™ã‚‹\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user LOGIN/RANGE 指定ã—㟠LOGIN (RANGE) ã«ã¤ã„ã¦ã®ã¿\n"
+" faillog 記録を表示ã™ã‚‹ã€‚ã‚ã‚‹ã„㯠-r,\n"
+" -m, -l ãªã©ã‚’指定ã—ãŸå ´åˆã¯ã€æŒ‡å®š LOGIN\n"
+" ã«ã¤ã„ã¦ã®ã¿å¤±æ•—カウンタや制é™å€¤ã‚’変更ã™ã‚‹\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: UID %lu ã®ã‚¨ãƒ³ãƒˆãƒªã‚’å–å¾—ã§ãã¾ã›ã‚“ã§ã—ãŸ\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "ログインå 失敗 最大 最新 場所\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr "[残り %lu 秒]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr "[ロック %ld 秒]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: UID %lu ã®å¤±æ•—回数をリセットã§ãã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: UID %lu ã®æœ€å¤§å›žæ•°ã‚’設定ã§ãã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: UID %lu ã®ãƒ­ãƒƒã‚¯æ™‚間を設定ã§ãã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: ä¸æ˜Žãªãƒ¦ãƒ¼ã‚¶ã¾ãŸã¯ç¯„囲ã§ã™: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: %s ã®ã‚µã‚¤ã‚ºã‚’å–å¾—ã§ãã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: %s ã«æ›¸ãè¾¼ã‚ã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使ã„æ–¹: %s [オプション] GROUP\n"
+"\n"
+"オプション:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add USER USER ã‚’ GROUP ã«è¿½åŠ ã™ã‚‹\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete USER USER ã‚’ GROUP ã‹ã‚‰å‰Šé™¤ã™ã‚‹\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root CHROOT_DIR chroot ã™ã‚‹ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒª\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password GROUP ã®ãƒ‘スワードを削除ã™ã‚‹\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict GROUP ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’メンãƒãƒ¼ã®ã¿ã«åˆ¶é™ã™ã‚‹\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr " -M, --members USER,... GROUP ã®ãƒ¡ãƒ³ãƒãƒ¼ã®ãƒªã‚¹ãƒˆã‚’設定ã™ã‚‹\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" GROUP ã®ç®¡ç†è€…ã®ãƒªã‚¹ãƒˆã‚’設定ã™ã‚‹\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"-A ãŠã‚ˆã³ -M オプションを除ãã€ã“れらã®ã‚ªãƒ—ションã¯åŒæ™‚ã«æŒ‡å®šã§ãã¾ã›ã‚“\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "ã“れらã®ã‚ªãƒ—ションã¯åŒæ™‚ã«æŒ‡å®šã§ãã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -A ã«ã¯ã‚·ãƒ£ãƒ‰ã‚¦ã‚°ãƒ«ãƒ¼ãƒ—パスワードãŒå¿…è¦ã§ã™\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: グループ '%s' 㯠%s ã«å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: リードオンリー㮠%s ã®ã‚¯ãƒ­ãƒ¼ã‚ºä¸­ã«å¤±æ•—\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "グループ %s ã®ãƒ‘スワードを変更中\n"
+
+msgid "New Password: "
+msgstr "æ–°è¦ãƒ‘スワード: "
+
+msgid "Re-enter new password: "
+msgstr "æ–°è¦ãƒ‘スワードå†å…¥åŠ›: "
+
+msgid "They don't match; try again"
+msgstr "一致ã—ã¾ã›ã‚“; ã‚‚ã†ä¸€åº¦ãŠé¡˜ã„ã—ã¾ã™"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: 後ã§ã‚‚ã†ä¸€åº¦ãŠé¡˜ã„ã—ã¾ã™\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "ユーザ %s をグループ %s ã«è¿½åŠ \n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "ユーザ %s をグループ %s ã‹ã‚‰å‰Šé™¤\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: ユーザ '%s' 㯠'%s' ã®ãƒ¡ãƒ³ãƒãƒ¼ã§ã¯ã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: 端末ã§ã¯ã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使ã„æ–¹: %s [オプション] GROUP\n"
+"\n"
+"オプション:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force グループãŒã™ã§ã«å­˜åœ¨ã—ã¦ã„ãŸã‚‰æ­£å¸¸çµ‚了ã—ã¾"
+"ã™ã€‚\n"
+" ã¾ãŸ GID ãŒæ—¢ã«ç”¨ã„られã¦ã„ãŸã‚‰ -g をキャンセ"
+"ル\n"
+" ã—ã¾ã™\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID ã“ã®æ–°è¦ã‚°ãƒ«ãƒ¼ãƒ—ã« GID を用ã„ã¾ã™\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key KEY=VALUE /etc/login.defs ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã‚ˆã‚Šå„ªå…ˆã•ã‚Œã‚‹\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique åŒã˜ GID ã‚’æŒã¤è¤‡æ•°ã®ã‚°ãƒ«ãƒ¼ãƒ—ã®ä½œæˆã‚’\n"
+" 許å¯ã—ã¾ã™\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password PASSWORD æ–°è¦ã‚°ãƒ«ãƒ¼ãƒ—ã«ã“ã®æš—å·åŒ–済パスワードを用ã„"
+"ã‚‹\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system システムアカウントを作æˆã—ã¾ã™\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' ã¯ã‚°ãƒ«ãƒ¼ãƒ—åã¨ã—ã¦æ­£ã—ãã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: '%s' ã¯ã‚°ãƒ«ãƒ¼ãƒ— ID ã¨ã—ã¦æ­£ã—ãã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K ã«ã¯ KEY=VALUE ãŒå¿…è¦ã§ã™\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: グループ '%s' ã¯æ—¢ã«å­˜åœ¨ã—ã¾ã™\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID '%lu' ã¯æ—¢ã«å­˜åœ¨ã—ã¾ã™\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: クリーンアップサービスを設定ã§ãã¾ã›ã‚“。\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr " -r, --reset ログイン失敗ã®ã‚«ã‚¦ãƒ³ã‚¿ã‚’リセットã™ã‚‹\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: '%s' ã®ã‚¨ãƒ³ãƒˆãƒªã‚’ %s ã‹ã‚‰å‰Šé™¤ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: ユーザ '%s' ã®ãƒ—ライマリグループã¯å‰Šé™¤ã§ãã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: グループ '%s' ã¯å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: グループ '%s' 㯠NIS グループã§ã™\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s ㌠NIS マスターã§ã™\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: ユーザ '%s' ã¯ã™ã§ã« '%s' ã®ãƒ¡ãƒ³ãƒãƒ¼ã§ã™\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: メモリä¸è¶³ã§ã™ã€‚%s ã‚’æ›´æ–°ã§ãã¾ã›ã‚“。\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使ã„æ–¹: %s [オプション] [アクション]\n"
+"\n"
+"オプション:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group groupname ユーザã®æ‰€å±žã—ã¦ã„ãªã„グループを変更ã—ã¾ã™\n"
+" (root ã®ã¿)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "アクション:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add username username をグループã®ãƒ¡ãƒ³ãƒãƒ¼ã«è¿½åŠ ã—ã¾ã™\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete username グループã®ãƒ¡ãƒ³ãƒãƒ¼ã‹ã‚‰ username を削除ã™ã‚‹\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+" -p, --purge グループã‹ã‚‰ã™ã¹ã¦ã®ãƒ¡ãƒ³ãƒãƒ¼ã‚’削除ã—ã¾ã™\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list グループã®ãƒ¡ãƒ³ãƒãƒ¼ã‚’表示ã—ã¾ã™ã€‚\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: ã‚ãªãŸã®ã‚°ãƒ«ãƒ¼ãƒ—åã¯ã‚ãªãŸã®ãƒ¦ãƒ¼ã‚¶åã¨ãƒžãƒƒãƒã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: -g/--group オプション㯠root ã®ã¿ãŒæŒ‡å®šã§ãã¾ã™\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID グループ㮠ID ã‚’ GID ã«å¤‰æ›´ã—ã¾ã™\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name NEW_GROUP åå‰ã‚’ NEW_GROUP ã«å¤‰æ›´ã™ã‚‹\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr " -o, --non-unique ä»–ã¨é‡ãªã‚‹ GID を許å¯ã™ã‚‹\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password PASSWORD パスワードをã“ã® (æš—å·åŒ–ã•ã‚ŒãŸ) PASSWORD\n"
+" ã«å¤‰æ›´ã™ã‚‹\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s '%s' ã¯ã‚°ãƒ«ãƒ¼ãƒ—åã¨ã—ã¦æ­£ã—ãã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: グループ %s 㯠NIS ã®ã‚°ãƒ«ãƒ¼ãƒ—ã§ã™\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: ユーザ %s ã¯ä¸æ˜Žã§ã™\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使ã„æ–¹: %s [オプション] [group [gshadow]]\n"
+"\n"
+"オプション:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使ã„æ–¹: %s [オプション] [group]\n"
+"\n"
+"オプション:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only エラーや警告を表示ã™ã‚‹ãŒã€\n"
+" ファイルを変更ã—ãªã„\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort エントリを UID ã§ã‚½ãƒ¼ãƒˆã™ã‚‹\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s 㨠-r ã¯åŒæ™‚ã«æŒ‡å®šã§ãã¾ã›ã‚“\n"
+
+msgid "invalid group file entry"
+msgstr "ä¸æ­£ãªã‚°ãƒ«ãƒ¼ãƒ—ファイルエントリã§ã™"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "è¡Œ '%s' を削除ã—ã¾ã™ã‹? "
+
+msgid "duplicate group entry"
+msgstr "グループエントリãŒé‡è¤‡ã—ã¦ã„ã¾ã™"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "'%s' ã¯ã‚°ãƒ«ãƒ¼ãƒ—åã¨ã—ã¦æ­£ã—ãã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "'%lu' ã¯ã‚°ãƒ«ãƒ¼ãƒ— ID ã¨ã—ã¦æ­£ã—ãã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "グループ %s: ユーザ %s ã¯ã„ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "メンãƒãƒ¼ '%s' を削除ã—ã¾ã™ã‹? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "%s ã«ã¯ä¸€è‡´ã™ã‚‹ã‚°ãƒ«ãƒ¼ãƒ—ファイルエントリãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "グループ '%s' ã‚’ %s ã«è¿½åŠ ã—ã¾ã™ã‹?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"グループ %s ã®ã‚¨ãƒ³ãƒˆãƒªãŒ %s ã«ã‚ã‚Šã¾ã™ãŒã€%s ã®ãƒ‘スワードフィールド㌠'x' ã«"
+"ãªã£ã¦ã„ã¾ã›ã‚“\n"
+
+msgid "invalid shadow group file entry"
+msgstr "シャドウグループファイルã®ã‚¨ãƒ³ãƒˆãƒªãŒæ­£ã—ãã‚ã‚Šã¾ã›ã‚“"
+
+msgid "duplicate shadow group entry"
+msgstr "シャドウグループエントリãŒé‡è¤‡ã—ã¦ã„ã¾ã™"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "シャドウグループ %s: 管ç†ãƒ¦ãƒ¼ã‚¶ %s ã¯å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "管ç†ãƒ¦ãƒ¼ã‚¶ '%s' を削除ã—ã¾ã™ã‹?"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "シャドウグループ %s: ユーザ %s ã¯å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: ファイルã¯æ›´æ–°ã•ã‚Œã¾ã—ãŸ\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: 変更ã¯ã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: %s を削除ã§ãã¾ã›ã‚“\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "使ã„æ–¹: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "使ã„æ–¹: id\n"
+
+msgid " groups="
+msgstr " グループ="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before DAYS DAYS 日より以å‰ã® lastlog 記録ã ã‘を表示ã™"
+"ã‚‹\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr " -a, --all 全ユーザ㮠faillog 記録を表示ã™ã‚‹\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr " -a, --all 全ユーザ㮠faillog 記録を表示ã™ã‚‹\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DAYS DAYS æ—¥å‰ä»¥é™ã® lastlog 記録ã ã‘を表示ã™ã‚‹\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user LOGIN 指定ユーザ LOGIN ã® lastlog 記録を表示ã™ã‚‹\n"
+
+msgid "Username Port From Latest"
+msgstr "ユーザå ãƒãƒ¼ãƒˆ 場所 最近ã®ãƒ­ã‚°ã‚¤ãƒ³"
+
+msgid "Username Port Latest"
+msgstr "ユーザå ãƒãƒ¼ãƒˆ 最近ã®ãƒ­ã‚°ã‚¤ãƒ³"
+
+msgid "**Never logged in**"
+msgstr "**一度もログインã—ã¦ã„ã¾ã›ã‚“**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: UID %lu ã®ã‚¨ãƒ³ãƒˆãƒªã‚’å–å¾—ã§ãã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: UID %lu ã® lastlog エントリをリセットã§ãã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "使ã„æ–¹: %s [-p] [ユーザå]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h ホスト] [-f ユーザå]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r ホスト\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "設定エラー - %s ã®å€¤ '%d' をパースã§ãã¾ã›ã‚“"
+
+msgid "Invalid login time"
+msgstr "ログイン時間ãŒä¸æ­£ã§ã™"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"システムã¯å®šæœŸãƒ¡ãƒ³ãƒ†ãƒŠãƒ³ã‚¹ã®ãŸã‚利用ã§ãã¾ã›ã‚“"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[切断を迂回 -- root ログインãŒå¯èƒ½ã§ã™ã€‚]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: ãŠãらã実効 root ãŒãªã„ã¨å‹•ä½œã§ãã¾ã›ã‚“\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"utmp ã«ã‚¨ãƒ³ãƒˆãƒªãŒã‚ã‚Šã¾ã›ã‚“。\"login\" ã‚’ \"sh\" ã®æœ€ä½Žãƒ¬ãƒ™ãƒ«ã‹ã‚‰è¡Œã†å¿…è¦ãŒã‚"
+"ã‚Šã¾ã™"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"ã‚㨠%u 秒ã§ãƒ­ã‚°ã‚¤ãƒ³ã¯ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆã—ã¾ã™ã€‚\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM ãŒå¤±æ•—ã—ã¾ã—ãŸã€çµ‚了ã—ã¾ã™: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "最大試行回数 (%u) を越ãˆã¾ã—ãŸ\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM ã‹ã‚‰ä¸­æ–­è¦è«‹ãŒã‚ã‚Šã¾ã—ãŸ\n"
+
+msgid "Login incorrect"
+msgstr "ログインãŒé•ã„ã¾ã™"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "ユーザãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fork ã«å¤±æ•—ã—ã¾ã—ãŸ: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY ㌠%s ã§å¤±æ•—ã—ã¾ã—ãŸ"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"警告: 一時的ã«ãƒ­ãƒƒã‚¯ã‚¢ã‚¦ãƒˆã—ã¾ã™ã€‚ã—ã°ã‚‰ã経ã£ã¦ã‹ã‚‰ã‚„ã‚Šç›´ã—ã¦ãã ã•ã„。"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "最近ã®ãƒ­ã‚°ã‚¤ãƒ³: %s on %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "最近ã®ãƒ­ã‚°ã‚¤ãƒ³: %.19s on %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " from %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"ログイン時間切れ\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "使ã„æ–¹: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "使ã„æ–¹: newgrp [-] [グループ]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "使ã„æ–¹: sg グループ [[-c] コマンド]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: %s ã«æ›¸ãè¾¼ã‚ã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "ãã®ãƒ‘スワードã¯ä½¿ãˆã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fork ã«å¤±æ•—ã—ã¾ã—ãŸ: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID '%lu' ã¯å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+msgid "too many groups\n"
+msgstr "グループãŒå¤šã™ãŽã¾ã™\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system システムアカウントを作æˆã™ã‚‹\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: グループ '%s' ã¯ã‚·ãƒ£ãƒ‰ã‚¦ã‚°ãƒ«ãƒ¼ãƒ—ã§ã™ãŒã€/etc/group ã«å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: '%s' ã¯ãƒ¦âˆ’ザ ID ã«ä½¿ãˆã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: '%s' ã¯ãƒ¦ãƒ¼ã‚¶åã«ä½¿ãˆã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: %d è¡Œ: ä¸æ­£ãªè¡Œã§ã™\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: ユーザ %s ã®ã‚¨ãƒ³ãƒˆãƒªã‚’æ›´æ–°ã§ãã¾ã›ã‚“ (passwd データベースã«å­˜åœ¨ã—ã¾ã›"
+"ã‚“)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: %d è¡Œ: ユーザを作æˆã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: %d è¡Œ: グループを作æˆã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: %d è¡Œ: ユーザ '%s' 㯠%s ã«å­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: %d è¡Œ: パスワードを更新ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: %d è¡Œ: mkdir %s ãŒå¤±æ•—ã—ã¾ã—ãŸ: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: %d è¡Œ: chown %s ãŒå¤±æ•—ã—ã¾ã—ãŸ: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: %d è¡Œ: エントリを更新ã§ãã¾ã›ã‚“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: %s ã®æ–°ã—ã„エントリ '%s' を準備ã§ãã¾ã›ã‚“ã§ã—ãŸã€‚\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: ユーザを作æˆã§ãã¾ã›ã‚“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: グループを作æˆã§ãã¾ã›ã‚“\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all 全アカウントã®ãƒ‘スワード状態をレãƒãƒ¼ãƒˆã™ã‚‹\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr " -d, --delete 指定アカウントã®ãƒ‘スワードを削除ã™ã‚‹\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire 指定アカウントã®ãƒ‘スワードを期é™åˆ‡ã‚Œã«ã™ã‚‹\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens 期é™åˆ‡ã‚Œã®å ´åˆã«ã®ã¿ãƒ‘スワードを変更ã™ã‚‹\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INACTIVE 期é™åˆ‡ã‚Œå¾Œã®ãƒ‘スワード無効化日数を\n"
+" INACTIVE ã«ã™ã‚‹\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -l, --lock 指定アカウントをロックã™ã‚‹\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_DAYS パスワードãŒå¤‰æ›´ã§ãã‚‹ã¾ã§ã®æœ€çŸ­æ—¥æ•°ã‚’\n"
+" MIN_DAYS ã«å¤‰æ›´ã™ã‚‹\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet 表示抑制モード\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+" -r, --repository REPOSITORY リãƒã‚¸ãƒˆãƒª REPOSITORY ã®ãƒ‘スワードを変更ã™"
+"ã‚‹\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status 指定アカウントã®ãƒ‘スワードã®çŠ¶æ…‹ã‚’報告ã™ã‚‹\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr " -u, --unlock 指定アカウントã®ãƒ­ãƒƒã‚¯ã‚’解除ã™ã‚‹\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays WARN_DAYS 期é™åˆ‡ã‚Œè­¦å‘Šã®æ—¥æ•°ã‚’ WARN_DAYS ã«ã™ã‚‹\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAX_DAYS パスワードãŒå¤‰æ›´ã§ãる期間ã®æœ€é•·æ—¥æ•°ã‚’\n"
+" MAX_DAYS ã«å¤‰æ›´ã™ã‚‹\n"
+
+msgid "Old password: "
+msgstr "å¤ã„パスワード: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"æ–°ã—ã„パスワードを入れã¦ãã ã•ã„ (最短 %d 文字)\n"
+"大文字・å°æ–‡å­—・数字を混ãœã¦ä½¿ã†ã‚ˆã†ã«ã—ã¦ãã ã•ã„。\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"æ–°ã—ã„パスワードを入れã¦ãã ã•ã„ (最低 %d 文字ã€æœ€é«˜ %d 文字)\n"
+"大文字・å°æ–‡å­—・数字を混ãœã¦ä½¿ã†ã‚ˆã†ã«ã—ã¦ãã ã•ã„。\n"
+
+msgid "New password: "
+msgstr "æ–°ã—ã„パスワード: "
+
+msgid "Try again."
+msgstr "ã‚‚ã†ä¸€åº¦ãŠé¡˜ã„ã—ã¾ã™ã€‚"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"警告: å¼±ã„パスワードã§ã™ (ã©ã†ã—ã¦ã‚‚ã“れを使ã„ãŸã‘ã‚Œã°ã‚‚ã†ä¸€åº¦å…¥åŠ›)。"
+
+msgid "They don't match; try again.\n"
+msgstr "一致ã—ã¾ã›ã‚“。もã†ä¸€åº¦ãŠé¡˜ã„ã—ã¾ã™ã€‚\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s ã®ãƒ‘スワードã¯å¤‰æ›´ã§ãã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s ã®ãƒ‘スワードã¯ã¾ã å¤‰æ›´ã§ãã¾ã›ã‚“。\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: パスワードをアンロックã™ã‚‹ã¨ãƒ‘スワードã®ãªã„アカウントãŒã§ãã¾ã™ã€‚\n"
+"ã“ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã®ãƒ‘スワードをアンロックã™ã‚‹ã«ã¯ usermod -p ã§ãƒ‘スワードを\n"
+"設定ã™ã¹ãã§ã™ã€‚\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: レãƒã‚¸ãƒˆãƒª %s ã¯ã‚µãƒãƒ¼ãƒˆã—ã¦ã„ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s 㯠%s ã®ãƒ‘スワードを変更ã™ã‚‹æ¨©é™ãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: ã‚ãªãŸã¯ %s ã®ãƒ‘スワード情報を閲覧ãªã„ã—変更ã§ãã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s ã®ãƒ‘スワードを変更ã—ã¦ã„ã¾ã™\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s ã®ãƒ‘スワードã¯å¤‰æ›´ã•ã‚Œã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: パスワードã¯å¤‰æ›´ã•ã‚Œã¾ã—ãŸã€‚\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: パスワード期é™åˆ‡ã‚Œæƒ…報を変更ã—ã¾ã—ãŸ\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使ã„æ–¹: %s [オプション] [passwd]\n"
+"\n"
+"オプション:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使ã„æ–¹: %s [オプション] [passwd [shadow]]\n"
+"\n"
+"オプション:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet エラーã®ã¿å ±å‘Šã™ã‚‹\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr "%s: USE_TCB ãŒæœ‰åŠ¹ã ã¨ä»–ã®l shadow ファイルを使ã†ã“ã¨ã¯ã§ãã¾ã›ã‚“\n"
+
+msgid "invalid password file entry"
+msgstr "パスワードファイルã®ã‚¨ãƒ³ãƒˆãƒªãŒä¸æ­£ã§ã™"
+
+msgid "duplicate password entry"
+msgstr "パスワードエントリãŒé‡è¤‡ã—ã¦ã„ã¾ã™"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ユーザå '%s' ã¯ä¸æ­£ã§ã™\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "'%lu' ã¯ãƒ¦ãƒ¼ã‚¶ ID ã«ä½¿ãˆã¾ã›ã‚“\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "ユーザ '%s': グループ %lu ãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "ユーザ %s: ディレクトリ '%s' ãŒå­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "ユーザ '%s': プログラム '%s' ãŒå­˜åœ¨ã—ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "%s ã® tcb ディレクトリãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "%s ã® tcb ディレクトリを作æˆã—ã¾ã™ã‹?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s ã® tcb ディレクトリを作æˆã§ãã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %s をロックã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "一致ã™ã‚‹ãƒ‘スワードファイルエントリ㌠%s ã«ã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "ユーザ '%s' ã‚’ '%s' ã«è¿½åŠ ã—ã¾ã™ã‹?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"ユーザ %s ã®ã‚¨ãƒ³ãƒˆãƒªãŒ %s ã«ã‚ã‚Šã¾ã™ãŒã€%s ã®ãƒ‘スワードフィールド㌠'x' ã«"
+"ãªã£ã¦ã„ã¾ã›ã‚“\n"
+
+msgid "invalid shadow password file entry"
+msgstr "ä¸æ­£ãªã‚·ãƒ£ãƒ‰ã‚¦ãƒ‘スワードã®ã‚¨ãƒ³ãƒˆãƒªã§ã™"
+
+msgid "duplicate shadow password entry"
+msgstr "シャドウパスワードエントリãŒé‡è¤‡ã—ã¦ã„ã¾ã™"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "ユーザ %s: 最後ã®ãƒ‘スワード変更ãŒæœªæ¥ã«ãªã£ã¦ã„ã¾ã™\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: %s ã®ã‚¨ãƒ³ãƒˆãƒªã‚’ソートã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: tcb ãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹ã¨åˆ©ç”¨ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: %s ã®ãƒ¢ãƒ¼ãƒ‰ã‚’ 0600 ã«å¤‰æ›´ã§ãã¾ã›ã‚“ã§ã—ãŸ\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "ã“ã®ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã¸ã® su アクセスã¯ç¦æ­¢ã•ã‚Œã¦ã„ã¾ã™ã€‚\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "パスワードèªè¨¼ã‚’迂回ã—ã¾ã™ã€‚\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "「ã‚ãªãŸè‡ªèº«ã®ãƒ‘スワードã€ã‚’入力ã—ã¦èªè¨¼ã—ã¦ãã ã•ã„。\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: ユーザシェルを起動ã§ãã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: シグナルãŒç•°å¸¸ã§ã™\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: シグナルã®ãƒžã‚¹ã‚­ãƒ³ã‚°ãŒç•°å¸¸ã§ã™\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "セッションãŒçµ‚了ã—ã¾ã—ãŸã€‚シェルを終了ã—ã¦ã„ã¾ã™..."
+
+msgid " ...killed.\n"
+msgstr " ...kill ã•ã‚Œã¾ã—ãŸã€‚\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...å­ãƒ—ロセスã®çµ‚了を待ã¡ã¾ã™ã€‚\n"
+
+msgid " ...terminated.\n"
+msgstr " ...終了ã—ã¾ã—ãŸã€‚\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"使ã„æ–¹: su [オプション] [ユーザå]\n"
+"\n"
+"オプション:\n"
+" -c, --command COMMAND èµ·å‹•ã—ãŸã‚·ã‚§ãƒ«ã«ã‚³ãƒžãƒ³ãƒ‰ COMMAND を渡ã™\n"
+" -h, --help ã“ã®ãƒ˜ãƒ«ãƒ—を表示ã—ã¦çµ‚了ã™ã‚‹\n"
+" -, -l, --login ãã®ã‚·ã‚§ãƒ«ã‚’ログインシェルã«ã™ã‚‹\n"
+" -m, -p,\n"
+" --preserve-environment 環境変数をリセットã›ãšã€ã‚·ã‚§ãƒ«ã‚‚åŒã˜ã‚‚ã®ã‚’使ã†\n"
+" -s, --shell SHELL passwd ã«ã‚るデフォルト値ã§ãªãシェル SHELL を使"
+"ã†\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(無視)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "ã‚ãªãŸã«ã¯ su %s ã™ã‚‹æ¨©é™ãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+msgid "(Enter your own password)"
+msgstr "(ã‚ãªãŸã®ãƒ‘スワードを入力ã—ã¦ãã ã•ã„)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: èªè¨¼ã«å¤±æ•—ã—ã¾ã—ãŸ\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: ã‚ãªãŸã¯ç¾æ™‚点ã§ã¯ su ã™ã‚‹æ¨©é™ãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "ユーザ '%s' ã®ãƒ‘スワードエントリãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: 端末ã‹ã‚‰å®Ÿè¡Œã—ã¦ãã ã•ã„\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: エラー %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: 制御端末をè½ã¨ã›ã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "%s を実行ã§ãã¾ã›ã‚“\n"
+
+msgid "No password file"
+msgstr "パスワードファイルãŒã‚ã‚Šã¾ã›ã‚“"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY ãŒå¤±æ•—ã—ã¾ã—ãŸ"
+
+msgid "No password entry for 'root'"
+msgstr "'root' ã®ãƒ‘スワードエントリãŒã‚ã‚Šã¾ã›ã‚“"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"通常ã®èµ·å‹•ã‚’継続ã™ã‚‹ã«ã¯ Ctrl-D を押ã—ã¦ãã ã•ã„。\n"
+"(システムメンテナンスをã™ã‚‹ã«ã¯ root ã®ãƒ‘スワードを入力):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "システムメンテナンスモードã¸å…¥ã‚Šã¾ã™"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s を作æˆã—ã¾ã—ãŸãŒã€å‰Šé™¤ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%1$s: %3$s 中ã®è¨­å®š %2$s ã¯ç„¡è¦–ã•ã‚Œã¾ã™\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: æ–°ã—ã„デフォルトファイルを作れã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: æ–°ã—ã„デフォルトファイルを開ã‘ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: %s ã®è¡ŒãŒé•·ã™ãŽã¾ã™: %s..."
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: ãƒãƒƒã‚¯ã‚¢ãƒƒãƒ—ファイル (%s) を作æˆã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: ファイルå変更: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: グループ '%s' 㯠NIS グループã§ã™ã€‚\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: 指定ã—ãŸã‚°ãƒ«ãƒ¼ãƒ—æ•°ãŒå¤šã™ãŽã¾ã™ (最大 %d 個)。\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使ã„æ–¹: %s [オプション] LOGIN\n"
+" %s -D\n"
+" %s -D [オプション]\n"
+"\n"
+"オプション:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir BASE_DIR 新アカウントã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ã‚¯ãƒˆãƒªã®\n"
+" ベースディレクトリ\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment COMMENT 新アカウント㮠GECOS フィールド\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir HOME_DIR 新アカウントã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒª\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults useradd ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆè¨­å®šã‚’表示ã¾ãŸã¯å¤‰æ›´\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr " -e, --expiredate EXPIRE_DATE 新アカウントã®æœŸé™åˆ‡ã‚Œæ—¥ä»˜\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr " -f, --inactive INACTIVE 新アカウントã®ãƒ‘スワード無効化日数\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid GROUP 新アカウントã®ä¸»ã‚°ãƒ«ãƒ¼ãƒ—ã®åå‰ã¾ãŸã¯ ID\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr " -G, --groups GROUPS 新アカウントã®è£œåŠ©ã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒªã‚¹ãƒˆ\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr " -k, --skel SKEL_DIR 雛型ディレクトリã«æŒ‡å®šã®ã‚‚ã®ã‚’使ã†\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init ユーザを lastlog, faillog ã®ãƒ‡ãƒ¼ã‚¿ãƒ™ãƒ¼ã‚¹ã«\n"
+" 追加ã—ãªã„\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr " -m, --create-home ユーザã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’作æˆã™ã‚‹\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+" -M, --no-create-home ユーザã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’作æˆã—ãªã„\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr " -N, --no-user-group ユーザã¨åŒåã®ã‚°ãƒ«ãƒ¼ãƒ—を作æˆã—ãªã„\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr " -o, --non-unique UID ãŒåŒã˜ãƒ¦ãƒ¼ã‚¶ã®ä½œæˆã‚’許ã™\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr " -p, --password PASSWORD 新アカウントã®æš—å·åŒ–ã•ã‚ŒãŸãƒ‘スワード\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell SHELL 新アカウントã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID 新アカウントã®ãƒ¦ãƒ¼ã‚¶ ID\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr " -U, --user-group ユーザã¨åŒã˜åå‰ã®ã‚°ãƒ«ãƒ¼ãƒ—を作æˆã™ã‚‹\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SEUSER SELinux ã®ãƒ¦ãƒ¼ã‚¶ãƒžãƒƒãƒ”ングã«æŒ‡å®šã—ãŸ\n"
+" SEUSER を使ã†\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ベースディレクトリ '%s' ã¯ä¸æ­£ã§ã™\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: コメント '%s' ã¯ä¸æ­£ã§ã™\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ホームディレクトリ '%s' ã¯ä¸æ­£ã§ã™\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: シャドウパスワードã«ã¯ -e ãŒå¿…è¦ã§ã™\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: シャドウパスワードã«ã¯ -f ãŒå¿…è¦ã§ã™\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: フィールド '%s' ã¯ä¸æ­£ã§ã™\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: シェル '%s' ã¯ä¸æ­£ã§ã™\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z 㯠SELinux カーãƒãƒ«ä»¥å¤–ã§ã¯ä½¿ãˆã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: UID %lu ã® faillog エントリをリセットã§ãã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: UID %lu ã® lastlog エントリをリセットã§ãã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: %s ã®æ–°ã—ã„エントリ '%s' を準備ã§ãã¾ã›ã‚“ã§ã—ãŸã€‚\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: ディレクトリ %s を作æˆã§ãã¾ã›ã‚“\n"
+
+msgid "Creating mailbox file"
+msgstr "メールボックスファイルを作æˆã—ã¾ã™"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"グループ 'mail' ãŒè¦‹ä»˜ã‹ã‚Šã¾ã›ã‚“。ユーザã®ãƒ¡ãƒ¼ãƒ«ãƒœãƒƒã‚¯ã‚¹ãƒ•ã‚¡ã‚¤ãƒ«ã‚’\n"
+"モード 0600 ã§ä½œæˆã—ã¾ã™\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "メールボックスファイルã®è¨±å¯å±žæ€§ã‚’設定ã—ã¾ã™"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: ユーザ '%s' ã¯æ—¢ã«å­˜åœ¨ã—ã¾ã™\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: グループ %s ã¯å­˜åœ¨ã—ã¾ã™ã€‚ã“ã®ãƒ¦ãƒ¼ã‚¶ã‚’ãã®ã‚°ãƒ«ãƒ¼ãƒ—ã¸è¿½åŠ ã™ã‚‹ã«ã¯ -g を用"
+"ã„ã¦ãã ã•ã„。\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: ユーザを作æˆã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: ユーザ ID %lu ã¯é‡è¤‡ã—ã¦ã„ã¾ã™\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: %s ã® tcb ディレクトリã®ä½œæˆã«å¤±æ•—ã—ã¾ã—ãŸ\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: グループを作æˆã§ãã¾ã›ã‚“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: ユーザを作æˆã§ãã¾ã›ã‚“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: グループを作æˆã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: 警告: ホームディレクトリãŒæ—¢ã«å­˜åœ¨ã—ã¾ã™ã€‚\n"
+"skel ディレクトリã‹ã‚‰ã®ã‚³ãƒ”ーã¯è¡Œã„ã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: 警告: ユーザå %s ã‹ã‚‰ %s ã¸ã® SELinux ユーザマッピングã«å¤±æ•—ã—ã¾ã—ãŸã€‚\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force 当該ユーザã®æ‰€æœ‰ã§ãªã„ファイルも削除ã™ã‚‹\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove ホームディレクトリã¨ãƒ¡ãƒ¼ãƒ«ã‚¹ãƒ—ールを削除ã™"
+"ã‚‹\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user ã“ã®ãƒ¦ãƒ¼ã‚¶ã® SELinux ユーザマッピングを\n"
+" å…¨ã¦å‰Šé™¤ã™ã‚‹\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: グループ %s ã¯ãƒ¦ãƒ¼ã‚¶ %s ã®ãƒ—ライマリグループã§ã¯ãªã„ã®ã§å‰Šé™¤ã—ã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: グループ %s ã«ã¯ä»–ã®ãƒ¡ãƒ³ãƒãƒ¼ãŒã„ã‚‹ã®ã§å‰Šé™¤ã—ã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s: グループ %s ã¯ä»–ã®ãƒ¦ãƒ¼ã‚¶ã®ãƒ—ライマリグループãªã®ã§å‰Šé™¤ã—ã¾ã›ã‚“。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: '%s' ã®ã‚¨ãƒ³ãƒˆãƒªã‚’ %s ã‹ã‚‰å‰Šé™¤ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s ã®ãƒ¡ãƒ¼ãƒ«ã‚¹ãƒ—ール (%s) ãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: 警告: %s を削除ã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s 㯠%s ã®æ‰€æœ‰ã§ã¯ã‚ã‚Šã¾ã›ã‚“。削除ã¯è¡Œã„ã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: メモリを割当ã§ãã¾ã›ã‚“。%s ã® tcb エントリã¯å‰Šé™¤ã•ã‚Œã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: 特権をè½ã¨ã›ã¾ã›ã‚“ã§ã—㟠%s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: %s ã®å†…容を削除ã§ãã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: %s ã® tcb ファイルを削除ã§ãã¾ã›ã‚“: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: ユーザ %s 㯠NIS ユーザã§ã™\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s ã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒª (%s) ãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: ディレクトリ %s ã®å‰Šé™¤ã¯è¡Œã„ã¾ã›ã‚“ (ユーザ %s ã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã§ã™)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: ディレクトリ %s ã®å‰Šé™¤ã§ã‚¨ãƒ©ãƒ¼ãŒèµ·ãã¾ã—ãŸ\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: 警告: ユーザå %s ã‹ã‚‰ SELinux ã¸ã®ãƒ¦ãƒ¼ã‚¶ãƒžãƒƒãƒ”ングã®å‰Šé™¤ã«å¤±æ•—ã—ã¾ã—"
+"ãŸã€‚\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment COMMENT GECOS フィールドã®å€¤ã‚’å†è¨­å®šã™ã‚‹\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home HOME_DIR ユーザアカウントã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’\n"
+" å†è¨­å®šã™ã‚‹\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate EXPIRE_DATE アカウント期é™åˆ‡ã‚Œã®æ—¥ã‚’ EXPIRE_DATE ã«ã™ã‚‹\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INACTIVE パスワードを期é™åˆ‡ã‚Œå¾Œã«ç„¡åŠ¹åŒ–ã™ã‚‹æ—¥æ•°ã‚’\n"
+" INACTIVEã«ã™ã‚‹\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr " -g, --gid GROUP 主グループを GROUP ã«å¤‰æ›´ã™ã‚‹\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups GROUPS æ–°ãŸãªè£œåŠ©ã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒªã‚¹ãƒˆã‚’与ãˆã‚‹\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append ユーザを (-G ã§æŒ‡å®šã•ã‚ŒãŸ) 補助グループ群\n"
+" GROUPS ã«è¿½åŠ ã™ã‚‹ã€‚ä»–ã®ã‚°ãƒ«ãƒ¼ãƒ—ã‹ã‚‰ã®å‰Šé™¤ã¯\n"
+" è¡Œã‚ãªã„。\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login NEW_LOGIN ログインåを変更ã™ã‚‹\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock ã“ã®ãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã‚’ロックã™ã‚‹\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home ç¾ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®å†…容を新ãŸãªå ´æ‰€ã«\n"
+" 移動ã™ã‚‹ (-d ãŒæŒ‡å®šã•ã‚ŒãŸå ´åˆã®ã¿)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique 一æ„ã§ãªã„ユーザ (UID ã®é‡ãªã‚‹ãƒ¦ãƒ¼ã‚¶) ã‚’\n"
+" 許å¯ã™ã‚‹\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr " -p, --password PASSWORD æ–°ãŸãªæš—å·åŒ–済ã¿ãƒ‘スワードを与ãˆã‚‹\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID ã“ã®ãƒ¦ãƒ¼ã‚¶ã® UID を変更ã™ã‚‹\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+" -U, --unlock ã“ã®ãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã®ãƒ­ãƒƒã‚¯ã‚’解除ã™ã‚‹\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user ã“ã®ãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã¸ã®æ–°è¦ SELinux\n"
+" ユーザマッピング\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: ユーザã®ãƒ‘スワードをアンロックã™ã‚‹ã¨ãƒ‘スワードã®ãªã„アカウントãŒã§ãã¾"
+"ã™ã€‚\n"
+"ã“ã®ãƒ¦ãƒ¼ã‚¶ã®ãƒ‘スワードをアンロックã™ã‚‹ã«ã¯ usermod -p ã§ãƒ‘スワードを設定\n"
+"ã™ã¹ãã§ã™ã€‚\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: ユーザ '%s' ã¯æ—¢ã« %s ã«å­˜åœ¨ã—ã¾ã™\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: 日付 '%s' ã¯ä¸æ­£ã§ã™\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: 日付 '%s' ã¯ä¸æ­£ã§ã™\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: オプションãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p, -U フラグã¯åŒæ™‚ã«æŒ‡å®šã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e ãŠã‚ˆã³ -f ã«ã¯ã‚·ãƒ£ãƒ‰ã‚¦ãƒ‘スワードãŒå¿…è¦ã§ã™\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID '%lu' ã¯æ—¢ã«å­˜åœ¨ã—ã¾ã™\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s 㯠%s ã®ãƒ‘スワードを変更ã™ã‚‹æ¨©é™ãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: ディレクトリ %s ã¯å­˜åœ¨ã—ã¾ã™\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: 以å‰ã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒª (%s) ãŒãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã§ã¯ã‚ã‚Šã¾ã›ã‚“。ã“ã‚Œã¯å‰Šé™¤ã•"
+"ã‚Œãšã€ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã¯ä½œæˆã—ã¾ã›ã‚“。\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: ホームディレクトリã®æ‰€æœ‰ãƒ¢ãƒ¼ãƒ‰ã‚’変更ã§ãã¾ã›ã‚“"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: 警告: å¤ã„ホームディレクトリ %s を完全削除ã§ãã¾ã›ã‚“ã§ã—ãŸ"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: ディレクトリ %s ã®åå‰ã‚’ %s ã«å¤‰æ›´ã§ãã¾ã›ã‚“\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: ユーザ %lu ã® lastlog エントリをユーザ %lu ã«ã‚³ãƒ”ーã§ãã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: ユーザ %lu ã® faillog エントリをユーザ %lu ã«ã‚³ãƒ”ーã§ãã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: 警告: %s 㯠%s ã®æ‰€æœ‰ã§ã¯ã‚ã‚Šã¾ã›ã‚“\n"
+
+msgid "failed to change mailbox owner"
+msgstr "mailbox 所有者ã®å¤‰æ›´ã«å¤±æ•—ã—ã¾ã—ãŸ"
+
+msgid "failed to rename mailbox"
+msgstr "mailbox ã®åå‰å¤‰æ›´ã«å¤±æ•—ã—ã¾ã—ãŸ"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: %s ã®æ–°ã—ã„エントリ '%s' を準備ã§ãã¾ã›ã‚“ã§ã—ãŸã€‚\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: %s ã®æ–°ã—ã„エントリ '%s' を準備ã§ãã¾ã›ã‚“ã§ã—ãŸã€‚\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: %s ã®æ–°ã—ã„エントリ '%s' を準備ã§ãã¾ã›ã‚“ã§ã—ãŸã€‚\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: %s ã®æ–°ã—ã„エントリ '%s' を準備ã§ãã¾ã›ã‚“ã§ã—ãŸã€‚\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"%s を変更ã—ã¾ã—ãŸã€‚\n"
+"æ•´åˆæ€§ã‚’ä¿ã¤ãŸã‚ã« %s を変更ã™ã‚‹å¿…è¦ãŒã‚ã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。\n"
+"ãã®å ´åˆã¯ã‚³ãƒžãƒ³ãƒ‰ '%s' を使ã£ã¦ãã ã•ã„。\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group group データベースを編集ã™ã‚‹\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd passwd データベースを編集ã™ã‚‹\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr " -s, --shadow shadow データベースを編集ã™ã‚‹\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr " -u, --user 編集ã™ã‚‹ tcb shadow ファイルã®ãƒ¦ãƒ¼ã‚¶\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: %s を削除ã§ãã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s ã¯å¤‰æ›´ã•ã‚Œã¾ã›ã‚“\n"
+
+msgid "failed to create scratch directory"
+msgstr "スクラッãƒãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’作æˆã§ãã¾ã›ã‚“ã§ã—ãŸ"
+
+msgid "failed to drop privileges"
+msgstr "特権をè½ã¨ã›ã¾ã›ã‚“ã§ã—ãŸ"
+
+msgid "Couldn't get file context"
+msgstr "ファイルコンテキストをå–å¾—ã§ãã¾ã›ã‚“"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () ãŒå¤±æ•—ã—ã¾ã—ãŸ"
+
+msgid "failed to gain privileges"
+msgstr "特権をå–å¾—ã§ãã¾ã›ã‚“ã§ã—ãŸ"
+
+msgid "Couldn't lock file"
+msgstr "ファイルをロックã§ãã¾ã›ã‚“"
+
+msgid "Couldn't make backup"
+msgstr "ãƒãƒƒã‚¯ã‚¢ãƒƒãƒ—を作æˆã§ãã¾ã›ã‚“"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nscd ã¯ã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ %d ã§çµ‚了ã—ã¾ã—ãŸ\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "スクラッãƒãƒ•ã‚¡ã‚¤ãƒ«ã‚’オープンã§ãã¾ã›ã‚“ã§ã—ãŸ"
+
+msgid "failed to unlink scratch file"
+msgstr "スクラッãƒãƒ•ã‚¡ã‚¤ãƒ«ã‚’削除ã§ãã¾ã›ã‚“ã§ã—ãŸ"
+
+msgid "failed to stat edited file"
+msgstr "編集ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã®çŠ¶æ…‹ã‚’å–å¾—ã§ãã¾ã›ã‚“ã§ã—ãŸ"
+
+msgid "failed to allocate memory"
+msgstr "メモリ割当ã«å¤±æ•—ã—ã¾ã—ãŸ"
+
+msgid "failed to create backup file"
+msgstr "ãƒãƒƒã‚¯ã‚¢ãƒƒãƒ—ファイルを作æˆã§ãã¾ã›ã‚“ã§ã—ãŸ"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %s を復旧ã§ãã¾ã›ã‚“ã§ã—ãŸ: %s (ã‚ãªãŸã®å¤‰æ›´ã¯ %s ã«ã‚ã‚Šã¾ã™)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: %s ã® tcb ディレクトリãŒè¦‹ä»˜ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr " -c, --crypt-method æš—å·åŒ–ã®æ–¹æ³• (%s ã®ã©ã‚Œã‹ã²ã¨ã¤)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "使ã„æ–¹: vipw [オプション]\n"
+#~ "\n"
+#~ "オプション:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) ã«å¤±æ•—ã—ã¾ã—ãŸ\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "使ã„æ–¹: chage [オプション] [ログインå]\n"
+#~ "\n"
+#~ "オプション\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM èªè¨¼ã«å¤±æ•—ã—ã¾ã—ãŸ\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "使ã„æ–¹: %s [-f フルãƒãƒ¼ãƒ ] [-r 部屋番å·] [-w è·å ´TEL]\n"
+#~ "\t[-h 自宅TEL] [-o ãã®ä»–] [ユーザ]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "使ã„æ–¹: %s [-f フルãƒãƒ¼ãƒ ] [-r 部屋番å·] [-w è·å ´TEL] [-h 自宅TEL]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "使ã„æ–¹: %s [オプション]\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ " -c, --crypt-method æš—å·åŒ–ã®æ–¹æ³• (%s ã®ã©ã‚Œã‹)\n"
+#~ " -e, --encrypted パスワードを暗å·åŒ–ã—ãŸçŠ¶æ…‹ã§æ¸¡ã™\n"
+#~ " -h, --help ã“ã®ãƒ˜ãƒ«ãƒ—メッセージを表示ã—ã¦çµ‚了ã™ã‚‹\n"
+#~ " -m, --md5 与ãˆãŸãƒ‘スワードãŒæš—å·åŒ–ã•ã‚Œã¦ã„ãªã„å ´"
+#~ "åˆã€\n"
+#~ " MD5 アルゴリズムã§æš—å·åŒ–ã™ã‚‹\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "使ã„æ–¹: chsh [オプション]\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ " -h, --help ã“ã®ãƒ˜ãƒ«ãƒ—メッセージを表示ã—ã¦çµ‚了ã™ã‚‹\n"
+#~ " -s, --shell SHELL ユーザã®ã‚·ã‚§ãƒ«ã‚’æ–°ãŸã« SHELL ã«ã™ã‚‹\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "使ã„æ–¹: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: UID %lu ã®ã‚¨ãƒ³ãƒˆãƒªã‚’å–å¾—ã§ãã¾ã›ã‚“ã§ã—ãŸ\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: ファイル %s ã‚’é–‹ã‘ã¾ã›ã‚“: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: %s ã®ã‚µã‚¤ã‚ºã‚’å–å¾—ã§ãã¾ã›ã‚“ã§ã—ãŸ: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "使ã„æ–¹: groupdel グループ\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "使ã„æ–¹: %s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "使ã„æ–¹: %s [-r] [-s] [group]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s 㨠-r ã¯åŒæ™‚ã«æŒ‡å®šã§ãã¾ã›ã‚“\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "使ã„æ–¹: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "使ã„æ–¹: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "使ã„æ–¹: lastlog [オプション]\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ " -b, --before DAYS DAYS 日より以å‰ã® lastlog 記録ã ã‘を表示ã™"
+#~ "ã‚‹\n"
+#~ " -h, --help ã“ã®ãƒ˜ãƒ«ãƒ—メッセージを表示ã—ã¦çµ‚了ã™ã‚‹\n"
+#~ " -t, --time DAYS DAYS æ—¥å‰ä»¥é™ã® lastlog 記録ã ã‘を表示ã™"
+#~ "ã‚‹\n"
+#~ " -u, --user LOGIN 指定ユーザ LOGIN ã® lastlog 記録を表示ã™"
+#~ "ã‚‹\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "使ã„æ–¹: passwd [オプション] [ログインå]\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ " -a, --all 全アカウントã®ãƒ‘スワード状態をレãƒãƒ¼ãƒˆã™"
+#~ "ã‚‹\n"
+#~ " -d, --delete 指定アカウントã®ãƒ‘スワードを削除ã™ã‚‹\n"
+#~ " -e, --expire 指定アカウントã®ãƒ‘スワードを期é™åˆ‡ã‚Œã«ã™"
+#~ "ã‚‹\n"
+#~ " -h, --help ã“ã®ãƒ˜ãƒ«ãƒ—メッセージを表示ã—ã¦çµ‚了ã™ã‚‹\n"
+#~ " -k, --keep-tokens 期é™åˆ‡ã‚Œã®å ´åˆã«ã®ã¿ãƒ‘スワードを変更ã™ã‚‹\n"
+#~ " -i, --inactive INACTIVE 期é™åˆ‡ã‚Œå¾Œã®ãƒ‘スワード無効化日数を\n"
+#~ " INACTIVE ã«ã™ã‚‹\n"
+#~ " -l, --lock 指定アカウントをロックã™ã‚‹\n"
+#~ " -n, --mindays MIN_DAYS パスワードãŒå¤‰æ›´ã§ãã‚‹ã¾ã§ã®æœ€çŸ­æ—¥æ•°ã‚’\n"
+#~ " MIN_DAYS ã«å¤‰æ›´ã™ã‚‹\n"
+#~ " -q, --quiet 表示抑制モード\n"
+#~ " -r, --repository REPOSITORY リãƒã‚¸ãƒˆãƒª REPOSITORY ã®ãƒ‘スワードを変更ã™"
+#~ "ã‚‹\n"
+#~ " -S, --status 指定アカウントã®ãƒ‘スワードã®çŠ¶æ…‹ã‚’報告ã™"
+#~ "ã‚‹\n"
+#~ " -u, --unlock 指定アカウントã®ãƒ­ãƒƒã‚¯ã‚’解除ã™ã‚‹\n"
+#~ " -w, --warndays WARN_DAYS 期é™åˆ‡ã‚Œè­¦å‘Šã®æ—¥æ•°ã‚’ WARN_DAYS ã«ã™ã‚‹\n"
+#~ " -x, --maxdays MAX_DAYS パスワードãŒå¤‰æ›´ã§ãる期間ã®æœ€é•·æ—¥æ•°ã‚’\n"
+#~ " MAX_DAYS ã«å¤‰æ›´ã™ã‚‹\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "使ã„æ–¹: %s [-q] [-r] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "使ã„æ–¹: %s [-q] [-r] [-s] [パスワード [シャドウ]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "使ã„æ–¹: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "使ã„æ–¹: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "ä¸æ˜Žãª ID ã§ã™: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "シェルãŒã‚ã‚Šã¾ã›ã‚“\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "使ã„æ–¹: userdel [オプション] ログインå\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ " -f, --force 当該ユーザã®æ‰€æœ‰ã§ãªã„ファイルも削除ã™ã‚‹\n"
+#~ " -h, --help ã“ã®ãƒ˜ãƒ«ãƒ—を表示ã—ã¦çµ‚了ã™ã‚‹\n"
+#~ " -r, --remove ホームディレクトリã¨ãƒ¡ãƒ¼ãƒ«ã‚¹ãƒ—ールを削除ã™"
+#~ "ã‚‹\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: ユーザ %s ã¯ç¾åœ¨ãƒ­ã‚°ã‚¤ãƒ³ä¸­ã§ã™\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "使ã„æ–¹: usermod [オプション] ログインå\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ " -c, --comment COMMENT GECOS フィールドã®å€¤ã‚’å†è¨­å®šã™ã‚‹\n"
+#~ " -d, --home HOME_DIR ユーザアカウントã®ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’\n"
+#~ " å†è¨­å®šã™ã‚‹\n"
+#~ " -e, --expiredate EXPIRE_DATE アカウント期é™åˆ‡ã‚Œã®æ—¥ã‚’ EXPIRE_DATE ã«ã™"
+#~ "ã‚‹\n"
+#~ " -f, --inactive INACTIVE パスワードを期é™åˆ‡ã‚Œå¾Œã«ç„¡åŠ¹åŒ–ã™ã‚‹æ—¥æ•°ã‚’\n"
+#~ " INACTIVEã«ã™ã‚‹\n"
+#~ " -g, --gid GROUP 主グループを GROUP ã«å¤‰æ›´ã™ã‚‹\n"
+#~ " -G, --groups GROUPS æ–°ãŸãªè£œåŠ©ã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒªã‚¹ãƒˆã‚’与ãˆã‚‹\n"
+#~ " -a, --append ユーザを (-G ã§æŒ‡å®šã•ã‚ŒãŸ) 補助グループ"
+#~ "群\n"
+#~ " GROUPS ã«è¿½åŠ ã™ã‚‹ã€‚ä»–ã®ã‚°ãƒ«ãƒ¼ãƒ—ã‹ã‚‰ã®å‰Šé™¤"
+#~ "ã¯\n"
+#~ " è¡Œã‚ãªã„。\n"
+#~ " -h, --help ã“ã®ãƒ˜ãƒ«ãƒ—を表示ã—ã¦çµ‚了ã™ã‚‹\n"
+#~ " -l, --login NEW_LOGIN ログインåを変更ã™ã‚‹\n"
+#~ " -L, --lock ã“ã®ãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã‚’ロックã™ã‚‹\n"
+#~ " -m, --move-home ç¾ãƒ›ãƒ¼ãƒ ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®å†…容を新ãŸãªå ´æ‰€ã«\n"
+#~ " 移動ã™ã‚‹ (-d ãŒæŒ‡å®šã•ã‚ŒãŸå ´åˆã®ã¿)\n"
+#~ " -o, --non-unique 一æ„ã§ãªã„ユーザ (UID ã®é‡ãªã‚‹ãƒ¦ãƒ¼ã‚¶) ã‚’\n"
+#~ " 許å¯ã™ã‚‹\n"
+#~ " -p, --password PASSWORD æ–°ãŸãªæš—å·åŒ–済ã¿ãƒ‘スワードを与ãˆã‚‹\n"
+#~ " -s, --shell SHELL ã“ã®ãƒ¦ãƒ¼ã‚¶ã®ãƒ­ã‚°ã‚¤ãƒ³ã‚·ã‚§ãƒ«ã‚’変更ã™ã‚‹\n"
+#~ " -u, --uid UID ã“ã®ãƒ¦ãƒ¼ã‚¶ã® UID を変更ã™ã‚‹\n"
+#~ " -U, --unlock ã“ã®ãƒ¦ãƒ¼ã‚¶ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã®ãƒ­ãƒƒã‚¯ã‚’解除ã™ã‚‹\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: ã²ã¨ã¤ã‚‚フラグãŒæŒ‡å®šã•ã‚Œã¦ã„ã¾ã›ã‚“\n"
diff --git a/po/kk.po b/po/kk.po
new file mode 100644
index 0000000..a5c446b
--- /dev/null
+++ b/po/kk.po
@@ -0,0 +1,2944 @@
+# shadowutils to kazakh.
+# Copyright (C) 2009 Free Software Foundation, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+# Baurzhan Muftakhidinov <baurthefirst@gmail.com>, 2009-2017.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadowutils\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2017-02-07 17:09+0500\n"
+"Last-Translator: Baurzhan Muftakhidinov <baurthefirst@gmail.com>\n"
+"Language-Team: Kazakh <kk_KZ@googlegroups.com>\n"
+"Language: kk\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: Poedit 1.8.11\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"'%s' атындағы %s ішінде бірнеше жазба бар. Оны pwck не grpck көмегімен "
+"дұрыÑтаңыз.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "шифрлеу Ñ‚Ó™Ñіліне libcrypt-тан қолдау жоқ па? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "баптаулар қатеÑÑ– - %s мәнін талдау мүмкін емеÑ: '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Баптауларды жүктеу үшін орын жоқ.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "баптау қатеÑÑ– - белгіÑіз Ñлемент '%s' (админиÑтраторға хабарлаÑыңыз)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd өз жұмыÑын Ð´Ò±Ñ€Ñ‹Ñ Ð°Ñқтаған жоқ (%d Ñигналымен)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd %d қалып-күймен өз жұмыÑын аÑқтады\n"
+
+msgid "Password: "
+msgstr "Пароль: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s пайдаланушының паролі: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "SELinux баÑқарушы Ò±Ñтағышын жаÑау мүмкін емеÑ\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux ÑаÑÑаты баÑқарылып жатқан жоқ\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "SELinux ÑаÑÑаттарын Ñақтау қорын оқу ÑәтÑіз\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "SELinux баÑқарушы байланыÑын орнату мүмкін емеÑ\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "SELinux әрекетін баÑтау мүмкін емеÑ\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "seuser %s үшін Ñұрау ÑәтÑіз\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "%s үшін serange орнату мүмкін емеÑ\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "%s үшін sename орнату мүмкін емеÑ\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "%s үшін тіркелгі ÑәйкеÑтігін түзету мүмкін емеÑ\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s үшін SELinux тіркелгі ÑәйкеÑтігін жаÑау мүмкін емеÑ\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "%s үшін атын орнату мүмкін емеÑ\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "%s үшін SELinux пайдаланушыÑын орнату мүмкін емеÑ\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "%s үшін тіркелгі ÑәйкеÑтігін қоÑу мүмкін емеÑ\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "SELinux баÑқаруын Ñ–Ñке қоÑу мүмкін емеÑ\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "SELinux пайд.-шы кілтін жаÑау мүмкін емеÑ\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "SELinux пайдаланушыÑын текÑеру мүмкін емеÑ\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "SELinux пайд. ÑәйкеÑтігін түзету мүмкін емеÑ\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "SELinux пайд. ÑәйкеÑтігін қоÑу мүмкін емеÑ\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "SELinux әрекетін Ñ–Ñке аÑыру мүмкін емеÑ\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"%s үшін тіркелгі ÑәйкеÑтігі анықталмаған, баÑтапқы ÑәйкеÑтк қолданылған "
+"болÑа ОК\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr "%s үшін тіркелгі ÑәйкеÑтігі ÑаÑÑатта анықталған, өшіруге мүмкін емеÑ\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "%s үшін тіркелгі ÑәйкеÑтігін өшіру мүмкін емеÑ"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: жады жеткілікÑіз\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: %s табылмады: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s бума да, Ñілтеме де емеÑ.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: %s Ñимволдық ÑілтемеÑін оқу мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Күдіктілі ұзын Ñимволдық Ñілтеме: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: %s бумаÑын жаÑау мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: %s үшін иені ауыÑтыру мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: %s үшін режимді ауыÑтыру мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: unlink: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: %s бумаÑын өшіру мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: %s атын %s етіп орнату мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: %s өшіру мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: %s Ñимволдық ÑілтемеÑін жаÑау мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: %s үшін иелерді өзгерту мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: lstat %s мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: ЕÑкерту, %s пайдаланушыÑында tcb shadow файлы жоқ.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Төтенше жағдай: %s үшін tcb shadow қалыпты, st_nlink=1, файл емеÑ.\n"
+"Тіркелгі блокталған күйінде қалдырылады.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %s ашу мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "ЕÑкерту: белгіÑіз топ %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "ЕÑкерту: топ Ñаны тым көп\n"
+
+msgid "Your password has expired."
+msgstr "Пароліңіздің мерзімі аÑқталған."
+
+msgid "Your password is inactive."
+msgstr "Пароліңіз белÑенді емеÑ."
+
+msgid "Your login has expired."
+msgstr "Тіркелгіңіздің мерзімі аÑқталған."
+
+msgid " Contact the system administrator."
+msgstr " Жүйелік админиÑтраторыңызға хабарлаÑыңыз."
+
+msgid " Choose a new password."
+msgstr " Жаңа парольді таңдаңыз."
+
+msgid "You must change your password."
+msgstr "Сіз пароліңізді ауыÑтыруға тиіÑÑ‚Ñ–Ñіз."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Пароліңіздің мерзімі %ld күнде аÑқталады.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Пароліңіздің мерзімі ертең аÑқталады."
+
+msgid "Your password will expire today."
+msgstr "Пароліңіздің мерзімі бүгін аÑқталады."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Ðудит интерфейÑін ашу мүмкін ÐµÐ¼ÐµÑ - шығу.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Терминал иеÑін не Ñ€Ò±Ò›Ñтатын өзгерту мүмкін емеÑ: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: %s боÑату ÑәтÑіз\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Орындалу орта айнымалыларының шектен көп Ñаны\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Сіз $%s өзгерте алмайÑыз\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"Жүйеге кірудің %d-ші қате талабы.\n"
+"СоңғыÑÑ‹ %s болған, терминал %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Қате баптаулар: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Қате баптаулар: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: жадыны бөлу ÑәтÑіз: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: Ерекше жүйелік GID алу мүмкін ÐµÐ¼ÐµÑ (Ð±Ð¾Ñ GID-тар қалмады)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Ерекше GID алу мүмкін ÐµÐ¼ÐµÑ (Ð±Ð¾Ñ GID-тар қалмады)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Қате баптаулар: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Қате баптаулар: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: Ерекше жүйелік UID алу мүмкін ÐµÐ¼ÐµÑ (Ð±Ð¾Ñ UID-тар қалмады)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Ерекше жүйелік UID алу мүмкін ÐµÐ¼ÐµÑ (Ð±Ð¾Ñ UID-тар қалмады)\n"
+
+msgid "Too many logins.\n"
+msgstr "Жүйеге кірудің шектен көп талап Ñаны.\n"
+
+msgid "You have new mail."
+msgstr "Сізде жаңа пошта бар."
+
+msgid "No mail."
+msgstr "Пошта жоқ."
+
+msgid "You have mail."
+msgstr "Сізде пошта бар."
+
+msgid "no change"
+msgstr "өзгеріÑтер жоқ"
+
+msgid "a palindrome"
+msgstr "палиндром"
+
+msgid "case changes only"
+msgstr "өзгеріÑтер тек таңбалардың региÑтрінде ғана"
+
+msgid "too similar"
+msgstr "өте Ò±Ò›ÑаÑ"
+
+msgid "too simple"
+msgstr "өте оңай"
+
+msgid "rotated"
+msgstr "аударылған"
+
+msgid "too short"
+msgstr "өте қыÑқа"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Пароль жаман: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() ішіндегі %d қатеÑÑ–\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: пароль өзгертілмеді\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: пароль Ñәтті жаңартылды\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "%s үшін қате пароль.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: бірнеше --root опциÑÑÑ‹\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: '%s' опциÑÑÑ‹ аргументті талап етеді\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: привилегиÑлар деңгейін төмендету мүмкін ÐµÐ¼ÐµÑ (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: '%s' chroot жолы қате\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: %s chroot бумаÑына қатынау мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: %s chroot бумаÑына өту (chdir) мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: %s бумаÑына chroot жаÑау мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Қате ENCRYPT_METHOD мәні: '%s'.\n"
+"БаÑтапқы DES мәні қолданылады.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "'%s' бумаÑына ауыÑу мүмкін емеÑ\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Бума табылмады, HOME=/ бумаÑына кіру орындалады"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s орындау мүмкін емеÑ"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "'%s' түбірлік бумаÑÑ‹ қате\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Түбірлік бумаÑын '%s' мәніне ауыÑтыру мүмкін емеÑ\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Терминалыңыздың атын анықтау мүмкін емеÑ."
+
+msgid "No"
+msgstr "Жоқ"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опциÑлар] ТІРКЕЛГІ\n"
+"\n"
+"ОпциÑлар:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday LAST_DAY парольдің аÑқталу мерзімін LAST_DAY күніне "
+"орнату\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate EXPIRE_DATE тіркелгінің аÑқталу мерзімі EXPIRE_DATE "
+"күніне орнату\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr " -h, --help оÑÑ‹ көмек ақпаратын көрÑету мен шығу\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INACTIVE парольдің мерзімі біткен Ñоң оны INACTIVE "
+"болып\n"
+" орнату үшін өтетін күн Ñаны\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+" -l, --list тіркелгінің Ð¶Ò±Ð¼Ñ‹Ñ ÑƒÐ°Ò›Ñ‹Ñ‚Ñ‹ ақпаратын көрÑету\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays MIN_DAYS парольді ауыÑтыру араÑында өту керек ең аз "
+"күн Ñанын\n"
+" MIN_DAYS мәніне орнату\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays MAX_DAYS парольді ауыÑтыру араÑында өту керек ең көп "
+"Ñүн Ñанын\n"
+" MAX_DAYS мәніне орнату\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -R, --root CHROOT_DIR chroot үшін бума\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays WARN_DAYS мерзімі аÑқталу туралы хабарламаны WARN_DAYS "
+"күн қалғанда көрÑете баÑтау\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Жаңа мәнді енгізіңіз, немеÑе Ò±Ñынылатынды қабылдау үшін ENTER баÑыңыз"
+
+msgid "Minimum Password Age"
+msgstr "Парольдің ең аз жаÑау мерзімі (күн)"
+
+msgid "Maximum Password Age"
+msgstr "Парольдің ең көп жаÑау мерзімі (күн)"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Парольді Ñоңғы ауыÑтыру (ЖЖЖЖ-ÐÐ-КК)"
+
+msgid "Password Expiration Warning"
+msgstr "Мерзімі аÑқталу туралы хабарламаны көрÑету (күн Ñаны)"
+
+msgid "Password Inactive"
+msgstr "Тіркелгіні күн өткенде Ñөндіру (күн Ñаны)"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Тіркелгінің мерзімі аÑқталатын күні (ЖЖЖЖ-ÐÐ-КК)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Парольді Ñоңғы ауыÑтыру\t\t\t\t\t: "
+
+msgid "never"
+msgstr "ешқашан"
+
+msgid "password must be changed"
+msgstr "пароль өзгертілу керек"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Парольдің мерзімі бітеді\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Пароль Ñөндіріледі\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Тіркелгі Ñөндіріледі\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Парольді ауыÑтыру араÑында өту керек ең аз күн Ñаны\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Парольді ауыÑтыру араÑында өту керек ең көп күн Ñаны\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Пароль аÑқталуы туралы хабарлауды баÑтау, күн Ñаны\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: '%s' күні қате\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: қате Ñан аргументі '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: \"l\" опциÑÑын баÑқалармен бірге қолданбаңыз\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: РұқÑат жоқ.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Сіздің пайдаланушы атын анықтау мүмкін емеÑ.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: %s оқшаулау ÑәтÑіз; кейін қайталаңыз.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: %s ашу мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: %s ішіне өзгеріÑтерді Ñақтау кезінде қате кетті\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: жаңа %s '%s' жазбаны дайындау мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: көлеңкелі парольдер файлын жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: '%s' пайдаланушыÑÑ‹ %s ішінде жоқ\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s үшін мерзім ақпаратын өзгерту\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: жолдарды өзгерту қатеÑÑ–\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опциÑлар] [ТІРКЕЛГІ]\n"
+"\n"
+"ОпциÑлар:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr " -f, --full-name FULL_NAME пайд.-ның толық атын ауыÑтыру\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+" -h, --home-phone HOME_PHONE пайд.-ның үй телефон нөмірін ауыÑтыру\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+" -o, --other OTHER_INFO пайд.-ның баÑқа GECOS ақпаратын өзгерту\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr " -r, --room ROOM_NUMBER пайд.-ның бөлме нөмірін ауыÑтыру\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr " -u, --help оÑÑ‹ көмек ақпаратын көрÑету мен шығу\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+" -w, --work-phone WORK_PHONE пайд.-ның Ð¶Ò±Ð¼Ñ‹Ñ Ñ‚ÐµÐ»ÐµÑ„Ð¾Ð½ нөмірін ауыÑтыру\n"
+
+msgid "Full Name"
+msgstr "Толық аты"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Бөлме нөмірі"
+
+msgid "Work Phone"
+msgstr "Ð–Ò±Ð¼Ñ‹Ñ Ñ‚ÐµÐ»ÐµÑ„Ð¾Ð½ нөмірі"
+
+msgid "Home Phone"
+msgstr "Үй телефон нөмірі"
+
+msgid "Other"
+msgstr "БаÑқа"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Суперпайдаланушы (root) құқығын алу мүмкін емеÑ.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: ASCII-ÐµÐ¼ÐµÑ Ñ‚Ð°Ò£Ð±Ð°Ð»Ð°Ñ€Ñ‹ бар аты: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: пайдаланушы аты қате: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: ASCII-ÐµÐ¼ÐµÑ Ñ‚Ð°Ò£Ð±Ð°Ð»Ð°Ñ€Ñ‹ бар бөлме: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: бөлме нөмірі қате: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: Ð¶Ò±Ð¼Ñ‹Ñ Ñ‚ÐµÐ»ÐµÑ„Ð¾Ð½ нөмірі қате: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: үй телефон нөмірі қате: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' құрамында ASCII-ÐµÐ¼ÐµÑ Ñ‚Ð°Ò£Ð±Ð°Ð»Ð°Ñ€ бар\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' құрамында қате таңбалар бар\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: пайдаланушы '%s' жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: NIS клиентінде '%s' пайдаланушыны ауыÑтыруға мүмкін емеÑ.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' - бұл клиент үшін NIS Ñервері.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%s үшін пайдаланушы ақпаратын өзгерту\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: жолдар өте ұзын\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опциÑлар]\n"
+"\n"
+"ОпциÑлар:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method METHOD шифрлеу Ñ‚Ó™Ñілі (келеÑіден біреу: %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr " -e, --encrypted берілген парольдер шифрленген\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 MD5 алгоритмін пайдаланып, таза мәтінді\n"
+" парольді шифрлеу\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds SHA* Ñ‚ÐµÐºÑ‚ÐµÑ Ð°Ð»Ð³Ð¾Ñ€Ð¸Ñ‚Ð¼Ð´ÐµÑ€ үшін SHA\n"
+" раундтар Ñаны\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s жалаушаÑын тек %s жалаушаÑымен бірге қолдануға болады\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e, және -m жалаушалары өзара үйлеÑпейді\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: қолдауы жоқ шифрлеу Ñ‚Ó™Ñілі: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: жол %d: жол өте ұзын\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: жол %d: жаңа пароль жоқ\n"
+
+#, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: парольді '%s' тұзымен шифрлеу ÑәтÑіз аÑқталды: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: жол %d: '%s' тобы жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: жол %d: жаңа %s '%s' жазбаны дайындау мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: қателер орын алды, өзгеріÑтер Ñақталмады\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (жол %d, пайдаланушы %s) пароль өзгертілмеген\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: жол %d: пайдаланушы '%s' жоқ болып тұр\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell SHELL пайдаланушы тіркелгіÑÑ– үшін жаңа қоршам\n"
+
+msgid "Login Shell"
+msgstr "Қоршам"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Сіз '%s' үшін қоршамды өзгерте алмайÑыз.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%s үшін қоршамды өзгерту\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Қате мән: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s Ð´Ò±Ñ€Ñ‹Ñ Ò›Ð¾Ñ€ÑˆÐ°Ð¼ емеÑ\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: ЕÑкерту: %s жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: ЕÑкерту: %s орындалатын емеÑ\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check пайд.-шы паролінің аÑқталу мерзімін текÑеру\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force пайд.-шы паролінің мерзімі бітÑе, парольді\n"
+" ауыÑтыруға мәжбүрлету\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: %s пен %s опциÑлары өзара ерегіÑеді\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: күтпеген аргумент: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all барлық пайдаланушылар үшін faillog "
+"жазбаларын көрÑету\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs СЕК ÑәтÑіз кіру талабынан кейін тіркелгіні СЕК "
+"Ñекундқа блоктау\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum ÐœÐКС ÑәтÑіз кіру талап Ñан макÑимумын ÐœÐКС етіп "
+"орнату\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr " -r, --reset ÑәтÑіз кіру талап Ñанағышын нөлдеу\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time КҮРКҮÐнен кейін болған faillog жазбаларын "
+"көрÑету\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user ТІРКЕЛГІ/ÐРÐЛЫҚ тек көрÑетілген ТІРКЕЛГІ(лер) үшін faillog "
+"жазбаÑын\n"
+" көрÑету не Ñанағыштарды мен лимиттерді (егер "
+"-r, -m,\n"
+" не -l бірге көрÑетілÑе) баÑқару\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: UID %lu үшін жазбаны алу мүмкін емеÑ\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Пайд.-шы СәтÑіз кірулер МакÑ. Соңғы Қайда\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus қалды]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds оқшаулар Ñаны]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+"%s: UID %lu үшін ÑәтÑіз кіру талаптар Ñанағышын нөлдеу ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: UID %lu үшін Ð¼Ð°ÐºÑ Ð¼Ó™Ð½Ñ–Ð½ орнату ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: UID %lu үшін блоктау уақытын орнату ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: БелгіÑіз пайдаланушы не аралық: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: %s өлшемін алу мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: %s жазу ÑәтÑіз: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опциÑ] ТОП\n"
+"\n"
+"ОпциÑлар:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add ПÐЙД ПÐЙДаланушыны ТОПқа қоÑу\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete ПÐЙД ПÐЙДаланушыны ТОПтан өшіру\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root CHROOT_DIR chroot үшін бума\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password ТОП паролін өшіру\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict ТОПқа қатынауды тек оның мүшелерімен шектеу\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr " -M, --members ПÐЙД,... ТОП мүшелерін орнату\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ӘКІМШІ,...\n"
+" ТОП үшін әкімшілер тізімін орнату\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"Бұл опциÑларды, -A және -M опциÑларынан баÑқа, бірге қолдануға болмайды.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Бұл опциÑларды бірге қолдануға болмайды.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -A үшін көлеңкелі парольдер файлына қолдау керек\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: '%s' тобы %s ішінде жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: тек оқу үшін %s жабу қатеÑÑ–\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "%s тобы үшін парольді өзгерту\n"
+
+msgid "New Password: "
+msgstr "Жаңа пароль:"
+
+msgid "Re-enter new password: "
+msgstr "Жаңа парольді қайта енгізіңіз:"
+
+msgid "They don't match; try again"
+msgstr "Олар ÑÓ™Ð¹ÐºÐµÑ ÐµÐ¼ÐµÑ; қайтадан енгізіңіз"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Кейінірек қайталап көріңіз\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "%s пайдаланушыÑын %s тобына қоÑу\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "%s пайдаланушыÑын %s тобынан өшіру\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: '%s' пайдаланушыÑÑ‹ '%s' мүшеÑÑ– емеÑ\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Терминал емеÑ\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опциÑлар] ТОП\n"
+"\n"
+"ОпциÑлар:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force топ бар болÑа Ñәтті шығу, ал GID қолдануда "
+"болÑа,\n"
+" -g опциÑÑынан Ð±Ð°Ñ Ñ‚Ð°Ñ€Ñ‚Ñƒ\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID жаңа топ үшін GID қолдану\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key KEY=VALUE /etc/login.defs баÑтапқы мәндерін алмаÑтыру\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique қайталанатын (ерекше емеÑ) GID бар топтарды\n"
+" жаÑауға Ñ€Ò±Ò›Ñат ету\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password ПÐРОЛЬ бұл шифрленген парольді жаңа топ үшін "
+"қолдану\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system жүйелік тіркелгіні жаÑау\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' Ð´Ò±Ñ€Ñ‹Ñ Ñ‚Ð¾Ð¿ аты емеÑ\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: қате топ ID-і '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K талап етеді KEY=МӘÐІ\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: '%s' тобы бар болып тұр\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID '%lu' бар болып тұр\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Тазарту қызметін орнату мүмкін емеÑ.\n"
+
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -f, --force топты өшіру, егер ол пайдаланушының "
+"біріншілік тобы болÑа да\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: '%s' жазбаÑын %s ішінен өшіру мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: '%s' пайдаланушының баÑÑ‚Ñ‹ тобын өшіру мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: '%s' тобы жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: '%s' тобы NIS тобы болып тұр\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s қазір NIS Ñервері болып тұр\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: '%s' пайдаланушыÑÑ‹ '%s' тобының мүшеÑÑ– болып тұр\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Жады жеткілікÑіз. %s жаңарту мүмкін емеÑ.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опциÑлар] [әрекет]\n"
+"\n"
+"ОпциÑлар:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group топ_аты пайд. тобы орнына топты көрÑету\n"
+" (тек root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Әрекеттер:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add пайд_аты пайдаланушыны топтың мүшелер тізіміне қоÑу\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr " -d, --delete пайд_аты пайдаланушыны топтан өшіру\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge топтан барлық мүшелерді өшіру\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list топ мүшелердің тізімін шығару\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: Ñіздің топ атыңыз пайдаланушы атыңызға ÑÓ™Ð¹ÐºÐµÑ ÐºÐµÐ»Ð¼ÐµÐ¹Ð´Ñ–\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: тек root -g/--group опциÑÑын қолдана алады\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID топ ID-ін GID мәніне орнату\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name ЖÐÒ¢Ð_ТОП атын жаңа ЖÐÒ¢Ð_ТОП атына орнату\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique қайталанатын (ерекше емеÑ) GID қолдануға "
+"Ñ€Ò±Ò›Ñат ету\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password ПÐРОЛЬ парольді оÑÑ‹ ПÐРОЛЬге (шифрленген) оранту\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: қате топ аты '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: %s тобы NIS тобы болып тұр\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: белгіÑіз пайдаланушы %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опциÑлар] [group [gshadow]]\n"
+"\n"
+"ОпциÑлар:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опциÑлар] [group]\n"
+"\n"
+"ОпциÑлар:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only қателер мен еÑкертулерді көрÑету,\n"
+" бірақ файлдарға тиіÑпеу\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort жазбаларды UID б/ша Ñұрыптау\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s пен -r өзара үйлеÑпейді\n"
+
+msgid "invalid group file entry"
+msgstr "group файл ішінде қате жазба"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "'%s' жолын өшіру керек пе? "
+
+msgid "duplicate group entry"
+msgstr "қайталанатын топ жазбаÑÑ‹"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "қате топ аты '%s'\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "қате топ ID-і '%lu'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "%s тобы: %s пайдаланушы жоқ\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "'%s' қатыÑушыны өшіру керек пе? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "%s ішінде ÑÓ™Ð¹ÐºÐµÑ ÐºÓ©Ð»ÐµÒ£ÐºÐµÐ»Ñ– топ жазбаÑÑ‹ жоқ\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "'%s' тобын %s ішіне қоÑу керек пе?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"%s тобының %s ішінде жазбаÑÑ‹ бар, бірақ оның %s ішіндегі пароль жазбаÑÑ‹ 'x' "
+"етіп орнатылмаған\n"
+
+msgid "invalid shadow group file entry"
+msgstr "көлеңкелі топтар файлының қате жазбаÑÑ‹"
+
+msgid "duplicate shadow group entry"
+msgstr "қайталанатын көлеңкелі топтар жазбаÑÑ‹"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "көлеңкелі топ %s: %s әкімші пайдаланушыÑÑ‹ жоқ\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "'%s' әкімші пайдаланушыÑын өшіру керек пе? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "көлеңкелі топ %s: %s пайдаланушыÑÑ‹ жоқ\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: файлдар жаңартылды\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: өзгеріÑтер жоқ\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: %s өшіру мүмкін емеÑ\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Қолданылуы: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Қолданылуы: id\n"
+
+msgid " groups="
+msgstr " топтар="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before КҮРмерзімі КҮÐнен үлкен ғана lastlog жазбаларын "
+"көрÑету\n"
+
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -C, --clear пайдаланушының lastlog жазбаÑын тазарту (тек "
+"-u опциÑÑымен бірге пайдаланылады)\n"
+
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -S, --set lastlog жазбаÑын ағымдағы уақытқа орнату "
+"(тек -u опциÑÑымен бірге пайдаланылады)\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time КҮРмерзімі КҮÐнен кіші ғана lastlog жазбаларын "
+"көрÑету\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user ТІРКЕЛГІ көрÑетілген ТІРКЕЛГІ үшін lastlog жазбаларын "
+"көрÑету\n"
+
+msgid "Username Port From Latest"
+msgstr "Пайдаланушы Порт Қайдан Соңғы"
+
+msgid "Username Port Latest"
+msgstr "Пайдаланушы Порт Соңғы"
+
+msgid "**Never logged in**"
+msgstr "**Жүйеге ешқашан кірмеген**"
+
+#, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: UID %lu үшін жазбаны жаңарту ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: lastlog файлын жаңарту ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr "%s: -C опциÑÑын -S опциÑÑымен бірге қолдануға болмайды\n"
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+"%s: -C және -S опциÑлары пайдаланушыны көрÑету үшін -u опциÑÑын талап етеді\n"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Қолданылуы: %s [-p] [аты]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h хоÑÑ‚] [-f аты]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r хоÑÑ‚\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "баптау қатеÑÑ– - %s мәнің өндеу мүмкін емеÑ: '%d'"
+
+msgid "Invalid login time"
+msgstr "Жүйеге кірудің қате уақыты"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Жүйе техникалық жөндеуді өткізу үшін жабылған"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Жүйеден мәжбүрлі шығу орындалмады -- root үшін жүйеге кіруге Ñ€Ò±Ò›Ñат "
+"етілген.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Эффективті root-Ñыз Ð¶Ò±Ð¼Ñ‹Ñ Ñ–Ñтемеуі мүмкін\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Utmp жазбаÑÑ‹ жоқ. Сізге exec \"login\" командаÑын бірінші деңгейден \"sh\" "
+"қоÑу керек"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Жүйеге кіру уақыты %u Ñекундтан кейін аÑқталды.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM қатеÑÑ–, тоқтатылды: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s пайдаланушы аты: "
+
+msgid "login: "
+msgstr "пайдаланушы аты:"
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Талаптар Ñаны шектен аÑÑ‚Ñ‹ (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: тоқтатуды PAM Ñұраған\n"
+
+msgid "Login incorrect"
+msgstr "Жүйеге кіру орындалмады"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Пайдаланушыны табу мүмкін ÐµÐ¼ÐµÑ (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s пайдаланушы аты: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: үрдіÑÑ‚Ñ– баÑтау қатеÑÑ–: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "%s үшін TIOCSCTTY орындау қатемен аÑқталды"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "ЕÑкерту: тіркелгі уақытша Ñөндірілгеннен кейін қайта қоÑылған."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Жүйеге Ñоңғы кіру: %s, терминал %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Жүйеге Ñоңғы кіру: %.19s, терминал %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " қайдан: %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"жүйеге кіру уақыты өтті\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Қолданылуы: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Қолданылуы: newgrp [-] [топ]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Қолданылуы: sg топ [[-c] командаÑÑ‹]\n"
+
+#, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: парольді алдыңғы тұзбен шифрлеу ÑәтÑіз аÑқталды: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "пароль қате.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: үрдіÑÑ‚Ñ– баÑтау қатеÑÑ–: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: '%lu' GID-і жоқ болып тұр\n"
+
+msgid "too many groups\n"
+msgstr "топ Ñаны шектен Ñ‚Ñ‹Ñ\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system жүйелік тіркелгіні жаÑау\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: топ '%s' shadow тобы болып тұр, бірақ /etc/group ішінен табылмады\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: пайдаланушы ID-і '%s' қате\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: '%s' пайдаланушы аты қате\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: жол %d: жол қате\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: %s пайдаланушы жазбаÑын жаңарту мүмкін ÐµÐ¼ÐµÑ (passwd дерекқорында жоқ)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: жол %d: пайдаланушыны жаÑау мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: жол %d: топты жаÑау мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: жол %d: '%s' пайдаланушыÑÑ‹ %s ішінде жоқ\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: жол %d: парольді жаңарту мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: жол %d: mkdir %s ÑәтÑіз: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: жол %d: chown %s ÑәтÑіз: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: жол %d: жазбаны жаңарту мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: жаңа %s жазбаÑын дайындау ÑәтÑіз аÑқталды\n"
+
+#, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: бағынышты пайдаланушы ауқымын табу мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: бағынышты топ ауқымын табу мүмкін емеÑ\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all барлық тіркелгілер үшін парольдер күйін "
+"шығару\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+" -d, --delete көрÑетілген тіркелгі үшін парольді өшіру\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire көрÑетілген тіркелгі үшін пароль мерзімінің "
+"аÑқталуын мәжбүрлету\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens парольді тек мерзімі аÑқталÑа ғана өзгерту\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INACTIVE мерзімі аÑқталғаннан кейін тіркелгіні "
+"Ñөндіру үшін\n"
+" керек күн Ñанын INACTIVE мәніне орнату\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -l, --lock көрÑетілген тіркелгіні оқшаулау\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_DAYS парольді өзгерту араÑында ең аз Ñ€Ò±Ò›Ñат "
+"етілген күн Ñанын\n"
+" MIN_DAYS мәніне орнату\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet тыныш режимі\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+" -r, --repository REPOSITORY REPOSITORY репозиторийінде парольді өзгерту\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status көрÑетілген тіркелгі үшін пароль күйін "
+"шығару\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+" -u, --unlock көрÑетілген тіркелгіні оқшаулаудан боÑату\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays WARN_DAYS мерзімі аÑқталуы туралы WARN_DAYS қалғанда "
+"еÑкерте баÑтау\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAX_DAYS парольді өзгерту араÑында ең көп Ñ€Ò±Ò›Ñат "
+"етілген күн Ñанын\n"
+" MAX_DAYS мәніне орнату\n"
+
+msgid "Old password: "
+msgstr "Ðғымдағы пароль:"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Жаңа парольді енгізіңіз (минимум %d белгі болÑын)\n"
+"Парольді баÑ, кіші әріптер және Ñандарды аралаÑтыра қолданып құраңыз.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Жаңа парольді енгізіңіз (минимум %d, макÑимум %d белгі болÑын)\n"
+"Парольді баÑ, кіші әріптер және Ñандарды аралаÑтыра қолданып құраңыз.\n"
+
+msgid "New password: "
+msgstr "Жаңа пароль:"
+
+msgid "Try again."
+msgstr "Қайталап көріңіз."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"ЕÑкерту: өте оңай пароль (қолданам деÑеңіз қайта енгізіңіз)."
+
+msgid "They don't match; try again.\n"
+msgstr "Олар өзара ÑÓ™Ð¹ÐºÐµÑ ÐµÐ¼ÐµÑ; қайтадан көріңіз.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s үшін парольді өзгертуге болмайды.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s үшін парольді қазір өзгертуге болмайды.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: пайдаланушыны оқшаулаудан боÑату парольÑіз тіркелгіге әкелуі мүмкін.\n"
+"ОÑыны жаÑау үшін Ñіз оған парольді usermod -p қолданып орнатуыңыз керек.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: %s репозиторийіне қолдау жоқ\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s пайдаланушының %s үшін паролді өзгертуге құқығы жоқ\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Сізде%s үшін парольдік ақпаратты оқи не өзгерте алмайÑыз.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s үшін парольді өзгерту\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s пайдаланушының паролі өзгертілмеді.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: пароль өзгертілді.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: пароль мерзімі туралы ақпарат өзгертілді.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опциÑлар] [passwd]\n"
+"\n"
+"ОпциÑлар:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опциÑлар] [passwd [shadow]]\n"
+"\n"
+"ОпциÑлар:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet тек қателерді хабарлау\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: USE_TCB Ñ–Ñке қоÑулы болÑа, альтернативті shadow файлына Ñ€Ò±Ò›Ñат жоқ.\n"
+
+msgid "invalid password file entry"
+msgstr "парольдер файлының қате жазбаÑÑ‹"
+
+msgid "duplicate password entry"
+msgstr "қайталанатын пароль жазбаÑÑ‹"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "қате пайдаланушы аты '%s'\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "пайдаланушы ID-і '%lu' қате\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "пайдаланушы '%s': %lu тобы жоқ\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "пайдаланушы '%s': '%s' бумаÑÑ‹ жоқ болып тұр\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "пайдаланушы '%s': '%s' бағдарламаÑÑ‹ жоқ болып тұр\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "%s үшін tcb бумаÑÑ‹ жоқ\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "%s үшін tcb бумаÑын жаÑау керек пе?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s үшін tcb бумаÑын жаÑау ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %s оқшаулау мүмкін емеÑ.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "%s ішінде ÑÓ™Ð¹ÐºÐµÑ Ð¿Ð°Ñ€Ð¾Ð»ÑŒÐ´ÐµÑ€ файлының жазбаÑÑ‹ жоқ\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "'%s' пайдаланушыны %s ішіне қоÑу керек пе? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"%s пайдаланушыÑының %s ішінде жазбаÑÑ‹ бар, бірақ оның %s ішіндегі пароль "
+"жазбаÑÑ‹ 'x' етіп орнатылмаған\n"
+
+msgid "invalid shadow password file entry"
+msgstr "көлеңкелі парольдер файлының қате жазбаÑÑ‹"
+
+msgid "duplicate shadow password entry"
+msgstr "қайталанатын көлеңкелі пароль жазбаÑÑ‹"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "пайдаланушы %s: Ñоңғы парольді өзгерту уақыты болашақта\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: %s ішіндегі жазбаралды Ñұрыптау мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: tcb Ñ–Ñке қоÑулы болÑа, Ð¶Ò±Ð¼Ñ‹Ñ Ñ–Ñтеу мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: %s режимін 0600 мәніне орнату ÑәтÑіз аÑқталды\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "ОÑÑ‹ тіркелгі үшін su орындауға РҰҚСÐТ ЖОҚ.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Парольдік аутентификациÑны аттап өтеміз.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Шындылықты текÑеру үшін ӨЗІҢІЗДІҢ пароліңізді енгізіңіз.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Пайдаланушы қоршамын Ñ–Ñке қоÑу мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: Ñигнал ақаулығы\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: Ñигналды баÑқару ақаулығы\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "СеÑÑÐ¸Ñ Ñ‚Ð¾Ò›Ñ‚Ð°Ñ‚Ñ‹Ð»Ð´Ñ‹, қоршамды тоқтату..."
+
+msgid " ...killed.\n"
+msgstr " ...өлтірілді.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...ұрпақ үрдіÑÑ‚Ñ–Ò£ тоқтатылуын күту.\n"
+
+msgid " ...terminated.\n"
+msgstr " ...тоқтатылды.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Қолданылуы: su [опциÑлар] [ТІРКЕЛГІ]\n"
+"\n"
+"ОпциÑлары:\n"
+" -c, --command COMMAND шақырылатын қоршамға COMMAND командаÑын "
+"беру\n"
+" -h, --help оÑÑ‹ көмек ақпаратын көрÑету және шығу\n"
+" -, -l, --login қоршамды тіркелгі қоршамына ауыÑтыру\n"
+" -m, -p,\n"
+" --preserve-environment орта айнымалыларының мәндерін мен қоршамды "
+"Ñақтау\n"
+" -s, --shell SHELL passwd-да көрÑетілгеннің орнына SHELL "
+"қоршамын қолдану\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Елемеу)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Сізде su %s жаÑау үшін құқығыңыз жоқ\n"
+
+msgid "(Enter your own password)"
+msgstr "(Өзіңіздің пароліңізді енгізіңіз)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: ÐÑƒÑ‚ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ†Ð¸Ñ Ò›Ð°Ñ‚ÐµÑÑ–\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Сізде қазір su жаÑау үшін құқығыңыз жоқ\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "'%s' пайд.-ÑÑ‹ үшін passwd жазбаÑÑ‹ жоқ\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: терминалда орындалуы керек\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: қате %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: БаÑқару терминалын таÑтау мүмкін емеÑ\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "%s орындау мүмкін емеÑ\n"
+
+msgid "No password file"
+msgstr "Парольдер файлы жоқ"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY қатеÑÑ–"
+
+msgid "No password entry for 'root'"
+msgstr "'root' үшін пароль жазбаÑÑ‹ жоқ"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Кәдімгі жүктелу үшін control-d баÑыңыз,\n"
+"(немеÑе жүйені жөндеу режиміне өту үшін root паролін енгізіңіз):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Жүйені жөндеу режиміне өту"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s жаÑалды, бірақ оны өшіру мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: %s баптауы, ол %s ішінде, еÑепке алынбайды\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: жаңа defaults файлын жаÑау мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: жаңа defaults файлын ашу мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: %s ішіндегі жол тым ұзын: %s..."
+
+#, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Қор көшірме файлын жаÑау мүмкін ÐµÐ¼ÐµÑ (%s): %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: атын ауыÑтыру: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: '%s' тобы NIS тобы болып тұр.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: шектен көп топ Ñаны көрÑетілген (макÑимум %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опциÑлар] ТІРКЕЛГІ\n"
+" %s -D\n"
+" %s -D [опциÑлар]\n"
+"\n"
+"ОпциÑлар:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir ÐЕГ_БУМРжаңа тіркелгінің үй бумаÑÑ‹ орналаÑатын\n"
+" негізгі бума\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment COMMENT жаңа тіркелгінің GECOS өріÑÑ–\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir ҮЙ_БУМÐСЫ жаңа тіркелгі үшін үй бумаÑÑ‹\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults useradd-Ò£ баÑтапқы баптауларын шығару не "
+"өзгерту\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+" -e, --expiredate ÐЯҚТÐЛУ_КҮÐІ жаңа тіркелгінің мерзімі аÑқталатын күні\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive INACTIVE жаңа тіркелгі паролінің белÑенді ÐµÐ¼ÐµÑ ÑƒÐ°Ò›Ñ‹Ñ‚ "
+"аралығы\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid ТОП жаңа тіркелгі үшін баÑÑ‚Ñ‹ топтың аты не ID-Ñ–\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups ТОПТÐР жаңа тіркелгі үшін қоÑымша топтар тізімі\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr " -k, --skel SKEL_DIR баÑқа үлгілер бумаÑын қолдану\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init пайдаланушыны lastlog пен faillog\n"
+" дерекқорларына қоÑпау\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr " -m, --create-home пайдаланушы үй бумаÑын жаÑау\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr " -M, --no-create-home пайдаланушы үй бумаÑын жаÑамау\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr " -N, --no-user-group пайдаланушымен Ð°Ñ‚Ñ‚Ð°Ñ Ñ‚Ð¾Ð¿Ñ‚Ñ‹ жаÑамау\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique қайталанатын (ерекше емеÑ) UID бар\n"
+" пайдаланушыларды жаÑауға Ñ€Ò±Ò›Ñат ету\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr " -p, --password ПÐРОЛЬ жаңа тіркелгі үшін шифрленген пароль\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell ҚОРШÐÐœ жаңа тіркелгі үшін кіру қоршамы\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID жаңа тіркелгі үшін пайдаланушы ID-і\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr " -U, --user-group пайдаланушымен Ð°Ñ‚Ñ‚Ð°Ñ Ñ‚Ð¾Ð¿Ñ‚Ñ‹ жаÑау\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SEUSER SELinux пайдаланушы ÑәйкеÑтігі үшін "
+"көрÑетілген SEUSER қолдану\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: '%s' негізгі бумаÑÑ‹ қате\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: '%s' Ñ‚Ò¯ÑініктемеÑÑ– қате\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: '%s' үй бумаÑÑ‹ қате\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: -e үшін көлеңкелі парольдер керек\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: -f үшін көлеңкелі парольдер керек\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: '%s' өріÑÑ– қате\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: '%s' қоршамы қате\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z өз алдында SELinux қоÑулы Ñдроны талап етеді\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: %lu UID-Ñ– үшін faillog жазбаÑын нөлдеу ÑәтÑіз: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: %lu UID-Ñ– үшін lastlog жазбаÑын нөлдеу ÑәтÑіз: %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: жаңа %s жазбаÑын дайындау ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: %s бумаÑын жаÑау мүкін емеÑ\n"
+
+msgid "Creating mailbox file"
+msgstr "Пошта файлын құру"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"'mail' тобы табылмады. Пайдаланушының пошта файлы 0600 түрінде құрылады.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Пошта файлына Ñ€Ò±Ò›Ñаттарды орнату"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: '%s' пайдаланушыÑÑ‹ бар болып тұр\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: %s тобы бар болып тұр - егер оған жаңа пайдаланушыны қоÑқыңыз келÑе, -g "
+"қолданыңыз.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: пайдаланушыны жаÑау мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu бар болып тұр\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: %s үшін tcb бумаÑын жаÑау мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: топты құру мүмкін емеÑ\n"
+
+#, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: бағынышты пайдаланушы ID-ын жаÑау мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: бағынышты топ ID-ын жаÑау мүмкін емеÑ\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: еÑкерту: үй бумаÑÑ‹ бар болып тұр.\n"
+"Оның ішіне skel бумаÑынан бірде-бір файл көшірілмеді.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr "%s: еÑкерту: %s пайдаланушы атын %s SELinux ÑәйкеÑтендіру ÑәтÑіз.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force файлдарды өшіруді мәжбүрлеу,\n"
+" пайдаланушы иелігінде болмаÑа да\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr " -r, --remove үй бумаÑын мен поштаÑын өшіру\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user пайд.-ның барлық SELinux пайд. "
+"ÑәйкеÑтіктерін жою\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: %s тобы өшірілмейді, өйткені ол %s пайд.-ның негізгі тобы емеÑ.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: %s тобы өшірілмейді, өйткені онда баÑқа мүшелері бар.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: %s тобын өшіру мүмкін емеÑ, ол баÑқа пайдаланушы үшін баÑыңқы топ болып "
+"табылады.\n"
+
+#, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: %lu жазбаÑын %s ішінен өшіру мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s пошта Ñпулы (%s) табылмады\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: еÑкерту: %s өшіру мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s қазір %s иелігінде емеÑ, өшірілмейді\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: Жадыны бөлу мүмкін емеÑ, %s үшін tcb жазбаÑÑ‹ өшірілмеді.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: ПривилегиÑларды таÑтау мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: %s құрамаÑын өшіру мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: %s үшін tcb файлдарын өшіру мүмкін емеÑ: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: %s қазір NIS пайдаланушыÑÑ‹ болып тұр\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s үшін үй бумаÑÑ‹ (%s) табылмады\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: %s бумаÑÑ‹ өшірілмеді (%s пайдаланушының үй бумаÑын өшіру талабы)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: %s бумаÑын өшіру қатемен аÑқталды\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: еÑкерту: %s пайдаланушы атына SELinux пайд. ÑәйкеÑтендіруін өшіру "
+"ÑәтÑіз.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment COMMENT GECOS жазбаÑÑ‹ үшін жаңа мәні\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home HOME_DIR пайдаланушы тіркелгіÑÑ– үшін жаңа үй бумаÑÑ‹\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate EXPIRE_DATE тіркелгінің аÑқталу мерзімін EXPIRE_DATE "
+"күніне орнату\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INACTIVE мерзімі аÑқталғаннан кейін пароль "
+"Ñөндірілетін күн\n"
+" Ñанын INACTIVE мәніне орнату\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid ТОП жаңа баÑыңқы топ ретінде ТОПты қолдануды "
+"мәжбүрлету\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups ТОПТÐР пайдаланушыны қоÑымша ТОПТÐРға қоÑу\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append пайдаланушыны қоÑымша ТОПТÐР ішіне қоÑу\n"
+" -G опциÑÑÑ‹ ÑиÑқты, пайдаланушыны баÑқа "
+"топтардан\n"
+" өшірмейді\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login NEW_LOGIN тіркелгі үшін жаңа аты\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock пайдаланушы тіркелгіÑін оқшаулау\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home үй бумаÑының құрамаÑын жаңа жерге ауыÑтыру\n"
+" (тек -d опциÑÑымен бірге қолданыңыз)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique қайталанатын (ерекше емеÑ) UID-тарды "
+"қолдануды Ñ€Ò±Ò›Ñат ету\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password PASSWORD жаңа пароль ретінде шифрленген парольді "
+"қолдану\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+" -u, --uid UID жаңа тіркелгі үшін пайдаланушы ID-і\n"
+" -u, --uid UID пайдаланушы тіркелгіÑÑ– үшін жаңа UID\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+" -U, --unlock пайдаланушы тіркелгіÑін оқшаулаудан боÑату\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr " -v, --add-subuids БІРІÐШІ-СОҢҒЫ бағынышты uid-тар ауқымын қоÑу\n"
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr " -V, --del-subuids БІРІÐШІ-СОҢҒЫ бағынышты uid-тар ауқымын өшіру\n"
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr " -w, --add-subgids БІРІÐШІ-СОҢҒЫ бағынышты gid-тар ауқымын қоÑу\n"
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr " -W, --del-subgids БІРІÐШІ-СОҢҒЫ бағынышты gid-тар ауқымын өшіру\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user SEUSER пайдаланушы тіркелгіÑÑ– үшін жаңа SELinux "
+"ÑәйкеÑтігі\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: пайдаланушыны оқшаулаудан боÑату парольÑіз тіркелгіге әкеп Ñоғады.\n"
+"ОÑыны жаÑау үшін Ñіз оған парольді usermod -p қолданып орнатуыңыз керек.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: '%s' пайдаланушыÑÑ‹ %s ішінде бар болып тұр\n"
+
+#, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: жарамÑыз бағынышты uid ауқымы '%s'\n"
+
+#, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: жарамÑыз бағынышты gid ауқымы '%s'\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: опциÑлар жоқ\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p және -U жалаушаларын бірге қолдануға болмайды\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e пен -f үшін көлеңкелі парольдер керек\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: '%lu' UID-і бар болып тұр\n"
+
+#, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s жоқ болып тұр, %s немеÑе %s жалаушаларын қолдануға болмайды\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: %s бумаÑÑ‹ бар болып тұр\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Ðлдыңғы үй бумаÑÑ‹ (%s) бума ÐµÐ¼ÐµÑ Ð±Ð¾Ð»Ò“Ð°Ð½. Ол өшірілмеді де, ешбір үй "
+"бумаÑÑ‹ жаÑалмады.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Үй бумаÑының иелігін ауыÑтыру мүмкін емеÑ"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: еÑкерту: %s еÑкі үй бумаÑын толығымен өшіру мүмкін емеÑ"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: %s бумаÑының атын %s атына ауыÑтыру мүмкін емеÑ\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: %lu пайд.-нан %lu пайдаланушыÑына lastlog жазбаÑын көшіру ÑәтÑіз: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: %lu пайд.-нан %lu пайдаланушыÑына faillog жазбаÑын көшіру ÑәтÑіз: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: еÑкерту: %s қазір %s иелігінде емеÑ\n"
+
+msgid "failed to change mailbox owner"
+msgstr "mailbox иеÑін ауыÑтыру қатемен аÑқталды"
+
+msgid "failed to rename mailbox"
+msgstr "mailbox атын ауыÑтыру қатемен аÑқталды"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: %lu-%lu uid-тар ауқымын '%s' ішінен өшіру ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: %lu-%lu uid ауқымын '%s' ішіне қоÑу ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: %lu-%lu gid-тар ауқымын '%s' ішінен өшіру ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: %lu-%lu gid ауқымын '%s' ішіне қоÑу ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Сіз %s түзеттіңіз.\n"
+"Сізге %s құрамаÑын түзетуге керек болуы мүмкін.\n"
+"Оны орындау үшін '%s' командаÑын қолданыңыз.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group топ дерекқорын түзету\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd passwd дерекқорын түзету\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr " -s, --shadow shadow не gshadow дерекқорын түзету\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+" -u, --user қай пайдаланушының tcb shadow файлын түзету "
+"керек\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: %s өшіру ÑәтÑіз аÑқталды\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s өзгертілмеді\n"
+
+msgid "failed to create scratch directory"
+msgstr "scratch бумаÑын жаÑау ÑәтÑіз"
+
+msgid "failed to drop privileges"
+msgstr "привилегиÑларды таÑтау ÑәтÑіз"
+
+msgid "Couldn't get file context"
+msgstr "Файлға қол жеткізу мүмкін емеÑ"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () ÑәтÑіз"
+
+msgid "failed to gain privileges"
+msgstr "привилегиÑларды алу мүмкін емеÑ"
+
+msgid "Couldn't lock file"
+msgstr "Файлды оқшаулау мүмкін емеÑ"
+
+msgid "Couldn't make backup"
+msgstr "Қор көшірмені жаÑау мүмкін емеÑ"
+
+#, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s %d қалып-күймен өз жұмыÑын аÑқтады\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr "%s: %s %d Ñигналымен тоқтатылды\n"
+
+msgid "failed to open scratch file"
+msgstr "scratch файлын ашу ÑәтÑіз"
+
+msgid "failed to unlink scratch file"
+msgstr "scratch файлын жою ÑәтÑіз"
+
+msgid "failed to stat edited file"
+msgstr "түзетілген файлды табу ÑәтÑіз"
+
+msgid "failed to allocate memory"
+msgstr "жадыны бөлу ÑәтÑіз"
+
+msgid "failed to create backup file"
+msgstr "резервті көшірме файлын жаÑау ÑәтÑіз"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %s қайтару мүмкін емеÑ: %s (Ñіздің өзгертулеріңіз %s ішінде)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: %s үшін tcb бумаÑын табу ÑәтÑіз\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr " -c, --crypt-method шифрлеу Ñ‚Ó™Ñілі (%s ішінен біреу)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Қолданылуы: vipw [опциÑлар]\n"
+#~ "\n"
+#~ "ОпциÑлар:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "жадыдан %d байт бөлу мүмкін емеÑ\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Қолданылуы: chage [опциÑлар] [ПÐЙДÐЛÐÐУШЫ_ÐТЫ]\n"
+#~ "\n"
+#~ "ОпциÑлар:\n"
+#~ " -d, --lastday LAST_DAY парольдің аÑқталу мерзімін LAST_DAY "
+#~ "күніне орнату\n"
+#~ " -E, --expiredate EXPIRE_DATE тіркелгінің аÑқталу мерзімі EXPIRE_DATE "
+#~ "күніне орнату\n"
+#~ " -h, --help оÑÑ‹ көмек ақпаратын көрÑетіп, шығу\n"
+#~ " -I, --inactive INACTIVE парольдің мерзімі біткен Ñоң оны INACTIVE "
+#~ "болып\n"
+#~ " орнату үшін өтетін күн Ñаны\n"
+#~ " -l, --list тіркелгінің Ð¶Ò±Ð¼Ñ‹Ñ ÑƒÐ°Ò›Ñ‹Ñ‚Ñ‹ ақпаратын "
+#~ "көрÑету\n"
+#~ " -m, --mindays MIN_DAYS парольді ауыÑтыру араÑында өту керек ең "
+#~ "аз күн Ñанын\n"
+#~ " MIN_DAYS мәніне орнату\n"
+#~ " -M, --maxdays MAX_DAYS парольді ауыÑтыру араÑында өту керек ең "
+#~ "көп Ñүн Ñанын\n"
+#~ " MAX_DAYS мәніне орнату\n"
+#~ " -W, --warndays WARN_DAYS мерзімі аÑқталу туралы хабарламаны "
+#~ "WARN_DAYS күн қалғанда көрÑете баÑтау\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM көмегімен шындылықты текÑеру қатемен аÑқталды\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Қолданылуы: %s [-f толықl_аты] [-r бөлме_нөмірі] [-w жұмыÑ_тел]\n"
+#~ "\t[-h үй_тел] [-o баÑқа] [пайдаланушы аты]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Қолданылуы: %s [-f толық_аты] [-r бөлме_нөмірі] [-w жұмыÑ_тел] [-h "
+#~ "үй_тел]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Қолданылуы: %s [опциÑлар]\n"
+#~ "\n"
+#~ "ОпциÑлары:\n"
+#~ " -c, --crypt-method шифрлеу Ñ‚Ó™Ñіл (%s-дан біреу)\n"
+#~ " -e, --encrypted шифрленген пароль енгізіледі\n"
+#~ " -h, --help оÑÑ‹ көмек ақпаратын көрÑету және шығу\n"
+#~ " -m, --md5 DES орнына MD5 алгоритмін қолдану, егер "
+#~ "пароль\n"
+#~ " шифрленбеген түрде енгізілÑе\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Қолданылуы: chsh [опциÑлар] [LOGIN]\n"
+#~ "\n"
+#~ "ОпциÑлары:\n"
+#~ " -h, --help оÑÑ‹ көмек ақпаратын көрÑету және шығу\n"
+#~ " -s, --shell SHELL пайдаланушы тіркелгіÑÑ– үшін жаңа қоршам\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Қолданылуы: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: UID %lu үшін жазбаны алу мүмкін емеÑ\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: %s ашу мүмкін емеÑ: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: %s өлшемін алу мүмкін емеÑ: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Қолданылуы: groupdel топ\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Қолданылуы: %s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Қолданылуы: %s [-r] [-s] [топ]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s пен -r өзара үйлеÑпейді\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Қолданылуы: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Қолданылуы: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Қолданылуы: lastlog [опциÑлар]\n"
+#~ "\n"
+#~ "ОпциÑлары:\n"
+#~ " -b, --before КҮРмерзімі КҮÐнен үлкен ғана lastlog "
+#~ "жазбаларын көрÑету\n"
+#~ " -h, --help оÑÑ‹ көмек ақпаратын көрÑету және шығу\n"
+#~ " -t, --time КҮРмерзімі КҮÐнен кіші ғана lastlog "
+#~ "жазбаларын көрÑету\n"
+#~ " -u, --user ТІРКЕЛГІ көрÑетілген ТІРКЕЛГІ үшін lastlog "
+#~ "жазбаларын көрÑету\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Қолданылуы: passwd [опциÑлар] [ТІРКЕЛГІ]\n"
+#~ "\n"
+#~ "ОпциÑлары:\n"
+#~ " -a, --all барлық тіркелгілер үшін парольдер күйін "
+#~ "шығару\n"
+#~ " -d, --delete көрÑетілген тіркелгі үшін парольді өшіру\n"
+#~ " -e, --expire көрÑетілген тіркелгі үшін пароль "
+#~ "мерзімінің аÑқталуын мәжбүрлету\n"
+#~ " -h, --help оÑÑ‹ көмек ақпаратын көрÑету және шығу\n"
+#~ " -k, --keep-tokens парольді тек мерзімі аÑқталÑа ғана "
+#~ "өзгерту\n"
+#~ " -i, --inactive INACTIVE мерзімі аÑқталғаннан кейін тіркелгіні "
+#~ "Ñөндіру үшін\n"
+#~ " керек күн Ñанын INACTIVE мәніне орнату\n"
+#~ " -l, --lock көрÑетілген тіркелгіні оқшаулау\n"
+#~ " -n, --mindays MIN_DAYS парольді өзгерту араÑында ең аз Ñ€Ò±Ò›Ñат "
+#~ "етілген күн Ñанын\n"
+#~ " MIN_DAYS мәніне орнату\n"
+#~ " -q, --quiet тыныш түрі\n"
+#~ " -r, --repository REPOSITORY REPOSITORY репозиторийінде парольді "
+#~ "өзгерту\n"
+#~ " -S, --status көрÑетілген тіркелгі үшін пароль күйін "
+#~ "шығару\n"
+#~ " -u, --unlock көрÑетілген тіркелгіні оқшаулаудан "
+#~ "боÑату\n"
+#~ " -w, --warndays WARN_DAYS мерзімі аÑқталуы туралы WARN_DAYS "
+#~ "қалғанда еÑкерте баÑтау\n"
+#~ " -x, --maxdays MAX_DAYS парольді өзгерту араÑында ең көп Ñ€Ò±Ò›Ñат "
+#~ "етілген күн Ñанын\n"
+#~ " MAX_DAYS мәніне орнату\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Қолданылуы: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Қолданылуы: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Қолданылуы: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Қолданылуы: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "БелгіÑіз id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Қоршам жоқ\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Қолданылуы: userdel [опциÑлар] ТІРКЕЛГІ\n"
+#~ "\n"
+#~ "ОпциÑлары:\n"
+#~ " -f, --force файлдарды өшіруді мәжбүрлеу,\n"
+#~ " пайдаланушы иелігінде болмаÑа да\n"
+#~ " -h, --help оÑÑ‹ көмек ақпаратын көрÑету және шығу\n"
+#~ " -r, --remove үй бумаÑын мен поштаÑын өшіру\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: %s пайдаланушыÑÑ‹ қазір жүйеге кіріп тұр\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Қолданылуы: usermod [опциÑлар] ТІРКЕЛГІ\n"
+#~ "\n"
+#~ "ОпциÑлары:\n"
+#~ " -c, --comment COMMENT GECOS жазбаÑÑ‹ үшін жаңа мәні\n"
+#~ " -d, --home HOME_DIR пайдаланушы тіркелгіÑÑ– үшін жаңа үй "
+#~ "бумаÑÑ‹\n"
+#~ " -e, --expiredate EXPIRE_DATE тіркелгінің аÑқталу мерзімін EXPIRE_DATE "
+#~ "күніне орнату\n"
+#~ " -f, --inactive INACTIVE мерзімі аÑқталғаннан кейін пароль "
+#~ "Ñөндірілетін күн\n"
+#~ " Ñанын INACTIVE мәніне орнату\n"
+#~ " -g, --gid ТОП жаңа баÑыңқы топ ретінде ТОПты қолдануды "
+#~ "мәжбүрлету\n"
+#~ " -G, --groups ТОПТÐР пайдаланушыны қоÑымша ТОПТÐРға қоÑу\n"
+#~ " -a, --append пайдаланушыны қоÑымша ТОПТÐР ішіне қоÑу\n"
+#~ " -G опциÑÑÑ‹ ÑиÑқты, пайдаланушыны баÑқа "
+#~ "топтардан\n"
+#~ " өшірмейді\n"
+#~ " -h, --help оÑÑ‹ көмек ақпаратын көрÑету және шығу\n"
+#~ " -l, --login NEW_LOGIN тіркелгі үшін жаңа аты\n"
+#~ " -L, --lock пайдаланушы тіркелгіÑін оқшаулау\n"
+#~ " -m, --move-home үй бумаÑының құрамаÑын жаңа жерге "
+#~ "ауыÑтыру\n"
+#~ " (тек -d опциÑÑымен бірге қолданыңыз)\n"
+#~ " -o, --non-unique қайталанатын (ерекше емеÑ) UID-тарды "
+#~ "қолдануды Ñ€Ò±Ò›Ñат ету\n"
+#~ " -p, --password PASSWORD жаңа пароль ретінде шифрленген парольді "
+#~ "қолдану\n"
+#~ " -s, --shell SHELL пайдаланушы тіркелгіÑÑ– үшін жаңа қоршам\n"
+#~ " -u, --uid UID пайдаланушы тіркелгіÑÑ– үшін жаңа UID\n"
+#~ " -U, --unlock пайдаланушы тіркелгіÑін оқшаулаудан "
+#~ "боÑату\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: жалаушалар көрÑетілмеген\n"
diff --git a/po/km.po b/po/km.po
new file mode 100644
index 0000000..5047530
--- /dev/null
+++ b/po/km.po
@@ -0,0 +1,3506 @@
+# translation of shadow_po_km.po to Khmer
+# translation of shadow_po_km.po to
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Khoem Sokhem <khoemsokhem@khmeros.info>, 2006.
+# Poch Sokun <sokun_poch@khmeros.info>, 2006.
+# auk piseth <piseth_dv@khmeros.info>, 2006.
+# Leang Chumsoben <soben@khmeros.info>, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow_po_km\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2006-06-28 10:08+0700\n"
+"Last-Translator: Khoem Sokhem <khoemsokhem@khmeros.info>\n"
+"Language-Team: Khmer <support@khmeros.info>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.2\n"
+"Plural-Forms: nplurals=2; plural=(n != 1)\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "មិន​អាច​បម្រុង​ទុក​ទំហំ​សម្រាប់​ពáŸážáŸŒáž˜áž¶áž“​​កំណážáŸ‹â€‹ážšáž…នាសម្ពáŸáž“្ធទáŸâ€‹Â áŸ”\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "កំហុស​ការ​កំណážáŸ‹â€‹ážšáž…នាសម្ពáŸáž“្ធ​ - មិន​ស្គាល់​ធាážáž» '%s' (ជូន​ដំណឹង​អ្នក​គ្រប់គ្រង​)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹Â áŸ– "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "ពាក្យសម្ងាážáŸ‹â€‹ážšáž”ស់ %sសម្ងាážáŸ‹Â áŸ– "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "មិន​អាច​បម្រុង​ទុក​ទំហំ​សម្រាប់​ពáŸážáŸŒáž˜áž¶áž“​​កំណážáŸ‹â€‹ážšáž…នាសម្ពáŸáž“្ធទáŸâ€‹Â áŸ”\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "ការផ្លាស់​ប្ážáž¼ážšâ€‹áž–áŸážáŸŒáž˜áž¶áž“​ចាស់​សម្រាប់​ %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s ៖ មិន​អាចកំណážáŸ‹â€‹ážˆáŸ’មោះ​អ្នកប្រើ​របស់​អ្នក​បាន​ទáŸÂ áŸ”\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិន​អាច​រក​អ្នកប្រើ​ %s ឃើញឡើយ\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s ៖ អស់​សážáž·â€‹\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យឯកសារ %s ទាន់សមáŸáž™â€‹áž”ានទáŸ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s ៖ ážážâ€‹áž•áŸ’ទះ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​ážážâ€‹ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s  ៖ ការព្រមាន​ ៖ មិន​អាច​យកចáŸáž‰áž”ានឡើយ "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s  ៖ ការព្រមាន​ ៖ មិន​អាច​យកចáŸáž‰áž”ានឡើយ "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s ៖​ ប្ážáž¼ážšâ€‹ážˆáŸ’មោះ​ ៖ %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​ážážâ€‹ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​ážážâ€‹ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s  ៖ ការព្រមាន​ ៖ មិន​អាច​យកចáŸáž‰áž”ានឡើយ "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s  ៖ ការព្រមាន​ ៖ មិន​អាច​យកចáŸáž‰áž”ានឡើយ "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យឯកសារ %s ទាន់សមáŸáž™â€‹áž”ានទáŸ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យឯកសារស្រមោល​ទាន់សមáŸáž™áž”ានឡើយ​\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s ៖​ ប្ážáž¼ážšâ€‹ážˆáŸ’មោះ​ ៖ %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s ៖ មិនអាច​បើក​ឯកសារ​ %s បានទáŸ\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "ការ​ព្រមាន ៖ មិន​ស្គាល់​ក្រុម %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "ការព្រមាន​ ៖ មាន​ច្រើន​ក្រុម​ពáŸáž€\n"
+
+msgid "Your password has expired."
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នក​បាន​ផុážâ€‹áž€áŸ†ážŽážáŸ‹áž áž¾áž™â€‹Â áŸ”"
+
+msgid "Your password is inactive."
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នកអសកម្ម​ ។"
+
+msgid "Your login has expired."
+msgstr "ការចូល​របស់អ្នក​បាន​ផុážâ€‹áž€áŸ†ážŽážáŸ‹áž áž¾áž™â€‹Â áŸ”"
+
+#, fuzzy
+msgid " Contact the system administrator."
+msgstr " ទាក់ទងទៅ​អ្នកគ្រប់គ្រងប្រពáŸáž“្ធ​ ។\n"
+
+#, fuzzy
+msgid " Choose a new password."
+msgstr " ជ្រើស​ពាក្យ​សម្ងាážáŸ‹â€‹áž˜áž½áž™Â áŸ”\n"
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នក​នឹង​ផុážâ€‹áž€áŸ†ážŽážáŸ‹áž€áŸ’នុងពáŸáž›â€‹ %ld ážáŸ’ងៃ ។\n"
+
+#, fuzzy
+msgid "Your password will expire tomorrow."
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នក​នឹងផុážâ€‹áž€áŸ†ážŽážáŸ‹áž“ៅ​ážáŸ’ងៃ​ស្អែក​ ។​\n"
+
+#, fuzzy
+msgid "Your password will expire today."
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹ážšáž”ស់​អ្នក​នឹងផុážâ€‹áž€áŸ†ážŽážáŸ‹áž“ៅ​ážáŸ’ងៃ​នáŸáŸ‡Â áŸ”\n"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "មិន​អាច​ប្ážáž¼ážšâ€‹ tty %s បានឡើយ"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s ៖ វាល គឺ​វែងវែងពáŸáž€â€‹\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s ៖ %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "​លើស​ចំណុះ​បរិស្ážáž¶áž“\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "អ្នក​ប្រហែល​មិន​បាន​ប្ážáž¼ážšâ€‹ $%s បានទáŸ\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d បានបរាជáŸáž™ ចាប់ážáž¶áŸ†áž„ពីចូលលើក​ចុងក្រោយ​គáŸáž˜áž€â€‹Â áŸ”\n"
+"ចុងក្រោយគáŸáž“ៅ​ %s លើ %s ។\n"
+msgstr[1] ""
+"%d ចូល​ចុងក្រោយ​បានបរាជáŸáž™â€‹ ។\n"
+"ចុងក្រោម​ %s %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "បរាជáŸáž™â€‹áž€áŸ’នុងការ​ផ្លាស់ប្ដូរ​ម្ចាស់​ប្រអប់សំបុážáŸ’ážš"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s ៖ មិនអាចយក​ UID ដែលមានážáŸ‚មួយ​បានទáŸ\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s ៖ មិនអាច​យក​​ GID ​ដែលមានážáŸ‚មួយ​បានឡើយ​\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s ៖ មិនអាចយក​ UID ដែលមានážáŸ‚មួយ​បានទáŸ\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s ៖ មិនអាចយក​ UID ដែលមានážáŸ‚មួយ​បានទáŸ\n"
+
+msgid "Too many logins.\n"
+msgstr "ចូល​ច្រើន​ពáŸáž€â€‹Â áŸ”\n"
+
+msgid "You have new mail."
+msgstr "អ្នក​មានសំបុážáŸ’រ​ážáŸ’មី​ ។​"
+
+msgid "No mail."
+msgstr "គ្មាន​សំបុážáŸ’រ​​​ទáŸâ€‹Â áŸ”"
+
+msgid "You have mail."
+msgstr "អ្នក​មាន​សំបុážáŸ’រ ។"
+
+msgid "no change"
+msgstr "គ្មាន​​ផ្លាស់ប្ážáž¼ážšâ€‹Â "
+
+msgid "a palindrome"
+msgstr "ឃ្លាដែលអាច​អាន​ážáŸ’រឡប់​ចុះážáŸ’រឡប់ឡើងបាន"
+
+msgid "case changes only"
+msgstr "ករណី​បាន​ážáŸ‚​ប្ážáž¼ážšâ€‹"
+
+msgid "too similar"
+msgstr "ស្រដៀងគ្នា​ពáŸáž€"
+
+msgid "too simple"
+msgstr "ធម្មážáž¶â€‹áž–áŸáž€"
+
+msgid "rotated"
+msgstr "បានបង្វិល​"
+
+msgid "too short"
+msgstr "ážáŸ’លីពáŸáž€â€‹"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹áž˜áž·áž“​ážáŸ’រឹមážáŸ’រូវ​ ៖ %s ។ "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹Â áŸ– pam_start() បាន​បរាជáŸáž™â€‹, កំហុស​ %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "ពាក្យសម្ងាážáŸ‹Â áŸ– %s\n"
+
+#, fuzzy
+msgid "passwd: password unchanged\n"
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹áž”ាន​ប្ážáž¼ážšâ€‹Â áŸ”\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "ពាក្យសម្ងាážáŸ‹Â áŸ– ពាក្យ​សម្ងាážáŸ‹â€‹áž”ាន​ធ្វើ​ឲ្យ​ទាន់​សមáŸáž™â€‹ážŠáŸ„យ​ជោគជáŸáž™â€‹\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹áž˜áž·áž“​ážáŸ’រឹមážáŸ’រូវ​សម្រាប់​ %s ។\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s ៖ áž›áŸážâ€‹áž‘ូរសáŸáž–្ទនៅផ្ទះ​មិន​ážáŸ’រឹមážáŸ’រូវ​ ៖ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "មិន​អាច​​ cd ចូលទៅ​ '%s' បានទáŸ\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "គ្មាន​ážážâ€‹ ការចូល​ជាមួយ​ HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "មិន​អាចប្រážáž·áž”ážáŸ’ážáž·â€‹ %s បានទáŸ"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "ážážâ€‹ root មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "មិន​អាច​ប្ážáž¼ážšâ€‹ážáž root ទៅ​ '%s'បាន​ទáŸâ€‹\n"
+
+msgid "Unable to determine your tty name."
+msgstr "មិន​អាច​កំណážáŸ‹â€‹ážˆáŸ’មោះ​ tty របស់​អ្នកបានទáŸâ€‹Â áŸ”"
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "áž‘áŸ\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+#, fuzzy
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "បញ្ចូល​ážáž˜áŸ’លៃ​ážáŸ’មី​ ឬ ​សង្កážáŸ‹â€‹ បញ្ចូល សម្រាប់​លំនាំដើម​\n"
+
+msgid "Minimum Password Age"
+msgstr "អាយុ​ពាក្យសម្ងាážáŸ‹â€‹áž¢áž”្បរមា"
+
+msgid "Maximum Password Age"
+msgstr "អាយុ​ពាក្យសម្ងាážáŸ‹â€‹áž¢ážáž·áž”រមាsword Age"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "ការប្ដូរ​ពាក្យ​សម្ងាážáŸ‹â€‹áž‡áž¶áž›áž¾áž€áž…ុងក្រោយ (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "ការព្រមាន​ការផុážâ€‹áž€áŸ†ážŽážáŸ‹â€‹áž“ៃ​ពាក្យ​សម្ងាážáŸ‹â€‹"
+
+msgid "Password Inactive"
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹áž¢ážŸáž€áž˜áŸ’ម​"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "កាលបរិច្ឆáŸáž‘​ការផុážâ€‹áž€áŸ†ážŽážáŸ‹ážšáž”ស់​​គណនី​ (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "ការប្ážáž¼ážšâ€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹áž›áž¾áž€áž…ុង​ក្រោយ​\t\t\t\t\t ៖ "
+
+#, fuzzy
+msgid "never"
+msgstr "កុំ\n"
+
+#, fuzzy
+msgid "password must be changed"
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹ážáŸ’រូវ​ážáŸ‚​ប្ážáž¼ážšâ€‹\n"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹áž•áž»ážâ€‹áž€áŸ†ážŽážáŸ‹â€‹\t\t\t\t\t ៖ "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "ពាក្យ​សម្ងាážáŸ‹ អសកម្ម \t\t\t\t\t ៖ "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "គណនី​ផុážâ€‹áž€áŸ†ážŽážáŸ‹â€‹\t\t\t\t\t\t ៖ "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "ចំនួន​ážáŸ’ងៃ​អប្បបរមា​រវាង​ការផ្លាស់​ប្ážáž¼ážšâ€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹\t\t ៖ %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "ចំនួនážáŸ’ងៃ​អážáž·áž”រមា​រវាង​ការផ្លាស់ប្ážáž¼ážšâ€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹\t\t ៖ %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "ចំនួន​ážáŸ’ងៃ​នៃការព្រមាន​ មុនពáŸáž›â€‹áž–ាក្យសម្ងាážáŸ‹â€‹áž•áž»ážáž€áŸ†ážŽážáŸ‹\t ៖ %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s ៖ កាលបរិច្ឆទ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s ៖ អាគុយម៉ង់​ជាលáŸážâ€‹áž˜áž·áž“​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s ៖ មិន​រូមបញ្ចូល​ទាំង​ \"l\" ជាមួយ​ទង់​ដទៃទៀážâ€‹áž‘áŸ\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s ៖ សិទ្ធ​ážáŸ’រូវ​បាន​បដិសáŸáž’ ។\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s ៖ មិន​អាចកំណážáŸ‹â€‹ážˆáŸ’មោះ​អ្នកប្រើ​របស់​អ្នក​បាន​ទáŸÂ áŸ”\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s ៖ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s ៖ មិន​អាច​ចាក់សោ​ឯកសារ​បានឡើយ សូមព្យាយាម​ម្ážáž„​ទៀážáž“ៅពáŸáž›áž€áŸ’រោយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s ៖ មិនអាច​បើក​ឯកសារ​ %s បានទáŸ\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s ៖ ការចែកជាពីរវិធី​​បានបរាជáŸáž™â€‹Â áŸ– %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s ៖ គ្មាន​វážáŸ’ážáž˜áž¶áž“​​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹ážŸáŸ’រមោលទáŸâ€‹\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s áž‘áŸâ€‹\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "ការផ្លាស់​ប្ážáž¼ážšâ€‹áž–áŸážáŸŒáž˜áž¶áž“​ចាស់​សម្រាប់​ %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s ៖ កំហុស​ការផ្លាស់ប្ážáž¼ážšâ€‹ážœáž¶áž›â€‹\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "ឈ្មោះ​ពáŸáž‰"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s ៖ %s\n"
+
+msgid "Room Number"
+msgstr "áž›áŸážáž”ន្ទប់​"
+
+msgid "Work Phone"
+msgstr "ទូរសáŸáž–្ទ​​​កន្លែង​​​ធ្វើការ"
+
+msgid "Home Phone"
+msgstr "ទូរសáŸáž–្ទនៅ​ផ្ទះ"
+
+msgid "Other"
+msgstr "ផ្សáŸáž„ៗ"
+
+msgid "Cannot change ID to root.\n"
+msgstr "មិន​អាចផ្លាស់ប្ážáž¼ážšâ€‹áž›áŸážâ€‹ážŸáž˜áŸ’គាល់​ទៅ​ជា​ root បាន​ឡើយ​ ។\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s ៖ ឈ្មោះ​មិន​ážáŸ’រឹមážáŸ’រូវ​ ៖ '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s ៖ ចំនួន​បន្ទប់​មិន​ážáŸ’រឹមážáŸ’រូវ​ ៖ '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s ៖ áž›áŸážáž‘ូរសáŸáž–្ទ​នៅ​កន្លែង​ធ្វើការ​មិន​ážáŸ’រឹមážáŸ’រូវ​ ៖ '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s ៖ áž›áŸážâ€‹áž‘ូរសáŸáž–្ទនៅផ្ទះ​មិន​ážáŸ’រឹមážáŸ’រូវ​ ៖ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s ៖ '%s' មាន​ážáž½áž¢áž€áŸ’សរ​មិន​ážáŸ’រឹមážáŸ’រូវ​\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s ៖ '%s' មាន​ážáž½áž¢áž€áŸ’សរ​មិន​ážáŸ’រឹមážáŸ’រូវ​\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s áž‘áŸâ€‹\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s ៖ មិនអាចផ្លាស់​​ប្ážáž¼ážšâ€‹áž¢áŸ’នក​ប្រើបានទáŸâ€‹ '%s' លើ​ម៉ាស៊ីន​ភ្ញៀវ NIS បានទáŸÂ áŸ”\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s ៖ '%s' ជាមáŸâ€‹ NIS សម្រាប់​ម៉ាស៊ីន​ភ្ញៀវ​នáŸáŸ‡â€‹Â áŸ”\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "កំពុងផ្លាស់​​ប្ážáž¼ážšâ€‹áž–áŸážáŸŒáž˜áž¶áž“​អ្នកប្រើ​សម្រាប់​ %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s ៖ វាល គឺ​វែងវែងពáŸáž€â€‹\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: ទង់ -a គឺážáŸ’រូវបានអនុញ្ញាážâ€‹áž”ានážáŸ‚ជាមួយទង់ -G ប៉ុណ្ណោះ\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ បន្ទាážáŸ‹â€‹ážœáŸ‚áž„áž–áŸáž€â€‹\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ បាážáŸ‹áž”ង់​ពាក្យ​សម្ងាážáŸ‹â€‹ážáŸ’មី​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s ៖ មិនមានក្រុម​ %sឡើយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិនអាចធ្វើឲ្យ​ធាážáž»áž”ញ្ចូល​ទាន់សមáŸáž™áž”ានឡើយ\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s ៖ បានរកឃើញ​កំហុស មិនអើពើនឹងការផ្លាស់ប្ដូរ​\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s áž‘áŸâ€‹\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s áž‘áŸâ€‹\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "សែលចូល"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "អ្នក​មិនអាច​​ប្ážáž¼ážšâ€‹ážŸáŸ‚ល​សម្រាប់​ %s បានទáŸÂ áŸ”\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "កំពុង​ផ្លាស់ប្ដូរ​សែល​ចូល​សម្រាប់ %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s ៖ ធាážáž»áž”ញ្ចូល​​មិន​ážáŸ’រឹមážáŸ’រូវ​ ៖ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s គឺជា​សែល​មិន​ážáŸ’រឹមážáŸ’រូវ​ ។\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s áž‘áŸâ€‹\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s ៖ ការព្រមាន ៖​ %s មិនážáŸ’រូវបានទទួល​យក​ដោយ %s ឡើយ\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "កំណážáŸ‹ážáŸ’រាចុងក្រោយ ៖ អាគុយម៉ង់​មិន​រំពឹង​ទុក​ ៖ %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "ចូល ភាពបរាជáŸáž™â€‹áž“ៃការចូល​ចុងក្រោយ​ជាអážáž·áž”រមា លើ\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds នៅសល់]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds ជាប់សោ]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "មិន​ស្គាល់​អ្នក​ប្រើ ៖ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​ážážâ€‹ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "មិនអាចប្ដូរ​ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់​ %s បានឡើយ ។\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "មិនអាចប្ដូរ​ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់​ %s បានឡើយ ។\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s ៖ បានទាមទារ​ពាក្យសម្ងាážáŸ‹â€‹áž€áŸ’រុម​ស្រមោល​សម្រាប់​ -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s ៖ មិនមានក្រុម​ %sឡើយ​\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s ៖ ការចែកជាពីរវិធី​​បានបរាជáŸáž™â€‹Â áŸ– %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "កំពុង​ប្ážáž¼ážšâ€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់​ក្រុម​ %s\n"
+
+msgid "New Password: "
+msgstr "ពាក្យសម្ងាážáŸ‹â€‹ážáŸ’មី ៖ "
+
+msgid "Re-enter new password: "
+msgstr "បញ្ចូល​ពាក្យ​សម្ងាážáŸ‹â€‹ážáŸ’មី​ឡើង​វិញ ៖ "
+
+msgid "They don't match; try again"
+msgstr "ពួកគáŸâ€‹áž˜áž·áž“​បាន​​ផ្គូរផ្គងទáŸÂ áŸ” សូមព្យាយាម​ម្ážáž„​ទៀážâ€‹"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s ៖ សូមព្យាយាមម្ដងទៀážâ€‹áž“ៅពáŸáž›áž€áŸ’រោយ\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "កំពុង​បន្ážáŸ‚ម​អ្នកប្រើ​ %s ទៅក្រុម​ %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "កំពុង​យក​អ្នក​ប្រើ​ %s áž…áŸáž‰áž–ី​ក្រុម​ %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s áž‘áŸâ€‹\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s ៖ មិនមែន​ tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s  ៖ %s ជា​ឈ្មោះ​ក្រុម​មិន​ážáŸ’រឹមážáŸ’រូវ​\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "ឈ្មោះ​ក្រុម​ '%s' មិនážáŸ’រឹមážáŸ’រូវ\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K ទាមទារ​ KEY=VALUE\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s ៖ មានក្រុម​ %s រួច​ហើយ​\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s ៖ មិន​អាចកំណážáŸ‹â€‹ážˆáŸ’មោះ​អ្នកប្រើ​របស់​អ្នក​បាន​ទáŸÂ áŸ”\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​ážážâ€‹ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s ៖ មិនអាចផ្លាស់​​ប្ážáž¼ážšâ€‹áž¢áŸ’នក​ប្រើបានទáŸâ€‹ '%s' លើ​ម៉ាស៊ីន​ភ្ញៀវ NIS បានទáŸÂ áŸ”\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s ៖ មិនមានក្រុម​ %sឡើយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s ៖ ក្រុម​ '%s' គឺជាក្រុម​ NIS ។\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s ៖ %s គឺជា​ម០NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s ៖ អ្នកប្រើ​ %s គឺជា​អ្នក​​ប្រើ​ NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: អស់​សážáž·â€‹áž€áŸ’នុង​ក្នុងការធ្វើឲ្យ​ក្រុមទាន់សមáŸáž™\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "ឈ្មោះ​ក្រុម​ '%s' មិនážáŸ’រឹមážáŸ’រូវ\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s ៖ ក្រុម​ %s គឺជា​ក្រុម NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s ៖ មិន​ស្គាល់​អ្នកប្រើ​ %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s ៖ -s និង​ -r គឺមិន​ážáŸ’រូវ​គ្នាទáŸâ€‹\n"
+
+#, fuzzy
+msgid "invalid group file entry"
+msgstr "ធាážáž»áž”ញ្ចូល​ឯកសារក្រុម​មិនážáŸ’រឹមážáŸ’រូវ​\n"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "លុប​បន្ទាážáŸ‹â€‹ '%s' ឬ ? "
+
+#, fuzzy
+msgid "duplicate group entry"
+msgstr "ធាážáž»áž”ញ្ចូល​​ក្រុម​ស្ទួន​\n"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ឈ្មោះ​ក្រុម​ '%s' មិនážáŸ’រឹមážáŸ’រូវ\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "ឈ្មោះ​ក្រុម​ '%s' មិនážáŸ’រឹមážáŸ’រូវ\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "ក្រុម​ %s ៖ គ្មាន​អ្នកប្រើ​ %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "លុប​សមាជិក​ '%s' ឬ ? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "គ្មាន​ធាážáž»áž”ញ្ចូល​ឯកសារ​ក្រុមផ្គូរផ្គង​នៅក្នុង​​ %s áž‘áŸ\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "បន្ážáŸ‚ម​ក្រុម​ '%s' ទៅក្នុង​ %s ឬ ?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid shadow group file entry"
+msgstr "ធាážáž»â€‹áž¯áž€ážŸáž¶ážšâ€‹áž€áŸ’រុម​ស្រមោល​មិន​ážáŸ’រឹមážáŸ’រូវ\n"
+
+#, fuzzy
+msgid "duplicate shadow group entry"
+msgstr "ធាážáž»â€‹áž€áŸ’រុម​ស្រមោល​ស្ទួន​\n"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "ក្រុម​ស្រមោល​ %s ៖ គ្មានអ្នកប្រើដែលគ្រប់គ្រង​ %s áž‘áŸ\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "លុប​សមាជិក​ដែល​គ្រប់គ្រង​ '%s' ឬ ? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "ក្រុម​ស្រមោល​ %s ៖ គ្មាន​អ្នក​ប្រើ​ %s áž‘áŸ\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s ៖ មិនបានធ្វើឲ្យ​ឯកសារទាន់សមáŸáž™áž¡áž¾áž™â€‹\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s ៖គ្មាន​ការផ្លាស់ប្ដូរ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យឯកសារ %s ទាន់សមáŸáž™â€‹áž”ានទáŸ\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "របៀបប្រើ ៖ áž›áŸážážŸáž˜áŸ’គាល់ [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "របៀបប្រើ​ ៖ áž›áŸážážŸáž˜áŸ’គាល់\n"
+
+msgid " groups="
+msgstr " ក្រុម​="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+#, fuzzy
+msgid "Username Port From Latest"
+msgstr "ឈ្មោះ​អ្នក​ប្រើ ច្រក ពី ចុង​ក្រោយ​បំផុáž\n"
+
+#, fuzzy
+msgid "Username Port Latest"
+msgstr "ឈ្មោះ​អ្នក​ប្រើ ច្រក ចុង​ក្រោយ​បំផុážâ€‹\n"
+
+msgid "**Never logged in**"
+msgstr "**មិន​ដែល​ចូល​សោះ**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹â€‹áž‘ាន់សមáŸáž™â€‹áž”ានទáŸ\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "របៀបប្រើ ៖ %s [-p] [name]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h ម៉ាស៊ីន] [-f ឈ្មោះ]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r ម៉ាស៊ីន​\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+#, fuzzy
+msgid "Invalid login time"
+msgstr "áž–áŸáž›ážœáŸáž›áž¶â€‹áž…ូល​មិន​ážáŸ’រឹមážáŸ’រូវ​\n"
+
+#, fuzzy
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"ប្រពáŸáž“្ធ​បាន​បិទ​សម្រាប់​ážáŸ†áž áŸ‚ទាំ​ទម្រង់ការ\n"
+
+#, fuzzy
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[បាន​វៀង​ការ​ផ្ដាច់ -- បាន​អនុញ្ញាážâ€‹áž€áž¶ážšâ€‹áž…ូល​ជា root ។]\n"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr "គ្មាន​ធាážáž»â€‹ utmp ឡើយ ។ អ្នក​ážáŸ’រូវ​ប្រážáž·áž”ážáŸ’ážáž·â€‹ \"login\" ពី​កម្រិážâ€‹áž‘ាប​បំផុážâ€‹ \"sh\""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"អស់​ពáŸáž›â€‹áž…ូល​បន្ទាប់ពី %d វិនាទី ។\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "ចូល ៖ PAM បរាជáŸáž™â€‹ កំពុង​បោះបង់​ ៖ %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s ចូល ៖ "
+
+msgid "login: "
+msgstr "ចូល​ ៖ "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "បាន​លើសពី​ចំនួន​អážáž·áž”រ​មា​នៃ​ការ​សាកល្បង​ (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "ចូល​ ៖ PAM បានស្នើឲ្យ​បោះបង់ចោល​\n"
+
+msgid "Login incorrect"
+msgstr "ចូល​មិន​ážáŸ’រឹមážáŸ’រូវ​"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិន​អាច​រក​អ្នកប្រើ​ %s ឃើញឡើយ\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s ចូល​ ៖ "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s ៖ ការចែកជាពីរវិធី​​បានបរាជáŸáž™â€‹Â áŸ– %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+#, fuzzy
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "ការព្រមាន ៖ បាន​អនុញ្ញាážáž²áŸ’យចូល​ម្ážáž„​ទៀážâ€‹áž”ន្ទាប់​ពី áž…áŸáž‰â€‹áž”ណ្ážáŸ„ះអាសន្ន​​\n"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "ចូល​ចុងក្រោយ ៖​ %s លើ​ %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "ចូល​ចុងក្រោយ​ ៖ %.19s លើ​ %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr "ពី​ %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"បានហួសពáŸáž›ážœáŸáž›áž¶â€‹áž…ូល​​\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "របៀបប្រើ​ ៖ áž›áŸážážŸáž˜áŸ’គាល់\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "របៀបប្រើ ៖ newgrp [-] [group]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "របៀបប្រើ​ ៖ ក្រុម sg [[-c] command]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹áž…ាស់ ៖ "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s ៖ ការចែកជាពីរវិធី​​បានបរាជáŸáž™â€‹Â áŸ– %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s áž‘áŸâ€‹\n"
+
+msgid "too many groups\n"
+msgstr "ច្រើន​ក្រុមពáŸáž€â€‹\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s ៖ មិនមានក្រុម​ %sឡើយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s ៖ឈ្មោះ​អ្នក​ប្រើ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s ៖ឈ្មោះ​អ្នក​ប្រើ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ បន្ទាážáŸ‹â€‹áž˜áž·áž“​ážáŸ’រឹមážáŸ’រូវ​\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យធាážáž»áž”ញ្ចូល​ទាន់សមáŸáž™â€‹ážŸáž˜áŸ’រាប់ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិន​អាច​បង្កើážâ€‹ GID បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិន​អាច​បង្កើážâ€‹ GID បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s áž‘áŸâ€‹\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិន​អាច​ធ្វើ​ឲ្យ​ពាក្យ​សម្ងាážáŸ‹â€‹áž‘ាន់សមáŸáž™â€‹áž”ានឡើយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ mkdir បានបរាជáŸáž™â€‹\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ chown បានបរាជáŸáž™â€‹\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិនអាចធ្វើឲ្យ​ធាážáž»áž”ញ្ចូល​ទាន់សមáŸáž™áž”ានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s ៖ មិន​អាច​បង្កើážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​ឯកសារក្រុម​ទាន់សមáŸáž™áž”ានទáŸâ€‹\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹áž…ាស់ ៖ "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"បញ្ចូល​ពាក្យ​សម្ងាážáŸ‹â€‹ážáŸ’មី​ (ážáž½áž¢áž€áŸ’សរ​​អប្បបរមានៃ​ %d អážáž·áž”រមានៃ %d)\n"
+"សូម​ប្រើ​អក្សរ​ធំ​ អក្សរ​ážáž¼áž…​ ​និង áž›áŸážâ€‹áž…ូល​គ្នា​ ។\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"បញ្ចូល​ពាក្យ​សម្ងាážáŸ‹â€‹ážáŸ’មី​ (ážáž½áž¢áž€áŸ’សរ​​អប្បបរមានៃ​ %d អážáž·áž”រមានៃ %d)\n"
+"សូម​ប្រើ​អក្សរ​ធំ​ អក្សរ​ážáž¼áž…​ ​និង áž›áŸážâ€‹áž…ូល​គ្នា​ ។\n"
+
+msgid "New password: "
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹ážáŸ’មី​ ៖ "
+
+#, fuzzy
+msgid "Try again."
+msgstr "សូមព្យាយាម​ម្ážáž„​ទៀážâ€‹Â áŸ”\n"
+
+#, fuzzy
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"ការព្រមាន ៖ ពាក្យ​សម្ងាážáŸ‹áž˜áž·áž“សូវមានសុវážáŸ’ážáž·áž—ាព​ (សូម​បញ្ចូល​វា​ម្ážáž„​ទៀážâ€‹â€‹ážŠáž¾áž˜áŸ’បី​ប្រើវា​) ។\n"
+
+msgid "They don't match; try again.\n"
+msgstr "ពួកវាមិនផ្គូរផ្គងគ្នាទáŸÂ áŸ” សូមព្យាយាម​ម្ážáž„​ទៀážâ€‹Â áŸ”\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "មិនអាចប្ដូរ​ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់​ %s បានឡើយ ។\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "មិនអាចប្ដូរ​ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់​ %s បានឡើយ ។\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s ៖ ឃ្លាំង​ %s មិន​បាន​គាំទ្រឡើយ​\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s ៖ អ្នក​មិនអាច​មើល​ ឬ កែប្រែ​ពáŸážáŸŒáž˜áž¶áž“​ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់​ %s បានឡើយ ។\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "កំពុង​ប្ážáž¼ážšâ€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់​ %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "មិនបានប្ដូរ​ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់​ %s ឡើយ ។\n"
+
+#, fuzzy, c-format
+msgid "%s: password changed.\n"
+msgstr "ពាក្យ​សម្ងាážáŸ‹â€‹áž”ាន​ប្ážáž¼ážšâ€‹Â áŸ”\n"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "ការព្រមាន​ការផុážâ€‹áž€áŸ†ážŽážáŸ‹â€‹áž“ៃ​ពាក្យ​សម្ងាážáŸ‹â€‹"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid password file entry"
+msgstr "ធាážáž»áž”ញ្ចូល​ឯកសារ​ពាក្យសម្ងាážáŸ‹â€‹áž˜áž·áž“ážáŸ’រឹមážáŸ’រូវ\n"
+
+#, fuzzy
+msgid "duplicate password entry"
+msgstr "ធាážáž»áž”ញ្ចូល​ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáŸ’ទួន​\n"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ឈ្មោះ​អ្នក​ប្រើ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "ឈ្មោះ​អ្នក​ប្រើ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "អ្នក​ប្រើ​ %s ៖ គ្មាន​ក្រុម​ %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "អ្នក​ប្រើ %s ៖ មិនទាន់មាន​ážážâ€‹ %s នៅ​ឡើយ​ទáŸâ€‹\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "អ្នកប្រើ​ %s ៖ មិនទាន់មាន​កម្មវិធី​ %s នៅឡើយទáŸ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s ៖ មិន​អាច​ចាក់សោ​ឯកសារ​ %s បានទáŸ\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "មិនមាន​ធាážáž»áž”ញ្ចូល​ឯកសារ​ពាក្យសម្ងាážáŸ‹â€‹ážŠáŸ‚លផ្គូរផ្គង​នៅក្នុង​ %s ឡើយ\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "បន្ážáŸ‚ម​អ្នក​ប្រើ​ '%s'ក្នុង​ %s ឬ ? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid shadow password file entry"
+msgstr "ធាážáž»áž”ញ្ចូល​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáŸ’រមោល​មិនážáŸ’រឹមážáŸ’រូវ​\n"
+
+#, fuzzy
+msgid "duplicate shadow password entry"
+msgstr "ធាážáž»â€‹áž”ញ្ចូល​ពាក្យសម្ងាážáŸ‹â€‹ážŸáŸ’រមោល​ស្ទួន​\n"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "អ្នកប្រើ​ %s ៖ ពាក្យ​សម្ងាážáŸ‹â€‹áž…ុងក្រោយ​​ប្ដូរនៅក្នុង​អនាគáž\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s ៖ មិនអាច​បើក​ឯកសារ​ %s បានទáŸ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s ៖ មិន​អាច​សរសáŸážšâ€‹áž¯áž€ážŸáž¶ážšâ€‹áž¡áž¾áž„​វិញបានទáŸâ€‹\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "ដំណើរការ​ជា​ su ទៅ​កាន់​គណនី​នោះ​ DENIED ។\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "ការ​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវពាក្យ​សម្ងាážáŸ‹ bypassed ។\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "សូម​បញ្ចូល​ពាក្យ​សម្ងាážáŸ‹áž•áŸ’ទាល់ážáŸ’លួន​របស់អ្នក​ ជា​ការផ្ទៀងផ្ទាážáŸ‹áž—ាពážáŸ’រឹមážáŸ’រូវ​ ។\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s ៖ មិន​អាច​ចាក់សោ​ឯកសារ​ %s បានទáŸ\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s ៖ %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"របៀបប្រើ ៖ su [ជម្រើស] [ការចូល]\n"
+"\n"
+"ជម្រើស ៖\n"
+" -c, --command COMMAND\t\tហុច COMMAND ទៅសែលដែលបានហៅ\n"
+" -h, --help\t\t\tបង្ហាញ​​សា​រ​ជំ​នួយ​​នáŸáŸ‡ និង​ចáŸáž‰\n"
+" -, -l, --login\t\tធ្វើ​ឲ្យ​សែល​ជា​សែល​ចូល\n"
+" -m, -p,\n"
+" --preserve-environment\tកុំ​កំណážáŸ‹â€‹áž¢ážáŸážšâ€‹áž”រិស្ážáž¶áž“ និង​រក្សាទុក\n"
+"\t\t\t\tសែលដដែល\n"
+" -s, --shell SHELL\t\tប្រើ SHELL ជំនួស​​ឲ្យលំនាំដើម​នៅ​ក្នុង passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(មិន​អើពើ​)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "អ្នកគ្មាន​ការ​អនុញ្ញាážáž²áŸ’យ​ចូល​ទៅ​កាន់​ su áž‘áŸâ€‹ %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(បញ្ចូល​ពាក្យ​សម្ងាážáŸ‹â€‹áž•áŸ’ទាល់​ážáŸ’លួនរបស់អ្នក​)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s ៖ PAM ការ​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវបាន​បរាជáŸáž™â€‹\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "អ្នកគ្មាន​ការ​អនុញ្ញាážáž²áŸ’យ​ចូល​ទៅ​កាន់​ su áž‘áŸâ€‹ %s\n"
+
+#, fuzzy, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "គ្មាន​ធាážáž»â€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់ 'root'​ ឡើយ\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s ៖ ážáŸ’រូវ​ážáŸ‚​រážáŸ‹â€‹áž–ី ស្ážáž¶áž“ីយមួយ\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s ៖ pam_start ៖ កំហុស​ %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​ážážâ€‹ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "មិន​អាចប្រážáž·áž”ážáŸ’ážáž·â€‹ %s បានទáŸ"
+
+#, fuzzy
+msgid "No password file"
+msgstr "គ្មាន​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹áž¡áž¾áž™â€‹\n"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+#, fuzzy
+msgid "No password entry for 'root'"
+msgstr "គ្មាន​ធាážáž»â€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់ 'root'​ ឡើយ\n"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"ចុចគ្រាប់ចុច បញ្ជា-d ដើម្បី​បន្ážâ€‹áž‡áž¶áž˜áž½áž™â€‹áž€áž¶ážšâ€‹áž…ាប់ផ្ដើម​ធម្មážáž¶\n"
+"(ឬ ផ្ដល់​ពាក្យសម្ងាážáŸ‹ root ដើម្បី​ជួសជុល​ប្រពáŸáž“្ធ) ៖"
+
+#, fuzzy
+msgid "Entering System Maintenance Mode"
+msgstr "កំពុង​បញ្ចូល​របៀប​ážáŸ†áž áŸ‚ទាំ​ប្រពáŸáž“្ធ​\n"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s ៖ មិន​អាច​បង្កើážâ€‹áž¯áž€ážŸáž¶ážšâ€‹áž›áŸ†áž“ាំ​ដើម​ážáŸ’មី​បានឡើយ​\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​លំនាំដើម​ážáŸ’មី​​បានលឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ chown បានបរាជáŸáž™â€‹\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s ៖​ ប្ážáž¼ážšâ€‹ážˆáŸ’មោះ​ ៖ %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s ៖ ក្រុម​ '%s' គឺជាក្រុម​ NIS ។\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s ៖ ក្រុម​ដែលបានបញ្ជាក់​ច្រើនពáŸáž€â€‹ (អážáž·â€‹ %d) ។\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s  ៖ ážážâ€‹áž˜áž¼áž›ážŠáŸ’ឋាន​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s ៖ សáŸáž…ក្ážáž¸â€‹áž¢ážáŸ’ážáž¶áž’ិប្បាយ​មិនážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s ៖ ážážâ€‹áž•áŸ’ទះ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s ៖ បានទាមទារ​ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáŸ’រមោល​​សម្រាប់​-e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s ៖ បានទាមទារពាក្យ​សម្ងាážáŸ‹â€‹ážŸáŸ’រមោល​​សម្រាប់​ -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s ៖ វាល​មិនážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s ៖ សែល​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+msgid "Creating mailbox file"
+msgstr "កំពុង​បង្កើážâ€‹áž¯áž€ážŸáž¶ážšâ€‹áž”្រអប់​សំបុážáŸ’រ​"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr "រក​ក្រុម​​ 'សំបុážáŸ’រ​' មិន​ឃើញ​ឡើយ ។ កំពុង​បង្កើážâ€‹áž¯áž€ážŸáž¶ážšáž”្រអប់​សំបុážáŸ’រ​អ្នក​ប្រើ​ជាមួយ​របៀប​ 0600 ។\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "ការកំណážáŸ‹â€‹ážŸáž·áž‘្ធ​លើ​ឯកសារ​ប្រអប់​សំបុážáŸ’រ​"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s ៖ អ្នក​ប្រើ​ %s មាន​រួច​ហើយ​\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr "%s ៖ ក្រុម​ %s មាន​រួច​ហើយ​ - ប្រសិនបើ​អ្នក​ចង់​បន្ážáŸ‚ម​អ្នក​ប្រើទៅ​កាន់​ក្រុម​នោះ​ ប្រើ​ -g ។\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s ៖ មិន​អាច​បង្កើážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s ៖ UID %u មិន​មែន​មាន​ážáŸ‚មួយទáŸâ€‹\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s ៖ មិន​អាច​បង្កើážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s ៖ មិន​អាច​បង្កើážâ€‹ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s ៖ មិន​អាច​បង្កើážâ€‹ %s បានឡើយ\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s ៖ ការព្រមាន​ ៖ មានážážáž•áŸ’ទះ​រួចហើយ ។\n"
+"មិនចម្លង​​ឯកសារណាមួយ​ពីážážâ€‹ skel ចូលក្នុង​វានោះទáŸÂ áŸ”\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s ៖ មិនអាចផ្លាស់​​ប្ážáž¼ážšâ€‹áž¢áŸ’នក​ប្រើបានទáŸâ€‹ '%s' លើ​ម៉ាស៊ីន​ភ្ញៀវ NIS បានទáŸÂ áŸ”\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s ៖ មិនអាច​យកក្រុម %s ដែលជា​ក្រុម​ចម្បង​សម្រាប់​អ្នកប្រើដទៃទៀážáž…áŸáž‰áž”ានទáŸÂ áŸ”\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​ážážâ€‹ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s ៖ ážážâ€‹áž•áŸ’ទះ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s  ៖ ការព្រមាន​ ៖ មិន​អាច​យកចáŸáž‰áž”ានឡើយ "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s ៖ %s មិន​បានទទួលយក​​ %s áž‘áŸ, មិនយកចáŸáž‰â€‹\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​ážážâ€‹ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​ážážâ€‹ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s ៖ អ្នកប្រើ​ %s គឺជា​អ្នក​​ប្រើ​ NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s ៖ ážážâ€‹áž•áŸ’ទះ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s ៖ មិនយក​ážážâ€‹ %s áž…áŸáž‰â€‹áž¡áž¾áž™ (នឹងយក​ážážáž•áŸ’ទះ​របស់អ្នកប្រើ %s áž…áŸáž‰)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s ៖ មានកំហុស​ក្នុងការយក​ážážâ€‹ %s áž…áŸáž‰\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s ៖ អ្នក​ប្រើ​ %s មាន​រួច​ហើយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s ៖ កាលបរិច្ឆទ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s ៖ កាលបរិច្ឆទ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s ៖ មិនអាច​បើក​ឯកសារ​ %s បានទáŸ\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s ៖ ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáŸ’រមោល​បានážáŸ’រូវការ​​ -e áž“áž·áž„ -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s ៖ មានážážâ€‹ %s ​រួច​ហើយ​\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s ៖ មិន​​អាច​បង្កើážâ€‹ážážâ€‹ %s បានឡើយ\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s ៖ ការព្រមាន ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​បញ្ចប់​ការយកážážáž•áŸ’ទះ %s ចាស់ចáŸáž‰"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​ážážâ€‹ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s ៖ ការព្រមាន ៖​ %s មិនážáŸ’រូវបានទទួល​យក​ដោយ %s ឡើយ\n"
+
+msgid "failed to change mailbox owner"
+msgstr "បរាជáŸáž™â€‹áž€áŸ’នុងការ​ផ្លាស់ប្ដូរ​ម្ចាស់​ប្រអប់សំបុážáŸ’ážš"
+
+msgid "failed to rename mailbox"
+msgstr "​បរាជáŸáž™â€‹áž€áŸ’នុងការប្ដូរឈ្មោះប្រអប់"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s ៖ %s មិនážáŸ’រូវបានប្ដូរឡើយ​\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "​បរាជáŸáž™â€‹áž€áŸ’នុងការប្ដូរឈ្មោះប្រអប់"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "មិនអាច​ចាក់សោ​ឯកសារបានឡើយ"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s ៖ បរាជáŸáž™â€‹áž€áŸ’នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "មិនអាច​ចាក់សោ​ឯកសារបានឡើយ"
+
+msgid "Couldn't make backup"
+msgstr "មិនអាច​បង្កើážâ€‹áž–áŸážáŸŒáž˜áž¶áž“​បម្រុងទុក​បានឡើយ"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s ៖ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s ៖ %s រក​មិន​ឃើញ​ក្នុង​ /etc/passwd áž‘áŸ\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s ៖ មិនអាច​បើក​ឯកសារក្រុម​បានទáŸâ€‹\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s ៖ វាល គឺ​វែងវែងពáŸáž€â€‹\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "​បរាជáŸáž™â€‹áž€áŸ’នុងការប្ដូរឈ្មោះប្រអប់"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "បរាជáŸáž™â€‹áž€áŸ’នុងការ​ផ្លាស់ប្ដូរ​ម្ចាស់​ប្រអប់សំបុážáŸ’ážš"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "​បរាជáŸáž™â€‹áž€áŸ’នុងការប្ដូរឈ្មោះប្រអប់"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s ៖ មិន​អាច​ស្ážáž¶ážš %s ៖ %s (ការប្ដូរ​របស់អ្នក​គឺនៅក្នុង​ %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s  ៖ ážážâ€‹áž˜áž¼áž›ážŠáŸ’ឋាន​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) បាន​បរាជáŸáž™â€‹\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ការ​ប្រើប្រាស់​ ៖ ប្ážáž¼ážšâ€‹áž¢áŸ’នកប្រើ​ [options]​\n"
+#~ "ជម្រើស​ ៖\n"
+#~ " -d, --ážáŸ’ងៃ​មុន​ LAST_DAY\t កំណážáŸ‹â€‹áž€áž¶ážšáž”្ដូរ​ពាក្យ​សម្ងាážáŸ‹â€‹áž˜áž»áž“ ​ទៅ​ជា​ LAST_DAY\n"
+#~ " -E, --កាលបរិច្ឆáŸáž‘​ផុážâ€‹áž€áŸ†ážŽážáŸ‹â€‹ EXPIRE_DATE\t កំណážáŸ‹â€‹áž€áž¶áž›áž”រិច្ឆáŸáž‘​ការផុážâ€‹áž€áŸ†ážŽážáŸ‹â€‹â€‹ážšáž”ស់គណនីទៅ​ជា​ "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --ជំនួយ​\t\t\t បង្ហាញ​សារ​ជំនួយនáŸáŸ‡ ហើយ​ áž…áŸáž‰â€‹\n"
+#~ " -I, --អសកម្ម​ INACTIVE\t កំណážáŸ‹â€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹áž²áŸ’យ​​អសកម្ម ​បន្ទាប់​ពី​ការផុážâ€‹áž€áŸ†ážŽážáŸ‹â€‹\n"
+#~ "\t\t\t\tទៅជា INACTIVE\n"
+#~ " -l, --បញ្ជី​\t\t\t បង្ហាញពáŸážáŸŒáž˜áž¶áž“​ចាស់​របស់​​គណនី​\n"
+#~ " -m, --ចំនួនážáŸ’ងៃ​អប្បរមា MIN_DAYS\t កំណážáŸ‹â€‹áž…ំនួន​ážáŸ’ងៃ​អប្បបរមា ​មុន​ពាក្យ​សម្ងាážáŸ‹â€‹ \n"
+#~ "\t\t\t\tប្ážáž¼ážšáž‘ៅ​ជា​ MIN_DAYS\n"
+#~ " -M, --ចំនួនážáŸ’ងៃ​អážáž·áž”រមា MAX_DAYS\t កំណážáŸ‹â€‹áž…ំនួន​ážáŸ’ងៃ​អážáž·áž”រមា ​មុន​ពាក្យ​សម្ងាážáŸ‹â€‹\n"
+#~ "\t\t\t\tប្ážáž¼ážšâ€‹áž‘ៅ​ជា​ MAX_DAYS\n"
+#~ " -W, --ážáŸ’ងៃព្រមាន WARN_DAYS\tកំណážáŸ‹áž€áž¶ážšáž–្រមាន​ážáŸ’ងៃ​ផុážâ€‹áž€áŸ†ážŽážáŸ‹â€‹áž‘ៅជា​ WARN_DAYS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s ៖ PAM ការ​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវបាន​បរាជáŸáž™â€‹\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "កា​រប្រើប្រាស់​ ៖ %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ chpasswd [ជម្រើស]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -e, --encrypted\tពាក្យសម្ងាážáŸ‹â€‹ážŠáŸ‚ល​បាន​ផ្ដល់​ážáŸ’រូវ​បាន​អ៊ិនគ្រីប\n"
+#~ " -h, --help\t\tបង្ហាញ​សារ​ជំនួយ​​នáŸáŸ‡ និង​ចáŸáž‰\n"
+#~ " -m, --md5\t\tប្រើ​ការ​អ៊ិនគ្រីប MD5 ជំនួស​ឲ្យ DES នៅ​ពáŸáž›â€‹ážŠáŸ‚ល​ពាក្យសម្ងាážáŸ‹\n"
+#~ "\t\t\tដែល​បាន​ផ្ដល់​មិន​ážáŸ’រូវបាន​អ៊ិនគ្រីប​ទáŸ\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ userdel [ជម្រើស] LOGIN\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -f, --force\t\t\tបង្ážáŸ†â€‹áž²áŸ’យ​យក​ឯកសារ​ចáŸáž‰ ទោះបី​ជា​មិន​បាន​គ្រប់គ្រង​ដោយ​អ្នកប្រើ​កáŸážŠáŸ„áž™\n"
+#~ " -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​នáŸáŸ‡ និង​ចáŸáž‰\n"
+#~ " -r, --remove\t\t\tយកážâ€‹ážâ€‹áž•áŸ’ទះ និង​ហុង​សំបុážáŸ’រ​ចáŸáž‰\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "របៀបប្រើ ៖ ការផុážáž€áŸ†ážŽážáŸ‹ {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s ៖ មិនអាច​បើក​ឯកសារ​ %s បានទáŸ\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "របៀបប្រើ​ ៖ ក្រុម​ groupdel \n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "របៀបប្រើ ៖​ %s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "របៀបប្រើ ៖ %s [-r] [-s] [group]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s ៖ -s និង​ -r គឺមិន​ážáŸ’រូវ​គ្នាទáŸâ€‹\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "របៀបប្រើ​ ៖ ក្រុម​ groupdel \n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "របៀបប្រើ​ ៖ ក្រុម​ groupdel \n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ lastlog [ជម្រើស]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -b, --before DAYS\tបោះពុម្ពកំណážáŸ‹áž€áŸ†ážŽážáŸ‹áž áŸážáž»áž…ុងក្រោយចាស់ជាង DAYS\n"
+#~ " -h, --help\t\tបង្ហាញ​សារ​ជំនួយ​នáŸáŸ‡ និង​ចáŸáž‰\n"
+#~ " -t, --time DAYS\tបោះពុម្ព​ážáŸ‚​កំណážáŸ‹ážáŸ’រា​កំណážáŸ‹â€‹áž áŸážáž»â€‹áž…ុង​ក្រោយ​ដែល​ážáŸ’មី​ជាង DAYS ប៉ុណ្ណោះ\n"
+#~ " -u, --user LOGIN\tបោះពុម្ព​កំណážáŸ‹ážáŸ’រា​កំណážáŸ‹áž áŸážáž»â€‹áž…ុង​ក្រោយ​សម្រាប់​អ្នក​ប្រើ​ដែល​មាន LOGIN ដែល​បាន​"
+#~ "បញ្ជាក់\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ passwd [ជម្រើស] [ការចូល]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -a, --all\t\t\tរាយការណáŸâ€‹ážŸáŸ’ážáž¶áž“ភាព​ពាក្យសម្ងាážáŸ‹â€‹áž¢áŸ†áž–ី​គណនី​ទាំងអស់\n"
+#~ " -d, --delete\t\t\tលុប​ពាក្យសម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់​គណនី​ដែល​មាន​ឈ្មោះ\n"
+#~ " -e, --expire\t\t\tបង្ហាញ​ឲ្យ​ពាក្យសម្ងាážáŸ‹â€‹áž•áž»ážâ€‹áž€áŸ†ážŽážáŸ‹â€‹ážŸáž˜áŸ’រាប់​គណនី​ដែល​មាន​ឈ្មោះ\n"
+#~ " -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​នáŸáŸ‡ និង​ចáŸáž‰\n"
+#~ " -k, --keep-tokens\t\tផ្លាស់ប្ដូរ​ពាក្យសម្ងាážáŸ‹ ក្នុ​ង​ក​រណី​​ដែល​ផុážâ€‹áž€áŸ†ážŽážáŸ‹\n"
+#~ " -i, --inactive INACTIVE\tកំណážáŸ‹â€‹áž–ាក្យសម្ងាážáŸ‹â€‹áž²áŸ’យ​អសកម្ម​បន្ទាប់​ពី​ផុážâ€‹áž€áŸ†ážŽážáŸ‹\n"
+#~ "\t\t\t\tto INACTIVE\n"
+#~ " -l, --lock\t\t\tចាក់សោ​គណនី​ដែល​មាន​ឈ្មោះ\n"
+#~ " -n, --mindays MIN_DAYS\tកំណážáŸ‹áž…ំនួន​ážáŸ’ងៃ​អប្បបរមា​មុន​ពាក្យសម្ងាážáŸ‹\n"
+#~ "\t\t\t\tផ្លាស់ប្ដូរទៅ MIN_DAYS\n"
+#~ " -q, --quiet\t\t\tរបៀប​ស្ងាážáŸ‹\n"
+#~ " -r, --repository REPOSITORY\tផ្លាស់ប្ដូរ​ពាក្យសម្ងាážáŸ‹â€‹áž“ៅ​ក្នុង​ឃ្លាំង REPOSITORY\n"
+#~ " -S, --status\t\t\tរាយការណáŸâ€‹ážŸáŸ’ážáž¶áž“ភាព​ពាក្យសម្ងាážáŸ‹â€‹áž¢áŸ†áž–ី​គណនី​ដែល​មាន​ឈ្មោះ\n"
+#~ " -u, --unlock\t\t\tដោះសោ​គណនី​ដែល​មាន​ឈ្មោះ\n"
+#~ " -w, --warndays WARN_DAYS\tកំណážáŸ‹â€‹ážáŸ’ងៃ​ព្រមាន​ផុážâ€‹áž€áŸ†ážŽážáŸ‹â€‹áž‘ៅ​ជា WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS\tកំណážáŸ‹â€‹áž…ំនួនážáŸ’ងៃ​អážáž·áž”រមា​មុន​ពាក្យសម្ងាážáŸ‹\n"
+#~ "\t\t\t\tផ្លាស់ប្ដូរ​ទៅ​ជា MAX_DAYS\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "របៀបប្រើ ៖ %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "របៀបប្រើ ៖ %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "របៀបប្រើ​ ៖ áž›áŸážážŸáž˜áŸ’គាល់\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "របៀបប្រើ​ ៖ áž›áŸážážŸáž˜áŸ’គាល់\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "មិន​ស្គាល់​លáŸážâ€‹ážŸáž˜áŸ’គាល់​ ៖ %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "គ្មានសែល​\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ userdel [ជម្រើស] LOGIN\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -f, --force\t\t\tបង្ážáŸ†â€‹áž²áŸ’យ​យក​ឯកសារ​ចáŸáž‰ ទោះបី​ជា​មិន​បាន​គ្រប់គ្រង​ដោយ​អ្នកប្រើ​កáŸážŠáŸ„áž™\n"
+#~ " -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​នáŸáŸ‡ និង​ចáŸáž‰\n"
+#~ " -r, --remove\t\t\tយកážâ€‹ážâ€‹áž•áŸ’ទះ និង​ហុង​សំបុážáŸ’រ​ចáŸáž‰\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s ៖ បច្ចុប្បន្ន ​អ្នក​ប្រើ​ %s បាន​ចូលហើយ​\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ usermod [ជម្រើស] LOGIN\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -a, --append GROUP\t\tបន្ážáŸ‚ម​អ្នក​ប្រើ​ទៅ​ážáž¶áž„​ចុង​ក្រុម​បន្ទាប់បន្សំ\n"
+#~ " -c, --comment COMMENT\t\tážáž˜áŸ’លៃ​ážáŸ’មី​របស់​វាល GECOS\n"
+#~ " -d, --home HOME_DIR\t\tážážáž•áŸ’ទះ​ážáŸ’មី​សម្រាប់​គណនី​អ្នកប្រើ​ážáŸ’មី\n"
+#~ " -e, --expiredate EXPIRE_DATE\tកំណážáŸ‹â€‹áž€áž¶áž›áž”រិច្ឆáŸáž‘​ផុážâ€‹áž€áŸ†ážŽážáŸ‹â€‹áž‘ៅ​ជា EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE\tកំណážáŸ‹â€‹áž–ាក្យសម្ងាážáŸ‹â€‹áž²áŸ’យ​អសកម្ម​បន្ទាប់​ពី​ផុážâ€‹áž€áŸ†ážŽážáŸ‹\n"
+#~ "\t\t\t\tto INACTIVE\n"
+#~ " -g, --gid GROUP\t\tបង្ážáŸ†â€‹áž²áŸ’យ​ប្រើ GROUP ជា​ក្រុម​សំážáž¶áž“់​ážáŸ’មី\n"
+#~ " -G, --groups GROUPS\t\tបញ្ជី​ážáŸ’មី​របស់​ក្រុម​បន្ទាប់បន្សំ\n"
+#~ " -h, --help\t\t\tបង្ហាញ​សារ​ជំនួ​យនáŸáŸ‡ និង​ចáŸáž‰\n"
+#~ " -l, --login NEW_LOGIN\t\tážáž˜áŸ’លៃ​ážáŸ’មី​របស់​ឈ្មោះ​ចូល\n"
+#~ " -L, --lock\t\t\tចាក់សោ​គណនី​អ្នកប្រើ\n"
+#~ " -m, --move-home\t\tផ្លាស់ទី​មាážáž·áž€áž¶â€‹ážšáž”ស់​ážážáž•áŸ’ទះ​ទៅ\n"
+#~ "\t\t\t\tទីážáž¶áŸ†áž„​ážáŸ’មី (ប្រើ​ážáŸ‚ជា​មួយ -d ប៉ុណ្ណោះ)\n"
+#~ " -o, --non-unique\t\tអនុញ្ញាážâ€‹áž²áŸ’យ​ប្រើ UID (មិនមាន​ážáŸ‚​មួយគážáŸ‹) ស្ទួន\n"
+#~ " -p, --password PASSWORD\tប្រើ​​ពាក្យសម្ងា​ážáŸ‹â€‹â€‹ážŠáŸ‚​ល​បាន​អ៊ិនគ្រីប​សម្រាប់​​ពាក្យសម្ងា​ážáŸ‹â€‹ážáŸ’មី\n"
+#~ " -s, --shell SHELL\t\tសែល​​ចូ​ល​​ážáŸ’មី​​សម្រាប់​​គណនី​អ្នកប្រើ\n"
+#~ " -u, --uid UID\t\t\t UID ážáŸ’មី​សម្រាប់​គណនី​អ្នកប្រើ\n"
+#~ " -U, --unlock\t\t\tដោះសោ​គណនី​អ្នកប្រើ\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s ៖ មិន​ផ្ážáž›áŸ‹â€‹áž‘ង់​ឲ្យឡើយ​\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ vipw [ជម្រើស]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -g, --group\t\t\tកែសម្រួល​មូលដ្ឋាន​ទិន្ននáŸáž™â€‹áž€áŸ’រុម\n"
+#~ " -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​នáŸáŸ‡ និង​ចáŸáž‰\n"
+#~ " -p, --passwd\t\t\tកែសម្រួល​មូលដ្ឋាន​ទិន្ននáŸáž™ passwd\n"
+#~ " -q, --quiet\t\t\tរបៀប​ស្ងាážáŸ‹\n"
+#~ " -s, --shadow\t\t\tកែសម្រួល​មូលដ្ឋាន​ទិន្ននáŸáž™â€‹ážŸáŸ’រមោល ឬ gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s ៖ មិន​អាច​បង្កើážâ€‹ %s បានឡើយ\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s ៖ មិន​អាច​ chown %s បានឡើយ\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀប​ប្រើ ៖ faillog [ជម្រើស]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -a, --all\t\t\tបង្ហាញ​កំណážáŸ‹ážáŸ’រា​កំណážáŸ‹áž áŸážáž»â€‹áž”រាជáŸáž™ សម្រាប់​អ្នក​ប្រើ​ទាំងអស់\n"
+#~ " -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​នáŸáŸ‡ ហើយ​ចáŸáž‰\n"
+#~ " -l, --lock-time វិ.\t\tបន្ទាប់​ពី​ចូល​បរាជáŸáž™ ážáŸ’រូវ​ចាក់សោ​គណនី​រយៈពáŸáž› វិ. វិនាទី\n"
+#~ " -m, --maximum អážáž·.\t\tកំណážáŸ‹â€‹áž…ំនួន​អážáž·áž”រមា​នៃ​ការ​ចូល​ដែល​បរាជáŸáž™ ចំនួន អážáž·.\n"
+#~ " -r, --reset\t\t\tកំណážáŸ‹â€‹áž¢ážáŸážšâ€‹ážšáž¶áž”់​នៃ​ការ​ចូល​ដែល​បរាជáŸáž™â€‹áž¡áž¾áž„​វិញ\n"
+#~ " -t, --time ážáŸ’ងៃ\t\tបង្ហាញ​កំណážáŸ‹ážáŸ’រា​កំណážáŸ‹áž áŸážáž»â€‹áž”រាជáŸáž™ ážáŸ’មីៗ​ជាង \"ážáŸ’ងៃ\" ážáŸ’ងៃ\n"
+#~ " -u, --user ឈ្មោះចូល\t\tបង្ហាញ​កំណážáŸ‹ážáŸ’រា​កំណážáŸ‹áž áŸážáž»â€‹áž”រាជáŸáž™ ឬ ážáŸ‚ទាំ​អážáŸážšâ€‹ážšáž¶áž”់​ការ​បរាជáŸáž™\n"
+#~ "\t\t\t\táž“áž·áž„ កំណážáŸ‹ (បើ​ប្រើ​ជាមួយ​ជម្រើស -r, -m ឬ -l) សម្រាប់​ážáŸ‚\n"
+#~ "\t\t\t\tអ្នកប្រើ​ដែល​មាន​ឈ្មោះ​ចូល \"ឈ្មោះចូល\"\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ groupadd [ជម្រើស] ក្រុម\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -f, --force\t\t\tបង្ážáŸ†áž²áŸ’យ​ចáŸáž‰â€‹áž‡áž¶â€‹áž˜áž½áž™â€‹áž“ឹង​ស្ážáž¶áž“ភាព​ជោគជáŸáž™ ប្រសិន​បើ​ក្រុម\n"
+#~ "\t\t\t\tដែល​បាន​បញ្ជាក់​មាន​រួច​ហើយ\n"
+#~ " -g, --gid GID\t\t\tប្រើ GID សម្រាប់​ក្រុមážáŸ’មី\n"
+#~ " -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​នáŸáŸ‡ និង​ចáŸáž‰\n"
+#~ " -K, --key KEY=VALUE\t\tបដិសáŸáž’លំនាំដើមរបស់ /etc/login.defs \n"
+#~ " -o, --non-unique\t\tអនុញ្ញាážâ€‹áž²áŸ’យ​បង្កើážâ€‹áž€áŸ’រុម​ដែល​មាន\n"
+#~ "\t\t\t\t GID (មិនមាន​ážáŸ‚មួយ​គážáŸ‹) ស្ទួន\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ groupadd ក្រុម [options]​\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -f, --បង្ážáŸ†â€‹ \t\t បង្ážáŸ†áž²áŸ’យ​​ចáŸáž‰â€‹áž‡áž¶áž˜áž½áž™â€‹ážŸáŸ’ážáž¶áž“ភាព​ជោគជáŸáž™â€‹ ប្រសិនបើ​មាន​\n"
+#~ "\t\t\t\tក្រុមដែលបានបញ្ជាក់​​មាន​រួច​ហើយ​\n"
+#~ " -g, --gid GID\t\tប្រើ​ GID សម្រាប់​ក្រុម​ážáŸ’មី​\n"
+#~ " -h, --ជំនួយ\t\t\tបង្ហាញ​សារជំនួយ​​នáŸáŸ‡â€‹ ហើយ​ áž…áŸáž‰â€‹\n"
+#~ " -K, --កូនសោ KEY=VALUE\t\tបដិសáŸáž’​ /etc/login.defs លំនាំ​ដើម​\n"
+#~ " -o, --មិនមែនមានážáŸ‚មួយ\t\t អនុញ្ញាážáž²áŸ’យ​​បង្កើážâ€‹áž€áŸ’រុម​ស្ទួន​\n"
+#~ "\t\t\t\t(មិនមែនមានážáŸ‚មួយ) GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ useradd [ជម្រើស] LOGIN\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -b, --base-dir BASE_DIR\tážážâ€‹áž˜áž¼áž›ážŠáŸ’ឋាន​សម្រាប់​គណនី​អ្នក​ប្រើ​ážáŸ’មី\n"
+#~ "\t\t\t\tážážáž•áŸ’ទះ\n"
+#~ " -c, --comment COMMENT\t\tកំណážáŸ‹ážœáž¶áž› GECOS សម្រាប់​គណនី​អ្នកប្រើ​ážáŸ’មី\n"
+#~ " -d, --home-dir HOME_DIR\tážážâ€‹áž•áŸ’ទះ​សម្រាប់​គណនី​អ្នក​ប្រើ​ážáŸ’មី\n"
+#~ " -D, --defaults\t\tបោះពុម្ព ឬ​រក្សាទុក useradd លំនាំដើម​ដែល​បាន​កែប្រែ\n"
+#~ "\t\t\t\tconfiguration\n"
+#~ " -e, --expiredate EXPIRE_DATE\tកំណážáŸ‹â€‹áž€áž¶áž›áž”រិច្ឆáŸáž‘​គណនី​ទៅ​ជា EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE\tកំណážáŸ‹â€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹áž²áŸ’យ​អសកម្ម​បន្ទាប់​ពី​ផុážáž€áŸ†ážŽážáŸ‹\n"
+#~ "\t\t\t\tto INACTIVE\n"
+#~ " -g, --gid GROUP\t\tបង្ážáŸ†â€‹áž²áŸ’យ​ប្រើ GROUP សម្រាប់​គណនី​អ្នក​ប្រើ​ážáŸ’មី\n"
+#~ " -G, --groups GROUPS\t\tបញ្ជី​របស់​ក្រុម​ផ្ដល់​សម្រាប់\n"
+#~ "\t\t\t\tគណនី​អ្នក​ប្រើ​ážáŸ’មី\n"
+#~ " -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​នáŸáŸ‡ និង​ចáŸáž‰\n"
+#~ " -k, --skel SKEL_DIR\t\tបញ្ជាក់ážáž skel ជំនួស\n"
+#~ " -K, --key KEY=VALUE\t\tបដិសáŸáž’លំនាំដើម /etc/login.defs\n"
+#~ " -m, --create-home\t\tបង្កើážâ€‹ážážâ€‹áž•áŸ’ទះ​សម្រាប់​អ្នកប្រើ​ážáŸ’មី\n"
+#~ "\t\t\t\taccount\n"
+#~ " -o, --non-unique\t\tអនុញ្ញា​ឲ្យ​បង្កើážâ€‹áž¢áŸ’នកប្រើ​ដែល​មាន\n"
+#~ "\t\t\t\t UID(មិនមែន​ážáŸ‚​មួយគážáŸ‹) ស្ទួន \n"
+#~ " -p, --password PASSWORD\tប្រើ​ពាក្យសម្ងាážáŸ‹â€‹ážŠáŸ‚ល​បាន​អ៊ិនគ្រីប​សម្រាប់\n"
+#~ "\t\t\t\tគណនី​អ្នកប្រើ​ážáŸ’មី\n"
+#~ " -s, --shell SHELL\t\tសែល​ចូល​សម្រាប់​គណនី​អ្នកប្រើ​ážáŸ’មី\n"
+#~ " -u, --uid UID\t\t\tបង្ážáŸ†áž²áŸ’យប្រើ UID សម្រាប់​គណនី​អ្នកប្រើ​ážáŸ’មី\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "កំណážáŸ‹â€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹áž²áŸ’យ​ផុážâ€‹áž€áŸ†ážŽážáŸ‹â€‹Â áŸ”\n"
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹â€‹áž”ានទáŸâ€‹\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹â€‹\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹ážŸáŸ’រមោល​បានទáŸ\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារពាក្យ​សម្ងាážáŸ‹â€‹ážŸáŸ’រមោលបានទáŸ\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s ៖ មិនអាច​សរសáŸážšâ€‹áž¯áž€ážŸáž¶ážšáž–ាក្យសម្ងាážáŸ‹ážŸáŸ’រមោល​ឡើងវិញ​បានទáŸâ€‹\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s ៖ មិនអាច​សរសáŸážšâ€‹áž¯áž€ážŸáž¶ážšáž–ាក្យសម្ងាážáŸ‹â€‹áž¡áž¾áž„វិញបានទáŸâ€‹\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើ​ឲ្យ​ឯកសារពាក្យសម្ងាážáŸ‹â€‹ážŸáŸ’រមោលទាន់សមáŸáž™áž”ានទáŸ\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tឈ្មោះពáŸáž‰â€‹Â áŸ– %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\táž›áŸážâ€‹áž”ន្ទប់​ ៖ %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tទូរសáŸáž–្ទ​​​កន្លែង​​​ធ្វើការ ៖ %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tទូរសáŸáž–្ទនៅ​ផ្ទះ ៖ %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "មិន​អាច​ចាក់សោ​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹â€‹áž”ានទáŸÂ áŸ” សូមព្យាយាម​ម្ážáž„​ទៀážáž“ៅ​ពáŸáž›â€‹áž€áŸ’រោយ​ ។\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "មិនអាច​បើក​ឯកសារ​ពាក្យសម្ងាážáŸ‹â€‹áž”ានឡើយ ។\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "មានកំហុស​ក្នុងការ​ធ្វើ​ឲ្យ​​ធាážáž»áž”ញ្ចូល​​ពាក្យសម្ងាážáŸ‹áž‘ាន់សមáŸáž™Â áŸ”\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "មិនអាច​ដាក់ស្នើ​ការផ្លាស់ប្ដូរ​ឯកសារពាក្យសម្ងាážáŸ‹â€‹áž”ានឡើយ​ ។\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "មិន​អាច​ដោះសោ​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹áž”ានឡើយ​ ។\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​​​ឯកសារជា​​ក្រុម​បាន​ទáŸ\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ជា​ក្រុម​បាន​ទáŸâ€‹\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s ៖មិន​អាច​ចាក់សោ​ឯកសារ​ gshadow បានទáŸ\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ស្រមោល​បានទáŸ\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​ធ្វើឲ្យឯកសារស្រមោល​ទាន់សមáŸáž™â€‹\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s  ៖ មានកំហុស​ក្នុងការ​ធ្វើឲ្យ​ធាážáž»â€‹áž”ញ្ចូល​ក្រុម​​ទាន់សមáŸáž™\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិន​ស្គាល់​ក្រុម​ %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិនអាចធ្វើឲ្យ​ធាážáž»áž”ញ្ចូល​ទាន់សមáŸáž™áž”ានឡើយ\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់​សោ​ឯកសារ​ស្រមោល​បានទáŸâ€‹\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​ធ្វើឲ្យឯកសារស្រមោល​ទាន់សមáŸáž™â€‹\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s ៖ កំហុស​ក្នុងការធ្វើឲ្យ​ឯកសារពាក្យសម្ងាážáŸ‹áž‘ាន់សមáŸáž™\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិនស្គាល់​អ្នកប្រើ​ %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិនអាច​ធ្វើឲ្យធាážáž»áž”ញ្ចូល​ពាក្យសម្ងាážáŸ‹â€‹áž‘ាន់សមáŸáž™â€‹áž”ានឡើយ​\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s  ៖ មិន​ស្គាល់​អ្នក​ប្រើ​\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "មិន​ស្គាល់​អ្នក​ប្រើ ៖ %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "របៀបប្រើ ៖ %s ក្រុម [-r|-R] \n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s ក្រុម [-a user]​\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s ក្រុម [-d user]​\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s ក្រុម [-A user,...] [-M user,...]\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s ក្រុម [-M user,...]\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​បានឡើយ\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ស្រមោល​បានឡើយ​\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​​ឯកសារ​បានទáŸ\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s ៖ មិន​អាច​សរសáŸážšâ€‹â€‹â€‹â€‹â€‹áž¯áž€ážŸáž¶ážšâ€‹ážŸáŸ’រមោល​ឡើង​វិញ បាន​ទáŸâ€‹\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s ៖ មិនអាច​ដោះសោ​ឯកសារបានទáŸ\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s ៖ មិន​អាចធ្វើ​ឲ្យ​ធាážáž»áž”ញ្ចូល​​ទាន់សមáŸáž™â€‹áž”ានទáŸâ€‹\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​​ធាážáž»áž”ញ្ចូល​​ស្រមោល​ទាន់សមáŸáž™áž”ានទáŸâ€‹\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "មិន​ស្គាល់​ក្រុម​ ​ ៖ %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​​ឯកសារ​បានទáŸ\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ស្រមោល​បានទáŸ\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "ážáž¾áž¢áŸ’នក​ជា​នណា​ ?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s ៖ មិន​ស្គាល់​សមាជិក​ %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s ៖ កំហុស​ក្នុងការ​បន្ážáŸ‚ម​ធាážáž»áž”ញ្ចូល​​ក្រុម​ážáŸ’មី​\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s ៖​ មិនអាច​សរសáŸážšâ€‹áž¯áž€ážŸáž¶ážšáž€áŸ’រុមឡើងវិញ​បានទáŸâ€‹\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​សរសáŸážšâ€‹áž¯áž€ážŸáž¶ážšáž€áŸ’រុម​ស្រមោល​ឡើងវិញ​បានទáŸâ€‹\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ឯកសារក្រុម​បានទáŸ\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s ៖ មិនអាច​បើក​ឯកសារក្រុម​បានទáŸâ€‹\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ឯកសារក្រុមស្រមោល​បានទáŸ\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​បើក​ឯកសារក្រុម​ស្រមោល​បានទáŸâ€‹\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s ៖ GID %u គឺមិនមែន​មាន​ážáŸ‚មួយទáŸâ€‹\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s ៖ កំហុស​ក្នុងការយក​ធាážáž»áž”ញ្ចូល​ក្រុមចáŸáž‰\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s ៖ កំហុស​ក្នុងការយក​ធាážáž»áž”ញ្ចូល​ក្រុម​ស្រមោល​ចáŸáž‰\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s ៖ មិនអាចយក​ក្រុម​ចម្បង​របស់អ្នកប្រើ​ចáŸáž‰â€‹áž”ានទáŸÂ áŸ”\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s ៖ PAM ការ​ផ្ទៀងផ្ទាážáŸ‹â€‹áž—ាព​ážáŸ’រឹមážáŸ’រូវបាន​បរាជáŸáž™â€‹\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ឯកសារក្រុម​បានទáŸ\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s ៖ មិនអាចបើក​ឯកសារក្រុម​បានឡើយ​\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s ៖ %s រក​មិនឃើញ​នៅក្នុង​ /etc/group áž‘áŸ\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s ៖ %u មិនមែន​​ GID ដែលមានážáŸ‚មួយ​ទáŸ\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s ៖ %s គឺមិនមែនជាឈ្មោះ​ដែលមានážáŸ‚មួយទáŸâ€‹\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s ៖ មិន​អាច​សរសáŸážšâ€‹áž¯áž€ážŸáž¶ážšâ€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹áž¡áž¾áž„​វិញ​បានឡើយ\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s ​៖ មិន​អាច​ចាក់​សោ​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹áž”ានឡើយ​\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹â€‹áž”ានឡើយ\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s ៖ មិន​អាច​ធ្វើ​ឲ្យ​ធាážáž»â€‹ážŸáŸ’រមោល​សម្រាប់​​ %s ទាន់សមáŸáž™áž”ានឡើយ\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យធាážáž»â€‹áž”ញ្ចូល​សម្រាប់ក្រុម​ %s ទាន់សមáŸáž™â€‹áž”ានទáŸ\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ឯកសារក្រុមស្រមោល​បានទáŸâ€‹\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​បើក​ឯកសារក្រុមស្រមោល​បានទáŸâ€‹\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s ៖ មិនអាច​យក​ក្រុម​ស្រមោល %s áž…áŸáž‰â€‹áž”ានទáŸ\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​ឯកសារ​ក្រុម​ស្រមោល​ទាន់សមáŸáž™â€‹áž”ានទáŸâ€‹\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​លុប​ឯកសារក្រុម​ស្រមោលបានទáŸâ€‹\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "មិន​ស្គាល់​ UID ៖ %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "មិន​ស្គាល់​ GID ៖ %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s ៖ មិនមានក្រុម​ %sឡើយ​\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s áž‘áŸâ€‹\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s ៖ឈ្មោះ​អ្នក​ប្រើ​មិន​ážáŸ’រឹមážáŸ’រូវ​ '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ /etc/passwd បានឡើយ ។\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ /etc/passwd បានឡើយ ។\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ /etc/passwd បានឡើយ ។\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ /etc/passwd បានឡើយ ។\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារបានឡើយ​\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s ៖ មានកំហុសក្នុងការ​ធ្វើឲ្យ​ឯកសារទាន់សមáŸáž™\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​ធាážáž»áž”ញ្ចូលពាក្យសម្ងាážáŸ‹â€‹áž‘ាន់សមáŸáž™â€‹ážŸáž˜áŸ’រាប់​​ %s បានឡើយ\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ឯកសារ​​ពាក្យសម្ងាážáŸ‹áž”ានឡើយ\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ឯកសារពាក្យសម្ងាážáŸ‹áž”ានឡើយ\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s ៖ មិន​អាច​យក​ធាážáž»áž”ញ្ចូល​​ស្រមោលចáŸáž‰â€‹â€‹ážŸáž˜áŸ’រាប់ %s បានឡើយ\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​ឯកសារពាក្យសម្ងាážáŸ‹â€‹áž‘ាន់សមáŸáž™áž”ានឡើយ\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យធាážáž»áž”ញ្ចូល​ទាន់សមáŸáž™â€‹ážŸáž˜áŸ’រាប់ %s បានឡើយ\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s ៖ មិន​អាច​លុប​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáŸ’រមោល​បានឡើយ\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s ៖ មិន​ស្គាល់​ GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s ៖ មិន​ស្គាល់​ក្រុម​ %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s ៖ អស់​សážáž·â€‹áž€áŸ’នុងការធ្វើឲ្យ gshadow ទាន់សមáŸáŸ§\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s ៖ មិន​អាច​សរសáŸážšâ€‹áž¯áž€ážŸáž¶ážšâ€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹áž¡áž¾áž„​វិញ​បានឡើយ\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s ៖ មិន​អាច​សរសáŸážšâ€‹áž¯áž€ážŸáž¶ážšâ€‹áž–ាក្យ​សម្ងាážáŸ‹â€‹ážŸáŸ’រមោលឡើងវិញ​​បានឡើយ​\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹ážŸáŸ’រមោល​បានឡើយ\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáŸ’រមោលបានឡើយ\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s ៖ មានកំហុសក្នុងការ​ចាក់សោ​ឯកសារក្រុម​\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​បើក​ឯកសារក្រុម\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s ៖មានកំហុសក្នុងការ​ចាក់សោ​ឯកសារក្រុម​ស្រមោល​\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​បើក​ឯកសារក្រុម​ស្រមោល\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s ៖ មានកំហុសក្នុងការ​បន្ážáŸ‚ម​ធាážáž»áž”ញ្ចូល​ពាក្យសម្ងាážáŸ‹â€‹ážáŸ’មី​\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​បន្ážáŸ‚ម​ធាážáž»áž”ញ្ចូល​ពាក្យសម្ងាážáŸ‹â€‹ážŸáŸ’រមោល​ážáŸ’មី​\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s ៖ ការព្រមាន ៖ CREATE_HOME មិន​បាន​គាំទ្រទáŸâ€‹ សូម​ប្រើ​ -m ជំនួសវិញ ។\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s  ៖ មានកំហុស​ក្នុងការ​ធ្វើឲ្យ​ធាážáž»â€‹áž”ញ្ចូល​ក្រុម​​ទាន់សមáŸáž™\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s  ៖ មានកំហុស​ក្នុងការ​ធ្វើឲ្យ​ធាážáž»â€‹áž”ញ្ចូល​ក្រុម​​ទាន់សមáŸáž™\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s ៖ មិនអាចបើក​ឯកសារក្រុម​បានឡើយ​\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​បើក​ឯកសារក្រុម​ស្រមោល​បានឡើយ\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​លុប​ធាážáž»â€‹áž”ញ្ចូល​ពាក្យសម្ងាážáŸ‹â€‹\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​លុប​ធាážáž»áž”ញ្ចូល​ពាក្យសម្ងាážáŸ‹â€‹ážŸáŸ’រមោល​\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s ៖ កំហុស​ក្នុងការ​បន្ážáŸ‚ម​ធាážáž»áž”ញ្ចូល​​ក្រុម​ážáŸ’មី​\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s ៖ uid %lu មិនមែន​មាន​ážáŸ‚​មួយទáŸâ€‹\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s  ​៖ មានកំហុស​ក្នុងការ​ផ្លាស់ប្ដូរ​ធាážáž»áž”ញ្ចូល​ពាក្យសម្ងាážáŸ‹â€‹\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​យក​ធាážáž»áž”ញ្ចូល​ពាក្យសម្ងាážáŸ‹áž…áŸáž‰\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s ៖ មានកំហុសក្នុងការ​យក​ធាážáž»áž”ញ្ចូល​ពាក្យសម្ងាážáŸ‹â€‹ážŸáŸ’រមោល​ចáŸáž‰\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s ៖ មិនអាច​យក​​ GID ​ដែលមានážáŸ‚មួយ​បានឡើយ​\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " លើ '%.100s' ពី '%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " លើ '%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s ៖ បន្ទាážáŸ‹â€‹ %d ៖ មិន​អាច​បង្កើážâ€‹ UID បានឡើយ\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s ៖ ឈ្មោះ​ %s គឺមិន​មែន​មាន​ážáŸ‚មួយ​ទáŸ\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ chgpasswd [ជម្រើស]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ " -e, --encrypted\tពាក្យ​សម្ងាážáŸ‹â€‹ážŠáŸ‚ល​បាន​ផ្ដល់​ážáŸ’រូវ​បាន​អ៊ិនគ្រីប\n"
+#~ " -h, --help\t\tបង្ហា​ញសារ​ជំនួយ​នáŸáŸ‡ និង​ចáŸáž‰\n"
+#~ " -m, --md5\t\tប្រើ​ការ​អ៊ិនគ្រីប MD5 ជំនួស​ឲ្យ DES នៅ​ពáŸáž›â€‹áž”ាន​ផ្ដល់​ឲ្យ\n"
+#~ "\t\t\tពាក្យសម្ងាážáŸ‹â€‹áž˜áž·áž“​ážáŸ’រូវបាន​អ៊ិនគ្រីប\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "គ្មាន​ឯកសារ​ពាក្យ​សម្ងាážáŸ‹áž¡áž¾áž™â€‹\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "សូមអភáŸáž™áž‘ោស ។\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "សូមអភáŸáž™áž‘ោស ពាក្យ​សម្ងាážáŸ‹â€‹ážŸáž˜áŸ’រាប់​ %s មិន​ទាន់​ប្ážáž¼ážšâ€‹áž“ូវ​ឡើយ​ទáŸâ€‹Â áŸ”\n"
+
+#~ msgid "Sorry."
+#~ msgstr "សូមអភáŸáž™áž‘ោស​ ។"
diff --git a/po/ko.po b/po/ko.po
new file mode 100644
index 0000000..1b00e99
--- /dev/null
+++ b/po/ko.po
@@ -0,0 +1,3292 @@
+# shadow korean translations
+# Hwang, SangJin <accel@accellinux.org>, 1999.
+# Changwoo Ryu <cwryu@debian.org>, 2004, 2005, 2006, 2008, 2009.
+# Sunjae Park <darehanl@gmail.com>, 2006.
+#
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.1\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2009-04-19 21:32+0900\n"
+"Last-Translator: Changwoo Ryu <cwryu@debian.org>\n"
+"Language-Team: Korean <debian-l10n-korean@lists.debian.org>\n"
+"Language: ko\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"ì´ë¦„ì´ '%s'ì¸ í•­ëª©ì´ %s ì•ˆì— ì—¬ëŸ¬ ê°œ 있습니다. pwck í˜¹ì€ grpck 명령으로 ì´ ë¬¸"
+"제를 바로잡으십시오.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "libcryptê°€ 지ì›í•˜ì§€ 않는 암호화 방법? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "설정 정보를 위한 ê³µê°„ì„ í™•ë³´í•  수 없습니다.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "설정 오류 - ì•Œ 수 없는 항목 '%s'(관리ìžì—게 알리시기 ë°”ëžë‹ˆë‹¤)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "암호: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%sì˜ ì•”í˜¸: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "설정 정보를 위한 ê³µê°„ì„ í™•ë³´í•  수 없습니다.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%sì˜ ì‚¬ìš©ê¸°í•œ 정보를 바꿉니다\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: ì‚¬ìš©ìž ì´ë¦„ì„ ì¸ì‹í•  수 없습니다.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: ì‚¬ìš©ìž ì´ë¦„ì„ ì¸ì‹í•  수 없습니다.\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: 메모리 부족\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: '%s'ì„(를) 삭제할 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: 홈 디렉터리 '%s'ì€(는) 잘못ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: '%s' í•­ëª©ì„ %sì—ì„œ 제거할 수 없습니다\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "lastlog: %sì˜ í¬ê¸°ë¥¼ ì½ì„ 수 없습니다: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s"
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: 경고: %sì„(를) 제거할 수 없습니다: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: ì´ë¦„ 다시 설정: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: 디렉터리 %sì˜ ì´ë¦„ì„ %s(으)ë¡œ 바꿀 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: 디렉터리 %sì˜ ì´ë¦„ì„ %s(으)ë¡œ 바꿀 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s"
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: 경고: %sì„(를) 제거할 수 없습니다: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "lastlog: %sì˜ í¬ê¸°ë¥¼ ì½ì„ 수 없습니다: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: '%s'ì„(를) 삭제할 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: user '%s' does not exist\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: %d번 줄: '%s' 사용ìžê°€ 없습니다\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: ì´ë¦„ 다시 설정: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %sì„(를) ì—´ 수 없습니다\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "경고: 알 수 없는 그룹(%s)\n"
+
+msgid "Warning: too many groups\n"
+msgstr "경고: ê·¸ë£¹ì´ ë„ˆë¬´ 많ìŒ\n"
+
+msgid "Your password has expired."
+msgstr "암호 ì‚¬ìš©ê¸°í•œì´ ì§€ë‚¬ìŠµë‹ˆë‹¤."
+
+msgid "Your password is inactive."
+msgstr "암호 사용기간 초과로 비활성화 ë˜ì—ˆìŠµë‹ˆë‹¤."
+
+msgid "Your login has expired."
+msgstr "ë¡œê·¸ì¸ ì‚¬ìš©ê¸°í•œì´ ì§€ë‚¬ìŠµë‹ˆë‹¤."
+
+msgid " Contact the system administrator."
+msgstr " 시스템 관리ìžì—게 ì—°ë½í•˜ì‹­ì‹œì˜¤."
+
+msgid " Choose a new password."
+msgstr " 새로운 암호를 ì„ íƒí•˜ì‹­ì‹œì˜¤."
+
+msgid "You must change your password."
+msgstr "암호를 바꿔야 합니다."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "암호 ì‚¬ìš©ê¸°í•œì´ %ldì¼ í›„ì— ë납니다.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "암호 ì‚¬ìš©ê¸°í•œì´ ë‚´ì¼ ë납니다."
+
+msgid "Your password will expire today."
+msgstr "암호 ì‚¬ìš©ê¸°í•œì´ ì˜¤ëŠ˜ ë납니다."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "ê²€ì¦ ì¸í„°íŽ˜ì´ìŠ¤ë¥¼ ì—´ 수 없습니다. 중지합니다.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "TTY 표준 ìž…ë ¥ì˜ ì†Œìœ ìž í˜¹ì€ ëª¨ë“œë¥¼ 바꿀 수 없습니다: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: %sì˜ ìž ê¸ˆì„ í‘¸ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "환경 변수 오버플로우\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "$%s 변수를 바꿀 수 없습니다\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"마지막 ë¡œê·¸ì¸ ì´í›„ %d번 실패.\n"
+"마지막 로그ì¸ì€ %s, %sì—ì„œ.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "ë©”ì¼í•¨ 소유ìžë¥¼ 바꾸는 ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤"
+
+#, fuzzy, c-format
+#| msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: 유ì¼í•œ UID를 ì–»ì„ ìˆ˜ 없습니다 (UIDê°€ 남아 있지 않습니다)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: 유ì¼í•œ GID를 ì–»ì„ ìˆ˜ 없습니다 (GIDê°€ 남아 있지 않습니다)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: 유ì¼í•œ UID를 ì–»ì„ ìˆ˜ 없습니다 (UIDê°€ 남아 있지 않습니다)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: 유ì¼í•œ UID를 ì–»ì„ ìˆ˜ 없습니다 (UIDê°€ 남아 있지 않습니다)\n"
+
+msgid "Too many logins.\n"
+msgstr "ë¡œê·¸ì¸ íšŸìˆ˜ê°€ 너무 많ìŒ.\n"
+
+msgid "You have new mail."
+msgstr "새 ë©”ì¼ì´ ë„착하였습니다."
+
+msgid "No mail."
+msgstr "ë©”ì¼ ì—†ìŠµë‹ˆë‹¤."
+
+msgid "You have mail."
+msgstr "ë©”ì¼ì´ 있습니다."
+
+msgid "no change"
+msgstr "ë°”ë€ ì ì´ 없습니다"
+
+msgid "a palindrome"
+msgstr "앞뒤로 ê°™ì€ ë‹¨ì–´ìž…ë‹ˆë‹¤"
+
+msgid "case changes only"
+msgstr "대소문ìžë§Œ 바뀌었습니다"
+
+msgid "too similar"
+msgstr "너무 비슷합니다"
+
+msgid "too simple"
+msgstr "너무 간단합니다"
+
+msgid "rotated"
+msgstr "순서만 순환ë˜ì—ˆìŠµë‹ˆë‹¤"
+
+msgid "too short"
+msgstr "너무 짧습니다"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "ìž˜ëª»ëœ ì•”í˜¸: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "암호: pam_start() 실패했습니다, 오류 %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "암호: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: 암호를 바꿨습니다\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: 암호를 성공ì ìœ¼ë¡œ ì—…ë°ì´íŠ¸í–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "'%s'ì˜ ì•”í˜¸ê°€ 맞지 않습니다.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: ê´€ë¦¬ìž ê¶Œí•œì„ ë²„ë¦´ 수 없습니다 (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: ìž˜ëª»ëœ ì§‘ 전화번호: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"쓸 수 없는 ENCRYPT_METHOD 값: '%s'.\n"
+"ê¸°ë³¸ê°’ì¸ DESë¡œ 설정합니다.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "'%s' 디렉터리로 ì´ë™í•  수 없습니다\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "디렉터리 ì—†ìŒ, 루트 디렉터리(/)ë¡œ 로그ì¸í•©ë‹ˆë‹¤"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%sì„(를) 실행할 수 없습니다"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "루트 디렉터리 '%s'ì´(ê°€) 잘못ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "루트 디렉터리를 '%s'(으)로 바꿀 수 없습니다\n"
+
+msgid "Unable to determine your tty name."
+msgstr "TTY ì´ë¦„ì„ í™•ì¸í•  수 없습니다."
+
+msgid "No"
+msgstr "아니오"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "새로운 ê°’ì„ ë„£ê±°ë‚˜, ê¸°ë³¸ê°’ì„ ì›í•˜ì‹œë©´ 엔터를 치세요"
+
+msgid "Minimum Password Age"
+msgstr "ì•”í˜¸ì˜ ìµœì†Œ 유효 기간"
+
+msgid "Maximum Password Age"
+msgstr "ì•”í˜¸ì˜ ìµœëŒ€ 유효 기간"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "마지막으로 암호를 바꾼 날 (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "암호 사용만료 예고"
+
+msgid "Password Inactive"
+msgstr "암호를 사용할 수 ì—†ìŒ"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "계정 만료 날짜 (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "마지막으로 암호를 바꾼 날\t\t\t\t\t:"
+
+msgid "never"
+msgstr "안함"
+
+msgid "password must be changed"
+msgstr "암호를 바꿔야 합니다"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "암호 만료\t\t\t\t\t:"
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "암호가 비활성화 기간\t\t\t\t\t:"
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "계정 만료\t\t\t\t\t\t:"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "암호를 바꿀 수 있는 최소 날 수\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "암호를 바꿔야 하는 최대 날 수\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "암호 만료 예고를 하는 날 수\t\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: 날짜 '%s'ì€(는) 잘못ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ìž˜ëª»ëœ ìˆ«ìž ì¸ìž '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: \"l\" 플래그를 다른 플래그와 함께 í¬í•¨í•˜ì§€ ë§ ê²ƒ\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: ê¶Œí•œì´ ê±°ë¶€ë˜ì—ˆìŠµë‹ˆë‹¤.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: ì‚¬ìš©ìž ì´ë¦„ì„ ì¸ì‹í•  수 없습니다.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: %sì„(를) 잠글 수 없습니다. ë‚˜ì¤‘ì— ë‹¤ì‹œ ì‹œë„하십시오.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: %sì„(를) ì—´ 수 없습니다\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: ë°”ë€ ì‚¬í•­ì„ %sì— ì“°ëŠ” ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: 새 %s 항목 '%s'ì„(를) ì¤€ë¹„í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: ì…°ë„ìš° 암호 파ì¼ì´ 없습니다\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: '%s' 사용ìžê°€ %sì— ì—†ìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%sì˜ ì‚¬ìš©ê¸°í•œ 정보를 바꿉니다\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: í•­ëª©ì„ ë³€ê²½í•˜ëŠ” ë„중 오류가 ë°œìƒí–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "ì´ë¦„"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "방 번호"
+
+msgid "Work Phone"
+msgstr "ì§ìž¥ 번화번호"
+
+msgid "Home Phone"
+msgstr "집 전화번호"
+
+msgid "Other"
+msgstr "기타"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ì•„ì´ë””를 루트로 바꿀 수는 없습니다.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: ì´ë¦„ì— ASCIIê°€ ì•„ë‹Œ 문ìžê°€ 들어 있습니다: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ìž˜ëª»ëœ ì´ë¦„: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: ë°© ë²ˆí˜¸ì— ASCIIê°€ ì•„ë‹Œ 문ìžê°€ 들어 있습니다: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: ìž˜ëª»ëœ ë°© 번호: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: ìž˜ëª»ëœ ì§ìž¥ 전화번호: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: ìž˜ëª»ëœ ì§‘ 전화번호: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s'ì— ASCIIê°€ ì•„ë‹Œ 문ìžê°€ 들어 있습니다\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s'ì— ì‚¬ìš©í•  수 없는 글ìžê°€ 들어 있습니다\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: '%s' 사용ìžê°€ 없습니다\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: NIS í´ë¼ì´ì–¸íŠ¸ì—ì„œ '%s' 사용ìžë¥¼ 바꿀 수 없습니다.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s'ì´(ê°€) í˜„ìž¬ì˜ í´ë¼ì´ì–¸íŠ¸ì˜ NIS 마스터입니다.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%sì˜ ì‚¬ìš©ìžì˜ 정보를 바꿉니다\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: 입력범위가 너무 ê¹ë‹ˆë‹¤\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s 플래그는 %s 플래그와 함께 사용해야 합니다\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e, -m ì˜µì…˜ì€ í•˜ë‚˜ë§Œ 쓸 수 있습니다\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: 지ì›í•˜ì§€ 않는 암호화 방법: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: %d번 줄: 너무 ê¹ë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: %d번 줄: 새 암호가 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: %sì„(를) ì œê±°í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: %d번 줄: '%s' ê·¸ë£¹ì´ ì—†ìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: %d번 줄: 새 %s 항목 '%s'ì„(를) 준비하는 ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: 오류 발견, ë°”ë€ ë‚´ì—­ì€ ë¬´ì‹œí•©ë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: user '%s' does not exist\n"
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: %d번 줄: '%s' 사용ìžê°€ 없습니다\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: %d번 줄: '%s' 사용ìžê°€ 없습니다\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "ë¡œê·¸ì¸ ì‰˜"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "'%s'ì˜ ì‰˜ì„ ë°”ê¿€ 수 없습니다.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%sì˜ ë¡œê·¸ì¸ ì‰˜ì„ ë³€ê²½í•˜ê³  있습니다\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: 부ì ì ˆí•œ ìž…ë ¥: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %sì€(는) 사용할 수 없는 쉘입니다.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user '%s' does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: '%s' 사용ìžê°€ 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: 경고: %sì€(는) %sì´(ê°€) 소유하고 있지 않습니다\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: %s 옵션 ë° %s 충ëŒ\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: 올 수 없는 ì¸ìžìž…니다: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: Failed to get the entry for UID %d\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "lastlog: UID %dë²ˆì˜ í•­ëª©ì„ ì½ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "ë¡œê·¸ì¸ ì‹¤íŒ¨ 최대값 최근 사용\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%luì´ˆ 남ìŒ]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%ld초 잠금]"
+
+#, fuzzy, c-format
+#| msgid "faillog: Failed to reset fail count for UID %d\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "faillog: UID %dì˜ ì‹¤íŒ¨ 횟수를 ì´ˆê¸°í™”í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "faillog: Failed to set max for UID %d\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "faillog: UID %dì˜ ìµœëŒ€ê°’ì„ ì„¤ì •í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "faillog: Failed to set locktime for UID %d\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "faillog: UID %dì˜ ìž ê¸ˆì‹œê°ì„ ì„¤ì •í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Unknown user or range: %s\n"
+msgid "%s: Unknown user or range: %s\n"
+msgstr "lastlog: ì•Œ 수 없는 ì‚¬ìš©ìž í˜¹ì€ ë²”ìœ„: %s\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "lastlog: %sì˜ í¬ê¸°ë¥¼ ì½ì„ 수 없습니다: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: %sì„(를) ì œê±°í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -A, --administrators ADMIN,...\n"
+#| " set the list of administrators for GROUP\n"
+#| "Except for the -A and -M options, the options cannot be combined.\n"
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators <관리ìž>,...\n"
+" <그룹>ì˜ ê´€ë¦¬ìž ëª©ë¡ì„ 설정합니다\n"
+"ì´ ì˜µì…˜ì€ ê°™ì´ ì“¸ 수 없습니다. 예외로 -A와 -M ì˜µì…˜ì€ ê°™ì´ ì“¸ 수 있습니다.\n"
+
+#, fuzzy
+#| msgid "The options cannot be combined.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "ì´ ì˜µì…˜ì€ ê°™ì´ ì“¸ 수 없습니다.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "ì´ ì˜µì…˜ì€ ê°™ì´ ì“¸ 수 없습니다.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -A를 사용할 ë•Œì—는 ì…°ë„ìš° 그룹 암호가 필요합니다\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: '%s' ê·¸ë£¹ì´ %sì— ì—†ìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: ì½ê¸° ì „ìš© %sì„(를) ë‹«ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "%s ê·¸ë£¹ì˜ ì•”í˜¸ë¥¼ 바꾸는 중\n"
+
+msgid "New Password: "
+msgstr "새 암호: "
+
+msgid "Re-enter new password: "
+msgstr "새 암호를 다시 입력하십시오: "
+
+msgid "They don't match; try again"
+msgstr "ìž…ë ¥ê°’ì´ ì¼ì¹˜í•˜ì§€ 않습니다. 다시 ì‹œë„하십시오"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: ë‚˜ì¤‘ì— ë‹¤ì‹œ ì‹œë„하십시오\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "ì‚¬ìš©ìž %sì„(를) %s ê·¸ë£¹ì— ë“±ë¡ ì¤‘\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "ì‚¬ìš©ìž %sì„(를) 그룹 %sì—ì„œ 제거하는 중\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: `%s' 사용ìžëŠ” '%s'ì˜ ë©¤ë²„ê°€ 아닙니다\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: TTY가 아닙니다\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s'ì€(는) 사용할 수 없는 그룹 ì´ë¦„입니다\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "'%s' `%s' 그룹 ID는 쓸 수 없습니다\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K 옵션ì—는 <키>=<ê°’> í˜•íƒœì˜ ìž…ë ¥ì´ í•„ìš”í•©ë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: '%s' ê·¸ë£¹ì´ ì´ë¯¸ 있습니다\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: '%lu' GIDê°€ ì´ë¯¸ 있습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: ì‚¬ìš©ìž ì´ë¦„ì„ ì¸ì‹í•  수 없습니다.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: '%s' í•­ëª©ì„ %sì—ì„œ 제거할 수 없습니다\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: '%s' 사용ìžì˜ 주요 ê·¸ë£¹ì„ ì œê±°í•  수 없습니다\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: '%s' ê·¸ë£¹ì´ ì—†ìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: '%s' ê·¸ë£¹ì€ NIS 그룹입니다\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %sì€(는) NIS 마스터입니다\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: '%s' 사용ìžëŠ” ì´ë¯¸ '%s'ì˜ ë©¤ë²„ìž…ë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: 메모리가 부족합니다. %sì„(를) ì—…ë°ì´íŠ¸í•  수 없습니다.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: 그룹 ì´ë¦„ì´ ì‚¬ìš©ìž ì´ë¦„ê³¼ 맞지 않습니다\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: root만 -g/--group ì˜µì…˜ì„ ì“¸ 수 있습니다\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: '%s' 그룹 ì´ë¦„ì€ ì“¸ 수 없습니다\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: %s ê·¸ë£¹ì€ NIS 그룹입니다\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: ì•Œ 수 없는 ì‚¬ìš©ìž %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "사용법: %s [-r] [-s] [그룹 [gshadow]]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-r] [-s] [group]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "사용법: %s [-r] [-s] [그룹]\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s 옵션과 -r ì˜µì…˜ì„ ë™ì‹œì— 쓸 수 없습니다\n"
+
+msgid "invalid group file entry"
+msgstr "쓸 수 없는 그룹 íŒŒì¼ ìž…ë ¥ê°’ìž…ë‹ˆë‹¤"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "'%s' ì¤„ì„ ì‚­ì œí•˜ì‹œê² ìŠµë‹ˆê¹Œ?"
+
+msgid "duplicate group entry"
+msgstr "그룹 입력값 복제"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "'%s' 그룹 ì´ë¦„ì€ ì“¸ 수 없습니다\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "'%lu' 그룹 ID는 쓸 수 없습니다\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "그룹 %s: %s 사용ìžê°€ 없습니다\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "'%s' 그룹 멤버를 삭제하시겠습니까? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "%sì— ì¼ì¹˜í•˜ëŠ” 그룹 íŒŒì¼ ìž…ë ¥ê°’ì´ ì—†ìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "%2$s ê·¸ë£¹ì„ %1$s ì•ˆì— ì¶”ê°€í•˜ì‹œê² ìŠµë‹ˆê¹Œ?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "쓸 수 없는 ì…°ë„ìš° ê·¸ë£¹íŒŒì¼ ìž…ë ¥ê°’"
+
+msgid "duplicate shadow group entry"
+msgstr "ì…°ë„ìš° 그룹 입력값 복제"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "ì…°ë„ìš° 그룹 %s: 관리용 ì‚¬ìš©ìž %sì´(ê°€) 없습니다\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "관리용 멤버 '%s'ì„(를) 삭제하시겠습니까? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "ì…°ë„ìš° 그룹 %s: %s(ì´)ë¼ëŠ” 사용ìžê°€ 없습니다\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: 파ì¼ì´ ì—…ë°ì´íŠ¸ ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: ë°”ë€ ì ì´ ì—†ìŒ\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: '%s'ì„(를) 삭제할 수 없습니다\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "사용법: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "사용법: id\n"
+
+msgid " groups="
+msgstr " 그룹 목ë¡="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "사용ìžì´ë¦„ í¬íŠ¸ 어디서 최근정보"
+
+msgid "Username Port Latest"
+msgstr "사용ìžì´ë¦„ í¬íŠ¸ 최근정보"
+
+msgid "**Never logged in**"
+msgstr "**í•œë²ˆë„ ë¡œê·¸ì¸í•œ ì ì´ 없습니다**"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Failed to get the entry for UID %d\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "lastlog: UID %dë²ˆì˜ í•­ëª©ì„ ì½ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: UID %luë²ˆì˜ ìµœê·¼ ê¸°ë¡ í•­ëª©ì„ ì´ˆê¸°í™”í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "사용법: %s [-p] [ì´ë¦„]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h 호스트ì´ë¦„] [-f ì´ë¦„]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r 호스트\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "ìž˜ëª»ëœ ë¡œê·¸ì¸ ì‹œê°„"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"정기 ì ê²€ì„ 위해 ì‹œìŠ¤í…œì´ ì¢…ë£Œë˜ì—ˆìŠµë‹ˆë‹¤"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[ì ‘ì†í•´ì œê°€ 무시ë˜ì—ˆìŠµë‹ˆë‹¤ -- 루트 ë¡œê·¸ì¸ í—ˆìš©.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"UTMP í•­ëª©ì´ ì—†ìŠµë‹ˆë‹¤. 가장 ë‚®ì€ \"sh\"ì—ì„œ \"login\"ì„ ì‹¤í–‰í•´ì•¼ 합니다."
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"%d ì´ˆ 후 로그ì¸ì´ 종료ë˜ì—ˆìŠµë‹ˆë‹¤.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM 실패. 중지 중: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s 로그ì¸: "
+
+msgid "login: "
+msgstr "로그ì¸: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "ë¡œê·¸ì¸ ì‹œë„ íšŸìˆ˜ ìµœëŒ€ê°’ì„ ì´ˆê³¼í–ˆìŠµë‹ˆë‹¤(%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAMì—ì„œ 종료를 요청했습니다\n"
+
+msgid "Login incorrect"
+msgstr "로그ì¸ì´ 맞지 않습니다"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: ì‚¬ìš©ìž ì´ë¦„ì„ ì¸ì‹í•  수 없습니다.\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s 로그ì¸: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fork 실패: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY 실패, 위치는 %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "경고: 로그ì¸ì´ ì¼ì‹œì ìœ¼ë¡œ íì‡„ëœ í›„ 다시 로그ì¸ì„ 허용합니다."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "마지막 로그ì¸: %s on %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "마지막 로그ì¸: %.19s on %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " %.*s ì—ì„œ"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"ë¡œê·¸ì¸ ì‹œê°„ì´ ì§€ë‚˜ê°”ìŠµë‹ˆë‹¤\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "사용법: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "사용법: newgrp [-] [그룹]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "사용법: sg group [[-c] 명령]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: %sì„(를) ì œê±°í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+msgid "Invalid password.\n"
+msgstr "쓸 수 없는 암호입니다.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: 프로세스 만들기 실패: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: '%lu' GID가 없습니다\n"
+
+msgid "too many groups\n"
+msgstr "ê·¸ë£¹ì´ ë„ˆë¬´ 많습니다\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: '%s' ê·¸ë£¹ì€ ì…°ë„ìš° 그룹ì´ì§€ë§Œ, /etc/groupì— ì—†ìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: 사용할 수 없는 ì‚¬ìš©ìž ID '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: 쓸 수 없는 ì‚¬ìš©ìž ì´ë¦„ '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: %d번 줄: 올바른 ì¤„ì´ ì•„ë‹™ë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: %s 사용ìžì˜ í•­ëª©ì„ ì—…ë°ì´íŠ¸ í•  수 없습니다 (passwd ë°ì´í„°ë² ì´ìŠ¤ì— 없습니"
+"다)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: %d번 줄: 사용ìžë¥¼ 만들 수 없습니다\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: %d번 줄: ê·¸ë£¹ì„ ë§Œë“¤ 수 없습니다\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: %d번 줄: `%s' 사용ìžê°€ %s ì•ˆì— ì—†ìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: %d번 줄: 암호를 ì—…ë°ì´íŠ¸ í•  수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: %d번 줄: 디렉터리 ë§Œë“¤ê¸°ì— ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: %d번 줄: chown 실패했습니다\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: %d번 줄: ìž…ë ¥ê°’ì„ ì—…ë°ì´íŠ¸ í•  수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: 새 %s 항목 '%s'ì„(를) ì¤€ë¹„í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: 사용ìžë¥¼ 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: ê·¸ë£¹ì„ ë§Œë“¤ 수 없습니다\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid "Old password: "
+msgstr "예전 암호: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"새 암호를 입력하십시오 (최소 %d글ìž)\n"
+"대소문ìžì™€ 숫ìžë¥¼ 조합하여 사용하십시오.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"새 암호를 입력하십시오(최소 %d, 최대 %d 글ìž)\n"
+"ì˜ì–´ 대소문ìžì™€ 숫ìžë¥¼ 조합하여 사용하십시오.\n"
+
+msgid "New password: "
+msgstr "새 암호: "
+
+msgid "Try again."
+msgstr "다시 ì‹œë„하십시오."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"경고: ë³´ì•ˆì„±ì´ ì—†ëŠ” 암호 (ê·¸ëž˜ë„ ì‚¬ìš©í•˜ê¸¸ ì›í•˜ì‹ ë‹¤ë©´ 다시 입력하십시오)."
+
+msgid "They don't match; try again.\n"
+msgstr "ìž…ë ¥ê°’ì´ ì¼ì¹˜í•˜ì§€ 않습니다. 다시 ì‹œë„하십시오.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%sì˜ ì•”í˜¸ëŠ” 바꿀 수 없습니다.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%sì˜ ì•”í˜¸ëŠ” ì•„ì§ ë°”ê¿€ 수 없습니다.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: ì•”í˜¸ì˜ ìž ê¸ˆì„ í•´ì œí•˜ë©´ 암호 없는 ê³„ì •ì´ ë©ë‹ˆë‹¤. ì´ ì•”í˜¸ì˜ ìž ê¸ˆì„\n"
+"풀려면 usermod -p 명령으로 ì´ ê³„ì •ì˜ ì•”í˜¸ ìž ê¸ˆì„ í•´ì œí•´ì•¼ 합니다.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: %s 저장소는 지ì›í•˜ì§€ 않습니다\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s 사용ìžëŠ” %sì˜ ì•”í˜¸ë¥¼ 바꿀 ê¶Œí•œì´ ì—†ìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: %sì˜ ì•”í˜¸ 정보를 보거나 바꿀 수 없습니다.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%sì— ëŒ€í•œ 암호를 바꾸는 중\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%sì˜ ì•”í˜¸ë¥¼ 바꾸지 않았습니다.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "암호를 바꿨습니다."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "암호 사용만료 예고"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "사용법: %s [-q] [-r] [-s] [암호 [shadow]]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "사용법: %s [-q] [-r] [-s] [암호 [shadow]]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "올바르지 ì•Šì€ ì•”í˜¸ íŒŒì¼ í•­ëª©"
+
+msgid "duplicate password entry"
+msgstr "암호 입력값 복제"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "올바르지 ì•Šì€ ì‚¬ìš©ìž ì´ë¦„ '%s'\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "올바르지 ì•Šì€ ì‚¬ìš©ìž ID '%lu'\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "ì‚¬ìš©ìž '%s': %lu ê·¸ë£¹ì´ ì—†ìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "ì‚¬ìš©ìž '%s': '%s' 디렉터리가 없습니다\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "ì‚¬ìš©ìž '%s': '%s' í”„ë¡œê·¸ëž¨ì´ ì—†ìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %sì„(를) ì—´ 수 없습니다\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "%sì— ìžˆëŠ” 암호 íŒŒì¼ ìž…ë ¥ê°’ì´ ì¼ì¹˜í•˜ì§€ 않습니다\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "ì‚¬ìš©ìž '%s'ì„(를) %sì— ì¶”ê°€í•˜ì‹œê² ìŠµë‹ˆê¹Œ?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "쓸 수 없는 ì…°ë„ìš° 암호 íŒŒì¼ ìž…ë ¥ê°’ìž…ë‹ˆë‹¤"
+
+msgid "duplicate shadow password entry"
+msgstr "ì…°ë„ìš° 암호 입력값 복제"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "ì‚¬ìš©ìž %s: 마지막 암호 바꾼 때가 미래입니다\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: %s ì•ˆì˜ í•­ëª©ì„ ì •ë ¬í•  수 없습니다\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: %sì˜ ëª¨ë“œë¥¼ 0600으로 ë°”ê¾¸ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "su를 통해 ì´ ê³„ì •ìœ¼ë¡œ 접근하는 ê²ƒì´ ê±°ë¶€ë˜ì—ˆìŠµë‹ˆë‹¤.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "암호 ì¸ì¦ì´ 무시ë˜ì—ˆìŠµë‹ˆë‹¤.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "ì¸ì¦í•˜ê¸° 위해 본ì¸ì˜ 암호를 입력하십시오.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: ì‚¬ìš©ìž ì´ë¦„ì„ ì¸ì‹í•  수 없습니다.\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"사용법: su [옵션] [<로그ì¸>]\n"
+"\n"
+"옵션:\n"
+" -c, --command <명령어> ì‹¤í–‰ëœ ì‰˜ì— <명령어>를 보냅니다\n"
+" -h, --help ì´ ë„ì›€ë§ ë©”ì‹œì§€ë¥¼ 표시하고 ë냅니다\n"
+" -, -l, --login ì‰˜ì„ ë¡œê·¸ì¸ ì‰˜ë¡œ 합니다\n"
+" -m, -p,\n"
+" --preserve-environment 환경변수를 초기화하지 ì•Šê³  ê°™ì„ ì‰˜ì„\n"
+" 사용합니다\n"
+" -s, --shell <쉘> 암호 파ì¼ì˜ 기본 쉘 대신 <쉘>를 사용합니다\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(무시ë¨)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "su %sì„(를) 하ë„ë¡ ì¸ì¦ì´ ë˜ì§€ 않았습니다\n"
+
+msgid "(Enter your own password)"
+msgstr "(본ì¸ì˜ 암호를 입력하십시오)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: ì¸ì¦ì´ 실패했습니다\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: 현재 su ëª…ë ¹ì„ ì‹¤í–‰í•  ê¶Œí•œì´ ì—†ìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "'루트'ì— ëŒ€í•œ 암호 íŒŒì¼ ìž…ë ¥ê°’ì´ ì—†ìŒ"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: 터미ë„ì—ì„œ 받드시 실행ë˜ì–´ì•¼ 합니다\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: 오류 %d\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "lastlog: %sì˜ í¬ê¸°ë¥¼ ì½ì„ 수 없습니다: %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "%sì„(를) 실행할 수 없습니다"
+
+msgid "No password file"
+msgstr "암호 íŒŒì¼ ì—†ìŒ"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY 실패"
+
+msgid "No password entry for 'root'"
+msgstr "'루트'ì— ëŒ€í•œ 암호 íŒŒì¼ ìž…ë ¥ê°’ì´ ì—†ìŒ"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"ì¼ë°˜ì ìœ¼ë¡œ 시작(normal startup)ì„ í•˜ë ¤ë©´ control-d를 입력하십시오,\n"
+"(그렇지 않으면 시스템 정비를 위하여 루트 암호를 입력하십시오)"
+
+msgid "Entering System Maintenance Mode"
+msgstr "시스템 정비 모드로 들어가고 있습니다"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: 새로운 기본값 파ì¼ì„ 만들 수 없습니다\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: 새로운 기본값 파ì¼ì„ 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: %d번 줄: chown 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: ì´ë¦„ 다시 설정: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: '%s' ê·¸ë£¹ì€ NIS 그룹입니다.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: ê·¸ë£¹ì´ ë„ˆë¬´ ë§Žì´ ëª…ì‹œë˜ì—ˆìŠµë‹ˆë‹¤ (최대 %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: 기본 디렉터리 '%s' 잘못ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ì£¼ì„ '%s'ì´(ê°€) 잘못ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: 홈 디렉터리 '%s'ì€(는) 잘못ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: -e ì˜µì…˜ì„ ì‚¬ìš©í•  경우 ì…°ë„ìš° 암호가 필요합니다\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: -f ì˜µì…˜ì„ ì‚¬ìš©í•  경우 ì…°ë„ìš° 암호가 필요합니다\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: 올바르지 ì•Šì€ í•„ë“œ '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: 올바르지 ì•Šì€ ì‰˜ '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+"%s: UID %luë²ˆì˜ ë¡œê·¸ì¸ ì‹¤íŒ¨ ê¸°ë¡ í•­ëª©ì„ ì´ˆê¸°í™”í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: UID %luë²ˆì˜ ìµœê·¼ ê¸°ë¡ í•­ëª©ì„ ì´ˆê¸°í™”í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: 새 %s 항목 '%s'ì„(를) ì¤€ë¹„í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+msgid "Creating mailbox file"
+msgstr "ë©”ì¼í•¨ 파ì¼ì„ 만드는 중"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr "'mail' ê·¸ë£¹ì´ ì—†ìŠµë‹ˆë‹¤. 사용ìžì˜ ë©”ì¼í•¨ 파ì¼ì„ 0600 모드로 만듭니다.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "ë©”ì¼í•¨ì˜ íŒŒì¼ ê¶Œí•œì„ ì„¤ì • 중"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: '%s' 사용ìžê°€ ì´ë¯¸ 있습니다\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: %s ê·¸ë£¹ì´ ì´ë¯¸ 있습니다. ì´ ì‚¬ìš©ìžë¥¼ ì´ ê·¸ë£¹ì— ì¶”ê°€í•˜ë ¤ë©´, -g ì˜µì…˜ì„ ì‚¬ìš©"
+"하십시오.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: 사용ìžë¥¼ 만들 수 없습니다\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %luë²ˆì€ ìœ ì¼í•˜ì§€ 않습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: ê·¸ë£¹ì„ ë§Œë“¤ 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: 사용ìžë¥¼ 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: ê·¸ë£¹ì„ ë§Œë“¤ 수 없습니다\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: 경고: 홈디렉터리가 ì´ë¯¸ 있습니다.\n"
+"skel 디렉터리ì—ì„œ 파ì¼ì„ 복사하지 않습니다.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: '%s' 사용ìžì˜ 주요 ê·¸ë£¹ì„ ì œê±°í•  수 없습니다\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s: %s ê·¸ë£¹ì€ ë‹¤ë¥¸ 사용ìžì˜ 주요 그룹ì´ë¯€ë¡œ 제거하지 않습니다.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: '%s' í•­ëª©ì„ %sì—ì„œ 제거할 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: 홈 디렉터리 '%s'ì€(는) 잘못ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s"
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: 경고: %sì„(를) 제거할 수 없습니다: %s"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %sì€(는) %sì˜ ì†Œìœ ê°€ 아닙니다, 제거하지 않습니다\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: ê´€ë¦¬ìž ê¶Œí•œì„ ë²„ë¦´ 수 없습니다 (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "lastlog: %sì˜ í¬ê¸°ë¥¼ ì½ì„ 수 없습니다: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: '%s' í•­ëª©ì„ %sì—ì„œ 제거할 수 없습니다\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: %s 사용ìžëŠ” NIS ì‚¬ìš©ìž ìž…ë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: 홈 디렉터리 '%s'ì€(는) 잘못ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: 디렉터리 %sì€(는) 제거하지 않습니다 (ì‚¬ìš©ìž %sì˜ í™ˆ 디렉터리를\n"
+"제거하게 ë©ë‹ˆë‹¤)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: 디렉터리 %sì„(를) 제거하는 ë° ì˜¤ë¥˜ê°€ ë°œìƒí–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr " -s, --sha-rounds SHA* 암호화 ì•Œê³ ë¦¬ì¦˜ì˜ SHA ë¼ìš´ë“œ 수\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: 사용ìžì˜ 암호 ìž ê¸ˆì„ í•´ì œí•˜ë©´ 암호 없는 ê³„ì •ì´ ë©ë‹ˆë‹¤. ì´ ì‚¬ìš©ìžì˜\n"
+"암호 ìž ê¸ˆì„ í’€ë ¤ë©´ usermod -p 명령으로 암호 ìž ê¸ˆì„ í•´ì œí•´ì•¼ 합니다.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: '%s' 사용ìžê°€ ì´ë¯¸ %s ì•ˆì— ìžˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: 날짜 '%s'ì€(는) 잘못ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: 날짜 '%s'ì€(는) 잘못ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: %sì„(를) ì—´ 수 없습니다\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p, -U ì˜µì…˜ì€ í•œ ë²ˆì— í•˜ë‚˜ë§Œ 쓸 수 있습니다\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e 옵션과 -f ì˜µì…˜ì€ ì…°ë„ìš° 암호가 필요합니다\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: '%lu' UIDê°€ ì´ë¯¸ 있습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s 사용ìžëŠ” %sì˜ ì•”í˜¸ë¥¼ 바꿀 ê¶Œí•œì´ ì—†ìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: 디렉터리 %sì€(는) ì´ë¯¸ 있습니다\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: 디렉터리 %sì„(를) 만들 수 없습니다\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: 경고: ì´ì „ 홈 디렉터리 %sì„(를) 완전히 제거하는 ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: 디렉터리 %sì˜ ì´ë¦„ì„ %s(으)ë¡œ 바꿀 수 없습니다\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: ì‚¬ìš©ìž %luì˜ ìµœê·¼ ê¸°ë¡ í•­ëª©ì„ ì‚¬ìš©ìž %luì— ë³µì‚¬í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: ì‚¬ìš©ìž %luì˜ ë¡œê·¸ì¸ ì‹¤íŒ¨ ê¸°ë¡ í•­ëª©ì„ ì‚¬ìš©ìž %luì— ë³µì‚¬í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆ"
+"다: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: 경고: %sì€(는) %sì´(ê°€) 소유하고 있지 않습니다\n"
+
+msgid "failed to change mailbox owner"
+msgstr "ë©”ì¼í•¨ 소유ìžë¥¼ 바꾸는 ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤"
+
+msgid "failed to rename mailbox"
+msgstr "ë©”ì¼í•¨ì˜ ì´ë¦„ì„ ë°”ê¾¸ëŠ” ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: 새 %s 항목 '%s'ì„(를) ì¤€ë¹„í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: 새 %s 항목 '%s'ì„(를) ì¤€ë¹„í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: 새 %s 항목 '%s'ì„(를) ì¤€ë¹„í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: 새 %s 항목 '%s'ì„(를) ì¤€ë¹„í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"%sì„(를) 수정했습니다.\n"
+"앞뒤가 맞으려면 %së„ ë°”ê¿”ì•¼ 합니다.\n"
+"수정하려면 '%s' ëª…ë ¹ì„ ì´ìš©í•˜ì‹­ì‹œì˜¤.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: %sì„(를) ì œê±°í•˜ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %sì€(는) 바뀌지 않았습니다\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "ë©”ì¼í•¨ì˜ ì´ë¦„ì„ ë°”ê¾¸ëŠ” ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: ê´€ë¦¬ìž ê¶Œí•œì„ ë²„ë¦´ 수 없습니다 (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "파ì¼ì„ 잠글 수 없습니다"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: ê´€ë¦¬ìž ê¶Œí•œì„ ë²„ë¦´ 수 없습니다 (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "파ì¼ì„ 잠글 수 없습니다"
+
+msgid "Couldn't make backup"
+msgstr "ë°±ì—…ì„ ë§Œë“¤ 수 없습니다"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to open scratch file"
+msgstr "ë©”ì¼í•¨ì˜ ì´ë¦„ì„ ë°”ê¾¸ëŠ” ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤"
+
+#, fuzzy
+#| msgid "%s: failed to unlock %s\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: %sì˜ ìž ê¸ˆì„ í‘¸ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "ë©”ì¼í•¨ì˜ ì´ë¦„ì„ ë°”ê¾¸ëŠ” ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "ë©”ì¼í•¨ 소유ìžë¥¼ 바꾸는 ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "ë©”ì¼í•¨ì˜ ì´ë¦„ì„ ë°”ê¾¸ëŠ” ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %sì„(를) 복구할 수 없습니다: %s (ë°”ë€ ì‚¬í•­ì€ %sì— ìžˆìŠµë‹ˆë‹¤)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: 기본 디렉터리 '%s' 잘못ë˜ì—ˆìŠµë‹ˆë‹¤\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d)ì— ì‹¤íŒ¨\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: chage [옵션] [로그ì¸]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -d, --lastday <최근날짜> 최근 암호를 바꾼 날짜를 <최근날짜>로 합니"
+#~ "다.\n"
+#~ " -E, --expiredate <만료날짜> 계정 만료날짜를 <만료날짜>로 합니다.\n"
+#~ " -h, --help ì´ ë„움ë§ì„ 표시하고 ë냅니다.\n"
+#~ " -I, --inactive <비활성화기간> ë§Œë£Œëœ í›„ 비활성화 ê¸°ê°„ì„ <비활성화기간>"
+#~ "으로\n"
+#~ " 합니다\n"
+#~ " -l, --list ê³„ì •ì˜ ì‚¬ìš©ê¸°í•œ 정보를 표시합니다.\n"
+#~ " -m, --mindays <최소날수> 암호를 바꾸기 ì „ì˜ ìµœì†Œ 날짜 수를 <최소날"
+#~ "수>로\n"
+#~ " 합니다.\n"
+#~ " -M, --maxdays <최대날수> 암호를 바꾸기 ì „ì˜ ìµœëŒ€ 날짜 수를 <최대날"
+#~ "수>로\n"
+#~ " 합니다.\n"
+#~ " -W, --warndays <경고날수> 만료 경고 ê¸°ê°„ì„ <경고날수>으로 합니다.\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM ì¸ì¦ì´ 실패했습니다\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "사용법: %s [-f ì´ë¦„] [-r ë°©_번호] [-w ì§ìž¥_전화번호]\n"
+#~ "\t[-h 집_전화번호] [-o 기타] [사용ìž]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "사용법: %s [-f ì´ë¦„] [-r ë°©_번호] [-w ì§ìž¥_전화번호] [-h 집_전화번호]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "사용법: %s [옵션]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -c, --crypt-method 암호화 방법 (ë‹¤ìŒ ì¤‘ 하나: %s)\n"
+#~ " -e, --encrypted 입력하는 암호가 암호화ë˜ì–´ 있습니다\n"
+#~ " -h, --help ì´ ë„ì›€ë§ ë©”ì‹œì§€ë¥¼ 표시하고 ë냅니다\n"
+#~ " -m, --md5 ì¼ë°˜ í…스트 암호를 MD5 ì•Œê³ ë¦¬ì¦˜ì„ ì‚¬ìš©í•´\n"
+#~ " 암호화합니다\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: chsh [옵션] [<로그ì¸>]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -h, --help ì´ ë„ì›€ë§ ë©”ì‹œì§€ë¥¼ 표시하고 ë냅니다\n"
+#~ " -s, --shelll <쉘> ì‚¬ìš©ìž ê³„ì •ì˜ ìƒˆ ë¡œê·¸ì¸ ì‰˜\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "사용법: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "faillog: Failed to get the entry for UID %d\n"
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: UID %dë²ˆì˜ í•­ëª©ì„ ì½ëŠ”ë° ì‹¤íŒ¨í–ˆìŠµë‹ˆë‹¤\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: %sì„(를) ì—´ 수 없습니다: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: %sì˜ í¬ê¸°ë¥¼ ì–»ì„ ìˆ˜ 없습니다: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "사용법: groupdel 그룹\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s 옵션과 -r ì˜µì…˜ì„ ë™ì‹œì— 쓸 수 없습니다\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "사용법: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "사용법: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: lastlog [옵션]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -b, --before <날짜> <날짜>ì¼ ì´ì „ì˜ ìµœê·¼ 기ë¡ì„ 표시합니다\n"
+#~ " -h, --help ì´ ë„ì›€ë§ ë©”ì‹œì§€ë¥¼ 표시하고 ë냅니다\n"
+#~ " -t, --time <날짜> <날짜>ì¼ ë‚´ì˜ ìµœê·¼ 기ë¡ë§Œ 표시합니다\n"
+#~ " -u, --user <로그ì¸> <로그ì¸> 사용ìžì˜ 최근 기ë¡ë§Œ 표시합니다\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: passwd [옵션] [<로그ì¸>]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -a, --all 모든 ê³„ì •ì˜ ì•”í˜¸ ìƒíƒœë¥¼ 보고합니다\n"
+#~ " -d, --delete ì§€ì •ëœ ê³„ì •ì˜ ì•”í˜¸ë¥¼ 지ì›ë‹ˆë‹¤\n"
+#~ " -e, --expire ì§€ì •ëœ ê³„ì • 암호를 강제로 만료시킵니다\n"
+#~ " -h, --help ì´ ë„ì›€ë§ ë©”ì‹œì§€ë¥¼ 표시하고 ë냅니다\n"
+#~ " -k, --keep-tokens 암호가 ë§Œë£Œí–ˆì„ ë•Œë§Œ 바꿉니다\n"
+#~ " -i, --inactive <비활성화기간> ë§Œë£Œëœ í›„ 비활성화 ê¸°ê°„ì„ \n"
+#~ " <비활성화기간>으로 합니다\n"
+#~ " -l, --lock ì§€ì •ëœ ê³„ì •ì˜ ì•”í˜¸ë¥¼ 잠급니다\n"
+#~ " -n, --mindays <최소날수> 암호를 다시 바꿀 수 있는 최소 ì¼\n"
+#~ " 수를 <최소날수>로 합니다\n"
+#~ " -q, --quiet 조용한 모드\n"
+#~ " -r, --repository <저장소> <저장소> ì €ìž¥ì†Œì— ìžˆëŠ” 암호를 바꿉니다\n"
+#~ " -S, --status ì§€ì •ëœ ê³„ì •ì˜ ì•”í˜¸ ìƒíƒœë¥¼ 보고합니다\n"
+#~ " -u, --unlock ì§€ì •ëœ ê³„ì •ì˜ ì•”í˜¸ ìž ê¸ˆì„ í•´ì œí•©ë‹ˆë‹¤\n"
+#~ " -w, --warndays <경고날수> 암호 만료 예고를 <경고날수> ì´ì „부터 합니"
+#~ "다\n"
+#~ " -x, --maxdays <최대날수> 암호를 바꾸지 ì•Šì„ ìˆ˜ 있는 최대 ì¼\n"
+#~ " 수를 <최대날수>로 합니다\n"
+#~ "\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "사용법: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "사용법: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "ì•Œ 수 없는 ì•„ì´ë””: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "ì‰˜ì´ ì—†ìŒ\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: userdel [옵션] <로그ì¸>\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -f, --force 파ì¼ì´ ì‚¬ìš©ìž ì†Œìœ ìžê°€ 아니ë”ë¼ë„ 강제로\n"
+#~ " 지ì›ë‹ˆë‹¤\n"
+#~ " -h, --help ì´ ë„ì›€ë§ ë©”ì‹œì§€ë¥¼ 표시하고 ë냅니다\n"
+#~ " -r, --remove 홈 디렉터리와 ë©”ì¼ ì €ìž¥ì†Œì„ ì§€ì›ë‹ˆë‹¤\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: %s 사용ìžëŠ” 현재 로그ì¸í•œ ìƒíƒœ 입니다\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: usermod [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -c, --comment COMMENT new value of the GECOS field\n"
+#~| " -d, --home HOME_DIR new home directory for the user account\n"
+#~| " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -g, --gid GROUP force use GROUP as new primary group\n"
+#~| " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~| " -a, --append append the user to the supplemental "
+#~| "GROUPS\n"
+#~| " mentioned by the -G option without "
+#~| "removing\n"
+#~| " him/her from other groups\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --login NEW_LOGIN new value of the login name\n"
+#~| " -L, --lock lock the user account\n"
+#~| " -m, --move-home move contents of the home directory to "
+#~| "the\n"
+#~| " new location (use only with -d)\n"
+#~| " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~| " -p, --password PASSWORD use encrypted password for the new "
+#~| "password\n"
+#~| " -s, --shell SHELL new login shell for the user account\n"
+#~| " -u, --uid UID new UID for the user account\n"
+#~| " -U, --unlock unlock the user account\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "사용법: usermod [옵션] <로그ì¸>\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -c, --comment <설명> GECOSí•„ë“œì˜ ê°’ì„ ìƒˆë¡œ 설정합니다\n"
+#~ " -d, --home <홈디렉터리> ì§€ì •ëœ ì‚¬ìš©ìž ê³„ì •ì˜ ìƒˆ 홈 디렉터리를\n"
+#~ " 지정합니다\n"
+#~ " -e, --expiredate <만료날짜> 계정 만료 날짜를 <만료날짜>로 합니다\n"
+#~ " -f, --inactive <비활성화기간> ë§Œë£Œëœ í›„ 비활성화 ê¸°ê°„ì„ <비활성화기간>으"
+#~ "로\n"
+#~ " 합니다\n"
+#~ " -g, --gid <그룹> 새 주요 ê·¸ë£¹ì„ <그룹>으로 강제로 지정합니"
+#~ "다\n"
+#~ " -G, --groups <그룹목ë¡> ë³´ì¡° ê·¸ë£¹ì˜ ëª©ë¡ì„ 새로 지정합니다\n"
+#~ " -a, --append 사용ìžë¥¼ ë³´ì¡° 그룹 <그룹>ì— ì¶”ê°€í•©ë‹ˆë‹¤\n"
+#~ " (그룹 목ë¡ì€ -G ì˜µì…˜ì— ë‚˜íƒ€ë‚˜ê³  다른\n"
+#~ " ê·¸ë£¹ì˜ ì¶”ê°€ ì‚­ì œ ìƒíƒœëŠ” 변하지 않습니다)\n"
+#~ " -h, --help ì´ ë„움ë§ì„ 표시하고 ë냅니다\n"
+#~ " -l, --login <새로그ì¸> ë¡œê·¸ì¸ ì´ë¦„ì„ ìƒˆë¡œ 지정합니다\n"
+#~ " -L, --lock ì§€ì •ëœ ì‚¬ìš©ìž ê³„ì •ì„ ìž ê¸‰ë‹ˆë‹¤\n"
+#~ " -m, --move-home 홈 ë””ë ‰í„°ë¦¬ì˜ ë‚´ìš©ì„ ìƒˆ 홈 디렉터리로 옮ê¹"
+#~ "니다\n"
+#~ " (-d 옵션과 함께 사용해야 합니다)\n"
+#~ " -o, --non-unique 중복ë˜ëŠ” UIDë„ í—ˆìš©í•©ë‹ˆë‹¤\n"
+#~ " -p, --password <암호> 새로 사용할 암호를 암호화하여 사용합니다\n"
+#~ " -s, --shell <쉘> ì§€ì •ëœ ì‚¬ìš©ìž ê³„ì •ì˜ ë¡œê·¸ì¸ ì‰˜ì„ ì§€ì •í•©ë‹ˆ"
+#~ "다\n"
+#~ " -u, --uid <UID> ì§€ì •ëœ ì‚¬ìš©ìž ê³„ì •ì˜ ìƒˆ <UID> ê°’ì„ ì§€ì •í•©"
+#~ "니다\n"
+#~ " -U, --unlock ì‚¬ìš©ìž ê³„ì •ì˜ ìž ê¸ˆì„ í•´ì œí•©ë‹ˆë‹¤\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: 주어진 플래그가 없습니다\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: vipw [옵션]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -g, --group 그룹 ë°ì´í„°ë² ì´ìŠ¤ë¥¼ 편집합니다\n"
+#~ " -h, --help ì´ ë„ì›€ë§ ë©”ì‹œì§€ë¥¼ 표시하고 ë냅니다\n"
+#~ " -p, --passwd passwd ë°ì´í„°ë² ì´ìŠ¤ë¥¼ 편집합니다\n"
+#~ " -q, --quiet 조용한 모드\n"
+#~ " -s, --shadow ì…°ë„ìš° ë°ì´í„°ë² ì´ìŠ¤ë‚˜ 그룹 ì…°ë„ìš° \n"
+#~ " ë°ì´í„°ë² ì´ìŠ¤ë¥¼ 수정합니다\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --add USER add USER to GROUP\n"
+#~ " -d, --delete USER remove USER from GROUP\n"
+#~ " -r, --remove-password remove the GROUP's password\n"
+#~ " -R, --restrict restrict access to GROUP to its members\n"
+#~ " -M, --members USER,... set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: %s [옵션] <그룹>\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -a, --add <사용ìž> <사용ìž>를 <그룹>ì— ì¶”ê°€í•©ë‹ˆë‹¤\n"
+#~ " -d, --delete <사용ìž> <사용ìž>를 <그룹>ì—ì„œ 제거합니다\n"
+#~ " -r, --remove-password <그룹>ì˜ ì•”í˜¸ë¥¼ 제거합니다\n"
+#~ " -R, --restrict <그룹>ì— ì ‘ê·¼í•˜ëŠ” ê¶Œí•œì„ ë©¤ë²„ë¡œ 제한합니"
+#~ "다\n"
+#~ " -M, --members <사용ìž>,... ê·¸ë£¹ì˜ ë©¤ë²„ 목ë¡ì„ 설정합니다\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group groupname change groupname instead of the user's "
+#~ "group\n"
+#~ " (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ " -a, --add username add username to the members of the group\n"
+#~ " -d, --delete username remove username from the members of the "
+#~ "group\n"
+#~ " -p, --purge purge all members from the group\n"
+#~ " -l, --list list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: groupmems [옵션] [ë™ìž‘]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -g, --group <그룹ì´ë¦„> 사용ìžì˜ ê·¸ë£¹ì´ ì•„ë‹Œ <그룹ì´ë¦„>ì„ ë°”ê¿‰ë‹ˆ"
+#~ "다\n"
+#~ " (root ì „ìš©)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ " -a, --add <사용ìžì´ë¦„> <사용ìžì´ë¦„>ì„ ê·¸ë£¹ì˜ ë©¤ë²„ë¡œ 추가합니다\n"
+#~ " -d, --delete <사용ìžì´ë¦„> 그룹 멤버ì—ì„œ <사용ìžì´ë¦„>ì„ ì œê±°í•©ë‹ˆë‹¤\n"
+#~ " -p, --purge 그룹ì—ì„œ 모든 멤버를 없앱니다\n"
+#~ " -l, --list ê·¸ë£¹ì˜ ë©¤ë²„ 목ë¡ì„ 표시합니다\n"
+#~ "\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %sì„(를) 만들 수 없습니다\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: %sì„(를) chowní•  수 없습니다\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: faillog [옵션]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -a, --all 모든 사용ìžì˜ ë¡œê·¸ì¸ ì‹¤íŒ¨ 기ë¡ì„ 표시합니다\n"
+#~ " -h, --help ì´ ë„ì›€ë§ ë©”ì‹œì§€ë¥¼ 표시하고 ë냅니다\n"
+#~ " -l, --lock-time <ì´ˆ> 로그ì¸ì— 실패하면 <ì´ˆ>ì´ˆ ë™ì•ˆ ê³„ì •ì„ ìž ê¸‰ë‹ˆ"
+#~ "다\n"
+#~ " -m, --maximum <최대값> ë¡œê·¸ì¸ ì‹¤íŒ¨ íšŸìˆ˜ì˜ ìµœëŒ€ê°’ì„ <최대값>으로 합니"
+#~ "다\n"
+#~ " -r, --reset ë¡œê·¸ì¸ ì‹¤íŒ¨ 횟수를 초기화합니다\n"
+#~ " -t, --time <날짜> <날짜>ì¼ ë‚´ì˜ ë¡œê·¸ì¸ ì‹¤íŒ¨ 기ë¡ë§Œ 표시합니다\n"
+#~ " -u, --user <로그ì¸> <로그ì¸> 사용ìžì˜ ë¡œê·¸ì¸ ì‹¤íŒ¨ 기ë¡ì„ 표시하거"
+#~ "나,\n"
+#~ " -r, -m, -l ì˜µì…˜ì„ ì‚¬ìš©í•  ë•Œì—는 <로그ì¸> 사용"
+#~ "ìžì˜\n"
+#~ " ë¡œê·¸ì¸ ì‹¤íŒ¨ 횟수와 한계값만 관리합니다\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: groupadd [옵션] <그룹>\n"
+#~ "\n"
+#~ "옵션\n"
+#~ " -f, --force 지정한 ê·¸ë£¹ì´ ì´ë¯¸ ìžˆì„ ê²½ìš°ì—ë„ ëë‚´ê³  \n"
+#~ " 성공한 것으로 표시합니다\n"
+#~ " -g, --gid <GID> 새 ê·¸ë£¹ì˜ gid를 <GID>ë¡œ 합니다\n"
+#~ " -h, --help ì´ ë„ì›€ë§ ë©”ì‹œì§€ë¥¼ 표시하고 ë냅니다\n"
+#~ " -K, --key <키>=<ê°’> /etc/login.defsì˜ ê¸°ë³¸ê°’ì„ ë¬´ì‹œí•˜ê³  설정합"
+#~ "니다\n"
+#~ " -o, --non-unique GIDê°€ 중복ë˜ë”ë¼ë„(유ì¼í•˜ì§€ ì•Šë”ë¼ë„)\n"
+#~ " 그룹 만들기를 허용합니다\n"
+#~ " -p, --password <암호> 새 ê·¸ë£¹ì— ì•”í˜¸í™”í•œ 암호를 사용합니다\n"
+#~ " -r, --system 시스템 ê³„ì •ì„ ë§Œë“­ë‹ˆë‹¤\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: groupmod [옵션] <그룹>\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -g, --gid <GID> <그룹>ì— ìƒˆ <GID>를 사용합니다\n"
+#~ " -h, --help ì´ ë„움ë§ì„ 출력하고 ë납니다\n"
+#~ " -n, --new-name <새그룹> <그룹>ì— <새그룹> ì´ë¦„ì„ ê°•ì œë¡œ 사용합니"
+#~ "다\n"
+#~ " -o, --non-unique <그룹>ì— ì¤‘ë³µëœ (유ì¼í•˜ì§€ ì•Šì€) GIDë¡œ 그룹"
+#~ "ì„ \n"
+#~ " 만듭니다\n"
+#~ " -p, --password <암호> 새 ì•”í˜¸ì— ì•”í˜¸í™”í•œ 암호를 사용합니다\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~| " home directory\n"
+#~| " -c, --comment COMMENT set the GECOS field for the new user "
+#~| "account\n"
+#~| " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~| " -D, --defaults print or save modified default useradd\n"
+#~| " configuration\n"
+#~| " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -g, --gid GROUP force use GROUP for the new user "
+#~| "account\n"
+#~| " -G, --groups GROUPS list of supplementary groups for the "
+#~| "new\n"
+#~| " user account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~| " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~| " -l, --no-log-init do not add the user to the lastlog and\n"
+#~| " faillog databases\n"
+#~| " -m, --create-home create home directory for the new user\n"
+#~| " account\n"
+#~| " -M, --no-create-home do not create user's home directory\n"
+#~| " (overrides /etc/login.defs)\n"
+#~| " -N, --no-user-group do not create a group with the same name "
+#~| "as\n"
+#~| " the user\n"
+#~| " -o, --non-unique allow create user with duplicate\n"
+#~| " (non-unique) UID\n"
+#~| " -p, --password PASSWORD use encrypted password for the new user\n"
+#~| " account\n"
+#~| " -r, --system create a system account\n"
+#~| " -s, --shell SHELL the login shell for the new user "
+#~| "account\n"
+#~| " -u, --uid UID force use the UID for the new user "
+#~| "account\n"
+#~| " -U, --user-group create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "사용법: useradd [옵션] <로그ì¸>\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ " -b, --base-dir <기본디렉터리> 새 ì‚¬ìš©ìž ê³„ì •ì˜ í™ˆ ë””ë ‰í„°ë¦¬ì˜ ê¸°ë³¸ 디렉"
+#~ "토리\n"
+#~ " -c, --comment <설명> 새 ì‚¬ìš©ìž ê³„ì •ì˜ GECOS 필드를 설정합니"
+#~ "다\n"
+#~ " -d, --home-dir <홈디렉터리> 새 ì‚¬ìš©ìž ê³„ì •ì˜ í™ˆ 디렉터리\n"
+#~ " -D, --defaults 기본 useradd ì„¤ì •ì„ í‘œì‹œí•˜ê±°ë‚˜ 변경합니"
+#~ "다\n"
+#~ " -e, --expiredate <만료ì¼> 계정 만료 날짜를 <만료ì¼>ë¡œ 합니다\n"
+#~ " -f, --inactive <비활성화기간> ë§Œë£Œëœ í›„ 비활성화 ê¸°ê°„ì„ <비활성화기간>"
+#~ "으로\n"
+#~ " 합니다\n"
+#~ " -g, --gid <그룹> 새 주요 ê·¸ë£¹ì„ <그룹>으로 강제로 지정합니"
+#~ "다\n"
+#~ " -G, --groups <그룹목ë¡> ë³´ì¡° ê·¸ë£¹ì˜ ëª©ë¡ì„ 새로 지정합니다\n"
+#~ " -h, --help ì´ ë„움ë§ì„ 표시하고 ë냅니다\n"
+#~ " -k, --skel <SKEL디렉터리> 다른 skel 디렉터리를 지정합니다\n"
+#~ " -K, --key <키>=<ê°’> /etc/login.defsì˜ ê¸°ë³¸ê°’ì„ ë¬´ì‹œí•˜ê³  설정"
+#~ "합니다\n"
+#~ " -l, --no-log-init 사용ìžë¥¼ 최근 ê¸°ë¡ ë° ë¡œê·¸ì¸ ì‹¤íŒ¨\n"
+#~ " ë°ì´í„°ë² ì´ìŠ¤ì— 추가하지 않습니다\n"
+#~ " -m, --create-home 새 ì‚¬ìš©ìž ê³„ì •ì˜ í™ˆ 디렉터리를 만듭니다\n"
+#~ " -M, --no-create-home 홈 디렉터리를 만들지 않습니다\n"
+#~ " (/etc/login.defsì˜ ì„¤ì •ì„ ë¬´ì‹œí•©ë‹ˆë‹¤)\n"
+#~ " -o, --non-user-group 사용ìžì™€ ê°™ì€ ì´ë¦„ì˜ ê·¸ë£¹ì„ ë§Œë“¤ì§€ 않습니"
+#~ "다\n"
+#~ " -o, --non-unique 중복ë˜ëŠ” UIDë„ í—ˆìš©í•©ë‹ˆë‹¤\n"
+#~ " -p, --password <암호> 새로 사용할 암호를 암호화하여 사용합니"
+#~ "다\n"
+#~ " -s, --shell <쉘> 지정한 ì‚¬ìš©ìž ê³„ì •ì˜ ë¡œê·¸ì¸ ì‰˜ì„ ì§€ì •í•©ë‹ˆ"
+#~ "다\n"
+#~ " -u, --uid <UID> 지정한 ì‚¬ìš©ìž ê³„ì •ì˜ ìƒˆ <UID> ê°’ì„ ì§€ì •í•©"
+#~ "니다\n"
+#~ " -U, --user-group 사용ìžì™€ ê°™ì€ ì´ë¦„ì˜ ê·¸ë£¹ì„ ë§Œë“­ë‹ˆë‹¤\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -r, --system create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "사용법: %s [옵션] [입력]\n"
+#~ "\n"
+#~ " -c, --crypt-method 암호화 방법 (ë‹¤ìŒ ì¤‘ 하나: %s)\n"
+#~ " -r, --system 시스템 ê³„ì •ì„ ë§Œë“­ë‹ˆë‹¤\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "암호가 만료하ë„ë¡ ì„¤ì •í–ˆìŠµë‹ˆë‹¤."
diff --git a/po/nb.po b/po/nb.po
new file mode 100644
index 0000000..7ad1ecb
--- /dev/null
+++ b/po/nb.po
@@ -0,0 +1,3828 @@
+# translation of shadow.po to Norwegian Bokmål
+# Copyright (C) 2004, 2006 Free Software Foundation, Inc.
+# Knut Yrvin <knuty@skolelinux.no>, 2004.
+# Klaus Ade Johnstad <klaus.johnstad@holmlia.gs.oslo.no>, 2004.
+# Klaus Ade Johnstad <klaus@skolelinux.no>, 2004.
+# HÃ¥vard Korsvoll <korsvoll@skulelinux.no>, 2004.
+# Bjørn Steensrud <bjornst@powertech.no>, 2006.
+# Bjørn Steensrud <bjornst@skogkatt.homelinux.org>, 2009, 2012.
+# Hans Fredrik Nordhaug <hans@nordhaug.priv.no>, 2012.
+# Lars Bahner <bahner@debian.org>, 2015
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.17\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2015-09-30 18:15+0100\n"
+"Last-Translator: Bjørn Steensrud <bjornst@skogkatt.homelinux.org>\n"
+"Language-Team: Norwegian Bokmål <i18n-nb@lister.ping.uio.no>\n"
+"Language: nb\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 1.7.5\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Det er flere innslag med navnet «%s» i %s. Rett på dette med pwck eller "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "støtter ikke libcrypt crypt-metoden? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "feil med oppsettet – kan ikke tolke %s-verdi: «%s»"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Fant ikke plass til oppsettsinformasjonen.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "feil med oppsettet - ukjent element «%s» (kontakt administrator)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd avsluttet ikke normallt (signal %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd avsluttet med status %d\n"
+
+msgid "Password: "
+msgstr "Passord: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s's Passord: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Kan ikke opprette styringshåndtak for SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux-praksis blir ikke håndtert\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Kan ikke lese praksislager for SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Kan ikke opprette styringskontakt med SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Kan ikke begynne SELinux-transaksjon\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Klarte ikke spørre seuser etter %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Klarte ikke oppgi serange for %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Klarte ikke oppgi sename for %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Klarte ikke endre login-avbildning for %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Kan ikke opprette SELinux login-avbildning for %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Klarte ikke å oppgi navn for %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Klarte ikke å oppgi SELinux-bruker for %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Klarte ikke legge til login-avbildning for %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Kan ikke klargjøre SELinux-styring\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Kan ikke opprette SELinux brukernøkkel\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Kan ikke verifisere SELinux-brukeren\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Kan ikke endre SELinux login-avbildning\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Kan ikke legge til SELinux brukeravbildning\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Kan ikke utføre SELinux-transaksjon\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Login-avbildning for %s er ikke definert, OK hvis standard avbildning ble "
+"brukt\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"Login-avbildning for %s er definert i oppsatt praksis, kan ikke slettes\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Kunne ikke slette login-avbildning for %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: slapp opp for minne\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: Kan ikke kjøre stat for %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s er verken en mappe eller en symlenke.\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Kan ikke lese symbolsk lenke %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Mistenkelig lang symlenke: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Kan ikke opprette mappa %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Kan ikke endre eier for %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Kan ikke endre modus for %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: avlenk: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Kan ikke slette mappa %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Kan ikke endre navn på %s til %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Kan ikke fjerne %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Kan ikke opprette symbolsk lenke %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Kan ikke endre eiere for %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Kan ikke kjøre lstat for %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Advarsel, bruker %s har ingen tcb skyggefil.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Kritisk: %s' tcb-skygge er ikke en regulær fil med st_nlink=1.\n"
+"Kontoen forblir låst.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Kan ikke åpne %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Advarsel: ukjent gruppe %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Advarsel: for mange grupper\n"
+
+msgid "Your password has expired."
+msgstr "Ditt passord har utgått på dato."
+
+msgid "Your password is inactive."
+msgstr "Ditt passord er ikke aktivert."
+
+msgid "Your login has expired."
+msgstr "Din login har utgått på dato."
+
+msgid " Contact the system administrator."
+msgstr " Kontakt systemadministrator."
+
+msgid " Choose a new password."
+msgstr " Velg et nytt passord."
+
+msgid "You must change your password."
+msgstr "Du må endre passordet ditt."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Ditt passord vil utløpe om %ld dager.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Ditt passord vil utløpe i morgen."
+
+msgid "Your password will expire today."
+msgstr "Ditt passord vil utløpe i dag."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Kan ikke åpne kontrollgrensesnitt – avbryter.\n"
+
+# , c-format
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Kan ikke endre eier eller rettigheter til tty stdin: %s"
+
+# , c-format
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: klarte ikke å låse opp %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Miljøet er overfylt\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Du kan ikke endre $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d mislykket siden forrige innlogging.\n"
+"Forrige var %s på %s.\n"
+msgstr[1] ""
+"%d mislykte siden forrige innlogging.\n"
+"Forrige var %s på %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Ugyldige innstillinger: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ugyldige innstillinger: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: klarte ikke å tilordne minne: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Klarer ikke å få entydig system-GID (ingen flere GID-er tilgjengelig)\n"
+
+# , c-format
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Klarer ikke å få entydig GID (ingen flere GID-er tilgjengelig)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Ugyldige innstillinger: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ugyldige innstillinger: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+# , c-format
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Klarer ikke å få entydig system-UID (ingen flere UID-er tilgjengelig)\n"
+
+# , c-format
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: klarer ikke å få entydig UID (ingen flere UID-er tilgjengelig)\n"
+
+msgid "Too many logins.\n"
+msgstr "For mange innlogginger.\n"
+
+msgid "You have new mail."
+msgstr "Du har fått ny epost."
+
+msgid "No mail."
+msgstr "Ingen epost."
+
+msgid "You have mail."
+msgstr "Du har epost."
+
+msgid "no change"
+msgstr "ingen endring"
+
+msgid "a palindrome"
+msgstr "et palindrom"
+
+msgid "case changes only"
+msgstr "bare endring i store/små bokstaver"
+
+msgid "too similar"
+msgstr "for likt"
+
+msgid "too simple"
+msgstr "for enkelt"
+
+msgid "rotated"
+msgstr "rotert"
+
+msgid "too short"
+msgstr "for kort"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "DÃ¥rlig passord: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() mislyktes, feil %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: passordet er uendret\n"
+
+#, fuzzy
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: passordet ble oppdatert\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Feil passord for «%s».\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: flere --root-valg\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: valget «%s» må ha et argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: klarte ikke minske privilegier (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: ugyldig chroot-sti «%s»\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: kan ikke få tilgang til chroot-mappa %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: kan ikke få tilgang til chroot-mappa %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: kan ikke chroot til mappa %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Ugyldig verdi for ENCRYPT_METHOD: «%s»\n"
+"Faller tilbake til DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Klarte ikke endre mappe til «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Ingen hjemmemappe, logger inn med HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Kan ikke utføre %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ugyldig rot-mappe «%s»\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Kan ikke endre rot-mappa til «%s»\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Kan ikke finne ut ditt terminalnavn."
+
+msgid "No"
+msgstr "Nei"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] LOGIN\n"
+"\n"
+"Valg:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday SISTE_DAG sett dato for siste passordendring til "
+"SISTE_DAG\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr " -E --expiredate UTLØPSDATO sett kontoens utløpsdato til UTLØPSDATO\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr " -h, --help vis denne hjelpen og avslutt\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INAKTIV når kontoen er utløpt, så sett passordet til "
+"INAKTIV\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr " -l, --list vis aldringsinformasjon for kontoen\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays MIN_DAGER sett minste antall dager før passord\n"
+" må endres til MIN_DAGER\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -m, --maxdays MAX_DAGER sett største antall dager før passord\n"
+" må endres til MAX_DAGER\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -R, --root CHROOT_MAPPE mappe det shal chrootes til\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays VARSLE_DGR varsle om at kontoen går ut på dato når det "
+"er VARSLE_DGR igjen\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Skriv inn den nye verdien, eller trykk ENTER for å bruke forvalgt "
+"standardverdi"
+
+msgid "Minimum Password Age"
+msgstr "Minimum gyldighetsperiode på passord"
+
+msgid "Maximum Password Age"
+msgstr "Maksimum gyldighetsperiode på passord"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Siste endring av passord (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Varsel når passordet snart går ut på dato"
+
+msgid "Password Inactive"
+msgstr "Inaktivt passord"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Konto utløper (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Siste endring av passord\t\t\t\t\t: "
+
+msgid "never"
+msgstr "aldri"
+
+msgid "password must be changed"
+msgstr "passordet må endres"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Passord utløper\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Passordet inaktivt\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Kontoen utløper\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minste antall dager mellom passord-endring\t\t\t:%ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Største antall dager mellom passord-endring\t\t\t:%ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Antall dager med varsling før passordet utløper:\t\t%ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ugyldig numerisk argument «%s»\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: ikke ta med «l» sammen med andre valg\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Ikke tillatelse.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Kan ikke avgjøre ditt brukernavn.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: kan ikke låse %s; prøv igjen senere.\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: kan ikke åpne %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: feilet mens endringer skrives til %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: skyggepassordfila finnes ikke\n"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: bruker «%s» finnes ikke i %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Endrer aldringsinformasjon for %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: feil ved endring i feltene\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [LOGIN]\n"
+"\n"
+"Valg:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr " -f, --full-name FULLT_NAVN endre brukerens fulle navn\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr " -h, --home-phone HJEMMETLF endre brukerens hjemme-telefonnummer\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+" -o, --other ANNEN_INFO endre brukerens annen informasjon i GECOS\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr " -r, --room ROM_NUMMER endre brukerens romnummer\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr " -h, --help vis denne hjelpen og avslutt\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr " -w, --work-phone JOBBTELEFON endre brukerens jobbtelefonnummer\n"
+
+msgid "Full Name"
+msgstr "Fullt navn"
+
+# , c-format
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Romnummer"
+
+msgid "Work Phone"
+msgstr "Jobbtelefon"
+
+msgid "Home Phone"
+msgstr "Hjemmetelefon"
+
+msgid "Other"
+msgstr "Annet"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Kan ikke endre ID til root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: navn med ikke-ASCII tegn: «%s»\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ugyldig navn: «%s»\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: romnummer med ikke-ASCII tegn: «%s»\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: ugyldig romnummer: «%s»\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: ugyldig jobbtelefon: «%s»\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: ugyldig hjemmetelefon: «%s»\n"
+
+# , c-format
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: «%s» inneholder tegn som ikke er i ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: «%s» inneholder ugyldige tegn\n"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: bruker «%s» finnes ikke\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: kan ikke endre bruker «%s» på NIS-klienten.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» er NIS-sjefen for denne klienten.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Endrer brukerinformasjon for %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: feltene er for lange\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] \n"
+"\n"
+"Valg:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method METODE crypt-metoden (en av %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+" -e, --encrypted passord som blir oppgitt er krypterte\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 krypter klartekst-passordet med \n"
+" MD5-algoritmen\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds antall SHA-runder for SHA*\n"
+" kryptoalgoritmene\n"
+
+# , c-format
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s er bare tillatt sammen med %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: valgene -c, -e og -m utelukker hverandre\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: ikke støtte for krypteringsmetode: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linje %d: linja er for lang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linje %d: mangler nytt passord\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Klarte ikke skrive %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: linje %d: gruppa «%s» finnes ikke\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linje %d: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: feil funnet, endringer er ikke utført\n"
+
+# , c-format
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (linje %d: bruker %s) passordet er ikke endret\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: linje %d: bruker «%s» finnes ikke\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell SHELL nytt innloggingsskall for brukerkontoen\n"
+
+msgid "Login Shell"
+msgstr "Innloggingsskall"
+
+# , c-format
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Du kan ikke endre skallet til «%s».\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Endrer innloggingsskall for %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Ugyldig inntasting: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s er et ugyldig skall\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Advarsel: %s finnes ikke\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Advarsel: %s er ikke kjørbar\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check kontroller foreldelse for brukerens passord\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force tving fram passordendring hvis brukerens "
+"passord\n"
+" er utløpt\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: konflikt mellom valgene %s og %s\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: uventet argument: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all vis faillog -oppføringer for alle brukere\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs SEK etter mislykket innlogging lås kontoen i SEK "
+"sekunder\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAKS sett tellere for høyeste antall mislykket "
+"innlogginger til MAKS\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset tilbakestill tellere for mislykte "
+"innlogginger\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr " -t, --time DAGER vis faillog-poster nyere enn DAGER\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user LOGIN/OMRÃ…DE vis faillog-poster eller behandle tellere og \n"
+" grenser for innloggingsfeil (hvis brukt med -"
+"r,\n"
+" -m eller -l ) bare for oppgitte LOGIN(er)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Klarte ikke hente innslag for UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Logginn Mislykt Maksimum Siste PÃ¥\n"
+
+# , c-format
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus igjen]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lås]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Klarte ikke tilbakestille mislykt-telling for UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Klarte ikke sette maksimum for UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Klarte ikke sette låsetid for UID %lu\n"
+
+# , c-format
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Ukjent bruker eller område: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Kan ikke finne størrelse på %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Klarte ikke skrive %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] GRUPPE\n"
+"\n"
+"Valg:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add BRUKER legg til BRUKER til GRUPPE\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete BRUKER fjern BRUKER fra GRUPPE\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root CHROOT_MAPPE mappe det shal chrootes til\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password fjern GRUPPEs passord\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict la bare medlemmer få adgang til GRUPPE\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr " -M, --members BRUKER,... sett liste over medlemmer av GRUPPE\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" oppgi liste over administratorer for GRUPPE\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Valgene kan ikke kombineres, unntatt -A og -M.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Valgene kan ikke kombineres.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: skygge-gruppepassord kreves for -A\n"
+
+# , c-format
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: gruppa «%s» finnes ikke i %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: feilet mens skrivebeskyttet %s ble lukket\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Endrer passordet for gruppa %s\n"
+
+msgid "New Password: "
+msgstr "Nytt passord: "
+
+msgid "Re-enter new password: "
+msgstr "Skriv inn passordet på nytt: "
+
+msgid "They don't match; try again"
+msgstr "Passordene var ikke like, prøv igjen"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Prøv igjen senere\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Legger til brukere i %s gruppa %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Fjerner brukeren %s fra gruppa %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: bruker «%s» er ikke medlem i «%s»\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Ikke en tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] GRUPPE\n"
+"\n"
+"Valg:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force avslutt normalt hvis gruppa finnes fra før\n"
+" og kanseller -g hvis GID-en er i bruk fra "
+"før\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID bruk GID for den nye gruppa\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K. --key NØKKEL=VERDI overstyr standarverdier fra /etc/login.defs\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique tillat å opprette grupper med dupliserte\n"
+" (ikke-unike) GID-er\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password PASSWORD bruk dette krypterte passordet for den nye "
+"gruppa\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system opprett en systemkonto\n"
+
+# , c-format
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: «%s» er ikke et gyldig gruppenavn\n"
+
+# , c-format
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ugyldig gruppe-ID «%s»\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K krever NØKKEL=VERDI\n"
+
+# , c-format
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: gruppa «%s» finnes fra før\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s; GID «%lu» finnes fra før.\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Kan ikke sette opp oppryddingstjeneste.\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -r, --reset tilbakestill tellere for mislykte "
+"innlogginger\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: kunne ikke fjerne innslaget «%s» fra %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: kan ikke fjerne hovedgruppa til bruker «%s».\n"
+
+# , c-format
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: gruppa «%s» finnes ikke\n"
+
+# , c-format
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: gruppe «%s» er en NIS gruppe\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s er NIS sjefen\n"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: bruker «%s» er allerede medlem av «%s»\n"
+
+# , c-format
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: slapp opp for minne. Kan ikke oppdatere %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [handling]\n"
+"\n"
+"Valg:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group gruppenavn endre gruppenavn i stedet for brukerens "
+"gruppe\n"
+" (bare root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Handlinger:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add brukernavn legg til brukernavn til medlemmene av "
+"gruppa\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete brukernavn fjern brukernavn fra medlemmene av gruppa\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge rens ut alle medlemmer fra gruppa\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list list medlemmene av gruppa\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: gruppenavnet ditt passer ikke med brukernavnet ditt\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: bare root kan bruke valget -g/--group\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID endre gruppe-ID til GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name NY_GRUPPE endre navnet til NY-GRUPPE\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique tillat å bruke en duplisert (ikke-unik) GID\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password PASSORD endre passordet til dette (krypterte)\n"
+" PASSORDet\n"
+
+# , c-format
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: ugyldig gruppenavn «%s»\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: gruppa %s er en NIS gruppe\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: ukjent bruker %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [gruppe [gskygge]]\n"
+"\n"
+"Valg:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [gruppe]\n"
+"\n"
+"Valg:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only vis advarsler og feilmeldinger\n"
+" men ikke endre noen filer\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort sorter oppføringer etter UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s og -r passer ikke sammen\n"
+
+msgid "invalid group file entry"
+msgstr "ugyldig oppføring i gruppefila"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "slette linje «%s»? "
+
+msgid "duplicate group entry"
+msgstr "duplisert gruppeoppføring"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ugyldig gruppenavn «%s»\n"
+
+# , c-format
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ugyldig gruppe-ID «%lu»\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "gruppe %s: ingen bruker %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "slett medlem «%s»? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "fant ingen tilsvarende oppføring i %s\n"
+
+# , c-format
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "legg til gruppe «%s» i %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"gruppe %s har en oppføring i %s, men passordfeltet i %s er ikke satt til "
+"«x»\n"
+
+msgid "invalid shadow group file entry"
+msgstr "ugyldig oppføring i skygge-gruppefila"
+
+msgid "duplicate shadow group entry"
+msgstr "duplisert skygge-gruppeoppføring"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "skygge-gruppe %s: ingen administrativ bruker %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "slett administrativt medlem «%s»? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "skygge-gruppe %s: ingen bruker %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: filene er blitt oppdatert\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: ingen endringer\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: kan ikke slette %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Bruk: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Bruk: id\n"
+
+msgid " groups="
+msgstr " grupper="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before DAGER skriv ut bare lastlog-poster eldre enn "
+"DAGER\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -a, --all vis faillog -oppføringer for alle brukere\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -a, --all vis faillog -oppføringer for alle brukere\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DAGER skriv ut bare lastlog-poster nyere enn DAGER\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user LOGIN skriv ut lastlog for den oppgitte LOGIN\n"
+
+msgid "Username Port From Latest"
+msgstr "Brukernavn Port Fra Sist"
+
+msgid "Username Port Latest"
+msgstr "Brukernavn Port Sist"
+
+msgid "**Never logged in**"
+msgstr "**Aldri vært innlogget**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Klarte ikke hente innslag for UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: kan ikke oppdatere passordfila\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Bruk: %s [-p] [navn]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h host] [-f navn]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "feil med oppsettet – kan ikke tolke %s-verdi: «%d»"
+
+msgid "Invalid login time"
+msgstr "Ugyldig tidspunkt for innlogging"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systemet stengt for rutinemessig vedlikehold"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Frakobling omgått - root-innlogging tillatt.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Kan umulig virke uten effektiv root\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr "Ingen oppføring i utmp. Du må kjøre «login» fra «sh» på laveste nivå"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Innlogging avbrutt på tid etter %u sekunder.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM mislyktes, avbryter: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maks. antall forsøk er overskredet (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM ber om avbrytelse\n"
+
+msgid "Login incorrect"
+msgstr "Ugyldig innlogging"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Kan ikke finne bruker (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: mislykket utspalting: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSTTY mislyktes på %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Advarsel: innlogging reaktivert etter midlertidig stenging."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Forrige login: %s på %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Forrige login: %.19s på %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " fra %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"innloggingstid overskredet\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Bruk: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Bruk: newgrp [-] [gruppe]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Bruk: sg group [[-c] command]\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Klarte ikke skrive %s: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Ugyldig passord.\n"
+
+# , c-format
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: mislykket utspalting: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID «%lu» finnes ikke\n"
+
+msgid "too many groups\n"
+msgstr "for mange grupper\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system opprett systemkontoer\n"
+
+# , c-format
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: gruppa «%s» er en skyggegruppe, men finnes ikke i /etc/group\n"
+
+# , c-format
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ugyldig bruker-ID «%s»\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: ugyldig brukernavn «%s»\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linje %d: ugyldig linje\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: klarer ikke å oppdatere oppføring for bruker %s (ikke i passwd-"
+"databasen)\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linje %d: kan ikke opprette bruker\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linje %d: kan ikke opprette gruppe\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: linje %d: bruker «%s» finnes ikke i %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linje %d: kan ikke oppdatere passord\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linje %d: mkdir %s mislyktes: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linje %d: chown %s mislyktes: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linje %d: kan ikke oppdatere oppføring\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: kan ikke opprette bruker\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: kan ikke oppdatere gruppefila\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all rapporter passordstatus for alle kontoer\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+" -d, --delete slett passordet for den oppgitte kontoen\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire la passordet for den oppgitte kontoen "
+"utløpe\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens endre passord bare hvis det er utløpt\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INAKTIV når kontoen er utløpt, så sett passordet til "
+"INAKTIV\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -L, --lock lås passordet for den oppgitte kontoen\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_DAGER sett minste antall dager før passord\n"
+" må endres til MIN_DAGER\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet stille modus\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr " -r, --repository LAGER endre passord i lageret LAGER\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status rapporter passordstatus for den oppgitte "
+"kontoen\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+" -u, --unlock lås opp passordet for den oppgitte kontoen\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays VARSLE_DGR varsle om at kontoen går ut på dato når det "
+"er VARSLE_DGR igjen\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAX_DAGER sett største antall dager før passord\n"
+" må endres til MAX_DAGER\n"
+
+msgid "Old password: "
+msgstr "Gammelt passord: "
+
+# , c-format
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Skriv inn det nye passordet (minst %d tegn)\n"
+"Bruk en kombinasjon av store og små bokstaver, og tall.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Skriv inn det nye passordet (minst %d, høyst %d tegn)\n"
+"Bruk en kombinasjon av store og små bokstaver, og tall.\n"
+
+msgid "New password: "
+msgstr "Nytt passord: "
+
+msgid "Try again."
+msgstr "Prøv igjen."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Advarsel: svakt passord (skriv det inn igjen for å bruke det likevel)."
+
+msgid "They don't match; try again.\n"
+msgstr "Passordene var ikke like, prøv igjen.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Passordet for %s kan ikke endres.\n"
+
+# , c-format
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Passordet for %s kan ikke endres ennå.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: om passordet låses opp dannes en konto uten passord.\n"
+"Du bør oppgi et passord med usermod -p for å låse opp passordet for denne "
+"kontoen.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: ikke støtte for lager %s\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s har ikke rett til å endre passord for %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Du kan ikke vise eller endre passordinformasjon for %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Endrer passordet for %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Passordet for %s er uendret.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: passordet er endret.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: informasjon om utløp av passord er endret.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [passord]\n"
+"\n"
+"Valg:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [passord] [skygge]\n"
+"\n"
+"Valg:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet meld fra bare om feil\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: det er ikke tillatt med alternativ skyggefil når USE_TCB er slått på.\n"
+
+msgid "invalid password file entry"
+msgstr "ugyldig oppføring i passordfila"
+
+msgid "duplicate password entry"
+msgstr "duplisert oppføring i passordfila"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ugyldig brukernavn «%s»\n"
+
+# , c-format
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "ugyldig bruker-ID «%lu»\n"
+
+# , c-format
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "bruker «%s»: ingen gruppe %lu\n"
+
+# , c-format
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "bruker «%s»: mappe «%s» finnes ikke\n"
+
+# , c-format
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "bruker «%s»: programmet «%s» finnes ikke\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "ingen tcb-mappe for %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "opprette tcb-mappe for %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "klarte ikke opprette tcb-mappe for %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: kan ikke låse %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "fant ingen tilsvarende passordoppføring i %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "legg til bruker «%s» i %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"bruker %s har en oppføring i %s, men passordfeltet i %s er ikke satt til "
+"«x»\n"
+
+msgid "invalid shadow password file entry"
+msgstr "ugyldig oppføring i skygge-passordfila"
+
+msgid "duplicate shadow password entry"
+msgstr "duplisert oppføring i skygge-passordfila"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "bruker %s: siste passordendring i fremtiden\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: kan ikke sortere oppføringer i %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: kan ikke virke med tcb slått på\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: klarte ikke endre rettigheter på %s til 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "NEKTET tilgang til su til den kontoen.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Passordautentisering forbi-koblet.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Oppgi ditt EGET passord som autentisering.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Kan ikke spalte ut brukerskall\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: funksjonsfeil ved signal\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: funksjonsfeil ved signalmasking\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Økt avsluttet, avslutter skall ..."
+
+msgid " ...killed.\n"
+msgstr " … drept.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ... venter på at barneprosess avslutter.\n"
+
+msgid " ...terminated.\n"
+msgstr " … avsluttet.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Bruk: su [valg] [konto]\n"
+"\n"
+"Valg:\n"
+" -c, --command KOMMANDO send KOMMANDO til det skallet som startes\n"
+" -h, --help vis denne hjelpeteksten og avslutt\n"
+" -, -l, --login gjør det nye skallet til en login-skall\n"
+" -m, -p,\n"
+" --preserve-environment ikke endre miljøvariabler, og behold\n"
+" det samme skalletn\n"
+" -s, --shell SKALL bruk SKALL i stedet for standardskallet i "
+"passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorert)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Du har ikke adgang til å su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Oppgi ditt eget passord)"
+
+# , c-format
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Autentisering mislyktes\n"
+
+# , c-format
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Du har ikke adgang til å su på den tiden\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Ingen oppføring for bruker «%s» i passordfila\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: må kjøres fra en terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: feil %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Kan ikke slippe den styrende terminalen\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Kan ikke kjøre %s\n"
+
+msgid "No password file"
+msgstr "Ingen passordfil"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSTTY mislyktes"
+
+msgid "No password entry for 'root'"
+msgstr "Ingen oppføring for «root» i passordfila"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Bruk control-d for å fortsette med normal oppstart,\n"
+"(eller skriv inn root passordet for å starte maskinen i vedlikeholdsmodus):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Starter systemvedlikeholds-modus"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s ble opprettet, men kunne ikke fjernes\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: oppsettet for %s i %s vil bli ignorert\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: klarer ikke å opprette ny «defaults»-fil\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: klarer ikke å åpne ny «defaults»-fil\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: for lang linje i %s: %s ..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Kan ikke opprette symbolsk lenke %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: gi nytt navn: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: gruppe «%s» er en NIS gruppe.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: for mange grupper oppgitt (maks %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] LOGIN\n"
+" %s -D\n"
+" %s -D [valg]\n"
+"\n"
+"Valg:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir BASIS basismappe for hjemmemappa til den\n"
+" nye kontoen\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment KOMMENTAR GECOS-feltet for den nye kontoen\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir HJEMMEMAPPE hjemmemappe for den nye kontoen\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults skriv ut eller endre standard useradd-"
+"oppsett\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr " -e --expiredate UTLØPSDATO utløpsdato for den nye kontoen\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive INAKTIVE hvor lenge etter utløp kan passordet ennå "
+"brukes\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid GRUPPE navn eller ID for primærgruppe for den nye "
+"kontoen\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups GRUPPER liste over ekstra GRUPPER for den nye "
+"kontoen\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr " -k, --skel SKEL_DIR bruk denne alternative skjelettmappa\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init ikke legg til brukeren i databasene lastlog "
+"og faillog\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr " -m, --create-home opprett brukerens hjemmemappe\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr " -M, --no-create-home ikke opprett brukerens hjemmemappe\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group ikke opprett en gruppe med samme navn som "
+"brukeren\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique tillat å opprette brukere med dupliserte "
+"(ikke-unike) UID-er\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr " -p, --password PASSORD kryptert passord for den nye kontoen\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell SHELL innloggingsskall for den nye kontoen\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID bruker-ID for den nye kontoen\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group opprett en gruppe med samme navn som "
+"brukeren\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SEBRUKER bruk en bestemt bruker SEBRUKER for "
+"SELinux brukeravbildning\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ugyldig basismappe «%s»\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ugyldig kommentar «%s»\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ugyldig hjemmemappe «%s»\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: skyggepassord kreves for -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: skyggepassord kreves for -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ugyldig felt «%s»\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ugyldig skall «%s»\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z krever kjerne som har SELinux slått på\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: klarte ikke nullstille faillog-innslaget for UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: klarte ikke nullstille lastlog-innslaget for UID %lu: %s\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: kan ikke opprette mappa %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Oppretter postkasse-fil"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Gruppa «mail» finnes ikke. Oppretter brukerens postkassefil med rettighet "
+"0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Setter rettigheter for postkassefil"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: bruker «%s» finnes fra før\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: gruppa %s finnes - hvis du vil legge til denne brukeren til denne "
+"gruppa, bruk -g.\n"
+
+# , c-format
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: kan ikke opprette bruker\n"
+
+# , c-format
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu er ikke entydig\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Klarte ikke opprette tcb-mappe for %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: kan ikke opprette gruppa\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: kan ikke opprette bruker\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: kan ikke opprette gruppa\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: advarsel: hjemmemappa finnes fra før.\n"
+"Kopierer ikke filer dit fra skel-mappa.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: advarsel: klarte ikke å avbilde brukernavn %s til %s SELinux-bruker.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force fjern filer «med makt»,\n"
+" selv om brukeren ikke eier dem\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr " -r, --remove fjern hjemmemappe og e-postlager\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user fjern SELinux avbildninger for brukeren\n"
+
+# , c-format
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: gruppa %s ikke fjernet fordi den ikke er hovedgruppa til bruker %s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: gruppa %s ble ikke fjernet fordi den har andre medlemmer.\n"
+
+# , c-format
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: gruppa %s er en primærgruppe for en annen bruker og blir ikke fjernet.\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: kunne ikke fjerne innslaget «%s» fra %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s e-postlager (%s) ikke funnet.\n"
+
+# , c-format
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: advarsel: kan ikke fjerne %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ikke eid av %s, ikke fjernet\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: Kan ikke tilordne minne, tcb-oppføring for %s er ikke fjernet.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Kan ikke minske privilegier: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Kan ikke fjerne innholdet i %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Kan ikke fjerne tcb-filer for %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: bruker %s er en NIS bruker\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: fant ikke hjemmemappe for %s (%s)\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: fjerner ikke mappa %s (det ville fjerne hjemmemappa til bruker %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: feil ved fjerning av mappe %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: advarsel: klarte ikke å fjerne avbildning av brukernavn %s til SELinux-"
+"bruker.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment KOMMENTAR ny verdi for GECOS-feltet\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr " -d, --home HJEMMEMAPPE ny hjemmemappe for brukerkontoen\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate UTLØPSDATO sett kontoens utløpsdato til UTLØPSDATO\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INAKTIV når kontoen er utløpt og inaktiv, så sett\n"
+" passordet til INAKTIV\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr " -g, --gid GRUPPE bruk GRUPPE som ny primærgruppe\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups GRUPPER ny liste over ekstra GRUPPEr\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append legg til brukeren i de ekstra gruppene "
+"listet i \n"
+" valget -G option uten å fjerne ham/henne\n"
+" fra andre grupper\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login NY_LOGIN ny verdi for login-navnet\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock lås brukerkontoen\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home flytt innholdet i hjemmemappa til det nye stedet\n"
+" (brukes bare med -d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique tillat bruk av dupliserte (ikke-unike) UID-"
+"er\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password PASSWORD bruk kryptert passord for det nye passordet\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID ny UID for brukerkontoen\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock lås opp brukerkontoen\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user SEUSER ny SELinux brukeravbildning for "
+"brukerkontoen\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: om brukerens passord låses opp oppstår det en passordløs konto.\n"
+"For å låse opp denne brukerens passord bør du bruke usermod -p.\n"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: bruker «%s» finnes fra før i %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+# , c-format
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: ingen valg\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: valgene -L, -p og -U utelukker hverandre\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: skyggepassord kreves for -e og -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID «%lu» finnes fra før\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s har ikke rett til å endre passord for %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: mappa %s finnes\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Forrige hjemmemappe (%s) var ikke en mappe. Den er ikke fjernet og ingen "
+"hjemmemaper er opprettet.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Klarte ikke å endre eierskap til hjemmemappa"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: advarsel: klarte ikke å fullstendig fjerne den gamle hjemmemappa %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: kunne ikke endre navn på mappa %s til %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: klarte ikke å kopiere lastlog-innslaget for bruker %lu til bruker %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: klarte ikke å kopiere faillog-innslaget for bruker %lu til bruker %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: advarsel: %s er ikke eid av %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "klarte ikke å endre eier av mailbox"
+
+msgid "failed to rename mailbox"
+msgstr "klarte ikke å endre navn på mailbox"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Du har endret %s.\n"
+"Det kan være du må endre %s for sammenhengen.\n"
+"Bruk kommandoen «%s» til dette.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group rediger group-database\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd rediger passwd-database\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr " -s,--shadow rediger shadow eller gshadow-database\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr " -u, --user hvilken brukers tcb skyggefil skal redigeres\n"
+
+# , c-format
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: klarte ikke fjerne %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s er ikke endret\n"
+
+msgid "failed to create scratch directory"
+msgstr "klarte ikke å opprette kladdemappe"
+
+msgid "failed to drop privileges"
+msgstr "klarte ikke minske privilegier"
+
+msgid "Couldn't get file context"
+msgstr "Klarte ikke finne kontekst for fil"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () mislyktes"
+
+msgid "failed to gain privileges"
+msgstr "klarte ikke skaffe privile"
+
+msgid "Couldn't lock file"
+msgstr "Kunne ikke låse fil"
+
+msgid "Couldn't make backup"
+msgstr "Kunne ikke lage backup"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nscd avsluttet med status %d"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "klarte ikke å åpne kladdefil"
+
+# , c-format
+msgid "failed to unlink scratch file"
+msgstr "klarte ikke å avlenke kladdefila"
+
+msgid "failed to stat edited file"
+msgstr "klarte ikke å kjøre «stat» på redigert fil"
+
+msgid "failed to allocate memory"
+msgstr "klarte ikke å tilordne minne"
+
+msgid "failed to create backup file"
+msgstr "klarte ikke å opprette sikringskopi-fil"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: kan ikke gjenopprette %s: %s (dine endringer befinner seg i %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: klarte ikke å finne tcb-mappe for %s\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Bruk: %s [input]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) mislyktes\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: chage [valg] [bruker]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -d, --lastday SISTE_DAG angi at siste passord-endring skjedde "
+#~ "SISTE_DAG\n"
+#~ " -E, --expiredate UTLØPSDATO angi at kontoen utløper UTLØPSDATO\n"
+#~ " -h, .--help vis denne hjelpeteksten og avslutt\n"
+#~ " -I, --inaktive INAKTIV angi at passordet settes inaktivt etter "
+#~ "utløp\n"
+#~ " -l, --list vis informasjon om kontoens aldring og "
+#~ "utløp\n"
+#~ " m, --mindays MIN_DAGER oppgir at passordet først kan endres "
+#~ "etter\n"
+#~ " MIN_DAGER\n"
+#~ " M, --maxdays MAKS_DAGER oppgir at passordet må endres før det er\n"
+#~ " gått MAKS_DAGER\n"
+#~ " -W, --warndays VARSLDAGER etter VARSLDAGER varsles bruker om at\n"
+#~ " passordet snart utløper\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM autentisering mislyktes\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Bruk: %s [-f fullt_navn] [-r rom_nr] [-w jobbtlf]\n"
+#~ "\t[-h hjemmetlf] [-o annet] [bruker]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "Bruk: %s [-f fullt_navn] [-r rom_nr] [-w jobbtlf] [-h hjemmetlf]\n"
+
+# , c-format
+#, fuzzy
+#~| msgid ""
+#~| "Usage: %s [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -c, --crypt-method the crypt method (one of %s)\n"
+#~| " -e, --encrypted supplied passwords are encrypted\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -m, --md5 encrypt the clear text password using\n"
+#~| " the MD5 algorithm\n"
+#~| "%s\n"
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Bruk: %s [valg]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -c, --crypt-method krypteringsmetode (en av %s)\n"
+#~ " -e, --encrypted oppgitte passord er krypterte\n"
+#~ " h, --help vis denne hjelpeteksten og avslutt\n"
+#~ " -m, --md5 krypter klartekst-passordene med\n"
+#~ " MD5-algoritmen\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: chsh [valg] LOGIN\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -h, --help vis denne meldingen og avslutt\n"
+#~ " -s, --shell SKALL nytt innloggingsskall for brukerkontoen\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Bruk: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "faillog: Failed to get the entry for UID %d\n"
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: klarte ikke finne oppføring for UID %d\n"
+
+# , c-format
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: Kan ikke åpne %s:%s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Kan ikke finne størrelse av %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Bruk: groupdel gruppe\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Bruk: %s [-r] [-s] [gruppe [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Bruk: %s [-r] [-s] [gruppe]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s og -r kan ikke brukes samtidig\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Bruk: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Bruk: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: lastlog [valg]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -b, --before DAGER skriv bare oppføringer eldre enn DAGER\n"
+#~ " -h, --help vis denne hjelpeteksten og avslutt\n"
+#~ " -t, --time DAGER skriv bare oppføringer nyere enn DAGER\n"
+#~ " -u, --user BRUKER skriv oppføringer for bruker BRUKER\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: passwd [valg] [bruker]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -a, --all rapporter passordstatus for alle kontoer\n"
+#~ " -d, --delete slett passordet for oppgitt konto\n"
+#~ " -e, --expire angi at passordet for konten er utgått\n"
+#~ " -h, --help vis denne hjelpeteksten og avslutt\n"
+#~ " -k, --keep-tokens endre passord bare hvis utgått\n"
+#~ " -i, --inactive INAKTIV set passord inaktivt etter utløp til "
+#~ "INAKTIV\n"
+#~ " -l, --lock lås oppgitt konto\n"
+#~ " -n, --mindays MIN_DAGER angi at passord ikke kan endres før "
+#~ "etter\n"
+#~ " MIN_DAGER\n"
+#~ " -q, --quiet ordknapp kjøremåte\n"
+#~ " -r, --repository LAGER endre passord i lageret LAGER\n"
+#~ " -S, --status rapporter passordstatus på oppgitt konto\n"
+#~ " -u, .--unlock lås opp oppgitt konto\n"
+#~ " -w, --warndays DAGER varsle om utgått passord DAGER før utløp\n"
+#~ " -x, --maxdays MAX_DAGER passordet må endres før det er gått "
+#~ "MAX_DAGER\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Bruk: %s [-q] [-r] [-s] [passord [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Bruk: %s [-q] [-r] [-s] [passord [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Bruk: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Bruk: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Ukjent id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Mangler skall\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: userdel [valg] LOGIN\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -f, --force slett filer, selv om det ikke er\n"
+#~ " brukeren som eier dem\n"
+#~ " -h, --help vis denne meldingen og avslutt\n"
+#~ " -r, --remove slett hjemmemappa og postkassa\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: brukeren %s er pålogget\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: usermod [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -c, --comment COMMENT new value of the GECOS field\n"
+#~| " -d, --home HOME_DIR new home directory for the user account\n"
+#~| " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -g, --gid GROUP force use GROUP as new primary group\n"
+#~| " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~| " -a, --append append the user to the supplemental "
+#~| "GROUPS\n"
+#~| " mentioned by the -G option without "
+#~| "removing\n"
+#~| " him/her from other groups\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --login NEW_LOGIN new value of the login name\n"
+#~| " -L, --lock lock the user account\n"
+#~| " -m, --move-home move contents of the home directory to "
+#~| "the\n"
+#~| " new location (use only with -d)\n"
+#~| " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~| " -p, --password PASSWORD use encrypted password for the new "
+#~| "password\n"
+#~| " -s, --shell SHELL new login shell for the user account\n"
+#~| " -u, --uid UID new UID for the user account\n"
+#~| " -U, --unlock unlock the user account\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Bruk: usermod [valg] konto\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -a, --append legg til bruker i tilleggsgruppene "
+#~ "GRUPPER\n"
+#~ " nevnt i valget -G uten å fjerne "
+#~ "ham/henne fra\n"
+#~ " andre grupper\n"
+#~ " -c, --comment KOMMENTAR ny verdi i GECOS-feltet\n"
+#~ " -d, --home HJEMME hjemmemappe for den nye kontoen\n"
+#~ " -e, --expiredate DATO kontoen utgår på datoen DATE\n"
+#~ " -f, --inactive INAKTIV passordet settes inaktivt etter utløp\n"
+#~ " -g, --gid GRUPPE bruk GRUPPE som ny primærgruppe\n"
+#~ " -G, --groups GRUPPER ny liste over tilleggsgrupper\n"
+#~ " -h, --help vis denne hjelpeteksten og avslutt\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: ingen flagg oppgitt\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: vipw [valg]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -g, --group rediger gruppedatabasen\n"
+#~ " -h, --help vis denne hjelpeteksten og avslutt\n"
+#~ " -p, --passwd rediger passwd-databasen\n"
+#~ " -q., --quiet ordknapp kjøremåte\n"
+#~ " -s, --shadow rediger shadow- eller gshadow-databasen\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --add USER add USER to GROUP\n"
+#~ " -d, --delete USER remove USER from GROUP\n"
+#~ " -r, --remove-password remove the GROUP's password\n"
+#~ " -R, --restrict restrict access to GROUP to its members\n"
+#~ " -M, --members USER,... set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: %s [option] GRUPPE\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -a, --add BRUKER legg til BRUKER i GRUPPE\n"
+#~ " -d, --delete BRUKER fjern BRUKER fra GRUPPE\n"
+#~ " -r, --remove-password fjern GRUPPEs passord\n"
+#~ " -R, --restrict tilgang til GRUPPE bare for "
+#~ "medlemmer\n"
+#~ " -M, --members BRUKER – oppgi lista over medlemmer i GRUPPE\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group groupname change groupname instead of the user's "
+#~ "group\n"
+#~ " (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ " -a, --add username add username to the members of the group\n"
+#~ " -d, --delete username remove username from the members of the "
+#~ "group\n"
+#~ " -p, --purge purge all members from the group\n"
+#~ " -l, --list list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Brul: groupmems [valg] [handling]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -g, --group gruppenavn endre gruppenavn i stedet for brukerens "
+#~ "gruppe\n"
+#~ " (bare root)\n"
+#~ "\n"
+#~ "Handlinger:\n"
+#~ " -a, --add brukernavn legg til brukernavn til medlemmer av "
+#~ "gruppa\n"
+#~ " -d, --delete brukernavn fjern brukernavn fra medlemmer av "
+#~ "gruppa\n"
+#~ " -p, --purge slett alle medlemmer av gruppa\n"
+#~ " -l, --list list opp medlemmer av gruppa\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Bruk: %s [input]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: kan ikke opprette %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: kan ikke chown %s\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: faillog [valg]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -a, --all vis faillog-oppføringer for alle brukere\n"
+#~ " -h, --help vis denne hjelpeteksten og avslutt\n"
+#~ " -l, --lock-time SEK etter mislykket innlogging, lås kontoen\n"
+#~ " i SEK sekunder\n"
+#~ " -m, --maximum MAX sett største antall mislykte "
+#~ "innlogginger\n"
+#~ " til MAX\n"
+#~ " -r, --reset nullstill tellerne for mislykte "
+#~ "innlogginger\n"
+#~ " -t, --time DAGER vis mislykte innlogginger nyere enn "
+#~ "DAGER\n"
+#~ " -u, --user BRUKER vis mislykte innlogginger eller styr\n"
+#~ " tellene og grenseverdiene (med -r, -m\n"
+#~ " eller -l) bare for bruker BRUKER\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: groupadd [valg] GRUPPE\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -f, --force tving fram normal avslutning hvis den\n"
+#~ " oppgitte gruppa finnes fra før\n"
+#~ " -g, --gid GID bruk GID for den nye gruppa\n"
+#~ " -h, --help vis denne hjelpeteksten og avslutt\n"
+#~ " -K, --key NØKKEL=VERDI overstyrer standardverdier\n"
+#~ " fra /etc/login.defs\n"
+#~ " -o, --non-unique tillat å opprette en gruppe med "
+#~ "duplisert\n"
+#~ " GID\n"
+#~ " -p, --password PASSORD bruk kryptert passord for den nye gruppa\n"
+#~ " -r, --system opprett en systemkonto\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: groupmod [valg] gruppe\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -g, --gid GID bruk GID for den nye gruppa\n"
+#~ " -h, --help vis denne hjelpeteksten og avslutt\n"
+#~ " -n, --new-name NY_GRUPPE tving fram nytt navn NY_GRUPPE\n"
+#~ " på GRUPPE\n"
+#~ " -o, --non-unique tillat å opprette en gruppe med "
+#~ "duplisert\n"
+#~ " GID\n"
+#~ " -p, --password PASSORD bruk kryptert passord som nytt passord\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~| " home directory\n"
+#~| " -c, --comment COMMENT set the GECOS field for the new user "
+#~| "account\n"
+#~| " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~| " -D, --defaults print or save modified default useradd\n"
+#~| " configuration\n"
+#~| " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -g, --gid GROUP force use GROUP for the new user "
+#~| "account\n"
+#~| " -G, --groups GROUPS list of supplementary groups for the "
+#~| "new\n"
+#~| " user account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~| " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~| " -l, --no-log-init do not add the user to the lastlog and\n"
+#~| " faillog databases\n"
+#~| " -m, --create-home create home directory for the new user\n"
+#~| " account\n"
+#~| " -M, --no-create-home do not create user's home directory\n"
+#~| " (overrides /etc/login.defs)\n"
+#~| " -N, --no-user-group do not create a group with the same name "
+#~| "as\n"
+#~| " the user\n"
+#~| " -o, --non-unique allow create user with duplicate\n"
+#~| " (non-unique) UID\n"
+#~| " -p, --password PASSWORD use encrypted password for the new user\n"
+#~| " account\n"
+#~| " -r, --system create a system account\n"
+#~| " -s, --shell SHELL the login shell for the new user "
+#~| "account\n"
+#~| " -u, --uid UID force use the UID for the new user "
+#~| "account\n"
+#~| " -U, --user-group create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Bruk: useradd [valg] KONTO\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -b, --base-dir BASIS basis-mappe for hjemmemappa til den nye\n"
+#~ " brukerkontoen\n"
+#~ " -c, --comment KOMMENTAR sett i GECOS-feltet for den nye\n"
+#~ " brukerkontoen\n"
+#~ " -d, --home-dir HJEMME hjemmemappe for den nye brukerkontoen\n"
+#~ " -D, --defaults skriv ut eller lagre endret "
+#~ "standardoppsett\n"
+#~ " for useradd\n"
+#~ " -e, --expiredate DATO angi at kontoen utgår på DATO\n"
+#~ " -f, --inactive INAKTIV sett passordet inaktivt etter utløp til "
+#~ "INAKTIV\n"
+#~ " -g, --gid GRUPPE angi GRUPPE for den nye brukerkontoen\n"
+#~ " -h, --help vis denne hjelpeteksten og avslutt\n"
+#~ " -k, --skel SKJELETT oppgi en annen skel-mappe\n"
+#~ " -K, --key NØKKEL=VERDI overstyrer oppsett fra /etc/login.defs\n"
+#~ " -m, --create-home opprett hjemmemappe for den nye "
+#~ "brukerkontoen\n"
+#~ " -M, --no-create-home ikke opprett hjemmemappe for den nye \n"
+#~ " brukeren (overstyrer /etc/login.defs)\n"
+#~ " -N, --no-user-group ikke opprett en gruppe med samme navn som\n"
+#~ " brukeren -o, --non-"
+#~ "unique tillat å opprette bruker med duplisert UID\n"
+#~ " -p, --password PASSORD bruk dette krypterte passordet for\n"
+#~ " den nye brukerkontoen\n"
+#~ " -s, --shell SKALL innloggingsskall for den nye "
+#~ "brukerkontoen\n"
+#~ " -u, --uid UID bruk UID for den nye brukerkontoen\n"
+#~ " -U, --user-group opprett en gruppe med samme navn som\n"
+#~ " brukeren\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -r, --system create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Bruk: %s [valg] [inndata]\n"
+#~ "\n"
+#~ " -c, --crypt-method krypteringsmetode (en av %s)\n"
+#~ " -r, --system opprett systemkontoer\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Passordet vil utgå på dato."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: kan ikke låse passordfila\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: kan ikke åpne passordfila\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: kan ikke låse skyggepassordfila\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: kan ikke åpne skyggepassordfila\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: kan ikke gjenskrive skyggepassordfila\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: kan ikke gjenskrive passordfila\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: kan ikke oppdatere skyggepassordfila\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tFullstendig navn: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tRomnummer: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tJobbtelefon: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tHjemtelefon: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Kan ikke låse passordfila; forsøk senere.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Kan ikke åpne passordfila.\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s: %s ikke funnet i /etc/passwd\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Feil ved oppdatering av passord.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Kan ikke sende inn endringer til passordfila.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Kan ikke låse opp passordfila.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: klarer ikke å låse gruppefila\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: klarer ikke å åpne gruppefila\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: klarer ikke å låse gshadow-fila\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: kan ikke åpne shadow-fila\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: feil ved oppdatering av shadow-fila\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: feil ved oppdatering av gruppe-oppføring\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: linje %d: ukjent gruppe %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: linje %d: kan ikke oppdatere oppføring\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: kan ikke låse shadow-fila\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: feil ved oppdatering av shadow-fila\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: feil ved oppdatering av passordfila\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: linje %d: ukjent bruker %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: linje %d: kan ikke oppdatere passordlinja\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: ukjent bruker\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Ukjent bruker: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Bruk: %s [-r|-R] gruppe\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a bruker] gruppe\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d bruker] gruppe\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A bruker,...] [-M bruker,...] gruppe\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M bruker,...] gruppe\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: kan ikke låse\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: klarer ikke å låse shadow-fila\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: kan ikke åpne fila\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: klarer ikke å omskrive shadow-fila\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: kan ikke låse opp filen\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: klarer ikke å oppdatere oppføringen\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: klarer ikke å oppdatere oppføringen i shadow-fila\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "ukjent gruppe: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: kan ikke åpne fila\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: kan ikke åpne shadow-fila\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Hvem er du?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: ukjent medlem %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: feil ved oppretting av ny gruppeoppføring\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: klarer ikke å omskrive gruppefila\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: klarer ikke å omskrive shadow-fila\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: klarer ikke å låse gruppefila\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: klarer ikke å åpne gruppefila\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: klarer ikke å låse shadow-gruppefila\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: klarer ikke å åpne shadow-gruppefila\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u er ikke entydig\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: feil ved fjerning av gruppeoppføring\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: feil ved sletting av shadow-gruppeoppføring\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: kan ikke fjerne brukerens primærgruppe.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: PAM autentisering mislyktes\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: klarer ikke å låse gruppefila\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: kan ikke åpne gruppefila\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s ikke funnet i /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u er ikke en entydig GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s er ikke et entydig navn\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: kan ikke skrive passordfila på nytt\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: klarte ikke å låse passordfila\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: klarte ikke å åpne passordfila\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: kan ikke oppdatere shadow-oppføringen for %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: kan ikke oppdatere oppføringen for gruppa %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: kan ikke låse shadow-gruppefila\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: kan ikke åpne shadow-gruppefila\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: kan ikke fjerne shadow-gruppe %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: kan ikke oppdatere shadow-gruppefila\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: kan ikke slette shadow-gruppefila\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "ukjent UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "ukjent GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: gruppa %s finnes ikke\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: bruker %s finnes ikke\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: ugyldig brukernavn «%s»\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: kan ikke låse /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: kan ikke låse /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: kan ikke låse /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: kan ikke låse /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: kan ikke åpne filer\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: feil ved oppdatering av filer\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: klarer ikke å endre passord-oppføringen for %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: klarte ikke å låse passordfila\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: klarte ikke å åpne passordfila\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: klarte ikke å fjerne shadow-oppføring for %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: klarer ikke å oppdatere passordfila\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: klarer ikke å oppdatere oppføring for bruker %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: kan ikke slette shadow-passordfila\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: ukjent GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: ukjent gruppe %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: slapp opp for minne i update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: kan ikke skrive passordfila på nytt\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: kan ikke skrive shadow-passordfila på nytt\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: klarte ikke å låse shadow-passordfila\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: klarte ikke å åpne shadow-passordfila\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: feil ved låsing av gruppefila\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: feil ved åpning av gruppefila\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: feil ved låsing av shadow-gruppefila\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: feil ved åpning av shadow-gruppefila\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: feil ved innlegging av ny passord-oppføring\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: feil ved innlegging av ny shadow passord-oppføring\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: advarsel: CREATE_HOME ikke støttet, bruk -m istedenfor.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: feil ved oppdatering av gruppe-oppføring\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: feil ved oppdatering av gruppe-oppføring\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: kan ikke åpne gruppefila\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: kan ikke åpne shadow-gruppefila\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: feil ved sletting av passord-oppføring\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: feil ved sletting av shadow passordoppføring\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: feil ved oppretting av ny gruppeoppføring\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu er ikke entydig\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: feil ved endring av passordoppføring\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: feil ved sletting av passordoppføring\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: feil ved sletting av shadow passord-oppføring\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: klarer ikke å få entydig GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " på «%.100s» fra «%.200s»"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " på «%.100s»"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: linje %d: kan ikke opprette UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: navn %s er ikke entydig\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: chgpasswd [valg]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ " -e, --encrypted\toppgitte passord er krypterte\n"
+#~ " h, --help\t\tvis denne hjelpeteksten og avslutt\n"
+#~ " -m, --md5\t\tbruk MD5-kryptering i stedet for DES når de oppgitte\n"
+#~ "\t\t\tpassordene ikke er krypterte\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Ingen passordfil.\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Beklager.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Passordet for %s kan ikke endres ennå.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Beklager."
diff --git a/po/ne.po b/po/ne.po
new file mode 100644
index 0000000..e40129b
--- /dev/null
+++ b/po/ne.po
@@ -0,0 +1,3497 @@
+# translation of shadow_po.po to Nepali
+# translation of shadow_po.po to Nepali
+# This file is distributed under the same license as the PACKAGE package.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER.
+# Shiva Pokharel <pokharelshiva@hotmail.com>, 2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.17\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2006-06-16 14:30+0545\n"
+"Last-Translator: Shiva Pokharel <pokharelshiva@hotmail.com>\n"
+"Language-Team: Nepali <info@mpp.org.np>\n"
+"Language: ne\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2;plural=(n!=1)\n"
+"X-Generator: KBabel 1.10.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "कनफिगरेसन सूचनाको लागि खाली ठाऊठबाà¤à¤¡à¥à¤¨ सकिदैन ।\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "कनà¥à¤«à¤¿à¤—रेसन तà¥à¤°à¥à¤Ÿà¤¿ - अजà¥à¤žà¤¾à¤¤ वसà¥à¤¤à¥ '%s' (पà¥à¤°à¤¶à¤¾à¤¸à¤•à¤²à¤¾à¤ˆ सूचना गरà¥à¤¨à¥à¤¹à¥‹à¤¸)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "पासवरà¥à¤¡: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "'%s' को पासवरà¥à¤¡: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "कनफिगरेसन सूचनाको लागि खाली ठाऊठबाà¤à¤¡à¥à¤¨ सकिदैन ।\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s का लागि अवधि सूचना परिवरà¥à¤¤à¤¨ गरिदैछ\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: तपाईà¤à¤•à¥‹ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ नाम निरà¥à¤§à¤¾à¤°à¤£ गरà¥à¤¨ सकिà¤à¤¨ ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: रेखा %d: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ फेला पारà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: सà¥à¤®à¥ƒà¤¤à¤¿ भनà¥à¤¦à¤¾ बाहिर\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: फाइल %s अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: अवैध गृह डाइरेकà¥à¤Ÿà¥à¤°à¥€ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s लाई %s मा पà¥à¤¨:नामकरण गरà¥à¤¨ सकिदैन\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: चेतावनी: हटà¥à¤¨ सकà¥à¤¦à¥ˆà¤¨ "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: चेतावनी: हटà¥à¤¨ सकà¥à¤¦à¥ˆà¤¨ "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: पà¥à¤¨:नामकरण गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s लाई %s मा पà¥à¤¨:नामकरण गरà¥à¤¨ सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s लाई %s मा पà¥à¤¨:नामकरण गरà¥à¤¨ सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: चेतावनी: हटà¥à¤¨ सकà¥à¤¦à¥ˆà¤¨ "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: चेतावनी: हटà¥à¤¨ सकà¥à¤¦à¥ˆà¤¨ "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: फाइल %s अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ फाइल अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• हà¥à¤¨ सकेन\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: पà¥à¤¨:नामकरण गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: फाइल %s खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "चेतावनी: अजà¥à¤žà¤¾à¤¤ समूह %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "चेतावनी: अति धेरै समूहहरू\n"
+
+msgid "Your password has expired."
+msgstr "तपाईà¤à¤•à¥‹ पासवरà¥à¤¡à¤•à¥‹ मà¥à¤¯à¤¾à¤¦ समापà¥à¤¤ भà¤à¤•à¥‹ छ।"
+
+msgid "Your password is inactive."
+msgstr "तपाईà¤à¤•à¥‹ पासवरà¥à¤¡ निषà¥à¤•à¥à¤°à¤¿à¤¯ छ।"
+
+msgid "Your login has expired."
+msgstr "तपाईà¤à¤•à¥‹ लगइनको मà¥à¤¯à¤¾à¤¦ समापà¥à¤¤ भà¤à¤•à¥‹ छ।"
+
+msgid " Contact the system administrator."
+msgstr " पà¥à¤°à¤£à¤¾à¤²à¥€ पà¥à¤°à¤¶à¤¾à¤¸à¤• संग समà¥à¤ªà¤°à¥à¤• गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ ।"
+
+msgid " Choose a new password."
+msgstr " नयाठपासवरà¥à¤¡ रोजà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ ।"
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "तपाईà¤à¤•à¥‹ पासवरà¥à¤¡à¤•à¥‹ मà¥à¤¯à¤¾à¤¦ %ld दिनमा समापà¥à¤¤ हà¥à¤¨à¥à¤› ।\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "तपाईà¤à¤•à¥‹ पासवरà¥à¤¡à¤•à¥‹ मà¥à¤¯à¤¾à¤¦ भोली समापà¥à¤¤ हà¥à¤¨à¥‡à¤› ।"
+
+msgid "Your password will expire today."
+msgstr "तपाईà¤à¤•à¥‹ पासवरà¥à¤¡à¤•à¥‹ मà¥à¤¯à¤¾à¤¦ आज समापà¥à¤¤ हà¥à¤¨à¥‡à¤› ।"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "tty %s लाई परिवरà¥à¤¤à¤¨ गरà¥à¤¨ असकà¥à¤·à¤® भयो"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: अति लामो फाà¤à¤Ÿ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "परिवेशको अतिपà¥à¤°à¤µà¤¾à¤¹\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "तपाईà¤à¤²à¥‡ $%s परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकà¥à¤¨à¥à¤¹à¥à¤¨à¥à¤¨\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d अनà¥à¤¤à¤¿à¤® लगइन देखिअसफल भयो ।\n"
+"अनà¥à¤¤à¤¿à¤® %s मा %s थियो ।\n"
+msgstr[1] ""
+"%d अनà¥à¤¤à¤¿à¤® लगइन देखिअसफल भयो ।\n"
+"अनà¥à¤¤à¤¿à¤® %s मा %s थियो ।\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "मेलबकà¥à¤¸ पà¥à¤°à¤¾à¤ªà¤• परिवरà¥à¤¤à¤¨ गरà¥à¤¨ असफल भयो"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: अदà¥à¤µà¤¿à¤¤à¤¿à¤¯ UID पà¥à¤°à¤¾à¤ªà¥à¤¤ गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: अदà¥à¤µà¤¿à¤¤à¤¿à¤¯ GID पà¥à¤°à¤¾à¤ªà¥à¤¤ गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: अदà¥à¤µà¤¿à¤¤à¤¿à¤¯ UID पà¥à¤°à¤¾à¤ªà¥à¤¤ गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: अदà¥à¤µà¤¿à¤¤à¤¿à¤¯ UID पà¥à¤°à¤¾à¤ªà¥à¤¤ गरà¥à¤¨ सकिà¤à¤¨\n"
+
+msgid "Too many logins.\n"
+msgstr "अति धेरै लगइनहरू ।\n"
+
+msgid "You have new mail."
+msgstr "तपाईà¤à¤¸à¤à¤— नयाठमेल छ।"
+
+msgid "No mail."
+msgstr "मेल छैन।"
+
+msgid "You have mail."
+msgstr "तपाईà¤à¤•à¥‹ मेल छ।"
+
+msgid "no change"
+msgstr "परिवरà¥à¤¤à¤¨ छैन"
+
+msgid "a palindrome"
+msgstr "à¤à¤‰à¤Ÿà¤¾ शà¥à¤²à¥‹à¤•"
+
+msgid "case changes only"
+msgstr "केस परिवरà¥à¤¤à¤¨à¤¹à¤°à¥‚ मातà¥à¤°"
+
+msgid "too similar"
+msgstr "अति मिलà¥à¤¦à¥‹"
+
+msgid "too simple"
+msgstr "अति सजिलो"
+
+msgid "rotated"
+msgstr "घà¥à¤®à¤¿à¤°à¤¹à¥‡à¤•à¥‹"
+
+msgid "too short"
+msgstr "अति छोटो"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "खराब पासवरà¥à¤¡: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "पासवरà¥à¤¡: pam_start() असफल भयो, तà¥à¤°à¥à¤Ÿà¤¿ %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "पासवरà¥à¤¡: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ भयो ।"
+
+msgid "passwd: password updated successfully\n"
+msgstr "पासवरà¥à¤¡: पासवरà¥à¤¡ सफलतापूरà¥à¤µà¤• अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• भयो\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr " %s को लागि गलत पासवरà¥à¤¡ ।\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: अवैध गृह फोन: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "'%s' मा सि डि गरà¥à¤¨ असफल\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "डाइरेकà¥à¤Ÿà¥à¤°à¥€ होइन, HOME=/ संगै लगइन भइरहेको"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s कारà¥à¤¯à¤¾à¤¨à¥à¤µà¤¯à¤¨ गरà¥à¤¨ सकिà¤à¤¨"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "अवैध मूल डाइरेकटà¥à¤°à¥€ '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "'%s' मा मूल डाइरेकटà¥à¤°à¥€ परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकिदैन\n"
+
+msgid "Unable to determine your tty name."
+msgstr "तपाईà¤à¤•à¥‹ tty नाम निरà¥à¤§à¤¾à¤°à¤£ गरà¥à¤¨ सकिà¤à¤¨à¥¤"
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "होइन\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "नयाठमान पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥, वा पूरà¥à¤µà¤¨à¤¿à¤°à¥à¤§à¤¾à¤°à¤¿à¤¤à¤•à¥‹ लागि ENTER थिचà¥à¤¨à¥à¤¹à¥‹à¤¸à¥"
+
+msgid "Minimum Password Age"
+msgstr "नà¥à¤¯à¥‚नतम पासवरà¥à¤¡ अवधि"
+
+msgid "Maximum Password Age"
+msgstr "अधिकतम पासवरà¥à¤¡ अवधि"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "अनà¥à¤¤à¤¿à¤® पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "पासवरà¥à¤¡ समापà¥à¤¤à¤¿ चेतावनी"
+
+msgid "Password Inactive"
+msgstr "पासवरà¥à¤¡ निषà¥à¤•à¥à¤°à¤¿à¤¯"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "लेखा समापà¥à¤¤à¤¿ मिति (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "अनà¥à¤¤à¤¿à¤® पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ भयो\t\t\t\t\t: "
+
+msgid "never"
+msgstr "कहिलà¥à¤¯à¥ˆ पनि"
+
+msgid "password must be changed"
+msgstr "पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ हà¥à¤¨à¥à¤ªà¤°à¥à¤›"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "पासवरà¥à¤¡ समापà¥à¤¤ हà¥à¤¨à¥à¤›\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "पासवरà¥à¤¡ निषà¥à¤•à¥à¤°à¤¿à¤¯ पारà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "लेखा समापà¥à¤¤ हà¥à¤¨à¥à¤›\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ बीचको दिनहरà¥à¤•à¥‹ नà¥à¤¯à¥‚नतम संखà¥à¤¯à¤¾\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ बीचको दिनहरà¥à¤•à¥‹ अधिकà¥à¤¤à¤® संखà¥à¤¯à¤¾\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "पासवरà¥à¤¡ समापà¥à¤¤ हà¥à¤¨à¥ अगाडि चेतावनीको दिनहरà¥à¤•à¥‹ संखà¥à¤¯à¤¾\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: अवैध मिति '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: अवैध संखà¥à¤¯à¤¾à¤¤à¥à¤®à¤• तरà¥à¤• '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: अनà¥à¤¯ à¤à¤£à¥à¤¡à¤¾à¤¹à¤°à¥‚ संग \"l\" समावेश भà¤à¤¨\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: अनà¥à¤®à¤¤à¤¿ असà¥à¤µà¥€à¤•à¤¾à¤° गरियो ।\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: तपाईà¤à¤•à¥‹ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ नाम निरà¥à¤§à¤¾à¤°à¤£ गरà¥à¤¨ सकिà¤à¤¨ ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: फाइलहरू तालà¥à¤šà¤¾ मारà¥à¤¨ सकिà¤à¤¨, पछि फेरी पà¥à¤°à¤¯à¤¾à¤¸ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: फाइल %s खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: फोरà¥à¤• गरà¥à¤¦à¤¾ असफल: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ फाइल पà¥à¤°à¤¸à¥à¤¤à¥à¤¤ भà¤à¤•à¥‹ छैन\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s का लागि अवधि सूचना परिवरà¥à¤¤à¤¨ गरिदैछ\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: तà¥à¤°à¥à¤Ÿà¤¿ परिवरà¥à¤¤à¤¨ फाà¤à¤Ÿ\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "पà¥à¤°à¤¾ नाम"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "कोठा नमà¥à¤¬à¤°"
+
+msgid "Work Phone"
+msgstr "कारà¥à¤¯ फोन"
+
+msgid "Home Phone"
+msgstr "गृह फोन"
+
+msgid "Other"
+msgstr "अनà¥à¤¯"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ID लाई मूलमा परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकिदैन ।\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: अवैध नाम: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: अवैध कोठा नमà¥à¤¬à¤°: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: अवैध कारà¥à¤¯ फोन: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: अवैध गृह फोन: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' ले गैरकानूनी कà¥à¤¯à¤¾à¤°à¥‡à¤•à¥à¤Ÿà¤°à¤¹à¤°à¥‚ समाविषà¥à¤Ÿ गरà¥à¤¦à¤›\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' ले गैरकानूनी कà¥à¤¯à¤¾à¤°à¥‡à¤•à¥à¤Ÿà¤°à¤¹à¤°à¥‚ समाविषà¥à¤Ÿ गरà¥à¤¦à¤›\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: NIS गà¥à¤°à¤¾à¤¹à¤•à¤®à¤¾ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ '%s' परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकिदैन ।\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' यो गà¥à¤°à¤¾à¤¹à¤•à¤•à¥‹ लागि NIS मासà¥à¤Ÿà¤° हो ।\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr " %s को लागि पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ सूचना परिवरà¥à¤¤à¤¨ गरिदैछ\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: अति लामो फाà¤à¤Ÿ\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: -a फà¥à¤²à¥à¤¯à¤¾à¤— -G फà¥à¤²à¥à¤¯à¤¾à¤— संग मातà¥à¤° अनà¥à¤®à¤¤à¤¿ छ\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: रेखा %d: अति लामो रेखा\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: रेखा %d: नयाठपासवरà¥à¤¡ हराइरहेको छ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: समूह %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: रेखा %d: पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: तà¥à¤°à¥à¤Ÿà¤¿ पतà¥à¤¤à¤¾ लागà¥à¤¯à¥‹, परिवरà¥à¤¤à¤¨à¤¹à¤°à¥‚ उपेकà¥à¤·à¤¾ गरियो\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "शेल लगइन"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "तपाईठयस को लागि शेल परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकà¥à¤¨à¥à¤¹à¥à¤¨à¥à¤¨ %s ।\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr " %s को लागि शेलको लगइन परिवरà¥à¤¤à¤¨ गरिदैछ\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: अवैध पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s अवैध शेल हो ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: चेतावनी: %s चाà¤à¤¹à¤¿ %s को सà¥à¤µà¤¾à¤®à¤¿à¤¤à¥à¤µà¤®à¤¾ छैन\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "अनà¥à¤¤à¤¿à¤® लग: अनपेकà¥à¤·à¤¿à¤¤ तरà¥à¤•: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "सबैभनà¥à¤¦à¤¾ पछि असफल भà¤à¤•à¥‹ लगइन\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds left]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lock]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "अजà¥à¤žà¤¾à¤¤ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s लाई %s मा पà¥à¤¨:नामकरण गरà¥à¤¨ सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "%s को लागि पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकिदैन ।\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "%s को लागि पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकिदैन ।\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह पासवरà¥à¤¡à¤¹à¤°à¥à¤²à¤¾à¤ˆ -A को आवशà¥à¤¯à¤• छ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: समूह %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: फोरà¥à¤• गरà¥à¤¦à¤¾ असफल: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "समूह %s को लागि पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरिदैछ\n"
+
+msgid "New Password: "
+msgstr "नयाठपासवरà¥à¤¡: "
+
+msgid "Re-enter new password: "
+msgstr "नयाठपासवरà¥à¤¡ पà¥à¤¨:पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥: "
+
+msgid "They don't match; try again"
+msgstr "तिनीहरू मेल खाà¤à¤¦à¥ˆà¤¨à¤¨à¥, फेरी पà¥à¤°à¤¯à¤¾à¤¸ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: पछि फेरी पà¥à¤°à¤¯à¤¾à¤¸ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "समूह %s मा पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s थप गरिदैछ\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "समूह %s बाट पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s हटाइदैछ\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: tty होइन\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s वैध समूह नाम होइन\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "अवैध समूह नाम '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K लाई KEY=VALUE को आवशà¥à¤¯à¤• परà¥à¤¦à¤›\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: समूह %s अवसà¥à¤¥à¤¿à¤¤ छ\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: तपाईà¤à¤•à¥‹ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ नाम निरà¥à¤§à¤¾à¤°à¤£ गरà¥à¤¨ सकिà¤à¤¨ ।\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s लाई %s मा पà¥à¤¨:नामकरण गरà¥à¤¨ सकिदैन\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: NIS गà¥à¤°à¤¾à¤¹à¤•à¤®à¤¾ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ '%s' परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकिदैन ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: समूह %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: समूह '%s' NIS समूह हो ।\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s NIS मासà¥à¤Ÿà¤° हो\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s NIS पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ हो\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: update_group मा सà¥à¤®à¥ƒà¤¤à¤¿ भनà¥à¤¦à¤¾ बाहिर\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "अवैध समूह नाम '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: समूह %s NIS समूह हो\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: अजà¥à¤žà¤¾à¤¤ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s र -r मिलà¥à¤¦à¥‹à¤œà¥à¤²à¥à¤¦à¥‹ छैन\n"
+
+msgid "invalid group file entry"
+msgstr "अवैध समूह फाइल पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "लाइन '%s' मेटà¥à¤¨à¥à¤¹à¥à¤¨à¥à¤› ? "
+
+msgid "duplicate group entry"
+msgstr "नकà¥à¤•à¤²à¥€ समूह पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "अवैध समूह नाम '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "अवैध समूह नाम '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "समूह %s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ छैन %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "सदसà¥à¤¯ '%s' मेटà¥à¤¨à¥à¤¹à¥à¤¨à¥à¤› ? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "यो %s मा समूह फाइल पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ मेल खाà¤à¤•à¥‹ छैन\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "यस %s मा '%s' समूह थपà¥à¤¨à¥à¤¹à¥à¤¨à¥à¤› ?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "अवैध सà¥à¤¯à¤¾à¤¡à¥‹ समूह फाइल पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿"
+
+msgid "duplicate shadow group entry"
+msgstr "नकà¥à¤•à¤²à¥€ सà¥à¤¯à¤¾à¤¡à¥‹ समूह पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "सà¥à¤¯à¤¾à¤¡à¥‹ समूह %s: पà¥à¤°à¤¶à¤¾à¤¸à¤¨à¤¿à¤• पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ छैन %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "पà¥à¤°à¤¶à¤¾à¤¸à¤¨à¤¿à¤• सदसà¥à¤¯ '%s' मेटà¥à¤¨à¥à¤¹à¥à¤¨à¥à¤› ? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "सà¥à¤¯à¤¾à¤¡à¥‹ समूह %s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ छैन %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: फाइलहरू अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• हà¥à¤¨à¥à¤ªà¤°à¥à¤›\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: कà¥à¤¨à¥ˆ परिवरà¥à¤¤à¤¨à¤¹à¤°à¥‚ छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: फाइल %s अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "उपयोग: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "उपयोग: id\n"
+
+msgid " groups="
+msgstr " समूहहरू="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "सबै भनà¥à¤¦à¤¾ पछिलà¥à¤²à¥‹ बाट पोरà¥à¤Ÿ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ नाम"
+
+msgid "Username Port Latest"
+msgstr "सबैभनà¥à¤¦à¤¾ पछिलà¥à¤²à¥‹ पोरà¥à¤Ÿ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ नाम"
+
+msgid "**Never logged in**"
+msgstr "**Never logged in**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: पासवरà¥à¤¡ फाइल अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "उपयोग: %s [-p] [name]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h host] [-f name]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "अवैध लगइन समय"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"रà¥à¤Ÿà¤¿à¤¨ संभारको लागि पà¥à¤°à¤£à¤¾à¤²à¥€ बनà¥à¤¦ गरियो"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[बाइपास जडान विचà¥à¤›à¥‡à¤¦à¤¨ भयो --मूल लगइनलाई अनà¥à¤®à¤¤à¤¿ छ । ]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"utmp पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ भà¤à¤¨ । तपाईà¤à¤²à¥‡ \"login\" गरà¥à¤¦à¤¾ जà¥à¤¯à¤¾à¤¦à¥ˆ नà¥à¤¯à¥‚न तह \"sh\" बाट कारà¥à¤¯à¤¨à¥à¤µà¤¯à¤¨ "
+"गरà¥à¤¨à¥à¤ªà¤°à¥à¤›"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"%d सेकेणà¥à¤¡ पछि लगइन समय समापà¥à¤¤ भयो ।\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "लगइन: PAM असफल भयो, परितà¥à¤¯à¤¾à¤— गरिदै: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s लगइन: "
+
+msgid "login: "
+msgstr "लगइन: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "बढेको पà¥à¤°à¤¯à¤¾à¤¸à¤¹à¤°à¤•à¥‹ अधिकà¥à¤¤à¤® संखà¥à¤¯à¤¾ (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "लगइन: PAM दà¥à¤µà¤¾à¤°à¤¾ अनà¥à¤°à¥‹à¤§ गरिà¤à¤•à¥‹ परितà¥à¤¯à¤¾à¤—\n"
+
+msgid "Login incorrect"
+msgstr "लगइन गलत छ"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: रेखा %d: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ फेला पारà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s लगइन: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: फोरà¥à¤• गरà¥à¤¦à¤¾ असफल: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "चेतावनी: असà¥à¤¥à¤¾à¤¯à¥€ लगआउट पछि लगइन पà¥à¤¨: सकà¥à¤·à¤® गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ ।"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "अनà¥à¤¤à¤¿à¤® लगइन: %s मा %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "अनà¥à¤¤à¤¿à¤® लगइन: %s मा %.19s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " %.*s बाट"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"लगइन समय बढà¥à¤¯à¥‹\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "उपयोग: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "उपयोग: newgrp [-] [group]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "उपयोग: sg group [[-c] आदेश]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "पà¥à¤°à¤¾à¤¨à¥‹ पासवरà¥à¤¡: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: फोरà¥à¤• गरà¥à¤¦à¤¾ असफल: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+msgid "too many groups\n"
+msgstr "अति धेरै समूहहरू\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: समूह %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: अवैध पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ नाम '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: अवैध पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ नाम '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: रेखा %d: अवैध रेखा\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s का लागि पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: रेखा %d: GID सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: रेखा %d: GID सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: रेखा %d: पासवरà¥à¤¡ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: रेखा %d: mkdir असफल भयो\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: रेखा %d: chown असफल भयो\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: रेखा %d: पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: यो %s सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: समूह फाइल अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "पà¥à¤°à¤¾à¤¨à¥‹ पासवरà¥à¤¡: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"नयाठपासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ (%d को नà¥à¤¯à¥à¤¨à¤¤à¤®, %d को अधिकà¥à¤¤à¤® कà¥à¤¯à¤¾à¤°à¥‡à¤•à¥à¤Ÿà¤°à¤¹à¤°à¥‚)\n"
+"कृपया सानो र ठूलो अकà¥à¤·à¤°à¤¹à¤°à¥‚ र नमà¥à¤¬à¤°à¤¹à¤°à¥à¤•à¥‹ मिलान पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ ।\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"नयाठपासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ (%d को नà¥à¤¯à¥à¤¨à¤¤à¤®, %d को अधिकà¥à¤¤à¤® कà¥à¤¯à¤¾à¤°à¥‡à¤•à¥à¤Ÿà¤°à¤¹à¤°à¥‚)\n"
+"कृपया सानो र ठूलो अकà¥à¤·à¤°à¤¹à¤°à¥‚ र नमà¥à¤¬à¤°à¤¹à¤°à¥à¤•à¥‹ मिलान पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ ।\n"
+
+msgid "New password: "
+msgstr "नयाठपासवरà¥à¤¡ : "
+
+msgid "Try again."
+msgstr "फेरी पà¥à¤°à¤¯à¤¾à¤¸ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ ।"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"चेतावनी: कमà¥à¤œà¥‹à¤° पासवरà¥à¤¡ (जे भठपनि यसलाई पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨ फेरी यसलाई पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥) ।"
+
+msgid "They don't match; try again.\n"
+msgstr "तिनीहरू मेल खाà¤à¤¦à¥ˆà¤¨à¤¨à¥; फेरी पà¥à¤°à¤¯à¤¾à¤¸ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ ।\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s को लागि पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकिदैन ।\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s को लागि पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकिदैन ।\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: रेपोजिटरी %s समरà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: यस %s को लागि तपाईवले पासवरà¥à¤¡ सूचना दृशà¥à¤¯ गरà¥à¤¨ वा परिमारà¥à¤œà¤¨ गरà¥à¤¨ सकà¥à¤¨à¥à¤¹à¥à¤¨à¥à¤¨ ।\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s को लागि पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरिदैछ\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s को लागि पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ हà¥à¤¨ सकिदैन ।\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ भयो ।"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "पासवरà¥à¤¡ समापà¥à¤¤à¤¿ चेतावनी"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "अवैध पासवरà¥à¤¡ फाइल पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿"
+
+msgid "duplicate password entry"
+msgstr "नकà¥à¤•à¤²à¥€ पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "अवैध पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ नाम '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "अवैध पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ नाम '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s: समूह छैन %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s: कारà¥à¤¯à¤•à¥à¤°à¤® %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: फाइल %s तालà¥à¤šà¤¾ मारà¥à¤¨ सकिदैन\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "यो %s मा मेल खाने पासवरà¥à¤¡ फाइल पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ छैन\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "'%s' मा %s पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ थपà¥à¤¨à¥à¤¹à¥à¤¨à¥à¤› ? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "अवैध सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ फाइल पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿"
+
+msgid "duplicate shadow password entry"
+msgstr "नकà¥à¤•à¤²à¤¿ सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s: अनà¥à¤¤à¤¿à¤® पासवरà¥à¤¡ भविषà¥à¤¯à¤®à¤¾ परिवरà¥à¤¤à¤¨ हà¥à¤¨à¥‡à¤›\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: फाइल %s खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: फाइल पà¥à¤¨:लेखन गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "su बाट तà¥à¤¯à¥‹ खातामा पहà¥à¤à¤š गरà¥à¤¨ असà¥à¤µà¥€à¤•à¤¾à¤° गरियो ।\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "पासवरà¥à¤¡ पà¥à¤°à¤®à¤¾à¤£à¥€à¤•à¤°à¤£ बाइपास गरियो ।\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr " कृपया पà¥à¤°à¤®à¤¾à¤£à¥€à¤•à¤°à¤£à¤•à¥‹ रà¥à¤ªà¤®à¤¾ तपाईà¤à¤•à¥‹ आफà¥à¤¨à¥‹ पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: फाइल %s तालà¥à¤šà¤¾ मारà¥à¤¨ सकिदैन\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"उपयोग: su [options] [login]\n"
+"\n"
+"विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+" -c, --आदेश COMMAND\t\t शेल आहà¥à¤µà¤¾à¤¨ गरà¥à¤¨ आदेश पास गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+" -h, --मदà¥à¤¦à¤¤\t\t\t ले यो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤¦à¤› र बनà¥à¤¦ गरà¥à¤¦à¤›\n"
+" -, -l, --लगइन\t\tशेललाई à¤à¤‰à¤Ÿà¤¾ लगइन शेल बनाउà¤à¤› \n"
+" -m, -p,\n"
+" --preserve-environment\t ले परिवेश चलहरू पà¥à¤¨: सेट गरà¥à¤¦à¥ˆà¤¨\n"
+" र उही शेल\t\t\t\t राखà¥à¤¦à¤›\n"
+" -s, --शेल SHELL\t\t पूरà¥à¤µà¤¨à¤¿à¤°à¥à¤§à¤¾à¤°à¤¿à¤¤ पासवरà¥à¤¡à¤•à¥‹ सटà¥à¤Ÿà¤¾à¤®à¤¾ SHELL पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¦à¤›\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(उपेकà¥à¤·à¤¾ गरियो)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "तपाईठsu %s मा पà¥à¤°à¤®à¤¾à¤£à¤¿à¤•à¤°à¤£ हà¥à¤¨à¥à¤¹à¥à¤¨à¥à¤¨\n"
+
+msgid "(Enter your own password)"
+msgstr "(तपाईà¤à¤•à¥‹ आफà¥à¤¨à¥ˆ पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM आधिकरण असफल भयो\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "तपाईठsu %s मा पà¥à¤°à¤®à¤¾à¤£à¤¿à¤•à¤°à¤£ हà¥à¤¨à¥à¤¹à¥à¤¨à¥à¤¨\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "मूलको लागि पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ छैन'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: टरà¥à¤®à¤¿à¤¨à¤²à¤¬à¤¾à¤Ÿ चलà¥à¤¨à¥à¤ªà¤°à¥à¤›\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: तà¥à¤°à¥à¤Ÿà¤¿ %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s लाई %s मा पà¥à¤¨:नामकरण गरà¥à¤¨ सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "%s कारà¥à¤¯à¤¾à¤¨à¥à¤µà¤¯à¤¨ गरà¥à¤¨ सकिà¤à¤¨"
+
+msgid "No password file"
+msgstr "पासवरà¥à¤¡ फाइल होइन"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "मूलको लागि पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ छैन'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"सामनà¥à¤¯ सà¥à¤°à¥à¤µà¤¾à¤¤ संगै पà¥à¤°à¤•à¥à¤°à¤¿à¤¯à¤¾ गरà¥à¤¨ control-d टाइप गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥,\n"
+"(वा पà¥à¤°à¤£à¤¾à¤²à¥€ संभारको लागि मूल पासवरà¥à¤¡ दिनà¥à¤¹à¥‹à¤¸à¥):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "पà¥à¤°à¤£à¤¾à¤²à¥€ संभार मोड पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ गरिदैछ"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: नयाठपूरà¥à¤µà¤¨à¤¿à¤°à¥à¤§à¤¾à¤°à¤¿à¤¤ फाइल सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: नयाठपूरà¥à¤µà¤¨à¤¿à¤°à¥à¤§à¤¾à¤°à¤¿à¤¤ फाइल खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: रेखा %d: chown असफल भयो\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: पà¥à¤¨:नामकरण गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: समूह '%s' NIS समूह हो ।\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: अति धेरै समूहरू निरà¥à¤¦à¤¿à¤·à¥à¤Ÿ गरिà¤à¤•à¥‹ छ (max %d) ।\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: अवैध डाइरेकà¥à¤Ÿà¥à¤°à¥€ '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: अवैध टिपà¥à¤ªà¤£à¥€ '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: अवैध गृह डाइरेकà¥à¤Ÿà¥à¤°à¥€ '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡à¤¹à¤°à¥à¤•à¥‹ लागि -e को आवशà¥à¤¯à¤• परà¥à¤¦à¤›\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡à¤¹à¤°à¥à¤•à¥‹ लागि -f को आवशà¥à¤¯à¤• परà¥à¤¦à¤›\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: अवैध फाà¤à¤Ÿ '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: अवैध शेल '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+msgid "Creating mailbox file"
+msgstr "मेल बाकस फाइल सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¦à¥ˆ"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr "समूह मेल फेला परेन । ०६०० मोड दà¥à¤µà¤¾à¤°à¤¾ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ मेल बाकस फाइल सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¦à¥ˆà¤› ।\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "मेल बाकस फाइल अनà¥à¤®à¤¤à¤¿à¤¹à¤°à¥‚ मिलाउदै"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s अवसà¥à¤¥à¤¿à¤¤ छ\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: समूह %s अवसà¥à¤¥à¤¿à¤¤ छ - यदि तपाईठयो पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾à¤²à¤¾à¤ˆ तà¥à¤¯à¥‹ समूहमा थपà¥à¤¨ चाहनà¥à¤¹à¥à¤¨à¥à¤› भने, -g "
+"पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ ।\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: यो %s सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u अदà¥à¤µà¤¿à¤¤à¤¿à¤¯ होइन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: यो %s सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिदैन\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: यो %s सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिदैन\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: यो %s सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिदैन\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: चेतावनी: गृह डाइरेकà¥à¤Ÿà¥à¤°à¥€ पहिलà¥à¤¯à¥ˆ अवसà¥à¤¥à¤¿à¤¤ छ ।\n"
+"यसमा सà¥à¤•à¥‡à¤² डाइरेकà¥à¤Ÿà¥à¤°à¥€à¤¬à¤¾à¤Ÿ कà¥à¤¨à¥ˆ फाइल पà¥à¤°à¤¤à¤¿à¤²à¤¿à¤ªà¥€ भà¤à¤•à¥‹ छैन ।\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: NIS गà¥à¤°à¤¾à¤¹à¤•à¤®à¤¾ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ '%s' परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकिदैन ।\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s: समूह %s हटाउन सकिदैन जà¥à¤¨ अरà¥à¤•à¥‹ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾à¤•à¥‹ लागि पà¥à¤°à¤¾à¤¥à¤®à¤¿à¤• समूह हो ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s लाई %s मा पà¥à¤¨:नामकरण गरà¥à¤¨ सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: अवैध गृह डाइरेकà¥à¤Ÿà¥à¤°à¥€ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: चेतावनी: हटà¥à¤¨ सकà¥à¤¦à¥ˆà¤¨ "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s चाà¤à¤¹à¤¿ %s को सà¥à¤µà¤¾à¤®à¤¿à¤¤à¥à¤µà¤®à¤¾ छैन, हटिरहेको छैन\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s लाई %s मा पà¥à¤¨:नामकरण गरà¥à¤¨ सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s लाई %s मा पà¥à¤¨:नामकरण गरà¥à¤¨ सकिदैन\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s NIS पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ हो\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: अवैध गृह डाइरेकà¥à¤Ÿà¥à¤°à¥€ '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: हटà¥à¤¨à¥‡ डाइरेकà¥à¤Ÿà¥à¤°à¥€ होइन %s (पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s को गृह हटाउà¤à¤›)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ हटाउà¤à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿ %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s अवसà¥à¤¥à¤¿à¤¤ छ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: अवैध मिति '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: अवैध मिति '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: फाइल %s खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e र -f को लागि सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡à¤¹à¤°à¥à¤•à¥‹ आवशà¥à¤¯à¤• छ\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s अवसà¥à¤¥à¤¿à¤¤ छ\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: डाइरेकटà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨ %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: चेतावनी: पà¥à¤°à¤¾à¤¨à¥‹ गृह डाइरेकà¥à¤Ÿà¥à¤°à¥€ पूरà¥à¤£à¤°à¥à¤ªà¤²à¥‡ हटाउन असफल भयो %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: डाइरेकà¥à¤Ÿà¥à¤°à¥€ %s लाई %s मा पà¥à¤¨:नामकरण गरà¥à¤¨ सकिदैन\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: चेतावनी: %s चाà¤à¤¹à¤¿ %s को सà¥à¤µà¤¾à¤®à¤¿à¤¤à¥à¤µà¤®à¤¾ छैन\n"
+
+msgid "failed to change mailbox owner"
+msgstr "मेलबकà¥à¤¸ पà¥à¤°à¤¾à¤ªà¤• परिवरà¥à¤¤à¤¨ गरà¥à¤¨ असफल भयो"
+
+msgid "failed to rename mailbox"
+msgstr "मेल बकà¥à¤¸à¤²à¤¾à¤ˆ पà¥à¤¨:नामकरण गरà¥à¤¨ असफल भयो"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s परिवरà¥à¤¤à¤¨ हà¥à¤¦à¥ˆà¤¨\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "मेल बकà¥à¤¸à¤²à¤¾à¤ˆ पà¥à¤¨:नामकरण गरà¥à¤¨ असफल भयो"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ सकिदैन"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: विशेषधिकारहरू छोडà¥à¤¨ असफल भयो (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ सकिदैन"
+
+msgid "Couldn't make backup"
+msgstr "जगेडा बनाउà¤à¤¨ सकिदैन"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s /etc/passwd मा फेला परेन\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s: समूह फाइल खोलà¥à¤¨ असकà¥à¤·à¤® भयो\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: अति लामो फाà¤à¤Ÿ\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "मेल बकà¥à¤¸à¤²à¤¾à¤ˆ पà¥à¤¨:नामकरण गरà¥à¤¨ असफल भयो"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "मेलबकà¥à¤¸ पà¥à¤°à¤¾à¤ªà¤• परिवरà¥à¤¤à¤¨ गरà¥à¤¨ असफल भयो"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "मेल बकà¥à¤¸à¤²à¤¾à¤ˆ पà¥à¤¨:नामकरण गरà¥à¤¨ असफल भयो"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: पà¥à¤¨:भणà¥à¤¡à¤¾à¤°à¤£ गरà¥à¤¨ सकिदैन %s: %s (तपाईà¤à¤•à¥‹ परिवरà¥à¤¤à¤¨à¤¹à¤°à¥‚ %s मा छ)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: अवैध डाइरेकà¥à¤Ÿà¥à¤°à¥€ '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "उपयोग: %s [आगत]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) असफल भयो\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग:पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ [विकलà¥à¤ªà¤¹à¤°à¥‚] परिवरà¥à¤¤à¤¨ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ "\n"
+#~ " विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -d, --अनà¥à¤¤à¤¿à¤® दिन LAST_DAY\t ले LAST_DAY मा परिवरà¥à¤¤à¤¨ भà¤à¤•à¥‹ अनà¥à¤¤à¤¿à¤® पासवरà¥à¤¡ सेट\n"
+#~ "\t\t\t\tगरà¥à¤¦à¤›\n"
+#~ " -E, --समापà¥à¤¤ मिति EXPIRE_DATE\t ले EXPIRE_DATE मा खाता समापà¥à¤¤ मिति सेट "
+#~ "गरà¥à¤¦à¤›\n"
+#~ " -h, --help\t\t\t ले यो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¿à¤¤ र बनà¥à¤¦ गरà¥à¤¦à¤›\n"
+#~ " -I, --निषà¥à¤•à¥à¤°à¤¿à¤¯ INACTIVE\t ले मà¥à¤¯à¤¾à¤¦ समापà¥à¤¤ भà¤à¤ªà¤›à¤¿ निषà¥à¤•à¥à¤°à¤¿à¤¯ पासवरà¥à¤¡ सेट गरà¥à¤¦à¤›\n"
+#~ "\t\t\t\tto INACTIVE\n"
+#~ " -l, --सूचि\t\t\t ले खाता अवधि सूचना देखाउà¤à¤›\n"
+#~ " -m, --नà¥à¤¯à¥à¤¨à¤¤à¤® दिन MIN_DAYS\tपासवरà¥à¤¡ अघि दिनहरà¥à¤•à¥‹ नà¥à¤¯à¥à¤¨à¤¤à¤® संखà¥à¤¯à¤¾ सेट गरà¥à¤¦à¤›\n"
+#~ "\t\t\t\tchange to MIN_DAYS\n"
+#~ " -M, --अधिकमत दिन MAX_DAYS\tपासवरà¥à¤¡ अघि दिनहरà¥à¤•à¥‹ नà¥à¤¯à¥à¤¨à¤¤à¤® संखà¥à¤¯à¤¾ सेट गरà¥à¤¦à¤›\n"
+#~ "\t\t\t\tchange to MAX_DAYS\n"
+#~ " -W, --चेतावनी दिन WARN_DAYS\t ले WARN_DAYS मा समापà¥à¤¤ भà¤à¤•à¥‹ चेतावनी दिनहरू "
+#~ "सेट \n"
+#~ "\t\t\t\tगरà¥à¤¦à¤›\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM आधिकरण असफल भयो\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "उपयोग: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "उपयोग: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "उपयोग: पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ [options]\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -e, --गà¥à¤ªà¥à¤¤à¤¿à¤•à¥ƒà¤¤\tआपूरà¥à¤¤à¤¿ भà¤à¤•à¤¾ पासवरà¥à¤¡à¤¹à¤°à¥‚ गà¥à¤ªà¥à¤¤à¤¿à¤•à¥ƒà¤¤ छन\n"
+#~ " -h, --मदà¥à¤¦à¤¤\t\tले यो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¿à¤¤ र बनà¥à¤¦ गरà¥à¤›\n"
+#~ " -m, --md5\t\tले DES को सटà¥à¤Ÿà¤¾à¤®à¤¾ MD5 पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤› जब आपूरà¥à¤¤à¤¿ भà¤à¤•à¥‹\n"
+#~ "\t\t\tपासवरà¥à¤¡à¤¹à¤°à¥‚ गà¥à¤ªà¥à¤¤à¤¿à¤•à¥ƒà¤¤ भà¤à¤•à¥‹ हà¥à¤¦à¥ˆà¤¨\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -f, --force\t\t\tपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾à¤²à¥‡ पà¥à¤°à¤¾à¤ªà¥à¤¤ नगरेता पनि, फाइलहरà¥à¤•à¥‹ हटाईमा जोड गरà¥à¤¦à¤›\n"
+#~ " -h, --help\t\t\tयो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤› र बनद गरà¥à¤¦à¤›\n"
+#~ " -r, --remove\t\t\tगृह डाइरेकà¥à¤Ÿà¥à¤°à¥€ र मेल सà¥à¤ªà¥‚ललाई हटाउà¤à¤› \n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "उपयोग: अवधि {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: फाइल %s खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "उपयोग: groupdel समूह नाम\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "उपयोग: %s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "उपयोग: %s [-r] [-s] [group]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s र -r मिलà¥à¤¦à¥‹à¤œà¥à¤²à¥à¤¦à¥‹ छैन\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "उपयोग: groupdel समूह नाम\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "उपयोग: groupdel समूह नाम\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: lastlog [options]\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -b, --DAYS अगाडि\t DAYS भनà¥à¤¦à¤¾ पà¥à¤°à¤¾à¤¨à¥‹ अनà¥à¤¤à¤¿à¤® लग रेकरà¥à¤¡ मà¥à¤¦à¥à¤°à¤£ गरà¥à¤¦à¤›\n"
+#~ " -h, --मदà¥à¤¦à¤¤\t\tयो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤› र बनà¥à¤¦ गरà¥à¤¦à¤›\n"
+#~ " -t, --समय DAYS\t DAYS भनà¥à¤¦à¤¾ धेरै नविन अनà¥à¤¤à¤¿à¤® लग रेकरà¥à¤¡à¤¹à¤°à¥‚ मातà¥à¤° मà¥à¤¦à¥à¤°à¤£ गरà¥à¤¦à¤›\n"
+#~ " -u, --पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ LOGIN\t निरà¥à¤¦à¤¿à¤·à¥à¤Ÿ गरिà¤à¤•à¥‹ LOGIN संगै अनà¥à¤¤à¤¿à¤® लग रेकरà¥à¤¡à¤¹à¤°à¥‚ मà¥à¤¦à¥à¤°à¤£ "
+#~ "गरà¥à¤¦à¤›\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: पासवरà¥à¤¡ [विकलà¥à¤ªà¤¹à¤°à¥‚] [लगइन]\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -a, --सबै\t\t\t सबै खातामा पासवरà¥à¤¡ सà¥à¤¥à¤¿à¤¤à¤¿ पà¥à¤°à¤¤à¤¿à¤µà¥‡à¤¦à¤¨ गरà¥à¤¦à¤›\n"
+#~ " -d, --मेटà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\t\t\t नामकरण गरिà¤à¤•à¥‹ खाताको लागि पासवरà¥à¤¡ मेटà¥à¤¦à¤›\n"
+#~ " -e, --समापà¥à¤¤ हà¥à¤¨à¥\t\t\t नामकरण गरिà¤à¤•à¥‹ खाताको लागि पासवरà¥à¤¡ समापà¥à¤¤ गरà¥à¤¨ जोड "
+#~ "गरà¥à¤¦à¤›\n"
+#~ " -h, --मदà¥à¤¦à¤¤\t\t\t यो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤¦à¤› र बनà¥à¤¦ गरà¥à¤¦à¤›\n"
+#~ " -k, --टोकनहरू राखà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\t\tयदि समापà¥à¤¤ भà¤à¤®à¤¾ मातà¥à¤° पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -i, --निसà¥à¤•à¥à¤°à¤¿à¤¯ INACTIVE\t समापà¥à¤¤à¤¿ पछ निसà¥à¤•à¥à¤°à¤¿à¤¯à¤®à¤¾ निसà¥à¤•à¥à¤°à¤¿à¤¯ पासवरà¥à¤¡ सेट गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -l, --तालà¥à¤šà¤¾ मारà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\t\t\t नामकरण गरिà¤à¤•à¥‹ खाता तालà¥à¤šà¤¾ मारà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -n, --नà¥à¤¯à¥à¤¨à¤¤à¤® दिनहरू MIN_DAYS\t ले MIN_DAYS मा पासवरà¥à¤¡\n"
+#~ "\t\t\t\t परिवरà¥à¤¤à¤¨ गरà¥à¤¨à¥ अघि दिनहरà¥à¤•à¥‹ नà¥à¤¯à¥à¤¨à¤¤à¤® नमà¥à¤¬à¤°à¤²à¤¾à¤ˆ सेट गरà¥à¤¦à¤›\n"
+#~ " -q, --अनà¥à¤¤à¥à¤¯ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\t\t\tअनà¥à¤¤à¥à¤¯ मोड\n"
+#~ " -r, --रेपोजिटरी REPOSITORY\t रेपोजिटरीमा पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ "
+#~ "REPOSITORY \n"
+#~ " -S, --वसà¥à¤¤à¥à¤¸à¥à¤¥à¤¿à¤¤à¤¿\t\t\t नामकरण गरिà¤à¤•à¥‹ खातामा पासवरà¥à¤¡ वसà¥à¤¤à¥à¤¸à¥à¤¥à¤¿à¤¤à¤¿ पà¥à¤°à¤¤à¤¿à¤µà¥‡à¤¦à¤¨ गरà¥à¤¦à¤›\n"
+#~ " -u, --अनलग गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\t\t\t नामकरण गरिà¤à¤•à¥‹ खाता अनलग गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -w, --चेतावनी दिनहरू WARN_DAYS\t WARN_DAYS मा समापà¥à¤¤ भà¤à¤•à¥‹ चेतावनी दिनहरू सेट\n"
+#~ "\t\t\t\tगरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -x, --अधिकà¥à¤¤à¤® दिनहरू MAX_DAYS\t ले MAX_DAYS मा\n"
+#~ "\t\t\t\tपासवरड परिवरà¥à¤¤à¤¨ गरà¥à¤¨à¥ अघि दिनहरà¥à¤•à¥‹ अधिकà¥à¤¤à¤® नमà¥à¤¬à¤°à¤²à¤¾à¤ˆ सेट गरà¥à¤¦à¤›\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "उपयोग: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "उपयोग: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "उपयोग: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "उपयोग: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "अजà¥à¤žà¤¾à¤¤ id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "शेल होइन\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -f, --force\t\t\tपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾à¤²à¥‡ पà¥à¤°à¤¾à¤ªà¥à¤¤ नगरेता पनि, फाइलहरà¥à¤•à¥‹ हटाईमा जोड गरà¥à¤¦à¤›\n"
+#~ " -h, --help\t\t\tयो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤› र बनद गरà¥à¤¦à¤›\n"
+#~ " -r, --remove\t\t\tगृह डाइरेकà¥à¤Ÿà¥à¤°à¥€ र मेल सà¥à¤ªà¥‚ललाई हटाउà¤à¤› \n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s हालै लग गरियो\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "उपयोगिता: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -a, --append GROUP\t\tबाà¤à¤•à¤¿ GROUP मा पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ थप गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ \n"
+#~ " -c, --comment COMMENT\t\t GECOS फाà¤à¤Ÿà¤•à¥‹ नयाठमान\n"
+#~ " -d, --home HOME_DIR\t\tपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ खाताका लागि नयाठगृह डाइरेकà¥à¤Ÿà¤°à¥€\n"
+#~ " -e, --expiredate EXPIRE_DATE\tखाता मà¥à¤¯à¤¾à¤¦ समापà¥à¤¤à¤¿ EXPIRE_DATE मा सेट "
+#~ "गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -f, --inactive INACTIVE\tमà¥à¤¯à¤¾à¤¦ समापà¥à¤¤à¤¿ पछि पासवरà¥à¤¡ निसà¥à¤•à¥à¤°à¤¿à¤¯ पारà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ "\t\t\t\tto INACTIVE\n"
+#~ " -g, --gid GROUP\t\t GROUP लाई नयाठपà¥à¤°à¤¾à¤¥à¤®à¤¿à¤• समूहको रà¥à¤ªà¤®à¤¾ पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨ दवाद "
+#~ "दिनà¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -G, --groups GROUPS\t\tबाà¤à¤•à¤¿ GROUPS को नयाठसूची\n"
+#~ " -h, --help\t\t\tयो मदà¥à¤¦à¤¤ सनà¥à¤¦à¥‡à¤¶ पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ र निसà¥à¤•à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -l, --login NEW_LOGIN\t\tलगइन नामको नयाठमान\n"
+#~ " -L, --lock\t\t\tपà¥à¤°à¤¯à¥‹à¤—करता खाता तालà¥à¤šà¤¾ मारà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -m, --move-home\t\tगृह डाइरेकà¥à¤Ÿà¤°à¤¿à¤•à¥‹ सामगà¥à¤°à¤¿à¤¹à¤°à¥‚ नयाठसà¥à¤¥à¤¾à¤¨à¤®à¤¾ सारà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ \n"
+#~ "\t\t\t\tlocation ( -d संग मातà¥à¤°à¥ˆ पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥)\n"
+#~ " -o, --non-unique\t\tनकà¥à¤•à¤²à¥€ पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨ अनà¥à¤®à¤¤à¤¿ दिनà¥à¤¹à¥‹à¤¸à¥ (अमौलिक) UID\n"
+#~ " -p, --password PASSWORD\tनयाठपासवरà¥à¤¡à¤•à¤¾ लागि गà¥à¤ªà¥à¤¤à¤¿à¤•à¥ƒà¤¤ पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -s, --shell SHELL\t\tपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ खाताका लागि नयाठलगइन शेल\n"
+#~ " -u, --uid UID\t\t\tपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ खाताका लागि नयाठUID\n"
+#~ " -U, --unlock\t\t\tपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ खाताको तालà¥à¤šà¤¾ खोलà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: à¤à¤£à¥à¤¡à¤¾à¤¹à¤°à¥‚ दिà¤à¤•à¥‹ छैन\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: vipw [options]\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -g, --group\t\t\tसमूह डेटाबेस समà¥à¤ªà¤¾à¤¦à¤¨ गरà¥à¤¦à¤›\n"
+#~ " -h, --help\t\t\tयो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤› र बनà¥à¤¦ गरà¥à¤¦à¤›\n"
+#~ " -p, --passwd\t\t\tपासवरà¥à¤¡ डेटाबेस समà¥à¤ªà¤¾à¤¦à¤¨ गरà¥à¤¦à¤›\n"
+#~ " -q, --quiet \t\t\tअनà¥à¤¤à¥à¤¯ मोड\n"
+#~ " -s, --shadow\t\t\t सà¥à¤¯à¤¾à¤¡à¥‹ वा जि सà¥à¤¯à¤¾à¤¡à¥‹ डेटाबेस समà¥à¤ªà¤¾à¤¦à¤¨ गरà¥à¤¦à¤›\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "उपयोग: %s [आगत]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: यो %s सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिदैन\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: सà¥à¤µà¤¾à¤®à¤¿à¤¤à¥à¤µ परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकिदैन %s\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: असफल लग [options]\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -a, --सबै\t\t\t ले सबै पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾à¤¹à¤°à¥à¤•à¥‹ लागि असफल लगको रेकरà¥à¤¡à¤¹à¤°à¥‚ पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤¦à¤›\n"
+#~ " -h, --मदà¥à¤¦à¤¤\t\t\t ले यो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤› र बनà¥à¤¦ गरà¥à¤¦à¤›\n"
+#~ " -l, --तालà¥à¤šà¤¾ मारà¥à¤¨à¥‡ समय SEC\t\t ले SEC सेकेणà¥à¤¡à¤®à¤¾ लगइन लग खाता असफल भà¤à¤ªà¤›à¤¿ \n"
+#~ " -m, --अधिकà¥à¤¤à¤® MAX\t\t ले अधिकà¥à¤¤à¤® असफल लगइन काउनà¥à¤Ÿà¤°à¤¹à¤°à¥‚ MAX मा सेट गरà¥à¤¦à¤›\n"
+#~ " -r, --पà¥à¤¨:सेट गरà¥à¤¨à¥\t\t\t ले असफल लगइनहरà¥à¤•à¥‹ काउनà¥à¤Ÿà¤°à¤²à¤¾à¤ˆ पà¥à¤¨:सेट गरà¥à¤¦à¤›\n"
+#~ " -t, --समय DAYS\t\t ले समयको भनà¥à¤¦à¤¾ धेरै नयाठअसफल लग रेकरà¥à¤¡à¤¹à¤°à¥‚ पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤¦à¤›\n"
+#~ " -u, --पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ LOGIN\t\t ले असफल लगइन पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤› वा असफल काउनà¥à¤Ÿà¤°à¤¹à¤°à¥‚\n"
+#~ "\t\t\t\tर सीमाहरू (यदि -r, -m वा -l विकलà¥à¤ªà¤¹à¤°à¥‚ संगै पà¥à¤°à¤¯à¥‹à¤— भयो भने) मातà¥à¤° संभार "
+#~ "गरà¥à¤¦à¤›\n"
+#~ "\t\t\t\tपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾à¤•à¥‹ लागि LOGIN संगै \n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: groupadd [विकलà¥à¤ª] समूह\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -f, --जोड दिनà¥à¤¹à¥‹à¤¸à¥\t\t यदि निरà¥à¤¦à¤¿à¤·à¥à¤Ÿ गरिà¤à¤•à¥‹ छ भने सफल सà¥à¤¥à¤¿à¤¤à¤¿ सहित जोड दिन "
+#~ "बनà¥à¤¦ \n"
+#~ "\t\t\t\tहà¥à¤¨à¥à¤› समूह पहिलà¥à¤¯à¥ˆ अवसà¥à¤¥à¤¿à¤¤ छ\n"
+#~ " -g, --gid GID\t\tनयाठसमूहको लागि GID पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -h, --मदà¥à¤¦à¤¤\t\t\t ले यो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤› र बनà¥à¤¦ गरà¥à¤›\n"
+#~ " -K, --key KEY=VALUE\t\toverrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique\t\t ले नकà¥à¤•à¤²à¥€ संगै समूह सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ अनà¥à¤®à¤¤à¤¿ दिनà¥à¤›\n"
+#~ "\t\t\t\t(non-unique) GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: groupadd [विकलà¥à¤ª] समूह\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -f, --जोड दिनà¥à¤¹à¥‹à¤¸à¥\t\t यदि निरà¥à¤¦à¤¿à¤·à¥à¤Ÿ गरिà¤à¤•à¥‹ छ भने सफल सà¥à¤¥à¤¿à¤¤à¤¿ सहित जोड दिन "
+#~ "बनà¥à¤¦ \n"
+#~ "\t\t\t\tहà¥à¤¨à¥à¤› समूह पहिलà¥à¤¯à¥ˆ अवसà¥à¤¥à¤¿à¤¤ छ\n"
+#~ " -g, --gid GID\t\tनयाठसमूहको लागि GID पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -h, --मदà¥à¤¦à¤¤\t\t\t ले यो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤› र बनà¥à¤¦ गरà¥à¤›\n"
+#~ " -K, --key KEY=VALUE\t\toverrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique\t\t ले नकà¥à¤•à¤²à¥€ संगै समूह सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ अनà¥à¤®à¤¤à¤¿ दिनà¥à¤›\n"
+#~ "\t\t\t\t(non-unique) GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "उपयोग: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -b, --base-dir BASE_DIR\tनयाठपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ खाताको लागि बेस डाइरेकà¥à¤Ÿà¥à¤°à¥€\n"
+#~ "\t\t\t\tगृह डाइरेकà¥à¤Ÿà¥à¤°à¥€\n"
+#~ " -c, --comment COMMENT\t\tनयाठपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ खाताको लागि GECOS फाà¤à¤Ÿ सेट गरà¥à¤¦à¤›\n"
+#~ " -d, --home-dir HOME_DIR\t नयाठपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ खाताको लागि गृह डाइरेकà¥à¤Ÿà¥à¤°à¥€\n"
+#~ " -D, --defaults\t\tपरिमारà¥à¤œà¤¿à¤¤ पूरà¥à¤µà¤¨à¤¿à¤°à¥à¤§à¤¾à¤°à¤¿à¤¤ थप पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ मà¥à¤¦à¥à¤°à¤£ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ वा "
+#~ "बचत\n"
+#~ "\t\t\t\tगरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ कनफिगरेसन\n"
+#~ " -e, --expiredate EXPIRE_DATE\t ले EXPIRE_DATE मा खाता समापà¥à¤¤à¤¿ मिति सेट "
+#~ "गरà¥à¤¦à¤›\n"
+#~ " -f, --inactive INACTIVE\tले मिति समापà¥à¤¤à¤¿ पछि पासवरà¥à¤¡à¤²à¤¾à¤ˆ INACTIVE मा सेट "
+#~ "गरà¥à¤¦à¤›\n"
+#~ " -g, --gid GROUP\t\tनयाठपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ खाताको लागि GROUP पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨ जोड गरà¥à¤¦à¤›\n"
+#~ " -G, --groups GROUPS\t\t नयाà¤à¤•à¥‹ लागि परिपूरक समूहहरà¥à¤•à¥‹ सूचि\n"
+#~ "\t\t\t\tपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ खाता\n"
+#~ " -h, --help\t\t\tयो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¨ गरà¥à¤› र बनà¥à¤¦ गरà¥à¤¦à¤›\n"
+#~ " -k, --skel SKEL_DIR\t\tà¤à¤‰à¤Ÿà¤¾ वैकलà¥à¤ªà¤¿à¤• सà¥à¤•à¥‡à¤² डाइरेकà¥à¤Ÿà¥à¤°à¥€ निरà¥à¤¦à¤¿à¤·à¥à¤Ÿ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥\n"
+#~ " -K, --key KEY=VALUE\t\t /etc/login.defs पूरà¥à¤µà¤¨à¤¿à¤°à¥à¤§à¤¾à¤°à¤£à¤¹à¤°à¥‚ अधिलेखन गरà¥à¤¦à¤›\n"
+#~ " -m, --create-home\t\tनयाठपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾à¤•à¥‹ लागि गृह डाइरेकà¥à¤Ÿà¥à¤°à¥€ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¦à¤›\n"
+#~ "\t\t\t\tखाता\n"
+#~ " -o, --non-unique\t\tनकà¥à¤•à¤²à¥€ संग पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ अनà¥à¤®à¤¤à¤¿ दिनà¥à¤›\n"
+#~ "\t\t\t\t(non-unique) UID\n"
+#~ " -p, --password PASSWORD\t नयाठपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾à¤•à¥‹ लागि गà¥à¤ªà¥à¤¤à¤¿à¤•à¥ƒà¤¤ पासवरà¥à¤¡ पà¥à¤°à¤¯à¥‹à¤— "
+#~ "गरà¥à¤¦à¤›\n"
+#~ "\t\t\t\tखाता\n"
+#~ " -s, --shell SHELL\t\t नयाठपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ खाताको लागि लगइन शेल\n"
+#~ " -u, --uid UID\t\t\t नयाठपà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ खाताको लागि UID पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨ जोड दिनà¥à¤›\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "समापà¥à¤¤à¤¿à¤²à¤¾à¤ˆ पासवरà¥à¤¡ सेट गरियो ।"
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: पासवरà¥à¤¡ फाइलमा तालà¥à¤šà¤¾ मारà¥à¤¨ सकिदैन\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: पासवरà¥à¤¡ फाइल खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ फाइल खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ फाइल पà¥à¤¨:लेखन गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: पासवरà¥à¤¡ फाइल पà¥à¤¨:लेखन गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ फाइल अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tपूरा नाम: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tकोठा नमà¥à¤¬à¤°: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tकारà¥à¤¯ फोन: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tगृह फोन: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "पासवरà¥à¤¡ फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ सकिà¤à¤¨; फेरी पछि पà¥à¤°à¤¯à¤¾à¤¸ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ ।\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "पासवरà¥à¤¡ फाइल खोलà¥à¤¨ सकिà¤à¤¨ ।\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿à¤®à¤¾ तà¥à¤°à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरिदैछ ।\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "पासवरà¥à¤¡ फाइल परिवरà¥à¤¤à¤¨à¤¹à¤°à¥‚ कमिट गरà¥à¤¨à¥ सकिà¤à¤¨ ।\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "पासवरà¥à¤¡ फाइलबाट तालà¥à¤šà¤¾ हटाउन सकिदैन ।\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: समूह फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ सकिदैन\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: समूह फाइल खोलà¥à¤¨ सकिदैन\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: जि सà¥à¤¯à¤¾à¤¡à¥‹ फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ फाइल खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ फाइल अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: समूह पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: रेखा %d: अजà¥à¤žà¤¾à¤¤ समूह %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: रेखा %d: पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ फाइल अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: पासवरà¥à¤¡ फाइल अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: रेखा %d: अजà¥à¤žà¤¾à¤¤ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: रेखा %d: पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिदैन\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: अजà¥à¤žà¤¾à¤¤ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "अजà¥à¤žà¤¾à¤¤ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "उपयोग: %s [-r|-R] समूह\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-à¤à¤‰à¤Ÿà¤¾ पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾] समूह\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾] समूह\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾,...] [-M पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾,...] समूह\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾,...] समूह\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: तालà¥à¤šà¤¾ पà¥à¤°à¤¾à¤ªà¥à¤¤ गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ तालà¥à¤šà¤¾ पà¥à¤°à¤¾à¤ªà¥à¤¤ गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: फाइल खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ फाइल पà¥à¤¨:लेखन गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: फाइल अनलग गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "अजà¥à¤žà¤¾à¤¤ समूह: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: फाइल खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ फाइल खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "तपाईठको हो ?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: अजà¥à¤žà¤¾à¤¤ सदसà¥à¤¯ %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: नयाठसमूह पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ थप गरà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: समूह फाइल पà¥à¤¨:लेखन गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह फाइल पà¥à¤¨:लेखन गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: समूह फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ असकà¥à¤·à¤® भयो\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: समूह फाइल खोलà¥à¤¨ असकà¥à¤·à¤® भयो\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ असफल भयो\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह फाइल खोलà¥à¤¨ असकà¥à¤·à¤® भयो\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u अदà¥à¤µà¤¿à¤¤à¤¿à¤¯ होइन\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: समूह पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ हटाउà¤à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ हटाउà¤à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾à¤•à¥‹ पà¥à¤°à¤¾à¤‡à¤®à¥‡à¤°à¥€ समूह हटाउन सकिà¤à¤¨ ।\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: PAM आधिकरण असफल भयो\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: समूह फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ असकà¥à¤·à¤® भयो\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: समूह फाइल खोलà¥à¤¨ सकिदैन\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s /etc/group मा फेला परेन\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u अदà¥à¤µà¤¿à¤¤à¤¿à¤¯ GID होइन\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s अदà¥à¤µà¤¿à¤¤à¤¿à¤¯ नाम होइन\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: पासवरà¥à¤¡ फाइल पà¥à¤¨:लेखन गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: पासवरà¥à¤¡ फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ असकà¥à¤·à¤® छ\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: पासवरà¥à¤¡ फाइल खोलà¥à¤¨ असकà¥à¤·à¤® भयो\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: यस %s का लागि सà¥à¤¯à¤¾à¤¡à¥‹ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: यस %s समूहका लागि पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ सकिदैन\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह फाइल खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह %s हटाउन सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह फाइल अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह फाइल मेटà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "अजà¥à¤žà¤¾à¤¤ UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "अजà¥à¤žà¤¾à¤¤ GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: समूह %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s अवसà¥à¤¥à¤¿à¤¤ छैन\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: अवैध पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ नाम '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: /etc/passwd तालà¥à¤šà¤¾ मारà¥à¤¨ सकिà¤à¤¨ ।\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: /etc/passwd तालà¥à¤šà¤¾ मारà¥à¤¨ सकिà¤à¤¨ ।\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: /etc/passwd तालà¥à¤šà¤¾ मारà¥à¤¨ सकिà¤à¤¨ ।\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: /etc/passwd तालà¥à¤šà¤¾ मारà¥à¤¨ सकिà¤à¤¨ ।\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: फाइलहरू खओलà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: फाइलहरू अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: %s को लागि पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: पासवरà¥à¤¡ फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: पासवरà¥à¤¡ फाइल खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: यो %s का लागि सà¥à¤¯à¤¾à¤¡à¥‹ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ हटाउन सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: पासवरà¥à¤¡ फाइल अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• हà¥à¤¨ सकेन\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: पà¥à¤°à¤¯à¥‹à¤—करà¥à¤¤à¤¾ %s का लागि पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ फाइल मेटà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: अजà¥à¤žà¤¾à¤¤ GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: अजà¥à¤žà¤¾à¤¤ समूह %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: gshadow_group मा सà¥à¤®à¥ƒà¤¤à¤¿ भनà¥à¤¦à¤¾ बाहिर\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: पासवरà¥à¤¡ फाइल पà¥à¤¨:लेखन गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ फाइल पà¥à¤¨:लेखन गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ फाइल तालà¥à¤šà¤¾ मारà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ फाइल खोलà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: समूह फाइल तालà¥à¤šà¤¾ मारà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: समूह फाइल खोलà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह फाइल तालà¥à¤šà¤¾ मारà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह फाइल खोलà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: नयाठपासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ थपà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: नयाठसà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ थपà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: चेतावनी: CREATE_HOME समरà¥à¤¥à¤¿à¤¤ छैन, कृपया सटà¥à¤Ÿà¤¾à¤®à¤¾ -m पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ ।\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: समूह पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: समूह पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ अदà¥à¤¯à¤¾à¤µà¤§à¤¿à¤• गरà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: समूह फाइल खोलà¥à¤¨ सकिदैन\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ समूह फाइल खोलà¥à¤¨ सकिदैन\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ मेटà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ मेटà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: नयाठसमूह पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ थप गरà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu अदà¥à¤µà¤¿à¤¤à¤¿à¤¯ होइन\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ परिवरà¥à¤¤à¤¨ गरà¥à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ हटाउà¤à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: सà¥à¤¯à¤¾à¤¡à¥‹ पासवरà¥à¤¡ पà¥à¤°à¤µà¤¿à¤·à¥à¤Ÿà¤¿ हटाउà¤à¤¦à¤¾ तà¥à¤°à¥à¤Ÿà¤¿\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: अदà¥à¤µà¤¿à¤¤à¤¿à¤¯ GID पà¥à¤°à¤¾à¤ªà¥à¤¤ गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr "'%'.200s' बाट %.100s'मा"
+
+#~ msgid " on '%.100s'"
+#~ msgstr "'%.100s' मा"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: रेखा %d: UID सिरà¥à¤œà¤¨à¤¾ गरà¥à¤¨ सकिà¤à¤¨\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: नाम %s अदà¥à¤µà¤¿à¤¤à¤¿à¤¯ होइन\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥ [options]\n"
+#~ "\n"
+#~ "विकलà¥à¤ªà¤¹à¤°à¥‚:\n"
+#~ " -e, --गà¥à¤ªà¥à¤¤à¤¿à¤•à¥ƒà¤¤\tआपूरà¥à¤¤à¤¿ भà¤à¤•à¤¾ पासवरà¥à¤¡à¤¹à¤°à¥‚ गà¥à¤ªà¥à¤¤à¤¿à¤•à¥ƒà¤¤ छन\n"
+#~ " -h, --मदà¥à¤¦à¤¤\t\tले यो मदà¥à¤¦à¤¤ संदेशलाई पà¥à¤°à¤¦à¤°à¥à¤¶à¤¿à¤¤ र बनà¥à¤¦ गरà¥à¤›\n"
+#~ " -m, --md5\t\tले DES को सटà¥à¤Ÿà¤¾à¤®à¤¾ MD5 पà¥à¤°à¤¯à¥‹à¤— गरà¥à¤› जब आपूरà¥à¤¤à¤¿ भà¤à¤•à¥‹\n"
+#~ "\t\t\tपासवरà¥à¤¡à¤¹à¤°à¥‚ गà¥à¤ªà¥à¤¤à¤¿à¤•à¥ƒà¤¤ भà¤à¤•à¥‹ हà¥à¤¦à¥ˆà¤¨\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "पासवरà¥à¤¡ फाइल होइन\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "माफ दिनà¥à¤¹à¥‹à¤¸à¥ ।\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "माफ दिनà¥à¤¹à¥‹à¤¸à¥, %s को लागि अहिले पासवरà¥à¤¡ परिवरà¥à¤¤à¤¨ गरà¥à¤¨ सकिदैन ।\n"
+
+#~ msgid "Sorry."
+#~ msgstr "माफ गरà¥à¤¨à¥à¤¹à¥‹à¤¸à¥à¥¤"
diff --git a/po/nl.po b/po/nl.po
new file mode 100644
index 0000000..6cbabdd
--- /dev/null
+++ b/po/nl.po
@@ -0,0 +1,3731 @@
+# dutch po-file for shadow
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# Bart Cornelis <cobaco@linux.be>, 2004, 2006.
+# Frans Spiesschaert <Frans.Spiesschaert@yucom.be>, 2014.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2012-05-20 19:52+0200\n"
+"PO-Revision-Date: 2014-11-15 00:03+0100\n"
+"Last-Translator: Frans Spiesschaert <Frans.Spiesschaert@yucom.be>\n"
+"Language-Team: Debian Dutch l10n Team <debian-l10n-dutch@lists.debian.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.3.1\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"In %s staan meerdere regels met als naam '%s'. Gelieve dit met pwck of grpck "
+"te repareren.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "niet door libcrypt ondersteunde encryptiemethode? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "configuratiefout - kan waarde %s niet ontleden: '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Kon geen ruimte toewijzen voor de configuratie-info.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"configuratiefout - onbekend item '%s' (waarschuw een systeembeheerder)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd werd niet normaal beëindigd (signaal %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd sloot af met satus %d\n"
+
+msgid "Password: "
+msgstr "Wachtwoord: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Wachtwoord van %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Kan geen instrument voor SELinux-beheer creëren\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux-beleid wordt niet beheerd\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Kan het gebied met het SELinux-beleid niet lezen\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Kan geen verbinding leggen om SELinux te beheren\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Kan de SELinux-transactie niet beginnen\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Kon de seuser van %s niet opvragen\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Kon de serange van %s niet instellen\n"
+
+#, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Kon de sename van %s niet instellen\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Kon de aanmeldkoppeling van %s niet veranderen\n"
+
+#, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Kan voor %s geen SELinux-aanmeldkoppeling maken\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Kon voor %s geen naam instellen\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Kon voor %s geen SELinuxgebruiker instellen\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Kon voor %s geen aanmeldkoppeling toevoegen\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Kan SELinuxbeheer niet initialiseren\n"
+
+#, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "Kan de gebruikerssleutel voor SELinux niet aanmaken\n"
+
+#, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "Kan de SELinuxgebruiker niet verifiëren\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Kon de gebruikerskoppeling in SELinux niet veranderen\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Kan in SELinux geen gebruikerskoppeling toevoegen\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Kan de SELinux-transactie niet vastleggen\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Geen aanmeldkoppeling gedefinieerd voor %s. OK als de standaardkoppeling "
+"gebruikt werd\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"Aanmeldkoppeling van %s werd in het beleid gedefinieerd en kan niet gewist "
+"worden\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Kon de aanmeldkoppeling van %s niet wissen"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: onvoldoende geheugen\n"
+
+#, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: kan de status niet opvragen van %s: %s\n"
+
+#, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s is geen map en ook geen symbolische koppeling.\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: kan symbolische koppeling %s niet lezen: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: verdacht lange symbolische koppeling: %s\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: kan map %s niet aanmaken: %s\n"
+
+#, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: kan eigenaar van %s niet wijzigen: %s\n"
+
+#, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: kan modus van %s niet wijzigen: %s\n"
+
+#, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: ontkoppelen: %s: %s\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: kan map %s niet verwijderen: %s\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: kan %s niet hernoemen naar %s: %s\n"
+
+#, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: kan %s niet verwijderen: %s\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: kan symbolische koppeling %s niet aanmaken: %s\n"
+
+#, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: kan eigenaars van %s niet wijzigen: %s\n"
+
+#, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: kan status van symbolische koppeling %s niet opvragen: %s\n"
+
+#, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: waarschuwing: gebruiker %s heeft geen tcb-schaduwbestand.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: noodsituatie: het tcb-schaduwbestand van %s is geen gewoon bestand met "
+"st_nlink=1.\n"
+"Het account is vergrendeld gebleven.\n"
+
+#, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: kan bestand %s niet openen: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Waarschuwing: onbekende groep %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Waarschuwing: te veel groepen\n"
+
+msgid "Your password has expired."
+msgstr "Uw wachtwoord is vervallen."
+
+msgid "Your password is inactive."
+msgstr "Uw wachtwoord is niet actief."
+
+msgid "Your login has expired."
+msgstr "Uw gebruikersnaam is vervallen."
+
+msgid " Contact the system administrator."
+msgstr " Neem contact op met de systeembeheerder."
+
+msgid " Choose a new password."
+msgstr " Kies een nieuw wachtwoord."
+
+msgid "You must change your password."
+msgstr "U moet uw wachtwoord veranderen."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Uw wachtwoord vervalt binnen %ld dagen.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Uw wachtwoord vervalt morgen."
+
+msgid "Your password will expire today."
+msgstr "Uw wachtwoord vervalt vandaag."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Kan auditinterface niet openen - er wordt gestopt.\n"
+
+#, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Kan eigenaar of modus van tty stdin niet veranderen: %s"
+
+#, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: ontgrendelen van %s is mislukt\n"
+
+#, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Omgeving wordt te groot\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "U mag $%s niet veranderen\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d mislukte poging sinds u zich de laatste keer aanmeldde.\n"
+"Die mislukte poging %s was op %s.\n"
+msgstr[1] ""
+"%d mislukte pogingen sinds u zich de laatste keer aanmeldde.\n"
+"De laatste mislukte poging %s was op %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: ongeldige configuratie: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: ongeldige configuratie: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: toewijzen van geheugen is mislukt: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: kan geen uniek systeem-GID verkrijgen (er zijn geen GID's meer "
+"beschikbaar)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+"%s: kan geen uniek GID verkrijgen (er zijn geen GID's meer beschikbaar)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: ongeldige configuratie: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: ongeldige configuratie: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: kan geen uniek systeem-UID verkrijgen (er zijn geen UID's meer "
+"beschikbaar)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+"%s: kan geen uniek UID verkrijgen (er zijn geen UID's meer beschikbaar)\n"
+
+msgid "Too many logins.\n"
+msgstr "Te veel aanmeldingen.\n"
+
+msgid "You have new mail."
+msgstr "U heeft nieuwe e-mail ontvangen."
+
+msgid "No mail."
+msgstr "Geen e-mail."
+
+msgid "You have mail."
+msgstr "U heeft e-mail."
+
+msgid "no change"
+msgstr "geen veranderingen"
+
+msgid "a palindrome"
+msgstr "een palindroom"
+
+msgid "case changes only"
+msgstr "enkel veranderingen van grote naar kleine letters (of omgekeerd)"
+
+msgid "too similar"
+msgstr "te gelijkaardig"
+
+msgid "too simple"
+msgstr "te simpel"
+
+msgid "rotated"
+msgstr "geroteerd"
+
+msgid "too short"
+msgstr "te kort"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Slecht wachtwoord: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() is mislukt, fout %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "passwd: wachtwoord is niet veranderd\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: wachtwoord is met succes aangepast\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Onjuist wachtwoord voor %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: meerdere --root-opties\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: optie '%s' vereist een argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: afgeven van rechten is mislukt (%s)\n"
+
+#, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: ongeldig chroot-pad '%s'\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: krijg geen toegang tot chroot-map %s: %s\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: chroot naar map %s lukt niet: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Ongeldige ENCRYPT_METHOD-waarde: '%s'.\n"
+"Terugvallen op standaard DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Kan niet van map veranderen (cd) naar '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Geen thuismap, er wordt aangemeld met HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Kan %s niet uitvoeren"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ongeldige basismap '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Kan de basismap niet veranderen naar '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Kan de naam van uw tty niet bepalen."
+
+#| msgid "No\n"
+msgid "No"
+msgstr "Nee"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] LOGIN\n"
+"\n"
+"Opties:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday LAATSTE_DAG stel datum van laatste wachtwoordwijziging\n"
+" in op LAATSTE_DAG\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate VERVAL_DATUM stel account-vervaldag in op VERVAL_DATUM\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr " -h, --help toon deze hulptekst en sluit af\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INACTIEF stel na het verlopen van het wachtwoord de\n"
+" niet-actieve periode ervan in op INACTIEF\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+" -l, --list toon informatie over veroudering van "
+"accounts\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays MIN_DAYS stel het minimum aantal dagen vooraleer het\n"
+" wachtwoord gewijzigd mag worden in op "
+"MIN_DAYS\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays MAX_DAYS stel het maximum aantal dagen vooraleer een\n"
+" wachtwoordwijziging moet gebeuren in op "
+"MAX_DAYS\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -R, --root CHROOT_MAP basismap voor chroot\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays WARN_DAYS stel het aantal waarschuwingsdagen voor "
+"het \n"
+" vervallen van het wachtwoord in op "
+"WARN_DAYS\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Voer de nieuwe waarde in of druk op Enter voor de standaardwaarde"
+
+msgid "Minimum Password Age"
+msgstr "Minimumleeftijd voor wachtwoord"
+
+msgid "Maximum Password Age"
+msgstr "Maximumleeftijd voor wachtwoord"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Laatste wachtwoordverandering (JJJJ-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Waarschuwing voor wachtwoordverval"
+
+msgid "Password Inactive"
+msgstr "Wachtwoord niet actief"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Vervaldatum van account (JJJJ-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Laatste wachtwoordverandering\t\t\t\t: "
+
+msgid "never"
+msgstr "nooit"
+
+msgid "password must be changed"
+msgstr "wachtwoord moet veranderd worden"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Wachtwoord vervalt\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Wachtwoord niet actief\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Account vervalt\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimum aantal dagen tussen wachtwoordwijzigingen\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maximum aantal dagen tussen wachtwoordwijzigingen\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Aantal waarschuwingsdagen voor wachtwoordverval\t\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ongeldige datum '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ongeldig numeriek argument '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: gebruik \"-l\" niet samen met andere opties\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: toegang geweigerd.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: kan uw gebruikersnaam niet bepalen.\n"
+
+#, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: kan %s niet vergrendelen; probeer het later nog eens.\n"
+
+#, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: kan %s niet openen\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr ""
+"%s: er trad een fout op tijdens het wegschrijven van veranderingen naar %s\n"
+
+#, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: voorbereiden van het nieuwe %s-element '%s' is mislukt\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: het schaduwwachtwoordenbestand is afwezig\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: gebruiker '%s' bestaat niet in %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Verouderingsinformatie voor %s wordt aangepast\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: fout bij het aanpassen van de velden\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [LOGIN]\n"
+"\n"
+"Opties:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+" -f, --full-name VOLLEDIGE_NAAM wijzig de volledige naam van de gebruiker\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+" -h, --home-phone TEL_THUIS wijzig het thuistelefoonnummer van de "
+"gebruiker\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+" -o, --other OVERIGE_INFO wijzig de overige GECOS-informatie van de "
+"gebruiker\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+" -r, --room KAMER_NUMMER verander het kamernummer van de gebruiker\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr " -u, --help toon deze hulptekst en sluit af\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+" -w, --work-phone TEL_WERK wijzig het kantoortelefoonnummer van de "
+"gebruiker\n"
+
+msgid "Full Name"
+msgstr "Volledige naam"
+
+#, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Kamernummer"
+
+msgid "Work Phone"
+msgstr "Telefoon werk"
+
+msgid "Home Phone"
+msgstr "Telefoon thuis"
+
+msgid "Other"
+msgstr "Varia"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Kan ID niet veranderen naar root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: naam bevat niet-ASCII tekens: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ongeldige naam: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: kamernummer bevat niet-ASCII tekens: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: ongeldig kamernummer: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: '%s' voor 'telefoon werk' is ongeldig\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: '%s' voor 'telefoon thuis' is ongeldig\n"
+
+#, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' bevat niet-ASCII tekens\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' bevat ongeldige tekens\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: gebruiker '%s' bestaat niet\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: kan gebruiker '%s' niet veranderen op NIS-client.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' is de NIS-master voor deze client.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "De gebruikersinformatie over %s wordt veranderd\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: velden zijn te lang\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties]\n"
+"\n"
+"Opties:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method METHODE de encryptiemethode (een van %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+" -e, --encrypted ingevoerde wachtwoorden worden versleuteld\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 versleutel het wachtwoord in klare tekst\n"
+" met het MD5-algoritme\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds aantal SHA-rondes voor de SHA*\n"
+" encryptie-algoritmes\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: optie %s is enkel toegelaten in combinatie met de optie %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: de opties -c, -e, en -m zijn exclusief\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: niet-ondersteunde encryptiemethode: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: regel %d: regel is te lang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: regel %d: nieuw wachtwoord ontbreekt\n"
+
+#, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: regel %d: groep '%s' bestaan niet\n"
+
+#, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: regel %d: kon het nieuwe %s-item '%s' niet voorbereiden\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: fout gevonden, aanpassingen genegeerd\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (regel %d, gebruiker %s) wachtwoord niet gewijzigd\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: regel %d: gebruiker '%s' bestaat niet\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell SHELL nieuwe aanmeld-shell voor het "
+"gebruikersaccount\n"
+
+msgid "Login Shell"
+msgstr "Aanmeld-shell"
+
+#, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "U mag de shell voor '%s' niet aanpassen.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "De aanmeld-shell voor %s wordt aangepast\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: ongeldig element: %s\n"
+
+#, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s is geen geldige shell\n"
+
+#, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: waarschuwing: %s bestaat niet\n"
+
+#, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: waarschuwing: %s is niet uitvoerbaar\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check controleer de wachtwoordvervaldatum van "
+"gebruiker\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force verplicht wachtwoordwijziging als het\n"
+" wachtwoord van gebruiker vervallen is\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: opties %s en %s zijn strijdig\n"
+
+#, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: onverwachte parameter: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all toon aanmeldfouten van alle gebruikers\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs SEC vergrendel het account gedurende SEC "
+"seconden\n"
+" na een mislukte aanmelding\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAX stel maximum aantal toegelaten mislukte\n"
+" aanmeldingen in op MAX\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset stel tellers van mislukte aanmeldingen\n"
+" terug op nul\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DAGEN toon aanmeldfouten recenter dan DAGEN\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user GEBRUIKER/BEREIK toon aanmeldfouten of beheer tellers en "
+"limieten\n"
+" van mislukte aanmeldingen (indien "
+"gecombineerd\n"
+" met -r, -m of -l) voor de gegeven GEBRUIKERS"
+"(s)\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: kon regel betreffende UID %lu niet opvragen\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Gebruiker Mislukkingen Maximum Laatste Op\n"
+
+#, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lus over]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds grendel]"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+"%s: terugzetten van teller van mislukte aanmeldingen mislukt voor UID %lu\n"
+
+#, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: instellen van een maximum voor UID %lu is mislukt\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: kan vergrendelingstijd voor UID %lu niet instellen\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: onbekende gebruiker of bereik: %s\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: kan grootte van %s niet opvragen: %s\n"
+
+#, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: wegschrijven van %s is mislukt: %s\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [optie] GROEP\n"
+"\n"
+"Opties:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add GEBRUIKER voeg GEBRUIKER toe aan GROEP\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete GEBRUIKER verwijder GEBRUIKER uit GROEP\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root CHROOT_DIR basismap voor chroot\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password verwijder het wachtwoord van GROEP\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict beperk toegang tot GROEP tot zijn leden\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr " -M, --members GEBRUIKER stel de ledenlijst van GROEP in\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" stel de lijst in van beheerders van GROEP\n"
+
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"Opties kunnen niet gecombineerd worden, met uitzondering van de opties -A en "
+"-M.\n"
+
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "De opties kunnen niet gecombineerd worden.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: schaduwgroepswachtwoorden zijn vereist voor -A\n"
+
+#, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: groep '%s' bestaan niet in %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: fout bij het sluiten van alleen-lezen %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Het wachtwoord van groep %s wordt veranderd\n"
+
+msgid "New Password: "
+msgstr "Nieuw wachtwoord: "
+
+msgid "Re-enter new password: "
+msgstr "Nieuw wachtwoord bevestigen: "
+
+msgid "They don't match; try again"
+msgstr "Wachtwoorden komen niet overeen; probeer het nog eens"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: U kunt het later nog eens proberen\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Gebruiker %s wordt toegevoegd aan groep %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Gebruiker %s wordt verwijderd uit groep %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: gebruiker '%s' is geen lid van '%s'\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Is geen tty\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] GROEP\n"
+"\n"
+"Opties:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force sluit met succes af als de groep al "
+"bestaat,\n"
+" en annuleer -g als de GID al in gebruik is\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID gebruik GID voor de nieuwe groep\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key SLEUTEL=WAARDE overschrijf de standaarden uit /etc/login."
+"defs\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique sta het aanmaken van groepen met een "
+"identiek\n"
+" (niet-uniek) GID toe\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password WACHTWOORD gebruik dit versleuteld wachtwoord\n"
+" voor de nieuwe groep\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system maak een systeem-account aan\n"
+
+#, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' is geen geldige groepsnaam\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ongeldige groeps-ID '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K vereist SLEUTEL=WAARDE\n"
+
+#, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: groep '%s' bestaat reeds\n"
+
+#, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID '%lu' bestaat reeds\n"
+
+#, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: kan opschoningsdienst niet instellen.\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: kan item '%s' uit %s niet verwijderen\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: kan de primaire groep van gebruiker '%s' niet verwijderen\n"
+
+#, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: groep '%s' bestaan niet\n"
+
+#, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: groep '%s' is een NIS-groep\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s is de NIS-master\n"
+
+#, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: gebruiker '%s' is reeds lid van '%s'\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: onvoldoende geheugen. Kan %s niet bijwerken.\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [actie]\n"
+"\n"
+"Opties:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group groepsnaam wijzig de groepsnaam in plaats van de groep\n"
+" van de gebruiker (uitsluitend "
+"systeembeheerder)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Acties:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr " -a, --add gebruikersnaam voeg gebruikersnaam toe aan de groep\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete gebruikersnaam verwijder gebruikersnaam uit de groep\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge verwijder alle leden uit de groep\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list toon de leden van de groep\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: uw groepsnaam komt niet overeen met uw gebruikersnaam\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: enkel de systeembeheerder kan de optie -g/--group gebruiken\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID verander het groeps-ID naar GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name NIEUWE_GROEP verander de naam in NIEUWE_GROEP\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique sta gebruik van een identiek (niet-uniek) "
+"GID toe\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password WACHTWOORD verander het wachtwoord naar dit "
+"(versleuteld)\n"
+" WACHTWOORD\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: ongeldige groepsnaam '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: groep %s is een NIS-groep\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: onbekende gebruiker %s\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [group [gshadow]]\n"
+"\n"
+"Opties:\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [group]\n"
+"\n"
+"Opties:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only toon fouten en waarschuwingen\n"
+" maar verander bestanden niet\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort sorteer elementen volgens UID\n"
+
+#, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s en -r zijn niet compatibel\n"
+
+msgid "invalid group file entry"
+msgstr "ongeldige regel in het bestand group"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "regel '%s' verwijderen?"
+
+msgid "duplicate group entry"
+msgstr "identiek element in het bestand group"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ongeldige groepsnaam '%s'\n"
+
+#, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "ongeldig groeps-ID '%lu'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "groep %s: geen gebruiker %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "lid '%s' verwijderen? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "geen element in %s dat overeenkomt met dat in het bestand group\n"
+
+#, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "groep '%s' toevoegen in %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"groep %s heeft een regel in %s, maar het wachtwoordveld in %s is niet 'x'\n"
+
+msgid "invalid shadow group file entry"
+msgstr "ongeldig element in het schaduwgroepsbestand"
+
+msgid "duplicate shadow group entry"
+msgstr "identiek element in schaduwgroepsbestand"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "schaduwgroep %s: geen gebruiker %s met systeembeheerdersrechten \n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "over systeembeheerdersrechten beschikkende gebruiker '%s' verwijderen?"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "schaduwgroep %s: geen gebruiker %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: de bestanden zijn bijgewerkt\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: geen aanpassingen\n"
+
+#, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: kan %s niet verwijderen\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Gebruik: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Gebruik: id\n"
+
+msgid " groups="
+msgstr " groepen="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before DAGEN toon enkel informatie uit lastlog ouder dan "
+"DAGEN\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DAYS toon enkel informatie uit lastlog recenter "
+"dan DAGEN\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user GEBRUIKER toon informatie uit lastlog over GEBRUIKER\n"
+
+msgid "Username Port From Latest"
+msgstr "Gebruikersnaam Poort Vanaf Laatste"
+
+msgid "Username Port Latest"
+msgstr "Gebruikersnaam Poort Laatste"
+
+msgid "**Never logged in**"
+msgstr "**Heeft zich nog nooit aangemeld**"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Gebruik: %s [-p] [naam]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h computer] [-f naam]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r computer\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "configuratiefout - kan waarde %s niet ontleden: '%d'"
+
+msgid "Invalid login time"
+msgstr "Ongeldig aanmeldtijdstip"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systeem gesloten wegens routineonderhoud"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Verbinding verbreken omzeild -- aanmelden van root is toegelaten.]"
+
+#, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Aanmelding is na %u seconden verlopen.\n"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Kan mogelijk niet functioneren zonder effectieve root\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Er is geen utmp-item. U dient \"login\" uit te voeren vanaf het laagste "
+"niveau \"sh\""
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "aanmelding: PAM-fout, er wordt afgebroken: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s gebruikersnaam: "
+
+msgid "login: "
+msgstr "gebruikersnaam: "
+
+#, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maximaal aantal pogingen overschreden (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "aanmelding: afgebroken op verzoek van PAM\n"
+
+msgid "Login incorrect"
+msgstr "Gebruikersnaam is onjuist"
+
+#, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "Kan gebruiker (%s) niet vinden\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s gebruikersnaam: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: nieuw proces beginnen is mislukt: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY is mislukt op %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"Waarschuwing: aanmelden is opnieuw geactiveerd na tijdelijke uitsluiting."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Laatst aangemeld: %s om %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Laatst aangemeld: %.19s om %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " vanaf %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"aanmeldtijd overschreden\n"
+"\n"
+
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Gebruik: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Gebruik: newgrp [-] [groep]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Gebruik: sg groep [[-c] commando]\n"
+
+msgid "Invalid password.\n"
+msgstr "Ongeldig wachtwoord.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: nieuw proces beginnen is mislukt: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID '%lu' bestaat niet\n"
+
+msgid "too many groups\n"
+msgstr "te veel groepen\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system maak systeem-accounts aan\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: groep '%s' is een shaduwgroep, maar bestaat niet in /etc/group\n"
+
+#, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ongeldig gebruikers-ID '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: ongeldige gebruikersnaam '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: regel %d: ongeldige regel\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: kan gegevens over gebruiker %s niet bijwerken (niet in de passwd-"
+"database)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: regel %d: kan de gebruiker niet aanmaken\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: regel %d: kan de groep niet aanmaken\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: regel %d: gebruiker '%s' bestaat niet in %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: regel %d: kan wachtwoord niet bijwerken\n"
+
+#, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: regel %d: mkdir %s is mislukt: %s\n"
+
+#, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: regel %d: chown %s is mislukt: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: regel %d: kan element niet bijwerken\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all geef wachtwoordstatus voor alle accounts\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+" -d, --delete verwijder het wachtwoord van het gegeven "
+"account\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire forceer vervallen wachtwoord voor gegeven "
+"account\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens wijzig wachtwoord enkel indien vervallen\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INACTIEF stel na het vervallen van het wachtwoord de\n"
+" niet-actieve periode ervan in op INACTIEF\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+" -l, --lock vergrendel het wachtwoord van het gegeven "
+"account\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_DAYS stel het minimum aantal dagen vooraleer het\n"
+" wachtwoord gewijzigd mag worden in op "
+"MIN_DAYS\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet stille modus\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+" -r, --repository DEPOT wijzig wachtwoord in opslagplaats DEPOT\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status toon wachtwoordstatus voor het gegeven "
+"account\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+" -u, --unlock ontgrendel het wachtwoord van het gegeven "
+"account\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays WARN_DAYS stel het aantal waarschuwingsdagen voor "
+"het \n"
+" vervallen van het wachtwoord in op "
+"WARN_DAYS\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAX_DAYS stel het maximum aantal dagen vooraleer een\n"
+" wachtwoordwijziging moet gebeuren in op "
+"MAX_DAYS\n"
+
+msgid "Old password: "
+msgstr "Oud wachtwoord: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Voer het nieuwe wachtwoord in (minimaal %d tekens)\n"
+"Gebruik een combinatie van grote en kleine letters en cijfers.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Voer het nieuwe wachtwoord in (minimaal %d en maximaal %d tekens)\n"
+"Gebruik een combinatie van grote en kleine letters en cijfers.\n"
+
+msgid "New password: "
+msgstr "Nieuw wachtwoord: "
+
+msgid "Try again."
+msgstr "Probeer het nog eens."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Waarschuwing: zwak wachtwoord (voer het nogmaals in om het toch te "
+"gebruiken)."
+
+msgid "They don't match; try again.\n"
+msgstr "Ze komen niet overeen; probeer het nog eens.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Het wachtwoord van %s kan niet veranderd worden.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Het wachtwoord van %s kan nog niet veranderd worden.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: het wachtwoord ontgrendelen zou resulteren in een account zonder "
+"wachtwoord.\n"
+"U zou een wachtwoord moeten instellen met 'usermod -p' om het wachtwoord "
+"van\n"
+"dit account te ontgrendelen.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: opslagplaats %s wordt niet ondersteund\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s heeft niet het recht om het wachtwoord van %s te wijzigen\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: U mag wachtwoordinformatie van %s niet bekijken of aanpassen.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Wachtwoord van %s wordt veranderd\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Het wachtwoord van %s is niet veranderd.\n"
+
+#, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "%s: wachtwoord is veranderd.\n"
+
+#, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: gegevens in verband met wachtwoordverval zijn gewijzigd.\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [passwd]\n"
+"\n"
+"Opties:\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [passwd [shadow]]\n"
+"\n"
+"Opties:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet rapporteer enkel fouten\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: alternatief schaduwbestand niet toegestaan als USE_TCB actief is.\n"
+
+msgid "invalid password file entry"
+msgstr "ongeldige regel in het wachtwoordbestand"
+
+msgid "duplicate password entry"
+msgstr "identieke regel in wachtwoordbestand"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ongeldige gebruikersnaam '%s'\n"
+
+#, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "ongeldig gebruikers-ID '%lu'\n"
+
+#, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "gebruiker '%s': geen groep %lu\n"
+
+#, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "gebruiker '%s': map '%s' bestaat niet\n"
+
+#, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "gebruiker '%s': programma '%s' bestaat niet\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "geen tcb-map voor %s\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "tcb-map aanmaken voor %s?"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "tcb-map aanmaken voor %s is mislukt\n"
+
+#, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: kan %s niet vergrendelen.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "geen element in %s dat overeenkomt met die in het wachtwoordbestand\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "gebruiker '%s' toevoegen in %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"gebruiker %s heeft een regel in %s, maar zijn wachtwoordveld in %s is niet "
+"'x'\n"
+
+msgid "invalid shadow password file entry"
+msgstr "ongeldige regel in het schaduwwachtwoordbestand"
+
+msgid "duplicate shadow password entry"
+msgstr "identieke regel in het schaduwwachtwoordbestand"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "gebruiker %s: laatste wachtwoordverandering is in de toekomst\n"
+
+#, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: kan regels van %s niet sorteren\n"
+
+#, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: kan niet functioneren als tcb actief is\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: modus van %s instellen op 0600 is mislukt\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Gebruik van 'su' is voor dat account NIET TOEGESTAAN.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Wachtwoordauthenticatie is omzeild.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Gelieve uw EIGEN wachtwoord in te voeren voor authenticatie.\n"
+
+msgid " ...killed.\n"
+msgstr " ...gedood.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...wachten op het beëindigen van kind-proces.\n"
+
+#, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: kan geen nieuwe gebruikersshell starten\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: signaal werkt slecht\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: signaalmaskering werkt slecht\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sessie beëindigd, shell wordt afgesloten..."
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid " ...terminated.\n"
+msgstr " ...beëindigd.\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Gebruik: su [opties] [GEBRUIKERSNAAM]\n"
+"\n"
+"Opties:\n"
+" -c, --command COMMANDO geef COMMANDO mee aan de aangeroepen shell\n"
+" -h, --help toon deze hulptekst en sluit af\n"
+" -, -l, --login maak van de shell een aanmeld-shell\n"
+" -m, -p,\n"
+" --preserve-environment stel de omgevingsvariabelen niet opnieuw\n"
+" in, en behoud dezelfde shell\n"
+" -s, --shell SHELL gebruik SHELL i.p.v. de standaardshell\n"
+" opgegeven in /etc/passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Genegeerd)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "U bent niet gerechtigd om 'su %s' uit te voeren\n"
+
+msgid "(Enter your own password)"
+msgstr "(U dient uw eigen wachtwoord in te voeren)"
+
+#, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: authenticatie is mislukt\n"
+
+#, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: U bent niet gerechtigd om op dat tijdstip 'su' uit te voeren\n"
+
+#, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Geen wachtwoordregel voor gebruiker '%s'\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: dient uitgevoerd te worden vanaf een terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: fout %d\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: kan de sturende terminal niet sluiten\n"
+
+#, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Kan %s niet uitvoeren\n"
+
+msgid "No password file"
+msgstr "Geen wachtwoordbestand"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY is mislukt"
+
+msgid "No password entry for 'root'"
+msgstr "Geen wachtwoordregel voor 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"U dient control-d in te tikken om op de normale manier op te starten,\n"
+"(of het beheerderswachtwoord om de systeemonderhoudsmodus in te gaan):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Systeemonderhoudsmodus wordt opgestart"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s werd aangemaakt, maar kon niet verwijderd worden\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: de %s-instellingen in %s zullen genegeerd worden\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: kan geen nieuw bestand met standaardwaarden aanmaken\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: kan het nieuwe bestand met standaardwaarden niet openen\n"
+
+#, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: de regel in %s is te lang: %s..."
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: kan back-upbestand (%s) niet aanmaken: %s\n"
+
+#, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: hernoemen: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: groep '%s' is een NIS-groep.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: te veel groepen gespecificeerd (max %d).\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] GEBRUIKERSNAAM\n"
+" %s -D\n"
+" %s -D [opties]\n"
+"\n"
+"Opties:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir BASIS_MAP basismap voor de thuismap van het nieuwe\n"
+" account\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment COMMENTAAR GECOS-veld van het nieuwe account\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir THUIS_MAP thuismap van het nieuwe account\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults toon of wijzig de standaardinstellingen\n"
+" van het commando useradd\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+" -e, --expiredate VERVAL_DATUM datum waarop het nieuwe account vervalt\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive INACTIEF periode waarin het wachtwoord van het\n"
+" nieuwe account niet-actief kan zijn\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid GROUP naam of ID van de primaire groep van het\n"
+" nieuwe account\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups GROEPEN lijst van bijkomende groepen voor het "
+"nieuwe\n"
+" account\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr " -k, --skel SKELET_MAP gebruik deze alternatieve skelet-map\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init voeg de gebruiker niet toe aan de\n"
+" gegevensbestanden van lastlog en faillog\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+" -m, --create-home maak de thuismap voor de gebruiker aan\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+" -M, --no-create-home maak de thuismap voor de gebruiker niet aan\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group maak geen groep aan met dezelfde naam\n"
+" als de gebruiker\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique laat toe om gebruikers aan te maken\n"
+" met identiek (niet-uniek) UID\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+" -p, --password WACHTWOORD versleuteld wachtwoord voor het nieuwe "
+"account\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+" -s, --shell SHELL aanmeld-shell voor het nieuwe account\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID gebruikers-ID van het nieuwe account\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group maak een groep met de naam van de gebruiker\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SEUSER gebruik een specifieke SEUSER om de\n"
+" gebruikerskoppeling voor SELinux te maken\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ongeldige basismap '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ongeldig commentaar '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ongeldige thuismap '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: schaduwwachtwoorden zijn vereist voor -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: schaduwwachtwoorden zijn vereist voor -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ongeldig veld '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ongeldige shell '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z vereist dat SELinux geactiveerd is in de kernel\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+"%s: opnieuw instellen van de faillog-post voor UID %lu is mislukt: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+"%s: opnieuw instellen van de lastlog-post voor UID %lu is mislukt: %s\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: kan map %s niet aanmaken\n"
+
+msgid "Creating mailbox file"
+msgstr "Postvak-bestand wordt aangemaakt"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"De 'mail'-groep is niet gevonden. Het postvak-bestand van de gebruiker wordt "
+"aangemaakt met rechten-modus 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Bestandsrechten van postvak-bestand worden ingesteld"
+
+#, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: gebruiker '%s' bestaat al\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: groep %s bestaat - om deze gebruiker aan die groep toe te voegen dient u "
+"-g te gebruiken.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: kan gebruiker niet aanmaken\n"
+
+#, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu is niet uniek\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: tcb-map voor %s aanmaken is mislukt\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: kan groep niet aanmaken\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: waarschuwing: de thuismap bestaat reeds.\n"
+"Er worden geen bestanden uit de skelet-map ernaartoe gekopieerd.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: waarschuwing: de koppeling van gebruikersnaam %s aan SELinux-gebruiker "
+"%s is mislukt.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force geforceerde verwijdering van bestanden,\n"
+" ook als ze geen eigendom van gebruiker zijn\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr " -r, --remove verwijder thuismap en postvak\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user verwijder elke koppeling met een SELinux-"
+"gebruiker\n"
+" voor de gebruiker\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: groep %s wordt niet verwijderd omdat het niet de primaire groep is van "
+"gebruiker %s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: groep %s wordt niet verwijderd omdat hij nog andere leden telt.\n"
+
+#, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: groep %s is de primaire groep van een andere gebruiker en wordt niet "
+"verwijderd.\n"
+
+#, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s postvak (%s) niet gevonden\n"
+
+#, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: waarschuwing: kan %s niet verwijderen: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s is niet van %s, wordt niet verwijderd\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: kan geen geheugen toekennen, tcb-item van %s niet verwijderd.\n"
+
+#, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: afgeven van rechten is mislukt: %s\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: kan de inhoud van %s niet verwijderen: %s\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: kan de tcb-bestanden voor %s niet verwijderen: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: gebruiker %s is een NIS-gebruiker\n"
+
+#, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s thuismap (%s) niet gevonden\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: map %s wordt niet verwijderd (het zou de thuismap van gebruiker %s "
+"verwijderen)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: fout tijdens verwijderen van map %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: waarschuwing: verwijderen van de koppeling van gebruikersnaam %s aan een "
+"SELinux-gebruiker is mislukt.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment COMMENTAAR nieuwe inhoud van het GECOS-veld\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home THUIS_MAP nieuwe thuismap voor het gebruikersaccount\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate VERVAL_DATUM stel account-vervaldag in op VERVAL_DATUM\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INACTIEF stel na het verlopen van het wachtwoord de\n"
+" niet-actieve periode ervan in op INACTIEF\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid GROEP forceer het gebruik van GROEP als nieuwe "
+"primaire\n"
+" groep\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups GROEPEN nieuwe lijst van bijkomende GROEPEN\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append voeg de gebruiker toe aan de bijkomende "
+"GROEPEN,\n"
+" vermeld bij de optie -G, zonder hem/haar\n"
+" te verwijderen uit andere groepen\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login NIEUWE_NAAM nieuwe waarde voor de gebruikersnaam\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock vergrendel het gebruikersaccount\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home verplaats de inhoud van de thuismap naar de\n"
+" nieuwe locatie (enkel gebruiken met -d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique gebruik van een identiek (niet-uniek) UID "
+"toestaan\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password WACHTWOORD gebruik versleuteld wachtwoord als nieuw "
+"wachtwoord\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID nieuw UID voor het gebruikersaccount\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock ontgrendel het gebruikersaccount\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user SEUSER nieuwe koppeling met SELinux-gebruiker voor "
+"het\n"
+" gebruikersaccount\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: het wachtwoord van de gebruiker ontgrendelen zou resulteren in een "
+"account\n"
+"zonder wachtwoord.\n"
+"U zou een wachtwoord moeten instellen met 'usermod -p' om het wachtwoord "
+"van\n"
+"deze gebruiker te ontgrendelen.\n"
+
+#, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: gebruiker '%s' bestaat al in %s\n"
+
+#, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: geen opties\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: de opties -L, -p, en -U zijn exclusief\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: schaduwwachtwoorden zijn vereist voor opties -e en -f\n"
+
+#, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID '%lu' bestaat reeds\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: map %s bestaat al\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: De vroegere thuismap (%s) was geen map. Ze werd niet verwijderd en er "
+"werden geen thuismappen aangemaakt.\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: de thuismap van eigenaar veranderen is mislukt"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: waarschuwing: volledig verwijderen van de oude thuismap %s is mislukt"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: kan map %s niet hernoemen naar %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: kopiëren van de lastlog-post van gebruiker %lu naar gebruiker %lu is "
+"mislukt: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: kopiëren van de faillog-post van gebruiker %lu naar gebruiker %lu is "
+"mislukt: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: waarschuwing: %s is niet van %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "aanpassen van de postvak-eigenaar is mislukt"
+
+msgid "failed to rename mailbox"
+msgstr "hernoemen van het postvak is mislukt"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"U heeft %s gewijzigd.\n"
+"Uit consistentieoverwegingen zou u %s moeten wijzigen.\n"
+"Gebruik het commando '%s' om dit te doen.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group bewerk de groepsdatabase\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd bewerk de wachtwoorddatabase\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+" -s, --shadow bewerk de shadow- of de gshadow-database\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+" -u, --user tcb-schaduwbestand van bepaalde gebruiker "
+"bewerken\n"
+
+#, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: verwijderen van %s is mislukt\n"
+
+#, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s is niet veranderd\n"
+
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "aanmaken van initiële map is mislukt"
+
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "afgeven van rechten is mislukt"
+
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Kon bestandscontext niet verkrijgen"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () is mislukt"
+
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "verwerven van rechten is mislukt"
+
+msgid "Couldn't lock file"
+msgstr "Kon bestand niet vergrendelen"
+
+msgid "Couldn't make backup"
+msgstr "Kon geen reservekopie maken"
+
+#| msgid "Unable to open group file"
+msgid "failed to open scratch file\n"
+msgstr "initieel bestand openen is mislukt\n"
+
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "ontkoppelen van initieel bestand is mislukt"
+
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "opvragen van status van bewerkt bestand is mislukt"
+
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "geheugen toekennen is mislukt"
+
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "maken van reservekopie is mislukt"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: kan %s niet herstellen: %s (uw aanpassingen staan in %s)\n"
+
+#, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: tcb-map van %s vinden is mislukt\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Gebruik: %s [invoer]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) is mislukt\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: chage [opties] [GEBRUIKERSNAAM]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -d, --lastday LAATSTE_DAG stel 'laatste wachtwoordaanpassing' in "
+#~ "op\n"
+#~ " LAATSTE_DAG\n"
+#~ " -E, --expiredate VERVALDATUM stel account-vervaldatum in op "
+#~ "VERVALDATUM\n"
+#~ " -h, --help geef deze boodschap weer en sluit af\n"
+#~ " -I, --inactive INACTIEF stel 'wachtwoord inactief na "
+#~ "vervaldatum'\n"
+#~ " in op INACTIEF\n"
+#~ " -l, --list geef account-verouderingsinformatie weer\n"
+#~ " -m, --mindays MIN_DAGEN stel minimum aantal dagen tussen\n"
+#~ " wachtwoordaanpassingen in op MIN_DAGEN\n"
+#~ " -M, --maxdays MAX_DAGEN stel maximum aantal dagen tussen\n"
+#~ " wachtwoordaanpassingen in op MAX_DAGEN\n"
+#~ " -W, --warndays WAARSCH_DAGEN stel aantal dagen met waarschuwing voor\n"
+#~ " vervallen account in op WAARSCH_DAGEN\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM-authentificatie is mislukt\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Gebruik: %s [-f volledige_naam] [-r kamer_nr] [-w tel_werk]\n"
+#~ " [-h tel_thuis] [-o varia] [gebruiker]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Gebruik: %s [-f volledige_naam] [-r kamer_nr] [-w tel_werk] [-h "
+#~ "tel_thuis]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Gebruik: chpasswd [opties]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -e, --encrypted opgegeven wachtwoorden zijn versleuteld\n"
+#~ " -h, --help toon dit bericht en sluit af\n"
+#~ " -m, --md5 maak gebruik van MD5-versleuteling i.p.v. DES "
+#~ "wanneer\n"
+#~ " opgegeven wachtwoorden niet versleuteld zijn\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: chsh [opties] GEBRUIKERSNAAM\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -h, --help toon deze boodschap en sluit af\n"
+#~ " -r, --shell SHELL nieuwe aanmeld-shell voor "
+#~ "gebruikersaccount\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Gebruik: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: kan bestand %s niet openen\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Gebruik: groupdel groep\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Gebruik: %s [-r] [-s] [groep [gshaduw]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Gebruik: %s [-r] [-s] [groep]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s en -r zijn niet compatibel\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Gebruik: groupdel groep\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Gebruik: groupdel groep\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: lastlog [opties]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -b, --before DAGEN toon enkel de lastlog-ingangen die ouder zijn dan\n"
+#~ " DAGEN\n"
+#~ " -h, --help toon dit bericht en sluit af\n"
+#~ " -t, --time DAGEN print enkel lastlog-records van de laatste DAGEN "
+#~ "dagen\n"
+#~ " -u, --user LOGIN print het lastlog-record van de gebruiker LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all report password status on all accounts\n"
+#~| " -d, --delete delete the password for the named "
+#~| "account\n"
+#~| " -e, --expire force expire the password for the named "
+#~| "account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --keep-tokens change password only if expired\n"
+#~| " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --lock lock the named account\n"
+#~| " -n, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -r, --repository REPOSITORY change password in REPOSITORY "
+#~| "repository\n"
+#~| " -S, --status report password status on the named "
+#~| "account\n"
+#~| " -u, --unlock unlock the named account\n"
+#~| " -w, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| " -x, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: passwd [opties] [GEBRUIKERSNAAM]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -a, --all geef wachtwoordstatus van alle accounts "
+#~ "weer\n"
+#~ " -d, --delete verwijder het wachtwoord voor de\n"
+#~ " genoemde account\n"
+#~ " -e, --expire doe het wachtwoord vervallen voor de\n"
+#~ " genoemde account\n"
+#~ " -h, --help toon deze boodschap en sluit af\n"
+#~ " -k, --keep-tokens verander wachtwoord indien het vervallen "
+#~ "is\n"
+#~ " -i, --inactive INACTIEF maak wachtwoord inactief als INACTIEF\n"
+#~ " wanneer het vervalt\n"
+#~ " -l, --lock vergrendel de genoemde account\n"
+#~ " -n, --mindays MIN_DAGEN stel het minimum aantal dagen voor\n"
+#~ " veranderen van het wachtwoord in op "
+#~ "MIN_DAGEN\n"
+#~ " -q, --quiet stille modus\n"
+#~ " -r, --repository REPOSITORY verander wachtwoord in REPOSITORY "
+#~ "opslagplaats\n"
+#~ " -S, --status geef de wachtwoordstatus van de genoemde\n"
+#~ " account weer\n"
+#~ " -u, --unlock ontgrendel de genoemde account\n"
+#~ " -w, --warndays WAARSCH_DAGEN stel het aantal dagen met waarschuwing "
+#~ "in\n"
+#~ " op WAARSCH_DAGEN\n"
+#~ " -x, --maxdays MAX_DAGEN stel het maximum aantal dagen voor\n"
+#~ " wachtwoordverandering in op MAX_DAGEN\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Gebruik: %s [-q] [-r] [-s] [wachtwoord [shaduw]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Gebruik: %s [-q] [-r] [-s] [wachtwoord [shaduw]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Gebruik: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Gebruik: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Onbekend ID: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Geen shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: userdel [opties] GEBRUIKERSNAAM\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -f, --force dwing verwijderen van bestanden af,\n"
+#~ " ook wanneer de gebruiker niet de eigenaar "
+#~ "is\n"
+#~ " -h, --help toon deze helbboodschap en sluit af\n"
+#~ " -r, --remove verwijder de thuismap en het mailbox-"
+#~ "bestand\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: gebruiker %s is momenteel aangemeld\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Gebruik: usermod [opties] GEBRUIKERSNAAM\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -a, --append GROEP voeg gebruiker toe aan de extra groep "
+#~ "GROEP\n"
+#~ " -c, --comment OPMERKING de nieuwe waarde voor het GECOS-veld\n"
+#~ " -d, --home-dir THUIS_MAP nieuwe thuismap voor de "
+#~ "gebruikersaccount\n"
+#~ " -e, --expiredate VERVALDATUM stel de vervaldatum in op VERVALDATUM\n"
+#~ " -f, --inactive INACTIEF stel het 'wachtwoord inactief na verval'\n"
+#~ " in op INACTIEF\n"
+#~ " -g, --gid GROEP dwing gebruik van GROEP af als de nieuwe\n"
+#~ " aanmeldgroep\n"
+#~ " -G, --groups GROEPEN lijst met aanvullende groepen\n"
+#~ " -h, --help geef deze boodschap weer en sluit af\n"
+#~ " -l, --login GEBRUIKERSNAAM nieuwe gebruikersnaam\n"
+#~ " -L, --lock vergrendel de gebruikersaccount\n"
+#~ " -m, --move-home verplaats de thuismap naar een nieuwe "
+#~ "locatie\n"
+#~ " (enkel gebruiken in combinatie met optie -"
+#~ "d)\n"
+#~ " -o, --non-unique laat dubbele (niet-unieke) UID toe\n"
+#~ " -p, --password WACHTWOORD gebruik versleuteld wachtwoord als het\n"
+#~ " nieuwe wachtwoord\n"
+#~ " -s, --shell SHELL gebruik gegeven shell als aanmeld-shell\n"
+#~ " voor de gebruikersaccount\n"
+#~ " -u, --uid UID nieuwe UID voor de gebruikersaccount\n"
+#~ " -U, --unlock ontgrendel de gebruikersaccount\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: geen opties gegeven\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: vipw [opties]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -g, --group de groepdatabase bewerken\n"
+#~ " -h, --help toon deze boodschap en sluit af\n"
+#~ " -p, --passwd passwd-database bewerken\n"
+#~ " -q, --quiet stille modus\n"
+#~ " -s, --shadow shadow- of gshadow-database bewerken\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Gebruik: %s [invoer]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: kan %s niet aanmaken\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: kan chown %s niet uitvoeren\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: faillog [opties]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -a, --all toon de faillog-records van alle gebruikers\n"
+#~ " -h, --help toon dit bericht en sluit af\n"
+#~ " -l, --lock-time SEC Bevries accounts SEC seconden na mislukt "
+#~ "aanmelden\n"
+#~ " -m, --maximum MAX stel maximaal aantal mislukte aanmeldingen in op "
+#~ "MAX\n"
+#~ " -r, --reset herbegin de tellers voor mislukte aanmeldingen\n"
+#~ " -t, --time AANTAL geef alle faillog records van de laatste AANTAL\n"
+#~ " dagen weer\n"
+#~ " -u, --user LOGIN geef faillog-record weer en onderhoud "
+#~ "mislukking-\n"
+#~ " tellers en limieten (indien de -r, -m or -l "
+#~ "opties\n"
+#~ " gebruikt worden), maar enkel voor gebruiker "
+#~ "LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: groupadd [opties] GROEP\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -f, --force succesvolle afsluitstatus afdwingen ook\n"
+#~ " als de opgegeven groep reeds bestaat\n"
+#~ " -g, --gid GID nieuwe groep krijgt de opgegeven GID\n"
+#~ " -h, --help geef deze boodschap weer en sluit af\n"
+#~ " -K, --key SLEUTEL=WAARDE overstijgt standaardwaarden\n"
+#~ " uit /etc/login.defs\n"
+#~ " -o, --non-unique laat aanmaken van groep met dubbele\n"
+#~ " (niet-unieke) GID toe\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: groupmod [opties] GROEP\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -g, --gid GID groep krijgt deze nieuwe GID\n"
+#~ " -h, --help geef deze boodschap weer en sluit af\n"
+#~ " -n, --new-name NIEUWE_NAAM groep krijgt deze nieuwe naam\n"
+#~ " -o, --non-unique laat aanmaken van groep met dubbele\n"
+#~ " (niet-unieke) GID toe\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Gebruik: useradd [opties] GEBRUIKERSNAAM\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -b, --base-dir BASIS_MAP basismap voor de thuismap van de nieuwe\n"
+#~ " gebruikersaccount\n"
+#~ " -c, --comment OPMERKING stel het GECOS-veld voor de nieuwe\n"
+#~ " gebruikersaccount in\n"
+#~ " -d, --home-dir THUIS_MAP thuismap voor de nieuwe "
+#~ "gebruikersaccount\n"
+#~ " -D, --defaults print de aangepaste useradd-"
+#~ "configuratie,\n"
+#~ " of sla deze op\n"
+#~ " -e, --expiredate VERVALDATUM stel de vervaldatum in op VERVALDATUM\n"
+#~ " -f, --inactive INACTIVE stel het 'wachtwoord inactief na verval'\n"
+#~ " in op INACTIEF\n"
+#~ " -g, --gid GROEP dwing gebruik van GROEP voor de nieuwe\n"
+#~ " gebruikersaccount af\n"
+#~ " -G, --groups GROEPEN lijst met aanvullende groepen voor de\n"
+#~ " gebruikersaccount\n"
+#~ " -h, --help geef deze boodschap weer en sluit af\n"
+#~ " -k, --skel SKEL_MAP gebruik een alternatief map-skelet\n"
+#~ " -K, --key SLEUTEL=WAARDE overstijg de standaardwaarden uit\n"
+#~ " /etc/login.defs\n"
+#~ " -m, --create-home maak een thuismap aan voor de nieuwe\n"
+#~ " gebruikersaccount\n"
+#~ " -o, --non-unique laat het aanmaken van gebruikersaccounts\n"
+#~ " met een dubbele (niet-unieke) UID toe\n"
+#~ " -p, --password WACHTWOORD gebruik versleuteld wachtwoord voor de\n"
+#~ " nieuwe gebruikersaccount\n"
+#~ " -s, --shell SHELL gebruik gegeven shell als aanmeld-shell\n"
+#~ " voor de gebruikersaccount\n"
+#~ " -u, --uid UID gebruik UID voor de nieuwe "
+#~ "gebruikersaccount\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Uw wachtwoord gaat vervallen."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet openen\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordenbestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordenbestand niet openen\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: kan het schaduwwachtwoordbestand niet herschrijven\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: kan het wachtwoordbestand niet herschrijven\n"
+
+#~ msgid "%s: can't update password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet bijwerken\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordbestand niet bijwerken\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tVolledige naam: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tKamernummer: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelefoon werk: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelefoon thuis: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "Kan het wachtwoordbestand niet vergrendelen; probeer het later nog eens.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Kan het wachtwoordbestand niet openen.\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s: %s is niet gevonden in /etc/passwd\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Fout tijdens het bijwerken van de wachtwoordingang.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Kan de aanpassingen aan het wachtwoordbestand niet vastleggen.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Kan het wachtwoordbestand niet ontgrendelen.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: kan groepbestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: kan groepbestand niet openen\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: kan het 'gshadow'-bestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: kan het schaduwbestand niet openen\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: fout tijdens bijwerken van schaduwbestand\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr ":%s: fout tijdens bijwerken groepingang\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: regel %d: onbekende groep %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: regel %d: kan ingang niet bijwerken\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: kan het 'shadow'-bestand niet vergrendelen\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: fout tijdens bijwerken van schaduwbestand\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: fout tijdens bijwerken van wachtwoordbestand\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: regel %d: onbekende gebruiker %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: regel %d: kan wachtwoordingang niet bijwerken\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: onbekende gebruiker\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Onbekende gebruiker %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Gebruik: %s [-r|-R] groep\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a gebruiker] groep\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d gebruiker] groep\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A gebruiker,...] [-M gebruiker,...] groep\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M gebruiker,...] groep\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: kan geen vergrendeling verkrijgen\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: kan geen schaduwvergrendeling verkrijgen\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: kan bestand niet openen\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: kan schaduwbestand niet herschrijven\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: kan bestand niet ontgrendelen\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: kan ingang niet bijwerken\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: kan schaduwingang niet bijwerken\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "onbekende groep: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: kan bestand niet openen\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: kan het schaduwbestand niet openen\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Wie bent u?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: onbekende gebruiker %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: fout tijdens toevoegen nieuwe groepingang\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: kan groepbestand niet herschrijven\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet herschrijven\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: kan groepbestand niet vergrendelen\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: kan groepbestand niet openen\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet vergrendelen\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet openen\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u is niet uniek\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: fout bij het verwijderen van de groepingang\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: fout tijdens het verwijderen van de schaduwgroepingang\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: kan de primaire groep van een gebruiker niet verwijderen.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Te verwijderen lid kon niet gevonden worden\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Gebruik: groupmems -a GEBRUIKERSNAAM | -d GEBRUIKERSNAAM | -D | -l [-g "
+#~ "GROEPNAAM]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Alleen root kan gebruikers toevoegen aan verschillende groepen\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Groeptoegang is vereist\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Niet de primaire eigenaar van de huidige groep\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM-authentificatie is mislukt\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Kan groepbestand niet vergrendelen\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Kan groepbestand niet sluiten\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s is niet gevonden in /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u is geen unieke GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s is geen unieke naam\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet herschrijven\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet vergrendelen\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet openen\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: kan schaduwingang voor %s niet bijwerken\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: kan ingang voor groep %s niet bijwerken\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet openen\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: kan schaduwgroep %s niet verwijderen\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet bijwerken\n"
+
+#~ msgid "%s: can't update group file\n"
+#~ msgstr "%s: kan groepbestand niet bijwerken\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet verwijderen\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "onbekende UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "onbekende GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: groep %s bestaan niet\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: gebruiker %s bestaat niet\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: ongeldige gebruikersnaam '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: kan /etc/passwd niet vergrendelen.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: kan /etc/passwd niet vergrendelen.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: kan /etc/passwd niet vergrendelen.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: kan /etc/passwd niet vergrendelen.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: kan bestanden niet openen\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: fout tijdens bijwerken bestanden\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: kan 'passwd'-ingang voor %s niet bijwerken\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: kan 'passwd'-bestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: kan 'passwd'-bestand niet openen\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: kan schaduwingang voor %s niet verwijderen\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: kan 'passwd'-bestand niet bijwerken\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: kan ingang voor gebruiker %s niet bijwerken\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordbestand niet verwijderen\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: onbekende GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: onbekende groep %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: onvoldoende geheugen in update_gshadow()\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet herschrijven\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordbestand niet herschrijven\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordbestand niet vergrendelen\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordbestand niet openen\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: fout tijdens vergrendelen groepbestand\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: fout tijdens openen groepbestand\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: fout tijdens vergrendelen schaduwgroepbestand\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: fout tijdens openen schaduwgroepbestand\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: fout tijdens toevoegen nieuwe wachtwoordingang\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: fout tijdens toevoegen schaduwwachtwoordingang\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: waarschuwing: CREATE_HOME wordt niet ondersteund, u dient in plaats "
+#~ "hiervan -m te gebruiken.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr ":%s: fout tijdens bijwerken groepingang\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr ":%s: fout tijdens bijwerken groepingang\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: kan groepbestand niet openen\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet openen\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: fout tijdens verwijderen wachtwoordingang\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: fout tijdens verwijderen schaduwwachtwoordingang\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: fout tijdens toevoegen nieuwe groepingang\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: UID %lu is niet uniek\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: fout tijdens aanpassen wachtwoordingang\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: fout tijdens verwijderen wachtwoordingang\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: fout tijdens verwijderen schaduwwachtwoordingang\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: kan geen unieke GID verkrijgen\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " op `%.100s' vanaf `%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " op `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: regel %d: kan geen UID aanmaken\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: naam %s is niet uniek\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: chpasswd [opties]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ " -e, --encrypted\topgegeven wachtwoorden zijn versleuteld\n"
+#~ " -h, --help\t\ttoon dit bericht en sluit af\n"
+#~ " -m, --md5\t\tmaak gebruik van MD5-versleuteling wanneer\n"
+#~ "\t\t\tde opgegeven wachtwoorden niet versleuteld zijn\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Geen wachtwoordbestand\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Sorry.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Sorry, het wachtwoord voor %s kan nog niet veranderd worden.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Sorry."
diff --git a/po/nn.po b/po/nn.po
new file mode 100644
index 0000000..59890ce
--- /dev/null
+++ b/po/nn.po
@@ -0,0 +1,3025 @@
+# translation of shadow.po to Norwegian (Nynorsk)
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# HÃ¥vard Korsvoll <korsvoll@skulelinux.no>, 2004.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2004-06-03 21:41+0200\n"
+"Last-Translator: HÃ¥vard Korsvoll <korsvoll@skulelinux.no>\n"
+"Language-Team: Norwegian (Nynorsk) <i18n-nn@lister.ping.uio.no>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.3.1\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Klarte ikkje finna plass for oppsettsinformasjon.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "oppsettsfeil - ukjent element «%s» (gje melding til administrator)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Passord: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s sitt passord: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Klarte ikkje finna plass for oppsettsinformasjon.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Endrar aldringsformasjonen for %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Klarer ikkje avgjere brukarnamnet ditt.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: linje %d: klarer ikkje finne brukar %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: tomt for minne\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: klarer ikkje oppdatere fila %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: ugyldig heimemappe «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: åtvaring: kan ikkje fjerna "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: åtvaring: kan ikkje fjerna "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: gje nytt namn: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: åtvaring: kan ikkje fjerna "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: åtvaring: kan ikkje fjerna "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: klarer ikkje oppdatere fila %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: klarer ikkje oppdatere skuggepassordfil\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: gje nytt namn: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: klarer ikkje opna fila %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Ã…tvaring: ukjent gruppe %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Ã…tvaring: for mange grupper\n"
+
+msgid "Your password has expired."
+msgstr "Passordet ditt er utgått."
+
+msgid "Your password is inactive."
+msgstr "Passordet ditt er inaktivt."
+
+msgid "Your login has expired."
+msgstr "Innlogginga di er utgått."
+
+msgid " Contact the system administrator."
+msgstr " Ta kontakt med systemadministrator."
+
+msgid " Choose a new password."
+msgstr " Lag eit nytt passord."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Passordet ditt vil utgå om %ld dagar.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Passordet ditt vil utgå i morgon."
+
+msgid "Your password will expire today."
+msgstr "Passordet ditt vil utgå i dag."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Klarer ikkje skifta tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: felta er for lange\n"
+
+#, fuzzy, c-format
+msgid "%s: "
+msgstr "passwd: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Miljø overflyt\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Du klarer ikkje endra $%s\n"
+
+#, fuzzy, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] "%d %s sidan førre innlogging. Førre var %s på %s.\n"
+msgstr[1] "%d %s sidan førre innlogging. Førre var %s på %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "klarte ikke å endra eigar av mailbox"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: klarer ikkje få unikt gid\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: klarer ikkje få unikt gid\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: klarer ikkje få unikt gid\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: klarer ikkje få unikt gid\n"
+
+msgid "Too many logins.\n"
+msgstr "For mange innloggingar.\n"
+
+msgid "You have new mail."
+msgstr "Du har ny e-post."
+
+msgid "No mail."
+msgstr "Ingen e-post."
+
+msgid "You have mail."
+msgstr "Du har e-post."
+
+#, fuzzy
+msgid "no change"
+msgstr "%s: ingen endringar\n"
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Feil passord: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() feila, feil %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Passord er endra."
+
+msgid "passwd: password updated successfully\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Feil passord for «%s»\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: ugyldig telefonnummer, heime: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Klarer ikkje cd til «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Inga mappe, loggar inn med HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Klarer ikkje køyra %s"
+
+#, fuzzy, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ugyldig rotmappe «%s»\n"
+
+#, fuzzy, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Klarer ikkje endra rotmappe til «%s»\n"
+
+#, fuzzy
+msgid "Unable to determine your tty name."
+msgstr "%s: Klarer ikkje avgjere brukarnamnet ditt.\n"
+
+#, fuzzy
+msgid "No"
+msgstr "Nei"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Skriv inn den nye verdien eller trykk Enter for standard"
+
+msgid "Minimum Password Age"
+msgstr "Minimum alder på passord"
+
+msgid "Maximum Password Age"
+msgstr "Maksimum alder på passord"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Førre passordendring (ÅÅÅÅ-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Åtvaring for utgått passord"
+
+msgid "Password Inactive"
+msgstr "Passord inaktivt"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Dato for når kontoen utgår (ÅÅÅÅ-MM-DD)"
+
+#, fuzzy
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Førre passordendring (ÅÅÅÅ-MM-DD)"
+
+#, fuzzy
+msgid "never"
+msgstr "Aldri"
+
+msgid "password must be changed"
+msgstr "Passord er endra"
+
+#, fuzzy
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Passord utgår:\t"
+
+#, fuzzy
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Passord inaktiv:\t"
+
+#, fuzzy
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Konto utgår:\t"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ugyldig nummerisk argument «%s»\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: ta ikkje med «l» med andre flagg\n"
+
+#, fuzzy, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: nekta tilgang\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Klarer ikkje avgjere brukarnamnet ditt.\n"
+
+#, fuzzy, c-format
+msgid "%s: PAM: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: klarer ikkje låsa filer, prøv igjen seinare\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: klarer ikkje opna fila %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: klarer ikkje opna skuggepassordfila\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Endrar aldringsformasjonen for %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: feil ved endring av felt\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Fullt namn"
+
+#, fuzzy, c-format
+msgid "\t%s: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "Room Number"
+msgstr "Romnummer"
+
+msgid "Work Phone"
+msgstr "Telefon, arbeid"
+
+msgid "Home Phone"
+msgstr "Telefon, heime"
+
+msgid "Other"
+msgstr "Anna"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Klarer ikkje endra ID til root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ugyldig namn: «%s»\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: ugyldig romnummer: «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: ugyldig telefonnummer, heime: «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: «%s» inneheld ulovlege teikn\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: «%s» inneheld ulovlege teikn\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: klarer ikkje endra brukar «%s» på NIS-klient.\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» er NIS-hovud for denne klienten.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Endrar brukarinformasjon for %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: felta er for lange\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: do not include \"l\" with other flags\n"
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: ta ikkje med «l» med andre flagg\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linje %d: linja er for lang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linje %d: manglar nytt passord\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: gruppe %s eksisterer ikkje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linje %d: kan ikkje oppdatere oppføring\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: feil funne, endringar er ikkje utført\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Innloggingskal"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Du treng ikkje endra skal for %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Endra innloggingskal for %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Ugyldig inntasting: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s er eit ugyldig skal.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: åtvaring: %s er ikkje eigd av %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: ugyldig nummerisk argument «%s»\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds igjen]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lås]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Ukjent brukar: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Passordet for %s kan ikkje endrast.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Passordet for %s kan ikkje endrast.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: skuggepassord for gruppe krevst for -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: gruppe %s eksisterer ikkje\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Endrar passordet for gruppa %s\n"
+
+msgid "New Password: "
+msgstr "Nytt passord: "
+
+msgid "Re-enter new password: "
+msgstr "Gjenta det nye passordet: "
+
+msgid "They don't match; try again"
+msgstr "Passorda er ikkje like, prøv igjen"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Prøv igjen seinare\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Legg brukaren %s til gruppa %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Fjernar brukaren %s frå gruppa %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Ikkje ein tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s er ikkje eit gyldig gruppenamn\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "ugyldig gruppenamn «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -O krev NAME=VERDI\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: gruppa %s finst allereie\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Klarer ikkje avgjere brukarnamnet ditt.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: klarer ikkje endra brukar «%s» på NIS-klient.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: gruppe %s eksisterer ikkje\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: gruppe «%s» er ei NIS-gruppe.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s er NIS-hovudet\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: brukar %s er ikkje ein NIS brukar\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: slapp opp for minne i update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "ugyldig gruppenamn «%s»\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: gruppe %s er ei NIS-gruppe\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: ukjend brukar %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s og -r er inkompatible\n"
+
+msgid "invalid group file entry"
+msgstr "ugyldig oppføring for gruppefil"
+
+#, fuzzy, c-format
+msgid "delete line '%s'? "
+msgstr "slett linja «%s»? "
+
+msgid "duplicate group entry"
+msgstr "duplisert gruppeoppføring"
+
+#, fuzzy, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ugyldig gruppenamn «%s»\n"
+
+#, fuzzy, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ugyldig gruppenamn «%s»\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "gruppe %s: ingen brukar %s\n"
+
+#, fuzzy, c-format
+msgid "delete member '%s'? "
+msgstr "slett medlem «%s»?"
+
+#, fuzzy, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "ingen passande oppføring for gruppefil\n"
+
+#, fuzzy, c-format
+msgid "add group '%s' in %s? "
+msgstr "skuggegruppe %s: ingen brukar %s\n"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "ugyldig oppføring av skuggegruppefil"
+
+msgid "duplicate shadow group entry"
+msgstr "duplisert oppføring for skuggegruppe"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "skuggegruppe %s: ingen administratorbrukar %s\n"
+
+#, fuzzy, c-format
+msgid "delete administrative member '%s'? "
+msgstr "slett administratormedlem «%s»?"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "skuggegruppe %s: ingen brukar %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: filene er oppdaterte\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: ingen endringar\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: klarer ikkje oppdatere fila %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Bruk: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Bruk: id\n"
+
+msgid " groups="
+msgstr " grupper="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "Brukarnamn Port Frå Siste"
+
+msgid "Username Port Latest"
+msgstr "Brukarnamn Port Siste"
+
+msgid "**Never logged in**"
+msgstr "**Aldri vore innlogga**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: klarer ikkje oppdatere passordfil\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Bruk: %s [-p] [namn]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h vert] [-f namn]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r vert\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Ugyldig innloggingstid"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systemet stengt for rutinemessig vedlikehald"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Fråkopling omgått -- innlogging av root er tillete.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Innlogging gjekk ut på tid etter %d sekund.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s login: "
+msgstr ""
+"\n"
+"%s brukarnamn: "
+
+#, fuzzy
+msgid "login: "
+msgstr ""
+"\n"
+"%s brukarnamn: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr ""
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr "Feil innlogging"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: linje %d: klarer ikkje finne brukar %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s brukarnamn: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Ã…tvaring: innlogging gjort mogeleg igjen etter mellombels utestenging."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Førre innlogging: %s på %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Førre inlogging: %.19s på %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " frå %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Bruk: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Bruk: newgrp [-] [gruppe]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Bruk: sg gruppe [[-c] kommando]\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Gamalt passord:"
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+msgid "too many groups\n"
+msgstr "for mange grupper\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: gruppe %s eksisterer ikkje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ugyldig brukarnamn «%s»\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: ugyldig brukarnamn «%s»\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linje %d: ugyldig linje\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: klarer ikkje oppdatere oppføring for brukar %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linje %d: klarer ikkje laga GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linje %d: klarer ikkje laga GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linje %d: klarer ikkje oppdatere passord\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linje %d: mkdir feila\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linje %d: chown feila\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linje %d: kan ikkje oppdatere oppføring\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: linje %d: kan ikkje oppdatere oppføring\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: kan ikkje oppretta %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: klarer ikkje oppdatere gruppefil\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Gamalt passord:"
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Skriv inn det nye passordet (minimum %d, maksimum %d teikn)\n"
+"Bruk ein kombinasjon av store og små bokstavar og tal.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Skriv inn det nye passordet (minimum %d, maksimum %d teikn)\n"
+"Bruk ein kombinasjon av store og små bokstavar og tal.\n"
+
+msgid "New password: "
+msgstr "Nytt passord: "
+
+msgid "Try again."
+msgstr "Prøv igjen."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Åtvaring: Svakt passord (skriv det inn ein gong til for å bruka det likevel)."
+
+msgid "They don't match; try again.\n"
+msgstr "Passorda er ikkje like, prøv igjen.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Passordet for %s kan ikkje endrast.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Passordet for %s kan ikkje endrast.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: arkiv %s er ikkje støtta\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "Du treng ikkje endra skal for %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Enrar passord for %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Passordet til %s er ikkje endra.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Passord er endra."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Åtvaring for utgått passord"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "Ugyldig oppføring i passordfila"
+
+msgid "duplicate password entry"
+msgstr "duplisert oppføring i passordfila"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ugyldig brukarnamn «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "ugyldig brukarnamn «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "brukar %s: inga gruppe %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "brukar %s: mappe %s finst ikkje\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "brukar %s: program %s finst ikkje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: klarer ikkje låse fila %s\n"
+
+#, fuzzy, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "ingen oppføringar i passordfila som passar\n"
+
+#, fuzzy, c-format
+msgid "add user '%s' in %s? "
+msgstr "skuggegruppe %s: ingen brukar %s\n"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "ugyldig oppføring i skuggepassordfila"
+
+msgid "duplicate shadow password entry"
+msgstr "duplisert oppføring i skuggepassordfila"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "brukar %s: siste passordendring i framtida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: klarer ikkje opna fila %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: klarer ikkje skriva ny fila\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Tilgang til su for den kontoen er AVVIST.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Passordautentisering er forbigått.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Oppgje ditt EIGE passord for autentisering.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: klarer ikkje låse fila %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s\n"
+msgstr "passwd: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorert)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Du er ikkje autorisert til su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Skriv inn ditt eige passord)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM-autentisering feila\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Du er ikkje autorisert til su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Inga passordoppføring for «root»"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: må køyrast frå ein terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: feil %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Klarer ikkje køyra %s"
+
+msgid "No password file"
+msgstr "Inga passordfil"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Inga passordoppføring for «root»"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Trykk Ctrl-d for å halda fram med normal oppstart,\n"
+"(eller oppgje root-passord for systemvedlikehald):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Startar modus for systemvedlikehald"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: klarer ikkje opprette fil for standardverdiar\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: klarer ikkje opna fil for standardverdiar\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linje %d: chown feila\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: gje nytt namn: %s"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: gruppe «%s» er ei NIS-gruppe.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: for mange grupper spesifisert (maks %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ugyldig startmappe «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ugyldig kommentar «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ugyldig heimemappe «%s»\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: skuggepassord krevst for -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: skuggepassord krevst for -f\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ugyldig felt «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ugyldig skal «%s»\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: linje %d: kan ikkje oppdatere oppføring\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: brukar %s finst\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: gruppa %s finst - viss du ønskjer å leggja brukaren til denne gruppa, "
+"bruk -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: kan ikkje oppretta %s\n"
+
+#, fuzzy, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: gid %u er ikkje unikt\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: kan ikkje oppretta %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: kan ikkje oppretta %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: kan ikkje oppretta %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: klarer ikkje endra brukar «%s» på NIS-klient.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s: klarer ikkje fjerna primærgruppa til brukaren.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: ugyldig heimemappe «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: åtvaring: kan ikkje fjerna "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ikkje eigd av %s, ikkje fjerna\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: klarer ikkje oppdatere fila %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: brukar %s er ikkje ein NIS brukar\n"
+
+#, fuzzy, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: ugyldig heimemappe «%s»\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: fjernar ikkje mappa %s (det ville fjerna heimemappa til brukar %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: feil ved fjerning av mappe %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: brukar %s finst\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: klarer ikkje opna fila %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: skuggepassord krevst for -e og -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: mappa %s finst\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: åtvaring: %s er ikkje eigd av %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "klarte ikke å endra eigar av mailbox"
+
+msgid "failed to rename mailbox"
+msgstr "klarte ikkje endra namn på mailbox"
+
+#, fuzzy, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: felta er for lange\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: ugyldig startmappe «%s»\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s er ikkje endra\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "klarte ikkje endra namn på mailbox"
+
+#, fuzzy
+msgid "failed to drop privileges"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Klarte ikkje låsa fil"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr "Klarte ikkje låsa fil"
+
+msgid "Couldn't make backup"
+msgstr "Klarte ikkje laga reservekopi"
+
+#, fuzzy, c-format
+msgid "%s: %s: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s ikkje funne i /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s: klarer ikkje opna gruppefil\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: felta er for lange\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "klarte ikkje endra namn på mailbox"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "klarte ikke å endra eigar av mailbox"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "klarte ikkje endra namn på mailbox"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: klarer ikkje gjenoppretta %s: %s (endringane dine er i %s)\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: ugyldig startmappe «%s»\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Bruk: %s [inndata]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) feila\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM-autentisering feila\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Bruk: %s [-f fullt_namn] [-r romnr] [-w tlf_arb]\n"
+#~ "\t[-h tlf_heime] [-o anna] [brukar]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "Bruk: %s [-f fullt_namn] [-r romnr] [-w tlf_arb] [-h tlf_heime]\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Bruk: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: klarer ikkje opna fila %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Bruk: goupdel gruppe\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Bruk: %s [-r] [-s] [gruppe [gskugge]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Bruk: %s [-r] [-s] [gruppe]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s og -r er inkompatible\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Bruk: goupdel gruppe\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Bruk: goupdel gruppe\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Bruk: %s [-q] [-r] [-s] [passord [skugge]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Bruk: %s [-q] [-r] [-s] [passord [skugge]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Bruk: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Bruk: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Ukjent id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Ingen skal\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: brukaren %s er pålogga\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: ingen flagg oppgjeve\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Bruk: %s [inndata]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: kan ikkje oppretta %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: kan ikkje chown %s\n"
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "Passordet ditt er utgått."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: klarer ikkje låsa passordfil\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: klarer ikkje opna passordfil\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggepassordfila\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: klarer ikkje opna skuggepassordfila\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: klarer ikkje skriva ny skuggepassordfil\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: klarer ikkje skriva ny passordfil\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: klarer ikkje oppdatere skuggepassordfil\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tFullt namn: %s\n"
+
+#, fuzzy
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "Romnummer"
+
+#, fuzzy
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "Telefon, arbeid"
+
+#, fuzzy
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "Telefon, heime"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Klarer ikkje låsa passordfila, prøv igjen seinare.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Klarer ikkje opna passordfila.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Feil ved oppdatering av passordet.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Klarer ikkje utføra endringar i passordfila.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Klarer ikkje låsa opp passordfila.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: klarer ikkje låsa gruppefil\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: klarer ikkje opna gruppefil\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggepassordfila\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: klarer ikkje opna skuggepassordfila\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: feil ved oppdatering av skuggepassordfila\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: feil ved oppdatering av gruppeoppføring\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: linje %d: ukjent brukar %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: linje %d: kan ikkje oppdatere oppføring\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggepassordfila\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: feil ved oppdatering av skuggepassordfila\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: feil ved oppdatering av passordfila\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: linje %d: ukjent brukar %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: linje %d: klarer ikkje oppdatere passordet\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: ukjent brukar\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Ukjent brukar: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Bruk: %s [-r|-R] gruppe\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a brukar] gruppe\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d brukar] gruppe\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A brukar,...] [-M brukar,...] gruppe\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M brukar,...] gruppe\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: klarer ikkje få lås\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: klarer ikkje få lås på skuggefil\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: klarer ikkje opna fil\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: klarer ikkje skriva ny skuggefil\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: klarer ikkje låsa opp fil\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: klarer ikkje oppdatere oppføring\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: klarer ikkje oppdatere skuggeoppføring\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "ukjent gruppe: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: klarer ikkje opna fil\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: klarer ikkje opna skuggepassordfila\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Kven er du?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: ukjent medlem %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: feil ved oppretting av ny gruppeoppføring\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: klarer ikkje skriva ny gruppefil\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: klarer ikkje skriva ny skuggegruppefil\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: klarer ikkje låsa gruppefil\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: klarer ikkje opna gruppefil\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggegruppefil\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: klarer ikkje opna skuggegruppefil\n"
+
+#, fuzzy
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: gid %u er ikkje unikt\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: feil ved fjerning av gruppeoppføring\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: feil ved fjerning av oppføring for skuggegruppe\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: klarer ikkje fjerna primærgruppa til brukaren.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: PAM-autentisering feila\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: klarer ikkje låsa gruppefil\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: klarer ikkje opna gruppefila\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s ikkje funne i /etc/group\n"
+
+#, fuzzy
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u er ikkje ein unik gid\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s er ikkje eit unikt namn\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: klarer ikkje skriva ny passordfil\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: klarer ikkje låsa passordfil\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: klarer ikkje opna passordfil\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: klarer ikkje oppdatere skuggeoppføring for %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: klarer ikkje oppdatere oppføring for gruppa %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggegruppefil\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: klarer ikkje opna skuggegruppefil\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: klarer ikkje fjerna skuggegruppe %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: klarer ikkje oppdatere skuggegruppefil\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: klan ikkje slette skuggegruppefil\n"
+
+#, fuzzy
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "ukjent GID: %lu\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "ukjent GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: gruppe %s eksisterer ikkje\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: brukar %s finst ikkje\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: ugyldig brukarnamn «%s»\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: klarer ikkje låsa /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: klarer ikkje låsa /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: klarer ikkje låsa /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: klarer ikkje låsa /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: klarer ikkje opna filer\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: feil ved oppdatering av filer\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: klarer ikkje oppdatere oppføring i passordfila for %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: klarer ikkje låda passordfil\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: klarer ikkje opna passordfil\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: klarer ikkje fjerna oppføring for %s i skuggepassordfila\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: klarer ikkje oppdatere passordfil\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: klarer ikkje oppdatere oppføring for brukar %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: klarer ikkje sletta skuggepassordfil\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: ukjent GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: ukjent gruppe %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: slapp opp for minne i update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: klarer ikkje skriva ny passordfil\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: klarer ikkje skriva ny skuggepassordfil\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggepassordfil\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: klarer ikkje opna skuggepassordfil\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: feil ved låsing av gruppefil\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: feil ved opning av gruppefil\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: feil ved låsing av skuggegruppefil\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: feil ved opning av skuggegruppefil\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: feil når passordoppføring blei lagt til\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: feil når oppføring av skuggepassord blei lag til\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: åtvaring: CREATE_HOME ikkje støtta, bruk -m istaden.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: feil ved oppdatering av gruppeoppføring\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: feil ved oppdatering av gruppeoppføring\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: klarer ikkje opna gruppefila\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: klarer ikkje opna skuggepassordfila\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: feil ved sletting av passordoppføring\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: feil ved sletting av skuggepassordoppføring\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: feil ved oppretting av ny gruppeoppføring\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu er ikkje unik\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: feil ved endring av passordoppføring\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: feil ved sletting av passordoppføring\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: feil ved sletting av oppføring for skuggepassord\n"
+
+#, fuzzy
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: klarer ikkje få unikt gid\n"
+
+#, fuzzy
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " på «%.100s» frå «%.200s»"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr " på «%.100s»"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: linje %d: klarer ikkje laga UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: namn %s er ikkje unikt\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Inga passordfil\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Ã…rsak.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Passordet for %s kan ikkje endrast enno.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Ã…rsak."
diff --git a/po/pl.po b/po/pl.po
new file mode 100644
index 0000000..6078661
--- /dev/null
+++ b/po/pl.po
@@ -0,0 +1,3625 @@
+# Polish translation for shadow.
+# Copyright (C) 1999 Free Software Foundation, Inc.
+# Arkadiusz Miśkiewicz <misiek@misiek.eu.org>, 1999.
+# Jakub Bogusz <qboosh@pld-linux.org>, 2003-2004.
+# Tomasz KÅ‚oczko <kloczek@pld.org.pl>, 2004-2006
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-25 20:53+0100\n"
+"Last-Translator: Tomasz KÅ‚oczko <kloczek@pld.org.pl>\n"
+"Language-Team: Polish <translation-team-pl@lists.sourceforge.net>\n"
+"Language: pl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 "
+"|| n%100>=20) ? 1 : 2);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Nie można przydzielić miejsca dla informacji o konfiguracji.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"błąd w konfiguracji - nieznana pozycja '%s' (powiadom administratora)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Hasło: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Hasło użytkownika %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Nie można przydzielić miejsca dla informacji o konfiguracji.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Zmieniam informację o użytkowniku %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Nie można ustalić twojej nazwy użytkownika.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: linia %d: nie można znaleźć użytkownika %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: brak pamięci\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: nie można zaktualizować pliku %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: nieprawidłowy katalog domowy '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: ostrzeżenie: nie można usunąć "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: ostrzeżenie: nie można usunąć "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: zmiana nazwy: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: ostrzeżenie: nie można usunąć "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: ostrzeżenie: nie można usunąć "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: nie można zaktualizować pliku %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: nie można zaktualizować pliku z ukrytymi hasłami\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: zmiana nazwy: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: nie można otworzyć pliku %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Ostrzeżenie: nieznana grupa %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Ostrzeżenie: zbyt wiele grup\n"
+
+msgid "Your password has expired."
+msgstr "Twoje hasło straciło ważność."
+
+msgid "Your password is inactive."
+msgstr "Twoje hasło jest nieaktywne."
+
+msgid "Your login has expired."
+msgstr "Twoje konto straciło ważność."
+
+msgid " Contact the system administrator."
+msgstr " Skontaktuj siÄ™ z administratorem systemu."
+
+msgid " Choose a new password."
+msgstr " Wybierz nowe hasło."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Twoje hasło straci ważność w ciągu %ld dni.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Jutro twoje hasło straci ważność."
+
+msgid "Your password will expire today."
+msgstr "Dziś twoje hasło straci ważność."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Nie można zmienić tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: pola zbyt długie\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Przepełnienie środowiska\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Nie możesz zmieniać $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d nieudana próba logowania od ostatniego logowania.\n"
+"Ostatnie logowanie: dnia %s na terminalu %s.\n"
+msgstr[1] ""
+"%d nieudane próby logowania od ostatniego logowania.\n"
+"Ostatnie logowanie: dnia %s na terminalu %s.\n"
+msgstr[2] ""
+"%d nieudanych prób logowania od ostatniego logowania.\n"
+"Ostatnie logowanie: dnia %s na terminalu %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "zmiana właściciela skrzynki pocztowej nie powiodła się"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: nie można uzyskać niepowtarzalnego UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: nie można uzyskać niepowtarzalnego GID\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: nie można uzyskać niepowtarzalnego UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: nie można uzyskać niepowtarzalnego UID\n"
+
+msgid "Too many logins.\n"
+msgstr "Zbyt wiele otwartych sesji.\n"
+
+msgid "You have new mail."
+msgstr "Masz nowÄ… pocztÄ™."
+
+msgid "No mail."
+msgstr "Nie masz poczty."
+
+msgid "You have mail."
+msgstr "Masz pocztÄ™."
+
+msgid "no change"
+msgstr "bez zmian"
+
+msgid "a palindrome"
+msgstr "palindrom"
+
+msgid "case changes only"
+msgstr "zmieniona tylko wielkości liter"
+
+msgid "too similar"
+msgstr "zbyt podobne"
+
+msgid "too simple"
+msgstr "za proste"
+
+msgid "rotated"
+msgstr "rotacja"
+
+msgid "too short"
+msgstr "za krótkie"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Złe hasło: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() nie powiodło się, błąd %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Hasło zmienione."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: hasło zostało zmienione\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Nieprawidłowe hasło %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: nieprawidłowy numer telefonu domowego: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Nie można zmienić katalogu na '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Brak katalogu, logujÄ™ z HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Nie można uruchomić %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Nieprawidłowy katalog główny '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Nie można zmienić głównego katalogu na '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Nie można ustalić nazwy twojego terminala."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Nie\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Wpisz nową wartość lub wciśnij ENTER by przyjąć wartość domyślną"
+
+msgid "Minimum Password Age"
+msgstr "Minimalny wiek hasła"
+
+msgid "Maximum Password Age"
+msgstr "Maksymalny wiek hasła"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Ostatnia zmiana hasła (RRRR-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Ostrzeżenie o utracie ważności hasła"
+
+msgid "Password Inactive"
+msgstr "Hasło nieaktywne"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data utraty ważności konta (RRRR-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Ostatnia zmiana hasła\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nigdy"
+
+msgid "password must be changed"
+msgstr "Hasło musi zostać zmienione"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Hasło traci ważność\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Hasło nieaktywne\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Konto traci ważność\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimalna ilość dni pomiędzy zmianami hasła\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maksymalna ilość dni pomiędzy zmianami hasła\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Liczba dni ostrzeżenia, zanim ważność hasła upłynie\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: nieprawidłowa data '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: nieprawidłowy argument numeryczny '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: nie Å‚Ä…cz \"l\" z innymi flagami\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Operacja niedozwolona.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Nie można ustalić twojej nazwy użytkownika.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: nie można zablokować plików, spróbuj później\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: nie można otworzyć pliku %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: failure forking: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: brak pliku z ukrytymi hasłami\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Zmieniam informację o użytkowniku %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: błąd podczas zmieniania pól\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "ImiÄ™ i nazwisko"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Numer pokoju"
+
+msgid "Work Phone"
+msgstr "Telefon do pracy"
+
+msgid "Home Phone"
+msgstr "Telefon domowy"
+
+msgid "Other"
+msgstr "Inne"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Nie można zmienić ID na root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nieprawidłowa nazwa: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: nieprawidłowy numer pokoju: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: nieprawidłowy numer telefonu do pracy: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: nieprawidłowy numer telefonu domowego: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' zawiera nieprawidłowe znaki\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' zawiera nieprawidłowe znaki\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: nie można zmienić użytkownika '%s' na kliencie NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' jest nadrzędnym serwerem NIS dla tego klienta.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Zmieniam informację o użytkowniku %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: pola zbyt długie\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: opcja -a można użyć TYLKO z pcją -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linia %d: linia zbyt długa\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linia %d: brakuje nowego hasła\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: grupa %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linia %d: nie można zaktualizować wpisu\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: wykryto błąd, zignorowano modyfikacje\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Powłoka logowania"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Nie możesz zmieniać powłoki dla %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Zmieniam powłokę logowania dla %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Nieprawidłowy wpis: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s jest nieprawidłową powłoką.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: ostrzeżenie: właścicielem %s nie jest %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: nieoczekiwany argument: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Login Nieudane Maks. Ostanio Na\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [pozostało %lds]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [blokada %lds]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Nieznany użytkownik: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Hasło dla %s nie może być zmienione.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Hasło dla %s nie może być zmienione.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: plik z ukrytymi hasłami grup wymagany dla -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grupa %s nie istnieje\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: failure forking: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Zmieniam hasło dla grupy %s\n"
+
+msgid "New Password: "
+msgstr "Nowe hasło: "
+
+msgid "Re-enter new password: "
+msgstr "Wpisz hasło ponownie: "
+
+msgid "They don't match; try again"
+msgstr "Nie zgadzają się; spróbuj ponownie"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Spróbuj ponownie później\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Dodaję nowego użytkownika %s do grupy %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Usuwam użytkownika %s z grupy %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: To nie tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s: nie jest prawidłową nazwą grupy\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "nieprawidłowa nazwa grupy '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K wymaga KLUCZ=WARTOŚĆ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grupa %s istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Członek grupy już istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Nie można ustalić twojej nazwy użytkownika.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: nie można zmienić użytkownika '%s' na kliencie NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grupa %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grupa '%s' jest grupÄ… NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s jest głównym serwerem NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: użytkownik %s jest użytkownikiem NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: zabrakło pamięci w update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "nieprawidłowa nazwa grupy '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: grupa %s jest grupÄ… NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: nieznany użytkownik %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s i -r sÄ… niekompatybilne\n"
+
+msgid "invalid group file entry"
+msgstr "nieprawidłowy wpis do pliku grup"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "usunąć linię '%s'? "
+
+msgid "duplicate group entry"
+msgstr "powtórzony wpis w pliku grup"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nieprawidłowa nazwa grupy '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "nieprawidłowa nazwa grupy '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupa %s: nie ma użytkownika %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "skasować członka '%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "brak pasujÄ…cego wpisu w pliku group %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "dodać grupę '%s' w %s ?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "nieprawidłowy wpis w pliku z ukrytymi hasłami grup"
+
+msgid "duplicate shadow group entry"
+msgstr "powtórzony wpis w pliku z ukrytymi hasłami grup"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr ""
+"grupa %s: użytkownik administracyjny %s z pliku ukrytych haseł grup nie "
+"istnieje\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "usunąć członka administracyjnego '%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupa %s: użytkownik %s z pliku ukrytych haseł grup nie istnieje\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: pliki zostały zaktualizowane\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: bez zmian\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: nie można zaktualizować pliku %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Użycie: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Użycie: id\n"
+
+msgid " groups="
+msgstr " grupy="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "Użytkownik Port Z Ostatnio"
+
+msgid "Username Port Latest"
+msgstr "Użytkownik Port Ostatnio"
+
+msgid "**Never logged in**"
+msgstr "**Nigdy nie zalogowany**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: nie można zaktualizować pliku z hasłami\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Użycie: %s [-p] [nazwa]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h host] [-f nazwa]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Nieprawidłowy czas logowania"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"System zamknięty do rutynowej konserwacji."
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Rozłączenie pominięte -- zezwolenie na logowanie się roota.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Brak wpisu w utmp. Musisz wykonać \"login\" z najniższego poziomu \"sh\""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Limit czasu logowania przekroczony po %d sekundach.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM niepowodzenie, przerwane: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maksymalna ilość prób przekroczona (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: przerwanie wywołane przez PAM\n"
+
+msgid "Login incorrect"
+msgstr "Nieprawidłowe logowanie"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: linia %d: nie można znaleźć użytkownika %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: failure forking: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Ostrzeżenie: logowanie ponownie odblokowanie po czasowej blokadzie."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Ostatnie logowanie: %s na %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Ostatnie logowanie: %s na %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " z %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"przekroczony czas logowania\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Użycie: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Użycie: newgrp [-] [grupa]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Użycie: sg grupa [[-c] polecenie]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Stare hasło: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: failure forking: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+msgid "too many groups\n"
+msgstr "zbyt wiele grup\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: grupa %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: nieprawidłowa nazwa użytkownika '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nieprawidłowa nazwa użytkownika '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linia %d: nieprawidłowa linia\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: nie można zaktualizować wpisu dla użytkownika %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linia %d: nie można utworzyć GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linia %d: nie można utworzyć GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linia %d: nie można zaktualizować pliku z hasłami\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linia %d: mkdir nie powiodło się\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linia %d: chown nie powiodło się\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linia %d: nie można zaktualizować wpisu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: nie można utworzyć %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: nie można zaktualizować pliku z grupami\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Stare hasło: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Wpisz nowe hasło (minimum %d, maksimum %d znaków)\n"
+"Proszę użyj kombinacji wielkich i małych znaków oraz cyfr.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Wpisz nowe hasło (minimum %d, maksimum %d znaków)\n"
+"Proszę użyj kombinacji wielkich i małych znaków oraz cyfr.\n"
+
+msgid "New password: "
+msgstr "Nowe hasło: "
+
+msgid "Try again."
+msgstr "Spróbuj ponownie."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Ostrzeżenie: słabe hasło (wpisz je ponowie jeśli jednak chcesz go użyć)."
+
+msgid "They don't match; try again.\n"
+msgstr "Nie zgadzają się; spróbuj ponownie.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Hasło dla %s nie może być zmienione.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Hasło dla %s nie może być zmienione.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: repozytorium %s nie jest obsługiwane\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Nie możesz przeglądać lub zmieniać informacji o haśle dla %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Zmieniam hasło dla %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Hasło dla %s pozostaje niezmienione.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Hasło zmienione."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Ostrzeżenie o utracie ważności hasła"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "nieprawidłowy wpis do pliku z hasłami"
+
+msgid "duplicate password entry"
+msgstr "powtórzony wpis w pliku z hasłami"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nieprawidłowa nazwa użytkownika '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "nieprawidłowa nazwa użytkownika '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "użytkownik %s: brak grupy %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "użytkownik %s: katalog %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "użytkownik %s: program %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: nie można zablokować pliku %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "brak pasującego wpisu w pliku z hasłami %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "dodać grupę '%s' w %s ?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "nieprawidłowy wpis w pliku z hasłami"
+
+msgid "duplicate shadow password entry"
+msgstr "powtórzony wpis w pliku z ukrytymi hasłami"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "użytkownik %s: ostatnia zmiana hasła w przyszłości\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: nie można otworzyć pliku %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: nie można przepisać pliku\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Dostęp do polecenia su z tego konta ZABRONIONY.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Uwierzytelnianie na podstawie hasła pominięte.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "ProszÄ™ wpisz swoje WÅASNE hasÅ‚o jako hasÅ‚o uwierzytelniajÄ…ce.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: nie można zablokować pliku %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Użycie: su [opcje] [LOGIN]\n"
+"\n"
+"Opcje:\n"
+" -c, --command POLECENIE uruchom POLECENIE w to wywoływanym shellu\n"
+" -h, --help wyświetlenie tego opisu i zakończenie działania\n"
+" -, -l, --login uruchom z powłoką z powłoką zgłoszeniową\n"
+" -m, -p,\n"
+" --preserve-environment uruchomienie z zachowaniem zmiennych środowiska\n"
+" -s, --shell SHELL użyj SHELL zamiast domyślny shell z passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Zignorowano)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Nie masz autoryzacji by używać su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Wpisz swoje własne hasło)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: błąd podczas uwierzytelniania przez PAM\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Nie masz autoryzacji by używać su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Brak wpisu do bazy haseł dla 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: musisz uruchamiać z terminala\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: błąd %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Nie można uruchomić %s"
+
+msgid "No password file"
+msgstr "Brak pliku z hasłami"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Brak wpisu do bazy haseł dla 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Naciśnij control-d by kontynuować normalny start\n"
+"(lub podaj hasło roota by przejść do trybu konserwacji systemu):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "WchodzÄ™ w tryb konserwacji systemu"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: nie można utworzyć nowego pliku z ustawieniami domyślnymi\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: nie można otworzyć nowego pliku z ustawieniami domyślnymi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linia %d: chown nie powiodło się\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: zmiana nazwy: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grupa '%s' jest grupÄ… NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: podano zbyt wiele grup (maks %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: nieprawidłowy katalog bazowy '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: nieprawidłowy komentarz '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: nieprawidłowy katalog domowy '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: ukryte hasła wymagane dla -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: ukryte hasła wymagane dla -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: nieprawidłowe pole '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: nieprawidłowa powłoka '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Tworzenie pliku mailbox"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Nie znaleziono grupy 'mail'. Tworzenie pliku mailbox użytkownika z prawami "
+"dostępu 600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Ustawianie praw dostępu do pliku mailbox"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: użytkownik %s istnieje\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: grupa %s istnieje - aby dodać tego użytkownika do tej grupy, użyj -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: nie można utworzyć %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u nie jest niepowtarzalny\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: nie można utworzyć %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: nie można utworzyć %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: nie można utworzyć %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: uwaga: katalog domowy już istnieje.\n"
+"Pliki z katalogu skel nie sÄ… kopiowane.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: nie można zmienić użytkownika '%s' na kliencie NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: nie można usunąć grupy %s która jest grupą podstawową\n"
+"dla innego użytkownika.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: nieprawidłowy katalog domowy '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: ostrzeżenie: nie można usunąć "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: właścicielem %s nie jest %s, nie usuwam\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: użytkownik %s jest użytkownikiem NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: nieprawidłowy katalog domowy '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: nie usuwam katalogu %s (usunęłoby to katalog domowy użytkownika %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: błąd podczas usuwania katalogu %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: użytkownik %s istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: nieprawidłowa data '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: nieprawidłowa data '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: nie można otworzyć pliku %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: ukryte hasła wymagane dla -e i -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Członek grupy już istnieje\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: katalog %s istnieje\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: uwaga: nie powiodło się całkowite usuniecie starego katalogu domovego %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: ostrzeżenie: właścicielem %s nie jest %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "zmiana właściciela skrzynki pocztowej nie powiodła się"
+
+msgid "failed to rename mailbox"
+msgstr "zmiana nazwy skrzynki pocztowej nie powiodła się"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s jest niezmieniony\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "zmiana nazwy skrzynki pocztowej nie powiodła się"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Nie można zablokować pliku"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Nie można zablokować pliku"
+
+msgid "Couldn't make backup"
+msgstr "Nie można wykonać kopii zapasowej"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nie znaleziono %s w /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Nie można otworzyć pliku z grupami\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: pola zbyt długie\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "zmiana nazwy skrzynki pocztowej nie powiodła się"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "zmiana właściciela skrzynki pocztowej nie powiodła się"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "zmiana nazwy skrzynki pocztowej nie powiodła się"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: nie można odzyskać %s: %s (twoje zmiany są w %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: nieprawidłowy katalog bazowy '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Użycie: %s [wejście]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) nie powiodło się\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: chage [opcje] [LOGIN]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -d, --lastday OSTATNI ustawia date ostatniej zmiany hasła na "
+#~ "OSTATNI\n"
+#~ " -E, --expiredate DATA_WAŻN ustawia datę ważności konta na DATA_WAŻN\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ " -I, --inactive NIEAKTYWNE ustwia liczbę dni nieaktywności konta po\n"
+#~ " których konta jest blokowane na "
+#~ "NIEAKTYWNE\n"
+#~ " -l, --list wyświetlenie informacji o terminach "
+#~ "ważności\n"
+#~ " konta i hasła\n"
+#~ " -m, --mindays MIN_DNI ustawia minimalną liczbę dni pomiędzy\n"
+#~ " zmianami hasła na wartość MIN_DNI\n"
+#~ " -M, --maxdays MAX_DNI ustawia maksymalnÄ… liczbÄ™ dni, przez "
+#~ "jakie\n"
+#~ " hasło jest ważne na wartość MAX_DNI\n"
+#~ " -W, --warndays DNI_OSTRZ ustawia na DNI_OSTRZ liczbÄ™ dni przed\n"
+#~ " upływem ważności hasła\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: błąd podczas uwierzytelniania przez PAM\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Użycie: %s [-f imię_nazwisko] [-r nr_pokoju] [-w tel_praca]\n"
+#~ "\t[-h tel_dom] [-o inne] [użytkownik]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Użycie: %s [-f imię_nazwisko] [-r nr_pokoju] [-w tel_praca] [-h tel_dom]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Użycie: chpasswd [opcje]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -e, --encrypted przekazywane hasła są w postaci zakodowane\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie działania\n"
+#~ " -m, --md5 użyj kodowania MD5 zamiast DES w przypadku kiedy\n"
+#~ " przekazywane hasła nie są zakodowane\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: chsh [opcje] [LOGIN]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie działania\n"
+#~ " -s, --shell SHELL nowy SHELL dla użytkownika LOGIN\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Użycie: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: nie można otworzyć pliku %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Użycie: groupdel grupa\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Użycie: %s [-r] [-s] [grupa [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Użycie: %s [-r] [-s] [grupa]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s i -r sÄ… niekompatybilne\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Użycie: groupdel grupa\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Użycie: groupdel grupa\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: lastlog [opcje]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -b, --before DNI wyświetl tylko rekordy lastlog starsze niż DNI\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie działania\n"
+#~ " -t, --time DNI wyświetl tylko rekordy lastlog nie starsze niż "
+#~ "DNI\n"
+#~ " -u, --user LOGIN wyświetl rekord lastlog tylko dla użytkownika\n"
+#~ " o loginie LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all report password status on all accounts\n"
+#~| " -d, --delete delete the password for the named "
+#~| "account\n"
+#~| " -e, --expire force expire the password for the named "
+#~| "account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --keep-tokens change password only if expired\n"
+#~| " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --lock lock the named account\n"
+#~| " -n, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -r, --repository REPOSITORY change password in REPOSITORY "
+#~| "repository\n"
+#~| " -S, --status report password status on the named "
+#~| "account\n"
+#~| " -u, --unlock unlock the named account\n"
+#~| " -w, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| " -x, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: passwd [opcje] [LOGIN]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -a, --all raportuj status hasła dla wszystkich "
+#~ "kont\n"
+#~ " -d, --delete kasuje hasło użytkowanika\n"
+#~ " -e, --expire wymuś przeterminowanie hasła\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ " -k, --keep-tokens zmiana hasła tylko w przypadku kiedy\n"
+#~ " jest przeterminowane\n"
+#~ " -i, --inactive NIEAKTYWNE konto przeterminowane po upływie "
+#~ "NIEAKTYWNE\n"
+#~ " dni po wygaśnięciu hasła\n"
+#~ " -l, --lock zablokuj konto\n"
+#~ " -n, --mindays MIN_DNI ustaw minimalną ilość dni prezed kolejną\n"
+#~ " zmianą hasła na MIN_DNI\n"
+#~ " -n, --mindays MIN_DNI ustawia minimalną liczbę dni pomiędzy\n"
+#~ " zmianami hasła na MIN_DNI\n"
+#~ " -q, --quiet cichy tryb pracy\n"
+#~ " -r, --repository REPOZYTORIUM zmień hasło w repozytorium REPOZYTORIUM\n"
+#~ " -S, --status raportuj status hasła\n"
+#~ " -u, --unlock odblokuj konto\n"
+#~ " -w, --warndays DNI_OSTRZ ustawia na DNI_OSTRZ liczbÄ™ dni przed\n"
+#~ " upływem ważności hasła\n"
+#~ " -x, --maxdays MAX_DNI ustawia maksymalnÄ… liczbÄ™ dni, przez "
+#~ "jakie\n"
+#~ " hasło jest ważne na wartość MAX_DNI\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Użycie: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Użycie: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Użycie: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Użycie: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Nieznany id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Brak powłoki\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: userdel [opcje] LOGIN\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -f, --force wymuś usunięcie plików nawet jeżeli nie "
+#~ "należą\n"
+#~ " do usuwanego użytkownika\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ " -r, --remove usuń katalog domowy i spool pocztowy\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: użytkownik %s jest aktualnie zalogowany\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Użycie: usermod [opcje] LOGIN\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -a, --append GRUPA dołącz użytkownika do do dodatkowej grupy "
+#~ "GRUPA\n"
+#~ " -c, --comment KOMENTARZ ustaw pole komentarza (GECOS) dla konta\n"
+#~ " -d, --home-dir KAT_DOMOWY nowy katalog domowy użytkownika\n"
+#~ " -e, --expiredate DATA_WAŻN ustawia datę wazności dla konta na "
+#~ "DATA_WAŻN\n"
+#~ " -f, --inactive NIEAKTYWNE ustwia liczbę dni po których konto jest\n"
+#~ " blokowane na NIEAKTYWNE\n"
+#~ " -g, --gid GRUPA wymuś użycie grupy GRUPA jako grupy\n"
+#~ " podstawowej użytkownika\n"
+#~ " -G, --groups GRUPY lista dodatkowych grup uzytkownika\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ " -l, --login NOWY_LOGIN nowa nawana logina użytkownika\n"
+#~ " -L, --lock blokuj konto użytkowqnika\n"
+#~ " -m, --move-home przenieś zawartość katalogu domowego\n"
+#~ " użytkownika (może być użyte tylko z opcją -"
+#~ "d)\n"
+#~ " -o, --non-unique pozwól na użycie nieunikalnego UID dla "
+#~ "konta\n"
+#~ " -p, --password HASÅO użyj nowe zakodowane HASÅO dla użytkonta\n"
+#~ " -s, --shell SHELL nowy SHELL dla użytkownika LOGIN\n"
+#~ " -U, --unlock odblokuj konto użytkownika\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: nie podano flag\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: vipw [opcje]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -g, --group edycja bazy group\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie działania\n"
+#~ " -p, --passwd edycja bazy passwd\n"
+#~ " -q, --quiet cichy tryb pracy\n"
+#~ " -s, --shadow edycja bazy shadow lub gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Użycie: %s [wejście]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: nie można utworzyć %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: nie można zmienić właściciela %s\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: faillog [opcje]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -a, --all wyświetlaj rekordy failloga dla wszystkich "
+#~ "użytkowników\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie działania\n"
+#~ " -l, --lock-time SEK ustaw na SEK sekund blokadÄ™ konta po nieudanym\n"
+#~ " logowaniu\n"
+#~ " -m, --maximum MAX ustaw maksymalną ilość niepoprawnych logowań na "
+#~ "MAX\n"
+#~ " -r, --reset wyzeruj licznik niepoprawnych logowań\n"
+#~ " -t, --time DNI wyświetlaj rekordy nie starsze niż DNI\n"
+#~ " -u, --user LOGIN wyświetlaj rekordy lub zarządzaj licznikami\n"
+#~ " i limitami faillog (w połaczeniu z opcjami -r,\n"
+#~ " -m lub -l) tylko dla użytkownika o loginie LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: groupadd [opcje] GRUPA\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -f, --force wymyś zakończenie programu z poprawnym\n"
+#~ " statusem jeżeli grupa już istnieje\n"
+#~ " -g, --gid GID użyj GID dla tworzonej grupy\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ " -K, --key KLUCZ=WARTOŚĆ przysłoń wartość domyślną z /etc/login.defs\n"
+#~ " -o, --non-unique pozwól na utworzenie grupy z nieunikalnym "
+#~ "GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: groupmod [opcje] GRUPA\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -g, --gid GID wymuś użycie nowego GID dla grupy GRUPA\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ " -n, --new-name NOWA_GRUPA wymuś użycie nazwy grupy NOWA_GRUPA "
+#~ "zamiast\n"
+#~ " GRUPA\n"
+#~ " -o, --non-unique pozwól na utworzenie grupy z nieunikalnym "
+#~ "GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Użycie: useradd [opcje] LOGIN\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -b, --base-dir KAT_BAZOWY katalog bazowy dla katalogu domowego "
+#~ "nowo\n"
+#~ " tworzonego konta\n"
+#~ " -c, --comment COMMENT ustaw pole komentarza (GECOS) dla nowo\n"
+#~ " tworzonego konta\n"
+#~ " -d, --home-dir KAT_DOMOWY katalog domowy dla nowo tworzonego konta\n"
+#~ " -D, --defaults wypisz lub zapisz domyślną konfigurację\n"
+#~ " programu useradd\n"
+#~ " -e, --expiredate DATA_WAŻN. ustawia datę wazności dla nowo "
+#~ "tworzonego\n"
+#~ " konta na DATA_WAŻN.\n"
+#~ " -f, --inactive NIEAKTYWNE ustwia liczbę dni po których konto jest\n"
+#~ " blokowane na NIEAKTYWNE\n"
+#~ " -h, --help wyświetlenie tego opisu i zakończenie\n"
+#~ " działania\n"
+#~ " -g, --gid GROUP wymuś użycie konkretnej grupy dla nowo\n"
+#~ " tworzonego konta\n"
+#~ " -G, --groups GROUPS lista dodatkowych grup dla nowo "
+#~ "tworzonego\n"
+#~ " konta\n"
+#~ " -k, --skel SKEL_DIR podaj alternatywną ścieżkę do katalogu "
+#~ "skel\n"
+#~ " -K, --key KLUCZ=WARTOŚĆ przysłoń wartość domyślną z /etc/login."
+#~ "defs\n"
+#~ " -m, --create-home twórz katalog domowy dla nowego "
+#~ "użytkownika\n"
+#~ " -o, --non-unique pozwól na utworzenie konta z nieunikalnym "
+#~ "UID\n"
+#~ " -p, --password PASSWORD użyj zakodowane hasło dla nowego "
+#~ "tworzonego\n"
+#~ " konta\n"
+#~ " -s, --shell SHELL tshell dla nowo tworzonego konta\n"
+#~ " -u, --uid UID wymuś użycie konkretnego UID dla nowo\n"
+#~ " tworzonego konta\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Hasłu zaznaczone jako przeterminowane."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: nie można zablokować pliku z hasłami\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: nie można otworzyć pliku z hasłami\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: nie można przepisać pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: nie można przepisać pliku z hasłami\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: nie można zaktualizować pliku z ukrytymi hasłami\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tImiÄ™ i nazwisko: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNumer pokoju: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelefon do pracy: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelefon domowy: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Nie można zablokować pliku z hasłami; spróbuj później.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Nie można otworzyć pliku z hasłami.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Błąd podczas aktualizacji wpisu do bazy haseł.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Wprowadzenie zmian do pliku passwd jest niemożliwe.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Nie można usunąć blokady z pliku z hasłami.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: nie można zablokować pliku z grupami\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z grupami\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: nie można zablokować pliku gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: błąd podczas aktualizacji pliku z ukrytymi hasłami\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: błąd podczas aktualizacji wpisu grupy\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: linia %d: nieznana grupa %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: linia %d: nie można zaktualizować wpisu\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: błąd podczas aktualizacji pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: błąd podczas aktualizacji pliku z hasłami\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: linia %d: nieznany użytkownik %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: linia %d: nie można zaktualizować wpisu do bazy haseł\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: nieznany użytkownik\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Nieznany użytkownik: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Użycie: %s [-r|-R] grupa\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a użytkownik] grupa\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d użytkownik] grupa\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A użytkownik,...] [-M użytkownik,...] grupa\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M użytkownik,...] grupa\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: nie można zablokować\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: nie można otworzyć pliku\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: nie można przepisać pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: nie można usunąć blokady z pliku\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: nie można zaktualizować wpisu\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: nie można zaktualizować wpisu do pliku z ukrytymi hasłami\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "nieznana grupa: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: nie można otworzyć pliku\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Kim jesteÅ›?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: nieznany członek %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: błąd podczas dodawania nowej grupy\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: nie można przepisać pliku z grupami\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: nie można przepisać pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: nie można zablokować pliku z grupami\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z grupami\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u nie jest niepowtarzalny\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: błąd podczas usuwania grupy\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: błąd podczas usuwania wpisu z pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: nie można usunąć podstawowej grupy użytkowników.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Nie znaleziony członek grupy do usunięcia\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Tylko root może dodać członka do różnych grup\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Wymagane prawa dostępu do grupy\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Nie jesteś głównym właścicielem bieżącej grupy\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "BÅ‚Ä…d uwierzytelniania przez PAM dla\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Nie można zablokować pliku z grupami\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Nie można zamknąć pliku z grupami\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: nie znaleziono %s w /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u nie jest niepowtarzalnym GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s nie jest niepowtarzalnÄ… nazwÄ…\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: nie można przepisać pliku z hasłami\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: nie można zablokować pliku z hasłami\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: nie można otworzyć pliku z hasłami\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr ""
+#~ "%s: nie można zaktualizować wpisu w pliku z ukrytymi hasłami dla %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: nie można zaktualizować wpisu dla grupy %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: nie można usunąć grupy %s z pliku ukrytych haseł grup\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: nie można zaktualizować pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: nie można skasować pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "nieznany UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "nieznany GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: grupa %s nie istnieje\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nieprawidłowa nazwa użytkownika '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: nie można zablokować /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: nie można zablokować /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: nie można zablokować /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: nie można zablokować /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: nie można otworzyć plików\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: błąd podczas aktualizowania plików\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: nie można zaktualizować wpisu w pliku z hasłami dla %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: nie można zablokować pliku z hasłami\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: nie można otworzyć pliku z hasłami\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: nie można usunąć wpisu z pliku z ukrytymi hasłami dla %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: nie można zaktualizować pliku z hasłami\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: nie można zaktualizować wpisu dla użytkownika %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: nie można skasować pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: nieznany GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: nieznana grupa %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: zabrakło pamięci w update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: nie można przepisać pliku z hasłami\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: nie można przepisać pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: błąd podczas blokowania pliku z grupami\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: błąd podczas otwierania pliku z grupami\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: błąd podczas blokowania pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: błąd podczas otwierania pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: błąd podczas dodawania nowego wpisu do pliku z hasłami\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr ""
+#~ "%s: błąd podczas dodawania nowego wpisu do pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: uwaga: CREATE_HOME nie jest obsługiwane, użyj opcji -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: błąd podczas aktualizacji wpisu grupy\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: błąd podczas aktualizacji wpisu grupy\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z grupami\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: błąd podczas usuwania wpisu z pliku z hasłami\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: błąd podczas usuwania wpisu z pliku z ukrytymi hasłami\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: błąd podczas dodawania nowej grupy\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu nie jest niepowtarzalny\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: błąd podczas zmiany wpisu w pliku z hasłami\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: błąd podczas usuwania wpisu z pliku z hasłami\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: błąd podczas usuwania wpisu z pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: nie można uzyskać niepowtarzalnego GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " na '%.100s' z '%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " na '%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: linia %d: nie można utworzyć UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: nazwa %s nie jest niepowtarzalny\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: chgpasswd [opcje]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ " -e, --encrypted\tprzekazywane hasła są w postaci zakodowane\n"
+#~ " -h, --help\t\twyświetlenie tego opisu i zakończenie działania\n"
+#~ " -m, --md5\t\tużyj kodowania MD5 zamiast DES w przypadku kiedy "
+#~ "przekazywane\n"
+#~ "\t\t\thasła nie są zakodowane\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Brak pliku z hasłami\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Wybacz.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Wybacz, hasło dla %s nie może być jeszcze zmienione.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Wybacz."
diff --git a/po/pt.po b/po/pt.po
new file mode 100644
index 0000000..0bd1e31
--- /dev/null
+++ b/po/pt.po
@@ -0,0 +1,3304 @@
+# Portuguese (Portugal) Translation Project (traduz@debianpt.org)
+#
+# Nuno Sénica <njs@av.it.pt>, 2004.
+# Miguel Figueiredo <elmig@debianpt.org>, 2005, 2006, 2008, 2009, 2011, 2012.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-01-14 12:41+0000\n"
+"Last-Translator: Miguel Figueiredo <elmig@debianpt.org>\n"
+"Language-Team: Portuguese <traduz@debianpt.org>\n"
+"Language: pt\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Lokalize 1.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Existem várias entradas chamadas '%s' em %s. Por favor corrija isto com pwck "
+"ou grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "método de encriptação não suportado por libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+"erro de configuração - não foi possível interpretar o valor de %s: '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Não foi possível alocar o espaço para a informação de configuração.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"erro de configuração - item '%s' desconhecido (notifique o administrador)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscp não terminou normalmente (sinal %d)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd saiu com o estado %d"
+
+msgid "Password: "
+msgstr "Palavra-passe: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Palavra-passe de %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Não foi possível criar handle de gestão SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "Política SELinux não gerida\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Não foi possível ler armazenamento de políticas SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Não foi possível establecer ligação de gestão SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Não foi possível iniciar transacção SELinux\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Não foi possível consultar seuser para %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Não pode definir serange para %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Não foi possível definir sename para %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Não foi possível modificar o mapeamento do login para %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Não foi possível criar mapeamento de login SELinux para %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Não foi possível definir nome para %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Não foi possível definir utilizador SELinux para %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Não foi possível acrescentar mapeamento de login para %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Não foi possível inicia a gestão do SELinux\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Não pode criar a chave de utilizador SELinux\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Não foi possível verificar o utilizador SELinux\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Não foi possível alterar o mapeamento de utilizador SELinux\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Não foi possível acrescentar o mapeamento de utilizador SELinux\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Não foi possível o 'commit' à transacção SELinux\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Não está definido o mapeamento de login para %s, OK se foi utilizado o "
+"mapeamento predefinido\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"O mapeamento de login para %s é definido na política, não pode ser apagado\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Não foi possível apagar o mapeamento do login para %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: memória esgotada\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: não é possível fazer stat a %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s não é nem um directório, nem um symlink.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: não é possível ler o link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: link simbólico longo suspeito: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: não é possível criar o directório %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Não pode alterar o dono de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Não é possível alterar o modo de %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: unlink: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Não é possível remover o directório %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Não é possível renomear %s para %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Não é possível remover %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Não é possível criar link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Não conseguiu alterar os donos de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Não é possível lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Aviso, o utilizador '%s' não tem ficheiro shadow tcb.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Emergência: o ficheiro shadow tcb de %s não é um ficheiro normal com "
+"st_nlink=1.\n"
+"A conta é mantida bloqueada.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: não é possível abrir %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Aviso: grupo desconhecido %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Aviso: demasiados grupos\n"
+
+msgid "Your password has expired."
+msgstr "A sua palavra-passe caducou."
+
+msgid "Your password is inactive."
+msgstr "A sua palavra-passe está inactiva."
+
+msgid "Your login has expired."
+msgstr "O seu login caducou."
+
+msgid " Contact the system administrator."
+msgstr " Contacte o administrador do sistema."
+
+msgid " Choose a new password."
+msgstr " Escolha uma nova palavra-passe."
+
+msgid "You must change your password."
+msgstr "Tem de alterar a sua palavra-passe."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "A sua palavra-passe irá caducar em %ld dias.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "A sua palavra-passe irá caducar amanhã."
+
+msgid "Your password will expire today."
+msgstr "A sua palavra-passe irá caducar hoje."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Não é possível abrir o interface de auditoria - a abortar.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Foi impossível mudar o dono ou o modo do tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: falha ao desbloquear %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Overflow do ambiente\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Não pode alterar $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d falha desde o último login.\n"
+"O último foi %s em %s.\n"
+msgstr[1] ""
+"%d falhas desde o último login.\n"
+"O último foi %s em %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Configuração inválida: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuração inválida: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: falhou alocar memória: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Não foi possível obter um GID de sistema único (não existem mais GIDs "
+"disponíveis)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+"%s: Não foi possível obter um GID único (não existem mais GIDs disponíveis)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Configuração inválida: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuração inválida: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Não foi possível obter um UID de sistema único (não existem mais UIDs "
+"disponíveis)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+"%s: Não foi possível obter um UID único (não existem mais UIDs disponíveis)\n"
+
+msgid "Too many logins.\n"
+msgstr "Demasiados logins.\n"
+
+msgid "You have new mail."
+msgstr "Tem novo correio."
+
+msgid "No mail."
+msgstr "Não tem correio."
+
+msgid "You have mail."
+msgstr "Tem correio."
+
+msgid "no change"
+msgstr "sem alterações"
+
+msgid "a palindrome"
+msgstr "um palíndromo"
+
+msgid "case changes only"
+msgstr "apenas alteração de maiúsculas/minúsculas"
+
+msgid "too similar"
+msgstr "demasiado parecido"
+
+msgid "too simple"
+msgstr "demasiado simples"
+
+msgid "rotated"
+msgstr "rodado"
+
+msgid "too short"
+msgstr "demasiado curto"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Palavra-passe inválida: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() falhou, erro %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: a palavra-passe não foi alterada\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: a palavra-passe foi actualizada com sucesso\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Palavra-passe incorrecta para %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: múltiplas opções --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: opção '%s' necessita de um argumento\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: falhou baixar privilégios (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: caminho de chroot inválido: '%s'\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: não pode aceder ao directório chroot %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: não pode aceder ao directório chroot %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: não foi possível fazer chroot para o directório %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Valor inválido de ENCRYPT_METHOD: '%s'.\n"
+"A utilizar o valor predefinido DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Não foi possível mudar para o directório '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Directório não encontrado, a entrar para HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Não foi possível executar %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Directório raiz inválido '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Não é possível mudar o directório raiz para '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Não é possível determinar o nome do seu tty."
+
+msgid "No"
+msgstr "Não"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] LOGIN\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday ÚLTIMO_DIA definir data da última alteração da\n"
+" palavra-passe para ÚLTIMO_DIA\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate DATA_EXPIRA definir a data em que a conta caduca\n"
+" para DATA_EXPIRA\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+" -h, --help mostrar esta mensagem de ajuda e sair\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INACTIVO definir a palavra-passe como inactiva após\n"
+" expirar em INACTIVO\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+" -l, --list mostrar informação de envelhecimento da \n"
+" conta\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays MIN_DIAS definir para MIN_DIAS o número mínimo de\n"
+" dias para alterar a palavra-passe\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays MAX_DIAS definir para MAX_DIAS o número máximo de\n"
+" dias para alterar a palavra-passe\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -R, --root CHROOT_DIR\t\tdirectório para onde fazer chroot\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays DIAS_AVISO definir para DIAS_AVISO o número de dias\n"
+" para aviso de caducar\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Introduza o novo valor, ou carregue em ENTER para o valor pré-definido"
+
+msgid "Minimum Password Age"
+msgstr "Idade Mínima da palavra-passe"
+
+msgid "Maximum Password Age"
+msgstr "Idade Máxima da palavra-passe"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Última Alteração da palavra-passe (AAAA-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Aviso de Caducidade da palavra-passe"
+
+msgid "Password Inactive"
+msgstr "Palavra-passe Inactiva"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data de Caducidade da Conta (AAAA-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Última alteração da palavra-passe\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nunca"
+
+msgid "password must be changed"
+msgstr "a palavra-passe tem de ser alterada"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "A palavra-passe caduca em\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Palavra-passe inactiva\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "A conta caduca\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Número mínimo de dias entre alterações da palavra-passe\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Número máximo de dias entre alterações de palavra-passe\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Número de dias de aviso antes da palavra-passe caducar\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: a data '%s' é inválida\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argumento numérico inválido '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: não incluir \"l\" com outras flags\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Permissão negada.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Não é possível determinar o seu nome de utilizador.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: não é possível bloquear %s, tente novamente mais tarde\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: não é possível abrir %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: falha ao escrever as alterações em %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: o ficheiro de palavras-passe shadow não está presente\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: o utilizador `%s' não existe em %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "A alterar a informação de envelhecimento para %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: erro na alteração de campos\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [LOGIN]\n"
+"\n"
+"Opções:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+" -f, --full-name NOME_COMPLETO alterar o nome completo do utilizador\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+" -h, --home-phone TEL_CASA\talterar o número de telefone de casa do "
+"utilizador\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr " -o, --other OUTRA_INFO\talterar outra info GECOS do utilizador\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr " -r, --root NUMERO_PORTA\talterar o número da porta do utilizador\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+" -u, --help mostrar esta mensagem de ajuda e sair\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+" -w, --work-phone TEL_EMPREGO alterar o número de telefone do emprego do "
+"utilizador\n"
+
+msgid "Full Name"
+msgstr "Nome Completo"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Número da Sala"
+
+msgid "Work Phone"
+msgstr "Telefone do Emprego"
+
+msgid "Home Phone"
+msgstr "Telefone de Casa"
+
+msgid "Other"
+msgstr "Outra Informação"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Não é possível alterar o ID para root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: nome com caracteres não-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nome inválido: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: número da sala com caracteres não-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: número de sala inválido: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: telefone do emprego inválido: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: telefone de casa inválido: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' contém caracteres não-ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' contém caracteres não permitidos.\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: o utilizador '%s' não existe\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: não é possível alterar o utilizador '%s' no cliente NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' é o mestre NIS para este cliente.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "A alterar a informação de utilizador de %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: valores demasiado grandes\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções]\n"
+"\n"
+"Opções:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method MÉTODO\to método crypt (um de %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+" -e, --encrypted as palavras-passe fornecidas são "
+"encriptadas\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 encriptar a palavra-passe de texto\n"
+" utilizando o algoritmo MD5\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds número de iterações SHA para algoritmos\n"
+" de encriptação SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: a flag %s só é permitida com a flag %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: as flags -c, -e e -m são exclusivas\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: método de encriptação não suportado: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linha %d: linha demasiado comprida\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linha %d: falta a nova palavra-passe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Falhou ao escrever %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: linha %d: o grupo '%s' não existe\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linha %d: falhou preparar o novo %s registo '%s'\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: foi detectado um erro, as alterações foram ignoradas\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (linha %d, utilizador %s) palavra passe não mudou\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: linha %d: o utilizador '%s' não existe\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell SHELL nova shell de login para a conta do\n"
+" utilizador\n"
+
+msgid "Login Shell"
+msgstr "Shell de Login"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Não pode alterar a shell para '%s'.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "A alterar a shell de entrada de %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Entrada inválida: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s é uma shell inválida\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Aviso: %s não existe\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Aviso: %s não é executável\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check\t\t\tverificar quando expira a palavra-passe do utilizador\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force\t\t\tforçar a alteração da palavra-passe se a palavra-passe do "
+"utilizador já tiver expirado\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: conflito entre as opções %s e %s\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: argumento inesperado: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all mostrar registos do faillog para todos os "
+"utilizadores\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs SEG depois de login falhado bloquear por SEG "
+"segundos\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAX definir os contadores de máximo de logins "
+"falhados para MAX\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr " -r, --reset apagar o contador de logins falhados\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DIAS mostrar os registos do faillog mais recentes "
+"do que DIAS\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user LOGIN/RANGE mostrar registo faillog ou manter "
+"contadores\n"
+" de falhas e limites (se utilizado com -r, -"
+"m\n"
+" ou -l) apenas para LOGIN(s) especificado(s)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Falhou obter a entrada para UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Login Falhas Máximo Última Em\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [faltam %lus]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds bloqueio]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Falhou reiniciar a contagem de falhas para o UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Falhou definir o máximo para UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Falhou definir a hora de bloqueio para UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Utilizador ou gama desconhecida: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Não conseguiu obter o tamanho de %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Falhou ao escrever %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opção] GRUPO\n"
+"\n"
+"Opções:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add UTILIZADOR acrescentar UTILIZADOR ao GRUPO\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete UTILIZADOR remover UTILIZADOR do GRUPO\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root CHROOT_DIR\t\tdirectório para onde fazer chroot\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password remover a palavra-passe do GRUPO\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict restringir acesso ao grupo aos seus membros\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr " -M, --members UTILIZADOR,... definir a lista de membros do GRUPO\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" definir a lista de administradores do GRUPO\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Excepto para as opções -A e -M, as opções não podem ser combinadas.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "As opções não podem ser combinadas.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: são necessárias palavras-passe shadow de grupo para -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: o grupo '%s' não existe em %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: falha ao fechar %s de apenas leitura\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "A alterar a palavra-passe para o grupo %s\n"
+
+msgid "New Password: "
+msgstr "Nova Palavra-passe: "
+
+msgid "Re-enter new password: "
+msgstr "Introduza novamente a nova palavra-passe: "
+
+msgid "They don't match; try again"
+msgstr "Não coincidem; tente de novo"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Tente de novo mais tarde\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "A adicionar o utilizador %s ao grupo %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "A remover o utilizador %s do grupo %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: o utilizador '%s' não é membro de '%s'\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Não é um tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] GRUPO\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force sair com sucesso se o grupo já existir,\n"
+" e cancelar -g se o GID já for utilizado\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID utilizar GID para o novo grupo\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key KEY=VALOR ultrapassar as predefinições de /etc/login."
+"defs\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique permitir criar grupos com GIDs duplicados\n"
+" (não-únicos)\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password PALAVRA-PASSE utilizar a palavra-passe encriptada para o "
+"novo grupo\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system criar uma conta de sistema\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' não é um nome válido para o grupo\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ID de grupo '%s' inválido\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K necessita de KEY=VALOR\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: o grupo '%s' já existe\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: o GID '%lu' já existe\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Não é possível configurar o serviço cleanup.\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr " -r, --reset apagar o contador de logins falhados\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: não é possível remover a entrada '%s' de %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: não é possível remover o grupo primário do utilizador '%s'\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: o grupo '%s' não existe.\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: o grupo '%s' é um grupo NIS\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s é o mestre NIS\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: o utilizador '%s' já é um membro de '%s'\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Memória esgotada. Não é possível actualizar %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [acção]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group nomegrupo mudar nomegrupo em vez do grupo do "
+"utilizador\n"
+" (apenas root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Acções:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add NomeUtilizador acrescentar NomeUtilizador aos membros do "
+"grupo\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete NomeUtilizador remover NomeUtilizador dos membros do grupo\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge purgar todos os membros do grupo\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list listar os membros do grupo\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: o seu nome de grupo não coincide com o seu nome de utilizador\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: apenas o root pode utilizar a opção -g/--group\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID mudar o ID do grupo para GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " --n, --new-name NOVO_GRUPO mudar o nome para NOVO_GRUPO\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, ..non-unique permitir utilizar um GID duplicado (não-"
+"único)\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password PALAVRAPASSE mudar a palavra-passe para esta "
+"PALAVRAPASSE\n"
+" (encriptada)\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: nome de grupo '%s' inválido\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: o grupo %s é um grupo NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: utilizador desconhecido %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [grupo [gshadow]]\n"
+"\n"
+"Opções:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [grupo]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only\t\tmostrar erros e avisos\n"
+"\t\t\t\tmas não alterar ficheiros\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort\t\t\tordenar entradas por UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s e -r são incompatíveis\n"
+
+msgid "invalid group file entry"
+msgstr "entrada no ficheiro dos grupos inválida"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "apagar a linha '%s'? "
+
+msgid "duplicate group entry"
+msgstr "entrada de grupo duplicada"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "o nome de grupo '%s' é inválido\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ID '%lu' de grupo é inválido\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupo %s: não existe o utilizador %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "apagar o membro '%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "nenhuma entrada coincidente de ficheiro de grupo em %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "adicionar o grupo '%s' em %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"o grupo %s tem uma entrada em %s, mas o campo da palavra-passe em %s não "
+"está definido para 'x'\n"
+
+msgid "invalid shadow group file entry"
+msgstr "a entrada no ficheiro de shadow dos grupos é inválida"
+
+msgid "duplicate shadow group entry"
+msgstr "entrada de grupo em shadow duplicada"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grupo shadow %s: nenhum utilizador administrador %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "apagar o membro administrativo '%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupo shadow %s: o utilizador %s não existe\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: os ficheiros foram actualizados\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: sem alterações\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: não é possível apagar %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Utilização: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Utilização: id\n"
+
+msgid " groups="
+msgstr " grupos="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before DIAS escrever apenas registos de lastlog mais\n"
+" antigos que DIAS\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -a, --all mostrar registos do faillog para todos os "
+"utilizadores\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -a, --all mostrar registos do faillog para todos os "
+"utilizadores\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DIAS escrever apenas registos de lastlog mais\n"
+" recentes que DIAS\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user LOGIN mostra o registo de lastlog para o\n"
+" utilizador LOGIN\n"
+
+msgid "Username Port From Latest"
+msgstr "Utilizador Porto De Último"
+
+msgid "Username Port Latest"
+msgstr "Utilizador Porto Último"
+
+msgid "**Never logged in**"
+msgstr "**Nunca entrou no sistema**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Falhou obter a entrada para UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: falhou apagar o registo lastlog para o UID %lu: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Utilização: %s [-p] [nome]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h máquina] [-f nome]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r máquina\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "erro de configuração - não foi possível processar o valor %s: '%d'"
+
+msgid "Invalid login time"
+msgstr "Tempo de login inválido"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema encerrado para manutenção de rotina"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Encerramento ultrapassado -- login de root permitido.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Não é possível trabalhar sem root\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Sem entrada utmp. Tem de executar \"login\" a partir do \"sh\" de nível "
+"mais baixo"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Tempo de login caducou após %u segundos.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Falha de PAM, a abortar: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Número máximo de tentativas excedidas (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: abortar pedido por PAM\n"
+
+msgid "Login incorrect"
+msgstr "Login incorrecto"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Não pode encontrar utilizador (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: falha ao bifurcar: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSTTY falhou em %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Aviso: o login foi novamente permitido após um tempo de bloqueio."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Última entrada no sistema: %s em %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Última entrada no sistema: %.19s em %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " de %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"tempo para login excedido\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Utilização: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Utilização: newgrp [-] [grupo]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Utilização: sg grupo [[-c] comando]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Falhou ao escrever %s: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Palavra-passe inválida.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: falhou a bifurcação de: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: o GID '%lu' não existe\n"
+
+msgid "too many groups\n"
+msgstr "demasiados grupos\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system criar contas de sistema\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: o grupo '%s' é um grupo shadow, mas não existe em /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ID '%s' de utilizador inválido\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: o nome de utilizador '%s' é inválido\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linha %d: linha inválida\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: não é possível actualizar a entrada do utilizador %s (não está na base "
+"de dados passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linha %d: não é possível criar o utilizador\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linha %d: não é possível criar o grupo\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: linha %d: o utilizador '%s' não existe em %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linha %d: não é possível actualizar a palavra-passe\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linha %d: mkdir %s falhou: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linha %d: chown %s falhou: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linha %d: não é possível actualizar o registo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: não é possível criar o utilizador\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: não é possível criar grupo\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all reportar o estado das palavras-passe de\n"
+" todas as contas\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+" -d, --delete apagar a palavra-passe para a conta "
+"indicada\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire forçar que a palavra-passe caduque para a\n"
+" conta indicada\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens apenas mudar a palavra-passe se tiver\n"
+" caducado\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INACTIVA definir a palavra-passe como inactiva após\n"
+" caducar para INACTIVA\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+" -l, --lock bloquear a palavra-passe da conta indicada\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_DIAS definir para MIN_DIAS o número de dias\n"
+" antes de alterar a palavra-passe\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet modo silencioso\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+" -r, --repository REPOSITÓRIO mudar a palavra-passe no repositório\n"
+" REPOSITÓRIO\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status reportar estado da palavra-passe na conta\n"
+" indicada\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+" -u, --unlock desbloquear a palavra-passe da conta\n"
+" indicada\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays AVISAR_DIAS definir para AVISAR_DIAS o número de dias\n"
+" para alerta de caducar\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAX_DIAS definir para MAX_DIAS o número de dias\n"
+" máximo antes de alterar a palavra-passe\n"
+
+msgid "Old password: "
+msgstr "Palavra-passe antiga: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduza a nova palavra-passe (mínimo de %d caracteres)\n"
+"Por favor utilize uma combinação de letras maiúsculas e minúsculas e de "
+"números.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduza a nova palavra-passe (mínimo de %d, máximo de %d caracteres)\n"
+"Por favor utilize um combinação de letras maiúsculas e minúsculas e de "
+"números.\n"
+
+msgid "New password: "
+msgstr "Nova palavra-passe: "
+
+msgid "Try again."
+msgstr "Tente de novo."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Aviso: palavra-passe fraca (introduza-a de novo para usá-la mesmo assim)."
+
+msgid "They don't match; try again.\n"
+msgstr "Não coincidem; tente de novo.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "A palavra-passe para %s não pode ser alterada.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "A palavra-passe para %s ainda não pode ser alterada.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: desbloquear a palavra-passe iria resultar numa conta sem palavra-passe.\n"
+"Você deve definir a palavra-passe com usermod -p para desbloquear a palavra-"
+"passe desta conta.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: o repositório %s não é suportado\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s não está autorizado a alterar a palavra-passe de %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Não pode ver ou alterar a informação da palavra-passe para %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "A alterar a palavra-passe de %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "A palavra-passe de %s não foi alterada.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: palavra-passe alterada.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: informação de caducidade da palavra-passe alterada.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [passwd]\n"
+"\n"
+"Opções:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [passwd [shadow]]\n"
+"\n"
+"Opções:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet apenas relatar erros\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: não é permitido utilizar ficheiro shadow alternativo quando USE_TCB está "
+"habilitado.\n"
+
+msgid "invalid password file entry"
+msgstr "entrada no ficheiro de palavras-passe inválida"
+
+msgid "duplicate password entry"
+msgstr "entrada de palavra-passe duplicada"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "o nome de utilizador '%s' é inválido\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "ID '%lu' de utilizador inválido\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "utilizador '%s': grupo %lu não existe\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "utilizador '%s': o directório '%s' não existe\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "utilizador '%s': o programa '%s' não existe\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "nenhum directório tcb para %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "criar o directório tcb para %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "falhou a criação do directório tcb para %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: não é possível bloquear %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "nenhuma entrada de ficheiro de palavra-passe coincidente em %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "acrescentar utilizador '%s' em %s?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"o utilizador %s tem uma entrada em %s, mas o seu campo de palavra-passe em "
+"%s não está definido como 'x'\n"
+
+msgid "invalid shadow password file entry"
+msgstr "entrada no ficheiro de shadow de palavras-passe inválida"
+
+msgid "duplicate shadow password entry"
+msgstr "entrada da palavra-passe shadow duplicada"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "utilizador %s: a última alteração de palavra-passe foi no futuro\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: não é possível ordenar registos em %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: não pode trabalhar com tcb habilitado\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: falhou mudar o modo de %s para 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Acesso a su para essa conta foi NEGADO.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Autenticação por palavra-passe foi contornada.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Por favor introduza a SUA palavra-passe como autenticação.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Não é possível fazer fork à shell de utilizador.\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: mau funcionamento de sinal\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: mau funcionamento de máscara de sinal\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sessão terminada, a terminar shell..."
+
+msgid " ...killed.\n"
+msgstr " ...morto.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...á espera que o processo-filho termine.\n"
+
+msgid " ...terminated.\n"
+msgstr " ...terminado.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Utilização: su [opções] [LOGIN]\n"
+"\n"
+"Opções:\n"
+" -c, --command COMANDO passar COMANDO à shell invocada\n"
+" -h, --help mostrar esta mensagem de ajuda e sair\n"
+" -, -l, --login tornar a shell numa shell de login\n"
+" -m, -p,\n"
+" --preserve-environment não reiniciar as variáveis de ambiente, e\n"
+" manter a mesma shell\n"
+" -s, --shell SHELL utilizar SHELL em vez da omissão em passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorado)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Não está autorizado a fazer su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Introduza a sua palavra-passe)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: A autenticação falhou\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Não está autorizado a fazer su nessa altura\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Nenhuma palavra-passe para o utilizador '%s'\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: deve ser executado a partir de um terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: erro %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Não pode remover o terminal de controlo\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Não foi possível executar %s\n"
+
+msgid "No password file"
+msgstr "Ficheiro de palavras-passe não existe"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY falhou"
+
+msgid "No password entry for 'root'"
+msgstr "Não está definida nenhuma palavra-passe para 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Pressione control-d para continuar com o arranque normal,\n"
+"(ou introduza a palavra-passe de root para manutenção do sistema):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "A Entrar no Modo de Manutenção do Sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: foi criado %s, mas não pode ser removido\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: a configuração %s em %s será ignorada\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+"%s: não é possível criar um novo ficheiro de configurações pré-definidas\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+"%s: não é possível abrir um novo ficheiro de configurações pré-definidas\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linha demasiado longa em %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Não é possível criar link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: renomear: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: o grupo '%s' é um grupo NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: estão especificados demasiados grupos (max %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] LOGIN\n"
+" %s -D\n"
+" %s -D [opções]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir BASE_DIR directório base para o directório home da\n"
+" nova conta\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment COMENTÃRIO campo GECOS da nova conta\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir HOME_DIR directório home para a nova conta\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defauls escrever ou alterar a configuração "
+"predefinida de useradd\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr " -e, --expiredate DATA_EXPIRA data de expiração para a nova conta\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactiva INACTIVA período de inactividade da palavra-passe "
+"para a nova conta\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr " -g, --gid GRUPO nome ou ID do grupo primário da nova conta\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups GRUPOS lista de grupos suplementares da nova conta\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+" -k, --skel SKEL_DIR utilizar este directório skeleton como "
+"alternativa\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init não acrescentar o utilizador às bases de\n"
+" dados lastlog e faillog\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+" -m, --create-home criar o directório home do utilizador\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+" -M, --no-create-home não criar o directório home do utilizador\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group não criar um grupo com o mesmo nome do "
+"utilizador\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique permitir criar utilizadores com UID\n"
+" duplicado (não-único)\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+" -p, --password PALAVRA-PASSE palavra-passe encriptada para a nova conta\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell SHELL shell de login para a nova conta\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID ID do utilizador para a nova conta\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group criar um grupo com o mesmo nome do utilizador\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SEUSER utilizar um SEUSER especifico para o\n"
+" mapeamento do utilizador de SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: directório base inválido '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: o comentário '%s' é inválido\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: o directório home '%s' é inválida\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: são necessárias palavras-passe shadow para -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: são necessárias palavras-passes shadow para -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: o campo '%s' é inválido\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: a shell '%s' é inválida\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z necessita de um kernel com SELinux activo\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: falhou apagar o registo faillog para o UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: falhou apagar o registo lastlog para o UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: não é possível criar o directório %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Criar ficheiro mailbox"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Não foi encontrado o grupo 'mail'.\n"
+"A criar o ficheiro mailbox do utilizador com o modo 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "A definir as permissões do ficheiro mailbox"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: o utilizador '%s' já existe\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: o grupo %s existe - se pretende adicionar este utilizador a esse grupo, "
+"utilize -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: não é possível criar o utilizador\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu não é único\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Falhou a criação do directório tcb para %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: não é possível criar grupo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: não é possível criar o utilizador\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: não é possível criar grupo\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: aviso: o directório home já existe.\n"
+"Não irá copiar quaisquer ficheiros o directório skel para lá.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: aviso: falhou o mapeamento do nome de utilizador %s para o nome de "
+"utilizador SELinux %s.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force forçar a remoção de ficheiros,\n"
+" mesmo que não pertençam ao utilizador\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove remover o directório home e o spool de mail\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user remover qualquer mapeamento de utilizador "
+"SELinux para o utilizador\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: grupo %s não foi removido porque não é o grupo primário do utilizador "
+"%s\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: grupo %s não foi removido porque tem outros membros.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: o grupo %s é o grupo primário de outro utilizador e não é removido.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: não é possível remover a entrada '%s' de %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s spool de mail (%s) não foi encontrado\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: aviso: não é possível remover %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: o %s não pertence a %s, não será removido\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: Não é possível alocar memória, a entrada tcb para %s não foi removida.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Falhou baixar privilégios %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Não pode remover o conteúdo de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: não é possível remover os ficheiros tcb para '%s': %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: o utilizador %s é um utilizador NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: o directório home %s (%s) não foi encontrado\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: o directório %s não será removido (iria remover a home do utilizador "
+"%s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: erro ao remover o directório %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: aviso: falhou a remoção do mapeamento do nome de utilizador %s para "
+"utilizador SELinux.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment COMENTÃRIO novo valor do campo GECOS\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home HOME_DIR novo directório home para a conta do\n"
+" utilizador\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate DATA_EXPIRAR definir a data em que a conta caduca\n"
+" para DATA_EXPIRAR\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INACTIVA definir para INACTIVA o número de dias após\n"
+" os quais uma palavra-passe caducada passa\n"
+" a inactiva\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid GRUPO forçar a utilização do GRUPO como novo\n"
+" grupo primário\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups GRUPOS nova lista de grupos adicionais\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append juntar o utilizador aos GRUPOS\n"
+" suplementares mencionados pela opção -G\n"
+" sem o/a remover dos outros grupos\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login NEW_LOGIN novo valor para o nome de login\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock bloquear a conta do utilizador\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home mover o conteúdo do directório home para\n"
+" o novo local (usar apenas com -d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique permitir utilizar UID duplicado\n"
+" (não único)\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password PALAVRA-PASSE utilizar PALAVRA-PASSE encriptada para a\n"
+" nova palavra-passe\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID novo UID para a conta do utilizador\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock desbloquear a conta do utilizador\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user SEUSER\tnovo mapeamento de utilizador SELinux para a "
+"conta do utilizador\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: desbloquear a palavra-passe do utilizador iria resultar numa conta sem "
+"palavra-passe.\n"
+"Você deve definir a palavra-passe com usermod -p para desbloquear a palavra-"
+"passe deste utilizador.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: o utilizador %s já existe em %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: a data '%s' é inválida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: a data '%s' é inválida\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: sem opções\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: as flags -L, -p e -U são exclusivas\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: são necessárias palavras-passe shadow para -e e -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: O UID '%lu' já existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s não está autorizado a alterar a palavra-passe de %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: o directório %s existe\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: O directório home anterior (%s) não era um directório. Não é removido e "
+"não foram criados directórios home.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Falhou a alteração do dono do directório home"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: aviso: falhou remover completamente remover o antigo directório home %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: não é possível renomear o directório %s para %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: falhou copiar o registo lastlog do utilizador %lu para o utilizador %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: falhou copiar o registo faillog do utilizador %lu para o utilizador %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: aviso: o %s não pertence a %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "a alteração do dono da caixa de correio falhou"
+
+msgid "failed to rename mailbox"
+msgstr "falha ao renomear a caixa do correio"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Você alterou %s.\n"
+"Poderá ter de modificar %s para manter a consistência.\n"
+"Por favor utilize o comando '%s' para o fazer.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group editar base de dados de grupos\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd editar a base de dados passwd\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+" -s, --shadow editar a base de dados shadow ou gshadow\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+" -u, --user qual o ficheiro shadow tcb do utilizador a "
+"editar\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: falhou remover %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s não foi alterado\n"
+
+msgid "failed to create scratch directory"
+msgstr "falhou a criação de directório 'scratch'"
+
+msgid "failed to drop privileges"
+msgstr "falhou baixar privilégios"
+
+msgid "Couldn't get file context"
+msgstr "Não foi possível obter contexto do ficheiro"
+
+msgid "setfscreatecon () failed"
+msgstr "falhou setfscreatecon ()"
+
+msgid "failed to gain privileges"
+msgstr "falhou ganhar privilégios"
+
+msgid "Couldn't lock file"
+msgstr "Não é possível obter acesso exclusivo ao ficheiro"
+
+msgid "Couldn't make backup"
+msgstr "Não é possível efectuar cópia de segurança"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nscd saiu com o estado %d"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "falhou abrir ficheiro 'scratch'"
+
+msgid "failed to unlink scratch file"
+msgstr "falhou o unlink a ficheiro 'scratch'"
+
+msgid "failed to stat edited file"
+msgstr "falhou fazer stat ao ficheiro editado"
+
+msgid "failed to allocate memory"
+msgstr "falhou alocar memória"
+
+msgid "failed to create backup file"
+msgstr "falhou criar ficheiro de backup"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: não é possível restaurar %s: %s (a suas alterações estão em %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: falhou encontrar o directório tcb para %s\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr ""
+#~ " -c, --crypt-method o método de encriptação (um de %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Utilização: vipw [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "O malloc(%d) falhou\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: chage [opções] [LOGIN]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -d, --lastday ÚLTIMO_DIA definir data da última alteração da\n"
+#~ "\t\t\t\t palavra-passe para ÚLTIMO_DIA\n"
+#~ " -E, --expiredate DATA_EXPIRA definir a data em que a conta caduca\n"
+#~ "\t\t\t\t para DATA_EXPIRA -h, --help mostrar esta "
+#~ "mensagem de ajuda e sair\n"
+#~ " -I, --inactive INACTIVO definir a palavra-passe como inactiva "
+#~ "após\n"
+#~ "\t\t\t\t expirar em INACTIVO\n"
+#~ " -l, --list mostrar informação de envelhecimento da \n"
+#~ " conta\n"
+#~ " -m, --mindays MIN_DIAS definir para MIN_DIAS o número mínimo de\n"
+#~ " dias para alterar a palavra-passe\n"
+#~ " -M, --maxdays MAX_DIAS definir para MAX_DIAS o número máximo de\n"
+#~ " dias para alterar a palavra-passe\n"
+#~ " -W, --warndays DIAS_AVISO definir para DIAS_AVISO o número de dias\n"
+#~ " para aviso de caducar\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: A autenticação PAM falhou\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Utilização: %s [-f nome_completo] [-r num_sala] [-w telefone_trabalho]\n"
+#~ "\t[-h telefone_casa] [-o outra_info] [utilizador]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Utilização: %s [-f nome_completo] [-r num_sala] [-w telefone_trabalho] [-"
+#~ "h telefone_casa]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Utilização: %s [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -c, --crypt-method o método de encriptação (um de %s)\n"
+#~ " -e, --encrypted as palavras-passe fornecidas são "
+#~ "encriptadas\n"
+#~ " -h, --help mostrar esta mensagem de ajuda e "
+#~ "terminar\n"
+#~ " -m, --md5 encriptar a palavra-passe de texto com o\n"
+#~ "\t\t\t\t algoritmo MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: chsh [opções] [LOGIN]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -h, --help mostrar esta mensagem de ajuda e sair\n"
+#~ " -s, --shell SHELL nova shell de login para a conta do\n"
+#~ " utilizador\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Utilização: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: Falhou obter a entrada para UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: Não é possível abrir %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Não foi possível obter o tamanho de %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Utilização: groupdel grupo\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Utilização: %s [-r] [-s] [grupo [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Utilização: %s [-r] [-s] [grupo]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s e -r são incompatíveis\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Utilização: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Utilização: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: lastlog [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -b, --before DIAS escrever apenas registos de lastlog mais\n"
+#~ " antigos que DIAS\n"
+#~ " -h, --help mostrar esta mensagem e sai\n"
+#~ " -t, --time DIAS escrever apenas registos de lastlog mais\n"
+#~ " recentes que DIAS\n"
+#~ " -u, --user LOGIN mostra o registo de lastlog para o\n"
+#~ " utilizador LOGIN\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: passwd [opções] [LOGIN]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -a, --all reportar o estado das palavras-passe de\n"
+#~ " todas as contas\n"
+#~ " -d, --delete apagar a palavra-passe para a conta "
+#~ "indicada\n"
+#~ " -e, --expire forçar que a palavra-passe caduque para "
+#~ "a\n"
+#~ "\t\t\t\t conta indicada\n"
+#~ " -h, --help mostrar esta mensagem de ajuda e sair\n"
+#~ " -k, --keep-tokens apenas mudar a palavra-passe se tiver\n"
+#~ "\t\t\t\t caducado\n"
+#~ " -i, --inactive INACTIVA definir a palavra-passe como inactiva "
+#~ "após\n"
+#~ "\t\t\t\t caducar para INACTIVA\n"
+#~ " -l, --lock bloquear a palavra-passe da conta "
+#~ "indicada\n"
+#~ " -n, --mindays MIN_DIAS definir para MIN_DIAS o número de dias\n"
+#~ " antes de alterar a palavra-passe\n"
+#~ " -q, --quiet modo discreto\n"
+#~ " -r, --repository REPOSITÓRIO mudar a palavra-passe no repositório\n"
+#~ "\t\t\t\t REPOSITÓRIO\n"
+#~ " -S, --status reportar estado da palavra-passe na "
+#~ "conta\n"
+#~ " indicada\n"
+#~ " -u, --unlock desbloquear a palavra-passe da conta\n"
+#~ "\t\t\t\t indicada\n"
+#~ " -w, --warndays AVISAR_DIAS definir para AVISAR_DIAS o número de "
+#~ "dias\n"
+#~ " para alerta de caducar\n"
+#~ " -x, --maxdays MAX_DIAS definir para MAX_DIAS o número de dias\n"
+#~ " máximo antes de alterar a palavra-passe\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Utilização: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Utilização: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Utilização: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Utilização: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id desconhecido: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Sem shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: userdel [opções] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -f, --force forçar a remoção de ficheiros,\n"
+#~ " mesmo que não pertençam ao utilizador\n"
+#~ " -h, --help mostrar esta mensagem de ajuda e sair\n"
+#~ " -r, --remove remover o directório home e o spool de "
+#~ "mail\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: o utilizador %s está actualmente no sistema\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Utilização: usermod [opções] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -c, --comment COMENTÃRIO novo valor do campo GECOS\n"
+#~ " -d, --home HOME_DIR novo directório home para a conta do\n"
+#~ " utilizador\n"
+#~ " -e, --expiredate DATA_EXPIRAR definir a data em que a conta caduca\n"
+#~ " para DATA_EXPIRAR\n"
+#~ " -f, --inactive INACTIVA definir para INACTIVA o número de dias "
+#~ "após\n"
+#~ " os quais uma palavra-passe caducada "
+#~ "passa\n"
+#~ " a inactiva\n"
+#~ " -g, --gid GRUPO forçar a utilização do GRUPO como novo\n"
+#~ " grupo primário\n"
+#~ " -G, --groups GRUPOS nova lista de grupos adicionais\n"
+#~ " -a, --append juntar o utilizador aos GRUPOS\n"
+#~ "\t\t\t\t suplementares mencionados pela opção -G\n"
+#~ "\t\t\t\t sem o/a remover dos outros grupos\n"
+#~ " -h, --help mostrar esta mensagem de ajuda e sair\n"
+#~ " -l, --login NEW_LOGIN novo valor para o nome de login\n"
+#~ " -L, --lock bloquear a conta do utilizador\n"
+#~ " -m, --move-home mover o conteúdo do directório home para\n"
+#~ " o novo local (usar apenas com -d)\n"
+#~ " -o, --non-unique permitir utilizar UID duplicado\n"
+#~ "\t\t\t\t (não único)\n"
+#~ " -p, --password PALAVRA-PASSE utilizar PALAVRA-PASSE encriptada para a\n"
+#~ " nova palavra-passe\n"
+#~ " -s, --shell SHELL nova shell de login para a conta do\n"
+#~ "\t\t\t\t utilizador\n"
+#~ " -u, --uid UID novo UID para a conta do utilizador\n"
+#~ " -U, --unlock desbloquear a conta do utilizador\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: não foram especificadas flags\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: vipw [opções]\n"
+#~ " -g, --group editar a base de dados group\n"
+#~ " -h, --help mostrar esta mensagem de ajuda e "
+#~ "terminar\n"
+#~ " -p, --passwd editar a base de dados passwd\n"
+#~ " -q, --quit modo silencioso\n"
+#~ " -s, --shadow editar a base de dados shadow ou gshadow\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --add USER add USER to GROUP\n"
+#~ " -d, --delete USER remove USER from GROUP\n"
+#~ " -r, --remove-password remove the GROUP's password\n"
+#~ " -R, --restrict restrict access to GROUP to its members\n"
+#~ " -M, --members USER,... set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: %s [opção] GRUPO\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -a, --add UTILIZADOR\t\tacrescentar UTILIZADOR ao GRUPO\n"
+#~ " -d, --delete UTILIZADOR\tremover UTILIZADOR do GRUPO\n"
+#~ " -r, --remove-password\tremover a palavra-passe do GRUPO\n"
+#~ " -R, --restrict\t\trestringir o acesso ao GRUPO aos seus membros\n"
+#~ " -M, --members UTILIZADOR,...\tdefinir a lista de membros do GRUPO\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group groupname change groupname instead of the user's "
+#~ "group\n"
+#~ " (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ " -a, --add username add username to the members of the group\n"
+#~ " -d, --delete username remove username from the members of the "
+#~ "group\n"
+#~ " -p, --purge purge all members from the group\n"
+#~ " -l, --list list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: groupmems [opções] [acção]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -g, --group nomegrupo\tmudar nomegrupo em vez do grupo do utilizador\n"
+#~ "\t\t\t\t(apenas root)\n"
+#~ "\n"
+#~ "Acções:\n"
+#~ " -a, --add nomeutilizador\tacrescentar nomeutilizador aos membros do "
+#~ "grupo\n"
+#~ " -d, --delete nomeutilizador\tremover nomeutilizador dos membros do "
+#~ "grupo\n"
+#~ " -p, --purge\t\t\tpurgar todos os membros do grupo\n"
+#~ " -l, --list\t\t\tlistar todos os membros do grupo\n"
+#~ "\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: não é possível criar %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: não é possível efectuar o chown a %s\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: faillog [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -a, --all mostrar os registos de faillog para "
+#~ "todos\n"
+#~ " os utilizadores\n"
+#~ " -h, --help mostrar esta mensagem de ajuda e sair\n"
+#~ " -l, --lock-time SEG após login falhado bloquear conta por\n"
+#~ " SEG segundos\n"
+#~ " -m, --maximum MAX definir contadores de máximo de logins\n"
+#~ " falhados para MAX\n"
+#~ " -r, --reset esvaziar os contadores de login falhados\n"
+#~ " -t, --time DIAS mostrar registos do faillog mais "
+#~ "recentes\n"
+#~ " do que DIAS\n"
+#~ " -u, --user LOGIN mostra o registo de faillog ou "
+#~ "contadores\n"
+#~ "\t\t\t\t de falhas mantidos e limites (se utilizado\n"
+#~ "\t\t\t\t com as opções -r, -m ou -l) apenas para o\n"
+#~ " utilizador com LOGIN\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: groupadd [opções] GRUPO\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -f, --force forçar sair com estado de sucesso se o\n"
+#~ " grupo especificado já existir\n"
+#~ " -g, --gid GID utilizar GID para o novo grupo\n"
+#~ " -h, --help mostrar esta mensagem de ajuda e sair\n"
+#~ " -k, --key KEY=VALOR ultrapassar os valores pré-definidos em\n"
+#~ " /etc/login.defs\n"
+#~ " -o, --non-unique permitir criar grupo com GID duplicado\n"
+#~ " (não-único)\n"
+#~ " -p, --password PALAVRA-PASSE utilizar a palavra-passe encriptada para "
+#~ "o\n"
+#~ " novo grupo\n"
+#~ " -r, --system criar uma conta de sistema\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: groupmod [opções] GRUPO\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -g, --gid GID forçar utilizar novo GID pelo GRUPO\n"
+#~ " -h, --help mostrar esta mensagem de ajuda e sair\n"
+#~ " -n, --new-name NOVO_GRUPO forçar utilizar NOVO_GRUPO pelo GRUPO\n"
+#~ " -o, --non-unique permitir utilizar, pelo GRUPO, GIDs\n"
+#~ " duplicados (não-únicos)\n"
+#~ " -p, --password PALAVRA-PASSE utilizar palavra-passe encriptada para a\n"
+#~ " nova palavra-passe\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Utilização: useradd [opções] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -b, --base-dir BASE_DIR directório base para o directório home\n"
+#~ " da conta do novo utilizador\n"
+#~ " -c, --comment COMENTÃRIO define o campo GECOS para a conta do "
+#~ "novo\n"
+#~ " utilizador\n"
+#~ " -d, --home-dir HOME_DIR directório home para a conta do novo\n"
+#~ " utilizador\n"
+#~ " -D, --defaults mostrar ou gravar a configuração\n"
+#~ " pré-definida alterada do useradd\n"
+#~ " -e, --expiredate EXPIRE_DATE define para EXPIRE_DATE a data de \t\t\t"
+#~ "\t caducidade da conta\n"
+#~ " -f, --inactive INACTIVA definir para INACTIVA o número de dias "
+#~ "após\n"
+#~ " os quais uma palavra-passe caducada "
+#~ "passa\n"
+#~ " a inactiva\n"
+#~ " -g, --gid GRUPO forçar a utilização do GRUPO para a "
+#~ "conta\n"
+#~ "\t\t\t\t do novo utilizador\n"
+#~ " -G, --groups GRUPOS listar grupos adicionais para a conta\n"
+#~ " do novo utilizador\n"
+#~ " -h, --help mostrar esta mensagem de ajuda e sair\n"
+#~ " -k, --skel SKEL_DIR especificar um directório SKEL "
+#~ "alternativo\n"
+#~ " -K, --key KEY=VALUE ultrapassar as pré-definições de\n"
+#~ "\t\t\t\t /etc/login.defs\n"
+#~ " -l, --no-log-init não acrescentar o utilizador às bases de\n"
+#~ " dados lastlog e faillog\n"
+#~ " -m, --create-home criar directório home para a conta\n"
+#~ " do novo utilizador\n"
+#~ " -M, no-create-home\t\t não criar o directório home para o\n"
+#~ "\t\t\t \t utilizador (ultrapassa /etc/login.defs)\n"
+#~ " -o, --non-unique deixar criar utilizador com UID "
+#~ "duplicado\n"
+#~ " (não-único)\n"
+#~ " -p, --password PALAVRA-PASSE utilizar palavra-passe encriptada para a\n"
+#~ " conta do novo utilizador\n"
+#~ " -r, --system criar uma conta de sistema\n"
+#~ " -s, --shell SHELL shell de login para a conta do novo\n"
+#~ "\t\t\t\t utilizador\n"
+#~ " -u, --uid UID forçar a utilização do UID para a conta\n"
+#~ "\t\t\t\t do novo utilizador\n"
+#~ " -U, --user-group criar um grupo com o mesmo nome do\n"
+#~ "\t\t\t\t utilizador\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -r, --system create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Utilização: %s [opções] [input]\n"
+#~ "\n"
+#~ " -c, --crypt-method o método de encriptação (um de %s)\n"
+#~ " -r, --system criar contas de sistema\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Palavra-passe definida para caducar."
diff --git a/po/pt_BR.po b/po/pt_BR.po
new file mode 100644
index 0000000..6305f56
--- /dev/null
+++ b/po/pt_BR.po
@@ -0,0 +1,3696 @@
+# Brazilian Portuguese translation of Debian's shadow package.
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# André Luís Lopes <andrelop@debian.org>, 2004.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.15\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2011-11-25 20:20+0100\n"
+"Last-Translator: Fred Ulisses Maranhão <fred.maranhao@gmail.com>\n"
+"Language-Team: Debian-BR Project <debian-l10n-portuguese@lists.debian.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Cadastro de nome multiplos '%s' in %s. Por Favor conserte-o com pwck ou "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "metodo de encriptacao não suportado por libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "erro de configuração - não consigo verificar o valor %s: '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Não foi possível alocar espaço para a informação de configuração.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"erro de configuração - item '%s' desconhecido (notifique o administrador)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Senha : "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Senha de %s : "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Não foi possível alocar espaço para a informação de configuração.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Mudando a informação de idade para %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s : Não foi possível determinar seu nome de usuário.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s : linha %d : não foi possível encontrar usuário %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s : sem memória\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: não foi possível fazer stat %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s não é diretório, nem link simbólico.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Não foi possível ler o link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: link simbólico longo suspeito: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: não foi possível criar o diretório %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: não foi possível mudar o proprietário de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: não foi possível mudar o modo de %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: removendo link: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: não foi possível remover diretório %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Não foi possível renomear %s para %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Não foi possível remover %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: não foi possível criar link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Não foi possível mudar proprietários de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Não foi possível fazer lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Atenção, usuário %s não tem arquivo tcb shadow.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Emergência: shadow tcb de %s não é um arquivo regular com st_nlink=1.\n"
+"A conta permanece travada.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Não foi possível abrir %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Aviso : grupo desconhecido %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Aviso : muitos grupos\n"
+
+msgid "Your password has expired."
+msgstr "Sua senha expirou."
+
+msgid "Your password is inactive."
+msgstr "Sua senha está inativa."
+
+msgid "Your login has expired."
+msgstr "Seu login expirou."
+
+msgid " Contact the system administrator."
+msgstr " Entre em contato com o adminisrador do sistema."
+
+msgid " Choose a new password."
+msgstr " Escolha uma nova senha."
+
+msgid "You must change your password."
+msgstr "Você deve trocar a sua senha."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Sua senha irá expirar em %ld dias.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Sua senha irá expirar amanhã."
+
+msgid "Your password will expire today."
+msgstr "Sua senha irá expirar hoje."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Não posso abrir interface de audit - abortando.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Não consegui mudar o proprietário ou modo do tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: falha ao destravar %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Overflow de ambiente\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Você não pode mudar $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d falhas desde o último login.\n"
+"O último foi %s em %s.\n"
+msgstr[1] ""
+"%d falhas desde o último login.\n"
+"O último foi %s em %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Configuração inválida: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuração inválida: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: falha ao alocar memória: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Não foi possível obter GID de sistema único (não há mais GIDs "
+"disponíveis)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Não foi possível obter GID único (não há mais GIDs disponíveis)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Configuração inválida: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuração inválida: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Não foi possível obter UID de sistema único (não há mais UIDs "
+"disponíveis)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Não foi possível obter UID único (não há mais UIDs disponíveis)\n"
+
+msgid "Too many logins.\n"
+msgstr "Muitos logins.\n"
+
+msgid "You have new mail."
+msgstr "Você possui novas mensagens."
+
+msgid "No mail."
+msgstr "Sem mensagens."
+
+msgid "You have mail."
+msgstr "Você possui mensagens."
+
+msgid "no change"
+msgstr "nenhuma mudança"
+
+msgid "a palindrome"
+msgstr "um palíndromo"
+
+msgid "case changes only"
+msgstr "mudanças de caixa somente"
+
+msgid "too similar"
+msgstr "muito similar"
+
+msgid "too simple"
+msgstr "muito simples"
+
+msgid "rotated"
+msgstr "rotacionado"
+
+msgid "too short"
+msgstr "muita pequena"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Senha ruim : %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd : pam_start() falhou, erro %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd : %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: senha inalterada\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: senha atualizada com sucesso\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Senha incorreta para %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: falha ao abandonar privilégios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: telefone residencial inválido: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: não foi possível criar o diretório %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: não foi possível criar o diretório %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to create tcb directory for %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: Falha ao criar diretório tcb para %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"inválido ENCRYPT_METHOD valor: '%s'.\n"
+"falta de DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Não consegui ir para o diretório '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Sem diretório, logando com HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Não foi possível executar %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Diretório raíz inválido '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Não foi possível mudar o diretório raíz para '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Não foi possível determinar o nome de seu tty."
+
+msgid "No"
+msgstr "Não"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] LOGIN\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday ULTIMO_DIA define última mudança de senha para "
+"ULTIMO_DIA\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate DATA_EXPIRAÇÃO\n"
+" define data de expiração de conta para\n"
+" DATA_EXPIRAÇÃO\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+" -h, --help mostrar esta mensagem de ajuda e sair\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INATIVO define senha inativa após expiração\n"
+" para INATIVO\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+" -l, --list exibe informação sobre idade da conta\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays MIN_DIAS define número mínimo de dias antes da\n"
+" troca de senha para MIN_DIAS\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays MAX_DIAS define número máximo de dias antes da\n"
+" troca de senha para MAX_DIAS\n"
+" -W, --warndays AVISO_DIAS define dias para aviso de expiração para\n"
+" AVISO_DIAS\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Informe o novo valor ou pressione ENTER para aceitar o padrão"
+
+msgid "Minimum Password Age"
+msgstr "Idade Mínima da Senha"
+
+msgid "Maximum Password Age"
+msgstr "Idade Máxima da Senha"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Última Mudança de Senha (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Aviso de Expiração de Senha"
+
+msgid "Password Inactive"
+msgstr "Senha Inativa"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data de Expiração de Senha (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Última mudança de senha\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nunca"
+
+msgid "password must be changed"
+msgstr "Senha modificada"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Senha expira\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Senha inativa\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Conta expira\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Número mínimo de dias entre troca de senhas\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Número máximo de dias entre troca de senhas\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Número de dias de avisos antes da expiração da senha\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: data `%s' inválida\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argumento numérico `%s' inválido\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s : não inclua \"l\" com outras flags\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s : Permissão negada.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s : Não foi possível determinar seu nome de usuário.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: não foi possível travar %s; tente novamente mais tarde.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: não consegui abrir %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: falha ao escrever mudanças em %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s : o arquivo de senhas shadow não está presente\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: usuário '%s' não existe em %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Mudando a informação de idade para %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s : erro modificando campos\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [LOGIN]\n"
+"\n"
+"Opções:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+" -u, --help mostrar esta mensagem de ajuda e sair\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nome Completo"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Número da Sala"
+
+msgid "Work Phone"
+msgstr "Fone de Trabalho"
+
+msgid "Home Phone"
+msgstr "Fone Residencial"
+
+msgid "Other"
+msgstr "Outro"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Não foi possível mudar o ID para root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: nome com caracteres não-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nome inválido: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: número da sala com caracteres não-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: número de sala inválido: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: telefone do trabalho inválido: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: telefone residencial inválido: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' contém caracteres não-ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' contém caracteres ilegais\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: usuário '%s' não existe\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: não foi possível mudar o usuário '%s' no cliente NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' é o NIS mestre para este cliente.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Modificando as informações de usuário para %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s : campos muito extensos\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções]\n"
+"\n"
+"Opções:\n"
+
+#, fuzzy, c-format
+#| msgid " -c, --crypt-method <METHOD> the crypt method (one of %s)\n"
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method <MÉTODO> método de criptografia (dentre %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr " -e, --encrypted senhas fornecidas são criptografadas\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 criptografa a senha em texto plano usando o\n"
+" algoritmo MD5\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+"-s, --sha-rounds Números de SHA rodadas para a SHA *\n"
+" algoritmos criptografados\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: flag %s é permitida somente com a flag %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: the -c, -e, and -m flags são exclusivos\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: metodo de encriptação não suportado : %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s : linha %d : linha muito extensa\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s : linha %d : nova senha faltando\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: falha ao remover %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: linha %d: grupo %s não existe\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linha %d: falhou ao preparar a nova entrada %s '%s'\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s : erro detectado, mudanças ignoradas\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (linha %d, usuário %s) senha inalterada\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: linha %d: usuário '%s' não existe\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell SHELL novo shell de login para a conta de usuário\n"
+
+msgid "Login Shell"
+msgstr "Shell de Login"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Você não pode mudar o shell para '%s'.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Mudando o shell de login para %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s : Entrada inválida : %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s é um shell inválido\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Atenção: %s não existe\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Atenção: %s não é executável\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: opções %s e %s em conflito\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: argumento inesperado: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all mostrar registros de faillog de todos os "
+"usuários\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs SEG depois de login falhar, travar a conta por "
+"SEG segundos\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAX ajustar o máximo de contadores de falha de "
+"logins para MAX\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset zera os contadores de falhas de login\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DIAS mostra os registros do faillog mais recentes "
+"que DIAS dias\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user LOGIN/RANGE mostra o registro do faillog ou mantém\n"
+" contadores e limites de falhas (se usado "
+"com\n"
+" -r, -m ou -l) apenas para os LOGIN(s)\n"
+" especificados\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Falha ao obter a entrada para o UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Login Falhas Máximo Último Em\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus restante]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lock]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Falha em zerar o contador de falhas para o UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Falha ao ajustar o max para o UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Falha ao ajustar o tempo de trava para o UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Usuário ou intervalo desconhecidos: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Não foi possível obter o tamanho de %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: falha ao remover %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opção] GRUPO\n"
+"\n"
+"Opções:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add USUÃRIO adiciona o USUÃRIO ao GRUPO\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete USUÃRIO remove USUÃRIO do GRUPO\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password remove a senha do GRUPO\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict restringe acesso dos membros ao GRUPO\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr " -M, --members USUÃRIO,... ajusta a lista de membros do GRUPO\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" ajusta a lista de administradores para o "
+"GRUPO\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Exceto para as opções -A e -M, as opções não podem ser combinadas.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "As opções não podem ser combinadas.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s : senhas de grupo shadow requeridas para -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grupo '%s' não existe em %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: falha ao fechar %s somente leitura\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Mudando a senha para o grupo %s\n"
+
+msgid "New Password: "
+msgstr "Nova Senha : "
+
+msgid "Re-enter new password: "
+msgstr "Informe a nova senha novamente : "
+
+msgid "They don't match; try again"
+msgstr "As senhas não são iguais; tente novamente"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s : Tente novamente mais tarde\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Adicionando usuário %s ao grupo %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Removendo usuário %s do grupo %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: usuário '%s' não é um membro de '%s'\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s : Não é um tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] GRUPO\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force sai com sucesso se o grupo já existe,\n"
+" e cancela -g se o GID já está em uso\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID usa GID para o novo grupo\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key CHAVE=VALOR sobreescreve os padrões de /etc/login.defs\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique permite criar grupos com GID duplicado\n"
+" (não-único)\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password SENHA usa a senha criptografada para o novo grupo\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system cria uma conta de sistema\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' não é um nome de grupo válido\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ID de grupo '%s' inválido\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s : -K requer CHAVE=VALOR\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grupo '%s' já existe\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID '%lu' já existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s : Não foi possível determinar seu nome de usuário.\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -r, --reset zera os contadores de falhas de login\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: não é possível remover entrada '%s' de %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: não é possível remover o grupo primário do usuário '%s'\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grupo '%s' não existe\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grupo '%s' é um grupo NIS\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s : %s é o mestre NIS\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: usuário '%s' já é um membro de '%s'\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Sem memória. Não pode atualizar %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [ação]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group nome_do_grupo muda nome_do_grupo ao invés do grupo do "
+"usuário\n"
+" (apenas root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Ações:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add username adiciona username aos membros do grupo\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr " -d, --delete username remove username dos membros do grupo\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge remove todos os membros do grupo\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list lista os membros do grupo\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: seu nome de grupo não casa com seu nome de usuário\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: apenas o root pode usar a opção -g/--group\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID muda o ID do grupo para GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name NOVO_GRUPO muda o nome para NOVO_GRUPO\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique permite usar um GID (não-único) duplicado\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password SENHA muda a senha para esta SENHA "
+"(criptografada)\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: nome de grupo '%s' inválido\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s : grupo %s é um grupo NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s : usuário %s desconhecido\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [group [gshadow]]\n"
+"\n"
+"Opções:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [group]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s e -r são incompatíveis\n"
+
+msgid "invalid group file entry"
+msgstr "entrada inválida no arquivo de grupo"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "remover a linha '%s'? "
+
+msgid "duplicate group entry"
+msgstr "entrada de grupo duplicada"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nome de grupo '%s' inválido\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ID de grupo '%lu' inválido\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupo %s : nenhum usuário %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "remover membro '%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "não há entrada no arquivo de grupos em %s compatível\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "adicionar grupo '%s' em %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"o grupo %s tem uma entrada em %s, mas seu campo de senha em %s não está com "
+"o valor 'x'\n"
+
+msgid "invalid shadow group file entry"
+msgstr "entrada inválida no arquivo de grupo shadow"
+
+msgid "duplicate shadow group entry"
+msgstr "entrada de grupo shadow duplicada"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grupo shadow %s : nenhum usuário administrativo %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "remover membro administrativo '%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupo shadow %s : nenhum usuário %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s : os arquivos foram atualizados\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s : nenhuma mudança\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: não é possível apagar %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Uso : id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Uso : id\n"
+
+msgid " groups="
+msgstr " grupos="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before DIAS imprime somente registros lastlog mais\n"
+" antigos que DIAS\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -a, --all mostrar registros de faillog de todos os "
+"usuários\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -a, --all mostrar registros de faillog de todos os "
+"usuários\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DIAS imprime somente registros lastlog mais\n"
+" recentes que DIAS\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user LOGIN imprime registro lastlog para usuário com\n"
+" LOGIN especificado\n"
+
+msgid "Username Port From Latest"
+msgstr "Nome de Usuário Porta De Último"
+
+msgid "Username Port Latest"
+msgstr "Nome de Usuário Porta Último"
+
+msgid "**Never logged in**"
+msgstr "**Nunca logou**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Falha ao obter a entrada para o UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s : não foi possível atualizar arquivo de senhas\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Uso : %s [-p] [nome]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h host] [-f nome]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "erro de configuração - não foi possível verificar o valor %s: '%d'"
+
+msgid "Invalid login time"
+msgstr "Hora de login inválida"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema fechado para manutenção de rotina"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Desconexão contornada -- login de root permitido.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: talvez não seja possível trabalhar sem o root efetivamente\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Nenhuma entrada utmp. Voce deve executar \"login\" do \"sh\" de nível mais "
+"baixo"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Login expirou após %u segundos.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Falha do PAM, abortando: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "Login %s: "
+
+msgid "login: "
+msgstr "login:"
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Número máximo de tentativas excedido (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: abortar requesitado pelo PAM\n"
+
+msgid "Login incorrect"
+msgstr "Login incorreto"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s : linha %d : não foi possível encontrar usuário %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login : "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: falha iniciando: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY falha na %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Aviso : login rehabilitado após travamento temporário."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Último login : %s em %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Último login : %.19s em %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " de %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"tempo de login excedido\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Uso: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Uso : newgrp [-] [grupo]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Uso : sg group [[-c] comando]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: falha ao remover %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Senha inválida.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: falha ramificando: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID '%lu' não existe\n"
+
+msgid "too many groups\n"
+msgstr "muitos grupos\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system cria contas de sistema\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: grupo '%s' é um grupo shadow, mas não existe em /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ID de usuário '%s' inválido\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s : nome de usuário '%s' inválido\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s : linha %d : linha inválida\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: não conseguiu atualizar a entrada do usuário %s (não está no banco de "
+"dados passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linha %d: não foi possível criar usuário\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linha %d: não foi possível criar grupo\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: linha %d: usuário '%s' não existe em %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s : linha %d : não foi possível atualizar a senha\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linha %d: mkdir %s falhou: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linha %d: chown %s falhou: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s : linha %d : não foi possível atualizar entrada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: não foi possível criar usuário\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s : não foi possível atualizar arquivo de grupo\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all reportar estado de senhas em toda as contas\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+" -d, --delete remover a senha para a conta indicada\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire forçar expiração da senha para a conta "
+"indicada\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr " -k, --keep-tokens mudar senha somente caso expirada\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INATIVO definir senha inativa após expiração para\n"
+" INATIVO\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -l, --lock trava a conta indicada\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_DIAS define número mínimo de dias antes da troca\n"
+" de senhas para MIN_DIAS\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet modo silencioso\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+" -r, --repository REPOSITÓRIO mudar senha no repositório REPOSITÓRIO\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status reportar estado de senha para a conta "
+"indicada\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr " -u, --unlock destravar a conta indicada\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays DIAS_AVISO define dias de aviso de expiração para\n"
+" DIAS_AVISO\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAX_DIAS define número máximo de dias antes da troca\n"
+" de senhas para MAX_DIAS\n"
+
+msgid "Old password: "
+msgstr "Senha antiga : "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Informe a nova senha (mínimo de %d caracteres)\n"
+"Por favor, use uma combinação de letras em maiúsculas e minúsculas\n"
+"e de números.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Informe a nova senha (mínimo de %d, máximo de %d caracteres)\n"
+"Por favor, use uma combinação de letras em maiúsculas e minúsculas\n"
+"e de números.\n"
+
+msgid "New password: "
+msgstr "Nova senha : "
+
+msgid "Try again."
+msgstr "Tente novamente."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Aviso : senha fraca (informe-a novamente para usá-la de qualquer forma)."
+
+msgid "They don't match; try again.\n"
+msgstr "As senhas não são iguais; tente novamente.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "A senha para %s não pode ser modificada.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "A senha para %s ainda não pode ser modificada.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: Desbloquear a senha pode resultar em uma conta sem senha.\n"
+"Você deve ajustar a senha com usermod -p para desbloquear esta conta.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s : repositório %s não suportado\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s não está autorizado a trocar a senha de %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: Você não pode visualizar ou modificar informações de senha para %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Modificando a senha para %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "A senha para %s não foi modificada.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: senha modificada.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: informação de expiração de senha alterada.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [passwd]\n"
+"\n"
+"Opções:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [passwd [shadow]]\n"
+"\n"
+"Opções:\n"
+
+#, fuzzy
+#| msgid " -q, --quiet quiet mode\n"
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet modo silencioso\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: não é permitido arquivo shadow alternativo quando USE_TCB está "
+"habilitado.\n"
+
+msgid "invalid password file entry"
+msgstr "entrada de arquivo de senha inválida"
+
+msgid "duplicate password entry"
+msgstr "entrada de senha duplicada"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nome de usuário '%s' inválido\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "ID de usuário '%lu' inválido\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "usuário '%s': nenhum grupo %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "usuário '%s': diretório '%s' não existe\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "usuário '%s': programa '%s' não existe\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "não há diretório tcb para %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "criar diretório tcb para %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "falhou ao criar diretório tcb para %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: não posso travar %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "não há entrada no arquivo de senhas em %s compatível\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "adicionar usuário '%s' em %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"usuário %s tem uma entrada em %s, mas seu campo de senha em %s não está com "
+"o valor 'x'\n"
+
+msgid "invalid shadow password file entry"
+msgstr "entrada de arquivos de senhas shadow inválida"
+
+msgid "duplicate shadow password entry"
+msgstr "entrada de senha shadow inválida"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "usuário %s : última mudança de senha no futuro\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: não é possível ordenar entradas em %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: não é possível funcionar com tcb habilitado\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: falha ao mudar o modo de %s para 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Acesso ao su para esta conta NEGADO.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Autenticação por senha contornada.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Por favor, informe sua PRÓPRIA senha como autenticação.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Não posso ramificar shell de usuário\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: mal funcionamento do sinal\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: al funcionamento da máscara do sinal\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sessão terminada, encerrando o shell..."
+
+msgid " ...killed.\n"
+msgstr " ...morto.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...esperando o filho terminar.\n"
+
+msgid " ...terminated.\n"
+msgstr " ...encerrado.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Uso: su [opções] [LOGIN]\n"
+"\n"
+"Opções:\n"
+" -c, --command COMANDO passa COMANDO para o shell invocado\n"
+" -h, --help exibe esta mensagem de ajuda e finaliza\n"
+" -, -l, --login torna o shell um shell de login\n"
+" -m, -p,\n"
+" --preserve-environment não zera variáveis de ambiente e\n"
+" mantém o mesmo shell\n"
+" -s, --shell SHELL utiliza SHELL ao invés do padrão no passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s : %s\n"
+"(Ignorado)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Você não está autorizado a usar o su para %s\n"
+
+msgid "(Enter your own password)"
+msgstr "{Informe sua própria senha)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Falha de autenticação\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Você não está autorizado a usar o su agora\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Nenhuma entrada de senha para 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s : deve ser executado a partir de um terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s : pam_start : erro %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot remove the content of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Não é possível remover o conteúdo de %s: %s\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Não foi possível executar %s\n"
+
+msgid "No password file"
+msgstr "Sem arquivo de senhas"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY falhou"
+
+msgid "No password entry for 'root'"
+msgstr "Nenhuma entrada de senha para 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Digite Control-D para continuar com a inicialização normal,\n"
+"(ou forneça a senha de root para administração do sistema) :"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Entrando em Modo de Manutenção do Sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s foi criado, mas não pode ser removido\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: a configuração %s em %s será ignorada\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: não foi possível criar novo arquivo de padrões\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: não foi possível abrir novo arquivo de padrões\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linha muito longa em %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: não foi possível criar link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: renomear: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grupo '%s' é um grupo NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: muitos grupos especificados (máximo %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] LOGIN\n"
+" %s -D\n"
+" %s -D [opções]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir BASE_DIR diretório base para o diretório pessoal da\n"
+" nova conta\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment COMENTÃRIO campo GECOS da nova conta\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir DIR_PESSOAL diretório pessoal da nova conta\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults exibe ou altera configuração padrão do "
+"useradd\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+" -e, --expiredate DATA_DE_EXPIRAÇÃO data de expiração da nova conta\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive INATIVO período de inatividade de senha da nova "
+"conta\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid GRUPO nome ou ID do grupo primário da nova\n"
+" conta\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups GRUPOS lista de grupos complementares da nova\n"
+" conta\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+" -k, --skel SKEL_DIR use este diretório esqueleto (skeleton) "
+"alternativo\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init não adiciona o usuário aos bancos de dados\n"
+" lastlog e faillog\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr " -m, --create-home cria o diretório pessoal do usuário\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+" -M, --no-create-home não cria o diretório pessoal do usuário\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group não cria um grupo com o mesmo nome do "
+"usuário\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique permite criar usuários com UID duplicado\n"
+" (não-único)\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr " -p, --password SENHA senha criptografada da nova conta\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell SHELL shell de login da nova conta\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID ID de usuário da nova conta\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group cria um grupo com o mesmo nome do usuário\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user USUÃRIO_SE usa um USUÃRIO_SE específico para o "
+"mapeamento de\n"
+" usuário SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: diretório base '%s' inválido\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: comentário '%s' inválido\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: diretório pessoal '%s' inválido\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s : senhas shadow necessárias para -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s : senhas shadow necessárias para -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: campo '%s' inválido\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: shell '%s' inválida\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z precisa de um núcleo com o SELinux habilitado\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: falha ao zerar a entrada do faillog de UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: falha ao zerar a entrada do lastlog do UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s : não foi possível criar diretório %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Criando caixa-postal"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Grupo 'mail' não encontrado.Criando o usuário caixa-postal arquivo no modo "
+"0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Configurando caixa-postal arquivos de permissao"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: usuário '%s' já existe\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s : grupo %s existe - caso você ueira adicionar esse usuário a esse\n"
+"grupo, utilize -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: não foi possível criar usuário\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu não é único\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Falha ao criar diretório tcb para %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: não é possível criar grupo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: não foi possível criar usuário\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: não é possível criar grupo\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: aviso: o diretório pessoal já existe.\n"
+"Não copiando nenhum arquivo do diretótio skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: atenção: o relacionamento do nome de usuário %s para o usuário SELinux "
+"%s falhou.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force força remoção dos arquivos,\n"
+" mesmo se não forem do usuário\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove remove o diretório pessoal e spool de "
+"mensagens\n"
+
+#, fuzzy
+#| msgid ""
+#| " -Z, --selinux-user new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user novo mapeamento de usuário SELinux para a "
+"conta de usuário\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: não é possível remover o grupo primário do usuário '%s'\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: grupo %s é o grupo primário de outro usuário e não será removido.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: não é possível remover entrada '%s' de %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s home directory (%s) not found\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: diretório pessoal %s (%s) não encontrado\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: atenção: não é possível remover %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s : %s não é propriedade de %s, não removendo\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: Não é possível alocar memória, a entrada tcb para %s não foi removida.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Não é possível retirar privilégios: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Não é possível remover o conteúdo de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Não é possível remover arquivos tcb para %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s : usuário %s é um usuário NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: diretório pessoal %s (%s) não encontrado\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s : não removendo diretório %s (removeria o home do usuário %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s : erro removendo diretório %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: atenção: o relacionamento do nome de usuário %s para o usuário SELinux "
+"%s falhou.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment COMENTÃRIO novo valor do campo GECOS\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home DIR_PESSOAL novo diretório de login para a nova conta "
+"de\n"
+" usuário\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate DATA_EXPIRA define data de expiração de conta para\n"
+" DATA_EXPIRA\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INATIVO define inatividade de senha após expiração\n"
+" para INATIVO\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid GRUPO forçar usar GRUPO como novo grupo primário\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups GRUPOS nova lista de GRUPOS suplementares\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append anexa o usuário para os GRUPOS "
+"suplementares\n"
+" mencionados pela opção -G sem remove-lo de\n"
+" outros grupos\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login LOGIN novo valor do nome de login\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock trava a conta de usuário\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home move o conteúdo do diretório pessoal para\n"
+" a novo localização (use somente com -d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique permitir usar UID duplicados (não-únicos)\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password SENHA usar senha criptografada para a nova senha\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID novo UID para a conta de usuário\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock destravar a conta de usuário\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -Z, --selinux-user new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user novo mapeamento de usuário SELinux para a "
+"conta de usuário\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: Desbloquear a senha do usuario pode resultar em conta sem senha.\n"
+"Você deve ajustar a senha com usermod -p para desbloquear a senha\n"
+"deste usuário.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: usuário '%s' já existe em %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: data `%s' inválida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: data `%s' inválida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: não consegui abrir %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: the -L, -p, and -U flags são exclusivas\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s : senhas shadow necessárias para -e e -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID '%lu' já existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s não está autorizado a trocar a senha de %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s : diretório %s existe\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: O diretório pessoal anterior (%s) não é um diretório. Ele não foi "
+"removido e nenhum diretório pessoal foi criado.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Falha ao mudar o proprietário do diretório pessoal"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: aviso: falha completa ao remover antigo diretório pessoal %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s : não foi possível renomear diretório %s para %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: falha ao copiar a entrada lastlog do usuário %lu para o usuário %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr "%s: falha ao copiar a entrada faillog do usuário %lu para o %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s : aviso : %s não é propriedade de %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "falha au mudar o dono da caixa-postal"
+
+msgid "failed to rename mailbox"
+msgstr "falha ao renomear caixa-postal"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Você modificou %s.\n"
+"Talvez você precise modificar %s para ter coerência.\n"
+"Por favor use o comando '%s' para faze-lo.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group edita banco de dados de grupo\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd edita banco de dados passwd\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+" -s, --shadow editar o banco de dados shadow ou gshadow\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+" -u, --user que arquivo shadow tcb de usuário editar\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: falha ao remover %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s está inalterado\n"
+
+msgid "failed to create scratch directory"
+msgstr "falha ao criar diretório rascunho"
+
+msgid "failed to drop privileges"
+msgstr "falha ao remover privilégios"
+
+msgid "Couldn't get file context"
+msgstr "Não posso obter contexto de arquivo"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () falhou"
+
+msgid "failed to gain privileges"
+msgstr "falha ao obter privilégios"
+
+msgid "Couldn't lock file"
+msgstr "Não foi possível obter lock em arquivo"
+
+msgid "Couldn't make backup"
+msgstr "Não foi possível fazer backup"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s : %s não encontrado em /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "falha ao abrir arquivo de rascunho"
+
+msgid "failed to unlink scratch file"
+msgstr "falha ao desvincular arquivo de rascunho"
+
+msgid "failed to stat edited file"
+msgstr "falha ao fazer stat de arquivo editado"
+
+msgid "failed to allocate memory"
+msgstr "falha ao alocar memória"
+
+msgid "failed to create backup file"
+msgstr "falha ao criar arquivo de backup"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s : não foi possível restaurar %s : %s (suas mudanças estão em %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: falha ao procurar o diretório tcb para %s\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr ""
+#~ " -c, --crypt-method o método de criptografia (dentre %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Uso: vipw [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) falhou\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: chage [opções] [LOGIN]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -d, --lastday ULTIMO_DIA define última mudança de senha para "
+#~ "ULTIMO_DIA\n"
+#~ " -E, --expiredate DATA_EXPIRAÇÃO define data de expiração de conta "
+#~ "para\n"
+#~ " DATA_EXPIRAÇÃO\n"
+#~ " -h, --help exibe esta mensagem de ajuda e sai\n"
+#~ " -I, --inactive INATIVO define senha inativa após expiração\n"
+#~ " para INATIVO\n"
+#~ " -l, --list exibe informação sobre idade da conta\n"
+#~ " -m, --mindays MIN_DIAS define número mínimo de dias antes da\n"
+#~ " troca de senha para MIN_DIAS\n"
+#~ " -M, --maxdays MAX_DIAS define número máximo de dias antes da\n"
+#~ " troca de senha para MAX_DIAS\n"
+#~ " -W, --warndays AVISO_DIAS define dias para aviso de expiração "
+#~ "para\n"
+#~ " AVISO_DIAS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s : autenticação PAM falhou\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Uso : %s [-f nome_completo] [-r número_sala] [-w fone_trabalho]\n"
+#~ "\t[-h fone_residencial] [-o outro] [usuário]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Uso : %s [-f nome_completo] [-r número_sala] [-w fone_rabalho] [-h "
+#~ "fone_residencial]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: %s [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -c, --crypt-method o método de criptografia (dentre %s)\n"
+#~ " -e, --encrypted senhas fornecidas estão criptografadas\n"
+#~ " -h, --help exibir esta mensagem de ajuda e "
+#~ "finalizar\n"
+#~ " -m, --md5 criptografar a senha em texto plano "
+#~ "usando\n"
+#~ " o algoritmo MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Use: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help exibir a mensagem de ajuda e sair\n"
+#~ " -s, --shell SHELL novo login shell para conta de usuario\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Uso : expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: Falha em conseguir a entrada para o UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: não foi possível abrir %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Não foi possível obter o tamanho de %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Uso: groupdel grupo\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Uso : %s [-r] [-s] [grupo [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Uso : %s [-r] [-s] [grupo]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s : -s e -r são incompatíveis\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Uso: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Uso: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: lastlog [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -b, --before DIAS imprime somente registros lastlog mais\n"
+#~ " antigos que DIAS\n"
+#~ " -h, --help exibe esta mensagem de ajuda e finaliza\n"
+#~ " -t, --time DIAS imprime somente registros lastlog mais\n"
+#~ " recentes que DIAS\n"
+#~ " -u, --user LOGIN imprime registro lastlog para usuário "
+#~ "com\n"
+#~ " LOGIN especificado\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: passwd [opções] [LOGIN]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -a, --all reportar estado de senhas em toda as "
+#~ "contas\n"
+#~ " -d, --delete remover a senha para a conta indicada\n"
+#~ " -e, --expire forçar expiração da senha para a conta "
+#~ "indicada\n"
+#~ " -h, --help exibir esta mensagem de ajuda e sai\n"
+#~ " -k, --keep-tokens mudar senha somente caso expirada\n"
+#~ " -i, --inactive INATIVO definir senha inativa após expiração "
+#~ "para\n"
+#~ " INATIVO\n"
+#~ " -l, --lock trava a conta indicada\n"
+#~ " -n, --mindays MIN_DIAS define número mínimo de dias antes da "
+#~ "troca\n"
+#~ " de senhas para MIN_DIAS\n"
+#~ " -q, --quiet modo silencioso\n"
+#~ " -r, --repository REPOSITÓRIO mudar senha no repositório REPOSITÓRIO\n"
+#~ " -S, --status reportar estado de senha para a conta "
+#~ "indicada\n"
+#~ " -u, --unlock destravar a conta indicada\n"
+#~ " -w, --warndays DIAS_AVISO define dias de aviso de expiração para\n"
+#~ " DIAS_AVISO\n"
+#~ " -x, --maxdays MAX_DIAS define número máximo de dias antes da "
+#~ "troca\n"
+#~ " de senhas para MAX_DIAS\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Uso: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Uso : %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Uso: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Uso: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id desconhecido : %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Sem shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -f, --force força remoção dos arquivos,\n"
+#~ " mesmo se não forem do usuário\n"
+#~ " -h, --help exibe esta mensagem de ajuda e sai\n"
+#~ " -r, --remove remove o diretório pessoal e spool de "
+#~ "mensagens\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s : o usuário %s está logado no momento\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: usermod [opções] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -c, --comment COMENTÃRIO novo valor do campo GECOS\n"
+#~ " -d, --home DIR_PESSOAL novo diretório de login para a nova conta "
+#~ "de\n"
+#~ " usuário\n"
+#~ " -e, --expiredate DATA_EXPIRA define data de expiração de conta para\n"
+#~ " DATA_EXPIRA\n"
+#~ " -f, --inactive INATIVO define inatividade de senha após "
+#~ "expiração\n"
+#~ " para INATIVO\n"
+#~ " -g, --gid GRUPO forçar usar GRUPO como novo grupo "
+#~ "primário\n"
+#~ " -G, --groups GRUPOS nova lista de GRUPOS suplementares\n"
+#~ " -a, --append anexa o usuário para os GRUPOS "
+#~ "suplementares\n"
+#~ " mencionados pela opção -G sem remove-lo "
+#~ "de\n"
+#~ " outros grupos\n"
+#~ " -h, --help exibe esta mensagem de ajuda e sai\n"
+#~ " -l, --login LOGIN novo valor do nome de login\n"
+#~ " -L, --lock trava a conta de usuário\n"
+#~ " -m, --move-home move o conteúdo do diretório pessoal "
+#~ "para\n"
+#~ " a novo localização (use somente com -d)\n"
+#~ " -o, --non-unique permitir usar UID duplicados (não-"
+#~ "únicos)\n"
+#~ " -p, --password SENHA usar senha criptografada para a nova "
+#~ "senha\n"
+#~ " -s, --shell SHELL novo shell de login para a conta de "
+#~ "usuário\n"
+#~ " -u, --uid UID novo UID para a conta de usuário\n"
+#~ " -U, --unlock destravar a conta de usuário\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s : nenhuma flag informada\n"
+
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: vipw [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -g, --group editar base de dados de grupo\n"
+#~ " -h, --help exibir esta mensagem de ajuda e "
+#~ "finalizar\n"
+#~ " -p, --passwd editar base de dados de senhas\n"
+#~ " -q, --quiet modo quieto\n"
+#~ " -s, --shadow editar base de dados shadow ou gshadow\n"
+#~ "\n"
+
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Uso : %s [entrada]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s : não foi possível criar %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s : não foi possível executar chown %s\n"
+
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: faillog [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -a, --all exibir registros faillog para todos os usuários\n"
+#~ " -h, --help exibiri esta mensagem de ajuda e finalizar\n"
+#~ " -l, --lock-time SEG após falha de login travar conta por SEG "
+#~ "segundos\n"
+#~ " -m, --maximum MAX define contadores de logins falhos para MAX\n"
+#~ " -r, --reset zerar os contadores de falhas de login\n"
+#~ " -t, --time DIAS exibir registros faillog mais recentes que DIAS\n"
+#~ " -u, --user LOGIN exibir registros faillog ou manter somente\n"
+#~ " contadores de falhas e limites (caso usado com\n"
+#~ " as opções -r, -m ou -l) para usuário com LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: groupadd [opções] grupo\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -f, --force forçar sair com estado de sucesso caso\n"
+#~ " grupo especificado já exista\n"
+#~ " -g, --gid GID utilizar GID para o novo grupo\n"
+#~ " -h, --help exibir esta mensagem de ajuda e "
+#~ "finalizar\n"
+#~ " -K, --key CHAVE=VALOR sobrepõe os padrões em /etc/login.defs\n"
+#~ " -o, --non-unique permiti criar grupo com GID duplicado\n"
+#~ " (não-único)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: groupadd [opções] grupo\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -f, --force forçar sair com estado de sucesso caso\n"
+#~ " grupo especificado já exista\n"
+#~ " -g, --gid GID utilizar GID para o novo grupo\n"
+#~ " -h, --help exibir esta mensagem de ajuda e "
+#~ "finalizar\n"
+#~ " -K, --key CHAVE=VALOR sobrepõe os padrões em /etc/login.defs\n"
+#~ " -o, --non-unique permiti criar grupo com GID duplicado\n"
+#~ " (não-único)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: useradd [opções] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -b, --base-dir DIR_BASE diretório base para o diretório pessoal\n"
+#~ " da nova conta de usuário\n"
+#~ " -c, --comment COMENTÃRIO define o campo GECOS para a nova conta "
+#~ "de\n"
+#~ " usuário\n"
+#~ " -d, --home-dir DIR_PESSOAL diretório pessoal para a nova conta de\n"
+#~ " usuário\n"
+#~ " -D, --defaults imprime ou salva configuração padrão do\n"
+#~ " useradd modificada\n"
+#~ " -e, --expiredate DATA_EXPIRA define data de expiração de conta para\n"
+#~ " DATA_EXPIRA\n"
+#~ " -f, --inactive INATIVO define inatividade de senha após "
+#~ "expiração\n"
+#~ " para INATIVO\n"
+#~ " -g, --gid GRUPO força utilização de GRUPO para nova "
+#~ "conta\n"
+#~ " de usuário\n"
+#~ " -G, --groups GRUPOS lista de grupos suplementares para a "
+#~ "nova\n"
+#~ " conta de usuário\n"
+#~ " -h, --help exibe esta mensagem de ajuda e finaliza\n"
+#~ " -k, --skel DIR_SKEL especifica um diretório skel alternativo\n"
+#~ " -K, --key CHAVE=VALOR sobrepões os padrões do /etc/login.defs\n"
+#~ " -m, --create-home cria diretório pessoal para a nova conta "
+#~ "de\n"
+#~ " usuário\n"
+#~ " -o, --non-unique permite cirar usuário com UID duplicado\n"
+#~ " (não-único)\n"
+#~ " -p, --password SENHA utiliza senha encriptada para a nova "
+#~ "conta\n"
+#~ " de usuário\n"
+#~ " -s, --shell SHELL o shell de login para a nova conta\n"
+#~ " de usuário\n"
+#~ " -u, --uid UID força o uso de UID para a nova conta\n"
+#~ " de usuário\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -r, --system create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Use: %s [opções] [input]\n"
+#~ "\n"
+#~ " -c, --crypt-method metodo de criptacao (um de %s)\n"
+#~ " -r, --system criar sistema de contas\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Senha configurada para expirar."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de senhas\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s : não foi possível abrir o arquivo de senhas\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivos de senhas shadow\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de senhas shadow\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s : não foi possível reescrever arquivo de senhas shadow\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s : não foi possível reescrever arquivo de senhas\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s : não foi possível atualizar arquivos de senhas shadow\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNome Completo : %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNúmero da Sala: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tFone de Trabalho: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tFone Doméstico: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "Não foi possível fazer local em arquivo de senhas; tente novamente mais "
+#~ "tarde.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Não foi possível abrir arquivo de senhas.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Erro atualizando a entrada de senha.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Não foi possível gravar as mudanças no arquivo de senhas.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Não foi possível remover o locak do arquivo de senhas.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s : não foi possível obter lock no arquivo de grupo\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s : nao foi possível obter lock no arquivo gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s : não foi possível abrir arquivo shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s : erro atualizando arquivo shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s : erro atualizando entrada de grupo\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s : linha %d : grupo %s desconhecido\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s : linha %d : não foi possível atualizar entrada\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s : nao foi possível obter lock em arquivo shadow\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s : erro atualizando arquivo shadow\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s : erro atualizando arquivo de senhas\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s : linha %d : usuário %s desconhecido\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s : linha %d : não foi possível atualizar entrada de senha\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s : usuário desconhecido\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Usuário Desconhecido : %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Uso : %s [-r|-R] grupo\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a usuário] grupo\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d usuário] grupo\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A usuário,...] [-M usuário,...] grupo\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M usuário,...] grupo\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s : não foi possível obter lock\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s : nõ foi possível obter lock shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s : não foi possível abrir arquivo\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s : não foi possível regravar arquivo shadow\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s : não foi possível remover o lock do arquivo\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s : não foi possível atualizar entrada\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s : não foi possível atualizar entrada shadow\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "grupo desconhecido : %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s : não foi possível abrir arquivo\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s : não foi possível abrir arquivo shadow\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Quem é você ?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s : membro %s desconhecido\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s : erro adicionando nova entrada de grupo\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s : não foi possível regravar arquivo de grupo\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s : não foi possível regravar arquivo de grupo shadow\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de grupo\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de grupo shadow\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo shadow\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s : GID %u não é único\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s : erro removendo entrada de grupo\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s : erro removendo entrada de grupo shadow\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s : não foi possível remover grupo primário do usuário.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Não foi possivel encontrar membro para remover\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Uso : membrosdogrupo -a nomedousuario | -d nomedousuario | -D | -l [-g "
+#~ "nomedogrupo]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Somente o root pode adicionar membros para diferentes grupos\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Acesso ao grupo é necessário\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "proprietario do grupo atual\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s : autenticação PAM falhou\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de grupo\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s : %s não encontrado em /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s : %u não é um GID único\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s : %s não é um nome único\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s : não foi possível reescrever arquivo de senhas\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de senhas\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de senhas\n"
+
+#~ msgid ""
+#~ "%s: cannot change the primary group of user '%s' from %u to %u, since it "
+#~ "is not in the passwd file.\n"
+#~ msgstr ""
+#~ "%s: não foi possivel mudar o grupo primário do usuario '%s' de %u para "
+#~ "%u, uma vez que não se encontra no arquivo passwd.\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s : não foi possível atualizar entrada shadow para %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s : não foi possível atualizar entrada para grupo %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de grupo shadow\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo shadow\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s : não foi possível remover grupo shadow %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s : não foi possível atualizar arquivo de grupo shadow\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s : não foi possível remover arquivo de grupo shadow\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "GID desconhecido : %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID desconhecido : %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s : grupo %s não existe\n"
+
+#~ msgid ""
+#~ "%s: group %s created, failure during the creation of the corresponding "
+#~ "gshadow group\n"
+#~ msgstr ""
+#~ "%s: grupo %s criado, falha durante a criação do grupo correspondente ao "
+#~ "gshadow\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s : usuário %s não existe\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s : nome de usuário '%s' inválido\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s : não foi possível obter de /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s : não foi possível obter de /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s : não foi possível obter de /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s : não foi possível obter de /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s : não foi possível abrir arquivos\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s : erro atualizando arquivos\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s : não foi possível atualizar entrada passwd para %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s : não foi possível abrir arquivo passwd.\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s : não foi possível remover entrada shadow para %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s : não foi possível atualizar arquivo passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s : não foi possível atualizar entrada para usuário %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s : não foi possível remover arquivo de senhas shadow\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s : GID %s desconhecido\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s : grupo %s desconhecido\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s : sem memória em update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s : não foi possível reescrever arquivo de senhas\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s : não foi possível reescrever arquivo de senhas shadow\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de senhas shadow\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de senhas shadow\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s : erro obtendo lock em arquivo de grupo\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s : erro abrindo arquivo de grupo\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s : erro obtendo lock em arquivo de grupo shadow\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s : erro abrindo arquivo de grupo shadow\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s : erro adicionando nova entrada de senha\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s : erro adicionando nova entrada de senha shadow\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s : aviso CREATE_HOME não é suportado, por favor, utilize -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s : erro atualizando entrada de grupo\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s : erro atualizando entrada de grupo\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo shadow\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s : erro removendo entrada de senha\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s : erro removendo entrada de senha shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s : erro adicionando nova entrada de grupo\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s : o uid %lu não é único\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s : erro modificando entrada de senha\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s : erro removendo entrada de senha\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s erro removendo entrada de senha shadow\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s : não foi possível obter GID único\n"
+
+#, fuzzy
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " em `%.100s' de `%.200s'"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr " em `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s : linha %d : não foi possível criar UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s : o nome %s não é único\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: chgpasswd [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ " -e, --encrypted\tsenhas fornecidas estão encriptadas\n"
+#~ " -h, --help\t\texibir esta mensagem de ajuda e finalizar\n"
+#~ " -m, --md5\t\tutilizar encriptação MD5 ao invés de DES quando as\n"
+#~ "\t\t\tsenhas fornecidas não estiverem encriptadas\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Sem arquivo de senhas\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Desculpe.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Desculpe, a senha para %s ainda não pode ser modificada.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Desculpe."
diff --git a/po/ro.po b/po/ro.po
new file mode 100644
index 0000000..9baeff7
--- /dev/null
+++ b/po/ro.po
@@ -0,0 +1,3575 @@
+# translation of shadow_ro.po to Romanian
+# This file is distributed under the same license as the PACKAGE package.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER.
+# Sorin Batariuc <sorin@bonbon.net>, 2004, 2005, 2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.17\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-26 18:18+0100\n"
+"Last-Translator: Sorin Batariuc <sorin@bonbon.net>\n"
+"Language-Team: Romanian <debian-l10n-romanian@lists.debian.org>\n"
+"Language: ro\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=n>1\n"
+"X-Generator: KBabel 1.10.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Nu pot aloca spaţiu pentru informaţiile despre configurare.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"eroare de configurare - element necunoscut '%s' (anunţaţi administratorul)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Parola: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Parola pentru %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Nu pot aloca spaţiu pentru informaţiile despre configurare.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Modific informaţia de temporalitate pentru %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Nu vă pot determina numele de utilizator.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: linia %d: nu pot găsi utilizatorul %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: nu mai este memorie\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: nu pot actualiza fiÅŸierul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: director personal nevalid '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: avertisment: nu pot ÅŸterge "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: avertisment: nu pot ÅŸterge "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: redenumire: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: avertisment: nu pot ÅŸterge "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: avertisment: nu pot ÅŸterge "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: nu pot actualiza fiÅŸierul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: nu pot actualiza fiÅŸierul shadow\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: redenumire: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: nu pot deschide fiÅŸierul %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Avertisment: grup necunoscut %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Avertisment: prea multe grupuri\n"
+
+msgid "Your password has expired."
+msgstr "Parola dvs a expirat."
+
+msgid "Your password is inactive."
+msgstr "Parola dvs este inactivă."
+
+msgid "Your login has expired."
+msgstr "Autentificarea dvs a expirat."
+
+msgid " Contact the system administrator."
+msgstr " Contactaţi administratorul de sistem."
+
+msgid " Choose a new password."
+msgstr " Alegeţi o parolă nouă."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Parola dvs va expira în %ld zile.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Parola dvs va expira mâine."
+
+msgid "Your password will expire today."
+msgstr "Parola dvs va expira azi."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Nu pot schimba tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: câmpuri prea lungi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Inundaţie de mediu\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Nu puteţi schimba $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d eÅŸuare de la ultima autentificare.\n"
+"Ultima oară a fost %s în %s.\n"
+msgstr[1] ""
+"%d eşuări de la ultima autentificare.\n"
+"Ultima oară a fost %s în %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "eşuare în schimbarea proprietarului căsuţei poştale"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: nu pot prelua UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: nu pot prelua GID unic\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: nu pot prelua UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: nu pot prelua UID\n"
+
+msgid "Too many logins.\n"
+msgstr "Prea multe autentificări.\n"
+
+msgid "You have new mail."
+msgstr "Aveţi mesaje noi."
+
+msgid "No mail."
+msgstr "N-aveţi mesaje."
+
+msgid "You have mail."
+msgstr "Aveţi mesaje."
+
+msgid "no change"
+msgstr "nici o schimbare"
+
+msgid "a palindrome"
+msgstr "palindrome"
+
+msgid "case changes only"
+msgstr "doar schimbări de caz"
+
+msgid "too similar"
+msgstr "prea asemănător"
+
+msgid "too simple"
+msgstr "prea simplu"
+
+msgid "rotated"
+msgstr "rotit"
+
+msgid "too short"
+msgstr "prea scurt"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Parolă incorectă: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() a eÅŸuat, eroare %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Parolă schimbată."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: parolă actualizată cu succes\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Parolă incorectă pentru %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: număr telefon acasă nevalid: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Nu pot schimba directorul către'%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Fără director personal, autentificare cu HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Nu pot executa %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Director rădăcină invalid '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Nu pot schimba directorul rădăcină la '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Nu vă pot determina numele tty."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Nu\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Introduceţi noua valoare, sau apăsaţi ENTER pentru cea implicită"
+
+msgid "Minimum Password Age"
+msgstr "Vârsta minimă a parolei"
+
+msgid "Maximum Password Age"
+msgstr "Vârsta maximă a parolei"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Ultima schimbare de parolă (AAAA-LL-ZZ)"
+
+msgid "Password Expiration Warning"
+msgstr "Avertisment de expirare a parolei"
+
+msgid "Password Inactive"
+msgstr "Parolă inactivă"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data expirării contului (AAAA-LL-ZZ)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Ultima schimbare de parolă\t\t\t\t\t: "
+
+msgid "never"
+msgstr "Niciodată"
+
+msgid "password must be changed"
+msgstr "parola trebuie schimbată"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Parola expiră\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Parolă inactivă\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Contul expiră\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Numărul minim de zile dintre schimbările de parolă\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Numărul maxim de zile dintre schimbările de parolă\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Numărul de zile de avertismente înaintea expirării parolei\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: dată nevalidă '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argument numeric nevalid '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: nu include \"l\" cu alte semnalizatoare\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Permisiune refuzată.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Nu vă pot determina numele de utilizator.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: nu pot încuia fişierele, încercaţi mai târziu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: nu pot deschide fiÅŸierul %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s : eşuare la bifurcare: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: fiÅŸierul shadow nu este prezent\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Modific informaţia de temporalitate pentru %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: eroare la modificarea câmpurilor\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nume complet"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Număr cameră"
+
+msgid "Work Phone"
+msgstr "Telefon birou"
+
+msgid "Home Phone"
+msgstr "Telefon acasă"
+
+msgid "Other"
+msgstr "Altele"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Nu pot schimba identificatorul la root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nume nevalid: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: număr de cameră nevalid: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: număr telefon de birou nevalid: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: număr telefon acasă nevalid: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' conţine caractere ilegale\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' conţine caractere ilegale\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: nu pot schimba utilizatorul '%s' pe un client NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' este stăpânul NIS pentru acest client.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Modificare informaţii utilizator pentru %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: câmpuri prea lungi\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: semnalizatorul -a este permis DOAR împreună cu semnalizatorul -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linia %d: linie prea lungă\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linia %d: lipseşte noua parolă\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: grupul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linia %d: nu pot actualiza intrarea\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: a fost detectată o eroare, schimbările sunt ignorate\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Autentificare consolă"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Nu puteţi schimba consola pentru %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Schimb consola de autentificare pentru %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Intrare nevalidă: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s este o consolă nevalidă.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: avertisment: %s nu este deţinut de către %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: argument neaÅŸteptat: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Autentificare Eşuări Maximum Ultima dată La\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds rămase]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds rămase]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Utilizator necunoscut: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Parola pentru %s nu poate fi schimbată.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Parola pentru %s nu poate fi schimbată.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: sunt cerute parole criptate de grup pentru -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grupul %s nu există\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s : eşuare la bifurcare: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Schimbare parolă pentru grupul %s\n"
+
+msgid "New Password: "
+msgstr "Parola nouă: "
+
+msgid "Re-enter new password: "
+msgstr "Reintroduceţi noua parolă: "
+
+msgid "They don't match; try again"
+msgstr "Acestea nu se potrivesc, mai încercaţi odată"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Mai încercaţi mai târziu\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Adaug utilizatorul %s la grupul %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Åžterg utilizatorul %s din grupul %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: nu este un tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s nu este un nume de grup valid\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "nume de grup nevalid '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K cere KEY=VALUE\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grupul %s există\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Nu vă pot determina numele de utilizator.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: nu pot schimba utilizatorul '%s' pe un client NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grupul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grupul '%s' este un grup NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s este stăpân NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: utilizatorul %s este un utilizator NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: nu mai este memorie pentru update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "nume de grup nevalid '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: grupul %s este un grup NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: utilizator necunoscut %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s ÅŸi -r sunt incompatibile\n"
+
+msgid "invalid group file entry"
+msgstr "intrare nevalidă în fişierul de grupuri"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "ÅŸterg linia '%s'? "
+
+msgid "duplicate group entry"
+msgstr "intrare de grup duplicată"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nume de grup nevalid '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "nume de grup nevalid '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupul %s: nici un utilizator %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "ÅŸterg membrul '%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "nici o potrivire între intrările din fişierul de grupuri în %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "adaug grupul '%s' în '%s'?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "intrare nevalidă în fişierul gshadow"
+
+msgid "duplicate shadow group entry"
+msgstr "intrare duplicată în gshadow"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "gshadow %s: nici un utilizator administrativ %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "ÅŸterg membrul administrativ '%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "gshadow %s: nici un utilizator %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: fiÅŸierele au fost actualizate\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: nici o schimbare\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: nu pot actualiza fiÅŸierul %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Utilizare: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Utilizare: id\n"
+
+msgid " groups="
+msgstr " grupuri="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "Nume utilizator Port De la Cel mai recent"
+
+msgid "Username Port Latest"
+msgstr "Nume utilizator Port Cel mai recent"
+
+msgid "**Never logged in**"
+msgstr "**Niciodată autentificat**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: nu pot actualiza fiÅŸierul passwd\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Utilizare: %s [-p] [nume]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h gazdă] [-f nume]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r gazdă\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Timp de autentificare nevalid"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistem închis pentru întreţinere de rutină"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Deconectare ocolită -- autentificare permisă pentru root.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Nici o intrare utmp. Trebuie să executaţi \"login\" de la nivelul cel mai de "
+"jos \"sh\""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Timp expirat pentru autentificare după %d secunde.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "autentificare: eşuare PAM, abandonare : %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s autentificare: "
+
+msgid "login: "
+msgstr "autentificare: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Numărul maxim de încercări a depăşit (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "autentificare: renunţare cerută de PAM\n"
+
+msgid "Login incorrect"
+msgstr "Autentificare incorectă"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: linia %d: nu pot găsi utilizatorul %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s autentificare: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s : eşuare la bifurcare: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Avertisment: autentificare reactivată după blocarea temporară."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Ultima autentificare: %s în %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Ultima autentificare: %.19s în %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " de la %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"depăşirea timpului de autentificare\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Utilizare: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Utilizare: newgrp [-] [grup]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Utilizare: sg grup [[-c] comanda]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Parola veche: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s : eşuare la bifurcare: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+msgid "too many groups\n"
+msgstr "prea multe grupuri\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: grupul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: nume utilizator nevalid '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nume utilizator nevalid '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linia %d: linie nevalidă\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: nu pot actualiza intrarea pentru utilizatorul %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linia %d: nu pot crea GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linia %d: nu pot crea GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linia %d: nu pot actualiza parola\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linia %d: eÅŸuare mkdir\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linia %d: eÅŸuare chown\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linia %d: nu pot actualiza intrarea\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: nu pot crea %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: nu pot actualiza fiÅŸierul de grupuri\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Parola veche: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduceţi noua parolă (minimum %d, maximum %d caractere)\n"
+"Vă rog utilizaţi o combinaţie de litere mari şi mici şi numere.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduceţi noua parolă (minimum %d, maximum %d caractere)\n"
+"Vă rog utilizaţi o combinaţie de litere mari şi mici şi numere.\n"
+
+msgid "New password: "
+msgstr "Parola nouă: "
+
+msgid "Try again."
+msgstr "Mai încercaţi."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Avertisment: parolă slabă (mai introduceţi-o odată pentru a o folosi oricum)."
+
+msgid "They don't match; try again.\n"
+msgstr "Nu se potrivesc, mai încercaţi odată.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Parola pentru %s nu poate fi schimbată.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Parola pentru %s nu poate fi schimbată.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: depozitul %s nu este suportat\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: Nu puteţi vizualiza sau modifica informaţiile despre parola lui %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Schimbare parolă pentru %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Parola pentru %s este neschimbată.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Parolă schimbată."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Avertisment de expirare a parolei"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "intrare nevalidă în fişierul passwd"
+
+msgid "duplicate password entry"
+msgstr "intrare duplicată în passwd"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nume de utilizator nevalid '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "nume de utilizator nevalid '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "utilizatorul %s: fără grup %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "utilizatorul %s: directorul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "utilizatorul %s: programul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: nu pot încuia fişierul %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "nici o potrivire între intrările fişierului passwd în %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "adaug utilizatorul '%s' în '%s'?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "intrare nevalidă în fişierul shadow"
+
+msgid "duplicate shadow password entry"
+msgstr "intrare duplicată în shadow"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "utilizatorul %s: ultima schimbare de parolă s-a făcut în viitor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: nu pot deschide fiÅŸierul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: nu pot rescrie fiÅŸierul\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Acces INTERZIS către su spre acest cont.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Autentificare cu parolă ocolită.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Vă rog introduceţi PROPRIA parolă pentru autentificare.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: nu pot încuia fişierul %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Utilizare: su [opţiuni] [autentificare]\n"
+"\n"
+"Opţiuni:\n"
+" -c, --command COMANDA trimite COMANDA la consola invocată\n"
+" -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+" -, -l, --login face din consolă una de autentificare\n"
+" -m, -p,\n"
+" --preserve-environment nu reface variabilele de mediu, ÅŸi\n"
+" păstrează aceeaşi consolă\n"
+" -s, --shell SHELL foloseşte SHELL în locul celei implicite\n"
+" din passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorat)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Nu sunteţi autorizat pentru su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Introduceţi propria parolă)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: autentificare PAM eşuată\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Nu sunteţi autorizat pentru su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Fără intrare în passwd pentru 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: trebuie pornit de la un terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: eroare %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Nu pot executa %s"
+
+msgid "No password file"
+msgstr "Fără fişier passwd"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Fără intrare în passwd pentru 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Apăsaţi ctrl-D pentru pornire normală,\n"
+"(sau introduceţi parola de root pentru întreţinerea sistemului):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Intrare în modul de întreţinere sistem"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: nu pot crea noile fiÅŸiere implicite\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: nu pot deschide noile fiÅŸiere implicite\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linia %d: eÅŸuare chown\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: redenumire: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grupul '%s' este un grup NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: prea multe grupuri specificate (maximum %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: director de bază nevalid '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: comentariu nevalid '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: director personal nevalid '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: parole criptate cerute pentru -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s; parole criptate cerute pentru -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: fiÅŸier nevalid '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: consolă nevalidă '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Crearea fişierului căsuţă pentru mesaje"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Grupul 'mail' nu a fost găsit. Se crează fişierul căsuţă de mesaje pentru "
+"utilizator cu modul 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Se atribuie permisiunile fişierului căsuţă de mesaje"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: utilizatorul %s există\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: grupul %s există - dacă vreţi să adăugaţi un utilizator la acest grup, "
+"folosiţi -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: nu pot crea %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u nu este unic\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: nu pot crea %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: nu pot crea %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: nu pot crea %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: avertisment: directorul personal există deja.\n"
+"Nu se copiază nici un fişier în el din directorul schelet.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: nu pot schimba utilizatorul '%s' pe un client NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Nu pot ÅŸterge grupul %s care este un grup primar pentru alt utilizator.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: director personal nevalid '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: avertisment: nu pot ÅŸterge "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s nu aparţine de %s, nu se şterge\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: utilizatorul %s este un utilizator NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: director personal nevalid '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: nu se ÅŸterge directorul %s (s-ar ÅŸterge directorul personal al "
+"utilizatorului %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: eroare la ÅŸtergerea directorului %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: utilizatorul %s există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: dată nevalidă '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: dată nevalidă '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: nu pot deschide fiÅŸierul %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: sunt necesare parole criptate pentru -e ÅŸi -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: directorul %s există\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: avertisment: eşuare în a elimina complet vechiul director personal %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: avertisment: %s nu este deţinut de către %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "eşuare în schimbarea proprietarului căsuţei poştale"
+
+msgid "failed to rename mailbox"
+msgstr "eşuare în redenumirea căsuţei poştale"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s este neschimbat\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "eşuare în redenumirea căsuţei poştale"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "N-am putut încuia fişierul"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "N-am putut încuia fişierul"
+
+msgid "Couldn't make backup"
+msgstr "N-am putut face o copie de rezervă"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s negăsit în /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s: nu pot deschide fiÅŸierul de grupuri\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: câmpuri prea lungi\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "eşuare în redenumirea căsuţei poştale"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "eşuare în schimbarea proprietarului căsuţei poştale"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "eşuare în redenumirea căsuţei poştale"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: nu pot reface %s: %s (schimbările dvs. sunt în %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: director de bază nevalid '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Utilizare: %s [input]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) a eÅŸuat\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Folosire: chage [opţiuni] utilizator\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -d, --lastday ULTIMA_ZI setează ultima schimbare de parolă\n"
+#~ " la ULTIMA_ZI\n"
+#~ " -E, --expiredate DATA_EXPIRARE setează data expirării contului la\n"
+#~ " DATA_EXPIRARE\n"
+#~ " -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+#~ " -I, --inactive INACTIVĂ setează parolă inactivă după expirare\n"
+#~ " la INACTIVÄ‚\n"
+#~ " -l, --list arată informaţiile de temporalitate ale\n"
+#~ " contului\n"
+#~ " -m, --mindays MIN_ZILE setează numărul minim de zile înainde "
+#~ "de\n"
+#~ " schimbarea parolei to MIN_ZILE\n"
+#~ " -M, --maxdays MAX_ZILE setează numărul maxim de zile înainte "
+#~ "de\n"
+#~ " schimbarea parolei la MAX_ZILE\n"
+#~ " -W, --warndays AVERTIZ_ZILE setează zilele de avertisment pentru\n"
+#~ " expirare la AVERTIZ_ZILE\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: autentificare PAM eşuată\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Utilizare: %s [-f nume_complet] [-r nr_cameră] [-w cale_lucru]\n"
+#~ "\t[-h cale_acasă] [-o altele] [utilizator]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Utilizare: %s [-f nume_complet] [-r nr_cameră] [-w cale_lucru] [-h "
+#~ "cale_acasă]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Folosire: chpasswd [opţiuni]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -e, --encrypted parolele oferite sunt criptate\n"
+#~ " -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+#~ " -m, --md5 foloseşte criptarea MD5 în loc de DES "
+#~ "atunci\n"
+#~ " când parolele oferite nu sunt criptate\n"
+#~ "%s\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Folosire: userdel [opţiuni] NUME\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -f, --force forţează ştergerea fişierelor, chiar\n"
+#~ " dacă nu sunt proprietatea utilizatorului\n"
+#~ " -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+#~ " -r, --remove ÅŸterge directorul personal ÅŸi cel pentru "
+#~ "mesaje\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Utilizare: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Utilizare: groupdel grup\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Utilizare: %s [-r] [-s] [grup [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Utilizare: %s [-r] [-s] [grup]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s ÅŸi -r sunt incompatibile\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Utilizare: groupdel grup\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Utilizare: groupdel grup\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizaree: lastlog [opţiuni]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -b, --before ZILE afişează doar înregistrările ultimului\n"
+#~ " jurnal mai vechi de ZILE\n"
+#~ " -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+#~ " -t, --time ZILE afişează doar înregistrările ultimului\n"
+#~ " jurnal mai recente de ZILE\n"
+#~ " -u, --user LOGIN afişează înregistrarea ultimului jurnal "
+#~ "pentru\n"
+#~ " utilizatorul cu autentificarea "
+#~ "specificată\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizare: passwd [opţiuni] [nume_cont]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -a, --all afişează starea parolelor din toate "
+#~ "conturile\n"
+#~ " -d, --delete ÅŸterge parola respectivului cont\n"
+#~ " -e, --expire forţează expirarea parolei pentru\n"
+#~ " respectivul cont\n"
+#~ " -h, --help afisează acest mesaj de ajutor şi ieşi\n"
+#~ " -k, --keep-tokens schimbă parola doar dacă este expirată\n"
+#~ " -i, --inactive INACTIV fixează durata de inactivitate a parolei "
+#~ "la\n"
+#~ " INACTIV după expirarea sa\n"
+#~ " -l, --lock blochează respectivul cont\n"
+#~ " -n, --mindays ZILE_MIN fixează numărul minim de zile la "
+#~ "ZILE_MIN\n"
+#~ " înainte de schimbarea parolei\n"
+#~ " -q, --quiet modul silenţios\n"
+#~ " -r, --repository DEPOZIT schimbă parola în depozitul DEPOZIT\n"
+#~ " -S, --status raportează starea parolei respectivului "
+#~ "cont\n"
+#~ " -u, --unlock deblochează respectivul cont\n"
+#~ " -w, --warndays ZILE_AVERT fixează numărul de zile de avertisment "
+#~ "de\n"
+#~ " expirare la ZILE_AVERT\n"
+#~ " -x, --maxdays ZILE__MAX fixează numărul maxim de zile înainde de\n"
+#~ " schimbarea parolei la ZILE_MAX\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Folosire: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Folosire: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Utilizare: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Utilizare: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Identificator necunoscut: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Fără consolă\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Folosire: userdel [opţiuni] NUME\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -f, --force forţează ştergerea fişierelor, chiar "
+#~ "dacă\n"
+#~ " nu sunt proprietatea utilizatorului\n"
+#~ " -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+#~ " -r, --remove ÅŸterge directorul personal ÅŸi cel pentru "
+#~ "mesaje\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: utilizatorul %s este autentificat în acest moment\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Folosire: usermod [opţiuni] NUME\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -a, --append GRUP tadaugă utilizatorul în GRUPUL "
+#~ "suplimentar\n"
+#~ " -c, --comment COMENTARIU valoarea nouă a câmpului GECOS\n"
+#~ " -d, --home DIR_ACASA noul director personal pentru noul "
+#~ "cont\n"
+#~ " -e, --expiredate DATA_EXPIRĂRII setează data expirării contului la\n"
+#~ " DATA_EXPIRÄ‚RII\n"
+#~ " -f, --inactive INACTIVĂ setează parola inactivă după expirare\n"
+#~ " la INACTIVÄ‚\n"
+#~ " -g, --gid GRUP forţează folosirea GRUPULUI ca nou\n"
+#~ " iniţial grup\n"
+#~ " -G, --groups GRUPURI afişează grupurile suplimentare "
+#~ "GRUPURI\n"
+#~ " -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+#~ " -l, --login NUME_NOU noua valoare a numelui de "
+#~ "autentificare\n"
+#~ " -L, --lock blochează contul\n"
+#~ " -m, --move-home mută conţinutul directorului personal "
+#~ "în\n"
+#~ " noua locaţie (foloseşte doar cu -d)\n"
+#~ " -o, --non-unique permite folosirea UID-urilor duplicate\n"
+#~ " (non-unice)\n"
+#~ " -p, --password PAROLA foloseşte criptarea pentru noua parolă\n"
+#~ " -s, --shell SHELL noul mediu de autentificare pentru\n"
+#~ " contul utilizator\n"
+#~ " -u, --uid UID noul UID pentru contul utilizator\n"
+#~ " -U, --unlock deblochează contul utilizator\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: nu s-au atribuit semnalizatoare\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizare: vipw [opţiuni]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -g, --group editează baza de date de grupuri\n"
+#~ " -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+#~ " -p, --passwd editează baza de date de conturi\n"
+#~ " -q, --quiet modul tăcut\n"
+#~ " -s, --shadow editează baza de date shadow sau gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Utilizare: %s [input]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: nu pot crea %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: nu pot schimba proprietarul %s\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizare: faillog [opţiuni]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -a, --all afişează jurnalul înregistrărilor de "
+#~ "eşuări\n"
+#~ " pentru toţi utilizatorii\n"
+#~ " -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+#~ " -l, --lock-time SEC blochează contul la SEC secunde după o\n"
+#~ " autentificare eşuată\n"
+#~ " -m, --maximum MAX setează numărul maxim de autentificări\n"
+#~ " eÅŸuate la MAX\n"
+#~ " -r, --reset resetează contorul de autentificări "
+#~ "eÅŸuate\n"
+#~ " -t, --time DAYS afişează jurnalul înregistrărilor de "
+#~ "eşuări\n"
+#~ " mai recente de DAYS zile\n"
+#~ " -u, --user LOGIN afişează jurnalul înregistrărilor de "
+#~ "eşuări\n"
+#~ " sau menţine contoarele de eşuări şi "
+#~ "limite\n"
+#~ " (dacă este folosit cu opţiunile -r, -m "
+#~ "sau\n"
+#~ " -l) doar pentru utilizatorul LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizare: groupadd [opţiuni] grup\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -f, --force forţează terminarea cu starea de succes\n"
+#~ " dacă grupul specificat există deja\n"
+#~ " -g, --gid GID foloseÅŸte GID pentru noul grup\n"
+#~ " -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+#~ " -K, --key KEY=VALUE înlocuieşte cu setările implicite\n"
+#~ " /etc/login.defs\n"
+#~ " -o, --non-unique permite crearea grupului cu GID duplicat\n"
+#~ " (ne-unic)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizare: groupadd [opţiuni] grup\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -f, --force forţează terminarea cu starea de succes\n"
+#~ " dacă grupul specificat există deja\n"
+#~ " -g, --gid GID foloseÅŸte GID pentru noul grup\n"
+#~ " -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+#~ " -K, --key KEY=VALUE înlocuieşte cu setările implicite /etc/login."
+#~ "defs\n"
+#~ " -o, --non-unique permite crearea grupului cu GID duplicat\n"
+#~ " (ne-unic)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Folosire: useradd [opţiuni] LOGIN\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -b, --base-dir DIR_BAZA baza directorului pentru noul director\n"
+#~ " personal al contului\n"
+#~ " -c, --comment COMENTARIU setează câmpul GECOS pentru noul cont\n"
+#~ " -d, --home-dir DIR_ACASA directorul personal pentru noul cont\n"
+#~ " -D, --defaults afişează sau salvează configuraţia "
+#~ "useradd\n"
+#~ " implicită modificată\n"
+#~ " -e, --expiredate DATA_EXPIRĂRII setează data expirării contului la\n"
+#~ " DATA_EXPIRÄ‚RII\n"
+#~ " -f, --inactive INACTIVĂ setează parola inactivă după expirare\n"
+#~ " la INACTIVÄ‚\n"
+#~ " -g, --gid GRUP forţează folosirea GRUPULUI pentru noul "
+#~ "cont\n"
+#~ " -G, --groups GRUPURI afişează grupurile suplimentare pentru\n"
+#~ " noul cont utilizator\n"
+#~ " -h, --help afişează acest mesaj de ajutor şi ieşi\n"
+#~ " -k, --skel DIR_SKELET specifică un schelet director "
+#~ "alternativ\n"
+#~ " -K, --key KEY=VALOARE suprascrie valorile implicite ale\n"
+#~ " /etc/login.defs\n"
+#~ " -m, --create-home crează directorul personal pentru noul\n"
+#~ " cont utilizator\n"
+#~ " -o, --non-unique permite creare unui utilizator cu un "
+#~ "UID\n"
+#~ " duplicat (non-unic)\n"
+#~ " -p, --password PAROLA foloseşte parola criptată pentru noul "
+#~ "cont\n"
+#~ " utilizator\n"
+#~ " -s, --shell SHELL mediul de autentificare pentru noul\n"
+#~ " cont utilizator\n"
+#~ " -u, --uid UID forţează utilizarea UID pentru noul\n"
+#~ " cont utilizator\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Parola setata pentru expirare."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: nu pot închide fişierul passwd\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul passwd\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s nu pot încuia fişierul shadow\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul shadow\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul shadow\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul passwd\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: nu pot actualiza fiÅŸierul shadow\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNume complet: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNumăr cameră: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelefon birou: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelefon acasă: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Nu pot încuia fişierul passwd; încercaţi mai târziu.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Nu pot deschide fiÅŸierul passwd.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Eroare la actualizarea intrării în passwd.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Nu pot face modificările în fişierul passwd.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Nu pot debloca fiÅŸierul passwd.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: nu pot încuia fişierul de grupuri\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul de grupuri\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: nu pot închide fişierul gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: eroare la actualizarea fiÅŸierului shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: eroare la actualizarea intrărilor de grupuri\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: linia %d: grup necunoscut %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: linia %d: nu pot actualiza intrarea\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: nu pot închide fişierul shadow\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: eroare la actualizarea fiÅŸierului shadow\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: eroare la actualizarea fiÅŸierului passwd\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: linia %d: utilizator necunoscut %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: linia %d: nu pot actualiza intrarea în passwd\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: utilizator necunoscut\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Utilizator necunoscut: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Utilizare: %s [-r|-R] grup\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a utilizator] grup\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d utilizator] grup\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A utilizator,...] [-M utilizator,...] grup\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M utilizator,...] grup\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: nu pot obţine închiderea\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: nu pot obţine închiderea shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul shadow\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: nu pot descuia fiÅŸierul\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: nu pot actualiza intrarea\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: nu pot actualiza intrarea shadow\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "grup necunoscut: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul shadow\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Cine sunteţi?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: membru necunoscut %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: eroare la adăugarea unei noi intrări de grup\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul de grupuri\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul gshadow\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: nu pot încuia fişierul de grupuri\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul de grupuri\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: nu pot încuia fişierul gshadow\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul gshadow\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u nu este unic\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării de grup\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării din gshadow\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: nu pot ÅŸterge grupul primar al utilizatorului.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: autentificare PAM eşuată\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: nu pot încuia fişierul de grupuri\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul de grupuri\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s nu s-a găsit în /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u nu este un GID unic\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s nu este un nume unic\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul passwd\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: nu pot încuia fişierul passwd\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul passwd\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: nu pot actualiza intrarea parolei criptate pentru %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: nu pot actualiza intrarea pentru grupul %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: nu pot încuia fişierul gshadow\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul gshadow\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: nu pot ÅŸterge gshadow %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: nu pot actualiza fiÅŸierul gshadow\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: nu pot ÅŸterge fiÅŸierul gshadow\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "UID necunoscut: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID necunoscut: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: grupul %s nu există\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: utilizatorul %s nu există\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nume utilizator nevalid '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: nu pot încuia /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: nu pot încuia /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: nu pot încuia /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: nu pot încuia /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierele\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: eroare la actualizarea fiÅŸierelor\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: nu pot actualiza intrarea passwd pentru %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: nu pot încuia fişierul passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul passwd\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: nu pot ÅŸterge intrarea shadow pentru %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: nu pot actualiza fiÅŸierul passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: nu pot actualiza intrarea pentru utilizatorul %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: nu pot ÅŸterge fiÅŸierul shadow\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: GID necunoscut %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: grup necunoscut %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: nu mai este memorie pentru update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul passwd\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul shadow\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: nu pot încuia fişierul shadow\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul shadow\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: eroare la închiderea fişierului de grupuri\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: eroare la deschiderea fiÅŸierului de grupuri\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: eroare la închiderea fişierului gshadow\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: eroare la deschiderea fiÅŸierului gshadow\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: eroare la adăugarea unei noi intrări în passwd\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: eroare la adăugarea unei noi intrări în shadow\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: avertisment: CREATE_HOME nu este suportat, vă rog folosiţi -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: eroare la actualizarea intrărilor de grupuri\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: eroare la actualizarea intrărilor de grupuri\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul de grupuri\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul gshadow\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării din passwd\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării din shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: eroare la adăugarea unei noi intrări de grup\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu nu este unic\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: eroare la schimbarea intrării în passwd\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării passwd\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării din shadow\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: nu pot prelua GID unic\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " pe '%.100s' din '%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " pe '%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: linia %d: nu pot crea UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: numele %s nu este unic\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Folosire: chgpasswd [opţiuni]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ " -e, --encrypted\tparolele oferite sunt criptate\n"
+#~ " -h, --help\t\tafişează acest mesaj de ajutor şi ieşi\n"
+#~ " -m, --md5\t\tfoloseşte criptarea MD5 în loc de DES atunci când "
+#~ "parolele\n"
+#~ "\t\t\toferite nu sunt criptate\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Fără fişier passwd\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Scuze.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Scuze, parola pentru %s încă nu poate fi schimbată.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Scuze."
diff --git a/po/ru.po b/po/ru.po
new file mode 100644
index 0000000..9391e38
--- /dev/null
+++ b/po/ru.po
@@ -0,0 +1,3310 @@
+# translation of ru.po to Russian
+# Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc.
+#
+# Nikolai Prokoschenko <nikolai@prokoschenko.de>, 2004.
+# Eugene Konev <ejka@imfi.kspu.ru>, 2004.
+# alyoshin.s@gmail.com <alyoshin.s@gmail.com>, 2008.
+# Yuri Kozlov <kozlov.y@gmail.com>, 2004, 2005, 2006, 2007, 2008.
+# Yuri Kozlov <yuray@komyakino.ru>, 2009, 2011, 2012, 2017.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.5.1-1\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2017-03-05 11:14+0300\n"
+"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n"
+"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
+"Language: ru\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Lokalize 2.0\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"СущеÑтвует Ñразу неÑколько запиÑей Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ «%s» в %s. ИÑправьте Ñто Ñ "
+"помощью pwck или grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "алгоритм ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ Ð½Ðµ поддерживаетÑÑ libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "ошибка наÑтройки: не удалоÑÑŒ разобрать значение %s: «%s»"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Ðе удалоÑÑŒ выделить памÑÑ‚ÑŒ Ð´Ð»Ñ Ð·Ð°Ð³Ñ€ÑƒÐ·ÐºÐ¸ наÑтроек.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "ошибка наÑтройки: неизвеÑтный Ñлемент «%s» (Ñообщите админиÑтратору)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd завершилÑÑ Ñ Ð¾ÑˆÐ¸Ð±ÐºÐ¾Ð¹ (по Ñигналу %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd завершилÑÑ Ñ ÐºÐ¾Ð´Ð¾Ð¼ выхода %d\n"
+
+msgid "Password: "
+msgstr "Пароль: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Пароль Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Ðевозможно Ñоздать управлÑющий опиÑатель SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "Политика SELinux не управлÑема\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Ðевозможно прочитать хранилище политики SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Ðевозможно уÑтановить управлÑющее подключение SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Ðевозможно начать транзакцию SELinux\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Ðе удалоÑÑŒ запроÑить seuser Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Ðе удалоÑÑŒ назначить serange Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Ðе удалоÑÑŒ назначить sename Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Ðе удалоÑÑŒ изменить ÑопоÑтавление входа Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Ðевозможно Ñоздать ÑопоÑтавление входа SELinux Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Ðевозможно задать Ð¸Ð¼Ñ Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Ðевозможно задать Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ SELinux Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Ðевозможно добавить ÑопоÑтавление входа Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Ðевозможно инициализировать управление SELinux\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Ðевозможно Ñоздать ключ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ SELinux\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Ðевозможно проверить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ SELinux\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Ðевозможно изменить пользовательÑкое ÑопоÑтавление SELinux\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Ðевозможно добавить пользовательÑкое ÑопоÑтавление SELinux\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Ðевозможно зафикÑировать транзакцию SELinux\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"СопоÑтавление входа Ð´Ð»Ñ %s не определено; нормально, еÑли иÑпользовалоÑÑŒ "
+"ÑопоÑтавление по умолчанию\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"СопоÑтавление входа Ð´Ð»Ñ %s определено в политике и не может быть удалено\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Ðевозможно удалить ÑопоÑтавление входа Ð´Ð»Ñ %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: нехватка памÑти\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: не удалоÑÑŒ выполнить функцию stat Ð´Ð»Ñ %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s не ÑвлÑетÑÑ ÐºÐ°Ñ‚Ð°Ð»Ð¾Ð³Ð¾Ð¼ или Ñимвольной ÑÑылкой\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: не удалоÑÑŒ прочитать Ñимвольную ÑÑылку %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: вероÑтно, Ñлишком Ð´Ð»Ð¸Ð½Ð½Ð°Ñ ÑÐ¸Ð¼Ð²Ð¾Ð»ÑŒÐ½Ð°Ñ ÑÑылка: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: не удалоÑÑŒ Ñоздать каталог %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: не удалоÑÑŒ изменить владельца %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: не удалоÑÑŒ изменить права доÑтупа %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: unlink: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: не удалоÑÑŒ удалить каталог %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: не удалоÑÑŒ переименовать каталог %s в %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: не удалоÑÑŒ удалить %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: не удалоÑÑŒ Ñоздать Ñимвольную ÑÑылку %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: не удалоÑÑŒ изменить владельцев %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: не удалоÑÑŒ выполнить функцию lstat Ð´Ð»Ñ %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr ""
+"%s: предупреждение: у Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s отÑутÑтвует файл shadow в Ñтруктуре "
+"tcb.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Ñ‡Ñ€ÐµÐ·Ð²Ñ‹Ñ‡Ð°Ð¹Ð½Ð°Ñ ÑитуациÑ: файл shadow у %s в Ñтруктуре tcb не ÑвлÑетÑÑ\n"
+"обычным файлом Ñ st_nlink=1. Ð£Ñ‡Ñ‘Ñ‚Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ оÑтаётÑÑ Ð·Ð°Ð±Ð»Ð¾ÐºÐ¸Ñ€Ð¾Ð²Ð°Ð½Ð½Ð¾Ð¹.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: не удалоÑÑŒ открыть %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Предупреждение: неизвеÑÑ‚Ð½Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Предупреждение: Ñлишком много групп\n"
+
+msgid "Your password has expired."
+msgstr "Срок дейÑÑ‚Ð²Ð¸Ñ Ð²Ð°ÑˆÐµÐ³Ð¾ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¸Ñтёк."
+
+msgid "Your password is inactive."
+msgstr "ДейÑтвие вашего Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ñ€Ð¸Ð¾Ñтановлено."
+
+msgid "Your login has expired."
+msgstr "Срок дейÑÑ‚Ð²Ð¸Ñ Ð²Ð°ÑˆÐµÐ¹ учётной запиÑи иÑтёк."
+
+msgid " Contact the system administrator."
+msgstr " ОбратитеÑÑŒ к ÑиÑтемному админиÑтратору."
+
+msgid " Choose a new password."
+msgstr " Выберите и введите новый пароль."
+
+msgid "You must change your password."
+msgstr "Ð’Ñ‹ должны изменить Ñвой пароль."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Срок дейÑÑ‚Ð²Ð¸Ñ Ð²Ð°ÑˆÐµÐ³Ð¾ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¸Ñтекает через %ld дней.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Срок дейÑÑ‚Ð²Ð¸Ñ Ð²Ð°ÑˆÐµÐ³Ð¾ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¸Ñтекает завтра."
+
+msgid "Your password will expire today."
+msgstr "Срок дейÑÑ‚Ð²Ð¸Ñ Ð²Ð°ÑˆÐµÐ³Ð¾ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¸Ñтекает ÑегоднÑ."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+"Ðе удалоÑÑŒ открыть Ð¸Ð½Ñ‚ÐµÑ€Ñ„ÐµÐ¹Ñ Ð¿Ñ€Ð¾Ñ‚Ð¾ÐºÐ¾Ð»Ð¸Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ (audit) — прекращение работы.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Ðе удалоÑÑŒ изменить владельца или права на tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: не удалоÑÑŒ разблокировать %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Слишком большое количеÑтво переменных окружениÑ\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Вы не можете изменить $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d Ð½ÐµÑƒÐ´Ð°Ñ‡Ð½Ð°Ñ Ð¿Ð¾Ð¿Ñ‹Ñ‚ÐºÐ° входа в ÑиÑтему.\n"
+"ПоÑледнÑÑ Ð±Ñ‹Ð»Ð° %s на %s.\n"
+msgstr[1] ""
+"%d неудачных попытки входа в ÑиÑтему.\n"
+"ПоÑледнÑÑ Ð±Ñ‹Ð»Ð° %s на %s.\n"
+msgstr[2] ""
+"%d неудачных попыток входа в ÑиÑтему.\n"
+"ПоÑледнÑÑ Ð±Ñ‹Ð»Ð° %s на %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Ð½ÐµÐ²ÐµÑ€Ð½Ð°Ñ Ð½Ð°Ñтройка: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ð½ÐµÐ²ÐµÑ€Ð½Ð°Ñ Ð½Ð°Ñтройка: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: не удалоÑÑŒ выделить памÑÑ‚ÑŒ: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: не удалоÑÑŒ получить уникальный ÑиÑтемный GID (кончилиÑÑŒ Ñвободные GID-"
+"Ñ‹)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: не удалоÑÑŒ получить уникальный GID (кончилиÑÑŒ Ñвободные GID-Ñ‹)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Ð½ÐµÐ²ÐµÑ€Ð½Ð°Ñ Ð½Ð°Ñтройка: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ð½ÐµÐ²ÐµÑ€Ð½Ð°Ñ Ð½Ð°Ñтройка: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: не удалоÑÑŒ получить уникальный ÑиÑтемный UID (кончилиÑÑŒ Ñвободные UID-"
+"Ñ‹)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: не удалоÑÑŒ получить уникальный UID (кончилиÑÑŒ Ñвободные UID-Ñ‹)\n"
+
+msgid "Too many logins.\n"
+msgstr "Слишком много попыток входа в ÑиÑтему.\n"
+
+msgid "You have new mail."
+msgstr "Ð”Ð»Ñ Ð²Ð°Ñ ÐµÑÑ‚ÑŒ новые почтовые ÑообщениÑ."
+
+msgid "No mail."
+msgstr "Ð”Ð»Ñ Ð²Ð°Ñ Ð½ÐµÑ‚ почтовых Ñообщений."
+
+msgid "You have mail."
+msgstr "Ð”Ð»Ñ Ð²Ð°Ñ ÐµÑÑ‚ÑŒ почтовые ÑообщениÑ."
+
+msgid "no change"
+msgstr "изменений не внеÑено"
+
+msgid "a palindrome"
+msgstr "палиндром"
+
+msgid "case changes only"
+msgstr "изменение только в региÑтре Ñимволов"
+
+msgid "too similar"
+msgstr "Ñлишком похожий"
+
+msgid "too simple"
+msgstr "Ñлишком проÑтой"
+
+msgid "rotated"
+msgstr "переÑтановка Ñимволов"
+
+msgid "too short"
+msgstr "Ñлишком короткий"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Ðеверный пароль: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: не удалоÑÑŒ выполнить pam_start(), ошибка %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#
+msgid "passwd: password unchanged\n"
+msgstr "passwd: пароль не изменён\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: пароль уÑпешно обновлён\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Ðеверный пароль Ð´Ð»Ñ %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: неÑколько параметров --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: Ð´Ð»Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð° «%s» требуетÑÑ Ð°Ñ€Ð³ÑƒÐ¼ÐµÐ½Ñ‚\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: не удалоÑÑŒ Ñнизить уровень привилегий (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: некорректное значение пути chroot «%s»\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: нет доÑтупа к каталогу chroot %s: %s\n"
+
+#, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: не удалоÑÑŒ выполнить chdir в chroot-каталог %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: не удалоÑÑŒ выполнить chroot в каталог %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Ðеправильное значение Ð´Ð»Ñ ENCRYPT_METHOD: «%s».\n"
+"ИÑпользуетÑÑ Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ðµ по умолчанию DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Ðевозможно перейти в каталог «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr ""
+"Каталог отÑутÑтвует или недоÑтупен, вход в ÑиÑтему выполнÑетÑÑ Ñ HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Ðе удалоÑÑŒ выполнить %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ðеверный корневой каталог «%s»\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Ðе удалоÑÑŒ изменить корневой каталог на «%s»\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Ðе удалоÑÑŒ определить название вашего tty."
+
+msgid "No"
+msgstr "Ðет"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ИÑпользование: %s [параметры] ПОЛЬЗОВÐТЕЛЬ\n"
+"\n"
+"Параметры:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday ПОСЛ_ДЕÐЬ уÑтановить поÑледний день Ñмены паролÑ\n"
+" в ПОСЛ_ДЕÐЬ\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate ДÐТÐ_УСТ уÑтановить дату Ð¾ÐºÐ¾Ð½Ñ‡Ð°Ð½Ð¸Ñ Ð´ÐµÐ¹ÑтвиÑ\n"
+" учётной запиÑи в ДÐТÐ_УСТ\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+" -h, --help показать данное Ñообщение и закончить "
+"работу\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive ÐЕÐКТИВÐОСТЬ уÑтановить неактивноÑÑ‚ÑŒ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ð¾Ñле\n"
+" уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð² значение ÐЕÐКТИВÐОСТЬ\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr " -l, --list показать «возраÑт» учётной запиÑи\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays МИÐ_ДÐЕЙ уÑтановить минимальное чиÑло дней перед\n"
+" Ñменой Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² МИÐ_ДÐЕЙ\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays ÐœÐКС_ДÐЕЙ уÑтановить макÑимальное чиÑло дней перед\n"
+" Ñменой Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² ÐœÐКС_ДÐЕЙ\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+" -R, --root КÐТ_CHROOT каталог, в который выполнÑетÑÑ chroot\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays ПРЕДУП_ДÐЕЙ уÑтановить количеÑтво дней Ñ Ð²Ñ‹Ð´Ð°Ñ‡ÐµÐ¹\n"
+" Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ Ð² ПРЕДУП_ДÐЕЙ\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Введите новое значение или нажмите ENTER Ð´Ð»Ñ Ð²Ñ‹Ð±Ð¾Ñ€Ð° Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию"
+
+msgid "Minimum Password Age"
+msgstr "Минимальный Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ"
+
+msgid "Maximum Password Age"
+msgstr "МакÑимальный Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "ПоÑледний раз пароль был изменён (ГГГГ-ММ-ДД)"
+
+msgid "Password Expiration Warning"
+msgstr "Предупреждать об иÑтечении Ñрока дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð·Ð°"
+
+msgid "Password Inactive"
+msgstr "Деактивировать учётную запиÑÑŒ через"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Дата иÑÑ‚ÐµÑ‡ÐµÐ½Ð¸Ñ Ñрока дейÑÑ‚Ð²Ð¸Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи (ГГГГ-ММ-ДД)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "ПоÑледний раз пароль был изменён\t\t\t\t: "
+
+msgid "never"
+msgstr "никогда"
+
+msgid "password must be changed"
+msgstr "пароль должен быть изменён"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Срок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¸Ñтекает\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Пароль будет деактивирован через\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Срок дейÑÑ‚Ð²Ð¸Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи иÑтекает\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Минимальное количеÑтво дней между Ñменой паролÑ\t\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "МакÑимальное количеÑтво дней между Ñменой паролÑ\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "КоличеÑтво дней Ñ Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸ÐµÐ¼ перед деактивацией паролÑ\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: Ð½ÐµÐ²ÐµÑ€Ð½Ð°Ñ Ð´Ð°Ñ‚Ð° «%s»\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: неверное чиÑловое значение параметра «%s»\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: не иÑпользуйте «l» ÑовмеÑтно Ñ Ð´Ñ€ÑƒÐ³Ð¸Ð¼Ð¸ параметрами\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: доÑтуп запрещён.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: не удалоÑÑŒ определить Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: не удалоÑÑŒ заблокировать %s; попробуйте ещё раз позже.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: не удалоÑÑŒ открыть %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: ошибка при запиÑи изменений в %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: не удалоÑÑŒ подготовить новую %s запиÑÑŒ «%s»\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: отÑутÑтвует файл паролей shadow\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: пользователь «%s» не ÑущеÑтвует в %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Изменение информации о Ñроках дейÑÑ‚Ð²Ð¸Ñ Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: ошибка при изменении полей\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ИÑпользование: %s [параметры] [ПОЛЬЗОВÐТЕЛЬ]\n"
+"\n"
+"Параметры:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr " -f, --full-name ПОЛÐ_ИМЯ Ñмена полного имени пользователÑ\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr " -h, --home-phone ДОМ_ТЕЛЕФОРÑмена домашнего тел. пользователÑ\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+" -o, --other ДРУГÐЯ_ИÐФ Ñмена другой инф. GECOS о пользователе\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr " -r, --room ÐОМЕР_КОМÐÐТЫ Ñмена номера комнаты пользователÑ\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+" -u, --help показать данное Ñообщение и закончить "
+"работу\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+" -w, --work-phone РÐБОЧИЙ_ТЕЛ Ñмена офиÑного номера тел. пользователÑ\n"
+
+msgid "Full Name"
+msgstr "Полное имÑ"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Ðомер комнаты"
+
+msgid "Work Phone"
+msgstr "Рабочий телефон"
+
+msgid "Home Phone"
+msgstr "Домашний телефон"
+
+msgid "Other"
+msgstr "Другое"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Ðе удалоÑÑŒ получить права ÑуперпользователÑ.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: Ð¸Ð¼Ñ Â«%s» Ñодержит не ASCII-Ñимволы\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: неверное Ð¸Ð¼Ñ Â«%s»\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: номер комнаты «%s» Ñодержит не ASCII-Ñимволы\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: некорректное значение номера комнаты «%s»\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: некорректное значение номера телефона «%s»\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: некорректное значение номера домашнего телефона «%s»\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: в «%s» ÑодержатÑÑ Ð½Ðµ ASCII-Ñимволы\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: в «%s» ÑодержатÑÑ Ð½ÐµÐ´Ð¾Ð¿ÑƒÑтимые Ñимволы\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: пользователь «%s» не ÑущеÑтвует\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: невозможно изменить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Â«%s» в клиенте NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» ÑвлÑетÑÑ Ð¼Ð°Ñтером NIS Ð´Ð»Ñ Ñтого клиента.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Изменение информации о пользователе %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: Ð¿Ð¾Ð»Ñ Ñлишком длинные\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ИÑпользование: %s [параметры]\n"
+"\n"
+"Параметры:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method МЕТОД алгоритм ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ (один из: %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr " -e, --encrypted пароли передаютÑÑ Ð·Ð°ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð½Ñ‹Ð¼Ð¸\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 шифровать видимые пароли Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ \n"
+" алгоритма MD5\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds количеÑтво раундов SHA Ð´Ð»Ñ Ð°Ð»Ð³Ð¾Ñ€Ð¸Ñ‚Ð¼Ð¾Ð²\n"
+" ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: параметр %s разрешено иÑпользовать только вмеÑте Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: параметры -c, -e и -m ÑвлÑÑŽÑ‚ÑÑ Ð²Ð·Ð°Ð¸Ð¼Ð¾Ð¸Ñключающими\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: алгоритм ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ %s не поддерживаетÑÑ\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: Ñтрока %d: Ñлишком Ð´Ð»Ð¸Ð½Ð½Ð°Ñ Ñтрока\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: Ñтрока %d: отÑутÑтвует новый пароль\n"
+
+#, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: не удалоÑÑŒ зашифровать пароль Ñ Ñолью «%s»: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: Ñтрока %d: группа «%s» не ÑущеÑтвует\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Ñтрока %d: не удалоÑÑŒ подготовить новую %s запиÑÑŒ «%s»\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: обнаружена ошибка, Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð½Ðµ были Ñохранены\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (Ñтрока %d, пользователь %s) пароль не изменён\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: Ñтрока %d: пользователь «%s» не ÑущеÑтвует\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell ÐžÐ‘ÐžÐ›ÐžÐ§ÐšÐ Ð½Ð¾Ð²Ð°Ñ Ñ€ÐµÐ³Ð¸ÑÑ‚Ñ€Ð°Ñ†Ð¸Ð¾Ð½Ð½Ð°Ñ Ð¾Ð±Ð¾Ð»Ð¾Ñ‡ÐºÐ° Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹\n"
+" запиÑи\n"
+
+msgid "Login Shell"
+msgstr "ÐšÐ¾Ð¼Ð°Ð½Ð´Ð½Ð°Ñ Ð¾Ð±Ð¾Ð»Ð¾Ñ‡ÐºÐ°"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Ð’Ñ‹ не можете изменÑÑ‚ÑŒ командную оболочку у «%s».\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Изменение командной оболочки Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: неверное значение %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s не ÑвлÑетÑÑ Ð´Ð¾Ð¿ÑƒÑтимой оболочкой\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: предупреждение: %s не ÑущеÑтвует\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: предупреждение: %s не ÑвлÑетÑÑ Ð¸ÑполнÑемым\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check проверить Ñрок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force принудительно Ñменить пароль, еÑли Ñрок\n"
+" дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¸Ñтёк\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: конфликт параметров %s и %s\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: неожиданный параметр: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all показать запиÑи faillog Ð´Ð»Ñ Ð²Ñех "
+"пользователей\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs СЕК заблокировать учётную запиÑÑŒ поÑле "
+"неудачных\n"
+" попытки входа на СЕК Ñекунд\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum ÐœÐКС уÑтановить макÑимальное количеÑтво "
+"неудачных\n"
+" попыток входа равным ÐœÐКС\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset ÑброÑить Ñчётчик неудачных попыток входа\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time ДÐЕЙ показать запиÑи faillog за поÑледнее\n"
+" количеÑтво ДÐЕЙ\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user ПОЛЬЗ/ДИÐПÐЗОРпоказать запиÑи faillog или отказы по "
+"Ñчётчикам\n"
+" поддержки и ограничений (еÑли иÑпользуетÑÑ\n"
+" Ñ -r, -m или -l) только Ð´Ð»Ñ ÑƒÐºÐ°Ð·Ð°Ð½Ð½Ð¾Ð³Ð¾\n"
+" ПОЛЬЗОВÐТЕЛЯ(ЕЙ)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: не удалоÑÑŒ получить запиÑÑŒ Ð´Ð»Ñ UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Уч.запиÑÑŒ Ðеуд. попыток МакÑимум ПоÑледний раз\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [оÑталоÑÑŒ %lu]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%ld блокировок]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: не удалоÑÑŒ ÑброÑить Ñчётчик неудачных попыток Ð´Ð»Ñ UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: не удалоÑÑŒ уÑтановить макÑимальное чиÑло попыток Ð´Ð»Ñ UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: не удалоÑÑŒ уÑтановить Ð²Ñ€ÐµÐ¼Ñ Ð±Ð»Ð¾ÐºÐ¸Ñ€Ð¾Ð²ÐºÐ¸ Ð´Ð»Ñ UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: неизвеÑтный пользователь или диапазон: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: не удалоÑÑŒ получить размер %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: не удалоÑÑŒ запиÑать %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ИÑпользование: %s [параметр] ГРУППÐ\n"
+"\n"
+"Параметры:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add ПОЛЬЗ добавить ПОЛЬЗОВÐТЕЛЯ в ГРУППУ\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete ПОЛЬЗ удалить ПОЛЬЗОВÐТЕЛЯ из ГРУППЫ\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root КÐТ_CHROOT каталог, который выполнÑетÑÑ chroot\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password удалить пароль ГРУППЫ\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict ограничить доÑтуп в ГРУППУ её членами\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr " -M, --members ПОЛЬЗ,… задать ÑпиÑок членов ГРУППЫ\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ÐДМИÐ,…\n"
+" задать ÑпиÑок админиÑтраторов ГРУППЫ\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"За иÑключением параметров -A и -M, оÑтальные не могут указыватьÑÑ\n"
+"одновременно.\n"
+
+#
+msgid "The options cannot be combined.\n"
+msgstr "Параметры не могут быть указаны одновременно.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: Ð´Ð»Ñ -A требуетÑÑ Ð¿Ð¾Ð´Ð´ÐµÑ€Ð¶ÐºÐ° теневого файла паролей групп\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: группа «%s» не ÑущеÑтвует в %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: ошибка при закрытии только Ð´Ð»Ñ Ñ‡Ñ‚ÐµÐ½Ð¸Ñ %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Изменение Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð´Ð»Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ %s\n"
+
+msgid "New Password: "
+msgstr "Ðовый пароль: "
+
+msgid "Re-enter new password: "
+msgstr "Повторите новый пароль: "
+
+msgid "They don't match; try again"
+msgstr "Пароли не Ñовпадают, попробуйте ещё раз"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: попробуйте позже\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Добавление Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s в группу %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Удаление Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s из группы %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: пользователь «%s» не ÑвлÑетÑÑ Ñ‡Ð»ÐµÐ½Ð¾Ð¼ «%s»\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: не tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ИÑпользование: %s [параметры] ГРУППÐ\n"
+"\n"
+"Параметры:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force закончить работу без ошибки, еÑли группа\n"
+" ÑущеÑтвует и отменить -g, еÑли GID уже\n"
+" иÑпользуетÑÑ\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+" -g, --gid GID Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹ группы иÑпользовать указанный GID\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key КЛЮЧ=ЗÐÐЧЕÐИЕ заменить значение по умолчанию\n"
+" из /etc/login.defs\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique разрешить Ñоздание групп Ñ Ð¿Ð¾Ð²Ñ‚Ð¾Ñ€ÑющимÑÑ\n"
+" (не уникальным) GID\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password ПÐРОЛЬ иÑпользовать Ñтот шифрованный пароль длÑ\n"
+" новой группы\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system Ñоздавать ÑиÑтемную группу\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: «%s» не может быть именем группы\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: неверный ID группы «%s»\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: Ð´Ð»Ñ -К необходимо ИМЯ=ЗÐÐЧЕÐИЕ\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: группа «%s» уже ÑущеÑтвует\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID «%lu» уже ÑущеÑтвует\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: не удалоÑÑŒ наÑтроить Ñлужбу очиÑтки.\n"
+
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -f, --force удалить группу, даже еÑли она ÑвлÑетÑÑ"
+" первичной\n"
+" группой пользователÑ\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: не удалоÑÑŒ удалить запиÑÑŒ «%s» из %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: не удалоÑÑŒ удалить первичную группу Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Â«%s»\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: группа «%s» не ÑущеÑтвует\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: группа «%s» ÑвлÑетÑÑ Ð³Ñ€ÑƒÐ¿Ð¿Ð¾Ð¹ NIS\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s ÑвлÑетÑÑ Ð¼Ð°Ñтером NIS\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: пользователь «%s» ÑвлÑетÑÑ Ñ‡Ð»ÐµÐ½Ð¾Ð¼ «%s»\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: недоÑтаточно памÑти. Ðе удалоÑÑŒ обновить %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ИÑпользование: %s [параметры] [дейÑтвие]\n"
+"\n"
+"Параметры:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group имÑ_группы иÑпользовать имÑ_группы вмеÑто группы Ñ "
+"именем\n"
+" Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ (только Ð´Ð»Ñ ÑуперпользователÑ)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "ДейÑтвиÑ:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr " -a, --add пользователь добавить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² группу\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr " -d, --delete пользователь удалить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð· группы\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge удалить вÑех пользователей из группы\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list перечиÑлить вÑех членов группы\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: ваше имÑ_группы не Ñовпадает Ñ Ð²Ð°ÑˆÐ¸Ð¼ пользовательÑким именем\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: только Ñуперпользователь может иÑпользовать параметр -g/--group\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID изменить ID группы на GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name ÐОВÐЯ_ГРУППРизменить Ð¸Ð¼Ñ Ð½Ð° ÐОВУЮ_ГРУППУ\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique разрешить повторÑющиеÑÑ (не уникальные) GID\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password ПÐРОЛЬ изменить пароль на заданный (шифрованный)\n"
+" ПÐРОЛЬ\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: неверное Ð¸Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ «%s»\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: группа %s ÑвлÑетÑÑ Ð³Ñ€ÑƒÐ¿Ð¿Ð¾Ð¹ NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: неизвеÑтный пользователь %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ИÑпользование: %s [параметры] [файл_group [файл_gshadow]]\n"
+"\n"
+"Параметры:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ИÑпользование: %s [параметры] [группа]\n"
+"\n"
+"Параметры:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only показывать ошибки и предупреждениÑ,\n"
+" но не изменÑÑ‚ÑŒ файлы\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort Ñортировать запиÑи по UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s и -r не могут иÑпользоватьÑÑ Ð¾Ð´Ð½Ð¾Ð²Ñ€ÐµÐ¼ÐµÐ½Ð½Ð¾\n"
+
+msgid "invalid group file entry"
+msgstr "Ð½ÐµÐ²ÐµÑ€Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ в файле групп"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "удалить Ñтроку «%s»? "
+
+msgid "duplicate group entry"
+msgstr "повторÑющаÑÑÑ Ð·Ð°Ð¿Ð¸ÑÑŒ в файле групп"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "неверное Ð¸Ð¼Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ «%s»\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "неверный ID группы «%lu»\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "группа %s: пользователь %s не ÑущеÑтвует\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "удалить члена группы «%s»? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "отÑутÑтвует ÑоответÑÑ‚Ð²ÑƒÑŽÑ‰Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° в файле %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "добавить группу «%s» в %s ? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr "Ð´Ð»Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ñ‹ %s еÑÑ‚ÑŒ запиÑÑŒ в %s, но её поле Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² %s не равно «x»\n"
+
+msgid "invalid shadow group file entry"
+msgstr "Ð½ÐµÐ²ÐµÑ€Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ в теневом файле групп"
+
+msgid "duplicate shadow group entry"
+msgstr "повторÑющаÑÑÑ Ð·Ð°Ð¿Ð¸ÑÑŒ в теневом файле групп"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "Ñ‚ÐµÐ½ÐµÐ²Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° %s: админиÑтративный пользователь %s не ÑущеÑтвует\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "удалить админиÑтративного члена «%s»? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "Ñ‚ÐµÐ½ÐµÐ²Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° %s: пользователь %s не ÑущеÑтвует\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: файлы были изменены\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð½Ðµ внеÑены\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: не удалоÑÑŒ удалить %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "ИÑпользование: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "ИÑпользование: id\n"
+
+msgid " groups="
+msgstr " группы="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before ДÐЕЙ показать запиÑи lastlog за поÑледние ДÐЕЙ "
+"дней\n"
+
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -C, --clear очиÑтить запиÑÑŒ lastlog пользователÑ\n"
+" (только вмеÑте Ñ -u)\n"
+
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -S, --set поÑтавить в запиÑи lastlog текущее времÑ\n"
+" (только вмеÑте Ñ -u)\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time ДÐЕЙ показать запиÑи lastlog за поÑледние ДÐЕЙ "
+"дней\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user ИМЯ показать запиÑÑŒ lastlog Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи "
+"ИМЯ\n"
+
+msgid "Username Port From Latest"
+msgstr "Пользователь Порт С ПоÑледний раз"
+
+msgid "Username Port Latest"
+msgstr "Пользователь Порт ПоÑледний раз"
+
+msgid "**Never logged in**"
+msgstr "**Ðикогда не входил в ÑиÑтему**"
+
+#, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: не удалоÑÑŒ обновить запиÑÑŒ Ð´Ð»Ñ UID %lu\n"
+
+#, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: не удалоÑÑŒ обновить файл lastlog\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr "%s: параметр -C Ð½ÐµÐ»ÑŒÐ·Ñ Ð¸Ñпользовать вмеÑте Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð¼ -S\n"
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+"%s: Ð´Ð»Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð² -C и -S требуетÑÑ ÑƒÐºÐ°Ð·Ð°Ñ‚ÑŒ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² параметре -u\n"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "ИÑпользование: %s [-p] [Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h узел] [-f Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r узел\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "ошибка наÑтройки: не удалоÑÑŒ разобрать значение %s: «%d»"
+
+msgid "Invalid login time"
+msgstr "Вход в ÑиÑтему ÑÐµÐ¹Ñ‡Ð°Ñ Ð·Ð°Ð¿Ñ€ÐµÑ‰Ñ‘Ð½"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"СиÑтема закрыта Ð´Ð»Ñ Ð¿Ñ€Ð¾Ð²ÐµÐ´ÐµÐ½Ð¸Ñ Ñ‚ÐµÑ…Ð½Ð¸Ñ‡ÐµÑкого обÑлуживаниÑ"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Отключение не выполнено — вход в ÑиÑтему Ð´Ð»Ñ ÑÑƒÐ¿ÐµÑ€Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ñ€Ð°Ð·Ñ€ÐµÑˆÑ‘Ð½.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: невозможно выполнить без прав ÑуперпользователÑ\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Ðет запиÑи в utmp. Ð’Ñ‹ должны запуÑкать «login» из Ñамого первого ÑƒÑ€Ð¾Ð²Ð½Ñ Â«sh»"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Ð’Ñ€ÐµÐ¼Ñ Ð²Ñ‹Ð¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð²Ñ…Ð¾Ð´Ð° в ÑиÑтему иÑтекло (%u Ñекунд).\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: ошибка PAM, аварийное завершение работы: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ: "
+
+msgid "login: "
+msgstr "Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Превышено макÑимальное чиÑло попыток (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: аварийное завершение работы по запроÑу PAM\n"
+
+msgid "Login incorrect"
+msgstr "Ðеверное Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Ðевозможно найти Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"Ð˜Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: ошибка при вызове fork: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "Ðе удалоÑÑŒ уÑтановить флаг TIOCSCTTY на %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Предупреждение: вход в ÑиÑтему Ñнова возможен."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "ПоÑледний вход в ÑиÑтему: %s на %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "ПоÑледний вход в ÑиÑтему: %.19s на %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " Ñ %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"Ð²Ñ€ÐµÐ¼Ñ Ð²Ñ…Ð¾Ð´Ð° в ÑиÑтему иÑтекло\n"
+"\n"
+
+#
+msgid "Usage: logoutd\n"
+msgstr "ИÑпользование: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "ИÑпользование: newgrp [-] [группа]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "ИÑпользование: sg группа [[-c] команда]\n"
+
+#, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: не удалоÑÑŒ зашифровать пароль Ñ Ð¿Ñ€ÐµÐ´Ñ‹Ð´ÑƒÑ‰ÐµÐ¹ Ñолью: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Ðеправильный пароль.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: ошибка при вызове fork: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID «%lu» не ÑущеÑтвует\n"
+
+msgid "too many groups\n"
+msgstr "Ñлишком много групп\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system Ñоздать ÑиÑтемные учётные запиÑи\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: группа «%s» ÑвлÑетÑÑ Ñ‚ÐµÐ½ÐµÐ²Ð¾Ð¹ группой, но не ÑущеÑтвует в /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: неверный пользовательÑкий ID «%s»\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: неверное Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Â«%s»\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: Ñтрока %d: Ð½ÐµÐºÐ¾Ñ€Ñ€ÐµÐºÑ‚Ð½Ð°Ñ Ñтрока\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: не удалоÑÑŒ обновить запиÑÑŒ Ð´Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s (его нет в базе данных "
+"passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: Ñтрока %d: не удалоÑÑŒ Ñоздать пользователÑ\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: Ñтрока %d: не удалоÑÑŒ Ñоздать группу\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: Ñтрока %d: пользователь «%s» не ÑущеÑтвует в %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: Ñтрока %d: не удалоÑÑŒ обновить пароль\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: Ñтрока %d: вызов mkdir %s завершилÑÑ Ð½ÐµÑƒÐ´Ð°Ñ‡Ð½Ð¾: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: Ñтрока %d: вызов chown %s завершилÑÑ Ð½ÐµÑƒÐ´Ð°Ñ‡Ð½Ð¾: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: Ñтрока %d: не удалоÑÑŒ обновить запиÑÑŒ\n"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: не удалоÑÑŒ подготовить новую %s запиÑÑŒ\n"
+
+#, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: не удалоÑÑŒ найти подчинённый диапазон пользователей\n"
+
+#, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: не удалоÑÑŒ найти подчинённый диапазон групп\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all показать ÑоÑтоÑние паролей вÑех учётных\n"
+" запиÑей\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+" -d, --delete удалить пароль заданной учётной запиÑи\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire проÑрочить пароль заданной учётной запиÑи\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens изменÑÑ‚ÑŒ пароль только Ñ Ð¸Ñтёкшим Ñроком\n"
+" дейÑтвиÑ\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive ÐЕÐКТИВÐОСТЬ уÑтановить неактивноÑÑ‚ÑŒ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ð¾Ñле\n"
+" иÑÑ‚ÐµÑ‡ÐµÐ½Ð¸Ñ Ñрока в значение ÐЕÐКТИВÐОСТЬ\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+" -l, --lock заблокировать заданную учётную запиÑÑŒ\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays МИÐ_ДÐЕЙ уÑтановить минимальное чиÑло дней перед\n"
+" Ñменой Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² МИÐ_ДÐЕЙ\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+" -q, --quiet Ñократить количеÑтво выводимых Ñообщений\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr " -r, --repository РЕПОЗИТОРИЙ изменить пароль в РЕПОЗИТОРИИ\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status показать ÑоÑтоÑние Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð·Ð°Ð´Ð°Ð½Ð½Ð¾Ð¹ учётной\n"
+" запиÑи\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+" -u, --unlock разблокировать заданную учётную запиÑÑŒ\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays ПРЕДУП_ДÐЕЙ уÑтановить количеÑтво дней Ñ\n"
+" выдачей Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ Ð² ПРЕДУП_ДÐЕЙ\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays ÐœÐКС_ДÐЕЙ уÑтановить макÑимальное чиÑло дней перед\n"
+" Ñменой Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² ÐœÐКС_ДÐЕЙ\n"
+
+msgid "Old password: "
+msgstr "Старый пароль: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Введите новый пароль (Ð¼Ð¸Ð½Ð¸Ð¼Ð°Ð»ÑŒÐ½Ð°Ñ Ð´Ð»Ð¸Ð½Ð° %d Ñимволов)\n"
+"ИÑпользуйте комбинацию из Ñимволов в верхнем и нижнем региÑтре и цифры.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Введите новый пароль (Ð¼Ð¸Ð½Ð¸Ð¼Ð°Ð»ÑŒÐ½Ð°Ñ Ð´Ð»Ð¸Ð½Ð° %d, макÑÐ¸Ð¼Ð°Ð»ÑŒÐ½Ð°Ñ Ð´Ð»Ð¸Ð½Ð° %d Ñимволов)\n"
+"ИÑпользуйте комбинацию из Ñимволов в верхнем и нижнем региÑтре и цифры.\n"
+
+msgid "New password: "
+msgstr "Ðовый пароль: "
+
+msgid "Try again."
+msgstr "Попробуйте ещё раз."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Предупреждение: Ñлишком проÑтой пароль (чтобы вÑÑ‘ равно иÑпользовать Ñтот "
+"пароль, введите его ещё раз)."
+
+msgid "They don't match; try again.\n"
+msgstr "Пароли не Ñовпадают, попробуйте ещё раз.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Пароль Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s не может быть изменён.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Пароль Ð´Ð»Ñ %s пока не может быть изменён.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: разблокировка Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ñ€Ð¸Ð²ÐµÐ´Ñ‘Ñ‚ к поÑвлению беÑпарольной учётной\n"
+"запиÑи. Ð’Ñ‹ должны задать пароль Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ usermod -p Ð´Ð»Ñ Ñ€Ð°Ð·Ð±Ð»Ð¾ÐºÐ¸Ñ€Ð¾Ð²ÐºÐ¸ "
+"учётной запиÑи пользователÑ.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: хранилище %s не поддерживаетÑÑ\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: у %s нет прав изменÑÑ‚ÑŒ пароль %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: вы не можете поÑмотреть или изменить пароль %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Изменение Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Пароль Ð´Ð»Ñ %s не был изменён.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: пароль изменён.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± иÑтечении Ñрока дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð°.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ИÑпользование: %s [параметры] [passwd]\n"
+"\n"
+"Параметры:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ИÑпользование: %s [параметры] [passwd [shadow]]\n"
+"\n"
+"Параметры:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+" -q, --quiet показывать только ÑÐ¾Ð¾Ð±Ñ‰ÐµÐ½Ð¸Ñ Ð¾Ð± ошибках\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: Ð½ÐµÐ»ÑŒÐ·Ñ ÑƒÐºÐ°Ð·Ð°Ñ‚ÑŒ альтернативный файл shadow, еÑли включён режим USE_TCB.\n"
+
+msgid "invalid password file entry"
+msgstr "Ð½ÐµÐ²ÐµÑ€Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ в файле паролей"
+
+msgid "duplicate password entry"
+msgstr "повторÑющаÑÑÑ Ð·Ð°Ð¿Ð¸ÑÑŒ в файле паролей"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "неверное Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Â«%s»\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "неверный пользовательÑкий ID «%lu»\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "пользователь «%s»: группа %lu не ÑущеÑтвует\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "пользователь «%s: каталог «%s» не ÑущеÑтвует\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "пользователь «%s»: программа «%s» не ÑущеÑтвует\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "нет каталога tcb Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "Ñоздать каталог tcb Ð´Ð»Ñ %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "не удалоÑÑŒ Ñоздать каталог tcb Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: не удалоÑÑŒ заблокировать %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "отÑутÑтвует ÑоответÑÑ‚Ð²ÑƒÑŽÑ‰Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ %s в файле паролей\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "добавить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Â«%s» в %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"Ð´Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s еÑÑ‚ÑŒ запиÑÑŒ в %s, но её поле Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² %s не равно «x»\n"
+
+msgid "invalid shadow password file entry"
+msgstr "Ð½ÐµÐ²ÐµÑ€Ð½Ð°Ñ Ð·Ð°Ð¿Ð¸ÑÑŒ в теневом файле паролей"
+
+msgid "duplicate shadow password entry"
+msgstr "повторÑющаÑÑÑ Ð·Ð°Ð¿Ð¸ÑÑŒ в теневом файле паролей"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "пользователь %s: Ð²Ñ€ÐµÐ¼Ñ Ð¿Ð¾Ñледнего Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² будущем\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: не удалоÑÑŒ отÑортировать запиÑи в %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: Ñ Ð²ÐºÐ»ÑŽÑ‡Ñ‘Ð½Ð½Ñ‹Ð¼ режимом tcb работа невозможна\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: не удалоÑÑŒ изменить права %s на 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "ДоÑтуп к su Ð´Ð»Ñ Ñтой учётной запиÑи ЗÐПРЕЩÐÐ.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Проверка подлинноÑти по паролю пропущена.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Введите ваш СОБСТВЕÐÐЫЙ пароль Ð´Ð»Ñ Ð°ÑƒÑ‚ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ†Ð¸Ð¸.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: невозможно выполнить fork пользовательÑкой оболочки\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: неиÑправноÑÑ‚ÑŒ в Ñигналах\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: неиÑправноÑÑ‚ÑŒ в маÑкировке Ñигналов\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Ð¡ÐµÐ°Ð½Ñ Ð·Ð°Ð²ÐµÑ€ÑˆÑ‘Ð½, выполнÑетÑÑ Ð·Ð°Ð²ÐµÑ€ÑˆÐµÐ½Ð¸Ðµ оболочки…"
+
+msgid " ...killed.\n"
+msgstr " … завершён.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " … ожидает Ð·Ð°Ð²ÐµÑ€ÑˆÐµÐ½Ð¸Ñ Ð¿Ð¾Ñ‚Ð¾Ð¼ÐºÐ°.\n"
+
+msgid " ...terminated.\n"
+msgstr " … завершён.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"ИÑпользование: su [параметры] [ПОЛЬЗОВÐТЕЛЬ]\n"
+"\n"
+"Параметры:\n"
+" -c, --command КОМÐÐДРпередать КОМÐÐДУ вызываемой оболочке\n"
+" -h, --help показать данное Ñообщение и закончить "
+"работу\n"
+" -, -l, --login запуÑкать оболочку как региÑтрационную\n"
+" -m, -p,\n"
+" --preserve-environment не ÑбраÑывать переменные Ð¾ÐºÑ€ÑƒÐ¶ÐµÐ½Ð¸Ñ Ð¸\n"
+" Ñохранить запуÑтившую оболочку\n"
+" -s, --shell ОБОЛОЧКРиÑпользовать ОБОЛОЧКУ\n"
+" вмеÑто Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¸Ð· файла passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Игнорировано)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "У Ð²Ð°Ñ Ð½ÐµÑ‚ прав на выполнение su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Введите ваш ÑобÑтвенный пароль)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: не удалоÑÑŒ пройти проверку подлинноÑти\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: у Ð²Ð°Ñ Ð½ÐµÑ‚ прав выполнÑÑ‚ÑŒ su в данный момент\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "ОтÑутÑтвует passwd-запиÑÑŒ Ð´Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Â«%s»\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: должен запуÑкатьÑÑ Ð¸Ð· терминала\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: ошибка %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: не удалоÑÑŒ ÑброÑить управлÑющий терминал\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Ðе удалоÑÑŒ выполнить %s\n"
+
+msgid "No password file"
+msgstr "ОтÑутÑтвует файл паролей"
+
+msgid "TIOCSCTTY failed"
+msgstr "Ðе удалоÑÑŒ уÑтановить флаг TIOCSCTTY"
+
+msgid "No password entry for 'root'"
+msgstr "ОтÑутÑтвует запиÑÑŒ Ð´Ð»Ñ Â«root»"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Ðажмите control-d Ð´Ð»Ñ Ð¿Ñ€Ð¾Ð´Ð¾Ð»Ð¶ÐµÐ½Ð¸Ñ Ð·Ð°Ð³Ñ€ÑƒÐ·ÐºÐ¸ в обычном режиме,\n"
+"(или введите пароль ÑÑƒÐ¿ÐµÑ€Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð´Ð»Ñ Ð¾Ð±ÑÐ»ÑƒÐ¶Ð¸Ð²Ð°Ð½Ð¸Ñ ÑиÑтемы):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Вход в режим ÑиÑтемного обÑлуживаниÑ"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: каталог %s Ñоздан, но не может быть удалён\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: наÑтройка %s в %s будет проигнорирована\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: не удалоÑÑŒ Ñоздать новый файл значений по умолчанию\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: не удалоÑÑŒ открыть новый файл значений по умолчанию\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: Ñлишком Ð´Ð»Ð¸Ð½Ð½Ð°Ñ Ñтрока в %s: %s…"
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: не удалоÑÑŒ Ñоздать резервную копию файла (%s): %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: rename: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: группа «%s» ÑвлÑетÑÑ Ð³Ñ€ÑƒÐ¿Ð¿Ð¾Ð¹ NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: указано Ñлишком много групп (макÑимум %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"ИÑпользование: %s [параметры] ПОЛЬЗОВÐТЕЛЬ\n"
+" %s -D\n"
+" %s -D [параметры]\n"
+"\n"
+"Параметры:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir БÐЗ_КÐТ базовый каталог Ð´Ð»Ñ Ð´Ð¾Ð¼Ð°ÑˆÐ½ÐµÐ³Ð¾ каталога "
+"новой\n"
+" учётной запиÑи\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment КОММЕÐТÐРИЙ поле GECOS новой учётной запиÑи\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+" -d, --home-dir ДОМ_КÐТ домашний каталог новой учётной запиÑи\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults показать или изменить наÑтройки\n"
+" по умолчанию Ð´Ð»Ñ useradd\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+" -e, --expiredate ДÐТÐ_УСТ дата уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð½Ð¾Ð²Ð¾Ð¹ учётной запиÑи\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive ÐЕÐКТИВÐОСТЬ период неактивноÑти Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹ учётной "
+"запиÑи\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid Ð“Ð Ð£ÐŸÐŸÐ Ð¸Ð¼Ñ Ð¸Ð»Ð¸ ID первичной группы новой\n"
+" учётной запиÑи\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups ГРУППЫ ÑпиÑок дополнительных групп новой\n"
+" учётной запиÑи\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+" -k, --skel КÐБ_ШÐБ иÑпользовать альтернативный каталог Ñ "
+"шаблонами\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init не добавлÑÑ‚ÑŒ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² базы данных "
+"lastlog и\n"
+" faillog\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+" -m, --create-home Ñоздать домашний каталог пользователÑ\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+" -M, --no-create-home не Ñоздавать домашний каталог пользователÑ\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group не Ñоздавать группу Ñ Ñ‚ÐµÐ¼ же именем что и у\n"
+" пользователÑ\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique разрешить Ñоздание пользователей Ñ\n"
+" повторÑющимиÑÑ (не уникальными) UID\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+" -p, --password ПÐРОЛЬ зашифрованный пароль новой учётной запиÑи\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+" -s, --shell ОБОЛОЧКРрегиÑÑ‚Ñ€Ð°Ñ†Ð¸Ð¾Ð½Ð½Ð°Ñ Ð¾Ð±Ð¾Ð»Ð¾Ñ‡ÐºÐ° новой\n"
+" учётной запиÑи\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+" -u, --uid UID пользовательÑкий ID новой учётной запиÑи\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group Ñоздать группу Ñ Ñ‚ÐµÐ¼ же именем что и у\n"
+" пользователÑ\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SEUSER иÑпользовать указанного SEUSER длÑ\n"
+" пользовательÑкого ÑопоÑÑ‚Ð°Ð²Ð»ÐµÐ½Ð¸Ñ SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: неверный базовый каталог «%s»\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: неверный комментарий «%s»\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: неверный домашний каталог «%s»\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: Ð´Ð»Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð° -e необходима поддержка теневых паролей\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: Ð´Ð»Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð° -f необходима поддержка теневых паролей\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: неверное поле «%s»\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: Ð½ÐµÐ²ÐµÑ€Ð½Ð°Ñ Ð¾Ð±Ð¾Ð»Ð¾Ñ‡ÐºÐ° «%s»\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: Ð´Ð»Ñ -Z в Ñдре требуетÑÑ Ð²ÐºÐ»ÑŽÑ‡Ð¸Ñ‚ÑŒ SELinux\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: не удалоÑÑŒ ÑброÑить запиÑÑŒ в faillog Ð´Ð»Ñ UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: не удалоÑÑŒ ÑброÑить запиÑÑŒ в lastlog Ð´Ð»Ñ UID %lu: %s\n"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: не удалоÑÑŒ подготовить новую %s запиÑÑŒ\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: не удалоÑÑŒ Ñоздать каталог %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Создание почтового Ñщика"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Ðе найдена группа «mail». СоздаётÑÑ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÑŒÑкий почтовый Ñщик Ñ Ð¿Ñ€Ð°Ð²Ð°Ð¼Ð¸ "
+"0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "УÑтановка прав на файл почтового Ñщика"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: пользователь «%s» уже ÑущеÑтвует\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: группа %s ÑущеÑтвует — Ð´Ð»Ñ Ð´Ð¾Ð±Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð² неё Ñтого пользователÑ, "
+"иÑпользуйте -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: не удалоÑÑŒ Ñоздать пользователÑ\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu не ÑвлÑетÑÑ ÑƒÐ½Ð¸ÐºÐ°Ð»ÑŒÐ½Ñ‹Ð¼\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: не удалоÑÑŒ Ñоздать tcb-каталог Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: не удалоÑÑŒ Ñоздать группу\n"
+
+#, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: не удалоÑÑŒ Ñоздать подчинённые пользовательÑкие ID\n"
+
+#, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: не удалоÑÑŒ Ñоздать подчинённые групповые ID\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: предупреждение: домашний каталог уже ÑущеÑтвует.\n"
+"Ðикакие файлы из каталога шаблонов копироватьÑÑ Ð½Ðµ будут.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: предупреждение: не удалоÑÑŒ ÑопоÑтавить Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s Ñ "
+"пользователем SELinux %s.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force удалÑÑ‚ÑŒ файлы, даже еÑли они\n"
+" не принадлежат пользователю\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove удалить домашний каталог и почтовый Ñщик\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user удалить вÑе пользовательÑкие ÑопоÑтавлениÑ\n"
+" SELinux Ð´Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: группа %s не удалена, так как Ñто не Ð¿ÐµÑ€Ð²Ð¸Ñ‡Ð½Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: группа %s не удалена, так как в ней еÑÑ‚ÑŒ другие члены.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: группа %s ÑвлÑетÑÑ Ð¿ÐµÑ€Ð²Ð¸Ñ‡Ð½Ð¾Ð¹ Ð´Ð»Ñ Ð´Ñ€ÑƒÐ³Ð¾Ð³Ð¾ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸ не может быть "
+"удалена.\n"
+
+#, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: не удалоÑÑŒ удалить запиÑÑŒ %lu из %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: почтовый Ñщик %s (%s) не найден\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: предупреждение: не удалоÑÑŒ удалить %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s не принадлежит %s, удаление не выполнено\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: не удалоÑÑŒ выделить памÑÑ‚ÑŒ, Ñлемент tcb Ð´Ð»Ñ %s не удалён.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: не удалоÑÑŒ Ñнизить уровень привилегий: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: не удалоÑÑŒ удалить Ñодержимое %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: не удалоÑÑŒ удалить файлы tcb Ð´Ð»Ñ %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: пользователь %s ÑвлÑетÑÑ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»ÐµÐ¼ NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: домашний каталог Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s (%s) не найден\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: каталог %s не удалён (ÑвлÑетÑÑ Ð´Ð¾Ð¼Ð°ÑˆÐ½Ð¸Ð¼ каталогом Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: ошибка ÑƒÐ´Ð°Ð»ÐµÐ½Ð¸Ñ ÐºÐ°Ñ‚Ð°Ð»Ð¾Ð³Ð° %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: предупреждение: не удалоÑÑŒ удалить пользовательÑкое ÑопоÑтавление "
+"SELinux в Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ %s.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment КОММЕÐТÐРИЙ новое значение Ð¿Ð¾Ð»Ñ GECOS\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home ДОМ_КÐТ новый домашний каталог учётной запиÑи\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate ДÐТÐ_УСТ уÑтановить дату Ð¾ÐºÐ¾Ð½Ñ‡Ð°Ð½Ð¸Ñ Ð´ÐµÐ¹ÑтвиÑ\n"
+" учётной запиÑи в ДÐТÐ_УСТ\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive ÐЕÐКТИВÐОСТЬ уÑтановить период неактивноÑти Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ð¾Ñле\n"
+" уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи равным "
+"ÐЕÐКТИВÐОСТЬ\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid ГРУППРпринудительно назначить первичную ГРУППУ\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups ГРУППЫ ÑпиÑок дополнительных ГРУПП\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append добавить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² дополнительные\n"
+" ГРУППЫ, указанные в параметре -G не удалÑÑ\n"
+" Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð· других групп\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login ÐОВОЕ_ИМЯ новое значение имени учётной запиÑи\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock заблокировать учётную запиÑÑŒ\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home перемеÑтить Ñодержимое домашнего каталога в\n"
+" новое меÑто (иÑпользовать только вмеÑте Ñ -"
+"d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique разрешить Ñоздание учётной запиÑи Ñ ÑƒÐ¶Ðµ\n"
+" имеющимÑÑ (не уникальным) UID\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password ПÐРОЛЬ задать новый шифрованный пароль длÑ\n"
+" учётной запиÑи\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID новый UID Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock разблокировать учётную запиÑÑŒ\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr " -v, --add-subuids ПЕРВ-ПОСЛ добавить диапазон подчинённых uid\n"
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr " -V, --del-subuids ПЕРВ-ПОСЛ удалить диапазон подчинённых uid\n"
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr " -w, --add-subgids ПЕРВ-ПОСЛ добавить диапазон подчинённых gid\n"
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr " -W, --del-subgids ПЕРВ-ПОСЛ удалить диапазон подчинённых gid\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user SEUSER новое пользовательÑкое ÑопоÑтавление\n"
+" SELinux Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: разблокировка Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¿Ñ€Ð¸Ð²ÐµÐ´Ñ‘Ñ‚ к поÑвлению беÑпарольной\n"
+"учётной запиÑи. Ð’Ñ‹ должны задать пароль Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ usermod -p Ð´Ð»Ñ "
+"разблокировки Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: пользователь «%s» уже ÑущеÑтвует в %s\n"
+
+#, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: некорректный диапазон подчинённых uid «%s»\n"
+
+#, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: некорректный диапазон подчинённых gid «%s»\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: не указаны параметры\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: параметры -L, -p и -U ÑвлÑÑŽÑ‚ÑÑ Ð²Ð·Ð°Ð¸Ð¼Ð¾Ð¸Ñключающими\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr ""
+"%s: Ð´Ð»Ñ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ð¾Ð² -e и -f требуетÑÑ Ð¿Ð¾Ð´Ð´ÐµÑ€Ð¶ÐºÐ° теневых файлов паролей\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID «%lu» уже ÑущеÑтвует\n"
+
+#, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s не ÑущеÑтвует, Ð½ÐµÐ»ÑŒÐ·Ñ ÑƒÐºÐ°Ð·Ñ‹Ð²Ð°Ñ‚ÑŒ флаги %s или %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: каталог %s ÑущеÑтвует\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Предыдущий домашний каталог (%s) не ÑвлÑлÑÑ Ð´Ð¾Ð¼Ð°ÑˆÐ½Ð¸Ð¼ каталогом. Он не "
+"удалён и домашний каталог не Ñоздан.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: не удалоÑÑŒ изменить владельца домашнего каталога"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: предупреждение: не удалоÑÑŒ полноÑтью удалить Ñтарый домашний каталог %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: не удалоÑÑŒ переименовать каталог %s в %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: не удалоÑÑŒ Ñкопировать запиÑÑŒ lastlog о пользователе %lu в Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: не удалоÑÑŒ Ñкопировать запиÑÑŒ faillog о пользователе %lu в Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: предупреждение: %s не принадлежит %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "не удалоÑÑŒ Ñменить владельца почтового Ñщика"
+
+msgid "failed to rename mailbox"
+msgstr "не удалоÑÑŒ переименовать почтовый Ñщик"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: не удалоÑÑŒ удалить диапазон uid %lu-%lu из «%s»\n"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: не удалоÑÑŒ добавить диапазон uid %lu-%lu в «%s»\n"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: не удалоÑÑŒ удалить диапазон gid %lu-%lu из «%s»\n"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: не удалоÑÑŒ добавить диапазон gid %lu-%lu в «%s»\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Вы изменили %s.\n"
+"Ð”Ð»Ñ Ð¾Ð±ÐµÑÐ¿ÐµÑ‡ÐµÐ½Ð¸Ñ ÑоглаÑованноÑти вам может потребоватьÑÑ Ð¸Ð·Ð¼ÐµÐ½Ð¸Ñ‚ÑŒ %s.\n"
+"Ð”Ð»Ñ Ñтого иÑпользуйте команду «%s».\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group редактировать базу данных групп\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd редактировать базу данных паролей\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+" -s, --shadow редактировать базу данных shadow или "
+"gshadow\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+" -u, --user редактировать пользовательÑкий файл\n"
+" shadow Ñтруктуры tcb\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: не удалоÑÑŒ удалить %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s не был изменён\n"
+
+msgid "failed to create scratch directory"
+msgstr "не удалоÑÑŒ Ñоздать черновой каталог"
+
+msgid "failed to drop privileges"
+msgstr "не удалоÑÑŒ Ñнизить уровень привилегий"
+
+#
+msgid "Couldn't get file context"
+msgstr "Ðе удалоÑÑŒ получить файловый контекÑÑ‚"
+
+msgid "setfscreatecon () failed"
+msgstr "Вызов setfscreatecon () завершилÑÑ Ð½ÐµÑƒÐ´Ð°Ñ‡Ð½Ð¾"
+
+msgid "failed to gain privileges"
+msgstr "не удалоÑÑŒ повыÑить уровень привилегий"
+
+msgid "Couldn't lock file"
+msgstr "Ðе удалоÑÑŒ заблокировать файл"
+
+msgid "Couldn't make backup"
+msgstr "Ðе удалоÑÑŒ Ñоздать резервную копию"
+
+#, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s: %s\n"
+
+#, c-format
+#| msgid "%s: nscd exited with status %d\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s завершилÑÑ Ñ ÐºÐ¾Ð´Ð¾Ð¼ выхода %d\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr "%s: %s убит по Ñигналу %d\n"
+
+msgid "failed to open scratch file"
+msgstr "не удалоÑÑŒ открыть черновой файл"
+
+msgid "failed to unlink scratch file"
+msgstr "не удалоÑÑŒ удалить черновой файл"
+
+msgid "failed to stat edited file"
+msgstr "не удалоÑÑŒ получить атрибуты редактируемого файла"
+
+msgid "failed to allocate memory"
+msgstr "не удалоÑÑŒ выделить памÑÑ‚ÑŒ"
+
+msgid "failed to create backup file"
+msgstr "не удалоÑÑŒ Ñоздать резервную копию файла"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: не удалоÑÑŒ воÑÑтановить %s: %s (ваши Ð¸Ð·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð² %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: не удалоÑÑŒ найти каталог tcb Ð´Ð»Ñ %s\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr " -c, --crypt-method алгоритм ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ (один из: %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "ИÑпользование: vipw [параметры]\n"
+#~ "\n"
+#~ "Параметры:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "не удалоÑÑŒ выполнить malloc(%d)\n"
+
+#
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ИÑпользование: chage [параметры] [ПОЛЬЗОВÐТЕЛЬ]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -d, --lastday LAST_DAY уÑтановить поÑледний день Ñмены паролÑ\n"
+#~ " в LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE уÑтановить дату Ð¾ÐºÐ¾Ð½Ñ‡Ð°Ð½Ð¸Ñ Ð´ÐµÐ¹ÑтвиÑ\n"
+#~ " учётной запиÑи в EXPIRE_DATE\n"
+#~ " -h, --help показать Ñто Ñообщение и закончить "
+#~ "работу\n"
+#~ " -I, --inactive INACTIVE уÑтановить неактивноÑÑ‚ÑŒ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ð¾Ñле\n"
+#~ " уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ Ð² значение INACTIVE\n"
+#~ " -l, --list показать «возраÑт» учётной запиÑи\n"
+#~ " -m, --mindays MIN_DAYS уÑтановить минимальное чиÑло дней перед\n"
+#~ " Ñменой Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS уÑтановить макÑимальное чиÑло дней перед\n"
+#~ " Ñменой Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS уÑтановить количеÑтво дней Ñ Ð²Ñ‹Ð´Ð°Ñ‡ÐµÐ¹\n"
+#~ " Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ Ð² WARN_DAYS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: проверка подлинноÑти PAM завершилаÑÑŒ неудачно\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "ИÑпользование: %s [-f полное имÑ] [-r номер комнаты] [-w рабочий "
+#~ "телефон]\n"
+#~ "\t[-h домашний телефон] [-o другое] [пользователь]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "ИÑпользование: %s [-f полное имÑ] [-r номер комнаты] [-w рабочий телефон] "
+#~ "[-h домашний телефон]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ИÑпользование: %s [параметры]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -c, --crypt-method алгоритм ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ (один из %s)\n"
+#~ " -e, --encrypted вводитÑÑ ÑƒÐ¶Ðµ шифрованный пароль\n"
+#~ " -h, --help показать Ñто Ñообщение и завершить работу "
+#~ "программы\n"
+#~ " -m, --md5 иÑпользовать шифрование MD5 вмеÑто DES, еÑли "
+#~ "пароль\n"
+#~ " вводитÑÑ Ð½Ðµ шифрованным\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ИÑпользование: chsh [параметры] [ПОЛЬЗОВÐТЕЛЬ]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -h, --help показать данное Ñообщение и закончить работу\n"
+#~ " -s, --shell SHELL Ð½Ð¾Ð²Ð°Ñ Ñ€ÐµÐ³Ð¸ÑÑ‚Ñ€Ð°Ñ†Ð¸Ð¾Ð½Ð½Ð°Ñ Ð¾Ð±Ð¾Ð»Ð¾Ñ‡ÐºÐ° Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ "
+#~ "запиÑи\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "ИÑпользование: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: не удалоÑÑŒ получить запиÑÑŒ Ð´Ð»Ñ UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: не удалоÑÑŒ открыть %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: не удалоÑÑŒ получить размер %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "ИÑпользование: groupdel группа\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "ИÑпользование: %s [-r] [-s] [файл_group [файл_gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "ИÑпользование: %s [-r] [-s] [файл_group]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s и -r не могут иÑпользоватьÑÑ Ð¾Ð´Ð½Ð¾Ð²Ñ€ÐµÐ¼ÐµÐ½Ð½Ð¾\n"
+
+#
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "ИÑпользование: grpconv\n"
+
+#
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "ИÑпользование: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ИÑпользование: lastlog [параметры]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -b, --before ДÐЕЙ показать запиÑи lastlog за поÑледние ДÐЕЙ дней\n"
+#~ " -h, --help показать Ñто Ñообщение и завершить работу "
+#~ "программы\n"
+#~ " -t, --time ДÐЕЙ показать запиÑи lastlog за поÑледние ДÐЕЙ дней\n"
+#~ " -u, --user ИМЯ показать запиÑÑŒ lastlog Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи ИМЯ\n"
+#~ "\n"
+
+#
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ИÑпользование: passwd [параметры] [ПОЛЬЗОВÐТЕЛЬ]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -a, --all показать ÑоÑтоÑние паролей вÑех учётных\n"
+#~ " запиÑей\n"
+#~ " -d, --delete удалить пароль заданной учётной запиÑи\n"
+#~ " -e, --expire проÑрочить пароль заданной учётной "
+#~ "запиÑи\n"
+#~ " -h, --help показать Ñто Ñообщение и завершить "
+#~ "работу\n"
+#~ " программы\n"
+#~ " -k, --keep-tokens изменÑÑ‚ÑŒ пароль только Ñ Ð¸Ñтёкшим Ñроком\n"
+#~ " дейÑтвиÑ\n"
+#~ " -i, --inactive INACTIVE уÑтановить неактивноÑÑ‚ÑŒ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¿Ð¾Ñле\n"
+#~ " иÑÑ‚ÐµÑ‡ÐµÐ½Ð¸Ñ Ñрока в значение INACTIVE\n"
+#~ " -l, --lock заблокировать заданную учётную запиÑÑŒ\n"
+#~ " -n, --mindays MIN_DAYS уÑтановить минимальное чиÑло дней перед\n"
+#~ " Ñменой Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² MIN_DAYS\n"
+#~ " -q, --quiet не показывать Ñообщений\n"
+#~ " -r, --repository REPOSITORY изменить пароль в репозитории REPOSITORY\n"
+#~ " -S, --status показать ÑоÑтоÑние Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð·Ð°Ð´Ð°Ð½Ð½Ð¾Ð¹ "
+#~ "учётной\n"
+#~ " запиÑи\n"
+#~ " -u, --unlock разблокировать заданную учётную запиÑÑŒ\n"
+#~ " -w, --warndays WARN_DAYS уÑтановить количеÑтво дней Ñ\n"
+#~ " выдачей Ð¿Ñ€ÐµÐ´ÑƒÐ¿Ñ€ÐµÐ¶Ð´ÐµÐ½Ð¸Ñ Ð² WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS уÑтановить макÑимальное чиÑло дней перед\n"
+#~ " Ñменой Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð² MAX_DAYS\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "ИÑпользование: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "ИÑпользование: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "ИÑпользование: pwconv\n"
+
+#
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "ИÑпользование: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "ÐеизвеÑтный id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "ОтÑутÑтвует оболочка\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ИÑпользование: userdel [параметры] ПОЛЬЗОВÐТЕЛЬ\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -f, --force удалÑÑ‚ÑŒ файлы, даже еÑли они\n"
+#~ " не принадлежат пользователю\n"
+#~ " -h, --help показать данное Ñообщение и закончить "
+#~ "работу\n"
+#~ " -r, --remove удалить домашний каталог и почтовый Ñщик\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: пользователь %s ÑÐµÐ¹Ñ‡Ð°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ð°ÐµÑ‚ в ÑиÑтеме\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ИÑпользование: usermod [параметры] ПОЛЬЗОВÐТЕЛЬ\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -c, --comment КОММЕÐТÐРИЙ новое значение Ð¿Ð¾Ð»Ñ GECOS\n"
+#~ " -d, --home ДОМ_КÐТ новый домашний каталог учётной запиÑи\n"
+#~ " -e, --expiredate ДÐТÐ_УСТ уÑтановить дату Ð¾ÐºÐ¾Ð½Ñ‡Ð°Ð½Ð¸Ñ Ð´ÐµÐ¹ÑтвиÑ\n"
+#~ " учётной запиÑи в ДÐТÐ_УСТ\n"
+#~ " -f, --inactive ÐЕÐКТИВÐОСТЬ уÑтановить период неактивноÑти Ð¿Ð°Ñ€Ð¾Ð»Ñ "
+#~ "поÑле\n"
+#~ " уÑÑ‚Ð°Ñ€ÐµÐ²Ð°Ð½Ð¸Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи равным "
+#~ "ÐЕÐКТИВÐОСТЬ\n"
+#~ " -g, --gid ГРУППРпринудительно назначить первичную ГРУППУ\n"
+#~ " -G, --groups ГРУППЫ ÑпиÑок дополнительных ГРУПП\n"
+#~ " -a, --append добавить Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² дополнительные\n"
+#~ " ГРУППЫ, указанные в параметре -G не "
+#~ "удалÑÑ\n"
+#~ " Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð¸Ð· других групп\n"
+#~ " -h, --help показать данное Ñообщение и закончить "
+#~ "работу\n"
+#~ " -l, --login ÐОВОЕ_ИМЯ новое значение имени учётной запиÑи\n"
+#~ " -L, --lock заблокировать учётную запиÑÑŒ\n"
+#~ " -m, --move-home перемеÑтить Ñодержимое домашнего каталога "
+#~ "в\n"
+#~ " новое меÑто (иÑпользовать только вмеÑте Ñ "
+#~ "-d)\n"
+#~ " -o, --non-unique разрешить Ñоздание учётной запиÑи Ñ ÑƒÐ¶Ðµ\n"
+#~ " имеющимÑÑ (не уникальным) UID\n"
+#~ " -p, --password ПÐРОЛЬ задать новый шифрованный пароль длÑ\n"
+#~ " учётной запиÑи\n"
+#~ " -s, --shell ОБОЛОЧКРзадать новую оболочку длÑ\n"
+#~ " учётной запиÑи\n"
+#~ " -u, --uid UID новый UID Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи\n"
+#~ " -U, --unlock разблокировать учётную запиÑÑŒ\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: не заданы параметры\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ИÑпользование: vipw [параметры]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -g, --group редактировать базу данных групп\n"
+#~ " -h, --help показать данное Ñообщение и закончить "
+#~ "работу\n"
+#~ " -p, --passwd редактировать базу данных паролей\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow редактировать базу данных теневых\n"
+#~ " паролей пользователей или групп\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --add USER add USER to GROUP\n"
+#~ " -d, --delete USER remove USER from GROUP\n"
+#~ " -r, --remove-password remove the GROUP's password\n"
+#~ " -R, --restrict restrict access to GROUP to its members\n"
+#~ " -M, --members USER,... set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ИÑпользование: %s [параметр] ГРУППÐ\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -a, --add ПОЛЬЗОВÐТЕЛЬ добавить ПОЛЬЗОВÐТЕЛЯ в ГРУППУ\n"
+#~ " -d, --delete ПОЛЬЗОВÐТЕЛЬ удалить ПОЛЬЗОВÐТЕЛЯ из ГРУППЫ\n"
+#~ " -r, --remove-password удалить пароль ГРУППЫ\n"
+#~ " -R, --restrict ограничить доÑтуп к ГРУППЕ её членам\n"
+#~ " -M, --members ПОЛЬЗОВÐТЕЛЬ,... задать ÑпиÑок членов ГРУППЫ\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group groupname change groupname instead of the user's "
+#~ "group\n"
+#~ " (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ " -a, --add username add username to the members of the group\n"
+#~ " -d, --delete username remove username from the members of the "
+#~ "group\n"
+#~ " -p, --purge purge all members from the group\n"
+#~ " -l, --list list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ИÑпользование: groupmems [параметры] [дейÑтвие]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -g, --group имÑ_группы изменить имÑ_группы вмеÑто "
+#~ "пользовательÑкой\n"
+#~ " группы (только Ð´Ð»Ñ root)\n"
+#~ "\n"
+#~ "ДейÑтвиÑ:\n"
+#~ " -a, --add имÑ_польз добавить имÑ_польз в члены группы\n"
+#~ " -d, --delete имÑ_польз удалить имÑ_польз из членов группы\n"
+#~ " -p, --purge удалить вÑех членов из группы\n"
+#~ " -l, --list показать вÑех членов группы\n"
+#~ "\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: не удалоÑÑŒ Ñоздать %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: не удалоÑÑŒ Ñменить владельца %s\n"
+
+#
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ИÑпользование: faillog [параметры]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -a, --all показать запиÑи faillog обо вÑех пользователÑÑ…\n"
+#~ " -h, --help показать Ñто Ñообщение и завершить работу "
+#~ "программы\n"
+#~ " -l, --lock-time СЕК при неудачной попытке входа блокировать\n"
+#~ " учётную запиÑÑŒ на СЕК Ñекунд\n"
+#~ " -m, --maximum ÐœÐКС уÑтановить макÑимальное чиÑло неудачных попыток\n"
+#~ " входа равным ÐœÐКС\n"
+#~ " -r, --reset обнулить Ñчётчики неудачных попыток входа\n"
+#~ " -t, --time ДÐЕЙ показать запиÑи faillog за поÑледние ДÐЕЙ дней\n"
+#~ " -u, --user ИМЯ показать запиÑÑŒ faillog или наÑтроить Ñчётчики\n"
+#~ " неудачных попыток и Ð¾Ð³Ñ€Ð°Ð½Ð¸Ñ‡ÐµÐ½Ð¸Ñ (вмеÑте Ñ -r, -m\n"
+#~ " или -l) только Ð´Ð»Ñ ÑƒÑ‡Ñ‘Ñ‚Ð½Ð¾Ð¹ запиÑи Ñ Ð·Ð°Ð´Ð°Ð½Ð½Ñ‹Ð¼ "
+#~ "ИМЕÐЕМ\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ИÑпользование: groupadd [параметры] ГРУППÐ\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -f, --force закончить работу Ñ ÑƒÑпешным кодом возврата, еÑли\n"
+#~ " Ð·Ð°Ð´Ð°Ð½Ð½Ð°Ñ Ð³Ñ€ÑƒÐ¿Ð¿Ð° уже ÑущеÑтвует\n"
+#~ " -g, --gid GID Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹ группы иÑпользовать GID\n"
+#~ " -h, --help показать данное Ñообщение и закончить работу\n"
+#~ " -K, --key KEY=VALUE изменить Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию из /etc/login."
+#~ "defs\n"
+#~ " -o, --non-unique разрешить Ñоздание группы Ñ ÑƒÐ¶Ðµ имеющимÑÑ\n"
+#~ " (не уникальным) GID\n"
+#~ " -p, --password PASS иÑпользовать шифрованный пароль Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹ группы\n"
+#~ " -r, --system Ñоздать ÑиÑтемную учётную запиÑÑŒ\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ИÑпользование: groupmod [параметры] ГРУППÐ\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -g, --gid GID Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹ ГРУППЫ иÑпользовать GID\n"
+#~ " -h, --help показать данное Ñообщение и закончить работу\n"
+#~ " -n, --new-name ÐОВ_ГР иÑпользовать Ð¸Ð¼Ñ ÐОВ_ГР Ð´Ð»Ñ Ð“Ð Ð£ÐŸÐŸÐ«\n"
+#~ " -o, --non-unique разрешить Ñоздание ГРУППЫ Ñ ÑƒÐ¶Ðµ имеющимÑÑ\n"
+#~ " (не уникальным) GID\n"
+#~ " -p, --password PASS иÑпользовать шифрованный пароль Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ "
+#~ "паролÑ\n"
+#~ "\n"
+
+#
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ИÑпользование: useradd [параметры] Ð¸Ð¼Ñ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ " -b, --base-dir BASE_DIR базовый каталог Ð´Ð»Ñ Ð´Ð¾Ð¼Ð°ÑˆÐ½ÐµÐ³Ð¾ каталога\n"
+#~ " новой учётной запиÑи\n"
+#~ " -c, --comment COMMENT заполнить поле GECOS новой учётной "
+#~ "запиÑи\n"
+#~ " -d, --home-dir HOME_DIR домашний каталог новой учётной запиÑи\n"
+#~ " -D, --defaults показать или Ñохранить изменённые "
+#~ "наÑтройки\n"
+#~ " useradd по умолчанию\n"
+#~ " -e, --expiredate EXPIRE_DATE уÑтановить дату Ð¾ÐºÐ¾Ð½Ñ‡Ð°Ð½Ð¸Ñ Ð´ÐµÐ¹ÑтвиÑ\n"
+#~ " учётной запиÑи равной EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE уÑтановить пароль Ð´Ð»Ñ ÑƒÑтаревших учётных\n"
+#~ " запиÑей в INACTIVE\n"
+#~ " -g, --gid GROUP принудительно назначить группу GROUP\n"
+#~ " Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹ учётной запиÑи\n"
+#~ " -G, --groups GROUPS задать ÑпиÑок групп Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹\n"
+#~ " учётной запиÑи\n"
+#~ " -h, --help показать данное Ñообщение и закончить "
+#~ "работу\n"
+#~ " -k, --skel SKEL_DIR указать альтернативный каталог Ñ "
+#~ "шаблонами\n"
+#~ " -K, --key KEY=VALUE изменить Ð·Ð½Ð°Ñ‡ÐµÐ½Ð¸Ñ Ð¿Ð¾ умолчанию из\n"
+#~ " /etc/login.defs\n"
+#~ " -l, --no-log-init не добавлÑÑ‚ÑŒ Ð¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ñ‚ÐµÐ»Ñ Ð² базы данных\n"
+#~ " lastlog и faillog\n"
+#~ " -m, --create-home Ñоздать домашний каталог Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹\n"
+#~ " учётной запиÑи\n"
+#~ " -M, --no-create-home не Ñоздавать домашний каталог Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹\n"
+#~ " учётной запиÑи (изменÑет значение\n"
+#~ " из /etc/login.defs)\n"
+#~ " -N, --no-user-group не Ñоздавать группу Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ как у\n"
+#~ " пользователÑ\n"
+#~ " -o, --non-unique разрешить Ñоздание учётной запиÑи Ñ ÑƒÐ¶Ðµ\n"
+#~ " имеющимÑÑ (не уникальным) UID\n"
+#~ " -p, --password PASSWORD задать шифрованный пароль Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹\n"
+#~ " учётной запиÑи\n"
+#~ " -r, --system Ñоздать ÑиÑтемную учётную запиÑÑŒ\n"
+#~ " -s, --shell SHELL задать командную оболочку Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹\n"
+#~ " учётной запиÑи\n"
+#~ " -u, --uid UID принудительно назначить UID Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð¹\n"
+#~ " учётной запиÑи\n"
+#~ " -U, --user-group Ñоздать группу Ñ Ð¸Ð¼ÐµÐ½ÐµÐ¼ как у "
+#~ "пользователÑ\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -r, --system create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ИÑпользование: %s [параметры] [ввод]\n"
+#~ "\n"
+#~ " -c, --crypt-method метод ÑˆÐ¸Ñ„Ñ€Ð¾Ð²Ð°Ð½Ð¸Ñ (один из %s)\n"
+#~ " -r, --system Ñоздать ÑиÑтемную учётную запиÑÑŒ\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Срок дейÑÑ‚Ð²Ð¸Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð¸Ñтёк."
+
+#~ msgid "setfscreatecon() failed"
+#~ msgstr "Вызов setfscreatecon() завершилÑÑ Ð½ÐµÑƒÐ´Ð°Ñ‡Ð½Ð¾"
diff --git a/po/shadow.pot b/po/shadow.pot
new file mode 100644
index 0000000..5fa6d34
--- /dev/null
+++ b/po/shadow.pot
@@ -0,0 +1,2346 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Free Software Foundation, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr ""
+
+#, c-format
+msgid "%s's Password: "
+msgstr ""
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr ""
+
+msgid "Warning: too many groups\n"
+msgstr ""
+
+msgid "Your password has expired."
+msgstr ""
+
+msgid "Your password is inactive."
+msgstr ""
+
+msgid "Your login has expired."
+msgstr ""
+
+msgid " Contact the system administrator."
+msgstr ""
+
+msgid " Choose a new password."
+msgstr ""
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr ""
+
+msgid "Your password will expire tomorrow."
+msgstr ""
+
+msgid "Your password will expire today."
+msgstr ""
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: "
+msgstr ""
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr ""
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+msgstr[1] ""
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+
+msgid "Too many logins.\n"
+msgstr ""
+
+msgid "You have new mail."
+msgstr ""
+
+msgid "No mail."
+msgstr ""
+
+msgid "You have mail."
+msgstr ""
+
+msgid "no change"
+msgstr ""
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr ""
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr ""
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr ""
+
+msgid "passwd: password unchanged\n"
+msgstr ""
+
+msgid "passwd: password updated successfully\n"
+msgstr ""
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr ""
+
+msgid "No directory, logging in with HOME=/"
+msgstr ""
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr ""
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr ""
+
+msgid "Unable to determine your tty name."
+msgstr ""
+
+msgid "No"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+
+msgid "Minimum Password Age"
+msgstr ""
+
+msgid "Maximum Password Age"
+msgstr ""
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr ""
+
+msgid "Password Expiration Warning"
+msgstr ""
+
+msgid "Password Inactive"
+msgstr ""
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr ""
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr ""
+
+msgid "never"
+msgstr ""
+
+msgid "password must be changed"
+msgstr ""
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr ""
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr ""
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr ""
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr ""
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr ""
+
+msgid "Room Number"
+msgstr ""
+
+msgid "Work Phone"
+msgstr ""
+
+msgid "Home Phone"
+msgstr ""
+
+msgid "Other"
+msgstr ""
+
+msgid "Cannot change ID to root.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr ""
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr ""
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr ""
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr ""
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr ""
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr ""
+
+#, c-format
+msgid " [%lus left]"
+msgstr ""
+
+#, c-format
+msgid " [%lds lock]"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+
+msgid "The options cannot be combined.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr ""
+
+msgid "New Password: "
+msgstr ""
+
+msgid "Re-enter new password: "
+msgstr ""
+
+msgid "They don't match; try again"
+msgstr ""
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr ""
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr ""
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr ""
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr ""
+
+msgid "invalid group file entry"
+msgstr ""
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr ""
+
+msgid "duplicate group entry"
+msgstr ""
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr ""
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr ""
+
+msgid "duplicate shadow group entry"
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr ""
+
+msgid "Usage: id [-a]\n"
+msgstr ""
+
+msgid "Usage: id\n"
+msgstr ""
+
+msgid " groups="
+msgstr ""
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr ""
+
+msgid "Username Port Latest"
+msgstr ""
+
+msgid "**Never logged in**"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to update the lastlog file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr ""
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr ""
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr ""
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s login: "
+msgstr ""
+
+msgid "login: "
+msgstr ""
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr ""
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr ""
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr ""
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr ""
+
+#, c-format
+msgid " from %.*s"
+msgstr ""
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+msgid "Usage: logoutd\n"
+msgstr ""
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr ""
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr ""
+
+msgid "Invalid password.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr ""
+
+msgid "too many groups\n"
+msgstr ""
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr ""
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+msgid "New password: "
+msgstr ""
+
+msgid "Try again."
+msgstr ""
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+
+msgid "They don't match; try again.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr ""
+
+msgid "duplicate password entry"
+msgstr ""
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr ""
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr ""
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr ""
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr ""
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr ""
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr ""
+
+msgid "duplicate shadow password entry"
+msgstr ""
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr ""
+
+msgid "Password authentication bypassed.\n"
+msgstr ""
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr ""
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr ""
+
+msgid "(Enter your own password)"
+msgstr ""
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr ""
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr ""
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr ""
+
+msgid "No password file"
+msgstr ""
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr ""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+
+msgid "Entering System Maintenance Mode"
+msgstr ""
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr ""
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr ""
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr ""
+
+msgid "failed to change mailbox owner"
+msgstr ""
+
+msgid "failed to rename mailbox"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr ""
+
+msgid "failed to create scratch directory"
+msgstr ""
+
+msgid "failed to drop privileges"
+msgstr ""
+
+msgid "Couldn't get file context"
+msgstr ""
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr ""
+
+msgid "Couldn't make backup"
+msgstr ""
+
+#, c-format
+msgid "%s: %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr ""
+
+msgid "failed to unlink scratch file"
+msgstr ""
+
+msgid "failed to stat edited file"
+msgstr ""
+
+msgid "failed to allocate memory"
+msgstr ""
+
+msgid "failed to create backup file"
+msgstr ""
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr ""
diff --git a/po/sk.po b/po/sk.po
new file mode 100644
index 0000000..9828382
--- /dev/null
+++ b/po/sk.po
@@ -0,0 +1,3801 @@
+# Slovak translation of shadow-utils.
+#
+# Ivan Masár <helix84@centrum.sk>, 2008, 2009.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.17\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2011-11-26 22:06+0100\n"
+"Last-Translator: Ivan Masár <helix84@centrum.sk>\n"
+"Language-Team: Slovak <sk-i18n@lists.linux.sk>\n"
+"Language: sk\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural= (n==1) ? 1 : (n>=2 && n<=4) ? 2 : 0;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Existuje viac záznamov s názvom „%s“ v %s. Prosím, napravte to pomocou pwck "
+"alebo grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "libcrypt nepodporuje metódy šifrovania? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Na konfiguraÄné údaje sa nedá vyhradiÅ¥ dostatok miesta.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"konfiguraÄná chyba - neznámy predmet „%s“ (informujte správcu systému)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Heslo: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Heslo používateľa %s:"
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Na konfiguraÄné údaje sa nedá vyhradiÅ¥ dostatok miesta.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Menia sa informácie vypršania platnosti pre používateľa %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: vaše používateľské meno sa nedá zistiť.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: riadok %d: nedá sa nájsť používateľ %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: nedostatok pamäti\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: nie je možné zmazať %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: chybný domovský adresár „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: nie je možné odstrániť položku „%s“ z %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "lastlog: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s"
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: upozornenie: nemôžem odstrániť %s: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: premenovať: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: adresár %s sa nedá premenovať na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: adresár %s sa nedá premenovať na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s"
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: upozornenie: nemôžem odstrániť %s: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "lastlog: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: nie je možné zmazať %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: súbor s tieňovými heslami sa nedá aktualizovať\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: premenovať: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: súbor %s sa nedá otvoriť\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Upozornenie: skupina %s je neznáma\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Upozornenie: príliš mnoho skupín\n"
+
+msgid "Your password has expired."
+msgstr "Uplynula platnosť vášho hesla."
+
+msgid "Your password is inactive."
+msgstr "Vaše heslo je neaktívne."
+
+msgid "Your login has expired."
+msgstr "Uplynula platnosÅ¥ vášho úÄtu."
+
+msgid " Contact the system administrator."
+msgstr " Kontaktujte správcu systému."
+
+msgid " Choose a new password."
+msgstr " Zvoľte nové heslo."
+
+msgid "You must change your password."
+msgstr "Musíte si zmeniť heslo."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "O %ld dní uplynie platnosť vášho hesla.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Zajtra uplynie platnosť vášho hesla."
+
+msgid "Your password will expire today."
+msgstr "Dnes uplynie platnosť vášho hesla."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Nie je možné otvoriť rozhranie pre audit - prerušuje sa.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Nedá sa zmeniť režim vlastníka TTY štandardného vstupu: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: nepodarilo sa odmknúť %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Preplnenie prostredia\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Nemôžete zmeniť $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d chybný pokus o prihlásenie od posledného prihlásenia.\n"
+"Bol to %s na %s.\n"
+msgstr[1] ""
+"%d chybné pokusy o prihlásenie od posledného prihlásenia.\n"
+"Posledné bolo %s na %s.\n"
+msgstr[2] ""
+"%d chybných pokusov o prihlásenie od posledného prihlásenia.\n"
+"Posledné bolo %s na %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "chyba pri zmene vlastníka schránky"
+
+#, fuzzy, c-format
+#| msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: Nedá sa získaÅ¥ jedineÄný UID (už nie sú dostupné žiadne UID)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Nedá sa získaÅ¥ jedineÄný GID (už nie sú dostupné žiadne GID)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: Nedá sa získaÅ¥ jedineÄný UID (už nie sú dostupné žiadne UID)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Nedá sa získaÅ¥ jedineÄný UID (už nie sú dostupné žiadne UID)\n"
+
+msgid "Too many logins.\n"
+msgstr "Príliš mnoho prihlásení.\n"
+
+msgid "You have new mail."
+msgstr "Máte novú poštu."
+
+msgid "No mail."
+msgstr "Nemáte žiadnu poštu."
+
+msgid "You have mail."
+msgstr "Máte poštu."
+
+msgid "no change"
+msgstr "žiadna zmena"
+
+msgid "a palindrome"
+msgstr "palindróm"
+
+msgid "case changes only"
+msgstr "iba zmeny vo veľkosti písmen"
+
+msgid "too similar"
+msgstr "veľmi podobné"
+
+msgid "too simple"
+msgstr "veľmi jednoduché"
+
+msgid "rotated"
+msgstr "opakované"
+
+msgid "too short"
+msgstr "veľmi krátke"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Heslo %s je chybné. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: volanie pam_start() zlyhalo, chyba %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: heslo nezmenené\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: heslo bolo úspešne zmenené\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Chybné heslo pre %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: zlyhalo odstránenie právomocí (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: chybné telefónne Äíslo domov: „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"neplatná hodnota ENCRYPT_METHOD: „%s“.\n"
+"Používa sa štandardná hodnota DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Aktuálny adresár sa nedá nastaviť na „%s“\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Žiadny adresár, prihlásenie s HOME na /"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s sa nedá spustiť."
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Chybný koreňový adresár „%s“\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Koreňový adresár sa nedá zmeniť na „%s“\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Nedá sa zistiť názov vášho tty."
+
+msgid "No"
+msgstr "Nie"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] ÚČET\n"
+"\n"
+"Voľby:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday POSL_DEN nastaví dátum poslednej zmeny hesla na "
+"POSL_DEN\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate EXP_DATUM nastaví dátum vyprÅ¡ania platnosti úÄtu na\n"
+" EXP_DATUM\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr " -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive NEAKTIV nastaví nefunkÄnosÅ¥ hesla na NEAKTIV dní\n"
+" po vyprÅ¡aní platnosti úÄtu\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr " -l, --list zobrazí Äasové údaje o úÄte\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays MIN_DNà nastaví minimálny poÄet dní pred zmenou\n"
+" hesla na MIN_DNÃ\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays MAX_DNà nastaví maximálny poÄet dní pred zmenou\n"
+" hesla na MAX_DNÃ\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays UPOZ_DNà nastaví upozornenie o platnosti úÄtu na "
+"UPOZ_DNÃ\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Zadajte novú hodnotu alebo stlaÄte ENTER pre použitie predvolenej hodnoty"
+
+msgid "Minimum Password Age"
+msgstr "Minimálna doba platnosti hesla"
+
+msgid "Maximum Password Age"
+msgstr "Maximálna doba platnosti hesla"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Posledná zmena hesla (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Upozornenie o uplynutí doby platnosti hesla"
+
+msgid "Password Inactive"
+msgstr "NeÄinné heslo"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Uplynutie platnosti úÄtu (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Posledná zmena hesla\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nikdy"
+
+msgid "password must be changed"
+msgstr "heslo je potrebné zmeniť"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Platnosť hesla uplynie\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Neaktívne heslo\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "PlatnosÅ¥ úÄtu uplynie\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimálny poÄet dní medzi zmenami hesla\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maximálny poÄet dní medzi zmenami hesla\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "PoÄet dní upozornenia pred vyprÅ¡aním platnosti hesla\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: chybný dátum „%s“\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: chybný Äíselný parameter „%s“\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: nepoužívajte „l“ s ostatnými príznakmi\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Odmietnutý prístup.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: vaše používateľské meno sa nedá zistiť.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: nedá sa zamknúť %s, skúste to opäť neskôr\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: súbor %s sa nedá otvoriť\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: chyba pri zapisovaní zmien do %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: súbor s tieňovými heslami nie je dostupný\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: používateľ „%s“ neexistuje v %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Menia sa informácie vypršania platnosti pre používateľa %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: chyba pri zmene položiek\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [ÚČET]\n"
+"\n"
+"Voľby:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr " -u, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Celé meno"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Číslo miestnosti"
+
+msgid "Work Phone"
+msgstr "Telefón do zamestnania"
+
+msgid "Home Phone"
+msgstr "Telefón domov"
+
+msgid "Other"
+msgstr "Ostatné"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ID sa nedá zmeniť na root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: meno so znakmi, ktoré nie sú v ASCII: „%s“\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: chybné meno: „%s“\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: Äíslo miestnosti so znakmi, ktoré nie sú v ASCII: „%s“\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: chybné Äíslo miestnosti: „%s“\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: chybné telefónne Äíslo do zamestnania: „%s“\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: chybné telefónne Äíslo domov: „%s“\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: „%s“ obsahuje znaky, ktoré nie sú v ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: „%s“ obsahuje chybné znaky\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: používateľ „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: na NIC klientovi sa nedá zmeniť používateľ „%s“.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: „%s“ je hlavným NIS serverom pre tohto klienta.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Mením informácie o používateľovi %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: položka je príliš dlhá\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby]\n"
+"\n"
+"Voľby:\n"
+
+#, fuzzy, c-format
+#| msgid " -c, --crypt-method the crypt method (one of %s)\n"
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method metóda šifrovania (jedna z %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr " -e, --encrypted zadané heslá sú zakódované\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 použije MD5 kódovanie namiesto DES, ak\n"
+" zadané heslá nie sú zakódované\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds poÄet cyklov Å¡ifrovacích\n"
+" algoritmov SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: prepínaÄ %s je povolený iba s prepínaÄom %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: voľby -c, -e a -m sa navzájom vyluÄujú\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: nepodporovaná metóda šifrovania: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: riadok %d je príliš dlhý\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: riadok %d: chýba nové heslo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: zlyhalo odstránenie %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: riadok %d: skupina „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: riadok %d: nepodarilo sa pripraviť novú položku %s „%s“\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: zistená chyba, zmeny budú zamietnuté\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: user '%s' does not exist\n"
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: riadok %d: používateľ „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: riadok %d: používateľ „%s“ neexistuje\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Predvolený shell"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Nemôžete zmeniť shell pre „%s“.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Mením predvolený shell pre %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Chybná položka: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s je neplatný shell\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: používateľ %s neexistuje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: upozornenie: vlastníkom %s nie je %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: voľby %s a %s sú v konflikte\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: neoÄakávaný argument: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all zobrazí faillog záznamy všetkých "
+"používateľov\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs SEC po chybnom prihlásení zablokuje úÄet na SEC\n"
+" sekúnd\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAX nastaví maximálny poÄet chybných prihlásení\n"
+" na MAX\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset vynuluje poÄítadlá chybných prihlásení\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DAYS zobrazí záznamy faillog nie staršie ako\n"
+" DAYS dní\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user LOGIN zobrazí záznam faillog alebo nastaví "
+"poÄítadlá\n"
+" chybných prihlásení a limitov (iba s "
+"použitím\n"
+" volieb -r, -m or -l) pre používateľa s "
+"loginom\n"
+" LOGIN\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Nepodarilo sa získať položku s UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Login Chybné Najviac Posledné Na\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus ostalo]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds zámok]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Nepodarilo sa znulovaÅ¥ poÄet chýb pre UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Nepodarilo sa nastaviť max. pre UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Nepodarilo sa nastaviÅ¥ Äas zamknutia pre UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Neznámy používateľ alebo rozsah: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: zlyhalo odstránenie %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Použitie: %s [vstup]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -A, --administrators ADMIN,...\n"
+#| " set the list of administrators for GROUP\n"
+#| "Except for the -A and -M options, the options cannot be combined.\n"
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" nastaviť zoznam správcov SKUPINY\n"
+"Okrem volieb -A a -M nie je možné voľby kombinovať.\n"
+
+#, fuzzy
+#| msgid "The options cannot be combined.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Voľby nie je možné kombinovať.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Voľby nie je možné kombinovať.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: prepínaÄ -A funguje iba s tieňovými heslami skupín\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: skupina „%s“ neexistuje v %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: chyba pri zatváraní %s iba na Äítanie\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Menísa heslo skupiny %s\n"
+
+msgid "New Password: "
+msgstr "Nové heslo: "
+
+msgid "Re-enter new password: "
+msgstr "Zadajte znova nové heslo: "
+
+msgid "They don't match; try again"
+msgstr "Nezhodujú sa; skúste to znova"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Skúste to neskôr\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Pridáva sa používateľ %s do skupiny %s.\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Odstraňuje sa používateľ %s zo skupiny %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: používateľ „%s“ nie je Älenom „%s“\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Nejedná sa o tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] SKUPINA\n"
+"\n"
+"Voľby:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID pre novú skupinu použije GID\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system vytvorí systémový úÄet\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: „%s“ nie je platným názvom skupiny\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: chybný ID skupiny „%s“\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: prepínaÄ -K vyžaduje argument typu MENO=HODNOTA\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: skupina „%s“ už existuje\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID „%lu“ už existuje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: vaše používateľské meno sa nedá zistiť.\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -r, --reset vynuluje poÄítadlá chybných prihlásení\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: nie je možné odstrániť položku „%s“ z %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: nie je možné odstrniť primárnu skupinu používateľa „%s“.\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: skupina „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: skupina „%s“ je skupinou NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s je hlavným NIS serverom\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: používateľ „%s“ je Älenom „%s“\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Nedostatok pamäte. Nie je možné aktualizovať %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [operácia]\n"
+"\n"
+"Voľby:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group groupname zmeniť názov skupiny namiesto skupiny\n"
+" používateľa (iba root)\n"
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add používateľ pridaÅ¥ používateľa medzi Älenov skupiny\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete používateľ odobraÅ¥ používateľa spomedzi Älenov skupiny\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge odstrániÅ¥ vÅ¡etkých Älenov skupiny\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list vypísaÅ¥ Älenov skupiny\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: meno vašej skupiny sa nezhoduje s vašim používateľským menom\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: iba root môže používať voľbu -g/--group\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: chybné pomenovanie skupiny „%s“\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: skupina %s je NIS skupinou\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: používateľ %s je neznámy\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [súbor_so_skupinami [súbor_s_tieňovými_skupinami]]\n"
+"\n"
+"Voľby:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [súbor_so_skupinami]\n"
+"\n"
+"Voľby:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s a -r nie sú zluÄiteľné\n"
+
+msgid "invalid group file entry"
+msgstr "chybná položka v súbore so skupinami"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "zmazať riadok „%s“? "
+
+msgid "duplicate group entry"
+msgstr "v súbore so skupinami sa vyskytuje zdvojená položka"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "chybné pomenovanie skupiny „%s“\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "chybný ID skupiny „%lu“\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "skupina %s: používateľ %s neexistuje\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "zmazaÅ¥ Älena „%s“? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "neexistuje zodpovedajúca položka skupiny v súbore %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "pridať skupinu „%s“ do %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "chybná položka v súbore s tieňovými skupinami"
+
+msgid "duplicate shadow group entry"
+msgstr "v súbore s tieňovými skupinami sa vyskytuje zdvojená položka"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "tieňová skupina %s: správca %s neexistuje\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "zmazať správcu „%s“? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "tieňová skupina %s: používateľ %s neexistuje\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: súbory boli aktualizované\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: bezo zmien\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: nie je možné zmazať %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Použitie: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Použitie: id\n"
+
+msgid " groups="
+msgstr " skupiny="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -a, --all zobrazí faillog záznamy všetkých "
+"používateľov\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -a, --all zobrazí faillog záznamy všetkých "
+"používateľov\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "Používateľ Port Z Naposledy"
+
+msgid "Username Port Latest"
+msgstr "Používateľ Port Naposledy"
+
+msgid "**Never logged in**"
+msgstr "**Nebol nikdy prihlásený**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Nepodarilo sa získať položku s UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: súbor s heslami sa nedá aktualizovaťt\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Použitie: %s [-p] [meno]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h poÄítaÄ] [-f meno]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r poÄítaÄ\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Chybný Äas prihlásenia"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systém je uzavretý kvôli pravidelnej údržbe."
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Odpojenie vynechané -- používateľ root sa môže prihlásiť.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr "Žiaden utmp záznam. Musíte spustiť „login“ z najnižšej inštancie „sh“"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Uplynul Äasový limit (%u sekúnd) na prihlásenie.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "prihlásenie: Chyba PAM, ukonÄuje sa: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s prihlasovacie meno: "
+
+msgid "login: "
+msgstr "Prihlasovacie meno: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "PrekroÄený maximálny poÄet pokusov (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "prihlásenie: PAM prerušenie\n"
+
+msgid "Login incorrect"
+msgstr "Chybné prihlásenie"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: riadok %d: nedá sa nájsť používateľ %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"Prihlasovacie meno na %s: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: chybné vetvenie: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY zlyhalo na %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Upozornenie: po doÄasnom zákaze je prihlasovanie opäť povolené."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Posledné prihlásenie: %s na %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Posledné prihlásenie: %.19s na %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " z %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"Äas na prihlásenie uplynul\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Použitie: logout\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Použitie: newgrp [-] [skupina]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Použitie: sg skupina [[-c] príkaz]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: zlyhalo odstránenie %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Neplatné heslo.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: chybné vetvenie: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID „%lu“ neexistuje\n"
+
+msgid "too many groups\n"
+msgstr "príliš mnoho skupín\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: skupina „%s“ je tieňová skupina, ale neexistuje v /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: chybný ID používateľa „%s“\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: chybné používateľské meno „%s“\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: riadok %d: chybný riadok\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: záznam používateľa %s sa nedá aktualizovať (nie je v databáze passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: riadok %d: nedá sa vytvoriť používateľ\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: riadok %d: nedá sa vytvoriť skupina\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: riadok %d: používateľ „%s“ neexistuje v %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: riadok %d: heslo sa nedá aktualizovať\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: riadok %d: volanie mkdir zlyhalo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: riadok %d: volanie chown zlyhalo\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: riadok %d: položka sa nedá aktualizovať\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: nie je možné vytvoriť používateľa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: súbor s heslami sa nedá aktualizovať\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr " -a, --all zobrazí stav hesiel pre vÅ¡etky úÄty\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr " -d, --delete odstráni heslo pre zadaný úÄet\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire vynúti platnosÅ¥ hesla pre zadaný úÄet\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens zmení heslo iba v prípade vyprÅ¡ania Äasu\n"
+" jeho platnosti\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INACTIVE nastaví neplatnosÅ¥ hesla po vyprÅ¡aní Äasu\n"
+" platnosti na INACTIVE dní\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -l, --lock zablokuje zadaný úÄet\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_DNà nastaví minimálny poÄet dní pred zmenou\n"
+" hesla na MIN_DNà dní\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet struÄný režim\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr " -r, --repository REPOSITORY zmení heslo v repozitári REPOSITORY\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr " -S, --status zobrazí stav hesla pre zadaný úÄet\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr " -u, --unlock odblokuje zadaný úÄet\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays WARN_DAYS nastaví poÄet dní na upozornenie o vyprÅ¡aní\n"
+" platnosti na WARN_DAYS dní\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAX_DNà nastaví maximálny poÄet dní pred zmenou\n"
+" hesla na MAX_DNà dní\n"
+
+msgid "Old password: "
+msgstr "Staré heslo: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Zadajte nové heslo (poÄet znakov najmenej %d).\n"
+"Použijte kombináciu veľkých a malých písmen s Äíslicami.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Zadajte nové heslo (poÄet znakov v intervale %d až %d).\n"
+"Použijte kombináciu veľkých a malých písmen s Äíslicami.\n"
+
+msgid "New password: "
+msgstr "Nové heslo: "
+
+msgid "Try again."
+msgstr "Skúste to znova."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Upozornenie: slabé heslo (ak ho chcete naozaj použiť, znova ho zadajte)."
+
+msgid "They don't match; try again.\n"
+msgstr "Nezhodujú sa; skúste to znova.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Heslo pre %s sa nedá zmeniť.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Heslo pre %s sa zatiaľ nedá zmeniť.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: odomknutie používateľa by malo za následok úÄet bez hesla.\n"
+"Tento úÄet by ste mali odomknúť nastavením hesla pomocou usermod -p.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: úložisko %s nie je podporované\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s nemá oprávnenie zmeniť heslo %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Nemôžete prezerať alebo meniť informácie o hesle pre %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Mení sa heslo používateľovi %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Heslo používateľa %s nebolo zmenené.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: heslo bolo zmenené.\n"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Upozornenie o uplynutí doby platnosti hesla"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [súbor_s_heslami]\n"
+"\n"
+"Voľby:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [súbor_s_heslami [súbor_s_tieňovými_heslami]]\n"
+"\n"
+"Voľby:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "chybná položka v súbore s heslami"
+
+msgid "duplicate password entry"
+msgstr "duplikovaná položka v súbore s heslami"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "chybné používateľské meno „%s“\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "chybný ID používateľa „%lu“\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "používateľ „%s“: skupina %lu neexistuje\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "používateľ „%s“: adresár „%s“ neexistuje\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "používateľ „%s“: program „%s“ neexistuje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: súbor %s sa nedá zamknúť\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "neexistuje zodpovedajúca položka hesla v súbore %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "pridať používateľa „%s“ do %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "chybná položka v súbore s tieňovými heslami"
+
+msgid "duplicate shadow password entry"
+msgstr "duplicitná položka v súbore s tieňovými heslami"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "používateľ %s: posledná zmena hesla v budúcnosti\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: nie je možné zoradiť položdy v %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: súbor sa nedá prepísať\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: lastlog: Nepodarilo sa zmeniť režim %s na 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Z tohto úÄtu je prístup k su ZAKÃZANÃ.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Overenie hesla vynechané.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Pre overenie zadajte VAŠE vlastné heslo.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: súbor %s sa nedá zamknúť\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Použitie: su [voľby] [ÚČET]\n"
+"\n"
+"Voľby:\n"
+" -c, --command PRÃKAZ odovzdá PRÃKAZ vyvolanému shell-u\n"
+" -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+" -, -l, --login nastaví shell ako prihlasovací shell\n"
+" -m, -p,\n"
+" --preserve-environment zachová premenné prostredia a ponechá\n"
+" ten istý shell\n"
+" -s, --shell SHELL použije SHELL namiesto predvoleného v "
+"passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorujem)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Nie ste oprávnení používať su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Zadajte vaše heslo)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Autentifikácia zlyhala\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Nie ste momentálne oprávnení používať su\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "V súbore passwd nie je položka pre používateľa „root“"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: musí byť spustené z terminálu\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: chyba %d\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "lastlog: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "%s sa nedá spustiť\n"
+
+msgid "No password file"
+msgstr "Súbor s heslami neexistuje"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY zlyhalo"
+
+msgid "No password entry for 'root'"
+msgstr "V súbore passwd nie je položka pre používateľa „root“"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"StlaÄte control-d pre normálne spustenie systému,\n"
+"(alebo zadajte heslo používateľa root pre údržbu systému):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Prepnutie do režimu údržby systému"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: nedá sa vytvoriť nový súbor s predvolenými hodnotami\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: nedá sa otvoriť nový súbor s predvolenými hodnotami\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: riadok %d: volanie chown zlyhalo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: premenovať: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: skupina „%s“ je skupinou NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: bolo zadaných príliš veľa skupín (max %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] ÚČET\n"
+" %s -D\n"
+" %s -D [voľby]\n"
+"\n"
+"Voľby:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init nepridávať používateľa do databáz\n"
+" lastlog a faillog \n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group nevytvorí skupinu s rovnakým menom\n"
+" ako má používateľ\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: chybný základný adresár „%s“\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: chybný komentár „%s“\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: chybný domovský adresár „%s“\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: prepínaÄ -e vyžaduje tieňové heslá\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: prepínaÄ -f vyžaduje tieňové heslá\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: chybná položka „%s“\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: chybný shell „%s“\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: Nepodarilo sa obnoviť položku faillog s UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: Nepodarilo sa obnoviť položku lastlog s UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Vytvára sa súbor mailbox"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Nebola nájdená skupina „mail“. Používateľský mailbox súbor sa vytvára s "
+"oprávneniami 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Nastavujú sa prístupové práva súboru mailbox"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: používateľ „%s“ už existuje\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: skupina %s už existuje - ak chcete pridať tohto používateľa do tejto "
+"skupiny, použijte -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: nie je možné vytvoriť používateľa\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu nie je jedineÄný\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: sa nedá vytvoriť skupina\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: nie je možné vytvoriť používateľa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: sa nedá vytvoriť skupina\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: upozornenie: domovský adresár už existuje.\n"
+"Zo skel adresára sa tam neskopíruje žiaden súbor.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force vynúti odstránenie súborov, aj keÄ\n"
+" používateľ nie je ich vlastníkom\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove odstráni domovský adresár a súbory s poštou\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: nie je možné odstrniť primárnu skupinu používateľa „%s“.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: skupina %s sa nedá odstrániť, pretože je primárnou skupinou iného "
+"používateľa.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: nie je možné odstrániť položku „%s“ z %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: chybný domovský adresár „%s“\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: upozornenie: nemôžem odstrániť %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: vlastníkom %s nie je %s, nemažem ho\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: zlyhalo odstránenie právomocí (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "lastlog: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: nie je možné odstrániť položku „%s“ z %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: používateľ %s je NIS používateľom\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: chybný domovský adresár „%s“\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: adresár %s nebudem mazať (je to domovský adresár používateľa %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: chyba pri mazaní adresára %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment KOMENTÃR nová hodnota poľa GECOS\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home DOM_ADR nový domovský adresár pre nový "
+"používateľský\n"
+" úÄet\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate EXP_DATUM nastaví Äas vyprÅ¡ania platnosti úÄtu na\n"
+" EXP_DATUM\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive NEAKTIV zablokuje platnosť hesla po NEAKTIV dňoch\n"
+" od Äasu vyprÅ¡ania platnosti\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid SKUPINA vynúti použitie skupiny SKUPINA ako novej\n"
+" prvotnej prihlasovacej skupiny\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups SKUPINY zobrazí prídavné skupiny\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login LOGIN nová hodnota prihlasovacieho mena\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock zablokuje používateľský úÄet\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home presunie obsah domovského adresára do "
+"nového\n"
+" umiestnenia (používať iba s -d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique dovolí použitie duplicitného\n"
+" (nejedineÄného) UID\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password HESLO ako nové heslo použije zadané zašifrované\n"
+" HESLO\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID nový UID pre používateľský úÄet\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock odblokuje používateľský úÄet\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -d, --home HOME_DIR new home directory for the user account\n"
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -d, --home DOM_ADR nový domovský adresár pre nový "
+"používateľský\n"
+" úÄet\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: odomknutie používateľa by malo za následok úÄet bez hesla.\n"
+"Tento úÄet by ste mali odomknúť nastavením hesla pomocou usermod -p.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: používateľ %s už existuje v %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: chybný dátum „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: chybný dátum „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: súbor %s sa nedá otvoriť\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: prepínaÄe -L, -p a -U sa navzájom vyluÄujú\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: prepínaÄe -e a -f vyžadujú tieňové heslá\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID „%lu“ už existuje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s nemá oprávnenie zmeniť heslo %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: adresár %s už existuje\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: upozornenie: chyba pri úplnom odstraňovaní starého domovského adresára %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: adresár %s sa nedá premenovať na %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Nepodarilo sa skopírovať položku lastlog používateľa %lu používateľovi "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Nepodarilo sa skopírovať položku faillog používateľa %lu používateľovi "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: upozornenie: vlastníkom %s nie je %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "chyba pri zmene vlastníka schránky"
+
+msgid "failed to rename mailbox"
+msgstr "chyba pri premenovaní schránky"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Zmenili ste %s.\n"
+"Kvôli zachovaniu konzistentnosti budete možno musieť zmeniť %s.\n"
+"Prosím, urobte tak príkazom „%s“.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group upraví databázu skupín\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd upraví databázu passwd\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr " -s, --shadow upraví databázu shadow alebo gshadow\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: zlyhalo odstránenie %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s je bez zmien\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "chyba pri premenovaní schránky"
+
+msgid "failed to drop privileges"
+msgstr "zlyhalo odstránenie právomocí"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Súbor sa nedá zamknúť"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: zlyhalo odstránenie právomocí (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Súbor sa nedá zamknúť"
+
+msgid "Couldn't make backup"
+msgstr "Nedá sa vytvoriť záloha"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s sa nenachádza v /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Súbor so skupinami sa nedá otvoriť\n"
+
+#, fuzzy
+#| msgid "%s: failed to unlock %s\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: nepodarilo sa odmknúť %s\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "chyba pri premenovaní schránky"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "chyba pri zmene vlastníka schránky"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "chyba pri premenovaní schránky"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %s sa nedá obnoviť: %s (zmeny sú v %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: chybný základný adresár „%s“\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Použitie: vipw [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "volanie malloc(%d) zlyhalo\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: chage [voľby] používateľ\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday POSL_DEN nastaví dátum poslednej zmeny hesla na "
+#~ "POSL_DEN\n"
+#~ " -E, --expiredate EXP_DATUM nastaví dátum vyprÅ¡ania platnosti úÄtu "
+#~ "na\n"
+#~ " EXP_DATUM\n"
+#~ " -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+#~ " -I, --inactive NEAKTIV nastaví nefunkÄnosÅ¥ hesla na NEAKTIV dní\n"
+#~ " po vyprÅ¡aní platnosti úÄtu\n"
+#~ " -l, --list zobrazí Äasové údaje o úÄte\n"
+#~ " -m, --mindays MIN_DNà nastaví minimálny poÄet dní pred zmenou\n"
+#~ " hesla na MIN_DNÃ\n"
+#~ " -M, --maxdays MAX_DNà nastaví maximálny poÄet dní pred zmenou\n"
+#~ " hesla na MAX_DNÃ\n"
+#~ " -W, --warndays UPOZ_DNà nastaví upozornenie o platnosti úÄtu na "
+#~ "UPOZ_DNÃ\n"
+#~ "\n"
+
+# c-format
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM autentifikácia zlyhala\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Použitie: %s [-f celé_meno] [-r Äíslo_miestnosti] [-w "
+#~ "telefón_do_zamestnania]\n"
+#~ "\t[-h telefón_domov] [-o ostatné] [používateľ]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Použitie: %s [-f celé_meno] [-r Äíslo_miestnosti] [-w "
+#~ "telefón_do_zamestnania]\n"
+#~ "\t[-h telefón_domov]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použitie: %s [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -c, --crypt-method metóda šifrovania (jedna z %s)\n"
+#~ " -e, --encrypted zadané heslá sú zakódované\n"
+#~ " -h, --help vypíše tohto pomocníka a ukonÄí sa\n"
+#~ " -m, --md5 použije MD5 kódovanie namiesto DES, ak\n"
+#~ " zadané heslá nie sú zakódované\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: chsh [voľby] ÚČET\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+#~ " -s, --shell SHELL nový prihlasovací shell používateľského "
+#~ "úÄtu\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Použitie: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "faillog: Failed to get the entry for UID %d\n"
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: Nepodarilo sa získať položku s UID %d\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: Súbor %s sa nedá otvoriť: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Použitie: groupdel skupina\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr ""
+#~ "Použitie: %s [-r] [-s] [súbor_so_skupinami "
+#~ "[súbor_s_tieňovými_skupinami]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Použitie: %s [-r] [-s] [súbor_so_skupinami]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s a -r nie sú zluÄiteľné\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Použitie: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Použitie: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: lastlog [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -b, --before DAYS vypíše posledné prihlásenia staršie ako DAYS dní\n"
+#~ " -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+#~ " -t, --time DAYS vypíše posledné prihlásenia nie staršie ako DAYS "
+#~ "dní\n"
+#~ " -u, --user LOGIN vypíše posledné prihlásenia používateľa "
+#~ "uvedeného\n"
+#~ " ako LOGIN\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: passwd [voľby] [ÚČET]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -a, --all zobrazí stav hesiel pre vÅ¡etky úÄty\n"
+#~ " -d, --delete odstráni heslo pre zadaný úÄet\n"
+#~ " -e, --expire vynúti platnosÅ¥ hesla pre zadaný úÄet\n"
+#~ " -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+#~ " -k, --keep-tokens zmení heslo iba v prípade vyprÅ¡ania Äasu\n"
+#~ " jeho platnosti\n"
+#~ " -i, --inactive INACTIVE nastaví neplatnosť hesla po vypršaní "
+#~ "Äasu\n"
+#~ " platnosti na INACTIVE dní\n"
+#~ " -l, --lock zablokuje zadaný úÄet\n"
+#~ " -n, --mindays MIN_DNà nastaví minimálny poÄet dní pred zmenou\n"
+#~ " hesla na MIN_DNà dní\n"
+#~ " -q, --quiet struÄný režim\n"
+#~ " -r, --repository REPOSITORY zmení heslo v repozitári REPOSITORY\n"
+#~ " -S, --status zobrazí stav hesla pre zadaný úÄet\n"
+#~ " -u, --unlock odblokuje zadaný úÄet\n"
+#~ " -w, --warndays WARN_DAYS nastaví poÄet dní na upozornenie o "
+#~ "vypršaní\n"
+#~ " platnosti na WARN_DAYS dní\n"
+#~ " -x, --maxdays MAX_DNà nastaví maximálny poÄet dní pred zmenou\n"
+#~ " hesla na MAX_DNà dní\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr ""
+#~ "Použitie: %s [-q] [-r] [-s] [súbor_s_heslami "
+#~ "[súbor_s_tieňovými_heslami]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr ""
+#~ "Použitie: %s [-q] [-r] [-s] [súbor_s_heslami "
+#~ "[súbor_s_tieňovými_heslami]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Použitie: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Použitie: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id %s je neznáme.\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Žiadny shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: userdel [voľby] LOGIN\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -f, --force vynúti odstránenie súborov, aj keÄ\n"
+#~ " používateľ nie je ich vlastníkom\n"
+#~ " -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+#~ " -r, --remove odstráni domovský adresár a súbory s "
+#~ "poštou\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: používateľ %s je práve prihlásený\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: usermod [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -c, --comment COMMENT new value of the GECOS field\n"
+#~| " -d, --home HOME_DIR new home directory for the user account\n"
+#~| " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -g, --gid GROUP force use GROUP as new primary group\n"
+#~| " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~| " -a, --append append the user to the supplemental "
+#~| "GROUPS\n"
+#~| " mentioned by the -G option without "
+#~| "removing\n"
+#~| " him/her from other groups\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --login NEW_LOGIN new value of the login name\n"
+#~| " -L, --lock lock the user account\n"
+#~| " -m, --move-home move contents of the home directory to "
+#~| "the\n"
+#~| " new location (use only with -d)\n"
+#~| " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~| " -p, --password PASSWORD use encrypted password for the new "
+#~| "password\n"
+#~| " -s, --shell SHELL new login shell for the user account\n"
+#~| " -u, --uid UID new UID for the user account\n"
+#~| " -U, --unlock unlock the user account\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použitie: usermod [voľby] ÚČET\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -c, --comment KOMENTÃR nová hodnota poľa GECOS\n"
+#~ " -d, --home DOM_ADR nový domovský adresár pre nový "
+#~ "používateľský\n"
+#~ " úÄet\n"
+#~ " -e, --expiredate EXP_DATUM nastaví Äas vyprÅ¡ania platnosti úÄtu na\n"
+#~ " EXP_DATUM\n"
+#~ " -f, --inactive NEAKTIV zablokuje platnosť hesla po NEAKTIV "
+#~ "dňoch\n"
+#~ " od Äasu vyprÅ¡ania platnosti\n"
+#~ " -g, --gid SKUPINA vynúti použitie skupiny SKUPINA ako "
+#~ "novej\n"
+#~ " prvotnej prihlasovacej skupiny\n"
+#~ " -G, --groups SKUPINY zobrazí prídavné skupiny\n"
+#~ " -a, --append SKUPINA pridá používateľa do ÄalÅ¡ej skupiny\n"
+#~ " -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+#~ " -l, --login LOGIN nová hodnota prihlasovacieho mena\n"
+#~ " -L, --lock zablokuje používateľský úÄet\n"
+#~ " -m, --move-home presunie obsah domovského adresára do "
+#~ "nového\n"
+#~ " umiestnenia (používať iba s -d)\n"
+#~ " -o, --non-unique dovolí použitie duplicitného\n"
+#~ " (nejedineÄného) UID\n"
+#~ " -p, --password HESLO ako nové heslo použije zadané "
+#~ "zašifrované\n"
+#~ " HESLO\n"
+#~ " -s, --shell SHELL nový prihlasovací shell pre "
+#~ "používateľský\n"
+#~ " úÄet\n"
+#~ " -u, --uid UID nový UID pre používateľský úÄet\n"
+#~ " -U, --unlock odblokuje používateľský úÄet\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: žiadne prepínaÄe\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: vipw [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -g, --group upraví databázu skupín\n"
+#~ " -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+#~ " -p, --passwd upraví databázu passwd\n"
+#~ " -q, --quiet struÄný režim\n"
+#~ " -s, --shadow upraví databázu shadow alebo gshadow\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --add USER add USER to GROUP\n"
+#~ " -d, --delete USER remove USER from GROUP\n"
+#~ " -r, --remove-password remove the GROUP's password\n"
+#~ " -R, --restrict restrict access to GROUP to its members\n"
+#~ " -M, --members USER,... set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: %s [voľba] SKUPINA\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -a, --add POUŽ pridať POUŽ do SKUPINY\n"
+#~ " -d, --delete POUŽ odstrániť POUŽ zo SKUPINY\n"
+#~ " -r, --remove-password odstrániť heslo SKUPINY\n"
+#~ " -R, --restrict obmedziť prístup do SKUPINY iba na jej "
+#~ "Älenov\n"
+#~ " -M, --members POUŽ,... nastaviÅ¥ zoznam Älenov SKUPINY\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group groupname change groupname instead of the user's "
+#~ "group\n"
+#~ " (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ " -a, --add username add username to the members of the group\n"
+#~ " -d, --delete username remove username from the members of the "
+#~ "group\n"
+#~ " -p, --purge purge all members from the group\n"
+#~ " -l, --list list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: groupmems [voľby] [operácia]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -g, --group groupname zmeniť názov skupiny namiesto skupiny "
+#~ "používateľa\n"
+#~ " (iba root)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ " -a, --add používateľ pridaÅ¥ používateľa medzi Älenov skupiny\n"
+#~ " -d, --delete používateľ odobraÅ¥ používateľa spomedzi Älenov "
+#~ "skupiny\n"
+#~ " -p, --purge odstrániÅ¥ vÅ¡etkých Älenov skupiny\n"
+#~ " -l, --list vypísaÅ¥ Älenov skupiny\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Použitie: %s [vstup]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %s sa nedá vytvoriť\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: volanie chown pre %s zlyhalo\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: faillog [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -a, --all zobrazí faillog záznamy všetkých používateľov\n"
+#~ " -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+#~ " -l, --lock-time SEC po chybnom prihlásení zablokuje úÄet na SEC "
+#~ "sekúnd\n"
+#~ " -m, --maximum MAX nastaví maximálny poÄet chybných prihlásení na "
+#~ "MAX\n"
+#~ " -r, --reset vynuluje poÄítadlá chybných prihlásení\n"
+#~ " -t, --time DAYS zobrazí záznamy faillog nie staršie ako DAYS dní\n"
+#~ " -u, --user LOGIN zobrazí záznam faillog alebo nastaví poÄítadlá\n"
+#~ " chybných prihlásení a limitov (iba s použitím "
+#~ "volieb\n"
+#~ " -r, -m or -l) pre používateľa s loginom LOGIN\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: groupadd [voľby] SKUPINA\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -f, --force vynúti úspešnú návratovú hodnotu aj "
+#~ "napriek\n"
+#~ " existencii zadanej skupiny\n"
+#~ " -g, --gid GID pre novú skupinu použije GID\n"
+#~ " -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+#~ " -K, --key KEY=VALUE nahradí predvolené hodnoty z /etc/login."
+#~ "defs\n"
+#~ " -o, --non-unique povolí vytvorenie skupiny s duplicitným\n"
+#~ " (nejedineÄným) GID\n"
+#~ " -p, --password PASSWORD použije pre novú skupinu šifrované heslo\n"
+#~ " -r, --system vytvorí systémový úÄet\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: groupmod [voľby] SKUPINA\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -g, --gid GID pre novú skupinu použije GID\n"
+#~ " -h, --help zobrazí tohto pomocníka a ukonÄí sa\n"
+#~ " -n, --new-name NOVÃ_SKUP vynúti pre SKUPINu meno NOVÃ_SKUP\n"
+#~ " -o, --non-unique povolí vytvorenie skupiny s duplicitným\n"
+#~ " (nejedineÄným) GID\n"
+#~ " -p, --password PASSWORD nové heslo bude šifrované\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~| " home directory\n"
+#~| " -c, --comment COMMENT set the GECOS field for the new user "
+#~| "account\n"
+#~| " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~| " -D, --defaults print or save modified default useradd\n"
+#~| " configuration\n"
+#~| " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -g, --gid GROUP force use GROUP for the new user "
+#~| "account\n"
+#~| " -G, --groups GROUPS list of supplementary groups for the "
+#~| "new\n"
+#~| " user account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~| " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~| " -l, --no-log-init do not add the user to the lastlog and\n"
+#~| " faillog databases\n"
+#~| " -m, --create-home create home directory for the new user\n"
+#~| " account\n"
+#~| " -M, --no-create-home do not create user's home directory\n"
+#~| " (overrides /etc/login.defs)\n"
+#~| " -N, --no-user-group do not create a group with the same name "
+#~| "as\n"
+#~| " the user\n"
+#~| " -o, --non-unique allow create user with duplicate\n"
+#~| " (non-unique) UID\n"
+#~| " -p, --password PASSWORD use encrypted password for the new user\n"
+#~| " account\n"
+#~| " -r, --system create a system account\n"
+#~| " -s, --shell SHELL the login shell for the new user "
+#~| "account\n"
+#~| " -u, --uid UID force use the UID for the new user "
+#~| "account\n"
+#~| " -U, --user-group create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použitie: useradd [voľby] ÚČET\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -b, --base-dir ZÃKL_ADR základný adresár domovského adresára "
+#~ "nového\n"
+#~ " používateľského úÄtu\n"
+#~ " -c, --comment KOMENTÃR nastaví pole GECOS nového úÄtu\n"
+#~ " -d, --home-dir DOM_ADR domovský adresár nového úÄtu\n"
+#~ " -D, --defaults vypíše alebo nastaví predvolené "
+#~ "nastavenia\n"
+#~ " programu useradd\n"
+#~ " -e, --expiredate EXP_DATUM nastaví Äas vyprÅ¡ania platnosti úÄtu na\n"
+#~ " EXP_DATUM\n"
+#~ " -f, --inactive NEAKTIV zablokuje úÄet po NEAKTIV dňoch od Äasu\n"
+#~ " vypršania platnosti\n"
+#~ " -g, --gid SKUPINA vynúti použitie tejto skupiny pre nový "
+#~ "úÄet\n"
+#~ " -G, --groups SKUPINY zoznam Äalších skupín, do ktorých má\n"
+#~ " patriÅ¥ nový úÄet\n"
+#~ " -h, --help zobrazí tohto pomocníka a skonÄí\n"
+#~ " -k, --skel VZOR_ADR zadá alternatívny vzorový adresár\n"
+#~ " -K, --key KĽÚČ=HODNOTA nahradí predvolené nastavenia /etc/login."
+#~ "defs\n"
+#~ " -l, --no-log-init nepridávať používateľa do databáz\n"
+#~ " lastlog a faillog \n"
+#~ " -m, --create-home vytvorí domovský adresár pre nový\n"
+#~ " používateľský úÄet\n"
+#~ " -N, --no-user-group nevytvorí skupinu s rovnakým menom\n"
+#~ " ako má používateľ\n"
+#~ " -o, --non-unique povolí vytvorenie používateľa s "
+#~ "duplicitným\n"
+#~ " (nejedineÄným) UID\n"
+#~ " -p, --password HESLO pre nový úÄet použije zadané zaÅ¡ifrované\n"
+#~ " heslo\n"
+#~ " -r, --system vytvorí systémový úÄet\n"
+#~ " -s, --shell SHELL prihlasovací shell nového úÄtu\n"
+#~ " -u, --uid UID vynúti použitie tohto UID pre nový úÄet\n"
+#~ " -U, --user-group vytvorí skupinu s rovnakým menom\n"
+#~ " ako má používateľ\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -r, --system create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použitie: %s [voľby] [vstup]\n"
+#~ "\n"
+#~ " -c, --crypt-method metóda šifrovania (jedna z %s)\n"
+#~ " -r, --system vytorí systémové úÄty\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Uplynula platnosť vášho hesla."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá otvoriť\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá otvoriť\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá prepísať\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá prepísať\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá aktualizovať\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tCelé meno: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tČíslo miestnosti: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelefón do zamestnania: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelefón domov: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Nedá sa zamknúť súbor s heslami; skúste to neskôr.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Súbor s heslami sa nedá otvoriť.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Chyba pri aktualizácii záznamu hesla.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Nedajú sa vykonať zmeny v súbore s heslami.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Súbor s heslami sa nedá odomknúť.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: súbor s tieňovými heslami skupín sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá otvoriť\n"
+
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: chyba pri aktualizácii súboru gshadow\n"
+
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: chyba pri aktualizácii súboru so skupinami\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: riadok %d: skupina %s je neznáma\n"
+
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: riadok %d: sa nedá aktualizovať položka súboru so skupinami\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: chyba pri aktualizácii súboru s tieňovými heslami\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: chyba pri aktualizácii súboru s heslami\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: riadok %d: používateľ %s je neznámy\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: riadok %d: záznam hesla sa nedá aktualizovať\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: neznámy používateľ\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Používateľ %s je neznámy.\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Použitie: %s [-r|-R] skupina\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a používateľ] skupina\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d používateľ] skupina\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A používateľ,...] [-M používateľ,...] skupina\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M používateľ,...] skupina\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: nedá sa získať zámok\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: nedá sa získať zámok pre súbor s tieňovými heslami\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: nedá sa otvoriť súbor\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá prepísať\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: súbor sa nedá odomknúť\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: položka sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: položka súboru s tieňovými heslami sa nedá aktualizovať\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "skupina %s je neznáma\n"
+
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: nedá sa zatvoriť súbor\n"
+
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá zatvoriť\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Kto ste?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: Älen %s je neznámy\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: chyba pri pridávaní položky do súboru so skupinami\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá prepísať\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá prepísať\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá zamknúť\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá zamknúť\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u nie je jedineÄný\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: chyba pri odstraňovaní položky zo súboru so skupinami\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr ""
+#~ "%s: chyba pri odstraňovaní položky zo súboru s tieňovými skupinami\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: primárna skupina používateľa sa nedá odstrániť\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Nebolo možné nájsÅ¥ Älena, ktorého chcete odstrániÅ¥\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Použitie: groupmems -a používateľ | -d používateľ | -D | -l [-g skupina]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Iba root môže pridávať používateľov do rôznych skupín\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Vyžaduje sa prístup pre skupinu\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Nie ste primárnym vlastníkom aktuálnej skupiny\n"
+
+# c-format
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "zlyhalo overenie PAM\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Súbor so skupinami sa nedá zamknúť\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Súbor so skupinami sa nedá zatvoriť\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s sa nenachádza v /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: GID %u nie je jedineÄný\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: meno %s nie je jedineÄné\n"
+
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: súbor passwd sa nedá prepísať\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá otvoriť\n"
+
+#~ msgid ""
+#~ "%s: cannot change the primary group of user '%s' from %u to %u, since it "
+#~ "is not in the passwd file.\n"
+#~ msgstr ""
+#~ "%s: nie je možné zmeniť primárnu skupinu používateľa „%s“ z %u na %u, "
+#~ "pretože nie je v súbore passwd.\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: položka %s súboru s tieňovými heslami sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: položka skupiny %s sa nedá odstrániť\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: položka tieňovej skupiny %s sa nedá odstrániť\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými heslami skupín sa nedá zmazať\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "neznámy UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "neznámy GID %lu\n"
+
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: ID skupiny „%s“ nie je platn7\n"
+
+#~ msgid ""
+#~ "%s: group %s created, failure during the creation of the corresponding "
+#~ "gshadow group\n"
+#~ msgstr ""
+#~ "%s: skupina %s bola vytvorená, zlyhalo vytvorenie zodpovedajúcej skupiny "
+#~ "gshadow\n"
+
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: ID používateľa „%s“ nie je platný\n"
+
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: chybné používateľské meno „%s“\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: súbor /etc/passwd sa nedá zamknúť\n"
+
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: súbor /etc/passwd sa nedá zamknúť\n"
+
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: súbor /etc/group sa nedá zamknúť\n"
+
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: súbor /etc/gshadow sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: súbory sa nedajú otvoriť\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: chyba pri aktualizácii súborov\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr ""
+#~ "%s: položka súboru s heslami pre používateľe %s sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: súbor s heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: súbor s heslami sa nedá otvoriť\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: položka súboru s heslami pre používateľe %s sa nedá odstrániť\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: súbor s heslami sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: položka pre používateľa %s sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: nemôžete zmazať súbor s tieňovými heslami\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: neznámy GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: neznáma skupina %s\n"
+
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr ""
+#~ "%s: Nedostatok pamäti. Nie je možné aktualizovať databázu tieňových "
+#~ "skupín.\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá prepísať\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá prepísať\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá otvoriť\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: chyba pri zamykaní súboru so skupinami\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: chyba pri otváraní súboru so skupinami\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: chyba pri zamykaní súboru s tieňovými heslami\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: chyba pri otváraní súboru s tieňovými heslami\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: chyba pri vytváraní novej položky v súbore s heslami\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr ""
+#~ "%s: chyba pri vytváraní novej položky v súbore s tieňovými heslami\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: varovanie: CREATE_HOME nie je podporované, použijte prepínaÄ -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: položka súboru so skupinami sa nedá aktualizovať\n"
+
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: chyba pri aktualizácii záznamu súboru so skupinami\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: chyba pri odstraňovaní položky zo súboru s heslami\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: chyba pri odstraňovaní položky zo súboru s tieňovými heslami\n"
+
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: chyba pri pridávaní položky do súboru so skupinami\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s uid %lu nie je jedineÄný\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: chyba pri zmene položky v súbore s heslami\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: chyba pri odstraňovaní položky zo súboru s heslami\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: chyba pri odstraňovaní položky zo súboru s tieňovými heslami\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: nedá sa vytvoriÅ¥ jedineÄný GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " na '%.100s' z '%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " na '%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: riadok %d: nedá sa vytvoriť UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: meno %s nie je jedineÄné\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: chgpasswd [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ " -e, --encrypted\tzadané heslá sú zakódované\n"
+#~ " -h, --help\t\tvypíše túto nápovedu a ukonÄí sa\n"
+#~ " -m, --md5\t\tpoužije MD5 kódovanie namiesto DES, ak zadané\n"
+#~ "\t\t\theslá nie sú zakódované\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Súbor s heslami neexistuje\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Ľutujem.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Ľutujem, ale heslo pre %s sa ešte nedá zmeniť.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Ľutujem."
diff --git a/po/sq.po b/po/sq.po
new file mode 100644
index 0000000..e71064e
--- /dev/null
+++ b/po/sq.po
@@ -0,0 +1,2365 @@
+# Albanian translation of shadow.
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# Elian Myftiu <elian@lycos.com>, 2004.
+#
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.3\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2004-11-20 03:28+0100\n"
+"Last-Translator: Elian Myftiu <pinguini AT fastwebnet DOT it>\n"
+"Language-Team: Albanian <gnome-albanian-perkthyesit@lists.sourceforge.net>\n"
+"Language: sq\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr ""
+
+#, c-format
+msgid "%s's Password: "
+msgstr ""
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Kujdes: ka shumë grupe\n"
+
+msgid "Your password has expired."
+msgstr "Fjalëkalimi yt ka skaduar."
+
+msgid "Your password is inactive."
+msgstr "Fjalëkalimi yt nuk është aktiv."
+
+msgid "Your login has expired."
+msgstr "Login-i yt ka skaduar."
+
+msgid " Contact the system administrator."
+msgstr " Kontakto administratorin e sistemit."
+
+msgid " Choose a new password."
+msgstr " Zgjidh një fjalëkalim të ri."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr ""
+
+#, fuzzy
+msgid "Your password will expire tomorrow."
+msgstr "Fjalëkalimi yt ka skaduar."
+
+#, fuzzy
+msgid "Your password will expire today."
+msgstr "Fjalëkalimi yt ka skaduar."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: "
+msgstr ""
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr ""
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+msgstr[1] ""
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+
+msgid "Too many logins.\n"
+msgstr ""
+
+msgid "You have new mail."
+msgstr ""
+
+msgid "No mail."
+msgstr ""
+
+msgid "You have mail."
+msgstr ""
+
+msgid "no change"
+msgstr ""
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr ""
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr ""
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr ""
+
+#, fuzzy
+msgid "passwd: password unchanged\n"
+msgstr "Fjalëkalimi yt ka skaduar."
+
+msgid "passwd: password updated successfully\n"
+msgstr ""
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr ""
+
+msgid "No directory, logging in with HOME=/"
+msgstr ""
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr ""
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr ""
+
+msgid "Unable to determine your tty name."
+msgstr ""
+
+msgid "No"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+
+msgid "Minimum Password Age"
+msgstr ""
+
+msgid "Maximum Password Age"
+msgstr ""
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr ""
+
+msgid "Password Expiration Warning"
+msgstr ""
+
+msgid "Password Inactive"
+msgstr ""
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr ""
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr ""
+
+msgid "never"
+msgstr ""
+
+msgid "password must be changed"
+msgstr ""
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr ""
+
+#, fuzzy
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Fjalëkalimi yt nuk është aktiv."
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr ""
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: PAM: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot open %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr ""
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr ""
+
+msgid "Room Number"
+msgstr ""
+
+msgid "Work Phone"
+msgstr ""
+
+msgid "Home Phone"
+msgstr ""
+
+msgid "Other"
+msgstr ""
+
+msgid "Cannot change ID to root.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr ""
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr ""
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr ""
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr ""
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr ""
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr ""
+
+#, c-format
+msgid " [%lus left]"
+msgstr ""
+
+#, c-format
+msgid " [%lds lock]"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+
+msgid "The options cannot be combined.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr ""
+
+msgid "New Password: "
+msgstr ""
+
+msgid "Re-enter new password: "
+msgstr ""
+
+msgid "They don't match; try again"
+msgstr ""
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr ""
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr ""
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr ""
+
+msgid "invalid group file entry"
+msgstr ""
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr ""
+
+#, fuzzy
+msgid "duplicate group entry"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr ""
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr ""
+
+msgid "duplicate shadow group entry"
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr ""
+
+msgid "Usage: id\n"
+msgstr ""
+
+msgid " groups="
+msgstr ""
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr ""
+
+msgid "Username Port Latest"
+msgstr ""
+
+msgid "**Never logged in**"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr ""
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr ""
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr ""
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s login: "
+msgstr ""
+
+msgid "login: "
+msgstr ""
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr ""
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr ""
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr ""
+
+#, c-format
+msgid " from %.*s"
+msgstr ""
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+msgid "Usage: logoutd\n"
+msgstr ""
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr ""
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr " Zgjidh një fjalëkalim të ri.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr ""
+
+msgid "too many groups\n"
+msgstr ""
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+msgid "New password: "
+msgstr ""
+
+msgid "Try again."
+msgstr ""
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+
+msgid "They don't match; try again.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: password changed.\n"
+msgstr "Fjalëkalimi yt ka skaduar."
+
+#, fuzzy, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "Fjalëkalimi yt ka skaduar."
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid password file entry"
+msgstr " Zgjidh një fjalëkalim të ri.\n"
+
+msgid "duplicate password entry"
+msgstr ""
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr ""
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr ""
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr ""
+
+msgid "duplicate shadow password entry"
+msgstr ""
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr ""
+
+msgid "Password authentication bypassed.\n"
+msgstr ""
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr ""
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr ""
+
+msgid "(Enter your own password)"
+msgstr ""
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr ""
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr ""
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "Cannot execute %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy
+msgid "No password file"
+msgstr "Fjalëkalimi yt ka skaduar."
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr ""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+
+msgid "Entering System Maintenance Mode"
+msgstr ""
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr ""
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr ""
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: no options\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr ""
+
+msgid "failed to change mailbox owner"
+msgstr ""
+
+msgid "failed to rename mailbox"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "Fjalëkalimi yt ka skaduar."
+
+msgid "failed to create scratch directory"
+msgstr ""
+
+msgid "failed to drop privileges"
+msgstr ""
+
+msgid "Couldn't get file context"
+msgstr ""
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr ""
+
+msgid "Couldn't make backup"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr ""
+
+msgid "failed to unlink scratch file"
+msgstr ""
+
+msgid "failed to stat edited file"
+msgstr ""
+
+msgid "failed to allocate memory"
+msgstr ""
+
+msgid "failed to create backup file"
+msgstr ""
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "Fjalëkalimi yt ka skaduar."
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "Kujdes: grup i panjohur %s\n"
diff --git a/po/stats b/po/stats
new file mode 100644
index 0000000..386d765
--- /dev/null
+++ b/po/stats
@@ -0,0 +1,20 @@
+#!/bin/sh
+export LANG=C
+echo "language translated fuzzy untranslated"
+echo "-----------------------------------------"
+for i in $(cat LINGUAS | xargs); do
+ echo -n " $i "
+ msgfmt -c --statistics -o /dev/null $i.po 2>&1 |
+ awk -v LNG="$1" '{
+ gsub(/ untranslated/, "");
+ gsub(/ translated/, "");
+ gsub(/ messages/, "");
+ gsub(/ message/, "");
+ gsub(/ translations/, "");
+ gsub(/ translation/, "");
+ gsub(/ fuzzy/, "");
+ gsub(/[.,]/, "");
+ {printf "%8s %8s %8s\n", $1, $2, $3}
+ }'
+done
+echo "-----------------------------------------"
diff --git a/po/sv.po b/po/sv.po
new file mode 100644
index 0000000..4be82ba
--- /dev/null
+++ b/po/sv.po
@@ -0,0 +1,3073 @@
+# Swedish translation of shadow.
+# Copyright (C) 2006, 2008, 2011 Free Software Foundation, Inc.
+# This file is distributed under the same license as the shadow package.
+# Daniel Nylander <po@danielnylander.se>, 2006, 2008, 2011.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.1\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2011-11-25 22:08+0100\n"
+"Last-Translator: Daniel Nylander <yeager@ubuntu.com>\n"
+"Language-Team: Swedish <debian-l10n-swedish@lists.debian.org>\n"
+"Language: sv\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=n != 1;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Flera poster med namnet \"%s\" finns i %s. Rätta till detta med pwck eller "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "krypteringsmetoden stöds inte av libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "konfigurationsfel - kan inte tolka %s-värde: \"%s\""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Kunde inte allokera plats för konfigurationsinformationen.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "konfigurationsfel - okänd post \"%s\" (informera administratören)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Lösenord: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s lösenord: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Kunde inte allokera plats för konfigurationsinformationen.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Ändrar åldersinformationen för %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Kan inte fastställa ditt användarnamn.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot fork user shell\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: Kan inte grena användarskal\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: slut på minne\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: Kan inte ta status på %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s är varken en katalog eller symbolisk länk.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Kan inte läsa symboliska länken %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Misstänkt lång symbolisk länk: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Kan inte skapa katalogen %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Kan inte byta ägare för %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Kan inte ändra rättigheter för %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Kan inte ta bort katalogen %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Kan inte byta namn på %s till %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Kan inte ta bort %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Kan inte skapa symboliska länken %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Kan inte byta ägare för %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Kan inte lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Varning, användaren %s har ingen tcb shadow-fil.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Nödläge: tcb shadow för %s är inte en vanlig fil med st_nlink=1.\n"
+"Kontot lämnas kvar som låst.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Kan inte öppna %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Varning: okänd grupp %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Varning: för många grupper\n"
+
+msgid "Your password has expired."
+msgstr "Ditt lösenord har upphört att gälla."
+
+msgid "Your password is inactive."
+msgstr "Ditt lösenord är inaktivt."
+
+msgid "Your login has expired."
+msgstr "Ditt inloggningskonto har upphört att gälla."
+
+msgid " Contact the system administrator."
+msgstr " Kontakta systemadministratören."
+
+msgid " Choose a new password."
+msgstr " Välj ett nytt lösenord."
+
+msgid "You must change your password."
+msgstr "Du måste ändra ditt lösenord."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Ditt lösenord upphör att gälla om %ld dagar.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Ditt lösenord upphör att gälla imorgon."
+
+msgid "Your password will expire today."
+msgstr "Ditt lösenord upphör att gälla idag."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Kunde inte ändra ägare eller rättigheter för tty standard in: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: misslyckades med att låsa upp %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Överskott av miljövariabler\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Du får inte ändra $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d misslyckade sedan förra inloggningen\n"
+"Senast var %s den %s.\n"
+msgstr[1] ""
+"%d misslyckanden sedan förra inloggningen\n"
+"Senast var %s den %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Ogiltig konfiguration: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ogiltig konfiguration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: misslyckades att allokera minne: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: Kan inte få unikt system GID (inga fler tillgängliga GID)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Kan inte få unik GID (inga fler tillgängliga GID)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Ogiltig konfiguration: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ogiltig konfiguration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: Kan inte få unikt system UID (inga fler tillgängliga UID)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Kan inte få unikt UID (inga fler tillgängliga UID)\n"
+
+msgid "Too many logins.\n"
+msgstr "För många inloggningsförsök.\n"
+
+msgid "You have new mail."
+msgstr "Du har ny post."
+
+msgid "No mail."
+msgstr "Ingen post."
+
+msgid "You have mail."
+msgstr "Du har post."
+
+msgid "no change"
+msgstr "ingen ändring"
+
+msgid "a palindrome"
+msgstr "en palindrom"
+
+msgid "case changes only"
+msgstr "endast ändring av gemener/versaler"
+
+msgid "too similar"
+msgstr "för likt"
+
+msgid "too simple"
+msgstr "för enkelt"
+
+msgid "rotated"
+msgstr "roterat"
+
+msgid "too short"
+msgstr "för kort"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Felaktigt lösenord: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() misslyckades, fel %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: lösenordet är oförändrat\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: uppdatering av lösenord lyckades\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Felaktigt lösenord för %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: misslyckades med att kasta rättigheterna (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: ogiltigt telefonnummer (hem): \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: Kan inte skapa katalogen %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: Kan inte skapa katalogen %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to create tcb directory for %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: Misslyckades med att skapa tcb-katalog för %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Ogiltigt värde för ENCRYPT_METHOD: \"%s\".\n"
+"Faller tillbaka på DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Kunde inte byta katalog till \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Ingen katalog, loggar in med HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Kunde inte starta %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Felaktig rotkatalog \"%s\"\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Kan inte ändra rotkatalog till \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Kunde inte fastställa ditt tty-namn."
+
+msgid "No"
+msgstr "Nej"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] INLOGGNINGSNAMN\n"
+"\n"
+"Flaggor:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday SISTA_DAG ställ in datum för sista lösenordsändring "
+"till SISTA_DAG\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate UTGÅNGSDATUM ställ in kontots utgångsdatum till "
+"UTGÃ…NGSDATUM\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+" -h, --help visa detta hjälpmeddelande och avsluta\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INAKTIV ställ in lösenordet till inaktivt efter "
+"utgång\n"
+" till INAKTIV\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr " -l, --list visa åldringsinformation om kontot\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays MIN_DAGAR ställ in minimum antal dagar innan "
+"lösenords-\n"
+" ändring till MIN_DAGAR\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays MAX_DAGAR ställ in maximalt antal dagar innan "
+"lösenords-\n"
+" ändring till MAX_DAGAR\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays VARN_DAGAR ställ in dagar för utgångsvarning till "
+"VARN_DAGAR\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Ange det nya värdet eller tryck ENTER för standardvärdet"
+
+msgid "Minimum Password Age"
+msgstr "Minimum lösenordsålder"
+
+msgid "Maximum Password Age"
+msgstr "Maximum lösenordsålder"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Senaste lösenordsändringen (ÅÅÅÅ-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Utlöpsvarning för lösenord"
+
+msgid "Password Inactive"
+msgstr "Lösenordet inaktivt"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Utlöpsdatum för kontot (ÅÅÅÅ-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Senaste lösenordsändringen\t\t\t\t: "
+
+msgid "never"
+msgstr "aldrig"
+
+msgid "password must be changed"
+msgstr "lösenordet måste ändras"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Lösenordet löper ut\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Lösenordet inaktivt\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Kontot löper ut\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimum antal dagar mellan lösenordsändringar\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maximum antal dagar mellan lösenordsändringar\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Antal dagar med varningar före lösenordet löper ut\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ogiltigt datum \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ogiltigt numeriskt argument \"%s\"\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: inkludera inte \"l\" med andra flaggor\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Ã…tkomst nekad.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Kan inte fastställa ditt användarnamn.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: kan inte låsa %s; försök igen senare.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: kan inte öppna %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: fel vid skrivning av ändringar till %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: skugglösenordsfilen finns inte\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: användaren \"%s\" finns inte i %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Ändrar åldersinformationen för %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: fel vid ändring av fält\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [INLOGGNINGSNAMN]\n"
+"\n"
+"Flaggor:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+" -u, --help visa detta hjälpmeddelande och avsluta\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Helt namn"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Rumsnummer"
+
+msgid "Work Phone"
+msgstr "Telefonnummer (arbete)"
+
+msgid "Home Phone"
+msgstr "Telefonnummer (hem)"
+
+msgid "Other"
+msgstr "Övrigt"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Kan inte ändra ID till root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: namn med icke-ASCII-tecken: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ogiltigt namn: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: rumsnummer med icke-ASCII-tecken: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: ogiltigt rumsnummer: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: ogiltigt telefonnummer (arbete): \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: ogiltigt telefonnummer (hem): \"%s\"\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" innehåller icke-ASCII-tecken\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" innehåller ogiltiga tecken\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: användaren \"%s\" finns inte\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: kan inte ändra användare \"%s\" på en NIS-klient.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: \"%s\" är NIS-master för denna klient.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Ändrar användarinformationen för %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: fälten för långa\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor]\n"
+"\n"
+"Flaggor:\n"
+
+#, fuzzy, c-format
+#| msgid " -c, --crypt-method <METHOD> the crypt method (one of %s)\n"
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method <METOD> krypteringsmetoden (en av %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr " -e, --encrypted angivna lösenord är krypterade\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 kryptera klartextlösenordet med\n"
+" MD5-algoritmen\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds antal SHA-rundor för SHA*-\n"
+" krypteringsalgoritmerna\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: flaggan %s tillåts endast med flaggan %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: flaggorna -c, -e och -m är uteslutande\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: krypteringsmetoden stöds inte: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: rad %d: raden för lång\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: rad %d: saknar nytt lösenord\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: misslyckades med att ta bort %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: rad %d: gruppen \"%s\" finns inte\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: rad %d: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: ett fel upptäcktes, ändringar ignorerade\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (rad %d, användare %s) lösenordet har inte ändrats\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: rad %d: användaren \"%s\" finns inte\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell SHELL nytt inloggningsskal för användarkontot\n"
+
+msgid "Login Shell"
+msgstr "Inloggningsskal"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Du får inte ändra skalet för \"%s\".\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Ändrar inloggningsskal för %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Ogiltig post: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s är ett ogiltigt skal\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Varning: %s finns inte\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Varning: %s är inte en körbar fil\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: flaggorna %s och %s står i konflikt\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: oväntat argument: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all visa faillog-poster för alla användare\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs S efter misslyckad inloggning lås kontot i S "
+"sekunder\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum MAX ställ in maximalt antal misslyckade "
+"inloggningar till MAX\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset nollställd räknarna för inloggningsfel\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Misslyckades med att få posten för UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Användare Fel Max Senaste På\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus kvar]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds låsta]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Misslyckades med att ställa in låstid för UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Misslyckades med att ställa in max för UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Misslyckades med att ställa in låstid för UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Okänd användare eller intervall: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Kan inte få storleken för %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: misslyckades med att ta bort %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flagga] GRUPP\n"
+"\n"
+"Flaggor:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add ANVÄNDARE lägg till ANVÄNDARE till GRUPP\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete ANVÄNDARE ta bort ANVÄNDARE från GRUPP\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password ta bort GRUPPens lösenord\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict begränsa åtkomst till GRUPP till dess "
+"medlemmar\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+" -M, --members ANVÄNDARE,... ställ in listan för medlemmar av GRUPP\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators ADMIN,...\n"
+" ställ in listan för administratörer för "
+"GRUPP\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Förutom för flaggorna -A och -M, flaggorna kan inte kombineras.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Flaggorna kan inte kombineras.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: lösenord för skuggrupper krävs för -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: gruppen \"%s\" finns inte i %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: fel vid stängning av skrivskyddad %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Ändrar lösenordet för gruppen %s\n"
+
+msgid "New Password: "
+msgstr "Nytt lösenord: "
+
+msgid "Re-enter new password: "
+msgstr "Ange nytt lösenord igen: "
+
+msgid "They don't match; try again"
+msgstr "De stämde inte överens, försök igen"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Försök igen senare\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Lägger till användaren %s till gruppen %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Ta bort användaren %s från gruppen %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: användaren \"%s\" är inte en medlem av \"%s\"\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Inte en tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] GRUPP\n"
+"\n"
+"Flaggor:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force avsluta normalt om gruppen redan finns,\n"
+" och avbryt -g om GID redan används\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID använd GID för den nya gruppen\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key NYCKEL=VÄRDE åsidosätt standardvärden i /etc/login.defs\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique tillåt att skapa grupper med dubletta\n"
+" (icke-unika) GID\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password LÖSENORD använd detta krypterade lösenord för nya "
+"gruppen\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system skapa ett systemkonto\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: \"%s\" är inte ett giltigt gruppnamn\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ogiltigt grupp-id \"%s\"\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K kräver KEY=VÄRDE\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: gruppen \"%s\" finns redan\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID \"%lu\" finns redan\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Kan inte fastställa ditt användarnamn.\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -r, --reset nollställd räknarna för inloggningsfel\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: kan inte ta bort posten \"%s\" från %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: kan inte ta bort primära gruppen för användaren \"%s\"\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: gruppen \"%s\" finns inte\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: gruppen \"%s\" är en NIS-grupp\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s är NIS master\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: användaren \"%s\" är redan medlem av \"%s\"\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Slut på minne. Kan inte uppdatera %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [åtgärd]\n"
+"\n"
+"Flaggor:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group gruppnamn ändra gruppnamn istället för användarens "
+"grupp\n"
+" (endast root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Åtgärder:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+" -a, --add användarnamn lägg till användarnamn till medlemmarna av "
+"gruppen\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+" -d, --delete användarnamn ta bort användarnamn från medlemmarna av "
+"gruppen\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge ta bort alla medlemmar från gruppen\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list lista medlemmarna av gruppen\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: ditt gruppnamn matchar inte ditt användarnamn\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: endast root kan använda flaggan -g/--group\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID ändra grupp-id till GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name NY_GRUPP ändra namnet till NY_GRUPP\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique tillåt användning av dubletta (icke-unika) "
+"GID\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password LÖSENORD ändra lösenordet till detta (krypterade)\n"
+" LÖSENORD\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: ogiltigt gruppnamn \"%s\"\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: gruppen %s är en NIS-grupp\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: okänd användare %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [grupp [gshadow]]\n"
+"\n"
+"Flaggor:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [grupp]\n"
+"\n"
+"Flaggor:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s och -r är inkompatibla\n"
+
+msgid "invalid group file entry"
+msgstr "ogiltig post i gruppfil"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "ta bort rad \"%s\"? "
+
+msgid "duplicate group entry"
+msgstr "dubblerade grupposter"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ogiltigt gruppnamn \"%s\"\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ogiltigt grupp-id \"%lu\"\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupp %s: ingen användare %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "ta bort medlem \"%s\"? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "ingen matchande gruppfilspost i %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "lägg till gruppen \"%s\" i %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"gruppen %s har en post i %s, men dess lösenordsfält i %s är inte inställt "
+"till \"x\"\n"
+
+msgid "invalid shadow group file entry"
+msgstr "ogiltig post i fil för skuggrupper"
+
+msgid "duplicate shadow group entry"
+msgstr "duplikata poster i skuggrupp"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "skuggrupp %s: ingen administrativ användare %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "ta bort administrativ medlem \"%s\"? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "skuggrupp %s: ingen användare %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: filerna har uppdaterats\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: inga ändringar\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: kan inte ta bort %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Usage: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Användning: id\n"
+
+msgid " groups="
+msgstr " grupper="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before DAGAR skriv endast ut lastlog information äldre "
+"än\n"
+" DAGAR\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -a, --all visa faillog-poster för alla användare\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -a, --all visa faillog-poster för alla användare\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time DAGAR skriv endast ut lastlog information senare "
+"än\n"
+" DAGAR\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user LOGIN skriv ut lastlog information för användare\n"
+" angiven med LOGIN\n"
+
+msgid "Username Port From Latest"
+msgstr "Användarnamn Port Från Senast"
+
+msgid "Username Port Latest"
+msgstr "Användarnamn Port Senast"
+
+msgid "**Never logged in**"
+msgstr "**Aldrig varit inloggad**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Misslyckades med att få posten för UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: Misslyckades med att få posten för UID %lu\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Användning: %s [-p] [namn]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h värd] [-f namn]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r värd\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "konfigurationsfel - kan inte tolka %s-värde: \"%d\""
+
+msgid "Invalid login time"
+msgstr "Ogiltig inloggningstid"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systemet nedstängt för rutinmässigt underhåll"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Nedkoppling kringgådd -- rootinloggning tillåten.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Kan inte fungera utan en användbar root\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr "Ingen utmp post. Du måste köra \"login\" från den lägsta nivån \"sh\""
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Inloggningen översteg tidsgränsen efter %u sekunder.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM misslyckades, avbryter: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s inloggning: "
+
+msgid "login: "
+msgstr "inloggning: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maximalt antal försök har överstigits (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: avbryt begärdes av PAM\n"
+
+msgid "Login incorrect"
+msgstr "Inloggning misslyckad"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot fork user shell\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: Kan inte grena användarskal\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s inloggning: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fel vid processdelning: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY misslyckades på %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Varning: inloggning återaktiverad efter temporär nedstängning."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Senast inloggad: %s på %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Senast inloggad: %.19s på %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " från %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"inloggningstid överskriden\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Användning: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Användning: newgrp [-] [grupp]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Användning: sg grupp [[-c] kommando]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: misslyckades med att ta bort %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Ogiltigt lösenord.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fel vid processgrening: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID \"%lu\" finns inte\n"
+
+msgid "too many groups\n"
+msgstr "för många grupper\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system skapa systemkonton\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: gruppen \"%s\" är en skuggrupp men den finns inte i /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ogiltigt användar-id \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: ogiltigt användarnamn \"%s\"\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: rad %d: ogiltig rad\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: kan inte uppdatera posten för användaren %s (finns inte i passwd-"
+"databasen)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: rad %d: kan inte skapa användare\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: rad %d: kan inte skapa grupp\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: rad %d: användaren \"%s\" finns inte i %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: rad %d: kan inte uppdatera lösenord\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: rad %d: mkdir %s misslyckades: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: rad %d: chown %s misslyckades: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: rad %d: kan inte uppdatera post\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: kan inte skapa användare\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: kan inte skapa grupp\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all rapportera lösenordsstatus för alla konton\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr " -d, --delete ta bort lösenordet för angivet konto\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire tvinga utgång för lösenordet för det angivna "
+"kontot\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr " -k, --keep-tokens ändra lösenord endast om utgånget\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INAKTIV ställ in lösenordet som inaktivt efter "
+"utgång\n"
+" till INAKTIV\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+" -l, --lock lås lösenordet för det angivna kontot\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_DAGAR ställ in minsta antal dagar innan "
+"lösenords-\n"
+" ändring till MIN_DAGAR\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet tyst läge\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr " -r, --repository FÖRRÅD ändra lösenord i förrådet FÖRRÅD\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status rapportera lösenordsstatus för det angivna "
+"kontot\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+" -u, --unlock lås upp lösenordet för det angivna kontot\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays VARN_DAGAR ställ in dagar för utgångsvarning till "
+"VARN_DAGAR\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAX_DAGAR ställ in maximalt antal dagar innan "
+"lösenords-\n"
+" ändring till MAX_DAGAR\n"
+
+msgid "Old password: "
+msgstr "Gammalt lösenord: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Ange det nya lösenordet (minimum %d tecken)\n"
+"Använd en kombination av stora och små bokstäver samt siffror.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Ange det nya lösenordet (minimum %d, maximum %d tecken)\n"
+"Använd en kombination av gemener, versaler och siffror.\n"
+
+msgid "New password: "
+msgstr "Nytt lösenord: "
+
+msgid "Try again."
+msgstr "Försök igen."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Varning: svagt lösenord (ange det igen för att använda det ändå)."
+
+msgid "They don't match; try again.\n"
+msgstr "De stämde inte, försök igen.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Lösenordet för %s kan inte ändras.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Lösenordet för %s kan inte ändras ännu.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: upplåsning av lösenordet kommer att resultera i ett konto utan "
+"lösenord.\n"
+"Du bör ange ett lösenord med usermod -p för att låsa upp lösenordet för "
+"detta konto.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: repository %s stöds inte\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s är inte behörig att ändra lösenordet för %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Du kan inte visa eller modifiera lösenordsinformationen för %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Ändrar lösenord för %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Lösenordet för %s är oförändrat.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: lösenordet ändrades.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: information om lösenordets utgång har ändrats.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [lösenord]\n"
+"\n"
+"Flaggor:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [lösenord [skugga]]\n"
+"\n"
+"Flaggor:\n"
+
+#, fuzzy
+#| msgid " -q, --quiet quiet mode\n"
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet tyst läge\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr "%s: ingen alternativ shadow-fil tillåts när USE_TCB är aktiverad.\n"
+
+msgid "invalid password file entry"
+msgstr "ogiltig post i lösenordsfil"
+
+msgid "duplicate password entry"
+msgstr "duplikata lösenordsposter"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ogiltigt användarnamn \"%s\"\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "ogiltigt användar-id \"%lu\"\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "användare \"%s\": ingen grupp %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "användare \"%s\": katalogen \"%s\" finns inte\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "användare \"%s\": programmet \"%s\" finns inte\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "ingen tcb-katalog för %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "skapa tcb-katalog för %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "misslyckades med att skapa tcb-katalog för %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: kan inte låsa %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "ingen matchande lösenordfilpost i %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "lägg till grupp \"%s\" i %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"användaren %s har en post i %s, men dess lösenordsfält i %s är inte inställt "
+"till \"x\"\n"
+
+msgid "invalid shadow password file entry"
+msgstr "ogiltig post i skugglösenordsfil"
+
+msgid "duplicate shadow password entry"
+msgstr "duplikat post för skugglösenord"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "användare %s: senaste lösenordsändringen i framtiden\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: kan inte sortera poster i %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: kan inte fungera med tcb aktiverat\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: misslyckades med att ändra rättigheter för %s till 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Tillgång med su till det kontot NEKAS.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Lösenordsautentisering kringgådd.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Vänligen ange ditt EGNA lösenord för autentisering.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Kan inte grena användarskal\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: signalfel\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sessionen terminerad, terminerar skal..."
+
+msgid " ...killed.\n"
+msgstr " ...dödad.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...väntar på att barn ska termineras.\n"
+
+msgid " ...terminated.\n"
+msgstr " ...terminerad.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Användning: su [flaggor] [KONTO]\n"
+"\n"
+"Flaggor:\n"
+" -c, --command KOMMANDO skicka KOMMANDO till anropade skalet\n"
+" -h, --help visa detta hjälpmeddelande och avsluta\n"
+" -, -l, --login gör skalet till inloggningsskal\n"
+" -m, -p,\n"
+" --preserve-environment återställ inte miljövariabler och behåll\n"
+" samma skal\n"
+" -s, --shell SKAL använd SKAL istället för det angivna i "
+"passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorerad)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Du är inte bemyndigad att su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Ange ditt egna lösenord)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Autentiseringsfel\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Du är inte behörig att använda su för tillfället\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Ingen lösenordspost för \"root\""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: måste köras från en terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: fel %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot remove the content of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Kan inte ta bort innehållet i %s: %s\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Kunde inte starta %s\n"
+
+msgid "No password file"
+msgstr "Ingen lösenordsfil"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY misslyckades"
+
+msgid "No password entry for 'root'"
+msgstr "Ingen lösenordspost för \"root\""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Tryck Control-D för att fortsätta med normal uppstart,\n"
+"(eller ange root-lösenordet för systemunderhåll):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Går över till läge för systemunderhåll"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s skapades men kunde inte tas bort\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: %s-konfigurationen i %s kommer att ignoreras\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: kan inte skapa ny standardfil\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: kan inte öppna ny fil med standardvärden\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: raden är för lång i %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Kan inte skapa symboliska länken %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: byt namn: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: gruppen \"%s\" är en NIS-grupp.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: för många grupper angivna (max %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] INLOGGNINGSNAMN\n"
+" %s -D\n"
+" %s -D [flaggor]\n"
+"\n"
+"Flaggor:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir BASKATALOG baskatalog för hemkatalogen för\n"
+" det nya kontot\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment KOMMENTAR GECOS-fält för det nya kontot\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir HEM_KAT hemkatalog för det nya kontot\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults skriv ut eller ändra standardkonfiguration "
+"för useradd\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr " -e, --expiredate UTGÅNGSDATUM utgångsdatum för det nya kontot\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive INAKTIV lösenordets inaktivitetsperiod för det nya "
+"kontot\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid GRUPP namn eller ID för den primära gruppen för "
+"det\n"
+" nya kontot\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+" -k, --skel SKEL-KAT använd denna alternativa skelett-katalog\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init lägg inte till användaren till databaserna "
+"lastlog\n"
+" och faillog\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr " -m, --create-home skapa användarens hemkatalog\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr " -M, --no-create-home skapa inte användarens hemkatalog\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group skapa inte en grupp med samma namn som\n"
+" användaren\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique tillåt att skapa användare med dubletta\n"
+" (icke-unika) UID\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+" -p, --password LÖSENORD krypterat lösenord för det nya kontot\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell SKAL inloggningsskal för det nya kontot\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID användare-ID för det nya kontot\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+" -U, --user-group skapa en grupp med samma namn som "
+"användaren\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ogiltig baskatalog \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ogiltig kommentar \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ogiltig hemkatalog \"%s\"\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: skugglösenord krävs för -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: skugglösenord krävs för -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ogiltigt fält \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ogiltigt skal \"%s\"\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z kräver en SELinux-aktiverad kärna\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: kan inte skapa katalog %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Skapar postlådefil"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Gruppen \"mail\" hittades inte. Skapar användarens postlådefil med läget "
+"0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Ställer in rättigheter för postlådefil"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: användaren \"%s\" finns redan\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: gruppen %s finns redan - om du vill lägga till denna användare till den "
+"gruppen, använd -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: kan inte skapa användare\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu är inte unikt\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Misslyckades med att skapa tcb-katalog för %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: kan inte skapa grupp\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: kan inte skapa användare\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: kan inte skapa grupp\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: varning: hem-katalogen finns redan.\n"
+"Kopierar ingen fil från skel-katalogen till den.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force tvinga borttagning av filer, även om\n"
+" de inte ägs av användaren\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr " -r, --remove ta bort hemkatalog och postkö\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --shell SHELL new login shell for the user account\n"
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -s, --shell SHELL nytt inloggningsskal för användarkontot\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: kan inte ta bort primära gruppen för användaren \"%s\"\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: gruppen %s är den primära gruppen för en annan användare och tas inte "
+"bort.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: kan inte ta bort posten \"%s\" från %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s home directory (%s) not found\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s hemkatalogen (%s) hittades inte\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: varning: kan inte ta bort %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ägs inte av %s, tar inte bort\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Kan inte släppa privilegier: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Kan inte ta bort innehållet i %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Kan inte ta bort tcb-filer för %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: användaren %s är en NIS-användare\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s hemkatalogen (%s) hittades inte\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: tar inte bort katalogen %s (skulle ta bort hemmet för användaren %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: fel vid borttagning av katalogen %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment KOMMENTAR nytt värde för GECOS-fältet\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr " -d, --home HEMKAT ny hemkatalog för användarkontot\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate UTGÅNGSDATUM ställ in kontots utgångsdatum\n"
+" till UTGÃ…NGSDATUM\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INAKTIV ställ in lösenordet som inaktivt efter\n"
+" utgångsdatum till INAKTIV\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid GRUPP tvinga användning av GRUPP som ny "
+"primärgrupp\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups GRUPPER ny lista över ytterligare GRUPPER\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append lägg till användaren till ytterligare "
+"GRUPPER\n"
+" som nämns av flaggan -G utan att ta bort\n"
+" honom/henne från andra grupper\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login NYTT_NAMN nytt värde för inloggningsnamnet\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock lås användarkontot\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home flytta innehållet i hemkatalogen till\n"
+" en ny plats (använd endast med -d)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique tillåt användning av dubbletta (icke-unika) "
+"UID\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+" -p, --password LÖSENORD använd krypterat lösenord som nytt lösenord\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID nytt UID för användarkontot\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock lås upp användarkontot\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --shell SHELL new login shell for the user account\n"
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -s, --shell SHELL nytt inloggningsskal för användarkontot\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: upplåsning av användarens lösenord skulle resultera i ett konto utan "
+"lösenord.\n"
+"Du bör ställa in ett lösenord med usermod -p för att låsa upp användarens "
+"lösenord.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: användaren \"%s\" finns redan i %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: ogiltigt datum \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: ogiltigt datum \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: kan inte öppna %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: flaggorna -L, -p och -U är uteslutande\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: skugglösenord krävs för -e och -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID \"%lu\" finns redan\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s är inte behörig att ändra lösenordet för %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: katalogen %s finns redan\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Tidigare hemkatalogen (%s) var inte en katalog. Den har inte tagits bort "
+"och inga hemkataloger har skapats.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Misslyckades med att ändra ägarskap för hemkatalogen"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: varning: misslyckades med att ta bort hela den gamla hemkatalogen %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: kunde inte byta namn på katalogen %s till %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: misslyckades med att kopiera lastlog-posten för användaren %lu till "
+"användaren %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: misslyckades med att kopiera faillog-posten för användaren %lu till "
+"användaren %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: varning: %s ägs inte av %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "misslyckades med att byta ägare på postlåda"
+
+msgid "failed to rename mailbox"
+msgstr "misslyckades med att byta namn på postlåda"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Du har ändrat %s.\n"
+"Du kan behöva ändra %s för att stämma överens.\n"
+"Använd kommandot \"%s\" för att göra det.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group redigera gruppdatabas\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd redigera lösenordsdatabas\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+" -s, --shadow redigera shadow- eller gshadow-databasen\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+" -u, --user vilken användares tcb shadow-fil att "
+"redigera\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: misslyckades med att ta bort %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s är oförändrad\n"
+
+msgid "failed to create scratch directory"
+msgstr ""
+
+msgid "failed to drop privileges"
+msgstr "misslyckades med att släppa privilegier"
+
+msgid "Couldn't get file context"
+msgstr ""
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () misslyckades"
+
+msgid "failed to gain privileges"
+msgstr "misslyckades med att få privilegier"
+
+msgid "Couldn't lock file"
+msgstr "Kunde inte låsa fil"
+
+msgid "Couldn't make backup"
+msgstr "Kunde inte göra en säkerhetskopia"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr ""
+
+msgid "failed to unlink scratch file"
+msgstr ""
+
+msgid "failed to stat edited file"
+msgstr "misslyckades med att ta status på redigerade filen"
+
+msgid "failed to allocate memory"
+msgstr "misslyckades att allokera minne"
+
+msgid "failed to create backup file"
+msgstr "misslyckades med att skapa säkerhetskopia"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: kan inte återställa %s: %s (dina ändringar finns i %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: misslyckades med att hitta tcb-katalog för %s\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr " -c, --crypt-method krypteringsmetoden (en av %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Användning: vipw [flaggor]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) misslyckades\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: chage [flaggor] [INLOGGNINGSNAMN]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ " -d, --lastday SISTA_DAG ställ in datum för sista lösenordsändring "
+#~ "till SISTA_DAG\n"
+#~ " -E, --expiredate UTGÅNGSDATUM ställ in kontots utgångsdatum till "
+#~ "UTGÃ…NGSDATUM\n"
+#~ " -h, --help visa detta hjälpmeddelande och avsluta\n"
+#~ " -I, --inactive INAKTIV ställ in lösenordet till inaktivt efter "
+#~ "utgång\n"
+#~ " till INAKTIV\n"
+#~ " -l, --list visa åldringsinformation om kontot\n"
+#~ " -m, --mindays MIN_DAGAR ställ in minimum antal dagar innan "
+#~ "lösenords-\n"
+#~ " ändring till MIN_DAGAR\n"
+#~ " -M, --maxdays MAX_DAGAR ställ in maximalt antal dagar innan "
+#~ "lösenords-\n"
+#~ " ändring till MAX_DAGAR\n"
+#~ " -W, --warndays VARN_DAGAR ställ in dagar för utgångsvarning till "
+#~ "VARN_DAGAR\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM autentisering misslyckades\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Användning: %s [-f fullt_namn] [-r rums_nr] [-w arb_tel]\n"
+#~ "\t[-h hem_tel] [-o annat] [användare]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Användning: %s [-f fullt_namn] [-r rums_nr] [-w arb_tel] [-h hem_tel]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Användning: %s [flaggor]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ " -c, --crypt-method krypteringsmetoden (en av %s)\n"
+#~ " -e, --encrypted angivna lösenord är krypterade\n"
+#~ " -h, --help visa detta hjälpmeddelande och avsluta.\n"
+#~ " -m, --md5 kryptera klartextlösenordet med\n"
+#~ " MD5-algoritmen\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: chsh [flaggor] [KONTO]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ " -h, --help visa detta hjälpmeddelande och avsluta\n"
+#~ " -s, --shell SHELL nytt inloggningsskal för användarkontot\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Användning: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: Kan inte öppna %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Kan inte få storleken för %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Användning: groupdel grupp\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Användning: %s [-r] [-s] [grupp [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Användning: %s [-r] [-s] [grupp]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s och -r är inkompatibla\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Användning: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Användning: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: lastlog [flaggor]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ " -b, --before DAGAR skriv endast ut lastlog information äldre än "
+#~ "DAGAR\n"
+#~ " -h, --help visa detta hjälpmeddelande och avsluta\n"
+#~ " -t, --time DAGAR skriv endast ut lastlog information senare än "
+#~ "DAGAR\n"
+#~ " -u, --user LOGIN skriv ut lastlog information för användare\n"
+#~ " angiven med LOGIN\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: passwd [flaggor] [INLOGGNINGSNAMN]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ " -a, --all rapportera lösenordsstatus för alla "
+#~ "konton\n"
+#~ " -d, --delete ta bort lösenordet för angivet konto\n"
+#~ " -e, --expire tvinga utgång för lösenordet för det "
+#~ "angivna kontot\n"
+#~ " -h, --help visa detta hjälpmeddelande och avsluta\n"
+#~ " -k, --keep-tokens ändra lösenord endast om utgånget\n"
+#~ " -i, --inactive INAKTIV ställ in lösenordet som inaktivt efter "
+#~ "utgång\n"
+#~ " till INAKTIV\n"
+#~ " -l, --lock lås lösenordet för det angivna kontot\n"
+#~ " -n, --mindays MIN_DAGAR ställ in minsta antal dagar innan "
+#~ "lösenords-\n"
+#~ " ändring till MIN_DAGAR\n"
+#~ " -q, --quiet tyst läge\n"
+#~ " -r, --repository FÖRRÅD ändra lösenord i förrådet FÖRRÅD\n"
+#~ " -S, --status rapportera lösenordsstatus för det "
+#~ "angivna kontot\n"
+#~ " -u, --unlock lås upp lösenordet för det angivna "
+#~ "kontot\n"
+#~ " -w, --warndays VARN_DAGAR ställ in dagar för utgångsvarning till "
+#~ "VARN_DAGAR\n"
+#~ " -x, --maxdays MAX_DAGAR ställ in maximalt antal dagar innan "
+#~ "lösenords-\n"
+#~ " ändring till MAX_DAGAR\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Användning: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Användning: %s [-q] [-r] [-s] [lösenord [skugga]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Användning: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Användning: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Okänt id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Inget skal\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: userdel [flaggor] KONTO\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ " -f, --force tvinga borttagning av filer, även om\n"
+#~ " de inte ägs av användaren\n"
+#~ " -h, --help visa detta hjälpmeddelandet och avsluta\n"
+#~ " -r, --remove ta bort hemkatalog och postkö\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: användaren %s är för närvarande inloggad\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Användning: usermod [flaggor] INLOGGNINGSNAMN\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ " -c, --comment KOMMENTAR nytt värde för GECOS-fältet\n"
+#~ " -d, --home HEMKAT ny hemkatalog för användarkontot\n"
+#~ " -e, --expiredate UTGÅNGSDATUM ställ in kontots utgångsdatum\n"
+#~ " till UTGÃ…NGSDATUM\n"
+#~ " -f, --inactive INAKTIV ställ in lösenordet som inaktivt efter\n"
+#~ " utgångsdatum till INAKTIV\n"
+#~ " -g, --gid GRUPP tvinga användning av GRUPP som ny "
+#~ "primärgrupp\n"
+#~ " -G, --groups GRUPPER ny lista över ytterligare GRUPPER\n"
+#~ " -a, --append lägg till användaren till ytterligare "
+#~ "GRUPPER\n"
+#~ " som nämns av flaggan -G utan att ta bort\n"
+#~ " honom/henne från andra grupper\n"
+#~ " -h, --help visa detta hjälpmeddelande och avsluta\n"
+#~ " -l, --login NYTT_NAMN nytt värde för inloggningsnamnet\n"
+#~ " -L, --lock lås användarkontot\n"
+#~ " -m, --move-home flytta innehållet i hemkatalogen till\n"
+#~ " en ny plats (använd endast med -d)\n"
+#~ " -o, --non-unique tillåt användning av dubbletta (icke-"
+#~ "unika) UID\n"
+#~ " -p, --password LÖSENORD använd krypterat lösenord som nytt "
+#~ "lösenord\n"
+#~ " -s, --shell SKAL nytt inloggningsskal för användarkontot\n"
+#~ " -u, --uid UID nytt UID för användarkontot\n"
+#~ " -U, --unlock lås upp användarkontot\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: inga flaggor angivna\n"
+
+#~ msgid "%s: %s is an invalid shell.\n"
+#~ msgstr "%s: %s är ett ogiltigt skal.\n"
+
+#~ msgid ""
+#~ " -l, --lock-time SEC after failed login lock account for SEC "
+#~ "seconds\n"
+#~ msgstr ""
+#~ " -l, --lock-time S efter misslyckad inloggning lås kontot i "
+#~ "S sekunder\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --add USER add USER to GROUP\n"
+#~ " -d, --delete USER remove USER from GROUP\n"
+#~ " -r, --remove-password remove the GROUP's password\n"
+#~ " -R, --restrict restrict access to GROUP to its members\n"
+#~ " -M, --members USER,... set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: %s [flagga] GRUPP\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ " -a, --add ANVÄNDARE lägg till ANVÄNDARE till GRUPP\n"
+#~ " -d, --delete ANVÄNDARE ta bort ANVÄNDARE från GRUPP\n"
+#~ " -r, --remove-password ta bort GRUPPens lösenord\n"
+#~ " -R, --restrict begränsa åtkomst till GRUPP till dess "
+#~ "medlemmar\n"
+#~ " -M, --members ANVÄNDARE,... ställ in listan över medlemmar för GRUPP\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ " -A, --administrators ADMIN,...\n"
+#~ " set the list of administrators for GROUP\n"
+#~ "Except for the -A and -M options, the options cannot be combined.\n"
+#~ msgstr ""
+#~ " -A, --administrators ADMIN,...\n"
+#~ " ställ in listan över administratörer för "
+#~ "GRUPP\n"
+#~ "Förutom för flaggorna -A och -M, flaggorna kan inte kombineras.\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group groupname change groupname instead of the user's "
+#~ "group\n"
+#~ " (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ " -a, --add username add username to the members of the group\n"
+#~ " -d, --delete username remove username from the members of the "
+#~ "group\n"
+#~ " -p, --purge purge all members from the group\n"
+#~ " -l, --list list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: groupmems [flaggor] [åtgärd]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ " -g, --group gruppnamn ändra gruppnamn istället för användarens "
+#~ "grupp\n"
+#~ " (endast root)\n"
+#~ "\n"
+#~ "Åtgärder:\n"
+#~ " -a, --add användarnamn lägg till användarnamn till medlemmar av "
+#~ "gruppen\n"
+#~ " -d, --delete användarnamn ta bort användarnamn från medlemmar av "
+#~ "gruppen\n"
+#~ " -p, --purge ta bort alla medlemmar från gruppen\n"
+#~ " -l, --list lista medlemmarna i gruppen\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Användning: useradd [flaggor] INLOGGNINGSNAMN\n"
+#~ "\n"
+#~ "Flaggor:\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: kan inte skapa %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: kan inte chown %s\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: vipw [flaggor]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ " -g, --group redigera gruppdatabas\n"
+#~ " -h, --help visa detta hjälpmeddelande och avsluta\n"
+#~ " -p, --passwd redigera lösenordsdatabas\n"
+#~ " -q, --quiet tyst läge\n"
+#~ " -s, --shadow redigera databaserna shadow eller "
+#~ "gshadow\n"
+#~ "\n"
diff --git a/po/tl.po b/po/tl.po
new file mode 100644
index 0000000..ef0fe7d
--- /dev/null
+++ b/po/tl.po
@@ -0,0 +1,3612 @@
+# Tagalog messages for shadow
+# shadow/po/tl.po
+# Copyright (C) 2005 Software in the Public Interest, Inc.
+# This file is distributed under the same license as shadow
+# Itong talaksan ay ipinamamahagi sa parehong lisensya ng shadow
+# Eric Pareja <xenos@upm.edu.ph>, 2005
+# This file is maintained by Eric Pareja <xenos@upm.edu.ph>
+# Itong talaksan ay inaalagaan ni Eric Pareja <xenos@upm.edu.ph>
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-26 21:34+0100\n"
+"Last-Translator: Eric Pareja <xenos@upm.edu.ph>\n"
+"Language-Team: Tagalog <debian-tl@banwa.upm.edu.ph>\n"
+"Language: tl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=n>1;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Hindi makapaglaan ng lugar para sa impormasyong pagsasaayos.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"may mali sa pagsasaayos - hindi kilalang item '%s' (ipaalam sa "
+"tagapangasiwa)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Kontrasenyas: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Kontrasenyas ni %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Hindi makapaglaan ng lugar para sa impormasyong pagsasaayos.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Pinapalitan ang impormasyong pagtanda para kay %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Hindi makilala ang inyong pangalan.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: linya %d: hindi mahanap ang gumagamit %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: nagkulang ng memory\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: hindi ma-apdeyt ang talaksang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: hindi tanggap na directory na tahanan '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: babala: hindi matanggal "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: babala: hindi matanggal "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: baguhin ang pangalan: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: babala: hindi matanggal "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: babala: hindi matanggal "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: hindi ma-apdeyt ang talaksang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: hindi maapdeyt ang talaksang shadow\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: baguhin ang pangalan: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: hindi mabuksan ang talaksang %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Babala: hindi kilalang grupo %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Babala: labis ang dami ng mga grupo\n"
+
+msgid "Your password has expired."
+msgstr "Lumampas sa taning ang inyong kontrasenyas."
+
+msgid "Your password is inactive."
+msgstr "Ang inyong kontrasenyas ay hindi aktibo."
+
+msgid "Your login has expired."
+msgstr "Lumampas sa taning ang inyong login."
+
+msgid " Contact the system administrator."
+msgstr " Kausapin ang tagapangasiwa ng sistema."
+
+msgid " Choose a new password."
+msgstr " Pumili ng bagong kontrasenyas."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Ang inyong kontrasenyas ay may taning na %ld na araw.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Hanggang bukas ang taning ng inyong kontrasenyas."
+
+msgid "Your password will expire today."
+msgstr "Mapapaso ang inyong kontrasenyas ngayong araw na ito."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Hindi mabago ang tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: mahaba masyado ang mga field\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Umapaw ang kapaligiran\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Hindi niyo maaaring baguhin ang $%s\n"
+
+#, fuzzy, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"May %d kabiguan magmula ng huling pagpasok.\n"
+"Ang huli ay %s noong %s.\n"
+"May %d na kabiguan magmula ng huling pagpasok.\n"
+"Ang huli ay %s noong %s.\n"
+msgstr[1] ""
+"May %d kabiguan magmula ng huling pagpasok.\n"
+"Ang huli ay %s noong %s.\n"
+"May %d na kabiguan magmula ng huling pagpasok.\n"
+"Ang huli ay %s noong %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "bigo sa pagpalit ng may-ari ng mailbox"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: hindi makakuha ng kakaibang UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: hindi makakuha ng kakaibang GID\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: hindi makakuha ng kakaibang UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: hindi makakuha ng kakaibang UID\n"
+
+msgid "Too many logins.\n"
+msgstr "Labis ang mga login.\n"
+
+msgid "You have new mail."
+msgstr "May bago kang email."
+
+msgid "No mail."
+msgstr "Walang email."
+
+msgid "You have mail."
+msgstr "Mayroon kang email."
+
+msgid "no change"
+msgstr "walang pagbabago"
+
+msgid "a palindrome"
+msgstr "isang palindromo"
+
+msgid "case changes only"
+msgstr "nagpalit lamang ng laki ng titik"
+
+msgid "too similar"
+msgstr "labis na magkatulad"
+
+msgid "too simple"
+msgstr "labis na simple"
+
+msgid "rotated"
+msgstr "inikot"
+
+msgid "too short"
+msgstr "labis ng ikli"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Maling kontrasenyas: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: bigo ang pam_start(), error %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Napalitan ang password."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: tagumpay sa pagpalit ng kontrasenyas\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Maling kontrasenyas para kay %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: hindi tanggap na telepono sa bahay: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Hindi makalipat sa '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Walang directory, pumapasok na ang HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Hindi mapatakbo ang %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Hindi tanggap na root directory '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Hindi mapalitan ang root directory sa '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Hindi malaman ang pangalan ng tty ninyo."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Hindi\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Ibigay ang bagong halaga, o pindutin ang ENTER para sa default"
+
+msgid "Minimum Password Age"
+msgstr "Pinakamaliit na Tanda ng Password"
+
+msgid "Maximum Password Age"
+msgstr "Pinakamalaking Tanda ng Password"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Huling Pagpalit ng Password (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Babala ng Paglipas ng Taning ng Password"
+
+msgid "Password Inactive"
+msgstr "Inaktibo ang Password"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Hangganan ng Account (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Huling Pagpalit ng Password : "
+
+msgid "never"
+msgstr "Hindi kailanman"
+
+msgid "password must be changed"
+msgstr "kailangan palitan ang password"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Taning ng Password:\t"
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Inaktibong Password:\t"
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Mapapaso ang Account:\t"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Bilang ng mga araw bago magpalit ng password : %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Bilang ng mga araw na dapat magpalit na ng password : %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Bilang ng mga araw bago mapaso ang password na may babala : %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: hindi tanggap na petsa '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: hindi tanggap na argumentong numero '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: huwag isama ang \"l\" sa ibang mga flag\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Walang pahintulot.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Hindi makilala ang inyong pangalan.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: hindi makapag-aldaba ng mga talaksan, subukan muli mamaya.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: hindi mabuksan ang talaksang %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: bigo sa pag-fork: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: wala ang talaksan ng shadow password\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Pinapalitan ang impormasyong pagtanda para kay %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: error sa pagbabago ng mga field\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Buong Pangalan"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Bilang ng Silid"
+
+msgid "Work Phone"
+msgstr "Telepono sa Trabaho"
+
+msgid "Home Phone"
+msgstr "Telepono sa Bahay"
+
+msgid "Other"
+msgstr "Iba pa"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Hindi mabago ang ID sa root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: hindi tanggap na pangalan: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: hindi tanggap na bilang ng silid: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: hindi tanggap na telepono sa trabaho: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: hindi tanggap na telepono sa bahay: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' ay may hindi legal na mga karakter\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' ay may hindi legal na mga karakter\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: hindi mapalitan ang gumagamit '%s' sa NIS client.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' ay ang NIS master ng klienteng ito.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Pinapalitan ang impormasyon tungkol sa gumagamit na si %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: mahaba masyado ang mga field\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: ang flag na -a ay pinapayagan LAMANG kung kasama ang flag na -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linya %d: sobrang haba ng linya\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linya %d: walang bagong password\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: walang grupong %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linya %d: hindi ma-apdeyt ang ipinasok\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: may error na naganap, di pinansin ang mga pagbabago\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Login Shell"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Hindi niyo mapapalitan ang shell para kay %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Pinapalitan ang login shell ni %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Hindi tanggap na entry: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "Ang %s ay hindi tanggap na shell.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: babala: %s ay hindi pag-aari ni %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: hindi inaasahang argumento: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Login Kabiguan Maximum Pinakahuli On\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds naiwan]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lock]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Di kilalang Gumagamit: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Ang password ni %s ay hindi mapapalitan.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Ang password ni %s ay hindi mapapalitan.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: kailangan ng password ng grupong shadow para sa -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: walang grupong %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: bigo sa pag-fork: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Pinapalitan ang password ng grupong %s\n"
+
+msgid "New Password: "
+msgstr "Bagong Password: "
+
+msgid "Re-enter new password: "
+msgstr "Ibigay muli ang bagong password: "
+
+msgid "They don't match; try again"
+msgstr "Hindi magkapareho; subukan muli"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Subukan muli mamaya\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Dinadagdag ang gumagamit na si %s sa grupong %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Tinatanggal ang gumagamit na si %s mula sa grupong %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Hindi tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: hindi tanggap na pangalan ng grupo ang %s\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "hindi tanggap na pangalan ng grupo '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: kinakailangan ng -O ang PANGALAN=HALAGA\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: mayroon nang grupong %s\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Mayroon nang kasapi na ganito\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Hindi makilala ang inyong pangalan.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: hindi mapalitan ang gumagamit '%s' sa NIS client.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: walang grupong %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: ang grupong '%s' ay grupong NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s ay ang NIS master\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: ang gumagamit na %s ay nasa NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: naubos ang memory sa update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "hindi tanggap na pangalan ng grupo '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: ang grupong %s ay grupong NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: di kilalang gumagamit %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s at -r ay hindi maaring magkasabay\n"
+
+msgid "invalid group file entry"
+msgstr "hindi tanggap na entry ng talaksang grupo"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "burahin ang linyang '%s'? "
+
+msgid "duplicate group entry"
+msgstr "pangalawang entry ng grupo"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "hindi tanggap na pangalan ng grupo '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "hindi tanggap na pangalan ng grupo '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupong %s: walang gumagamit %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "tanggalin ang miyembrong '%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "walang katumbas na entry sa talaksang grupo sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "idagdag ang grupong '%s' sa %s ?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "hindi tanggap na entry sa talaksang shadow group"
+
+msgid "duplicate shadow group entry"
+msgstr "dalawahan ang shadow group entry"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grupong shadow %s: walang tagapamahalang %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "tanggaling ang miyembrong tagapamahala '%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupong shadow %s: walang gumagamit na %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: ang mga talaksan ay na-apdeyt\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: walang pagbabago\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: hindi ma-apdeyt ang talaksang %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Pag-gamit: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Pag-gamit: id\n"
+
+msgid " groups="
+msgstr " mga grupo="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "Pangalan Puerta Mula Hulihan"
+
+msgid "Username Port Latest"
+msgstr "Pangalan Puerta Hulihan"
+
+msgid "**Never logged in**"
+msgstr "**Di pumasok kailanman**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: hindi maapdeyt ang talaksang password\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Pag-gamit: %s [-p] [pangalan]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h host] [-f pangalan]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Di tamang oras ng pagpasok"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sarado ang sistema para sa kinagawiang pagtaguyod"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Nilaktawan ang pag-diskonek -- pinayagang makapasok ang root.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Walang nakapasok sa utmp. Kailangan niyong mag-exec \"login\" mula sa "
+"pinakamababang antas ng \"sh\""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Lumipas ang taning ng pagpasok ng %d segundo.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: kabiguan sa PAM, humihinto: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Lumampas sa bilang ng maaaring pagsubok : (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: hiniling na mag-abort ng PAM\n"
+
+msgid "Login incorrect"
+msgstr "Maling pagpasok"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: linya %d: hindi mahanap ang gumagamit %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: bigo sa pag-fork: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Babala: pagpasok ay enabled muli matapos ng panandalian pagbawal."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Huling pagpasok: %s sa %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Huling pagpasok: %.19s sa %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " mula %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"lumampas sa taning ng pagpasok\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Pag-gamit: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Pag-gamit: newgrp [-] [grupo]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Pag-gamit: sg grupo [[-c] utos]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Lumang kontrasenyas:"
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: bigo sa pag-fork: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+msgid "too many groups\n"
+msgstr "labis ang dami ng mga grupo\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: walang grupong %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: hindi tanggap na pangalan `%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: hindi tanggap na pangalan `%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linya %d: hindi tanggap na linya\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: hindi maapdeyt ang ipinasok para kay %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linya %d: hindi makalikha ng GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linya %d: hindi makalikha ng GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linya %d: hindi ma-apdeyt ang kontrasenyas\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linya %d: bigo ang mkdir\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linya %d: bigo ang chown\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linya %d: hindi ma-apdeyt ang ipinasok\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: hindi malikha ang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: hindi ma-apdeyt ang talaksang grupo\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Lumang kontrasenyas:"
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Ibigay ang bagong kontrasenyas (minimum na %d, maximum na %d karakter)\n"
+"Gumamit ng kombinasyon ng malaki at maliit na titik at mga numero.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Ibigay ang bagong kontrasenyas (minimum na %d, maximum na %d karakter)\n"
+"Gumamit ng kombinasyon ng malaki at maliit na titik at mga numero.\n"
+
+msgid "New password: "
+msgstr "Bagong password: "
+
+msgid "Try again."
+msgstr "Subukan muli."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Babala: mahinang password (ibigay ito muli upang gamitin pa rin)."
+
+msgid "They don't match; try again.\n"
+msgstr "Hindi sila magkapareho; subukan muli.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Ang password ni %s ay hindi mapapalitan.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Ang password ni %s ay hindi mapapalitan.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: hindi suportado ang repositoryong %s\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: Hindi niyo matatanaw o mapapalitan ang impormasyong password ni %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Pinapalitan ang password ni %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Ang password ni %s ay hindi napalitan.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Napalitan ang password."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Babala ng Paglipas ng Taning ng Password"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "hindi tanggap na ipinasok sa talaksang password"
+
+msgid "duplicate password entry"
+msgstr "nadobleng ipinasok sa password"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "hindi tanggap na pangalan '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "hindi tanggap na pangalan '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "gumagamit %s: walang grupo %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "gumagamit %s: walang directory na %s\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "gumagamit %s: walang programang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: hindi maaldaba ang talaksang %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "walang kaparehas na kontrasenyas sa %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "idagdag ang gumagamit na si '%s' sa %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "hindi tanggap na ipinasok sa talaksang password na shadow"
+
+msgid "duplicate shadow password entry"
+msgstr "nadobleng ipinasok sa talaksang password ng shadow"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "gumagamit %s: huling pagpalit ng password ay nasa hinaharap\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: hindi mabuksan ang talaksang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: hindi maisulat muli ang talaksan\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Ang paggamit ng su sa account na iyan ay IPINAGBAWAL.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Linampasan ang password authentication.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Ibigay ang inyong SARILING kontrasenyas bilang authentication.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: hindi maaldaba ang talaksang %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Pag-gamit: su [mga opsiyon] [login]\n"
+"\n"
+"Mga opsiyon:\n"
+" -c, --command UTOS ipasa ang UTOS sa tinawag na shell\n"
+" -h, --help ipakita ang payo na ito\n"
+" -, -l, --login gawing login shell ang shell\n"
+" -m, -p,\n"
+" --preserve-environment huwag i-reset ang mga variable\n"
+" na pangkapaligiran at gamitin\n"
+" ang parehong shell\n"
+" -s, --shell SHELL gamitin ang SHELL sa halip ng\n"
+" default sa passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Di pinansin)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Hindi kayo awtorisadong gumamit ng su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Ibigay ang sarili niyong password.)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: bigo ang pagpapakilalang PAM\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Hindi kayo awtorisadong gumamit ng su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Walang ipinasok sa password para sa 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: kinakailangang patakbuhin mula sa isang terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: error %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Hindi mapatakbo ang %s"
+
+msgid "No password file"
+msgstr "Walang talaksang password"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Walang ipinasok sa password para sa 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Itiklado ang control-d upang magpatuloy ng normal na startup,\n"
+"(o ibigay ang password ng root para sa pagtataguyod ng sistema):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Pumapasok sa Modang Pagtataguyod ng Sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: hindi malikha ang bagong talaksan ng mga default\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: hindi mabuksan ang bagong talaksan ng mga default\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linya %d: bigo ang chown\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: baguhin ang pangalan: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: ang grupong '%s' ay grupong NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: sobrang dami ng grupo ang nakatakda (max %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: hindi tanggap na batayang directory '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: hindi tanggap na komento '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: hindi tanggap na directory na tahanan '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: kailangan ng shadow password para sa -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: kailangan ng shadow password para sa -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: hindi tanggap na saklaw '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: hindi tanggap na shell '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Inililikha ang talaksang mailbox"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Grupong 'mail' ay hindi nahanap. Inililikha ang talaksang mailbox ng "
+"gumagamit na may modong 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Itinatakda ang pahintulot sa talaksang mailbox"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: mayroon nang gumagamit na %s\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: mayroon nang grupong %s - kung nais niyong idagdag ang gumagamit na ito "
+"sa grupong iyon, gamitin ang -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: hindi malikha ang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: hindi kakaiba ang UID %u\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: hindi malikha ang %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: hindi malikha ang %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: hindi malikha ang %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: babala: mayroon nang tahanang directory.\n"
+"Walang kokopyahing talaksan mula sa skel directory dito.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: hindi mapalitan ang gumagamit '%s' sa NIS client.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: hindi matanggal ang grupong %s dahil ito'y pangunahing grupo ng ibang "
+"gumagamit.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: hindi tanggap na directory na tahanan '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: babala: hindi matanggal "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ay hindi pag-aari ni %s, hindi tatanggalin\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: ang gumagamit na %s ay nasa NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: hindi tanggap na directory na tahanan '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: hindi tatanggalin ang directory %s (mawawalan ng bahay si %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: error sa pagtanggal ng directory %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: mayroon nang gumagamit na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: hindi tanggap na petsa '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: hindi tanggap na petsa '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: hindi mabuksan ang talaksang %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: kailangan ang shadow password para sa -e at -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Mayroon nang kasapi na ganito\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: mayroon nang directory na %s\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: babala: bigo sa pagtanggal ng buo ng lumang directory na tahanan %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: babala: %s ay hindi pag-aari ni %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "bigo sa pagpalit ng may-ari ng mailbox"
+
+msgid "failed to rename mailbox"
+msgstr "bigo sa pagpalit ng pangalan ng mailbox"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s ay hindi binago\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "bigo sa pagpalit ng pangalan ng mailbox"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Hindi maaldaba ang talaksan"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Hindi maaldaba ang talaksan"
+
+msgid "Couldn't make backup"
+msgstr "Hindi makagawa ng backup"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: hindi nahanap ang %s sa /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Hindi mabuksan ang talaksang grupo\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: mahaba masyado ang mga field\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "bigo sa pagpalit ng pangalan ng mailbox"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "bigo sa pagpalit ng may-ari ng mailbox"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "bigo sa pagpalit ng pangalan ng mailbox"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: hindi maibalik ang %s: %s (ang mga pagbabago ay nasa %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: hindi tanggap na batayang directory '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Pag-gamit: %s [input]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "bigo ang malloc(%d)\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: chage [mga opsiyon] [LOGIN]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -d, --lastday HULING_ARAW itakda ang huling pagpalit ng "
+#~ "kontrasenyas\n"
+#~ " sa HULING_ARAW\n"
+#~ " -E, --expiredate EXPIRE_DATE itakda ang pagkapaso ng account sa\n"
+#~ " EXPIRE_DATE\n"
+#~ " -h, --help ipakita ang tulong at lumabas\n"
+#~ " -I, --inactive INACTIVE itakda ang kontrasenyas na inaktibo "
+#~ "matapos\n"
+#~ " mapaso at gawin itong INACTIVE\n"
+#~ " -l, --list ipakita ang impormasyon tungkol sa "
+#~ "account\n"
+#~ " -m, --mindays MIN_DAYS itakda na hindi kukulang sa MIN_DAYS\n"
+#~ " bago palitan ang kontrasenyas\n"
+#~ " -M, --maxdays MAX_DAYS itakda na hindi hihigit sa MAX_DAYS\n"
+#~ " bago palitan ang kontrasenyas\n"
+#~ " -W, --warndays WARN_DAYS itakda ang babala tungkol sa pagpaso sa\n"
+#~ " WARN_DAYS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: bigo ang pagpapakilalang PAM\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Pag-gamit: %s [-f buong_pangalan] [-r bilang_ng_silid] [-w "
+#~ "telepono_trabaho]\n"
+#~ "\t[-h telepono_bahay] [-o iba] [gumagamit]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Pag-gamit: %s [-f buong_pangalan] [-r bilang_ng_silid] [-w trabaho] [-h "
+#~ "bahay]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Pag-gamit: chpasswd [mga opsiyon]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -e, --encrypted ang mga bigay na mga kontrasenyas ay naka-encrypt\n"
+#~ " -h, --help ipakita itong payo na ito at lumabas\n"
+#~ " -m, --md5 gamitin ang MD5 encryption imbes na DES kapag ang\n"
+#~ " mga ibinigay na mga kontrasenyas ay hindi naka-"
+#~ "encrypt\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: chsh [mga opsiyon] [LOGIN]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -h, --help ipakita ito at lumabas\n"
+#~ " -s, --shell SHELL bagong login shell para sa gumagamit\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Pag-gamit: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Pag-gamit: groupdel grupo\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Pag-gamit: %s [-r] [-s] [grupo [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Pag-gamit: %s [-r] [-s] [grupo]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s at -r ay hindi maaring magkasabay\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Pag-gamit: groupdel grupo\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Pag-gamit: groupdel grupo\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: lastlog [mga option]\n"
+#~ "\n"
+#~ "Mga option:\n"
+#~ " -b, --before ARAW ipakita lamang ang lastlog record na mas-luma sa "
+#~ "ARAW\n"
+#~ " -h, --help ipakita ang tulong na ito at lumabas\n"
+#~ " -t, --time ARAW ipakita lamang ang lastlog record na mas-bagos sa "
+#~ "ARAW\n"
+#~ " -u, --user LOGIN ipakita lamang ang gumagamit na LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: passwd [mga opsiyon] [login]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -a, --all mag-ulat tungkol sa kalagayan ng\n"
+#~ " kontrasenyas ng lahat\n"
+#~ " -d, --delete burahin ang kontrasenyas ng account\n"
+#~ " -e, --expire piliting mapaso ang kontrasenyas ng "
+#~ "account\n"
+#~ " -h, --help ipakita ang tulong na ito at lumabas\n"
+#~ " -k, --keep-tokens palitan ang kontrasenyas kung paso "
+#~ "lamang\n"
+#~ " -i, --inactive INACTIVE itakdang inaktibo matapos na mapaso\n"
+#~ " sa INACTIVE\n"
+#~ " -l, --lock i-lock ang account\n"
+#~ " -n, --mindays MIN_ARAW\n"
+#~ " -q, --quiet tahimik lamang\n"
+#~ " -r, --repository REPOSITORYO palitan ang kontrasenyas sa REPOSITORYO\n"
+#~ " -S, --status iulat ang kalagayan ng kontrasenyas ng\n"
+#~ " ibinigay na account\n"
+#~ " -u, --unlock tanggalin ang pagkaaldaba ng account\n"
+#~ " -w, --warndays BABALA_ARAW itakda ang pagbabala ng taning sa\n"
+#~ " BABALA_ARAW\n"
+#~ " -x, --maxdays MAX_ARAW itakda kung hanggang ilang araw bago\n"
+#~ " magpalit ng kontrasenyas sa MAX_ARAW\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Pag-gamit: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Pag-gamit: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Pag-gamit: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Pag-gamit: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Di kilalang id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Walang shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Paggamit: userdel [mga opsiyon] LOGIN\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -f, --force ipilit ang pagtanggal ng mga talaksan,\n"
+#~ " kahit hindi pag-aari ng gumagamit\n"
+#~ " -h, --help ipakita ang patalastas na ito at lumabas\n"
+#~ " -r, --remove tanggalin ang home directory at mail "
+#~ "spool\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: gumagamit na si %s ay kasalukuyang nakapasok\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Pag-gamit: usermod [mga opsiyon] LOGIN\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -a, --append GRUPO idagdag ang gumagamit sa karagdagang "
+#~ "GRUPO\n"
+#~ " -c, --comment KOMENTO itakda ang GECOS field\n"
+#~ " -d, --home HOME_DIR ang tahanang directory ng bagong account\n"
+#~ " -e, --expiredate EXPIRE_DATE itakda ang petsa ng expiration ng "
+#~ "account\n"
+#~ " sa EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE itakda ang password na inaktibo matapos "
+#~ "ng\n"
+#~ " pagkapaso na INACTIVE\n"
+#~ " -g, --gid GRUPO ipilit na gamitin ang GRUPO para sa "
+#~ "bagong\n"
+#~ " account\n"
+#~ " -G, --groups MGAGRUPO idagdag ang mga grupo sa MGAGRUPO sa "
+#~ "bagong\n"
+#~ " account\n"
+#~ " -h, --help ipakita ang payo na ito\n"
+#~ " -l, --login LOGIN bagong halaga ng pangalang panglogin\n"
+#~ " -L, --lock ialdaba ang account ng gumagamit\n"
+#~ " -m, --move-home ilipat ang laman ng tahanang directory "
+#~ "sa\n"
+#~ " bagong lugar (gamitin lamang kasama ng -"
+#~ "d)\n"
+#~ " -o, --non-unique payagang lumikha ng user na may "
+#~ "kaparehong UID\n"
+#~ " -p, --password PASSWOWRD gumamit ng encrypted password para sa "
+#~ "bagong\n"
+#~ " account\n"
+#~ " -s, --shell SHELL itakda ang login shell para sa bagong "
+#~ "account\n"
+#~ " -u, --uid UID gamitin ang UID para sa bagong account\n"
+#~ " -U, --unlock tanggalin ang pagkaaldaba ng account ng\n"
+#~ " gumagamit\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: walang binigay na mga flag\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: vipw [mga opsiyon]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -g, --group baguhin ang database ng mga grupo\n"
+#~ " -h, --help ipakita ang payo na ito\n"
+#~ " -p, --passwd baguhin ang database na passwd\n"
+#~ " -q, --quiet modong tahimik\n"
+#~ " -s, --shadow baguhin ang database na shadow o gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Pag-gamit: %s [input]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: hindi malikha ang %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: hindi ma-chown %s\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: faillog [mga opsiyon]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -a, --all ipakita ang mga record ng faillog para sa lahat\n"
+#~ " -h, --help ipakita ang tulong na ito at lumabas\n"
+#~ " -l, --lock-time SEG matapos mabigo sa pagpasok, i-lock ng SEG "
+#~ "segundo\n"
+#~ " ang account\n"
+#~ " -m, --maximum MAX itakda ang maximum na bilang ng kabiguan sa "
+#~ "pagpasok\n"
+#~ " na hanggang MAX lamang\n"
+#~ " -r, --reset ireset ang mga tagabilang ng kabiguan sa "
+#~ "pagpasok\n"
+#~ " -t, --time ARAW ipakita ang faillog records na hindi tatanda sa "
+#~ "ARAW\n"
+#~ " -u, --user LOGIN ipakita ang faillog record o pangasiwaan ang "
+#~ "tagabilang\n"
+#~ " ng pagkabigo at mga palugit (kung gamit ang -r, -"
+#~ "m o\n"
+#~ " -l na opsiyon) para sa gumagamit ng LOGIN lamang\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: groupadd [mga opsiyon] GRUPO\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -f, --force ipilit ang paglabas na kalagayang matagumpay "
+#~ "kung\n"
+#~ " ang ibinigay na grupo ay mayroon na\n"
+#~ " -g, --gid GID gamitin ang GID para sa bagong grupo\n"
+#~ " -h, --help ipakita ang patalastas na ito at lumabas\n"
+#~ " -K, --key KEY=HALAGA nangingibabaw sa mga default sa /etc/login.defs\n"
+#~ " -o, --non-unique payagang gumawa ng grupo na may GID na kapareho\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: groupmod [mga opsiyon] GRUPO\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -g, --gid GID gamitin ang bagong GID ng GRUPO\n"
+#~ " -h, --help ipakita ang tulong na ito at lumabas\n"
+#~ " -n, --new-name BAGONG_GRUPO ipilit na gamitin ang BAGONG_GRUPO ng "
+#~ "GRUPO\n"
+#~ " -o, --non-unique payagang gumawa ng grupo na may "
+#~ "kaparehong\n"
+#~ " GID ng GRUPO\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Pag-gamit: useradd [mga opsiyon] LOGIN\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -b, --base-dir BASE_DIR punong directory para sa bagong mga "
+#~ "tahanang\n"
+#~ " directory ng account\n"
+#~ " -c, --comment KOMENTO itakda ang GECOS field ng bagong account\n"
+#~ " -d, --home-dir HOME_DIR ang tahanang directory ng bagong account\n"
+#~ " -D, --defaults ipakita o imbakin ang binagong default "
+#~ "na\n"
+#~ " pagkaayos ng useradd\n"
+#~ " -e, --expiredate EXPIRE_DATE itakda ang petsa ng expiration ng "
+#~ "account\n"
+#~ " sa EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE itakda ang password na inaktibo matapos "
+#~ "ng\n"
+#~ " pagkapaso na INACTIVE\n"
+#~ " -g, --gid GRUPO ipilit na gamitin ang GRUPO para sa "
+#~ "bagong\n"
+#~ " account\n"
+#~ " -G, --groups MGAGRUPO idagdag ang mga grupo sa MGAGRUPO sa "
+#~ "bagong\n"
+#~ " account\n"
+#~ " -h, --help ipakita itong tulong na ito at lumabas\n"
+#~ " -k, --skel SKEL_DIR itakda ang alternatibong skel directory\n"
+#~ " -K, --key KEY=HALAGA nangingibabaw sa default sa /etc/login."
+#~ "defs\n"
+#~ " -m, --create-home likhain ang tahanang directory para sa\n"
+#~ " bagong account\n"
+#~ " -o, --non-unique payagang lumikha ng user na may "
+#~ "kaparehong UID\n"
+#~ " -p, --password PASSWOWRD gumamit ng encrypted password para sa "
+#~ "bagong\n"
+#~ " account\n"
+#~ " -s, --shell SHELL itakda ang login shell para sa bagong "
+#~ "account\n"
+#~ " -u, --uid UID gamitin ang UID para sa bagong account\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Itinakdang lumampas sa taning ang password."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksan ng mga kontrasenyas\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang password\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang shadow password\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang shadow password\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: hindi maisulat-muli ang talaksang shadow password\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: hindi maisulat-muli ang talaksang password\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: hindi maapdeyt ang talaksang shadow password\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tBuong Pangalan: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tBilang ng Silid: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelepono sa Trabaho: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelepono sa Bahay: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Hindi maaldaba ang talaksang password; subukan muli mamaya.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Hindi mabuksan ang talaksang password\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Error sa pag-apdeyt ng password entry.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Hindi maisulat ang pagbabago sa talaksang password.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Hindi maalis ang aldaba sa talaksang password.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang grupo\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: error sa pag-apdeyt ng talaksang shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: error sa pag-apdeyt ng ipinasok sa grupo\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: linya %d: di kilalang grupo %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: linya %d: hindi ma-apdeyt ang ipinasok\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang shadow\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: error sa pag-apdeyt ng talaksang shadow\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: error sa pag-apdeyt ng talaksang password\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: linya %d: di kilalang gumagamit %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: linya %d: hindi ma-apdeyt password entry\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: hindi kilalang gumagamit\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Di kilalang Gumagamit: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Pag-gamit: %s [-r|-R] grupo\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a gumagamit] grupo\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d gumagamit] grupo\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A gumagamit,...] [-M gumagamit,...] grupo\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M gumagamit,...] grupo\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: hindi makakuha ng aldaba\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: hindi makuha ang aldaba ng shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksan\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang shadow\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: hindi matanggal ang aldaba ng talaksan\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: hindi ma-apdeyt ang entry\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: hindi ma-apdeyt ang entry na shadow\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "di kilalang grupo: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksan\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang shadow\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Sino ka?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: di kilalang miyembro %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: error sa pagdagdag ng entry ng bagong grupo\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang grupo\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang grupo ng shadow\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang grupo\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang grupo ng shadow\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo ng shadow\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: hindi kakaiba ang gid na %u\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: error sa pagtanggal ng entry ng grupo\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: error sa pagtanggal ng entry ng grupong shadow\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: hindi matanggal ang pangunahing grupo ng gumagamit.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Hindi mahanap ang kasapi na tatanggalin\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Pag-gamit: groupmems -a pangalan | -d pangalan | -D | -l [-g pangalan-ng-"
+#~ "grupo]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr ""
+#~ "Ang root lamang ang maaaring magdagdag ng kasapi sa ibang mga grupo\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Kinakailangan ng akses sa grupo\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Hindi pangunahing may-ari ng kasalukuyang grupo\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "Bigo ang pagpapakilalang PAM para kay\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Hindi maaldaba ang talaksang grupo\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Hindi maisara ang talaksang grupo\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s hindi nahanap sa /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: hindi kakaibang GID ang %u\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s ay hindi kakaibang pangalan\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang password\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang password\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang password\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: hindi ma-apdeyt ang ipinasok sa shadow para kay %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: hindi ma-apdeyt ang ipinasok para sa grupong %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang grupo na shadow\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo na shadow\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: hindi matanggal ang grupong shadow %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: hindi ma-apdeyt ang talaksang grupo na shadow\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: hindi matanggal ang talaksang grupo na shadow\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "di kilalang GID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "di kilalang GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: walang grupong %s\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: hindi tanggap na pangalan `%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: hindi maaldaba ang /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: hindi maaldaba ang /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: hindi maaldaba ang /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: hindi maaldaba ang /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: hindi mabuksan ang mga talaksan\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: error sa pag-apdeyt ng mga talaksan\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: hindi maapdeyt ang ipinasok sa passwd para kay %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang passwd\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: hindi matanggal ang ipinasok sa shadow para kay %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: hindi maapdeyt ang talaksang passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: hindi maapdeyt ang ipinasok para kay %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: hindi matanggal ang talaksang password ng shadow\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: di kilalang GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: di kilalang grupo %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: naubos ang memory sa update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang password\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang password na shadow\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang password ng shadow\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang password ng shadow\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: error sa pagaldaba ng talaksang grupo\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: error sa pagbukas ng talaksang grupo\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: error sa pagaldaba ng talaksang grupo ng shadow\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: error sa pagbukas ng talaksang grupo ng shadow\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: error sa pagdagdag ng bagong ipapasok sa password\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: error sa pagdagdag ng bagong ipinasok na password sa shadow\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: babala: CREATE_HOME hindi suportado, gamitin na lamang ang -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: error sa pag-apdeyt ng ipinasok sa grupo\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: error sa pag-apdeyt ng ipinasok sa grupo\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo ng shadow\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: error sa pagtanggal ng ipinasok na password\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: error sa pagtanggal ng ipinasok na password sa shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: error sa pagdagdag ng entry ng bagong grupo\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu ay hindi kakaiba\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: error sa pagpalit ng ipinasok na password\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: error sa pagtanggal ng ipinasok na password\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: error sa pagtanggal ng ipinasok na shadow password\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: hindi makakuha ng kakaibang GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " noong '%.100s' mula sa '%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " noong `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: linya %d: hindi makalikha ng UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: hindi kakaiba ang pangalang %s\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: chpasswd [mga opsiyon]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ " -e, --encrypted\tang mga bigay na mga password ay naka-encrypt\n"
+#~ " -h, --help\t\tipakita itong payo na ito at lumabas\n"
+#~ " -m, --md5\t\tgamitin ang MD5 encryption imbes na DES kapag ang\n"
+#~ "\t\t\tmga ibinigay na mga password ay hindi naka-encrypt\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Walang talaksang password\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Ipagpaumanhin.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Ipagpaumanhin, ang password ni %s ay hindi pa mapapalitan.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Pasensya na."
diff --git a/po/tr.po b/po/tr.po
new file mode 100644
index 0000000..a67f47f
--- /dev/null
+++ b/po/tr.po
@@ -0,0 +1,3916 @@
+# translation of shadow.po to Türkçe
+# Turkish translation of shadow.
+# This file is distributed under the same license as the shadow package.
+#
+# Mehmet Türker <mturker@innova.com.tr>, 2004.
+# Murat Åženel <muratasenel@gmail.com>, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2008-03-29 20:31+0200\n"
+"Last-Translator: Mehmet Türker <mturker@innova.com.tr>\n"
+"Language-Team: Türkçe <tr@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: KBabel 1.11.1\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"'%s' içinde '%s' isminde birden fazla giriş mevcut. Lütfen bunu pwck yada "
+"grpck kullanarak düzeltin.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "kripto medotu libcrypt tarafından desteklenmiyor? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Yapılandırma bilgileri için yer ayrılamadı.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"yapılandırma hatası - bilinmeyen öğe '%s' (sistem yöneticisine bildirin)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Parola: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s kullanıcı parolası: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Yapılandırma bilgileri için yer ayrılamadı.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s için ömür bilgisi değiştiriliyor\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Kullanıcı isminiz belirlenemedi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: satır %d: kullanıcı %s bulunamadı\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: yetersiz bellek\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: %s dosyası güncellenemiyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: geçersiz ev dizini '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: uyarı: silinemiyor "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: uyarı: silinemiyor "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: yeniden adlandırma: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: uyarı: silinemiyor "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: uyarı: silinemiyor "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: %s dosyası güncellenemiyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: gölge dosyası güncellenemedi\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: yeniden adlandırma: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %s dosyası açılamıyor\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Uyarı: bilinmeyen grup %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Uyarı: grup sayısı çok fazla\n"
+
+msgid "Your password has expired."
+msgstr "Parolanızın kullanım süresi doldu."
+
+msgid "Your password is inactive."
+msgstr "Parolanız etkin değil."
+
+msgid "Your login has expired."
+msgstr "Hesabınızın kullanım süresi doldu."
+
+msgid " Contact the system administrator."
+msgstr " Sistem yöneticisine başvurunuz."
+
+msgid " Choose a new password."
+msgstr "Yeni bir parola seçin."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Parolanızın kullanım süresi %ld gün sonra dolacaktır.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Parolanızın kullanım süresi yarın dolacaktır."
+
+msgid "Your password will expire today."
+msgstr "Parolanızın kullanım süresi bugün dolacaktır."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Geçilemeyen tty: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: alanlar çok uzun\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Ortam taşması\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "$%s deÄŸiÅŸtirilemez\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"Son girişten beri %d başarısız girişim. En sonuncusu %s üzerinde %s idi.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "postakutusu sahibi deÄŸiÅŸtirilmedi"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "Benzersiz bir UID alınamıyor (mevcut UID yok)\n"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique GID (no more available GIDs)\n"
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "Tek (benzersiz) bir GID alınamadı (kullanılabilecek mevcut GID yok)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "Benzersiz bir UID alınamıyor (mevcut UID yok)\n"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "Benzersiz bir UID alınamıyor (mevcut UID yok)\n"
+
+msgid "Too many logins.\n"
+msgstr "Çok fazla oturum.\n"
+
+msgid "You have new mail."
+msgstr "Yeni e-postanız var."
+
+msgid "No mail."
+msgstr "E-Posta yok."
+
+msgid "You have mail."
+msgstr "E-Postanız var."
+
+msgid "no change"
+msgstr "deÄŸiÅŸiklik yok"
+
+msgid "a palindrome"
+msgstr "bu bir palindrome (tersinden de aynı şekilde okunabilen kelime)"
+
+msgid "case changes only"
+msgstr "sadece durum deÄŸiÅŸiklikleri"
+
+msgid "too similar"
+msgstr "çok benzer"
+
+msgid "too simple"
+msgstr "çok basit"
+
+msgid "rotated"
+msgstr "döndürülmüş"
+
+msgid "too short"
+msgstr "çok kısa"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Hatalı parola: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() başarısız, hata %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Parola deÄŸiÅŸti "
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: şifre başarıyla güncellendi\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "`%s' için yanlış parola\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: geçersiz ev telefonu: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Geçersiz ENCRYPT_METHOD değeri: '%s'.\n"
+"Varsayılan olarak DES kullanılacak.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "\"%s\" dizinine geçilemiyor\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Dizin yok, HOME=/ ile giriş yapılıyor"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s çalıştırılamıyor"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Geçersiz kök dizin '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Kök dizin '%s' olarak değiştirilemiyor\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Kullanıcı isminiz belirlenemedi."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Hayır\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Yeni değeri girin, veya varsayılan değer için ENTER'a basın"
+
+msgid "Minimum Password Age"
+msgstr "Asgari Parola Ömrü"
+
+msgid "Maximum Password Age"
+msgstr "Azami Parola Ömrü"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Son Parola DeÄŸiÅŸimi (YYYY-AA-GG)"
+
+msgid "Password Expiration Warning"
+msgstr "Parola Kullanım Süresi Bitti Uyarısı"
+
+msgid "Password Inactive"
+msgstr "Parola Pasif"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Hesap Bitimi Tarihi (YYYY-AA-GG)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Son Parola DeÄŸiÅŸimi\t\t\t\t\t: "
+
+msgid "never"
+msgstr "Hiçbir zaman"
+
+msgid "password must be changed"
+msgstr "Parola deÄŸiÅŸtirilmeli"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Parola Kullanım Süresi Dolumu\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Parola Pasif\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Hesap Bitimi\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Şifre değişiklikleri arasındaki en az gün sayısı\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maksimum giriş denemesi sayısı aşıldı \t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Şifre süresinin dolumundan önceki uyarı gün sayısı\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: geçersiz tarih '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: geçersiz sayısal argüman '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: diğer bayraklarla beraber \"l\" yi kullanmayınız\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Ä°zin verilmedi\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Kullanıcı isminiz belirlenemedi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: dosyalar kilitlenemiyor, daha sonra tekrar deneyin\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: %s dosyası açılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failure forking: %s\n"
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: çatallama (fork) hatası: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: shadow parola dosyası açılamadı\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s için ömür bilgisi değiştiriliyor\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: alanları değiştirirken hata oluştu\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Tam Ä°sim"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Oda Numarası"
+
+msgid "Work Phone"
+msgstr "Ä°ÅŸ Telefonu"
+
+msgid "Home Phone"
+msgstr "Ev Telefonu"
+
+msgid "Other"
+msgstr "DiÄŸer"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ID root kullanıcısı olarak değiştirilemiyor.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: geçersiz isim: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: geçersiz oda numarası: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: geçersiz iş telefonu: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: geçersiz ev telefonu: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' geçersiz karakterler içeriyor\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' geçersiz karakterler içeriyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: kullanıcı `%s' NIS istemcisinde değiştirilemedi.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: `%s' bu istemci için NIS efendisidir.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%s için kullanıcı bilgileri değiştiriliyor\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: alanlar çok uzun\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s flag is ONLY allowed with the %s flag\n"
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s bayrağına SADECE %s bayrağı ile kullanıldığında izin verilir\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e, ve -m bayrakları özel bayraklardır\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: desteklenmeyen kripto metodu: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: satır %d: satır çok uzun\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: satır %d: yeni parola eksik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: grup %s mevcut deÄŸil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: satır %d: kayıt güncellenemiyor\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: hata algılandı, değişiklikler görmezden gelindi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Oturum KabuÄŸu"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "%s için kabuğu değiştiremezsiniz.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%s için oturum kabuğu değiştiriliyor\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Geçersiz kayıt: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s geçersiz bir kabuk.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: kullanıcı %s mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: uyarı: %s %s kullanıcısına ait değil\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: %s ve %s seçenekleri çakışıyor\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: bilinmeyen argüman: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Oturum Aç Failures Maximum Latest Açık\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds kaldı]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds kilitli]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "Unknown user or range: %s\n"
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Bilinmeyen kullanıcı veya aralık: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "%s için parola değiştirilemedi.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "%s için parola değiştirilemedi.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -A için gölge grup parolaları gerekli\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grup %s mevcut deÄŸil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failure forking: %s\n"
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: çatallama (fork) hatası: %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "%s grubu için parola değiştiriliyor\n"
+
+msgid "New Password: "
+msgstr "Yeni parola: "
+
+msgid "Re-enter new password: "
+msgstr "Yeni parolayı tekrar girin: "
+
+msgid "They don't match; try again"
+msgstr "EÅŸleÅŸmiyorlar; tekrar deneyin"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Daha sonra tekrar deneyin\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "%s kullanıcısı %s grubuna ekleniyor\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "%s kullanıcısı %s grubundan çıkarılıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Bir tty deÄŸil\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s geçerli bir grup adı değil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid group name `%s'\n"
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: geçersiz grup adı `%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K seçeneği ANAHTAR=DEĞER gerektirir\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grup %s zaten var\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Ãœye zaten mevcut\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Kullanıcı isminiz belirlenemedi.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot change the primary group of user '%s' from %u to %u.\n"
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr ""
+"%s: '%s' kullanıcısı için birincil grup %u grubundan %u grubuna "
+"deÄŸiÅŸtirilemiyor.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grup %s mevcut deÄŸil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grup '%s' bir NIS grubu.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s NIS efendisidir\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: kullanıcı %s bir NIS kullanıcısı\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Out of memory. Cannot update the group database.\n"
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Bellek yetersiz. Grup veritabanı güncellenemiyor.\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: invalid group name `%s'\n"
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: geçersiz grup adı `%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: grup %s bir NIS grubudur\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: bilinmeyen kullanıcı %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s ve -r uyumsuz\n"
+
+msgid "invalid group file entry"
+msgstr "geçersiz grup dosyası kaydı"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "`%s' satırı silinsin mi? "
+
+msgid "duplicate group entry"
+msgstr "mükerrer grup kaydı"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "geçersiz grup adı '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "geçersiz grup adı '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grup %s: %s kullanıcısı yok\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "'%s' üyesi silinsin mi? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "%s girişi içinde grup dosyası kaydı eşleşmedi\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "Grup %s, %s'in içine eklensin mi?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "geçersiz gölge grup dosyası kaydı"
+
+msgid "duplicate shadow group entry"
+msgstr "mükerrer gölge grup kaydı"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "gölge grubu %s: %s yönetici kullanıcı değil\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "yönetici üye '%s' silinsin mi? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "gölge grubu %s: kullanıcı %s mevcut değil\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: dosyalar güncellendi\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: deÄŸiÅŸiklik yok\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: %s dosyası güncellenemiyor\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Kullanım: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Kullanım: id\n"
+
+msgid " groups="
+msgstr ".gruplar="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "Kullanıcı adı Port Kimden Sonuncu"
+
+msgid "Username Port Latest"
+msgstr "Kullanıcı adı Port Sonuncu"
+
+msgid "**Never logged in**"
+msgstr "**Hiç giriş yapmadı**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: parola dosyası güncellenemedi\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Kullanım: %s [-p] [isim]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h host] [-f isim]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Geçersiz giriş zamanı"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistem rutin bakımlar için kapalı"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Bağlantı kesilmesi atlandı -- root girişi olanaklı.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Bu bir utmp girişi değil. En düşük \"sh\" düzeyinde \"login\" i "
+"çalıştırmalısınız. "
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Giriş %d saniye sonra zaman aşımına uğradı.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM başarısızlığa uğradı, çıkıyor: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s giriÅŸ: "
+
+msgid "login: "
+msgstr "giriÅŸ: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maksimum giriş denemesi sayısı aşıldı (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "Giriş PAM tarafından iptal edildi\n"
+
+msgid "Login incorrect"
+msgstr "Giriş geçersiz"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: satır %d: kullanıcı %s bulunamadı\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s giriÅŸ: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: çatallama hatası: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY %s için başarısız oldu"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Uyarı: geçici bir kilitlenme sonrasında giriş tekrar olanaklı kılındı."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Son giriş: %s üzerinden %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Son giriş: %s üzerinden %.19s"
+
+#, c-format
+msgid " from %.*s"
+msgstr "%.*s'den"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"oturum açma süresi aşıldı\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Kullanım: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Kullanım: newgrp [-] [grup]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Kullanım: sg grup [[-c] komut]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+msgid "Invalid password.\n"
+msgstr "Geçersiz parola.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: çatallama (fork) hatası: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+msgid "too many groups\n"
+msgstr "çok fazla grup\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: group %s is a shadow group, but does not exist in /etc/group\n"
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: %s grubu bir shadow grubu, fakat /etc/group içinde mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: geçersiz kullanıcı adı '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: geçersiz kullanıcı adı '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: satır %d: geçersiz satır\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: kullanıcı %s için kayıt güncellenemiyor (passwd veritabanında mevcut "
+"deÄŸil)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: satır %d: kullanıcı yaratılamıyor\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: satır %d: grup yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: satır %d: parola güncellenemiyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: satır %d: mkdir başarısız oldu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: satır %d: chown başarısız oldu\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: satır %d: kayıt güncellenemiyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: kullanıcı yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: grup dosyası güncellenemiyor\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid "Old password: "
+msgstr "Eski parola: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Yeni parolayı girin (en az %d karakter)\n"
+"Lütfen büyük, küçük harf ve rakamların bir kombinasyonunu kullanın.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Yeni parolayı girin (asgari %d, azami %d karakter)\n"
+"Lütfen büyük, küçük harf ve rakamların bir kombinasyonunu kullanın.\n"
+
+msgid "New password: "
+msgstr "Yeni parola: "
+
+msgid "Try again."
+msgstr "Yeniden deneyin."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Uyarı: zayıf parola (yine de kullanmak için aynısını tekrar girin)."
+
+msgid "They don't match; try again.\n"
+msgstr "EÅŸleÅŸmediler, tekrar deneyin.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s için parola değiştirilemedi.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s için parola henüz değiştirilemiyor.\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: unlocking the user would result in a passwordless account.\n"
+#| "You should set a password with usermod -p to unlock this user account.\n"
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: kullanıcının kilidini kaldırmak şifresiz bir hesabın oluşmasına yol "
+"açacaktı.\n"
+"Bu kullanıcı hesabının kilidini kaldırmak için usermod -p ile bir parola "
+"belirlemelisiniz.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: depo %s desteklenmiyor\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: %s için şifre bilgisini göremez ve değiştiremezsiniz..\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s için parola değiştiriliyor\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s için parola değişmedi\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Parola deÄŸiÅŸti "
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Parola Kullanım Süresi Bitti Uyarısı"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "geçersiz parola dosyası kaydı"
+
+msgid "duplicate password entry"
+msgstr "mükerrer parola kaydı"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "geçersiz kullanıcı adı '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "geçersiz kullanıcı adı '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "kullanıcı %s: %u grubu mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "kullanıcı %s: %s dizini mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "kullanıcı %s: uygulama %s mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %s dosyası kilitlenemiyor\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "%s içinde eşleşen parola dosyası kaydı yok\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "'%s' adlı kullanıyı %s'e ekle?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "geçersiz gölge parola dosyası kaydı"
+
+msgid "duplicate shadow password entry"
+msgstr "mükerrer gölge parola kaydı"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "kullanıcı %s: gelecekteki son parola değişimi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: %s dosyası açılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: dosya tekrar yazılamıyor\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Bu hesap için 'su'ya erişim ENGELLENDİ.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Parola yetkilendirmesi atlandı.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Lütfen yetkilendirme için KENDİ parolanızı girin.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: %s dosyası kilitlenemiyor\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Kullanım: su [seçenekler] [KULLANICI]\n"
+"\n"
+"Seçenekler:\n"
+" -c --command KOMUT KOMUT u istenen kabuğa geçir\n"
+" -h, --help bu yardım dosyasını göster ve çık\n"
+" -, -l, --login kabuğu oturum açma kabuğu haline getirir\n"
+" -m, -p,\n"
+" --preserve-environment çevre değişkenlerini sıfırlama ve \n"
+" aynı kabuğu sakla\n"
+" -s, --shell KABUK(SHELL) passwd dosyasındaki öntanımlı kabuk yerine\n"
+" KABUK kabuÄŸunu kullan\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Dikkate alınmadı)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "su %s için yetkili değilsiniz\n"
+
+msgid "(Enter your own password)"
+msgstr "(Kendi parolanızı girin)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM yetkilendirmesi başarısız oldu\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "su %s için yetkili değilsiniz\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "'root' için parola kaydı yok"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: bir terminalden çalıştırılmalı\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: hata %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "%s çalıştırılamıyor"
+
+msgid "No password file"
+msgstr "Parola dosyası yok"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY başarısız oldu"
+
+msgid "No password entry for 'root'"
+msgstr "'root' için parola kaydı yok"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Normal başlangıç için control-d ye basın,\n"
+"(ya da sistem bakımı için root parolasını verin):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Sistem Bakımı Kipine Giriliyor"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: yeni varsayılanlar dosyası oluşturulamadı\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: yeni varsayılanlar dosyası açılamadı\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: satır %d: chown başarısız oldu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: yeniden adlandırma: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grup '%s' bir NIS grubu.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: çok fazla grup verildi (azami %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: geçersiz ana dizin '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: geçersiz açıklama '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: geçersiz ev dizini '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: -e için gölge parolalar gerekli\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: -f için gölge parolalar gerekli\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: geçersiz alan '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: geçersiz kabuk '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+msgid "Creating mailbox file"
+msgstr "Mesaj kutusu dosyası yaratılıyor"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"'mail' grubu bulunamadı. Kullanıcının mail kutusu dosyası 0600 dosya "
+"yetkileriyle yaratılıyor.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Mail kutusu dosyası için yetkiler ayarlanıyor"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: kullanıcı %s mevcut\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: grup %s mevcut - eğer bu kullanıcıyı bu gruba eklemek istiyorsanız, -g "
+"kullanın.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: kullanıcı yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: GID %u tek deÄŸil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: grup yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: kullanıcı yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: grup yaratılamıyor\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: uyarı: Ev dizini zaten mevcut.\n"
+"Temel dizinden hiçbir dosya kopyalanmıyor.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot change the primary group of user '%s' from %u to %u.\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: '%s' kullanıcısı için birincil grup %u grubundan %u grubuna "
+"deÄŸiÅŸtirilemiyor.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Başka bir kullanıcı için birincil grub olan %s grubu kaldırılamıyor.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: geçersiz ev dizini '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: uyarı: silinemiyor "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s %s kullanıcısına ait değil, silinmiyor\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: kullanıcı %s bir NIS kullanıcısı\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: geçersiz ev dizini '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: %s dizini silinmiyor (%s kullanıcısının ev dizinini silecekti)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: %s dizini silinirken hata oluÅŸtu\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+#, fuzzy
+#| msgid ""
+#| " -s, --sha-rounds number of SHA rounds for the SHA*\n"
+#| " crypt algorithms\n"
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -s, --sha-rounds SHA* kripto algoritmaları için kullanılacak\n"
+" SHA yuvarlamaları sayısı\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: unlocking the user would result in a passwordless account.\n"
+#| "You should set a password with usermod -p to unlock this user account.\n"
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: kullanıcının kilidini kaldırmak şifresiz bir hesabın oluşmasına yol "
+"açacaktı.\n"
+"Bu kullanıcı hesabının kilidini kaldırmak için usermod -p ile bir parola "
+"belirlemelisiniz.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: kullanıcı %s mevcut\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: geçersiz tarih '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: geçersiz tarih '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: %s dosyası açılamıyor\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p, ve -U bayrakları özel bayraklardır\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e ve -f için gölge parolalar gerekli\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Ãœye zaten mevcut\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: %s dizini mevcut\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: uyarı: eski Ev dizinindeki tüm dosyalar kaldırılamadı %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: uyarı: %s %s kullanıcısına ait değil\n"
+
+msgid "failed to change mailbox owner"
+msgstr "postakutusu sahibi deÄŸiÅŸtirilmedi"
+
+msgid "failed to rename mailbox"
+msgstr "postakutusu isim değişikliği başarısız"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "You have modified %s.\n"
+#| "You may need to modify %s for consistency.\n"
+#| "Please use the command `%s' to do so.\n"
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Değişiklik yapıldı: %s.\n"
+"Uyumu sağlamak için değiştirilmesi gerekiyor: %s.\n"
+"Bunu yapmak için lütfen `%s' komutunu kullanın.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s deÄŸiÅŸtirilmedi\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "postakutusu isim değişikliği başarısız"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Dosya kilitlenemedi"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Dosya kilitlenemedi"
+
+msgid "Couldn't make backup"
+msgstr "Yedek alınamadı"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s /etc/passwd içinde bulunamadı\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Grup dosyası açılamıyor\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: alanlar çok uzun\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "postakutusu isim değişikliği başarısız"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "postakutusu sahibi deÄŸiÅŸtirilmedi"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "postakutusu isim değişikliği başarısız"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %s geri yüklenemiyor: %s (değişiklikleriniz %s içinde)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: geçersiz ana dizin '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Kullanım: %s [girdi]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) başarısız oldu\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: chage [seçenekler] kullanıcı\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -d, --lastday SON_GÃœN(LAST_DAY)\n"
+#~ " son şifre değiştirme gününü SON_GÜN "
+#~ "olarak\n"
+#~ " belirle\n"
+#~ " -E, --expiredate GEÇERLİLİK_TARİHİ(EXPIRE_DATE)\n"
+#~ " hesap geçerlilik tarihini "
+#~ "GEÇERLİLİK_TARİHİ\n"
+#~ " olarak belirle\n"
+#~ " -h, --help bu yardım mesajını görüntüle ve çık\n"
+#~ " -I, --inactive INACTIVE kullanım süresi dolduktan sonra şifreyi\n"
+#~ " INACTIVE olarak belirle\n"
+#~ " -l, --list hesap aging bilgisini göster\n"
+#~ " -m, --mindays ASGARÄ°_GÃœN(MIN_DAYS)\n"
+#~ " şifre değişikliği için asgari gün\n"
+#~ " sayısını ASGARİ_GÜN olarak belirle\n"
+#~ " -M, --maxdays AZAMÄ°_GÃœN(MAX_DAYS)\n"
+#~ " şifre değişikliği için azami gün\n"
+#~ " sayısını AZAMİ_GÜN olarak belirle\n"
+#~ " -W, --warndays UYARI_GÃœN_SAYISI (WARN_DAYS)\n"
+#~ " zorunlu şifre değişikliği uyarısından "
+#~ "önceki\n"
+#~ " gün sayısını UYARI_GÜN_SAYISI olarak "
+#~ "belirle\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM yetkilendirmesi başarısız oldu\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Kullanım: %s [-f tam_isim] [-r oda_no] [-w iş_tel]\n"
+#~ "\t[-h ev_tel] [-o diğer] [kullanıcı]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "Kullanım: %s [-f tam_isim] [-r oda_no] [-w iş_tel] [-h ev_tel]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Kullanım: %s [seçenekler]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -c, --crypt-method kripto metodu (bunlardan biri: %s)\n"
+#~ " -e, --encrypted verilen parolalar kriptolu\n"
+#~ " -h, --help bu yardım dosyasını göster ve çık\n"
+#~ " -m, --md5 şifresiz metin parolayı MD5 algoritması "
+#~ "ile ÅŸifrele\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: chsh [seçenekler] [KULLANICI]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -h, --help bu yardım mesajını göster ve çık\n"
+#~ " -s, --shell KABUK(SHELL) kullanıcı hesabı için yeni kabuk\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Kullanım: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: %s dosyası açılamıyor\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Kullanım: groupdel grup_adı\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Kullanım: %s [-r] [-s] [grup [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Kullanım: %s [-r] [-s] [grup]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s ve -r uyumsuz\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Kullanım: groupdel grup_adı\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Kullanım: groupdel grup_adı\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: lastlog [seçenekler]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -b, --before GÜN_SAYISI(DAYS) GÜN_SAYISI kadar günden daha eski olan\n"
+#~ " lastlog kayıtlarını gösterir\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time GÜN_SAYISI(DAYS) GÜN_SAYISI kadar günden daha yeni olan\n"
+#~ " lastlog kayıtlarını gösterir\n"
+#~ " -u, --user KULLANICI KULLANICI ile belirtilen kullanıcının\n"
+#~ " kastlog yıtlarını gösterir\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all report password status on all accounts\n"
+#~| " -d, --delete delete the password for the named "
+#~| "account\n"
+#~| " -e, --expire force expire the password for the named "
+#~| "account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --keep-tokens change password only if expired\n"
+#~| " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --lock lock the named account\n"
+#~| " -n, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -r, --repository REPOSITORY change password in REPOSITORY "
+#~| "repository\n"
+#~| " -S, --status report password status on the named "
+#~| "account\n"
+#~| " -u, --unlock unlock the named account\n"
+#~| " -w, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| " -x, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: passwd [seçenekler] [KULLANICI]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -a, --all tüm hesaplardaki şifre durumunu bildirir\n"
+#~ " -d, --delete ismi belirtilen hesabın şifresini siler\n"
+#~ " -e, --expire ismi belirtilen hesaba ait şifrenin süresini "
+#~ "bitirir\n"
+#~ " -h, --help bu yardım dosyasını göster ve çık\n"
+#~ " -k, --keep-tokens sadece süresi dolduğunda şifreleri "
+#~ "deÄŸiÅŸtirir\n"
+#~ " -i, --inactive INACTIVE şifre süresi dolduktan sonra, şifreyi "
+#~ "INACTIVE\n"
+#~ " olarak ayarlar\n"
+#~ " -l, --lock ismi belirtilen hesabı kilitler\n"
+#~ " -n, --mindays ASGARÄ°_GÃœN_SAYISI(MIN_DAYS)\n"
+#~ " şifre değiştirilmeden önceki en az gün "
+#~ "sayısını\n"
+#~ " ASGARÄ°_GÃœN_SAYISI olarak ayarlar\n"
+#~ " -q, --quiet sessiz kip\n"
+#~ " -r, --repository DEPO(REPOSITORY)\n"
+#~ " DEPO deposundaki ÅŸifreyi deÄŸiÅŸtirir\n"
+#~ " -S, --status ismi belirtilen hesaptaki ÅŸifre durumunu "
+#~ "bildirir\n"
+#~ " -u, --unlock ismi belirtilen hesabın kilidini açar\n"
+#~ " -w, --warndays UYARI_GÃœN_SAYISI(WARN_DAYS)\n"
+#~ " şifre dolum uyarı gününü UYARI_GÜN_SAYISI\n"
+#~ " olarak ayarlar\n"
+#~ " -x, --maxdays AZAMÄ°_GÃœN_SAYISI(MAX_DAYS)\n"
+#~ " şifre değiştirilmeden önceki en fazla gün\n"
+#~ " sayısını AZAMİ_GÜN_SAYISI olarak ayarlar\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Kullanım: %s [-q] [-r] [-s] [parola [gölge]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Kullanım: %s [-q] [-r] [-s] [parola [gölge]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Kullanım: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Kullanım: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Bilinmeyen id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Kabuk yok\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: userdel [seçenekler] KULLANICI\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -f, --force dosyalar kullanıcıya ait değilse bile "
+#~ "sil\n"
+#~ " -h, --help bu yardım mesajını göster ve çık\n"
+#~ " -r, --remove ev dizinini ve mesaj arÅŸivini sil\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: kullanıcı %s şu an oturumda\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: usermod [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -c, --comment COMMENT new value of the GECOS field\n"
+#~| " -d, --home HOME_DIR new home directory for the user account\n"
+#~| " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -g, --gid GROUP force use GROUP as new primary group\n"
+#~| " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~| " -a, --append append the user to the supplemental "
+#~| "GROUPS\n"
+#~| " mentioned by the -G option without "
+#~| "removing\n"
+#~| " him/her from other groups\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --login NEW_LOGIN new value of the login name\n"
+#~| " -L, --lock lock the user account\n"
+#~| " -m, --move-home move contents of the home directory to "
+#~| "the\n"
+#~| " new location (use only with -d)\n"
+#~| " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~| " -p, --password PASSWORD use encrypted password for the new "
+#~| "password\n"
+#~| " -s, --shell SHELL new login shell for the user account\n"
+#~| " -u, --uid UID new UID for the user account\n"
+#~| " -U, --unlock unlock the user account\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Kullanım: usermod [seçenekler] LOGIN\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -c, --comment YORUM GECOS alanının yeni değeri\n"
+#~ " -d, --home EV_DIZINI kullanıcı hesabı için yeni oturum açma "
+#~ "dizini\n"
+#~ " -e, --expiredate GEÇERLİLİK_TARİHİ hesap dolum süresini "
+#~ "GEÇERLİLİK_TARİHİ\n"
+#~ " (EXPIRE_DATE) olarak ayarla\n"
+#~ " -f, --inactive PASIF şifre süresi dolduktan sonra şifreyi\n"
+#~ " PASIF olarak ayarla\n"
+#~ " -g, --gid GRUP birincil grup olarak GRUP kullanımını "
+#~ "zorla\n"
+#~ " -G, --groups GRUPLAR ilave grupları yeni listesi\n"
+#~ " -a, --append kullanıcıyı ilave grupların sonuna ekle\n"
+#~ " -G seçeneğinde bahsedildiği gibi\n"
+#~ " diğer gruplardan çıkarmadan\n"
+#~ " -h, --help bu yardım dosyasını göster ve çık\n"
+#~ " -l, --login YENI_LOGIN oturum açma ismi için yeni değer\n"
+#~ " -L, --lock kullanıcı hesabını kilitle\n"
+#~ " -m, --move-home Ev dizininin içeriğini yeni bir\n"
+#~ " dizine kopyalar(sadece -d ile "
+#~ "kullanılır)\n"
+#~ " -o, --non-unique aynı UID yi kullanmaya izin verir\n"
+#~ " -p, --password PAROLA yeni parolalar için şifrelenmiş parola "
+#~ "kullan\n"
+#~ " -s, --shell SHELL kullanıcı hesabı için yeni oturum açma "
+#~ "kabuÄŸu\n"
+#~ " -u, --uid UID kullanıcı hesabı için yeni UID\n"
+#~ " -U, --unlock kullanıcı hesabı kilidini aç\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: herhangi bir bayrak verilmedi\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: vipw [seçenekler]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -g, --group grub veri tabanını düzenler\n"
+#~ " -h, --help bu yardım dosyasını gösterir ve çıkar\n"
+#~ " -p, --passwd şifre veri tabanını düzenler\n"
+#~ " -q, --quiet sessiz kip\n"
+#~ " -s, --shadow shadow veya gshadow veri tabanını "
+#~ "düzenler\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Kullanım: %s [girdi]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %s yaratılamıyor\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: chown %s gerçekleştirilemiyor\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: faillog [seçenekler]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -a, --all tüm kullanıcılar için faillog "
+#~ "kayıtlarını\n"
+#~ " gösterir\n"
+#~ " -h, --help bu yardım dosyasını göster ve çık\n"
+#~ " -l, --lock-time SANİYE(SEC) hatalı oturum açılımından sonra, hesabı\n"
+#~ " SANÄ°YE kadar saniye kilitler\n"
+#~ " -m, --maximum AZAMİ(MAX) en fazla hatalı oturum açılış sayacını "
+#~ "AZAMÄ°\n"
+#~ " deÄŸerine ayarlar\n"
+#~ " -r, --reset oturum açılış sayacını sıfırlar\n"
+#~ " -t, --time GÜN_SAYISI(DAYS) GÜN_SAYISI kadar günden daha güncel olan\n"
+#~ " faillog kayıtlarını gösterir\n"
+#~ " -u, --user KULLANICI(LOGIN) faillog kaydını gösterir veya hata\n"
+#~ " sayacını onarır ve sadece KULLANICI ile\n"
+#~ " belirtilen kullanıcıları sınırlar (-r, -"
+#~ "m\n"
+#~ " veya -l seçenekleri ile kullanıldıysa)\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: groupadd [seçenekler] GRUP\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -f, --force belirtilen grub mevcutsa bile, çıkışta\n"
+#~ " başarılı kodu verecek şekilde zorla\n"
+#~ " -g, --gid GID yeni grub için bu GID yi kullan\n"
+#~ " -h, --help bu yardım dosyasını göster ve çık\n"
+#~ " -K, --key ANAHTAR=DEĞER /etc/login.defs dosyasındaki\n"
+#~ " öntanımlı değerlerin üzerine yazar\n"
+#~ " -o, --non-unique aynı GID ile grub oluşturulmasına izin "
+#~ "ver\n"
+#~ " -p, --password PAROLA yeni grup için şifreli olarak PAROLA "
+#~ "kullan\n"
+#~ " -r, --system bir sistem hesabı yarat\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Usage: groupmod [seçenekler] GRUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID bu grubu yeni GID ile kullanıma zorla\n"
+#~ " -h, --help bu yardım dosyasını göster ve çık\n"
+#~ " -n, --new-name YENÄ°_GRUP grubu YENÄ°_GRUP ismini kullanmaya zorla\n"
+#~ " -o, --non-unique grubun aynı GID yi kullanmasına izin ver\n"
+#~ " -p, --password PAROLA yani parola için şifreli olarak PAROLA "
+#~ "kullan\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~| " home directory\n"
+#~| " -c, --comment COMMENT set the GECOS field for the new user "
+#~| "account\n"
+#~| " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~| " -D, --defaults print or save modified default useradd\n"
+#~| " configuration\n"
+#~| " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -g, --gid GROUP force use GROUP for the new user "
+#~| "account\n"
+#~| " -G, --groups GROUPS list of supplementary groups for the "
+#~| "new\n"
+#~| " user account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~| " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~| " -l, do not add the user to the lastlog and\n"
+#~| " faillog databases\n"
+#~| " -m, --create-home create home directory for the new user\n"
+#~| " account\n"
+#~| " -N, --no-user-group do not create a group with the same name "
+#~| "as\n"
+#~| " the user\n"
+#~| " -o, --non-unique allow create user with duplicate\n"
+#~| " (non-unique) UID\n"
+#~| " -p, --password PASSWORD use encrypted password for the new user\n"
+#~| " account\n"
+#~| " -r, --system create a system account\n"
+#~| " -s, --shell SHELL the login shell for the new user "
+#~| "account\n"
+#~| " -u, --uid UID force use the UID for the new user "
+#~| "account\n"
+#~| " -U, --user-group create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Kullanım: useradd [seçenekler] KULLANICI\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -b, --base-dir EV_DÄ°ZÄ°NÄ°(BASE_DIR)\n"
+#~ " yeni kullanıcı hesabının ev dizini için\n"
+#~ " ana dizin\n"
+#~ " -c, --comment YORUM(COMMENT)\n"
+#~ " yeni kullanıcı için GECOS alanını "
+#~ "ayarlar\n"
+#~ " -d, --home-dir EV_DÄ°ZÄ°NÄ°(HOME_DIR)\n"
+#~ " yeni kullanıcı hesabı için ev dizini\n"
+#~ " -D, --defaults değiştirilmiş öntanımlı "
+#~ "useradd yapılandırmasını görüntüle veya "
+#~ "kaydet\n"
+#~ " -e, --expiredate TARIH hesap süresi dolumunu TARIH olarak\n"
+#~ " ayarla\n"
+#~ " -f, --inactive PASIF şifre süresi dolduktan sonra şifreyi\n"
+#~ " PASIF olarak ayarla\n"
+#~ " -g, --gid GRUP yeni kullanıcı hesabı için GRUP "
+#~ "kullanımını\n"
+#~ " zorla\n"
+#~ " -G, --groups GRUPLAR yeni kullanıcı hesabı için\n"
+#~ " ilave grubları listesi\n"
+#~ " -h, --help bu yardım dosyasını göster ve çık\n"
+#~ " -k, --skel TEMEL_DİZİN farklı bir temel dizin belirtir\n"
+#~ " -K, --key ANAHTAR=DEĞER /etc/login.defs dosyasındaki öntanımlı\n"
+#~ " değerlerin üzerine yazar\n"
+#~ " -l, kullanıcıyı lastlog ve faillog "
+#~ "veritabanlarına\n"
+#~ " ekleme\n"
+#~ " -m, --create-home yeni kullanıcı hesabı için ev dizini "
+#~ "yarat\n"
+#~ " -N, --non-user-group kullanıcı adıyla aynı isimde bir grup "
+#~ "yaratma\n"
+#~ " -o, --non-unique aynı UID ile kullanıcı yaratılmasına izin "
+#~ "ver\n"
+#~ " -p, --password PAROLA yeni kullanıcı hesabı için şifrelenmiş "
+#~ "parola\n"
+#~ " -r, --system bir sistem hesabı yarat\n"
+#~ " -s, --shell KABUK yeni kullanıcı hesabı için oturum açma "
+#~ "kabuÄŸu\n"
+#~ " -u, --uid UID yeni kullanıcı hesabı için UID "
+#~ "kullanımını\n"
+#~ " zorla\n"
+#~ " -U, --user-group kullanıcı ile aynı isimde bir grup yarat\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -r, --system create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Kullanım: %s [seçenekler] [girdi]\n"
+#~ "\n"
+#~ " -c, --crypt-method kripto metodu (bunlardan biri: %s)\n"
+#~ " -r, --system sistem hesaplarını yarat\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Parolanızın kullanım süresi doldu."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: parola dosyası kilitlenemedi\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: parola dosyası açılamadı\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası kilitlenemedi\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası açılamadı\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: gölge parola dosyasının üzerine yazılamadı\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: parola dosyasına yazılamadı\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası güncellenemedi\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tTam Ä°sim: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tOda Numarası: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tÄ°ÅŸ Telefonu: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tEv Telefonu: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Parola dosyası kilitlenemiyor, daha sonra tekrar deneyin.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Parola dosyası açılamıyor.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Parola kaydı güncellenmesinde hata.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Parola dosyası değişiklikleri işlenemiyor.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Parola dosyası kilidi açılamıyor.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: grup dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: grup dosyası açılamıyor\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: gölge dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: gölge dosyası açılamıyor\n"
+
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: gshadow dosyası güncellenmesinde hata\n"
+
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: grup dosyası güncellenirken hata oluştu\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: satır %d: bilinmeyen kullanıcı %s\n"
+
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: satır %d: grup kaydı güncellenemiyor\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: gölge dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: gölge (shadow9 dosyası güncellenmesinde hata\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: parola dosyası güncellenmesinde hata\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: satır %d: bilinmeyen kullanıcı %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: satır %d: parola kaydı güncellenemiyor\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: bilinmeyen kullanıcı\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Bilinmeyen Kullanıcı: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Kullanım: %s [-r|-R] grup\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a kullanıcı] grup\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d kullanıcı] grup\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A kullanıcı,...] [-M kullanıcı,...] grup\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M kullanıcı,...] grup\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: kilitlenemiyor\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: gölge kilidi koyulamıyor\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: dosya açılamıyor\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: gölge dosyası tekrar yazılamıyor\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: dosya kilidi açılamıyor\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: kayıt güncellenemiyor\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: gölge kaydı güncellenemiyor\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "bilinmeyen grup: %s\n"
+
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: dosya kapatılamıyor\n"
+
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: shadow dosyası kapatılamıyor\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Siz kimsiniz?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: bilinmeyen üye %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: yeni grup kaydı eklenirken hata oluştu\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: grup dosyasına yazılamıyor\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: gölge grup dosyasına yazılamıyor\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: grup dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: grup dosyası açılamıyor\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası açılamıyor\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u tek deÄŸil\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: grup kaydını silerken hata oluştu\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: gölge grup kaydını silerken hata oluştu\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: kullanıcının birincil grubu silinemez\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Silinecek üye bulunamadı\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Kullanım: groupmems -a kullanıcıadı | -d kullanıcıadı | -D | -l[-g "
+#~ "grupadı]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Sadece root kullacısı üyeleri başka gruplara ekleyebilir\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Grup hakkı gerekli\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Åžu anki grubun birincil sahibi deÄŸil\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM yetkilendirmesi başarısız oldu\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Grup dosyası kilitlenemiyor\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Grup dosyası kapatılamıyor\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s /etc/group dosyasında bulunamadı\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u benzersiz bir GID deÄŸil\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s benzersiz bir isim deÄŸil\n"
+
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: passwd dosyasına yazılamıyor\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: parola dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: parola dosyası açılamıyor\n"
+
+#~ msgid ""
+#~ "%s: cannot change the primary group of user '%s' from %u to %u, since it "
+#~ "is not in the passwd file.\n"
+#~ msgstr ""
+#~ "%s: '%s' kullanıcısının birincil grubu %u grubundan %u grubuna\n"
+#~ "değiştirilemiyor, çünkü bu kullanıcı passwd dosyasında yok.\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: %s için gölge kaydı güncellenemiyor\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: %s grubu için kayıt güncellenemiyor\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası açılamıyor\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s gölge grubu %s silinemiyor\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası güncellenemiyor\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası silinemiyor\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "bilinmeyen UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "bilinmeyen GID: %lu\n"
+
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: grup `%s' geçerli değil\n"
+
+#~ msgid ""
+#~ "%s: group %s created, failure during the creation of the corresponding "
+#~ "gshadow group\n"
+#~ msgstr ""
+#~ "%s: %s grubu yaratıldı, uygun olan gshadow grubu yaratılırken hata "
+#~ "oluÅŸtu\n"
+
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: geçersiz kullanıcı adı `%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: /etc/passwd kilitlenemiyor.\n"
+
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: /etc/shadow kilitlenemiyor.\n"
+
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: /etc/group kilitlenemiyor.\n"
+
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: /etc/gshadow kilitlenemiyor.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: dosyalar açılamıyor\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: dosyaların güncellenmesinde hata oluştu\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: %s için passwd kaydı güncellenemedi\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: passwd dosyası kilitlenemedi\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: passwd dosyası açılamadı\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: %s için gölge kaydı silinemedi\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: passwd dosyası güncellenemedi\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: kullanıcı %s için kayıt güncellenemiyor\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası silinemiyor\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: bilinmeyen GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: bilinmeyen grup %s\n"
+
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: Bellek yetersiz. Shadow grup veritabanı güncellenemiyor.\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: parola dosyası yazılamıyor\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası yazılamıyor\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası açılamıyor\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: grup dosyası kilitlenmesinde hata\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: grup dosyası açılırken hata\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası kilitlenirken hata\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası açılırken hata\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: yeni parola kaydı eklenirken hata\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: yeni gölge parola kaydı eklenirken hata\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: uyarı: CREATE_HOME desteklenmiyor, lütfen bunun yerine -m kullanın.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: grup kaydı güncellenirken hata oluştu\n"
+
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: shadow grup kaydı güncellenirken hata oluştu\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: grup dosyası açılamıyor\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası açılamıyor\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: parola kaydı silinirken hata oluştu\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: gölge parola kaydı silinirken hata oluştu\n"
+
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: yeni shadow grup kaydı eklenirken hata oluştu\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu benzersiz deÄŸil\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: parola kaydı değiştirilirken hata oluştu\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: parola kaydı silinirken hata oluştu\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: gölge parola kaydı silinirken hata oluştu\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: tek (benzersiz) bir GID alınamadı\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " '%.200s'den '%.100s' üzerinde"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " '%.100s' üzerinde"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: satır %d: UID yaratılamıyor\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: %s ismi tek deÄŸil\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: chgpasswd [seçenekler]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ " -e, --encrypted\tverilen parolalar, ÅŸifrelendirilir\n"
+#~ " -h, --help\t\tbu yardım dosyasını gösterir ve çıkar\n"
+#~ " -m, --md5\t\tgirilen parolalar ÅŸifrelenmediÄŸinde, DES yerine MD5\n"
+#~ "\t\t\t\tşifrelemesi kullanır\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Parola dosyası yok\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Üzgünüm.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Üzgünüm, %s için parola henüz değiştirilemedi.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Üzgünüm."
diff --git a/po/uk.po b/po/uk.po
new file mode 100644
index 0000000..03a3498
--- /dev/null
+++ b/po/uk.po
@@ -0,0 +1,3624 @@
+# translation of uk.po to Ukrainian
+# Roman Festchook <linux@polesye.net>, 2001-2005.
+# Eugeniy Meshcheryakov <eugen@univ.kiev.ua>, 2005, 2006.
+# translation of uk.po to
+# shadow.pot Ukrainian translation.
+# Comments and bug-reports are welcomed
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-26 22:52+0100\n"
+"Last-Translator: Eugeniy Meshcheryakov <eugen@univ.kiev.ua>\n"
+"Language-Team: Ukrainian\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+"X-Generator: KBabel 1.11.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Ðе можу виділити реÑурÑи Ð´Ð»Ñ ÐºÐ¾Ð½Ñ„Ñ–Ð³ÑƒÑ€Ð°Ñ†Ñ–Ð¹Ð½Ð¸Ñ… даних.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"помилка у конфігурації - невідома Ð¿Ð¾Ð·Ð¸Ñ†Ñ–Ñ '%s' (повідомте адмініÑтратора)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Пароль: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Пароль кориÑтувача %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Ðе можу виділити реÑурÑи Ð´Ð»Ñ ÐºÐ¾Ð½Ñ„Ñ–Ð³ÑƒÑ€Ð°Ñ†Ñ–Ð¹Ð½Ð¸Ñ… даних.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Змінюю вікову інформацію Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Ðе можу визначити Ваше ім'Ñ ÐºÐ¾Ñ€Ð¸Ñтувача.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: Ñ€Ñдок %d: не можу знайти кориÑтувача %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: брак пам'ÑÑ‚Ñ–\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: неможливо оновити файл %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: невірна Ð´Ð¾Ð¼Ð°ÑˆÐ½Ñ Ñ‚ÐµÐºÐ° \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: заÑтереженнÑ: не можу видалити "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: заÑтереженнÑ: не можу видалити "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: перейменуваннÑ: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: заÑтереженнÑ: не можу видалити "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: заÑтереженнÑ: не можу видалити "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: неможливо оновити файл %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: не можу оновити файл прихованих паролів\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: перейменуваннÑ: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: не можу відкрити файл %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "ЗаÑтереженнÑ: невідома група %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "ЗаÑтереженнÑ: забагато груп\n"
+
+msgid "Your password has expired."
+msgstr "Ваш пароль проÑтрочено."
+
+msgid "Your password is inactive."
+msgstr "Ваш пароль є неактивним."
+
+msgid "Your login has expired."
+msgstr "Ваш логін проÑтрочено."
+
+msgid " Contact the system administrator."
+msgstr " Зв'ÑжітьÑÑ Ð· ÑиÑтемним адмініÑтратором."
+
+msgid " Choose a new password."
+msgstr " Оберіть новий пароль."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Ваш пароль буде проÑтрочено за %ld днів.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Ваш пароль буде проÑтрочено завтра."
+
+msgid "Your password will expire today."
+msgstr "Ваш пароль буде проÑтрочено Ñьогодні."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Ðе можу змінити tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: Ð¿Ð¾Ð»Ñ Ð·Ð°Ð½Ð°Ð´Ñ‚Ð¾ довгі\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "ÐŸÐµÑ€ÐµÐ¿Ð¾Ð²Ð½ÐµÐ½Ð½Ñ Ð¾Ñ‚Ð¾Ñ‡ÐµÐ½Ð½Ñ\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Ви не можете змінити $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d помилка з чаÑу оÑтаннього входу.\n"
+"ОÑтанній вхід: %s з %s.\n"
+msgstr[1] "%d помилки з чаÑу оÑтаннього входу. ОÑтанній вхід: %s з %s.\n"
+msgstr[2] "%d помилок з чаÑу оÑтаннього входу. ОÑтанній вхід: %s з %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "не можу змінити влаÑника поштової Ñкриньки"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: не можу отримати унікальний UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: не можу отримати унікальний GID\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: не можу отримати унікальний UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: не можу отримати унікальний UID\n"
+
+msgid "Too many logins.\n"
+msgstr "Забагато входів.\n"
+
+msgid "You have new mail."
+msgstr "Ви маєте нову пошту."
+
+msgid "No mail."
+msgstr "Пошти не має."
+
+msgid "You have mail."
+msgstr "Ви маєте пошту."
+
+msgid "no change"
+msgstr "без змін"
+
+msgid "a palindrome"
+msgstr "паліндром"
+
+msgid "case changes only"
+msgstr "тільки зміна регіÑтру"
+
+msgid "too similar"
+msgstr "занадто подібні"
+
+msgid "too simple"
+msgstr "занадто проÑтий"
+
+msgid "rotated"
+msgstr "переÑтавлені літери"
+
+msgid "too short"
+msgstr "закороткий"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Поганий пароль: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() не виконано, помилка %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Пароль змінено."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: пароль вдало змінено\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Ðевірний пароль Ð´Ð»Ñ %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: невірний домашній телефон: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Ðеможливо перейти до теки \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Ðемає теки, входимо з HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Ðе можу виконати %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ðевірна коренева тека \"%s\"\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Ðеможливо змінити кореневу теку на \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Ðеможливо визначити назву вашого термінала."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "ÐÑ–\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Введіть нове Ð·Ð½Ð°Ñ‡ÐµÐ½Ð½Ñ Ð°Ð±Ð¾ натиÑніть ENTER Ð´Ð»Ñ Ð·Ð½Ð°Ñ‡ÐµÐ½Ð½Ñ Ð·Ð° замовчаннÑм"
+
+msgid "Minimum Password Age"
+msgstr "Мінімальний вік паролÑ"
+
+msgid "Maximum Password Age"
+msgstr "МакÑимальний вік паролÑ"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "ОÑÑ‚Ð°Ð½Ð½Ñ Ð·Ð¼Ñ–Ð½Ð° Ð¿Ð°Ñ€Ð¾Ð»Ñ (РРРР-ММ-ДД)"
+
+msgid "Password Expiration Warning"
+msgstr "ЗаÑÑ‚ÐµÑ€ÐµÐ¶ÐµÐ½Ð½Ñ Ð¿Ñ€Ð¾ проÑÑ‚Ñ€Ð¾Ñ‡ÐµÐ½Ð½Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ"
+
+msgid "Password Inactive"
+msgstr "Пароль неактивний"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Дата проÑÑ‚Ñ€Ð¾Ñ‡ÐµÐ½Ð½Ñ Ñ€Ð°Ñ…ÑƒÐ½ÐºÑƒ (РРРР-ММ-ДД)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "ОÑÑ‚Ð°Ð½Ð½Ñ Ð·Ð¼Ñ–Ð½Ð° паролÑ\t\t\t\t\t: "
+
+msgid "never"
+msgstr "ніколи"
+
+msgid "password must be changed"
+msgstr "Пароль змінено"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Пароль Ñтає проÑтроченим\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Пароль неактивний\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Рахунок Ñтає проÑтроченим\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Мінімальна кількіÑÑ‚ÑŒ днів між змінами паролю\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "МакÑимальна кількіÑÑ‚ÑŒ днів між змінами паролю\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "КількіÑÑ‚ÑŒ днів Ð´Ð»Ñ Ð·Ð°ÑÑ‚ÐµÑ€ÐµÐ¶ÐµÐ½Ð½Ñ Ð¿Ñ€Ð¾ проÑÑ‚Ñ€Ð¾Ñ‡ÐµÐ½Ð½Ñ Ð¿Ð°Ñ€Ð¾Ð»ÑŽ\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: невірна дата \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: невірний чиÑловий аргумент \"%s\"\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: не викориÑтовуйте \"l\" з іншими прапорцÑми\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: У доÑтупі відмовлено.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Ðе можу визначити Ваше ім'Ñ ÐºÐ¾Ñ€Ð¸Ñтувача.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: не можу блокувати файли, Ñпробуйте пізніше\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: не можу відкрити файл %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: помилка відгалудженнÑ: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: не можу відкрити файл прихованих паролів\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: кориÑтувач %s не Ñ–Ñнує\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Змінюю вікову інформацію Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: помилка зміни полів\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Повне ім'Ñ"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Ðомер кімнати"
+
+msgid "Work Phone"
+msgstr "Робочій телефон"
+
+msgid "Home Phone"
+msgstr "Домашній телефон"
+
+msgid "Other"
+msgstr "Інше"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Ðе можу змінити ID на root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: невірне ім'Ñ: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: невірний номер кімнати: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: невірний робочий телефон: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: невірний домашній телефон: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" міÑтить заборонені Ñимволи\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" міÑтить заборонені Ñимволи\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: кориÑтувач %s не Ñ–Ñнує\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: неможливо змінити кориÑтувача \"%s\" у клієнті NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: \"%s\" Ñ” NIS-Ñервером Ð´Ð»Ñ Ñ†ÑŒÐ¾Ð³Ð¾ клієнта.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Зміна інформації про кориÑтувача %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: Ð¿Ð¾Ð»Ñ Ð·Ð°Ð½Ð°Ð´Ñ‚Ð¾ довгі\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: прапорець -a можна викориÑтовувати ТІЛЬКИ з прапорцем -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: Ñ€Ñдок %d: Ñ€Ñдок занадто довгий\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: Ñ€Ñдок %d: бракує нового паролÑ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: група %s не Ñ–Ñнує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Ñ€Ñдок %d: не можу оновити запиÑ\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: виÑвлено помилку, зміни ігноруютьÑÑ\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: кориÑтувач %s не Ñ–Ñнує\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: кориÑтувач %s не Ñ–Ñнує\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Логін-оболонка"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Ðе можна змінити оболонку Ð´Ð»Ñ %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Змінюю оболонку Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Ðевірний запиÑ: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s є невірна оболонка.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: кориÑтувач %s не Ñ–Ñнує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: заÑтереженнÑ: %s не належить %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: неочікуваний аргумент: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Логін Помилок МакÑимум ОÑтаннє Ðа\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds залишилоÑÑŒ]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds блоковано]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Ðевідомий кориÑтувач: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Пароль Ð´Ð»Ñ %s не може бути змінений.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Пароль Ð´Ð»Ñ %s не може бути змінений.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: приховані паролі груп потрібні Ð´Ð»Ñ -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: група %s не Ñ–Ñнує\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: помилка відгалудженнÑ: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Зміна Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð´Ð»Ñ Ð³Ñ€ÑƒÐ¿Ð¸ %s\n"
+
+msgid "New Password: "
+msgstr "Ðовий пароль: "
+
+msgid "Re-enter new password: "
+msgstr "Повторіть новий пароль: "
+
+msgid "They don't match; try again"
+msgstr "не Ñпівпадає; Ñпробуйте знову"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Спробуйте знову пізніше\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Додано нового кориÑтувача %s до групи %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Видалено кориÑтувача %s з групи %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: кориÑтувач %s не Ñ–Ñнує\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Ðе Ñ” tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s: то не Ñ” вірне ім'Ñ Ð³Ñ€ÑƒÐ¿Ð¸\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "невірна назва групи \"%s\"\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K вимагає ЗМІÐÐÐ=ЗÐÐЧЕÐÐЯ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: група %s Ñ–Ñнує\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Член вже Ñ–Ñнує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Ðе можу визначити Ваше ім'Ñ ÐºÐ¾Ñ€Ð¸Ñтувача.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: неможливо змінити кориÑтувача \"%s\" у клієнті NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: група %s не Ñ–Ñнує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: група \"%s\" є групою NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s Ñ” Ñервер NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: кориÑтувач %s Ñ” кориÑтувачем NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: бракує пам'ÑÑ‚Ñ– у update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "невірна назва групи \"%s\"\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: група %s є групою NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: невідомий кориÑтувач %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s та -r неÑуміÑні\n"
+
+msgid "invalid group file entry"
+msgstr "невірний Ð·Ð°Ð¿Ð¸Ñ Ñƒ файлі груп"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "видалити Ñ€Ñдок \"%s\"? "
+
+msgid "duplicate group entry"
+msgstr "дублюючий Ð·Ð°Ð¿Ð¸Ñ Ñƒ базі груп"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "невірна назва групи \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "невірна назва групи \"%s\"\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "група %s: немає кориÑтувача %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "видалити члена \"%s\"? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "відповідний Ð·Ð°Ð¿Ð¸Ñ Ñ„Ð°Ð¹Ð»Ñƒ груп відÑутній у %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "додати групу \"%s\" у %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "невірний Ð·Ð°Ð¿Ð¸Ñ Ñƒ файлі прихованих груп"
+
+msgid "duplicate shadow group entry"
+msgstr "дублюючий Ð·Ð°Ð¿Ð¸Ñ Ñƒ файлі прихованих груп"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "прихована група %s: не має адмініÑтратора %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "видалити адмініÑтратора \"%s\"? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "прихована група %s: немає кориÑтувача %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: файли було оновлено\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: без змін\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: неможливо оновити файл %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "ВикориÑтаннÑ: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "ВикориÑтаннÑ: id\n"
+
+msgid " groups="
+msgstr " групи="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "КориÑтувач Порт Звідки ОÑтанній вхід"
+
+msgid "Username Port Latest"
+msgstr "КориÑтувач Порт ОÑтанній вхід"
+
+msgid "**Never logged in**"
+msgstr "**Ðіколи не входив**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: не можу оновити файл паролів\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "ВикориÑтаннÑ: %s [-p] [ім'Ñ]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h вузол] [-f ім'Ñ]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r вузол\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Ðевірний Ñ‡Ð°Ñ Ð´Ð»Ñ Ð²Ñ…Ð¾Ð´Ñƒ"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"СиÑтему закрито Ð´Ð»Ñ Ð¿Ñ€Ð¾Ñ„Ñ–Ð»Ð°ÐºÑ‚Ð¸ÐºÐ¸."
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[СталоÑÑ Ð²Ñ–Ð´ÐºÐ»ÑŽÑ‡ÐµÐ½Ð½Ñ -- дозволено лише вхід root-a.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Ðемає запиÑу utmp. Вам потрібно виконати \"login\" з \"sh\" найнижчого рівнÑ"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Ð§Ð°Ñ Ð»Ð¾Ð³Ñ–Ð½Ñƒ буде вичерпано за %d Ñекунд.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Помилка PAM, перервано: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s логін: "
+
+msgid "login: "
+msgstr "логін: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Перевищено макÑимальну кількіÑÑ‚ÑŒ Ñпроб (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: ÑиÑтема PAM запроÑила перериваннÑ\n"
+
+msgid "Login incorrect"
+msgstr "Ðевірний логін"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: Ñ€Ñдок %d: не можу знайти кориÑтувача %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s логін: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: помилка відгалудженнÑ: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "ЗаÑтереженнÑ: login поновлено піÑÐ»Ñ Ñ‚Ð¸Ð¼Ñ‡Ð°Ñового блокуваннÑ."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "ОÑтанній вхід в ÑиÑтему: %s на %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "ОÑтанній вхід в ÑиÑтему: %.19s на %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " з %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"вичерпано Ñ‡Ð°Ñ Ð»Ð¾Ð³Ñ–Ð½Ñƒ\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "ВикориÑтаннÑ: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "ВикориÑтаннÑ: newgrp [-] [група]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "ВикориÑтаннÑ: sg група [[-c] команда]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Старий пароль: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: помилка відгалудженнÑ: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: кориÑтувач %s не Ñ–Ñнує\n"
+
+msgid "too many groups\n"
+msgstr "занадто багато груп\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: група %s не Ñ–Ñнує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: невірне ім'Ñ ÐºÐ¾Ñ€Ð¸Ñтувача '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: невірне ім'Ñ ÐºÐ¾Ñ€Ð¸Ñтувача '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: Ñ€Ñдок %d: невірний Ñ€Ñдок\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: не можу оновити Ð·Ð°Ð¿Ð¸Ñ Ð´Ð»Ñ ÐºÐ¾Ñ€Ð¸Ñтувача %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: Ñ€Ñдок %d: не можу Ñтворити GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: Ñ€Ñдок %d: не можу Ñтворити GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: кориÑтувач %s не Ñ–Ñнує\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: Ñ€Ñдок %d: не можу оновити пароль\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: Ñ€Ñдок %d: mkdir не виконавÑÑ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: Ñ€Ñдок %d: chown не виконавÑÑ\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: Ñ€Ñдок %d: не можу оновити запиÑ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: не можу Ñтворити %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: не можу оновити файл груп\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Старий пароль: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Введіть новий пароль (від %d до %d знаків)\n"
+"Змішуйте великі та малі літери та цифри.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Введіть новий пароль (від %d до %d знаків)\n"
+"Змішуйте великі та малі літери та цифри.\n"
+
+msgid "New password: "
+msgstr "Ðовий пароль: "
+
+msgid "Try again."
+msgstr "Спробуйте ще."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"ЗаÑтереженнÑ: Поганий пароль (введіть його знову, Ñкщо вÑе одно бажаєте його "
+"викориÑтовувати)."
+
+msgid "They don't match; try again.\n"
+msgstr "Ðе Ñпівпадає; Ñпробуйте знову.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Пароль Ð´Ð»Ñ %s не може бути змінений.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Пароль Ð´Ð»Ñ %s не може бути змінений.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: Ñховище %s не підтримуєтьÑÑ\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Ви не можете дивитиÑÑ Ñ‚Ð° змінювати парольну інформацію Ð´Ð»Ñ %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Зміна Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð´Ð»Ñ %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Пароль Ð´Ð»Ñ %s не змінено.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Пароль змінено."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "ЗаÑÑ‚ÐµÑ€ÐµÐ¶ÐµÐ½Ð½Ñ Ð¿Ñ€Ð¾ проÑÑ‚Ñ€Ð¾Ñ‡ÐµÐ½Ð½Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "невірний Ð·Ð°Ð¿Ð¸Ñ Ñƒ файлі паролів"
+
+msgid "duplicate password entry"
+msgstr "дублюючий Ð·Ð°Ð¿Ð¸Ñ Ñƒ файлі паролів"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "невірне ім'Ñ ÐºÐ¾Ñ€Ð¸Ñтувача '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "невірне ім'Ñ ÐºÐ¾Ñ€Ð¸Ñтувача '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "кориÑтувач %s: не має групи %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "кориÑтувач %s: тека %s не Ñ–Ñнує\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "кориÑтувач %s: програма %s не Ñ–Ñнує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: не можу заблокувати файл %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "відÑутній відповідний Ð·Ð°Ð¿Ð¸Ñ Ñƒ файлі паролів %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "додати кориÑтувача \"%s\" в %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "невірний Ð·Ð°Ð¿Ð¸Ñ Ñƒ файлі прихованих паролів"
+
+msgid "duplicate shadow password entry"
+msgstr "дублюючий Ð·Ð°Ð¿Ð¸Ñ Ñƒ файлі прихованих паролів"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "кориÑтувач %s: оÑÑ‚Ð°Ð½Ð½Ñ Ð·Ð¼Ñ–Ð½Ð° Ð¿Ð°Ñ€Ð¾Ð»Ñ Ñƒ майбутньому\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: не можу відкрити файл %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: не можу перепиÑати файл\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "ДоÑтуп цього кориÑтувача до su ЗÐБОРОÐЕÐО.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Ðутентифікацію пройдено.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Будь лаÑка введіть Ваш влаÑний пароль Ð´Ð»Ñ Ð°ÑƒÑ‚ÐµÐ½Ñ‚Ð¸Ñ„Ñ–ÐºÐ°Ñ†Ñ–Ñ—.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: не можу заблокувати файл %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"ВикориÑтаннÑ: su [параметри] [ЛОГІÐ]\n"
+"\n"
+"Параметри:\n"
+" -c, --command КОМÐÐДРпередати КОМÐÐДУ запущеній оболонці\n"
+" -h, --help вивеÑти це довідкове Ð¿Ð¾Ð²Ñ–Ð´Ð¾Ð¼Ð»ÐµÐ½Ð½Ñ Ñ‚Ð° вийти\n"
+" -, -l, --login зробити оболонку вхідною\n"
+" -m, -p,\n"
+" --preserve-environment не Ñкидувати змінні Ð¾Ñ‚Ð¾Ñ‡ÐµÐ½Ð½Ñ Ñ– залишити\n"
+" таку Ñаму оболонку\n"
+" -s, --shell ОБОЛОÐКРвикориÑтати ОБОЛОÐКУ заміÑÑ‚ÑŒ вказаної в passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ігнорую)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Ви не авторизовані Ð´Ð»Ñ su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Введіть ваш пароль)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM Ð°Ð²Ñ‚ÐµÐ½Ñ‚Ð¸Ñ„Ñ–ÐºÐ°Ñ†Ñ–Ñ Ð½Ðµ пройшла\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Ви не авторизовані Ð´Ð»Ñ su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Бракує запиÑу у базі паролів Ð´Ð»Ñ 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: повинно бути запущено з терміналу\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: помилка %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Ðе можу виконати %s"
+
+msgid "No password file"
+msgstr "Ðемає файлу паролів"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Бракує запиÑу у базі паролів Ð´Ð»Ñ 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"ÐатиÑніть control-d Ð´Ð»Ñ Ð²Ð¸ÐºÐ¾Ð½Ð°Ð½Ð½Ñ Ð·Ð²Ð¸Ñ‡Ð°Ð¹Ð½Ð¾Ð³Ð¾ завантаженнÑ,\n"
+"(або введіть пароль адмініÑтратора Ð´Ð»Ñ Ð²Ñ–Ð´Ð½Ð¾Ð²Ð»ÐµÐ½Ð½Ñ ÑиÑтеми):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Входимо у режим Ð²Ñ–Ð´Ð½Ð¾Ð²Ð»ÐµÐ½Ð½Ñ ÑиÑтеми"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: не можу Ñтворити новий файл із значеннÑми по замовчуванню\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: не можу відкрити новий файл із значеннÑми по замовчуванню\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: Ñ€Ñдок %d: chown не виконавÑÑ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: перейменуваннÑ: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: група \"%s\" є групою NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: вказано забагато груп (Ð¼Ð°ÐºÑ %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: невірна базова тека \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: невірний коментар \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: невірна Ð´Ð¾Ð¼Ð°ÑˆÐ½Ñ Ñ‚ÐµÐºÐ° \"%s\"\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: приховані паролі потрібні Ð´Ð»Ñ -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: приховані паролі потрібні Ð´Ð»Ñ -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: невірне поле \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: невірна оболонка \"%s\"\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+msgid "Creating mailbox file"
+msgstr "СтворюєтьÑÑ Ñ„Ð°Ð¹Ð» поштової Ñкриньки"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Групу \"mail\" не знайдено. Поштова Ñкринька кориÑтувача ÑтворюєтьÑÑ Ð· "
+"правами доÑтупу 0600\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Ð’ÑтановлюютьÑÑ Ð¿Ñ€Ð°Ð²Ð° доÑтупу на файл поштової Ñкриньки"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: кориÑтувач %s Ñ–Ñнує\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: група %s Ñ–Ñнує - Ñкщо ви бажаєте додати кориÑтувача до цієї групи, "
+"викориÑтовуйте -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: не можу Ñтворити %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u не є унікальним\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: не можу Ñтворити %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: не можу Ñтворити %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: не можу Ñтворити %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: увага: Ð´Ð¾Ð¼Ð°ÑˆÐ½Ñ Ñ‚ÐµÐºÐ° вже Ñ–Ñнує.\n"
+"Жоден файл з директорії кіÑÑ‚Ñка не копіюєтьÑÑ.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: неможливо змінити кориÑтувача \"%s\" у клієнті NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: не можу видалити групу %s Ñка Ñ” первинною групою іншого кориÑтувача.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: невірна Ð´Ð¾Ð¼Ð°ÑˆÐ½Ñ Ñ‚ÐµÐºÐ° \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: заÑтереженнÑ: не можу видалити "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s не належить %s, не видалено\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: кориÑтувач %s Ñ” кориÑтувачем NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: невірна Ð´Ð¾Ð¼Ð°ÑˆÐ½Ñ Ñ‚ÐµÐºÐ° \"%s\"\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: не видалено теку %s (можна видалити домашню теку кориÑтувача %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: помилка Ð²Ð¸Ð´Ð°Ð»ÐµÐ½Ð½Ñ Ñ‚ÐµÐºÐ¸ %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: кориÑтувач %s Ñ–Ñнує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: невірна дата \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: невірна дата \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: не можу відкрити файл %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: приховані паролі потрібні Ð´Ð»Ñ -e Ñ– -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Член вже Ñ–Ñнує\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: тека %s Ñ–Ñнує\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: не можу Ñтворити теку %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: увага: не вдалоÑÑ Ð¿Ð¾Ð²Ð½Ñ–ÑÑ‚ÑŽ видалити Ñтару домашню теку %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: заÑтереженнÑ: %s не належить %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "не можу змінити влаÑника поштової Ñкриньки"
+
+msgid "failed to rename mailbox"
+msgstr "не можу перейменувати поштову Ñкриньку"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s не змінено\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "не можу перейменувати поштову Ñкриньку"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Ðе можу блокувати файл"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: не вдалоÑÑ Ñкинути привілеї (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Ðе можу блокувати файл"
+
+msgid "Couldn't make backup"
+msgstr "Ðе можу зробити резервну копію"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s не знайдено у /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Ðеможливо відкрити файл груп\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: Ð¿Ð¾Ð»Ñ Ð·Ð°Ð½Ð°Ð´Ñ‚Ð¾ довгі\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "не можу перейменувати поштову Ñкриньку"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "не можу змінити влаÑника поштової Ñкриньки"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "не можу перейменувати поштову Ñкриньку"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: не можу відновити %s: %s (ваші зміни у %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: невірна базова тека \"%s\"\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) не виконано\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -d, --lastday LAST_DAY set last password change to LAST_DAY\n"
+#~| " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --list show account aging information\n"
+#~| " -m, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| " -W, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: chage [параметри] [LOGIN]\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ " -d, --lastday ОСТÐÐÐІЙ_ДЕÐЬ вÑтановити дату оÑтанньої зміни Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð²\n"
+#~ " ОСТÐÐÐІЙ_ДЕÐЬ\n"
+#~ " -E, --expiredate ДÐТÐ_ПРОСТР вÑтановити дату проÑÑ‚Ñ€Ð¾Ñ‡ÐµÐ½Ð½Ñ Ð¾Ð±Ð»Ñ–ÐºÐ¾Ð²Ð¾Ð³Ð¾\n"
+#~ " запиÑу у ДÐТÐ_ПРОСТР\n"
+#~ " -h, --help вивеÑти це довідкове Ð¿Ð¾Ð²Ñ–Ð´Ð¾Ð¼Ð»ÐµÐ½Ð½Ñ Ñ‚Ð° "
+#~ "вийти\n"
+#~ " -I, --inactive ÐЕÐКТИВÐИЙ зробити пароль неактивним піÑÐ»Ñ "
+#~ "проÑтроченнÑ\n"
+#~ " -l, --list показати інформацію про вік облікового "
+#~ "запиÑу\n"
+#~ " -m, --mindays МІÐ_ДÐІВ вÑтановити найменшу кількіÑÑ‚ÑŒ днів перед "
+#~ "зміною\n"
+#~ " Ð¿Ð°Ñ€Ð¾Ð»Ñ Ñƒ МІÐ_ДÐІВ\n"
+#~ " -M, --maxdays ÐœÐКС_ДÐІВ вÑтановити макÑимальну кількіÑÑ‚ÑŒ днів "
+#~ "перед\n"
+#~ " зміною Ð¿Ð°Ñ€Ð¾Ð»Ñ Ñƒ ÐœÐКС_ДÐІВ\n"
+#~ " -W, --warndays ПОПЕРЕДЖЕÐЯЯ вÑтоновити кількіÑÑ‚ÑŒ днів перед\n"
+#~ " попередженнÑм про проÑÑ‚Ñ€Ð¾Ñ‡ÐµÐ½Ð½Ñ Ñƒ "
+#~ "ПОПЕРЕДЖЕÐÐЯ\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM Ð°Ð²Ñ‚ÐµÐ½Ñ‚Ð¸Ñ„Ñ–ÐºÐ°Ñ†Ñ–Ñ Ð½Ðµ пройшла\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: %s [-f повне_ім'Ñ] [-r номер_кімнати] [-w робочій_телефон]\n"
+#~ "\t[-h домашній_телефон] [-o інше] [кориÑтувач]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: %s [-f повне_ім'Ñ] [-r номер_кімнати]\n"
+#~ "\t[-w робочій_телефон] [-h домашній_телефон]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: chpasswd [опції]\n"
+#~ "\n"
+#~ "Опції:\n"
+#~ " -e, --encrypted вказаний пароль зашифровано\n"
+#~ " -h, --help показати цю допомогу та вийти\n"
+#~ " -m, --md5 викориÑтовувати MD5 ÑˆÐ¸Ñ„Ñ€ÑƒÐ²Ð°Ð½Ð½Ñ Ð·Ð°Ð¼Ñ–ÑÑ‚ÑŒ "
+#~ "DES,\n"
+#~ " Ñкщо вказані паролі не зашифровано\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: chsh [параметри] [LOGIN]\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ " -h, --help вивеÑти це довідкове Ð¿Ð¾Ð²Ñ–Ð´Ð¾Ð¼Ð»ÐµÐ½Ð½Ñ Ñ‚Ð° "
+#~ "вийти\n"
+#~ " -s, --shell ОБОЛОÐКРнова вхідна оболонка Ð´Ð»Ñ Ð¾Ð±Ð»Ñ–ÐºÐ¾Ð²Ð¾Ð³Ð¾ "
+#~ "запиÑу\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "ВикориÑтаннÑ: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: не можу відкрити файл %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "ВикориÑтаннÑ: groupdel група\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "ВикориÑтаннÑ: %s [-r] [-s] [група [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "ВикориÑтаннÑ: %s [-r] [-s] [група]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s та -r неÑуміÑні\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "ВикориÑтаннÑ: groupdel група\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "ВикориÑтаннÑ: groupdel група\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: lastlog [параметри]\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ " -b, --before ДÐІ друкувати лише запиÑи Ñтаріші за ДÐІ\n"
+#~ " -h, --help вивеÑти допомогу та вийти\n"
+#~ " -t, --time ДÐІВ вивеÑти лише запиÑи Ñвіжіші за ДÐІВ\n"
+#~ " -u, --user ЛОГІРвивеÑти запиÑи оÑтанніх входів длÑ\n"
+#~ " кориÑтувача з ЛОГІÐом\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all report password status on all accounts\n"
+#~| " -d, --delete delete the password for the named "
+#~| "account\n"
+#~| " -e, --expire force expire the password for the named "
+#~| "account\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -k, --keep-tokens change password only if expired\n"
+#~| " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~| " to INACTIVE\n"
+#~| " -l, --lock lock the named account\n"
+#~| " -n, --mindays MIN_DAYS set minimum number of days before "
+#~| "password\n"
+#~| " change to MIN_DAYS\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -r, --repository REPOSITORY change password in REPOSITORY "
+#~| "repository\n"
+#~| " -S, --status report password status on the named "
+#~| "account\n"
+#~| " -u, --unlock unlock the named account\n"
+#~| " -w, --warndays WARN_DAYS set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| " -x, --maxdays MAX_DAYS set maximim number of days before "
+#~| "password\n"
+#~| " change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: passwd [параметри] [ЛОГІÐ]\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ " -a, --all звітувати про Ñтан паролів уÑÑ–Ñ… запиÑів\n"
+#~ " -d, --delete видалити пароль Ð´Ð»Ñ Ð²ÐºÐ°Ð·Ð°Ð½Ð¾Ð³Ð¾ запиÑу\n"
+#~ " -e, --expire проÑтрочити пароль Ð´Ð»Ñ Ð²ÐºÐ°Ð·Ð°Ð½Ð¾Ð³Ð¾ запиÑу\n"
+#~ " -h, --help вивеÑти це довідкове Ð¿Ð¾Ð²Ñ–Ð´Ð¾Ð¼Ð»ÐµÐ½Ð½Ñ Ñ‚Ð° "
+#~ "вийти\n"
+#~ " -k, --keep-tokens змінити пароль лише Ñкщо його "
+#~ "проÑтрочено\n"
+#~ " -i, --inactive INACTIVE зробити пароль неактивним піÑÐ»Ñ "
+#~ "проÑтроченнÑ\n"
+#~ " -l, --lock заблокувати вказаний запиÑ\n"
+#~ " -n, --mindays МІÐ_ДÐІВ вÑтановити найменшу кількіÑÑ‚ÑŒ днів перед\n"
+#~ " зміною Ð¿Ð°Ñ€Ð¾Ð»Ñ Ñƒ МІÐ_ДÐІВ\n"
+#~ " -q, --quiet тихий режим\n"
+#~ " -r, --repository СХОВИЩЕ змінити пароль у вказаному СХОВИЩІ\n"
+#~ " -S, --status звітувати про Ñтан Ð¿Ð°Ñ€Ð¾Ð»Ñ Ð²ÐºÐ°Ð·Ð°Ð½Ð¾Ð³Ð¾ "
+#~ "запиÑу\n"
+#~ " -u, --unlock розблокувати вказаний запиÑ\n"
+#~ " -w, --warndays ПОП_ДÐІВ вÑтановити кількіÑÑ‚ÑŒ днів перед\n"
+#~ " повідомленнÑм про проÑÑ‚Ñ€Ð¾Ñ‡ÐµÐ½Ð½Ñ Ñƒ "
+#~ "ПОП_ДÐІВ\n"
+#~ " -x, --maxdays ÐœÐКС_ДÐІВ вÑтановити макÑимальну кількіÑÑ‚ÑŒ днів "
+#~ "перед\n"
+#~ " зміною Ð¿Ð°Ñ€Ð¾Ð»Ñ Ñƒ ÐœÐКС_ДÐІВ\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "ВикориÑтаннÑ: %s [-q] [-r] [-s] [пароль [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "ВикориÑтаннÑ: %s [-q] [-r] [-s] [пароль [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "ВикориÑтаннÑ: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "ВикориÑтаннÑ: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Ðевідомий id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Ðемає оболонки\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: userdel [параметри] ЛОГІÐ\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ " -f, --force видалÑти файли навіть Ñкщо вказаний\n"
+#~ " кориÑтувач не Ñ” Ñ—Ñ… володарем\n"
+#~ " -h, --help вивеÑти це довідкове Ð¿Ð¾Ð²Ñ–Ð´Ð¾Ð¼Ð»ÐµÐ½Ð½Ñ Ñ‚Ð° "
+#~ "вийти\n"
+#~ " -r, --remove видалити домашню теку Ñ– поштову Ñкриньку\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: кориÑтувач %s на даний момент у ÑиÑтемі\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: useradd [параметри] ЛОГІÐ\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ " -a, --append додати кориÑтувача до додаткових ГРУП\n"
+#~ " (викориÑтовувати тільки з -G)\n"
+#~ " -c, --comment КОМЕÐТÐР вÑтановити поле GECOS Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу\n"
+#~ " кориÑтувача\n"
+#~ " -d, --home ДОМ_Ð¢Ð•ÐšÐ Ð´Ð¾Ð¼Ð°ÑˆÐ½Ñ Ñ‚ÐµÐºÐ° Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу "
+#~ "кориÑтувача\n"
+#~ " -e, --expiredate ДÐТÐ_ПРОСТР вÑтановити дату проÑÑ‚Ñ€Ð¾Ñ‡ÐµÐ½Ð½Ñ Ð·Ð°Ð¿Ð¸Ñу\n"
+#~ " -f, --inactive ÐЕÐКТИВÐИЙ зробити пароль неактивним піÑÐ»Ñ "
+#~ "проÑтроченнÑ\n"
+#~ " -g, --gid ГРУПРвикориÑтовувати ГРУПУ Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу\n"
+#~ " кориÑтувача\n"
+#~ " -G, --groups ГРУПИ ÑпиÑок додаткових груп Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу\n"
+#~ " кориÑтувача\n"
+#~ " -h, --help показати це довідкове Ð¿Ð¾Ð²Ñ–Ð´Ð¾Ð¼Ð»ÐµÐ½Ð½Ñ Ñ– "
+#~ "вийти\n"
+#~ " -l, --login ÐОВИЙ_ЛОГІРнове Ð·Ð½Ð°Ñ‡ÐµÐ½Ð½Ñ Ñ€ÐµÑ”Ñтраційного імені\n"
+#~ " -L, --lock заблокувати обліковий Ð·Ð°Ð¿Ð¸Ñ ÐºÐ¾Ñ€Ð¸Ñтувача\n"
+#~ " -m, --move-home перенеÑти вміÑÑ‚ домашньої теки в нове "
+#~ "міÑце\n"
+#~ " (викориÑтовувати тільки з -d)\n"
+#~ " -o, --non-unique дозволювати Ñтворювати кориÑтувачів з UID "
+#~ "що\n"
+#~ " повторюютьÑÑ\n"
+#~ " -p, --password ПÐРОЛЬ викориÑтовувати зашифрований пароль длÑ\n"
+#~ " нового запиÑу кориÑтувача\n"
+#~ " -s, --shell ОБОЛОÐКРвхідна оболонка Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу "
+#~ "кориÑтувача\n"
+#~ " -u, --uid UID викориÑтовувати UID Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу\n"
+#~ " кориÑтувача\n"
+#~ " -U, --unlock розблокувати обліковий Ð·Ð°Ð¿Ð¸Ñ ÐºÐ¾Ñ€Ð¸Ñтувача\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: не подано прапорців\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -g, --group edit group database\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -p, --passwd edit passwd database\n"
+#~| " -q, --quiet quiet mode\n"
+#~| " -s, --shadow edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: vipw [параметри]\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ " -g, --group редагувати базу даних груп\n"
+#~ " -h, --help вивеÑти це довідкове Ð¿Ð¾Ð²Ñ–Ð´Ð¾Ð¼Ð»ÐµÐ½Ð½Ñ Ñ‚Ð° "
+#~ "вийти\n"
+#~ " -p, --passwd редагувати базу даних паролів\n"
+#~ " -q, --quiet тихий режим\n"
+#~ " -s, --shadow редагувати базу даних shadow або gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "ВикориÑтаннÑ: %s [вхідні_данні]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: не можу Ñтворити %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: не можу змінити влаÑника %s\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| " -a, --all display faillog records for all users\n"
+#~| " -h, --help display this help message and exit\n"
+#~| " -l, --lock-time SEC after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| " -m, --maximum MAX set maximum failed login counters to "
+#~| "MAX\n"
+#~| " -r, --reset reset the counters of login failures\n"
+#~| " -t, --time DAYS display faillog records more recent than "
+#~| "DAYS\n"
+#~| " -u, --user LOGIN display faillog record or maintains "
+#~| "failure\n"
+#~| " counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| " options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: faillog [опції]\n"
+#~ "\n"
+#~ "Опції:\n"
+#~ " -a, --all показати помилки входу Ð´Ð»Ñ Ð²ÑÑ–Ñ… кориÑтувачів\n"
+#~ " -h, --help показати цю допомогу та вийти\n"
+#~ " -l, --lock-time СЕК піÑÐ»Ñ Ð¿Ð¾Ð¼Ð¸Ð»ÐºÐ¸ входу блокувати рахунок на СЕК\n"
+#~ " Ñекунд\n"
+#~ " -m, --maximum ÐœÐКС вÑтановити макÑимальну кількіÑÑ‚ÑŒ помилок входу "
+#~ "до\n"
+#~ " ÐœÐКС\n"
+#~ " -r, --reset перезавантажити лічільник помилок входу\n"
+#~ " -t, --time ДÐІВ показати помилки входу новіші за ДÐІВ\n"
+#~ " -u, --user ЛОГІРпоказати помилки входу або веÑти лічільники "
+#~ "помилок\n"
+#~ " та ліміти (Ñкщо викориÑтовуєтьÑÑ Ð· -r, -m або -l\n"
+#~ " опціÑми) лише Ð´Ð»Ñ ÐºÐ¾Ñ€Ð¸Ñтувача з логіном ЛОГІÐ\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: groupadd [параметри] ГРУПÐ\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ " -f, --force примуÑити не повертати помилку Ñкщо вказана\n"
+#~ " група вже Ñ–Ñнує\n"
+#~ " -g, --gid GID викориÑтати GID Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ñ— групи\n"
+#~ " -h, --help показати це довідкове Ð¿Ð¾Ð²Ñ–Ð´Ð¾Ð¼Ð»ÐµÐ½Ð½Ñ Ñ‚Ð° вийти\n"
+#~ " -K, --key КЛЮЧ=ЗÐÐЧЕÐÐЯ змінити Ð·Ð½Ð°Ñ‡ÐµÐ½Ð½Ñ Ð·Ð° замовченнÑм\n"
+#~ " з /etc/login.defs\n"
+#~ " -o, --non-unique дозволити Ñтворювати групи з GID що "
+#~ "повторюютьÑÑ\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: groupmod [параметри] ГРУПÐ\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ " -g, --gid GID вÑтановити GID Ð´Ð»Ñ Ð³Ñ€ÑƒÐ¿Ð¸\n"
+#~ " -h, --help показати це довідкове Ð¿Ð¾Ð²Ñ–Ð´Ð¾Ð¼Ð»ÐµÐ½Ð½Ñ Ñ‚Ð° "
+#~ "вийти\n"
+#~ " -n, --new-name ÐОВÐ_ГРУПРвикориÑтовувати назву ÐОВÐ_Ð“Ð Ð£ÐŸÐ Ð´Ð»Ñ "
+#~ "ГРУПИ\n"
+#~ " -o, --non-unique дозволити Ñтворювати групи з GID що "
+#~ "повторюютьÑÑ\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: useradd [параметри] ЛОГІÐ\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ " -b, --base-dir БÐЗОВÐ_ТЕКРбазова тека Ð´Ð»Ñ Ð´Ð¾Ð¼Ð°ÑˆÐ½Ñ–Ñ… тек нових\n"
+#~ " кориÑтувацьких облікових запиÑів\n"
+#~ " -c, --comment КОМЕÐТÐР вÑтановити поле GECOS Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу\n"
+#~ " кориÑтувача\n"
+#~ " -d, --home-dir ДОМ_Ð¢Ð•ÐšÐ Ð´Ð¾Ð¼Ð°ÑˆÐ½Ñ Ñ‚ÐµÐºÐ° Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу "
+#~ "кориÑтувача\n"
+#~ " -D, --defaults друкувати або зберегти змінені "
+#~ "налаштуваннÑ\n"
+#~ " useradd\n"
+#~ " -e, --expiredate ДÐТÐ_ПРОСТР вÑтановити дату проÑÑ‚Ñ€Ð¾Ñ‡ÐµÐ½Ð½Ñ Ð·Ð°Ð¿Ð¸Ñу\n"
+#~ " -f, --inactive ÐЕÐКТИВÐИЙ зробити пароль неактивним піÑÐ»Ñ "
+#~ "проÑтроченнÑ\n"
+#~ " -g, --gid ГРУПРвикориÑтовувати ГРУПУ Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу\n"
+#~ " кориÑтувача\n"
+#~ " -G, --groups ГРУПИ ÑпиÑок додаткових груп Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу\n"
+#~ " кориÑтувача\n"
+#~ " -h, --help показати це довідкове Ð¿Ð¾Ð²Ñ–Ð´Ð¾Ð¼Ð»ÐµÐ½Ð½Ñ Ñ– "
+#~ "вийти\n"
+#~ " -k, --skel ТЕКÐ_КІСТЯКРвказати альтернативну теку Ð´Ð»Ñ ÐºÑ–ÑÑ‚Ñка\n"
+#~ " -K, --key КЛЮЧ=ЗÐÐЧЕÐÐЯ перепиÑати Ð·Ð½Ð°Ñ‡ÐµÐ½Ð½Ñ Ð· /etc/login.defs\n"
+#~ " -m, --create-home Ñтворити домашню теку Ð´Ð»Ñ Ð·Ð°Ð¿Ð¸Ñу нового\n"
+#~ " кориÑтувача\n"
+#~ " -o, --non-unique дозволювати Ñтворювати кориÑтувачів з UID "
+#~ "що\n"
+#~ " повторюютьÑÑ\n"
+#~ " -p, --password ПÐРОЛЬ викориÑтовувати зашифрований пароль длÑ\n"
+#~ " нового запиÑу кориÑтувача\n"
+#~ " -s, --shell ОБОЛОÐКРвхідна оболонка Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу\n"
+#~ " кориÑтувача\n"
+#~ " -u, --uid UID викориÑтовувати UID Ð´Ð»Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу\n"
+#~ " кориÑтувача\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Пароль проÑтрочений."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: не можу заблокувати файл паролів\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: не можу відкрити файл паролів\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: не можу заблокувати файл прихованих паролів\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих паролів\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: не можу перепиÑати файл прихованих паролів\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: не можу перепиÑати файл паролів\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: не можу оновити файл прихованих паролів\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tПовне ім'Ñ: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tÐомер кімнати: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tРобочій телефон: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tДомашній телефон: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Ðе можу блокувати файл паролів; Ñпробуйте пізніше.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Ðе можу відкрити файл паролів.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Ðе можу оновити Ð·Ð°Ð¿Ð¸Ñ Ñƒ файлі паролів.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Ðе можу запиÑати зміни до файлу паролів.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Ðе можу розблокувати файл паролів.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: не можу блокувати файл груп\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: не можу відкрити файл груп\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: неможливо заблокувати файл gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: не можу відкрити файл з прихованими паролÑми\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: помилка Ð¾Ð½Ð¾Ð²Ð»ÐµÐ½Ð½Ñ Ñ„Ð°Ð¹Ð»Ñƒ з прихованими паролÑми\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: помилка Ð¾Ð½Ð¾Ð²Ð»ÐµÐ½Ð½Ñ Ð·Ð°Ð¿Ð¸Ñу у базі груп\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: Ñ€Ñдок %d: невідома група %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: Ñ€Ñдок %d: не можу оновити запиÑ\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: не можу заблокувати файл з прихованими паролÑми\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: помилка Ð¾Ð½Ð¾Ð²Ð»ÐµÐ½Ð½Ñ Ñ„Ð°Ð¹Ð»Ñƒ з прихованими паролÑми\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: помилка Ð¾Ð½Ð¾Ð²Ð»ÐµÐ½Ð½Ñ Ñ„Ð°Ð¹Ð»Ñƒ з паролÑми\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: Ñ€Ñдок %d: невідомий кориÑтувач %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: Ñ€Ñдок %d: не можу оновити Ð·Ð°Ð¿Ð¸Ñ Ñƒ базі паролів\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: невідомий кориÑтувач\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Ðевідомий кориÑтувач: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "ВикориÑтаннÑ: %s [-r|-R] група\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a кориÑтувач] група\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d кориÑтувач] група\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A кориÑтувач,...] [-M кориÑтувач,...] група\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M кориÑтувач,...] група\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: не можу заблокувати\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: не можу заблокувати базу прихований паролів\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: не можу відкрити файл\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: не можу перепиÑати файл прихованих паролів\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: не можу розблокувати файл\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: не можу оновити запиÑ\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: не можу оновити Ð·Ð°Ð¿Ð¸Ñ Ñƒ базі прихованих паролів\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "невідома група: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: не можу відкрити файл\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: не можу відкрити файл з прихованими паролÑми\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Ви хто?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: невідомий член %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: помилка Ð´Ð¾Ð´Ð°Ð½Ð½Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу у файл груп\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: не можу перепиÑати файл груп\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: не можу перепиÑати файл прихованих груп\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: не можу заблокувати файл груп\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: не можу відкрити файл груп\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: не можу блокувати файл прихованих груп\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих груп\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u не є унікальним\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: помилка Ð²Ð¸Ð´Ð°Ð»ÐµÐ½Ð½Ñ Ð·Ð°Ð¿Ð¸Ñу з бази груп\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: помилка Ð²Ð¸Ð´Ð°Ð»ÐµÐ½Ð½Ñ Ð·Ð°Ð¿Ð¸Ñу з бази прихованих груп\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: не можу видалити головну групу кориÑтувача.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Член, Ñкого потрібно видалити, не знайдений\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: groupmems -a кориÑтувач | -d кориÑтувач | -D | -l [-g "
+#~ "група]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Тільки root може додавати членів до інших груп\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Ðеобхідний доÑтуп до групи\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Ðе Ñ” первинним володарем поточної групи\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM Ð°Ð²Ñ‚ÐµÐ½Ñ‚Ð¸Ñ„Ñ–ÐºÐ°Ñ†Ñ–Ñ Ð½Ðµ пройшла\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Ðеможливо заблокувати файл груп\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Ðеможливо закрити файл груп\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s не знайдено у /etc/passwd\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u не є унікальний GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s не Ñ” унікальне ім'Ñ\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: не можу перепиÑати файл паролів\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: не можу блокувати файл паролів\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: не можу відкрити файл паролів\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: не можу оновити прихований Ð·Ð°Ð¿Ð¸Ñ Ð´Ð»Ñ %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: не можу оновити Ð·Ð°Ð¿Ð¸Ñ Ð´Ð»Ñ Ð³Ñ€ÑƒÐ¿Ð¸ %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: не можу блокувати файл прихованих груп\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих груп\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: не можу видалити приховану групу %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: не можу оновити файл прихованих груп\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: не можу видалити файл прихованих груп\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "невідомий UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "невідомий GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: група %s не Ñ–Ñнує\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: кориÑтувач %s не Ñ–Ñнує\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: невірне ім'Ñ ÐºÐ¾Ñ€Ð¸Ñтувача '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: не можу блокувати /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: не можу блокувати /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: не можу блокувати /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: не можу блокувати /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: не можу відкрити файл\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: помилка Ð¾Ð½Ð¾Ð²Ð»ÐµÐ½Ð½Ñ Ñ„Ð°Ð¹Ð»Ñƒ\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: не можу оновити Ð·Ð°Ð¿Ð¸Ñ Ñƒ файлі паролів Ð´Ð»Ñ %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: не можу блокувати файл паролів\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: не можу відкрити файл паролів\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: не можу видалити Ð·Ð°Ð¿Ð¸Ñ Ñƒ файлі прихованих паролів Ð´Ð»Ñ %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: не можу оновити файл паролів\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: не можу оновити Ð·Ð°Ð¿Ð¸Ñ Ð´Ð»Ñ ÐºÐ¾Ñ€Ð¸Ñтувача %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: не можу видалити файл прихованих паролів\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: невідомий GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: невідома група %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: бракує пам'ÑÑ‚Ñ– у update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: не можу перепиÑати файл паролів\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: не можу перепиÑати файл прихованих паролів\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: не можу блокувати файл прихованих паролів\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих паролів\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: не можу заблокувати файл груп\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: не можу відкрити файл груп\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: не можу заблокувати файл прихованих груп\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих груп\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: помилка Ð´Ð¾Ð´Ð°Ð½Ð½Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу у базу паролів\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: помилка Ð´Ð¾Ð´Ð°Ð½Ð½Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу у базу прихованих паролів\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: заÑтереженнÑ: CREATE_HOME не підтримуєтьÑÑ, кориÑтуйтеÑÑŒ -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: помилка Ð¾Ð½Ð¾Ð²Ð»ÐµÐ½Ð½Ñ Ð·Ð°Ð¿Ð¸Ñу у базі груп\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: помилка Ð¾Ð½Ð¾Ð²Ð»ÐµÐ½Ð½Ñ Ð·Ð°Ð¿Ð¸Ñу у базі груп\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: не можу відкрити файл груп\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих груп\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: помилка Ð²Ð¸Ð´Ð°Ð»ÐµÐ½Ð½Ñ Ð·Ð°Ð¿Ð¸Ñу з бази паролів\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: помилка Ð²Ð¸Ð´Ð°Ð»ÐµÐ½Ð½Ñ Ð·Ð°Ð¿Ð¸Ñу з бази прихованих паролів\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: помилка Ð´Ð¾Ð´Ð°Ð½Ð½Ñ Ð½Ð¾Ð²Ð¾Ð³Ð¾ запиÑу у файл груп\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu не є унікальним\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: помилка зміни запиÑу в базі паролів\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: помилка Ð²Ð¸Ð´Ð°Ð»ÐµÐ½Ð½Ñ Ð·Ð°Ð¿Ð¸Ñу з бази паролів\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: помилка Ð²Ð¸Ð´Ð°Ð»ÐµÐ½Ð½Ñ Ð·Ð°Ð¿Ð¸Ñу з бази прихованих паролів\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: не можу отримати унікальний GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " на \"%.100s\" з \"%.200s\""
+
+#~ msgid " on '%.100s'"
+#~ msgstr " на \"%.100s\""
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: Ñ€Ñдок %d: не можу Ñтворити UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: ім'Ñ %s не Ñ” унікальним\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ВикориÑтаннÑ: chpasswd [опції]\n"
+#~ "\n"
+#~ "Опції:\n"
+#~ " -e, --encrypted\tвказані паролі зашифровано\n"
+#~ " -h, --help\t\tпоказати цю допомогу та вийти\n"
+#~ " -m, --md5\t\tвикориÑтовувати MD5 ÑˆÐ¸Ñ„Ñ€ÑƒÐ²Ð°Ð½Ð½Ñ Ð·Ð°Ð¼Ñ–ÑÑ‚ÑŒ DES, Ñкщо вказані\n"
+#~ "\t\t\tпаролі не зашифровано\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Ðемає файлу паролів\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Вибачте.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Вибачте, пароль Ð´Ð»Ñ %s не може бути змінено зараз.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Вибачте."
diff --git a/po/vi.po b/po/vi.po
new file mode 100644
index 0000000..16a29e7
--- /dev/null
+++ b/po/vi.po
@@ -0,0 +1,2833 @@
+# Vietnamese translation for Shadow.
+# Bản dịch tiếng Việt dành cho shadow.
+# Copyright © 2015 Free Software Foundation, Inc.
+# Clytie Siddall <clytie@riverland.net.au>, 2005-2008.
+# Trần Ngá»c Quân <vnwildman@gmail.com>, 2014, 2015, 2016.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow master\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2016-10-04 07:07+0700\n"
+"Last-Translator: Trần Ngá»c Quân <vnwildman@gmail.com>\n"
+"Language-Team: Vietnamese <debian-l10n-vietnamese@lists.debian.org>\n"
+"Language: vi\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: Gtranslator 2.91.7\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Có nhiá»u mục tin mang tên “%s†trong %s. Hãy sá»­a chữa trÆ°á»ng hợp này, dùng "
+"pwck hoặc grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "Phương pháp mã hóa không được thư viện libcrypt hỗ trợ? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "lá»—i cấu hình — không thể phân tích cú pháp của giá trị %s: “%sâ€"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Không thể cấp phát sức chứa cho thông tin cấu hình.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "lá»—i cấu hình - không hiểu mục tin “%s†(báo cho ngÆ°á»i quản trị).\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd đã kết thúc bất thÆ°á»ng (tín hiệu %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd đã thoát với mã là %d\n"
+
+msgid "Password: "
+msgstr "Mật khẩu: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Mật khẩu của %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Không thể tạo bộ tiếp hợp quản lý SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "Chính sách cho SELinux chưa được quản lý\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Không thể Ä‘á»c kho lÆ°u chính sách SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Không thể thiết lập kết nối quản lý SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Không thể bắt đầu phiên giao dịch SELinux\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Không thể truy vấn seuser cho %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Không thể đặt serange cho %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Không thể đặt sename cho %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Không thể sửa đổi ánh xạ đăng nhập cho %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Không thể tạo ánh xạ đăng nhập SELinux cho %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Không thể đặt tên %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Không thể đặt ngÆ°á»i dùng SELinux cho %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Không thể thêm ánh xạ đăng nhập cho %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Không thể khởi tạo bộ quản lý SELinux\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Không thể tạo khóa ngÆ°á»i dùng SELinux\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Không thể thẩm định ngÆ°á»i dùng SELinux\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Không thể sá»­a đổi ánh xạ ngÆ°á»i dùng SELinux\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Không thể thêm ánh xạ ngÆ°á»i dùng SELinux\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Không thể chuyển giao giao dịch SELinux\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Ãnh xạ đăng nhập cho %s chÆ°a được định nghÄ©a, OK nếu ánh xạ mặc định được "
+"dùng\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"Ãnh xạ đăng nhập cho %s được định nghÄ©a trong chính sách, không thể xóa Ä‘i\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Không thể xóa ánh xạ đăng nhập cho %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: hết bộ nhớ\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: Không thể lấy thống kê vỠ%s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s không phải là thÆ° mục mà cÅ©ng không phải là liên kết má»m.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Không thể Ä‘á»c liên kết má»m %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Liên kết má»m dài má»™t cách Ä‘iên rồ: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Không thể tạo thư mục %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Không thể thay đổi ngÆ°á»i sở hữu của %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Không thể thay đổi chế độ của %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: unlink: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Không thể gỡ bỠthư mục %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Không thể đổi tên %s thành %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Không thể gỡ bỠ%s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Không thể tạo liên kết má»m %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Không thể thay đổi chủ sở hữu của %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Không thể lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Cảnh báo, ngÆ°á»i dùng %s không có tập tin shadow tcb.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Khẩn cấp: shadow tcb của %s không phải là tập tin thÆ°á»ng vá»›i "
+"st_nlink=1.\n"
+"Tài khoản vẫn bị khóa.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Không thể mở %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Cảnh báo: không biết nhóm %s.\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Cảnh báo: quá nhiá»u nhóm\n"
+
+msgid "Your password has expired."
+msgstr "Mật khẩu của bạn đã hết hạn dùng."
+
+msgid "Your password is inactive."
+msgstr "Mật khẩu của bạn là không hoạt động."
+
+msgid "Your login has expired."
+msgstr "Äăng nhập của bạn đã hết hạn dùng."
+
+msgid " Contact the system administrator."
+msgstr " Hãy liên lạc vá»›i ngÆ°á»i quản trị hệ thống."
+
+msgid " Choose a new password."
+msgstr " Hãy chá»n mật khẩu má»›i."
+
+msgid "You must change your password."
+msgstr "Bạn cần phải thay đổi mật khẩu."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Mật khẩu của bạn sẽ hết hạn sau %ld ngày.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Mật khẩu của bạn sễ hết hạn vào ngày mai."
+
+msgid "Your password will expire today."
+msgstr "Mật khẩu của bạn sẽ hết hạn vào hôm nay."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Không thể mở giao diện thá»­, kiểm nghiệm nên hủy bá».\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+"Không thể thay đổi chủ sở hữu hay chế độ của đầu vào tiêu chuẩn tty: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: gặp lỗi khi mở khóa %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Tràn môi trÆ°á»ng\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Không cho phép bạn thay đổi $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d lần bị lỗi sau khi đăng nhập cuối cùng.\n"
+"Lần gần nhất là %s vào %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Cấu hình không hợp lệ: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Cấu hình không hợp lệ: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: gặp lỗi khi cấp phát bộ nhớ: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Không thể lấy GID hệ thống duy nhất (không còn có sẵn GID thêm nữa)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Không thể lấy GID duy nhất (không còn có sẵn GID thêm nữa)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Cấu hình không hợp lệ: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Cấu hình không hợp lệ: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Không thể lấy UID hệ thống duy nhất (không còn có sẵn UID thêm nữa)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Không thể lấy UID duy nhất (không còn có sẵn UID thêm nữa)\n"
+
+msgid "Too many logins.\n"
+msgstr "Quá nhiá»u lần đăng nhập.\n"
+
+msgid "You have new mail."
+msgstr "Bạn có thư mới."
+
+msgid "No mail."
+msgstr "Không có thư."
+
+msgid "You have mail."
+msgstr "Bạn có thư."
+
+msgid "no change"
+msgstr "chưa thay đổi gì"
+
+msgid "a palindrome"
+msgstr "từ Ä‘á»c xuôi ngược Ä‘á»u giống nhÆ° nhau"
+
+msgid "case changes only"
+msgstr "chỉ thay đổi HOA/thÆ°á»ng"
+
+msgid "too similar"
+msgstr "quá tương tự"
+
+msgid "too simple"
+msgstr "quá đơn giản"
+
+msgid "rotated"
+msgstr "đã xoay"
+
+msgid "too short"
+msgstr "quá ngắn"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "Mật khẩu sai: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() (mật khẩu: bắt đầu pam) đã thất bại với lỗi %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: chưa đổi mật khẩu\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: mật khẩu đã được cập nhật\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Mật khẩu không đúng cho %s .\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: nhiá»u tùy chá»n --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: tùy chá»n “%s†cần má»™t đối số\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: gặp lá»—i khi xóa bỠđặc quyá»n (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: Ä‘Æ°á»ng dẫn chroot không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: không thể truy cập thư mục chroot %s: %s\n"
+
+#, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: không thể chuyển sang thư mục chroot %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: không thể thay đổi thư mục gốc thành %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"PhÆ°Æ¡ng pháp mã hóa (ENCRYPT_METHOD) không hợp lệ: “%sâ€\n"
+"nên hoàn nguyên vỠgiá trị mặc định: DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Không thể cd (chuyển đổi thÆ° mục) sang “%sâ€.\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Không có thÆ° mục nên đăng nhập vá»›i “HOME=/â€"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Không thể thực hiện %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "ThÆ° mục gốc không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Không thể thay đổi thÆ° mục gốc thành “%sâ€\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Không thể quyết định tên TTY của bạn."
+
+msgid "No"
+msgstr "Không"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_chá»n] ÄÄ‚NG_NHẬP\n"
+"\n"
+"Tùy chá»n:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+" -d, --lastday NGÀY_CUá»I đặt ngày thay đổi mật khẩu cuối cùng thành "
+"ngày này\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -E, --expiredate NGÀY_HẾT_HẠN đặt ngày hết hạn dùng tài khoản thành ngày "
+"này\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr " -h, --help hiển thị trợ giúp này, sau đó thoát\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INACTIVE đặt mật khẩu không còn hoạt động lại sau khi "
+"hết hạn dùng,\n"
+" thành INACTIVE\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+" -l, --list hiển thị thông tin vá» khoảng thá»i gian sá»­ "
+"dụng tài khoản\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays SỠđặt thành số này số tối thiểu các ngày "
+"trÆ°á»›c\n"
+" khi thay đổi mật khẩu\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays SỠđặt thành số này số tối đa các ngày trước "
+"khi thay đổi mật khẩu\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -R, --root THƯ_MỤC_Äá»”I thÆ° mục để chuyển gốc đến\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -W, --warndays Sá»_NGÀY đặt thành số này số các ngày gây ra cảnh báo "
+"vỠhết hạn dùng\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Nhập giá trị má»›i, hoạc bấm phím Enter đặt chá»n giá trị mặc định"
+
+msgid "Minimum Password Age"
+msgstr "Thá»i gian hoạt Ä‘á»™ng tối thiểu cho mật khẩu"
+
+msgid "Maximum Password Age"
+msgstr "Thá»i gian hoạt Ä‘á»™ng tối Ä‘a cho mật khẩu"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Thay đổi mật khẩu cuối cùng (NNNN-TT-Ng)"
+
+msgid "Password Expiration Warning"
+msgstr "Cảnh báo hết hạn dùng mật khẩu"
+
+msgid "Password Inactive"
+msgstr "Mật khẩu không hoạt động"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Ngày hết hạn dùng tài khoản (NNNN-TT-Ng)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Thay đổi mặt khẩu cuối cùng\t\t\t\t\t: "
+
+msgid "never"
+msgstr "chÆ°a bao giá»"
+
+msgid "password must be changed"
+msgstr "mật khẩu phải thay đổi"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Mật khẩu hết hạn dùng:\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Mật khẩu không hoạt động\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Tài khoản hết hạn dùng\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Số ngày tối thiểu giữa hai lần thay đổi mật khẩu\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Số ngày tối đa giữa hai lần thay đổi mật khẩu\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Số ngày cảnh báo trước khi mật khẩu hết hạn\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ngày không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: đối số thuá»™c số không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: đừng dùng “l†cùng với cỠkhác\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: không đủ quyá»n.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Không thể phân giải tên ngÆ°á»i dùng của bạn.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: Không thể khóa %s; hãy thử lại sau.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: không thể mở %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: gặp lỗi trong khi ghi thay đổi vào %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: gặp lá»—i khi chuẩn bị mục tin %s má»›i “%sâ€\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: không có tập tin mật khẩu shadow\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: ngÆ°á»i dùng “%s†không tồn tại trong %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Äang thay đổi thông tin vá» thá»i gian hoạt Ä‘á»™ng đối vá»›i %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: gặp lá»—i khi thay đổi trÆ°á»ng\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [tuỳ_chá»n …] [ÄÄ‚NG_NHẬP]\n"
+"\n"
+"Tùy chá»n:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr " -f, --full-name HỌ_TÊN đổi tên thật của ngÆ°á»i dùng\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr " -h, --home-phone ÄIỆN_THOẠI đổi số Ä‘iện thoại nhà của ngÆ°á»i dùng\n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr " -o, --other THÔNG_TIN_KHÃC đổi thông tin GECOS khác\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr " -r, --room Sá»_PHÃ’NG đổi số phòng của ngÆ°á»i dùng\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr " -u, --help hiển thị trợ giúp này, sau đó thoát\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+" -w, --work-phone ÄIỆN_THOẠI_LÀM thay đổi số Ä‘iện thoại nÆ¡i làm của ngÆ°á»i "
+"dùng\n"
+
+msgid "Full Name"
+msgstr "HỠvà tên"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Số phòng"
+
+msgid "Work Phone"
+msgstr "Äiện thoại nÆ¡i làm việc"
+
+msgid "Home Phone"
+msgstr "Äiện thoại ở nhà"
+
+msgid "Other"
+msgstr "Khác"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Không thể thay đổi mã số thành siêu quản trị (root).\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: tên chứa ký tá»± khác ASCII: “%sâ€\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: tên không hợp lệ: “%sâ€\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: số thứ tá»± phòng chứa ký tá»± khác ASCII: “%sâ€\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: số thứ tá»± phòng không hợp lệ: “%sâ€\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: số Ä‘iện thoại chá»— làm không hợp lệ: “%sâ€\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: số Ä‘iện thoại ở nhà không hợp lệ: “%sâ€\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: “%s†chứa ký tự không thuộc bảng mã ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: “%s†chứa ký tự bị cấm\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: ngÆ°á»i dùng “%s†không tồn tại\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: không thể thay đổi ngÆ°á»i dùng “%s†trên ứng dụng khách NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: “%s†là NIS cái cho ứng dụng khách này.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Äang thay đổi thông tin vá» ngÆ°á»i dùng đối vá»›i %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: trÆ°á»ng quá dài\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [tuỳ_chá»n …]\n"
+"\n"
+"Tùy chá»n:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method PHƯƠNG_THỨC phương pháp mật mã (một trong %s)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+" -e, --encrypted các mật khẩu đã cung cấp cũng được mật mã\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+" -m, --md5 mật mã hóa mật khẩu chữ thô, dùng thuật toán "
+"MD5\n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds số vòng SHA cho thuật toán mã hóa SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: cho phép cỠ%s chỉ cùng với cỠ%s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: các cỠ“-câ€, “-e†và “-m†loại từ lẫn nhau\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: phương pháp mã hóa không được hỗ trợ: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: dòng %d: dòng quá dài\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: dòng %d: thiếu mật khẩu mới\n"
+
+#, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: gặp lá»—i khi mã hóa mật khẩu vá»›i muối “%sâ€: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: dòng %d, nhóm “%s†không tồn tại\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: dòng %d: gặp lá»—i khi chuẩn bị mục tin %s má»›i “%sâ€\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: gặp lỗi nên bỠqua các thay đổi\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (dòng %d, ngÆ°á»i dùng %s) mật khẩu chÆ°a thay đổi\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: dòng %d: ngÆ°á»i dùng “%s†không tồn tại\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+" -s, --shell HỆ_VỎ dùng hệ vỠđăng nhập mới\n"
+" cho tài khoản ngÆ°á»i dùng\n"
+
+msgid "Login Shell"
+msgstr "Hệ vá» Äăng nhập"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Không cho phép bạn thay đổi hệ vỠđối vá»›i “%sâ€.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Äang thay đổi hệ vỠđăng nhập đối vá»›i %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: mục tin không hợp lệ: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s không phải là hệ vỠhợp lệ\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Cảnh báo: %s không tồn tại\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Cảnh báo: %s không có quyá»n thá»±c thi\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+" -c, --check kiểm tra sá»± hết hạn của mật khẩu ngÆ°á»i dùng\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+" -f, --force ép buá»™c đổi mật khẩu nếu mật khẩu của ngÆ°á»i\n"
+" dùng hết hạn\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: hai tùy chá»n %s và %s xung Ä‘á»™t vá»›i nhau\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: đối số bất thÆ°á»ng: %s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+" -a, --all hiển thị các mục ghi faillog cho má»i ngÆ°á»i "
+"dùng\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+" -l, --lock-secs GIÂY sau khi không đăng nhập được thì khóa tài "
+"khoản trong vòng số GIÂY này\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+" -m, --maximum SỠđặt thành SỠnày số tối đa các bộ đếm lần "
+"không đăng nhập được\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+" -r, --reset đặt lại các bộ đếm lần không đăng nhập được\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time NGÀY hiển thị các mục ghi faillog mới hơn số NGÀY "
+"này\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user ÄÄ‚NG_NHẬP/PHẠM_VI hiển thị mục ghi faillog hoặc duy trì các bá»™ "
+"đếm\n"
+" lần không đăng nhập được và các giới hạn như "
+"thế\n"
+" (nếu dùng vá»›i cỠ“-râ€, “-m†hay “-l†riêng "
+"từng cái)\n"
+" chỉ cho mỗi tên đăng nhập đưa ra\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Không lấy được mục tin cho UID %lu\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "Äăng nhập Bị lá»—i Tối Ä‘a Má»›i nhất Vào\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [còn %lus]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds khóa]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Gặp lỗi khi đặt lại số đếm cho UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Gặp lỗi khi đặt số tối đa cho UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Gặp lá»—i khi đặt thá»i gian khóa cho UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Không nhận ra ngÆ°á»i dùng hay phạm vi: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Không thể lấy kích cỡ của %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Gặp lỗi khi ghi %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [tuỳ_chá»n] NHÓM\n"
+"\n"
+"Tùy chá»n:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add NGƯỜI_DÙNG thêm ngÆ°á»i dùng này vào NHÓM\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete NGƯỜI_DÙNG gỡ bá» ngÆ°á»i dùng này khá»i NHÓM\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root THƯ_MỤC_Äá»”I thÆ° mục gốc sẽ chuyển đến\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password gỡ bỠmật khẩu của NHÓM\n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+" -R, --restrict hạn chế truy cập đến NHÓM thành các thành "
+"viên của nó\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+" -M, --members NGƯỜI_DÙNG,… đặt danh sách các thành viên của NHÓM\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+" -A, --administrators QUẢN_TRỊ,…\n"
+" đặt danh sách các quản trị cho NHÓM\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Trừ hai tùy chá»n “-A†và “-Mâ€, không thể tổ hợp các tùy chá»n.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Không thể tổ hợp các tùy chá»n.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: mật khẩu nhóm shadow cần cho tùy chá»n “-Aâ€\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: nhóm “%s†không tồn tại trong %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: gặp lá»—i trong khi đóng %s chỉ-Ä‘á»c\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Äang thay đổi mật khẩu cho nhóm %s\n"
+
+msgid "New Password: "
+msgstr "Mật khẩu mới: "
+
+msgid "Re-enter new password: "
+msgstr "Nhập lại mật khẩu mới: "
+
+msgid "They don't match; try again"
+msgstr "Hai mật khẩu không khớp nhau, hãy thử lại"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Hãy thử lại sau\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Äang thêm ngÆ°á»i dung %s vào nhóm %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Äang gỡ bá» ngÆ°á»i dùng %s khá»i nhóm %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: ngÆ°á»i dùng “%s†không thuá»™c vỠ“%sâ€\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: không phải là TTY\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [tuỳ_chá»n …] NHÓM\n"
+"\n"
+"Tùy chá»n:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force thoát thành công nếu nhóm đã có, và \n"
+" hủy bỠ“-g†nếu GID đã được dùng\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID dùng GID này cho nhóm mới\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+" -K, --key KHÓA=GIÃ_TRỊ ghi đè lên các giá trị mặc định “/etc/login."
+"defsâ€\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique cho phép tạo nhóm có GID trùng (không duy "
+"nhất)\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+" -p, --password MẬT_KHẨU dùng mật khẩu đã mật mã này cho nhóm mới\n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system tạo một tài khoản hệ thống\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: “%s†không phải là tên nhóm hợp lệ\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: mã số nhóm (GID) không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K cần cú pháp KHÓA=GIÃ_TRỊ\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: nhóm “%s†đã có\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID “%lu†đã có\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Không thể cài đặt dịch vụ dá»n dẹp.\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+" -f, --force xóa nhóm ngay cả khi nó là nhóm chính của "
+"ngÆ°á»i dùng\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: không thể gỡ bá» mục tin “%s†khá»i %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: không thể gỡ bá» nhóm chính của ngÆ°á»i dùng “%sâ€\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: nhóm “%s†không tồn tại\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: nhóm “%s†là một nhóm kiểu NIS\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s là NIS chủ\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: ngÆ°á»i dùng “%s†đã thuá»™c vỠ“%sâ€\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Hết bộ nhớ. Không thể cập nhật %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [tuỳ_chá»n …] [hành_vi]\n"
+"\n"
+"Tùy chá»n:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group TÊN_NHÓM thay đổi tên của nhóm này thay cho nhóm của\n"
+" ngÆ°á»i dùng (chỉ siêu quản trị)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Hành động là:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr " -a, --add TÊN thêm tên ngÆ°á»i dùng này vào nhóm\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr " -d, --delete TÊN gỡ bá» tên này khá»i nhóm\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge tẩy má»i ngÆ°á»i ra nhóm\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list liệt kê những ngÆ°á»i trong nhóm\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: tên nhóm của bạn không tÆ°Æ¡ng ứng vá»›i tên ngÆ°á»i dùng\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: chỉ siêu quản trị có quyá»n sá»­ dụng tùy chá»n “-g/--groupâ€\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID thay đổi mã số nhóm sang GID này\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name NHÓM_MỚI thay đổi tên sang tên này\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+" -o, --non-unique cho phép sử dụng một GID trùng (không duy "
+"nhất)\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+" -p, --password MẬT_KHẨU thay đổi mật khẩu thành MẬT_KHẨU (đã mật mã) "
+"này\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: tên nhóm không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: nhóm %s là một nhóm kiểu NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: không rõ ngÆ°á»i dùng %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_chá»n] [group [gshadow]]\n"
+"\n"
+"Tùy chá»n:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_chá»n] [group]\n"
+"\n"
+"Tùy chá»n:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+" -r, --read-only hiển thị lỗi và cảnh báo\n"
+" nhưng không thay đổi các tập tin\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort sắp xếp các mục tin theo UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: hai tùy chá»n “-s†và “-r†không tÆ°Æ¡ng thích vá»›i nhau\n"
+
+msgid "invalid group file entry"
+msgstr "mục tin tập tin nhóm không hợp lệ"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "xóa dòng “%s†không? "
+
+msgid "duplicate group entry"
+msgstr "mục tin nhóm trùng"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "tên nhóm không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "mã số nhóm không hợp lệ “%luâ€\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "nhóm %s: không có ngÆ°á»i dùng %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "xóa thành viên “%s†không? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "không có mục tin tập tin nhóm tương ứng trong %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "thêm nhóm “%s†trong %s không?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"nhóm %s có má»™t mục tin trong %s, còn trÆ°á»ng mật khẩu trong %s không phải "
+"được đặt thành “xâ€\n"
+
+msgid "invalid shadow group file entry"
+msgstr "mục tin tập tin nhóm shadow không hợp lệ"
+
+msgid "duplicate shadow group entry"
+msgstr "mục tin nhóm shadow trùng"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "nhóm shadow %s: không có ngÆ°á»i dùng quản trị %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "xóa thành viên quản trị “%s†không? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "nhóm shadow %s: không có ngÆ°á»i dùng %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: các tập tin đã được cập nhật\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: chưa thay đổi gì\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: không thể xóa %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Cách dùng: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Cách dùng: id\n"
+
+msgid " groups="
+msgstr " nhóm="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+" -b, --before SỠhiển thị chỉ những bản ghi lastlog cũ hơn SỠ"
+"ngày\n"
+" cũ hơn số ngày này (_trước_)\n"
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+" -C, --clear xóa bản ghi lastlog của ngÆ°á»i dùng (chỉ dùng "
+"được với -u)\n"
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+" -S, --set đặt bản ghi lastlog thành thá»i Ä‘iểm hiện tại "
+"(chỉ dùng được với -u)\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+" -t, --time SỠhiển thị chỉ những mục ghi lastlog\n"
+" má»›i hÆ¡n số ngày này (_thá»i gian_)\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+" -u, --user ÄÄ‚NG_NHẬP hiển thị mục ghi lastlog cho _ngÆ°á»i dùng_ "
+"tên này\n"
+
+msgid "Username Port From Latest"
+msgstr "Tài_khoản Cổng Từ Mới nhất"
+
+msgid "Username Port Latest"
+msgstr "NgÆ°á»i dùng Cổng Má»›i nhất"
+
+msgid "**Never logged in**"
+msgstr "**Chưa bao giỠđăng nhập**"
+
+#, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Gặp lỗi khi cập nhật mục tin cho UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: Gặp lỗi khi cập nhật tập tin lastlog\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr "%s: Tùy chá»n -C không thể dùng cùng vá»›i -S\n"
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr "%s: Các tùy chá»n -C và -S cần tùy chá»n -u để chỉ định ngÆ°á»i dùng\n"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Cách dùng: %s [-p] [tên]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h máy] [-f tên]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r máy\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "lá»—i cấu hình — không thể phân tích cú pháp của giá trị %s: “%dâ€"
+
+msgid "Invalid login time"
+msgstr "Thá»i gian đăng nhập không hợp lệ"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Hệ thông bị tắt với lý do bảo dưỡng theo thủ tục."
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Chức năng ngắt kết nối đã bị vòng: cho phép siêu quản trị đăng nhập.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Không thể làm việc mà không có gốc có hiệu lực\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Không có mục tin utmp. Vì thế bạn cần phải thực hiện “login†(đăng nhập) từ "
+"“sh†(hệ vá») cấp dÆ°á»›i cùng."
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Äăng nhập đã quá hạn sau %u giây.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: (đăng nhập) PAM bị lá»—i nên hủy bá»: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s đăng nhập: "
+
+msgid "login: "
+msgstr "đăng nhập: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Vượt quá số tối đa các lần thử lại (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: (đăng nhập) PAM đã yêu cầu hủy bá»\n"
+
+msgid "Login incorrect"
+msgstr "Äăng nhập không đúng"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Không thể tìm thấy ngÆ°á»i dùng (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s đăng nhập: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: lỗi tạo tiến trình con: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY bị lỗi vào %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Cảnh báo: đăng nhập đã bật lại sau bị khóa ra tạm thá»i."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Äang nhập cuối cùng: %s vào %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Äang nhập cuối cùng: %.19s vào %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " từ %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"vượt quá thá»i gian đăng nhập\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Cách dùng: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr ""
+"Cách dùng: newgrp [-] [nhóm]\n"
+"[newgrp: nhóm mới]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr ""
+"Cách dùng: sg group [[-c] lệnh]\n"
+"[group: nhóm]\n"
+
+#, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: gặp lỗi khi mã hóa mật khẩu bằng muối trước đó: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Mật khẩu không hợp lệ.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: lỗi tạo tiến trình con: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID “%lu†không tồn tại\n"
+
+msgid "too many groups\n"
+msgstr "quá nhiá»u nhóm\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system tạo các tài khoản hệ thống\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: nhóm “%s†là má»™t nhóm shadow, nhÆ°ng không tồn tại trong “/etc/groupâ€\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: mã số ngÆ°á»i dùng không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: tên dùng không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: dòng %d: dòng không hợp lệ\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: không thể cập nhật mục tin của ngÆ°á»i dùng %s (không có trong cÆ¡ sở dữ "
+"liệu mật khẩu passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: dòng %d: không thể tạo ngÆ°á»i dùng\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: dòng %d: không thể tạo nhóm\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: dòng %d: ngÆ°á»i dùng “%s†không tồn tại trong %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: dòng %d: không thể cập nhật mật khẩu\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: dòng %d: lỗi mkdir (tạo thư mục) %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: dòng %d: lá»—i chown (thay đổi quyá»n sở hữu) %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: dòng %d: không thể cập nhật mục tin\n"
+
+#, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: gặp lá»—i khi chuẩn bị mục tin má»›i “%sâ€\n"
+
+#, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: không thể tìm thấy vùng ngÆ°á»i dùng lệ thuá»™c\n"
+
+#, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: không thể tìm thấy vùng nhóm phụ thuộc\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+" -a, --all thông báo trạng thái mật khẩu vá» má»i tài "
+"khoản\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr " -d, --delete xóa mật khẩu cho tài khoản đặt tên\n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+" -e, --expire ép buộc hết hạn dùng mật khẩu cho tài khoản "
+"đặt tên\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+" -k, --keep-tokens thay đổi mật khẩu chỉ nếu bị hết hạn dùng\n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -i, --inactive INACTIVE đặt thành INACTIVE mật khẩu không còn hoạt "
+"động lại\n"
+" sau khi hết hạn dùng\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -l, --lock khóa mật khẩu của tài khoản đặt tên\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays SỠđặt thành số này số tối thiểu các ngày\n"
+" trước khi mật khẩu thay đổi được\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet chế độ không xuất chi tiết\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr " -r, --repository KHO thay đổi mật khẩu trong kho lưu này\n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+" -S, --status thông báo trạng thái mật khẩu vỠtài khoản "
+"đặt tên\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+" -u, --unlock mở khóa mật khẩu của tài khoản đặt tên\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+" -w, --warndays NGÀY đặt thành số này số các ngày cảnh báo vỠhết "
+"hạn dùng\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays NGÀY đặt thành số này số tối đa các ngày trước "
+"khi\n"
+" thay đổi được mật khẩu\n"
+
+msgid "Old password: "
+msgstr "Mật khẩu cũ: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Nhập mật khẩu mới (số ký tự tối thiểu %d).\n"
+"Hãy tổ hợp các chữ hoa, chữ thÆ°á»ng và chữ số để tạo má»™t mật khẩu mạnh.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Nhập mật khẩu mới (số ký tự tối thiểu %d, tối đa %d).\n"
+"Hãy tổ hợp các chữ hoa, chữ thÆ°á»ng và chữ số để tạo má»™t mật khẩu mạnh.\n"
+
+msgid "New password: "
+msgstr "Mật khẩu mới: "
+
+msgid "Try again."
+msgstr "Hãy thử lại."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Cảnh báo: mật khẩu yếu (nhập lại để vẫn dùng nó)"
+
+msgid "They don't match; try again.\n"
+msgstr "Hai mật khẩu không trùng nhau: hãy thử lại.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Không thể thay đổi mật khẩu cho %s.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Chưa có thể thay đổi mật khẩu cho %s.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: mở khóa mật khẩu thì gây ra một tài khoản không có mật khẩu.\n"
+"Bạn nên đặt một mật khẩu dùng câu lệnh “usermod -p†để mở khóa mật khẩu của "
+"tài khoản này.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: kho lưu %s không được hỗ trợ\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s không có quyá»n thay đổi mật khẩu của %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: không cho phép bạn xem hoặc sửa đổi thông tin mật khẩu đối với %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Äang thay đổi mật khẩu cho %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Mật khẩu cho %s chưa thay đổi.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: mật khẩu đã thay đổi.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: thông tin đã thay đổi vỠsự hết hạn sử dụng mật khẩu.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_chá»n] [passwd]\n"
+"\n"
+"Tùy chá»n:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_chá»n] [passwd [shadow]]\n"
+"\n"
+"Tùy chá»n:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet chỉ báo cáo lỗi\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: không cho phép tập tin shadow thay thế khi mà biến USE_TCB được đặt.\n"
+
+msgid "invalid password file entry"
+msgstr "mục tin tập tin mật khẩu không hợp lệ"
+
+msgid "duplicate password entry"
+msgstr "mục tin mật khẩu trùng"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "tên ngÆ°á»i dùng không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "mã số ngÆ°á»i dùng không hợp lệ “%luâ€\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "ngÆ°á»i dùng “%sâ€: không có nhóm %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "ngÆ°á»i dùng “%sâ€: thÆ° mục “%s†không tồn tại\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "ngÆ°á»i dùng “%sâ€: chÆ°Æ¡ng trình “%s†không tồn tại\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "không có thư mục tcb cho %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "tạo thư mục tcb %s không?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "gặp lỗi khi tạo thư mục tcb cho %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: không thể khóa %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "không có mục tin tập tin mật khẩu tương ứng trong %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "thêm ngÆ°á»i dùng “%s†trong %s không?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"ngÆ°á»i dùng %s có má»™t mục tin trong %s, còn trÆ°á»ng mật khẩu trong %s không "
+"phải được đặt thành “sâ€\n"
+
+msgid "invalid shadow password file entry"
+msgstr "mục tin tập tin mật khẩu shadow không hợp lệ"
+
+msgid "duplicate shadow password entry"
+msgstr "mục tin mật khẩu shadow trùng"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "ngÆ°á»i dùng %s: lần thay đổi mật khẩu cuối cùng nằm trong tÆ°Æ¡ng lai\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: không thể sắp xếp các mục tin trong %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: không thể làm việc khi tcb được bật\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: không thay đổi được chế độ của %s thành 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Truy cập “su†vào tài khoản đó BỊ TỪ CHá»I.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Xác thực mật khẩu bị đi vòng.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Hãy nhập mật khẩu của MÌNH để xác thực.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Không thể rẽ nhánh tiến trình hệ vá» ngÆ°á»i dùng\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: tín hiệu trục trặc\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: trục trặc mặt nạ tín hiệu\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Phiên làm việc đã kết thúc, nên kết thúc hệ vá»â€¦"
+
+msgid " ...killed.\n"
+msgstr " …đã chết.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " …đang đợi tiến con chấm dứt.\n"
+
+msgid " ...terminated.\n"
+msgstr " …đã chấm dứt.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Cách dùng: su [tùy_chá»n…] [đăng_nhập]\n"
+"\n"
+"[su: siêu ngÆ°á»i dùng]\n"
+"\n"
+"Tùy chá»n:\n"
+" -c, --command LỆNH gá»­i lệnh này qua cho hệ vỠđã gá»i\n"
+" -h, --help hiển thị _trợ giúp_ này rồi thoát\n"
+" -, -l, --login lập hệ vỠlà hệ vỠ_đăng nhập_\n"
+" -m, -p,\n"
+" --preserve-environment đừng đặt lại các biến _môi trÆ°á»ng_, và "
+"_giữ_\n"
+" hệ vỠhiện có\n"
+" -s, --shell HỆ_VỎ dùng hệ vỠnày thay cho trình mặc định trong "
+"passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Bị bỠqua)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Bạn không có quyá»n sá»­ dụng lệnh “su†(siêu ngÆ°á»i dùng) vá»›i %s.\n"
+
+msgid "(Enter your own password)"
+msgstr "(Nhập mật khẩu của mình)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: lỗi xác thực\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr ""
+"%s: Bạn không có quyá»n sá»­ dụng lệnh “su†(siêu ngÆ°á»i dùng) vào lúc đó\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Không có mục tin mật khẩu cho tài khoản “%sâ€\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: phải chạy từ thiết bị cuối\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: (pam bắt đầu) lỗi %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Không thể xóa thiết bị cuối Ä‘iá»u khiển\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Không thể thực thi %s\n"
+
+msgid "No password file"
+msgstr "Không có tập tin mật khẩu"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY bị lỗi"
+
+msgid "No password entry for 'root'"
+msgstr "Không có mục tin mật khẩu cho “root†(siêu quản trị)"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Hãy gõ tổ hợp phím Ctrl-D để tiếp tục khởi Ä‘á»™ng bình thÆ°á»ng,\n"
+"(hoặc nhập mật khẩu siêu quản trị để bảo dưỡng hệ thống):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Äang vào Chế Ä‘á»™ Bảo dưỡng Hệ thống"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s đã được tạo, nhÆ°ng không thể bị gỡ bá»\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: cấu hình %s trong %s sẽ bị bỠqua\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: không thể tạo tập tin mặc định mới\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: không thể mở tập tin mặc định mới\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: dòng quá dài trong %s: %s…"
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Không thể tạo tập tin sao lưu dự phòng (%s): %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: thay tên: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: nhóm “%s†là nhóm kiểu NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: ghi rõ quá nhiá»u nhóm (tối Ä‘a %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_chá»n] ÄÄ‚NG_NHẬP\n"
+" %s -D\n"
+" %s -D [các-tùy-chá»n]\n"
+"\n"
+"Tùy chá»n:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+" -b, --base-dir THƯ_MỤC đặt thư mục cơ bản cho thư mục riêng của tài "
+"khoản mới\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment GHI_CHÚ trÆ°á»ng GECOS của tài khoản má»›i\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir THƯ_MỤC thư mục riêng của tài khoản mới\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+" -D, --defaults in hay thay đổi cấu hình useradd mặc định\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr " -e, --expiredate NGÀY ngày hết hạn sử dụng tài khoản mới\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+" -f, --inactive KHOẢNG khoảng thá»i gian không hoạt Ä‘á»™ng của tài "
+"khoản mới\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+" -g, --gid NHÓM tên của mã số của nhóm chính của tài khoản "
+"má»›i\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+" -G, --groups NHÓM danh sách các nhóm phụ của tài khoản mới\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr " -k, --skel THƯ_MỤC dùng thÆ° mục khung sÆ°á»n thay thế\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+" -l, --no-log-init đừng thêm ngÆ°á»i dùng vào các cÆ¡ sở \n"
+" dữ liệu faillog và lastlog\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr " -m, --create-home tạo thÆ° mục riêng của ngÆ°á»i dùng\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+" -M, --no-create-home không tạo thÆ° mục riêng của ngÆ°á»i dùng\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+" -N, --no-user-group đừng tạo má»™t nhóm cùng tên vá»›i ngÆ°á»i dùng\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique cho phép tạo ngÆ°á»i dùng có UID trùng\n"
+" (không duy nhất)\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+" -p, --password MẬT_KHẨU mật khẩu được mật mã của tài khoản mới\n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell HỆ_VỎ hệ vỠđăng nhập của tài khoản mới\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID mã số ngÆ°á»i dùng của tài khoản má»›i\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr " -U, --user-group tạo má»™t nhóm cùng tên vá»›i ngÆ°á»i dùng\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+" -Z, --selinux-user SEUSER dùng má»™t ngÆ°á»i dùng SE (SEUSER) riêng cho sá»± "
+"ánh xạ ngÆ°á»i dùng SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: thÆ° mục cÆ¡ sở không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ghi chú không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: thÆ° mục riêng không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: cần mật khẩu shadow cho tùy chá»n “-eâ€\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: cần mật khẩu shadow cho tùy chá»n “-fâ€\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: trÆ°á»ng không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: hệ vá» không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: “-Z†yêu cầu hạt nhân bật tính năng hỗ trợ SELinux\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: không đặt lại được mục tin faillog của UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: gặp lỗi khi đặt lại mục tin lastlog của UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: gặp lỗi khi chuẩn bị %s mục tin mới\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: không thể tạo thư mục %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Äang tạo tập tin há»™p thÆ°"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Không tìm thấy nhóm “mail†(thÆ° tín). Vì thế Ä‘ang tạo tập tin há»™p thÆ° ngÆ°á»i "
+"dùng với chế độ 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Äang đặt quyá»n truy cập tập tin há»™p thÆ°"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: ngÆ°á»i dùng “%s†đã có\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr "%s: nhóm %s đã có. Muốn thêm há» vào nhóm đó thì dùng tùy chá»n “-gâ€.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: không thể tạo ngÆ°á»i dùng\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu không phải duy nhất\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Gặp lỗi khi tạo thư mục tcb cho %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: không thể tạo nhóm\n"
+
+#, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: không thể tạo mã số ngÆ°á»i dùng lệ thuá»™c\n"
+
+#, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: không thể tạo mã nhóm phụ thuộc\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: cảnh báo: thư mục riêng đã có.\n"
+"Vì vậy không sao chép vào nó tập tin nào từ thÆ° mục “skelâ€.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: cảnh báo: lá»—i ánh xạ tên ngÆ°á»i dùng %s tá»›i ngÆ°á»i dùng SELinux %s.\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+" -f, --force ép buộc gỡ bỠtập tin, thậm chí nếu không\n"
+" được sở hữu bởi ngÆ°á»i dùng\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+" -r, --remove gỡ bỠthư mục riêng và ống chỉ thư tín\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+" -Z, --selinux-user gỡ bỠbất kỳ ánh xạ SELinux nào cho tài "
+"khoản ngÆ°á»i dùng\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: không gỡ bá» nhóm %s bởi vì nó không phải là nhóm chính của ngÆ°á»i dùng "
+"“%sâ€.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: không thể gỡ bỠnhóm %s bởi vì nó có thành viên khác nữa.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: nhóm %s là nhóm chính của má»™t ngÆ°á»i dùng khác thì không bị gỡ bá».\n"
+
+#, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: không thể gỡ bá» %lu mục tin khá»i %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: không tìm thấy bể thư %s (%s)\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: cảnh báo: không thể gỡ bỠ%s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s không phải được %s sở hữu nên không gỡ bỠnó\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: Không thể phân bổ bá»™ nhá»›, mục tin tcb cho %s chÆ°a được gỡ bá».\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Gặp lá»—i khi xóa bỠđặc quyá»n: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Không thể gỡ bỠnội dung của %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Không thể gỡ bỠtập tin tcb cho %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: ngÆ°á»i dùng %s là ngÆ°á»i dùng kiểu NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s không tìm thấy thư mục riêng (%s)\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: sẽ không gỡ bá» thÆ° mục %s (vì cÅ©ng gỡ bá» thÆ° mục riêng của ngÆ°á»i dùng "
+"%s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: gặp lỗi khi gỡ bỠthư mục %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr "%s: cảnh báo: gặp lá»—i khi gỡ bỠánh xạ ngÆ°á»i dùng %s tá»›i SELinux.\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment GHI_LƯU giá trị má»›i của trÆ°á»ng GECOS\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+" -d, --home THƯ_MỤC thÆ° mục riêng má»›i cho tài khoản ngÆ°á»i dùng\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+" -e, --expiredate NGÀY đặt thành ngày này ngày hết hạn dùng tài "
+"khoản\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INACTIVE đặt thành INACTIVE mật khẩu không còn hoạt "
+"động lại\n"
+" sau khi hết hạn dùng\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+" -g, --gid NHÓM ép buộc sử dụng nhóm này làm nhóm chính mới\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups NHÓM danh sách mới chứa các nhóm phụ\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append thêm ngÆ°á»i dùng vào các nhóm phụ\n"
+" Ä‘Æ°a ra bởi tùy chá»n “-G†mà không gỡ bá» ta "
+"khá»i nhóm khác\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login ÄÄ‚NG_NHẬP giá trị má»›i của tên đăng nhập\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock khóa tài khoản ngÆ°á»i dùng\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home di chuyển nội dung của thư mục riêng sang vị "
+"trí mới\n"
+" (chỉ dùng cùng vá»›i “-dâ€)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+" -o, --non-unique cho phép sử dụng UID trùng (không duy nhất)\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr " -p, --password MẬT_KHẨU mật mã hóa mật khẩu mới\n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID UID má»›i cho tài khoản ngÆ°á»i dùng\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock mở khóa tài khoản ngÆ°á»i dùng\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr " -v, --add-subuids ÄẦU-CUá»I thêm vùng mã ngÆ°á»i dùng lệ thuá»™c\n"
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr " -V, --del-subuids ÄẦU-CUá»I xóa vùng mã ngÆ°á»i dùng lệ thuá»™c\n"
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr " -w, --add-subgids ÄẦU-CUá»I thêm vùng mã nhóm lệ thuá»™c\n"
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr " -W, --del-subgids ÄẦU-CUá»I xóa vùng mã nhóm lệ thuá»™c\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+" -Z, --selinux-user SEUSER ánh xạ SELinux má»›i cho tài khoản ngÆ°á»i dùng\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: mở khóa mật khẩu của ngÆ°á»i dùng thì gây ra má»™t tài khoản không có mật "
+"khẩu.\n"
+"Bạn nên đặt má»™t mật khẩu dùng “usermod -p†để mở khóa mật khẩu của ngÆ°á»i "
+"dùng này.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: ngÆ°á»i dùng “%s†đã có trong %s\n"
+
+#, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: vùng mã số ngÆ°á»i dùng lệ thuá»™c không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: vùng mã số nhóm lệ thuá»™c không hợp lệ “%sâ€\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: không tùy chá»n\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: các cỠ“-Lâ€, “-p†và “-U†loại từ lẫn nhau\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: mật khẩu shadow cần cho hai tùy chá»n “-e†và “-fâ€\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID “%lu†đã có\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s không tồn tại, bạn không thể dùng cỠ%s hay %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: thư mục %s đã có\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Thư mục riêng trước đó (%s) không là một thư mục. Nó chưa được gỡ bỠvà "
+"chưa tạo thư mục riêng (home).\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Gặp lỗi khi thay đổi chủ sở hữu của thư mục home (riêng)"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: cảnh báo: gặp lỗi khi gỡ bỠhoàn toàn thư mục riêng cũ %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: không thể thay đổi lại tên thư mục %s thành %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: gặp lá»—i khi sao chép mục tin lastlog của ngÆ°á»i dùng %lu sang ngÆ°á»i dùng "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: không sao chép được mục tin faillog của ngÆ°á»i dùng %lu sang ngÆ°á»i dùng "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: cảnh báo: %s không do %s sở hữu\n"
+
+msgid "failed to change mailbox owner"
+msgstr "gặp lỗi khi đổi chủ sở hữu hộp thư"
+
+msgid "failed to rename mailbox"
+msgstr "gặp lỗi khi đổi tên của hộp thư"
+
+#, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: gặp lá»—i khi xóa bá» vùng mã ngÆ°á»i dùng %lu-%lu khá»i “%sâ€\n"
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: gặp lá»—i khi thêm vùng mã ngÆ°á»i dùng %lu-%lu vào “%sâ€\n"
+
+#, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: gặp lá»—i khi gỡ bá» vùng mã số nhóm %lu-%lu khá»i “%sâ€\n"
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: gặp lá»—i khi thêm vùng mã số nhóm %lu-%lu vào “%sâ€\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Bạn đã sửa đổi %s.\n"
+"Äể thống nhất thì bạn cÅ©ng có thể cần sá»­a đổi %s.\n"
+"Hãy sử dụng câu lệnh “%s†để làm như thế.\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group sửa đổi cơ sở dữ liệu nhóm\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd sửa đổi cơ sở dữ liệu passwd\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+" -s, --shadow sửa đổi cơ sở dữ liệu shadow hay gshadow\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr " -u, --user sá»­a tập tin shadow tcb của ngÆ°á»i này\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: gặp lỗi khi gỡ bỠ%s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s chưa thay đổi\n"
+
+msgid "failed to create scratch directory"
+msgstr "gặp lỗi khi tạo thư mục hỗn tạp"
+
+msgid "failed to drop privileges"
+msgstr "gặp lá»—i khi xóa đặc quyá»n"
+
+msgid "Couldn't get file context"
+msgstr "Không thể lấy ngữ cảnh tập tin"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () bị lỗi"
+
+msgid "failed to gain privileges"
+msgstr "gặp lá»—i khi cấp đặc quyá»n"
+
+msgid "Couldn't lock file"
+msgstr "Không thể khóa tập tin"
+
+msgid "Couldn't make backup"
+msgstr "Không thể sao lưu"
+
+#, c-format
+msgid "%s: %s: %s\n"
+msgstr "%s: %s: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s trả vỠvới trạng thái là %d\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr "%s: %s bị giết bởi tín hiệu %d\n"
+
+msgid "failed to open scratch file"
+msgstr "gặp lỗi khi mở tập tin hỗn tạp"
+
+msgid "failed to unlink scratch file"
+msgstr "gặp lỗi khi bỠliên kết tập tin hỗn tạp"
+
+msgid "failed to stat edited file"
+msgstr "gặp lỗi khi lấy thống kê tập tin đã sửa"
+
+msgid "failed to allocate memory"
+msgstr "gặp lỗi khi phân bổ bộ nhớ"
+
+msgid "failed to create backup file"
+msgstr "không thể tạo tập tin sao lưu dự phòng"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: không thể phục hồi %s: %s (các thay đổi của bạn nằm trong %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: gặp lỗi khi tìm thư mục tcb cho %s\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr " -c, --crypt-method phương pháp mật mã (một của %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Cách dùng: vipw [tuỳ_chá»n …]\n"
+#~ "\n"
+#~ "Tùy chá»n:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) (cấp phát bộ nhớ) bị lỗi\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Cách dùng: chage [tuỳ_chá»n …] [ÄÄ‚NG_NHẬP]\n"
+#~ "\n"
+#~ "Tùy chá»n:\n"
+#~ " -d, --lastday NGÀY_CUá»I đặt ngày thay đổi mật khẩu cuối cùng "
+#~ "thành ngày này\n"
+#~ " -E, --expiredate NGÀY_HẾT_HẠN đặt ngày hết hạn dùng tài khoản thành "
+#~ "ngày này\n"
+#~ " -h, --help \t\thiển thị trợ giúp này, sau đó thoát\n"
+#~ " -I, --inactive INACTIVE \tđặt mật khẩu không còn hoạt động lại "
+#~ "sau khi hết hạn dùng,\n"
+#~ "\t\t\t\t\t\tthành INACTIVE\n"
+#~ " -l, --list \t\t\thiển thị thông tin vá» khoảng thá»i "
+#~ "gian sử dụng tài khoản\n"
+#~ " -m, --mindays SỠ\t\tđặt thành số này số tối thiểu các ngày "
+#~ "trước khi thay đổi mật khẩu\n"
+#~ " -M, --maxdays Sá»\t\t\tđặt thành số này số tối Ä‘a các ngày trÆ°á»›c khi "
+#~ "thay đổi mật khẩu\n"
+#~ " -W, --warndays SỠ\t\tđặt thành số này số các ngày gây ra cảnh báo "
+#~ "vỠhết hạn dùng\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: lỗi xác thực PAM\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Cách dùng: %s [-f há»_tên] [-r số_phòng] [-w Ä‘iện_thoại_chá»—_làm]\n"
+#~ "\t[-h Ä‘iện_thoại_ở_nhà] [-o khác] [ngÆ°á»i_dùng]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Cách dùng: %s [-f há»_tên] [-r số_phòng] [-w Ä‘iện_thoại_chá»—_làm]\n"
+#~ "\t[-h điện_thoại_ở_nhà]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Cách dùng: %s [tùy_chá»n]\n"
+#~ "\n"
+#~ "Tùy chá»n:\n"
+#~ " -c, --crypt-method phương pháp mã hóa (một của %s)\n"
+#~ " -e, --encrypted mã hóa mỗi mật khẩu đã cung cấp\n"
+#~ " -h, --help hiển thị trợ giúp này rồi thoát\n"
+#~ " -m, --md5 mã hóa mật khẩu nhập thô, dùng thuật toán MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Cách dùng: chsh [tùy_chá»n…] [ÄÄ‚NG_NHẬP]\n"
+#~ "\n"
+#~ "Tùy chá»n:\n"
+#~ " -h, --help hiện _trợ giúp_ này rồi thoát\n"
+#~ " -s, --shell TRÌNH_BAO hệ vỠđăng nhập mới\n"
+#~ "\t\t\t\t\t\tcho tài khoản ngÆ°á»i dùng\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr ""
+#~ "Cách dùng: expiry {-f|-c}\n"
+#~ "[expiry: mãn hạn]\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: không lấy được mục tin cho UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: không thể mở %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: không thể lấy kích cỡ của %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr ""
+#~ "Cách dùng: groupdel nhóm\n"
+#~ "[groupdel: xóa nhóm]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Cách dùng: %s [-r] [-s] [nhóm [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Cách dùng: %s [-r] [-s] [nhóm]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: hai tùy chá»n “-s†và “-r†không tÆ°Æ¡ng thích vá»›i nhau\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Cách dùng: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Cách dùng: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Cách dùng: lastlog [tùy_chá»n…]\n"
+#~ "\n"
+#~ "[lastlog: bản ghi cuối cùng]\n"
+#~ "\n"
+#~ "Tùy chá»n:\n"
+#~ " -b, --before SỠhiển thị chỉ những bản ghi lastlog\n"
+#~ " cũ hơn số ngày này (_trước_)\n"
+#~ " -h, --help hiển thị _trợ giúp_ này rồi thoát\n"
+#~ " -t, --time SỠhiển thị chỉ những mục ghi lastlog\n"
+#~ " má»›i hÆ¡n số ngày này (_thá»i gian_)\n"
+#~ " -u, --user ÄÄ‚NG_NHẬP hiển thị mục ghi lastlog cho _ngÆ°á»i dùng_ tên "
+#~ "này\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Cách dùng: passwd [tuỳ_chá»n …] [ÄÄ‚NG_NHẬP]\n"
+#~ "\n"
+#~ "Tùy chá»n:\n"
+#~ " -a, --all\t\t\tthông báo trạng thái mật khẩu vá» má»i tài khoản\n"
+#~ " -d, --delete \txóa mật khẩu cho tài khoản đặt tên\n"
+#~ " -e, --expire \tép buộc hết hạn dùng mật khẩu cho tài khoản đặt "
+#~ "tên\n"
+#~ " -h, --help \thiển thị trợ giúp này, sau đó thoát\n"
+#~ " -k, --keep-tokens\tthay đổi mật khẩu chỉ nếu bị hết hạn dùng\n"
+#~ " -i, --inactive INACTIVE\tđặt thành INACTIVE mật khẩu không còn hoạt "
+#~ "động lại\n"
+#~ "\t\t\t\t\tsau khi hết hạn dùng\n"
+#~ " -l, --lock \tkhóa mật khẩu của tài khoản đặt tên\n"
+#~ " -n, --mindays Sá»\tđặt thành số này số tối thiểu các ngày trÆ°á»›c khi mật "
+#~ "khẩu thay đổi được\n"
+#~ " -q, --quiet \tchế độ không xuất chi tiết\n"
+#~ " -r, --repository KHO\t\tthay đổi mật khẩu trong kho lưu này\n"
+#~ " -S, --status \tthông báo trạng thái mật khẩu vỠtài khoản đặt "
+#~ "tên\n"
+#~ " -u, --unlock\t\tmở khóa mật khẩu của tài khoản đặt tên\n"
+#~ " -w, --warndays NGÀY\tđặt thành số này số các ngày cảnh báo vỠhết hạn "
+#~ "dùng\n"
+#~ " -x, --maxdays NGÀY\tđặt thành số này số tối đa các ngày trước khi thay "
+#~ "đổi được mật khẩu\n"
+#~ "\n"
diff --git a/po/zh_CN.po b/po/zh_CN.po
new file mode 100644
index 0000000..7a84df7
--- /dev/null
+++ b/po/zh_CN.po
@@ -0,0 +1,3444 @@
+# Simplified Chinese translation to shadow
+# This file is distributed under the same license as the shadow package.
+# Copyright:
+# Ming Hua <minghua@ubuntu.com>, 2005,2006,2007.
+# Carlos Z.F. Liu <carlosliu@users.sourceforge.net>, 2004,2006.
+# YunQiang Su <wzssyqa@gmail.com>, 2010, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.15\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-01-10 01:23+0800\n"
+"Last-Translator: YunQiang Su <wzssyqa@gmail.com>\n"
+"Language-Team: Chinese (simplified) <i18n-zh@googlegroups.com>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bits\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr "多个å为“%sâ€çš„æ¡ç›®åŒæ—¶å­˜åœ¨äºŽ %s 中,请使用 pwck 或 grpck æ¥ä¿®å¤ã€‚\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "libcrypt ä¸æ”¯æŒæ­¤åŠ å¯†æ–¹æ³•ï¼Ÿ(%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "é…置错误 - æ— æ³•è§£æž %s 值:“%sâ€"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "无法为é…置信æ¯åˆ†é…空间。\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "é…置错误 - 未知项目“%sâ€(请通知管ç†å‘˜)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd å¼‚å¸¸ç»“æŸ (ä¿¡å· %d)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd ä»¥çŠ¶æ€ %d 退出"
+
+msgid "Password: "
+msgstr "密ç ï¼š"
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s 的密ç ï¼š"
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "无法创建 SELinux 管ç†å¥æŸ„\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "无法建立 SELinux 管ç†è¿žæŽ¥\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "无法开始 SELinux 事务\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "无法为 %s 查询 seuser\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "无法为 %s 设置 serange\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "无法为 %s 设置 sename\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "无法为 %s 修改登录映射\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "无法为 %s 创建登录映射\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "无法为 %s 设置å称\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "无法为 %s 设置 SELinux 用户\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "无法为 %s 添加登录映射\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "无法创建 SELinux 用户密钥\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "æ— æ³•éªŒè¯ SELinux 用户\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "无法修改 SELinux 用户映射\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "无法添加 SELinux 用户映射\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "无法æ交 SELinux 事务\n"
+
+#, fuzzy, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr "%s 的登录映射已ç»å®šä¹‰ï¼Œå¦‚æžœ"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr "策略中,已ç»å®šä¹‰äº† %s 的登录映射,无法删除\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "无法删除 %s 的登录映射"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s:内存溢出\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s:无法获å–文件 %s çš„ä¿¡æ¯ï¼š%s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr ""
+"%s:%s æ—¢ä¸æ˜¯ç›®å½•ä¹Ÿä¸æ˜¯ç¬¦å·é“¾æŽ¥ã€‚\n"
+"\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s:无法读å–符å·é“¾æŽ¥ %s:%s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s:å¯ç–‘的长符åˆé“¾æŽ¥ï¼š%s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s:无法创建目录 %s:%s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s:无法更改 %s 的属主:%s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s:无法更改 %s 的模å¼ï¼š%s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s:删除(unlink):%s:%s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s:无法删除目录 %s:%s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s:无法将目录 %s 改å为 %s:%s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s:无法删除 %s:%s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s:无法创建符å·é“¾æŽ¥ %s:%s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s:无法更改 %s 的属主:%s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s:无法获å–符å·é“¾æŽ¥ %s 自身的信æ¯(lstat):%s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr ""
+"%s:警告,用户 %s 没有 tcb å½±å­æ–‡ä»¶ã€‚\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s:紧急:%s çš„ tcb å½±å­ä¸æ˜¯ä¸€ä¸ª st_nlink=1 的普通文件。\n"
+"å¸å·å°†é”定。\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s:创建目录:%s:%s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s:无法打开 %s:%s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "警告:未知组 %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "警告:用户组过多\n"
+
+msgid "Your password has expired."
+msgstr "您的密ç å·²è¿‡æœŸã€‚"
+
+msgid "Your password is inactive."
+msgstr "您的密ç å·²å¤±æ•ˆã€‚"
+
+msgid "Your login has expired."
+msgstr "您的å¸æˆ·å·²è¿‡æœŸã€‚"
+
+msgid " Contact the system administrator."
+msgstr " 请与系统管ç†å‘˜è”系。"
+
+msgid " Choose a new password."
+msgstr " 请选择一个新密ç ã€‚"
+
+msgid "You must change your password."
+msgstr "您必须è¦æ›´æ”¹è‡ªå·±çš„密ç ã€‚"
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "您的密ç å°†åœ¨ %ld 天内过期。\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "您的密ç å°†åœ¨æ˜Žå¤©è¿‡æœŸã€‚"
+
+msgid "Your password will expire today."
+msgstr "您的密ç ä»Šå¤©è¿‡æœŸã€‚"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "æ— æ³•æ‰“å¼€å®¡è®¡æŽ¥å£ - 退出。\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "ä¸èƒ½æ”¹å˜ tty 标准输入的属主或模å¼ï¼š%s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%sï¼šè§£é” %s 失败\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s:"
+
+msgid ": "
+msgstr ":"
+
+msgid "Environment overflow\n"
+msgstr "环境溢出\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "您ä¸åº”è¯¥æ”¹å˜ $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"自上一次登录以æ¥å·²æœ‰ %d 次登录失败。\n"
+"最åŽä¸€æ¬¡æ˜¯ %s 在 %s 上。\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s:无效的é…置:GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr "%s:无效的é…置:SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s:申请内存失败:%s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s:无法获å–独有的系统 GID (没有更多å¯ç”¨çš„ GID 了)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s:无法获å–独有的 GID (no more available GIDs)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s:无效的é…置:UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr "%s:无效的é…置:SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s:无法获å–独有的系统 UID (没有更多å¯ç”¨çš„ UID 了)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s:无法获å–独有的系统 UID (没有更多å¯ç”¨çš„ UID 了)\n"
+
+msgid "Too many logins.\n"
+msgstr "登录数é‡è¿‡å¤šã€‚\n"
+
+msgid "You have new mail."
+msgstr "您有新信件。"
+
+msgid "No mail."
+msgstr "无信件。"
+
+msgid "You have mail."
+msgstr "您有信件。"
+
+msgid "no change"
+msgstr "没有改å˜"
+
+msgid "a palindrome"
+msgstr "一个回文è¯"
+
+msgid "case changes only"
+msgstr "仅有大å°å†™æ”¹åŠ¨"
+
+msgid "too similar"
+msgstr "太相似"
+
+msgid "too simple"
+msgstr "太简å•"
+
+msgid "rotated"
+msgstr "已轮转"
+
+msgid "too short"
+msgstr "太短"
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "错误的密ç ï¼š%s。 "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() 失败,错误 %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd:%s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd:密ç æœªæ›´æ”¹\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd:已æˆåŠŸæ›´æ–°å¯†ç \n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "%s 的密ç ä¸æ­£ç¡®ã€‚\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: 选项“%sâ€éœ€è¦ä¸€ä¸ªé€‰é¡¹\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s:放弃特æƒæ—¶å¤±è´¥ (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s:无效的 chroot 路径“%sâ€\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s:无法访问 chroot 目录 %s:%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s:无法访问 chroot 目录 %s:%s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s:无法 chroot 到目录 %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"无效的 ENCRYPT_METHOD 值:“%sâ€ã€‚\n"
+"默认为 DES。\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "无法 cd 进入“%sâ€\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "没有目录,将以 HOME=/ 登录"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "无法执行 %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "无效的根目录“%sâ€\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "无法将根目录改å˜ä¸ºâ€œ%sâ€\n"
+
+msgid "Unable to determine your tty name."
+msgstr "无法确定您的 tty 终端å。"
+
+msgid "No"
+msgstr "å¦"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法:%s [选项] 登录\n"
+"\n"
+"选项:\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr " -d, --lastday 最近日期 将最近一次密ç è®¾ç½®æ—¶é—´è®¾ä¸ºâ€œæœ€è¿‘日期â€\n"
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr " -E, --expiredate 过期日期 å°†å¸æˆ·è¿‡æœŸæ—¶é—´è®¾ä¸ºâ€œè¿‡æœŸæ—¥æœŸâ€\n"
+
+msgid " -h, --help display this help message and exit\n"
+msgstr " -h, --help 显示此帮助信æ¯å¹¶æŽ¨å‡º\n"
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -I, --inactive INACITVE 过期 INACTIVE 天数åŽï¼Œè®¾å®šå¯†ç ä¸ºå¤±æ•ˆçŠ¶æ€\n"
+
+msgid " -l, --list show account aging information\n"
+msgstr " -l, --list 显示å¸æˆ·å¹´é¾„ä¿¡æ¯\n"
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -m, --mindays 最å°å¤©æ•° 将两次改å˜å¯†ç ä¹‹é—´ç›¸è·çš„最å°å¤©æ•°è®¾ä¸ºâ€œæœ€å°å¤©"
+"æ•°â€\n"
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -M, --maxdays 最大天数 将两次改å˜å¯†ç ä¹‹é—´ç›¸è·çš„最大天数设为“最大天"
+"æ•°â€\n"
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -R, --root CHROOT_DIR chroot 到的目录\n"
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr " -W, --warndays 警告天数 将过期警告天数设为“警告天数â€\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "请输入新值,或直接敲回车键以使用默认值"
+
+msgid "Minimum Password Age"
+msgstr "最å°å¯†ç å¹´é¾„"
+
+msgid "Maximum Password Age"
+msgstr "最大密ç å¹´é¾„"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "最近一次密ç ä¿®æ”¹æ—¶é—´ (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "密ç è¿‡æœŸè­¦å‘Š"
+
+msgid "Password Inactive"
+msgstr "密ç å¤±æ•ˆ"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "å¸æˆ·è¿‡æœŸæ—¶é—´ (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "最近一次密ç ä¿®æ”¹æ—¶é—´\t\t\t\t\t:"
+
+msgid "never"
+msgstr "从ä¸"
+
+msgid "password must be changed"
+msgstr "密ç å¿…须更改"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "密ç è¿‡æœŸæ—¶é—´\t\t\t\t\t:"
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "密ç å¤±æ•ˆæ—¶é—´\t\t\t\t\t:"
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "å¸æˆ·è¿‡æœŸæ—¶é—´\t\t\t\t\t\t:"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "两次改å˜å¯†ç ä¹‹é—´ç›¸è·çš„最å°å¤©æ•°\t\t:%ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "两次改å˜å¯†ç ä¹‹é—´ç›¸è·çš„最大天数\t\t:%ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "在密ç è¿‡æœŸä¹‹å‰è­¦å‘Šçš„天数\t:%ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s:无效的日期“%sâ€\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s:无效的数字å‚数“%sâ€\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s:请ä¸è¦ä¸Žå…¶å®ƒæ ‡å¿—一åŒä½¿ç”¨â€œlâ€\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s:没有æƒé™ã€‚\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s:无法确定您的用户å。\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s:无法é”定 %s,请ç¨åŽå†è¯•ã€‚\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s:无法打开 %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s:将更改写入 %s 时失败\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s:准备新 %s æ¡ç›®â€œ%sâ€å¤±è´¥\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s:影å­å¯†ç æ–‡ä»¶ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s:用户 %s ä¸å­˜åœ¨äºŽ %s 中\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "正在为 %s 修改年龄信æ¯\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s:改å˜å­—段时出错\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法:%s [选项] [登录]\n"
+"\n"
+"选项:\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr " -f, --full-name FULL_NAME 更改用户的全å\n"
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr " -h, --home-phone HOME_PHONE 更改用户的家庭电è¯å·ç \n"
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr " -o, --other OTHER_INFO 更改用户的其它 GECOS ä¿¡æ¯\n"
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr " -r, --room ROOM_NUMBER 更改用户的房间å·\n"
+
+msgid " -u, --help display this help message and exit\n"
+msgstr " -u, --help 显示此帮助信æ¯å¹¶æŽ¨å‡º\n"
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr " -w, --work-phone WORK_PHONE 更改用户的办公室电è¯å·ç \n"
+
+msgid "Full Name"
+msgstr "å…¨å"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s:%s\n"
+
+msgid "Room Number"
+msgstr "房间å·ç "
+
+msgid "Work Phone"
+msgstr "工作电è¯"
+
+msgid "Home Phone"
+msgstr "家庭电è¯"
+
+msgid "Other"
+msgstr "其它"
+
+msgid "Cannot change ID to root.\n"
+msgstr "æ— æ³•æ”¹å˜ ID 到 root。\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s:åç§°ä¸­æœ‰éž ASCII 字符:“%sâ€\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s:无效的å称:“%sâ€\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s:房间å包å«éž ASCII 字符:“%sâ€\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s:无效的房间å·ç ï¼šâ€œ%sâ€\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s:无效的工作电è¯ï¼šâ€œ%sâ€\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s:无效的家庭电è¯ï¼šâ€œ%sâ€\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s:“%sâ€åŒ…å«éž ASCII 字符\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s:“%sâ€åŒ…å«éžæ³•å­—符\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s:用户“%sâ€ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s:ä¸èƒ½åœ¨ NIS 客户端上修改用户“%sâ€ã€‚\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s:“%sâ€æ˜¯æ­¤å®¢æˆ·ç«¯çš„ NIS 管ç†å‘˜ã€‚\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "æ­£åœ¨æ”¹å˜ %s 的用户信æ¯\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s:字段太长\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法:%s [选项]\n"
+"\n"
+"选项:\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr " -c, --crypt-method 方法 加密方法(%s 中的一个)\n"
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr " -e, --encrypted\t\tæ供的密ç å·²ç»åŠ å¯†\n"
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr " -m, --md5\t\t使用 MD5 算法加密明文密ç \n"
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr " -s, --sha-rounds\t\tSHA* 加密算法中的 SHA æ—边的数字\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s:%s 标记åªèƒ½å’Œ %s 标记一起使用\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s:-c, -e 和 -m 选项互斥\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s:ä¸æ”¯æŒçš„加密方法:%s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s:第 %d 行:此行太长\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s:第 %d 行:缺少新密ç \n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: 写入 %s 失败: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s:第 %d 行:组“%sâ€ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+"%s:第 %d 行:准备新 %s æ¡ç›®â€œ%sâ€å¤±è´¥\n"
+"\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s:å‘现错误,忽略改动\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s:(第 %d 行,用户 %s) ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s:第 %d 行:用户“%sâ€ä¸å­˜åœ¨\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr " -s, --shell SHELL 该用户å¸å·çš„新登录 shell\n"
+
+msgid "Login Shell"
+msgstr "登录 Shell"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "您ä¸èƒ½ä¸ºâ€œ%sâ€æ›´æ”¹ shell。\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "正在更改 %s 的 shell\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s:无效的æ¡ç›®ï¼š%s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s:%s 是无效的 shell。\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s:警告:%s ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s:警告:%s ä¸å¯æ‰§è¡Œ\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr " -c, --check 检查用户密ç æ˜¯å¦è¿‡æœŸ\n"
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr " -f, --force 如果用户密ç è¿‡æœŸï¼Œåˆ™å¼ºåˆ¶è¦æ±‚更改密ç \n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s:选项 %s å’Œ %s 冲çª\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s:æ„外的å‚数:%s\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr " -a, --all\t\t\t为所有用户显示登陆失败记录\n"
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr " -l, --lock-secs SEC\t登陆失败åŽä¸´æ—¶é”定账户 %s 秒\n"
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr " -m, --maximum MAX\t\t将最大登陆失败计数设置为 MAX\n"
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr " -r, --reset\t\té‡ç½®ç™»é™†å¤±è´¥è®¡æ•°\n"
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr " -t, --time DAYS\t\t显示 DAYS 天æ¥çš„登陆失败记录\n"
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+" -u, --user LOGIN/RANGE\tåªä¸ºæŒ‡å®šçš„登录显示登录失败记录或维护失败\n"
+"\t\t\t\t\t计数和é™åˆ¶(如果使用了 -r, -m 或 -l)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%sï¼šèŽ·å– UID %lu çš„æ¡ç›®å¤±è´¥\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "登录 失败次数 最多 最近 于\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [还剩 %lus]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [é”定 %lds]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s:为 UID %lu é‡ç½®å¤±è´¥è®¡æ•°å¤±è´¥\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s:为 UID %lu 设置最大值失败\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s:为 UID %lu 设置é”定时间失败\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s:未知用户或范围:%s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s:无法获得 %s 的大å°ï¼š%s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: 写入 %s 失败: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法:%s [选项] 组\n"
+"\n"
+"选项:\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr " -a, --add USER å‘组 GROUP 中添加用户 USER\n"
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr " -d, --delete USER 从组 GROUP 中添加或删除用户\n"
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr " -Q, --root CHROOT_DIR è¦ chroot 进的目录\n"
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr " -r, --remove-password 移除组 GROUP 的密ç \n"
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr " -R, --restrict å‘å…¶æˆå‘˜é™åˆ¶è®¿é—®ç»„ GROUP\n"
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr " -M, --members USER,... 设置组 GROUP çš„æˆå‘˜åˆ—表\n"
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr " -A, --administrators ADMIN,...\t设置组的管ç†å‘˜åˆ—表\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "除éžä½¿ç”¨ -A 或 -M 选项,ä¸èƒ½ç»“åˆä½¿ç”¨è¿™äº›é€‰é¡¹ã€‚\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "选项ä¸èƒ½ç»“åˆã€‚\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s:-A 需è¦å½±å­ç»„密ç \n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s:%s 组ä¸å­˜åœ¨äºŽ %s 中\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s:关闭åªè¯» %s 时失败\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "正在修改 %s 组的密ç \n"
+
+msgid "New Password: "
+msgstr "新密ç ï¼š"
+
+msgid "Re-enter new password: "
+msgstr "请é‡æ–°è¾“入新密ç ï¼š"
+
+msgid "They don't match; try again"
+msgstr "他们并ä¸åŒ¹é…;请é‡è¯•"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s:请ç¨åŽé‡è¯•\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "正在将用户“%sâ€åŠ å…¥åˆ°â€œ%sâ€ç»„中\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "正在将用户“%sâ€ä»Žâ€œ%sâ€ç»„中删除\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s:用户“%sâ€ä¸æ˜¯â€œ%sâ€çš„æˆå‘˜\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s:ä¸æ˜¯ tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法:%s [选项] 组\n"
+"\n"
+"选项:\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+" -f, --force\t\t如果组已ç»å­˜åœ¨åˆ™æˆåŠŸé€€å‡º\n"
+"\t\t\t并且如果 GID å·²ç»å­˜åœ¨åˆ™å–消 -g\n"
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr " -g, --gid GID 为新组使用 GID\n"
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr " -K, --key KEY=VALUE ä¸ä½¿ç”¨ /etc/login.defs 中的默认值\n"
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr " -o, --non-unique å…许创建有é‡å¤ GID 的组\n"
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr " -p, --password PASSWORD 为新组使用此加密过的密ç \n"
+
+msgid " -r, --system create a system account\n"
+msgstr " -r, --system 创建一个系统账户\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s:“%sâ€ä¸æ˜¯æœ‰æ•ˆçš„组å\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s:无效的组 ID “%sâ€\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s:-K éœ€è¦ KEY=VALUE\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s:“%sâ€ç»„已存在\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s:GID “%luâ€å·²ç»å­˜åœ¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s:无法确定您的用户å。\n"
+
+#, fuzzy
+#| msgid ""
+#| " -r, --reset reset the counters of login failures\n"
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr " -r, --reset\t\té‡ç½®ç™»é™†å¤±è´¥è®¡æ•°\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%1$s:无法从 %3$s 中移除 %2$s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s:ä¸èƒ½ç§»é™¤ç”¨æˆ·â€œ%sâ€çš„主组\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s:“%sâ€ç»„ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s:“%sâ€ç»„是一个 NIS 组。\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s:%s 是 NIS 管ç†å‘˜\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s:用户“%sâ€å·²ç»æ˜¯ %s çš„æˆå‘˜\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s:超出内存。ä¸èƒ½æ›´æ–° %s。\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法:%s [选项] [动作]\n"
+"\n"
+"选项:\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+" -g, --group groupname 更改组 groupname,而ä¸æ˜¯ç”¨æˆ·çš„组(åª root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "动作:\n"
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr " -a, --add username 将用户 username 添加到组æˆå‘˜ä¸­\n"
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr " -d, --delete username 从组的æˆå‘˜ä¸­åˆ é™¤ç”¨æˆ· username\n"
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr " -p, --purge 从组中移除所有æˆå‘˜\n"
+
+msgid " -l, --list list the members of the group\n"
+msgstr " -l, --list 列出组中的所有æˆå‘˜\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s:您的组å和用户åä¸åŒ¹é…\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s:åªæœ‰ root æ‰å¯ä»¥ä½¿ç”¨ -g/--group 选项\n"
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr " -g, --gid GID 将组 ID 改为 GID\n"
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr " -n, --new-name NEW_GROUP 改å为 NEW_GROUP\n"
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr " -o, --non-unique å…许使用é‡å¤çš„ GID\n"
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr " -p, --password PASSWORD\t将密ç æ›´æ”¹ä¸º(加密过的) PASSWORD\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s:无效的组å“%sâ€\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s:%s 组是一个 NIS 组\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s:未知用户 %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法:%s [选项] [组 [gshadow]]\n"
+"\n"
+"选项:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法:%s [选项] [组]\n"
+"\n"
+"选项:\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr " -r, --read-only 显示错误和警告,但ä¸æ”¹å˜æ–‡ä»¶\n"
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr " -s, --sort 通过 UID 排åºé¡¹ç›®\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s:-s å’Œ -r ä¸å…¼å®¹\n"
+
+msgid "invalid group file entry"
+msgstr "无效的组文件æ¡ç›®"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "删除“%sâ€ä¸€è¡Œï¼Ÿ"
+
+msgid "duplicate group entry"
+msgstr "å¤åˆ¶ç»„æ¡ç›®"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "无效的组å“%sâ€\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "无效的组 ID “%luâ€\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "%s 组:无用户 %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "删除æˆå‘˜â€œ%sâ€å—?"
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "在 %s 中没有找到匹é…的组文件æ¡ç›®\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "将组“%sâ€æ·»åŠ åˆ° %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr "组 %s 在 %s 中有一个æ¡ç›®ï¼Œä½†æ˜¯ %s 中它的密ç å­—段ä¸æ˜¯â€œxâ€\n"
+
+msgid "invalid shadow group file entry"
+msgstr "无效的影å­ç»„文件æ¡ç›®"
+
+msgid "duplicate shadow group entry"
+msgstr "é‡å¤çš„å½±å­ç»„æ¡ç›®"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "%s å½±å­ç»„:无管ç†å‘˜ç”¨æˆ· %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "删除有管ç†æƒé™çš„æˆå‘˜â€œ%sâ€å—?"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "%s å½±å­ç»„:无用户 %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s:文件已更新\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s:无改å˜\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s:无法删除 %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "用法:id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "用法:id\n"
+
+msgid " groups="
+msgstr " 组="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr " -b, --before DAYS 仅打å°æ—©äºŽ DAYS 的最近登录记录\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr " -a, --all\t\t\t为所有用户显示登陆失败记录\n"
+
+#, fuzzy
+#| msgid ""
+#| " -a, --all display faillog records for all users\n"
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr " -a, --all\t\t\t为所有用户显示登陆失败记录\n"
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr " -t, --time DAYS 仅打å°æ™šäºŽ DAYS 的最近登录记录\n"
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr " -u, --user LOGIN æ‰“å° LOGIN 用户的最近登录记录\n"
+
+msgid "Username Port From Latest"
+msgstr "用户å ç«¯å£ æ¥è‡ª 最åŽç™»é™†æ—¶é—´"
+
+msgid "Username Port Latest"
+msgstr "用户å ç«¯å£ æœ€åŽç™»é™†æ—¶é—´"
+
+msgid "**Never logged in**"
+msgstr "**从未登录过**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%sï¼šèŽ·å– UID %lu çš„æ¡ç›®å¤±è´¥\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s:无法更新密ç æ–‡ä»¶\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "用法:%s [-p] [å称]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h 主机] [-f å称]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r 主机\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "é…置出错 - æ— æ³•è§£æž %s 值:â€%d“"
+
+msgid "Invalid login time"
+msgstr "无效的登录时间"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"系统关闭,例行维护"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[忽略断线è¦æ±‚ -- å…许 root 登录。]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s:没有有效 root 的情况下,ä¸å¯èƒ½å·¥ä½œ\n"
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr "没有 utmp æ¡ç›®ã€‚您必须在最底层的“shâ€é‡Œæ‰§è¡Œâ€œloginâ€"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"%u 秒åŽç™»å½•è¶…时。\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM 错误,正在退出:%s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s 用户å:"
+
+msgid "login: "
+msgstr "用户å:"
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "å·²ç»è¶…过最大å°è¯•æ¬¡æ•° (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM 中止请求\n"
+
+msgid "Login incorrect"
+msgstr "登录错误"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "无法找到用户 (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s 用户å:"
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s:fork 失败:%s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "%s 上 TIOCSCTTY 失败"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "警告:在短暂的é”定åŽå°†æ¢å¤ç™»å½•ã€‚"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "上次登录:%s 在 %s 上"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "上次登录:%.19s 在 %s 上"
+
+#, c-format
+msgid " from %.*s"
+msgstr " æ¥è‡ª %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"超过登录时间\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "用法:logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "用法:newgrp [-] [组]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "用法:sg 组 [[-c] 命令]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: 写入 %s 失败: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "无效的密ç ã€‚\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s:fork 失败:%s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s:GID“%luâ€ä¸å­˜åœ¨\n"
+
+msgid "too many groups\n"
+msgstr "用户组过多\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr " -r, --system 创建系统å¸å·\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s:“%sâ€ç»„是影å­ç»„,但是ä¸å­˜åœ¨äºŽ /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s:无效的用户 ID“%sâ€\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s:无效的用户å“%sâ€\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s:第 %d 行:无效行\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s:ä¸èƒ½æ›´æ–°ç”¨æˆ· %s çš„æ¡ç›® (ä¸å­˜åœ¨äºŽ passwd æ•°æ®åº“)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s:第 %d 行:无法创建用户\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s:第 %d 行:无法创建组\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s:第 %d 行:用户â€%s“ä¸å­˜åœ¨äºŽ %s 中\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s:第 %d 行:无法更新密ç \n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s:第 %d 行:创建目录 %s 失败:%s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s:第 %d è¡Œï¼šæ”¹å˜ %s 的属主失败:%s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s:第 %d 行:无法更新æ¡ç›®\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s:准备新 %s æ¡ç›®â€œ%sâ€å¤±è´¥\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s:无法创建用户\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s 无法更新组文件\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr " -a, --all 报告所有å¸æˆ·çš„密ç çŠ¶æ€\n"
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr " -d, --delete 删除指定å¸æˆ·çš„密ç \n"
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr " -e, --expire 强制使指定å¸æˆ·çš„密ç è¿‡æœŸ\n"
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr " -k, --keep-tokens 仅在过期åŽä¿®æ”¹å¯†ç \n"
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr " -i, --inactive INACTIVE 密ç è¿‡æœŸåŽè®¾ç½®å¯†ç ä¸æ´»åŠ¨ä¸º INACTIVE\n"
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr " -l, --lock é”定指定的å¸æˆ·\n"
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+" -n, --mindays MIN_DAYS 设置到下次修改密ç æ‰€é¡»ç­‰å¾…的最短天数\n"
+" 为 MIN_DAYS\n"
+
+msgid " -q, --quiet quiet mode\n"
+msgstr " -q, --quiet 安é™æ¨¡å¼\n"
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr " -r, --repository REPOSITORY 在 REPOSITORY 库中改å˜å¯†ç \n"
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr " -S, --status 报告指定å¸æˆ·å¯†ç çš„状æ€\n"
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr " -u, --unlock 解é”被指定å¸æˆ·\n"
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr " -w, --warndays WARN_DAYS 设置过期警告天数为 WARN_DAYS\n"
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+" -x, --maxdays MAX_DAYS 设置到下次修改密ç æ‰€é¡»ç­‰å¾…的最多天数\n"
+" 为 MAX_DAYS\n"
+
+msgid "Old password: "
+msgstr "旧密ç ï¼š"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"请输入新密ç (最少 %d 个字符)\n"
+"请混åˆä½¿ç”¨å¤§å°å†™å­—æ¯å’Œæ•°å­—。\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"请输入新密ç (最少 %d 最多 %d 个字符)\n"
+"请混åˆä½¿ç”¨å¤§å°å†™å­—æ¯å’Œæ•°å­—。\n"
+
+msgid "New password: "
+msgstr "新密ç ï¼š"
+
+msgid "Try again."
+msgstr "é‡è¯•ã€‚"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"警告:脆弱的密ç (é‡æ–°è¾“入以强制使用它)。"
+
+msgid "They don't match; try again.\n"
+msgstr "它们并ä¸åŒ¹é…;请é‡è¯•ã€‚\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "无法更改 %s 的密ç ã€‚\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "尚无法更改 %s 的密ç ã€‚\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s:解é”密ç å°†äº§ç”Ÿä¸€ä¸ªæ²¡æœ‰å¯†ç çš„账户。\n"
+"您应该使用 usermod -p æ¥ä¸ºæ­¤è´¦æˆ·è®¾ç½®å¯†ç å¹¶è§£é”。\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s:ä¸æ”¯æŒ %s 存储。\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s:%s 没有被授æƒæ›´æ”¹ %s 的密ç \n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s:您ä¸èƒ½æŸ¥çœ‹æˆ–更改 %s 的密ç ä¿¡æ¯ã€‚\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "正在为 %s 修改密ç \n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s 的密ç æœªè¢«æ”¹å˜ã€‚\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s:密ç å·²æ›´æ”¹ã€‚\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s:密ç è¿‡æœŸä¿¡æ¯å·²æ›´æ”¹ã€‚\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法:%s [选项] [passwd]\n"
+"\n"
+"选项:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法:%s [选项] [passwd [shadow]]\n"
+"\n"
+"选项:\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr " -q, --quiet åªæŠ¥å‘Šé”™è¯¯\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr "%s:USE_TCB å¯ç”¨æ—¶æ²¡æœ‰å…许的替代影å­æ–‡ä»¶ã€‚\n"
+
+msgid "invalid password file entry"
+msgstr "无效的密ç æ–‡ä»¶é¡¹"
+
+msgid "duplicate password entry"
+msgstr "é‡å¤çš„密ç é¡¹"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "无效的用户å“%sâ€\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "无效的用户 ID“%luâ€\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "用户“%sâ€ï¼šæ—  %lu 组\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "用户“%sâ€ï¼šç›®å½• %s ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "用户“%sâ€ï¼šç¨‹åº %s ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "没有 %s 的 tcb 目录\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "为 %s 创建 tcb 文件?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "为 %s 创建 tcb 目录失败\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s:无法é”定 %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "在 %s 中没有匹é…的密ç æ–‡ä»¶é¡¹\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "在 %s 中添加用户“%sâ€ï¼Ÿ"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr "用户 %s 在 %s 中有一个æ¡ç›®ï¼Œä½†æ˜¯å®ƒåœ¨ %s 中的密ç å­—段没有设置为“xâ€\n"
+
+msgid "invalid shadow password file entry"
+msgstr "无效的影å­å¯†ç æ–‡ä»¶é¡¹"
+
+msgid "duplicate shadow password entry"
+msgstr "é‡å¤çš„å½±å­å¯†ç æ–‡é¡¹"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "用户 %s:未æ¥æœ€è¿‘的密ç æ”¹åŠ¨\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s:在 %s 中无法排åºæ¡ç›®\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s:ä¸èƒ½ä¸Ž tcb é…åˆä½¿ç”¨\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s:将 %s 的模å¼æ›´æ”¹ä¸º 0600 失败\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "su 到该å¸æˆ·è¢«æ‹’。\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "忽略密ç è®¤è¯\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "请输入您*自己*的密ç ä½œä¸ºéªŒè¯ã€‚\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s:无法 fork 用户 shell\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s:信å·æ•…éšœ\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s:信å·å±è”½(mask)æ•…éšœ\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "会è¯ç»“æŸï¼Œç»“æŸ shell ..."
+
+msgid " ...killed.\n"
+msgstr " ...已被æ€æ­»ã€‚\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...等待å­è¿›ç¨‹ç»“æŸã€‚\n"
+
+msgid " ...terminated.\n"
+msgstr " ...已结æŸã€‚\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s:%s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"用法:su [选项] [登录]\n"
+"\n"
+"选项:\n"
+" -c, --command COMMAND\t\tå°† COMMAND 传递至å¯åŠ¨çš„ shell\n"
+" -h, --help\t\t\t显示此帮助信æ¯å¹¶é€€å‡º\n"
+" -, -l, --login\t\t将 shell 设为登录 shell\n"
+" -m, -p,\n"
+" --preserve-environment\tä¸é‡ç½®çŽ¯å¢ƒå˜é‡å¹¶ä¿æŒåŒä¸€ shell\n"
+" -s, --shell SHELL\t\t使用 SHELL è€Œéž passwd 中的默认值\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s:%s\n"
+"(忽略)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "æ‚¨æ²¡æœ‰è¢«æŽˆæƒ su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(请输入您自己的密ç )"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s:验è¯å¤±è´¥\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%sï¼šé‚£æ—¶ï¼Œæ‚¨æ²¡æœ‰è¢«æŽˆæƒ su\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "没有用户“%sâ€çš„密ç é¡¹\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s:必须从终端中执行\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s:pam_start:错误 %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s:无法放弃控制终端\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "无法执行 %s\n"
+
+msgid "No password file"
+msgstr "没有密ç æ–‡ä»¶"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY 失败"
+
+msgid "No password entry for 'root'"
+msgstr "没有“rootâ€çš„密ç é¡¹"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"敲击 control-d 继续使用普通å¸æˆ·çŽ¯å¢ƒï¼Œ\n"
+"(或者输入 root 密ç ä»¥è¿›è¡Œç³»ç»Ÿç»´æŠ¤):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "正在进入系统维护模å¼"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s:%s å·²ç»åˆ›å»ºï¼Œä½†æ˜¯ä¸èƒ½åˆ é™¤\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: %s é…ç½®(ä½äºŽ %s) 将被忽略\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s:无法创建新的默认文件\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s:无法打开新的默认文件\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s:%s 中行太长:%s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s:无法创建符å·é“¾æŽ¥ %s:%s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s:改å:%s:%s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s:“%sâ€ç»„是一个 NIS 组。\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s:指定了过多组(最多 %d)。\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法:%s [选项] 登录\n"
+" %s -D\n"
+" %s -D [选项]\n"
+"\n"
+"选项:\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr " -b, --base-dir BASE_DIR\t新账户的主目录的基目录\n"
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr " -c, --comment COMMENT 新账户的 GECOS 字段\n"
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr " -d, --home-dir HOME_DIR 新账户的主目录\n"
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr " -D, --defaults\t\t显示或更改默认的 useradd é…ç½®\n"
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr " -e, --expiredate EXPIRE_DATE 新账户的过期日期\n"
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr " -f, --inactive INACTIVE 新账户的密ç ä¸æ´»åŠ¨æœŸ\n"
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr " -g, --gid GROUP\t\t新账户主组的å称或 ID\n"
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr " -G, --groups GROUPS\t新账户的附加组列表\n"
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr " -k, --skel SKEL_DIR\t使用此目录作为骨架目录\n"
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr " -l, --no-log-init\tä¸è¦å°†æ­¤ç”¨æˆ·æ·»åŠ åˆ°æœ€è¿‘登录和登录失败数æ®åº“\n"
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr " -m, --create-home\t创建用户的主目录\n"
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr " -M, --no-create-home\t\tä¸åˆ›å»ºç”¨æˆ·çš„主目录\n"
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr " -N, --no-user-group\tä¸åˆ›å»ºåŒå的组\n"
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr " -o, --non-unique\t\tå…许使用é‡å¤çš„ UID 创建用户\n"
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr " -p, --password PASSWORD\t\t加密åŽçš„新账户密ç \n"
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr " -s, --shell SHELL\t\t新账户的登录 shell\n"
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr " -u, --uid UID\t\t\t新账户的用户 ID\n"
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr " -U, --user-group\t\t创建与用户åŒå的组\n"
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr " -Z, --selinux-user SEUSER\t\t为 SELinux 用户映射使用指定 SEUSER\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s:无效的基目录“%sâ€\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s:无效的注释“%sâ€\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s:无效的主目录“%sâ€\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s:-e å‚数需è¦æœ‰å½±å­å¯†ç \n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s:-f å‚数需è¦æœ‰å½±å­å¯†ç \n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s:无效的字段“%sâ€\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s:无效的 shell“%sâ€\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z 选项è¦æ±‚内核å¯ç”¨ SELinux\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s:é‡ç½® UID %lu 的登录失败æ¡ç›®å¤±è´¥ï¼š%s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s:é‡ç½® UID %lu 的最近登录æ¡ç›®å¤±è´¥ï¼š%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s:准备新 %s æ¡ç›®â€œ%sâ€å¤±è´¥\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s:无法创建目录 %s\n"
+
+msgid "Creating mailbox file"
+msgstr "正在创建信箱文件"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr "没有找到“mailâ€ç»„。以 0600 æƒé™æ¨¡å¼åˆ›å»ºç”¨æˆ·çš„信箱文件。\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "正在设置信箱文件访问æƒé™"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s:用户“%sâ€å·²å­˜åœ¨\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr "%s:%s 组已ç»å­˜åœ¨ - 如果您想将此用户加入到该组,请使用 -g å‚数。\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s:无法创建用户\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s:UID %lu 并ä¸å”¯ä¸€\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s:为 %s 创建 tcb 目录失败\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s:无法创建用户组\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s:无法创建用户\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s:无法创建用户组\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s:警告:此主目录已ç»å­˜åœ¨ã€‚\n"
+"ä¸ä»Ž skel 目录里å‘其中å¤åˆ¶ä»»ä½•æ–‡ä»¶ã€‚\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr "%s:警告:将用户å %s 到 %s SELinux 的用户映射失败。\n"
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr " -f, --force å³ä½¿ä¸å±žäºŽæ­¤ç”¨æˆ·ï¼Œä¹Ÿå¼ºåˆ¶åˆ é™¤æ–‡ä»¶\n"
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr " -r, --remove 删除主目录和邮件池\n"
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr " -Z, --selinux-user 为用户删除所有的 SELinux 用户映射\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s:组“%sâ€æ²¡æœ‰ç§»é™¤ï¼Œå› ä¸ºå®ƒä¸æ˜¯ç”¨æˆ· %s 的主组\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s:组“%sâ€æ²¡æœ‰ç§»é™¤ï¼Œå› ä¸ºå®ƒåŒ…å«å…¶å®ƒæˆå‘˜ã€‚\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s:没有删除 %s 组,因为它是å¦å¤–一个用户的主组。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%1$s:无法从 %3$s 中移除 %2$s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s 邮件池 (%s) 未找到\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s:警告:无法删除 %s:%s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s:%s 并ä¸å±žäºŽ %s,所以ä¸ä¼šåˆ é™¤\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s:无法申请内存,%s çš„ tcb æ¡ç›®æ²¡æœ‰ç§»é™¤ã€‚\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s:无法放弃特æƒï¼š%s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s:无法删除 %s 的内容:%s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s:无法从 %s 中删除 tcb 文件:%s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s:用户 %s 是 NIS 用户\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s:未找到 %s 的主目录“%sâ€\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s:ä¸åˆ é™¤ç›®å½• %s (因为这将删除用户 %s 的主目录)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s:删除目录 %s 时出错\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr "%s:警告:将用户å %s 到 SELinux 的用户映射失败。\n"
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr " -c, --comment 注释 GECOS 字段的新值\n"
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr " -d, --home HOME_DIR 用户的新主目录\n"
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr " -e, --expiredate EXPIRE_DATE 设定å¸æˆ·è¿‡æœŸçš„日期为 EXPIRE_DATE\n"
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+" -f, --inactive INACTIVE 过期 INACTIVE 天数åŽï¼Œè®¾å®šå¯†ç ä¸ºå¤±æ•ˆçŠ¶æ€\n"
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr " -g, --gid GROUP 强制使用 GROUP 为新主组\n"
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr " -G, --groups GROUPS 新的附加组列表 GROUPS\n"
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+" -a, --append GROUP 将用户追加至上边 -G 中æ到的附加组中,\n"
+" 并ä¸ä»Žå…¶å®ƒç»„中删除此用户\n"
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr " -l, --login LOGIN 新的登录å称\n"
+
+msgid " -L, --lock lock the user account\n"
+msgstr " -L, --lock é”定用户å¸å·\n"
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+" -m, --move-home 将家目录内容移至新ä½ç½® (仅于 -d 一起使用)\n"
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr " -o, --non-unique å…许使用é‡å¤çš„(éžå”¯ä¸€çš„) UID\n"
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr " -p, --password PASSWORD å°†åŠ å¯†è¿‡çš„å¯†ç  (PASSWORD) 设为新密ç \n"
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr " -u, --uid UID 用户å¸å·çš„æ–° UID\n"
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr " -U, --unlock 解é”用户å¸å·\n"
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr " -Z, --selinux-user SEUSER 用户账户的新 SELinux 用户映射\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s:解é”用户密ç å°†äº§ç”Ÿæ²¡æœ‰å¯†ç çš„账户。\n"
+"您应该使用 usermod -p 设置密ç å¹¶è§£é”用户密ç ã€‚\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s:用户 %s 已存在于 %s 中\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s:无效的日期“%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s:无效的日期“%sâ€\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s:无选项\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s:-L ,-p 和 -U 标志互斥\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s:-e å’Œ -f å‚数需è¦å½±å­å¯†ç \n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s:UID “%luâ€å·²ç»å­˜åœ¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s:%s 没有被授æƒæ›´æ”¹ %s 的密ç \n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s:目录 %s ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr "%s:先å‰çš„用户目录 (%s) ä¸æ˜¯ç›®å½•ã€‚没有移除它也没有创建主目录。\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s:更改主目录的属主失败"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s:警告:无法将旧的主目录 %s 完全删除"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s:无法将目录 %s 改å为 %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr "%s:将用户 %lu 的登录失败æ¡ç›®å¤åˆ¶ç»™ç”¨æˆ· %lu 失败:%s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr "%s:将用户 %lu 的登录失败æ¡ç›®å¤åˆ¶ç»™ç”¨æˆ· %lu 失败:%s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s:警告:%s ä¸å±žäºŽ %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "改å˜ä¿¡ç®±æ‰€æœ‰è€…失败"
+
+msgid "failed to rename mailbox"
+msgstr "无法为信箱改å"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s:准备新 %s æ¡ç›®â€œ%sâ€å¤±è´¥\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s:准备新 %s æ¡ç›®â€œ%sâ€å¤±è´¥\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s:准备新 %s æ¡ç›®â€œ%sâ€å¤±è´¥\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s:准备新 %s æ¡ç›®â€œ%sâ€å¤±è´¥\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"您已ç»ä¿®æ”¹äº† %s。\n"
+"出于一致性的考虑,您å¯èƒ½éœ€è¦ä¿®æ”¹ %s。\n"
+"请使用命令“%sâ€æ¥è¿›è¡Œè¿™ä¸ªå·¥ä½œã€‚\n"
+
+msgid " -g, --group edit group database\n"
+msgstr " -g, --group 编辑 group æ•°æ®åº“\n"
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr " -p, --passwd 编辑 passwd æ•°æ®åº“\n"
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr " -s, --shadow 编辑 shadow 或 gshadow æ•°æ®åº“\n"
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr " -u, --user è¦ç¼–辑哪个用户的 tcb å½±å­æ–‡ä»¶\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s:移除 %s 失败\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s:%s 没有更改\n"
+
+msgid "failed to create scratch directory"
+msgstr "创建临时目录失败"
+
+msgid "failed to drop privileges"
+msgstr "放弃特æƒå¤±è´¥"
+
+msgid "Couldn't get file context"
+msgstr "无法获å–上下文"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () 失败"
+
+msgid "failed to gain privileges"
+msgstr "获å–特æƒå¤±è´¥"
+
+msgid "Couldn't lock file"
+msgstr "无法é”定文件"
+
+msgid "Couldn't make backup"
+msgstr "无法备份"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nscd ä»¥çŠ¶æ€ %d 退出"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "打开临时文件失败"
+
+msgid "failed to unlink scratch file"
+msgstr "删除(unlink)临时文件失败"
+
+msgid "failed to stat edited file"
+msgstr "获å–编辑过的文件的信æ¯å¤±è´¥"
+
+msgid "failed to allocate memory"
+msgstr "申请内存失败"
+
+msgid "failed to create backup file"
+msgstr "创建备份文件失败"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s:无法æ¢å¤ %s:%s (您的修改在 %s 中)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s:无法为“%sâ€æ‰¾åˆ° tcb 目录\n"
+
+#~ msgid " -c, --crypt-method the crypt method (one of %s)\n"
+#~ msgstr " -c, --crypt-method 加密方法 (%s 之一)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "用法:vipw [选项]\n"
+#~ "\n"
+#~ "选项:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) 失败\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:chage [选项] [登录]\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -d, --lastday 最近日期\t将最近一次密ç è®¾ç½®æ—¶é—´è®¾ä¸ºâ€œæœ€è¿‘日期â€\n"
+#~ " -E, --expiredate 过期日期\tå°†å¸æˆ·è¿‡æœŸæ—¶é—´è®¾ä¸ºâ€œè¿‡æœŸæ—¥æœŸâ€\n"
+#~ " -h, --help\t\t\t显示此帮助信æ¯å¹¶é€€å‡º\n"
+#~ " -I, --inactive INACITVE\t过期 INACTIVE 天数åŽï¼Œè®¾å®šå¯†ç ä¸ºå¤±æ•ˆçŠ¶æ€\n"
+#~ " -l, --list\t\t\t显示å¸æˆ·å¹´é¾„ä¿¡æ¯\n"
+#~ " -m, --mindays 最å°å¤©æ•°\t将两次改å˜å¯†ç ä¹‹é—´ç›¸è·çš„最å°å¤©æ•°è®¾ä¸ºâ€œæœ€å°å¤©æ•°â€\n"
+#~ " -M, --maxdays 最大天数\t将两次改å˜å¯†ç ä¹‹é—´ç›¸è·çš„最大天数设为“最大天数â€\n"
+#~ " -W, --warndays 警告天数\t将过期警告天数设为“警告天数â€\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s:PAM 验è¯å¤±è´¥\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "用法:%s [-f å…¨å] [-r 房间å·] [-w 工作电è¯]\n"
+#~ "\t[-h 家庭电è¯] [-o 其它] [用户]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "用法:%s [-f å…¨å] [-r 房间å·] [-w 工作电è¯] [-h 家庭电è¯]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "用法:%s [选项]\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -c, --crypt-method\t加密方法 (%s 中的一个)\n"
+#~ " -e, --encrypted\t\tæ供的密ç æ˜¯åŠ å¯†è¿‡çš„\n"
+#~ " -h, --help\t\t\t显示此帮助信æ¯ç„¶åŽæŽ¨å‡º\n"
+#~ " -m, --md5\t\t\t使用 MD5 算法加密明文密ç \n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:chsh [选项] [登录]\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -h, --help\t\t\t\t显示此帮助信æ¯å¹¶é€€å‡º\n"
+#~ " -s, --shell SHELL\t\t\t该用户å¸å·çš„新登录 shell\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "用法:expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "ç™»å½•å¤±è´¥ï¼šèŽ·å– UID %lu çš„æ¡ç›®å¤±è´¥\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "登录失败:无法打开 %s:%s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "ç™»å½•å¤±è´¥ï¼šæ— æ³•èŽ·å– %s 的大å°ï¼š%s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "用法:groupdel 组\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "用法:%s [-r] [-s] [组 [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "用法:%s [-r] [-s] [组]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s:-s å’Œ -r ä¸å…¼å®¹\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "用法:grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "用法:grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:lastlog [选项]\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -b, --before DAYS\t仅打å°æ—©äºŽ DAYS 的最近登录记录\n"
+#~ " -h, --help\t\t显示此帮助信æ¯å¹¶é€€å‡º\n"
+#~ " -t, --time DAYS\t仅打å°æ™šäºŽ DAYS 的最近登录记录\n"
+#~ " -u, --user LOGIN\tæ‰“å° LOGIN 用户的最近登录记录\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:passwd [选项] [用户å]\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -a, --all\t\t\t报告所有å¸æˆ·çš„密ç çŠ¶æ€\n"
+#~ " -d, --delete\t\t\t删除指定å¸æˆ·çš„密ç \n"
+#~ " -e, --expire\t\t\t强制使指定å¸æˆ·çš„密ç è¿‡æœŸ\n"
+#~ " -h, --help\t\t\t显示此帮助信æ¯å¹¶é€€å‡º\n"
+#~ " -k, --keep-tokens\t\t仅在过期åŽä¿®æ”¹å¯†ç \n"
+#~ " -i, --inactive INACTIVE\t密ç è¿‡æœŸåŽè®¾ç½®å¯†ç ä¸æ´»åŠ¨ä¸º INACTIVE\n"
+#~ " -l, --lock\t\t\té”定指定的å¸æˆ·\n"
+#~ " -n, --mindays MIN_DAYS\t设置到下次修改密ç æ‰€é¡»ç­‰å¾…的最短天数\n"
+#~ "\t\t\t\t为 MIN_DAYS\n"
+#~ " -q, --quiet\t\t\t安é™æ¨¡å¼\n"
+#~ " -r, --repository REPOSITORY\t在 REPOSITORY 库中改å˜å¯†ç \n"
+#~ " -S, --status\t\t\t报告指定å¸æˆ·å¯†ç çš„状æ€\n"
+#~ " -u, --unlock\t\t\t解é”被指定å¸æˆ·\n"
+#~ " -w, --warndays WARN_DAYS\t设置过期警告天数为 WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS\t设置到下次修改密ç æ‰€é¡»ç­‰å¾…的最多天数\n"
+#~ "\t\t\t\t为 MAX_DAYS\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "用法:%s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "用法:%s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "用法:pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "用法:pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "未知 id:%s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "没有 shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force removal of files,\n"
+#~ " even if not owned by user\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -r, --remove remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:userdel [选项] 登录\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -f, --force\t\tå³ä½¿ä¸å±žäºŽæ­¤ç”¨æˆ·ï¼Œä¹Ÿå¼ºåˆ¶åˆ é™¤æ–‡ä»¶\n"
+#~ " -h, --help\t\t显示此帮组文件并退出\n"
+#~ " -r, --remove\t\t删除主目录和邮箱\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s:用户 %s ç›®å‰å·²ç™»å½•\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --comment COMMENT new value of the GECOS field\n"
+#~ " -d, --home HOME_DIR new home directory for the user account\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP as new primary group\n"
+#~ " -G, --groups GROUPS new list of supplementary GROUPS\n"
+#~ " -a, --append append the user to the supplemental "
+#~ "GROUPS\n"
+#~ " mentioned by the -G option without "
+#~ "removing\n"
+#~ " him/her from other groups\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --login NEW_LOGIN new value of the login name\n"
+#~ " -L, --lock lock the user account\n"
+#~ " -m, --move-home move contents of the home directory to "
+#~ "the\n"
+#~ " new location (use only with -d)\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ " -s, --shell SHELL new login shell for the user account\n"
+#~ " -u, --uid UID new UID for the user account\n"
+#~ " -U, --unlock unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "用法:usermod [选项] 登录\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -c, --comment 注释\t\tGECOS 字段的新值\n"
+#~ " -d, --home HOME_DIR\t\t用户的新主目录\n"
+#~ " -e, --expiredate EXPIRE_DATE\t设定å¸æˆ·è¿‡æœŸçš„日期为 EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE\t过期 INACTIVE 天数åŽï¼Œè®¾å®šå¯†ç ä¸ºå¤±æ•ˆçŠ¶æ€\n"
+#~ " -g, --gid GROUP\t\t强制使用 GROUP 为新主组\n"
+#~ " -G, --groups GROUPS\t\t新的附加组列表 GROUPS\n"
+#~ " -a, --append GROUP\t将用户追加至上边 -G 中æ到的附加组中,\n"
+#~ "\t\t\t\t\t并ä¸ä»Žå…¶å®ƒç»„中删除此用户\n"
+#~ " -h, --help\t\t\t显示此帮助信æ¯å¹¶é€€å‡º\n"
+#~ " -l, --login LOGIN\t\t新的登录å称\n"
+#~ " -L, --lock\t\t\té”定用户å¸å·\n"
+#~ " -m, --move-home\t\t将家目录内容移至新ä½ç½® (仅于 -d 一起使用)\n"
+#~ " -o, --non-unique\t\tå…许使用é‡å¤çš„(éžå”¯ä¸€çš„) UID\n"
+#~ " -p, --password PASSWORD\tå°†åŠ å¯†è¿‡çš„å¯†ç  (PASSWORD) 设为新密ç \n"
+#~ " -s, --shell SHELL\t\t用户å¸å·çš„新登录 shell\n"
+#~ " -u, --uid UID\t\t\t用户å¸å·çš„æ–° UID\n"
+#~ " -U, --unlock\t\t\t解é”用户å¸å·\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s:没有指定标志\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:vipw [选项]\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -g, --group\t\t\t编辑组数æ®åº“\n"
+#~ " -h, --help\t\t\t显示此帮助信æ¯å¹¶é€€å‡º\n"
+#~ " -p, --passwd\t\t\t编辑 passwd æ•°æ®åº“\n"
+#~ " -q, --quiet\t\t\t安é™æ¨¡å¼\n"
+#~ " -s, --shadow\t\t\t编辑 shadow 或 gshadow æ•°æ®åº“\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "用法:%s [输入]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s:无法创建 %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%sï¼šæ— æ³•æ”¹å˜ %s 的所有者和组别\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:faillog [选项]\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -a, --all\t\t\t显示所有用户的登录失败记录\n"
+#~ " -h, --help\t\t\t显示本帮助信æ¯å¹¶é€€å‡º\n"
+#~ " -l, --lock-time 秒数\t\t在登录失败åŽé”定å¸æˆ·â€œç§’æ•°â€ç§’\n"
+#~ " -m, --maximum 最大值\t\t将最大登录失败次数设为“最大值â€\n"
+#~ " -r, --reset\t\t\t将登录失败计数器归零\n"
+#~ " -t, --time 天数\t\t显示最近“天数â€å¤©ä»¥æ¥çš„登录失败记录\n"
+#~ " -u, --user 登录\t\t仅显示用户“登录â€çš„登录失败记录,或设置用户“登\n"
+#~ "\t\t\t\t录â€çš„登录失败计数器åŠé™åˆ¶(如果和 -rã€-m 或 -l 选\n"
+#~ "\t\t\t\t项åˆç”¨)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -f, --force force exit with success status if the\n"
+#~ " specified group already exists\n"
+#~ " -g, --gid GID use GID for the new group\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -o, --non-unique allow create group with duplicate\n"
+#~ " (non-unique) GID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new group\n"
+#~ " -r, --system create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:groupadd [选项] 组\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -f, --force\t\t如果指组已ç»å­˜åœ¨ï¼Œåˆ™å¼ºåˆ¶ä»¥æ­£å¸¸çŠ¶æ€é€€å‡º\n"
+#~ " -g, --gid GID\t\t新组使用 GID\n"
+#~ " -h, --help\t\t\t显示此帮助信æ¯å¹¶é€€å‡º\n"
+#~ " -K, --key KEY=VALUE\t\t覆盖 /etc/login.defs 默认值\n"
+#~ " -o, --non-unique\t\tå…许使用é‡å¤çš„(éžå”¯ä¸€çš„) GID 创建组\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --gid GID force use new GID by GROUP\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
+#~ " -o, --non-unique allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ " -p, --password PASSWORD use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:groupadd [选项] 组\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -f, --force\t\t如果指组已ç»å­˜åœ¨ï¼Œåˆ™å¼ºåˆ¶ä»¥æ­£å¸¸çŠ¶æ€é€€å‡º\n"
+#~ " -g, --gid GID\t\t新组使用 GID\n"
+#~ " -h, --help\t\t\t显示此帮助信æ¯å¹¶é€€å‡º\n"
+#~ " -K, --key KEY=VALUE\t\t覆盖 /etc/login.defs 默认值\n"
+#~ " -o, --non-unique\t\tå…许使用é‡å¤çš„(éžå”¯ä¸€çš„) GID 创建组\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR base directory for the new user account\n"
+#~ " home directory\n"
+#~ " -c, --comment COMMENT set the GECOS field for the new user "
+#~ "account\n"
+#~ " -d, --home-dir HOME_DIR home directory for the new user account\n"
+#~ " -D, --defaults print or save modified default useradd\n"
+#~ " configuration\n"
+#~ " -e, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -g, --gid GROUP force use GROUP for the new user account\n"
+#~ " -G, --groups GROUPS list of supplementary groups for the new\n"
+#~ " user account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --skel SKEL_DIR specify an alternative skel directory\n"
+#~ " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
+#~ " -l, --no-log-init do not add the user to the lastlog and\n"
+#~ " faillog databases\n"
+#~ " -m, --create-home create home directory for the new user\n"
+#~ " account\n"
+#~ " -M, --no-create-home do not create user's home directory\n"
+#~ " (overrides /etc/login.defs)\n"
+#~ " -N, --no-user-group do not create a group with the same name "
+#~ "as\n"
+#~ " the user\n"
+#~ " -o, --non-unique allow create user with duplicate\n"
+#~ " (non-unique) UID\n"
+#~ " -p, --password PASSWORD use encrypted password for the new user\n"
+#~ " account\n"
+#~ " -r, --system create a system account\n"
+#~ " -s, --shell SHELL the login shell for the new user account\n"
+#~ " -u, --uid UID force use the UID for the new user "
+#~ "account\n"
+#~ " -U, --user-group create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "用法:useradd [选项] 用户å\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --base-dir BASE_DIR\t新用户å¸å·å®¶ç›®å½•çš„主目录(base directory)\n"
+#~ " -c, --comment 注释\t\t为新用户å¸å·è®¾ç½®â€œæ³¨é‡Šâ€æ \n"
+#~ " -d, --home-dir HOME_DIR\t新用户å¸å·çš„家目录\n"
+#~ " -D, --defaults\t\t打å°æˆ–ä¿å­˜ä¿®æ”¹è¿‡çš„ useradd 默认设置\n"
+#~ " -e, --expiredate EXPIRE_DATE\t设定å¸æˆ·è¿‡æœŸçš„日期为 EXPIRE_DATE\n"
+#~ " -f, --inactive INACTIVE\t过期 INACTIVE 天数åŽï¼Œè®¾å®šå¯†ç ä¸ºå¤±æ•ˆçŠ¶æ€\n"
+#~ " -g, --gid GROUP\t\t强制将新用户å¸å·çš„组设置为 GROUP\n"
+#~ " -G, --groups GROUPS\t\t新用户å¸å·çš„补充组列表\n"
+#~ " -h, --help\t\t\t显示此帮助信æ¯å¹¶é€€å‡º\n"
+#~ " -k, --skel SKEL_DIR\t\t指定å¦ä¸€æ›¿ä»£çš„ skel 目录\n"
+#~ " -K, --key KEY=VALUE\t\t覆盖 /etc/login.defs 默认值\n"
+#~ " -m, --create-home\t\t为新用户å¸å·åˆ›å»ºå®¶ç›®å½•\n"
+#~ " -o, --non-unique\t\tå…许以é‡å¤çš„(éžå”¯ä¸€çš„) UID 创建用户\n"
+#~ " -p, --password PASSWORD\t为新用户å¸å·è®¾å®šåŠ å¯†è¿‡çš„å¯†ç  (PASSWORD)\n"
+#~ " -s, --shell SHELL\t\t新用户å¸å·çš„登录 shell\n"
+#~ " -u, --uid UID\t\t\t强制将新用户å¸å·çš„ id 设为 UID\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "已设定密ç è¿‡æœŸæ—¶é—´ã€‚"
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s:无法é”定密ç æ–‡ä»¶\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s:无法打开密ç æ–‡ä»¶\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s:无法é”定影å­å¯†ç æ–‡ä»¶\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s:无法打开影å­å¯†ç æ–‡ä»¶\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s:无法é‡å†™å½±å­å¯†ç æ–‡ä»¶\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s:无法é‡å†™å¯†ç æ–‡ä»¶\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s:无法更新影å­å¯†ç æ–‡ä»¶\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tå…¨å:%s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\t房间å·ç ï¼š%s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\t工作电è¯ï¼š%s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\t家庭电è¯ï¼š%s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "无法é”定密ç æ–‡ä»¶ï¼›ç¨åŽå†è¯•ã€‚\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "无法打开密ç æ–‡ä»¶ã€‚\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s:未在 /etc/passwd 中找到 %s\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "更改密ç æ¡ç›®æ—¶å‡ºé”™ã€‚\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "无法æ交密ç æ–‡ä»¶æ”¹åŠ¨ã€‚\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "无法解é”密ç æ–‡ä»¶ã€‚\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s:无法é”定组文件\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s:无法打开组文件\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s:无法é”定 gshadow 文件\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s:无法打开影å­æ–‡ä»¶\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s:更新影å­æ–‡ä»¶æ—¶å‡ºé”™ã€‚\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s:更新组æ¡ç›®æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s:第 %d 行:未知组 %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s:第 %d 行:无法更新æ¡ç›®\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s:无法é”定影å­æ–‡ä»¶\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s:更新影å­æ–‡ä»¶æ—¶å‡ºé”™ã€‚\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s:更新密ç æ–‡ä»¶æ—¶å‡ºé”™ã€‚\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s:第 %d 行:未知用户 %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s:第 %d 行:无法更新密ç æ¡ç›®\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s:未知用户\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "未知用户:%s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "用法:%s [-r|-R] 组\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a 用户] 组\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d 用户] 组\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A 用户,...] [-M 用户,...] 组\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M 用户,...] 组\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s:无法获得é”\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s:无法获得影å­é”\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s:无法打开文件\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s:无法é‡å†™å½±å­æ–‡ä»¶\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s 无法解é”文件。\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s:无法更新æ¡ç›®\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s:无法更新影å­æ¡ç›®\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "未知组:%s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s:无法打开文件\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s:无法打开影å­æ–‡ä»¶\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "你是è°ï¼Ÿ\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s:未知æˆå‘˜ %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s:增加新组æ¡ç›®æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s:无法é‡å†™ç»„文件\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s:无法é‡å†™å½±å­ç»„文件\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s:无法é”定组文件\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s:无法打开组文件\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s:无法é”定影å­ç»„文件\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s:无法打开影å­ç»„文件\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s:GID %u 并ä¸å”¯ä¸€\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s:删除组æ¡ç›®æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s:删除影å­ç»„æ¡ç›®æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s:ä¸èƒ½åˆ é™¤ç”¨æˆ·çš„主组。\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "没有找到è¦åˆ é™¤çš„æˆå‘˜\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr "用法:groupmems -a 用户å | -d 用户å | -D | -l [-g 组å]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "åªæœ‰ root 能å‘ä¸åŒçš„组里添加æˆå‘˜\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM 验è¯å¤±è´¥äºŽ\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "无法é”定组文件\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "无法关闭组文件\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s:未在 /etc/group 中找到 %s\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s:%u ä¸æ˜¯ä¸€ä¸ªç‹¬æœ‰çš„ GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s:%s ä¸æ˜¯ä¸€ä¸ªç‹¬æœ‰çš„å称\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s:无法é‡å†™å¯†ç æ–‡ä»¶\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s:无法é”定密ç æ–‡ä»¶\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s:无法打开密ç æ–‡ä»¶\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s:无法为 %s æ›´æ–°å½±å­æ¡ç›®\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s:无法更新 %s 组的æ¡ç›®\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s:无法é”定影å­ç»„文件\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s:无法打开影å­ç»„文件\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s:无法删除影å­ç»„ %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s:无法更新影å­ç»„文件\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s:无法删除影å­ç»„文件\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "未知的 UID:%u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "未知的 GID:%lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s:%s 组ä¸å­˜åœ¨\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s:用户 %s ä¸å­˜åœ¨\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s:无效的用户å“%sâ€\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s:无法é”定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s:无法é”定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s:无法é”定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s:无法é”定 /etc/passwd。\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s:无法打开文件\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s:更新文件出错\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s:无法为 %s 更新密ç æ¡ç›®\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s:无法é”定密ç æ–‡ä»¶\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s:无法打开密ç æ–‡ä»¶\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s:无法为 %s 删除影å­æ¡ç›®\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s:无法更新密ç æ–‡ä»¶\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s:ä¸èƒ½æ›´æ–°ç”¨æˆ· %s çš„æ¡ç›®\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s:无法删除影å­å¯†ç æ–‡ä»¶\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s:未知的 GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s:未知的组 %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s:update_gshadow 内存溢出\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s:无法é‡å†™å¯†ç æ–‡ä»¶\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s:无法é‡å†™å½±å­å¯†ç æ–‡ä»¶\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s:无法é”定影å­å¯†ç æ–‡ä»¶\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s:无法打开影å­å¯†ç æ–‡ä»¶\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s:é”定组文件时出错\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s:打开组文件时出错\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s:é”定影å­ç»„文件时出错\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s:打开影å­ç»„文件时出错\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s:加入新密ç é¡¹æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s:加入新影å­å¯†ç é¡¹æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s:警告:CREATE_HOME 未被支æŒï¼Œè¯·ä½¿ç”¨ -m å‚数。\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s:更新组æ¡ç›®æ—¶å‡ºé”™\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s:更新组æ¡ç›®æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s:无法打开组文件\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s:无法打开影å­ç»„文件\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s:删除密ç é¡¹æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s:删除影å­å¯†ç é¡¹æ—¶å‡ºé”™\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s:增加新组æ¡ç›®æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s:uid %lu ä¸å”¯ä¸€\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s:改å˜å¯†ç é¡¹æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s:删除密ç é¡¹æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s:删除影å­å¯†ç é¡¹æ—¶å‡ºé”™\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s:无法获å–独有的 GID\n"
+
+#, fuzzy
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " 在“%.100sâ€ä¸Šï¼Œæ¥è‡ªâ€œ%.200sâ€"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr "在“%.100sâ€ä¸Š"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s:第 %d 行:无法创建 UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s:å称 %s 并ä¸å”¯ä¸€\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:chpasswd [选项]\n"
+#~ "\n"
+#~ "选项:\n"
+#~ " -e, --encrypted\t所æ供的密ç æ˜¯åŠ å¯†è¿‡çš„\n"
+#~ " -h, --help\t\t显示此帮助信æ¯å¹¶é€€å‡º\n"
+#~ " -m, --md5\t\t如果所æ供的密ç å°šæœªè¢«åŠ å¯†ï¼Œä½¿ç”¨ MD5 è€Œéž DES 进行加密\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "没有密ç æ–‡ä»¶\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "抱歉。\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "抱歉,无法更改 %s 的密ç ã€‚\n"
+
+#~ msgid "Sorry."
+#~ msgstr "抱歉"
+
+#~ msgid "Usage: %s [-s shell] [name]\n"
+#~ msgstr "用法:%s [-s shell] [å称]\n"
+
+#~ msgid "Usage: groupmod [-g gid [-o]] [-n name] group\n"
+#~ msgstr "用法:groupmod [-g gid [-o]] [-n å称] 组\n"
+
+#~ msgid ""
+#~ "No group named \"mail\" exists, creating mail spool with mode 0600.\n"
+#~ msgstr "ä¸å­˜åœ¨å«åšâ€œmailâ€çš„组,将以 0600 的文件æƒé™åˆ›å»ºé‚®ä»¶ spool。\n"
+
+#~ msgid "Can't create mail spool for user %s.\n"
+#~ msgstr "ä¸èƒ½ä¸ºç”¨æˆ· %s 创建邮件 spool。\n"
+
+#~ msgid "Usage: %s [-r] name\n"
+#~ msgstr "用法:%s [-r] å称\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "Login incorrect\n"
+#~ msgstr ""
+#~ "\n"
+#~ "登录错误\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage:\n"
+#~ "`vipw' edits /etc/passwd `vipw -s' edits /etc/shadow\n"
+#~ "`vigr' edits /etc/group `vigr -s' edits /etc/gshadow\n"
+#~ "`{vipw|vigr} -q' quiet mode\n"
+#~ msgstr ""
+#~ "用法:\n"
+#~ "“vipw†编辑 /etc/passwd “vipw -s†编辑 /etc/shadow\n"
+#~ "“vigr†编辑 /etc/group “vigr -s†编辑 /etc/gshadow\n"
+
+#~ msgid "%s: PAM chauthtok failed\n"
+#~ msgstr "%s:PAM chauthtok 失败\n"
+
+#, fuzzy
+#~ msgid "Usage: %s\t[-u uid [-o]] [-g group] [[-G group,...] [-a]] \n"
+#~ msgstr "用法:%s\t[-u uid [-o]] [-g 组] [-G 组,...] \n"
+
+#~ msgid "\t\t[-d home [-m]] [-s shell] [-c comment] [-l new_name]\n"
+#~ msgstr "\t\t[-d 主目录 [-m]] [-s shell] [-c 注释] [-l æ–°å称]\n"
+
+#~ msgid "[-f inactive] [-e expire] "
+#~ msgstr "[-f 失效日] [-e 过期日] "
+
+#~ msgid "[-p passwd] [-L|-U] name\n"
+#~ msgstr "[-p 密ç ] [-L|-U] å称\n"
diff --git a/po/zh_TW.po b/po/zh_TW.po
new file mode 100644
index 0000000..d43bc13
--- /dev/null
+++ b/po/zh_TW.po
@@ -0,0 +1,3214 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# Asho S.Y. Yeg <asho@debian.org.tw>, 2004.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.9\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2005-06-02 22:20+0800\n"
+"Last-Translator: Asho Yeh <asho@debian.org.tw>\n"
+"Language-Team: Chinese (traditional) <zh-l10n@linux.org.tw>\n"
+"Language: zh_TW\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Poedit-Language: Chinese\n"
+"X-Poedit-Country: TAIWAN\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "無法為設定訊æ¯é…置空間。\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "é…置錯誤 - 未知項目“%sâ€(請通知管ç†å“¡)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "密碼:"
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s 的密碼:"
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "無法為設定訊æ¯é…置空間。\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "正在為 %s 修改年齡訊æ¯\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s:無法確定您的使用者å稱。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s:第 %d 行:無法找到使用者 %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s:記憶體ä¸è¶³\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s:無法更新檔案 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s:無效的主目錄“%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s:無法將目錄 %s 改å為 %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s:警告:無法刪除"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s:警告:無法刪除"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s:更å:%s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s:無法將目錄 %s 改å為 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s:無法將目錄 %s 改å為 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s:警告:無法刪除"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s:警告:無法刪除"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s:無法更新檔案 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s:無法更新shadow檔案\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s:更å:%s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s:無法打開檔案 %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "警告:未知群組 %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "警告:使用者群組éŽå¤š\n"
+
+msgid "Your password has expired."
+msgstr "您的密碼已éŽæœŸã€‚"
+
+msgid "Your password is inactive."
+msgstr "您的密碼已失效。"
+
+msgid "Your login has expired."
+msgstr "您的帳戶已éŽæœŸã€‚"
+
+msgid " Contact the system administrator."
+msgstr " è«‹è¯ç¹«ç³»çµ±ç®¡ç†å“¡ã€‚"
+
+msgid " Choose a new password."
+msgstr " è«‹é¸æ“‡ä¸€å€‹æ–°å¯†ç¢¼ã€‚"
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "您的密碼將在 %ld 天內éŽæœŸã€‚\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "您的密碼將在明天éŽæœŸã€‚"
+
+msgid "Your password will expire today."
+msgstr "您的密碼今天éŽæœŸã€‚"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "無法改變 tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s:字段太長\n"
+
+#, fuzzy, c-format
+msgid "%s: "
+msgstr "passwd:%s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "環境溢ä½\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "您ä¸æ‡‰è©²æ”¹è®Š $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"è·é›¢ä¸Šä¸€æ¬¡ç™»éŒ„已有 %d 次登錄失敗。\n"
+"最後一次是 %s 在 %s 上。\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "改變信箱所有者失敗"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s:無法ç²å–ç¨æœ‰çš„ gid\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s:無法ç²å–ç¨æœ‰çš„ gid\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s:無法ç²å–ç¨æœ‰çš„ gid\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s:無法ç²å–ç¨æœ‰çš„ gid\n"
+
+msgid "Too many logins.\n"
+msgstr "éŽå¤šç™»éŒ„數é‡ã€‚\n"
+
+msgid "You have new mail."
+msgstr "您有新信件。"
+
+msgid "No mail."
+msgstr "無信件。"
+
+msgid "You have mail."
+msgstr "您有信件。"
+
+#, fuzzy
+msgid "no change"
+msgstr "%s:無改變\n"
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s. "
+msgstr "錯誤的密碼:%s。 "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() 失敗,錯誤 %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd:%s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "密碼已更改。"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd:密碼已æˆåŠŸåœ°è®Šæ›´\n"
+
+#, fuzzy, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "“%sâ€çš„密碼ä¸æ­£ç¢º\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s:無效的ä½å®¶é›»è©±ï¼šâ€œ%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "無法進入“%sâ€ç›®éŒ„\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "沒有目錄,將以 HOME=/ 登入"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "無法執行 %s"
+
+#, fuzzy, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "無效的根目錄“%sâ€\n"
+
+#, fuzzy, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "無法將根目錄改變為“%sâ€\n"
+
+#, fuzzy
+msgid "Unable to determine your tty name."
+msgstr "%s:無法確定您的使用者å稱。\n"
+
+#, fuzzy
+msgid "No"
+msgstr "å–消"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "用法:%s [輸入]\n"
+
+msgid ""
+" -d, --lastday LAST_DAY set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid " -h, --help display this help message and exit\n"
+msgstr ""
+
+msgid ""
+" -I, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -l, --list show account aging information\n"
+msgstr ""
+
+msgid ""
+" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid " -R, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid ""
+" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "請輸入新值,或直接按 ENTER éµä»¥ä½¿ç”¨é è¨­å€¼"
+
+msgid "Minimum Password Age"
+msgstr "密碼期é™æœ€å°å€¼"
+
+msgid "Maximum Password Age"
+msgstr "密碼期é™æœ€å¤§å€¼"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "最近一次密碼修改時間 (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "密碼éŽæœŸè­¦å‘Š"
+
+msgid "Password Inactive"
+msgstr "密碼失效"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "帳戶éŽæœŸæ™‚é–“ (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "最近一次密碼修改時間\t\t\t\t\t:"
+
+msgid "never"
+msgstr "從ä¸"
+
+msgid "password must be changed"
+msgstr "密碼已更改。"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "密碼éŽæœŸ\t\t\t\t\t:"
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "密碼失效\t\t\t\t\t:"
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "帳戶éŽæœŸ\t\t\t\t\t:"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "最少必須相隔幾天æ‰èƒ½æ”¹è®Šå¯†ç¢¼\t\t\t\t:%ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "最多必須相隔幾天æ‰èƒ½æ”¹è®Šå¯†ç¢¼\t\t\t\t:%ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "在密碼將è¦éŽæœŸä¹‹å‰å¤šå°‘天會發出警告\t\t\t\t:%ld\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s:無效日期“%sâ€\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s:無效的數字åƒæ•¸â€œ%sâ€\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s:請ä¸è¦èˆ‡å…¶å®ƒæ¨™èªŒä¸€åŒä½¿ç”¨â€œlâ€\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s:權é™è¢«æ‹’。\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s:無法確定您的使用者å稱。\n"
+
+#, fuzzy, c-format
+msgid "%s: PAM: %s\n"
+msgstr "passwd:%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s:無法鎖定檔案,請ç¨å¾Œå†è©¦ã€‚\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s:無法打開檔案 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s:無法打開影å­å¯†ç¢¼æ–‡ä»¶\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s:使用者 %s ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "正在為 %s 修改年齡訊æ¯\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s:改變字段時出錯\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "用法:%s [輸入]\n"
+
+msgid " -f, --full-name FULL_NAME change user's full name\n"
+msgstr ""
+
+msgid " -h, --home-phone HOME_PHONE change user's home phone number\n"
+msgstr ""
+
+msgid " -o, --other OTHER_INFO change user's other GECOS information\n"
+msgstr ""
+
+msgid " -r, --room ROOM_NUMBER change user's room number\n"
+msgstr ""
+
+msgid " -u, --help display this help message and exit\n"
+msgstr ""
+
+msgid " -w, --work-phone WORK_PHONE change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "å…¨å"
+
+#, fuzzy, c-format
+msgid "\t%s: %s\n"
+msgstr "passwd:%s\n"
+
+msgid "Room Number"
+msgstr "房間號碼"
+
+msgid "Work Phone"
+msgstr "工作電話"
+
+msgid "Home Phone"
+msgstr "ä½å®¶é›»è©±"
+
+msgid "Other"
+msgstr "其它"
+
+msgid "Cannot change ID to root.\n"
+msgstr "無法改變 ID æˆ root。\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s:無效的å稱:“%sâ€\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s:無效的房間號碼:“%sâ€\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s:無效的ä½å®¶é›»è©±ï¼šâ€œ%sâ€\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s:“%sâ€åŒ…å«ç„¡æ•ˆå­—å…ƒ\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s:“%sâ€åŒ…å«ç„¡æ•ˆå­—å…ƒ\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s:使用者 %s ä¸å­˜åœ¨\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s:ä¸èƒ½åœ¨ NIS 用戶端上修改使用者“%sâ€ã€‚\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s:“%sâ€æ˜¯ç”¨æˆ¶ç«¯çš„ NIS 管ç†å“¡ã€‚\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "正在改變 %s 的使用者訊æ¯\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s:字段太長\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "用法:%s [輸入]\n"
+
+#, c-format
+msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n"
+msgstr ""
+
+msgid " -e, --encrypted supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+" -m, --md5 encrypt the clear text password using\n"
+" the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+" crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: do not include \"l\" with other flags\n"
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s:請ä¸è¦èˆ‡å…¶å®ƒæ¨™èªŒä¸€åŒä½¿ç”¨â€œlâ€\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s:第 %d 行:此行太長\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s:第 %d 行:缺少新密碼\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s:%s 群組ä¸å­˜åœ¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s:第 %d 行:無法更新項目\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s:發ç¾éŒ¯èª¤ï¼Œå¿½ç•¥æ›´å‹•\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s:使用者 %s ä¸å­˜åœ¨\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s:使用者 %s ä¸å­˜åœ¨\n"
+
+msgid " -s, --shell SHELL new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "登入 Shell"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "您ä¸èƒ½ç‚º %s 更改 shell。\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "正在更改 %s 的 shell\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s:無效的項目:%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s 是無效的 shell。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s:使用者 %s ä¸å­˜åœ¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s:警告:%s ä¸å±¬æ–¼ %s\n"
+
+msgid " -c, --check check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+" -f, --force force password change if the user's "
+"password\n"
+" is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s:無效的數字åƒæ•¸â€œ%sâ€\n"
+
+msgid " -a, --all display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+" -l, --lock-secs SEC after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+" -m, --maximum MAX set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid " -r, --reset reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+" counters and limits (if used with -r, -m,\n"
+" or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+msgid "Login Failures Maximum Latest On\n"
+msgstr "登入 失敗 最多 最後 在\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [還剩 %lds]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [鎖定 %lds]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "未知使用者:%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s:無法將目錄 %s 改å為 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "用法:%s [輸入]\n"
+
+msgid " -a, --add USER add USER to GROUP\n"
+msgstr ""
+
+msgid " -d, --delete USER remove USER from GROUP\n"
+msgstr ""
+
+msgid " -Q, --root CHROOT_DIR directory to chroot into\n"
+msgstr ""
+
+msgid " -r, --remove-password remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+" -R, --restrict restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid " -M, --members USER,... set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+" -A, --administrators ADMIN,...\n"
+" set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "無法更改 %s 的密碼。\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "無法更改 %s 的密碼。\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s:-A 需è¦shadow群組密碼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s:%s 群組ä¸å­˜åœ¨\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "正在修改 %s 群組的密碼\n"
+
+msgid "New Password: "
+msgstr "新密碼:"
+
+msgid "Re-enter new password: "
+msgstr "è«‹é‡æ–°è¼¸å…¥æ–°å¯†ç¢¼ï¼š"
+
+msgid "They don't match; try again"
+msgstr "他們並ä¸åŒ¹é…﹔請é‡è©¦"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s:請ç¨å¾Œé‡è©¦\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "正在將使用者“%sâ€åŠ å…¥åˆ°â€œ%sâ€ç¾¤çµ„中\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "正在將使用者“%sâ€å¾žâ€œ%sâ€ç¾¤çµ„中刪除\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s:使用者 %s ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s:ä¸æ˜¯ tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "用法:%s [輸入]\n"
+
+msgid ""
+" -f, --force exit successfully if the group already "
+"exists,\n"
+" and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid " -g, --gid GID use GID for the new group\n"
+msgstr ""
+
+msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create groups with duplicate\n"
+" (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid " -r, --system create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s:%s ä¸æ˜¯æœ‰æ•ˆçš„群組å\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "無效的群組å“%sâ€\n"
+
+#, fuzzy, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s:-O éœ€è¦ NAME=VALUE\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s:%s 群組已存在\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s:無法確定您的使用者å稱。\n"
+
+msgid ""
+" -f, --force delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s:無法將目錄 %s 改å為 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s:ä¸èƒ½åœ¨ NIS 用戶端上修改使用者“%sâ€ã€‚\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s:%s 群組ä¸å­˜åœ¨\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s:“%sâ€ç¾¤çµ„是一個 NIS 群組。\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s:%s 是 NIS 管ç†å“¡\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s:使用者 %s 是 NIS 使用者\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s:update_group 時記憶體ä¸è¶³\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "用法:%s [輸入]\n"
+
+msgid ""
+" -g, --group groupname change groupname instead of the user's "
+"group\n"
+" (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+" -a, --add username add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+" -d, --delete username remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid " -p, --purge purge all members from the group\n"
+msgstr ""
+
+msgid " -l, --list list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid " -g, --gid GID change the group ID to GID\n"
+msgstr ""
+
+msgid " -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD change the password to this (encrypted)\n"
+" PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "無效的群組å“%sâ€\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s:%s 群組是一個 NIS 群組\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s:未知使用者:%s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "用法:%s [輸入]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "用法:%s [輸入]\n"
+
+msgid ""
+" -r, --read-only display errors and warnings\n"
+" but do not change files\n"
+msgstr ""
+
+msgid " -s, --sort sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s:-s å’Œ -r 是互ä¸ç›¸å®¹çš„\n"
+
+msgid "invalid group file entry"
+msgstr "無效的群組檔案項目"
+
+#, fuzzy, c-format
+msgid "delete line '%s'? "
+msgstr "刪除“%sâ€è¡Œï¼Ÿ\""
+
+msgid "duplicate group entry"
+msgstr "複製群組項目"
+
+#, fuzzy, c-format
+msgid "invalid group name '%s'\n"
+msgstr "無效的群組å“%sâ€\n"
+
+#, fuzzy, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "無效的群組å“%sâ€\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "%s 群組:無使用者 %s\n"
+
+#, fuzzy, c-format
+msgid "delete member '%s'? "
+msgstr "刪除使用者æˆå“¡â€œ%sâ€å—Žï¼Ÿ"
+
+#, fuzzy, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "沒有找到匹é…的群組檔案項目\n"
+
+#, fuzzy, c-format
+msgid "add group '%s' in %s? "
+msgstr "%s shadow群組:無使用者 %s\n"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "無效的shadow群組檔案項目"
+
+msgid "duplicate shadow group entry"
+msgstr "複製shadow群組項目"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "%s shadow群組:無系統管ç†è€… %s\n"
+
+#, fuzzy, c-format
+msgid "delete administrative member '%s'? "
+msgstr "刪除系統管ç†è€…“%sâ€å—Žï¼Ÿ"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "%s shadow群組:無使用者 %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s:檔案已被更新\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s:無改變\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s:無法更新檔案 %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "用法:id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "用法:id\n"
+
+msgid " groups="
+msgstr " 群組="
+
+msgid ""
+" -b, --before DAYS print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+" -C, --clear clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+" -S, --set set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+" -t, --time DAYS print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+" -u, --user LOGIN print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username Port From Latest"
+msgstr "使用者å 埠號 來自 最後登入時間"
+
+msgid "Username Port Latest"
+msgstr "使用者å 埠號 最後登入時間"
+
+msgid "**Never logged in**"
+msgstr "**從未登入éŽ**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s:無法更新密碼檔案\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "用法:%s [-p] [å稱]\n"
+
+#, c-format
+msgid " %s [-p] [-h host] [-f name]\n"
+msgstr " %s [-p] [-h 主機] [-f å稱]\n"
+
+#, c-format
+msgid " %s [-p] -r host\n"
+msgstr " %s [-p] -r 主機\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "無效的登入時間"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"系統關閉,例行維護"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[忽略斷線è¦æ±‚ -- å…許 root 登入。]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"登入逾時 %d 秒\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s login: "
+msgstr ""
+"\n"
+" %s 使用者å稱:"
+
+#, fuzzy
+msgid "login: "
+msgstr ""
+"\n"
+" %s 使用者å稱:"
+
+#, fuzzy, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "最多必須相隔幾天æ‰èƒ½æ”¹è®Šå¯†ç¢¼\t\t\t\t:%ld\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr "登入錯誤"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s:第 %d 行:無法找到使用者 %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+" %s 使用者å稱:"
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "警告:在短暫的鎖定後將æ¢å¾©ç™»å…¥ã€‚"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "上次登入:%s 在 %s 上"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "上次登入:%.19s 在 %s 上"
+
+#, c-format
+msgid " from %.*s"
+msgstr " 來自 %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "用法:id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "用法:newgrp [-] [群組]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "用法:sg 群組 [[-c] 命令]\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "舊密碼:"
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s:使用者 %s ä¸å­˜åœ¨\n"
+
+msgid "too many groups\n"
+msgstr "使用者群組éŽå¤š\n"
+
+msgid " -r, --system create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s:%s 群組ä¸å­˜åœ¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s:無效使用者å稱“%sâ€\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s:無效使用者å稱“%sâ€\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s:第 %d 行:無效行\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s:ä¸èƒ½æ›´æ–°ä½¿ç”¨è€… %s çš„é …ç›®\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s:第 %d 行:無法建立 GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s:第 %d 行:無法建立 GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s:使用者 %s ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s:第 %d 行:無法更新密碼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s:第 %d 行:建立目錄失敗\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s:第 %d 行:改變æ“有者或群組失敗\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s:第 %d 行:無法更新項目\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s:第 %d 行:無法更新項目\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s:無法建立 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s 無法更新群組檔案\n"
+
+msgid ""
+" -a, --all report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+" -d, --delete delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+" -e, --expire force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid " -k, --keep-tokens change password only if expired\n"
+msgstr ""
+
+msgid ""
+" -i, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid ""
+" -l, --lock lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+" change to MIN_DAYS\n"
+msgstr ""
+
+msgid " -q, --quiet quiet mode\n"
+msgstr ""
+
+msgid ""
+" -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+" -S, --status report password status on the named account\n"
+msgstr ""
+
+msgid ""
+" -u, --unlock unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+" change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "舊密碼:"
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"請輸入新密碼(最少 %d 最多 %d 個字元)\n"
+"è«‹æ··åˆä½¿ç”¨å¤§å°å¯«å­—æ¯å’Œæ•¸å­—。\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"請輸入新密碼(最少 %d 最多 %d 個字元)\n"
+"è«‹æ··åˆä½¿ç”¨å¤§å°å¯«å­—æ¯å’Œæ•¸å­—。\n"
+
+msgid "New password: "
+msgstr "新密碼:"
+
+msgid "Try again."
+msgstr "é‡è©¦ã€‚"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"警告:脆弱的密碼(é‡æ–°è¼¸å…¥ä»¥å¼·åˆ¶ä½¿ç”¨å®ƒ)。"
+
+msgid "They don't match; try again.\n"
+msgstr "他們並ä¸åŒ¹é…﹔請é‡è©¦ã€‚\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "無法更改 %s 的密碼。\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "無法更改 %s 的密碼。\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s:ä¸æ”¯æŒ %s 套件存庫。\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s:您無法替 %s 檢視或修改密碼資訊。\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "正在為 %s 修改密碼\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s 的密碼未被改變。\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "密碼已更改。"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "密碼éŽæœŸè­¦å‘Š"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "用法:%s [輸入]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "用法:%s [輸入]\n"
+
+msgid " -q, --quiet report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "無效的密碼檔案項目"
+
+msgid "duplicate password entry"
+msgstr "é‡å¾©çš„密碼項目"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "無效的使用者å稱“%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "無效的使用者å稱“%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "使用者 %s:無 %u 群組\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "使用者 %s:目錄 %s ä¸å­˜åœ¨\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "使用者 %sï¼šç¨‹å¼ %s ä¸å­˜åœ¨\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s:無法鎖定檔案 %s\n"
+
+#, fuzzy, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "無匹é…的密碼檔案項目\n"
+
+#, fuzzy, c-format
+msgid "add user '%s' in %s? "
+msgstr "%s shadow群組:無使用者 %s\n"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "無效的shadow密碼檔案項目"
+
+msgid "duplicate shadow password entry"
+msgstr "é‡å¾©çš„shadow密碼項目"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "使用者 %s:最近一次密碼更動\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s:無法打開檔案 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s:無法é‡å¯«æª”案\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "su 到該帳戶被拒。\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "忽略密碼èªè¨¼\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "請輸入您自己的密碼作為驗証。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s:無法鎖定檔案 %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s\n"
+msgstr "passwd:%s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+" -c, --command COMMAND pass COMMAND to the invoked shell\n"
+" -h, --help display this help message and exit\n"
+" -, -l, --login make the shell a login shell\n"
+" -m, -p,\n"
+" --preserve-environment do not reset environment variables, and\n"
+" keep the same shell\n"
+" -s, --shell SHELL use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s:%s\n"
+"(忽略)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "您沒有被授權 su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(請輸入您自己的密碼)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s:PAM 驗証失敗\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "您沒有被授權 su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "沒有“rootâ€çš„密碼項目"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s:必須從終端中執行\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s:pam_start:錯誤 %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s:無法將目錄 %s 改å為 %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "無法執行 %s"
+
+msgid "No password file"
+msgstr "沒有密碼檔案"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "沒有“rootâ€çš„密碼項目"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"按下 control-d å³å¯ç¹¼çºŒä½¿ç”¨æ™®é€šå¸³æˆ¶ç’°å¢ƒï¼Œ\n"
+"(或者輸入 root 密碼以進行系統維護):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "正在進入系統維護模å¼"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s:無法建立新的é è¨­æª”案\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s:無法打開新的é è¨­æª”案\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s:第 %d 行:改變æ“有者或群組失敗\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s:更å:%s"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s:“%sâ€ç¾¤çµ„是一個 NIS 群組。\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s:指定了éŽå¤šç¾¤çµ„(最多 %d)。\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+" %s -D\n"
+" %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "用法:%s [輸入]\n"
+
+msgid ""
+" -b, --base-dir BASE_DIR base directory for the home directory of "
+"the\n"
+" new account\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT GECOS field of the new account\n"
+msgstr ""
+
+msgid " -d, --home-dir HOME_DIR home directory of the new account\n"
+msgstr ""
+
+msgid ""
+" -D, --defaults print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+" -g, --gid GROUP name or ID of the primary group of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -G, --groups GROUPS list of supplementary groups of the new\n"
+" account\n"
+msgstr ""
+
+msgid ""
+" -k, --skel SKEL_DIR use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+" -l, --no-log-init do not add the user to the lastlog and\n"
+" faillog databases\n"
+msgstr ""
+
+msgid " -m, --create-home create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -M, --no-create-home do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+" -N, --no-user-group do not create a group with the same name as\n"
+" the user\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow to create users with duplicate\n"
+" (non-unique) UID\n"
+msgstr ""
+
+msgid " -p, --password PASSWORD encrypted password of the new account\n"
+msgstr ""
+
+msgid " -s, --shell SHELL login shell of the new account\n"
+msgstr ""
+
+msgid " -u, --uid UID user ID of the new account\n"
+msgstr ""
+
+msgid ""
+" -U, --user-group create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s:無效的主目錄“%sâ€\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s:無效注釋“%sâ€\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s:無效的主目錄“%sâ€\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s:-e åƒæ•¸éœ€è¦æœ‰shadow密碼\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s:-f åƒæ•¸éœ€è¦æœ‰shadow密碼\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s:無效字段 “%sâ€\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s:無效 shell“%sâ€\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s:第 %d 行:無法更新項目\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s:使用者 %s 已存在\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s:%s 群組已經存在 - 如果您想將此使用者加入到該群組,請使用 -g åƒæ•¸ã€‚\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s:無法建立 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s:gid %u 並ä¸å”¯ä¸€\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s:無法建立 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s:無法建立 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s:無法建立 %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+" -f, --force force removal of files,\n"
+" even if not owned by user\n"
+msgstr ""
+
+msgid " -r, --remove remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s:ä¸èƒ½åœ¨ NIS 用戶端上修改使用者“%sâ€ã€‚\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s:ä¸èƒ½åˆªé™¤ä½¿ç”¨è€…的主群組。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s:無法將目錄 %s 改å為 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s:無效的主目錄“%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s:警告:無法刪除"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s:%s 並ä¸å±¬æ–¼ %s,所以ä¸æœƒåˆªé™¤\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s:無法更新檔案 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s:無法將目錄 %s 改å為 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s:無法將目錄 %s 改å為 %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s:使用者 %s 是 NIS 使用者\n"
+
+#, fuzzy, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s:無效的主目錄“%sâ€\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s:ä¸èƒ½åˆªé™¤ç›®éŒ„ %s (因為這將刪除使用者 %s 的主目錄)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s:刪除目錄 %s 時出錯\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid " -c, --comment COMMENT new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+" -d, --home HOME_DIR new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+" -f, --inactive INACTIVE set password inactive after expiration\n"
+" to INACTIVE\n"
+msgstr ""
+
+msgid " -g, --gid GROUP force use GROUP as new primary group\n"
+msgstr ""
+
+msgid " -G, --groups GROUPS new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+" -a, --append append the user to the supplemental GROUPS\n"
+" mentioned by the -G option without removing\n"
+" him/her from other groups\n"
+msgstr ""
+
+msgid " -l, --login NEW_LOGIN new value of the login name\n"
+msgstr ""
+
+msgid " -L, --lock lock the user account\n"
+msgstr ""
+
+msgid ""
+" -m, --move-home move contents of the home directory to the\n"
+" new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+" -o, --non-unique allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+" -p, --password PASSWORD use encrypted password for the new password\n"
+msgstr ""
+
+msgid " -u, --uid UID new UID for the user account\n"
+msgstr ""
+
+msgid " -U, --unlock unlock the user account\n"
+msgstr ""
+
+msgid " -v, --add-subuids FIRST-LAST add range of subordinate uids\n"
+msgstr ""
+
+msgid " -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"
+msgstr ""
+
+msgid " -w, --add-subgids FIRST-LAST add range of subordinate gids\n"
+msgstr ""
+
+msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+" -Z, --selinux-user SEUSER new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s:使用者 %s 已存在\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s:無效日期“%sâ€\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s:無效日期“%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s:無法打開檔案 %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s:-e å’Œ -f åƒæ•¸éœ€è¦shadow密碼\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s:目錄 %s ä¸å­˜åœ¨\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s:無法建立目錄 %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s:無法將目錄 %s 改å為 %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s:警告:%s ä¸å±¬æ–¼ %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "改變信箱所有者失敗"
+
+msgid "failed to rename mailbox"
+msgstr "無法為信箱改å"
+
+#, fuzzy, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s:字段太長\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s:無效的主目錄“%sâ€\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid " -g, --group edit group database\n"
+msgstr ""
+
+msgid " -p, --passwd edit passwd database\n"
+msgstr ""
+
+msgid " -s, --shadow edit shadow or gshadow database\n"
+msgstr ""
+
+msgid " -u, --user which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s:%s 沒有更改\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "無法為信箱改å"
+
+#, fuzzy
+msgid "failed to drop privileges"
+msgstr "%s:無效的工作電話:“%sâ€\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "無法鎖定檔案"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr "無法鎖定檔案"
+
+msgid "Couldn't make backup"
+msgstr "無法備份"
+
+#, fuzzy, c-format
+msgid "%s: %s: %s\n"
+msgstr "passwd:%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s:未在 /etc/passwd 中找到 %s\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s:無法打開群組檔案\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s:字段太長\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "無法為信箱改å"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "改變信箱所有者失敗"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "無法為信箱改å"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s:無法復原 %s:%s (您的修改在 %s 中)\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s:無效的主目錄“%sâ€\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "用法:%s [輸入]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) 失敗\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -d, --lastday LAST_DAY set date of last password change to "
+#~ "LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -I, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --list show account aging information\n"
+#~ " -m, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -M, --maxdays MAX_DAYS set maximim number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:chage [é¸é …] 使用者\n"
+#~ "\n"
+#~ "é¸é …:\n"
+#~ " -d, --lastday LAST_DAY\t設定密碼的最後修改日期為 LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE\t設定帳號éŽæœŸçš„日期為 EXPIRE\n"
+#~ " -h, --help\t\t\t顯示這份說明文字然後çµæŸ\n"
+#~ " -I, --inactive INACTIVE\t設定密碼在 INACTIVE 天後失效\n"
+#~ " -l, --list\t\t\t顯示帳號期é™çš„相關資訊\n"
+#~ " -m, --mindays MIN_DAYS\t最少必須相隔 MIN_DAYS 天æ‰èƒ½æ”¹è®Šå¯†ç¢¼\n"
+#~ " -M, --maxdays MAX_DAYS\t最多必須相隔 MIN_DAYS 天æ‰èƒ½æ”¹è®Šå¯†ç¢¼\n"
+#~ " -W, --warndays WARN_DAYS\t密碼在éŽæœŸå‰ WARN_DAYS 天會發出警告\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s:PAM 驗証失敗\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "用法:%s [-f å…¨å] [-r 房間號] [-w 工作電話]\n"
+#~ "\t[-h ä½å®¶é›»è©±] [-o 其它] [使用者]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "用法:%s [-f å…¨å] [-r 房間號] [-w 工作電話] [-h ä½å®¶é›»è©±]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -c, --crypt-method the crypt method (one of %s)\n"
+#~ " -e, --encrypted supplied passwords are encrypted\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -m, --md5 encrypt the clear text password using\n"
+#~ " the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "用法:chpasswd [é¸é …]\n"
+#~ "\n"
+#~ "é¸é …:\n"
+#~ " -e, --encrypted\t所æ供的密碼已經éŽåŠ å¯†\n"
+#~ " -h, --help\t\t顯示這份說明文字然後çµæŸ\n"
+#~ " -m, --md5\t\t如果所æ供的密碼沒有加密,則使用 MD5 加密法\n"
+#~ "\t\t\t來替代 DES。\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "用法:expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s:無法打開檔案 %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "用法:groupdel 群組\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "用法:%s [-r] [-s] [群組 [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "用法:%s [-r] [-s] [群組]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s:-s å’Œ -r 是互ä¸ç›¸å®¹çš„\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "用法:groupdel 群組\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "用法:groupdel 群組\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -b, --before DAYS print only lastlog records older than "
+#~ "DAYS\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -t, --time DAYS print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ " -u, --user LOGIN print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:lastlog [é¸é …]\n"
+#~ "\n"
+#~ "é¸é …:\n"
+#~ " -h, --help\t\t顯示這份說明文字然後çµæŸ\n"
+#~ " -t, --time DAYS\tåªåˆ—出 DAYS 天內的歷å²è¨˜éŒ„\n"
+#~ " -u, --user LOGIN\t根據指定的 LOGIN 列出該使用者最後的歷å²è¨˜éŒ„\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all report password status on all accounts\n"
+#~ " -d, --delete delete the password for the named "
+#~ "account\n"
+#~ " -e, --expire force expire the password for the named "
+#~ "account\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -k, --keep-tokens change password only if expired\n"
+#~ " -i, --inactive INACTIVE set password inactive after expiration\n"
+#~ " to INACTIVE\n"
+#~ " -l, --lock lock the password of the named account\n"
+#~ " -n, --mindays MIN_DAYS set minimum number of days before "
+#~ "password\n"
+#~ " change to MIN_DAYS\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -r, --repository REPOSITORY change password in REPOSITORY repository\n"
+#~ " -S, --status report password status on the named "
+#~ "account\n"
+#~ " -u, --unlock unlock the password of the named account\n"
+#~ " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"
+#~ " -x, --maxdays MAX_DAYS set maximum number of days before "
+#~ "password\n"
+#~ " change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:chage [é¸é …] 使用者\n"
+#~ "\n"
+#~ "é¸é …:\n"
+#~ " -d, --lastday LAST_DAY\t設定密碼的最後修改日期為 LAST_DAY\n"
+#~ " -E, --expiredate EXPIRE_DATE\t設定帳號éŽæœŸçš„日期為 EXPIRE\n"
+#~ " -h, --help\t\t\t顯示這份說明文字然後çµæŸ\n"
+#~ " -I, --inactive INACTIVE\t設定密碼在 INACTIVE 天後失效\n"
+#~ " -l, --list\t\t\t顯示帳號期é™çš„相關資訊\n"
+#~ " -m, --mindays MIN_DAYS\t最少必須相隔 MIN_DAYS 天æ‰èƒ½æ”¹è®Šå¯†ç¢¼\n"
+#~ " -M, --maxdays MAX_DAYS\t最多必須相隔 MIN_DAYS 天æ‰èƒ½æ”¹è®Šå¯†ç¢¼\n"
+#~ " -W, --warndays WARN_DAYS\t密碼在éŽæœŸå‰ WARN_DAYS 天會發出警告\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "用法:%s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "用法:%s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "用法:id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "用法:id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "未知 id:%s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "沒有 shell\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s:使用者 %s ç›®å‰å·²ç™»å…¥\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s:沒有指定標誌\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -g, --group edit group database\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -p, --passwd edit passwd database\n"
+#~ " -q, --quiet quiet mode\n"
+#~ " -s, --shadow edit shadow or gshadow database\n"
+#~ " -u, --user which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:lastlog [é¸é …]\n"
+#~ "\n"
+#~ "é¸é …:\n"
+#~ " -h, --help\t\t顯示這份說明文字然後çµæŸ\n"
+#~ " -t, --time DAYS\tåªåˆ—出 DAYS 天內的歷å²è¨˜éŒ„\n"
+#~ " -u, --user LOGIN\t根據指定的 LOGIN 列出該使用者最後的歷å²è¨˜éŒ„\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "用法:%s [輸入]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s:無法建立 %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s:無法改變 %s 的所有者和群組\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -a, --all display faillog records for all users\n"
+#~ " -h, --help display this help message and exit\n"
+#~ " -l, --lock-time SEC after failed login lock account to SEC "
+#~ "seconds\n"
+#~ " -m, --maximum MAX set maximum failed login counters to MAX\n"
+#~ " -r, --reset reset the counters of login failures\n"
+#~ " -t, --time DAYS display faillog records more recent than "
+#~ "DAYS\n"
+#~ " -u, --user LOGIN display faillog record or maintains "
+#~ "failure\n"
+#~ " counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ " options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:faillog [é¸é …]\n"
+#~ "\n"
+#~ "é¸é …:\n"
+#~ " -a, --all\t\t\t顯示所有的使用者的失敗記錄\n"
+#~ " -h, --help\t\t\t顯示這份說明文字然後çµæŸ\n"
+#~ " -l, --lock-time SEC\t\t在登入失敗後,關閉帳號 SEC 秒\n"
+#~ " -m, --maximum MAX\t\t設定最多能登入失敗 MAX 次\n"
+#~ " -r, --reset\t\t\té‡æ–°è¨­å®šç™»å…¥å¤±æ•—計數\n"
+#~ " -t, --time DAYS\t\t顯示最近 DAYS 內的失敗記錄。\n"
+#~ " -u, --user LOGIN\t\t根據指定的 LOGIN 顯示其失敗記錄åŠç›®å‰çš„失敗計數\n"
+#~ "\t\t\t\tåŠé™åˆ¶ï¼ˆç•¶å’Œ -rã€-m 或 -l é¸é …æ­é…使用時)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "您的密碼已éŽæœŸã€‚"
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s:無法鎖定密碼檔\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s:無法打開密碼文件\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s:無法鎖定shadow密碼文件\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s:無法打開影å­å¯†ç¢¼æ–‡ä»¶\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s:無法é‡å¯«shadow密碼檔案\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s:無法é‡å¯«å¯†ç¢¼æª”案\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s:無法更新shadow密碼檔案\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tå…¨å:%s\n"
+
+#, fuzzy
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "房間號碼"
+
+#, fuzzy
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "工作電話"
+
+#, fuzzy
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "ä½å®¶é›»è©±"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "無法鎖定密碼檔案﹔ç¨å¾Œå†è©¦ã€‚\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "無法打開密碼檔案。\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "更改密碼項目時出錯。\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "無法æ交密碼檔案變動。\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "無法解鎖密碼檔案。\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s:無法鎖定群組檔案\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s:無法打開群組檔案\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s:無法鎖定 shadow 檔\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s:無法打開 shadow 檔\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s:更新shadow檔案時出錯。\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s:更新群組項目時出錯\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s:第 %d 行:未知使用者 %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s:第 %d 行:無法更新項目\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s:無法鎖定 shadow 檔\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s:更新shadow檔案時出錯。\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s:更新密碼檔案時出錯。\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s:第 %d 行:未知使用者 %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s:第 %d 行:無法更新密碼項目\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s:未知使用者\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "未知使用者:%s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "用法:%s [-r|-R] 群組\n"
+
+#~ msgid " %s [-a user] group\n"
+#~ msgstr " %s [-a 使用者] 群組\n"
+
+#~ msgid " %s [-d user] group\n"
+#~ msgstr " %s [-d 使用者] 群組\n"
+
+#~ msgid " %s [-A user,...] [-M user,...] group\n"
+#~ msgstr " %s [-A 使用者,...] [-M 使用者,...] 群組\n"
+
+#~ msgid " %s [-M user,...] group\n"
+#~ msgstr " %s [-M 使用者,...] 群組\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s:無法ç²å¾—鎖定\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s:無法ç²å¾—shadow鎖定\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s:無法打開檔案\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s:無法é‡å¯«shadow檔案\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s 無法解鎖檔案。\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s:無法更新項目\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s:無法更新shadow項目\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "未知群組:%s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s:無法打開檔案\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s:無法打開 shadow 檔\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "你是誰?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s:未知æˆå“¡ %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s:增加新群組項目時出錯\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s:無法é‡å¯«ç¾¤çµ„檔案\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s:無法é‡å¯«shadow群組檔案\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s:無法鎖定群組檔案\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s:無法打開群組檔案\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s:無法鎖定shadow群組檔案\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s:無法打開shadow群組檔案\n"
+
+#, fuzzy
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s:gid %u 並ä¸å”¯ä¸€\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s:刪除群組項目時出錯\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s:刪除shadow群組項目時出錯\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s:ä¸èƒ½åˆªé™¤ä½¿ç”¨è€…的主群組。\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s:PAM 驗証失敗\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s:無法鎖定群組檔案\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s:無法打開群組檔案\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s:未在 /etc/group 中找到 %s\n"
+
+#, fuzzy
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s:%u ä¸æ˜¯ä¸€å€‹å”¯ä¸€çš„ gid\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s:%s ä¸æ˜¯ä¸€å€‹å”¯ä¸€çš„å稱\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s:無法é‡å¯«å¯†ç¢¼æª”案\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s:無法鎖定密碼檔案\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s:無法打開密碼檔案\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s:無法為 %s 更新shadow項目\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s:無法更新 %s 群組的項目\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s:無法鎖定shadow群組檔案\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s:無法打開shadow群組檔案\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s:無法移除shadow群組 %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s:無法更新shadow群組檔案\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s:無法刪除shadow群組檔案\n"
+
+#, fuzzy
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "未知的 GID:%lu\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "未知的 GID:%lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s:%s 群組ä¸å­˜åœ¨\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s:使用者 %s ä¸å­˜åœ¨\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s:無效使用者å稱“%sâ€\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s:無法鎖定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s:無法鎖定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s:無法鎖定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s:無法鎖定 /etc/passwd。\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s:無法打開檔案\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s:更新檔案出錯\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s:無法為 %s 更新密碼項目\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s:無法鎖定密碼檔案\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s:無法打開密碼檔案\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s:無法為 %s 刪除shadow項目\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s:無法更新密碼檔案\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s:ä¸èƒ½æ›´æ–°ä½¿ç”¨è€… %s çš„é …ç›®\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s:無法刪除shadow密碼檔案\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s:未知的 GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s:未知的群組 %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s:update_gshadow 時記憶體ä¸è¶³\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s:無法é‡å¯«å¯†ç¢¼æª”案\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s:無法é‡å¯«shadow密碼檔案\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s:無法鎖定shadow密碼檔案\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s:無法打開shadow密碼檔案\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s:鎖定群組檔案時出錯\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s:打開群組檔案時出錯\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s:鎖定shadow群組檔案時出錯\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s:打開shadow群組檔案時出錯\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s:加入新密碼項目時出錯\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s:加入新shadow密碼項時出錯\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s:警告:CREATE_HOME ä¸æ”¯æ´ï¼Œè«‹ä½¿ç”¨ -m åƒæ•¸ã€‚\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s:更新群組項目時出錯\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s:更新群組項目時出錯\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s:無法打開群組檔案\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s:無法打開shadow群組檔案\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s:刪除密碼項目時出錯\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s:刪除shadow密碼項目時出錯\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s:增加新群組項目時出錯\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s:uid %lu ä¸å”¯ä¸€\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s:改變密碼項目時出錯\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s:移除密碼項時出錯\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s:刪除shadow密碼項目時出錯\n"
+
+#, fuzzy
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s:無法ç²å–ç¨æœ‰çš„ gid\n"
+
+#, fuzzy
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " 在“%.100sâ€ä¸Šï¼Œä¾†è‡ªâ€œ%.200sâ€"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr "在“%.100sâ€ä¸Š"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s:第 %d 行:無法建立 UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s:å稱 %s 並ä¸å”¯ä¸€\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ " -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ " -h, --help\t\tdisplay this help message and exit\n"
+#~ " -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法:chpasswd [é¸é …]\n"
+#~ "\n"
+#~ "é¸é …:\n"
+#~ " -e, --encrypted\t所æ供的密碼已經éŽåŠ å¯†\n"
+#~ " -h, --help\t\t顯示這份說明文字然後çµæŸ\n"
+#~ " -m, --md5\t\t如果所æ供的密碼沒有加密,則使用 MD5 加密法\n"
+#~ "\t\t\t來替代 DES。\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "沒有密碼檔案\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "抱歉。\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "抱歉,無法更改 %s 的密碼。\n"
+
+#~ msgid "Sorry."
+#~ msgstr "抱歉"
diff --git a/shadow.spec.in b/shadow.spec.in
new file mode 100644
index 0000000..0f9a958
--- /dev/null
+++ b/shadow.spec.in
@@ -0,0 +1,93 @@
+# shadow-utils.spec generated automatically from shadow-utils.spec.in
+# $Id$
+
+Summary: Shadow password file utilities for Linux
+Name: shadow-utils
+Version: @VERSION@
+Release: 1
+Copyright: Free
+Group: Utilities/System
+Source: ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/%{name}-%{version}.tar.gz
+BuildRoot: %{_tmppath}/%{name}-%{version}-root
+Obsoletes: adduser
+
+%description
+This package includes the programs necessary to convert traditional
+V7 UNIX password files to the SVR4 shadow password format and additional
+tools to work with shadow passwords.
+ - 'pwconv' converts everything to the shadow password format.
+ - 'pwunconv' converts back to non-shadow passwords.
+ - 'pwck' checks the integrity of the password and shadow files.
+ - 'lastlog' prints out the last login times of all users.
+ - 'useradd', 'userdel', 'usermod' to manage user accounts.
+ - 'groupadd', 'groupdel', 'groupmod' to manage groups.
+
+A number of man pages are also included that relate to these utilities,
+and shadow passwords in general.
+
+%prep
+%setup
+
+%build
+%configure \
+ --disable-shared \
+ --prefix=/usr \
+ --exec-prefix=/usr
+make
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+make install DESTDIR=$RPM_BUILD_ROOT
+
+mkdir -p $RPM_BUILD_ROOT/etc/default
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%doc doc/ANNOUNCE doc/CHANGES doc/HOWTO
+%doc doc/LICENSE doc/README doc/README.linux
+%dir /etc/default
+%config /etc/default/useradd
+%config /etc/login.defs
+%{_bindir}/chage
+%{_bindir}/gpasswd
+%{_bindir}/lastlog
+%{_mandir}/man1/chage.1*
+%{_mandir}/man1/gpasswd.1*
+%{_mandir}/man3/shadow.3*
+%{_mandir}/man5/shadow.5*
+%{_mandir}/man8/chpasswd.8*
+%{_mandir}/man8/groupadd.8*
+%{_mandir}/man8/groupdel.8*
+%{_mandir}/man8/groupmod.8*
+%{_mandir}/man8/grpck.8*
+%{_mandir}/man8/lastlog.8*
+%{_mandir}/man8/newusers.8*
+%{_mandir}/man8/pwck.8*
+%{_mandir}/man8/pwconv.8*
+%{_mandir}/man8/useradd.8*
+%{_mandir}/man8/userdel.8*
+%{_mandir}/man8/usermod.8*
+%{_sbindir}/chpasswd
+%{_sbindir}/groupadd
+%{_sbindir}/groupdel
+%{_sbindir}/groupmod
+%{_sbindir}/grpck
+%{_sbindir}/grpconv
+%{_sbindir}/grpunconv
+%{_sbindir}/newusers
+%{_sbindir}/pwck
+%{_sbindir}/pwconv
+%{_sbindir}/pwunconv
+%{_sbindir}/useradd
+%{_sbindir}/userdel
+%{_sbindir}/usermod
+
+%changelog
+* Sun Dec 14 1997 Marek Michalkiewicz <marekm@piast.t19.ds.pwr.wroc.pl>
+- Lots of changes, see doc/CHANGES for more details
+
+* Sun Jun 08 1997 Timo Karjalainen <timok@iki.fi>
+- Initial release
diff --git a/src/.gitignore b/src/.gitignore
new file mode 100644
index 0000000..d5716b9
--- /dev/null
+++ b/src/.gitignore
@@ -0,0 +1,35 @@
+/chage
+/chfn
+/chgpasswd
+/chpasswd
+/chsh
+/expiry
+/faillog
+/gpasswd
+/groupadd
+/groupdel
+/groupmems
+/groupmod
+/groups
+/grpck
+/grpconv
+/grpunconv
+/id
+/lastlog
+/login
+/logoutd
+/newgrp
+/newgidmap
+/newuidmap
+/newusers
+/nologin
+/passwd
+/pwck
+/pwconv
+/pwunconv
+/su
+/sulogin
+/useradd
+/userdel
+/usermod
+/vipw
diff --git a/src/.indent.pro b/src/.indent.pro
new file mode 100644
index 0000000..fe572bb
--- /dev/null
+++ b/src/.indent.pro
@@ -0,0 +1,5 @@
+-kr
+-i8
+-bad
+-pcs
+-l80
diff --git a/src/Makefile.am b/src/Makefile.am
new file mode 100644
index 0000000..12ef630
--- /dev/null
+++ b/src/Makefile.am
@@ -0,0 +1,138 @@
+
+EXTRA_DIST = \
+ .indent.pro
+
+ubindir = ${prefix}/bin
+usbindir = ${prefix}/sbin
+suidperms = 4755
+sgidperms = 2755
+
+AM_CPPFLAGS = \
+ -I${top_srcdir}/lib \
+ -I$(top_srcdir)/libmisc \
+ -DLOCALEDIR=\"$(datadir)/locale\"
+
+# XXX why are login and su in /bin anyway (other than for
+# historical reasons)?
+#
+# if the system is screwed so badly that it can't mount /usr,
+# you can (hopefully) boot single user, and then you're root
+# so you don't need these programs for recovery.
+#
+# also /lib/libshadow.so.x.xx (if any) could be moved to /usr/lib
+# and installation would be much simpler (just two directories,
+# $prefix/bin and $prefix/sbin, no install-data hacks...)
+
+bin_PROGRAMS = groups login su
+sbin_PROGRAMS = nologin
+ubin_PROGRAMS = faillog lastlog chage chfn chsh expiry gpasswd newgrp passwd
+if ENABLE_SUBIDS
+ubin_PROGRAMS += newgidmap newuidmap
+endif
+usbin_PROGRAMS = \
+ chgpasswd \
+ chpasswd \
+ groupadd \
+ groupdel \
+ groupmems \
+ groupmod \
+ grpck \
+ grpconv \
+ grpunconv \
+ logoutd \
+ newusers \
+ pwck \
+ pwconv \
+ pwunconv \
+ useradd \
+ userdel \
+ usermod \
+ vipw
+
+# id and groups are from gnu, sulogin from sysvinit
+noinst_PROGRAMS = id sulogin
+
+suidbins = su
+suidubins = chage chfn chsh expiry gpasswd newgrp passwd
+if ACCT_TOOLS_SETUID
+suidubins += chage chgpasswd chpasswd groupadd groupdel groupmod newusers useradd userdel usermod
+endif
+if ENABLE_SUBIDS
+suidubins += newgidmap newuidmap
+endif
+
+if WITH_TCB
+suidubins -= passwd
+shadowsgidubins = passwd
+endif
+
+LDADD = $(INTLLIBS) \
+ $(LIBTCB) \
+ $(top_builddir)/libmisc/libmisc.a \
+ $(top_builddir)/lib/libshadow.la
+
+if ACCT_TOOLS_SETUID
+LIBPAM_SUID = $(LIBPAM)
+else
+LIBPAM_SUID =
+endif
+
+if USE_PAM
+LIBCRYPT_NOPAM =
+else
+LIBCRYPT_NOPAM = $(LIBCRYPT)
+endif
+
+chage_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
+newuidmap_LDADD = $(LDADD) $(LIBSELINUX)
+newgidmap_LDADD = $(LDADD) $(LIBSELINUX)
+chfn_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
+chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT)
+chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
+chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT)
+gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
+groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
+groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
+groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX)
+groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
+grpck_LDADD = $(LDADD) $(LIBSELINUX)
+grpconv_LDADD = $(LDADD) $(LIBSELINUX)
+grpunconv_LDADD = $(LDADD) $(LIBSELINUX)
+lastlog_LDADD = $(LDADD) $(LIBAUDIT)
+login_SOURCES = \
+ login.c \
+ login_nopam.c
+login_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
+newgrp_LDADD = $(LDADD) $(LIBAUDIT) $(LIBCRYPT)
+newusers_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT)
+nologin_LDADD =
+passwd_LDADD = $(LDADD) $(LIBPAM) $(LIBCRACK) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM)
+pwck_LDADD = $(LDADD) $(LIBSELINUX)
+pwconv_LDADD = $(LDADD) $(LIBSELINUX)
+pwunconv_LDADD = $(LDADD) $(LIBSELINUX)
+su_SOURCES = \
+ su.c \
+ suauth.c
+su_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
+sulogin_LDADD = $(LDADD) $(LIBCRYPT)
+useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR)
+userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE)
+usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR)
+vipw_LDADD = $(LDADD) $(LIBSELINUX)
+
+install-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+ ln -sf newgrp $(DESTDIR)$(ubindir)/sg
+ ln -sf vipw $(DESTDIR)$(usbindir)/vigr
+ for i in $(suidbins); do \
+ chmod $(suidperms) $(DESTDIR)$(bindir)/$$i; \
+ done
+ for i in $(suidubins); do \
+ chmod $(suidperms) $(DESTDIR)$(ubindir)/$$i; \
+ done
+if WITH_TCB
+ for i in $(shadowsgidubins); do \
+ chown root:shadow $(DESTDIR)$(ubindir)/$$i; \
+ chmod $(sgidperms) $(DESTDIR)$(ubindir)/$$i; \
+ done
+endif
diff --git a/src/chage.c b/src/chage.c
new file mode 100644
index 0000000..617e90f
--- /dev/null
+++ b/src/chage.c
@@ -0,0 +1,948 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <time.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+#include <pwd.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/av_permissions.h>
+#endif
+#include "prototypes.h"
+#include "defines.h"
+#include "pwio.h"
+#include "shadowio.h"
+#ifdef WITH_TCB
+#include "tcbfuncs.h"
+#endif
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool
+ dflg = false, /* set last password change date */
+ Eflg = false, /* set account expiration date */
+ Iflg = false, /* set password inactive after expiration */
+ lflg = false, /* show account aging information */
+ mflg = false, /* set minimum number of days before password change */
+ Mflg = false, /* set maximum number of days before password change */
+ Wflg = false; /* set expiration warning days */
+static bool amroot = false;
+
+static bool pw_locked = false; /* Indicate if the password file is locked */
+static bool spw_locked = false; /* Indicate if the shadow file is locked */
+/* The name and UID of the user being worked on */
+static char user_name[BUFSIZ] = "";
+static uid_t user_uid = -1;
+
+static long mindays;
+static long maxdays;
+static long lstchgdate;
+static long warndays;
+static long inactdays;
+static long expdate;
+
+/* local function prototypes */
+static /*@noreturn@*/void usage (int status);
+static void date_to_str (char *buf, size_t maxsize, time_t date);
+static int new_fields (void);
+static void print_date (time_t date);
+static void list_fields (void);
+static void process_flags (int argc, char **argv);
+static void check_flags (int argc, int opt_index);
+static void check_perms (void);
+static void open_files (bool readonly);
+static void close_files (void);
+static /*@noreturn@*/void fail_exit (int code);
+
+/*
+ * fail_exit - do some cleanup and exit with the given error code
+ */
+static /*@noreturn@*/void fail_exit (int code)
+{
+ if (spw_locked) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ }
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ }
+ closelog ();
+
+#ifdef WITH_AUDIT
+ if (E_SUCCESS != code) {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "change age",
+ user_name, (unsigned int) user_uid, 0);
+ }
+#endif
+
+ exit (code);
+}
+
+/*
+ * usage - print command line syntax and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options] LOGIN\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -d, --lastday LAST_DAY set date of last password change to LAST_DAY\n"), usageout);
+ (void) fputs (_(" -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -I, --inactive INACTIVE set password inactive after expiration\n"
+ " to INACTIVE\n"), usageout);
+ (void) fputs (_(" -l, --list show account aging information\n"), usageout);
+ (void) fputs (_(" -m, --mindays MIN_DAYS set minimum number of days before password\n"
+ " change to MIN_DAYS\n"), usageout);
+ (void) fputs (_(" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
+ " change to MAX_DAYS\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+static void date_to_str (char *buf, size_t maxsize, time_t date)
+{
+ struct tm *tp;
+
+ tp = gmtime (&date);
+#ifdef HAVE_STRFTIME
+ (void) strftime (buf, maxsize, "%Y-%m-%d", tp);
+#else
+ (void) snprintf (buf, maxsize, "%04d-%02d-%02d",
+ tp->tm_year + 1900, tp->tm_mon + 1, tp->tm_mday);
+#endif /* HAVE_STRFTIME */
+}
+
+/*
+ * new_fields - change the user's password aging information interactively.
+ *
+ * prompt the user for all of the password age values. set the fields
+ * from the user's response, or leave alone if nothing was entered. The
+ * value (-1) is used to indicate the field should be removed if possible.
+ * any other negative value is an error. very large positive values will
+ * be handled elsewhere.
+ */
+static int new_fields (void)
+{
+ char buf[200];
+
+ (void) puts (_("Enter the new value, or press ENTER for the default"));
+ (void) puts ("");
+
+ (void) snprintf (buf, sizeof buf, "%ld", mindays);
+ change_field (buf, sizeof buf, _("Minimum Password Age"));
+ if ( (getlong (buf, &mindays) == 0)
+ || (mindays < -1)) {
+ return 0;
+ }
+
+ (void) snprintf (buf, sizeof buf, "%ld", maxdays);
+ change_field (buf, sizeof buf, _("Maximum Password Age"));
+ if ( (getlong (buf, &maxdays) == 0)
+ || (maxdays < -1)) {
+ return 0;
+ }
+
+ if (-1 == lstchgdate) {
+ strcpy (buf, "-1");
+ } else {
+ date_to_str (buf, sizeof buf, (time_t) lstchgdate * SCALE);
+ }
+
+ change_field (buf, sizeof buf, _("Last Password Change (YYYY-MM-DD)"));
+
+ if (strcmp (buf, "-1") == 0) {
+ lstchgdate = -1;
+ } else {
+ lstchgdate = strtoday (buf);
+ if (lstchgdate <= -1) {
+ return 0;
+ }
+ }
+
+ (void) snprintf (buf, sizeof buf, "%ld", warndays);
+ change_field (buf, sizeof buf, _("Password Expiration Warning"));
+ if ( (getlong (buf, &warndays) == 0)
+ || (warndays < -1)) {
+ return 0;
+ }
+
+ (void) snprintf (buf, sizeof buf, "%ld", inactdays);
+ change_field (buf, sizeof buf, _("Password Inactive"));
+ if ( (getlong (buf, &inactdays) == 0)
+ || (inactdays < -1)) {
+ return 0;
+ }
+
+ if (-1 == expdate) {
+ strcpy (buf, "-1");
+ } else {
+ date_to_str (buf, sizeof buf, (time_t) expdate * SCALE);
+ }
+
+ change_field (buf, sizeof buf,
+ _("Account Expiration Date (YYYY-MM-DD)"));
+
+ if (strcmp (buf, "-1") == 0) {
+ expdate = -1;
+ } else {
+ expdate = strtoday (buf);
+ if (expdate <= -1) {
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
+static void print_date (time_t date)
+{
+#ifdef HAVE_STRFTIME
+ struct tm *tp;
+ char buf[80];
+
+ tp = gmtime (&date);
+ if (NULL == tp) {
+ (void) printf ("time_t: %lu\n", (unsigned long)date);
+ } else {
+ (void) strftime (buf, sizeof buf, "%b %d, %Y", tp);
+ (void) puts (buf);
+ }
+#else
+ struct tm *tp;
+ char *cp = NULL;
+
+ tp = gmtime (&date);
+ if (NULL != tp) {
+ cp = asctime (tp);
+ }
+ if (NULL != cp) {
+ (void) printf ("%6.6s, %4.4s\n", cp + 4, cp + 20);
+ } else {
+ (void) printf ("time_t: %lu\n", date);
+ }
+#endif
+}
+
+/*
+ * list_fields - display the current values of the expiration fields
+ *
+ * display the password age information from the password fields. Date
+ * values will be displayed as a calendar date, or the word "never" if
+ * the date is 1/1/70, which is day number 0.
+ */
+static void list_fields (void)
+{
+ long changed = 0;
+ long expires;
+
+ /*
+ * The "last change" date is either "never" or the date the password
+ * was last modified. The date is the number of days since 1/1/1970.
+ */
+ (void) fputs (_("Last password change\t\t\t\t\t: "), stdout);
+ if (lstchgdate < 0) {
+ (void) puts (_("never"));
+ } else if (lstchgdate == 0) {
+ (void) puts (_("password must be changed"));
+ } else {
+ changed = lstchgdate * SCALE;
+ print_date ((time_t) changed);
+ }
+
+ /*
+ * The password expiration date is determined from the last change
+ * date plus the number of days the password is valid for.
+ */
+ (void) fputs (_("Password expires\t\t\t\t\t: "), stdout);
+ if (lstchgdate == 0) {
+ (void) puts (_("password must be changed"));
+ } else if ( (lstchgdate < 0)
+ || (maxdays >= (10000 * (DAY / SCALE)))
+ || (maxdays < 0)) {
+ (void) puts (_("never"));
+ } else {
+ expires = changed + maxdays * SCALE;
+ print_date ((time_t) expires);
+ }
+
+ /*
+ * The account becomes inactive if the password is expired for more
+ * than "inactdays". The expiration date is calculated and the
+ * number of inactive days is added. The resulting date is when the
+ * active will be disabled.
+ */
+ (void) fputs (_("Password inactive\t\t\t\t\t: "), stdout);
+ if (lstchgdate == 0) {
+ (void) puts (_("password must be changed"));
+ } else if ( (lstchgdate < 0)
+ || (inactdays < 0)
+ || (maxdays >= (10000 * (DAY / SCALE)))
+ || (maxdays < 0)) {
+ (void) puts (_("never"));
+ } else {
+ expires = changed + (maxdays + inactdays) * SCALE;
+ print_date ((time_t) expires);
+ }
+
+ /*
+ * The account will expire on the given date regardless of the
+ * password expiring or not.
+ */
+ (void) fputs (_("Account expires\t\t\t\t\t\t: "), stdout);
+ if (expdate < 0) {
+ (void) puts (_("never"));
+ } else {
+ expires = expdate * SCALE;
+ print_date ((time_t) expires);
+ }
+
+ /*
+ * Start with the easy numbers - the number of days before the
+ * password can be changed, the number of days after which the
+ * password must be chaged, the number of days before the password
+ * expires that the user is told, and the number of days after the
+ * password expires that the account becomes unusable.
+ */
+ printf (_("Minimum number of days between password change\t\t: %ld\n"),
+ mindays);
+ printf (_("Maximum number of days between password change\t\t: %ld\n"),
+ maxdays);
+ printf (_("Number of days of warning before password expires\t: %ld\n"),
+ warndays);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ /*
+ * Parse the command line options.
+ */
+ int c;
+ static struct option long_options[] = {
+ {"lastday", required_argument, NULL, 'd'},
+ {"expiredate", required_argument, NULL, 'E'},
+ {"help", no_argument, NULL, 'h'},
+ {"inactive", required_argument, NULL, 'I'},
+ {"list", no_argument, NULL, 'l'},
+ {"mindays", required_argument, NULL, 'm'},
+ {"maxdays", required_argument, NULL, 'M'},
+ {"root", required_argument, NULL, 'R'},
+ {"warndays", required_argument, NULL, 'W'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "d:E:hI:lm:M:R:W:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'd':
+ dflg = true;
+ lstchgdate = strtoday (optarg);
+ if (lstchgdate < -1) {
+ fprintf (stderr,
+ _("%s: invalid date '%s'\n"),
+ Prog, optarg);
+ usage (E_USAGE);
+ }
+ break;
+ case 'E':
+ Eflg = true;
+ expdate = strtoday (optarg);
+ if (expdate < -1) {
+ fprintf (stderr,
+ _("%s: invalid date '%s'\n"),
+ Prog, optarg);
+ usage (E_USAGE);
+ }
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'I':
+ Iflg = true;
+ if ( (getlong (optarg, &inactdays) == 0)
+ || (inactdays < -1)) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (E_USAGE);
+ }
+ break;
+ case 'l':
+ lflg = true;
+ break;
+ case 'm':
+ mflg = true;
+ if ( (getlong (optarg, &mindays) == 0)
+ || (mindays < -1)) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (E_USAGE);
+ }
+ break;
+ case 'M':
+ Mflg = true;
+ if ( (getlong (optarg, &maxdays) == 0)
+ || (maxdays < -1)) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (E_USAGE);
+ }
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 'W':
+ Wflg = true;
+ if ( (getlong (optarg, &warndays) == 0)
+ || (warndays < -1)) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (E_USAGE);
+ }
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ check_flags (argc, optind);
+}
+
+/*
+ * check_flags - check flags and parameters consistency
+ *
+ * It will not return if an error is encountered.
+ */
+static void check_flags (int argc, int opt_index)
+{
+ /*
+ * Make certain the flags do not conflict and that there is a user
+ * name on the command line.
+ */
+
+ if (argc != opt_index + 1) {
+ usage (E_USAGE);
+ }
+
+ if (lflg && (mflg || Mflg || dflg || Wflg || Iflg || Eflg)) {
+ fprintf (stderr,
+ _("%s: do not include \"l\" with other flags\n"),
+ Prog);
+ usage (E_USAGE);
+ }
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ * Non-root users are only allowed to display their aging information.
+ * (we will later make sure that the user is only listing her aging
+ * information)
+ *
+ * With PAM support, the setuid bit can be set on chage to allow
+ * non-root users to groups.
+ * Without PAM support, only users who can write in the group databases
+ * can add groups.
+ *
+ * It will not return if the user is not allowed.
+ */
+static void check_perms (void)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ struct passwd *pampw;
+ int retval;
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+
+ /*
+ * An unprivileged user can ask for their own aging information, but
+ * only root can change it, or list another user's aging
+ * information.
+ */
+
+ if (!amroot && !lflg) {
+ fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+ fail_exit (E_NOPERM);
+ }
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (NULL == pampw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ exit (E_NOPERM);
+ }
+
+ retval = pam_start ("chage", pampw->pw_name, &conv, &pamh);
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ fail_exit (E_NOPERM);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+}
+
+/*
+ * open_files - open the shadow database
+ *
+ * In read-only mode, the databases are not locked and are opened
+ * only for reading.
+ */
+static void open_files (bool readonly)
+{
+ /*
+ * Lock and open the password file. This loads all of the password
+ * file entries into memory. Then we get a pointer to the password
+ * file entry for the requested user.
+ */
+ if (!readonly) {
+ if (pw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ fail_exit (E_NOPERM);
+ }
+ pw_locked = true;
+ }
+ if (pw_open (readonly ? O_RDONLY: O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
+ fail_exit (E_NOPERM);
+ }
+
+ /*
+ * For shadow password files we have to lock the file and read in
+ * the entries as was done for the password file. The user entries
+ * does not have to exist in this case; a new entry will be created
+ * for this user if one does not exist already.
+ */
+ if (!readonly) {
+ if (spw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, spw_dbname ());
+ fail_exit (E_NOPERM);
+ }
+ spw_locked = true;
+ }
+ if (spw_open (readonly ? O_RDONLY: O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", spw_dbname ()));
+ fail_exit (E_NOPERM);
+ }
+}
+
+/*
+ * close_files - close and unlock the password/shadow databases
+ */
+static void close_files (void)
+{
+ /*
+ * Now close the shadow password file, which will cause all of the
+ * entries to be re-written.
+ */
+ if (spw_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+ fail_exit (E_NOPERM);
+ }
+
+ /*
+ * Close the password file. If any entries were modified, the file
+ * will be re-written.
+ */
+ if (pw_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (E_NOPERM);
+ }
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ spw_locked = false;
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ pw_locked = false;
+}
+
+/*
+ * update_age - update the aging information in the database
+ *
+ * It will not return in case of error
+ */
+static void update_age (/*@null@*/const struct spwd *sp,
+ /*@notnull@*/const struct passwd *pw)
+{
+ struct spwd spwent;
+
+ /*
+ * There was no shadow entry. The new entry will have the encrypted
+ * password transferred from the normal password file along with the
+ * aging information.
+ */
+ if (NULL == sp) {
+ struct passwd pwent = *pw;
+
+ memzero (&spwent, sizeof spwent);
+ spwent.sp_namp = xstrdup (pwent.pw_name);
+ spwent.sp_pwdp = xstrdup (pwent.pw_passwd);
+ spwent.sp_flag = SHADOW_SP_FLAG_UNSET;
+
+ pwent.pw_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ if (pw_update (&pwent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"), Prog, pw_dbname (), pwent.pw_name);
+ fail_exit (E_NOPERM);
+ }
+ } else {
+ spwent.sp_namp = xstrdup (sp->sp_namp);
+ spwent.sp_pwdp = xstrdup (sp->sp_pwdp);
+ spwent.sp_flag = sp->sp_flag;
+ }
+
+ /*
+ * Copy the fields back to the shadow file entry and write the
+ * modified entry back to the shadow file. Closing the shadow and
+ * password files will commit any changes that have been made.
+ */
+ spwent.sp_max = maxdays;
+ spwent.sp_min = mindays;
+ spwent.sp_lstchg = lstchgdate;
+ spwent.sp_warn = warndays;
+ spwent.sp_inact = inactdays;
+ spwent.sp_expire = expdate;
+
+ if (spw_update (&spwent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"), Prog, spw_dbname (), spwent.sp_namp);
+ fail_exit (E_NOPERM);
+ }
+
+}
+
+/*
+ * get_defaults - get the value of the fields not set from the command line
+ */
+static void get_defaults (/*@null@*/const struct spwd *sp)
+{
+ /*
+ * Set the fields that aren't being set from the command line from
+ * the password file.
+ */
+ if (NULL != sp) {
+ if (!Mflg) {
+ maxdays = sp->sp_max;
+ }
+ if (!mflg) {
+ mindays = sp->sp_min;
+ }
+ if (!dflg) {
+ lstchgdate = sp->sp_lstchg;
+ }
+ if (!Wflg) {
+ warndays = sp->sp_warn;
+ }
+ if (!Iflg) {
+ inactdays = sp->sp_inact;
+ }
+ if (!Eflg) {
+ expdate = sp->sp_expire;
+ }
+ } else {
+ /*
+ * Use default values that will not change the behavior of the
+ * account.
+ */
+ if (!Mflg) {
+ maxdays = -1;
+ }
+ if (!mflg) {
+ mindays = -1;
+ }
+ if (!dflg) {
+ lstchgdate = -1;
+ }
+ if (!Wflg) {
+ warndays = -1;
+ }
+ if (!Iflg) {
+ inactdays = -1;
+ }
+ if (!Eflg) {
+ expdate = -1;
+ }
+ }
+}
+
+/*
+ * chage - change a user's password aging information
+ *
+ * This command controls the password aging information.
+ *
+ * The valid options are
+ *
+ * -d set last password change date (*)
+ * -E set account expiration date (*)
+ * -I set password inactive after expiration (*)
+ * -l show account aging information
+ * -M set maximim number of days before password change (*)
+ * -m set minimum number of days before password change (*)
+ * -W set expiration warning days (*)
+ *
+ * (*) requires root permission to execute.
+ *
+ * All of the time fields are entered in the internal format which is
+ * either seconds or days.
+ */
+
+int main (int argc, char **argv)
+{
+ const struct spwd *sp;
+ uid_t ruid;
+ gid_t rgid;
+ const struct passwd *pw;
+
+ /*
+ * Get the program name so that error messages can use it.
+ */
+ Prog = Basename (argv[0]);
+
+ sanitize_env ();
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+#ifdef WITH_AUDIT
+ audit_help_open ();
+#endif
+ OPENLOG ("chage");
+
+ ruid = getuid ();
+ rgid = getgid ();
+ amroot = (ruid == 0);
+#ifdef WITH_SELINUX
+ if (amroot && (is_selinux_enabled () > 0)) {
+ amroot = (selinux_check_passwd_access (PASSWD__ROOTOK) == 0);
+ }
+#endif
+
+ process_flags (argc, argv);
+
+ check_perms ();
+
+ if (!spw_file_present ()) {
+ fprintf (stderr,
+ _("%s: the shadow password file is not present\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "can't find the shadow password file"));
+ closelog ();
+ exit (E_SHADOW_NOTFOUND);
+ }
+
+ open_files (lflg);
+ /* Drop privileges */
+ if (lflg && ( (setregid (rgid, rgid) != 0)
+ || (setreuid (ruid, ruid) != 0))) {
+ fprintf (stderr, _("%s: failed to drop privileges (%s)\n"),
+ Prog, strerror (errno));
+ fail_exit (E_NOPERM);
+ }
+
+ pw = pw_locate (argv[optind]);
+ if (NULL == pw) {
+ fprintf (stderr, _("%s: user '%s' does not exist in %s\n"),
+ Prog, argv[optind], pw_dbname ());
+ closelog ();
+ fail_exit (E_NOPERM);
+ }
+
+ STRFCPY (user_name, pw->pw_name);
+#ifdef WITH_TCB
+ if (shadowtcb_set_user (pw->pw_name) == SHADOWTCB_FAILURE) {
+ fail_exit (E_NOPERM);
+ }
+#endif
+ user_uid = pw->pw_uid;
+
+ sp = spw_locate (argv[optind]);
+ get_defaults (sp);
+
+ /*
+ * Print out the expiration fields if the user has requested the
+ * list option.
+ */
+ if (lflg) {
+ if (!amroot && (ruid != user_uid)) {
+ fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+ fail_exit (E_NOPERM);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "display aging info",
+ user_name, (unsigned int) user_uid, 1);
+#endif
+ list_fields ();
+ fail_exit (E_SUCCESS);
+ }
+
+ /*
+ * If none of the fields were changed from the command line, let the
+ * user interactively change them.
+ */
+ if (!mflg && !Mflg && !dflg && !Wflg && !Iflg && !Eflg) {
+ printf (_("Changing the aging information for %s\n"),
+ user_name);
+ if (new_fields () == 0) {
+ fprintf (stderr, _("%s: error changing fields\n"),
+ Prog);
+ fail_exit (E_NOPERM);
+ }
+#ifdef WITH_AUDIT
+ else {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "change all aging information",
+ user_name, (unsigned int) user_uid, 1);
+ }
+#endif
+ } else {
+#ifdef WITH_AUDIT
+ if (Mflg) {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "change max age",
+ user_name, (unsigned int) user_uid, 1);
+ }
+ if (mflg) {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "change min age",
+ user_name, (unsigned int) user_uid, 1);
+ }
+ if (dflg) {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "change last change date",
+ user_name, (unsigned int) user_uid, 1);
+ }
+ if (Wflg) {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "change passwd warning",
+ user_name, (unsigned int) user_uid, 1);
+ }
+ if (Iflg) {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "change inactive days",
+ user_name, (unsigned int) user_uid, 1);
+ }
+ if (Eflg) {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "change passwd expiration",
+ user_name, (unsigned int) user_uid, 1);
+ }
+#endif
+ }
+
+ update_age (sp, pw);
+
+ close_files ();
+
+ SYSLOG ((LOG_INFO, "changed password expiry for %s", user_name));
+
+ closelog ();
+ exit (E_SUCCESS);
+}
+
diff --git a/src/chfn.c b/src/chfn.c
new file mode 100644
index 0000000..18aa3de
--- /dev/null
+++ b/src/chfn.c
@@ -0,0 +1,753 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <getopt.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/av_permissions.h>
+#endif
+#include "defines.h"
+#include "getdef.h"
+#include "nscd.h"
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables.
+ */
+const char *Prog;
+static char fullnm[BUFSIZ];
+static char roomno[BUFSIZ];
+static char workph[BUFSIZ];
+static char homeph[BUFSIZ];
+static char slop[BUFSIZ];
+static bool amroot;
+/* Flags */
+static bool fflg = false; /* -f - set full name */
+static bool rflg = false; /* -r - set room number */
+static bool wflg = false; /* -w - set work phone number */
+static bool hflg = false; /* -h - set home phone number */
+static bool oflg = false; /* -o - set other information */
+static bool pw_locked = false;
+
+/*
+ * External identifiers
+ */
+
+/* local function prototypes */
+static void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
+static bool may_change_field (int);
+static void new_fields (void);
+static char *copy_field (char *, char *, char *);
+static void process_flags (int argc, char **argv);
+static void check_perms (const struct passwd *pw);
+static void update_gecos (const char *user, char *gecos);
+static void get_old_fields (const char *gecos);
+
+/*
+ * fail_exit - exit with an error and do some cleanup
+ */
+static void fail_exit (int code)
+{
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ }
+ pw_locked = false;
+
+ closelog ();
+
+ exit (code);
+}
+
+/*
+ * usage - print command line syntax and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options] [LOGIN]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -f, --full-name FULL_NAME change user's full name\n"), usageout);
+ (void) fputs (_(" -h, --home-phone HOME_PHONE change user's home phone number\n"), usageout);
+ (void) fputs (_(" -o, --other OTHER_INFO change user's other GECOS information\n"), usageout);
+ (void) fputs (_(" -r, --room ROOM_NUMBER change user's room number\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -u, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -w, --work-phone WORK_PHONE change user's office phone number\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * may_change_field - indicate if the user is allowed to change a given field
+ * of her gecos information
+ *
+ * root can change any field.
+ *
+ * field should be one of 'f', 'r', 'w', 'h'
+ *
+ * Return true if the user can change the field and false otherwise.
+ */
+static bool may_change_field (int field)
+{
+ const char *cp;
+
+ /*
+ * CHFN_RESTRICT can now specify exactly which fields may be changed
+ * by regular users, by using any combination of the following
+ * letters:
+ * f - full name
+ * r - room number
+ * w - work phone
+ * h - home phone
+ *
+ * This makes it possible to disallow changing the room number
+ * information, for example - this feature was suggested by Maciej
+ * 'Tycoon' Majchrowski.
+ *
+ * For backward compatibility, "yes" is equivalent to "rwh",
+ * "no" is equivalent to "frwh". Only root can change anything
+ * if the string is empty or not defined at all.
+ */
+ if (amroot) {
+ return true;
+ }
+
+ cp = getdef_str ("CHFN_RESTRICT");
+ if (NULL == cp) {
+ cp = "";
+ } else if (strcmp (cp, "yes") == 0) {
+ cp = "rwh";
+ } else if (strcmp (cp, "no") == 0) {
+ cp = "frwh";
+ }
+
+ if (strchr (cp, field) != NULL) {
+ return true;
+ }
+
+ return false;
+}
+
+/*
+ * new_fields - change the user's GECOS information interactively
+ *
+ * prompt the user for each of the four fields and fill in the fields from
+ * the user's response, or leave alone if nothing was entered.
+ */
+static void new_fields (void)
+{
+ puts (_("Enter the new value, or press ENTER for the default"));
+
+ if (may_change_field ('f')) {
+ change_field (fullnm, sizeof fullnm, _("Full Name"));
+ } else {
+ printf (_("\t%s: %s\n"), _("Full Name"), fullnm);
+ }
+
+ if (may_change_field ('r')) {
+ change_field (roomno, sizeof roomno, _("Room Number"));
+ } else {
+ printf (_("\t%s: %s\n"), _("Room Number"), fullnm);
+ }
+
+ if (may_change_field ('w')) {
+ change_field (workph, sizeof workph, _("Work Phone"));
+ } else {
+ printf (_("\t%s: %s\n"), _("Work Phone"), fullnm);
+ }
+
+ if (may_change_field ('h')) {
+ change_field (homeph, sizeof homeph, _("Home Phone"));
+ } else {
+ printf (_("\t%s: %s\n"), _("Home Phone"), fullnm);
+ }
+
+ if (amroot) {
+ change_field (slop, sizeof slop, _("Other"));
+ }
+}
+
+/*
+ * copy_field - get the next field from the gecos field
+ *
+ * copy_field copies the next field from the gecos field, returning a
+ * pointer to the field which follows, or NULL if there are no more fields.
+ *
+ * in - the current GECOS field
+ * out - where to copy the field to
+ * extra - fields with '=' get copied here
+ */
+static char *copy_field (char *in, char *out, char *extra)
+{
+ char *cp = NULL;
+
+ while (NULL != in) {
+ cp = strchr (in, ',');
+ if (NULL != cp) {
+ *cp++ = '\0';
+ }
+
+ if (strchr (in, '=') == NULL) {
+ break;
+ }
+
+ if (NULL != extra) {
+ if ('\0' != extra[0]) {
+ strcat (extra, ",");
+ }
+
+ strcat (extra, in);
+ }
+ in = cp;
+ }
+ if ((NULL != in) && (NULL != out)) {
+ strcpy (out, in);
+ }
+
+ return cp;
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ int c; /* flag currently being processed */
+ static struct option long_options[] = {
+ {"full-name", required_argument, NULL, 'f'},
+ {"home-phone", required_argument, NULL, 'h'},
+ {"other", required_argument, NULL, 'o'},
+ {"room", required_argument, NULL, 'r'},
+ {"root", required_argument, NULL, 'R'},
+ {"help", no_argument, NULL, 'u'},
+ {"work-phone", required_argument, NULL, 'w'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ /*
+ * The remaining arguments will be processed one by one and executed
+ * by this command. The name is the last argument if it does not
+ * begin with a "-", otherwise the name is determined from the
+ * environment and must agree with the real UID. Also, the UID will
+ * be checked for any commands which are restricted to root only.
+ */
+ while ((c = getopt_long (argc, argv, "f:h:o:r:R:uw:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'f':
+ if (!may_change_field ('f')) {
+ fprintf (stderr,
+ _("%s: Permission denied.\n"), Prog);
+ exit (E_NOPERM);
+ }
+ fflg = true;
+ STRFCPY (fullnm, optarg);
+ break;
+ case 'h':
+ if (!may_change_field ('h')) {
+ fprintf (stderr,
+ _("%s: Permission denied.\n"), Prog);
+ exit (E_NOPERM);
+ }
+ hflg = true;
+ STRFCPY (homeph, optarg);
+ break;
+ case 'o':
+ if (!amroot) {
+ fprintf (stderr,
+ _("%s: Permission denied.\n"), Prog);
+ exit (E_NOPERM);
+ }
+ oflg = true;
+ STRFCPY (slop, optarg);
+ break;
+ case 'r':
+ if (!may_change_field ('r')) {
+ fprintf (stderr,
+ _("%s: Permission denied.\n"), Prog);
+ exit (E_NOPERM);
+ }
+ rflg = true;
+ STRFCPY (roomno, optarg);
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 'u':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'w':
+ if (!may_change_field ('w')) {
+ fprintf (stderr,
+ _("%s: Permission denied.\n"), Prog);
+ exit (E_NOPERM);
+ }
+ wflg = true;
+ STRFCPY (workph, optarg);
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ * Non-root users are only allowed to change their gecos field.
+ * (see also may_change_field())
+ *
+ * Non-root users must be authenticated.
+ *
+ * It will not return if the user is not allowed.
+ */
+static void check_perms (const struct passwd *pw)
+{
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ int retval;
+ struct passwd *pampw;
+#endif
+
+ /*
+ * Non-privileged users are only allowed to change the gecos field
+ * if the UID of the user matches the current real UID.
+ */
+ if (!amroot && pw->pw_uid != getuid ()) {
+ fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+ closelog ();
+ exit (E_NOPERM);
+ }
+#ifdef WITH_SELINUX
+ /*
+ * If the UID of the user does not match the current real UID,
+ * check if the change is allowed by SELinux policy.
+ */
+ if ((pw->pw_uid != getuid ())
+ && (is_selinux_enabled () > 0)
+ && (selinux_check_passwd_access (PASSWD__CHFN) != 0)) {
+ fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+ closelog ();
+ exit (E_NOPERM);
+ }
+#endif
+
+#ifndef USE_PAM
+ /*
+ * Non-privileged users are optionally authenticated (must enter the
+ * password of the user whose information is being changed) before
+ * any changes can be made. Idea from util-linux chfn/chsh.
+ * --marekm
+ */
+ if (!amroot && getdef_bool ("CHFN_AUTH")) {
+ passwd_check (pw->pw_name, pw->pw_passwd, "chfn");
+ }
+
+#else /* !USE_PAM */
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (NULL == pampw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ exit (E_NOPERM);
+ }
+
+ retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh);
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ exit (E_NOPERM);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* USE_PAM */
+}
+
+/*
+ * update_gecos - update the gecos fields in the password database
+ *
+ * Commit the user's entry after changing her gecos field.
+ */
+static void update_gecos (const char *user, char *gecos)
+{
+ const struct passwd *pw; /* The user's password file entry */
+ struct passwd pwent; /* modified password file entry */
+
+ /*
+ * Before going any further, raise the ulimit to prevent colliding
+ * into a lowered ulimit, and set the real UID to root to protect
+ * against unexpected signals. Any keyboard signals are set to be
+ * ignored.
+ */
+ if (setuid (0) != 0) {
+ fputs (_("Cannot change ID to root.\n"), stderr);
+ SYSLOG ((LOG_ERR, "can't setuid(0)"));
+ fail_exit (E_NOPERM);
+ }
+ pwd_init ();
+
+ /*
+ * The passwd entry is now ready to be committed back to the
+ * password file. Get a lock on the file and open it.
+ */
+ if (pw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ fail_exit (E_NOPERM);
+ }
+ pw_locked = true;
+ if (pw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"), Prog, pw_dbname ());
+ fail_exit (E_NOPERM);
+ }
+
+ /*
+ * Get the entry to update using pw_locate() - we want the real one
+ * from /etc/passwd, not the one from getpwnam() which could contain
+ * the shadow password if (despite the warnings) someone enables
+ * AUTOSHADOW (or SHADOW_COMPAT in libc). --marekm
+ */
+ pw = pw_locate (user);
+ if (NULL == pw) {
+ fprintf (stderr,
+ _("%s: user '%s' does not exist in %s\n"),
+ Prog, user, pw_dbname ());
+ fail_exit (E_NOPERM);
+ }
+
+ /*
+ * Make a copy of the entry, then change the gecos field. The other
+ * fields remain unchanged.
+ */
+ pwent = *pw;
+ pwent.pw_gecos = gecos;
+
+ /*
+ * Update the passwd file entry. If there is a DBM file, update that
+ * entry as well.
+ */
+ if (pw_update (&pwent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, pw_dbname (), pwent.pw_name);
+ fail_exit (E_NOPERM);
+ }
+
+ /*
+ * Changes have all been made, so commit them and unlock the file.
+ */
+ if (pw_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (E_NOPERM);
+ }
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ pw_locked = false;
+}
+
+/*
+ * get_old_fields - parse the old gecos and use the old value for the fields
+ * which are not set on the command line
+ */
+static void get_old_fields (const char *gecos)
+{
+ char *cp; /* temporary character pointer */
+ char old_gecos[BUFSIZ]; /* buffer for old GECOS fields */
+ STRFCPY (old_gecos, gecos);
+
+ /*
+ * Now get the full name. It is the first comma separated field in
+ * the GECOS field.
+ */
+ cp = copy_field (old_gecos, fflg ? (char *) 0 : fullnm, slop);
+
+ /*
+ * Now get the room number. It is the next comma separated field,
+ * if there is indeed one.
+ */
+ if (NULL != cp) {
+ cp = copy_field (cp, rflg ? (char *) 0 : roomno, slop);
+ }
+
+ /*
+ * Now get the work phone number. It is the third field.
+ */
+ if (NULL != cp) {
+ cp = copy_field (cp, wflg ? (char *) 0 : workph, slop);
+ }
+
+ /*
+ * Now get the home phone number. It is the fourth field.
+ */
+ if (NULL != cp) {
+ cp = copy_field (cp, hflg ? (char *) 0 : homeph, slop);
+ }
+
+ /*
+ * Anything left over is "slop".
+ */
+ if ((NULL != cp) && !oflg) {
+ if ('\0' != slop[0]) {
+ strcat (slop, ",");
+ }
+
+ strcat (slop, cp);
+ }
+}
+
+/*
+ * check_fields - check all of the fields for valid information
+ *
+ * It will not return if a field is not valid.
+ */
+static void check_fields (void)
+{
+ int err;
+ err = valid_field (fullnm, ":,=\n");
+ if (err > 0) {
+ fprintf (stderr, _("%s: name with non-ASCII characters: '%s'\n"), Prog, fullnm);
+ } else if (err < 0) {
+ fprintf (stderr, _("%s: invalid name: '%s'\n"), Prog, fullnm);
+ fail_exit (E_NOPERM);
+ }
+ err = valid_field (roomno, ":,=\n");
+ if (err > 0) {
+ fprintf (stderr, _("%s: room number with non-ASCII characters: '%s'\n"), Prog, roomno);
+ } else if (err < 0) {
+ fprintf (stderr, _("%s: invalid room number: '%s'\n"),
+ Prog, roomno);
+ fail_exit (E_NOPERM);
+ }
+ if (valid_field (workph, ":,=\n") != 0) {
+ fprintf (stderr, _("%s: invalid work phone: '%s'\n"),
+ Prog, workph);
+ fail_exit (E_NOPERM);
+ }
+ if (valid_field (homeph, ":,=\n") != 0) {
+ fprintf (stderr, _("%s: invalid home phone: '%s'\n"),
+ Prog, homeph);
+ fail_exit (E_NOPERM);
+ }
+ err = valid_field (slop, ":\n");
+ if (err > 0) {
+ fprintf (stderr, _("%s: '%s' contains non-ASCII characters\n"), Prog, slop);
+ } else if (err < 0) {
+ fprintf (stderr,
+ _("%s: '%s' contains illegal characters\n"),
+ Prog, slop);
+ fail_exit (E_NOPERM);
+ }
+}
+
+/*
+ * chfn - change a user's password file information
+ *
+ * This command controls the GECOS field information in the password
+ * file entry.
+ *
+ * The valid options are
+ *
+ * -f full name
+ * -r room number
+ * -w work phone number
+ * -h home phone number
+ * -o other information (*)
+ *
+ * (*) requires root permission to execute.
+ */
+int main (int argc, char **argv)
+{
+ const struct passwd *pw; /* password file entry */
+ char new_gecos[BUFSIZ]; /* buffer for new GECOS fields */
+ char *user;
+
+ /*
+ * Get the program name. The program name is used as a
+ * prefix to most error messages.
+ */
+ Prog = Basename (argv[0]);
+
+ sanitize_env ();
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ /*
+ * This command behaves different for root and non-root
+ * users.
+ */
+ amroot = (getuid () == 0);
+
+ OPENLOG ("chfn");
+
+ /* parse the command line options */
+ process_flags (argc, argv);
+
+ /*
+ * Get the name of the user to check. It is either the command line
+ * name, or the name getlogin() returns.
+ */
+ if (optind < argc) {
+ user = argv[optind];
+ pw = xgetpwnam (user);
+ if (NULL == pw) {
+ fprintf (stderr, _("%s: user '%s' does not exist\n"), Prog,
+ user);
+ fail_exit (E_NOPERM);
+ }
+ } else {
+ pw = get_my_pwent ();
+ if (NULL == pw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+ (unsigned long) getuid ()));
+ fail_exit (E_NOPERM);
+ }
+ user = xstrdup (pw->pw_name);
+ }
+
+#ifdef USE_NIS
+ /*
+ * Now we make sure this is a LOCAL password entry for this user ...
+ */
+ if (__ispwNIS ()) {
+ char *nis_domain;
+ char *nis_master;
+
+ fprintf (stderr,
+ _("%s: cannot change user '%s' on NIS client.\n"),
+ Prog, user);
+
+ if (!yp_get_default_domain (&nis_domain) &&
+ !yp_master (nis_domain, "passwd.byname", &nis_master)) {
+ fprintf (stderr,
+ _
+ ("%s: '%s' is the NIS master for this client.\n"),
+ Prog, nis_master);
+ }
+ fail_exit (E_NOPERM);
+ }
+#endif
+
+ /* Check that the caller is allowed to change the gecos of the
+ * specified user */
+ check_perms (pw);
+
+ /* If some fields were not set on the command line, load the value from
+ * the old gecos fields. */
+ get_old_fields (pw->pw_gecos);
+
+ /*
+ * If none of the fields were changed from the command line, let the
+ * user interactively change them.
+ */
+ if (!fflg && !rflg && !wflg && !hflg && !oflg) {
+ printf (_("Changing the user information for %s\n"), user);
+ new_fields ();
+ }
+
+ /*
+ * Check all of the fields for valid information
+ */
+ check_fields ();
+
+ /*
+ * Build the new GECOS field by plastering all the pieces together,
+ * if they will fit ...
+ */
+ if ((strlen (fullnm) + strlen (roomno) + strlen (workph) +
+ strlen (homeph) + strlen (slop)) > (unsigned int) 80) {
+ fprintf (stderr, _("%s: fields too long\n"), Prog);
+ fail_exit (E_NOPERM);
+ }
+ snprintf (new_gecos, sizeof new_gecos, "%s,%s,%s,%s%s%s",
+ fullnm, roomno, workph, homeph,
+ ('\0' != slop[0]) ? "," : "", slop);
+
+ /* Rewrite the user's gecos in the passwd file */
+ update_gecos (user, new_gecos);
+
+ SYSLOG ((LOG_INFO, "changed user '%s' information", user));
+
+ nscd_flush_cache ("passwd");
+
+ closelog ();
+ exit (E_SUCCESS);
+}
+
diff --git a/src/chgpasswd.c b/src/chgpasswd.c
new file mode 100644
index 0000000..13203a4
--- /dev/null
+++ b/src/chgpasswd.c
@@ -0,0 +1,587 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 2006 , Tomasz KÅ‚oczko
+ * Copyright (c) 2006 , Jonas Meurer
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <getopt.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+#include "defines.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "groupio.h"
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+static bool eflg = false;
+static bool md5flg = false;
+#ifdef USE_SHA_CRYPT
+static bool sflg = false;
+#endif
+
+static /*@null@*//*@observer@*/const char *crypt_method = NULL;
+#define cflg (NULL != crypt_method)
+#ifdef USE_SHA_CRYPT
+static long sha_rounds = 5000;
+#endif
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+static bool sgr_locked = false;
+#endif
+static bool gr_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
+static void process_flags (int argc, char **argv);
+static void check_flags (void);
+static void check_perms (void);
+static void open_files (void);
+static void close_files (void);
+
+/*
+ * fail_exit - exit with a failure code after unlocking the files
+ */
+static void fail_exit (int code)
+{
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ }
+
+#ifdef SHADOWGRP
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ }
+#endif
+
+ exit (code);
+}
+
+/*
+ * usage - display usage message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fprintf (usageout,
+ _(" -c, --crypt-method METHOD the crypt method (one of %s)\n"),
+#ifndef USE_SHA_CRYPT
+ "NONE DES MD5"
+#else /* USE_SHA_CRYPT */
+ "NONE DES MD5 SHA256 SHA512"
+#endif /* USE_SHA_CRYPT */
+ );
+ (void) fputs (_(" -e, --encrypted supplied passwords are encrypted\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -m, --md5 encrypt the clear text password using\n"
+ " the MD5 algorithm\n"),
+ usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+#ifdef USE_SHA_CRYPT
+ (void) fputs (_(" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+ " crypt algorithms\n"),
+ usageout);
+#endif /* USE_SHA_CRYPT */
+ (void) fputs ("\n", usageout);
+
+ exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ int c;
+ static struct option long_options[] = {
+ {"crypt-method", required_argument, NULL, 'c'},
+ {"encrypted", no_argument, NULL, 'e'},
+ {"help", no_argument, NULL, 'h'},
+ {"md5", no_argument, NULL, 'm'},
+ {"root", required_argument, NULL, 'R'},
+#ifdef USE_SHA_CRYPT
+ {"sha-rounds", required_argument, NULL, 's'},
+#endif
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv,
+#ifdef USE_SHA_CRYPT
+ "c:ehmR:s:",
+#else
+ "c:ehmR:",
+#endif
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'c':
+ crypt_method = optarg;
+ break;
+ case 'e':
+ eflg = true;
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'm':
+ md5flg = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+#ifdef USE_SHA_CRYPT
+ case 's':
+ sflg = true;
+ if (getlong(optarg, &sha_rounds) == 0) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (E_USAGE);
+ }
+ break;
+#endif
+ default:
+ usage (E_USAGE);
+ /*@notreached@*/break;
+ }
+ }
+
+ /* validate options */
+ check_flags ();
+}
+
+/*
+ * check_flags - check flags and parameters consistency
+ *
+ * It will not return if an error is encountered.
+ */
+static void check_flags (void)
+{
+#ifdef USE_SHA_CRYPT
+ if (sflg && !cflg) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+ Prog, "-s", "-c");
+ usage (E_USAGE);
+ }
+#endif
+
+ if ((eflg && (md5flg || cflg)) ||
+ (md5flg && cflg)) {
+ fprintf (stderr,
+ _("%s: the -c, -e, and -m flags are exclusive\n"),
+ Prog);
+ usage (E_USAGE);
+ }
+
+ if (cflg) {
+ if ( (0 != strcmp (crypt_method, "DES"))
+ && (0 != strcmp (crypt_method, "MD5"))
+ && (0 != strcmp (crypt_method, "NONE"))
+#ifdef USE_SHA_CRYPT
+ && (0 != strcmp (crypt_method, "SHA256"))
+ && (0 != strcmp (crypt_method, "SHA512"))
+#endif
+ ) {
+ fprintf (stderr,
+ _("%s: unsupported crypt method: %s\n"),
+ Prog, crypt_method);
+ usage (E_USAGE);
+ }
+ }
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ * With PAM support, the setuid bit can be set on chgpasswd to allow
+ * non-root users to groups.
+ * Without PAM support, only users who can write in the group databases
+ * can add groups.
+ *
+ * It will not return if the user is not allowed.
+ */
+static void check_perms (void)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ int retval;
+ struct passwd *pampw;
+
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (NULL == pampw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ exit (1);
+ }
+
+ retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh);
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ exit (1);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+}
+
+/*
+ * open_files - lock and open the group databases
+ */
+static void open_files (void)
+{
+ /*
+ * Lock the group file and open it for reading and writing. This will
+ * bring all of the entries into memory where they may be updated.
+ */
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ fail_exit (1);
+ }
+ gr_locked = true;
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"), Prog, gr_dbname ());
+ fail_exit (1);
+ }
+
+#ifdef SHADOWGRP
+ /* Do the same for the shadowed database, if it exist */
+ if (is_shadow_grp) {
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (1);
+ }
+ sgr_locked = true;
+ if (sgr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"),
+ Prog, sgr_dbname ());
+ fail_exit (1);
+ }
+ }
+#endif
+}
+
+/*
+ * close_files - close and unlock the group databases
+ */
+static void close_files (void)
+{
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+ fail_exit (1);
+ }
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ sgr_locked = false;
+ }
+#endif
+
+ if (gr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+ fail_exit (1);
+ }
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ gr_locked = false;
+}
+
+int main (int argc, char **argv)
+{
+ char buf[BUFSIZ];
+ char *name;
+ char *newpwd;
+ char *cp;
+
+#ifdef SHADOWGRP
+ const struct sgrp *sg;
+ struct sgrp newsg;
+#endif
+
+ const struct group *gr;
+ struct group newgr;
+ int errors = 0;
+ int line = 0;
+
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ process_flags (argc, argv);
+
+ OPENLOG ("chgpasswd");
+
+ check_perms ();
+
+#ifdef SHADOWGRP
+ is_shadow_grp = sgr_file_present ();
+#endif
+
+ open_files ();
+
+ /*
+ * Read each line, separating the group name from the password. The
+ * group entry for each group will be looked up in the appropriate
+ * file (gshadow or group) and the password changed.
+ */
+ while (fgets (buf, (int) sizeof buf, stdin) != (char *) 0) {
+ line++;
+ cp = strrchr (buf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ } else {
+ fprintf (stderr, _("%s: line %d: line too long\n"),
+ Prog, line);
+ errors++;
+ continue;
+ }
+
+ /*
+ * The group's name is the first field. It is separated from
+ * the password with a ":" character which is replaced with a
+ * NUL to give the new password. The new password will then
+ * be encrypted in the normal fashion with a new salt
+ * generated, unless the '-e' is given, in which case it is
+ * assumed to already be encrypted.
+ */
+
+ name = buf;
+ cp = strchr (name, ':');
+ if (NULL != cp) {
+ *cp = '\0';
+ cp++;
+ } else {
+ fprintf (stderr,
+ _("%s: line %d: missing new password\n"),
+ Prog, line);
+ errors++;
+ continue;
+ }
+ newpwd = cp;
+ if ( (!eflg)
+ && ( (NULL == crypt_method)
+ || (0 != strcmp (crypt_method, "NONE")))) {
+ void *arg = NULL;
+ const char *salt;
+ if (md5flg) {
+ crypt_method = "MD5";
+ }
+#ifdef USE_SHA_CRYPT
+ if (sflg) {
+ arg = &sha_rounds;
+ }
+#endif
+ salt = crypt_make_salt (crypt_method, arg);
+ cp = pw_encrypt (newpwd, salt);
+ if (NULL == cp) {
+ fprintf (stderr,
+ _("%s: failed to crypt password with salt '%s': %s\n"),
+ Prog, salt, strerror (errno));
+ fail_exit (1);
+ }
+ }
+
+ /*
+ * Get the group file entry for this group. The group must
+ * already exist.
+ */
+ gr = gr_locate (name);
+ if (NULL == gr) {
+ fprintf (stderr,
+ _("%s: line %d: group '%s' does not exist\n"), Prog,
+ line, name);
+ errors++;
+ continue;
+ }
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ /* The gshadow entry should be updated if the
+ * group entry has a password set to 'x'.
+ * But on the other hand, if there is already both
+ * a group and a gshadow password, it's preferable
+ * to update both.
+ */
+ sg = sgr_locate (name);
+
+ if ( (NULL == sg)
+ && (strcmp (gr->gr_passwd,
+ SHADOW_PASSWD_STRING) == 0)) {
+ static char *empty = NULL;
+ /* If the password is set to 'x' in
+ * group, but there are no entries in
+ * gshadow, create one.
+ */
+ newsg.sg_name = name;
+ /* newsg.sg_passwd = NULL; will be set later */
+ newsg.sg_adm = &empty;
+ newsg.sg_mem = dup_list (gr->gr_mem);
+ sg = &newsg;
+ }
+ } else {
+ sg = NULL;
+ }
+#endif
+
+ /*
+ * The freshly encrypted new password is merged into the
+ * group's entry.
+ */
+#ifdef SHADOWGRP
+ if (NULL != sg) {
+ newsg = *sg;
+ newsg.sg_passwd = cp;
+ }
+ if ( (NULL == sg)
+ || (strcmp (gr->gr_passwd, SHADOW_PASSWD_STRING) != 0))
+#endif
+ {
+ newgr = *gr;
+ newgr.gr_passwd = cp;
+ }
+
+ /*
+ * The updated group file entry is then put back and will
+ * be written to the group file later, after all the
+ * other entries have been updated as well.
+ */
+#ifdef SHADOWGRP
+ if (NULL != sg) {
+ if (sgr_update (&newsg) == 0) {
+ fprintf (stderr,
+ _("%s: line %d: failed to prepare the new %s entry '%s'\n"),
+ Prog, line, sgr_dbname (), newsg.sg_name);
+ errors++;
+ continue;
+ }
+ }
+ if ( (NULL == sg)
+ || (strcmp (gr->gr_passwd, SHADOW_PASSWD_STRING) != 0))
+#endif
+ {
+ if (gr_update (&newgr) == 0) {
+ fprintf (stderr,
+ _("%s: line %d: failed to prepare the new %s entry '%s'\n"),
+ Prog, line, gr_dbname (), newgr.gr_name);
+ errors++;
+ continue;
+ }
+ }
+ }
+
+ /*
+ * Any detected errors will cause the entire set of changes to be
+ * aborted. Unlocking the group file will cause all of the
+ * changes to be ignored. Otherwise the file is closed, causing the
+ * changes to be written out all at once, and then unlocked
+ * afterwards.
+ */
+ if (0 != errors) {
+ fprintf (stderr,
+ _("%s: error detected, changes ignored\n"), Prog);
+ fail_exit (1);
+ }
+
+ close_files ();
+
+ nscd_flush_cache ("group");
+
+ return (0);
+}
+
diff --git a/src/chpasswd.c b/src/chpasswd.c
new file mode 100644
index 0000000..f985672
--- /dev/null
+++ b/src/chpasswd.c
@@ -0,0 +1,630 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <getopt.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif /* USE_PAM */
+#include "defines.h"
+#include "nscd.h"
+#include "getdef.h"
+#include "prototypes.h"
+#include "pwio.h"
+#include "shadowio.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+static bool eflg = false;
+static bool md5flg = false;
+#ifdef USE_SHA_CRYPT
+static bool sflg = false;
+#endif /* USE_SHA_CRYPT */
+
+static /*@null@*//*@observer@*/const char *crypt_method = NULL;
+#define cflg (NULL != crypt_method)
+#ifdef USE_SHA_CRYPT
+static long sha_rounds = 5000;
+#endif /* USE_SHA_CRYPT */
+
+static bool is_shadow_pwd;
+static bool pw_locked = false;
+static bool spw_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
+static void process_flags (int argc, char **argv);
+static void check_flags (void);
+static void check_perms (void);
+static void open_files (void);
+static void close_files (void);
+
+/*
+ * fail_exit - exit with a failure code after unlocking the files
+ */
+static void fail_exit (int code)
+{
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ }
+
+ if (spw_locked) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ }
+
+ exit (code);
+}
+
+/*
+ * usage - display usage message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fprintf (usageout,
+ _(" -c, --crypt-method METHOD the crypt method (one of %s)\n"),
+#ifndef USE_SHA_CRYPT
+ "NONE DES MD5"
+#else /* USE_SHA_CRYPT */
+ "NONE DES MD5 SHA256 SHA512"
+#endif /* USE_SHA_CRYPT */
+ );
+ (void) fputs (_(" -e, --encrypted supplied passwords are encrypted\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -m, --md5 encrypt the clear text password using\n"
+ " the MD5 algorithm\n"),
+ usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+#ifdef USE_SHA_CRYPT
+ (void) fputs (_(" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+ " crypt algorithms\n"),
+ usageout);
+#endif /* USE_SHA_CRYPT */
+ (void) fputs ("\n", usageout);
+
+ exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ int c;
+ static struct option long_options[] = {
+ {"crypt-method", required_argument, NULL, 'c'},
+ {"encrypted", no_argument, NULL, 'e'},
+ {"help", no_argument, NULL, 'h'},
+ {"md5", no_argument, NULL, 'm'},
+ {"root", required_argument, NULL, 'R'},
+#ifdef USE_SHA_CRYPT
+ {"sha-rounds", required_argument, NULL, 's'},
+#endif /* USE_SHA_CRYPT */
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv,
+#ifdef USE_SHA_CRYPT
+ "c:ehmR:s:",
+#else /* !USE_SHA_CRYPT */
+ "c:ehmR:",
+#endif /* !USE_SHA_CRYPT */
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'c':
+ crypt_method = optarg;
+ break;
+ case 'e':
+ eflg = true;
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'm':
+ md5flg = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+#ifdef USE_SHA_CRYPT
+ case 's':
+ sflg = true;
+ if (getlong(optarg, &sha_rounds) == 0) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (E_USAGE);
+ }
+ break;
+#endif /* USE_SHA_CRYPT */
+ default:
+ usage (E_USAGE);
+ /*@notreached@*/break;
+ }
+ }
+
+ /* validate options */
+ check_flags ();
+}
+
+/*
+ * check_flags - check flags and parameters consistency
+ *
+ * It will not return if an error is encountered.
+ */
+static void check_flags (void)
+{
+#ifdef USE_SHA_CRYPT
+ if (sflg && !cflg) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+ Prog, "-s", "-c");
+ usage (E_USAGE);
+ }
+#endif
+
+ if ((eflg && (md5flg || cflg)) ||
+ (md5flg && cflg)) {
+ fprintf (stderr,
+ _("%s: the -c, -e, and -m flags are exclusive\n"),
+ Prog);
+ usage (E_USAGE);
+ }
+
+ if (cflg) {
+ if ( (0 != strcmp (crypt_method, "DES"))
+ && (0 != strcmp (crypt_method, "MD5"))
+ && (0 != strcmp (crypt_method, "NONE"))
+#ifdef USE_SHA_CRYPT
+ && (0 != strcmp (crypt_method, "SHA256"))
+ && (0 != strcmp (crypt_method, "SHA512"))
+#endif /* USE_SHA_CRYPT */
+ ) {
+ fprintf (stderr,
+ _("%s: unsupported crypt method: %s\n"),
+ Prog, crypt_method);
+ usage (E_USAGE);
+ }
+ }
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ * With PAM support, the setuid bit can be set on chpasswd to allow
+ * non-root users to groups.
+ * Without PAM support, only users who can write in the group databases
+ * can add groups.
+ *
+ * It will not return if the user is not allowed.
+ */
+static void check_perms (void)
+{
+#ifdef USE_PAM
+#ifdef ACCT_TOOLS_SETUID
+ /* If chpasswd uses PAM and is SUID, check the permissions,
+ * otherwise, the permissions are enforced by the access to the
+ * passwd and shadow files.
+ */
+ pam_handle_t *pamh = NULL;
+ int retval;
+ struct passwd *pampw;
+
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (NULL == pampw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ exit (1);
+ }
+
+ retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ exit (1);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* ACCT_TOOLS_SETUID */
+#endif /* USE_PAM */
+}
+
+/*
+ * open_files - lock and open the password databases
+ */
+static void open_files (void)
+{
+ /*
+ * Lock the password file and open it for reading and writing. This
+ * will bring all of the entries into memory where they may be updated.
+ */
+ if (pw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ fail_exit (1);
+ }
+ pw_locked = true;
+ if (pw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"), Prog, pw_dbname ());
+ fail_exit (1);
+ }
+
+ /* Do the same for the shadowed database, if it exist */
+ if (is_shadow_pwd) {
+ if (spw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, spw_dbname ());
+ fail_exit (1);
+ }
+ spw_locked = true;
+ if (spw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, spw_dbname ());
+ fail_exit (1);
+ }
+ }
+}
+
+/*
+ * close_files - close and unlock the password databases
+ */
+static void close_files (void)
+{
+ if (is_shadow_pwd) {
+ if (spw_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+ fail_exit (1);
+ }
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ spw_locked = false;
+ }
+
+ if (pw_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (1);
+ }
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ pw_locked = false;
+}
+
+int main (int argc, char **argv)
+{
+ char buf[BUFSIZ];
+ char *name;
+ char *newpwd;
+ char *cp;
+
+#ifdef USE_PAM
+ bool use_pam = true;
+#endif /* USE_PAM */
+
+ int errors = 0;
+ int line = 0;
+
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ process_flags (argc, argv);
+
+#ifdef USE_PAM
+ if (md5flg || eflg || cflg) {
+ use_pam = false;
+ }
+#endif /* USE_PAM */
+
+ OPENLOG ("chpasswd");
+
+ check_perms ();
+
+#ifdef USE_PAM
+ if (!use_pam)
+#endif /* USE_PAM */
+ {
+ is_shadow_pwd = spw_file_present ();
+
+ open_files ();
+ }
+
+ /*
+ * Read each line, separating the user name from the password. The
+ * password entry for each user will be looked up in the appropriate
+ * file (shadow or passwd) and the password changed. For shadow
+ * files the last change date is set directly, for passwd files the
+ * last change date is set in the age only if aging information is
+ * present.
+ */
+ while (fgets (buf, (int) sizeof buf, stdin) != (char *) 0) {
+ line++;
+ cp = strrchr (buf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ } else {
+ if (feof (stdin) == 0) {
+ fprintf (stderr,
+ _("%s: line %d: line too long\n"),
+ Prog, line);
+ errors++;
+ continue;
+ }
+ }
+
+ /*
+ * The username is the first field. It is separated from the
+ * password with a ":" character which is replaced with a
+ * NUL to give the new password. The new password will then
+ * be encrypted in the normal fashion with a new salt
+ * generated, unless the '-e' is given, in which case it is
+ * assumed to already be encrypted.
+ */
+
+ name = buf;
+ cp = strchr (name, ':');
+ if (NULL != cp) {
+ *cp = '\0';
+ cp++;
+ } else {
+ fprintf (stderr,
+ _("%s: line %d: missing new password\n"),
+ Prog, line);
+ errors++;
+ continue;
+ }
+ newpwd = cp;
+
+#ifdef USE_PAM
+ if (use_pam){
+ if (do_pam_passwd_non_interractive ("chpasswd", name, newpwd) != 0) {
+ fprintf (stderr,
+ _("%s: (line %d, user %s) password not changed\n"),
+ Prog, line, name);
+ errors++;
+ }
+ } else
+#endif /* USE_PAM */
+ {
+ const struct spwd *sp;
+ struct spwd newsp;
+ const struct passwd *pw;
+ struct passwd newpw;
+
+ if ( !eflg
+ && ( (NULL == crypt_method)
+ || (0 != strcmp (crypt_method, "NONE")))) {
+ void *arg = NULL;
+ const char *salt;
+ if (md5flg) {
+ crypt_method = "MD5";
+ }
+#ifdef USE_SHA_CRYPT
+ if (sflg) {
+ arg = &sha_rounds;
+ }
+#endif
+ salt = crypt_make_salt (crypt_method, arg);
+ cp = pw_encrypt (newpwd, salt);
+ if (NULL == cp) {
+ fprintf (stderr,
+ _("%s: failed to crypt password with salt '%s': %s\n"),
+ Prog, salt, strerror (errno));
+ fail_exit (1);
+ }
+ }
+
+ /*
+ * Get the password file entry for this user. The user must
+ * already exist.
+ */
+ pw = pw_locate (name);
+ if (NULL == pw) {
+ fprintf (stderr,
+ _("%s: line %d: user '%s' does not exist\n"), Prog,
+ line, name);
+ errors++;
+ continue;
+ }
+ if (is_shadow_pwd) {
+ /* The shadow entry should be updated if the
+ * passwd entry has a password set to 'x'.
+ * But on the other hand, if there is already both
+ * a passwd and a shadow password, it's preferable
+ * to update both.
+ */
+ sp = spw_locate (name);
+
+ if ( (NULL == sp)
+ && (strcmp (pw->pw_passwd,
+ SHADOW_PASSWD_STRING) == 0)) {
+ /* If the password is set to 'x' in
+ * passwd, but there are no entries in
+ * shadow, create one.
+ */
+ newsp.sp_namp = name;
+ /* newsp.sp_pwdp = NULL; will be set later */
+ /* newsp.sp_lstchg= 0; will be set later */
+ newsp.sp_min = getdef_num ("PASS_MIN_DAYS", -1);
+ newsp.sp_max = getdef_num ("PASS_MAX_DAYS", -1);
+ newsp.sp_warn = getdef_num ("PASS_WARN_AGE", -1);
+ newsp.sp_inact = -1;
+ newsp.sp_expire= -1;
+ newsp.sp_flag = SHADOW_SP_FLAG_UNSET;
+ sp = &newsp;
+ }
+ } else {
+ sp = NULL;
+ }
+
+ /*
+ * The freshly encrypted new password is merged into the
+ * user's password file entry and the last password change
+ * date is set to the current date.
+ */
+ if (NULL != sp) {
+ newsp = *sp;
+ newsp.sp_pwdp = cp;
+ newsp.sp_lstchg = (long) gettime () / SCALE;
+ if (0 == newsp.sp_lstchg) {
+ /* Better disable aging than requiring a
+ * password change */
+ newsp.sp_lstchg = -1;
+ }
+ }
+
+ if ( (NULL == sp)
+ || (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) != 0)) {
+ newpw = *pw;
+ newpw.pw_passwd = cp;
+ }
+
+ /*
+ * The updated password file entry is then put back and will
+ * be written to the password file later, after all the
+ * other entries have been updated as well.
+ */
+ if (NULL != sp) {
+ if (spw_update (&newsp) == 0) {
+ fprintf (stderr,
+ _("%s: line %d: failed to prepare the new %s entry '%s'\n"),
+ Prog, line, spw_dbname (), newsp.sp_namp);
+ errors++;
+ continue;
+ }
+ }
+ if ( (NULL == sp)
+ || (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) != 0)) {
+ if (pw_update (&newpw) == 0) {
+ fprintf (stderr,
+ _("%s: line %d: failed to prepare the new %s entry '%s'\n"),
+ Prog, line, pw_dbname (), newpw.pw_name);
+ errors++;
+ continue;
+ }
+ }
+ }
+ }
+
+ /*
+ * Any detected errors will cause the entire set of changes to be
+ * aborted. Unlocking the password file will cause all of the
+ * changes to be ignored. Otherwise the file is closed, causing the
+ * changes to be written out all at once, and then unlocked
+ * afterwards.
+ *
+ * With PAM, it is not possible to delay the update of the
+ * password database.
+ */
+ if (0 != errors) {
+#ifdef USE_PAM
+ if (!use_pam)
+#endif /* USE_PAM */
+ {
+ fprintf (stderr,
+ _("%s: error detected, changes ignored\n"),
+ Prog);
+ }
+ fail_exit (1);
+ }
+
+#ifdef USE_PAM
+ if (!use_pam)
+#endif /* USE_PAM */
+ {
+ /* Save the changes */
+ close_files ();
+ }
+
+ nscd_flush_cache ("passwd");
+
+ return (0);
+}
+
diff --git a/src/chsh.c b/src/chsh.c
new file mode 100644
index 0000000..c89708b
--- /dev/null
+++ b/src/chsh.c
@@ -0,0 +1,564 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <getopt.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/types.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/av_permissions.h>
+#endif
+#include "defines.h"
+#include "getdef.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+#ifndef SHELLS_FILE
+#define SHELLS_FILE "/etc/shells"
+#endif
+/*
+ * Global variables
+ */
+const char *Prog; /* Program name */
+static bool amroot; /* Real UID is root */
+static char loginsh[BUFSIZ]; /* Name of new login shell */
+/* command line options */
+static bool sflg = false; /* -s - set shell from command line */
+static bool pw_locked = false;
+
+/* external identifiers */
+
+/* local function prototypes */
+static /*@noreturn@*/void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
+static void new_fields (void);
+static bool shell_is_listed (const char *);
+static bool is_restricted_shell (const char *);
+static void process_flags (int argc, char **argv);
+static void check_perms (const struct passwd *pw);
+static void update_shell (const char *user, char *loginsh);
+
+/*
+ * fail_exit - do some cleanup and exit with the given error code
+ */
+static /*@noreturn@*/void fail_exit (int code)
+{
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ }
+
+ closelog ();
+
+ exit (code);
+}
+
+/*
+ * usage - print command line syntax and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options] [LOGIN]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * new_fields - change the user's login shell information interactively
+ *
+ * prompt the user for the login shell and change it according to the
+ * response, or leave it alone if nothing was entered.
+ */
+static void new_fields (void)
+{
+ puts (_("Enter the new value, or press ENTER for the default"));
+ change_field (loginsh, sizeof loginsh, _("Login Shell"));
+}
+
+/*
+ * is_restricted_shell - return true if the shell is restricted
+ *
+ */
+static bool is_restricted_shell (const char *sh)
+{
+ /*
+ * Shells not listed in /etc/shells are considered to be restricted.
+ * Changed this to avoid confusion with "rc" (the plan9 shell - not
+ * restricted despite the name starting with 'r'). --marekm
+ */
+ return !shell_is_listed (sh);
+}
+
+/*
+ * shell_is_listed - see if the user's login shell is listed in /etc/shells
+ *
+ * The /etc/shells file is read for valid names of login shells. If the
+ * /etc/shells file does not exist the user cannot set any shell unless
+ * they are root.
+ *
+ * If getusershell() is available (Linux, *BSD, possibly others), use it
+ * instead of re-implementing it.
+ */
+static bool shell_is_listed (const char *sh)
+{
+ char *cp;
+ bool found = false;
+
+#ifndef HAVE_GETUSERSHELL
+ char buf[BUFSIZ];
+ FILE *fp;
+#endif
+
+#ifdef HAVE_GETUSERSHELL
+ setusershell ();
+ while ((cp = getusershell ())) {
+ if (strcmp (cp, sh) == 0) {
+ found = true;
+ break;
+ }
+ }
+ endusershell ();
+#else
+ fp = fopen (SHELLS_FILE, "r");
+ if (NULL == fp) {
+ return false;
+ }
+
+ while (fgets (buf, sizeof (buf), fp) == buf) {
+ cp = strrchr (buf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ }
+
+ if (buf[0] == '#') {
+ continue;
+ }
+
+ if (strcmp (buf, sh) == 0) {
+ found = true;
+ break;
+ }
+ }
+ fclose (fp);
+#endif
+ return found;
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ int c;
+ static struct option long_options[] = {
+ {"help", no_argument, NULL, 'h'},
+ {"root", required_argument, NULL, 'R'},
+ {"shell", required_argument, NULL, 's'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "hR:s:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 's':
+ sflg = true;
+ STRFCPY (loginsh, optarg);
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ /*
+ * There should be only one remaining argument at most and it should
+ * be the user's name.
+ */
+ if (argc > (optind + 1)) {
+ usage (E_USAGE);
+ }
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ * Non-root users are only allowed to change their shell, if their current
+ * shell is not a restricted shell.
+ *
+ * Non-root users must be authenticated.
+ *
+ * It will not return if the user is not allowed.
+ */
+static void check_perms (const struct passwd *pw)
+{
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ int retval;
+ struct passwd *pampw;
+#endif
+
+ /*
+ * Non-privileged users are only allowed to change the shell if the
+ * UID of the user matches the current real UID.
+ */
+ if (!amroot && pw->pw_uid != getuid ()) {
+ SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
+ fprintf (stderr,
+ _("You may not change the shell for '%s'.\n"),
+ pw->pw_name);
+ fail_exit (1);
+ }
+
+ /*
+ * Non-privileged users are only allowed to change the shell if it
+ * is not a restricted one.
+ */
+ if (!amroot && is_restricted_shell (pw->pw_shell)) {
+ SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
+ fprintf (stderr,
+ _("You may not change the shell for '%s'.\n"),
+ pw->pw_name);
+ fail_exit (1);
+ }
+#ifdef WITH_SELINUX
+ /*
+ * If the UID of the user does not match the current real UID,
+ * check if the change is allowed by SELinux policy.
+ */
+ if ((pw->pw_uid != getuid ())
+ && (is_selinux_enabled () > 0)
+ && (selinux_check_passwd_access (PASSWD__CHSH) != 0)) {
+ SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
+ fprintf (stderr,
+ _("You may not change the shell for '%s'.\n"),
+ pw->pw_name);
+ fail_exit (1);
+ }
+#endif
+
+#ifndef USE_PAM
+ /*
+ * Non-privileged users are optionally authenticated (must enter
+ * the password of the user whose information is being changed)
+ * before any changes can be made. Idea from util-linux
+ * chfn/chsh. --marekm
+ */
+ if (!amroot && getdef_bool ("CHSH_AUTH")) {
+ passwd_check (pw->pw_name, pw->pw_passwd, "chsh");
+ }
+
+#else /* !USE_PAM */
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (NULL == pampw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ exit (E_NOPERM);
+ }
+
+ retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh);
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ exit (E_NOPERM);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* USE_PAM */
+}
+
+/*
+ * update_shell - update the user's shell in the passwd database
+ *
+ * Commit the user's entry after changing her shell field.
+ *
+ * It will not return in case of error.
+ */
+static void update_shell (const char *user, char *newshell)
+{
+ const struct passwd *pw; /* Password entry from /etc/passwd */
+ struct passwd pwent; /* New password entry */
+
+ /*
+ * Before going any further, raise the ulimit to prevent
+ * colliding into a lowered ulimit, and set the real UID
+ * to root to protect against unexpected signals. Any
+ * keyboard signals are set to be ignored.
+ */
+ if (setuid (0) != 0) {
+ SYSLOG ((LOG_ERR, "can't setuid(0)"));
+ fputs (_("Cannot change ID to root.\n"), stderr);
+ fail_exit (1);
+ }
+ pwd_init ();
+
+ /*
+ * The passwd entry is now ready to be committed back to
+ * the password file. Get a lock on the file and open it.
+ */
+ if (pw_lock () == 0) {
+ fprintf (stderr, _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ fail_exit (1);
+ }
+ pw_locked = true;
+ if (pw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
+ fail_exit (1);
+ }
+
+ /*
+ * Get the entry to update using pw_locate() - we want the real
+ * one from /etc/passwd, not the one from getpwnam() which could
+ * contain the shadow password if (despite the warnings) someone
+ * enables AUTOSHADOW (or SHADOW_COMPAT in libc). --marekm
+ */
+ pw = pw_locate (user);
+ if (NULL == pw) {
+ fprintf (stderr,
+ _("%s: user '%s' does not exist in %s\n"),
+ Prog, user, pw_dbname ());
+ fail_exit (1);
+ }
+
+ /*
+ * Make a copy of the entry, then change the shell field. The other
+ * fields remain unchanged.
+ */
+ pwent = *pw;
+ pwent.pw_shell = newshell;
+
+ /*
+ * Update the passwd file entry. If there is a DBM file, update
+ * that entry as well.
+ */
+ if (pw_update (&pwent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, pw_dbname (), pwent.pw_name);
+ fail_exit (1);
+ }
+
+ /*
+ * Changes have all been made, so commit them and unlock the file.
+ */
+ if (pw_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (1);
+ }
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ pw_locked= false;
+}
+
+/*
+ * chsh - this command controls changes to the user's shell
+ *
+ * The only supported option is -s which permits the the login shell to
+ * be set from the command line.
+ */
+int main (int argc, char **argv)
+{
+ char *user; /* User name */
+ const struct passwd *pw; /* Password entry from /etc/passwd */
+
+ sanitize_env ();
+
+ /*
+ * Get the program name. The program name is used as a prefix to
+ * most error messages.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ /*
+ * This command behaves different for root and non-root users.
+ */
+ amroot = (getuid () == 0);
+
+ OPENLOG ("chsh");
+
+ /* parse the command line options */
+ process_flags (argc, argv);
+
+ /*
+ * Get the name of the user to check. It is either the command line
+ * name, or the name getlogin() returns.
+ */
+ if (optind < argc) {
+ user = argv[optind];
+ pw = xgetpwnam (user);
+ if (NULL == pw) {
+ fprintf (stderr,
+ _("%s: user '%s' does not exist\n"), Prog, user);
+ fail_exit (1);
+ }
+ } else {
+ pw = get_my_pwent ();
+ if (NULL == pw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+ (unsigned long) getuid ()));
+ fail_exit (1);
+ }
+ user = xstrdup (pw->pw_name);
+ }
+
+#ifdef USE_NIS
+ /*
+ * Now we make sure this is a LOCAL password entry for this user ...
+ */
+ if (__ispwNIS ()) {
+ char *nis_domain;
+ char *nis_master;
+
+ fprintf (stderr,
+ _("%s: cannot change user '%s' on NIS client.\n"),
+ Prog, user);
+
+ if (!yp_get_default_domain (&nis_domain) &&
+ !yp_master (nis_domain, "passwd.byname", &nis_master)) {
+ fprintf (stderr,
+ _("%s: '%s' is the NIS master for this client.\n"),
+ Prog, nis_master);
+ }
+ fail_exit (1);
+ }
+#endif
+
+ check_perms (pw);
+
+ /*
+ * Now get the login shell. Either get it from the password
+ * file, or use the value from the command line.
+ */
+ if (!sflg) {
+ STRFCPY (loginsh, pw->pw_shell);
+ }
+
+ /*
+ * If the login shell was not set on the command line, let the user
+ * interactively change it.
+ */
+ if (!sflg) {
+ printf (_("Changing the login shell for %s\n"), user);
+ new_fields ();
+ }
+
+ /*
+ * Check all of the fields for valid information. The shell
+ * field may not contain any illegal characters. Non-privileged
+ * users are restricted to using the shells in /etc/shells.
+ * The shell must be executable by the user.
+ */
+ if (valid_field (loginsh, ":,=\n") != 0) {
+ fprintf (stderr, _("%s: Invalid entry: %s\n"), Prog, loginsh);
+ fail_exit (1);
+ }
+ if ( !amroot
+ && ( is_restricted_shell (loginsh)
+ || (access (loginsh, X_OK) != 0))) {
+ fprintf (stderr, _("%s: %s is an invalid shell\n"), Prog, loginsh);
+ fail_exit (1);
+ }
+
+ /* Even for root, warn if an invalid shell is specified. */
+ if (access (loginsh, F_OK) != 0) {
+ fprintf (stderr, _("%s: Warning: %s does not exist\n"), Prog, loginsh);
+ } else if (access (loginsh, X_OK) != 0) {
+ fprintf (stderr, _("%s: Warning: %s is not executable\n"), Prog, loginsh);
+ }
+
+ update_shell (user, loginsh);
+
+ SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh));
+
+ nscd_flush_cache ("passwd");
+
+ closelog ();
+ exit (E_SUCCESS);
+}
+
diff --git a/src/expiry.c b/src/expiry.c
new file mode 100644
index 0000000..41add94
--- /dev/null
+++ b/src/expiry.c
@@ -0,0 +1,210 @@
+/*
+ * Copyright (c) 1994 , Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <getopt.h>
+#include "defines.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/* Global variables */
+const char *Prog;
+static bool cflg = false;
+
+/* local function prototypes */
+static RETSIGTYPE catch_signals (unused int sig);
+static /*@noreturn@*/void usage (int status);
+static void process_flags (int argc, char **argv);
+
+/*
+ * catch_signals - signal catcher
+ */
+static RETSIGTYPE catch_signals (unused int sig)
+{
+ _exit (10);
+}
+
+/*
+ * usage - print syntax message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -c, --check check the user's password expiration\n"), usageout);
+ (void) fputs (_(" -f, --force force password change if the user's password\n"
+ " is expired\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ bool fflg = false;
+ int c;
+ static struct option long_options[] = {
+ {"check", no_argument, NULL, 'c'},
+ {"force", no_argument, NULL, 'f'},
+ {"help", no_argument, NULL, 'h'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "cfh",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'c':
+ cflg = true;
+ break;
+ case 'f':
+ fflg = true;
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ if (! (cflg || fflg)) {
+ usage (E_USAGE);
+ }
+
+ if (cflg && fflg) {
+ fprintf (stderr,
+ _("%s: options %s and %s conflict\n"),
+ Prog, "-c", "-f");
+ usage (E_USAGE);
+ }
+
+ if (argc != optind) {
+ fprintf (stderr,
+ _("%s: unexpected argument: %s\n"),
+ Prog, argv[optind]);
+ usage (E_USAGE);
+ }
+}
+
+/*
+ * expiry - check and enforce password expiration policy
+ *
+ * expiry checks (-c) the current password expiration and forces (-f)
+ * changes when required. It is callable as a normal user command.
+ */
+int main (int argc, char **argv)
+{
+ struct passwd *pwd;
+ struct spwd *spwd;
+
+ Prog = Basename (argv[0]);
+
+ sanitize_env ();
+
+ /*
+ * Start by disabling all of the keyboard signals.
+ */
+ (void) signal (SIGHUP, catch_signals);
+ (void) signal (SIGINT, catch_signals);
+ (void) signal (SIGQUIT, catch_signals);
+#ifdef SIGTSTP
+ (void) signal (SIGTSTP, catch_signals);
+#endif
+
+ /*
+ * expiry takes one of two arguments. The default action is to give
+ * the usage message.
+ */
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ OPENLOG ("expiry");
+
+ process_flags (argc, argv);
+
+ /*
+ * Get user entries for /etc/passwd and /etc/shadow
+ */
+ pwd = get_my_pwent ();
+ if (NULL == pwd) {
+ fprintf (stderr, _("%s: Cannot determine your user name.\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+ (unsigned long) getuid ()));
+ exit (10);
+ }
+ spwd = getspnam (pwd->pw_name); /* !USE_PAM, No need for xgetspnam */
+
+ /*
+ * If checking accounts, use agecheck() function.
+ */
+ if (cflg) {
+ /*
+ * Print out number of days until expiration.
+ */
+ agecheck (spwd);
+
+ /*
+ * Exit with status indicating state of account.
+ */
+ exit (isexpired (pwd, spwd));
+ }
+
+ /*
+ * Otherwise, force a password change with the expire() function.
+ * It will force the change or give a message indicating what to
+ * do.
+ * It won't return unless the account is unexpired.
+ */
+ (void) expire (pwd, spwd);
+
+ return E_SUCCESS;
+}
+
diff --git a/src/faillog.c b/src/faillog.c
new file mode 100644
index 0000000..073561c
--- /dev/null
+++ b/src/faillog.c
@@ -0,0 +1,741 @@
+/*
+ * Copyright (c) 1989 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <getopt.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <time.h>
+#include <assert.h>
+#include "defines.h"
+#include "faillog.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/* local function prototypes */
+static /*@noreturn@*/void usage (int status);
+static void print_one (/*@null@*/const struct passwd *pw, bool force);
+static void set_locktime (long locktime);
+static bool set_locktime_one (uid_t uid, long locktime);
+static void setmax (short max);
+static bool setmax_one (uid_t uid, short max);
+static void print (void);
+static bool reset_one (uid_t uid);
+static void reset (void);
+
+/*
+ * Global variables
+ */
+const char *Prog; /* Program name */
+static FILE *fail; /* failure file stream */
+static time_t seconds; /* that number of days in seconds */
+static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */
+static bool has_umin = false;
+static unsigned long umax; /* if uflg and has_umax, only display users with uid <= umax */
+static bool has_umax = false;
+static bool errors = false;
+
+static bool aflg = false; /* set if all users are to be printed always */
+static bool uflg = false; /* set if user is a valid user id */
+static bool tflg = false; /* print is restricted to most recent days */
+static bool lflg = false; /* set the locktime */
+static bool mflg = false; /* set maximum failed login counters */
+static bool rflg = false; /* reset the counters of login failures */
+
+static struct stat statbuf; /* fstat buffer for file size */
+
+#define NOW (time((time_t *) 0))
+
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -a, --all display faillog records for all users\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -l, --lock-secs SEC after failed login lock account for SEC seconds\n"), usageout);
+ (void) fputs (_(" -m, --maximum MAX set maximum failed login counters to MAX\n"), usageout);
+ (void) fputs (_(" -r, --reset reset the counters of login failures\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -t, --time DAYS display faillog records more recent than DAYS\n"), usageout);
+ (void) fputs (_(" -u, --user LOGIN/RANGE display faillog record or maintains failure\n"
+ " counters and limits (if used with -r, -m,\n"
+ " or -l) only for the specified LOGIN(s)\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+static void print_one (/*@null@*/const struct passwd *pw, bool force)
+{
+ static bool once = false;
+ struct tm *tm;
+ off_t offset;
+ struct faillog fl;
+ time_t now;
+
+#ifdef HAVE_STRFTIME
+ char *cp;
+ char ptime[80];
+#endif
+
+ if (NULL == pw) {
+ return;
+ }
+
+ offset = (off_t) pw->pw_uid * sizeof (fl);
+ if (offset + sizeof (fl) <= statbuf.st_size) {
+ /* fseeko errors are not really relevant for us. */
+ int err = fseeko (fail, offset, SEEK_SET);
+ assert (0 == err);
+ /* faillog is a sparse file. Even if no entries were
+ * entered for this user, which should be able to get the
+ * empty entry in this case.
+ */
+ if (fread ((char *) &fl, sizeof (fl), 1, fail) != 1) {
+ fprintf (stderr,
+ _("%s: Failed to get the entry for UID %lu\n"),
+ Prog, (unsigned long int)pw->pw_uid);
+ return;
+ }
+ } else {
+ /* Outsize of the faillog file.
+ * Behave as if there were a missing entry (same behavior
+ * as if we were reading an non existing entry in the
+ * sparse faillog file).
+ */
+ memzero (&fl, sizeof (fl));
+ }
+
+ /* Nothing to report */
+ if (!force && (0 == fl.fail_time)) {
+ return;
+ }
+
+ (void) time(&now);
+
+ /* Filter out entries that do not match with the -t option */
+ if (tflg && ((now - fl.fail_time) > seconds)) {
+ return;
+ }
+
+ /* Print the header only once */
+ if (!once) {
+ puts (_("Login Failures Maximum Latest On\n"));
+ once = true;
+ }
+
+ tm = localtime (&fl.fail_time);
+#ifdef HAVE_STRFTIME
+ strftime (ptime, sizeof (ptime), "%D %H:%M:%S %z", tm);
+ cp = ptime;
+#endif
+ printf ("%-9s %5d %5d ",
+ pw->pw_name, fl.fail_cnt, fl.fail_max);
+ /* FIXME: cp is not defined ifndef HAVE_STRFTIME */
+ printf ("%s %s", cp, fl.fail_line);
+ if (0 != fl.fail_locktime) {
+ if ( ((fl.fail_time + fl.fail_locktime) > now)
+ && (0 != fl.fail_cnt)) {
+ printf (_(" [%lus left]"),
+ (unsigned long) fl.fail_time + fl.fail_locktime - now);
+ } else {
+ printf (_(" [%lds lock]"),
+ fl.fail_locktime);
+ }
+ }
+ putchar ('\n');
+}
+
+static void print (void)
+{
+ if (uflg && has_umin && has_umax && (umin==umax)) {
+ print_one (getpwuid ((uid_t)umin), true);
+ } else {
+ /* We only print records for existing users.
+ * Loop based on the user database instead of reading the
+ * whole file. We will have to query the database anyway
+ * so except for very small ranges and large user
+ * database, this should not be a performance issue.
+ */
+ struct passwd *pwent;
+
+ setpwent ();
+ while ( (pwent = getpwent ()) != NULL ) {
+ if ( uflg
+ && ( (has_umin && (pwent->pw_uid < (uid_t)umin))
+ || (has_umax && (pwent->pw_uid > (uid_t)umax)))) {
+ continue;
+ }
+ print_one (pwent, aflg);
+ }
+ endpwent ();
+ }
+}
+
+/*
+ * reset_one - Reset the fail count for one user
+ *
+ * This returns a boolean indicating if an error occurred.
+ */
+static bool reset_one (uid_t uid)
+{
+ off_t offset;
+ struct faillog fl;
+
+ offset = (off_t) uid * sizeof (fl);
+ if (offset + sizeof (fl) <= statbuf.st_size) {
+ /* fseeko errors are not really relevant for us. */
+ int err = fseeko (fail, offset, SEEK_SET);
+ assert (0 == err);
+ /* faillog is a sparse file. Even if no entries were
+ * entered for this user, which should be able to get the
+ * empty entry in this case.
+ */
+ if (fread ((char *) &fl, sizeof (fl), 1, fail) != 1) {
+ fprintf (stderr,
+ _("%s: Failed to get the entry for UID %lu\n"),
+ Prog, (unsigned long int)uid);
+ return true;
+ }
+ } else {
+ /* Outsize of the faillog file.
+ * Behave as if there were a missing entry (same behavior
+ * as if we were reading an non existing entry in the
+ * sparse faillog file).
+ */
+ memzero (&fl, sizeof (fl));
+ }
+
+ if (0 == fl.fail_cnt) {
+ /* If the count is already null, do not write in the file.
+ * This avoids writing 0 when no entries were present for
+ * the user.
+ */
+ return false;
+ }
+
+ fl.fail_cnt = 0;
+
+ if ( (fseeko (fail, offset, SEEK_SET) == 0)
+ && (fwrite ((char *) &fl, sizeof (fl), 1, fail) == 1)) {
+ (void) fflush (fail);
+ return false;
+ }
+
+ fprintf (stderr,
+ _("%s: Failed to reset fail count for UID %lu\n"),
+ Prog, (unsigned long int)uid);
+ return true;
+}
+
+static void reset (void)
+{
+ if (uflg && has_umin && has_umax && (umin==umax)) {
+ if (reset_one ((uid_t)umin)) {
+ errors = true;
+ }
+ } else {
+ /* There is no need to reset outside of the faillog
+ * database.
+ */
+ uid_t uidmax = statbuf.st_size / sizeof (struct faillog);
+ if (uidmax > 1) {
+ uidmax--;
+ }
+ if (has_umax && (uid_t)umax < uidmax) {
+ uidmax = (uid_t)umax;
+ }
+
+ /* Reset all entries in the specified range.
+ * Non existing entries will not be touched.
+ */
+ if (aflg) {
+ /* Entries for non existing users are also reset.
+ */
+ uid_t uid = 0;
+
+ /* Make sure we stay in the umin-umax range if specified */
+ if (has_umin) {
+ uid = (uid_t)umin;
+ }
+
+ while (uid <= uidmax) {
+ if (reset_one (uid)) {
+ errors = true;
+ }
+ uid++;
+ }
+ } else {
+ /* Only reset records for existing users.
+ */
+ struct passwd *pwent;
+
+ setpwent ();
+ while ( (pwent = getpwent ()) != NULL ) {
+ if ( uflg
+ && ( (has_umin && (pwent->pw_uid < (uid_t)umin))
+ || (pwent->pw_uid > (uid_t)uidmax))) {
+ continue;
+ }
+ if (reset_one (pwent->pw_uid)) {
+ errors = true;
+ }
+ }
+ endpwent ();
+ }
+ }
+}
+
+/*
+ * setmax_one - Set the maximum failed login counter for one user
+ *
+ * This returns a boolean indicating if an error occurred.
+ */
+static bool setmax_one (uid_t uid, short max)
+{
+ off_t offset;
+ struct faillog fl;
+
+ offset = (off_t) uid * sizeof (fl);
+ if (offset + sizeof (fl) <= statbuf.st_size) {
+ /* fseeko errors are not really relevant for us. */
+ int err = fseeko (fail, offset, SEEK_SET);
+ assert (0 == err);
+ /* faillog is a sparse file. Even if no entries were
+ * entered for this user, which should be able to get the
+ * empty entry in this case.
+ */
+ if (fread ((char *) &fl, sizeof (fl), 1, fail) != 1) {
+ fprintf (stderr,
+ _("%s: Failed to get the entry for UID %lu\n"),
+ Prog, (unsigned long int)uid);
+ return true;
+ }
+ } else {
+ /* Outsize of the faillog file.
+ * Behave as if there were a missing entry (same behavior
+ * as if we were reading an non existing entry in the
+ * sparse faillog file).
+ */
+ memzero (&fl, sizeof (fl));
+ }
+
+ if (max == fl.fail_max) {
+ /* If the max is already set to the right value, do not
+ * write in the file.
+ * This avoids writing 0 when no entries were present for
+ * the user and the max argument is 0.
+ */
+ return false;
+ }
+
+ fl.fail_max = max;
+
+ if ( (fseeko (fail, offset, SEEK_SET) == 0)
+ && (fwrite ((char *) &fl, sizeof (fl), 1, fail) == 1)) {
+ (void) fflush (fail);
+ return false;
+ }
+
+ fprintf (stderr,
+ _("%s: Failed to set max for UID %lu\n"),
+ Prog, (unsigned long int)uid);
+ return true;
+}
+
+static void setmax (short max)
+{
+ if (uflg && has_umin && has_umax && (umin==umax)) {
+ if (setmax_one ((uid_t)umin, max)) {
+ errors = true;
+ }
+ } else {
+ /* Set max for entries in the specified range.
+ * If max is unchanged for an entry, the entry is not touched.
+ * If max is null, and no entries exist for this user, no
+ * entries will be created.
+ */
+ if (aflg) {
+ /* Entries for non existing user are also taken into
+ * account (in order to define policy for future users).
+ */
+ uid_t uid = 0;
+ /* The default umax value is based on the size of the
+ * faillog database.
+ */
+ uid_t uidmax = statbuf.st_size / sizeof (struct faillog);
+ if (uidmax > 1) {
+ uidmax--;
+ }
+
+ /* Make sure we stay in the umin-umax range if specified */
+ if (has_umin) {
+ uid = (uid_t)umin;
+ }
+ if (has_umax) {
+ uidmax = (uid_t)umax;
+ }
+
+ while (uid <= uidmax) {
+ if (setmax_one (uid, max)) {
+ errors = true;
+ }
+ uid++;
+ }
+ } else {
+ /* Only change records for existing users.
+ */
+ struct passwd *pwent;
+
+ setpwent ();
+ while ( (pwent = getpwent ()) != NULL ) {
+ if ( uflg
+ && ( (has_umin && (pwent->pw_uid < (uid_t)umin))
+ || (has_umax && (pwent->pw_uid > (uid_t)umax)))) {
+ continue;
+ }
+ if (setmax_one (pwent->pw_uid, max)) {
+ errors = true;
+ }
+ }
+ endpwent ();
+ }
+ }
+}
+
+/*
+ * set_locktime_one - Set the locktime for one user
+ *
+ * This returns a boolean indicating if an error occurred.
+ */
+static bool set_locktime_one (uid_t uid, long locktime)
+{
+ off_t offset;
+ struct faillog fl;
+
+ offset = (off_t) uid * sizeof (fl);
+ if (offset + sizeof (fl) <= statbuf.st_size) {
+ /* fseeko errors are not really relevant for us. */
+ int err = fseeko (fail, offset, SEEK_SET);
+ assert (0 == err);
+ /* faillog is a sparse file. Even if no entries were
+ * entered for this user, which should be able to get the
+ * empty entry in this case.
+ */
+ if (fread ((char *) &fl, sizeof (fl), 1, fail) != 1) {
+ fprintf (stderr,
+ _("%s: Failed to get the entry for UID %lu\n"),
+ Prog, (unsigned long int)uid);
+ return true;
+ }
+ } else {
+ /* Outsize of the faillog file.
+ * Behave as if there were a missing entry (same behavior
+ * as if we were reading an non existing entry in the
+ * sparse faillog file).
+ */
+ memzero (&fl, sizeof (fl));
+ }
+
+ if (locktime == fl.fail_locktime) {
+ /* If the locktime is already set to the right value, do not
+ * write in the file.
+ * This avoids writing 0 when no entries were present for
+ * the user and the locktime argument is 0.
+ */
+ return false;
+ }
+
+ fl.fail_locktime = locktime;
+
+ if ( (fseeko (fail, offset, SEEK_SET) == 0)
+ && (fwrite ((char *) &fl, sizeof (fl), 1, fail) == 1)) {
+ (void) fflush (fail);
+ return false;
+ }
+
+ fprintf (stderr,
+ _("%s: Failed to set locktime for UID %lu\n"),
+ Prog, (unsigned long int)uid);
+ return true;
+}
+
+static void set_locktime (long locktime)
+{
+ if (uflg && has_umin && has_umax && (umin==umax)) {
+ if (set_locktime_one ((uid_t)umin, locktime)) {
+ errors = true;
+ }
+ } else {
+ /* Set locktime for entries in the specified range.
+ * If locktime is unchanged for an entry, the entry is not touched.
+ * If locktime is null, and no entries exist for this user, no
+ * entries will be created.
+ */
+ if (aflg) {
+ /* Entries for non existing user are also taken into
+ * account (in order to define policy for future users).
+ */
+ uid_t uid = 0;
+ /* The default umax value is based on the size of the
+ * faillog database.
+ */
+ uid_t uidmax = statbuf.st_size / sizeof (struct faillog);
+ if (uidmax > 1) {
+ uidmax--;
+ }
+
+ /* Make sure we stay in the umin-umax range if specified */
+ if (has_umin) {
+ uid = (uid_t)umin;
+ }
+ if (has_umax) {
+ uidmax = (uid_t)umax;
+ }
+
+ while (uid <= uidmax) {
+ if (set_locktime_one (uid, locktime)) {
+ errors = true;
+ }
+ uid++;
+ }
+ } else {
+ /* Only change records for existing users.
+ */
+ struct passwd *pwent;
+
+ setpwent ();
+ while ( (pwent = getpwent ()) != NULL ) {
+ if ( uflg
+ && ( (has_umin && (pwent->pw_uid < (uid_t)umin))
+ || (has_umax && (pwent->pw_uid > (uid_t)umax)))) {
+ continue;
+ }
+ if (set_locktime_one (pwent->pw_uid, locktime)) {
+ errors = true;
+ }
+ }
+ endpwent ();
+ }
+ }
+}
+
+int main (int argc, char **argv)
+{
+ long fail_locktime;
+ short fail_max;
+ long days;
+
+ /*
+ * Get the program name. The program name is used as a prefix to
+ * most error messages.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ {
+ int c;
+ static struct option long_options[] = {
+ {"all", no_argument, NULL, 'a'},
+ {"help", no_argument, NULL, 'h'},
+ {"lock-secs", required_argument, NULL, 'l'},
+ {"maximum", required_argument, NULL, 'm'},
+ {"reset", no_argument, NULL, 'r'},
+ {"root", required_argument, NULL, 'R'},
+ {"time", required_argument, NULL, 't'},
+ {"user", required_argument, NULL, 'u'},
+ {NULL, 0, NULL, '\0'}
+ };
+ while ((c = getopt_long (argc, argv, "ahl:m:rR:t:u:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'a':
+ aflg = true;
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'l':
+ if (getlong (optarg, &fail_locktime) == 0) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ lflg = true;
+ break;
+ case 'm':
+ {
+ long int lmax;
+ if ( (getlong (optarg, &lmax) == 0)
+ || ((long int)(short) lmax != lmax)) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ fail_max = (short) lmax;
+ mflg = true;
+ break;
+ }
+ case 'r':
+ rflg = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 't':
+ if (getlong (optarg, &days) == 0) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ seconds = (time_t) days * DAY;
+ tflg = true;
+ break;
+ case 'u':
+ {
+ /*
+ * The user can be:
+ * - a login name
+ * - numerical
+ * - a numerical login ID
+ * - a range (-x, x-, x-y)
+ */
+ struct passwd *pwent;
+
+ uflg = true;
+ /* local, no need for xgetpwnam */
+ pwent = getpwnam (optarg);
+ if (NULL != pwent) {
+ umin = (unsigned long) pwent->pw_uid;
+ has_umin = true;
+ umax = umin;
+ has_umax = true;
+ } else {
+ if (getrange (optarg,
+ &umin, &has_umin,
+ &umax, &has_umax) == 0) {
+ fprintf (stderr,
+ _("%s: Unknown user or range: %s\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ }
+
+ break;
+ }
+ default:
+ usage (E_USAGE);
+ }
+ }
+ if (argc > optind) {
+ fprintf (stderr,
+ _("%s: unexpected argument: %s\n"),
+ Prog, argv[optind]);
+ usage (EXIT_FAILURE);
+ }
+ }
+
+ if (tflg && (lflg || mflg || rflg)) {
+ usage (E_USAGE);
+ }
+
+ /* Open the faillog database */
+ if (lflg || mflg || rflg) {
+ fail = fopen (FAILLOG_FILE, "r+");
+ } else {
+ fail = fopen (FAILLOG_FILE, "r");
+ }
+ if (NULL == fail) {
+ fprintf (stderr,
+ _("%s: Cannot open %s: %s\n"),
+ Prog, FAILLOG_FILE, strerror (errno));
+ exit (E_NOPERM);
+ }
+
+ /* Get the size of the faillog */
+ if (fstat (fileno (fail), &statbuf) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot get the size of %s: %s\n"),
+ Prog, FAILLOG_FILE, strerror (errno));
+ exit (E_NOPERM);
+ }
+
+ if (lflg) {
+ set_locktime (fail_locktime);
+ }
+
+ if (mflg) {
+ setmax (fail_max);
+ }
+
+ if (rflg) {
+ reset ();
+ }
+
+ if (!(lflg || mflg || rflg)) {
+ print ();
+ }
+
+ if (lflg || mflg || rflg) {
+ if ( (ferror (fail) != 0)
+ || (fflush (fail) != 0)
+ || (fsync (fileno (fail)) != 0)
+ || (fclose (fail) != 0)) {
+ fprintf (stderr,
+ _("%s: Failed to write %s: %s\n"),
+ Prog, FAILLOG_FILE, strerror (errno));
+ (void) fclose (fail);
+ errors = true;
+ }
+ } else {
+ (void) fclose (fail);
+ }
+
+ exit (errors ? E_NOPERM : E_SUCCESS);
+}
+
diff --git a/src/gpasswd.c b/src/gpasswd.c
new file mode 100644
index 0000000..c4a492b
--- /dev/null
+++ b/src/gpasswd.c
@@ -0,0 +1,1207 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include "defines.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+/* The name of this command, as it is invoked */
+const char *Prog;
+
+#ifdef SHADOWGRP
+/* Indicate if shadow groups are enabled on the system
+ * (/etc/gshadow present) */
+static bool is_shadowgrp;
+#endif
+
+/* Flags set by options */
+static bool aflg = false;
+static bool Aflg = false;
+static bool dflg = false;
+static bool Mflg = false;
+static bool rflg = false;
+static bool Rflg = false;
+/* The name of the group that is being affected */
+static char *group = NULL;
+/* The name of the user being added (-a) or removed (-d) from group */
+static char *user = NULL;
+/* The new list of members set with -M */
+static char *members = NULL;
+#ifdef SHADOWGRP
+/* The new list of group administrators set with -A */
+static char *admins = NULL;
+#endif
+/* The name of the caller */
+static char *myname = NULL;
+/* The UID of the caller */
+static uid_t bywho;
+/* Indicate if gpasswd was called by root */
+#define amroot (0 == bywho)
+
+/* The number of retries for th user to provide and repeat a new password */
+#ifndef RETRIES
+#define RETRIES 3
+#endif
+
+/* local function prototypes */
+static void usage (int status);
+static RETSIGTYPE catch_signals (int killed);
+static bool is_valid_user_list (const char *users);
+static void process_flags (int argc, char **argv);
+static void check_flags (int argc, int opt_index);
+static void open_files (void);
+static void close_files (void);
+#ifdef SHADOWGRP
+static void get_group (struct group *gr, struct sgrp *sg);
+static void check_perms (const struct group *gr, const struct sgrp *sg);
+static void update_group (struct group *gr, struct sgrp *sg);
+static void change_passwd (struct group *gr, struct sgrp *sg);
+#else
+static void get_group (struct group *gr);
+static void check_perms (const struct group *gr);
+static void update_group (struct group *gr);
+static void change_passwd (struct group *gr);
+#endif
+static void log_gpasswd_failure (const char *suffix);
+static void log_gpasswd_failure_system (/*@null@*/unused void *arg);
+static void log_gpasswd_failure_group (/*@null@*/unused void *arg);
+#ifdef SHADOWGRP
+static void log_gpasswd_failure_gshadow (/*@null@*/unused void *arg);
+#endif
+static void log_gpasswd_success (const char *suffix);
+static void log_gpasswd_success_system (/*@null@*/unused void *arg);
+static void log_gpasswd_success_group (/*@null@*/unused void *arg);
+
+/*
+ * usage - display usage message
+ */
+static void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [option] GROUP\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -a, --add USER add USER to GROUP\n"), usageout);
+ (void) fputs (_(" -d, --delete USER remove USER from GROUP\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -Q, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -r, --remove-password remove the GROUP's password\n"), usageout);
+ (void) fputs (_(" -R, --restrict restrict access to GROUP to its members\n"), usageout);
+ (void) fputs (_(" -M, --members USER,... set the list of members of GROUP\n"), usageout);
+#ifdef SHADOWGRP
+ (void) fputs (_(" -A, --administrators ADMIN,...\n"
+ " set the list of administrators for GROUP\n"), usageout);
+ (void) fputs (_("Except for the -A and -M options, the options cannot be combined.\n"), usageout);
+#else
+ (void) fputs (_("The options cannot be combined.\n"), usageout);
+#endif
+ exit (status);
+}
+
+/*
+ * catch_signals - set or reset termio modes.
+ *
+ * catch_signals() is called before processing begins. signal() is then
+ * called with catch_signals() as the signal handler. If signal later
+ * calls catch_signals() with a signal number, the terminal modes are
+ * then reset.
+ */
+static RETSIGTYPE catch_signals (int killed)
+{
+ static TERMIO sgtty;
+
+ if (0 != killed) {
+ STTY (0, &sgtty);
+ } else {
+ GTTY (0, &sgtty);
+ }
+
+ if (0 != killed) {
+ (void) write (STDOUT_FILENO, "\n", 1);
+ _exit (killed);
+ }
+}
+
+/*
+ * is_valid_user_list - check a comma-separated list of user names for validity
+ *
+ * is_valid_user_list scans a comma-separated list of user names and
+ * checks that each listed name exists is the user database.
+ *
+ * It returns true if the list of users is valid.
+ */
+static bool is_valid_user_list (const char *users)
+{
+ const char *username;
+ char *end;
+ bool is_valid = true;
+ /*@owned@*/char *tmpusers = xstrdup (users);
+
+ for (username = tmpusers;
+ (NULL != username) && ('\0' != *username);
+ username = end) {
+ end = strchr (username, ',');
+ if (NULL != end) {
+ *end = '\0';
+ end++;
+ }
+
+ /*
+ * This user must exist.
+ */
+
+ /* local, no need for xgetpwnam */
+ if (getpwnam (username) == NULL) {
+ fprintf (stderr, _("%s: user '%s' does not exist\n"),
+ Prog, username);
+ is_valid = false;
+ }
+ }
+
+ free (tmpusers);
+
+ return is_valid;
+}
+
+static void failure (void)
+{
+ fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+ log_gpasswd_failure (": Permission denied");
+ exit (E_NOPERM);
+}
+
+/*
+ * process_flags - process the command line options and arguments
+ */
+static void process_flags (int argc, char **argv)
+{
+ int c;
+ static struct option long_options[] = {
+ {"add", required_argument, NULL, 'a'},
+ {"administrators", required_argument, NULL, 'A'},
+ {"delete", required_argument, NULL, 'd'},
+ {"help", no_argument, NULL, 'h'},
+ {"members", required_argument, NULL, 'M'},
+ {"root", required_argument, NULL, 'Q'},
+ {"remove-password", no_argument, NULL, 'r'},
+ {"restrict", no_argument, NULL, 'R'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "a:A:d:ghM:Q:rR",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'a': /* add a user */
+ aflg = true;
+ user = optarg;
+ /* local, no need for xgetpwnam */
+ if (getpwnam (user) == NULL) {
+ fprintf (stderr,
+ _("%s: user '%s' does not exist\n"),
+ Prog, user);
+ exit (E_BAD_ARG);
+ }
+ break;
+#ifdef SHADOWGRP
+ case 'A': /* set the list of administrators */
+ if (!is_shadowgrp) {
+ fprintf (stderr,
+ _("%s: shadow group passwords required for -A\n"),
+ Prog);
+ exit (E_GSHADOW_NOTFOUND);
+ }
+ admins = optarg;
+ if (!is_valid_user_list (admins)) {
+ exit (E_BAD_ARG);
+ }
+ Aflg = true;
+ break;
+#endif /* SHADOWGRP */
+ case 'd': /* delete a user */
+ dflg = true;
+ user = optarg;
+ break;
+ case 'g': /* no-op from normal password */
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ break;
+ case 'M': /* set the list of members */
+ members = optarg;
+ if (!is_valid_user_list (members)) {
+ exit (E_BAD_ARG);
+ }
+ Mflg = true;
+ break;
+ case 'Q': /* no-op, handled in process_root_flag () */
+ break;
+ case 'r': /* remove group password */
+ rflg = true;
+ break;
+ case 'R': /* restrict group password */
+ Rflg = true;
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ /* Get the name of the group that is being affected. */
+ group = argv[optind];
+
+ check_flags (argc, optind);
+}
+
+/*
+ * check_flags - check the validity of options
+ */
+static void check_flags (int argc, int opt_index)
+{
+ int exclusive = 0;
+ /*
+ * Make sure exclusive flags are exclusive
+ */
+ if (aflg) {
+ exclusive++;
+ }
+ if (dflg) {
+ exclusive++;
+ }
+ if (rflg) {
+ exclusive++;
+ }
+ if (Rflg) {
+ exclusive++;
+ }
+ if (Aflg || Mflg) {
+ exclusive++;
+ }
+ if (exclusive > 1) {
+ usage (E_USAGE);
+ }
+
+ /*
+ * Make sure one (and only one) group was provided
+ */
+ if ((argc != (opt_index+1)) || (NULL == group)) {
+ usage (E_USAGE);
+ }
+}
+
+/*
+ * open_files - lock and open the group databases
+ *
+ * It will call exit in case of error.
+ */
+static void open_files (void)
+{
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ exit (E_NOPERM);
+ }
+ add_cleanup (cleanup_unlock_group, NULL);
+
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+ exit (E_NOPERM);
+ }
+ add_cleanup (cleanup_unlock_gshadow, NULL);
+ }
+#endif /* SHADOWGRP */
+
+ add_cleanup (log_gpasswd_failure_system, NULL);
+
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+ exit (E_NOPERM);
+ }
+
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ if (sgr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
+ exit (E_NOPERM);
+ }
+ add_cleanup (log_gpasswd_failure_gshadow, NULL);
+ }
+#endif /* SHADOWGRP */
+
+ add_cleanup (log_gpasswd_failure_group, NULL);
+ del_cleanup (log_gpasswd_failure_system);
+}
+
+static void log_gpasswd_failure (const char *suffix)
+{
+#ifdef WITH_AUDIT
+ char buf[1024];
+#endif
+ if (aflg) {
+ SYSLOG ((LOG_ERR,
+ "%s failed to add user %s to group %s%s",
+ myname, user, group, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "%s failed to add user %s to group %s%s",
+ myname, user, group, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ } else if (dflg) {
+ SYSLOG ((LOG_ERR,
+ "%s failed to remove user %s from group %s%s",
+ myname, user, group, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "%s failed to remove user %s from group %s%s",
+ myname, user, group, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ } else if (rflg) {
+ SYSLOG ((LOG_ERR,
+ "%s failed to remove password of group %s%s",
+ myname, group, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "%s failed to remove password of group %s%s",
+ myname, group, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ } else if (Rflg) {
+ SYSLOG ((LOG_ERR,
+ "%s failed to restrict access to group %s%s",
+ myname, group, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "%s failed to restrict access to group %s%s",
+ myname, group, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ } else if (Aflg || Mflg) {
+#ifdef SHADOWGRP
+ if (Aflg) {
+ SYSLOG ((LOG_ERR,
+ "%s failed to set the administrators of group %s to %s%s",
+ myname, group, admins, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "%s failed to set the administrators of group %s to %s%s",
+ myname, group, admins, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ }
+#endif /* SHADOWGRP */
+ if (Mflg) {
+ SYSLOG ((LOG_ERR,
+ "%s failed to set the members of group %s to %s%s",
+ myname, group, members, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "%s failed to set the members of group %s to %s%s",
+ myname, group, members, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ }
+ } else {
+ SYSLOG ((LOG_ERR,
+ "%s failed to change password of group %s%s",
+ myname, group, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "%s failed to change password of group %s%s",
+ myname, group, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ }
+}
+
+static void log_gpasswd_failure_system (unused void *arg)
+{
+ log_gpasswd_failure ("");
+}
+
+static void log_gpasswd_failure_group (unused void *arg)
+{
+ char buf[1024];
+ snprintf (buf, 1023, " in %s", gr_dbname ());
+ buf[1023] = '\0';
+ log_gpasswd_failure (buf);
+}
+
+#ifdef SHADOWGRP
+static void log_gpasswd_failure_gshadow (unused void *arg)
+{
+ char buf[1024];
+ snprintf (buf, 1023, " in %s", sgr_dbname ());
+ buf[1023] = '\0';
+ log_gpasswd_failure (buf);
+}
+#endif /* SHADOWGRP */
+
+static void log_gpasswd_success (const char *suffix)
+{
+#ifdef WITH_AUDIT
+ char buf[1024];
+#endif
+ if (aflg) {
+ SYSLOG ((LOG_INFO,
+ "user %s added by %s to group %s%s",
+ user, myname, group, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "user %s added by %s to group %s%s",
+ user, myname, group, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ } else if (dflg) {
+ SYSLOG ((LOG_INFO,
+ "user %s removed by %s from group %s%s",
+ user, myname, group, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "user %s removed by %s from group %s%s",
+ user, myname, group, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ } else if (rflg) {
+ SYSLOG ((LOG_INFO,
+ "password of group %s removed by %s%s",
+ group, myname, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "password of group %s removed by %s%s",
+ group, myname, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ } else if (Rflg) {
+ SYSLOG ((LOG_INFO,
+ "access to group %s restricted by %s%s",
+ group, myname, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "access to group %s restricted by %s%s",
+ group, myname, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ } else if (Aflg || Mflg) {
+#ifdef SHADOWGRP
+ if (Aflg) {
+ SYSLOG ((LOG_INFO,
+ "administrators of group %s set by %s to %s%s",
+ group, myname, admins, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "administrators of group %s set by %s to %s%s",
+ group, myname, admins, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ }
+#endif /* SHADOWGRP */
+ if (Mflg) {
+ SYSLOG ((LOG_INFO,
+ "members of group %s set by %s to %s%s",
+ group, myname, members, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "members of group %s set by %s to %s%s",
+ group, myname, members, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ }
+ } else {
+ SYSLOG ((LOG_INFO,
+ "password of group %s changed by %s%s",
+ group, myname, suffix));
+#ifdef WITH_AUDIT
+ snprintf (buf, 1023,
+ "password of group %s changed by %s%s",
+ group, myname, suffix);
+ buf[1023] = '\0';
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ buf,
+ group, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ }
+}
+
+static void log_gpasswd_success_system (unused void *arg)
+{
+ log_gpasswd_success ("");
+}
+
+static void log_gpasswd_success_group (unused void *arg)
+{
+ char buf[1024];
+ snprintf (buf, 1023, " in %s", gr_dbname ());
+ buf[1023] = '\0';
+ log_gpasswd_success (buf);
+}
+
+/*
+ * close_files - close and unlock the group databases
+ *
+ * This cause any changes in the databases to be committed.
+ *
+ * It will call exit in case of error.
+ */
+static void close_files (void)
+{
+ if (gr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, gr_dbname ());
+ exit (E_NOPERM);
+ }
+ add_cleanup (log_gpasswd_success_group, NULL);
+ del_cleanup (log_gpasswd_failure_group);
+
+ cleanup_unlock_group (NULL);
+ del_cleanup (cleanup_unlock_group);
+
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ if (sgr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, sgr_dbname ());
+ exit (E_NOPERM);
+ }
+ del_cleanup (log_gpasswd_failure_gshadow);
+
+ cleanup_unlock_gshadow (NULL);
+ del_cleanup (cleanup_unlock_gshadow);
+ }
+#endif /* SHADOWGRP */
+
+ log_gpasswd_success_system (NULL);
+ del_cleanup (log_gpasswd_success_group);
+}
+
+/*
+ * check_perms - check if the user is allowed to change the password of
+ * the specified group.
+ *
+ * It only returns if the user is allowed.
+ */
+#ifdef SHADOWGRP
+static void check_perms (const struct group *gr, const struct sgrp *sg)
+#else
+static void check_perms (const struct group *gr)
+#endif
+{
+ /*
+ * Only root can use the -M and -A options.
+ */
+ if (!amroot && (Aflg || Mflg)) {
+ failure ();
+ }
+
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ /*
+ * The policy here for changing a group is that
+ * 1) you must be root or
+ * 2) you must be listed as an administrative member.
+ * Administrative members can do anything to a group that
+ * the root user can.
+ */
+ if (!amroot && !is_on_list (sg->sg_adm, myname)) {
+ failure ();
+ }
+ } else
+#endif /* SHADOWGRP */
+ {
+#ifdef FIRST_MEMBER_IS_ADMIN
+ /*
+ * The policy here for changing a group is that
+ * 1) you must be root or
+ * 2) you must be the first listed member of the group.
+ * The first listed member of a group can do anything to
+ * that group that the root user can. The rationale for
+ * this hack is that the FIRST user is probably the most
+ * important user in this entire group.
+ *
+ * This feature enabled by default could be a security
+ * problem when installed on existing systems where the
+ * first group member might be just a normal user.
+ * --marekm
+ */
+ if (!amroot) {
+ if (gr->gr_mem[0] == (char *) 0) {
+ failure ();
+ }
+
+ if (strcmp (gr->gr_mem[0], myname) != 0) {
+ failure ();
+ }
+ }
+#else /* ! FIRST_MEMBER_IS_ADMIN */
+ if (!amroot) {
+ failure ();
+ }
+#endif
+ }
+}
+
+/*
+ * update_group - Update the group information in the databases
+ */
+#ifdef SHADOWGRP
+static void update_group (struct group *gr, struct sgrp *sg)
+#else
+static void update_group (struct group *gr)
+#endif
+{
+ if (gr_update (gr) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), gr->gr_name);
+ exit (1);
+ }
+#ifdef SHADOWGRP
+ if (is_shadowgrp && (sgr_update (sg) == 0)) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), sg->sg_name);
+ exit (1);
+ }
+#endif /* SHADOWGRP */
+}
+
+/*
+ * get_group - get the current information for the group
+ *
+ * The information are copied in group structure(s) so that they can be
+ * modified later.
+ *
+ * Note: If !is_shadowgrp, *sg will not be initialized.
+ */
+#ifdef SHADOWGRP
+static void get_group (struct group *gr, struct sgrp *sg)
+#else
+static void get_group (struct group *gr)
+#endif
+{
+ struct group const*tmpgr = NULL;
+#ifdef SHADOWGRP
+ struct sgrp const*tmpsg = NULL;
+#endif
+
+ if (gr_open (O_RDONLY) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+ exit (E_NOPERM);
+ }
+
+ tmpgr = gr_locate (group);
+ if (NULL == tmpgr) {
+ fprintf (stderr,
+ _("%s: group '%s' does not exist in %s\n"),
+ Prog, group, gr_dbname ());
+ exit (E_BAD_ARG);
+ }
+
+ *gr = *tmpgr;
+ gr->gr_name = xstrdup (tmpgr->gr_name);
+ gr->gr_passwd = xstrdup (tmpgr->gr_passwd);
+ gr->gr_mem = dup_list (tmpgr->gr_mem);
+
+ if (gr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while closing read-only %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR,
+ "failure while closing read-only %s",
+ gr_dbname ()));
+ exit (E_NOPERM);
+ }
+
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ if (sgr_open (O_RDONLY) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
+ exit (E_NOPERM);
+ }
+ tmpsg = sgr_locate (group);
+ if (NULL != tmpsg) {
+ *sg = *tmpsg;
+ sg->sg_name = xstrdup (tmpsg->sg_name);
+ sg->sg_passwd = xstrdup (tmpsg->sg_passwd);
+
+ sg->sg_mem = dup_list (tmpsg->sg_mem);
+ sg->sg_adm = dup_list (tmpsg->sg_adm);
+ } else {
+ sg->sg_name = xstrdup (group);
+ sg->sg_passwd = gr->gr_passwd;
+ gr->gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+
+ sg->sg_mem = dup_list (gr->gr_mem);
+
+ sg->sg_adm = (char **) xmalloc (sizeof (char *) * 2);
+#ifdef FIRST_MEMBER_IS_ADMIN
+ if (sg->sg_mem[0]) {
+ sg->sg_adm[0] = xstrdup (sg->sg_mem[0]);
+ sg->sg_adm[1] = NULL;
+ } else
+#endif
+ {
+ sg->sg_adm[0] = NULL;
+ }
+
+ }
+ if (sgr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while closing read-only %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR,
+ "failure while closing read-only %s",
+ sgr_dbname ()));
+ exit (E_NOPERM);
+ }
+ }
+#endif /* SHADOWGRP */
+}
+
+/*
+ * change_passwd - change the group's password
+ *
+ * Get the new password from the user and update the password in the
+ * group's structure.
+ *
+ * It will call exit in case of error.
+ */
+#ifdef SHADOWGRP
+static void change_passwd (struct group *gr, struct sgrp *sg)
+#else
+static void change_passwd (struct group *gr)
+#endif
+{
+ char *cp;
+ static char pass[BUFSIZ];
+ int retries;
+ const char *salt;
+
+ /*
+ * A new password is to be entered and it must be encrypted, etc.
+ * The password will be prompted for twice, and both entries must be
+ * identical. There is no need to validate the old password since
+ * the invoker is either the group owner, or root.
+ */
+ printf (_("Changing the password for group %s\n"), group);
+
+ for (retries = 0; retries < RETRIES; retries++) {
+ cp = getpass (_("New Password: "));
+ if (NULL == cp) {
+ exit (1);
+ }
+
+ STRFCPY (pass, cp);
+ strzero (cp);
+ cp = getpass (_("Re-enter new password: "));
+ if (NULL == cp) {
+ exit (1);
+ }
+
+ if (strcmp (pass, cp) == 0) {
+ strzero (cp);
+ break;
+ }
+
+ strzero (cp);
+ memzero (pass, sizeof pass);
+
+ if (retries + 1 < RETRIES) {
+ puts (_("They don't match; try again"));
+ }
+ }
+
+ if (retries == RETRIES) {
+ fprintf (stderr, _("%s: Try again later\n"), Prog);
+ exit (1);
+ }
+
+ salt = crypt_make_salt (NULL, NULL);
+ cp = pw_encrypt (pass, salt);
+ if (NULL == cp) {
+ fprintf (stderr,
+ _("%s: failed to crypt password with salt '%s': %s\n"),
+ Prog, salt, strerror (errno));
+ exit (1);
+ }
+ memzero (pass, sizeof pass);
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ gr->gr_passwd = SHADOW_PASSWD_STRING;
+ sg->sg_passwd = cp;
+ } else
+#endif
+ {
+ gr->gr_passwd = cp;
+ }
+}
+
+/*
+ * gpasswd - administer the /etc/group file
+ */
+int main (int argc, char **argv)
+{
+ struct group grent;
+#ifdef SHADOWGRP
+ struct sgrp sgent;
+#endif
+ struct passwd *pw = NULL;
+
+#ifdef WITH_AUDIT
+ audit_help_open ();
+#endif
+
+ sanitize_env ();
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ /*
+ * Make a note of whether or not this command was invoked by root.
+ * This will be used to bypass certain checks later on. Also, set
+ * the real user ID to match the effective user ID. This will
+ * prevent the invoker from issuing signals which would interfere
+ * with this command.
+ */
+ bywho = getuid ();
+ Prog = Basename (argv[0]);
+
+ OPENLOG ("gpasswd");
+ setbuf (stdout, NULL);
+ setbuf (stderr, NULL);
+
+ process_root_flag ("-Q", argc, argv);
+
+#ifdef SHADOWGRP
+ is_shadowgrp = sgr_file_present ();
+#endif
+
+ /*
+ * Determine the name of the user that invoked this command. This
+ * is really hit or miss because there are so many ways that command
+ * can be executed and so many ways to trip up the routines that
+ * report the user name.
+ */
+ pw = get_my_pwent ();
+ if (NULL == pw) {
+ fprintf (stderr, _("%s: Cannot determine your user name.\n"),
+ Prog);
+ SYSLOG ((LOG_WARN,
+ "Cannot determine the user name of the caller (UID %lu)",
+ (unsigned long) getuid ()));
+ exit (E_NOPERM);
+ }
+ myname = xstrdup (pw->pw_name);
+
+ /*
+ * Register an exit function to warn for any inconsistency that we
+ * could create.
+ */
+ if (atexit (do_cleanups) != 0) {
+ fprintf(stderr, "%s: cannot set exit function\n", Prog);
+ exit (1);
+ }
+
+ /* Parse the options */
+ process_flags (argc, argv);
+
+ /*
+ * Replicate the group so it can be modified later on.
+ */
+#ifdef SHADOWGRP
+ get_group (&grent, &sgent);
+#else
+ get_group (&grent);
+#endif
+
+ /*
+ * Check if the user is allowed to change the password of this group.
+ */
+#ifdef SHADOWGRP
+ check_perms (&grent, &sgent);
+#else
+ check_perms (&grent);
+#endif
+
+ /*
+ * Removing a password is straight forward. Just set the password
+ * field to a "".
+ */
+ if (rflg) {
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ grent.gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ sgent.sg_passwd = ""; /* XXX warning: const */
+ } else
+#endif /* SHADOWGRP */
+ {
+ grent.gr_passwd = ""; /* XXX warning: const */
+ }
+ goto output;
+ } else if (Rflg) {
+ /*
+ * Same thing for restricting the group. Set the password
+ * field to "!".
+ */
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ grent.gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ sgent.sg_passwd = "!"; /* XXX warning: const */
+ } else
+#endif /* SHADOWGRP */
+ {
+ grent.gr_passwd = "!"; /* XXX warning: const */
+ }
+ goto output;
+ }
+
+ /*
+ * Adding a member to a member list is pretty straightforward as
+ * well. Call the appropriate routine and split.
+ */
+ if (aflg) {
+ printf (_("Adding user %s to group %s\n"), user, group);
+ grent.gr_mem = add_list (grent.gr_mem, user);
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ sgent.sg_mem = add_list (sgent.sg_mem, user);
+ }
+#endif
+ goto output;
+ }
+
+ /*
+ * Removing a member from the member list is the same deal as adding
+ * one, except the routine is different.
+ */
+ if (dflg) {
+ bool removed = false;
+
+ printf (_("Removing user %s from group %s\n"), user, group);
+
+ if (is_on_list (grent.gr_mem, user)) {
+ removed = true;
+ grent.gr_mem = del_list (grent.gr_mem, user);
+ }
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ if (is_on_list (sgent.sg_mem, user)) {
+ removed = true;
+ sgent.sg_mem = del_list (sgent.sg_mem, user);
+ }
+ }
+#endif
+ if (!removed) {
+ fprintf (stderr,
+ _("%s: user '%s' is not a member of '%s'\n"),
+ Prog, user, group);
+ exit (E_BAD_ARG);
+ }
+ goto output;
+ }
+#ifdef SHADOWGRP
+ /*
+ * Replacing the entire list of administrators is simple. Check the
+ * list to make sure everyone is a real user. Then slap the new list
+ * in place.
+ */
+ if (Aflg) {
+ sgent.sg_adm = comma_to_list (admins);
+ if (!Mflg) {
+ goto output;
+ }
+ }
+#endif /* SHADOWGRP */
+
+ /*
+ * Replacing the entire list of members is simple. Check the list to
+ * make sure everyone is a real user. Then slap the new list in
+ * place.
+ */
+ if (Mflg) {
+#ifdef SHADOWGRP
+ sgent.sg_mem = comma_to_list (members);
+#endif
+ grent.gr_mem = comma_to_list (members);
+ goto output;
+ }
+
+ /*
+ * If the password is being changed, the input and output must both
+ * be a tty. The typical keyboard signals are caught so the termio
+ * modes can be restored.
+ */
+ if ((isatty (0) == 0) || (isatty (1) == 0)) {
+ fprintf (stderr, _("%s: Not a tty\n"), Prog);
+ exit (E_NOPERM);
+ }
+
+ catch_signals (0); /* save tty modes */
+
+ (void) signal (SIGHUP, catch_signals);
+ (void) signal (SIGINT, catch_signals);
+ (void) signal (SIGQUIT, catch_signals);
+ (void) signal (SIGTERM, catch_signals);
+#ifdef SIGTSTP
+ (void) signal (SIGTSTP, catch_signals);
+#endif
+
+ /* Prompt for the new password */
+#ifdef SHADOWGRP
+ change_passwd (&grent, &sgent);
+#else
+ change_passwd (&grent);
+#endif
+
+ /*
+ * This is the common arrival point to output the new group file.
+ * The freshly crafted entry is in allocated space. The group file
+ * will be locked and opened for writing. The new entry will be
+ * output, etc.
+ */
+ output:
+ if (setuid (0) != 0) {
+ fputs (_("Cannot change ID to root.\n"), stderr);
+ SYSLOG ((LOG_ERR, "can't setuid(0)"));
+ closelog ();
+ exit (E_NOPERM);
+ }
+ pwd_init ();
+
+ open_files ();
+
+#ifdef SHADOWGRP
+ update_group (&grent, &sgent);
+#else
+ update_group (&grent);
+#endif
+
+ close_files ();
+
+ nscd_flush_cache ("group");
+
+ exit (E_SUCCESS);
+}
+
diff --git a/src/groupadd.c b/src/groupadd.c
new file mode 100644
index 0000000..179438f
--- /dev/null
+++ b/src/groupadd.c
@@ -0,0 +1,624 @@
+/*
+ * Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <stdio.h>
+#include <sys/types.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#include <pwd.h>
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+#include "chkname.h"
+#include "defines.h"
+#include "getdef.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS 0 /* success */
+#define E_USAGE 2 /* invalid command syntax */
+#define E_BAD_ARG 3 /* invalid argument to option */
+#define E_GID_IN_USE 4 /* gid not unique (when -o not used) */
+#define E_NAME_IN_USE 9 /* group name not unique */
+#define E_GRP_UPDATE 10 /* can't update group file */
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static /*@null@*/char *group_name;
+static gid_t group_id;
+static /*@null@*/char *group_passwd;
+static /*@null@*/char *empty_list = NULL;
+
+static bool oflg = false; /* permit non-unique group ID to be specified with -g */
+static bool gflg = false; /* ID value for the new group */
+static bool fflg = false; /* if group already exists, do nothing and exit(0) */
+static bool rflg = false; /* create a system account */
+static bool pflg = false; /* new encrypted password */
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+#endif
+
+/* local function prototypes */
+static /*@noreturn@*/void usage (int status);
+static void new_grent (struct group *grent);
+
+#ifdef SHADOWGRP
+static void new_sgent (struct sgrp *sgent);
+#endif
+static void grp_update (void);
+static void check_new_name (void);
+static void close_files (void);
+static void open_files (void);
+static void process_flags (int argc, char **argv);
+static void check_flags (void);
+static void check_perms (void);
+
+/*
+ * usage - display usage message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options] GROUP\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -f, --force exit successfully if the group already exists,\n"
+ " and cancel -g if the GID is already used\n"), usageout);
+ (void) fputs (_(" -g, --gid GID use GID for the new group\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), usageout);
+ (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n"
+ " (non-unique) GID\n"), usageout);
+ (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout);
+ (void) fputs (_(" -r, --system create a system account\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * new_grent - initialize the values in a group file entry
+ *
+ * new_grent() takes all of the values that have been entered and fills
+ * in a (struct group) with them.
+ */
+static void new_grent (struct group *grent)
+{
+ memzero (grent, sizeof *grent);
+ grent->gr_name = group_name;
+ if (pflg) {
+ grent->gr_passwd = group_passwd;
+ } else {
+ grent->gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ }
+ grent->gr_gid = group_id;
+ grent->gr_mem = &empty_list;
+}
+
+#ifdef SHADOWGRP
+/*
+ * new_sgent - initialize the values in a shadow group file entry
+ *
+ * new_sgent() takes all of the values that have been entered and fills
+ * in a (struct sgrp) with them.
+ */
+static void new_sgent (struct sgrp *sgent)
+{
+ memzero (sgent, sizeof *sgent);
+ sgent->sg_name = group_name;
+ if (pflg) {
+ sgent->sg_passwd = group_passwd;
+ } else {
+ sgent->sg_passwd = "!"; /* XXX warning: const */
+ }
+ sgent->sg_adm = &empty_list;
+ sgent->sg_mem = &empty_list;
+}
+#endif /* SHADOWGRP */
+
+/*
+ * grp_update - add new group file entries
+ *
+ * grp_update() writes the new records to the group files.
+ */
+static void grp_update (void)
+{
+ struct group grp;
+
+#ifdef SHADOWGRP
+ struct sgrp sgrp;
+#endif /* SHADOWGRP */
+
+ /*
+ * To add the group, we need to update /etc/group.
+ * Make sure failures will be reported.
+ */
+ add_cleanup (cleanup_report_add_group_group, group_name);
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ /* We also need to update /etc/gshadow */
+ add_cleanup (cleanup_report_add_group_gshadow, group_name);
+ }
+#endif
+
+ /*
+ * Create the initial entries for this new group.
+ */
+ new_grent (&grp);
+#ifdef SHADOWGRP
+ new_sgent (&sgrp);
+ if (is_shadow_grp && pflg) {
+ grp.gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ }
+#endif /* SHADOWGRP */
+
+ /*
+ * Write out the new group file entry.
+ */
+ if (gr_update (&grp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), grp.gr_name);
+ exit (E_GRP_UPDATE);
+ }
+#ifdef SHADOWGRP
+ /*
+ * Write out the new shadow group entries as well.
+ */
+ if (is_shadow_grp && (sgr_update (&sgrp) == 0)) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), sgrp.sg_name);
+ exit (E_GRP_UPDATE);
+ }
+#endif /* SHADOWGRP */
+}
+
+/*
+ * check_new_name - check the new name for validity
+ *
+ * check_new_name() insures that the new name doesn't contain any
+ * illegal characters.
+ */
+static void check_new_name (void)
+{
+ if (is_valid_group_name (group_name)) {
+ return;
+ }
+
+ /*
+ * All invalid group names land here.
+ */
+
+ fprintf (stderr, _("%s: '%s' is not a valid group name\n"),
+ Prog, group_name);
+
+ exit (E_BAD_ARG);
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ * close_files() closes all of the files that were opened for this new
+ * group. This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+ /* First, write the changes in the regular group database */
+ if (gr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, gr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "adding group to /etc/group",
+ group_name, (unsigned int) group_id,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO, "group added to %s: name=%s, GID=%u",
+ gr_dbname (), group_name, (unsigned int) group_id));
+ del_cleanup (cleanup_report_add_group_group);
+
+ cleanup_unlock_group (NULL);
+ del_cleanup (cleanup_unlock_group);
+
+ /* Now, write the changes in the shadow database */
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, sgr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "adding group to /etc/gshadow",
+ group_name, (unsigned int) group_id,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO, "group added to %s: name=%s",
+ sgr_dbname (), group_name));
+ del_cleanup (cleanup_report_add_group_gshadow);
+
+ cleanup_unlock_gshadow (NULL);
+ del_cleanup (cleanup_unlock_gshadow);
+ }
+#endif /* SHADOWGRP */
+
+ /* Report success at the system level */
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "",
+ group_name, (unsigned int) group_id,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u",
+ group_name, (unsigned int) group_id));
+ del_cleanup (cleanup_report_add_group);
+}
+
+/*
+ * open_files - lock and open the group files
+ *
+ * open_files() opens the two group files.
+ */
+static void open_files (void)
+{
+ /* First, lock the databases */
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+ add_cleanup (cleanup_unlock_group, NULL);
+
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+ add_cleanup (cleanup_unlock_gshadow, NULL);
+ }
+#endif /* SHADOWGRP */
+
+ /*
+ * Now if the group is not added, it's our fault.
+ * Make sure failures will be reported.
+ */
+ add_cleanup (cleanup_report_add_group, group_name);
+
+ /* And now open the databases */
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+ exit (E_GRP_UPDATE);
+ }
+
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
+ exit (E_GRP_UPDATE);
+ }
+ }
+#endif /* SHADOWGRP */
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ /*
+ * Parse the command line options.
+ */
+ char *cp;
+ int c;
+ static struct option long_options[] = {
+ {"force", no_argument, NULL, 'f'},
+ {"gid", required_argument, NULL, 'g'},
+ {"help", no_argument, NULL, 'h'},
+ {"key", required_argument, NULL, 'K'},
+ {"non-unique", no_argument, NULL, 'o'},
+ {"password", required_argument, NULL, 'p'},
+ {"system", no_argument, NULL, 'r'},
+ {"root", required_argument, NULL, 'R'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "fg:hK:op:rR:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'f':
+ /*
+ * "force" - do nothing, just exit(0), if the
+ * specified group already exists. With -g, if
+ * specified gid already exists, choose another
+ * (unique) gid (turn off -g). Based on the RedHat's
+ * patch from shadow-utils-970616-9.
+ */
+ fflg = true;
+ break;
+ case 'g':
+ gflg = true;
+ if ( (get_gid (optarg, &group_id) == 0)
+ || (group_id == (gid_t)-1)) {
+ fprintf (stderr,
+ _("%s: invalid group ID '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'K':
+ /*
+ * override login.defs defaults (-K name=value)
+ * example: -K GID_MIN=100 -K GID_MAX=499
+ * note: -K GID_MIN=10,GID_MAX=499 doesn't work yet
+ */
+ cp = strchr (optarg, '=');
+ if (NULL == cp) {
+ fprintf (stderr,
+ _("%s: -K requires KEY=VALUE\n"),
+ Prog);
+ exit (E_BAD_ARG);
+ }
+ /* terminate name, point to value */
+ *cp++ = '\0';
+ if (putdef_str (optarg, cp) < 0) {
+ exit (E_BAD_ARG);
+ }
+ break;
+ case 'o':
+ oflg = true;
+ break;
+ case 'p':
+ pflg = true;
+ group_passwd = optarg;
+ break;
+ case 'r':
+ rflg = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ /*
+ * Check the flags consistency
+ */
+ if (optind != argc - 1) {
+ usage (E_USAGE);
+ }
+ group_name = argv[optind];
+
+ check_flags ();
+}
+
+/*
+ * check_flags - check flags and parameters consistency
+ *
+ * It will not return if an error is encountered.
+ */
+static void check_flags (void)
+{
+ /* -o does not make sense without -g */
+ if (oflg && !gflg) {
+ usage (E_USAGE);
+ }
+
+ check_new_name ();
+
+ /*
+ * Check if the group already exist.
+ */
+ /* local, no need for xgetgrnam */
+ if (getgrnam (group_name) != NULL) {
+ /* The group already exist */
+ if (fflg) {
+ /* OK, no need to do anything */
+ exit (E_SUCCESS);
+ }
+ fprintf (stderr,
+ _("%s: group '%s' already exists\n"),
+ Prog, group_name);
+ exit (E_NAME_IN_USE);
+ }
+
+ if (gflg && (getgrgid (group_id) != NULL)) {
+ /* A GID was specified, and a group already exist with that GID
+ * - either we will use this GID anyway (-o)
+ * - either we ignore the specified GID and
+ * we will use another one (-f)
+ * - either it is a failure
+ */
+ if (oflg) {
+ /* Continue with this GID */
+ } else if (fflg) {
+ /* Turn off -g, we can use any GID */
+ gflg = false;
+ } else {
+ fprintf (stderr,
+ _("%s: GID '%lu' already exists\n"),
+ Prog, (unsigned long int) group_id);
+ exit (E_GID_IN_USE);
+ }
+ }
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ * With PAM support, the setuid bit can be set on groupadd to allow
+ * non-root users to groups.
+ * Without PAM support, only users who can write in the group databases
+ * can add groups.
+ *
+ * It will not return if the user is not allowed.
+ */
+static void check_perms (void)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ int retval;
+ struct passwd *pampw;
+
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (NULL == pampw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ exit (1);
+ }
+
+ retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh);
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ exit (1);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+}
+
+/*
+ * main - groupadd command
+ */
+int main (int argc, char **argv)
+{
+ /*
+ * Get my name so that I can use it to report errors.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("groupadd");
+#ifdef WITH_AUDIT
+ audit_help_open ();
+#endif
+
+ if (atexit (do_cleanups) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot setup cleanup service.\n"),
+ Prog);
+ exit (1);
+ }
+
+ /*
+ * Parse the command line options.
+ */
+ process_flags (argc, argv);
+
+ check_perms ();
+
+#ifdef SHADOWGRP
+ is_shadow_grp = sgr_file_present ();
+#endif
+
+ /*
+ * Do the hard stuff - open the files, create the group entries,
+ * then close and update the files.
+ */
+ open_files ();
+
+ if (!gflg) {
+ if (find_new_gid (rflg, &group_id, NULL) < 0) {
+ exit (E_GID_IN_USE);
+ }
+ }
+
+ grp_update ();
+ close_files ();
+
+ nscd_flush_cache ("group");
+
+ return E_SUCCESS;
+}
+
diff --git a/src/groupdel.c b/src/groupdel.c
new file mode 100644
index 0000000..11e522b
--- /dev/null
+++ b/src/groupdel.c
@@ -0,0 +1,491 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <fcntl.h>
+#include <grp.h>
+#include <pwd.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+#include <stdio.h>
+#include <sys/types.h>
+#include <getopt.h>
+#include "defines.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static char *group_name;
+static gid_t group_id = -1;
+static bool check_group_busy = true;
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+#endif
+
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS 0 /* success */
+#define E_USAGE 2 /* invalid command syntax */
+#define E_NOTFOUND 6 /* specified group doesn't exist */
+#define E_GROUP_BUSY 8 /* can't remove user's primary group */
+#define E_GRP_UPDATE 10 /* can't update group file */
+
+/* local function prototypes */
+static /*@noreturn@*/void usage (int status);
+static void grp_update (void);
+static void close_files (void);
+static void open_files (void);
+static void group_busy (gid_t gid);
+static void process_flags (int argc, char **argv);
+
+/*
+ * usage - display usage message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options] GROUP\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -f, --force delete group even if it is the primary group of a user\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * grp_update - update group file entries
+ *
+ * grp_update() writes the new records to the group files.
+ */
+static void grp_update (void)
+{
+ /*
+ * To add the group, we need to update /etc/group.
+ * Make sure failures will be reported.
+ */
+ add_cleanup (cleanup_report_del_group_group, group_name);
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ /* We also need to update /etc/gshadow */
+ add_cleanup (cleanup_report_del_group_gshadow, group_name);
+ }
+#endif
+
+ /*
+ * Delete the group entry.
+ */
+ if (gr_remove (group_name) == 0) {
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, group_name, gr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+
+#ifdef SHADOWGRP
+ /*
+ * Delete the shadow group entries as well.
+ */
+ if (is_shadow_grp && (sgr_locate (group_name) != NULL)) {
+ if (sgr_remove (group_name) == 0) {
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, group_name, sgr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+ }
+#endif /* SHADOWGRP */
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ * close_files() closes all of the files that were opened for this
+ * new group. This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+ /* First, write the changes in the regular group database */
+ if (gr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, gr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_GROUP, Prog,
+ "removing group from /etc/group",
+ group_name, (unsigned int) group_id,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO,
+ "group '%s' removed from %s",
+ group_name, gr_dbname ()));
+ del_cleanup (cleanup_report_del_group_group);
+
+ cleanup_unlock_group (NULL);
+ del_cleanup (cleanup_unlock_group);
+
+
+ /* Then, write the changes in the shadow database */
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, sgr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_GROUP, Prog,
+ "removing group from /etc/gshadow",
+ group_name, (unsigned int) group_id,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO,
+ "group '%s' removed from %s",
+ group_name, sgr_dbname ()));
+ del_cleanup (cleanup_report_del_group_gshadow);
+
+ cleanup_unlock_gshadow (NULL);
+ del_cleanup (cleanup_unlock_gshadow);
+ }
+#endif /* SHADOWGRP */
+
+ /* Report success at the system level */
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_GROUP, Prog,
+ "",
+ group_name, (unsigned int) group_id,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO, "group '%s' removed\n", group_name));
+ del_cleanup (cleanup_report_del_group);
+}
+
+/*
+ * open_files - lock and open the group files
+ *
+ * open_files() opens the two group files.
+ */
+static void open_files (void)
+{
+ /* First, lock the databases */
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+ add_cleanup (cleanup_unlock_group, NULL);
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+ add_cleanup (cleanup_unlock_gshadow, NULL);
+ }
+#endif
+
+ /*
+ * Now, if the group is not removed, it's our fault.
+ * Make sure failures will be reported.
+ */
+ add_cleanup (cleanup_report_del_group, group_name);
+
+ /* An now open the databases */
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+ exit (E_GRP_UPDATE);
+ }
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
+ exit (E_GRP_UPDATE);
+ }
+ }
+#endif /* SHADOWGRP */
+}
+
+/*
+ * group_busy - check if this is any user's primary group
+ *
+ * group_busy verifies that this group is not the primary group
+ * for any user. You must remove all users before you remove
+ * the group.
+ */
+static void group_busy (gid_t gid)
+{
+ struct passwd *pwd;
+
+ /*
+ * Nice slow linear search.
+ */
+
+ setpwent ();
+
+ while ( ((pwd = getpwent ()) != NULL) && (pwd->pw_gid != gid) );
+
+ endpwent ();
+
+ /*
+ * If pwd isn't NULL, it stopped because the gid's matched.
+ */
+
+ if (pwd == (struct passwd *) 0) {
+ return;
+ }
+
+ /*
+ * Can't remove the group.
+ */
+ fprintf (stderr,
+ _("%s: cannot remove the primary group of user '%s'\n"),
+ Prog, pwd->pw_name);
+ exit (E_GROUP_BUSY);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ /*
+ * Parse the command line options.
+ */
+ int c;
+ static struct option long_options[] = {
+ {"help", no_argument, NULL, 'h'},
+ {"root", required_argument, NULL, 'R'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "hfR:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 'f':
+ check_group_busy = false;
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ if (optind != argc - 1) {
+ usage (E_USAGE);
+ }
+ group_name = argv[optind];
+}
+
+/*
+ * main - groupdel command
+ *
+ * The syntax of the groupdel command is
+ *
+ * groupdel group
+ *
+ * The named group will be deleted.
+ */
+
+int main (int argc, char **argv)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ int retval;
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+
+ /*
+ * Get my name so that I can use it to report errors.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("groupdel");
+#ifdef WITH_AUDIT
+ audit_help_open ();
+#endif
+
+ if (atexit (do_cleanups) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot setup cleanup service.\n"),
+ Prog);
+ exit (1);
+ }
+
+ process_flags (argc, argv);
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ exit (1);
+ }
+
+ retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ exit (1);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+
+#ifdef SHADOWGRP
+ is_shadow_grp = sgr_file_present ();
+#endif
+
+ {
+ struct group *grp;
+ /*
+ * Start with a quick check to see if the group exists.
+ */
+ grp = getgrnam (group_name); /* local, no need for xgetgrnam */
+ if (NULL == grp) {
+ fprintf (stderr,
+ _("%s: group '%s' does not exist\n"),
+ Prog, group_name);
+ exit (E_NOTFOUND);
+ }
+
+ group_id = grp->gr_gid;
+ }
+
+#ifdef USE_NIS
+ /*
+ * Make sure this isn't a NIS group
+ */
+ if (__isgrNIS ()) {
+ char *nis_domain;
+ char *nis_master;
+
+ fprintf (stderr,
+ _("%s: group '%s' is a NIS group\n"),
+ Prog, group_name);
+
+ if (!yp_get_default_domain (&nis_domain) &&
+ !yp_master (nis_domain, "group.byname", &nis_master)) {
+ fprintf (stderr,
+ _("%s: %s is the NIS master\n"),
+ Prog, nis_master);
+ }
+ exit (E_NOTFOUND);
+ }
+#endif
+
+ /*
+ * Make sure this isn't the primary group of anyone.
+ */
+ if (check_group_busy) {
+ group_busy (group_id);
+ }
+
+ /*
+ * Do the hard stuff - open the files, delete the group entries,
+ * then close and update the files.
+ */
+ open_files ();
+
+ grp_update ();
+
+ close_files ();
+
+ nscd_flush_cache ("group");
+
+ return E_SUCCESS;
+}
+
diff --git a/src/groupmems.c b/src/groupmems.c
new file mode 100644
index 0000000..4a49e10
--- /dev/null
+++ b/src/groupmems.c
@@ -0,0 +1,652 @@
+/*
+ * Copyright (c) 2000 , International Business Machines
+ * George Kraft IV, gk4@us.ibm.com, 03/23/2000
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <stdio.h>
+#include <sys/types.h>
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif /* USE_PAM */
+#include <pwd.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "groupio.h"
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+
+/* Exit Status Values */
+/*@-exitarg@*/
+#define EXIT_SUCCESS 0 /* success */
+#define EXIT_USAGE 1 /* invalid command syntax */
+#define EXIT_GROUP_FILE 2 /* group file access problems */
+#define EXIT_NOT_ROOT 3 /* not superuser */
+#define EXIT_NOT_EROOT 4 /* not effective superuser */
+#define EXIT_NOT_PRIMARY 5 /* not primary owner of group */
+#define EXIT_NOT_MEMBER 6 /* member of group does not exist */
+#define EXIT_MEMBER_EXISTS 7 /* member of group already exists */
+#define EXIT_INVALID_USER 8 /* specified user does not exist */
+#define EXIT_INVALID_GROUP 9 /* specified group does not exist */
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static char *adduser = NULL;
+static char *deluser = NULL;
+static char *thisgroup = NULL;
+static bool purge = false;
+static bool list = false;
+static int exclusive = 0;
+static bool gr_locked = false;
+#ifdef SHADOWGRP
+/* Indicate if shadow groups are enabled on the system
+ * (/etc/gshadow present) */
+static bool is_shadowgrp;
+static bool sgr_locked = false;
+#endif
+
+/* local function prototypes */
+static char *whoami (void);
+static void add_user (const char *user,
+ const struct group *grp);
+static void remove_user (const char *user,
+ const struct group *grp);
+static void purge_members (const struct group *grp);
+static void display_members (const char *const *members);
+static /*@noreturn@*/void usage (int status);
+static void process_flags (int argc, char **argv);
+static void check_perms (void);
+static void fail_exit (int code);
+#define isroot() (getuid () == 0)
+
+static char *whoami (void)
+{
+ /* local, no need for xgetgrgid */
+ struct group *grp = getgrgid (getgid ());
+ /* local, no need for xgetpwuid */
+ struct passwd *usr = getpwuid (getuid ());
+
+ if ( (NULL != usr)
+ && (NULL != grp)
+ && (0 == strcmp (usr->pw_name, grp->gr_name))) {
+ return xstrdup (usr->pw_name);
+ } else {
+ return NULL;
+ }
+}
+
+/*
+ * add_user - Add an user to the specified group
+ */
+static void add_user (const char *user,
+ const struct group *grp)
+{
+ struct group *newgrp;
+
+ /* Make sure the user is not already part of the group */
+ if (is_on_list (grp->gr_mem, user)) {
+ fprintf (stderr,
+ _("%s: user '%s' is already a member of '%s'\n"),
+ Prog, user, grp->gr_name);
+ fail_exit (EXIT_MEMBER_EXISTS);
+ }
+
+ newgrp = __gr_dup(grp);
+ if (NULL == newgrp) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, gr_dbname ());
+ fail_exit (13);
+ }
+
+ /* Add the user to the /etc/group group */
+ newgrp->gr_mem = add_list (newgrp->gr_mem, user);
+
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ const struct sgrp *sg = sgr_locate (newgrp->gr_name);
+ struct sgrp *newsg;
+
+ if (NULL == sg) {
+ /* Create a shadow group based on this group */
+ static struct sgrp sgrent;
+ sgrent.sg_name = xstrdup (newgrp->gr_name);
+ sgrent.sg_mem = dup_list (newgrp->gr_mem);
+ sgrent.sg_adm = (char **) xmalloc (sizeof (char *));
+#ifdef FIRST_MEMBER_IS_ADMIN
+ if (sgrent.sg_mem[0]) {
+ sgrent.sg_adm[0] = xstrdup (sgrent.sg_mem[0]);
+ sgrent.sg_adm[1] = NULL;
+ } else
+#endif
+ {
+ sgrent.sg_adm[0] = NULL;
+ }
+
+ /* Move any password to gshadow */
+ sgrent.sg_passwd = newgrp->gr_passwd;
+ newgrp->gr_passwd = SHADOW_PASSWD_STRING;
+
+ newsg = &sgrent;
+ } else {
+ newsg = __sgr_dup (sg);
+ if (NULL == newsg) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (13);
+ }
+ /* Add the user to the members */
+ newsg->sg_mem = add_list (newsg->sg_mem, user);
+ /* Do not touch the administrators */
+ }
+
+ if (sgr_update (newsg) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), newsg->sg_name);
+ fail_exit (13);
+ }
+ }
+#endif
+
+ if (gr_update (newgrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), newgrp->gr_name);
+ fail_exit (13);
+ }
+}
+
+/*
+ * remove_user - Remove an user from a given group
+ */
+static void remove_user (const char *user,
+ const struct group *grp)
+{
+ struct group *newgrp;
+
+ /* Check if the user is a member of the specified group */
+ if (!is_on_list (grp->gr_mem, user)) {
+ fprintf (stderr,
+ _("%s: user '%s' is not a member of '%s'\n"),
+ Prog, user, grp->gr_name);
+ fail_exit (EXIT_NOT_MEMBER);
+ }
+
+ newgrp = __gr_dup (grp);
+ if (NULL == newgrp) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, gr_dbname ());
+ fail_exit (13);
+ }
+
+ /* Remove the user from the /etc/group group */
+ newgrp->gr_mem = del_list (newgrp->gr_mem, user);
+
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ const struct sgrp *sg = sgr_locate (newgrp->gr_name);
+ struct sgrp *newsg;
+
+ if (NULL == sg) {
+ /* Create a shadow group based on this group */
+ static struct sgrp sgrent;
+ sgrent.sg_name = xstrdup (newgrp->gr_name);
+ sgrent.sg_mem = dup_list (newgrp->gr_mem);
+ sgrent.sg_adm = (char **) xmalloc (sizeof (char *));
+#ifdef FIRST_MEMBER_IS_ADMIN
+ if (sgrent.sg_mem[0]) {
+ sgrent.sg_adm[0] = xstrdup (sgrent.sg_mem[0]);
+ sgrent.sg_adm[1] = NULL;
+ } else
+#endif
+ {
+ sgrent.sg_adm[0] = NULL;
+ }
+
+ /* Move any password to gshadow */
+ sgrent.sg_passwd = newgrp->gr_passwd;
+ newgrp->gr_passwd = SHADOW_PASSWD_STRING;
+
+ newsg = &sgrent;
+ } else {
+ newsg = __sgr_dup (sg);
+ if (NULL == newsg) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (13);
+ }
+ /* Remove the user from the members */
+ newsg->sg_mem = del_list (newsg->sg_mem, user);
+ /* Remove the user from the administrators */
+ newsg->sg_adm = del_list (newsg->sg_adm, user);
+ }
+
+ if (sgr_update (newsg) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), newsg->sg_name);
+ fail_exit (13);
+ }
+ }
+#endif
+
+ if (gr_update (newgrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), newgrp->gr_name);
+ fail_exit (13);
+ }
+}
+
+/*
+ * purge_members - Rmeove every members of the specified group
+ */
+static void purge_members (const struct group *grp)
+{
+ struct group *newgrp = __gr_dup (grp);
+
+ if (NULL == newgrp) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, gr_dbname ());
+ fail_exit (13);
+ }
+
+ /* Remove all the members of the /etc/group group */
+ newgrp->gr_mem[0] = NULL;
+
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ const struct sgrp *sg = sgr_locate (newgrp->gr_name);
+ struct sgrp *newsg;
+
+ if (NULL == sg) {
+ /* Create a shadow group based on this group */
+ static struct sgrp sgrent;
+ sgrent.sg_name = xstrdup (newgrp->gr_name);
+ sgrent.sg_mem = (char **) xmalloc (sizeof (char *));
+ sgrent.sg_mem[0] = NULL;
+ sgrent.sg_adm = (char **) xmalloc (sizeof (char *));
+ sgrent.sg_adm[0] = NULL;
+
+ /* Move any password to gshadow */
+ sgrent.sg_passwd = newgrp->gr_passwd;
+ newgrp->gr_passwd = xstrdup(SHADOW_PASSWD_STRING);
+
+ newsg = &sgrent;
+ } else {
+ newsg = __sgr_dup (sg);
+ if (NULL == newsg) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (13);
+ }
+ /* Remove all the members of the /etc/gshadow
+ * group */
+ newsg->sg_mem[0] = NULL;
+ /* Remove all the administrators of the
+ * /etc/gshadow group */
+ newsg->sg_adm[0] = NULL;
+ }
+
+ if (sgr_update (newsg) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), newsg->sg_name);
+ fail_exit (13);
+ }
+ }
+#endif
+
+ if (gr_update (newgrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), newgrp->gr_name);
+ fail_exit (13);
+ }
+}
+
+static void display_members (const char *const *members)
+{
+ int i;
+
+ for (i = 0; NULL != members[i]; i++) {
+ printf ("%s ", members[i]);
+
+ if (NULL == members[i + 1]) {
+ printf ("\n");
+ } else {
+ printf (" ");
+ }
+ }
+}
+
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (EXIT_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options] [action]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -g, --group groupname change groupname instead of the user's group\n"
+ " (root only)\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_("\n"), usageout);
+ (void) fputs (_("Actions:\n"), usageout);
+ (void) fputs (_(" -a, --add username add username to the members of the group\n"), usageout);
+ (void) fputs (_(" -d, --delete username remove username from the members of the group\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -p, --purge purge all members from the group\n"), usageout);
+ (void) fputs (_(" -l, --list list the members of the group\n"), usageout);
+ exit (status);
+}
+
+/*
+ * process_flags - perform command line argument setting
+ */
+static void process_flags (int argc, char **argv)
+{
+ int c;
+ static struct option long_options[] = {
+ {"add", required_argument, NULL, 'a'},
+ {"delete", required_argument, NULL, 'd'},
+ {"group", required_argument, NULL, 'g'},
+ {"help", no_argument, NULL, 'h'},
+ {"list", no_argument, NULL, 'l'},
+ {"purge", no_argument, NULL, 'p'},
+ {"root", required_argument, NULL, 'R'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "a:d:g:hlpR:",
+ long_options, NULL)) != EOF) {
+ switch (c) {
+ case 'a':
+ adduser = xstrdup (optarg);
+ ++exclusive;
+ break;
+ case 'd':
+ deluser = xstrdup (optarg);
+ ++exclusive;
+ break;
+ case 'g':
+ thisgroup = xstrdup (optarg);
+ break;
+ case 'h':
+ usage (EXIT_SUCCESS);
+ /*@notreached@*/break;
+ case 'l':
+ list = true;
+ ++exclusive;
+ break;
+ case 'p':
+ purge = true;
+ ++exclusive;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ default:
+ usage (EXIT_USAGE);
+ }
+ }
+
+ if ((exclusive > 1) || (optind < argc)) {
+ usage (EXIT_USAGE);
+ }
+
+ /* local, no need for xgetpwnam */
+ if ( (NULL != adduser)
+ && (getpwnam (adduser) == NULL)) {
+ fprintf (stderr, _("%s: user '%s' does not exist\n"),
+ Prog, adduser);
+ fail_exit (EXIT_INVALID_USER);
+ }
+
+}
+
+static void check_perms (void)
+{
+ if (!list) {
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ int retval;
+ struct passwd *pampw;
+
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (NULL == pampw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ fail_exit (1);
+ }
+
+ retval = pam_start ("groupmems", pampw->pw_name, &conv, &pamh);
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ fail_exit (1);
+ }
+ (void) pam_end (pamh, retval);
+#endif
+ }
+}
+
+static void fail_exit (int code)
+{
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ }
+
+#ifdef SHADOWGRP
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ }
+#endif
+
+ exit (code);
+}
+
+static void open_files (void)
+{
+ if (!list) {
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ fail_exit (EXIT_GROUP_FILE);
+ }
+ gr_locked = true;
+
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (EXIT_GROUP_FILE);
+ }
+ sgr_locked = true;
+ }
+#endif
+ }
+
+ if (gr_open (list ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+ fail_exit (EXIT_GROUP_FILE);
+ }
+
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ if (sgr_open (list ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ());
+ fail_exit (EXIT_GROUP_FILE);
+ }
+ }
+#endif
+}
+
+static void close_files (void)
+{
+ if ((gr_close () == 0) && !list) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+ fail_exit (EXIT_GROUP_FILE);
+ }
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ gr_locked = false;
+ }
+
+#ifdef SHADOWGRP
+ if (is_shadowgrp) {
+ if ((sgr_close () == 0) && !list) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+ fail_exit (EXIT_GROUP_FILE);
+ }
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ sgr_locked = false;
+ }
+ }
+#endif
+}
+
+int main (int argc, char **argv)
+{
+ char *name;
+ const struct group *grp;
+
+ /*
+ * Get my name so that I can use it to report errors.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("groupmems");
+
+#ifdef SHADOWGRP
+ is_shadowgrp = sgr_file_present ();
+#endif
+
+ process_flags (argc, argv);
+
+ if (NULL == thisgroup) {
+ name = whoami ();
+ if (!list && (NULL == name)) {
+ fprintf (stderr, _("%s: your groupname does not match your username\n"), Prog);
+ fail_exit (EXIT_NOT_PRIMARY);
+ }
+ } else {
+ name = thisgroup;
+ if (!list && !isroot ()) {
+ fprintf (stderr, _("%s: only root can use the -g/--group option\n"), Prog);
+ fail_exit (EXIT_NOT_ROOT);
+ }
+ }
+
+ check_perms ();
+
+ open_files ();
+
+ grp = gr_locate (name);
+ if (NULL == grp) {
+ fprintf (stderr, _("%s: group '%s' does not exist in %s\n"),
+ Prog, name, gr_dbname ());
+ fail_exit (EXIT_INVALID_GROUP);
+ }
+
+ if (list) {
+ display_members ((const char *const *)grp->gr_mem);
+ } else if (NULL != adduser) {
+ add_user (adduser, grp);
+ } else if (NULL != deluser) {
+ remove_user (deluser, grp);
+ } else if (purge) {
+ purge_members (grp);
+ }
+
+ close_files ();
+
+ exit (EXIT_SUCCESS);
+}
+
diff --git a/src/groupmod.c b/src/groupmod.c
new file mode 100644
index 0000000..757c1a4
--- /dev/null
+++ b/src/groupmod.c
@@ -0,0 +1,871 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <stdio.h>
+#include <sys/types.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#include <pwd.h>
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+#include "chkname.h"
+#include "defines.h"
+#include "groupio.h"
+#include "pwio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS 0 /* success */
+#define E_USAGE 2 /* invalid command syntax */
+#define E_BAD_ARG 3 /* invalid argument to option */
+#define E_GID_IN_USE 4 /* gid already in use (and no -o) */
+#define E_NOTFOUND 6 /* specified group doesn't exist */
+#define E_NAME_IN_USE 9 /* group name already in use */
+#define E_GRP_UPDATE 10 /* can't update group file */
+/*
+ * Global variables
+ */
+const char *Prog;
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+#endif /* SHADOWGRP */
+static char *group_name;
+static char *group_newname;
+static char *group_passwd;
+static gid_t group_id;
+static gid_t group_newid;
+
+static struct cleanup_info_mod info_passwd;
+static struct cleanup_info_mod info_group;
+#ifdef SHADOWGRP
+static struct cleanup_info_mod info_gshadow;
+#endif
+
+static bool
+ oflg = false, /* permit non-unique group ID to be specified with -g */
+ gflg = false, /* new ID value for the group */
+ nflg = false, /* a new name has been specified for the group */
+ pflg = false; /* new encrypted password */
+
+/* local function prototypes */
+static void usage (int status);
+static void new_grent (struct group *);
+
+#ifdef SHADOWGRP
+static void new_sgent (struct sgrp *);
+#endif
+static void grp_update (void);
+static void check_new_gid (void);
+static void check_new_name (void);
+static void process_flags (int, char **);
+static void lock_files (void);
+static void prepare_failure_reports (void);
+static void open_files (void);
+static void close_files (void);
+static void update_primary_groups (gid_t ogid, gid_t ngid);
+
+/*
+ * usage - display usage message and exit
+ */
+
+static void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options] GROUP\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -g, --gid GID change the group ID to GID\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"), usageout);
+ (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout);
+ (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n"
+ " PASSWORD\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * new_grent - updates the values in a group file entry
+ *
+ * new_grent() takes all of the values that have been entered and fills
+ * in a (struct group) with them.
+ */
+static void new_grent (struct group *grent)
+{
+ if (nflg) {
+ grent->gr_name = xstrdup (group_newname);
+ }
+
+ if (gflg) {
+ grent->gr_gid = group_newid;
+ }
+
+ if ( pflg
+#ifdef SHADOWGRP
+ && ( (!is_shadow_grp)
+ || (strcmp (grent->gr_passwd, SHADOW_PASSWD_STRING) != 0))
+#endif
+ ) {
+ /* Update the password in group if there is no gshadow
+ * file or if the password is currently in group
+ * (gr_passwd != "x"). We do not force the usage of
+ * shadow passwords if it was not the case before.
+ */
+ grent->gr_passwd = group_passwd;
+ }
+}
+
+#ifdef SHADOWGRP
+/*
+ * new_sgent - updates the values in a shadow group file entry
+ *
+ * new_sgent() takes all of the values that have been entered and fills
+ * in a (struct sgrp) with them.
+ */
+static void new_sgent (struct sgrp *sgent)
+{
+ if (nflg) {
+ sgent->sg_name = xstrdup (group_newname);
+ }
+
+ /* Always update the shadowed password if there is a shadow entry
+ * (even if shadowed passwords might not be enabled for this group
+ * (gr_passwd != "x")).
+ * It seems better to update the password in both places in case a
+ * shadow and a non shadow entry exist.
+ * This might occur only if there were already both entries.
+ */
+ if (pflg) {
+ sgent->sg_passwd = group_passwd;
+ }
+}
+#endif /* SHADOWGRP */
+
+/*
+ * grp_update - update group file entries
+ *
+ * grp_update() updates the new records in the memory databases.
+ */
+static void grp_update (void)
+{
+ struct group grp;
+ const struct group *ogrp;
+
+#ifdef SHADOWGRP
+ struct sgrp sgrp;
+ const struct sgrp *osgrp = NULL;
+#endif /* SHADOWGRP */
+
+ /*
+ * Get the current settings for this group.
+ */
+ ogrp = gr_locate (group_name);
+ if (NULL == ogrp) {
+ fprintf (stderr,
+ _("%s: group '%s' does not exist in %s\n"),
+ Prog, group_name, gr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+ grp = *ogrp;
+ new_grent (&grp);
+#ifdef SHADOWGRP
+ if ( is_shadow_grp
+ && (pflg || nflg)) {
+ osgrp = sgr_locate (group_name);
+ if (NULL != osgrp) {
+ sgrp = *osgrp;
+ new_sgent (&sgrp);
+ } else if ( pflg
+ && (strcmp (grp.gr_passwd, SHADOW_PASSWD_STRING) == 0)) {
+ static char *empty = NULL;
+ /* If there is a gshadow file with no entries for
+ * the group, but the group file indicates a
+ * shadowed password, we force the creation of a
+ * gshadow entry when a new password is requested.
+ */
+ memset (&sgrp, 0, sizeof sgrp);
+ sgrp.sg_name = xstrdup (grp.gr_name);
+ sgrp.sg_passwd = xstrdup (grp.gr_passwd);
+ sgrp.sg_adm = &empty;
+ sgrp.sg_mem = dup_list (grp.gr_mem);
+ new_sgent (&sgrp);
+ osgrp = &sgrp; /* entry needs to be committed */
+ }
+ }
+#endif /* SHADOWGRP */
+
+ if (gflg) {
+ update_primary_groups (ogrp->gr_gid, group_newid);
+ }
+
+ /*
+ * Write out the new group file entry.
+ */
+ if (gr_update (&grp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), grp.gr_name);
+ exit (E_GRP_UPDATE);
+ }
+ if (nflg && (gr_remove (group_name) == 0)) {
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, grp.gr_name, gr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+
+#ifdef SHADOWGRP
+ /*
+ * Make sure there was a shadow entry to begin with.
+ */
+ if (NULL != osgrp) {
+ /*
+ * Write out the new shadow group entries as well.
+ */
+ if (sgr_update (&sgrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), sgrp.sg_name);
+ exit (E_GRP_UPDATE);
+ }
+ if (nflg && (sgr_remove (group_name) == 0)) {
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, group_name, sgr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+ }
+#endif /* SHADOWGRP */
+}
+
+/*
+ * check_new_gid - check the new GID value for uniqueness
+ *
+ * check_new_gid() insures that the new GID value is unique.
+ */
+static void check_new_gid (void)
+{
+ /*
+ * First, the easy stuff. If the ID can be duplicated, or if the ID
+ * didn't really change, just return. If the ID didn't change, turn
+ * off those flags. No sense doing needless work.
+ */
+ if (group_id == group_newid) {
+ gflg = 0;
+ return;
+ }
+
+ if (oflg ||
+ (getgrgid (group_newid) == NULL) /* local, no need for xgetgrgid */
+ ) {
+ return;
+ }
+
+ /*
+ * Tell the user what they did wrong.
+ */
+ fprintf (stderr,
+ _("%s: GID '%lu' already exists\n"),
+ Prog, (unsigned long int) group_newid);
+ exit (E_GID_IN_USE);
+}
+
+/*
+ * check_new_name - check the new name for uniqueness
+ *
+ * check_new_name() insures that the new name does not exist already.
+ * You can't have the same name twice, period.
+ */
+static void check_new_name (void)
+{
+ /*
+ * Make sure they are actually changing the name.
+ */
+ if (strcmp (group_name, group_newname) == 0) {
+ nflg = 0;
+ return;
+ }
+
+ if (is_valid_group_name (group_newname)) {
+
+ /*
+ * If the entry is found, too bad.
+ */
+ /* local, no need for xgetgrnam */
+ if (getgrnam (group_newname) != NULL) {
+ fprintf (stderr,
+ _("%s: group '%s' already exists\n"),
+ Prog, group_newname);
+ exit (E_NAME_IN_USE);
+ }
+ return;
+ }
+
+ /*
+ * All invalid group names land here.
+ */
+
+ fprintf (stderr,
+ _("%s: invalid group name '%s'\n"),
+ Prog, group_newname);
+ exit (E_BAD_ARG);
+}
+
+/*
+ * process_flags - perform command line argument setting
+ *
+ * process_flags() interprets the command line arguments and sets the
+ * values that the user will be created with accordingly. The values
+ * are checked for sanity.
+ */
+static void process_flags (int argc, char **argv)
+{
+ int c;
+ static struct option long_options[] = {
+ {"gid", required_argument, NULL, 'g'},
+ {"help", no_argument, NULL, 'h'},
+ {"new-name", required_argument, NULL, 'n'},
+ {"non-unique", no_argument, NULL, 'o'},
+ {"password", required_argument, NULL, 'p'},
+ {"root", required_argument, NULL, 'R'},
+ {NULL, 0, NULL, '\0'}
+ };
+ while ((c = getopt_long (argc, argv, "g:hn:op:R:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'g':
+ gflg = true;
+ if ( (get_gid (optarg, &group_newid) == 0)
+ || (group_newid == (gid_t)-1)) {
+ fprintf (stderr,
+ _("%s: invalid group ID '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ break;
+ case 'n':
+ nflg = true;
+ group_newname = optarg;
+ break;
+ case 'o':
+ oflg = true;
+ break;
+ case 'p':
+ group_passwd = optarg;
+ pflg = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ if (oflg && !gflg) {
+ usage (E_USAGE);
+ }
+
+ if (optind != (argc - 1)) {
+ usage (E_USAGE);
+ }
+
+ group_name = argv[argc - 1];
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ * close_files() closes all of the files that were opened for this new
+ * group. This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+ if (gr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, gr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ info_group.audit_msg,
+ group_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO,
+ "group changed in %s (%s)",
+ gr_dbname (), info_group.action));
+ del_cleanup (cleanup_report_mod_group);
+
+ cleanup_unlock_group (NULL);
+ del_cleanup (cleanup_unlock_group);
+
+#ifdef SHADOWGRP
+ if ( is_shadow_grp
+ && (pflg || nflg)) {
+ if (sgr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, sgr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ info_gshadow.audit_msg,
+ group_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO,
+ "group changed in %s (%s)",
+ sgr_dbname (), info_gshadow.action));
+ del_cleanup (cleanup_report_mod_gshadow);
+
+ cleanup_unlock_gshadow (NULL);
+ del_cleanup (cleanup_unlock_gshadow);
+ }
+#endif /* SHADOWGRP */
+
+ if (gflg) {
+ if (pw_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, pw_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ info_passwd.audit_msg,
+ group_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO,
+ "group changed in %s (%s)",
+ pw_dbname (), info_passwd.action));
+ del_cleanup (cleanup_report_mod_passwd);
+
+ cleanup_unlock_passwd (NULL);
+ del_cleanup (cleanup_unlock_passwd);
+ }
+
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_ACCT, Prog,
+ "modifying group",
+ group_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+}
+
+/*
+ * prepare_failure_reports - Prepare the cleanup_info structure for logging
+ * of success and failure to syslog or audit.
+ */
+static void prepare_failure_reports (void)
+{
+ info_group.name = group_name;
+#ifdef SHADOWGRP
+ info_gshadow.name = group_name;
+#endif
+ info_passwd.name = group_name;
+
+ info_group.audit_msg = xmalloc (512);
+#ifdef SHADOWGRP
+ info_gshadow.audit_msg = xmalloc (512);
+#endif
+ info_passwd.audit_msg = xmalloc (512);
+
+ (void) snprintf (info_group.audit_msg, 511,
+ "changing %s; ", gr_dbname ());
+#ifdef SHADOWGRP
+ (void) snprintf (info_gshadow.audit_msg, 511,
+ "changing %s; ", sgr_dbname ());
+#endif
+ (void) snprintf (info_passwd.audit_msg, 511,
+ "changing %s; ", pw_dbname ());
+
+ info_group.action = info_group.audit_msg
+ + strlen (info_group.audit_msg);
+#ifdef SHADOWGRP
+ info_gshadow.action = info_gshadow.audit_msg
+ + strlen (info_gshadow.audit_msg);
+#endif
+ info_passwd.action = info_passwd.audit_msg
+ + strlen (info_passwd.audit_msg);
+
+ (void) snprintf (info_group.action,
+ 511 - strlen (info_group.audit_msg),
+ "group %s/%lu",
+ group_name, (unsigned long int) group_id);
+#ifdef SHADOWGRP
+ (void) snprintf (info_gshadow.action,
+ 511 - strlen (info_group.audit_msg),
+ "group %s", group_name);
+#endif
+ (void) snprintf (info_passwd.action,
+ 511 - strlen (info_group.audit_msg),
+ "group %s/%lu",
+ group_name, (unsigned long int) group_id);
+
+ if (nflg) {
+ strncat (info_group.action, ", new name: ",
+ 511 - strlen (info_group.audit_msg));
+ strncat (info_group.action, group_newname,
+ 511 - strlen (info_group.audit_msg));
+
+#ifdef SHADOWGRP
+ strncat (info_gshadow.action, ", new name: ",
+ 511 - strlen (info_gshadow.audit_msg));
+ strncat (info_gshadow.action, group_newname,
+ 511 - strlen (info_gshadow.audit_msg));
+#endif
+
+ strncat (info_passwd.action, ", new name: ",
+ 511 - strlen (info_passwd.audit_msg));
+ strncat (info_passwd.action, group_newname,
+ 511 - strlen (info_passwd.audit_msg));
+ }
+ if (pflg) {
+ strncat (info_group.action, ", new password",
+ 511 - strlen (info_group.audit_msg));
+
+#ifdef SHADOWGRP
+ strncat (info_gshadow.action, ", new password",
+ 511 - strlen (info_gshadow.audit_msg));
+#endif
+ }
+ if (gflg) {
+ strncat (info_group.action, ", new gid: ",
+ 511 - strlen (info_group.audit_msg));
+ (void) snprintf (info_group.action+strlen (info_group.action),
+ 511 - strlen (info_group.audit_msg),
+ "%lu", (unsigned long int) group_newid);
+
+ strncat (info_passwd.action, ", new gid: ",
+ 511 - strlen (info_passwd.audit_msg));
+ (void) snprintf (info_passwd.action+strlen (info_passwd.action),
+ 511 - strlen (info_passwd.audit_msg),
+ "%lu", (unsigned long int) group_newid);
+ }
+ info_group.audit_msg[511] = '\0';
+#ifdef SHADOWGRP
+ info_gshadow.audit_msg[511] = '\0';
+#endif
+ info_passwd.audit_msg[511] = '\0';
+
+// FIXME: add a system cleanup
+ add_cleanup (cleanup_report_mod_group, &info_group);
+#ifdef SHADOWGRP
+ if ( is_shadow_grp
+ && (pflg || nflg)) {
+ add_cleanup (cleanup_report_mod_gshadow, &info_gshadow);
+ }
+#endif
+ if (gflg) {
+ add_cleanup (cleanup_report_mod_passwd, &info_passwd);
+ }
+
+}
+
+/*
+ * lock_files - lock the accounts databases
+ *
+ * lock_files() locks the group, gshadow, and passwd databases.
+ */
+static void lock_files (void)
+{
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+ add_cleanup (cleanup_unlock_group, NULL);
+
+#ifdef SHADOWGRP
+ if ( is_shadow_grp
+ && (pflg || nflg)) {
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+ add_cleanup (cleanup_unlock_gshadow, NULL);
+ }
+#endif
+
+ if (gflg) {
+ if (pw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ exit (E_GRP_UPDATE);
+ }
+ add_cleanup (cleanup_unlock_passwd, NULL);
+ }
+}
+
+
+/*
+ * open_files - open the accounts databases
+ *
+ * open_files() opens the group, gshadow, and passwd databases.
+ */
+static void open_files (void)
+{
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+ exit (E_GRP_UPDATE);
+ }
+
+#ifdef SHADOWGRP
+ if ( is_shadow_grp
+ && (pflg || nflg)) {
+ if (sgr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
+ exit (E_GRP_UPDATE);
+ }
+ }
+#endif /* SHADOWGRP */
+
+ if (gflg) {
+ if (pw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, pw_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+ exit (E_GRP_UPDATE);
+ }
+ }
+}
+
+void update_primary_groups (gid_t ogid, gid_t ngid)
+{
+ struct passwd *pwd;
+
+ setpwent ();
+ while ((pwd = getpwent ()) != NULL) {
+ if (pwd->pw_gid == ogid) {
+ const struct passwd *lpwd;
+ struct passwd npwd;
+ lpwd = pw_locate (pwd->pw_name);
+ if (NULL == lpwd) {
+ fprintf (stderr,
+ _("%s: user '%s' does not exist in %s\n"),
+ Prog, pwd->pw_name, pw_dbname ());
+ exit (E_GRP_UPDATE);
+ } else {
+ npwd = *lpwd;
+ npwd.pw_gid = ngid;
+ if (pw_update (&npwd) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, pw_dbname (), npwd.pw_name);
+ exit (E_GRP_UPDATE);
+ }
+ }
+ }
+ }
+ endpwent ();
+}
+
+/*
+ * main - groupmod command
+ *
+ */
+int main (int argc, char **argv)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ int retval;
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+
+ /*
+ * Get my name so that I can use it to report errors.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("groupmod");
+#ifdef WITH_AUDIT
+ audit_help_open ();
+#endif
+
+ if (atexit (do_cleanups) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot setup cleanup service.\n"),
+ Prog);
+ exit (1);
+ }
+
+ process_flags (argc, argv);
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (NULL == pampw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ exit (1);
+ }
+
+ retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ exit (1);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+
+#ifdef SHADOWGRP
+ is_shadow_grp = sgr_file_present ();
+#endif
+ {
+ struct group *grp;
+ /*
+ * Start with a quick check to see if the group exists.
+ */
+ grp = getgrnam (group_name); /* local, no need for xgetgrnam */
+ if (NULL == grp) {
+ fprintf (stderr,
+ _("%s: group '%s' does not exist\n"),
+ Prog, group_name);
+ exit (E_NOTFOUND);
+ } else {
+ group_id = grp->gr_gid;
+ }
+ }
+
+#ifdef USE_NIS
+ /*
+ * Now make sure it isn't an NIS group.
+ */
+ if (__isgrNIS ()) {
+ char *nis_domain;
+ char *nis_master;
+
+ fprintf (stderr,
+ _("%s: group %s is a NIS group\n"),
+ Prog, group_name);
+
+ if (!yp_get_default_domain (&nis_domain) &&
+ !yp_master (nis_domain, "group.byname", &nis_master)) {
+ fprintf (stderr,
+ _("%s: %s is the NIS master\n"),
+ Prog, nis_master);
+ }
+ exit (E_NOTFOUND);
+ }
+#endif
+
+ if (gflg) {
+ check_new_gid ();
+ }
+
+ if (nflg) {
+ check_new_name ();
+ }
+
+ lock_files ();
+
+ /*
+ * Now if the group is not changed, it's our fault.
+ * Make sure failures will be reported.
+ */
+ prepare_failure_reports ();
+
+ /*
+ * Do the hard stuff - open the files, create the group entries,
+ * then close and update the files.
+ */
+ open_files ();
+
+ grp_update ();
+
+ close_files ();
+
+ nscd_flush_cache ("group");
+
+ return E_SUCCESS;
+}
+
diff --git a/src/groups.c b/src/groups.c
new file mode 100644
index 0000000..fcd669b
--- /dev/null
+++ b/src/groups.c
@@ -0,0 +1,218 @@
+/*
+ * Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include "defines.h"
+#include "prototypes.h"
+/*
+ * Global variables
+ */
+const char *Prog;
+
+/* local function prototypes */
+static void print_groups (const char *member);
+
+/*
+ * print_groups - print the groups which the named user is a member of
+ *
+ * print_groups() scans the groups file for the list of groups which
+ * the user is listed as being a member of.
+ */
+static void print_groups (const char *member)
+{
+ int groups = 0;
+ struct group *grp;
+ struct passwd *pwd;
+ bool flag = false;
+
+ pwd = getpwnam (member); /* local, no need for xgetpwnam */
+ if (NULL == pwd) {
+ (void) fprintf (stderr, _("%s: unknown user %s\n"),
+ Prog, member);
+ exit (EXIT_FAILURE);
+ }
+
+ setgrent ();
+ while ((grp = getgrent ()) != NULL) {
+ if (is_on_list (grp->gr_mem, member)) {
+ if (0 != groups) {
+ (void) putchar (' ');
+ }
+ groups++;
+
+ (void) printf ("%s", grp->gr_name);
+ if (grp->gr_gid == pwd->pw_gid) {
+ flag = true;
+ }
+ }
+ }
+ endgrent ();
+
+ /* The user may not be in the list of members of its primary group */
+ if (!flag) {
+ grp = getgrgid (pwd->pw_gid); /* local, no need for xgetgrgid */
+ if (NULL != grp) {
+ if (0 != groups) {
+ (void) putchar (' ');
+ }
+ groups++;
+
+ (void) printf ("%s", grp->gr_name);
+ }
+ }
+
+ if (0 != groups) {
+ (void) putchar ('\n');
+ }
+}
+
+/*
+ * groups - print out the groups a process is a member of
+ */
+int main (int argc, char **argv)
+{
+#ifdef HAVE_GETGROUPS
+ long sys_ngroups;
+ GETGROUPS_T *groups;
+#else
+ char *logname;
+ char *getlogin ();
+#endif
+
+#ifdef HAVE_GETGROUPS
+ sys_ngroups = sysconf (_SC_NGROUPS_MAX);
+ groups = (GETGROUPS_T *) malloc (sizeof (GETGROUPS_T) * sys_ngroups);
+#endif
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ /*
+ * Get the program name so that error messages can use it.
+ */
+ Prog = Basename (argv[0]);
+
+ if (argc == 1) {
+
+ /*
+ * Called with no arguments - give the group set for the
+ * current user.
+ */
+
+#ifdef HAVE_GETGROUPS
+ int i;
+ int pri_grp; /* TODO: should be GETGROUPS_T */
+ /*
+ * This system supports concurrent group sets, so I can ask
+ * the system to tell me which groups are currently set for
+ * this process.
+ */
+ int ngroups = getgroups (sys_ngroups, groups);
+ if (ngroups < 0) {
+ perror ("getgroups");
+ exit (EXIT_FAILURE);
+ }
+
+ /*
+ * The groupset includes the primary group as well.
+ */
+ pri_grp = getegid ();
+ for (i = 0; i < ngroups; i++) {
+ if (pri_grp == (int) groups[i]) {
+ break;
+ }
+ }
+
+ if (i != ngroups) {
+ pri_grp = -1;
+ }
+
+ /*
+ * Print out the name of every group in the current group
+ * set. Unknown groups are printed as their decimal group ID
+ * values.
+ */
+ if (-1 != pri_grp) {
+ struct group *gr;
+ /* local, no need for xgetgrgid */
+ gr = getgrgid (pri_grp);
+ if (NULL != gr) {
+ (void) printf ("%s", gr->gr_name);
+ } else {
+ (void) printf ("%d", pri_grp);
+ }
+ }
+
+ for (i = 0; i < ngroups; i++) {
+ struct group *gr;
+ if ((0 != i) || (-1 != pri_grp)) {
+ (void) putchar (' ');
+ }
+
+ /* local, no need for xgetgrgid */
+ gr = getgrgid (groups[i]);
+ if (NULL != gr) {
+ (void) printf ("%s", gr->gr_name);
+ } else {
+ (void) printf ("%ld", (long) groups[i]);
+ }
+ }
+ (void) putchar ('\n');
+#else
+ /*
+ * This system does not have the getgroups() system call, so
+ * I must check the groups file directly.
+ */
+ logname = getlogin ();
+ if (NULL != logname) {
+ print_groups (logname);
+ } else {
+ exit (EXIT_FAILURE);
+ }
+#endif
+ } else {
+
+ /*
+ * The invoker wanted to know about some other user. Use
+ * that name to look up the groups instead.
+ */
+ print_groups (argv[1]);
+ }
+ return EXIT_SUCCESS;
+}
+
diff --git a/src/grpck.c b/src/grpck.c
new file mode 100644
index 0000000..ea5d3b3
--- /dev/null
+++ b/src/grpck.c
@@ -0,0 +1,887 @@
+/*
+ * Copyright (c) 1992 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 , Michał Moskal
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <getopt.h>
+#include "chkname.h"
+#include "commonio.h"
+#include "defines.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+
+/*
+ * Exit codes
+ */
+/*@-exitarg@*/
+#define E_OKAY 0
+#define E_SUCCESS 0
+#define E_USAGE 1
+#define E_BAD_ENTRY 2
+#define E_CANT_OPEN 3
+#define E_CANT_LOCK 4
+#define E_CANT_UPDATE 5
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static const char *grp_file = GROUP_FILE;
+static bool use_system_grp_file = true;
+
+#ifdef SHADOWGRP
+static const char *sgr_file = SGROUP_FILE;
+static bool use_system_sgr_file = true;
+static bool is_shadow = false;
+static bool sgr_locked = false;
+#endif
+static bool gr_locked = false;
+/* Options */
+static bool read_only = false;
+static bool sort_mode = false;
+
+/* local function prototypes */
+static void fail_exit (int status);
+static /*@noreturn@*/void usage (int status);
+static void delete_member (char **, const char *);
+static void process_flags (int argc, char **argv);
+static void open_files (void);
+static void close_files (bool changed);
+static int check_members (const char *groupname,
+ char **members,
+ const char *fmt_info,
+ const char *fmt_prompt,
+ const char *fmt_syslog,
+ int *errors);
+static void check_grp_file (int *errors, bool *changed);
+#ifdef SHADOWGRP
+static void compare_members_lists (const char *groupname,
+ char **members,
+ char **other_members,
+ const char *file,
+ const char *other_file);
+static void check_sgr_file (int *errors, bool *changed);
+#endif
+
+/*
+ * fail_exit - exit with an error code after unlocking files
+ */
+static void fail_exit (int status)
+{
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ }
+
+#ifdef SHADOWGRP
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ }
+#endif
+
+ closelog ();
+
+ exit (status);
+}
+
+/*
+ * usage - print syntax message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+#ifdef SHADOWGRP
+ (void) fprintf (usageout,
+ _("Usage: %s [options] [group [gshadow]]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+#else /* !SHADOWGRP */
+ (void) fprintf (usageout,
+ _("Usage: %s [options] [group]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+#endif /* !SHADOWGRP */
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -r, --read-only display errors and warnings\n"
+ " but do not change files\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -s, --sort sort entries by UID\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * delete_member - delete an entry in a list of members
+ *
+ * It only deletes the first entry with the given name.
+ * The member is defined by its address, no string comparison are
+ * performed.
+ */
+static void delete_member (char **list, const char *member)
+{
+ int i;
+
+ for (i = 0; NULL != list[i]; i++) {
+ if (list[i] == member) {
+ break;
+ }
+ }
+
+ for (; NULL != list[i]; i++) {
+ list[i] = list[i + 1];
+ }
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ int c;
+ static struct option long_options[] = {
+ {"help", no_argument, NULL, 'h'},
+ {"quiet", no_argument, NULL, 'q'},
+ {"read-only", no_argument, NULL, 'r'},
+ {"root", required_argument, NULL, 'R'},
+ {"sort", no_argument, NULL, 's'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ /*
+ * Parse the command line arguments
+ */
+ while ((c = getopt_long (argc, argv, "hqrR:s",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'q':
+ /* quiet - ignored for now */
+ break;
+ case 'r':
+ read_only = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 's':
+ sort_mode = true;
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ if (sort_mode && read_only) {
+ fprintf (stderr, _("%s: -s and -r are incompatible\n"), Prog);
+ exit (E_USAGE);
+ }
+
+ /*
+ * Make certain we have the right number of arguments
+ */
+#ifdef SHADOWGRP
+ if (argc > (optind + 2))
+#else
+ if (argc > (optind + 1))
+#endif
+ {
+ usage (E_USAGE);
+ }
+
+ /*
+ * If there are two left over filenames, use those as the group and
+ * group password filenames.
+ */
+ if (optind != argc) {
+ grp_file = argv[optind];
+ gr_setdbname (grp_file);
+ use_system_grp_file = false;
+ }
+#ifdef SHADOWGRP
+ if ((optind + 2) == argc) {
+ sgr_file = argv[optind + 1];
+ sgr_setdbname (sgr_file);
+ is_shadow = true;
+ use_system_sgr_file = false;
+ } else if (optind == argc) {
+ is_shadow = sgr_file_present ();
+ }
+#endif
+}
+
+/*
+ * open_files - open the shadow database
+ *
+ * In read-only mode, the databases are not locked and are opened
+ * only for reading.
+ */
+static void open_files (void)
+{
+ /*
+ * Lock the files if we aren't in "read-only" mode
+ */
+ if (!read_only) {
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, grp_file);
+ fail_exit (E_CANT_LOCK);
+ }
+ gr_locked = true;
+#ifdef SHADOWGRP
+ if (is_shadow) {
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_file);
+ fail_exit (E_CANT_LOCK);
+ }
+ sgr_locked = true;
+ }
+#endif
+ }
+
+ /*
+ * Open the files. Use O_RDONLY if we are in read_only mode,
+ * O_RDWR otherwise.
+ */
+ if (gr_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog,
+ grp_file);
+ if (use_system_grp_file) {
+ SYSLOG ((LOG_WARN, "cannot open %s", grp_file));
+ }
+ fail_exit (E_CANT_OPEN);
+ }
+#ifdef SHADOWGRP
+ if (is_shadow && (sgr_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0)) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog,
+ sgr_file);
+ if (use_system_sgr_file) {
+ SYSLOG ((LOG_WARN, "cannot open %s", sgr_file));
+ }
+ fail_exit (E_CANT_OPEN);
+ }
+#endif
+}
+
+/*
+ * close_files - close and unlock the group/gshadow databases
+ *
+ * If changed is not set, the databases are not closed, and no
+ * changes are committed in the databases. The databases are
+ * unlocked anyway.
+ */
+static void close_files (bool changed)
+{
+ /*
+ * All done. If there were no change we can just abandon any
+ * changes to the files.
+ */
+ if (changed) {
+ if (gr_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"),
+ Prog, grp_file);
+ fail_exit (E_CANT_UPDATE);
+ }
+#ifdef SHADOWGRP
+ if (is_shadow && (sgr_close () == 0)) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"),
+ Prog, sgr_file);
+ fail_exit (E_CANT_UPDATE);
+ }
+#endif
+ }
+
+ /*
+ * Don't be anti-social - unlock the files when you're done.
+ */
+#ifdef SHADOWGRP
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ sgr_locked = false;
+ }
+#endif
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ gr_locked = false;
+ }
+}
+
+/*
+ * check_members - check that every members of a group exist
+ *
+ * If an error is detected, *errors is incremented.
+ *
+ * The user will be prompted for the removal of the non-existent
+ * user.
+ *
+ * If any changes are performed, the return value will be 1,
+ * otherwise check_members() returns 0.
+ *
+ * fmt_info, fmt_prompt, and fmt_syslog are used for logging.
+ * * fmt_info must contain two string flags (%s): for the group's
+ * name and the missing member.
+ * * fmt_prompt must contain one string flags (%s): the missing
+ * member.
+ * * fmt_syslog must contain two string flags (%s): for the
+ * group's name and the missing member.
+ */
+static int check_members (const char *groupname,
+ char **members,
+ const char *fmt_info,
+ const char *fmt_prompt,
+ const char *fmt_syslog,
+ int *errors)
+{
+ int i;
+ int members_changed = 0;
+
+ /*
+ * Make sure each member exists
+ */
+ for (i = 0; NULL != members[i]; i++) {
+ /* local, no need for xgetpwnam */
+ if (getpwnam (members[i]) != NULL) {
+ continue;
+ }
+ /*
+ * Can't find this user. Remove them
+ * from the list.
+ */
+ *errors += 1;
+ printf (fmt_info, groupname, members[i]);
+ printf (fmt_prompt, members[i]);
+
+ if (!yes_or_no (read_only)) {
+ continue;
+ }
+
+ SYSLOG ((LOG_INFO, fmt_syslog, members[i], groupname));
+ members_changed = 1;
+ delete_member (members, members[i]);
+
+ /* Rewind in case of removal */
+ i--;
+ }
+
+ return members_changed;
+}
+
+#ifdef SHADOWGRP
+/*
+ * compare_members_lists - make sure the list of members is contained in
+ * another list.
+ *
+ * compare_members_lists() checks that all the members of members are
+ * also in other_members.
+ * file and other_file are used for logging.
+ *
+ * TODO: No changes are performed on the lists.
+ */
+static void compare_members_lists (const char *groupname,
+ char **members,
+ char **other_members,
+ const char *file,
+ const char *other_file)
+{
+ char **pmem, **other_pmem;
+
+ for (pmem = members; NULL != *pmem; pmem++) {
+ for (other_pmem = other_members; NULL != *other_pmem; other_pmem++) {
+ if (strcmp (*pmem, *other_pmem) == 0) {
+ break;
+ }
+ }
+ if (*other_pmem == NULL) {
+ printf
+ ("'%s' is a member of the '%s' group in %s but not in %s\n",
+ *pmem, groupname, file, other_file);
+ }
+ }
+}
+#endif /* SHADOWGRP */
+
+/*
+ * check_grp_file - check the content of the group file
+ */
+static void check_grp_file (int *errors, bool *changed)
+{
+ struct commonio_entry *gre, *tgre;
+ struct group *grp;
+#ifdef SHADOWGRP
+ struct sgrp *sgr;
+#endif
+
+ /*
+ * Loop through the entire group file.
+ */
+ for (gre = __gr_get_head (); NULL != gre; gre = gre->next) {
+ /*
+ * Skip all NIS entries.
+ */
+
+ if ((gre->line[0] == '+') || (gre->line[0] == '-')) {
+ continue;
+ }
+
+ /*
+ * Start with the entries that are completely corrupt. They
+ * have no (struct group) entry because they couldn't be
+ * parsed properly.
+ */
+ if (NULL == gre->eptr) {
+
+ /*
+ * Tell the user this entire line is bogus and ask
+ * them to delete it.
+ */
+ (void) puts (_("invalid group file entry"));
+ printf (_("delete line '%s'? "), gre->line);
+ *errors += 1;
+
+ /*
+ * prompt the user to delete the entry or not
+ */
+ if (!yes_or_no (read_only)) {
+ continue;
+ }
+
+ /*
+ * All group file deletions wind up here. This code
+ * removes the current entry from the linked list.
+ * When done, it skips back to the top of the loop
+ * to try out the next list element.
+ */
+ delete_gr:
+ SYSLOG ((LOG_INFO, "delete group line '%s'",
+ gre->line));
+ *changed = true;
+
+ __gr_del_entry (gre);
+ continue;
+ }
+
+ /*
+ * Group structure is good, start using it.
+ */
+ grp = gre->eptr;
+
+ /*
+ * Make sure this entry has a unique name.
+ */
+ for (tgre = __gr_get_head (); NULL != tgre; tgre = tgre->next) {
+
+ const struct group *ent = tgre->eptr;
+
+ /*
+ * Don't check this entry
+ */
+ if (tgre == gre) {
+ continue;
+ }
+
+ /*
+ * Don't check invalid entries.
+ */
+ if (NULL == ent) {
+ continue;
+ }
+
+ if (strcmp (grp->gr_name, ent->gr_name) != 0) {
+ continue;
+ }
+
+ /*
+ * Tell the user this entry is a duplicate of
+ * another and ask them to delete it.
+ */
+ (void) puts (_("duplicate group entry"));
+ printf (_("delete line '%s'? "), gre->line);
+ *errors += 1;
+
+ /*
+ * prompt the user to delete the entry or not
+ */
+ if (yes_or_no (read_only)) {
+ goto delete_gr;
+ }
+ }
+
+ /*
+ * Check for invalid group names. --marekm
+ */
+ if (!is_valid_group_name (grp->gr_name)) {
+ *errors += 1;
+ printf (_("invalid group name '%s'\n"), grp->gr_name);
+ }
+
+ /*
+ * Check for invalid group ID.
+ */
+ if (grp->gr_gid == (gid_t)-1) {
+ printf (_("invalid group ID '%lu'\n"), (long unsigned int)grp->gr_gid);
+ *errors += 1;
+ }
+
+ /*
+ * Workaround for a NYS libc 5.3.12 bug on RedHat 4.2 -
+ * groups with no members are returned as groups with one
+ * member "", causing grpck to fail. --marekm
+ */
+ if ( (NULL != grp->gr_mem[0])
+ && (NULL == grp->gr_mem[1])
+ && ('\0' == grp->gr_mem[0][0])) {
+ grp->gr_mem[0] = NULL;
+ }
+
+ if (check_members (grp->gr_name, grp->gr_mem,
+ _("group %s: no user %s\n"),
+ _("delete member '%s'? "),
+ "delete member '%s' from group '%s'",
+ errors) == 1) {
+ *changed = true;
+ gre->changed = true;
+ __gr_set_changed ();
+ }
+
+#ifdef SHADOWGRP
+ /*
+ * Make sure this entry exists in the /etc/gshadow file.
+ */
+
+ if (is_shadow) {
+ sgr = (struct sgrp *) sgr_locate (grp->gr_name);
+ if (sgr == NULL) {
+ printf (_("no matching group file entry in %s\n"),
+ sgr_file);
+ printf (_("add group '%s' in %s? "),
+ grp->gr_name, sgr_file);
+ *errors += 1;
+ if (yes_or_no (read_only)) {
+ struct sgrp sg;
+ struct group gr;
+ static char *empty = NULL;
+
+ sg.sg_name = grp->gr_name;
+ sg.sg_passwd = grp->gr_passwd;
+ sg.sg_adm = &empty;
+ sg.sg_mem = grp->gr_mem;
+ SYSLOG ((LOG_INFO,
+ "add group '%s' to '%s'",
+ grp->gr_name, sgr_file));
+ *changed = true;
+
+ if (sgr_update (&sg) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), sg.sg_name);
+ fail_exit (E_CANT_UPDATE);
+ }
+ /* remove password from /etc/group */
+ gr = *grp;
+ gr.gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ if (gr_update (&gr) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), gr.gr_name);
+ fail_exit (E_CANT_UPDATE);
+ }
+ }
+ } else {
+ /**
+ * Verify that all the members defined in /etc/group are also
+ * present in /etc/gshadow.
+ */
+ compare_members_lists (grp->gr_name,
+ grp->gr_mem, sgr->sg_mem,
+ grp_file, sgr_file);
+
+ /* The group entry has a gshadow counterpart.
+ * Make sure no passwords are in group.
+ */
+ if (strcmp (grp->gr_passwd, SHADOW_PASSWD_STRING) != 0) {
+ printf (_("group %s has an entry in %s, but its password field in %s is not set to 'x'\n"),
+ grp->gr_name, sgr_file, grp_file);
+ *errors += 1;
+ }
+ }
+ }
+#endif
+
+ }
+}
+
+#ifdef SHADOWGRP
+/*
+ * check_sgr_file - check the content of the shadowed group file (gshadow)
+ */
+static void check_sgr_file (int *errors, bool *changed)
+{
+ struct group *grp;
+ struct commonio_entry *sge, *tsge;
+ struct sgrp *sgr;
+
+ /*
+ * Loop through the entire shadow group file.
+ */
+ for (sge = __sgr_get_head (); NULL != sge; sge = sge->next) {
+
+ /*
+ * Start with the entries that are completely corrupt. They
+ * have no (struct sgrp) entry because they couldn't be
+ * parsed properly.
+ */
+ if (NULL == sge->eptr) {
+
+ /*
+ * Tell the user this entire line is bogus and ask
+ * them to delete it.
+ */
+ (void) puts (_("invalid shadow group file entry"));
+ printf (_("delete line '%s'? "), sge->line);
+ *errors += 1;
+
+ /*
+ * prompt the user to delete the entry or not
+ */
+ if (!yes_or_no (read_only)) {
+ continue;
+ }
+
+ /*
+ * All shadow group file deletions wind up here.
+ * This code removes the current entry from the
+ * linked list. When done, it skips back to the top
+ * of the loop to try out the next list element.
+ */
+ delete_sg:
+ SYSLOG ((LOG_INFO, "delete shadow line '%s'",
+ sge->line));
+ *changed = true;
+
+ __sgr_del_entry (sge);
+ continue;
+ }
+
+ /*
+ * Shadow group structure is good, start using it.
+ */
+ sgr = sge->eptr;
+
+ /*
+ * Make sure this entry has a unique name.
+ */
+ for (tsge = __sgr_get_head (); NULL != tsge; tsge = tsge->next) {
+
+ const struct sgrp *ent = tsge->eptr;
+
+ /*
+ * Don't check this entry
+ */
+ if (tsge == sge) {
+ continue;
+ }
+
+ /*
+ * Don't check invalid entries.
+ */
+ if (NULL == ent) {
+ continue;
+ }
+
+ if (strcmp (sgr->sg_name, ent->sg_name) != 0) {
+ continue;
+ }
+
+ /*
+ * Tell the user this entry is a duplicate of
+ * another and ask them to delete it.
+ */
+ (void) puts (_("duplicate shadow group entry"));
+ printf (_("delete line '%s'? "), sge->line);
+ *errors += 1;
+
+ /*
+ * prompt the user to delete the entry or not
+ */
+ if (yes_or_no (read_only)) {
+ goto delete_sg;
+ }
+ }
+
+ /*
+ * Make sure this entry exists in the /etc/group file.
+ */
+ grp = (struct group *) gr_locate (sgr->sg_name);
+ if (grp == NULL) {
+ printf (_("no matching group file entry in %s\n"),
+ grp_file);
+ printf (_("delete line '%s'? "), sge->line);
+ *errors += 1;
+ if (yes_or_no (read_only)) {
+ goto delete_sg;
+ }
+ } else {
+ /**
+ * Verify that the all members defined in /etc/gshadow are also
+ * present in /etc/group.
+ */
+ compare_members_lists (sgr->sg_name,
+ sgr->sg_mem, grp->gr_mem,
+ sgr_file, grp_file);
+ }
+
+ /*
+ * Make sure each administrator exists
+ */
+ if (check_members (sgr->sg_name, sgr->sg_adm,
+ _("shadow group %s: no administrative user %s\n"),
+ _("delete administrative member '%s'? "),
+ "delete admin '%s' from shadow group '%s'",
+ errors) == 1) {
+ *changed = true;
+ sge->changed = true;
+ __sgr_set_changed ();
+ }
+
+ /*
+ * Make sure each member exists
+ */
+ if (check_members (sgr->sg_name, sgr->sg_mem,
+ _("shadow group %s: no user %s\n"),
+ _("delete member '%s'? "),
+ "delete member '%s' from shadow group '%s'",
+ errors) == 1) {
+ *changed = true;
+ sge->changed = true;
+ __sgr_set_changed ();
+ }
+ }
+}
+#endif /* SHADOWGRP */
+
+/*
+ * grpck - verify group file integrity
+ */
+int main (int argc, char **argv)
+{
+ int errors = 0;
+ bool changed = false;
+
+ /*
+ * Get my name so that I can use it to report errors.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("grpck");
+
+ /* Parse the command line arguments */
+ process_flags (argc, argv);
+
+ open_files ();
+
+ if (sort_mode) {
+ gr_sort ();
+#ifdef SHADOWGRP
+ if (is_shadow) {
+ sgr_sort ();
+ }
+ changed = true;
+#endif
+ } else {
+ check_grp_file (&errors, &changed);
+#ifdef SHADOWGRP
+ if (is_shadow) {
+ check_sgr_file (&errors, &changed);
+ }
+#endif
+ }
+
+ /* Commit the change in the database if needed */
+ close_files (changed);
+
+ nscd_flush_cache ("group");
+
+ /*
+ * Tell the user what we did and exit.
+ */
+ if (0 != errors) {
+ if (changed) {
+ printf (_("%s: the files have been updated\n"), Prog);
+ } else {
+ printf (_("%s: no changes\n"), Prog);
+ }
+ }
+
+ return ((0 != errors) ? E_BAD_ENTRY : E_OKAY);
+}
+
diff --git a/src/grpconv.c b/src/grpconv.c
new file mode 100644
index 0000000..f681f07
--- /dev/null
+++ b/src/grpconv.c
@@ -0,0 +1,286 @@
+/*
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2011 , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * grpconv - create or update /etc/gshadow with information from
+ * /etc/group.
+ *
+ */
+
+#include <config.h>
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <grp.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <unistd.h>
+#include <getopt.h>
+#include "nscd.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+#ifdef SHADOWGRP
+#include "groupio.h"
+#include "sgroupio.h"
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool gr_locked = false;
+static bool sgr_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int status);
+static void usage (int status);
+static void process_flags (int argc, char **argv);
+
+static void fail_exit (int status)
+{
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ }
+
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ }
+
+ exit (status);
+}
+
+static void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ /*
+ * Parse the command line options.
+ */
+ int c;
+ static struct option long_options[] = {
+ {"help", no_argument, NULL, 'h'},
+ {"root", required_argument, NULL, 'R'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "hR:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ if (optind != argc) {
+ usage (E_USAGE);
+ }
+}
+
+int main (int argc, char **argv)
+{
+ const struct group *gr;
+ struct group grent;
+ const struct sgrp *sg;
+ struct sgrp sgent;
+
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("grpconv");
+
+ process_flags (argc, argv);
+
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ fail_exit (5);
+ }
+ gr_locked = true;
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+ fail_exit (1);
+ }
+
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (5);
+ }
+ sgr_locked = true;
+ if (sgr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ());
+ fail_exit (1);
+ }
+
+ /*
+ * Remove /etc/gshadow entries for groups not in /etc/group.
+ */
+ (void) sgr_rewind ();
+ while ((sg = sgr_next ()) != NULL) {
+ if (gr_locate (sg->sg_name) != NULL) {
+ continue;
+ }
+
+ if (sgr_remove (sg->sg_name) == 0) {
+ /*
+ * This shouldn't happen (the entry exists) but...
+ */
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, sg->sg_name, sgr_dbname ());
+ fail_exit (3);
+ }
+ }
+
+ /*
+ * Update shadow group passwords if non-shadow password is not "x".
+ * Add any missing shadow group entries.
+ */
+ (void) gr_rewind ();
+ while ((gr = gr_next ()) != NULL) {
+ sg = sgr_locate (gr->gr_name);
+ if (NULL != sg) {
+ /* update existing shadow group entry */
+ sgent = *sg;
+ if (strcmp (gr->gr_passwd, SHADOW_PASSWD_STRING) != 0)
+ sgent.sg_passwd = gr->gr_passwd;
+ } else {
+ static char *empty = 0;
+
+ /* add new shadow group entry */
+ memset (&sgent, 0, sizeof sgent);
+ sgent.sg_name = gr->gr_name;
+ sgent.sg_passwd = gr->gr_passwd;
+ sgent.sg_adm = &empty;
+ }
+ /*
+ * XXX - sg_mem is redundant, it is currently always a copy
+ * of gr_mem. Very few programs actually use sg_mem, and all
+ * of them are in the shadow suite. Maybe this field could
+ * be used for something else? Any suggestions?
+ */
+ sgent.sg_mem = gr->gr_mem;
+
+ if (sgr_update (&sgent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), sgent.sg_name);
+ fail_exit (3);
+ }
+ /* remove password from /etc/group */
+ grent = *gr;
+ grent.gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ if (gr_update (&grent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), grent.gr_name);
+ fail_exit (3);
+ }
+ }
+
+ if (sgr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+ fail_exit (3);
+ }
+ if (gr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+ fail_exit (3);
+ }
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+
+ nscd_flush_cache ("group");
+
+ return 0;
+}
+#else /* !SHADOWGRP */
+int main (int unused(argc), char **argv)
+{
+ fprintf (stderr,
+ "%s: not configured for shadow group support.\n", argv[0]);
+ exit (1);
+}
+#endif /* !SHADOWGRP */
+
diff --git a/src/grpunconv.c b/src/grpunconv.c
new file mode 100644
index 0000000..253f06f
--- /dev/null
+++ b/src/grpunconv.c
@@ -0,0 +1,250 @@
+/*
+ * Copyright (c) 1996 , Michael Meskes
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * grpunconv - update /etc/group with information from /etc/gshadow.
+ *
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <fcntl.h>
+#include <time.h>
+#include <unistd.h>
+#include <grp.h>
+#include <getopt.h>
+#include "nscd.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+#ifdef SHADOWGRP
+#include "groupio.h"
+#include "sgroupio.h"
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool gr_locked = false;
+static bool sgr_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int status);
+static void usage (int status);
+static void process_flags (int argc, char **argv);
+
+static void fail_exit (int status)
+{
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ }
+
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ }
+
+ exit (status);
+}
+
+static void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ /*
+ * Parse the command line options.
+ */
+ int c;
+ static struct option long_options[] = {
+ {"help", no_argument, NULL, 'h'},
+ {"root", required_argument, NULL, 'R'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "hR:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ if (optind != argc) {
+ usage (E_USAGE);
+ }
+}
+
+int main (int argc, char **argv)
+{
+ const struct group *gr;
+ struct group grent;
+ const struct sgrp *sg;
+
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("grpunconv");
+
+ process_flags (argc, argv);
+
+ if (sgr_file_present () == 0) {
+ exit (0); /* no /etc/gshadow, nothing to do */
+ }
+
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ fail_exit (5);
+ }
+ gr_locked = true;
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"), Prog, gr_dbname ());
+ fail_exit (1);
+ }
+
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (5);
+ }
+ sgr_locked = true;
+ if (sgr_open (O_RDONLY) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"), Prog, sgr_dbname ());
+ fail_exit (1);
+ }
+
+ /*
+ * Update group passwords if non-shadow password is "x".
+ */
+ (void) gr_rewind ();
+ while ((gr = gr_next ()) != NULL) {
+ sg = sgr_locate (gr->gr_name);
+ if ( (NULL != sg)
+ && (strcmp (gr->gr_passwd, SHADOW_PASSWD_STRING) == 0)) {
+ /* add password to /etc/group */
+ grent = *gr;
+ grent.gr_passwd = sg->sg_passwd;
+ if (gr_update (&grent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), grent.gr_name);
+ fail_exit (3);
+ }
+ }
+ }
+
+ (void) sgr_close (); /* was only open O_RDONLY */
+
+ if (gr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+ fail_exit (3);
+ }
+
+ if (unlink (SGROUP_FILE) != 0) {
+ fprintf (stderr,
+ _("%s: cannot delete %s\n"),
+ Prog, SGROUP_FILE);
+ SYSLOG ((LOG_ERR, "cannot delete %s", SGROUP_FILE));
+ fail_exit (3);
+ }
+
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+
+ nscd_flush_cache ("group");
+
+ return 0;
+}
+#else /* !SHADOWGRP */
+int main (int unused(argc), char **argv)
+{
+ fprintf (stderr,
+ "%s: not configured for shadow group support.\n", argv[0]);
+ exit (1);
+}
+#endif /* !SHADOWGRP */
+
diff --git a/src/id.c b/src/id.c
new file mode 100644
index 0000000..4462ae0
--- /dev/null
+++ b/src/id.c
@@ -0,0 +1,207 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * id - print current process user identification information
+ *
+ * Print the current process identifiers. This includes the
+ * UID, GID, effective-UID and effective-GID. Optionally print
+ * the concurrent group set if the current system supports it.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include "defines.h"
+/* local function prototypes */
+static void usage (void);
+
+static void usage (void)
+{
+#ifdef HAVE_GETGROUPS
+ (void) fputs (_("Usage: id [-a]\n"), stderr);
+#else
+ (void) fputs (_("Usage: id\n"), stderr);
+#endif
+ exit (EXIT_FAILURE);
+}
+
+ /*ARGSUSED*/ int main (int argc, char **argv)
+{
+ uid_t ruid, euid;
+ gid_t rgid, egid;
+ long sys_ngroups;
+
+/*
+ * This block of declarations is particularly strained because of several
+ * different ways of doing concurrent groups. Old BSD systems used int for
+ * gid's, but short for the type passed to getgroups(). Newer systems use
+ * gid_t for everything. Some systems have a small and fixed NGROUPS,
+ * usually about 16 or 32. Others use bigger values.
+ */
+#ifdef HAVE_GETGROUPS
+ GETGROUPS_T *groups;
+ int ngroups;
+ bool aflg = 0;
+#endif
+ struct passwd *pw;
+ struct group *gr;
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ /*
+ * Dynamically get the maximum number of groups from system, instead
+ * of using the symbolic constant NGROUPS_MAX. This ensures that the
+ * group limit is not hard coded into the binary, so it will still
+ * work if the system library is recompiled.
+ */
+ sys_ngroups = sysconf (_SC_NGROUPS_MAX);
+#ifdef HAVE_GETGROUPS
+ groups = (GETGROUPS_T *) malloc (sizeof (GETGROUPS_T) * sys_ngroups);
+ /*
+ * See if the -a flag has been given to print out the concurrent
+ * group set.
+ */
+
+ if (argc > 1) {
+ if ((argc > 2) || (strcmp (argv[1], "-a") != 0)) {
+ usage ();
+ } else {
+ aflg = true;
+ }
+ }
+#else
+ if (argc > 1) {
+ usage ();
+ }
+#endif
+
+ ruid = getuid ();
+ euid = geteuid ();
+ rgid = getgid ();
+ egid = getegid ();
+
+ /*
+ * Print out the real user ID and group ID. If the user or group
+ * does not exist, just give the numerical value.
+ */
+
+ pw = getpwuid (ruid); /* local, no need for xgetpwuid */
+ if (NULL != pw) {
+ (void) printf ("UID=%lu(%s)",
+ (unsigned long) ruid, pw->pw_name);
+ } else {
+ (void) printf ("UID=%lu", (unsigned long) ruid);
+ }
+
+ gr = getgrgid (rgid);; /* local, no need for xgetgrgid */
+ if (NULL != gr) {
+ (void) printf (" GID=%lu(%s)",
+ (unsigned long) rgid, gr->gr_name);
+ } else {
+ (void) printf (" GID=%lu", (unsigned long) rgid);
+ }
+
+ /*
+ * Print out the effective user ID and group ID if they are
+ * different from the real values.
+ */
+
+ if (ruid != euid) {
+ pw = getpwuid (euid); /* local, no need for xgetpwuid */
+ if (NULL != pw) {
+ (void) printf (" EUID=%lu(%s)",
+ (unsigned long) euid, pw->pw_name);
+ } else {
+ (void) printf (" EUID=%lu", (unsigned long) euid);
+ }
+ }
+ if (rgid != egid) {
+ gr = getgrgid (egid); /* local, no need for xgetgrgid */
+ if (NULL != gr) {
+ (void) printf (" EGID=%lu(%s)",
+ (unsigned long) egid, gr->gr_name);
+ } else {
+ (void) printf (" EGID=%lu", (unsigned long) egid);
+ }
+ }
+#ifdef HAVE_GETGROUPS
+ /*
+ * Print out the concurrent group set if the user has requested it.
+ * The group numbers will be printed followed by their names.
+ */
+ if (aflg && (ngroups = getgroups (sys_ngroups, groups)) != -1) {
+ int i;
+
+ /*
+ * Start off the group message. It will be of the format
+ *
+ * groups=###(aaa),###(aaa),###(aaa)
+ *
+ * where "###" is a numerical value and "aaa" is the
+ * corresponding name for each respective numerical value.
+ */
+ (void) puts (_(" groups="));
+ for (i = 0; i < ngroups; i++) {
+ if (0 != i)
+ (void) putchar (',');
+
+ /* local, no need for xgetgrgid */
+ gr = getgrgid (groups[i]);
+ if (NULL != gr) {
+ (void) printf ("%lu(%s)",
+ (unsigned long) groups[i],
+ gr->gr_name);
+ } else {
+ (void) printf ("%lu",
+ (unsigned long) groups[i]);
+ }
+ }
+ }
+ free (groups);
+#endif
+
+ /*
+ * Finish off the line.
+ */
+ (void) putchar ('\n');
+
+ return EXIT_SUCCESS;
+}
+
diff --git a/src/lastlog.c b/src/lastlog.c
new file mode 100644
index 0000000..965691d
--- /dev/null
+++ b/src/lastlog.c
@@ -0,0 +1,428 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <getopt.h>
+#include <lastlog.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <time.h>
+#include <assert.h>
+#include "defines.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Needed for MkLinux DR1/2/2.1 - J.
+ */
+#ifndef LASTLOG_FILE
+#define LASTLOG_FILE "/var/log/lastlog"
+#endif
+
+/*
+ * Global variables
+ */
+const char *Prog; /* Program name */
+static FILE *lastlogfile; /* lastlog file stream */
+static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */
+static bool has_umin = false;
+static unsigned long umax; /* if uflg and has_umax, only display users with uid <= umax */
+static bool has_umax = false;
+static time_t seconds; /* that number of days in seconds */
+static time_t inverse_seconds; /* that number of days in seconds */
+static struct stat statbuf; /* fstat buffer for file size */
+
+
+static bool uflg = false; /* print only an user of range of users */
+static bool tflg = false; /* print is restricted to most recent days */
+static bool bflg = false; /* print excludes most recent days */
+static bool Cflg = false; /* clear record for user */
+static bool Sflg = false; /* set record for user */
+
+#define NOW (time ((time_t *) 0))
+
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -b, --before DAYS print only lastlog records older than DAYS\n"), usageout);
+ (void) fputs (_(" -C, --clear clear lastlog record of an user (usable only with -u)\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -S, --set set lastlog record to current time (usable only with -u)\n"), usageout);
+ (void) fputs (_(" -t, --time DAYS print only lastlog records more recent than DAYS\n"), usageout);
+ (void) fputs (_(" -u, --user LOGIN print lastlog record of the specified LOGIN\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+static void print_one (/*@null@*/const struct passwd *pw)
+{
+ static bool once = false;
+ char *cp;
+ struct tm *tm;
+ time_t ll_time;
+ off_t offset;
+ struct lastlog ll;
+
+#ifdef HAVE_STRFTIME
+ char ptime[80];
+#endif
+
+ if (NULL == pw) {
+ return;
+ }
+
+
+ offset = (off_t) pw->pw_uid * sizeof (ll);
+ if (offset + sizeof (ll) <= statbuf.st_size) {
+ /* fseeko errors are not really relevant for us. */
+ int err = fseeko (lastlogfile, offset, SEEK_SET);
+ assert (0 == err);
+ /* lastlog is a sparse file. Even if no entries were
+ * entered for this user, which should be able to get the
+ * empty entry in this case.
+ */
+ if (fread ((char *) &ll, sizeof (ll), 1, lastlogfile) != 1) {
+ fprintf (stderr,
+ _("%s: Failed to get the entry for UID %lu\n"),
+ Prog, (unsigned long int)pw->pw_uid);
+ exit (EXIT_FAILURE);
+ }
+ } else {
+ /* Outsize of the lastlog file.
+ * Behave as if there were a missing entry (same behavior
+ * as if we were reading an non existing entry in the
+ * sparse lastlog file).
+ */
+ memzero (&ll, sizeof (ll));
+ }
+
+ /* Filter out entries that do not match with the -t or -b options */
+ if (tflg && ((NOW - ll.ll_time) > seconds)) {
+ return;
+ }
+
+ if (bflg && ((NOW - ll.ll_time) < inverse_seconds)) {
+ return;
+ }
+
+ /* Print the header only once */
+ if (!once) {
+#ifdef HAVE_LL_HOST
+ puts (_("Username Port From Latest"));
+#else
+ puts (_("Username Port Latest"));
+#endif
+ once = true;
+ }
+
+ ll_time = ll.ll_time;
+ tm = localtime (&ll_time);
+#ifdef HAVE_STRFTIME
+ strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
+ cp = ptime;
+#else
+ cp = asctime (tm);
+ cp[24] = '\0';
+#endif
+
+ if (ll.ll_time == (time_t) 0) {
+ cp = _("**Never logged in**\0");
+ }
+
+#ifdef HAVE_LL_HOST
+ printf ("%-16s %-8.8s %-16.16s %s\n",
+ pw->pw_name, ll.ll_line, ll.ll_host, cp);
+#else
+ printf ("%-16s\t%-8.8s %s\n",
+ pw->pw_name, ll.ll_line, cp);
+#endif
+}
+
+static void print (void)
+{
+ const struct passwd *pwent;
+ if (uflg && has_umin && has_umax && (umin == umax)) {
+ print_one (getpwuid ((uid_t)umin));
+ } else {
+ setpwent ();
+ while ( (pwent = getpwent ()) != NULL ) {
+ if ( uflg
+ && ( (has_umin && (pwent->pw_uid < (uid_t)umin))
+ || (has_umax && (pwent->pw_uid > (uid_t)umax)))) {
+ continue;
+ }
+ print_one (pwent);
+ }
+ endpwent ();
+ }
+}
+
+static void update_one (/*@null@*/const struct passwd *pw)
+{
+ off_t offset;
+ struct lastlog ll;
+ int err;
+
+ if (NULL == pw) {
+ return;
+ }
+
+ offset = (off_t) pw->pw_uid * sizeof (ll);
+ /* fseeko errors are not really relevant for us. */
+ err = fseeko (lastlogfile, offset, SEEK_SET);
+ assert (0 == err);
+
+ memzero (&ll, sizeof (ll));
+
+ if (Sflg) {
+ ll.ll_time = NOW;
+#ifdef HAVE_LL_HOST
+ strcpy (ll.ll_host, "localhost");
+#endif
+ strcpy (ll.ll_line, "lastlog");
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ACCT_UNLOCK, Prog,
+ "clearing-lastlog",
+ pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS);
+#endif
+ }
+#ifdef WITH_AUDIT
+ else {
+ audit_logger (AUDIT_ACCT_UNLOCK, Prog,
+ "refreshing-lastlog",
+ pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS);
+ }
+#endif
+
+ if (fwrite (&ll, sizeof(ll), 1, lastlogfile) != 1) {
+ fprintf (stderr,
+ _("%s: Failed to update the entry for UID %lu\n"),
+ Prog, (unsigned long int)pw->pw_uid);
+ exit (EXIT_FAILURE);
+ }
+}
+
+static void update (void)
+{
+ const struct passwd *pwent;
+
+ if (!uflg) /* safety measure */
+ return;
+
+ if (has_umin && has_umax && (umin == umax)) {
+ update_one (getpwuid ((uid_t)umin));
+ } else {
+ setpwent ();
+ while ( (pwent = getpwent ()) != NULL ) {
+ if ((has_umin && (pwent->pw_uid < (uid_t)umin))
+ || (has_umax && (pwent->pw_uid > (uid_t)umax))) {
+ continue;
+ }
+ update_one (pwent);
+ }
+ endpwent ();
+ }
+
+ if (fflush (lastlogfile) != 0 || fsync (fileno (lastlogfile)) != 0) {
+ fprintf (stderr,
+ _("%s: Failed to update the lastlog file\n"),
+ Prog);
+ exit (EXIT_FAILURE);
+ }
+}
+
+int main (int argc, char **argv)
+{
+ /*
+ * Get the program name. The program name is used as a prefix to
+ * most error messages.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+#ifdef WITH_AUDIT
+ audit_help_open ();
+#endif
+
+ {
+ int c;
+ static struct option const longopts[] = {
+ {"before", required_argument, NULL, 'b'},
+ {"clear", no_argument, NULL, 'C'},
+ {"help", no_argument, NULL, 'h'},
+ {"root", required_argument, NULL, 'R'},
+ {"set", no_argument, NULL, 'S'},
+ {"time", required_argument, NULL, 't'},
+ {"user", required_argument, NULL, 'u'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "b:ChR:St:u:", longopts,
+ NULL)) != -1) {
+ switch (c) {
+ case 'b':
+ {
+ unsigned long inverse_days;
+ if (getulong (optarg, &inverse_days) == 0) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ exit (EXIT_FAILURE);
+ }
+ inverse_seconds = (time_t) inverse_days * DAY;
+ bflg = true;
+ break;
+ }
+ case 'C':
+ {
+ Cflg = true;
+ break;
+ }
+ case 'h':
+ usage (EXIT_SUCCESS);
+ /*@notreached@*/break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 'S':
+ {
+ Sflg = true;
+ break;
+ }
+ case 't':
+ {
+ unsigned long days;
+ if (getulong (optarg, &days) == 0) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ exit (EXIT_FAILURE);
+ }
+ seconds = (time_t) days * DAY;
+ tflg = true;
+ break;
+ }
+ case 'u':
+ {
+ const struct passwd *pwent;
+ /*
+ * The user can be:
+ * - a login name
+ * - numerical
+ * - a numerical login ID
+ * - a range (-x, x-, x-y)
+ */
+ uflg = true;
+ /* local, no need for xgetpwnam */
+ pwent = getpwnam (optarg);
+ if (NULL != pwent) {
+ umin = (unsigned long) pwent->pw_uid;
+ has_umin = true;
+ umax = umin;
+ has_umax = true;
+ } else {
+ if (getrange (optarg,
+ &umin, &has_umin,
+ &umax, &has_umax) == 0) {
+ fprintf (stderr,
+ _("%s: Unknown user or range: %s\n"),
+ Prog, optarg);
+ exit (EXIT_FAILURE);
+ }
+ }
+ break;
+ }
+ default:
+ usage (EXIT_FAILURE);
+ /*@notreached@*/break;
+ }
+ }
+ if (argc > optind) {
+ fprintf (stderr,
+ _("%s: unexpected argument: %s\n"),
+ Prog, argv[optind]);
+ usage (EXIT_FAILURE);
+ }
+ if (Cflg && Sflg) {
+ fprintf (stderr,
+ _("%s: Option -C cannot be used together with option -S\n"),
+ Prog);
+ usage (EXIT_FAILURE);
+ }
+ if ((Cflg || Sflg) && !uflg) {
+ fprintf (stderr,
+ _("%s: Options -C and -S require option -u to specify the user\n"),
+ Prog);
+ usage (EXIT_FAILURE);
+ }
+ }
+
+ lastlogfile = fopen (LASTLOG_FILE, (Cflg || Sflg)?"r+":"r");
+ if (NULL == lastlogfile) {
+ perror (LASTLOG_FILE);
+ exit (EXIT_FAILURE);
+ }
+
+ /* Get the lastlog size */
+ if (fstat (fileno (lastlogfile), &statbuf) != 0) {
+ fprintf (stderr,
+ _("%s: Cannot get the size of %s: %s\n"),
+ Prog, LASTLOG_FILE, strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+
+ if (Cflg || Sflg)
+ update ();
+ else
+ print ();
+
+ (void) fclose (lastlogfile);
+
+ return EXIT_SUCCESS;
+}
+
diff --git a/src/login.c b/src/login.c
new file mode 100644
index 0000000..2d2e704
--- /dev/null
+++ b/src/login.c
@@ -0,0 +1,1339 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2001, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2012, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <grp.h>
+#ifndef USE_PAM
+#include <lastlog.h>
+#endif /* !USE_PAM */
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/ioctl.h>
+#include <assert.h>
+#include "defines.h"
+#include "faillog.h"
+#include "failure.h"
+#include "getdef.h"
+#include "prototypes.h"
+#include "pwauth.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+#ifdef USE_PAM
+#include "pam_defs.h"
+
+static pam_handle_t *pamh = NULL;
+
+#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
+ fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \
+ SYSLOG((LOG_ERR,"%s",pam_strerror(pamh, retcode))); \
+ (void) pam_end(pamh, retcode); \
+ exit(1); \
+ }
+#define PAM_END { retcode = pam_close_session(pamh,0); \
+ (void) pam_end(pamh,retcode); }
+
+#endif /* USE_PAM */
+
+#ifndef USE_PAM
+/*
+ * Needed for MkLinux DR1/2/2.1 - J.
+ */
+#ifndef LASTLOG_FILE
+#define LASTLOG_FILE "/var/log/lastlog"
+#endif
+#endif /* !USE_PAM */
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static const char *hostname = "";
+static /*@null@*/ /*@only@*/char *username = NULL;
+static int reason = PW_LOGIN;
+
+#ifndef USE_PAM
+static struct lastlog ll;
+#endif /* !USE_PAM */
+static bool pflg = false;
+static bool fflg = false;
+
+#ifdef RLOGIN
+static bool rflg = false;
+#else /* RLOGIN */
+#define rflg false
+#endif /* !RLOGIN */
+static bool hflg = false;
+static bool preauth_flag = false;
+
+static bool amroot;
+static char tmsg[256];
+
+/*
+ * External identifiers.
+ */
+
+extern char **newenvp;
+extern size_t newenvc;
+extern char **environ;
+
+#ifndef ALARM
+#define ALARM 60
+#endif
+
+#ifndef RETRIES
+#define RETRIES 3
+#endif
+
+/* local function prototypes */
+static void usage (void);
+static void setup_tty (void);
+static void process_flags (int argc, char *const *argv);
+static /*@observer@*/const char *get_failent_user (/*@returned@*/const char *user);
+static void update_utmp (const char *user,
+ const char *tty,
+ const char *host,
+ /*@null@*/const struct utmp *utent);
+
+#ifndef USE_PAM
+static struct faillog faillog;
+
+static void bad_time_notify (void);
+static void check_nologin (bool login_to_root);
+#else
+static void get_pam_user (char **ptr_pam_user);
+#endif
+
+static void init_env (void);
+static RETSIGTYPE alarm_handler (int);
+
+/*
+ * usage - print login command usage and exit
+ *
+ * login [ name ]
+ * login -r hostname (for rlogind)
+ * login -h hostname (for telnetd, etc.)
+ * login -f name (for pre-authenticated login: datakit, xterm, etc.)
+ */
+static void usage (void)
+{
+ fprintf (stderr, _("Usage: %s [-p] [name]\n"), Prog);
+ if (!amroot) {
+ exit (1);
+ }
+ fprintf (stderr, _(" %s [-p] [-h host] [-f name]\n"), Prog);
+#ifdef RLOGIN
+ fprintf (stderr, _(" %s [-p] -r host\n"), Prog);
+#endif /* RLOGIN */
+ exit (1);
+}
+
+static void setup_tty (void)
+{
+ TERMIO termio;
+
+ if (GTTY (0, &termio) == 0) { /* get terminal characteristics */
+ int erasechar;
+ int killchar;
+
+ /*
+ * Add your favorite terminal modes here ...
+ */
+ termio.c_lflag |= ISIG | ICANON | ECHO | ECHOE;
+ termio.c_iflag |= ICRNL;
+
+#if defined(ECHOKE) && defined(ECHOCTL)
+ termio.c_lflag |= ECHOKE | ECHOCTL;
+#endif
+#if defined(ECHOPRT) && defined(NOFLSH) && defined(TOSTOP)
+ termio.c_lflag &= ~(ECHOPRT | NOFLSH | TOSTOP);
+#endif
+#ifdef ONLCR
+ termio.c_oflag |= ONLCR;
+#endif
+
+ /* leave these values unchanged if not specified in login.defs */
+ erasechar = getdef_num ("ERASECHAR", (int) termio.c_cc[VERASE]);
+ killchar = getdef_num ("KILLCHAR", (int) termio.c_cc[VKILL]);
+ termio.c_cc[VERASE] = (cc_t) erasechar;
+ termio.c_cc[VKILL] = (cc_t) killchar;
+ /* Make sure the values were valid.
+ * getdef_num cannot validate this.
+ */
+ if (erasechar != (int) termio.c_cc[VERASE]) {
+ fprintf (stderr,
+ _("configuration error - cannot parse %s value: '%d'"),
+ "ERASECHAR", erasechar);
+ exit (1);
+ }
+ if (killchar != (int) termio.c_cc[VKILL]) {
+ fprintf (stderr,
+ _("configuration error - cannot parse %s value: '%d'"),
+ "KILLCHAR", killchar);
+ exit (1);
+ }
+
+ /*
+ * ttymon invocation prefers this, but these settings
+ * won't come into effect after the first username login
+ */
+ (void) STTY (0, &termio);
+ }
+}
+
+
+#ifndef USE_PAM
+/*
+ * Tell the user that this is not the right time to login at this tty
+ */
+static void bad_time_notify (void)
+{
+ (void) puts (_("Invalid login time"));
+ (void) fflush (stdout);
+}
+
+static void check_nologin (bool login_to_root)
+{
+ char *fname;
+
+ /*
+ * Check to see if system is turned off for non-root users.
+ * This would be useful to prevent users from logging in
+ * during system maintenance. We make sure the message comes
+ * out for root so she knows to remove the file if she's
+ * forgotten about it ...
+ */
+ fname = getdef_str ("NOLOGINS_FILE");
+ if ((NULL != fname) && (access (fname, F_OK) == 0)) {
+ FILE *nlfp;
+
+ /*
+ * Cat the file if it can be opened, otherwise just
+ * print a default message
+ */
+ nlfp = fopen (fname, "r");
+ if (NULL != nlfp) {
+ int c;
+ while ((c = getc (nlfp)) != EOF) {
+ if (c == '\n') {
+ (void) putchar ('\r');
+ }
+
+ (void) putchar (c);
+ }
+ (void) fflush (stdout);
+ (void) fclose (nlfp);
+ } else {
+ (void) puts (_("\nSystem closed for routine maintenance"));
+ }
+ /*
+ * Non-root users must exit. Root gets the message, but
+ * gets to login.
+ */
+
+ if (!login_to_root) {
+ closelog ();
+ exit (0);
+ }
+ (void) puts (_("\n[Disconnect bypassed -- root login allowed.]"));
+ }
+}
+#endif /* !USE_PAM */
+
+static void process_flags (int argc, char *const *argv)
+{
+ int arg;
+ int flag;
+
+ /*
+ * Check the flags for proper form. Every argument starting with
+ * "-" must be exactly two characters long. This closes all the
+ * clever rlogin, telnet, and getty holes.
+ */
+ for (arg = 1; arg < argc; arg++) {
+ if (argv[arg][0] == '-' && strlen (argv[arg]) > 2) {
+ usage ();
+ }
+ if (strcmp(argv[arg], "--") == 0) {
+ break; /* stop checking on a "--" */
+ }
+ }
+
+ /*
+ * Process options.
+ */
+ while ((flag = getopt (argc, argv, "d:fh:pr:")) != EOF) {
+ switch (flag) {
+ case 'd':
+ /* "-d device" ignored for compatibility */
+ break;
+ case 'f':
+ fflg = true;
+ break;
+ case 'h':
+ hflg = true;
+ hostname = optarg;
+ reason = PW_TELNET;
+ break;
+#ifdef RLOGIN
+ case 'r':
+ rflg = true;
+ hostname = optarg;
+ reason = PW_RLOGIN;
+ break;
+#endif /* RLOGIN */
+ case 'p':
+ pflg = true;
+ break;
+ default:
+ usage ();
+ }
+ }
+
+#ifdef RLOGIN
+ /*
+ * Neither -h nor -f should be combined with -r.
+ */
+
+ if (rflg && (hflg || fflg)) {
+ usage ();
+ }
+#endif /* RLOGIN */
+
+ /*
+ * Allow authentication bypass only if real UID is zero.
+ */
+
+ if ((rflg || fflg || hflg) && !amroot) {
+ fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+ exit (1);
+ }
+
+ /*
+ * Get the user name.
+ */
+ if (optind < argc) {
+ assert (NULL == username);
+ username = xstrdup (argv[optind]);
+ strzero (argv[optind]);
+ ++optind;
+ }
+
+#ifdef RLOGIN
+ if (rflg && (NULL != username)) {
+ usage ();
+ }
+#endif /* RLOGIN */
+ if (fflg && (NULL == username)) {
+ usage ();
+ }
+
+}
+
+
+static void init_env (void)
+{
+#ifndef USE_PAM
+ char *cp;
+#endif
+ char *tmp;
+
+ tmp = getenv ("LANG");
+ if (NULL != tmp) {
+ addenv ("LANG", tmp);
+ }
+
+ /*
+ * Add the timezone environmental variable so that time functions
+ * work correctly.
+ */
+ tmp = getenv ("TZ");
+ if (NULL != tmp) {
+ addenv ("TZ", tmp);
+ }
+#ifndef USE_PAM
+ else {
+ cp = getdef_str ("ENV_TZ");
+ if (NULL != cp) {
+ addenv (('/' == *cp) ? tz (cp) : cp, NULL);
+ }
+ }
+#endif /* !USE_PAM */
+ /*
+ * Add the clock frequency so that profiling commands work
+ * correctly.
+ */
+ tmp = getenv ("HZ");
+ if (NULL != tmp) {
+ addenv ("HZ", tmp);
+ }
+#ifndef USE_PAM
+ else {
+ cp = getdef_str ("ENV_HZ");
+ if (NULL != cp) {
+ addenv (cp, NULL);
+ }
+ }
+#endif /* !USE_PAM */
+}
+
+
+static RETSIGTYPE alarm_handler (unused int sig)
+{
+ write (STDERR_FILENO, tmsg, strlen (tmsg));
+ _exit (0);
+}
+
+#ifdef USE_PAM
+/*
+ * get_pam_user - Get the username according to PAM
+ *
+ * ptr_pam_user shall point to a malloc'ed string (or NULL).
+ */
+static void get_pam_user (char **ptr_pam_user)
+{
+ int retcode;
+ void *ptr_user;
+
+ assert (NULL != ptr_pam_user);
+
+ retcode = pam_get_item (pamh, PAM_USER, (const void **)&ptr_user);
+ PAM_FAIL_CHECK;
+
+ if (NULL != *ptr_pam_user) {
+ free (*ptr_pam_user);
+ }
+ if (NULL != ptr_user) {
+ *ptr_pam_user = xstrdup ((const char *)ptr_user);
+ } else {
+ *ptr_pam_user = NULL;
+ }
+}
+#endif
+
+/*
+ * get_failent_user - Return a string that can be used to log failure
+ * from an user.
+ *
+ * This will be either the user argument, or "UNKNOWN".
+ *
+ * It is quite common to mistyped the password for username, and passwords
+ * should not be logged.
+ */
+static /*@observer@*/const char *get_failent_user (/*@returned@*/const char *user)
+{
+ const char *failent_user = "UNKNOWN";
+ bool log_unkfail_enab = getdef_bool("LOG_UNKFAIL_ENAB");
+
+ if ((NULL != user) && ('\0' != user[0])) {
+ if ( log_unkfail_enab
+ || (getpwnam (user) != NULL)) {
+ failent_user = user;
+ }
+ }
+
+ return failent_user;
+}
+
+/*
+ * update_utmp - Update or create an utmp entry in utmp, wtmp, utmpw, and
+ * wtmpx
+ *
+ * utent should be the utmp entry returned by get_current_utmp (or
+ * NULL).
+ */
+static void update_utmp (const char *user,
+ const char *tty,
+ const char *host,
+ /*@null@*/const struct utmp *utent)
+{
+ struct utmp *ut = prepare_utmp (user, tty, host, utent);
+#ifdef USE_UTMPX
+ struct utmpx *utx = prepare_utmpx (user, tty, host, utent);
+#endif /* USE_UTMPX */
+
+ (void) setutmp (ut); /* make entry in the utmp & wtmp files */
+ free (ut);
+
+#ifdef USE_UTMPX
+ (void) setutmpx (utx); /* make entry in the utmpx & wtmpx files */
+ free (utx);
+#endif /* USE_UTMPX */
+}
+
+/*
+ * login - create a new login session for a user
+ *
+ * login is typically called by getty as the second step of a
+ * new user session. getty is responsible for setting the line
+ * characteristics to a reasonable set of values and getting
+ * the name of the user to be logged in. login may also be
+ * called to create a new user session on a pty for a variety
+ * of reasons, such as X servers or network logins.
+ *
+ * the flags which login supports are
+ *
+ * -p - preserve the environment
+ * -r - perform autologin protocol for rlogin
+ * -f - do not perform authentication, user is preauthenticated
+ * -h - the name of the remote host
+ */
+int main (int argc, char **argv)
+{
+ const char *tmptty;
+ char tty[BUFSIZ];
+
+#ifdef RLOGIN
+ char term[128] = "";
+#endif /* RLOGIN */
+#if defined(HAVE_STRFTIME) && !defined(USE_PAM)
+ char ptime[80];
+#endif
+ unsigned int delay;
+ unsigned int retries;
+ bool subroot = false;
+#ifndef USE_PAM
+ bool is_console;
+#endif
+ int err;
+ unsigned int timeout;
+ const char *cp;
+ const char *tmp;
+ char fromhost[512];
+ struct passwd *pwd = NULL;
+ char **envp = environ;
+ const char *failent_user;
+ /*@null@*/struct utmp *utent;
+
+#ifdef USE_PAM
+ int retcode;
+ pid_t child;
+ char *pam_user = NULL;
+#else
+ struct spwd *spwd = NULL;
+#endif
+ /*
+ * Some quick initialization.
+ */
+
+ sanitize_env ();
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ initenv ();
+
+ amroot = (getuid () == 0);
+ Prog = Basename (argv[0]);
+
+ if (geteuid() != 0) {
+ fprintf (stderr, _("%s: Cannot possibly work without effective root\n"), Prog);
+ exit (1);
+ }
+
+ process_flags (argc, argv);
+
+ if ((isatty (0) == 0) || (isatty (1) == 0) || (isatty (2) == 0)) {
+ exit (1); /* must be a terminal */
+ }
+
+ utent = get_current_utmp ();
+ /*
+ * Be picky if run by normal users (possible if installed setuid
+ * root), but not if run by root. This way it still allows logins
+ * even if your getty is broken, or if something corrupts utmp,
+ * but users must "exec login" which will use the existing utmp
+ * entry (will not overwrite remote hostname). --marekm
+ */
+ if (!amroot && (NULL == utent)) {
+ (void) puts (_("No utmp entry. You must exec \"login\" from the lowest level \"sh\""));
+ exit (1);
+ }
+ /* NOTE: utent might be NULL afterwards */
+
+ tmptty = ttyname (0);
+ if (NULL == tmptty) {
+ tmptty = "UNKNOWN";
+ }
+ STRFCPY (tty, tmptty);
+
+#ifndef USE_PAM
+ is_console = console (tty);
+#endif
+
+ if (rflg || hflg) {
+ /*
+ * Add remote hostname to the environment. I think
+ * (not sure) I saw it once on Irix. --marekm
+ */
+ addenv ("REMOTEHOST", hostname);
+ }
+ if (fflg) {
+ preauth_flag = true;
+ }
+ if (hflg) {
+ reason = PW_RLOGIN;
+ }
+#ifdef RLOGIN
+ if (rflg) {
+ assert (NULL == username);
+ username = xmalloc (USER_NAME_MAX_LENGTH + 1);
+ username[USER_NAME_MAX_LENGTH] = '\0';
+ if (do_rlogin (hostname, username, USER_NAME_MAX_LENGTH, term, sizeof term)) {
+ preauth_flag = true;
+ } else {
+ free (username);
+ username = NULL;
+ }
+ }
+#endif /* RLOGIN */
+
+ OPENLOG ("login");
+
+ setup_tty ();
+
+#ifndef USE_PAM
+ (void) umask (getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
+
+ {
+ /*
+ * Use the ULIMIT in the login.defs file, and if
+ * there isn't one, use the default value. The
+ * user may have one for themselves, but otherwise,
+ * just take what you get.
+ */
+ long limit = getdef_long ("ULIMIT", -1L);
+
+ if (limit != -1) {
+ set_filesize_limit (limit);
+ }
+ }
+
+#endif
+ /*
+ * The entire environment will be preserved if the -p flag
+ * is used.
+ */
+ if (pflg) {
+ while (NULL != *envp) { /* add inherited environment, */
+ addenv (*envp, NULL); /* some variables change later */
+ envp++;
+ }
+ }
+
+#ifdef RLOGIN
+ if (term[0] != '\0') {
+ addenv ("TERM", term);
+ } else
+#endif /* RLOGIN */
+ {
+ /* preserve TERM from getty */
+ if (!pflg) {
+ tmp = getenv ("TERM");
+ if (NULL != tmp) {
+ addenv ("TERM", tmp);
+ }
+ }
+ }
+
+ init_env ();
+
+ if (optind < argc) { /* now set command line variables */
+ set_env (argc - optind, &argv[optind]);
+ }
+
+ if (rflg || hflg) {
+ cp = hostname;
+#ifdef HAVE_STRUCT_UTMP_UT_HOST
+ } else if ((NULL != utent) && ('\0' != utent->ut_host[0])) {
+ cp = utent->ut_host;
+#endif /* HAVE_STRUCT_UTMP_UT_HOST */
+ } else {
+ cp = "";
+ }
+
+ if ('\0' != *cp) {
+ snprintf (fromhost, sizeof fromhost,
+ " on '%.100s' from '%.200s'", tty, cp);
+ } else {
+ snprintf (fromhost, sizeof fromhost,
+ " on '%.100s'", tty);
+ }
+
+ top:
+ /* only allow ALARM sec. for login */
+ timeout = getdef_unum ("LOGIN_TIMEOUT", ALARM);
+ snprintf (tmsg, sizeof tmsg,
+ _("\nLogin timed out after %u seconds.\n"), timeout);
+ (void) signal (SIGALRM, alarm_handler);
+ if (timeout > 0) {
+ (void) alarm (timeout);
+ }
+
+ environ = newenvp; /* make new environment active */
+ delay = getdef_unum ("FAIL_DELAY", 1);
+ retries = getdef_unum ("LOGIN_RETRIES", RETRIES);
+
+#ifdef USE_PAM
+ retcode = pam_start ("login", username, &conv, &pamh);
+ if (retcode != PAM_SUCCESS) {
+ fprintf (stderr,
+ _("login: PAM Failure, aborting: %s\n"),
+ pam_strerror (pamh, retcode));
+ SYSLOG ((LOG_ERR, "Couldn't initialize PAM: %s",
+ pam_strerror (pamh, retcode)));
+ exit (99);
+ }
+
+ /*
+ * hostname & tty are either set to NULL or their correct values,
+ * depending on how much we know. We also set PAM's fail delay to
+ * ours.
+ *
+ * PAM_RHOST and PAM_TTY are used for authentication, only use
+ * information coming from login or from the caller (e.g. no utmp)
+ */
+ retcode = pam_set_item (pamh, PAM_RHOST, hostname);
+ PAM_FAIL_CHECK;
+ retcode = pam_set_item (pamh, PAM_TTY, tty);
+ PAM_FAIL_CHECK;
+#ifdef HAS_PAM_FAIL_DELAY
+ retcode = pam_fail_delay (pamh, 1000000 * delay);
+ PAM_FAIL_CHECK;
+#endif
+ /* if fflg, then the user has already been authenticated */
+ if (!fflg) {
+ unsigned int failcount = 0;
+ char hostn[256];
+ char loginprompt[256]; /* That's one hell of a prompt :) */
+
+ /* Make the login prompt look like we want it */
+ if (gethostname (hostn, sizeof (hostn)) == 0) {
+ snprintf (loginprompt,
+ sizeof (loginprompt),
+ _("%s login: "), hostn);
+ } else {
+ strncpy (loginprompt, _("login: "),
+ sizeof (loginprompt));
+ }
+
+ retcode = pam_set_item (pamh, PAM_USER_PROMPT, loginprompt);
+ PAM_FAIL_CHECK;
+
+ /* if we didn't get a user on the command line,
+ set it to NULL */
+ get_pam_user (&pam_user);
+ if ((NULL != pam_user) && ('\0' == pam_user[0])) {
+ retcode = pam_set_item (pamh, PAM_USER, NULL);
+ PAM_FAIL_CHECK;
+ }
+
+ /*
+ * There may be better ways to deal with some of
+ * these conditions, but at least this way I don't
+ * think we'll be giving away information. Perhaps
+ * someday we can trust that all PAM modules will
+ * pay attention to failure count and get rid of
+ * MAX_LOGIN_TRIES?
+ */
+ failcount = 0;
+ while (true) {
+ bool failed = false;
+
+ failcount++;
+#ifdef HAS_PAM_FAIL_DELAY
+ if (delay > 0) {
+ retcode = pam_fail_delay(pamh, 1000000*delay);
+ PAM_FAIL_CHECK;
+ }
+#endif
+
+ retcode = pam_authenticate (pamh, 0);
+
+ get_pam_user (&pam_user);
+ failent_user = get_failent_user (pam_user);
+
+ if (retcode == PAM_MAXTRIES) {
+ SYSLOG ((LOG_NOTICE,
+ "TOO MANY LOGIN TRIES (%u)%s FOR '%s'",
+ failcount, fromhost, failent_user));
+ fprintf (stderr,
+ _("Maximum number of tries exceeded (%u)\n"),
+ failcount);
+ PAM_END;
+ exit(0);
+ } else if (retcode == PAM_ABORT) {
+ /* Serious problems, quit now */
+ (void) fputs (_("login: abort requested by PAM\n"), stderr);
+ SYSLOG ((LOG_ERR,"PAM_ABORT returned from pam_authenticate()"));
+ PAM_END;
+ exit(99);
+ } else if (retcode != PAM_SUCCESS) {
+ SYSLOG ((LOG_NOTICE,"FAILED LOGIN (%u)%s FOR '%s', %s",
+ failcount, fromhost, failent_user,
+ pam_strerror (pamh, retcode)));
+ failed = true;
+ }
+
+ if (!failed) {
+ break;
+ }
+
+#ifdef WITH_AUDIT
+ audit_fd = audit_open ();
+ audit_log_acct_message (audit_fd,
+ AUDIT_USER_LOGIN,
+ NULL, /* Prog. name */
+ "login",
+ failent_user,
+ AUDIT_NO_ID,
+ hostname,
+ NULL, /* addr */
+ tty,
+ 0); /* result */
+ close (audit_fd);
+#endif /* WITH_AUDIT */
+
+ (void) puts ("");
+ (void) puts (_("Login incorrect"));
+
+ if (failcount >= retries) {
+ SYSLOG ((LOG_NOTICE,
+ "TOO MANY LOGIN TRIES (%u)%s FOR '%s'",
+ failcount, fromhost, failent_user));
+ fprintf (stderr,
+ _("Maximum number of tries exceeded (%u)\n"),
+ failcount);
+ PAM_END;
+ exit(0);
+ }
+
+ /*
+ * Let's give it another go around.
+ * Even if a username was given on the command
+ * line, prompt again for the username.
+ */
+ retcode = pam_set_item (pamh, PAM_USER, NULL);
+ PAM_FAIL_CHECK;
+ }
+
+ /* We don't get here unless they were authenticated above */
+ (void) alarm (0);
+ }
+
+ /* Check the account validity */
+ retcode = pam_acct_mgmt (pamh, 0);
+ if (retcode == PAM_NEW_AUTHTOK_REQD) {
+ retcode = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
+ }
+ PAM_FAIL_CHECK;
+
+ /* Open the PAM session */
+ get_pam_user (&pam_user);
+ retcode = pam_open_session (pamh, hushed (pam_user) ? PAM_SILENT : 0);
+ PAM_FAIL_CHECK;
+
+ /* Grab the user information out of the password file for future usage
+ * First get the username that we are actually using, though.
+ *
+ * From now on, we will discard changes of the user (PAM_USER) by
+ * PAM APIs.
+ */
+ get_pam_user (&pam_user);
+ if (NULL != username) {
+ free (username);
+ }
+ username = xstrdup (pam_user);
+ failent_user = get_failent_user (username);
+
+ pwd = xgetpwnam (username);
+ if (NULL == pwd) {
+ SYSLOG ((LOG_ERR, "cannot find user %s", failent_user));
+ fprintf (stderr,
+ _("Cannot find user (%s)\n"),
+ username);
+ exit (1);
+ }
+
+ /* This set up the process credential (group) and initialize the
+ * supplementary group access list.
+ * This has to be done before pam_setcred
+ */
+ if (setup_groups (pwd) != 0) {
+ exit (1);
+ }
+
+ retcode = pam_setcred (pamh, PAM_ESTABLISH_CRED);
+ PAM_FAIL_CHECK;
+ /* NOTE: If pam_setcred changes PAM_USER, this will not be taken
+ * into account.
+ */
+
+#else /* ! USE_PAM */
+ while (true) { /* repeatedly get login/password pairs */
+ bool failed;
+ /* user_passwd is always a pointer to this constant string
+ * or a passwd or shadow password that will be memzero by
+ * pw_free / spw_free.
+ * Do not free() user_passwd. */
+ const char *user_passwd = "!";
+
+ /* Do some cleanup to avoid keeping entries we do not need
+ * anymore. */
+ if (NULL != pwd) {
+ pw_free (pwd);
+ pwd = NULL;
+ }
+ if (NULL != spwd) {
+ spw_free (spwd);
+ spwd = NULL;
+ }
+
+ failed = false; /* haven't failed authentication yet */
+ if (NULL == username) { /* need to get a login id */
+ if (subroot) {
+ closelog ();
+ exit (1);
+ }
+ preauth_flag = false;
+ username = xmalloc (USER_NAME_MAX_LENGTH + 1);
+ username[USER_NAME_MAX_LENGTH] = '\0';
+ login_prompt (_("\n%s login: "), username, USER_NAME_MAX_LENGTH);
+
+ if ('\0' == username[0]) {
+ /* Prompt for a new login */
+ free (username);
+ username = NULL;
+ continue;
+ }
+ }
+ /* Get the username to be used to log failures */
+ failent_user = get_failent_user (username);
+
+ pwd = xgetpwnam (username);
+ if (NULL == pwd) {
+ preauth_flag = false;
+ failed = true;
+ } else {
+ user_passwd = pwd->pw_passwd;
+ /*
+ * If the encrypted password begins with a "!",
+ * the account is locked and the user cannot
+ * login, even if they have been
+ * "pre-authenticated."
+ */
+ if ( ('!' == user_passwd[0])
+ || ('*' == user_passwd[0])) {
+ failed = true;
+ }
+ }
+
+ if (strcmp (user_passwd, SHADOW_PASSWD_STRING) == 0) {
+ spwd = xgetspnam (username);
+ if (NULL != spwd) {
+ user_passwd = spwd->sp_pwdp;
+ } else {
+ /* The user exists in passwd, but not in
+ * shadow. SHADOW_PASSWD_STRING indicates
+ * that the password shall be in shadow.
+ */
+ SYSLOG ((LOG_WARN,
+ "no shadow password for '%s'%s",
+ username, fromhost));
+ }
+ }
+
+ /*
+ * The -r and -f flags provide a name which has already
+ * been authenticated by some server.
+ */
+ if (preauth_flag) {
+ goto auth_ok;
+ }
+
+ if (pw_auth (user_passwd, username, reason, (char *) 0) == 0) {
+ goto auth_ok;
+ }
+
+ SYSLOG ((LOG_WARN, "invalid password for '%s' %s",
+ failent_user, fromhost));
+ failed = true;
+
+ auth_ok:
+ /*
+ * This is the point where all authenticated users wind up.
+ * If you reach this far, your password has been
+ * authenticated and so on.
+ */
+ if ( !failed
+ && (NULL != pwd)
+ && (0 == pwd->pw_uid)
+ && !is_console) {
+ SYSLOG ((LOG_CRIT, "ILLEGAL ROOT LOGIN %s", fromhost));
+ failed = true;
+ }
+ if ( !failed
+ && !login_access (username, ('\0' != *hostname) ? hostname : tty)) {
+ SYSLOG ((LOG_WARN, "LOGIN '%s' REFUSED %s",
+ username, fromhost));
+ failed = true;
+ }
+ if ( (NULL != pwd)
+ && getdef_bool ("FAILLOG_ENAB")
+ && !failcheck (pwd->pw_uid, &faillog, failed)) {
+ SYSLOG ((LOG_CRIT,
+ "exceeded failure limit for '%s' %s",
+ username, fromhost));
+ failed = true;
+ }
+ if (!failed) {
+ break;
+ }
+
+ /* don't log non-existent users */
+ if ((NULL != pwd) && getdef_bool ("FAILLOG_ENAB")) {
+ failure (pwd->pw_uid, tty, &faillog);
+ }
+ if (getdef_str ("FTMP_FILE") != NULL) {
+#ifdef USE_UTMPX
+ struct utmpx *failent =
+ prepare_utmpx (failent_user,
+ tty,
+ /* FIXME: or fromhost? */hostname,
+ utent);
+#else /* !USE_UTMPX */
+ struct utmp *failent =
+ prepare_utmp (failent_user,
+ tty,
+ hostname,
+ utent);
+#endif /* !USE_UTMPX */
+ failtmp (failent_user, failent);
+ free (failent);
+ }
+
+ retries--;
+ if (retries <= 0) {
+ SYSLOG ((LOG_CRIT, "REPEATED login failures%s",
+ fromhost));
+ }
+
+ /*
+ * If this was a passwordless account and we get here, login
+ * was denied (securetty, faillog, etc.). There was no
+ * password prompt, so do it now (will always fail - the bad
+ * guys won't see that the passwordless account exists at
+ * all). --marekm
+ */
+ if (user_passwd[0] == '\0') {
+ pw_auth ("!", username, reason, (char *) 0);
+ }
+
+ /*
+ * Authentication of this user failed.
+ * The username must be confirmed in the next try.
+ */
+ free (username);
+ username = NULL;
+
+ /*
+ * Wait a while (a la SVR4 /usr/bin/login) before attempting
+ * to login the user again. If the earlier alarm occurs
+ * before the sleep() below completes, login will exit.
+ */
+ if (delay > 0) {
+ (void) sleep (delay);
+ }
+
+ (void) puts (_("Login incorrect"));
+
+ /* allow only one attempt with -r or -f */
+ if (rflg || fflg || (retries <= 0)) {
+ closelog ();
+ exit (1);
+ }
+ } /* while (true) */
+#endif /* ! USE_PAM */
+ assert (NULL != username);
+ assert (NULL != pwd);
+
+ (void) alarm (0); /* turn off alarm clock */
+
+#ifndef USE_PAM /* PAM does this */
+ /*
+ * porttime checks moved here, after the user has been
+ * authenticated. now prints a message, as suggested
+ * by Ivan Nejgebauer <ian@unsux.ns.ac.yu>. --marekm
+ */
+ if ( getdef_bool ("PORTTIME_CHECKS_ENAB")
+ && !isttytime (username, tty, time ((time_t *) 0))) {
+ SYSLOG ((LOG_WARN, "invalid login time for '%s'%s",
+ username, fromhost));
+ closelog ();
+ bad_time_notify ();
+ exit (1);
+ }
+
+ check_nologin (pwd->pw_uid == 0);
+#endif
+
+ if (getenv ("IFS")) { /* don't export user IFS ... */
+ addenv ("IFS= \t\n", NULL); /* ... instead, set a safe IFS */
+ }
+
+ if (pwd->pw_shell[0] == '*') { /* subsystem root */
+ pwd->pw_shell++; /* skip the '*' */
+ subsystem (pwd); /* figure out what to execute */
+ subroot = true; /* say I was here again */
+ endpwent (); /* close all of the file which were */
+ endgrent (); /* open in the original rooted file */
+ endspent (); /* system. they will be re-opened */
+#ifdef SHADOWGRP
+ endsgent (); /* in the new rooted file system */
+#endif
+ goto top; /* go do all this all over again */
+ }
+
+#ifdef WITH_AUDIT
+ audit_fd = audit_open ();
+ audit_log_acct_message (audit_fd,
+ AUDIT_USER_LOGIN,
+ NULL, /* Prog. name */
+ "login",
+ username,
+ AUDIT_NO_ID,
+ hostname,
+ NULL, /* addr */
+ tty,
+ 1); /* result */
+ close (audit_fd);
+#endif /* WITH_AUDIT */
+
+#ifndef USE_PAM /* pam_lastlog handles this */
+ if (getdef_bool ("LASTLOG_ENAB")) { /* give last login and log this one */
+ dolastlog (&ll, pwd, tty, hostname);
+ }
+#endif
+
+#ifndef USE_PAM /* PAM handles this as well */
+ /*
+ * Have to do this while we still have root privileges, otherwise we
+ * don't have access to /etc/shadow.
+ */
+ if (NULL != spwd) { /* check for age of password */
+ if (expire (pwd, spwd)) {
+ /* The user updated her password, get the new
+ * entries.
+ * Use the x variants because we need to keep the
+ * entry for a long time, and there might be other
+ * getxxyy in between.
+ */
+ pw_free (pwd);
+ pwd = xgetpwnam (username);
+ if (NULL == pwd) {
+ SYSLOG ((LOG_ERR,
+ "cannot find user %s after update of expired password",
+ username));
+ exit (1);
+ }
+ spw_free (spwd);
+ spwd = xgetspnam (username);
+ }
+ }
+ setup_limits (pwd); /* nice, ulimit etc. */
+#endif /* ! USE_PAM */
+ chown_tty (pwd);
+
+#ifdef USE_PAM
+ /*
+ * We must fork before setuid() because we need to call
+ * pam_close_session() as root.
+ */
+ (void) signal (SIGINT, SIG_IGN);
+ child = fork ();
+ if (child < 0) {
+ /* error in fork() */
+ fprintf (stderr, _("%s: failure forking: %s"),
+ Prog, strerror (errno));
+ PAM_END;
+ exit (0);
+ } else if (child != 0) {
+ /*
+ * parent - wait for child to finish, then cleanup
+ * session
+ */
+ wait (NULL);
+ PAM_END;
+ exit (0);
+ }
+ /* child */
+#endif
+
+ /* If we were init, we need to start a new session */
+ if (getppid() == 1) {
+ setsid();
+ if (ioctl(0, TIOCSCTTY, 1) != 0) {
+ fprintf (stderr, _("TIOCSCTTY failed on %s"), tty);
+ }
+ }
+
+ /*
+ * The utmp entry needs to be updated to indicate the new status
+ * of the session, the new PID and SID.
+ */
+ update_utmp (username, tty, hostname, utent);
+
+ /* The pwd and spwd entries for the user have been copied.
+ *
+ * Close all the files so that unauthorized access won't occur.
+ */
+ endpwent (); /* stop access to password file */
+ endgrent (); /* stop access to group file */
+ endspent (); /* stop access to shadow passwd file */
+#ifdef SHADOWGRP
+ endsgent (); /* stop access to shadow group file */
+#endif
+
+ /* Drop root privileges */
+#ifndef USE_PAM
+ if (setup_uid_gid (pwd, is_console))
+#else
+ /* The group privileges were already dropped.
+ * See setup_groups() above.
+ */
+ if (change_uid (pwd))
+#endif
+ {
+ exit (1);
+ }
+
+ setup_env (pwd); /* set env vars, cd to the home dir */
+
+#ifdef USE_PAM
+ {
+ const char *const *env;
+
+ env = (const char *const *) pam_getenvlist (pamh);
+ while ((NULL != env) && (NULL != *env)) {
+ addenv (*env, NULL);
+ env++;
+ }
+ }
+#endif
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ if (!hushed (username)) {
+ addenv ("HUSHLOGIN=FALSE", NULL);
+ /*
+ * pam_unix, pam_mail and pam_lastlog should take care of
+ * this
+ */
+#ifndef USE_PAM
+ motd (); /* print the message of the day */
+ if ( getdef_bool ("FAILLOG_ENAB")
+ && (0 != faillog.fail_cnt)) {
+ failprint (&faillog);
+ /* Reset the lockout times if logged in */
+ if ( (0 != faillog.fail_max)
+ && (faillog.fail_cnt >= faillog.fail_max)) {
+ (void) puts (_("Warning: login re-enabled after temporary lockout."));
+ SYSLOG ((LOG_WARN,
+ "login '%s' re-enabled after temporary lockout (%d failures)",
+ username, (int) faillog.fail_cnt));
+ }
+ }
+ if ( getdef_bool ("LASTLOG_ENAB")
+ && (ll.ll_time != 0)) {
+ time_t ll_time = ll.ll_time;
+
+#ifdef HAVE_STRFTIME
+ (void) strftime (ptime, sizeof (ptime),
+ "%a %b %e %H:%M:%S %z %Y",
+ localtime (&ll_time));
+ printf (_("Last login: %s on %s"),
+ ptime, ll.ll_line);
+#else
+ printf (_("Last login: %.19s on %s"),
+ ctime (&ll_time), ll.ll_line);
+#endif
+#ifdef HAVE_LL_HOST /* __linux__ || SUN4 */
+ if ('\0' != ll.ll_host[0]) {
+ printf (_(" from %.*s"),
+ (int) sizeof ll.ll_host, ll.ll_host);
+ }
+#endif
+ printf (".\n");
+ }
+ agecheck (spwd);
+
+ mailcheck (); /* report on the status of mail */
+#endif /* !USE_PAM */
+ } else {
+ addenv ("HUSHLOGIN=TRUE", NULL);
+ }
+
+ ttytype (tty);
+
+ (void) signal (SIGQUIT, SIG_DFL); /* default quit signal */
+ (void) signal (SIGTERM, SIG_DFL); /* default terminate signal */
+ (void) signal (SIGALRM, SIG_DFL); /* default alarm signal */
+ (void) signal (SIGHUP, SIG_DFL); /* added this. --marekm */
+ (void) signal (SIGINT, SIG_DFL); /* default interrupt signal */
+
+ if (0 == pwd->pw_uid) {
+ SYSLOG ((LOG_NOTICE, "ROOT LOGIN %s", fromhost));
+ } else if (getdef_bool ("LOG_OK_LOGINS")) {
+ SYSLOG ((LOG_INFO, "'%s' logged in %s", username, fromhost));
+ }
+ closelog ();
+ tmp = getdef_str ("FAKE_SHELL");
+ if (NULL != tmp) {
+ err = shell (tmp, pwd->pw_shell, newenvp); /* fake shell */
+ } else {
+ /* exec the shell finally */
+ err = shell (pwd->pw_shell, (char *) 0, newenvp);
+ }
+
+ return ((err == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+}
+
diff --git a/src/login_nopam.c b/src/login_nopam.c
new file mode 100644
index 0000000..68a3775
--- /dev/null
+++ b/src/login_nopam.c
@@ -0,0 +1,336 @@
+/* Taken from logdaemon-5.0, only minimal changes. --marekm */
+
+/************************************************************************
+* Copyright 1995 by Wietse Venema. All rights reserved. Individual files
+* may be covered by other copyrights (as noted in the file itself.)
+*
+* This material was originally written and compiled by Wietse Venema at
+* Eindhoven University of Technology, The Netherlands, in 1990, 1991,
+* 1992, 1993, 1994 and 1995.
+*
+* Redistribution and use in source and binary forms are permitted
+* provided that this entire copyright notice is duplicated in all such
+* copies.
+*
+* This software is provided "as is" and without any expressed or implied
+* warranties, including, without limitation, the implied warranties of
+* merchantibility and fitness for any particular purpose.
+************************************************************************/
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#ifndef USE_PAM
+#ident "$Id$"
+
+#include "prototypes.h"
+ /*
+ * This module implements a simple but effective form of login access
+ * control based on login names and on host (or domain) names, internet
+ * addresses (or network numbers), or on terminal line names in case of
+ * non-networked logins. Diagnostics are reported through syslog(3).
+ *
+ * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
+ */
+#include <sys/types.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <ctype.h>
+#ifdef HAVE_NETDB_H
+#include <netdb.h>
+#endif
+#include <grp.h>
+#ifdef PRIMARY_GROUP_MATCH
+#include <pwd.h>
+#endif
+#include <errno.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h> /* for inet_ntoa() */
+
+#if !defined(MAXHOSTNAMELEN) || (MAXHOSTNAMELEN < 64)
+#undef MAXHOSTNAMELEN
+#define MAXHOSTNAMELEN 256
+#endif
+
+ /* Path name of the access control file. */
+#ifndef TABLE
+#define TABLE "/etc/login.access"
+#endif
+
+/* Delimiters for fields and for lists of users, ttys or hosts. */
+static char fs[] = ":"; /* field separator */
+static char sep[] = ", \t"; /* list-element separator */
+
+static bool list_match (char *list, const char *item, bool (*match_fn) (const char *, const char *));
+static bool user_match (const char *tok, const char *string);
+static bool from_match (const char *tok, const char *string);
+static bool string_match (const char *tok, const char *string);
+static const char *resolve_hostname (const char *string);
+
+/* login_access - match username/group and host/tty with access control file */
+int login_access (const char *user, const char *from)
+{
+ FILE *fp;
+ char line[BUFSIZ];
+ char *perm; /* becomes permission field */
+ char *users; /* becomes list of login names */
+ char *froms; /* becomes list of terminals or hosts */
+ bool match = false;
+
+ /*
+ * Process the table one line at a time and stop at the first match.
+ * Blank lines and lines that begin with a '#' character are ignored.
+ * Non-comment lines are broken at the ':' character. All fields are
+ * mandatory. The first field should be a "+" or "-" character. A
+ * non-existing table means no access control.
+ */
+ fp = fopen (TABLE, "r");
+ if (NULL != fp) {
+ int lineno = 0; /* for diagnostics */
+ while ( !match
+ && (fgets (line, (int) sizeof (line), fp) == line)) {
+ int end;
+ lineno++;
+ end = (int) strlen (line) - 1;
+ if (line[end] != '\n') {
+ SYSLOG ((LOG_ERR,
+ "%s: line %d: missing newline or line too long",
+ TABLE, lineno));
+ continue;
+ }
+ if (line[0] == '#') {
+ continue; /* comment line */
+ }
+ while (end > 0 && isspace (line[end - 1])) {
+ end--;
+ }
+ line[end] = '\0'; /* strip trailing whitespace */
+ if (line[0] == '\0') { /* skip blank lines */
+ continue;
+ }
+ if ( ((perm = strtok (line, fs)) == NULL)
+ || ((users = strtok ((char *) 0, fs)) == NULL)
+ || ((froms = strtok ((char *) 0, fs)) == NULL)
+ || (strtok ((char *) 0, fs) != NULL)) {
+ SYSLOG ((LOG_ERR,
+ "%s: line %d: bad field count",
+ TABLE, lineno));
+ continue;
+ }
+ if (perm[0] != '+' && perm[0] != '-') {
+ SYSLOG ((LOG_ERR,
+ "%s: line %d: bad first field",
+ TABLE, lineno));
+ continue;
+ }
+ match = ( list_match (froms, from, from_match)
+ && list_match (users, user, user_match));
+ }
+ (void) fclose (fp);
+ } else if (errno != ENOENT) {
+ int err = errno;
+ SYSLOG ((LOG_ERR, "cannot open %s: %s", TABLE, strerror (err)));
+ }
+ return (!match || (line[0] == '+'))?1:0;
+}
+
+/* list_match - match an item against a list of tokens with exceptions */
+static bool list_match (char *list, const char *item, bool (*match_fn) (const char *, const char*))
+{
+ char *tok;
+ bool match = false;
+
+ /*
+ * Process tokens one at a time. We have exhausted all possible matches
+ * when we reach an "EXCEPT" token or the end of the list. If we do find
+ * a match, look for an "EXCEPT" list and recurse to determine whether
+ * the match is affected by any exceptions.
+ */
+ for (tok = strtok (list, sep); tok != NULL; tok = strtok ((char *) 0, sep)) {
+ if (strcasecmp (tok, "EXCEPT") == 0) { /* EXCEPT: give up */
+ break;
+ }
+ match = (*match_fn) (tok, item);
+ if (match) {
+ break;
+ }
+ }
+
+ /* Process exceptions to matches. */
+ if (match) {
+ while ( ((tok = strtok ((char *) 0, sep)) != NULL)
+ && (strcasecmp (tok, "EXCEPT") != 0))
+ /* VOID */ ;
+ if (tok == 0 || !list_match ((char *) 0, item, match_fn)) {
+ return (match);
+ }
+ }
+ return false;
+}
+
+/* myhostname - figure out local machine name */
+static char *myhostname (void)
+{
+ static char name[MAXHOSTNAMELEN + 1] = "";
+
+ if (name[0] == '\0') {
+ gethostname (name, sizeof (name));
+ name[MAXHOSTNAMELEN] = '\0';
+ }
+ return (name);
+}
+
+#if HAVE_INNETGR
+/* netgroup_match - match group against machine or user */
+static bool
+netgroup_match (const char *group, const char *machine, const char *user)
+{
+ static char *mydomain = (char *)0;
+
+ if (mydomain == (char *)0) {
+ static char domain[MAXHOSTNAMELEN + 1];
+
+ getdomainname (domain, MAXHOSTNAMELEN);
+ mydomain = domain;
+ }
+
+ return (innetgr (group, machine, user, mydomain) != 0);
+}
+#endif
+
+/* user_match - match a username against one token */
+static bool user_match (const char *tok, const char *string)
+{
+ struct group *group;
+
+#ifdef PRIMARY_GROUP_MATCH
+ struct passwd *userinf;
+#endif
+ char *at;
+
+ /*
+ * If a token has the magic value "ALL" the match always succeeds.
+ * Otherwise, return true if the token fully matches the username, or if
+ * the token is a group that contains the username.
+ */
+ at = strchr (tok + 1, '@');
+ if (NULL != at) { /* split user@host pattern */
+ *at = '\0';
+ return ( user_match (tok, string)
+ && from_match (at + 1, myhostname ()));
+#if HAVE_INNETGR
+ } else if (tok[0] == '@') { /* netgroup */
+ return (netgroup_match (tok + 1, (char *) 0, string));
+#endif
+ } else if (string_match (tok, string)) { /* ALL or exact match */
+ return true;
+ /* local, no need for xgetgrnam */
+ } else if ((group = getgrnam (tok)) != NULL) { /* try group membership */
+ int i;
+ for (i = 0; NULL != group->gr_mem[i]; i++) {
+ if (strcasecmp (string, group->gr_mem[i]) == 0) {
+ return true;
+ }
+ }
+#ifdef PRIMARY_GROUP_MATCH
+ /*
+ * If the string is an user whose initial GID matches the token,
+ * accept it. May avoid excessively long lines in /etc/group.
+ * Radu-Adrian Feurdean <raf@licj.soroscj.ro>
+ *
+ * XXX - disabled by default for now. Need to verify that
+ * getpwnam() doesn't have some nasty side effects. --marekm
+ */
+ /* local, no need for xgetpwnam */
+ userinf = getpwnam (string);
+ if (NULL != userinf) {
+ if (userinf->pw_gid == group->gr_gid) {
+ return true;
+ }
+ }
+#endif
+ }
+ return false;
+}
+
+static const char *resolve_hostname (const char *string)
+{
+ /*
+ * Resolve hostname to numeric IP address, as suggested
+ * by Dave Hagewood <admin@arrowweb.com>. --marekm
+ */
+ struct hostent *hp;
+
+ hp = gethostbyname (string);
+ if (NULL != hp) {
+ return inet_ntoa (*((struct in_addr *) *(hp->h_addr_list)));
+ }
+
+ SYSLOG ((LOG_ERR, "%s - unknown host", string));
+ return string;
+}
+
+/* from_match - match a host or tty against a list of tokens */
+
+static bool from_match (const char *tok, const char *string)
+{
+ size_t tok_len;
+
+ /*
+ * If a token has the magic value "ALL" the match always succeeds. Return
+ * true if the token fully matches the string. If the token is a domain
+ * name, return true if it matches the last fields of the string. If the
+ * token has the magic value "LOCAL", return true if the string does not
+ * contain a "." character. If the token is a network number, return true
+ * if it matches the head of the string.
+ */
+#if HAVE_INNETGR
+ if (tok[0] == '@') { /* netgroup */
+ return (netgroup_match (tok + 1, string, (char *) 0));
+ } else
+#endif
+ if (string_match (tok, string)) { /* ALL or exact match */
+ return true;
+ } else if (tok[0] == '.') { /* domain: match last fields */
+ size_t str_len;
+ str_len = strlen (string);
+ tok_len = strlen (tok);
+ if ( (str_len > tok_len)
+ && (strcasecmp (tok, string + str_len - tok_len) == 0)) {
+ return true;
+ }
+ } else if (strcasecmp (tok, "LOCAL") == 0) { /* local: no dots */
+ if (strchr (string, '.') == NULL) {
+ return true;
+ }
+ } else if ( (tok[(tok_len = strlen (tok)) - 1] == '.') /* network */
+ && (strncmp (tok, resolve_hostname (string), tok_len) == 0)) {
+ return true;
+ }
+ return false;
+}
+
+/* string_match - match a string against one token */
+static bool string_match (const char *tok, const char *string)
+{
+
+ /*
+ * If the token has the magic value "ALL" the match always succeeds.
+ * Otherwise, return true if the token fully matches the string.
+ */
+ if (strcasecmp (tok, "ALL") == 0) { /* all: always matches */
+ return true;
+ } else if (strcasecmp (tok, string) == 0) { /* try exact match */
+ return true;
+ }
+ return false;
+}
+
+#else /* !USE_PAM */
+extern int errno; /* warning: ANSI C forbids an empty source file */
+#endif /* !USE_PAM */
diff --git a/src/logoutd.c b/src/logoutd.c
new file mode 100644
index 0000000..1503a74
--- /dev/null
+++ b/src/logoutd.c
@@ -0,0 +1,299 @@
+/*
+ * Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include "defines.h"
+#include "prototypes.h"
+/*
+ * Global variables
+ */
+const char *Prog;
+
+#ifndef DEFAULT_HUP_MESG
+#define DEFAULT_HUP_MESG _("login time exceeded\n\n")
+#endif
+
+#ifndef HUP_MESG_FILE
+#define HUP_MESG_FILE "/etc/logoutd.mesg"
+#endif
+
+/* local function prototypes */
+#ifdef USE_UTMPX
+static int check_login (const struct utmpx *ut);
+#else /* !USE_UTMPX */
+static int check_login (const struct utmp *ut);
+#endif /* !USE_UTMPX */
+static void send_mesg_to_tty (int tty_fd);
+
+/*
+ * check_login - check if user (struct utmpx/utmp) allowed to stay logged in
+ */
+#ifdef USE_UTMPX
+static int check_login (const struct utmpx *ut)
+#else /* !USE_UTMPX */
+static int check_login (const struct utmp *ut)
+#endif /* !USE_UTMPX */
+{
+ char user[sizeof (ut->ut_user) + 1];
+ time_t now;
+
+ /*
+ * ut_user may not have the terminating NUL.
+ */
+ strncpy (user, ut->ut_user, sizeof (ut->ut_user));
+ user[sizeof (ut->ut_user)] = '\0';
+
+ (void) time (&now);
+
+ /*
+ * Check if they are allowed to be logged in right now.
+ */
+ if (!isttytime (user, ut->ut_line, now)) {
+ return 0;
+ }
+ return 1;
+}
+
+
+static void send_mesg_to_tty (int tty_fd)
+{
+ TERMIO oldt, newt;
+ FILE *mesg_file, *tty_file;
+ bool is_tty;
+
+ tty_file = fdopen (tty_fd, "w");
+ if (NULL == tty_file) {
+ return;
+ }
+
+ is_tty = (GTTY (tty_fd, &oldt) == 0);
+ if (is_tty) {
+ /* Suggested by Ivan Nejgebauar <ian@unsux.ns.ac.yu>:
+ set OPOST before writing the message. */
+ newt = oldt;
+ newt.c_oflag |= OPOST;
+ STTY (tty_fd, &newt);
+ }
+
+ mesg_file = fopen (HUP_MESG_FILE, "r");
+ if (NULL != mesg_file) {
+ int c;
+ while ((c = getc (mesg_file)) != EOF) {
+ if (c == '\n') {
+ putc ('\r', tty_file);
+ }
+ putc (c, tty_file);
+ }
+ fclose (mesg_file);
+ } else {
+ fputs (DEFAULT_HUP_MESG, tty_file);
+ }
+ fflush (tty_file);
+ fclose (tty_file);
+
+ if (is_tty) {
+ STTY (tty_fd, &oldt);
+ }
+}
+
+
+/*
+ * logoutd - logout daemon to enforce /etc/porttime file policy
+ *
+ * logoutd is started at system boot time and enforces the login
+ * time and port restrictions specified in /etc/porttime. The
+ * utmpx/utmp file is periodically scanned and offending users are logged
+ * off from the system.
+ */
+int main (int argc, char **argv)
+{
+ int i;
+ int status;
+ pid_t pid;
+
+#ifdef USE_UTMPX
+ struct utmpx *ut;
+#else /* !USE_UTMPX */
+ struct utmp *ut;
+#endif /* !USE_UTMPX */
+ char user[sizeof (ut->ut_user) + 1]; /* terminating NUL */
+ char tty_name[sizeof (ut->ut_line) + 6]; /* /dev/ + NUL */
+ int tty_fd;
+
+ if (1 != argc) {
+ (void) fputs (_("Usage: logoutd\n"), stderr);
+ }
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+#ifndef DEBUG
+ for (i = 0; close (i) == 0; i++);
+
+ setpgrp ();
+
+ /*
+ * Put this process in the background.
+ */
+ pid = fork ();
+ if (pid > 0) {
+ /* parent */
+ exit (EXIT_SUCCESS);
+ } else if (pid < 0) {
+ /* error */
+ perror ("fork");
+ exit (EXIT_FAILURE);
+ }
+#endif /* !DEBUG */
+
+ /*
+ * Start syslogging everything
+ */
+ Prog = Basename (argv[0]);
+
+ OPENLOG ("logoutd");
+
+ /*
+ * Scan the utmpx/utmp file once per minute looking for users that
+ * are not supposed to still be logged in.
+ */
+ while (true) {
+
+ /*
+ * Attempt to re-open the utmpx/utmp file. The file is only
+ * open while it is being used.
+ */
+#ifdef USE_UTMPX
+ setutxent ();
+#else /* !USE_UTMPX */
+ setutent ();
+#endif /* !USE_UTMPX */
+
+ /*
+ * Read all of the entries in the utmpx/utmp file. The entries
+ * for login sessions will be checked to see if the user
+ * is permitted to be signed on at this time.
+ */
+#ifdef USE_UTMPX
+ while ((ut = getutxent ()) != NULL)
+#else /* !USE_UTMPX */
+ while ((ut = getutent ()) != NULL)
+#endif /* !USE_UTMPX */
+ {
+ if (ut->ut_type != USER_PROCESS) {
+ continue;
+ }
+ if (ut->ut_user[0] == '\0') {
+ continue;
+ }
+ if (check_login (ut)) {
+ continue;
+ }
+
+ /*
+ * Put the rest of this in a child process. This
+ * keeps the scan from waiting on other ports to die.
+ */
+
+ pid = fork ();
+ if (pid > 0) {
+ /* parent */
+ continue;
+ } else if (pid < 0) {
+ /* failed - give up until the next scan */
+ break;
+ }
+ /* child */
+
+ if (strncmp (ut->ut_line, "/dev/", 5) != 0) {
+ strcpy (tty_name, "/dev/");
+ } else {
+ tty_name[0] = '\0';
+ }
+
+ strcat (tty_name, ut->ut_line);
+#ifndef O_NOCTTY
+#define O_NOCTTY 0
+#endif
+ tty_fd =
+ open (tty_name, O_WRONLY | O_NDELAY | O_NOCTTY);
+ if (tty_fd != -1) {
+ send_mesg_to_tty (tty_fd);
+ close (tty_fd);
+ sleep (10);
+ }
+
+ if (ut->ut_pid > 1) {
+ kill (-ut->ut_pid, SIGHUP);
+ sleep (10);
+ kill (-ut->ut_pid, SIGKILL);
+ }
+
+ strncpy (user, ut->ut_user, sizeof (user) - 1);
+ user[sizeof (user) - 1] = '\0';
+
+ SYSLOG ((LOG_NOTICE,
+ "logged off user '%s' on '%s'", user,
+ tty_name));
+
+ /*
+ * This child has done all it can, drop dead.
+ */
+ exit (EXIT_SUCCESS);
+ }
+
+#ifdef USE_UTMPX
+ endutxent ();
+#else /* !USE_UTMPX */
+ endutent ();
+#endif /* !USE_UTMPX */
+
+#ifndef DEBUG
+ sleep (60);
+#endif
+ /*
+ * Reap any dead babies ...
+ */
+ while (wait (&status) != -1);
+ }
+
+ return EXIT_FAILURE;
+}
+
diff --git a/src/newgidmap.c b/src/newgidmap.c
new file mode 100644
index 0000000..b1e3351
--- /dev/null
+++ b/src/newgidmap.c
@@ -0,0 +1,186 @@
+/*
+ * Copyright (c) 2013 Eric Biederman
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "subordinateio.h"
+#include "idmapping.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool verify_range(struct passwd *pw, struct map_range *range)
+{
+ /* An empty range is invalid */
+ if (range->count == 0)
+ return false;
+
+ /* Test /etc/subgid */
+ if (have_sub_gids(pw->pw_name, range->lower, range->count))
+ return true;
+
+ /* Allow a process to map its own gid */
+ if ((range->count == 1) && (pw->pw_gid == range->lower))
+ return true;
+
+ return false;
+}
+
+static void verify_ranges(struct passwd *pw, int ranges,
+ struct map_range *mappings)
+{
+ struct map_range *mapping;
+ int idx;
+
+ mapping = mappings;
+ for (idx = 0; idx < ranges; idx++, mapping++) {
+ if (!verify_range(pw, mapping)) {
+ fprintf(stderr, _( "%s: gid range [%lu-%lu) -> [%lu-%lu) not allowed\n"),
+ Prog,
+ mapping->upper,
+ mapping->upper + mapping->count,
+ mapping->lower,
+ mapping->lower + mapping->count);
+ exit(EXIT_FAILURE);
+ }
+ }
+}
+
+static void usage(void)
+{
+ fprintf(stderr, _("usage: %s <pid> <gid> <lowergid> <count> [ <gid> <lowergid> <count> ] ... \n"), Prog);
+ exit(EXIT_FAILURE);
+}
+
+/*
+ * newgidmap - Set the gid_map for the specified process
+ */
+int main(int argc, char **argv)
+{
+ char proc_dir_name[32];
+ char *target_str;
+ pid_t target, parent;
+ int proc_dir_fd;
+ int ranges;
+ struct map_range *mappings;
+ struct stat st;
+ struct passwd *pw;
+ int written;
+
+ Prog = Basename (argv[0]);
+
+ /*
+ * The valid syntax are
+ * newgidmap target_pid
+ */
+ if (argc < 2)
+ usage();
+
+ /* Find the process that needs its user namespace
+ * gid mapping set.
+ */
+ target_str = argv[1];
+ if (!get_pid(target_str, &target))
+ usage();
+
+ /* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */
+ written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/",
+ target);
+ if ((written <= 0) || (written >= sizeof(proc_dir_name))) {
+ fprintf(stderr, "%s: snprintf of proc path failed: %s\n",
+ Prog, strerror(errno));
+ }
+
+ proc_dir_fd = open(proc_dir_name, O_DIRECTORY);
+ if (proc_dir_fd < 0) {
+ fprintf(stderr, _("%s: Could not open proc directory for target %u\n"),
+ Prog, target);
+ return EXIT_FAILURE;
+ }
+
+ /* Who am i? */
+ pw = get_my_pwent ();
+ if (NULL == pw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+ (unsigned long) getuid ()));
+ return EXIT_FAILURE;
+ }
+
+ /* Get the effective uid and effective gid of the target process */
+ if (fstat(proc_dir_fd, &st) < 0) {
+ fprintf(stderr, _("%s: Could not stat directory for target %u\n"),
+ Prog, target);
+ return EXIT_FAILURE;
+ }
+
+ /* Verify real user and real group matches the password entry
+ * and the effective user and group of the program whose
+ * mappings we have been asked to set.
+ */
+ if ((getuid() != pw->pw_uid) ||
+ (getgid() != pw->pw_gid) ||
+ (pw->pw_uid != st.st_uid) ||
+ (pw->pw_gid != st.st_gid)) {
+ fprintf(stderr, _( "%s: Target %u is owned by a different user: uid:%lu pw_uid:%lu st_uid:%lu, gid:%lu pw_gid:%lu st_gid:%lu\n" ),
+ Prog, target,
+ (unsigned long int)getuid(), (unsigned long int)pw->pw_uid, (unsigned long int)st.st_uid,
+ (unsigned long int)getgid(), (unsigned long int)pw->pw_gid, (unsigned long int)st.st_gid);
+ return EXIT_FAILURE;
+ }
+
+ if (!sub_gid_open(O_RDONLY)) {
+ return EXIT_FAILURE;
+ }
+
+ ranges = ((argc - 2) + 2) / 3;
+ mappings = get_map_ranges(ranges, argc - 2, argv + 2);
+ if (!mappings)
+ usage();
+
+ verify_ranges(pw, ranges, mappings);
+
+ write_mapping(proc_dir_fd, ranges, mappings, "gid_map");
+ sub_gid_close();
+
+ return EXIT_SUCCESS;
+}
diff --git a/src/newgrp.c b/src/newgrp.c
new file mode 100644
index 0000000..b8d3ddc
--- /dev/null
+++ b/src/newgrp.c
@@ -0,0 +1,853 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <assert.h>
+#include "defines.h"
+#include "getdef.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+extern char **newenvp;
+extern char **environ;
+
+#ifdef HAVE_SETGROUPS
+static int ngroups;
+static /*@null@*/ /*@only@*/GETGROUPS_T *grouplist;
+#endif
+
+static bool is_newgrp;
+
+#ifdef WITH_AUDIT
+static char audit_buf[80];
+#endif
+
+/* local function prototypes */
+static void usage (void);
+static void check_perms (const struct group *grp,
+ struct passwd *pwd,
+ const char *groupname);
+static void syslog_sg (const char *name, const char *group);
+
+/*
+ * usage - print command usage message
+ */
+static void usage (void)
+{
+ if (is_newgrp) {
+ (void) fputs (_("Usage: newgrp [-] [group]\n"), stderr);
+ } else {
+ (void) fputs (_("Usage: sg group [[-c] command]\n"), stderr);
+ }
+}
+
+/*
+ * find_matching_group - search all groups of a given group id for
+ * membership of a given username
+ */
+static /*@null@*/struct group *find_matching_group (const char *name, gid_t gid)
+{
+ struct group *gr;
+ char **look;
+ bool notfound = true;
+
+ setgrent ();
+ while ((gr = getgrent ()) != NULL) {
+ if (gr->gr_gid != gid) {
+ continue;
+ }
+
+ /*
+ * A group with matching GID was found.
+ * Test for membership of 'name'.
+ */
+ look = gr->gr_mem;
+ while ((NULL != *look) && notfound) {
+ notfound = (strcmp (*look, name) != 0);
+ look++;
+ }
+ if (!notfound) {
+ break;
+ }
+ }
+ endgrent ();
+ return gr;
+}
+
+/*
+ * check_perms - check if the user is allowed to switch to this group
+ *
+ * If needed, the user will be authenticated.
+ *
+ * It will not return if the user could not be authenticated.
+ */
+static void check_perms (const struct group *grp,
+ struct passwd *pwd,
+ const char *groupname)
+{
+ bool needspasswd = false;
+ struct spwd *spwd;
+ char *cp;
+ const char *cpasswd;
+
+ /*
+ * see if she is a member of this group (i.e. in the list of
+ * members of the group, or if the group is her primary group).
+ *
+ * If she isn't a member, she needs to provide the group password.
+ * If there is no group password, she will be denied access
+ * anyway.
+ *
+ */
+ if ( (grp->gr_gid != pwd->pw_gid)
+ && !is_on_list (grp->gr_mem, pwd->pw_name)) {
+ needspasswd = true;
+ }
+
+ /*
+ * If she does not have either a shadowed password, or a regular
+ * password, and the group has a password, she needs to give the
+ * group password.
+ */
+ spwd = xgetspnam (pwd->pw_name);
+ if (NULL != spwd) {
+ pwd->pw_passwd = spwd->sp_pwdp;
+ }
+
+ if ((pwd->pw_passwd[0] == '\0') && (grp->gr_passwd[0] != '\0')) {
+ needspasswd = true;
+ }
+
+ /*
+ * Now I see about letting her into the group she requested. If she
+ * is the root user, I'll let her in without having to prompt for
+ * the password. Otherwise I ask for a password if she flunked one
+ * of the tests above.
+ */
+ if ((getuid () != 0) && needspasswd) {
+ /*
+ * get the password from her, and set the salt for
+ * the decryption from the group file.
+ */
+ cp = getpass (_("Password: "));
+ if (NULL == cp) {
+ goto failure;
+ }
+
+ /*
+ * encrypt the key she gave us using the salt from the
+ * password in the group file. The result of this encryption
+ * must match the previously encrypted value in the file.
+ */
+ cpasswd = pw_encrypt (cp, grp->gr_passwd);
+ strzero (cp);
+
+ if (NULL == cpasswd) {
+ fprintf (stderr,
+ _("%s: failed to crypt password with previous salt: %s\n"),
+ Prog, strerror (errno));
+ SYSLOG ((LOG_INFO,
+ "Failed to crypt password with previous salt of group '%s'",
+ groupname));
+ goto failure;
+ }
+
+ if (grp->gr_passwd[0] == '\0' ||
+ strcmp (cpasswd, grp->gr_passwd) != 0) {
+#ifdef WITH_AUDIT
+ snprintf (audit_buf, sizeof(audit_buf),
+ "authentication new-gid=%lu",
+ (unsigned long) grp->gr_gid);
+ audit_logger (AUDIT_GRP_AUTH, Prog,
+ audit_buf, NULL,
+ (unsigned int) getuid (), 0);
+#endif
+ SYSLOG ((LOG_INFO,
+ "Invalid password for group '%s' from '%s'",
+ groupname, pwd->pw_name));
+ (void) sleep (1);
+ (void) fputs (_("Invalid password.\n"), stderr);
+ goto failure;
+ }
+#ifdef WITH_AUDIT
+ snprintf (audit_buf, sizeof(audit_buf),
+ "authentication new-gid=%lu",
+ (unsigned long) grp->gr_gid);
+ audit_logger (AUDIT_GRP_AUTH, Prog,
+ audit_buf, NULL,
+ (unsigned int) getuid (), 1);
+#endif
+ }
+
+ return;
+
+failure:
+ /* The closelog is probably unnecessary, but it does no
+ * harm. -- JWP
+ */
+ closelog ();
+#ifdef WITH_AUDIT
+ if (groupname) {
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-group=%s", groupname);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL,
+ (unsigned int) getuid (), 0);
+ } else {
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ "changing", NULL,
+ (unsigned int) getuid (), 0);
+ }
+#endif
+ exit (EXIT_FAILURE);
+}
+
+#ifdef USE_SYSLOG
+/*
+ * syslog_sg - log the change of group to syslog
+ *
+ * The loggout will also be logged when the user will quit the
+ * sg/newgrp session.
+ */
+static void syslog_sg (const char *name, const char *group)
+{
+ const char *loginname = getlogin ();
+ const char *tty = ttyname (0);
+ char *free_login = NULL, *free_tty = NULL;
+
+ if (loginname != NULL) {
+ free_login = xstrdup (loginname);
+ loginname = free_login;
+ }
+ if (tty != NULL) {
+ free_tty = xstrdup (tty);
+ tty = free_tty;
+ }
+
+ if (loginname == NULL) {
+ loginname = "???";
+ }
+ if (tty == NULL) {
+ tty = "???";
+ } else if (strncmp (tty, "/dev/", 5) == 0) {
+ tty += 5;
+ }
+ SYSLOG ((LOG_INFO,
+ "user '%s' (login '%s' on %s) switched to group '%s'",
+ name, loginname, tty, group));
+#ifdef USE_PAM
+ /*
+ * We want to fork and exec the new shell in the child, leaving the
+ * parent waiting to log the session close.
+ *
+ * The parent must ignore signals generated from the console
+ * (SIGINT, SIGQUIT, SIGHUP) which might make the parent terminate
+ * before its child. When bash is exec'ed as the subshell, it
+ * generates a new process group id for itself, and consequently
+ * only SIGHUP, which is sent to all process groups in the session,
+ * can reach the parent. However, since arbitrary programs can be
+ * specified as login shells, there is no such guarantee in general.
+ * For the same reason, we must also ignore stop signals generated
+ * from the console (SIGTSTP, SIGTTIN, and SIGTTOU) in order to
+ * avoid any possibility of the parent being stopped when it
+ * receives SIGCHLD from the terminating subshell. -- JWP
+ */
+ {
+ pid_t child;
+
+ /* Ignore these signals. The signal handlers will later be
+ * restored to the default handlers. */
+ (void) signal (SIGINT, SIG_IGN);
+ (void) signal (SIGQUIT, SIG_IGN);
+ (void) signal (SIGHUP, SIG_IGN);
+ (void) signal (SIGTSTP, SIG_IGN);
+ (void) signal (SIGTTIN, SIG_IGN);
+ (void) signal (SIGTTOU, SIG_IGN);
+ child = fork ();
+ if ((pid_t)-1 == child) {
+ /* error in fork() */
+ fprintf (stderr, _("%s: failure forking: %s\n"),
+ is_newgrp ? "newgrp" : "sg", strerror (errno));
+#ifdef WITH_AUDIT
+ if (group) {
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-group=%s", group);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL,
+ (unsigned int) getuid (), 0);
+ } else {
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ "changing", NULL,
+ (unsigned int) getuid (), 0);
+ }
+#endif
+ exit (EXIT_FAILURE);
+ } else if (child != 0) {
+ /* parent - wait for child to finish, then log session close */
+ int cst = 0;
+ gid_t gid = getgid();
+ struct group *grp = getgrgid (gid);
+ pid_t pid;
+
+ do {
+ errno = 0;
+ pid = waitpid (child, &cst, WUNTRACED);
+ if ((pid == child) && (WIFSTOPPED (cst) != 0)) {
+ /* The child (shell) was suspended.
+ * Suspend sg/newgrp. */
+ kill (getpid (), SIGSTOP);
+ /* wake child when resumed */
+ kill (child, SIGCONT);
+ }
+ } while ( ((pid == child) && (WIFSTOPPED (cst) != 0))
+ || ((pid != child) && (errno == EINTR)));
+ /* local, no need for xgetgrgid */
+ if (NULL != grp) {
+ SYSLOG ((LOG_INFO,
+ "user '%s' (login '%s' on %s) returned to group '%s'",
+ name, loginname, tty, grp->gr_name));
+ } else {
+ SYSLOG ((LOG_INFO,
+ "user '%s' (login '%s' on %s) returned to group '%lu'",
+ name, loginname, tty,
+ (unsigned long) gid));
+ /* Either the user's passwd entry has a
+ * GID that does not match with any group,
+ * or the group was deleted while the user
+ * was in a newgrp session.*/
+ SYSLOG ((LOG_WARN,
+ "unknown GID '%lu' used by user '%s'",
+ (unsigned long) gid, name));
+ }
+ closelog ();
+ exit ((0 != WIFEXITED (cst)) ? WEXITSTATUS (cst)
+ : WTERMSIG (cst) + 128);
+ }
+
+ /* child - restore signals to their default state */
+ (void) signal (SIGINT, SIG_DFL);
+ (void) signal (SIGQUIT, SIG_DFL);
+ (void) signal (SIGHUP, SIG_DFL);
+ (void) signal (SIGTSTP, SIG_DFL);
+ (void) signal (SIGTTIN, SIG_DFL);
+ (void) signal (SIGTTOU, SIG_DFL);
+ }
+#endif /* USE_PAM */
+ free(free_login);
+ free(free_tty);
+}
+#endif /* USE_SYSLOG */
+
+/*
+ * newgrp - change the invokers current real and effective group id
+ */
+int main (int argc, char **argv)
+{
+ bool initflag = false;
+ int i;
+ bool cflag = false;
+ int err = 0;
+ gid_t gid;
+ char *cp;
+ const char *name, *prog;
+ char *group = NULL;
+ char *command = NULL;
+ char **envp = environ;
+ struct passwd *pwd;
+ /*@null@*/struct group *grp;
+
+#ifdef SHADOWGRP
+ struct sgrp *sgrp;
+#endif
+
+#ifdef WITH_AUDIT
+ audit_help_open ();
+#endif
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ /*
+ * Save my name for error messages and save my real gid incase of
+ * errors. If there is an error i have to exec a new login shell for
+ * the user since her old shell won't have fork'd to create the
+ * process. Skip over the program name to the next command line
+ * argument.
+ *
+ * This historical comment, and the code itself, suggest that the
+ * behavior of the system/shell on which it was written differed
+ * significantly from the one I am using. If this process was
+ * started from a shell (including the login shell), it was fork'ed
+ * and exec'ed as a child by that shell. In order to get the user
+ * back to that shell, it is only necessary to exit from this
+ * process which terminates the child of the fork. The parent shell,
+ * which is blocked waiting for a signal, will then receive a
+ * SIGCHLD and will continue; any changes made to the process
+ * persona or the environment after the fork never occurred in the
+ * parent process.
+ *
+ * Bottom line: we want to save the name and real gid for messages,
+ * but we do not need to restore the previous process persona and we
+ * don't need to re-exec anything. -- JWP
+ */
+ Prog = Basename (argv[0]);
+ is_newgrp = (strcmp (Prog, "newgrp") == 0);
+ OPENLOG (is_newgrp ? "newgrp" : "sg");
+ gid = getgid ();
+ argc--;
+ argv++;
+
+ initenv ();
+
+ pwd = get_my_pwent ();
+ if (NULL == pwd) {
+ fprintf (stderr, _("%s: Cannot determine your user name.\n"),
+ Prog);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ "changing", NULL,
+ (unsigned int) getuid (), 0);
+#endif
+ SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+ (unsigned long) getuid ()));
+ closelog ();
+ exit (EXIT_FAILURE);
+ }
+ name = pwd->pw_name;
+
+ /*
+ * Parse the command line. There are two accepted flags. The first
+ * is "-", which for newgrp means to re-create the entire
+ * environment as though a login had been performed, and "-c", which
+ * for sg causes a command string to be executed.
+ *
+ * The next argument, if present, must be the new group name. Any
+ * remaining remaining arguments will be used to execute a command
+ * as the named group. If the group name isn't present, I just use
+ * the login group ID of the current user.
+ *
+ * The valid syntax are
+ * newgrp [-] [groupid]
+ * newgrp [-l] [groupid]
+ * sg [-]
+ * sg [-] groupid [[-c command]
+ */
+ if ( (argc > 0)
+ && ( (strcmp (argv[0], "-") == 0)
+ || (strcmp (argv[0], "-l") == 0))) {
+ argc--;
+ argv++;
+ initflag = true;
+ }
+ if (!is_newgrp) {
+ /*
+ * Do the command line for everything that is
+ * not "newgrp".
+ */
+ if ((argc > 0) && (argv[0][0] != '-')) {
+ group = argv[0];
+ argc--;
+ argv++;
+ } else {
+ usage ();
+ closelog ();
+ exit (EXIT_FAILURE);
+ }
+ if (argc > 0) {
+
+ /*
+ * skip -c if specified so both forms work:
+ * "sg group -c command" (as in the man page) or
+ * "sg group command" (as in the usage message).
+ */
+ if ((argc > 1) && (strcmp (argv[0], "-c") == 0)) {
+ command = argv[1];
+ } else {
+ command = argv[0];
+ }
+ cflag = true;
+ }
+ } else {
+ /*
+ * Do the command line for "newgrp". It's just making sure
+ * there aren't any flags and getting the new group name.
+ */
+ if ((argc > 0) && (argv[0][0] == '-')) {
+ usage ();
+ goto failure;
+ } else if (argv[0] != (char *) 0) {
+ group = argv[0];
+ } else {
+ /*
+ * get the group file entry for her login group id.
+ * the entry must exist, simply to be annoying.
+ *
+ * Perhaps in the past, but the default behavior now depends on the
+ * group entry, so it had better exist. -- JWP
+ */
+ grp = xgetgrgid (pwd->pw_gid);
+ if (NULL == grp) {
+ fprintf (stderr,
+ _("%s: GID '%lu' does not exist\n"),
+ Prog, (unsigned long) pwd->pw_gid);
+ SYSLOG ((LOG_CRIT, "GID '%lu' does not exist",
+ (unsigned long) pwd->pw_gid));
+ goto failure;
+ } else {
+ group = grp->gr_name;
+ }
+ }
+ }
+
+#ifdef HAVE_SETGROUPS
+ /*
+ * get the current users groupset. The new group will be added to
+ * the concurrent groupset if there is room, otherwise you get a
+ * nasty message but at least your real and effective group id's are
+ * set.
+ */
+ /* don't use getgroups(0, 0) - it doesn't work on some systems */
+ i = 16;
+ for (;;) {
+ grouplist = (GETGROUPS_T *) xmalloc (i * sizeof (GETGROUPS_T));
+ ngroups = getgroups (i, grouplist);
+ if (i > ngroups && !(ngroups == -1 && errno == EINVAL)) {
+ break;
+ }
+ /* not enough room, so try allocating a larger buffer */
+ free (grouplist);
+ i *= 2;
+ }
+ if (ngroups < 0) {
+ perror ("getgroups");
+#ifdef WITH_AUDIT
+ if (group) {
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-group=%s", group);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL,
+ (unsigned int) getuid (), 0);
+ } else {
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ "changing", NULL,
+ (unsigned int) getuid (), 0);
+ }
+#endif
+ exit (EXIT_FAILURE);
+ }
+#endif /* HAVE_SETGROUPS */
+
+ /*
+ * now we put her in the new group. The password file entry for her
+ * current user id has been gotten. If there was no optional group
+ * argument she will have her real and effective group id set to the
+ * set to the value from her password file entry.
+ *
+ * If run as newgrp, or as sg with no command, this process exec's
+ * an interactive subshell with the effective GID of the new group.
+ * If run as sg with a command, that command is exec'ed in this
+ * subshell. When this process terminates, either because the user
+ * exits, or the command completes, the parent of this process
+ * resumes with the current GID.
+ *
+ * If a group is explicitly specified on the command line, the
+ * interactive shell or command is run with that effective GID.
+ * Access will be denied if no entry for that group can be found in
+ * /etc/group. If the current user name appears in the members list
+ * for that group, access will be granted immediately; if not, the
+ * user will be challenged for that group's password. If the
+ * password response is incorrect, if the specified group does not
+ * have a password, or if that group has been locked by gpasswd -R,
+ * access will be denied. This is true even if the group specified
+ * has the user's login GID (as shown in /etc/passwd). If no group
+ * is explicitly specified on the command line, the effect is
+ * exactly the same as if a group name matching the user's login GID
+ * had been explicitly specified. Root, however, is never
+ * challenged for passwords, and is always allowed access.
+ *
+ * The previous behavior was to allow access to the login group if
+ * no explicit group was specified, irrespective of the group
+ * control file(s). This behavior is usually not desirable. A user
+ * wishing to return to the login group has only to exit back to the
+ * login shell. Generating yet more shell levels in order to
+ * provide a convenient "return" to the default group has the
+ * undesirable side effects of confusing the user, scrambling the
+ * history file, and consuming system resources. The default now is
+ * to lock out such behavior. A sys admin can allow it by explicitly
+ * including the user's name in the member list of the user's login
+ * group. -- JWP
+ */
+ grp = getgrnam (group); /* local, no need for xgetgrnam */
+ if (NULL == grp) {
+ fprintf (stderr, _("%s: group '%s' does not exist\n"), Prog, group);
+ goto failure;
+ }
+
+ /*
+ * For splitted groups (due to limitations of NIS), check all
+ * groups of the same GID like the requested group for
+ * membership of the current user.
+ */
+ grp = find_matching_group (name, grp->gr_gid);
+ if (NULL == grp) {
+ /*
+ * No matching group found. As we already know that
+ * the group exists, this happens only in the case
+ * of a requested group where the user is not member.
+ *
+ * Re-read the group entry for further processing.
+ */
+ grp = xgetgrnam (group);
+ assert (NULL != grp);
+ }
+#ifdef SHADOWGRP
+ sgrp = getsgnam (group);
+ if (NULL != sgrp) {
+ grp->gr_passwd = sgrp->sg_passwd;
+ grp->gr_mem = sgrp->sg_mem;
+ }
+#endif
+
+ /*
+ * Check if the user is allowed to access this group.
+ */
+ check_perms (grp, pwd, group);
+
+ /*
+ * all successful validations pass through this point. The group id
+ * will be set, and the group added to the concurrent groupset.
+ */
+#ifdef USE_SYSLOG
+ if (getdef_bool ("SYSLOG_SG_ENAB")) {
+ syslog_sg (name, group);
+ }
+#endif /* USE_SYSLOG */
+
+ gid = grp->gr_gid;
+
+#ifdef HAVE_SETGROUPS
+ /*
+ * I am going to try to add her new group id to her concurrent group
+ * set. If the group id is already present i'll just skip this part.
+ * If the group doesn't fit, i'll complain loudly and skip this
+ * part.
+ */
+ for (i = 0; i < ngroups; i++) {
+ if (gid == grouplist[i]) {
+ break;
+ }
+ }
+ if (i == ngroups) {
+ if (ngroups >= sysconf (_SC_NGROUPS_MAX)) {
+ (void) fputs (_("too many groups\n"), stderr);
+ } else {
+ grouplist[ngroups++] = gid;
+ if (setgroups (ngroups, grouplist) != 0) {
+ perror ("setgroups");
+ }
+ }
+ }
+#endif
+
+ /*
+ * Close all files before changing the user/group IDs.
+ *
+ * The needed structure should have been copied before, or
+ * permission to read the database will be required.
+ */
+ endspent ();
+#ifdef SHADOWGRP
+ endsgent ();
+#endif
+ endpwent ();
+ endgrent ();
+
+ /*
+ * Set the effective GID to the new group id and the effective UID
+ * to the real UID. For root, this also sets the real GID to the
+ * new group id.
+ */
+ if (setgid (gid) != 0) {
+ perror ("setgid");
+#ifdef WITH_AUDIT
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-gid=%lu", (unsigned long) gid);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL,
+ (unsigned int) getuid (), 0);
+#endif
+ exit (EXIT_FAILURE);
+ }
+
+ if (setuid (getuid ()) != 0) {
+ perror ("setuid");
+#ifdef WITH_AUDIT
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-gid=%lu", (unsigned long) gid);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL,
+ (unsigned int) getuid (), 0);
+#endif
+ exit (EXIT_FAILURE);
+ }
+
+ /*
+ * See if the "-c" flag was used. If it was, i just create a shell
+ * command for her using the argument that followed the "-c" flag.
+ */
+ if (cflag) {
+ closelog ();
+ execl (SHELL, "sh", "-c", command, (char *) 0);
+#ifdef WITH_AUDIT
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-gid=%lu", (unsigned long) gid);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL,
+ (unsigned int) getuid (), 0);
+#endif
+ perror (SHELL);
+ exit ((errno == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+ }
+
+ /*
+ * I have to get the pathname of her login shell. As a favor, i'll
+ * try her environment for a $SHELL value first, and then try the
+ * password file entry. Obviously this shouldn't be in the
+ * restricted command directory since it could be used to leave the
+ * restricted environment.
+ *
+ * Note that the following assumes this user's entry in /etc/passwd
+ * does not have a chroot * prefix. If it does, the * will be copied
+ * verbatim into the exec path. This is probably not an issue
+ * because if this user is operating in a chroot jail, her entry in
+ * the version of /etc/passwd that is accessible here should
+ * probably never have a chroot shell entry (but entries for other
+ * users might). If I have missed something, and this causes you a
+ * problem, try using $SHELL as a workaround; also please notify me
+ * at jparmele@wildbear.com -- JWP
+ */
+ cp = getenv ("SHELL");
+ if (!initflag && (NULL != cp)) {
+ prog = cp;
+ } else if ((NULL != pwd->pw_shell) && ('\0' != pwd->pw_shell[0])) {
+ prog = pwd->pw_shell;
+ } else {
+ prog = SHELL;
+ }
+
+ /*
+ * Now I try to find the basename of the login shell. This will
+ * become argv[0] of the spawned command.
+ */
+ cp = Basename ((char *) prog);
+
+ /*
+ * Switch back to her home directory if i am doing login
+ * initialization.
+ */
+ if (initflag) {
+ if (chdir (pwd->pw_dir) != 0) {
+ perror ("chdir");
+ }
+
+ while (NULL != *envp) {
+ if (strncmp (*envp, "PATH=", 5) == 0 ||
+ strncmp (*envp, "HOME=", 5) == 0 ||
+ strncmp (*envp, "SHELL=", 6) == 0 ||
+ strncmp (*envp, "TERM=", 5) == 0)
+ addenv (*envp, NULL);
+
+ envp++;
+ }
+ } else {
+ while (NULL != *envp) {
+ addenv (*envp, NULL);
+ envp++;
+ }
+ }
+
+#ifdef WITH_AUDIT
+ snprintf (audit_buf, sizeof(audit_buf), "changing new-gid=%lu",
+ (unsigned long) gid);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL,
+ (unsigned int) getuid (), 1);
+#endif
+ /*
+ * Exec the login shell and go away. We are trying to get back to
+ * the previous environment which should be the user's login shell.
+ */
+ err = shell (prog, initflag ? (char *) 0 : cp, newenvp);
+ exit ((err == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+ /*@notreached@*/
+ failure:
+
+ /*
+ * The previous code, when run as newgrp, re-exec'ed the shell in
+ * the current process with the original gid on error conditions.
+ * See the comment above. This historical behavior now has the
+ * effect of creating unlogged extraneous shell layers when the
+ * command line has an error or there is an authentication failure.
+ * We now just want to exit with error status back to the parent
+ * process. The closelog is probably unnecessary, but it does no
+ * harm. -- JWP
+ */
+ closelog ();
+#ifdef WITH_AUDIT
+ if (NULL != group) {
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-group=%s", group);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL,
+ (unsigned int) getuid (), 0);
+ } else {
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ "changing", NULL,
+ (unsigned int) getuid (), 0);
+ }
+#endif
+ exit (EXIT_FAILURE);
+}
+
diff --git a/src/newuidmap.c b/src/newuidmap.c
new file mode 100644
index 0000000..1ba25e7
--- /dev/null
+++ b/src/newuidmap.c
@@ -0,0 +1,186 @@
+/*
+ * Copyright (c) 2013 Eric Biederman
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "subordinateio.h"
+#include "idmapping.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool verify_range(struct passwd *pw, struct map_range *range)
+{
+ /* An empty range is invalid */
+ if (range->count == 0)
+ return false;
+
+ /* Test /etc/subuid */
+ if (have_sub_uids(pw->pw_name, range->lower, range->count))
+ return true;
+
+ /* Allow a process to map its own uid */
+ if ((range->count == 1) && (pw->pw_uid == range->lower))
+ return true;
+
+ return false;
+}
+
+static void verify_ranges(struct passwd *pw, int ranges,
+ struct map_range *mappings)
+{
+ struct map_range *mapping;
+ int idx;
+
+ mapping = mappings;
+ for (idx = 0; idx < ranges; idx++, mapping++) {
+ if (!verify_range(pw, mapping)) {
+ fprintf(stderr, _( "%s: uid range [%lu-%lu) -> [%lu-%lu) not allowed\n"),
+ Prog,
+ mapping->upper,
+ mapping->upper + mapping->count,
+ mapping->lower,
+ mapping->lower + mapping->count);
+ exit(EXIT_FAILURE);
+ }
+ }
+}
+
+void usage(void)
+{
+ fprintf(stderr, _("usage: %s <pid> <uid> <loweruid> <count> [ <uid> <loweruid> <count> ] ... \n"), Prog);
+ exit(EXIT_FAILURE);
+}
+
+/*
+ * newuidmap - Set the uid_map for the specified process
+ */
+int main(int argc, char **argv)
+{
+ char proc_dir_name[32];
+ char *target_str;
+ pid_t target, parent;
+ int proc_dir_fd;
+ int ranges;
+ struct map_range *mappings;
+ struct stat st;
+ struct passwd *pw;
+ int written;
+
+ Prog = Basename (argv[0]);
+
+ /*
+ * The valid syntax are
+ * newuidmap target_pid
+ */
+ if (argc < 2)
+ usage();
+
+ /* Find the process that needs its user namespace
+ * uid mapping set.
+ */
+ target_str = argv[1];
+ if (!get_pid(target_str, &target))
+ usage();
+
+ /* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */
+ written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/",
+ target);
+ if ((written <= 0) || (written >= sizeof(proc_dir_name))) {
+ fprintf(stderr, "%s: snprintf of proc path failed: %s\n",
+ Prog, strerror(errno));
+ }
+
+ proc_dir_fd = open(proc_dir_name, O_DIRECTORY);
+ if (proc_dir_fd < 0) {
+ fprintf(stderr, _("%s: Could not open proc directory for target %u\n"),
+ Prog, target);
+ return EXIT_FAILURE;
+ }
+
+ /* Who am i? */
+ pw = get_my_pwent ();
+ if (NULL == pw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+ (unsigned long) getuid ()));
+ return EXIT_FAILURE;
+ }
+
+ /* Get the effective uid and effective gid of the target process */
+ if (fstat(proc_dir_fd, &st) < 0) {
+ fprintf(stderr, _("%s: Could not stat directory for target %u\n"),
+ Prog, target);
+ return EXIT_FAILURE;
+ }
+
+ /* Verify real user and real group matches the password entry
+ * and the effective user and group of the program whose
+ * mappings we have been asked to set.
+ */
+ if ((getuid() != pw->pw_uid) ||
+ (getgid() != pw->pw_gid) ||
+ (pw->pw_uid != st.st_uid) ||
+ (pw->pw_gid != st.st_gid)) {
+ fprintf(stderr, _( "%s: Target process %u is owned by a different user: uid:%lu pw_uid:%lu st_uid:%lu, gid:%lu pw_gid:%lu st_gid:%lu\n" ),
+ Prog, target,
+ (unsigned long int)getuid(), (unsigned long int)pw->pw_uid, (unsigned long int)st.st_uid,
+ (unsigned long int)getgid(), (unsigned long int)pw->pw_gid, (unsigned long int)st.st_gid);
+ return EXIT_FAILURE;
+ }
+
+ if (!sub_uid_open(O_RDONLY)) {
+ return EXIT_FAILURE;
+ }
+
+ ranges = ((argc - 2) + 2) / 3;
+ mappings = get_map_ranges(ranges, argc - 2, argv + 2);
+ if (!mappings)
+ usage();
+
+ verify_ranges(pw, ranges, mappings);
+
+ write_mapping(proc_dir_fd, ranges, mappings, "uid_map");
+ sub_uid_close();
+
+ return EXIT_SUCCESS;
+}
diff --git a/src/newusers.c b/src/newusers.c
new file mode 100644
index 0000000..c38aec4
--- /dev/null
+++ b/src/newusers.c
@@ -0,0 +1,1251 @@
+/*
+ * Copyright (c) 1990 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * newusers - create users from a batch file
+ *
+ * newusers creates a collection of entries in /etc/passwd
+ * and related files by reading a passwd-format file and
+ * adding entries in the related directories.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <pwd.h>
+#include <grp.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <ctype.h>
+#include <errno.h>
+#include <string.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "pwio.h"
+#include "sgroupio.h"
+#include "shadowio.h"
+#ifdef ENABLE_SUBIDS
+#include "subordinateio.h"
+#endif /* ENABLE_SUBIDS */
+#include "chkname.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool rflg = false; /* create a system account */
+#ifndef USE_PAM
+static /*@null@*//*@observer@*/char *crypt_method = NULL;
+#define cflg (NULL != crypt_method)
+#ifdef USE_SHA_CRYPT
+static bool sflg = false;
+static long sha_rounds = 5000;
+#endif /* USE_SHA_CRYPT */
+#endif /* !USE_PAM */
+
+static bool is_shadow;
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+static bool sgr_locked = false;
+#endif
+static bool pw_locked = false;
+static bool gr_locked = false;
+static bool spw_locked = false;
+#ifdef ENABLE_SUBIDS
+static bool is_sub_uid = false;
+static bool is_sub_gid = false;
+static bool sub_uid_locked = false;
+static bool sub_gid_locked = false;
+#endif /* ENABLE_SUBIDS */
+
+/* local function prototypes */
+static void usage (int status);
+static void fail_exit (int);
+static int add_group (const char *, const char *, gid_t *, gid_t);
+static int get_user_id (const char *, uid_t *);
+static int add_user (const char *, uid_t, gid_t);
+#ifndef USE_PAM
+static int update_passwd (struct passwd *, const char *);
+#endif /* !USE_PAM */
+static int add_passwd (struct passwd *, const char *);
+static void process_flags (int argc, char **argv);
+static void check_flags (void);
+static void check_perms (void);
+static void open_files (void);
+static void close_files (void);
+
+/*
+ * usage - display usage message and exit
+ */
+static void usage (int status)
+{
+ FILE *usageout = (EXIT_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+#ifndef USE_PAM
+ (void) fprintf (usageout,
+ _(" -c, --crypt-method METHOD the crypt method (one of %s)\n"),
+#ifndef USE_SHA_CRYPT
+ "NONE DES MD5"
+#else /* USE_SHA_CRYPT */
+ "NONE DES MD5 SHA256 SHA512"
+#endif /* USE_SHA_CRYPT */
+ );
+#endif /* !USE_PAM */
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -r, --system create system accounts\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+#ifndef USE_PAM
+#ifdef USE_SHA_CRYPT
+ (void) fputs (_(" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+ " crypt algorithms\n"),
+ usageout);
+#endif /* USE_SHA_CRYPT */
+#endif /* !USE_PAM */
+ (void) fputs ("\n", usageout);
+
+ exit (status);
+}
+
+/*
+ * fail_exit - undo as much as possible
+ */
+static void fail_exit (int code)
+{
+ if (spw_locked) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ }
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ }
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ }
+#ifdef SHADOWGRP
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ }
+#endif
+#ifdef ENABLE_SUBIDS
+ if (sub_uid_locked) {
+ if (sub_uid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+ /* continue */
+ }
+ }
+ if (sub_gid_locked) {
+ if (sub_gid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+ /* continue */
+ }
+ }
+#endif /* ENABLE_SUBIDS */
+
+ exit (code);
+}
+
+/*
+ * add_group - create a new group or add a user to an existing group
+ */
+static int add_group (const char *name, const char *gid, gid_t *ngid, uid_t uid)
+{
+ const struct group *grp;
+ struct group grent;
+ char *members[1];
+#ifdef SHADOWGRP
+ const struct sgrp *sg;
+#endif
+
+ /*
+ * Start by seeing if the named group already exists. This will be
+ * very easy to deal with if it does.
+ */
+ grp = getgrnam (gid);
+ if (NULL == grp) {
+ grp = gr_locate (gid);
+ }
+ if (NULL != grp) {
+ /* The user will use this ID for her primary group */
+ *ngid = grp->gr_gid;
+ /* Don't check gshadow */
+ return 0;
+ }
+
+ if (isdigit (gid[0])) {
+ /*
+ * The GID is a number, which means either this is a brand
+ * new group, or an existing group.
+ */
+
+ if (get_gid (gid, &grent.gr_gid) == 0) {
+ fprintf (stderr,
+ _("%s: invalid group ID '%s'\n"),
+ Prog, gid);
+ return -1;
+ }
+
+ /* Look in both the system database (getgrgid) and in the
+ * internal database (gr_locate_gid), which may contain
+ * uncommitted changes */
+ if ( (getgrgid ((gid_t) grent.gr_gid) != NULL)
+ || (gr_locate_gid ((gid_t) grent.gr_gid) != NULL)) {
+ /* The user will use this ID for her
+ * primary group */
+ *ngid = (gid_t) grent.gr_gid;
+ return 0;
+ }
+
+ /* Do not create groups with GID == (gid_t)-1 */
+ if (grent.gr_gid == (gid_t)-1) {
+ fprintf (stderr,
+ _("%s: invalid group ID '%s'\n"),
+ Prog, gid);
+ return -1;
+ }
+ } else {
+ /* The gid parameter can be "" or a name which is not
+ * already the name of an existing group.
+ * In both cases, figure out what group ID can be used.
+ */
+ if (find_new_gid(rflg, &grent.gr_gid, &uid) < 0) {
+ return -1;
+ }
+ }
+
+ /*
+ * Now I have all of the fields required to create the new group.
+ */
+ if (('\0' != gid[0]) && (!isdigit (gid[0]))) {
+ grent.gr_name = xstrdup (gid);
+ } else {
+ grent.gr_name = xstrdup (name);
+/* FIXME: check if the group exists */
+ }
+
+ /* Check if this is a valid group name */
+ if (!is_valid_group_name (grent.gr_name)) {
+ fprintf (stderr,
+ _("%s: invalid group name '%s'\n"),
+ Prog, grent.gr_name);
+ free (grent.gr_name);
+ return -1;
+ }
+
+ grent.gr_passwd = "*"; /* XXX warning: const */
+ members[0] = NULL;
+ grent.gr_mem = members;
+
+ *ngid = grent.gr_gid;
+
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ sg = sgr_locate (grent.gr_name);
+
+ if (NULL != sg) {
+ fprintf (stderr,
+ _("%s: group '%s' is a shadow group, but does not exist in /etc/group\n"),
+ Prog, grent.gr_name);
+ return -1;
+ }
+ }
+#endif
+
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ struct sgrp sgrent;
+ char *admins[1];
+ sgrent.sg_name = grent.gr_name;
+ sgrent.sg_passwd = "*"; /* XXX warning: const */
+ grent.gr_passwd = "x"; /* XXX warning: const */
+ admins[0] = NULL;
+ sgrent.sg_adm = admins;
+ sgrent.sg_mem = members;
+
+ if (sgr_update (&sgrent) == 0) {
+ return -1;
+ }
+ }
+#endif
+
+ if (gr_update (&grent) == 0) {
+ return -1;
+ }
+
+ return 0;
+}
+
+static int get_user_id (const char *uid, uid_t *nuid) {
+
+ /*
+ * The first guess for the UID is either the numerical UID that the
+ * caller provided, or the next available UID.
+ */
+ if (isdigit (uid[0])) {
+ if ((get_uid (uid, nuid) == 0) || (*nuid == (uid_t)-1)) {
+ fprintf (stderr,
+ _("%s: invalid user ID '%s'\n"),
+ Prog, uid);
+ return -1;
+ }
+ } else {
+ if ('\0' != uid[0]) {
+ const struct passwd *pwd;
+ /* local, no need for xgetpwnam */
+ pwd = getpwnam (uid);
+ if (NULL == pwd) {
+ pwd = pw_locate (uid);
+ }
+
+ if (NULL != pwd) {
+ *nuid = pwd->pw_uid;
+ } else {
+ fprintf (stderr,
+ _("%s: user '%s' does not exist\n"),
+ Prog, uid);
+ return -1;
+ }
+ } else {
+ if (find_new_uid (rflg, nuid, NULL) < 0) {
+ return -1;
+ }
+ }
+ }
+
+ return 0;
+}
+
+/*
+ * add_user - create a new user ID
+ */
+static int add_user (const char *name, uid_t uid, gid_t gid)
+{
+ struct passwd pwent;
+
+ /* Check if this is a valid user name */
+ if (!is_valid_user_name (name)) {
+ fprintf (stderr,
+ _("%s: invalid user name '%s'\n"),
+ Prog, name);
+ return -1;
+ }
+
+ /*
+ * I don't want to fill in the entire password structure members
+ * JUST YET, since there is still more data to be added. So, I fill
+ * in the parts that I have.
+ */
+ pwent.pw_name = xstrdup (name);
+ pwent.pw_uid = uid;
+ pwent.pw_passwd = "x"; /* XXX warning: const */
+ pwent.pw_gid = gid;
+ pwent.pw_gecos = ""; /* XXX warning: const */
+ pwent.pw_dir = ""; /* XXX warning: const */
+ pwent.pw_shell = ""; /* XXX warning: const */
+
+ return (pw_update (&pwent) == 0) ? -1 : 0;
+}
+
+#ifndef USE_PAM
+/*
+ * update_passwd - update the password in the passwd entry
+ *
+ * Return 0 if successful.
+ */
+static int update_passwd (struct passwd *pwd, const char *password)
+{
+ void *crypt_arg = NULL;
+ char *cp;
+ if (crypt_method != NULL) {
+#ifdef USE_SHA_CRYPT
+ if (sflg) {
+ crypt_arg = &sha_rounds;
+ }
+#endif
+ }
+
+ if ((crypt_method != NULL) && (0 == strcmp(crypt_method, "NONE"))) {
+ pwd->pw_passwd = (char *)password;
+ } else {
+ const char *salt = crypt_make_salt (crypt_method, crypt_arg);
+ cp = pw_encrypt (password, salt);
+ if (NULL == cp) {
+ fprintf (stderr,
+ _("%s: failed to crypt password with salt '%s': %s\n"),
+ Prog, salt, strerror (errno));
+ return 1;
+ }
+ pwd->pw_passwd = cp;
+ }
+
+ return 0;
+}
+#endif /* !USE_PAM */
+
+/*
+ * add_passwd - add or update the encrypted password
+ */
+static int add_passwd (struct passwd *pwd, const char *password)
+{
+ const struct spwd *sp;
+ struct spwd spent;
+ char *cp;
+
+#ifndef USE_PAM
+ void *crypt_arg = NULL;
+ if (crypt_method != NULL) {
+#ifdef USE_SHA_CRYPT
+ if (sflg) {
+ crypt_arg = &sha_rounds;
+ }
+#endif /* USE_SHA_CRYPT */
+ }
+
+ /*
+ * In the case of regular password files, this is real easy - pwd
+ * points to the entry in the password file. Shadow files are
+ * harder since there are zillions of things to do ...
+ */
+ if (!is_shadow) {
+ return update_passwd (pwd, password);
+ }
+#endif /* USE_PAM */
+
+ /*
+ * Do the first and easiest shadow file case. The user already
+ * exists in the shadow password file.
+ */
+ sp = spw_locate (pwd->pw_name);
+#ifndef USE_PAM
+ if (NULL != sp) {
+ spent = *sp;
+ if ( (NULL != crypt_method)
+ && (0 == strcmp(crypt_method, "NONE"))) {
+ spent.sp_pwdp = (char *)password;
+ } else {
+ const char *salt = crypt_make_salt (crypt_method,
+ crypt_arg);
+ cp = pw_encrypt (password, salt);
+ if (NULL == cp) {
+ fprintf (stderr,
+ _("%s: failed to crypt password with salt '%s': %s\n"),
+ Prog, salt, strerror (errno));
+ return 1;
+ }
+ spent.sp_pwdp = cp;
+ }
+ spent.sp_lstchg = (long) gettime () / SCALE;
+ if (0 == spent.sp_lstchg) {
+ /* Better disable aging than requiring a password
+ * change */
+ spent.sp_lstchg = -1;
+ }
+ return (spw_update (&spent) == 0);
+ }
+
+ /*
+ * Pick the next easiest case - the user has an encrypted password
+ * which isn't equal to "x". The password was set to "x" earlier
+ * when the entry was created, so this user would have to have had
+ * the password set someplace else.
+ */
+ if (strcmp (pwd->pw_passwd, "x") != 0) {
+ return update_passwd (pwd, password);
+ }
+#else /* USE_PAM */
+ /*
+ * If there is already a shadow entry, do not touch it.
+ * If there is already a passwd entry with a password, do not
+ * touch it.
+ * The password will be updated later for all users using PAM.
+ */
+ if ( (NULL != sp)
+ || (strcmp (pwd->pw_passwd, "x") != 0)) {
+ return 0;
+ }
+#endif /* USE_PAM */
+
+ /*
+ * Now the really hard case - I need to create an entirely new
+ * shadow password file entry.
+ */
+ spent.sp_namp = pwd->pw_name;
+#ifndef USE_PAM
+ if ((crypt_method != NULL) && (0 == strcmp(crypt_method, "NONE"))) {
+ spent.sp_pwdp = (char *)password;
+ } else {
+ const char *salt = crypt_make_salt (crypt_method, crypt_arg);
+ cp = pw_encrypt (password, salt);
+ if (NULL == cp) {
+ fprintf (stderr,
+ _("%s: failed to crypt password with salt '%s': %s\n"),
+ Prog, salt, strerror (errno));
+ return 1;
+ }
+ spent.sp_pwdp = cp;
+ }
+#else
+ /*
+ * Lock the password.
+ * The password will be updated later for all users using PAM.
+ */
+ spent.sp_pwdp = "!";
+#endif
+ spent.sp_lstchg = (long) gettime () / SCALE;
+ if (0 == spent.sp_lstchg) {
+ /* Better disable aging than requiring a password change */
+ spent.sp_lstchg = -1;
+ }
+ spent.sp_min = getdef_num ("PASS_MIN_DAYS", 0);
+ /* 10000 is infinity this week */
+ spent.sp_max = getdef_num ("PASS_MAX_DAYS", 10000);
+ spent.sp_warn = getdef_num ("PASS_WARN_AGE", -1);
+ spent.sp_inact = -1;
+ spent.sp_expire = -1;
+ spent.sp_flag = SHADOW_SP_FLAG_UNSET;
+
+ return (spw_update (&spent) == 0);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ int c;
+ static struct option long_options[] = {
+#ifndef USE_PAM
+ {"crypt-method", required_argument, NULL, 'c'},
+#endif /* !USE_PAM */
+ {"help", no_argument, NULL, 'h'},
+ {"system", no_argument, NULL, 'r'},
+ {"root", required_argument, NULL, 'R'},
+#ifndef USE_PAM
+#ifdef USE_SHA_CRYPT
+ {"sha-rounds", required_argument, NULL, 's'},
+#endif /* USE_SHA_CRYPT */
+#endif /* !USE_PAM */
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv,
+#ifndef USE_PAM
+#ifdef USE_SHA_CRYPT
+ "c:hrs:",
+#else /* !USE_SHA_CRYPT */
+ "c:hr",
+#endif /* !USE_SHA_CRYPT */
+#else /* USE_PAM */
+ "hr",
+#endif
+ long_options, NULL)) != -1) {
+ switch (c) {
+#ifndef USE_PAM
+ case 'c':
+ crypt_method = optarg;
+ break;
+#endif /* !USE_PAM */
+ case 'h':
+ usage (EXIT_SUCCESS);
+ break;
+ case 'r':
+ rflg = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+#ifndef USE_PAM
+#ifdef USE_SHA_CRYPT
+ case 's':
+ sflg = true;
+ if (getlong(optarg, &sha_rounds) == 0) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (EXIT_FAILURE);
+ }
+ break;
+#endif /* USE_SHA_CRYPT */
+#endif /* !USE_PAM */
+ default:
+ usage (EXIT_FAILURE);
+ break;
+ }
+ }
+
+ if ( (optind != argc)
+ && (optind + 1 != argc)) {
+ usage (EXIT_FAILURE);
+ }
+
+ if (argv[optind] != NULL) {
+ if (freopen (argv[optind], "r", stdin) == NULL) {
+ char buf[BUFSIZ];
+ snprintf (buf, sizeof buf, "%s: %s", Prog, argv[1]);
+ perror (buf);
+ fail_exit (EXIT_FAILURE);
+ }
+ }
+
+ /* validate options */
+ check_flags ();
+}
+
+/*
+ * check_flags - check flags and parameters consistency
+ *
+ * It will not return if an error is encountered.
+ */
+static void check_flags (void)
+{
+#ifndef USE_PAM
+#ifdef USE_SHA_CRYPT
+ if (sflg && !cflg) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+ Prog, "-s", "-c");
+ usage (EXIT_FAILURE);
+ }
+#endif /* USE_SHA_CRYPT */
+
+ if (cflg) {
+ if ( (0 != strcmp (crypt_method, "DES"))
+ && (0 != strcmp (crypt_method, "MD5"))
+ && (0 != strcmp (crypt_method, "NONE"))
+#ifdef USE_SHA_CRYPT
+ && (0 != strcmp (crypt_method, "SHA256"))
+ && (0 != strcmp (crypt_method, "SHA512"))
+#endif /* USE_SHA_CRYPT */
+ ) {
+ fprintf (stderr,
+ _("%s: unsupported crypt method: %s\n"),
+ Prog, crypt_method);
+ usage (EXIT_FAILURE);
+ }
+ }
+#endif /* !USE_PAM */
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ * With PAM support, the setuid bit can be set on groupadd to allow
+ * non-root users to groups.
+ * Without PAM support, only users who can write in the group databases
+ * can add groups.
+ *
+ * It will not return if the user is not allowed.
+ */
+static void check_perms (void)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ int retval;
+ struct passwd *pampw;
+
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (NULL == pampw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ fail_exit (EXIT_FAILURE);
+ }
+
+ retval = pam_start ("newusers", pampw->pw_name, &conv, &pamh);
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ fail_exit (EXIT_FAILURE);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+}
+
+/*
+ * open_files - lock and open the password, group and shadow databases
+ */
+static void open_files (void)
+{
+ /*
+ * Lock the password files and open them for update. This will bring
+ * all of the entries into memory where they may be searched for an
+ * modified, or new entries added. The password file is the key - if
+ * it gets locked, assume the others can be locked right away.
+ */
+ if (pw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+ pw_locked = true;
+ if (is_shadow) {
+ if (spw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, spw_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+ spw_locked = true;
+ }
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+ gr_locked = true;
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+ sgr_locked = true;
+ }
+#endif
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid) {
+ if (sub_uid_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sub_uid_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+ sub_uid_locked = true;
+ }
+ if (is_sub_gid) {
+ if (sub_gid_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sub_gid_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+ sub_gid_locked = true;
+ }
+#endif /* ENABLE_SUBIDS */
+
+ if (pw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+ if (is_shadow && (spw_open (O_CREAT | O_RDWR) == 0)) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+#ifdef SHADOWGRP
+ if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+#endif
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid) {
+ if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sub_uid_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+ }
+ if (is_sub_gid) {
+ if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sub_gid_dbname ());
+ fail_exit (EXIT_FAILURE);
+ }
+ }
+#endif /* ENABLE_SUBIDS */
+}
+
+/*
+ * close_files - close and unlock the password, group and shadow databases
+ */
+static void close_files (void)
+{
+ if (pw_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (EXIT_FAILURE);
+ }
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ pw_locked = false;
+
+ if (is_shadow) {
+ if (spw_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+ fail_exit (EXIT_FAILURE);
+ }
+ if (spw_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ spw_locked = false;
+ }
+
+ if (gr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+ fail_exit (EXIT_FAILURE);
+ }
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid && (sub_uid_close () == 0)) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ()));
+ fail_exit (EXIT_FAILURE);
+ }
+ if (is_sub_gid && (sub_gid_close () == 0)) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ()));
+ fail_exit (EXIT_FAILURE);
+ }
+#endif /* ENABLE_SUBIDS */
+
+ if (gr_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ gr_locked = false;
+
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+ fail_exit (EXIT_FAILURE);
+ }
+ if (sgr_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ sgr_locked = false;
+ }
+#endif
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid) {
+ if (sub_uid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+ /* continue */
+ }
+ sub_uid_locked = false;
+ }
+ if (is_sub_gid) {
+ if (sub_gid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+ /* continue */
+ }
+ sub_gid_locked = false;
+ }
+#endif /* ENABLE_SUBIDS */
+}
+
+int main (int argc, char **argv)
+{
+ char buf[BUFSIZ];
+ char *fields[8];
+ int nfields;
+ char *cp;
+ const struct passwd *pw;
+ struct passwd newpw;
+ int errors = 0;
+ int line = 0;
+ uid_t uid;
+ gid_t gid;
+#ifdef USE_PAM
+ int *lines = NULL;
+ char **usernames = NULL;
+ char **passwords = NULL;
+ unsigned int nusers = 0;
+#endif /* USE_PAM */
+
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ /* FIXME: will not work with an input file */
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("newusers");
+
+ process_flags (argc, argv);
+
+ check_perms ();
+
+ is_shadow = spw_file_present ();
+
+#ifdef SHADOWGRP
+ is_shadow_grp = sgr_file_present ();
+#endif
+#ifdef ENABLE_SUBIDS
+ is_sub_uid = sub_uid_file_present () && !rflg;
+ is_sub_gid = sub_gid_file_present () && !rflg;
+#endif /* ENABLE_SUBIDS */
+
+ open_files ();
+
+ /*
+ * Read each line. The line has the same format as a password file
+ * entry, except that certain fields are not constrained to be
+ * numerical values. If a group ID is entered which does not already
+ * exist, an attempt is made to allocate the same group ID as the
+ * numerical user ID. Should that fail, the next available group ID
+ * over 100 is allocated. The pw_gid field will be updated with that
+ * value.
+ */
+ while (fgets (buf, (int) sizeof buf, stdin) != (char *) 0) {
+ line++;
+ cp = strrchr (buf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ } else {
+ if (feof (stdin) == 0) {
+ fprintf (stderr,
+ _("%s: line %d: line too long\n"),
+ Prog, line);
+ errors++;
+ continue;
+ }
+ }
+
+ /*
+ * Break the string into fields and screw around with them.
+ * There MUST be 7 colon separated fields, although the
+ * values aren't that particular.
+ */
+ for (cp = buf, nfields = 0; nfields < 7; nfields++) {
+ fields[nfields] = cp;
+ cp = strchr (cp, ':');
+ if (NULL != cp) {
+ *cp = '\0';
+ cp++;
+ } else {
+ break;
+ }
+ }
+ if (nfields != 6) {
+ fprintf (stderr, _("%s: line %d: invalid line\n"),
+ Prog, line);
+ errors++;
+ continue;
+ }
+
+ /*
+ * First check if we have to create or update an user
+ */
+ pw = pw_locate (fields[0]);
+ /* local, no need for xgetpwnam */
+ if ( (NULL == pw)
+ && (getpwnam (fields[0]) != NULL)) {
+ fprintf (stderr, _("%s: cannot update the entry of user %s (not in the passwd database)\n"), Prog, fields[0]);
+ errors++;
+ continue;
+ }
+
+ if ( (NULL == pw)
+ && (get_user_id (fields[2], &uid) != 0)) {
+ fprintf (stderr,
+ _("%s: line %d: can't create user\n"),
+ Prog, line);
+ errors++;
+ continue;
+ }
+
+ /*
+ * Processed is the group name. A new group will be
+ * created if the group name is non-numeric and does not
+ * already exist. If the group name is a number (which is not
+ * an existing GID), a group with the same name as the user
+ * will be created, with the given GID. The given or created
+ * group will be the primary group of the user. If
+ * there is no named group to be a member of, the UID will
+ * be figured out and that value will be a candidate for a
+ * new group, if that group ID exists, a whole new group ID
+ * will be made up.
+ */
+ if ( (NULL == pw)
+ && (add_group (fields[0], fields[3], &gid, uid) != 0)) {
+ fprintf (stderr,
+ _("%s: line %d: can't create group\n"),
+ Prog, line);
+ errors++;
+ continue;
+ }
+
+ /*
+ * Now we work on the user ID. It has to be specified either
+ * as a numerical value, or left blank. If it is a numerical
+ * value, that value will be used, otherwise the next
+ * available user ID is computed and used. After this there
+ * will at least be a (struct passwd) for the user.
+ */
+ if ( (NULL == pw)
+ && (add_user (fields[0], uid, gid) != 0)) {
+ fprintf (stderr,
+ _("%s: line %d: can't create user\n"),
+ Prog, line);
+ errors++;
+ continue;
+ }
+
+ /*
+ * The password, gecos field, directory, and shell fields
+ * all come next.
+ */
+ pw = pw_locate (fields[0]);
+ if (NULL == pw) {
+ fprintf (stderr,
+ _("%s: line %d: user '%s' does not exist in %s\n"),
+ Prog, line, fields[0], pw_dbname ());
+ errors++;
+ continue;
+ }
+ newpw = *pw;
+
+#ifdef USE_PAM
+ /* keep the list of user/password for later update by PAM */
+ nusers++;
+ lines = realloc (lines, sizeof (lines[0]) * nusers);
+ usernames = realloc (usernames, sizeof (usernames[0]) * nusers);
+ passwords = realloc (passwords, sizeof (passwords[0]) * nusers);
+ lines[nusers-1] = line;
+ usernames[nusers-1] = strdup (fields[0]);
+ passwords[nusers-1] = strdup (fields[1]);
+#endif /* USE_PAM */
+ if (add_passwd (&newpw, fields[1]) != 0) {
+ fprintf (stderr,
+ _("%s: line %d: can't update password\n"),
+ Prog, line);
+ errors++;
+ continue;
+ }
+ if ('\0' != fields[4][0]) {
+ newpw.pw_gecos = fields[4];
+ }
+
+ if ('\0' != fields[5][0]) {
+ newpw.pw_dir = fields[5];
+ }
+
+ if ('\0' != fields[6][0]) {
+ newpw.pw_shell = fields[6];
+ }
+
+ if ( ('\0' != fields[5][0])
+ && (access (newpw.pw_dir, F_OK) != 0)) {
+/* FIXME: should check for directory */
+ mode_t msk = 0777 & ~getdef_num ("UMASK",
+ GETDEF_DEFAULT_UMASK);
+ if (mkdir (newpw.pw_dir, msk) != 0) {
+ fprintf (stderr,
+ _("%s: line %d: mkdir %s failed: %s\n"),
+ Prog, line, newpw.pw_dir,
+ strerror (errno));
+ } else if (chown (newpw.pw_dir,
+ newpw.pw_uid,
+ newpw.pw_gid) != 0) {
+ fprintf (stderr,
+ _("%s: line %d: chown %s failed: %s\n"),
+ Prog, line, newpw.pw_dir,
+ strerror (errno));
+ }
+ }
+
+ /*
+ * Update the password entry with the new changes made.
+ */
+ if (pw_update (&newpw) == 0) {
+ fprintf (stderr,
+ _("%s: line %d: can't update entry\n"),
+ Prog, line);
+ errors++;
+ continue;
+ }
+
+#ifdef ENABLE_SUBIDS
+ /*
+ * Add subordinate uids if the user does not have them.
+ */
+ if (is_sub_uid && !sub_uid_assigned(fields[0])) {
+ uid_t sub_uid_start = 0;
+ unsigned long sub_uid_count = 0;
+ if (find_new_sub_uids(fields[0], &sub_uid_start, &sub_uid_count) == 0) {
+ if (sub_uid_add(fields[0], sub_uid_start, sub_uid_count) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare new %s entry\n"),
+ Prog, sub_uid_dbname ());
+ }
+ } else {
+ fprintf (stderr,
+ _("%s: can't find subordinate user range\n"),
+ Prog);
+ errors++;
+ }
+ }
+
+ /*
+ * Add subordinate gids if the user does not have them.
+ */
+ if (is_sub_gid && !sub_gid_assigned(fields[0])) {
+ gid_t sub_gid_start = 0;
+ unsigned long sub_gid_count = 0;
+ if (find_new_sub_gids(fields[0], &sub_gid_start, &sub_gid_count) == 0) {
+ if (sub_gid_add(fields[0], sub_gid_start, sub_gid_count) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare new %s entry\n"),
+ Prog, sub_uid_dbname ());
+ }
+ } else {
+ fprintf (stderr,
+ _("%s: can't find subordinate group range\n"),
+ Prog);
+ errors++;
+ }
+ }
+#endif /* ENABLE_SUBIDS */
+ }
+
+ /*
+ * Any detected errors will cause the entire set of changes to be
+ * aborted. Unlocking the password file will cause all of the
+ * changes to be ignored. Otherwise the file is closed, causing the
+ * changes to be written out all at once, and then unlocked
+ * afterwards.
+ */
+ if (0 != errors) {
+ fprintf (stderr,
+ _("%s: error detected, changes ignored\n"), Prog);
+ fail_exit (EXIT_FAILURE);
+ }
+
+ close_files ();
+
+ nscd_flush_cache ("passwd");
+ nscd_flush_cache ("group");
+
+#ifdef USE_PAM
+ unsigned int i;
+ /* Now update the passwords using PAM */
+ for (i = 0; i < nusers; i++) {
+ if (do_pam_passwd_non_interractive ("newusers", usernames[i], passwords[i]) != 0) {
+ fprintf (stderr,
+ _("%s: (line %d, user %s) password not changed\n"),
+ Prog, lines[i], usernames[i]);
+ errors++;
+ }
+ }
+#endif /* USE_PAM */
+
+ return ((0 == errors) ? EXIT_SUCCESS : EXIT_FAILURE);
+}
+
diff --git a/src/nologin.c b/src/nologin.c
new file mode 100644
index 0000000..7fe8a6a
--- /dev/null
+++ b/src/nologin.c
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2004 The FreeBSD Project.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <syslog.h>
+#include <unistd.h>
+
+int main (void)
+{
+ const char *user, *tty;
+
+ tty = ttyname (0);
+ if (NULL == tty) {
+ tty = "UNKNOWN";
+ }
+ user = getlogin ();
+ if (NULL == user) {
+ user = "UNKNOWN";
+ }
+ openlog ("nologin", LOG_CONS, LOG_AUTH);
+ syslog (LOG_CRIT, "Attempted login by %s on %s", user, tty);
+ closelog ();
+
+ printf ("%s", "This account is currently not available.\n");
+
+ return EXIT_FAILURE;
+}
diff --git a/src/passwd.c b/src/passwd.c
new file mode 100644
index 0000000..3af3e65
--- /dev/null
+++ b/src/passwd.c
@@ -0,0 +1,1168 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/flask.h>
+#include <selinux/av_permissions.h>
+#include <selinux/context.h>
+#endif /* WITH_SELINUX */
+#include <time.h>
+#include "defines.h"
+#include "getdef.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+#include "shadowio.h"
+
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS 0 /* success */
+#define E_NOPERM 1 /* permission denied */
+#define E_USAGE 2 /* invalid combination of options */
+#define E_FAILURE 3 /* unexpected failure, nothing done */
+#define E_MISSING 4 /* unexpected failure, passwd file missing */
+#define E_PWDBUSY 5 /* passwd file busy, try again later */
+#define E_BAD_ARG 6 /* invalid argument to option */
+/*
+ * Global variables
+ */
+const char *Prog; /* Program name */
+
+static char *name; /* The name of user whose password is being changed */
+static char *myname; /* The current user's name */
+static bool amroot; /* The caller's real UID was 0 */
+
+static bool
+ aflg = false, /* -a - show status for all users */
+ dflg = false, /* -d - delete password */
+ eflg = false, /* -e - force password change */
+ iflg = false, /* -i - set inactive days */
+ kflg = false, /* -k - change only if expired */
+ lflg = false, /* -l - lock the user's password */
+ nflg = false, /* -n - set minimum days */
+ qflg = false, /* -q - quiet mode */
+ Sflg = false, /* -S - show password status */
+ uflg = false, /* -u - unlock the user's password */
+ wflg = false, /* -w - set warning days */
+ xflg = false; /* -x - set maximum days */
+
+/*
+ * set to 1 if there are any flags which require root privileges,
+ * and require username to be specified
+ */
+static bool anyflag = false;
+
+static long age_min = 0; /* Minimum days before change */
+static long age_max = 0; /* Maximum days until change */
+static long warn = 0; /* Warning days before change */
+static long inact = 0; /* Days without change before locked */
+
+#ifndef USE_PAM
+static bool do_update_age = false;
+#endif /* ! USE_PAM */
+
+static bool pw_locked = false;
+static bool spw_locked = false;
+
+#ifndef USE_PAM
+/*
+ * Size of the biggest passwd:
+ * $6$ 3
+ * rounds= 7
+ * 999999999 9
+ * $ 1
+ * salt 16
+ * $ 1
+ * SHA512 123
+ * nul 1
+ *
+ * total 161
+ */
+static char crypt_passwd[256];
+static bool do_update_pwd = false;
+#endif /* !USE_PAM */
+
+/*
+ * External identifiers
+ */
+
+/* local function prototypes */
+static /*@noreturn@*/void usage (int);
+
+#ifndef USE_PAM
+static bool reuse (const char *, const struct passwd *);
+static int new_password (const struct passwd *);
+
+static void check_password (const struct passwd *, const struct spwd *);
+#endif /* !USE_PAM */
+static /*@observer@*/const char *date_to_str (time_t);
+static /*@observer@*/const char *pw_status (const char *);
+static void print_status (const struct passwd *);
+static /*@noreturn@*/void fail_exit (int);
+static /*@noreturn@*/void oom (void);
+static char *update_crypt_pw (char *);
+static void update_noshadow (void);
+
+static void update_shadow (void);
+#ifdef WITH_SELINUX
+static int check_selinux_access (const char *changed_user,
+ uid_t changed_uid,
+ access_vector_t requested_access);
+#endif /* WITH_SELINUX */
+
+/*
+ * usage - print command usage and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options] [LOGIN]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -a, --all report password status on all accounts\n"), usageout);
+ (void) fputs (_(" -d, --delete delete the password for the named account\n"), usageout);
+ (void) fputs (_(" -e, --expire force expire the password for the named account\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -k, --keep-tokens change password only if expired\n"), usageout);
+ (void) fputs (_(" -i, --inactive INACTIVE set password inactive after expiration\n"
+ " to INACTIVE\n"), usageout);
+ (void) fputs (_(" -l, --lock lock the password of the named account\n"), usageout);
+ (void) fputs (_(" -n, --mindays MIN_DAYS set minimum number of days before password\n"
+ " change to MIN_DAYS\n"), usageout);
+ (void) fputs (_(" -q, --quiet quiet mode\n"), usageout);
+ (void) fputs (_(" -r, --repository REPOSITORY change password in REPOSITORY repository\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -S, --status report password status on the named account\n"), usageout);
+ (void) fputs (_(" -u, --unlock unlock the password of the named account\n"), usageout);
+ (void) fputs (_(" -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"), usageout);
+ (void) fputs (_(" -x, --maxdays MAX_DAYS set maximum number of days before password\n"
+ " change to MAX_DAYS\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+#ifndef USE_PAM
+static bool reuse (const char *pass, const struct passwd *pw)
+{
+#ifdef HAVE_LIBCRACK_HIST
+ const char *reason;
+
+#ifdef HAVE_LIBCRACK_PW
+ const char *FascistHistoryPw (const char *, const struct passwd *);
+
+ reason = FascistHistory (pass, pw);
+#else /* !HAVE_LIBCRACK_PW */
+ const char *FascistHistory (const char *, int);
+
+ reason = FascistHistory (pass, pw->pw_uid);
+#endif /* !HAVE_LIBCRACK_PW */
+ if (NULL != reason) {
+ (void) printf (_("Bad password: %s. "), reason);
+ return true;
+ }
+#endif /* HAVE_LIBCRACK_HIST */
+ return false;
+}
+
+/*
+ * new_password - validate old password and replace with new (both old and
+ * new in global "char crypt_passwd[128]")
+ */
+static int new_password (const struct passwd *pw)
+{
+ char *clear; /* Pointer to clear text */
+ char *cipher; /* Pointer to cipher text */
+ const char *salt; /* Pointer to new salt */
+ char *cp; /* Pointer to getpass() response */
+ char orig[200]; /* Original password */
+ char pass[200]; /* New password */
+ int i; /* Counter for retries */
+ bool warned;
+ int pass_max_len = -1;
+ const char *method;
+
+#ifdef HAVE_LIBCRACK_HIST
+ int HistUpdate (const char *, const char *);
+#endif /* HAVE_LIBCRACK_HIST */
+
+ /*
+ * Authenticate the user. The user will be prompted for their own
+ * password.
+ */
+
+ if (!amroot && ('\0' != crypt_passwd[0])) {
+ clear = getpass (_("Old password: "));
+ if (NULL == clear) {
+ return -1;
+ }
+
+ cipher = pw_encrypt (clear, crypt_passwd);
+
+ if (NULL == cipher) {
+ strzero (clear);
+ fprintf (stderr,
+ _("%s: failed to crypt password with previous salt: %s\n"),
+ Prog, strerror (errno));
+ SYSLOG ((LOG_INFO,
+ "Failed to crypt password with previous salt of user '%s'",
+ pw->pw_name));
+ return -1;
+ }
+
+ if (strcmp (cipher, crypt_passwd) != 0) {
+ strzero (clear);
+ strzero (cipher);
+ SYSLOG ((LOG_WARN, "incorrect password for %s",
+ pw->pw_name));
+ (void) sleep (1);
+ (void) fprintf (stderr,
+ _("Incorrect password for %s.\n"),
+ pw->pw_name);
+ return -1;
+ }
+ STRFCPY (orig, clear);
+ strzero (clear);
+ strzero (cipher);
+ } else {
+ orig[0] = '\0';
+ }
+
+ /*
+ * Get the new password. The user is prompted for the new password
+ * and has five tries to get it right. The password will be tested
+ * for strength, unless it is the root user. This provides an escape
+ * for initial login passwords.
+ */
+ method = getdef_str ("ENCRYPT_METHOD");
+ if (NULL == method) {
+ if (!getdef_bool ("MD5_CRYPT_ENAB")) {
+ pass_max_len = getdef_num ("PASS_MAX_LEN", 8);
+ }
+ } else {
+ if ( (strcmp (method, "MD5") == 0)
+#ifdef USE_SHA_CRYPT
+ || (strcmp (method, "SHA256") == 0)
+ || (strcmp (method, "SHA512") == 0)
+#endif /* USE_SHA_CRYPT */
+ ) {
+ pass_max_len = -1;
+ } else {
+ pass_max_len = getdef_num ("PASS_MAX_LEN", 8);
+ }
+ }
+ if (!qflg) {
+ if (pass_max_len == -1) {
+ (void) printf (_(
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"),
+ getdef_num ("PASS_MIN_LEN", 5));
+ } else {
+ (void) printf (_(
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"),
+ getdef_num ("PASS_MIN_LEN", 5), pass_max_len);
+ }
+ }
+
+ warned = false;
+ for (i = getdef_num ("PASS_CHANGE_TRIES", 5); i > 0; i--) {
+ cp = getpass (_("New password: "));
+ if (NULL == cp) {
+ memzero (orig, sizeof orig);
+ return -1;
+ }
+ if (warned && (strcmp (pass, cp) != 0)) {
+ warned = false;
+ }
+ STRFCPY (pass, cp);
+ strzero (cp);
+
+ if (!amroot && (!obscure (orig, pass, pw) || reuse (pass, pw))) {
+ (void) puts (_("Try again."));
+ continue;
+ }
+
+ /*
+ * If enabled, warn about weak passwords even if you are
+ * root (enter this password again to use it anyway).
+ * --marekm
+ */
+ if (amroot && !warned && getdef_bool ("PASS_ALWAYS_WARN")
+ && (!obscure (orig, pass, pw) || reuse (pass, pw))) {
+ (void) puts (_("\nWarning: weak password (enter it again to use it anyway)."));
+ warned = true;
+ continue;
+ }
+ cp = getpass (_("Re-enter new password: "));
+ if (NULL == cp) {
+ memzero (orig, sizeof orig);
+ return -1;
+ }
+ if (strcmp (cp, pass) != 0) {
+ (void) fputs (_("They don't match; try again.\n"), stderr);
+ } else {
+ strzero (cp);
+ break;
+ }
+ }
+ memzero (orig, sizeof orig);
+
+ if (i == 0) {
+ memzero (pass, sizeof pass);
+ return -1;
+ }
+
+ /*
+ * Encrypt the password, then wipe the cleartext password.
+ */
+ salt = crypt_make_salt (NULL, NULL);
+ cp = pw_encrypt (pass, salt);
+ memzero (pass, sizeof pass);
+
+ if (NULL == cp) {
+ fprintf (stderr,
+ _("%s: failed to crypt password with salt '%s': %s\n"),
+ Prog, salt, strerror (errno));
+ return -1;
+ }
+
+#ifdef HAVE_LIBCRACK_HIST
+ HistUpdate (pw->pw_name, crypt_passwd);
+#endif /* HAVE_LIBCRACK_HIST */
+ STRFCPY (crypt_passwd, cp);
+ return 0;
+}
+
+/*
+ * check_password - test a password to see if it can be changed
+ *
+ * check_password() sees if the invoker has permission to change the
+ * password for the given user.
+ */
+static void check_password (const struct passwd *pw, const struct spwd *sp)
+{
+ time_t now;
+ int exp_status;
+
+ exp_status = isexpired (pw, sp);
+
+ /*
+ * If not expired and the "change only if expired" option (idea from
+ * PAM) was specified, do nothing. --marekm
+ */
+ if (kflg && (0 == exp_status)) {
+ exit (E_SUCCESS);
+ }
+
+ /*
+ * Root can change any password any time.
+ */
+ if (amroot) {
+ return;
+ }
+
+ (void) time (&now);
+
+ /*
+ * Expired accounts cannot be changed ever. Passwords which are
+ * locked may not be changed. Passwords where min > max may not be
+ * changed. Passwords which have been inactive too long cannot be
+ * changed.
+ */
+ if ( (sp->sp_pwdp[0] == '!')
+ || (exp_status > 1)
+ || ( (sp->sp_max >= 0)
+ && (sp->sp_min > sp->sp_max))) {
+ (void) fprintf (stderr,
+ _("The password for %s cannot be changed.\n"),
+ sp->sp_namp);
+ SYSLOG ((LOG_WARN, "password locked for '%s'", sp->sp_namp));
+ closelog ();
+ exit (E_NOPERM);
+ }
+
+ /*
+ * Passwords may only be changed after sp_min time is up.
+ */
+ if (sp->sp_lstchg > 0) {
+ time_t ok;
+ ok = (time_t) sp->sp_lstchg * SCALE;
+ if (sp->sp_min > 0) {
+ ok += (time_t) sp->sp_min * SCALE;
+ }
+
+ if (now < ok) {
+ (void) fprintf (stderr,
+ _("The password for %s cannot be changed yet.\n"),
+ pw->pw_name);
+ SYSLOG ((LOG_WARN, "now < minimum age for '%s'", pw->pw_name));
+ closelog ();
+ exit (E_NOPERM);
+ }
+ }
+}
+#endif /* !USE_PAM */
+
+static /*@observer@*/const char *date_to_str (time_t t)
+{
+ static char buf[80];
+ struct tm *tm;
+
+ tm = gmtime (&t);
+#ifdef HAVE_STRFTIME
+ (void) strftime (buf, sizeof buf, "%m/%d/%Y", tm);
+#else /* !HAVE_STRFTIME */
+ (void) snprintf (buf, sizeof buf, "%02d/%02d/%04d",
+ tm->tm_mon + 1, tm->tm_mday, tm->tm_year + 1900);
+#endif /* !HAVE_STRFTIME */
+ return buf;
+}
+
+static /*@observer@*/const char *pw_status (const char *pass)
+{
+ if (*pass == '*' || *pass == '!') {
+ return "L";
+ }
+ if (*pass == '\0') {
+ return "NP";
+ }
+ return "P";
+}
+
+/*
+ * print_status - print current password status
+ */
+static void print_status (const struct passwd *pw)
+{
+ struct spwd *sp;
+
+ sp = getspnam (pw->pw_name); /* local, no need for xgetspnam */
+ if (NULL != sp) {
+ (void) printf ("%s %s %s %lld %lld %lld %lld\n",
+ pw->pw_name,
+ pw_status (sp->sp_pwdp),
+ date_to_str (sp->sp_lstchg * SCALE),
+ ((long long)sp->sp_min * SCALE) / DAY,
+ ((long long)sp->sp_max * SCALE) / DAY,
+ ((long long)sp->sp_warn * SCALE) / DAY,
+ ((long long)sp->sp_inact * SCALE) / DAY);
+ } else {
+ (void) printf ("%s %s\n",
+ pw->pw_name, pw_status (pw->pw_passwd));
+ }
+}
+
+
+static /*@noreturn@*/void fail_exit (int status)
+{
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ }
+
+ if (spw_locked) {
+ if (spw_unlock () == 0) {
+ (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ }
+
+ exit (status);
+}
+
+static /*@noreturn@*/void oom (void)
+{
+ (void) fprintf (stderr, _("%s: out of memory\n"), Prog);
+ fail_exit (E_FAILURE);
+}
+
+static char *update_crypt_pw (char *cp)
+{
+#ifndef USE_PAM
+ if (do_update_pwd) {
+ cp = xstrdup (crypt_passwd);
+ }
+#endif /* !USE_PAM */
+
+ if (dflg) {
+ *cp = '\0';
+ }
+
+ if (uflg && *cp == '!') {
+ if (cp[1] == '\0') {
+ (void) fprintf (stderr,
+ _("%s: unlocking the password would result in a passwordless account.\n"
+ "You should set a password with usermod -p to unlock the password of this account.\n"),
+ Prog);
+ fail_exit (E_FAILURE);
+ } else {
+ cp++;
+ }
+ }
+
+ if (lflg && *cp != '!') {
+ char *newpw = xmalloc (strlen (cp) + 2);
+
+ strcpy (newpw, "!");
+ strcat (newpw, cp);
+ cp = newpw;
+ }
+ return cp;
+}
+
+
+static void update_noshadow (void)
+{
+ const struct passwd *pw;
+ struct passwd *npw;
+
+ if (pw_lock () == 0) {
+ (void) fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ exit (E_PWDBUSY);
+ }
+ pw_locked = true;
+ if (pw_open (O_CREAT | O_RDWR) == 0) {
+ (void) fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, pw_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
+ fail_exit (E_MISSING);
+ }
+ pw = pw_locate (name);
+ if (NULL == pw) {
+ (void) fprintf (stderr,
+ _("%s: user '%s' does not exist in %s\n"),
+ Prog, name, pw_dbname ());
+ fail_exit (E_NOPERM);
+ }
+ npw = __pw_dup (pw);
+ if (NULL == npw) {
+ oom ();
+ }
+ npw->pw_passwd = update_crypt_pw (npw->pw_passwd);
+ if (pw_update (npw) == 0) {
+ (void) fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, pw_dbname (), npw->pw_name);
+ fail_exit (E_FAILURE);
+ }
+ if (pw_close () == 0) {
+ (void) fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (E_FAILURE);
+ }
+ if (pw_unlock () == 0) {
+ (void) fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ pw_locked = false;
+}
+
+static void update_shadow (void)
+{
+ const struct spwd *sp;
+ struct spwd *nsp;
+
+ if (spw_lock () == 0) {
+ (void) fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, spw_dbname ());
+ exit (E_PWDBUSY);
+ }
+ spw_locked = true;
+ if (spw_open (O_CREAT | O_RDWR) == 0) {
+ (void) fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, spw_dbname ());
+ SYSLOG ((LOG_WARN, "cannot open %s", spw_dbname ()));
+ fail_exit (E_FAILURE);
+ }
+ sp = spw_locate (name);
+ if (NULL == sp) {
+ /* Try to update the password in /etc/passwd instead. */
+ (void) spw_close ();
+ update_noshadow ();
+ if (spw_unlock () == 0) {
+ (void) fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ spw_locked = false;
+ return;
+ }
+ nsp = __spw_dup (sp);
+ if (NULL == nsp) {
+ oom ();
+ }
+ nsp->sp_pwdp = update_crypt_pw (nsp->sp_pwdp);
+ if (xflg) {
+ nsp->sp_max = (age_max * DAY) / SCALE;
+ }
+ if (nflg) {
+ nsp->sp_min = (age_min * DAY) / SCALE;
+ }
+ if (wflg) {
+ nsp->sp_warn = (warn * DAY) / SCALE;
+ }
+ if (iflg) {
+ nsp->sp_inact = (inact * DAY) / SCALE;
+ }
+#ifndef USE_PAM
+ if (do_update_age) {
+ nsp->sp_lstchg = (long) gettime () / SCALE;
+ if (0 == nsp->sp_lstchg) {
+ /* Better disable aging than requiring a password
+ * change */
+ nsp->sp_lstchg = -1;
+ }
+ }
+#endif /* !USE_PAM */
+
+ /*
+ * Force change on next login, like SunOS 4.x passwd -e or Solaris
+ * 2.x passwd -f. Solaris 2.x seems to do the same thing (set
+ * sp_lstchg to 0).
+ */
+ if (eflg) {
+ nsp->sp_lstchg = 0;
+ }
+
+ if (spw_update (nsp) == 0) {
+ (void) fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, spw_dbname (), nsp->sp_namp);
+ fail_exit (E_FAILURE);
+ }
+ if (spw_close () == 0) {
+ (void) fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+ fail_exit (E_FAILURE);
+ }
+ if (spw_unlock () == 0) {
+ (void) fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ spw_locked = false;
+}
+
+#ifdef WITH_SELINUX
+static int check_selinux_access (const char *changed_user,
+ uid_t changed_uid,
+ access_vector_t requested_access)
+{
+ int status = -1;
+ security_context_t user_context;
+ context_t c;
+ const char *user;
+
+ /* if in permissive mode then allow the operation */
+ if (security_getenforce() == 0) {
+ return 0;
+ }
+
+ /* get the context of the process which executed passwd */
+ if (getprevcon(&user_context) != 0) {
+ return -1;
+ }
+
+ /* get the "user" portion of the context (the part before the first
+ colon) */
+ c = context_new(user_context);
+ user = context_user_get(c);
+
+ /* if changing a password for an account with UID==0 or for an account
+ where the identity matches then return success */
+ if (changed_uid != 0 && strcmp(changed_user, user) == 0) {
+ status = 0;
+ } else {
+ struct av_decision avd;
+ int retval;
+ retval = security_compute_av(user_context,
+ user_context,
+ SECCLASS_PASSWD,
+ requested_access,
+ &avd);
+ if ((retval == 0) &&
+ ((requested_access & avd.allowed) == requested_access)) {
+ status = 0;
+ }
+ }
+ context_free(c);
+ freecon(user_context);
+ return status;
+}
+
+#endif /* WITH_SELINUX */
+
+/*
+ * passwd - change a user's password file information
+ *
+ * This command controls the password file and commands which are used
+ * to modify it.
+ *
+ * The valid options are
+ *
+ * -d delete the password for the named account (*)
+ * -e expire the password for the named account (*)
+ * -f execute chfn command to interpret flags
+ * -g execute gpasswd command to interpret flags
+ * -i # set sp_inact to # days (*)
+ * -k change password only if expired
+ * -l lock the password of the named account (*)
+ * -n # set sp_min to # days (*)
+ * -r # change password in # repository
+ * -s execute chsh command to interpret flags
+ * -S show password status of named account
+ * -u unlock the password of the named account (*)
+ * -w # set sp_warn to # days (*)
+ * -x # set sp_max to # days (*)
+ *
+ * (*) requires root permission to execute.
+ *
+ * All of the time fields are entered in days and converted to the
+ * appropriate internal format. For finer resolute the chage
+ * command must be used.
+ */
+int main (int argc, char **argv)
+{
+ const struct passwd *pw; /* Password file entry for user */
+
+#ifndef USE_PAM
+ char *cp; /* Miscellaneous character pointing */
+
+ const struct spwd *sp; /* Shadow file entry for user */
+#endif /* !USE_PAM */
+
+ sanitize_env ();
+
+ /*
+ * Get the program name. The program name is used as a prefix to
+ * most error messages.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ /*
+ * The program behaves differently when executed by root than when
+ * executed by a normal user.
+ */
+ amroot = (getuid () == 0);
+
+ OPENLOG ("passwd");
+
+ {
+ /*
+ * Parse the command line options.
+ */
+ int c;
+ static struct option long_options[] = {
+ {"all", no_argument, NULL, 'a'},
+ {"delete", no_argument, NULL, 'd'},
+ {"expire", no_argument, NULL, 'e'},
+ {"help", no_argument, NULL, 'h'},
+ {"inactive", required_argument, NULL, 'i'},
+ {"keep-tokens", no_argument, NULL, 'k'},
+ {"lock", no_argument, NULL, 'l'},
+ {"mindays", required_argument, NULL, 'n'},
+ {"quiet", no_argument, NULL, 'q'},
+ {"repository", required_argument, NULL, 'r'},
+ {"root", required_argument, NULL, 'R'},
+ {"status", no_argument, NULL, 'S'},
+ {"unlock", no_argument, NULL, 'u'},
+ {"warndays", required_argument, NULL, 'w'},
+ {"maxdays", required_argument, NULL, 'x'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "adehi:kln:qr:R:Suw:x:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'a':
+ aflg = true;
+ break;
+ case 'd':
+ dflg = true;
+ anyflag = true;
+ break;
+ case 'e':
+ eflg = true;
+ anyflag = true;
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'i':
+ if ( (getlong (optarg, &inact) == 0)
+ || (inact < -1)) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (E_BAD_ARG);
+ }
+ iflg = true;
+ anyflag = true;
+ break;
+ case 'k':
+ /* change only if expired, like Linux-PAM passwd -k. */
+ kflg = true; /* ok for users */
+ break;
+ case 'l':
+ lflg = true;
+ anyflag = true;
+ break;
+ case 'n':
+ if ( (getlong (optarg, &age_min) == 0)
+ || (age_min < -1)) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (E_BAD_ARG);
+ }
+ nflg = true;
+ anyflag = true;
+ break;
+ case 'q':
+ qflg = true; /* ok for users */
+ break;
+ case 'r':
+ /* -r repository (files|nis|nisplus) */
+ /* only "files" supported for now */
+ if (strcmp (optarg, "files") != 0) {
+ fprintf (stderr,
+ _("%s: repository %s not supported\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 'S':
+ Sflg = true; /* ok for users */
+ break;
+ case 'u':
+ uflg = true;
+ anyflag = true;
+ break;
+ case 'w':
+ if ( (getlong (optarg, &warn) == 0)
+ || (warn < -1)) {
+ (void) fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (E_BAD_ARG);
+ }
+ wflg = true;
+ anyflag = true;
+ break;
+ case 'x':
+ if ( (getlong (optarg, &age_max) == 0)
+ || (age_max < -1)) {
+ (void) fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (E_BAD_ARG);
+ }
+ xflg = true;
+ anyflag = true;
+ break;
+ default:
+ usage (E_BAD_ARG);
+ }
+ }
+ }
+
+ /*
+ * Now I have to get the user name. The name will be gotten from the
+ * command line if possible. Otherwise it is figured out from the
+ * environment.
+ */
+ pw = get_my_pwent ();
+ if (NULL == pw) {
+ (void) fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+ (unsigned long) getuid ()));
+ exit (E_NOPERM);
+ }
+ myname = xstrdup (pw->pw_name);
+ if (optind < argc) {
+ name = argv[optind];
+ } else {
+ name = myname;
+ }
+
+ /*
+ * Make sure that at most one username was specified.
+ */
+ if (argc > (optind+1)) {
+ usage (E_USAGE);
+ }
+
+ /*
+ * The -a flag requires -S, no other flags, no username, and
+ * you must be root. --marekm
+ */
+ if (aflg) {
+ if (anyflag || !Sflg || (optind < argc)) {
+ usage (E_USAGE);
+ }
+ if (!amroot) {
+ (void) fprintf (stderr,
+ _("%s: Permission denied.\n"),
+ Prog);
+ exit (E_NOPERM);
+ }
+ setpwent ();
+ while ( (pw = getpwent ()) != NULL ) {
+ print_status (pw);
+ }
+ endpwent ();
+ exit (E_SUCCESS);
+ }
+#if 0
+ /*
+ * Allow certain users (administrators) to change passwords of
+ * certain users. Not implemented yet. --marekm
+ */
+ if (may_change_passwd (myname, name))
+ amroot = 1;
+#endif
+
+ /*
+ * If any of the flags were given, a user name must be supplied on
+ * the command line. Only an unadorned command line doesn't require
+ * the user's name be given. Also, -x, -n, -w, -i, -e, -d,
+ * -l, -u may appear with each other. -S, -k must appear alone.
+ */
+
+ /*
+ * -S now ok for normal users (check status of my own account), and
+ * doesn't require username. --marekm
+ */
+ if (anyflag && optind >= argc) {
+ usage (E_USAGE);
+ }
+
+ if ( (Sflg && kflg)
+ || (anyflag && (Sflg || kflg))) {
+ usage (E_USAGE);
+ }
+
+ if (anyflag && !amroot) {
+ (void) fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+ exit (E_NOPERM);
+ }
+
+ pw = xgetpwnam (name);
+ if (NULL == pw) {
+ (void) fprintf (stderr,
+ _("%s: user '%s' does not exist\n"),
+ Prog, name);
+ exit (E_NOPERM);
+ }
+#ifdef WITH_SELINUX
+ /* only do this check when getuid()==0 because it's a pre-condition for
+ changing a password without entering the old one */
+ if ((is_selinux_enabled() > 0) && (getuid() == 0) &&
+ (check_selinux_access (name, pw->pw_uid, PASSWD__PASSWD) != 0)) {
+ security_context_t user_context = NULL;
+ const char *user = "Unknown user context";
+ if (getprevcon (&user_context) == 0) {
+ user = user_context; /* FIXME: use context_user_get? */
+ }
+ SYSLOG ((LOG_ALERT,
+ "%s is not authorized to change the password of %s",
+ user, name));
+ (void) fprintf(stderr,
+ _("%s: %s is not authorized to change the password of %s\n"),
+ Prog, user, name);
+ if (NULL != user_context) {
+ freecon (user_context);
+ }
+ exit (E_NOPERM);
+ }
+#endif /* WITH_SELINUX */
+
+ /*
+ * If the UID of the user does not match the current real UID,
+ * check if I'm root.
+ */
+ if (!amroot && (pw->pw_uid != getuid ())) {
+ (void) fprintf (stderr,
+ _("%s: You may not view or modify password information for %s.\n"),
+ Prog, name);
+ SYSLOG ((LOG_WARN,
+ "%s: can't view or modify password information for %s",
+ Prog, name));
+ closelog ();
+ exit (E_NOPERM);
+ }
+
+ if (Sflg) {
+ print_status (pw);
+ exit (E_SUCCESS);
+ }
+#ifndef USE_PAM
+ /*
+ * The user name is valid, so let's get the shadow file entry.
+ */
+ sp = getspnam (name); /* !USE_PAM, no need for xgetspnam */
+ if (NULL == sp) {
+ if (errno == EACCES) {
+ (void) fprintf (stderr,
+ _("%s: Permission denied.\n"),
+ Prog);
+ exit (E_NOPERM);
+ }
+ sp = pwd_to_spwd (pw);
+ }
+
+ cp = sp->sp_pwdp;
+
+ /*
+ * If there are no other flags, just change the password.
+ */
+ if (!anyflag) {
+ STRFCPY (crypt_passwd, cp);
+
+ /*
+ * See if the user is permitted to change the password.
+ * Otherwise, go ahead and set a new password.
+ */
+ check_password (pw, sp);
+
+ /*
+ * Let the user know whose password is being changed.
+ */
+ if (!qflg) {
+ (void) printf (_("Changing password for %s\n"), name);
+ }
+
+ if (new_password (pw) != 0) {
+ (void) fprintf (stderr,
+ _("The password for %s is unchanged.\n"),
+ name);
+ closelog ();
+ exit (E_NOPERM);
+ }
+ do_update_pwd = true;
+ do_update_age = true;
+ }
+#endif /* !USE_PAM */
+ /*
+ * Before going any further, raise the ulimit to prevent colliding
+ * into a lowered ulimit, and set the real UID to root to protect
+ * against unexpected signals. Any keyboard signals are set to be
+ * ignored.
+ */
+ pwd_init ();
+
+#ifdef USE_PAM
+ /*
+ * Don't set the real UID for PAM...
+ */
+ if (!anyflag) {
+ do_pam_passwd (name, qflg, kflg);
+ exit (E_SUCCESS);
+ }
+#endif /* USE_PAM */
+ if (setuid (0) != 0) {
+ (void) fputs (_("Cannot change ID to root.\n"), stderr);
+ SYSLOG ((LOG_ERR, "can't setuid(0)"));
+ closelog ();
+ exit (E_NOPERM);
+ }
+ if (spw_file_present ()) {
+ update_shadow ();
+ } else {
+ update_noshadow ();
+ }
+
+ nscd_flush_cache ("passwd");
+ nscd_flush_cache ("group");
+
+ SYSLOG ((LOG_INFO, "password for '%s' changed by '%s'", name, myname));
+ closelog ();
+ if (!qflg) {
+ if (!anyflag) {
+#ifndef USE_PAM
+ (void) printf (_("%s: password changed.\n"), Prog);
+#endif /* USE_PAM */
+ } else {
+ (void) printf (_("%s: password expiry information changed.\n"), Prog);
+ }
+ }
+
+ return E_SUCCESS;
+}
+
diff --git a/src/pwck.c b/src/pwck.c
new file mode 100644
index 0000000..523135f
--- /dev/null
+++ b/src/pwck.c
@@ -0,0 +1,893 @@
+/*
+ * Copyright (c) 1992 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 , Michał Moskal
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <getopt.h>
+#include "chkname.h"
+#include "commonio.h"
+#include "defines.h"
+#include "prototypes.h"
+#include "pwio.h"
+#include "shadowio.h"
+#include "getdef.h"
+#include "nscd.h"
+#ifdef WITH_TCB
+#include "tcbfuncs.h"
+#endif /* WITH_TCB */
+
+/*
+ * Exit codes
+ */
+/*@-exitarg@*/
+#define E_OKAY 0
+#define E_SUCCESS 0
+#define E_USAGE 1
+#define E_BADENTRY 2
+#define E_CANTOPEN 3
+#define E_CANTLOCK 4
+#define E_CANTUPDATE 5
+#define E_CANTSORT 6
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool use_system_pw_file = true;
+static bool use_system_spw_file = true;
+
+static bool is_shadow = false;
+
+static bool spw_opened = false;
+
+static bool pw_locked = false;
+static bool spw_locked = false;
+
+/* Options */
+static bool read_only = false;
+static bool sort_mode = false;
+static bool quiet = false; /* don't report warnings, only errors */
+
+/* local function prototypes */
+static void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
+static void process_flags (int argc, char **argv);
+static void open_files (void);
+static void close_files (bool changed);
+static void check_pw_file (int *errors, bool *changed);
+static void check_spw_file (int *errors, bool *changed);
+
+/*
+ * fail_exit - do some cleanup and exit with the given error code
+ */
+static void fail_exit (int code)
+{
+ if (spw_locked) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ if (use_system_spw_file) {
+ SYSLOG ((LOG_ERR, "failed to unlock %s",
+ spw_dbname ()));
+ }
+ /* continue */
+ }
+ }
+
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ if (use_system_pw_file) {
+ SYSLOG ((LOG_ERR, "failed to unlock %s",
+ pw_dbname ()));
+ }
+ /* continue */
+ }
+ }
+
+ closelog ();
+
+ exit (code);
+}
+/*
+ * usage - print syntax message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+#ifdef WITH_TCB
+ if (getdef_bool ("USE_TCB")) {
+ (void) fprintf (usageout,
+ _("Usage: %s [options] [passwd]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ } else
+#endif /* WITH_TCB */
+ {
+ (void) fprintf (usageout,
+ _("Usage: %s [options] [passwd [shadow]]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ }
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -q, --quiet report errors only\n"), usageout);
+ (void) fputs (_(" -r, --read-only display errors and warnings\n"
+ " but do not change files\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+#ifdef WITH_TCB
+ if (!getdef_bool ("USE_TCB"))
+#endif /* !WITH_TCB */
+ {
+ (void) fputs (_(" -s, --sort sort entries by UID\n"), usageout);
+ }
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ int c;
+ static struct option long_options[] = {
+ {"help", no_argument, NULL, 'h'},
+ {"quiet", no_argument, NULL, 'q'},
+ {"read-only", no_argument, NULL, 'r'},
+ {"root", required_argument, NULL, 'R'},
+ {"sort", no_argument, NULL, 's'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ /*
+ * Parse the command line arguments
+ */
+ while ((c = getopt_long (argc, argv, "ehqrR:s",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'e': /* added for Debian shadow-961025-2 compatibility */
+ case 'q':
+ quiet = true;
+ break;
+ case 'r':
+ read_only = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 's':
+ sort_mode = true;
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ if (sort_mode && read_only) {
+ fprintf (stderr, _("%s: -s and -r are incompatible\n"), Prog);
+ exit (E_USAGE);
+ }
+
+ /*
+ * Make certain we have the right number of arguments
+ */
+ if (argc > (optind + 2)) {
+ usage (E_USAGE);
+ }
+
+ /*
+ * If there are two left over filenames, use those as the password
+ * and shadow password filenames.
+ */
+ if (optind != argc) {
+ pw_setdbname (argv[optind]);
+ use_system_pw_file = false;
+ }
+ if ((optind + 2) == argc) {
+#ifdef WITH_TCB
+ if (getdef_bool ("USE_TCB")) {
+ fprintf (stderr,
+ _("%s: no alternative shadow file allowed when USE_TCB is enabled.\n"),
+ Prog);
+ usage (E_USAGE);
+ }
+#endif /* WITH_TCB */
+ spw_setdbname (argv[optind + 1]);
+ is_shadow = true;
+ use_system_spw_file = false;
+ } else if (optind == argc) {
+ is_shadow = spw_file_present ();
+ }
+}
+
+/*
+ * open_files - open the shadow database
+ *
+ * In read-only mode, the databases are not locked and are opened
+ * only for reading.
+ */
+static void open_files (void)
+{
+ bool use_tcb = false;
+#ifdef WITH_TCB
+ use_tcb = getdef_bool ("USE_TCB");
+#endif /* WITH_TCB */
+
+ /*
+ * Lock the files if we aren't in "read-only" mode
+ */
+ if (!read_only) {
+ if (pw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ fail_exit (E_CANTLOCK);
+ }
+ pw_locked = true;
+ if (is_shadow && !use_tcb) {
+ if (spw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, spw_dbname ());
+ fail_exit (E_CANTLOCK);
+ }
+ spw_locked = true;
+ }
+ }
+
+ /*
+ * Open the files. Use O_RDONLY if we are in read_only mode, O_RDWR
+ * otherwise.
+ */
+ if (pw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"),
+ Prog, pw_dbname ());
+ if (use_system_pw_file) {
+ SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
+ }
+ fail_exit (E_CANTOPEN);
+ }
+ if (is_shadow && !use_tcb) {
+ if (spw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"),
+ Prog, spw_dbname ());
+ if (use_system_spw_file) {
+ SYSLOG ((LOG_WARN, "cannot open %s",
+ spw_dbname ()));
+ }
+ fail_exit (E_CANTOPEN);
+ }
+ spw_opened = true;
+ }
+}
+
+/*
+ * close_files - close and unlock the password/shadow databases
+ *
+ * If changed is not set, the databases are not closed, and no
+ * changes are committed in the databases. The databases are
+ * unlocked anyway.
+ */
+static void close_files (bool changed)
+{
+ /*
+ * All done. If there were no change we can just abandon any
+ * changes to the files.
+ */
+ if (changed) {
+ if (pw_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, pw_dbname ());
+ if (use_system_pw_file) {
+ SYSLOG ((LOG_ERR,
+ "failure while writing changes to %s",
+ pw_dbname ()));
+ }
+ fail_exit (E_CANTUPDATE);
+ }
+ if (spw_opened && (spw_close () == 0)) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, spw_dbname ());
+ if (use_system_spw_file) {
+ SYSLOG ((LOG_ERR,
+ "failure while writing changes to %s",
+ spw_dbname ()));
+ }
+ fail_exit (E_CANTUPDATE);
+ }
+ spw_opened = false;
+ }
+
+ /*
+ * Don't be anti-social - unlock the files when you're done.
+ */
+ if (spw_locked) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, spw_dbname ());
+ if (use_system_spw_file) {
+ SYSLOG ((LOG_ERR, "failed to unlock %s",
+ spw_dbname ()));
+ }
+ /* continue */
+ }
+ }
+ spw_locked = false;
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, pw_dbname ());
+ if (use_system_pw_file) {
+ SYSLOG ((LOG_ERR, "failed to unlock %s",
+ pw_dbname ()));
+ }
+ /* continue */
+ }
+ }
+ pw_locked = false;
+}
+
+/*
+ * check_pw_file - check the content of the passwd file
+ */
+static void check_pw_file (int *errors, bool *changed)
+{
+ struct commonio_entry *pfe, *tpfe;
+ struct passwd *pwd;
+ struct spwd *spw;
+
+ /*
+ * Loop through the entire password file.
+ */
+ for (pfe = __pw_get_head (); NULL != pfe; pfe = pfe->next) {
+ /*
+ * If this is a NIS line, skip it. You can't "know" what NIS
+ * is going to do without directly asking NIS ...
+ */
+ if (('+' == pfe->line[0]) || ('-' == pfe->line[0])) {
+ continue;
+ }
+
+ /*
+ * Start with the entries that are completely corrupt. They
+ * have no (struct passwd) entry because they couldn't be
+ * parsed properly.
+ */
+ if (NULL == pfe->eptr) {
+ /*
+ * Tell the user this entire line is bogus and ask
+ * them to delete it.
+ */
+ puts (_("invalid password file entry"));
+ printf (_("delete line '%s'? "), pfe->line);
+ *errors += 1;
+
+ /*
+ * prompt the user to delete the entry or not
+ */
+ if (!yes_or_no (read_only)) {
+ continue;
+ }
+
+ /*
+ * All password file deletions wind up here. This
+ * code removes the current entry from the linked
+ * list. When done, it skips back to the top of the
+ * loop to try out the next list element.
+ */
+ delete_pw:
+ if (use_system_pw_file) {
+ SYSLOG ((LOG_INFO, "delete passwd line '%s'",
+ pfe->line));
+ }
+ *changed = true;
+
+ __pw_del_entry (pfe);
+ continue;
+ }
+
+ /*
+ * Password structure is good, start using it.
+ */
+ pwd = pfe->eptr;
+
+ /*
+ * Make sure this entry has a unique name.
+ */
+ for (tpfe = __pw_get_head (); NULL != tpfe; tpfe = tpfe->next) {
+ const struct passwd *ent = tpfe->eptr;
+
+ /*
+ * Don't check this entry
+ */
+ if (tpfe == pfe) {
+ continue;
+ }
+
+ /*
+ * Don't check invalid entries.
+ */
+ if (NULL == ent) {
+ continue;
+ }
+
+ if (strcmp (pwd->pw_name, ent->pw_name) != 0) {
+ continue;
+ }
+
+ /*
+ * Tell the user this entry is a duplicate of
+ * another and ask them to delete it.
+ */
+ puts (_("duplicate password entry"));
+ printf (_("delete line '%s'? "), pfe->line);
+ *errors += 1;
+
+ /*
+ * prompt the user to delete the entry or not
+ */
+ if (yes_or_no (read_only)) {
+ goto delete_pw;
+ }
+ }
+
+ /*
+ * Check for invalid usernames. --marekm
+ */
+ if (!is_valid_user_name (pwd->pw_name)) {
+ printf (_("invalid user name '%s'\n"), pwd->pw_name);
+ *errors += 1;
+ }
+
+ /*
+ * Check for invalid user ID.
+ */
+ if (pwd->pw_uid == (uid_t)-1) {
+ printf (_("invalid user ID '%lu'\n"), (long unsigned int)pwd->pw_uid);
+ *errors += 1;
+ }
+
+ /*
+ * Make sure the primary group exists
+ */
+ /* local, no need for xgetgrgid */
+ if (!quiet && (NULL == getgrgid (pwd->pw_gid))) {
+
+ /*
+ * No primary group, just give a warning
+ */
+
+ printf (_("user '%s': no group %lu\n"),
+ pwd->pw_name, (unsigned long) pwd->pw_gid);
+ *errors += 1;
+ }
+
+ /*
+ * Make sure the home directory exists
+ */
+ if (!quiet && (access (pwd->pw_dir, F_OK) != 0)) {
+ /*
+ * Home directory doesn't exist, give a warning
+ */
+ printf (_("user '%s': directory '%s' does not exist\n"),
+ pwd->pw_name, pwd->pw_dir);
+ *errors += 1;
+ }
+
+ /*
+ * Make sure the login shell is executable
+ */
+ if ( !quiet
+ && ('\0' != pwd->pw_shell[0])
+ && (access (pwd->pw_shell, F_OK) != 0)) {
+
+ /*
+ * Login shell doesn't exist, give a warning
+ */
+ printf (_("user '%s': program '%s' does not exist\n"),
+ pwd->pw_name, pwd->pw_shell);
+ *errors += 1;
+ }
+
+ /*
+ * Make sure this entry exists in the /etc/shadow file.
+ */
+
+ if (is_shadow) {
+#ifdef WITH_TCB
+ if (getdef_bool ("USE_TCB")) {
+ if (shadowtcb_set_user (pwd->pw_name) == SHADOWTCB_FAILURE) {
+ printf (_("no tcb directory for %s\n"),
+ pwd->pw_name);
+ printf (_("create tcb directory for %s?"),
+ pwd->pw_name);
+ *errors += 1;
+ if (yes_or_no (read_only)) {
+ if (shadowtcb_create (pwd->pw_name, pwd->pw_uid) == SHADOWTCB_FAILURE) {
+ *errors += 1;
+ printf (_("failed to create tcb directory for %s\n"), pwd->pw_name);
+ continue;
+ }
+ } else {
+ continue;
+ }
+ }
+ if (spw_lock () == 0) {
+ *errors += 1;
+ fprintf (stderr,
+ _("%s: cannot lock %s.\n"),
+ Prog, spw_dbname ());
+ continue;
+ }
+ spw_locked = true;
+ if (spw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, spw_dbname ());
+ *errors += 1;
+ if (spw_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, spw_dbname ());
+ if (use_system_spw_file) {
+ SYSLOG ((LOG_ERR,
+ "failed to unlock %s",
+ spw_dbname ()));
+ }
+ }
+ continue;
+ }
+ spw_opened = true;
+ }
+#endif /* WITH_TCB */
+ spw = (struct spwd *) spw_locate (pwd->pw_name);
+ if (NULL == spw) {
+ printf (_("no matching password file entry in %s\n"),
+ spw_dbname ());
+ printf (_("add user '%s' in %s? "),
+ pwd->pw_name, spw_dbname ());
+ *errors += 1;
+ if (yes_or_no (read_only)) {
+ struct spwd sp;
+ struct passwd pw;
+
+ sp.sp_namp = pwd->pw_name;
+ sp.sp_pwdp = pwd->pw_passwd;
+ sp.sp_min =
+ getdef_num ("PASS_MIN_DAYS", -1);
+ sp.sp_max =
+ getdef_num ("PASS_MAX_DAYS", -1);
+ sp.sp_warn =
+ getdef_num ("PASS_WARN_AGE", -1);
+ sp.sp_inact = -1;
+ sp.sp_expire = -1;
+ sp.sp_flag = SHADOW_SP_FLAG_UNSET;
+ sp.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
+ if (0 == sp.sp_lstchg) {
+ /* Better disable aging than
+ * requiring a password change
+ */
+ sp.sp_lstchg = -1;
+ }
+ *changed = true;
+
+ if (spw_update (&sp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, spw_dbname (), sp.sp_namp);
+ fail_exit (E_CANTUPDATE);
+ }
+ /* remove password from /etc/passwd */
+ pw = *pwd;
+ pw.pw_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ if (pw_update (&pw) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, pw_dbname (), pw.pw_name);
+ fail_exit (E_CANTUPDATE);
+ }
+ }
+ } else {
+ /* The passwd entry has a shadow counterpart.
+ * Make sure no passwords are in passwd.
+ */
+ if ( !quiet
+ && (strcmp (pwd->pw_passwd,
+ SHADOW_PASSWD_STRING) != 0)) {
+ printf (_("user %s has an entry in %s, but its password field in %s is not set to 'x'\n"),
+ pwd->pw_name, spw_dbname (), pw_dbname ());
+ *errors += 1;
+ }
+ }
+ }
+#ifdef WITH_TCB
+ if (getdef_bool ("USE_TCB") && spw_locked) {
+ if (spw_opened && (spw_close () == 0)) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, spw_dbname ());
+ if (use_system_spw_file) {
+ SYSLOG ((LOG_ERR,
+ "failure while writing changes to %s",
+ spw_dbname ()));
+ }
+ } else {
+ spw_opened = false;
+ }
+ if (spw_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, spw_dbname ());
+ if (use_system_spw_file) {
+ SYSLOG ((LOG_ERR, "failed to unlock %s",
+ spw_dbname ()));
+ }
+ } else {
+ spw_locked = false;
+ }
+ }
+#endif /* WITH_TCB */
+ }
+}
+
+/*
+ * check_spw_file - check the content of the shadowed password file (shadow)
+ */
+static void check_spw_file (int *errors, bool *changed)
+{
+ struct commonio_entry *spe, *tspe;
+ struct spwd *spw;
+
+ /*
+ * Loop through the entire shadow password file.
+ */
+ for (spe = __spw_get_head (); NULL != spe; spe = spe->next) {
+ /*
+ * Do not treat lines which were missing in shadow
+ * and were added earlier.
+ */
+ if (NULL == spe->line) {
+ continue;
+ }
+
+ /*
+ * If this is a NIS line, skip it. You can't "know" what NIS
+ * is going to do without directly asking NIS ...
+ */
+ if (('+' == spe->line[0]) || ('-' == spe->line[0])) {
+ continue;
+ }
+
+ /*
+ * Start with the entries that are completely corrupt. They
+ * have no (struct spwd) entry because they couldn't be
+ * parsed properly.
+ */
+ if (NULL == spe->eptr) {
+ /*
+ * Tell the user this entire line is bogus and ask
+ * them to delete it.
+ */
+ puts (_("invalid shadow password file entry"));
+ printf (_("delete line '%s'? "), spe->line);
+ *errors += 1;
+
+ /*
+ * prompt the user to delete the entry or not
+ */
+ if (!yes_or_no (read_only)) {
+ continue;
+ }
+
+ /*
+ * All shadow file deletions wind up here. This code
+ * removes the current entry from the linked list.
+ * When done, it skips back to the top of the loop
+ * to try out the next list element.
+ */
+ delete_spw:
+ if (use_system_spw_file) {
+ SYSLOG ((LOG_INFO, "delete shadow line '%s'",
+ spe->line));
+ }
+ *changed = true;
+
+ __spw_del_entry (spe);
+ continue;
+ }
+
+ /*
+ * Shadow password structure is good, start using it.
+ */
+ spw = spe->eptr;
+
+ /*
+ * Make sure this entry has a unique name.
+ */
+ for (tspe = __spw_get_head (); NULL != tspe; tspe = tspe->next) {
+ const struct spwd *ent = tspe->eptr;
+
+ /*
+ * Don't check this entry
+ */
+ if (tspe == spe) {
+ continue;
+ }
+
+ /*
+ * Don't check invalid entries.
+ */
+ if (NULL == ent) {
+ continue;
+ }
+
+ if (strcmp (spw->sp_namp, ent->sp_namp) != 0) {
+ continue;
+ }
+
+ /*
+ * Tell the user this entry is a duplicate of
+ * another and ask them to delete it.
+ */
+ puts (_("duplicate shadow password entry"));
+ printf (_("delete line '%s'? "), spe->line);
+ *errors += 1;
+
+ /*
+ * prompt the user to delete the entry or not
+ */
+ if (yes_or_no (read_only)) {
+ goto delete_spw;
+ }
+ }
+
+ /*
+ * Make sure this entry exists in the /etc/passwd
+ * file.
+ */
+ if (pw_locate (spw->sp_namp) == NULL) {
+ /*
+ * Tell the user this entry has no matching
+ * /etc/passwd entry and ask them to delete it.
+ */
+ printf (_("no matching password file entry in %s\n"),
+ pw_dbname ());
+ printf (_("delete line '%s'? "), spe->line);
+ *errors += 1;
+
+ /*
+ * prompt the user to delete the entry or not
+ */
+ if (yes_or_no (read_only)) {
+ goto delete_spw;
+ }
+ }
+
+ /*
+ * Warn if last password change in the future. --marekm
+ */
+ if (!quiet) {
+ time_t t = time ((time_t *) 0);
+ if ( (t != 0)
+ && (spw->sp_lstchg > (long) t / SCALE)) {
+ printf (_("user %s: last password change in the future\n"),
+ spw->sp_namp);
+ *errors += 1;
+ }
+ }
+ }
+}
+
+/*
+ * pwck - verify password file integrity
+ */
+int main (int argc, char **argv)
+{
+ int errors = 0;
+ bool changed = false;
+
+ /*
+ * Get my name so that I can use it to report errors.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("pwck");
+
+ /* Parse the command line arguments */
+ process_flags (argc, argv);
+
+ open_files ();
+
+ if (sort_mode) {
+ if (pw_sort () != 0) {
+ fprintf (stderr,
+ _("%s: cannot sort entries in %s\n"),
+ Prog, pw_dbname ());
+ fail_exit (E_CANTSORT);
+ }
+ if (is_shadow) {
+ if (spw_sort () != 0) {
+ fprintf (stderr,
+ _("%s: cannot sort entries in %s\n"),
+ Prog, spw_dbname ());
+ fail_exit (E_CANTSORT);
+ }
+ }
+ changed = true;
+ } else {
+ check_pw_file (&errors, &changed);
+
+ if (is_shadow) {
+ check_spw_file (&errors, &changed);
+ }
+ }
+
+ close_files (changed);
+
+ nscd_flush_cache ("passwd");
+
+ /*
+ * Tell the user what we did and exit.
+ */
+ if (0 != errors) {
+ printf (changed ?
+ _("%s: the files have been updated\n") :
+ _("%s: no changes\n"), Prog);
+ }
+
+ closelog ();
+ return ((0 != errors) ? E_BADENTRY : E_OKAY);
+}
+
diff --git a/src/pwconv.c b/src/pwconv.c
new file mode 100644
index 0000000..e2d61f8
--- /dev/null
+++ b/src/pwconv.c
@@ -0,0 +1,333 @@
+/*
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2009 - 2012, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * pwconv - create or update /etc/shadow with information from
+ * /etc/passwd.
+ *
+ * It is more like SysV pwconv, slightly different from the original Shadow
+ * pwconv. Depends on "x" as password in /etc/passwd which means that the
+ * password has already been moved to /etc/shadow. There is no need to move
+ * /etc/npasswd to /etc/passwd, password files are updated using library
+ * routines with proper locking.
+ *
+ * Can be used to update /etc/shadow after adding/deleting users by editing
+ * /etc/passwd. There is no man page yet, but this program should be close
+ * to pwconv(1M) on Solaris 2.x.
+ *
+ * Warning: make sure that all users have "x" as the password in /etc/passwd
+ * before running this program for the first time on a system which already
+ * has shadow passwords. Anything else (like "*" from old versions of the
+ * shadow suite) will replace the user's encrypted password in /etc/shadow.
+ *
+ * Doesn't currently support pw_age information in /etc/passwd, and doesn't
+ * support DBM files. Add it if you need it...
+ *
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <unistd.h>
+#include <getopt.h>
+#include "defines.h"
+#include "getdef.h"
+#include "prototypes.h"
+#include "pwio.h"
+#include "shadowio.h"
+#include "nscd.h"
+
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS 0 /* success */
+#define E_NOPERM 1 /* permission denied */
+#define E_USAGE 2 /* invalid command syntax */
+#define E_FAILURE 3 /* unexpected failure, nothing done */
+#define E_MISSING 4 /* unexpected failure, passwd file missing */
+#define E_PWDBUSY 5 /* passwd file(s) busy */
+#define E_BADENTRY 6 /* bad shadow entry */
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool spw_locked = false;
+static bool pw_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int status);
+static void usage (int status);
+static void process_flags (int argc, char **argv);
+
+static void fail_exit (int status)
+{
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ }
+
+ if (spw_locked) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ }
+
+ exit (status);
+}
+
+static void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ /*
+ * Parse the command line options.
+ */
+ int c;
+ static struct option long_options[] = {
+ {"help", no_argument, NULL, 'h'},
+ {"root", required_argument, NULL, 'R'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "hR:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ if (optind != argc) {
+ usage (E_USAGE);
+ }
+}
+
+int main (int argc, char **argv)
+{
+ const struct passwd *pw;
+ struct passwd pwent;
+ const struct spwd *sp;
+ struct spwd spent;
+
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("pwconv");
+
+ process_flags (argc, argv);
+
+#ifdef WITH_TCB
+ if (getdef_bool("USE_TCB")) {
+ fprintf (stderr, _("%s: can't work with tcb enabled\n"), Prog);
+ exit (E_FAILURE);
+ }
+#endif /* WITH_TCB */
+
+ if (pw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ fail_exit (E_PWDBUSY);
+ }
+ pw_locked = true;
+ if (pw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"), Prog, pw_dbname ());
+ fail_exit (E_MISSING);
+ }
+
+ if (spw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, spw_dbname ());
+ fail_exit (E_PWDBUSY);
+ }
+ spw_locked = true;
+ if (spw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"), Prog, spw_dbname ());
+ fail_exit (E_FAILURE);
+ }
+
+ /*
+ * Remove /etc/shadow entries for users not in /etc/passwd.
+ */
+ (void) spw_rewind ();
+ while ((sp = spw_next ()) != NULL) {
+ if (pw_locate (sp->sp_namp) != NULL) {
+ continue;
+ }
+
+ if (spw_remove (sp->sp_namp) == 0) {
+ /*
+ * This shouldn't happen (the entry exists) but...
+ */
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, sp->sp_namp, spw_dbname ());
+ fail_exit (E_FAILURE);
+ }
+ }
+
+ /*
+ * Update shadow entries which don't have "x" as pw_passwd. Add any
+ * missing shadow entries.
+ */
+ (void) pw_rewind ();
+ while ((pw = pw_next ()) != NULL) {
+ sp = spw_locate (pw->pw_name);
+ if (NULL != sp) {
+ /* do we need to update this entry? */
+ if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0) {
+ continue;
+ }
+ /* update existing shadow entry */
+ spent = *sp;
+ } else {
+ /* add new shadow entry */
+ memset (&spent, 0, sizeof spent);
+ spent.sp_namp = pw->pw_name;
+ spent.sp_min = getdef_num ("PASS_MIN_DAYS", -1);
+ spent.sp_max = getdef_num ("PASS_MAX_DAYS", -1);
+ spent.sp_warn = getdef_num ("PASS_WARN_AGE", -1);
+ spent.sp_inact = -1;
+ spent.sp_expire = -1;
+ spent.sp_flag = SHADOW_SP_FLAG_UNSET;
+ }
+ spent.sp_pwdp = pw->pw_passwd;
+ spent.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
+ if (0 == spent.sp_lstchg) {
+ /* Better disable aging than requiring a password
+ * change */
+ spent.sp_lstchg = -1;
+ }
+ if (spw_update (&spent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, spw_dbname (), spent.sp_namp);
+ fail_exit (E_FAILURE);
+ }
+
+ /* remove password from /etc/passwd */
+ pwent = *pw;
+ pwent.pw_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ if (pw_update (&pwent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, pw_dbname (), pwent.pw_name);
+ fail_exit (E_FAILURE);
+ }
+ }
+
+ if (spw_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+ fail_exit (E_FAILURE);
+ }
+ if (pw_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (E_FAILURE);
+ }
+
+ /* /etc/passwd- (backup file) */
+ errno = 0;
+ if ((chmod (PASSWD_FILE "-", 0600) != 0) && (errno != ENOENT)) {
+ fprintf (stderr,
+ _("%s: failed to change the mode of %s to 0600\n"),
+ Prog, PASSWD_FILE "-");
+ SYSLOG ((LOG_ERR, "failed to change the mode of %s to 0600", PASSWD_FILE "-"));
+ /* continue */
+ }
+
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+
+ nscd_flush_cache ("passwd");
+
+ return E_SUCCESS;
+}
+
diff --git a/src/pwunconv.c b/src/pwunconv.c
new file mode 100644
index 0000000..fabf023
--- /dev/null
+++ b/src/pwunconv.c
@@ -0,0 +1,256 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2012, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <getopt.h>
+#include "defines.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwio.h"
+#include "shadowio.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool spw_locked = false;
+static bool pw_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int status);
+static void usage (int status);
+static void process_flags (int argc, char **argv);
+
+static void fail_exit (int status)
+{
+ if (spw_locked) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ }
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ }
+ exit (status);
+}
+
+static void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ * It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+ /*
+ * Parse the command line options.
+ */
+ int c;
+ static struct option long_options[] = {
+ {"help", no_argument, NULL, 'h'},
+ {"root", required_argument, NULL, 'R'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "hR:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ if (optind != argc) {
+ usage (E_USAGE);
+ }
+}
+
+int main (int argc, char **argv)
+{
+ const struct passwd *pw;
+ struct passwd pwent;
+ const struct spwd *spwd;
+
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("pwunconv");
+
+ process_flags (argc, argv);
+
+#ifdef WITH_TCB
+ if (getdef_bool("USE_TCB")) {
+ fprintf (stderr, _("%s: can't work with tcb enabled\n"), Prog);
+ exit (1);
+ }
+#endif /* WITH_TCB */
+
+ if (!spw_file_present ()) {
+ /* shadow not installed, do nothing */
+ exit (0);
+ }
+
+ if (pw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ fail_exit (5);
+ }
+ pw_locked = true;
+ if (pw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, pw_dbname ());
+ fail_exit (1);
+ }
+
+ if (spw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, spw_dbname ());
+ fail_exit (5);
+ }
+ spw_locked = true;
+ if (spw_open (O_RDONLY) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, spw_dbname ());
+ fail_exit (1);
+ }
+
+ (void) pw_rewind ();
+ while ((pw = pw_next ()) != NULL) {
+ spwd = spw_locate (pw->pw_name);
+ if (NULL == spwd) {
+ continue;
+ }
+
+ pwent = *pw;
+
+ /*
+ * Update password if non-shadow is "x".
+ */
+ if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0) {
+ pwent.pw_passwd = spwd->sp_pwdp;
+ }
+
+ /*
+ * Password aging works differently in the two different
+ * systems. With shadow password files you apparently must
+ * have some aging information. The maxweeks or minweeks
+ * may not map exactly. In pwconv we set max == 10000,
+ * which is about 30 years. Here we have to undo that
+ * kludge. So, if maxdays == 10000, no aging information is
+ * put into the new file. Otherwise, the days are converted
+ * to weeks and so on.
+ */
+ if (pw_update (&pwent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, pw_dbname (), pwent.pw_name);
+ fail_exit (3);
+ }
+ }
+
+ (void) spw_close (); /* was only open O_RDONLY */
+
+ if (pw_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (3);
+ }
+
+ if (unlink (SHADOW) != 0) {
+ fprintf (stderr,
+ _("%s: cannot delete %s\n"), Prog, SHADOW);
+ SYSLOG ((LOG_ERR, "cannot delete %s", SHADOW));
+ fail_exit (3);
+ }
+
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+
+ nscd_flush_cache ("passwd");
+
+ return 0;
+}
+
diff --git a/src/su.c b/src/su.c
new file mode 100644
index 0000000..974048e
--- /dev/null
+++ b/src/su.c
@@ -0,0 +1,1222 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2013, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* Some parts substantially derived from an ancestor of:
+ su for GNU. Run a shell with substitute user and group IDs.
+
+ Copyright (C) 1992-2003 Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA. */
+
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <getopt.h>
+#include <grp.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <unistd.h>
+#ifndef USE_PAM
+#include <sys/ioctl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#endif /* !USE_PAM */
+#include "prototypes.h"
+#include "defines.h"
+#include "pwauth.h"
+#include "getdef.h"
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif /* USE_PAM */
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+static /*@observer@*/const char *caller_tty = NULL; /* Name of tty SU is run from */
+static bool caller_is_root = false;
+static uid_t caller_uid;
+#ifndef USE_PAM
+static bool caller_on_console = false;
+#ifdef SU_ACCESS
+static /*@only@*/char *caller_pass;
+#endif
+#endif /* !USE_PAM */
+static bool doshell = false;
+static bool fakelogin = false;
+static /*@observer@*/const char *shellstr;
+static /*@null@*/char *command = NULL;
+
+
+/* not needed by sulog.c anymore */
+static char name[BUFSIZ];
+static char caller_name[BUFSIZ];
+
+/* If nonzero, change some environment vars to indicate the user su'd to. */
+static bool change_environment = true;
+
+#ifdef USE_PAM
+static char kill_msg[256];
+static char wait_msg[256];
+static pam_handle_t *pamh = NULL;
+static int caught = 0;
+/* PID of the child, in case it needs to be killed */
+static pid_t pid_child = 0;
+#endif
+
+/*
+ * External identifiers
+ */
+
+extern char **newenvp; /* libmisc/env.c */
+extern size_t newenvc; /* libmisc/env.c */
+
+/* local function prototypes */
+
+static void execve_shell (const char *shellname,
+ char *args[],
+ char *const envp[]);
+#ifdef USE_PAM
+static RETSIGTYPE kill_child (int unused(s));
+static void prepare_pam_close_session (void);
+#else /* !USE_PAM */
+static RETSIGTYPE die (int);
+static bool iswheel (const char *);
+#endif /* !USE_PAM */
+static bool restricted_shell (const char *shellname);
+static /*@noreturn@*/void su_failure (const char *tty, bool su_to_root);
+static /*@only@*/struct passwd * check_perms (void);
+#ifdef USE_PAM
+static void check_perms_pam (const struct passwd *pw);
+#else /* !USE_PAM */
+static void check_perms_nopam (const struct passwd *pw);
+#endif /* !USE_PAM */
+static void save_caller_context (char **argv);
+static void process_flags (int argc, char **argv);
+static void set_environment (struct passwd *pw);
+
+#ifndef USE_PAM
+/*
+ * die - set or reset termio modes.
+ *
+ * die() is called before processing begins. signal() is then called
+ * with die() as the signal handler. If signal later calls die() with a
+ * signal number, the terminal modes are then reset.
+ */
+static RETSIGTYPE die (int killed)
+{
+ static TERMIO sgtty;
+
+ if (killed != 0) {
+ STTY (0, &sgtty);
+ } else {
+ GTTY (0, &sgtty);
+ }
+
+ if (killed != 0) {
+ _exit (128+killed);
+ }
+}
+
+static bool iswheel (const char *username)
+{
+ struct group *grp;
+
+ grp = getgrnam ("wheel"); /* !USE_PAM, no need for xgetgrnam */
+ if ( (NULL ==grp)
+ || (NULL == grp->gr_mem)) {
+ return false;
+ }
+ return is_on_list (grp->gr_mem, username);
+}
+#else /* USE_PAM */
+static RETSIGTYPE kill_child (int unused(s))
+{
+ if (0 != pid_child) {
+ (void) kill (-pid_child, SIGKILL);
+ (void) write (STDERR_FILENO, kill_msg, strlen (kill_msg));
+ } else {
+ (void) write (STDERR_FILENO, wait_msg, strlen (wait_msg));
+ }
+ _exit (255);
+}
+#endif /* USE_PAM */
+
+/* borrowed from GNU sh-utils' "su.c" */
+static bool restricted_shell (const char *shellname)
+{
+ /*@observer@*/const char *line;
+
+ setusershell ();
+ while ((line = getusershell ()) != NULL) {
+ if (('#' != *line) && (strcmp (line, shellname) == 0)) {
+ endusershell ();
+ return false;
+ }
+ }
+ endusershell ();
+ return true;
+}
+
+static /*@noreturn@*/void su_failure (const char *tty, bool su_to_root)
+{
+ sulog (tty, false, caller_name, name); /* log failed attempt */
+#ifdef USE_SYSLOG
+ if (getdef_bool ("SYSLOG_SU_ENAB")) {
+ SYSLOG ((su_to_root ? LOG_NOTICE : LOG_INFO,
+ "- %s %s:%s", tty,
+ ('\0' != caller_name[0]) ? caller_name : "???",
+ ('\0' != name[0]) ? name : "???"));
+ }
+ closelog ();
+#endif
+
+#ifdef WITH_AUDIT
+ audit_fd = audit_open ();
+ audit_log_acct_message (audit_fd,
+ AUDIT_USER_ROLE_CHANGE,
+ NULL, /* Prog. name */
+ "su",
+ ('\0' != caller_name[0]) ? caller_name : "???",
+ AUDIT_NO_ID,
+ "localhost",
+ NULL, /* addr */
+ tty,
+ 0); /* result */
+ close (audit_fd);
+#endif /* WITH_AUDIT */
+
+ exit (1);
+}
+
+/*
+ * execve_shell - Execute a shell with execve, or interpret it with
+ * /bin/sh
+ */
+static void execve_shell (const char *shellname,
+ char *args[],
+ char *const envp[])
+{
+ int err;
+ (void) execve (shellname, (char **) args, envp);
+ err = errno;
+
+ if (access (shellname, R_OK|X_OK) == 0) {
+ /*
+ * Assume this is a shell script (with no shebang).
+ * Interpret it with /bin/sh
+ */
+ size_t n_args = 0;
+ char **targs;
+ while (NULL != args[n_args]) {
+ n_args++;
+ }
+ targs = (char **) xmalloc ((n_args + 3) * sizeof (args[0]));
+ targs[0] = "sh";
+ targs[1] = "-";
+ targs[2] = xstrdup (shellname);
+ targs[n_args+2] = NULL;
+ while (1 != n_args) {
+ targs[n_args+1] = args[n_args - 1];
+ n_args--;
+ }
+
+ (void) execve (SHELL, targs, envp);
+ } else {
+ errno = err;
+ }
+}
+
+#ifdef USE_PAM
+/* Signal handler for parent process later */
+static void catch_signals (int sig)
+{
+ caught = sig;
+}
+
+/*
+ * prepare_pam_close_session - Fork and wait for the child to close the session
+ *
+ * Only the child returns. The parent will wait for the child to
+ * terminate and exit.
+ */
+static void prepare_pam_close_session (void)
+{
+ sigset_t ourset;
+ int status;
+ int ret;
+
+ pid_child = fork ();
+ if (pid_child == 0) { /* child shell */
+ return; /* Only the child will return from pam_create_session */
+ } else if ((pid_t)-1 == pid_child) {
+ (void) fprintf (stderr,
+ _("%s: Cannot fork user shell\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "Cannot execute %s", shellstr));
+ closelog ();
+ exit (1);
+ /* Only the child returns. See above. */
+ }
+
+ /* parent only */
+ sigfillset (&ourset);
+ if (sigprocmask (SIG_BLOCK, &ourset, NULL) != 0) {
+ (void) fprintf (stderr,
+ _("%s: signal malfunction\n"),
+ Prog);
+ caught = SIGTERM;
+ }
+ if (0 == caught) {
+ struct sigaction action;
+
+ action.sa_handler = catch_signals;
+ sigemptyset (&action.sa_mask);
+ action.sa_flags = 0;
+ sigemptyset (&ourset);
+
+ if ( (sigaddset (&ourset, SIGTERM) != 0)
+ || (sigaddset (&ourset, SIGALRM) != 0)
+ || (sigaction (SIGTERM, &action, NULL) != 0)
+ || ( !doshell /* handle SIGINT (Ctrl-C), SIGQUIT
+ * (Ctrl-\), and SIGTSTP (Ctrl-Z)
+ * since the child will not control
+ * the tty.
+ */
+ && ( (sigaddset (&ourset, SIGINT) != 0)
+ || (sigaddset (&ourset, SIGQUIT) != 0)
+ || (sigaddset (&ourset, SIGTSTP) != 0)
+ || (sigaction (SIGINT, &action, NULL) != 0)
+ || (sigaction (SIGQUIT, &action, NULL) != 0)
+ || (sigaction (SIGTSTP, &action, NULL) != 0)))
+ || (sigprocmask (SIG_UNBLOCK, &ourset, NULL) != 0)
+ ) {
+ fprintf (stderr,
+ _("%s: signal masking malfunction\n"),
+ Prog);
+ caught = SIGTERM;
+ }
+ }
+
+ if (0 == caught) {
+ bool stop = true;
+
+ do {
+ pid_t pid;
+ stop = true;
+
+ pid = waitpid (-1, &status, WUNTRACED);
+
+ /* When interrupted by signal, the signal will be
+ * forwarded to the child, and termination will be
+ * forced later.
+ */
+ if ( ((pid_t)-1 == pid)
+ && (EINTR == errno)
+ && (SIGTSTP == caught)) {
+ caught = 0;
+ /* Except for SIGTSTP, which request to
+ * stop the child.
+ * We will SIGSTOP ourself on the next
+ * waitpid round.
+ */
+ kill (pid_child, SIGSTOP);
+ stop = false;
+ } else if ( ((pid_t)-1 != pid)
+ && (0 != WIFSTOPPED (status))) {
+ /* The child (shell) was suspended.
+ * Suspend su. */
+ kill (getpid (), SIGSTOP);
+ /* wake child when resumed */
+ kill (pid, SIGCONT);
+ stop = false;
+ } else if ( (pid_t)-1 != pid) {
+ pid_child = 0;
+ }
+ } while (!stop);
+ }
+
+ if (0 != caught && 0 != pid_child) {
+ (void) fputs ("\n", stderr);
+ (void) fputs (_("Session terminated, terminating shell..."),
+ stderr);
+ (void) kill (-pid_child, caught);
+
+ snprintf (kill_msg, sizeof kill_msg, _(" ...killed.\n"));
+ snprintf (wait_msg, sizeof wait_msg, _(" ...waiting for child to terminate.\n"));
+
+ (void) signal (SIGALRM, kill_child);
+ (void) signal (SIGCHLD, catch_signals);
+ (void) alarm (2);
+
+ sigemptyset (&ourset);
+ if ((sigaddset (&ourset, SIGALRM) != 0)
+ || (sigprocmask (SIG_BLOCK, &ourset, NULL) != 0)) {
+ fprintf (stderr, _("%s: signal masking malfunction\n"), Prog);
+ kill_child (0);
+ } else {
+ while (0 == waitpid (pid_child, &status, WNOHANG)) {
+ sigsuspend (&ourset);
+ }
+ pid_child = 0;
+ (void) sigprocmask (SIG_UNBLOCK, &ourset, NULL);
+ }
+
+ (void) fputs (_(" ...terminated.\n"), stderr);
+ }
+
+ ret = pam_close_session (pamh, 0);
+ if (PAM_SUCCESS != ret) {
+ SYSLOG ((LOG_ERR, "pam_close_session: %s",
+ pam_strerror (pamh, ret)));
+ fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
+ }
+
+ (void) pam_setcred (pamh, PAM_DELETE_CRED);
+ (void) pam_end (pamh, PAM_SUCCESS);
+
+ exit ((0 != WIFEXITED (status)) ? WEXITSTATUS (status)
+ : WTERMSIG (status) + 128);
+ /* Only the child returns. See above. */
+}
+#endif /* USE_PAM */
+
+/*
+ * usage - print command line syntax and exit
+ */
+static void usage (int status)
+{
+ (void)
+ fputs (_("Usage: su [options] [LOGIN]\n"
+ "\n"
+ "Options:\n"
+ " -c, --command COMMAND pass COMMAND to the invoked shell\n"
+ " -h, --help display this help message and exit\n"
+ " -, -l, --login make the shell a login shell\n"
+ " -m, -p,\n"
+ " --preserve-environment do not reset environment variables, and\n"
+ " keep the same shell\n"
+ " -s, --shell SHELL use SHELL instead of the default in passwd\n"
+ "\n"), (E_SUCCESS != status) ? stderr : stdout);
+ exit (status);
+}
+
+#ifdef USE_PAM
+static void check_perms_pam (const struct passwd *pw)
+{
+ int ret;
+ ret = pam_authenticate (pamh, 0);
+ if (PAM_SUCCESS != ret) {
+ SYSLOG (((pw->pw_uid != 0)? LOG_NOTICE : LOG_WARN, "pam_authenticate: %s",
+ pam_strerror (pamh, ret)));
+ fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
+ (void) pam_end (pamh, ret);
+ su_failure (caller_tty, 0 == pw->pw_uid);
+ }
+
+ ret = pam_acct_mgmt (pamh, 0);
+ if (PAM_SUCCESS != ret) {
+ if (caller_is_root) {
+ fprintf (stderr,
+ _("%s: %s\n(Ignored)\n"),
+ Prog, pam_strerror (pamh, ret));
+ } else if (PAM_NEW_AUTHTOK_REQD == ret) {
+ ret = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
+ if (PAM_SUCCESS != ret) {
+ SYSLOG ((LOG_ERR, "pam_chauthtok: %s",
+ pam_strerror (pamh, ret)));
+ fprintf (stderr,
+ _("%s: %s\n"),
+ Prog, pam_strerror (pamh, ret));
+ (void) pam_end (pamh, ret);
+ su_failure (caller_tty, 0 == pw->pw_uid);
+ }
+ } else {
+ SYSLOG ((LOG_ERR, "pam_acct_mgmt: %s",
+ pam_strerror (pamh, ret)));
+ fprintf (stderr,
+ _("%s: %s\n"),
+ Prog, pam_strerror (pamh, ret));
+ (void) pam_end (pamh, ret);
+ su_failure (caller_tty, 0 == pw->pw_uid);
+ }
+ }
+}
+#else /* !USE_PAM */
+static void check_perms_nopam (const struct passwd *pw)
+{
+ /*@observer@*/const struct spwd *spwd = NULL;
+ /*@observer@*/const char *password = pw->pw_passwd;
+ RETSIGTYPE (*oldsig) (int);
+
+ if (caller_is_root) {
+ return;
+ }
+
+ /*
+ * BSD systems only allow "wheel" to SU to root. USG systems don't,
+ * so we make this a configurable option.
+ */
+
+ /* The original Shadow 3.3.2 did this differently. Do it like BSD:
+ *
+ * - check for UID 0 instead of name "root" - there are systems with
+ * several root accounts under different names,
+ *
+ * - check the contents of /etc/group instead of the current group
+ * set (you must be listed as a member, GID 0 is not sufficient).
+ *
+ * In addition to this traditional feature, we now have complete su
+ * access control (allow, deny, no password, own password). Thanks
+ * to Chris Evans <lady0110@sable.ox.ac.uk>.
+ */
+
+ if ( (0 == pw->pw_uid)
+ && getdef_bool ("SU_WHEEL_ONLY")
+ && !iswheel (caller_name)) {
+ fprintf (stderr,
+ _("You are not authorized to su %s\n"),
+ name);
+ exit (1);
+ }
+ spwd = getspnam (name); /* !USE_PAM, no need for xgetspnam */
+#ifdef SU_ACCESS
+ if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0) {
+ if (NULL != spwd) {
+ password = spwd->sp_pwdp;
+ }
+ }
+
+ switch (check_su_auth (caller_name, name, 0 == pw->pw_uid)) {
+ case 0: /* normal su, require target user's password */
+ break;
+ case 1: /* require no password */
+ password = ""; /* XXX warning: const */
+ break;
+ case 2: /* require own password */
+ (void) puts (_("(Enter your own password)"));
+ password = caller_pass;
+ break;
+ default: /* access denied (-1) or unexpected value */
+ fprintf (stderr,
+ _("You are not authorized to su %s\n"),
+ name);
+ exit (1);
+ }
+#endif /* SU_ACCESS */
+ /*
+ * Set up a signal handler in case the user types QUIT.
+ */
+ die (0);
+ oldsig = signal (SIGQUIT, die);
+
+ /*
+ * See if the system defined authentication method is being used.
+ * The first character of an administrator defined method is an '@'
+ * character.
+ */
+ if (pw_auth (password, name, PW_SU, (char *) 0) != 0) {
+ SYSLOG (((pw->pw_uid != 0)? LOG_NOTICE : LOG_WARN,
+ "Authentication failed for %s", name));
+ fprintf(stderr, _("%s: Authentication failure\n"), Prog);
+ su_failure (caller_tty, 0 == pw->pw_uid);
+ }
+ (void) signal (SIGQUIT, oldsig);
+
+ /*
+ * Check to see if the account is expired. root gets to ignore any
+ * expired accounts, but normal users can't become a user with an
+ * expired password.
+ */
+ if (NULL != spwd) {
+ (void) expire (pw, spwd);
+ }
+
+ /*
+ * Check to see if the account permits "su". root gets to ignore any
+ * restricted accounts, but normal users can't become a user if
+ * there is a "SU" entry in the /etc/porttime file denying access to
+ * the account.
+ */
+ if (!isttytime (name, "SU", time ((time_t *) 0))) {
+ SYSLOG (((0 != pw->pw_uid) ? LOG_WARN : LOG_CRIT,
+ "SU by %s to restricted account %s",
+ caller_name, name));
+ fprintf (stderr,
+ _("%s: You are not authorized to su at that time\n"),
+ Prog);
+ su_failure (caller_tty, 0 == pw->pw_uid);
+ }
+}
+#endif /* !USE_PAM */
+
+/*
+ * check_perms - check permissions to switch to the user 'name'
+ *
+ * In case of subsystem login, the user is first authenticated in the
+ * caller's root subsystem, and then in the user's target subsystem.
+ */
+static /*@only@*/struct passwd * check_perms (void)
+{
+#ifdef USE_PAM
+ const char *tmp_name;
+ int ret;
+#endif /* !USE_PAM */
+ /*
+ * The password file entries for the user is gotten and the account
+ * validated.
+ */
+ struct passwd *pw = xgetpwnam (name);
+ if (NULL == pw) {
+ (void) fprintf (stderr,
+ _("No passwd entry for user '%s'\n"), name);
+ SYSLOG ((LOG_NOTICE, "No passwd entry for user '%s'", name));
+ su_failure (caller_tty, true);
+ }
+
+ (void) signal (SIGINT, SIG_IGN);
+ (void) signal (SIGQUIT, SIG_IGN);
+
+#ifdef USE_PAM
+ check_perms_pam (pw);
+ /* PAM authentication can request a change of account */
+ ret = pam_get_item(pamh, PAM_USER, (const void **) &tmp_name);
+ if (ret != PAM_SUCCESS) {
+ SYSLOG((LOG_ERR, "pam_get_item: internal PAM error\n"));
+ (void) fprintf (stderr,
+ "%s: Internal PAM error retrieving username\n",
+ Prog);
+ (void) pam_end (pamh, ret);
+ su_failure (caller_tty, 0 == pw->pw_uid);
+ }
+ if (strcmp (name, tmp_name) != 0) {
+ SYSLOG ((LOG_INFO,
+ "Change user from '%s' to '%s' as requested by PAM",
+ name, tmp_name));
+ strncpy (name, tmp_name, sizeof(name) - 1);
+ name[sizeof(name) - 1] = '\0';
+ pw = xgetpwnam (name);
+ if (NULL == pw) {
+ (void) fprintf (stderr,
+ _("No passwd entry for user '%s'\n"),
+ name);
+ SYSLOG ((LOG_NOTICE,
+ "No passwd entry for user '%s'", name));
+ su_failure (caller_tty, true);
+ }
+ }
+#else /* !USE_PAM */
+ check_perms_nopam (pw);
+#endif /* !USE_PAM */
+
+ (void) signal (SIGINT, SIG_DFL);
+ (void) signal (SIGQUIT, SIG_DFL);
+
+ /*
+ * Even if --shell is specified, the subsystem login test is based on
+ * the shell specified in /etc/passwd (not the one specified with
+ * --shell, which will be the one executed in the chroot later).
+ */
+ if ('*' == pw->pw_shell[0]) { /* subsystem root required */
+ subsystem (pw); /* change to the subsystem root */
+ endpwent (); /* close the old password databases */
+ endspent ();
+ pw_free (pw);
+ return check_perms (); /* authenticate in the subsystem */
+ }
+
+ return pw;
+}
+
+/*
+ * save_caller_context - save information from the call context
+ *
+ * Save the program's name (Prog), caller's UID (caller_uid /
+ * caller_is_root), name (caller_name), and password (caller_pass),
+ * the TTY (ttyp), and whether su was called from a console
+ * (is_console) for further processing and before they might change.
+ */
+static void save_caller_context (char **argv)
+{
+ struct passwd *pw = NULL;
+#ifndef USE_PAM
+#ifdef SU_ACCESS
+ const char *password = NULL;
+#endif /* SU_ACCESS */
+#endif /* !USE_PAM */
+ /*
+ * Get the program name. The program name is used as a prefix to
+ * most error messages.
+ */
+ Prog = Basename (argv[0]);
+
+ caller_uid = getuid ();
+ caller_is_root = (caller_uid == 0);
+
+ /*
+ * Get the tty name. Entries will be logged indicating that the user
+ * tried to change to the named new user from the current terminal.
+ */
+ caller_tty = ttyname (0);
+ if ((isatty (0) != 0) && (NULL != caller_tty)) {
+#ifndef USE_PAM
+ caller_on_console = console (caller_tty);
+#endif /* !USE_PAM */
+ } else {
+ /*
+ * Be more paranoid, like su from SimplePAMApps. --marekm
+ */
+ if (!caller_is_root) {
+ fprintf (stderr,
+ _("%s: must be run from a terminal\n"),
+ Prog);
+ exit (1);
+ }
+ caller_tty = "???";
+ }
+
+ /*
+ * Get the user's real name. The current UID is used to determine
+ * who has executed su. That user ID must exist.
+ */
+ pw = get_my_pwent ();
+ if (NULL == pw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+ (unsigned long) caller_uid));
+ su_failure (caller_tty, true); /* unknown target UID*/
+ }
+ STRFCPY (caller_name, pw->pw_name);
+
+#ifndef USE_PAM
+#ifdef SU_ACCESS
+ /*
+ * Sort out the password of user calling su, in case needed later
+ * -- chris
+ */
+ password = pw->pw_passwd;
+ if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0) {
+ const struct spwd *spwd = getspnam (caller_name);
+ if (NULL != spwd) {
+ password = spwd->sp_pwdp;
+ }
+ }
+ free (caller_pass);
+ caller_pass = xstrdup (password);
+#endif /* SU_ACCESS */
+#endif /* !USE_PAM */
+ pw_free (pw);
+}
+
+/*
+ * process_flags - Process the command line arguments
+ *
+ * process_flags() interprets the command line arguments and sets
+ * the values that the user will be created with accordingly. The
+ * values are checked for sanity.
+ */
+static void process_flags (int argc, char **argv)
+{
+ int c;
+ static struct option long_options[] = {
+ {"command", required_argument, NULL, 'c'},
+ {"help", no_argument, NULL, 'h'},
+ {"login", no_argument, NULL, 'l'},
+ {"preserve-environment", no_argument, NULL, 'p'},
+ {"shell", required_argument, NULL, 's'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv, "c:hlmps:",
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'c':
+ command = optarg;
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ break;
+ case 'l':
+ fakelogin = true;
+ break;
+ case 'm':
+ case 'p':
+ /* This will only have an effect if the target
+ * user do not have a restricted shell, or if
+ * su is called by root.
+ */
+ change_environment = false;
+ break;
+ case 's':
+ shellstr = optarg;
+ break;
+ default:
+ usage (E_USAGE); /* NOT REACHED */
+ }
+ }
+
+ if ((optind < argc) && (strcmp (argv[optind], "-") == 0)) {
+ fakelogin = true;
+ optind++;
+ if ( (optind < argc)
+ && (strcmp (argv[optind], "--") == 0)) {
+ optind++;
+ }
+ }
+
+ /*
+ * The next argument must be either a user ID, or some flag to a
+ * subshell. Pretty sticky since you can't have an argument which
+ * doesn't start with a "-" unless you specify the new user name.
+ * Any remaining arguments will be passed to the user's login shell.
+ */
+ if ((optind < argc) && ('-' != argv[optind][0])) {
+ STRFCPY (name, argv[optind++]); /* use this login id */
+ if ((optind < argc) && (strcmp (argv[optind], "--") == 0)) {
+ optind++;
+ }
+ }
+ if ('\0' == name[0]) { /* use default user */
+ struct passwd *root_pw = getpwnam ("root");
+ if ((NULL != root_pw) && (0 == root_pw->pw_uid)) {
+ (void) strcpy (name, "root");
+ } else {
+ root_pw = getpwuid (0);
+ if (NULL == root_pw) {
+ SYSLOG ((LOG_CRIT, "There is no UID 0 user."));
+ su_failure (caller_tty, true);
+ }
+ (void) strcpy (name, root_pw->pw_name);
+ }
+ }
+
+ doshell = (argc == optind); /* any arguments remaining? */
+ if (NULL != command) {
+ doshell = false;
+ }
+}
+
+static void set_environment (struct passwd *pw)
+{
+ const char *cp;
+ /*
+ * If a new login is being set up, the old environment will be
+ * ignored and a new one created later on.
+ */
+ if (change_environment && fakelogin) {
+ /*
+ * The terminal type will be left alone if it is present in
+ * the environment already.
+ */
+ cp = getenv ("TERM");
+ if (NULL != cp) {
+ addenv ("TERM", cp);
+ }
+
+ /*
+ * For some terminals COLORTERM seems to be the only way
+ * for checking for that specific terminal. For instance,
+ * gnome-terminal sets its TERM as "xterm" but its
+ * COLORTERM as "gnome-terminal". The COLORTERM variable
+ * is also of use when running GNU screen since it sets
+ * TERM to "screen" but doesn't touch COLORTERM.
+ */
+ cp = getenv ("COLORTERM");
+ if (NULL != cp) {
+ addenv ("COLORTERM", cp);
+ }
+
+#ifndef USE_PAM
+ cp = getdef_str ("ENV_TZ");
+ if (NULL != cp) {
+ addenv (('/' == *cp) ? tz (cp) : cp, NULL);
+ }
+
+ /*
+ * The clock frequency will be reset to the login value if required
+ */
+ cp = getdef_str ("ENV_HZ");
+ if (NULL != cp) {
+ addenv (cp, NULL); /* set the default $HZ, if one */
+ }
+#endif /* !USE_PAM */
+
+ /*
+ * Also leave DISPLAY and XAUTHORITY if present, else
+ * pam_xauth will not work.
+ */
+ cp = getenv ("DISPLAY");
+ if (NULL != cp) {
+ addenv ("DISPLAY", cp);
+ }
+ cp = getenv ("XAUTHORITY");
+ if (NULL != cp) {
+ addenv ("XAUTHORITY", cp);
+ }
+ } else {
+ char **envp = environ;
+ while (NULL != *envp) {
+ addenv (*envp, NULL);
+ envp++;
+ }
+ }
+
+ cp = getdef_str ((pw->pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
+ if (NULL == cp) {
+ addenv ((pw->pw_uid == 0) ? "PATH=/sbin:/bin:/usr/sbin:/usr/bin" : "PATH=/bin:/usr/bin", NULL);
+ } else if (strchr (cp, '=') != NULL) {
+ addenv (cp, NULL);
+ } else {
+ addenv ("PATH", cp);
+ }
+
+ if (getenv ("IFS") != NULL) { /* don't export user IFS ... */
+ addenv ("IFS= \t\n", NULL); /* ... instead, set a safe IFS */
+ }
+
+#ifdef USE_PAM
+ /* we need to setup the environment *after* pam_open_session(),
+ * else the UID is changed before stuff like pam_xauth could
+ * run, and we cannot access /etc/shadow and co
+ */
+ environ = newenvp; /* make new environment active */
+
+ if (change_environment) {
+ /* update environment with all pam set variables */
+ char **envcp = pam_getenvlist (pamh);
+ if (NULL != envcp) {
+ while (NULL != *envcp) {
+ addenv (*envcp, NULL);
+ envcp++;
+ }
+ }
+ }
+
+#else /* !USE_PAM */
+ environ = newenvp; /* make new environment active */
+#endif /* !USE_PAM */
+
+ if (change_environment) {
+ if (fakelogin) {
+ if (shellstr != pw->pw_shell) {
+ free (pw->pw_shell);
+ pw->pw_shell = xstrdup (shellstr);
+ }
+ setup_env (pw);
+ } else {
+ addenv ("HOME", pw->pw_dir);
+ addenv ("USER", pw->pw_name);
+ addenv ("LOGNAME", pw->pw_name);
+ addenv ("SHELL", shellstr);
+ }
+ }
+
+}
+
+/*
+ * su - switch user id
+ *
+ * su changes the user's ids to the values for the specified user. if
+ * no new user name is specified, "root" or UID 0 is used by default.
+ *
+ * Any additional arguments are passed to the user's shell. In
+ * particular, the argument "-c" will cause the next argument to be
+ * interpreted as a command by the common shell programs.
+ */
+int main (int argc, char **argv)
+{
+ const char *cp;
+ struct passwd *pw = NULL;
+
+#ifdef USE_PAM
+ int ret;
+#endif /* USE_PAM */
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ save_caller_context (argv);
+
+ OPENLOG ("su");
+
+ process_flags (argc, argv);
+
+ initenv ();
+
+#ifdef USE_PAM
+ ret = pam_start ("su", name, &conv, &pamh);
+ if (PAM_SUCCESS != ret) {
+ SYSLOG ((LOG_ERR, "pam_start: error %d", ret);
+ fprintf (stderr,
+ _("%s: pam_start: error %d\n"),
+ Prog, ret));
+ exit (1);
+ }
+
+ ret = pam_set_item (pamh, PAM_TTY, (const void *) caller_tty);
+ if (PAM_SUCCESS == ret) {
+ ret = pam_set_item (pamh, PAM_RUSER, (const void *) caller_name);
+ }
+ if (PAM_SUCCESS != ret) {
+ SYSLOG ((LOG_ERR, "pam_set_item: %s",
+ pam_strerror (pamh, ret)));
+ fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
+ pam_end (pamh, ret);
+ exit (1);
+ }
+#endif /* USE_PAM */
+
+ pw = check_perms ();
+
+ /* If the user do not want to change the environment,
+ * use the current SHELL.
+ * (unless another shell is required by the command line)
+ */
+ if ((NULL == shellstr) && !change_environment) {
+ shellstr = getenv ("SHELL");
+ }
+
+ /* If su is not called by root, and the target user has a
+ * restricted shell, the environment must be changed and the shell
+ * must be the one specified in /etc/passwd.
+ */
+ if ( !caller_is_root
+ && restricted_shell (pw->pw_shell)) {
+ shellstr = NULL;
+ change_environment = true;
+ }
+
+ /* If the shell is not set at this time, use the shell specified
+ * in /etc/passwd.
+ */
+ if (NULL == shellstr) {
+ shellstr = pw->pw_shell;
+ }
+
+ /*
+ * Set the default shell.
+ */
+ if ((NULL == shellstr) || ('\0' == shellstr[0])) {
+ shellstr = SHELL;
+ }
+
+ sulog (caller_tty, true, caller_name, name); /* save SU information */
+#ifdef USE_SYSLOG
+ if (getdef_bool ("SYSLOG_SU_ENAB")) {
+ SYSLOG ((LOG_INFO, "+ %s %s:%s", caller_tty,
+ ('\0' != caller_name[0]) ? caller_name : "???",
+ ('\0' != name[0]) ? name : "???"));
+ }
+#endif
+
+#ifdef USE_PAM
+ /* set primary group id and supplementary groups */
+ if (setup_groups (pw) != 0) {
+ pam_end (pamh, PAM_ABORT);
+ exit (1);
+ }
+
+ /*
+ * pam_setcred() may do things like resource limits, console groups,
+ * and much more, depending on the configured modules
+ */
+ ret = pam_setcred (pamh, PAM_ESTABLISH_CRED);
+ if (PAM_SUCCESS != ret) {
+ SYSLOG ((LOG_ERR, "pam_setcred: %s", pam_strerror (pamh, ret)));
+ fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
+ (void) pam_end (pamh, ret);
+ exit (1);
+ }
+
+ ret = pam_open_session (pamh, 0);
+ if (PAM_SUCCESS != ret) {
+ SYSLOG ((LOG_ERR, "pam_open_session: %s",
+ pam_strerror (pamh, ret)));
+ fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
+ pam_setcred (pamh, PAM_DELETE_CRED);
+ (void) pam_end (pamh, ret);
+ exit (1);
+ }
+
+ prepare_pam_close_session ();
+
+ /* become the new user */
+ if (change_uid (pw) != 0) {
+ exit (1);
+ }
+#else /* !USE_PAM */
+ /* no limits if su from root (unless su must fake login's behavior) */
+ if (!caller_is_root || fakelogin) {
+ setup_limits (pw);
+ }
+
+ if (setup_uid_gid (pw, caller_on_console) != 0) {
+ exit (1);
+ }
+#endif /* !USE_PAM */
+
+#ifdef WITH_AUDIT
+ audit_fd = audit_open ();
+ audit_log_acct_message (audit_fd,
+ AUDIT_USER_ROLE_CHANGE,
+ NULL, /* Prog. name */
+ "su",
+ ('\0' != caller_name[0]) ? caller_name : "???",
+ AUDIT_NO_ID,
+ "localhost",
+ NULL, /* addr */
+ caller_tty,
+ 1); /* result */
+ close (audit_fd);
+#endif /* WITH_AUDIT */
+
+ set_environment (pw);
+
+ if (!doshell) {
+ /* There is no need for a controlling terminal.
+ * This avoids the callee to inject commands on
+ * the caller's tty. */
+ int err = -1;
+
+#ifdef USE_PAM
+ /* When PAM is used, we are on the child */
+ err = setsid ();
+#else
+ /* Otherwise, we cannot use setsid */
+ int fd = open ("/dev/tty", O_RDWR);
+
+ if (fd >= 0) {
+ err = ioctl (fd, TIOCNOTTY, (char *) 0);
+ (void) close (fd);
+ } else if (ENXIO == errno) {
+ /* There are no controlling terminal already */
+ err = 0;
+ }
+#endif /* USE_PAM */
+
+ if (-1 == err) {
+ (void) fprintf (stderr,
+ _("%s: Cannot drop the controlling terminal\n"),
+ Prog);
+ exit (1);
+ }
+ }
+
+ /*
+ * PAM_DATA_SILENT is not supported by some modules, and
+ * there is no strong need to clean up the process space's
+ * memory since we will either call exec or exit.
+ pam_end (pamh, PAM_SUCCESS | PAM_DATA_SILENT);
+ */
+
+ endpwent ();
+ endspent ();
+ /*
+ * This is a workaround for Linux libc bug/feature (?) - the
+ * /dev/log file descriptor is open without the close-on-exec flag
+ * and used to be passed to the new shell. There is "fcntl(LogFile,
+ * F_SETFD, 1)" in libc/misc/syslog.c, but it is commented out (at
+ * least in 5.4.33). Why? --marekm
+ */
+ closelog ();
+
+ /*
+ * See if the user has extra arguments on the command line. In that
+ * case they will be provided to the new user's shell as arguments.
+ */
+ if (fakelogin) {
+ char *arg0;
+
+ cp = getdef_str ("SU_NAME");
+ if (NULL == cp) {
+ cp = Basename (shellstr);
+ }
+
+ arg0 = xmalloc (strlen (cp) + 2);
+ arg0[0] = '-';
+ strcpy (arg0 + 1, cp);
+ cp = arg0;
+ } else {
+ cp = Basename (shellstr);
+ }
+
+ if (!doshell) {
+ int err;
+ /* Position argv to the remaining arguments */
+ argv += optind;
+ if (NULL != command) {
+ argv -= 2;
+ argv[0] = "-c";
+ argv[1] = command;
+ }
+ /*
+ * Use the shell and create an argv
+ * with the rest of the command line included.
+ */
+ argv[-1] = cp;
+ execve_shell (shellstr, &argv[-1], environ);
+ err = errno;
+ (void) fprintf (stderr,
+ _("Cannot execute %s\n"), shellstr);
+ errno = err;
+ } else {
+ (void) shell (shellstr, cp, environ);
+ }
+
+ pw_free (pw);
+
+ return (errno == ENOENT ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+}
+
diff --git a/src/suauth.c b/src/suauth.c
new file mode 100644
index 0000000..a5bbe4c
--- /dev/null
+++ b/src/suauth.c
@@ -0,0 +1,239 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include <errno.h>
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include "defines.h"
+#include "prototypes.h"
+
+#ifndef SUAUTHFILE
+#define SUAUTHFILE "/etc/suauth"
+#endif
+
+#define NOACTION 0
+#define NOPWORD 1
+#define DENY -1
+#define OWNPWORD 2
+
+#ifdef SU_ACCESS
+
+/* Really, I could do with a few const char's here defining all the
+ * strings output to the user or the syslog. -- chris
+ */
+static int applies (const char *, char *);
+
+static int isgrp (const char *, const char *);
+
+static int lines = 0;
+
+
+int check_su_auth (const char *actual_id,
+ const char *wanted_id,
+ bool su_to_root)
+{
+ int posn, endline;
+ const char field[] = ":";
+ FILE *authfile_fd;
+ char temp[1024];
+ char *to_users;
+ char *from_users;
+ char *action;
+
+ if (!(authfile_fd = fopen (SUAUTHFILE, "r"))) {
+ int err = errno;
+ /*
+ * If the file doesn't exist - default to the standard su
+ * behaviour (no access control). If open fails for some
+ * other reason - maybe someone is trying to fool us with
+ * file descriptors limit etc., so deny access. --marekm
+ */
+ if (ENOENT == err) {
+ return NOACTION;
+ }
+ SYSLOG ((LOG_ERR,
+ "could not open/read config file '%s': %s\n",
+ SUAUTHFILE, strerror (err)));
+ return DENY;
+ }
+
+ while (fgets (temp, sizeof (temp), authfile_fd) != NULL) {
+ lines++;
+
+ if (temp[endline = strlen (temp) - 1] != '\n') {
+ SYSLOG ((LOG_ERR,
+ "%s, line %d: line too long or missing newline",
+ SUAUTHFILE, lines));
+ continue;
+ }
+
+ while (endline > 0 && (temp[endline - 1] == ' '
+ || temp[endline - 1] == '\t'
+ || temp[endline - 1] == '\n'))
+ endline--;
+ temp[endline] = '\0';
+
+ posn = 0;
+ while (temp[posn] == ' ' || temp[posn] == '\t')
+ posn++;
+
+ if (temp[posn] == '\n' || temp[posn] == '#'
+ || temp[posn] == '\0') {
+ continue;
+ }
+ if (!(to_users = strtok (temp + posn, field))
+ || !(from_users = strtok ((char *) NULL, field))
+ || !(action = strtok ((char *) NULL, field))
+ || strtok ((char *) NULL, field)) {
+ SYSLOG ((LOG_ERR,
+ "%s, line %d. Bad number of fields.\n",
+ SUAUTHFILE, lines));
+ continue;
+ }
+
+ if (!applies (wanted_id, to_users))
+ continue;
+ if (!applies (actual_id, from_users))
+ continue;
+ if (!strcmp (action, "DENY")) {
+ SYSLOG ((su_to_root ? LOG_WARN : LOG_NOTICE,
+ "DENIED su from '%s' to '%s' (%s)\n",
+ actual_id, wanted_id, SUAUTHFILE));
+ fputs (_("Access to su to that account DENIED.\n"),
+ stderr);
+ fclose (authfile_fd);
+ return DENY;
+ } else if (!strcmp (action, "NOPASS")) {
+ SYSLOG ((su_to_root ? LOG_NOTICE : LOG_INFO,
+ "NO password asked for su from '%s' to '%s' (%s)\n",
+ actual_id, wanted_id, SUAUTHFILE));
+ fputs (_("Password authentication bypassed.\n"),stderr);
+ fclose (authfile_fd);
+ return NOPWORD;
+ } else if (!strcmp (action, "OWNPASS")) {
+ SYSLOG ((su_to_root ? LOG_NOTICE : LOG_INFO,
+ "su from '%s' to '%s': asking for user's own password (%s)\n",
+ actual_id, wanted_id, SUAUTHFILE));
+ fputs (_("Please enter your OWN password as authentication.\n"),
+ stderr);
+ fclose (authfile_fd);
+ return OWNPWORD;
+ } else {
+ SYSLOG ((LOG_ERR,
+ "%s, line %d: unrecognised action!\n",
+ SUAUTHFILE, lines));
+ }
+ }
+ fclose (authfile_fd);
+ return NOACTION;
+}
+
+static int applies (const char *single, char *list)
+{
+ const char split[] = ", ";
+ char *tok;
+
+ int state = 0;
+
+ for (tok = strtok (list, split); tok != NULL;
+ tok = strtok (NULL, split)) {
+
+ if (!strcmp (tok, "ALL")) {
+ if (state != 0) {
+ SYSLOG ((LOG_ERR,
+ "%s, line %d: ALL in bad place\n",
+ SUAUTHFILE, lines));
+ return 0;
+ }
+ state = 1;
+ } else if (!strcmp (tok, "EXCEPT")) {
+ if (state != 1) {
+ SYSLOG ((LOG_ERR,
+ "%s, line %d: EXCEPT in bas place\n",
+ SUAUTHFILE, lines));
+ return 0;
+ }
+ state = 2;
+ } else if (!strcmp (tok, "GROUP")) {
+ if ((state != 0) && (state != 2)) {
+ SYSLOG ((LOG_ERR,
+ "%s, line %d: GROUP in bad place\n",
+ SUAUTHFILE, lines));
+ return 0;
+ }
+ state = (state == 0) ? 3 : 4;
+ } else {
+ switch (state) {
+ case 0: /* No control words yet */
+ if (!strcmp (tok, single))
+ return 1;
+ break;
+ case 1: /* An all */
+ SYSLOG ((LOG_ERR,
+ "%s, line %d: expect another token after ALL\n",
+ SUAUTHFILE, lines));
+ return 0;
+ case 2: /* All except */
+ if (!strcmp (tok, single))
+ return 0;
+ break;
+ case 3: /* Group */
+ if (isgrp (single, tok))
+ return 1;
+ break;
+ case 4: /* All except group */
+ if (isgrp (single, tok))
+ return 0;
+ /* FALL THRU */
+ }
+ }
+ }
+ if ((state != 0) && (state != 3))
+ return 1;
+ return 0;
+}
+
+static int isgrp (const char *name, const char *group)
+{
+ struct group *grp;
+
+ grp = getgrnam (group); /* local, no need for xgetgrnam */
+
+ if (!grp || !grp->gr_mem)
+ return 0;
+
+ return is_on_list (grp->gr_mem, name);
+}
+#endif /* SU_ACCESS */
diff --git a/src/sulogin.c b/src/sulogin.c
new file mode 100644
index 0000000..4264099
--- /dev/null
+++ b/src/sulogin.c
@@ -0,0 +1,257 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/ioctl.h>
+#include "defines.h"
+#include "getdef.h"
+#include "prototypes.h"
+#include "pwauth.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static char name[BUFSIZ];
+static char pass[BUFSIZ];
+
+static struct passwd pwent;
+
+extern char **newenvp;
+extern size_t newenvc;
+
+extern char **environ;
+
+#ifndef ALARM
+#define ALARM 60
+#endif
+
+/* local function prototypes */
+static RETSIGTYPE catch_signals (int);
+
+static RETSIGTYPE catch_signals (unused int sig)
+{
+ _exit (1);
+}
+
+/*
+ * syslogd is usually not running at the time when sulogin is typically
+ * called, cluttering the screen with unnecessary messages. Suggested by
+ * Ivan Nejgebauer <ian@unsux.ns.ac.yu>. --marekm
+ */
+#undef USE_SYSLOG
+
+ /*ARGSUSED*/ int main (int argc, char **argv)
+{
+#ifndef USE_PAM
+ const char *env;
+#endif /* !USE_PAM */
+ char **envp = environ;
+ TERMIO termio;
+ int err = 0;
+
+#ifdef USE_TERMIO
+ ioctl (0, TCGETA, &termio);
+ termio.c_iflag |= (ICRNL | IXON);
+ termio.c_oflag |= (OPOST | ONLCR);
+ termio.c_cflag |= (CREAD);
+ termio.c_lflag |= (ISIG | ICANON | ECHO | ECHOE | ECHOK);
+ ioctl (0, TCSETAF, &termio);
+#endif
+#ifdef USE_TERMIOS
+ tcgetattr (0, &termio);
+ termio.c_iflag |= (ICRNL | IXON);
+ termio.c_oflag |= (CREAD);
+ termio.c_lflag |= (ECHO | ECHOE | ECHOK | ICANON | ISIG);
+ tcsetattr (0, TCSANOW, &termio);
+#endif
+
+ Prog = Basename (argv[0]);
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+#ifdef USE_SYSLOG
+ OPENLOG ("sulogin");
+#endif
+ initenv ();
+ if (argc > 1) {
+ close (0);
+ close (1);
+ close (2);
+
+ if (open (argv[1], O_RDWR) >= 0) {
+ dup (0);
+ dup (0);
+ } else {
+#ifdef USE_SYSLOG
+ SYSLOG (LOG_WARN, "cannot open %s\n", argv[1]);
+ closelog ();
+#endif
+ exit (1);
+ }
+ }
+ if (access (PASSWD_FILE, F_OK) == -1) { /* must be a password file! */
+ (void) puts (_("No password file"));
+#ifdef USE_SYSLOG
+ SYSLOG (LOG_WARN, "No password file\n");
+ closelog ();
+#endif
+ exit (1);
+ }
+#if !defined(DEBUG) && defined(SULOGIN_ONLY_INIT)
+ if (getppid () != 1) { /* parent must be INIT */
+#ifdef USE_SYSLOG
+ SYSLOG (LOG_WARN, "Pid == %d, not 1\n", getppid ());
+ closelog ();
+#endif
+ exit (1);
+ }
+#endif
+ if ((isatty (0) == 0) || (isatty (1) == 0) || (isatty (2) == 0)) {
+#ifdef USE_SYSLOG
+ closelog ();
+#endif
+ exit (1); /* must be a terminal */
+ }
+ /* If we were init, we need to start a new session */
+ if (getppid() == 1) {
+ setsid();
+ if (ioctl(0, TIOCSCTTY, 1) != 0) {
+ (void) fputs (_("TIOCSCTTY failed"), stderr);
+ }
+ }
+ while (NULL != *envp) { /* add inherited environment, */
+ addenv (*envp, NULL); /* some variables change later */
+ envp++;
+ }
+
+#ifndef USE_PAM
+ env = getdef_str ("ENV_TZ");
+ if (NULL != env) {
+ addenv (('/' == *env) ? tz (env) : env, NULL);
+ }
+ env = getdef_str ("ENV_HZ");
+ if (NULL != env) {
+ addenv (env, NULL); /* set the default $HZ, if one */
+ }
+#endif /* !USE_PAM */
+
+ (void) strcpy (name, "root"); /* KLUDGE!!! */
+
+ (void) signal (SIGALRM, catch_signals); /* exit if the timer expires */
+ (void) alarm (ALARM); /* only wait so long ... */
+
+ while (true) { /* repeatedly get login/password pairs */
+ char *cp;
+ pw_entry (name, &pwent); /* get entry from password file */
+ if (pwent.pw_name == (char *) 0) {
+ /*
+ * Fail secure
+ */
+ (void) puts (_("No password entry for 'root'"));
+#ifdef USE_SYSLOG
+ SYSLOG (LOG_WARN, "No password entry for 'root'\n");
+ closelog ();
+#endif
+ exit (1);
+ }
+
+ /*
+ * Here we prompt for the root password, or if no password
+ * is given we just exit.
+ */
+
+ /* get a password for root */
+ cp = getpass (_(
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"));
+ /*
+ * XXX - can't enter single user mode if root password is
+ * empty. I think this doesn't happen very often :-). But
+ * it will work with standard getpass() (no NULL on EOF).
+ * --marekm
+ */
+ if ((NULL == cp) || ('\0' == *cp)) {
+#ifdef USE_SYSLOG
+ SYSLOG (LOG_INFO, "Normal startup\n");
+ closelog ();
+#endif
+ (void) puts ("");
+#ifdef TELINIT
+ execl (PATH_TELINIT, "telinit", RUNLEVEL, (char *) 0);
+#endif
+ exit (0);
+ } else {
+ STRFCPY (pass, cp);
+ strzero (cp);
+ }
+ if (valid (pass, &pwent)) { /* check encrypted passwords ... */
+ break; /* ... encrypted passwords matched */
+ }
+
+#ifdef USE_SYSLOG
+ SYSLOG (LOG_WARN, "Incorrect root password\n");
+#endif
+ sleep (2);
+ (void) puts (_("Login incorrect"));
+ }
+ strzero (pass);
+ (void) alarm (0);
+ (void) signal (SIGALRM, SIG_DFL);
+ environ = newenvp; /* make new environment active */
+
+ (void) puts (_("Entering System Maintenance Mode"));
+#ifdef USE_SYSLOG
+ SYSLOG (LOG_INFO, "System Maintenance Mode\n");
+#endif
+
+#ifdef USE_SYSLOG
+ closelog ();
+#endif
+ /* exec the shell finally. */
+ err = shell (pwent.pw_shell, (char *) 0, environ);
+
+ return ((err == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+}
+
diff --git a/src/useradd.c b/src/useradd.c
new file mode 100644
index 0000000..0e0fa1f
--- /dev/null
+++ b/src/useradd.c
@@ -0,0 +1,2315 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2012, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <lastlog.h>
+#include <pwd.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+#include <stdio.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <time.h>
+#include <unistd.h>
+#include "chkname.h"
+#include "defines.h"
+#include "faillog.h"
+#include "getdef.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+#include "shadowio.h"
+#ifdef ENABLE_SUBIDS
+#include "subordinateio.h"
+#endif /* ENABLE_SUBIDS */
+#ifdef WITH_TCB
+#include "tcbfuncs.h"
+#endif
+
+#ifndef SKEL_DIR
+#define SKEL_DIR "/etc/skel"
+#endif
+#ifndef USER_DEFAULTS_FILE
+#define USER_DEFAULTS_FILE "/etc/default/useradd"
+#define NEW_USER_FILE "/etc/default/nuaddXXXXXX"
+#endif
+/*
+ * Needed for MkLinux DR1/2/2.1 - J.
+ */
+#ifndef LASTLOG_FILE
+#define LASTLOG_FILE "/var/log/lastlog"
+#endif
+/*
+ * Global variables
+ */
+const char *Prog;
+
+/*
+ * These defaults are used if there is no defaults file.
+ */
+static gid_t def_group = 100;
+static const char *def_gname = "other";
+static const char *def_home = "/home";
+static const char *def_shell = "";
+static const char *def_template = SKEL_DIR;
+static const char *def_create_mail_spool = "no";
+
+static long def_inactive = -1;
+static const char *def_expire = "";
+
+#define VALID(s) (strcspn (s, ":\n") == strlen (s))
+
+static const char *user_name = "";
+static const char *user_pass = "!";
+static uid_t user_id;
+static gid_t user_gid;
+static const char *user_comment = "";
+static const char *user_home = "";
+static const char *user_shell = "";
+static const char *create_mail_spool = "";
+#ifdef WITH_SELINUX
+static /*@notnull@*/const char *user_selinux = "";
+#endif /* WITH_SELINUX */
+
+static long user_expire = -1;
+static bool is_shadow_pwd;
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+static bool sgr_locked = false;
+#endif
+#ifdef ENABLE_SUBIDS
+static bool is_sub_uid = false;
+static bool is_sub_gid = false;
+static bool sub_uid_locked = false;
+static bool sub_gid_locked = false;
+static uid_t sub_uid_start; /* New subordinate uid range */
+static unsigned long sub_uid_count;
+static gid_t sub_gid_start; /* New subordinate gid range */
+static unsigned long sub_gid_count;
+#endif /* ENABLE_SUBIDS */
+static bool pw_locked = false;
+static bool gr_locked = false;
+static bool spw_locked = false;
+static char **user_groups; /* NULL-terminated list */
+static long sys_ngroups;
+static bool do_grp_update = false; /* group files need to be updated */
+
+static bool
+ bflg = false, /* new default root of home directory */
+ cflg = false, /* comment (GECOS) field for new account */
+ dflg = false, /* home directory for new account */
+ Dflg = false, /* set/show new user default values */
+ eflg = false, /* days since 1970-01-01 when account is locked */
+ fflg = false, /* days until account with expired password is locked */
+ gflg = false, /* primary group ID for new account */
+ Gflg = false, /* secondary group set for new account */
+ kflg = false, /* specify a directory to fill new user directory */
+ lflg = false, /* do not add user to lastlog/faillog databases */
+ mflg = false, /* create user's home directory if it doesn't exist */
+ Mflg = false, /* do not create user's home directory even if CREATE_HOME is set */
+ Nflg = false, /* do not create a group having the same name as the user, but add the user to def_group (or the group specified with -g) */
+ oflg = false, /* permit non-unique user ID to be specified with -u */
+ rflg = false, /* create a system account */
+ sflg = false, /* shell program for new account */
+ uflg = false, /* specify user ID for new account */
+ Uflg = false; /* create a group having the same name as the user */
+
+#ifdef WITH_SELINUX
+#define Zflg ('\0' != *user_selinux)
+#endif /* WITH_SELINUX */
+
+static bool home_added = false;
+
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS 0 /* success */
+#define E_PW_UPDATE 1 /* can't update password file */
+#define E_USAGE 2 /* invalid command syntax */
+#define E_BAD_ARG 3 /* invalid argument to option */
+#define E_UID_IN_USE 4 /* UID already in use (and no -o) */
+#define E_NOTFOUND 6 /* specified group doesn't exist */
+#define E_NAME_IN_USE 9 /* username already in use */
+#define E_GRP_UPDATE 10 /* can't update group file */
+#define E_HOMEDIR 12 /* can't create home directory */
+#define E_SE_UPDATE 14 /* can't update SELinux user mapping */
+#ifdef ENABLE_SUBIDS
+#define E_SUB_UID_UPDATE 16 /* can't update the subordinate uid file */
+#define E_SUB_GID_UPDATE 18 /* can't update the subordinate gid file */
+#endif /* ENABLE_SUBIDS */
+
+#define DGROUP "GROUP="
+#define DHOME "HOME="
+#define DSHELL "SHELL="
+#define DINACT "INACTIVE="
+#define DEXPIRE "EXPIRE="
+#define DSKEL "SKEL="
+#define DCREATE_MAIL_SPOOL "CREATE_MAIL_SPOOL="
+
+/* local function prototypes */
+static void fail_exit (int);
+static void get_defaults (void);
+static void show_defaults (void);
+static int set_defaults (void);
+static int get_groups (char *);
+static void usage (int status);
+static void new_pwent (struct passwd *);
+
+static long scale_age (long);
+static void new_spent (struct spwd *);
+static void grp_update (void);
+
+static void process_flags (int argc, char **argv);
+static void close_files (void);
+static void open_files (void);
+static void open_shadow (void);
+static void faillog_reset (uid_t);
+static void lastlog_reset (uid_t);
+static void tallylog_reset (char *);
+static void usr_update (void);
+static void create_home (void);
+static void create_mail (void);
+
+/*
+ * fail_exit - undo as much as possible
+ */
+static void fail_exit (int code)
+{
+ if (home_added) {
+ if (rmdir (user_home) != 0) {
+ fprintf (stderr,
+ _("%s: %s was created, but could not be removed\n"),
+ Prog, user_home);
+ SYSLOG ((LOG_ERR, "failed to remove %s", user_home));
+ }
+ }
+
+ if (spw_locked) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking shadow file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ }
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking passwd file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ }
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking group file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ }
+#ifdef SHADOWGRP
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking gshadow file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ }
+#endif
+#ifdef ENABLE_SUBIDS
+ if (sub_uid_locked) {
+ if (sub_uid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking subordinate user file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ }
+ if (sub_gid_locked) {
+ if (sub_gid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking subordinate group file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ }
+#endif /* ENABLE_SUBIDS */
+
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ SYSLOG ((LOG_INFO, "failed adding user '%s', data deleted", user_name));
+ exit (code);
+}
+
+#define MATCH(x,y) (strncmp((x),(y),strlen(y)) == 0)
+
+/*
+ * get_defaults - read the defaults file
+ *
+ * get_defaults() reads the defaults file for this command. It sets the
+ * various values from the file, or uses built-in default values if the
+ * file does not exist.
+ */
+static void get_defaults (void)
+{
+ FILE *fp;
+ char buf[1024];
+ char *cp;
+
+ /*
+ * Open the defaults file for reading.
+ */
+
+ fp = fopen (USER_DEFAULTS_FILE, "r");
+ if (NULL == fp) {
+ return;
+ }
+
+ /*
+ * Read the file a line at a time. Only the lines that have relevant
+ * values are used, everything else can be ignored.
+ */
+ while (fgets (buf, (int) sizeof buf, fp) == buf) {
+ cp = strrchr (buf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ }
+
+ cp = strchr (buf, '=');
+ if (NULL == cp) {
+ continue;
+ }
+
+ cp++;
+
+ /*
+ * Primary GROUP identifier
+ */
+ if (MATCH (buf, DGROUP)) {
+ const struct group *grp = getgr_nam_gid (cp);
+ if (NULL == grp) {
+ fprintf (stderr,
+ _("%s: group '%s' does not exist\n"),
+ Prog, cp);
+ fprintf (stderr,
+ _("%s: the %s configuration in %s will be ignored\n"),
+ Prog, DGROUP, USER_DEFAULTS_FILE);
+ } else {
+ def_group = grp->gr_gid;
+ def_gname = xstrdup (grp->gr_name);
+ }
+ }
+
+ /*
+ * Default HOME filesystem
+ */
+ else if (MATCH (buf, DHOME)) {
+ def_home = xstrdup (cp);
+ }
+
+ /*
+ * Default Login Shell command
+ */
+ else if (MATCH (buf, DSHELL)) {
+ def_shell = xstrdup (cp);
+ }
+
+ /*
+ * Default Password Inactive value
+ */
+ else if (MATCH (buf, DINACT)) {
+ if ( (getlong (cp, &def_inactive) == 0)
+ || (def_inactive < -1)) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, cp);
+ fprintf (stderr,
+ _("%s: the %s configuration in %s will be ignored\n"),
+ Prog, DINACT, USER_DEFAULTS_FILE);
+ def_inactive = -1;
+ }
+ }
+
+ /*
+ * Default account expiration date
+ */
+ else if (MATCH (buf, DEXPIRE)) {
+ def_expire = xstrdup (cp);
+ }
+
+ /*
+ * Default Skeleton information
+ */
+ else if (MATCH (buf, DSKEL)) {
+ if ('\0' == *cp) {
+ cp = SKEL_DIR; /* XXX warning: const */
+ }
+
+ def_template = xstrdup (cp);
+ }
+
+ /*
+ * Create by default user mail spool or not ?
+ */
+ else if (MATCH (buf, DCREATE_MAIL_SPOOL)) {
+ if (*cp == '\0') {
+ cp = "no"; /* XXX warning: const */
+ }
+
+ def_create_mail_spool = xstrdup (cp);
+ }
+ }
+ (void) fclose (fp);
+}
+
+/*
+ * show_defaults - show the contents of the defaults file
+ *
+ * show_defaults() displays the values that are used from the default
+ * file and the built-in values.
+ */
+static void show_defaults (void)
+{
+ printf ("GROUP=%u\n", (unsigned int) def_group);
+ printf ("HOME=%s\n", def_home);
+ printf ("INACTIVE=%ld\n", def_inactive);
+ printf ("EXPIRE=%s\n", def_expire);
+ printf ("SHELL=%s\n", def_shell);
+ printf ("SKEL=%s\n", def_template);
+ printf ("CREATE_MAIL_SPOOL=%s\n", def_create_mail_spool);
+}
+
+/*
+ * set_defaults - write new defaults file
+ *
+ * set_defaults() re-writes the defaults file using the values that
+ * are currently set. Duplicated lines are pruned, missing lines are
+ * added, and unrecognized lines are copied as is.
+ */
+static int set_defaults (void)
+{
+ FILE *ifp;
+ FILE *ofp;
+ char buf[1024];
+ static char new_file[] = NEW_USER_FILE;
+ char *cp;
+ int ofd;
+ int wlen;
+ bool out_group = false;
+ bool out_home = false;
+ bool out_inactive = false;
+ bool out_expire = false;
+ bool out_shell = false;
+ bool out_skel = false;
+ bool out_create_mail_spool = false;
+
+ /*
+ * Create a temporary file to copy the new output to.
+ */
+ ofd = mkstemp (new_file);
+ if (-1 == ofd) {
+ fprintf (stderr,
+ _("%s: cannot create new defaults file\n"),
+ Prog);
+ return -1;
+ }
+
+ ofp = fdopen (ofd, "w");
+ if (NULL == ofp) {
+ fprintf (stderr,
+ _("%s: cannot open new defaults file\n"),
+ Prog);
+ return -1;
+ }
+
+ /*
+ * Open the existing defaults file and copy the lines to the
+ * temporary file, using any new values. Each line is checked
+ * to insure that it is not output more than once.
+ */
+ ifp = fopen (USER_DEFAULTS_FILE, "r");
+ if (NULL == ifp) {
+ fprintf (ofp, "# useradd defaults file\n");
+ goto skip;
+ }
+
+ while (fgets (buf, (int) sizeof buf, ifp) == buf) {
+ cp = strrchr (buf, '\n');
+ if (NULL != cp) {
+ *cp = '\0';
+ } else {
+ /* A line which does not end with \n is only valid
+ * at the end of the file.
+ */
+ if (feof (ifp) == 0) {
+ fprintf (stderr,
+ _("%s: line too long in %s: %s..."),
+ Prog, USER_DEFAULTS_FILE, buf);
+ (void) fclose (ifp);
+ return -1;
+ }
+ }
+
+ if (!out_group && MATCH (buf, DGROUP)) {
+ fprintf (ofp, DGROUP "%u\n", (unsigned int) def_group);
+ out_group = true;
+ } else if (!out_home && MATCH (buf, DHOME)) {
+ fprintf (ofp, DHOME "%s\n", def_home);
+ out_home = true;
+ } else if (!out_inactive && MATCH (buf, DINACT)) {
+ fprintf (ofp, DINACT "%ld\n", def_inactive);
+ out_inactive = true;
+ } else if (!out_expire && MATCH (buf, DEXPIRE)) {
+ fprintf (ofp, DEXPIRE "%s\n", def_expire);
+ out_expire = true;
+ } else if (!out_shell && MATCH (buf, DSHELL)) {
+ fprintf (ofp, DSHELL "%s\n", def_shell);
+ out_shell = true;
+ } else if (!out_skel && MATCH (buf, DSKEL)) {
+ fprintf (ofp, DSKEL "%s\n", def_template);
+ out_skel = true;
+ } else if (!out_create_mail_spool
+ && MATCH (buf, DCREATE_MAIL_SPOOL)) {
+ fprintf (ofp,
+ DCREATE_MAIL_SPOOL "%s\n",
+ def_create_mail_spool);
+ out_create_mail_spool = true;
+ } else
+ fprintf (ofp, "%s\n", buf);
+ }
+ (void) fclose (ifp);
+
+ skip:
+ /*
+ * Check each line to insure that every line was output. This
+ * causes new values to be added to a file which did not previously
+ * have an entry for that value.
+ */
+ if (!out_group)
+ fprintf (ofp, DGROUP "%u\n", (unsigned int) def_group);
+ if (!out_home)
+ fprintf (ofp, DHOME "%s\n", def_home);
+ if (!out_inactive)
+ fprintf (ofp, DINACT "%ld\n", def_inactive);
+ if (!out_expire)
+ fprintf (ofp, DEXPIRE "%s\n", def_expire);
+ if (!out_shell)
+ fprintf (ofp, DSHELL "%s\n", def_shell);
+ if (!out_skel)
+ fprintf (ofp, DSKEL "%s\n", def_template);
+
+ if (!out_create_mail_spool)
+ fprintf (ofp, DCREATE_MAIL_SPOOL "%s\n", def_create_mail_spool);
+
+ /*
+ * Flush and close the file. Check for errors to make certain
+ * the new file is intact.
+ */
+ (void) fflush (ofp);
+ if ( (ferror (ofp) != 0)
+ || (fsync (fileno (ofp)) != 0)
+ || (fclose (ofp) != 0)) {
+ unlink (new_file);
+ return -1;
+ }
+
+ /*
+ * Rename the current default file to its backup name.
+ */
+ wlen = snprintf (buf, sizeof buf, "%s-", USER_DEFAULTS_FILE);
+ assert (wlen < (int) sizeof buf);
+ unlink (buf);
+ if ((link (USER_DEFAULTS_FILE, buf) != 0) && (ENOENT != errno)) {
+ int err = errno;
+ fprintf (stderr,
+ _("%s: Cannot create backup file (%s): %s\n"),
+ Prog, buf, strerror (err));
+ unlink (new_file);
+ return -1;
+ }
+
+ /*
+ * Rename the new default file to its correct name.
+ */
+ if (rename (new_file, USER_DEFAULTS_FILE) != 0) {
+ int err = errno;
+ fprintf (stderr,
+ _("%s: rename: %s: %s\n"),
+ Prog, new_file, strerror (err));
+ return -1;
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USYS_CONFIG, Prog,
+ "changing useradd defaults",
+ NULL, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO,
+ "useradd defaults: GROUP=%u, HOME=%s, SHELL=%s, INACTIVE=%ld, "
+ "EXPIRE=%s, SKEL=%s, CREATE_MAIL_SPOOL=%s",
+ (unsigned int) def_group, def_home, def_shell,
+ def_inactive, def_expire, def_template,
+ def_create_mail_spool));
+ return 0;
+}
+
+/*
+ * get_groups - convert a list of group names to an array of group IDs
+ *
+ * get_groups() takes a comma-separated list of group names and
+ * converts it to a NULL-terminated array. Any unknown group
+ * names are reported as errors.
+ */
+static int get_groups (char *list)
+{
+ char *cp;
+ const struct group *grp;
+ int errors = 0;
+ int ngroups = 0;
+
+ if ('\0' == *list) {
+ return 0;
+ }
+
+ /*
+ * So long as there is some data to be converted, strip off
+ * each name and look it up. A mix of numerical and string
+ * values for group identifiers is permitted.
+ */
+ do {
+ /*
+ * Strip off a single name from the list
+ */
+ cp = strchr (list, ',');
+ if (NULL != cp) {
+ *cp++ = '\0';
+ }
+
+ /*
+ * Names starting with digits are treated as numerical
+ * GID values, otherwise the string is looked up as is.
+ */
+ grp = getgr_nam_gid (list);
+
+ /*
+ * There must be a match, either by GID value or by
+ * string name.
+ * FIXME: It should exist according to gr_locate,
+ * otherwise, we can't change its members
+ */
+ if (NULL == grp) {
+ fprintf (stderr,
+ _("%s: group '%s' does not exist\n"),
+ Prog, list);
+ errors++;
+ }
+ list = cp;
+
+ /*
+ * If the group doesn't exist, don't dump core...
+ * Instead, try the next one. --marekm
+ */
+ if (NULL == grp) {
+ continue;
+ }
+
+#ifdef USE_NIS
+ /*
+ * Don't add this group if they are an NIS group. Tell
+ * the user to go to the server for this group.
+ */
+ if (__isgrNIS ()) {
+ fprintf (stderr,
+ _("%s: group '%s' is a NIS group.\n"),
+ Prog, grp->gr_name);
+ continue;
+ }
+#endif
+
+ if (ngroups == sys_ngroups) {
+ fprintf (stderr,
+ _("%s: too many groups specified (max %d).\n"),
+ Prog, ngroups);
+ break;
+ }
+
+ /*
+ * Add the group name to the user's list of groups.
+ */
+ user_groups[ngroups++] = xstrdup (grp->gr_name);
+ } while (NULL != list);
+
+ user_groups[ngroups] = (char *) 0;
+
+ /*
+ * Any errors in finding group names are fatal
+ */
+ if (0 != errors) {
+ return -1;
+ }
+
+ return 0;
+}
+
+/*
+ * usage - display usage message and exit
+ */
+static void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options] LOGIN\n"
+ " %s -D\n"
+ " %s -D [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog, Prog, Prog);
+ (void) fputs (_(" -b, --base-dir BASE_DIR base directory for the home directory of the\n"
+ " new account\n"), usageout);
+ (void) fputs (_(" -c, --comment COMMENT GECOS field of the new account\n"), usageout);
+ (void) fputs (_(" -d, --home-dir HOME_DIR home directory of the new account\n"), usageout);
+ (void) fputs (_(" -D, --defaults print or change default useradd configuration\n"), usageout);
+ (void) fputs (_(" -e, --expiredate EXPIRE_DATE expiration date of the new account\n"), usageout);
+ (void) fputs (_(" -f, --inactive INACTIVE password inactivity period of the new account\n"), usageout);
+ (void) fputs (_(" -g, --gid GROUP name or ID of the primary group of the new\n"
+ " account\n"), usageout);
+ (void) fputs (_(" -G, --groups GROUPS list of supplementary groups of the new\n"
+ " account\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -k, --skel SKEL_DIR use this alternative skeleton directory\n"), usageout);
+ (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), usageout);
+ (void) fputs (_(" -l, --no-log-init do not add the user to the lastlog and\n"
+ " faillog databases\n"), usageout);
+ (void) fputs (_(" -m, --create-home create the user's home directory\n"), usageout);
+ (void) fputs (_(" -M, --no-create-home do not create the user's home directory\n"), usageout);
+ (void) fputs (_(" -N, --no-user-group do not create a group with the same name as\n"
+ " the user\n"), usageout);
+ (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n"
+ " (non-unique) UID\n"), usageout);
+ (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout);
+ (void) fputs (_(" -r, --system create a system account\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), usageout);
+ (void) fputs (_(" -u, --uid UID user ID of the new account\n"), usageout);
+ (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), usageout);
+#ifdef WITH_SELINUX
+ (void) fputs (_(" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping\n"), usageout);
+#endif /* WITH_SELINUX */
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * new_pwent - initialize the values in a password file entry
+ *
+ * new_pwent() takes all of the values that have been entered and
+ * fills in a (struct passwd) with them.
+ */
+static void new_pwent (struct passwd *pwent)
+{
+ memzero (pwent, sizeof *pwent);
+ pwent->pw_name = (char *) user_name;
+ if (is_shadow_pwd) {
+ pwent->pw_passwd = (char *) SHADOW_PASSWD_STRING;
+ } else {
+ pwent->pw_passwd = (char *) user_pass;
+ }
+
+ pwent->pw_uid = user_id;
+ pwent->pw_gid = user_gid;
+ pwent->pw_gecos = (char *) user_comment;
+ pwent->pw_dir = (char *) user_home;
+ pwent->pw_shell = (char *) user_shell;
+}
+
+static long scale_age (long x)
+{
+ if (x <= 0) {
+ return x;
+ }
+
+ return x * (DAY / SCALE);
+}
+
+/*
+ * new_spent - initialize the values in a shadow password file entry
+ *
+ * new_spent() takes all of the values that have been entered and
+ * fills in a (struct spwd) with them.
+ */
+static void new_spent (struct spwd *spent)
+{
+ memzero (spent, sizeof *spent);
+ spent->sp_namp = (char *) user_name;
+ spent->sp_pwdp = (char *) user_pass;
+ spent->sp_lstchg = (long) gettime () / SCALE;
+ if (0 == spent->sp_lstchg) {
+ /* Better disable aging than requiring a password change */
+ spent->sp_lstchg = -1;
+ }
+ if (!rflg) {
+ spent->sp_min = scale_age (getdef_num ("PASS_MIN_DAYS", -1));
+ spent->sp_max = scale_age (getdef_num ("PASS_MAX_DAYS", -1));
+ spent->sp_warn = scale_age (getdef_num ("PASS_WARN_AGE", -1));
+ spent->sp_inact = scale_age (def_inactive);
+ spent->sp_expire = scale_age (user_expire);
+ } else {
+ spent->sp_min = -1;
+ spent->sp_max = -1;
+ spent->sp_warn = -1;
+ spent->sp_inact = -1;
+ spent->sp_expire = -1;
+ }
+ spent->sp_flag = SHADOW_SP_FLAG_UNSET;
+}
+
+/*
+ * grp_update - add user to secondary group set
+ *
+ * grp_update() takes the secondary group set given in user_groups
+ * and adds the user to each group given by that set.
+ *
+ * The group files are opened and locked in open_files().
+ *
+ * close_files() should be called afterwards to commit the changes
+ * and unlocking the group files.
+ */
+static void grp_update (void)
+{
+ const struct group *grp;
+ struct group *ngrp;
+
+#ifdef SHADOWGRP
+ const struct sgrp *sgrp;
+ struct sgrp *nsgrp;
+#endif
+
+ /*
+ * Scan through the entire group file looking for the groups that
+ * the user is a member of.
+ * FIXME: we currently do not check that all groups of user_groups
+ * were completed with the new user.
+ */
+ for (gr_rewind (), grp = gr_next (); NULL != grp; grp = gr_next ()) {
+
+ /*
+ * See if the user specified this group as one of their
+ * concurrent groups.
+ */
+ if (!is_on_list (user_groups, grp->gr_name)) {
+ continue;
+ }
+
+ /*
+ * Make a copy - gr_update() will free() everything
+ * from the old entry, and we need it later.
+ */
+ ngrp = __gr_dup (grp);
+ if (NULL == ngrp) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to group",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ fail_exit (E_GRP_UPDATE); /* XXX */
+ }
+
+ /*
+ * Add the username to the list of group members and
+ * update the group entry to reflect the change.
+ */
+ ngrp->gr_mem = add_list (ngrp->gr_mem, user_name);
+ if (gr_update (ngrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), ngrp->gr_name);
+ SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to group",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ fail_exit (E_GRP_UPDATE);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to group",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO,
+ "add '%s' to group '%s'",
+ user_name, ngrp->gr_name));
+ }
+
+#ifdef SHADOWGRP
+ if (!is_shadow_grp)
+ return;
+
+ /*
+ * Scan through the entire shadow group file looking for the groups
+ * that the user is a member of. The administrative list isn't
+ * modified.
+ */
+ for (sgr_rewind (), sgrp = sgr_next (); NULL != sgrp; sgrp = sgr_next ()) {
+
+ /*
+ * See if the user specified this group as one of their
+ * concurrent groups.
+ * FIXME: is it really needed?
+ * This would be important only if the group is in
+ * user_groups. All these groups should be checked
+ * for existence with gr_locate already.
+ */
+ if (gr_locate (sgrp->sg_name) == NULL) {
+ continue;
+ }
+
+ if (!is_on_list (user_groups, sgrp->sg_name)) {
+ continue;
+ }
+
+ /*
+ * Make a copy - sgr_update() will free() everything
+ * from the old entry, and we need it later.
+ */
+ nsgrp = __sgr_dup (sgrp);
+ if (NULL == nsgrp) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to shadow group",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ fail_exit (E_GRP_UPDATE); /* XXX */
+ }
+
+ /*
+ * Add the username to the list of group members and
+ * update the group entry to reflect the change.
+ */
+ nsgrp->sg_mem = add_list (nsgrp->sg_mem, user_name);
+ if (sgr_update (nsgrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), nsgrp->sg_name);
+ SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to shadow group",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ fail_exit (E_GRP_UPDATE);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to shadow group",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ SYSLOG ((LOG_INFO,
+ "add '%s' to shadow group '%s'",
+ user_name, nsgrp->sg_name));
+ }
+#endif /* SHADOWGRP */
+}
+
+/*
+ * process_flags - perform command line argument setting
+ *
+ * process_flags() interprets the command line arguments and sets
+ * the values that the user will be created with accordingly. The
+ * values are checked for sanity.
+ */
+static void process_flags (int argc, char **argv)
+{
+ const struct group *grp;
+ bool anyflag = false;
+ char *cp;
+
+ {
+ /*
+ * Parse the command line options.
+ */
+ int c;
+ static struct option long_options[] = {
+ {"base-dir", required_argument, NULL, 'b'},
+ {"comment", required_argument, NULL, 'c'},
+ {"home-dir", required_argument, NULL, 'd'},
+ {"defaults", no_argument, NULL, 'D'},
+ {"expiredate", required_argument, NULL, 'e'},
+ {"inactive", required_argument, NULL, 'f'},
+ {"gid", required_argument, NULL, 'g'},
+ {"groups", required_argument, NULL, 'G'},
+ {"help", no_argument, NULL, 'h'},
+ {"skel", required_argument, NULL, 'k'},
+ {"key", required_argument, NULL, 'K'},
+ {"no-log-init", no_argument, NULL, 'l'},
+ {"create-home", no_argument, NULL, 'm'},
+ {"no-create-home", no_argument, NULL, 'M'},
+ {"no-user-group", no_argument, NULL, 'N'},
+ {"non-unique", no_argument, NULL, 'o'},
+ {"password", required_argument, NULL, 'p'},
+ {"system", no_argument, NULL, 'r'},
+ {"root", required_argument, NULL, 'R'},
+ {"shell", required_argument, NULL, 's'},
+ {"uid", required_argument, NULL, 'u'},
+ {"user-group", no_argument, NULL, 'U'},
+#ifdef WITH_SELINUX
+ {"selinux-user", required_argument, NULL, 'Z'},
+#endif /* WITH_SELINUX */
+ {NULL, 0, NULL, '\0'}
+ };
+ while ((c = getopt_long (argc, argv,
+#ifdef WITH_SELINUX
+ "b:c:d:De:f:g:G:hk:K:lmMNop:rR:s:u:UZ:",
+#else /* !WITH_SELINUX */
+ "b:c:d:De:f:g:G:hk:K:lmMNop:rR:s:u:U",
+#endif /* !WITH_SELINUX */
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'b':
+ if ( ( !VALID (optarg) )
+ || ( optarg[0] != '/' )) {
+ fprintf (stderr,
+ _("%s: invalid base directory '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ def_home = optarg;
+ bflg = true;
+ break;
+ case 'c':
+ if (!VALID (optarg)) {
+ fprintf (stderr,
+ _("%s: invalid comment '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ user_comment = optarg;
+ cflg = true;
+ break;
+ case 'd':
+ if ( ( !VALID (optarg) )
+ || ( optarg[0] != '/' )) {
+ fprintf (stderr,
+ _("%s: invalid home directory '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ user_home = optarg;
+ dflg = true;
+ break;
+ case 'D':
+ if (anyflag) {
+ usage (E_USAGE);
+ }
+ Dflg = true;
+ break;
+ case 'e':
+ if ('\0' != *optarg) {
+ user_expire = strtoday (optarg);
+ if (user_expire < -1) {
+ fprintf (stderr,
+ _("%s: invalid date '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ } else {
+ user_expire = -1;
+ }
+
+ /*
+ * -e "" is allowed without /etc/shadow
+ * (it's a no-op in such case)
+ */
+ if ((-1 != user_expire) && !is_shadow_pwd) {
+ fprintf (stderr,
+ _("%s: shadow passwords required for -e\n"),
+ Prog);
+ exit (E_USAGE);
+ }
+ if (Dflg) {
+ def_expire = optarg;
+ }
+ eflg = true;
+ break;
+ case 'f':
+ if ( (getlong (optarg, &def_inactive) == 0)
+ || (def_inactive < -1)) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ /*
+ * -f -1 is allowed
+ * it's a no-op without /etc/shadow
+ */
+ if ((-1 != def_inactive) && !is_shadow_pwd) {
+ fprintf (stderr,
+ _("%s: shadow passwords required for -f\n"),
+ Prog);
+ exit (E_USAGE);
+ }
+ fflg = true;
+ break;
+ case 'g':
+ grp = getgr_nam_gid (optarg);
+ if (NULL == grp) {
+ fprintf (stderr,
+ _("%s: group '%s' does not exist\n"),
+ Prog, optarg);
+ exit (E_NOTFOUND);
+ }
+ if (Dflg) {
+ def_group = grp->gr_gid;
+ def_gname = optarg;
+ } else {
+ user_gid = grp->gr_gid;
+ }
+ gflg = true;
+ break;
+ case 'G':
+ if (get_groups (optarg) != 0) {
+ exit (E_NOTFOUND);
+ }
+ if (NULL != user_groups[0]) {
+ do_grp_update = true;
+ }
+ Gflg = true;
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ break;
+ case 'k':
+ def_template = optarg;
+ kflg = true;
+ break;
+ case 'K':
+ /*
+ * override login.defs defaults (-K name=value)
+ * example: -K UID_MIN=100 -K UID_MAX=499
+ * note: -K UID_MIN=10,UID_MAX=499 doesn't work yet
+ */
+ cp = strchr (optarg, '=');
+ if (NULL == cp) {
+ fprintf (stderr,
+ _("%s: -K requires KEY=VALUE\n"),
+ Prog);
+ exit (E_BAD_ARG);
+ }
+ /* terminate name, point to value */
+ *cp = '\0';
+ cp++;
+ if (putdef_str (optarg, cp) < 0) {
+ exit (E_BAD_ARG);
+ }
+ break;
+ case 'l':
+ lflg = true;
+ break;
+ case 'm':
+ mflg = true;
+ break;
+ case 'M':
+ Mflg = true;
+ break;
+ case 'N':
+ Nflg = true;
+ break;
+ case 'o':
+ oflg = true;
+ break;
+ case 'p': /* set encrypted password */
+ if (!VALID (optarg)) {
+ fprintf (stderr,
+ _("%s: invalid field '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ user_pass = optarg;
+ break;
+ case 'r':
+ rflg = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 's':
+ if ( ( !VALID (optarg) )
+ || ( ('\0' != optarg[0])
+ && ('/' != optarg[0])
+ && ('*' != optarg[0]) )) {
+ fprintf (stderr,
+ _("%s: invalid shell '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ user_shell = optarg;
+ def_shell = optarg;
+ sflg = true;
+ break;
+ case 'u':
+ if ( (get_uid (optarg, &user_id) == 0)
+ || (user_id == (gid_t)-1)) {
+ fprintf (stderr,
+ _("%s: invalid user ID '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ uflg = true;
+ break;
+ case 'U':
+ Uflg = true;
+ break;
+#ifdef WITH_SELINUX
+ case 'Z':
+ if (is_selinux_enabled () > 0) {
+ user_selinux = optarg;
+ } else {
+ fprintf (stderr,
+ _("%s: -Z requires SELinux enabled kernel\n"),
+ Prog);
+
+ exit (E_BAD_ARG);
+ }
+ break;
+#endif /* WITH_SELINUX */
+ default:
+ usage (E_USAGE);
+ }
+ anyflag = true;
+ }
+ }
+
+ if (!gflg && !Nflg && !Uflg) {
+ /* Get the settings from login.defs */
+ Uflg = getdef_bool ("USERGROUPS_ENAB");
+ }
+
+ /*
+ * Certain options are only valid in combination with others.
+ * Check it here so that they can be specified in any order.
+ */
+ if (oflg && !uflg) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+ Prog, "-o", "-u");
+ usage (E_USAGE);
+ }
+ if (kflg && !mflg) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+ Prog, "-k", "-m");
+ usage (E_USAGE);
+ }
+ if (Uflg && gflg) {
+ fprintf (stderr,
+ _("%s: options %s and %s conflict\n"),
+ Prog, "-U", "-g");
+ usage (E_USAGE);
+ }
+ if (Uflg && Nflg) {
+ fprintf (stderr,
+ _("%s: options %s and %s conflict\n"),
+ Prog, "-U", "-N");
+ usage (E_USAGE);
+ }
+ if (mflg && Mflg) {
+ fprintf (stderr,
+ _("%s: options %s and %s conflict\n"),
+ Prog, "-m", "-M");
+ usage (E_USAGE);
+ }
+
+ /*
+ * Either -D or username is required. Defaults can be set with -D
+ * for the -b, -e, -f, -g, -s options only.
+ */
+ if (Dflg) {
+ if (optind != argc) {
+ usage (E_USAGE);
+ }
+
+ if (uflg || Gflg || dflg || cflg || mflg) {
+ usage (E_USAGE);
+ }
+ } else {
+ if (optind != argc - 1) {
+ usage (E_USAGE);
+ }
+
+ user_name = argv[optind];
+ if (!is_valid_user_name (user_name)) {
+ fprintf (stderr,
+ _("%s: invalid user name '%s'\n"),
+ Prog, user_name);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ exit (E_BAD_ARG);
+ }
+ if (!dflg) {
+ char *uh;
+ size_t len = strlen (def_home) + strlen (user_name) + 2;
+ int wlen;
+
+ uh = xmalloc (len);
+ wlen = snprintf (uh, len, "%s/%s", def_home, user_name);
+ assert (wlen == (int) len -1);
+
+ user_home = uh;
+ }
+ }
+
+ if (!eflg) {
+ user_expire = strtoday (def_expire);
+ }
+
+ if (!gflg) {
+ user_gid = def_group;
+ }
+
+ if (!sflg) {
+ user_shell = def_shell;
+ }
+
+ create_mail_spool = def_create_mail_spool;
+
+ if (!rflg) {
+ /* for system accounts defaults are ignored and we
+ * do not create a home dir */
+ if (getdef_bool ("CREATE_HOME")) {
+ mflg = true;
+ }
+ }
+
+ if (Mflg) {
+ /* absolutely sure that we do not create home dirs */
+ mflg = false;
+ }
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ * close_files() closes all of the files that were opened for this
+ * new user. This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+ if (pw_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (E_PW_UPDATE);
+ }
+ if (is_shadow_pwd && (spw_close () == 0)) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+ fail_exit (E_PW_UPDATE);
+ }
+ if (do_grp_update) {
+ if (gr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+ fail_exit (E_GRP_UPDATE);
+ }
+#ifdef SHADOWGRP
+ if (is_shadow_grp && (sgr_close () == 0)) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+ fail_exit (E_GRP_UPDATE);
+ }
+#endif
+ }
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid && (sub_uid_close () == 0)) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ()));
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ if (is_sub_gid && (sub_gid_close () == 0)) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ()));
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+#endif /* ENABLE_SUBIDS */
+ if (is_shadow_pwd) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking shadow file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ spw_locked = false;
+ }
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking passwd file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ pw_locked = false;
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking group file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ gr_locked = false;
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking gshadow file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ sgr_locked = false;
+ }
+#endif
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid) {
+ if (sub_uid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking subordinate user file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ sub_uid_locked = false;
+ }
+ if (is_sub_gid) {
+ if (sub_gid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "unlocking subordinate group file",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ /* continue */
+ }
+ sub_gid_locked = false;
+ }
+#endif /* ENABLE_SUBIDS */
+}
+
+/*
+ * open_files - lock and open the password files
+ *
+ * open_files() opens the two password files.
+ */
+static void open_files (void)
+{
+ if (pw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ exit (E_PW_UPDATE);
+ }
+ pw_locked = true;
+ if (pw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
+ fail_exit (E_PW_UPDATE);
+ }
+
+ /* shadow file will be opened by open_shadow(); */
+
+ /*
+ * Lock and open the group file.
+ */
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+ gr_locked = true;
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+ sgr_locked = true;
+ if (sgr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sgr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+ }
+#endif
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid) {
+ if (sub_uid_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sub_uid_dbname ());
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ sub_uid_locked = true;
+ if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sub_uid_dbname ());
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ }
+ if (is_sub_gid) {
+ if (sub_gid_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sub_gid_dbname ());
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+ sub_gid_locked = true;
+ if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sub_gid_dbname ());
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+ }
+#endif /* ENABLE_SUBIDS */
+}
+
+static void open_shadow (void)
+{
+ if (!is_shadow_pwd) {
+ return;
+ }
+ if (spw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, spw_dbname ());
+ fail_exit (E_PW_UPDATE);
+ }
+ spw_locked = true;
+ if (spw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, spw_dbname ());
+ fail_exit (E_PW_UPDATE);
+ }
+}
+
+static char *empty_list = NULL;
+
+/*
+ * new_grent - initialize the values in a group file entry
+ *
+ * new_grent() takes all of the values that have been entered and fills
+ * in a (struct group) with them.
+ */
+
+static void new_grent (struct group *grent)
+{
+ memzero (grent, sizeof *grent);
+ grent->gr_name = (char *) user_name;
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ grent->gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ } else
+#endif /* SHADOWGRP */
+ {
+ grent->gr_passwd = "!"; /* XXX warning: const */
+ }
+ grent->gr_gid = user_gid;
+ grent->gr_mem = &empty_list;
+}
+
+#ifdef SHADOWGRP
+/*
+ * new_sgent - initialize the values in a shadow group file entry
+ *
+ * new_sgent() takes all of the values that have been entered and fills
+ * in a (struct sgrp) with them.
+ */
+
+static void new_sgent (struct sgrp *sgent)
+{
+ memzero (sgent, sizeof *sgent);
+ sgent->sg_name = (char *) user_name;
+ sgent->sg_passwd = "!"; /* XXX warning: const */
+ sgent->sg_adm = &empty_list;
+ sgent->sg_mem = &empty_list;
+}
+#endif /* SHADOWGRP */
+
+
+/*
+ * grp_add - add new group file entries
+ *
+ * grp_add() writes the new records to the group files.
+ */
+
+static void grp_add (void)
+{
+ struct group grp;
+
+#ifdef SHADOWGRP
+ struct sgrp sgrp;
+#endif /* SHADOWGRP */
+
+ /*
+ * Create the initial entries for this new group.
+ */
+ new_grent (&grp);
+#ifdef SHADOWGRP
+ new_sgent (&sgrp);
+#endif /* SHADOWGRP */
+
+ /*
+ * Write out the new group file entry.
+ */
+ if (gr_update (&grp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), grp.gr_name);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "adding group",
+ grp.gr_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ fail_exit (E_GRP_UPDATE);
+ }
+#ifdef SHADOWGRP
+ /*
+ * Write out the new shadow group entries as well.
+ */
+ if (is_shadow_grp && (sgr_update (&sgrp) == 0)) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), sgrp.sg_name);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "adding group",
+ grp.gr_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ fail_exit (E_GRP_UPDATE);
+ }
+#endif /* SHADOWGRP */
+ SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u", user_name, user_gid));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "adding group",
+ grp.gr_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ do_grp_update = true;
+}
+
+static void faillog_reset (uid_t uid)
+{
+ struct faillog fl;
+ int fd;
+ off_t offset_uid = (off_t) (sizeof fl) * uid;
+
+ if (access (FAILLOG_FILE, F_OK) != 0) {
+ return;
+ }
+
+ memzero (&fl, sizeof (fl));
+
+ fd = open (FAILLOG_FILE, O_RDWR);
+ if ( (-1 == fd)
+ || (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+ || (write (fd, &fl, sizeof (fl)) != (ssize_t) sizeof (fl))
+ || (fsync (fd) != 0)
+ || (close (fd) != 0)) {
+ fprintf (stderr,
+ _("%s: failed to reset the faillog entry of UID %lu: %s\n"),
+ Prog, (unsigned long) uid, strerror (errno));
+ SYSLOG ((LOG_WARN, "failed to reset the faillog entry of UID %lu", (unsigned long) uid));
+ /* continue */
+ }
+}
+
+static void lastlog_reset (uid_t uid)
+{
+ struct lastlog ll;
+ int fd;
+ off_t offset_uid = (off_t) (sizeof ll) * uid;
+
+ if (access (LASTLOG_FILE, F_OK) != 0) {
+ return;
+ }
+
+ memzero (&ll, sizeof (ll));
+
+ fd = open (LASTLOG_FILE, O_RDWR);
+ if ( (-1 == fd)
+ || (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+ || (write (fd, &ll, sizeof (ll)) != (ssize_t) sizeof (ll))
+ || (fsync (fd) != 0)
+ || (close (fd) != 0)) {
+ fprintf (stderr,
+ _("%s: failed to reset the lastlog entry of UID %lu: %s\n"),
+ Prog, (unsigned long) uid, strerror (errno));
+ SYSLOG ((LOG_WARN, "failed to reset the lastlog entry of UID %lu", (unsigned long) uid));
+ /* continue */
+ }
+}
+
+static void tallylog_reset (char *user_name)
+{
+ const char pam_tally2[] = "/sbin/pam_tally2";
+ const char *pname;
+ pid_t childpid;
+ int failed;
+ int status;
+
+ if (access(pam_tally2, X_OK) == -1)
+ return;
+
+ failed = 0;
+ switch (childpid = fork())
+ {
+ case -1: /* error */
+ failed = 1;
+ break;
+ case 0: /* child */
+ pname = strrchr(pam_tally2, '/');
+ if (pname == NULL)
+ pname = pam_tally2;
+ else
+ pname++; /* Skip the '/' */
+ execl(pam_tally2, pname, "--user", user_name, "--reset", "--quiet", NULL);
+ /* If we come here, something has gone terribly wrong */
+ perror(pam_tally2);
+ exit(42); /* don't continue, we now have 2 processes running! */
+ /* NOTREACHED */
+ break;
+ default: /* parent */
+ if (waitpid(childpid, &status, 0) == -1 || !WIFEXITED(status) || WEXITSTATUS(status) != 0)
+ failed = 1;
+ break;
+ }
+
+ if (failed)
+ {
+ fprintf (stderr,
+ _("%s: failed to reset the tallylog entry of user \"%s\"\n"),
+ Prog, user_name);
+ SYSLOG ((LOG_WARN, "failed to reset the tallylog entry of user \"%s\"", user_name));
+ }
+
+ return;
+}
+
+/*
+ * usr_update - create the user entries
+ *
+ * usr_update() creates the password file entries for this user
+ * and will update the group entries if required.
+ */
+static void usr_update (void)
+{
+ struct passwd pwent;
+ struct spwd spent;
+
+ /*
+ * Fill in the password structure with any new fields, making
+ * copies of strings.
+ */
+ new_pwent (&pwent);
+ new_spent (&spent);
+
+ /*
+ * Create a syslog entry. We need to do this now in case anything
+ * happens so we know what we were trying to accomplish.
+ */
+ SYSLOG ((LOG_INFO,
+ "new user: name=%s, UID=%u, GID=%u, home=%s, shell=%s",
+ user_name, (unsigned int) user_id,
+ (unsigned int) user_gid, user_home, user_shell));
+
+ /*
+ * Initialize faillog and lastlog entries for this UID in case
+ * it belongs to a previously deleted user. We do it only if
+ * no user with this UID exists yet (entries for shared UIDs
+ * are left unchanged). --marekm
+ */
+ /* local, no need for xgetpwuid */
+ if ((!lflg) && (getpwuid (user_id) == NULL)) {
+ faillog_reset (user_id);
+ lastlog_reset (user_id);
+ }
+
+ /*
+ * Put the new (struct passwd) in the table.
+ */
+ if (pw_update (&pwent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, pw_dbname (), pwent.pw_name);
+ fail_exit (E_PW_UPDATE);
+ }
+
+ /*
+ * Put the new (struct spwd) in the table.
+ */
+ if (is_shadow_pwd && (spw_update (&spent) == 0)) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, spw_dbname (), spent.sp_namp);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding shadow password",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ fail_exit (E_PW_UPDATE);
+ }
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid &&
+ (sub_uid_add(user_name, sub_uid_start, sub_uid_count) == 0)) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry\n"),
+ Prog, sub_uid_dbname ());
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ if (is_sub_gid &&
+ (sub_gid_add(user_name, sub_gid_start, sub_gid_count) == 0)) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry\n"),
+ Prog, sub_uid_dbname ());
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+#endif /* ENABLE_SUBIDS */
+
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+ /*
+ * Do any group file updates for this user.
+ */
+ if (do_grp_update) {
+ grp_update ();
+ }
+}
+
+/*
+ * create_home - create the user's home directory
+ *
+ * create_home() creates the user's home directory if it does not
+ * already exist. It will be created mode 755 owned by the user
+ * with the user's default group.
+ */
+static void create_home (void)
+{
+ if (access (user_home, F_OK) != 0) {
+#ifdef WITH_SELINUX
+ if (set_selinux_file_context (user_home) != 0) {
+ fprintf (stderr,
+ _("%s: cannot set SELinux context for home directory %s\n"),
+ Prog, user_home);
+ fail_exit (E_HOMEDIR);
+ }
+#endif
+ /* XXX - create missing parent directories. --marekm */
+ if (mkdir (user_home, 0) != 0) {
+ fprintf (stderr,
+ _("%s: cannot create directory %s\n"),
+ Prog, user_home);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding home directory",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ fail_exit (E_HOMEDIR);
+ }
+ chown (user_home, user_id, user_gid);
+ chmod (user_home,
+ 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
+ home_added = true;
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding home directory",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_SUCCESS);
+#endif
+#ifdef WITH_SELINUX
+ /* Reset SELinux to create files with default contexts */
+ if (reset_selinux_file_context () != 0) {
+ fprintf (stderr,
+ _("%s: cannot reset SELinux file creation context\n"),
+ Prog);
+ fail_exit (E_HOMEDIR);
+ }
+#endif
+ }
+}
+
+/*
+ * create_mail - create the user's mail spool
+ *
+ * create_mail() creates the user's mail spool if it does not already
+ * exist. It will be created mode 660 owned by the user and group
+ * 'mail'
+ */
+static void create_mail (void)
+{
+ if (strcasecmp (create_mail_spool, "yes") == 0) {
+ const char *spool;
+ char *file;
+ int fd;
+ struct group *gr;
+ gid_t gid;
+ mode_t mode;
+
+ spool = getdef_str ("MAIL_DIR");
+ if (NULL == spool) {
+ spool = "/var/mail";
+ }
+ file = alloca (strlen (spool) + strlen (user_name) + 2);
+ sprintf (file, "%s/%s", spool, user_name);
+ fd = open (file, O_CREAT | O_WRONLY | O_TRUNC | O_EXCL, 0);
+ if (fd < 0) {
+ perror (_("Creating mailbox file"));
+ return;
+ }
+
+ gr = getgrnam ("mail"); /* local, no need for xgetgrnam */
+ if (NULL == gr) {
+ fputs (_("Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"),
+ stderr);
+ gid = user_gid;
+ mode = 0600;
+ } else {
+ gid = gr->gr_gid;
+ mode = 0660;
+ }
+
+ if ( (fchown (fd, user_id, gid) != 0)
+ || (fchmod (fd, mode) != 0)) {
+ perror (_("Setting mailbox file permissions"));
+ }
+
+ fsync (fd);
+ close (fd);
+ }
+}
+
+/*
+ * main - useradd command
+ */
+int main (int argc, char **argv)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ int retval;
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+
+#ifdef ENABLE_SUBIDS
+ uid_t uid_min;
+ uid_t uid_max;
+#endif
+
+ /*
+ * Get my name so that I can use it to report errors.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("useradd");
+#ifdef WITH_AUDIT
+ audit_help_open ();
+#endif
+
+ sys_ngroups = sysconf (_SC_NGROUPS_MAX);
+ user_groups = (char **) xmalloc ((1 + sys_ngroups) * sizeof (char *));
+ /*
+ * Initialize the list to be empty
+ */
+ user_groups[0] = (char *) 0;
+
+
+ is_shadow_pwd = spw_file_present ();
+#ifdef SHADOWGRP
+ is_shadow_grp = sgr_file_present ();
+#endif
+
+ get_defaults ();
+
+ process_flags (argc, argv);
+
+#ifdef ENABLE_SUBIDS
+ uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
+ uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+ is_sub_uid = sub_uid_file_present () && !rflg &&
+ (!user_id || (user_id <= uid_max && user_id >= uid_min));
+ is_sub_gid = sub_gid_file_present () && !rflg &&
+ (!user_id || (user_id <= uid_max && user_id >= uid_min));
+#endif /* ENABLE_SUBIDS */
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ fail_exit (1);
+ }
+
+ retval = pam_start ("useradd", pampw->pw_name, &conv, &pamh);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ fail_exit (1);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+
+ /*
+ * See if we are messing with the defaults file, or creating
+ * a new user.
+ */
+ if (Dflg) {
+ if (gflg || bflg || fflg || eflg || sflg) {
+ exit ((set_defaults () != 0) ? 1 : 0);
+ }
+
+ show_defaults ();
+ exit (E_SUCCESS);
+ }
+
+ /*
+ * Start with a quick check to see if the user exists.
+ */
+ if (getpwnam (user_name) != NULL) { /* local, no need for xgetpwnam */
+ fprintf (stderr, _("%s: user '%s' already exists\n"), Prog, user_name);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ fail_exit (E_NAME_IN_USE);
+ }
+
+ /*
+ * Don't blindly overwrite a group when a user is added...
+ * If you already have a group username, and want to add the user
+ * to that group, use useradd -g username username.
+ * --bero
+ */
+ if (Uflg) {
+ /* local, no need for xgetgrnam */
+ if (getgrnam (user_name) != NULL) {
+ fprintf (stderr,
+ _("%s: group %s exists - if you want to add this user to that group, use -g.\n"),
+ Prog, user_name);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding group",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ fail_exit (E_NAME_IN_USE);
+ }
+ }
+
+ /*
+ * Do the hard stuff:
+ * - open the files,
+ * - create the user entries,
+ * - create the home directory,
+ * - create user mail spool,
+ * - flush nscd caches for passwd and group services,
+ * - then close and update the files.
+ */
+ open_files ();
+
+ if (!oflg) {
+ /* first, seek for a valid uid to use for this user.
+ * We do this because later we can use the uid we found as
+ * gid too ... --gafton */
+ if (!uflg) {
+ if (find_new_uid (rflg, &user_id, NULL) < 0) {
+ fprintf (stderr, _("%s: can't create user\n"), Prog);
+ fail_exit (E_UID_IN_USE);
+ }
+ } else {
+ if (getpwuid (user_id) != NULL) {
+ fprintf (stderr,
+ _("%s: UID %lu is not unique\n"),
+ Prog, (unsigned long) user_id);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif
+ fail_exit (E_UID_IN_USE);
+ }
+ }
+ }
+
+#ifdef WITH_TCB
+ if (getdef_bool ("USE_TCB")) {
+ if (shadowtcb_create (user_name, user_id) == SHADOWTCB_FAILURE) {
+ fprintf (stderr,
+ _("%s: Failed to create tcb directory for %s\n"),
+ Prog, user_name);
+ fail_exit (E_UID_IN_USE);
+ }
+ }
+#endif
+ open_shadow ();
+
+ /* do we have to add a group for that user? This is why we need to
+ * open the group files in the open_files() function --gafton */
+ if (Uflg) {
+ if (find_new_gid (rflg, &user_gid, &user_id) < 0) {
+ fprintf (stderr,
+ _("%s: can't create group\n"),
+ Prog);
+ fail_exit (4);
+ }
+ grp_add ();
+ }
+
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid) {
+ if (find_new_sub_uids(user_name, &sub_uid_start, &sub_uid_count) < 0) {
+ fprintf (stderr,
+ _("%s: can't create subordinate user IDs\n"),
+ Prog);
+ fail_exit(E_SUB_UID_UPDATE);
+ }
+ }
+ if (is_sub_gid) {
+ if (find_new_sub_gids(user_name, &sub_gid_start, &sub_gid_count) < 0) {
+ fprintf (stderr,
+ _("%s: can't create subordinate group IDs\n"),
+ Prog);
+ fail_exit(E_SUB_GID_UPDATE);
+ }
+ }
+#endif /* ENABLE_SUBIDS */
+
+ usr_update ();
+
+ if (mflg) {
+ create_home ();
+ if (home_added) {
+ copy_tree (def_template, user_home, false, false,
+ (uid_t)-1, user_id, (gid_t)-1, user_gid);
+ } else {
+ fprintf (stderr,
+ _("%s: warning: the home directory already exists.\n"
+ "Not copying any file from skel directory into it.\n"),
+ Prog);
+ }
+
+ }
+
+ /* Do not create mail directory for system accounts */
+ if (!rflg) {
+ create_mail ();
+ }
+
+ close_files ();
+
+ /*
+ * tallylog_reset needs to be able to lookup
+ * a valid existing user name,
+ * so we canot call it before close_files()
+ */
+ if (!lflg && getpwuid (user_id) != NULL) {
+ tallylog_reset (user_name);
+ }
+
+#ifdef WITH_SELINUX
+ if (Zflg) {
+ if (set_seuser (user_name, user_selinux) != 0) {
+ fprintf (stderr,
+ _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
+ Prog, user_name, user_selinux);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding SELinux user mapping",
+ user_name, (unsigned int) user_id, 0);
+#endif /* WITH_AUDIT */
+ fail_exit (E_SE_UPDATE);
+ }
+ }
+#endif /* WITH_SELINUX */
+
+ nscd_flush_cache ("passwd");
+ nscd_flush_cache ("group");
+
+ return E_SUCCESS;
+}
+
diff --git a/src/userdel.c b/src/userdel.c
new file mode 100644
index 0000000..9092b5c
--- /dev/null
+++ b/src/userdel.c
@@ -0,0 +1,1283 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2012, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/stat.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+#include "defines.h"
+#include "getdef.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+#include "shadowio.h"
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif /* SHADOWGRP */
+#ifdef WITH_TCB
+#include <tcb.h>
+#include "tcbfuncs.h"
+#endif /* WITH_TCB */
+/*@-exitarg@*/
+#include "exitcodes.h"
+#ifdef ENABLE_SUBIDS
+#include "subordinateio.h"
+#endif /* ENABLE_SUBIDS */
+
+/*
+ * exit status values
+ */
+#define E_PW_UPDATE 1 /* can't update password file */
+#define E_NOTFOUND 6 /* specified user doesn't exist */
+#define E_USER_BUSY 8 /* user currently logged in */
+#define E_GRP_UPDATE 10 /* can't update group file */
+#define E_HOMEDIR 12 /* can't remove home directory */
+#define E_SE_UPDATE 14 /* can't update SELinux user mapping */
+#ifdef ENABLE_SUBIDS
+#define E_SUB_UID_UPDATE 16 /* can't update the subordinate uid file */
+#define E_SUB_GID_UPDATE 18 /* can't update the subordinate gid file */
+#endif /* ENABLE_SUBIDS */
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static char *user_name;
+static uid_t user_id;
+static gid_t user_gid;
+static char *user_home;
+
+static bool fflg = false;
+static bool rflg = false;
+static bool Zflg = false;
+
+static bool is_shadow_pwd;
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+static bool sgr_locked = false;
+#endif /* SHADOWGRP */
+static bool pw_locked = false;
+static bool gr_locked = false;
+static bool spw_locked = false;
+#ifdef ENABLE_SUBIDS
+static bool is_sub_uid;
+static bool is_sub_gid;
+static bool sub_uid_locked = false;
+static bool sub_gid_locked = false;
+#endif /* ENABLE_SUBIDS */
+
+/* local function prototypes */
+static void usage (int status);
+static void update_groups (void);
+static void remove_usergroup (void);
+static void close_files (void);
+static void fail_exit (int);
+static void open_files (void);
+static void update_user (void);
+static void user_cancel (const char *);
+
+#ifdef EXTRA_CHECK_HOME_DIR
+static bool path_prefix (const char *, const char *);
+#endif /* EXTRA_CHECK_HOME_DIR */
+static int is_owner (uid_t, const char *);
+static int remove_mailbox (void);
+#ifdef WITH_TCB
+static int remove_tcbdir (const char *user_name, uid_t user_id);
+#endif /* WITH_TCB */
+
+/*
+ * usage - display usage message and exit
+ */
+static void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options] LOGIN\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -f, --force force removal of files,\n"
+ " even if not owned by user\n"),
+ usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -r, --remove remove home directory and mail spool\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+#ifdef WITH_SELINUX
+ (void) fputs (_(" -Z, --selinux-user remove any SELinux user mapping for the user\n"), usageout);
+#endif /* WITH_SELINUX */
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * update_groups - delete user from secondary group set
+ *
+ * update_groups() takes the user name that was given and searches
+ * the group files for membership in any group.
+ *
+ * we also check to see if they have any groups they own (the same
+ * name is their user name) and delete them too (only if USERGROUPS_ENAB
+ * is enabled).
+ */
+static void update_groups (void)
+{
+ const struct group *grp;
+ struct group *ngrp;
+
+#ifdef SHADOWGRP
+ const struct sgrp *sgrp;
+ struct sgrp *nsgrp;
+#endif /* SHADOWGRP */
+
+ /*
+ * Scan through the entire group file looking for the groups that
+ * the user is a member of.
+ */
+ for (gr_rewind (), grp = gr_next (); NULL != grp; grp = gr_next ()) {
+
+ /*
+ * See if the user specified this group as one of their
+ * concurrent groups.
+ */
+ if (!is_on_list (grp->gr_mem, user_name)) {
+ continue;
+ }
+
+ /*
+ * Delete the username from the list of group members and
+ * update the group entry to reflect the change.
+ */
+ ngrp = __gr_dup (grp);
+ if (NULL == ngrp) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, gr_dbname ());
+ exit (13); /* XXX */
+ }
+ ngrp->gr_mem = del_list (ngrp->gr_mem, user_name);
+ if (gr_update (ngrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), ngrp->gr_name);
+ exit (E_GRP_UPDATE);
+ }
+
+ /*
+ * Update the DBM group file with the new entry as well.
+ */
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting user from group",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_SUCCESS);
+#endif /* WITH_AUDIT */
+ SYSLOG ((LOG_INFO, "delete '%s' from group '%s'\n",
+ user_name, ngrp->gr_name));
+ }
+
+ if (getdef_bool ("USERGROUPS_ENAB")) {
+ remove_usergroup ();
+ }
+
+#ifdef SHADOWGRP
+ if (!is_shadow_grp) {
+ return;
+ }
+
+ /*
+ * Scan through the entire shadow group file looking for the groups
+ * that the user is a member of. Both the administrative list and
+ * the ordinary membership list is checked.
+ */
+ for (sgr_rewind (), sgrp = sgr_next ();
+ NULL != sgrp;
+ sgrp = sgr_next ()) {
+ bool was_member, was_admin;
+
+ /*
+ * See if the user specified this group as one of their
+ * concurrent groups.
+ */
+ was_member = is_on_list (sgrp->sg_mem, user_name);
+ was_admin = is_on_list (sgrp->sg_adm, user_name);
+
+ if (!was_member && !was_admin) {
+ continue;
+ }
+
+ nsgrp = __sgr_dup (sgrp);
+ if (NULL == nsgrp) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, sgr_dbname ());
+ exit (13); /* XXX */
+ }
+
+ if (was_member) {
+ nsgrp->sg_mem = del_list (nsgrp->sg_mem, user_name);
+ }
+
+ if (was_admin) {
+ nsgrp->sg_adm = del_list (nsgrp->sg_adm, user_name);
+ }
+
+ if (sgr_update (nsgrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), nsgrp->sg_name);
+ exit (E_GRP_UPDATE);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting user from shadow group",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_SUCCESS);
+#endif /* WITH_AUDIT */
+ SYSLOG ((LOG_INFO, "delete '%s' from shadow group '%s'\n",
+ user_name, nsgrp->sg_name));
+ }
+#endif /* SHADOWGRP */
+}
+
+/*
+ * remove_usergroup - delete the user's group if it is a usergroup
+ *
+ * An usergroup is removed if
+ * + it has the same name as the user
+ * + it is the primary group of the user
+ * + it has no other members
+ * + it is not the primary group of any other user
+ */
+static void remove_usergroup (void)
+{
+ const struct group *grp;
+ const struct passwd *pwd = NULL;
+
+ grp = gr_locate (user_name);
+ if (NULL == grp) {
+ /* This user has no usergroup. */
+ return;
+ }
+
+ if (grp->gr_gid != user_gid) {
+ fprintf (stderr,
+ _("%s: group %s not removed because it is not the primary group of user %s.\n"),
+ Prog, grp->gr_name, user_name);
+ return;
+ }
+
+ if (NULL != grp->gr_mem[0]) {
+ /* The usergroup has other members. */
+ fprintf (stderr,
+ _("%s: group %s not removed because it has other members.\n"),
+ Prog, grp->gr_name);
+ return;
+ }
+
+ if (!fflg) {
+ /*
+ * Scan the passwd file to check if this group is still
+ * used as a primary group.
+ */
+ setpwent ();
+ while ((pwd = getpwent ()) != NULL) {
+ if (strcmp (pwd->pw_name, user_name) == 0) {
+ continue;
+ }
+ if (pwd->pw_gid == grp->gr_gid) {
+ fprintf (stderr,
+ _("%s: group %s is the primary group of another user and is not removed.\n"),
+ Prog, grp->gr_name);
+ break;
+ }
+ }
+ endpwent ();
+ }
+
+ if (NULL == pwd) {
+ /*
+ * We can remove this group, it is not the primary
+ * group of any remaining user.
+ */
+ if (gr_remove (user_name) == 0) {
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, user_name, gr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_GROUP, Prog,
+ "deleting group",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif /* WITH_AUDIT */
+ SYSLOG ((LOG_INFO,
+ "removed group '%s' owned by '%s'\n",
+ user_name, user_name));
+
+#ifdef SHADOWGRP
+ if (sgr_locate (user_name) != NULL) {
+ if (sgr_remove (user_name) == 0) {
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, user_name, sgr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_GROUP, Prog,
+ "deleting shadow group",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_SUCCESS);
+#endif /* WITH_AUDIT */
+ SYSLOG ((LOG_INFO,
+ "removed shadow group '%s' owned by '%s'\n",
+ user_name, user_name));
+
+ }
+#endif /* SHADOWGRP */
+ }
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ * close_files() closes all of the files that were opened for this
+ * new user. This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+ if (pw_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (E_PW_UPDATE);
+ }
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ pw_locked = false;
+
+ if (is_shadow_pwd) {
+ if (spw_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+ fail_exit (E_PW_UPDATE);
+ }
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ spw_locked = false;
+ }
+
+ if (gr_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+ fail_exit (E_GRP_UPDATE);
+ }
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ gr_locked = false;
+
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+ fail_exit (E_GRP_UPDATE);
+ }
+
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ sgr_locked = false;
+ }
+#endif /* SHADOWGRP */
+
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid) {
+ if (sub_uid_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ()));
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ if (sub_uid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+ /* continue */
+ }
+ sub_uid_locked = false;
+ }
+
+ if (is_sub_gid) {
+ if (sub_gid_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ()));
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+ if (sub_gid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+ /* continue */
+ }
+ sub_gid_locked = false;
+ }
+#endif /* ENABLE_SUBIDS */
+}
+
+/*
+ * fail_exit - exit with a failure code after unlocking the files
+ */
+static void fail_exit (int code)
+{
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ }
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ }
+ if (spw_locked) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ }
+#ifdef SHADOWGRP
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ }
+#endif /* SHADOWGRP */
+#ifdef ENABLE_SUBIDS
+ if (sub_uid_locked) {
+ if (sub_uid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+ /* continue */
+ }
+ }
+ if (sub_gid_locked) {
+ if (sub_gid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+ /* continue */
+ }
+ }
+#endif /* ENABLE_SUBIDS */
+
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting user",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+
+ exit (code);
+}
+
+/*
+ * open_files - lock and open the password files
+ *
+ * open_files() opens the two password files.
+ */
+
+static void open_files (void)
+{
+ if (pw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "locking password file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_PW_UPDATE);
+ }
+ pw_locked = true;
+ if (pw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"), Prog, pw_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "opening password file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_PW_UPDATE);
+ }
+ if (is_shadow_pwd) {
+ if (spw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, spw_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "locking shadow password file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_PW_UPDATE);
+ }
+ spw_locked = true;
+ if (spw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, spw_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "opening shadow password file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_PW_UPDATE);
+ }
+ }
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "locking group file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_GRP_UPDATE);
+ }
+ gr_locked = true;
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "opening group file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_GRP_UPDATE);
+ }
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "locking shadow group file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_GRP_UPDATE);
+ }
+ sgr_locked= true;
+ if (sgr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"),
+ Prog, sgr_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "opening shadow group file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_GRP_UPDATE);
+ }
+ }
+#endif /* SHADOWGRP */
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid) {
+ if (sub_uid_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sub_uid_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "locking subordinate user file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ sub_uid_locked = true;
+ if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"), Prog, sub_uid_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "opening subordinate user file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ }
+ if (is_sub_gid) {
+ if (sub_gid_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sub_gid_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "locking subordinate group file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+ sub_gid_locked = true;
+ if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"), Prog, sub_gid_dbname ());
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "opening subordinate group file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+ }
+#endif /* ENABLE_SUBIDS */
+}
+
+/*
+ * update_user - delete the user entries
+ *
+ * update_user() deletes the password file entries for this user
+ * and will update the group entries as required.
+ */
+static void update_user (void)
+{
+ if (pw_remove (user_name) == 0) {
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, user_name, pw_dbname ());
+ fail_exit (E_PW_UPDATE);
+ }
+ if ( is_shadow_pwd
+ && (spw_locate (user_name) != NULL)
+ && (spw_remove (user_name) == 0)) {
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, user_name, spw_dbname ());
+ fail_exit (E_PW_UPDATE);
+ }
+#ifdef ENABLE_SUBIDS
+ if (is_sub_uid && sub_uid_remove(user_name, 0, ULONG_MAX) == 0) {
+ fprintf (stderr,
+ _("%s: cannot remove entry %lu from %s\n"),
+ Prog, (unsigned long)user_id, sub_uid_dbname ());
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ if (is_sub_gid && sub_gid_remove(user_name, 0, ULONG_MAX) == 0) {
+ fprintf (stderr,
+ _("%s: cannot remove entry %lu from %s\n"),
+ Prog, (unsigned long)user_id, sub_gid_dbname ());
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+#endif /* ENABLE_SUBIDS */
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting user entries",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_SUCCESS);
+#endif /* WITH_AUDIT */
+ SYSLOG ((LOG_INFO, "delete user '%s'\n", user_name));
+}
+
+/*
+ * user_cancel - cancel cron and at jobs
+ *
+ * user_cancel calls a script for additional cleanups like removal of
+ * cron, at, or print jobs.
+ */
+
+static void user_cancel (const char *user)
+{
+ const char *cmd;
+ const char *argv[3];
+ int status;
+
+ cmd = getdef_str ("USERDEL_CMD");
+ if (NULL == cmd) {
+ return;
+ }
+ argv[0] = cmd;
+ argv[1] = user;
+ argv[2] = (char *)0;
+ (void) run_command (cmd, argv, NULL, &status);
+}
+
+#ifdef EXTRA_CHECK_HOME_DIR
+static bool path_prefix (const char *s1, const char *s2)
+{
+ return ( (strncmp (s2, s1, strlen (s1)) == 0)
+ && ( ('\0' == s2[strlen (s1)])
+ || ('/' == s2[strlen (s1)])));
+}
+#endif /* EXTRA_CHECK_HOME_DIR */
+
+/*
+ * is_owner - Check if path is owned by uid
+ *
+ * Return
+ * 1: path exists and is owned by uid
+ * 0: path is not owned by uid, or a failure occurred
+ * -1: path does not exist
+ */
+static int is_owner (uid_t uid, const char *path)
+{
+ struct stat st;
+
+ errno = 0;
+ if (stat (path, &st) != 0) {
+ if ((ENOENT == errno) || (ENOTDIR == errno)) {
+ /* The file or directory does not exist */
+ return -1;
+ } else {
+ return 0;
+ }
+ }
+ return (st.st_uid == uid) ? 1 : 0;
+}
+
+static int remove_mailbox (void)
+{
+ const char *maildir;
+ char mailfile[1024];
+ int i;
+ int errors = 0;
+
+ maildir = getdef_str ("MAIL_DIR");
+#ifdef MAIL_SPOOL_DIR
+ if ((NULL == maildir) && (getdef_str ("MAIL_FILE") == NULL)) {
+ maildir = MAIL_SPOOL_DIR;
+ }
+#endif /* MAIL_SPOOL_DIR */
+ if (NULL == maildir) {
+ return 0;
+ }
+ snprintf (mailfile, sizeof mailfile, "%s/%s", maildir, user_name);
+
+ if (access (mailfile, F_OK) != 0) {
+ if (ENOENT == errno) {
+ fprintf (stderr,
+ _("%s: %s mail spool (%s) not found\n"),
+ Prog, user_name, mailfile);
+ return 0;
+ } else {
+ fprintf (stderr,
+ _("%s: warning: can't remove %s: %s\n"),
+ Prog, mailfile, strerror (errno));
+ SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting mail file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ return -1;
+ }
+ }
+
+ if (fflg) {
+ if (unlink (mailfile) != 0) {
+ fprintf (stderr,
+ _("%s: warning: can't remove %s: %s\n"),
+ Prog, mailfile, strerror (errno));
+ SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting mail file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ errors = 1;
+ /* continue */
+ }
+#ifdef WITH_AUDIT
+ else
+ {
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting mail file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_SUCCESS);
+ }
+#endif /* WITH_AUDIT */
+ return errors;
+ }
+ i = is_owner (user_id, mailfile);
+ if (i == 0) {
+ fprintf (stderr,
+ _("%s: %s not owned by %s, not removing\n"),
+ Prog, mailfile, user_name);
+ SYSLOG ((LOG_ERR,
+ "%s not owned by %s, not removed",
+ mailfile, strerror (errno)));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting mail file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ return 1;
+ } else if (i == -1) {
+ return 0; /* mailbox doesn't exist */
+ }
+ if (unlink (mailfile) != 0) {
+ fprintf (stderr,
+ _("%s: warning: can't remove %s: %s\n"),
+ Prog, mailfile, strerror (errno));
+ SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting mail file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ errors = 1;
+ /* continue */
+ }
+#ifdef WITH_AUDIT
+ else
+ {
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting mail file",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_SUCCESS);
+ }
+#endif /* WITH_AUDIT */
+ return errors;
+}
+
+#ifdef WITH_TCB
+static int remove_tcbdir (const char *user_name, uid_t user_id)
+{
+ char *buf;
+ int ret = 0;
+ size_t bufsize = (sizeof TCB_DIR) + strlen (user_name) + 2;
+
+ if (!getdef_bool ("USE_TCB")) {
+ return 0;
+ }
+
+ buf = malloc (buflen);
+ if (NULL == buf) {
+ fprintf (stderr, _("%s: Can't allocate memory, "
+ "tcb entry for %s not removed.\n"),
+ Prog, user_name);
+ return 1;
+ }
+ snprintf (buf, buflen, TCB_DIR "/%s", user_name);
+ if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
+ fprintf (stderr, _("%s: Cannot drop privileges: %s\n"),
+ Prog, strerror (errno));
+ shadowtcb_gain_priv ();
+ free (buf);
+ return 1;
+ }
+ /* Only remove directory contents with dropped privileges.
+ * We will regain them and remove the user's tcb directory afterwards.
+ */
+ if (remove_tree (buf, false) != 0) {
+ fprintf (stderr, _("%s: Cannot remove the content of %s: %s\n"),
+ Prog, buf, strerror (errno));
+ shadowtcb_gain_priv ();
+ free (buf);
+ return 1;
+ }
+ shadowtcb_gain_priv ();
+ free (buf);
+ if (shadowtcb_remove (user_name) == SHADOWTCB_FAILURE) {
+ fprintf (stderr, _("%s: Cannot remove tcb files for %s: %s\n"),
+ Prog, user_name, strerror (errno));
+ ret = 1;
+ }
+ return ret;
+}
+#endif /* WITH_TCB */
+
+/*
+ * main - userdel command
+ */
+int main (int argc, char **argv)
+{
+ int errors = 0; /* Error in the removal of the home directory */
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ int retval;
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+
+ /*
+ * Get my name so that I can use it to report errors.
+ */
+ Prog = Basename (argv[0]);
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("userdel");
+#ifdef WITH_AUDIT
+ audit_help_open ();
+#endif /* WITH_AUDIT */
+
+ {
+ /*
+ * Parse the command line options.
+ */
+ int c;
+ static struct option long_options[] = {
+ {"force", no_argument, NULL, 'f'},
+ {"help", no_argument, NULL, 'h'},
+ {"remove", no_argument, NULL, 'r'},
+ {"root", required_argument, NULL, 'R'},
+#ifdef WITH_SELINUX
+ {"selinux-user", no_argument, NULL, 'Z'},
+#endif /* WITH_SELINUX */
+ {NULL, 0, NULL, '\0'}
+ };
+ while ((c = getopt_long (argc, argv,
+#ifdef WITH_SELINUX
+ "fhrR:Z",
+#else /* !WITH_SELINUX */
+ "fhrR:",
+#endif /* !WITH_SELINUX */
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'f': /* force remove even if not owned by user */
+ fflg = true;
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ break;
+ case 'r': /* remove home dir and mailbox */
+ rflg = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+#ifdef WITH_SELINUX
+ case 'Z':
+ if (is_selinux_enabled () > 0) {
+ Zflg = true;
+ } else {
+ fprintf (stderr,
+ _("%s: -Z requires SELinux enabled kernel\n"),
+ Prog);
+
+ exit (E_BAD_ARG);
+ }
+ break;
+#endif /* WITH_SELINUX */
+ default:
+ usage (E_USAGE);
+ }
+ }
+ }
+
+ if ((optind + 1) != argc) {
+ usage (E_USAGE);
+ }
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ exit (E_PW_UPDATE);
+ }
+
+ retval = pam_start ("userdel", pampw->pw_name, &conv, &pamh);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ exit (E_PW_UPDATE);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+
+ is_shadow_pwd = spw_file_present ();
+#ifdef SHADOWGRP
+ is_shadow_grp = sgr_file_present ();
+#endif /* SHADOWGRP */
+#ifdef ENABLE_SUBIDS
+ is_sub_uid = sub_uid_file_present ();
+ is_sub_gid = sub_gid_file_present ();
+#endif /* ENABLE_SUBIDS */
+
+ /*
+ * Start with a quick check to see if the user exists.
+ */
+ user_name = argv[argc - 1];
+ {
+ struct passwd *pwd;
+ pwd = getpwnam (user_name); /* local, no need for xgetpwnam */
+ if (NULL == pwd) {
+ fprintf (stderr, _("%s: user '%s' does not exist\n"),
+ Prog, user_name);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting user not found",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ exit (E_NOTFOUND);
+ }
+ user_id = pwd->pw_uid;
+ user_gid = pwd->pw_gid;
+ user_home = xstrdup (pwd->pw_dir);
+ }
+#ifdef WITH_TCB
+ if (shadowtcb_set_user (user_name) == SHADOWTCB_FAILURE) {
+ exit (E_NOTFOUND);
+ }
+#endif /* WITH_TCB */
+#ifdef USE_NIS
+
+ /*
+ * Now make sure it isn't an NIS user.
+ */
+ if (__ispwNIS ()) {
+ char *nis_domain;
+ char *nis_master;
+
+ fprintf (stderr,
+ _("%s: user %s is a NIS user\n"), Prog, user_name);
+ if ( !yp_get_default_domain (&nis_domain)
+ && !yp_master (nis_domain, "passwd.byname", &nis_master)) {
+ fprintf (stderr,
+ _("%s: %s is the NIS master\n"),
+ Prog, nis_master);
+ }
+ exit (E_NOTFOUND);
+ }
+#endif /* USE_NIS */
+ /*
+ * Check to make certain the user isn't logged in.
+ * Note: This is a best effort basis. The user may log in between,
+ * a cron job may be started on her behalf, etc.
+ */
+ if (user_busy (user_name, user_id) != 0) {
+ if (!fflg) {
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting user logged in",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ exit (E_USER_BUSY);
+ }
+ }
+
+ /*
+ * Do the hard stuff - open the files, create the user entries,
+ * create the home directory, then close and update the files.
+ */
+ open_files ();
+ update_user ();
+ update_groups ();
+
+ if (rflg) {
+ errors += remove_mailbox ();
+ }
+ if (rflg) {
+ int home_owned = is_owner (user_id, user_home);
+ if (-1 == home_owned) {
+ fprintf (stderr,
+ _("%s: %s home directory (%s) not found\n"),
+ Prog, user_name, user_home);
+ rflg = 0;
+ } else if ((0 == home_owned) && !fflg) {
+ fprintf (stderr,
+ _("%s: %s not owned by %s, not removing\n"),
+ Prog, user_home, user_name);
+ rflg = 0;
+ errors++;
+ /* continue */
+ }
+ }
+
+#ifdef EXTRA_CHECK_HOME_DIR
+ /* This may be slow, the above should be good enough. */
+ if (rflg && !fflg) {
+ struct passwd *pwd;
+ /*
+ * For safety, refuse to remove the home directory if it
+ * would result in removing some other user's home
+ * directory. Still not perfect so be careful, but should
+ * prevent accidents if someone has /home or / as home
+ * directory... --marekm
+ */
+ setpwent ();
+ while ((pwd = getpwent ())) {
+ if (strcmp (pwd->pw_name, user_name) == 0) {
+ continue;
+ }
+ if (path_prefix (user_home, pwd->pw_dir)) {
+ fprintf (stderr,
+ _("%s: not removing directory %s (would remove home of user %s)\n"),
+ Prog, user_home, pwd->pw_name);
+ rflg = false;
+ errors++;
+ /* continue */
+ break;
+ }
+ }
+ endpwent ();
+ }
+#endif /* EXTRA_CHECK_HOME_DIR */
+
+ if (rflg) {
+ if (remove_tree (user_home, true) != 0) {
+ fprintf (stderr,
+ _("%s: error removing directory %s\n"),
+ Prog, user_home);
+ errors++;
+ /* continue */
+ }
+#ifdef WITH_AUDIT
+ else
+ {
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting home directory",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_SUCCESS);
+ }
+#endif /* WITH_AUDIT */
+ }
+#ifdef WITH_AUDIT
+ if (0 != errors) {
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting home directory",
+ user_name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+ }
+#endif /* WITH_AUDIT */
+
+#ifdef WITH_SELINUX
+ if (Zflg) {
+ if (del_seuser (user_name) != 0) {
+ fprintf (stderr,
+ _("%s: warning: the user name %s to SELinux user mapping removal failed.\n"),
+ Prog, user_name);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "removing SELinux user mapping",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_SE_UPDATE);
+ }
+ }
+#endif /* WITH_SELINUX */
+
+ /*
+ * Cancel any crontabs or at jobs. Have to do this before we remove
+ * the entry from /etc/passwd.
+ */
+ user_cancel (user_name);
+ close_files ();
+
+#ifdef WITH_TCB
+ errors += remove_tcbdir (user_name, user_id);
+#endif /* WITH_TCB */
+
+ nscd_flush_cache ("passwd");
+ nscd_flush_cache ("group");
+
+ return ((0 != errors) ? E_HOMEDIR : E_SUCCESS);
+}
+
diff --git a/src/usermod.c b/src/usermod.c
new file mode 100644
index 0000000..9c5e479
--- /dev/null
+++ b/src/usermod.c
@@ -0,0 +1,2285 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <lastlog.h>
+#include <pwd.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <time.h>
+#include "chkname.h"
+#include "defines.h"
+#include "faillog.h"
+#include "getdef.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+#include "shadowio.h"
+#ifdef ENABLE_SUBIDS
+#include "subordinateio.h"
+#endif /* ENABLE_SUBIDS */
+#ifdef WITH_TCB
+#include "tcbfuncs.h"
+#endif
+
+/*
+ * exit status values
+ * for E_GRP_UPDATE and E_NOSPACE (not used yet), other update requests
+ * will be implemented (as documented in the Solaris 2.x man page).
+ */
+/*@-exitarg@*/
+#define E_SUCCESS 0 /* success */
+#define E_PW_UPDATE 1 /* can't update password file */
+#define E_USAGE 2 /* invalid command syntax */
+#define E_BAD_ARG 3 /* invalid argument to option */
+#define E_UID_IN_USE 4 /* UID already in use (and no -o) */
+/* #define E_BAD_PWFILE 5 passwd file contains errors */
+#define E_NOTFOUND 6 /* specified user/group doesn't exist */
+#define E_USER_BUSY 8 /* user to modify is logged in */
+#define E_NAME_IN_USE 9 /* username already in use */
+#define E_GRP_UPDATE 10 /* can't update group file */
+/* #define E_NOSPACE 11 insufficient space to move home dir */
+#define E_HOMEDIR 12 /* unable to complete home dir move */
+#define E_SE_UPDATE 13 /* can't update SELinux user mapping */
+#ifdef ENABLE_SUBIDS
+#define E_SUB_UID_UPDATE 16 /* can't update the subordinate uid file */
+#define E_SUB_GID_UPDATE 18 /* can't update the subordinate gid file */
+#endif /* ENABLE_SUBIDS */
+
+#define VALID(s) (strcspn (s, ":\n") == strlen (s))
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static char *user_name;
+static char *user_newname;
+static char *user_pass;
+static uid_t user_id;
+static uid_t user_newid;
+static gid_t user_gid;
+static gid_t user_newgid;
+static char *user_comment;
+static char *user_newcomment;
+static char *user_home;
+static char *user_newhome;
+static char *user_shell;
+#ifdef WITH_SELINUX
+static const char *user_selinux = "";
+#endif /* WITH_SELINUX */
+static char *user_newshell;
+static long user_expire;
+static long user_newexpire;
+static long user_inactive;
+static long user_newinactive;
+static long sys_ngroups;
+static char **user_groups; /* NULL-terminated list */
+
+static bool
+ aflg = false, /* append to existing secondary group set */
+ cflg = false, /* new comment (GECOS) field */
+ dflg = false, /* new home directory */
+ eflg = false, /* days since 1970-01-01 when account becomes expired */
+ fflg = false, /* days until account with expired password is locked */
+ gflg = false, /* new primary group ID */
+ Gflg = false, /* new secondary group set */
+ Lflg = false, /* lock the password */
+ lflg = false, /* new user name */
+ mflg = false, /* create user's home directory if it doesn't exist */
+ oflg = false, /* permit non-unique user ID to be specified with -u */
+ pflg = false, /* new encrypted password */
+ sflg = false, /* new shell program */
+#ifdef WITH_SELINUX
+ Zflg = false, /* new selinux user */
+#endif
+#ifdef ENABLE_SUBIDS
+ vflg = false, /* add subordinate uids */
+ Vflg = false, /* delete subordinate uids */
+ wflg = false, /* add subordinate gids */
+ Wflg = false, /* delete subordinate gids */
+#endif /* ENABLE_SUBIDS */
+ uflg = false, /* specify new user ID */
+ Uflg = false; /* unlock the password */
+
+static bool is_shadow_pwd;
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+#endif
+
+#ifdef ENABLE_SUBIDS
+static bool is_sub_uid = false;
+static bool is_sub_gid = false;
+#endif /* ENABLE_SUBIDS */
+
+static bool pw_locked = false;
+static bool spw_locked = false;
+static bool gr_locked = false;
+#ifdef SHADOWGRP
+static bool sgr_locked = false;
+#endif
+#ifdef ENABLE_SUBIDS
+static bool sub_uid_locked = false;
+static bool sub_gid_locked = false;
+#endif /* ENABLE_SUBIDS */
+
+
+/* local function prototypes */
+static void date_to_str (/*@unique@*//*@out@*/char *buf, size_t maxsize,
+ long int date);
+static int get_groups (char *);
+static /*@noreturn@*/void usage (int status);
+static void new_pwent (struct passwd *);
+static void new_spent (struct spwd *);
+static /*@noreturn@*/void fail_exit (int);
+static void update_group (void);
+
+#ifdef SHADOWGRP
+static void update_gshadow (void);
+#endif
+static void grp_update (void);
+
+static void process_flags (int, char **);
+static void close_files (void);
+static void open_files (void);
+static void usr_update (void);
+static void move_home (void);
+static void update_lastlog (void);
+static void update_faillog (void);
+
+#ifndef NO_MOVE_MAILBOX
+static void move_mailbox (void);
+#endif
+
+static void date_to_str (/*@unique@*//*@out@*/char *buf, size_t maxsize,
+ long int date)
+{
+ struct tm *tp;
+
+ if (date < 0) {
+ strncpy (buf, "never", maxsize);
+ } else {
+ time_t t = (time_t) date;
+ tp = gmtime (&t);
+#ifdef HAVE_STRFTIME
+ strftime (buf, maxsize, "%Y-%m-%d", tp);
+#else
+ (void) snprintf (buf, maxsize, "%04d-%02d-%02d",
+ tp->tm_year + 1900,
+ tp->tm_mon + 1,
+ tp->tm_mday);
+#endif /* HAVE_STRFTIME */
+ }
+ buf[maxsize - 1] = '\0';
+}
+
+/*
+ * get_groups - convert a list of group names to an array of group IDs
+ *
+ * get_groups() takes a comma-separated list of group names and
+ * converts it to a NULL-terminated array. Any unknown group names are
+ * reported as errors.
+ */
+static int get_groups (char *list)
+{
+ char *cp;
+ const struct group *grp;
+ int errors = 0;
+ int ngroups = 0;
+
+ /*
+ * Initialize the list to be empty
+ */
+ user_groups[0] = (char *) 0;
+
+ if ('\0' == *list) {
+ return 0;
+ }
+
+ /*
+ * So long as there is some data to be converted, strip off each
+ * name and look it up. A mix of numerical and string values for
+ * group identifiers is permitted.
+ */
+ do {
+ /*
+ * Strip off a single name from the list
+ */
+ cp = strchr (list, ',');
+ if (NULL != cp) {
+ *cp = '\0';
+ cp++;
+ }
+
+ /*
+ * Names starting with digits are treated as numerical GID
+ * values, otherwise the string is looked up as is.
+ */
+ grp = getgr_nam_gid (list);
+
+ /*
+ * There must be a match, either by GID value or by
+ * string name.
+ */
+ if (NULL == grp) {
+ fprintf (stderr, _("%s: group '%s' does not exist\n"),
+ Prog, list);
+ errors++;
+ }
+ list = cp;
+
+ /*
+ * If the group doesn't exist, don't dump core. Instead,
+ * try the next one. --marekm
+ */
+ if (NULL == grp) {
+ continue;
+ }
+
+#ifdef USE_NIS
+ /*
+ * Don't add this group if they are an NIS group. Tell the
+ * user to go to the server for this group.
+ */
+ if (__isgrNIS ()) {
+ fprintf (stderr,
+ _("%s: group '%s' is a NIS group.\n"),
+ Prog, grp->gr_name);
+ gr_free ((struct group *)grp);
+ continue;
+ }
+#endif
+
+ if (ngroups == sys_ngroups) {
+ fprintf (stderr,
+ _("%s: too many groups specified (max %d).\n"),
+ Prog, ngroups);
+ gr_free ((struct group *)grp);
+ break;
+ }
+
+ /*
+ * Add the group name to the user's list of groups.
+ */
+ user_groups[ngroups++] = xstrdup (grp->gr_name);
+ gr_free ((struct group *)grp);
+ } while (NULL != list);
+
+ user_groups[ngroups] = (char *) 0;
+
+ /*
+ * Any errors in finding group names are fatal
+ */
+ if (0 != errors) {
+ return -1;
+ }
+
+ return 0;
+}
+
+#ifdef ENABLE_SUBIDS
+struct ulong_range
+{
+ unsigned long first;
+ unsigned long last;
+};
+
+static struct ulong_range getulong_range(const char *str)
+{
+ struct ulong_range result = { .first = ULONG_MAX, .last = 0 };
+ long long first, last;
+ char *pos;
+
+ errno = 0;
+ first = strtoll(str, &pos, 10);
+ if (('\0' == *str) || ('-' != *pos ) || (ERANGE == errno) ||
+ (first != (unsigned long int)first))
+ goto out;
+
+ errno = 0;
+ last = strtoll(pos + 1, &pos, 10);
+ if (('\0' != *pos ) || (ERANGE == errno) ||
+ (last != (unsigned long int)last))
+ goto out;
+
+ if (first > last)
+ goto out;
+
+ result.first = (unsigned long int)first;
+ result.last = (unsigned long int)last;
+out:
+ return result;
+
+}
+
+struct ulong_range_list_entry {
+ struct ulong_range_list_entry *next;
+ struct ulong_range range;
+};
+
+static struct ulong_range_list_entry *add_sub_uids = NULL, *del_sub_uids = NULL;
+static struct ulong_range_list_entry *add_sub_gids = NULL, *del_sub_gids = NULL;
+
+static int prepend_range(const char *str, struct ulong_range_list_entry **head)
+{
+ struct ulong_range range;
+ struct ulong_range_list_entry *entry;
+ range = getulong_range(str);
+ if (range.first > range.last)
+ return 0;
+
+ entry = malloc(sizeof(*entry));
+ if (!entry) {
+ fprintf (stderr,
+ _("%s: failed to allocate memory: %s\n"),
+ Prog, strerror (errno));
+ return 0;
+ }
+ entry->next = *head;
+ entry->range = range;
+ *head = entry;
+ return 1;
+}
+#endif /* ENABLE_SUBIDS */
+
+/*
+ * usage - display usage message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options] LOGIN\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -c, --comment COMMENT new value of the GECOS field\n"), usageout);
+ (void) fputs (_(" -d, --home HOME_DIR new home directory for the user account\n"), usageout);
+ (void) fputs (_(" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"), usageout);
+ (void) fputs (_(" -f, --inactive INACTIVE set password inactive after expiration\n"
+ " to INACTIVE\n"), usageout);
+ (void) fputs (_(" -g, --gid GROUP force use GROUP as new primary group\n"), usageout);
+ (void) fputs (_(" -G, --groups GROUPS new list of supplementary GROUPS\n"), usageout);
+ (void) fputs (_(" -a, --append append the user to the supplemental GROUPS\n"
+ " mentioned by the -G option without removing\n"
+ " him/her from other groups\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -l, --login NEW_LOGIN new value of the login name\n"), usageout);
+ (void) fputs (_(" -L, --lock lock the user account\n"), usageout);
+ (void) fputs (_(" -m, --move-home move contents of the home directory to the\n"
+ " new location (use only with -d)\n"), usageout);
+ (void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout);
+ (void) fputs (_(" -p, --password PASSWORD use encrypted password for the new password\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout);
+ (void) fputs (_(" -u, --uid UID new UID for the user account\n"), usageout);
+ (void) fputs (_(" -U, --unlock unlock the user account\n"), usageout);
+#ifdef ENABLE_SUBIDS
+ (void) fputs (_(" -v, --add-subuids FIRST-LAST add range of subordinate uids\n"), usageout);
+ (void) fputs (_(" -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"), usageout);
+ (void) fputs (_(" -w, --add-subgids FIRST-LAST add range of subordinate gids\n"), usageout);
+ (void) fputs (_(" -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"), usageout);
+#endif /* ENABLE_SUBIDS */
+#ifdef WITH_SELINUX
+ (void) fputs (_(" -Z, --selinux-user SEUSER new SELinux user mapping for the user account\n"), usageout);
+#endif /* WITH_SELINUX */
+ (void) fputs ("\n", usageout);
+ exit (status);
+}
+
+/*
+ * update encrypted password string (for both shadow and non-shadow
+ * passwords)
+ */
+static char *new_pw_passwd (char *pw_pass)
+{
+ if (Lflg && ('!' != pw_pass[0])) {
+ char *buf = xmalloc (strlen (pw_pass) + 2);
+
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "updating passwd",
+ user_newname, (unsigned int) user_newid, 0);
+#endif
+ SYSLOG ((LOG_INFO, "lock user '%s' password", user_newname));
+ strcpy (buf, "!");
+ strcat (buf, pw_pass);
+ pw_pass = buf;
+ } else if (Uflg && pw_pass[0] == '!') {
+ char *s;
+
+ if (pw_pass[1] == '\0') {
+ fprintf (stderr,
+ _("%s: unlocking the user's password would result in a passwordless account.\n"
+ "You should set a password with usermod -p to unlock this user's password.\n"),
+ Prog);
+ return pw_pass;
+ }
+
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "updating password",
+ user_newname, (unsigned int) user_newid, 0);
+#endif
+ SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname));
+ s = pw_pass;
+ while ('\0' != *s) {
+ *s = *(s + 1);
+ s++;
+ }
+ } else if (pflg) {
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing password",
+ user_newname, (unsigned int) user_newid, 1);
+#endif
+ SYSLOG ((LOG_INFO, "change user '%s' password", user_newname));
+ pw_pass = xstrdup (user_pass);
+ }
+ return pw_pass;
+}
+
+/*
+ * new_pwent - initialize the values in a password file entry
+ *
+ * new_pwent() takes all of the values that have been entered and fills
+ * in a (struct passwd) with them.
+ */
+static void new_pwent (struct passwd *pwent)
+{
+ if (lflg) {
+ if (pw_locate (user_newname) != NULL) {
+ /* This should never happen.
+ * It was already checked that the user doesn't
+ * exist on the system.
+ */
+ fprintf (stderr,
+ _("%s: user '%s' already exists in %s\n"),
+ Prog, user_newname, pw_dbname ());
+ fail_exit (E_NAME_IN_USE);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing name",
+ user_newname, (unsigned int) user_newid, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "change user name '%s' to '%s'",
+ pwent->pw_name, user_newname));
+ pwent->pw_name = xstrdup (user_newname);
+ }
+ /* Update the password in passwd if there is no shadow file or if
+ * the password is currently in passwd (pw_passwd != "x").
+ * We do not force the usage of shadow passwords if they are not
+ * used for this account.
+ */
+ if ( (!is_shadow_pwd)
+ || (strcmp (pwent->pw_passwd, SHADOW_PASSWD_STRING) != 0)) {
+ pwent->pw_passwd = new_pw_passwd (pwent->pw_passwd);
+ }
+
+ if (uflg) {
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing uid",
+ user_newname, (unsigned int) user_newid, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "change user '%s' UID from '%d' to '%d'",
+ pwent->pw_name, pwent->pw_uid, user_newid));
+ pwent->pw_uid = user_newid;
+ }
+ if (gflg) {
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing primary group",
+ user_newname, (unsigned int) user_newid, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "change user '%s' GID from '%d' to '%d'",
+ pwent->pw_name, pwent->pw_gid, user_newgid));
+ pwent->pw_gid = user_newgid;
+ }
+ if (cflg) {
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing comment",
+ user_newname, (unsigned int) user_newid, 1);
+#endif
+ pwent->pw_gecos = user_newcomment;
+ }
+
+ if (dflg) {
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing home directory",
+ user_newname, (unsigned int) user_newid, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "change user '%s' home from '%s' to '%s'",
+ pwent->pw_name, pwent->pw_dir, user_newhome));
+ pwent->pw_dir = user_newhome;
+ }
+ if (sflg) {
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing user shell",
+ user_newname, (unsigned int) user_newid, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "change user '%s' shell from '%s' to '%s'",
+ pwent->pw_name, pwent->pw_shell, user_newshell));
+ pwent->pw_shell = user_newshell;
+ }
+}
+
+/*
+ * new_spent - initialize the values in a shadow password file entry
+ *
+ * new_spent() takes all of the values that have been entered and fills
+ * in a (struct spwd) with them.
+ */
+static void new_spent (struct spwd *spent)
+{
+ if (lflg) {
+ if (spw_locate (user_newname) != NULL) {
+ fprintf (stderr,
+ _("%s: user '%s' already exists in %s\n"),
+ Prog, user_newname, spw_dbname ());
+ fail_exit (E_NAME_IN_USE);
+ }
+ spent->sp_namp = xstrdup (user_newname);
+ }
+
+ if (fflg) {
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing inactive days",
+ user_newname, (unsigned int) user_newid, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "change user '%s' inactive from '%ld' to '%ld'",
+ spent->sp_namp, spent->sp_inact, user_newinactive));
+ spent->sp_inact = user_newinactive;
+ }
+ if (eflg) {
+ /* log dates rather than numbers of days. */
+ char new_exp[16], old_exp[16];
+ date_to_str (new_exp, sizeof(new_exp),
+ user_newexpire * DAY);
+ date_to_str (old_exp, sizeof(old_exp),
+ user_expire * DAY);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing expiration date",
+ user_newname, (unsigned int) user_newid, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "change user '%s' expiration from '%s' to '%s'",
+ spent->sp_namp, old_exp, new_exp));
+ spent->sp_expire = user_newexpire;
+ }
+
+ /* Always update the shadowed password if there is a shadow entry
+ * (even if shadowed passwords might not be enabled for this
+ * account (pw_passwd != "x")).
+ * It seems better to update the password in both places in case a
+ * shadow and a non shadow entry exist.
+ * This might occur if:
+ * + there were already both entries
+ * + aging has been requested
+ */
+ spent->sp_pwdp = new_pw_passwd (spent->sp_pwdp);
+
+ if (pflg) {
+ spent->sp_lstchg = (long) gettime () / SCALE;
+ if (0 == spent->sp_lstchg) {
+ /* Better disable aging than requiring a password
+ * change. */
+ spent->sp_lstchg = -1;
+ }
+ }
+}
+
+/*
+ * fail_exit - exit with an error code after unlocking files
+ */
+static /*@noreturn@*/void fail_exit (int code)
+{
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ }
+#ifdef SHADOWGRP
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ }
+#endif
+ if (spw_locked) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ }
+ if (pw_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ }
+#ifdef ENABLE_SUBIDS
+ if (sub_uid_locked) {
+ if (sub_uid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+ /* continue */
+ }
+ }
+ if (sub_gid_locked) {
+ if (sub_gid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+ /* continue */
+ }
+ }
+#endif /* ENABLE_SUBIDS */
+
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "modifying account",
+ user_name, AUDIT_NO_ID, 0);
+#endif
+ exit (code);
+}
+
+
+static void update_group (void)
+{
+ bool is_member;
+ bool was_member;
+ bool changed;
+ const struct group *grp;
+ struct group *ngrp;
+
+ changed = false;
+
+ /*
+ * Scan through the entire group file looking for the groups that
+ * the user is a member of.
+ */
+ while ((grp = gr_next ()) != NULL) {
+ /*
+ * See if the user specified this group as one of their
+ * concurrent groups.
+ */
+ was_member = is_on_list (grp->gr_mem, user_name);
+ is_member = Gflg && ( (was_member && aflg)
+ || is_on_list (user_groups, grp->gr_name));
+
+ if (!was_member && !is_member) {
+ continue;
+ }
+
+ ngrp = __gr_dup (grp);
+ if (NULL == ngrp) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, gr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+
+ if (was_member) {
+ if ((!Gflg) || is_member) {
+ /* User was a member and is still a member
+ * of this group.
+ * But the user might have been renamed.
+ */
+ if (lflg) {
+ ngrp->gr_mem = del_list (ngrp->gr_mem,
+ user_name);
+ ngrp->gr_mem = add_list (ngrp->gr_mem,
+ user_newname);
+ changed = true;
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing group member",
+ user_newname, AUDIT_NO_ID, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "change '%s' to '%s' in group '%s'",
+ user_name, user_newname,
+ ngrp->gr_name));
+ }
+ } else {
+ /* User was a member but is no more a
+ * member of this group.
+ */
+ ngrp->gr_mem = del_list (ngrp->gr_mem, user_name);
+ changed = true;
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "removing group member",
+ user_name, AUDIT_NO_ID, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "delete '%s' from group '%s'",
+ user_name, ngrp->gr_name));
+ }
+ } else {
+ /* User was not a member but is now a member this
+ * group.
+ */
+ ngrp->gr_mem = add_list (ngrp->gr_mem, user_newname);
+ changed = true;
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "adding user to group",
+ user_name, AUDIT_NO_ID, 1);
+#endif
+ SYSLOG ((LOG_INFO, "add '%s' to group '%s'",
+ user_newname, ngrp->gr_name));
+ }
+ if (!changed) {
+ continue;
+ }
+
+ changed = false;
+ if (gr_update (ngrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), ngrp->gr_name);
+ SYSLOG ((LOG_WARN, "failed to prepare the new %s entry '%s'", gr_dbname (), ngrp->gr_name));
+ fail_exit (E_GRP_UPDATE);
+ }
+ }
+}
+
+#ifdef SHADOWGRP
+static void update_gshadow (void)
+{
+ bool is_member;
+ bool was_member;
+ bool was_admin;
+ bool changed;
+ const struct sgrp *sgrp;
+ struct sgrp *nsgrp;
+
+ changed = false;
+
+ /*
+ * Scan through the entire shadow group file looking for the groups
+ * that the user is a member of.
+ */
+ while ((sgrp = sgr_next ()) != NULL) {
+
+ /*
+ * See if the user was a member of this group
+ */
+ was_member = is_on_list (sgrp->sg_mem, user_name);
+
+ /*
+ * See if the user was an administrator of this group
+ */
+ was_admin = is_on_list (sgrp->sg_adm, user_name);
+
+ /*
+ * See if the user specified this group as one of their
+ * concurrent groups.
+ */
+ is_member = Gflg && ( (was_member && aflg)
+ || is_on_list (user_groups, sgrp->sg_name));
+
+ if (!was_member && !was_admin && !is_member) {
+ continue;
+ }
+
+ nsgrp = __sgr_dup (sgrp);
+ if (NULL == nsgrp) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+
+ if (was_admin && lflg) {
+ /* User was an admin of this group but the user
+ * has been renamed.
+ */
+ nsgrp->sg_adm = del_list (nsgrp->sg_adm, user_name);
+ nsgrp->sg_adm = add_list (nsgrp->sg_adm, user_newname);
+ changed = true;
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing admin name in shadow group",
+ user_name, AUDIT_NO_ID, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "change admin '%s' to '%s' in shadow group '%s'",
+ user_name, user_newname, nsgrp->sg_name));
+ }
+
+ if (was_member) {
+ if ((!Gflg) || is_member) {
+ /* User was a member and is still a member
+ * of this group.
+ * But the user might have been renamed.
+ */
+ if (lflg) {
+ nsgrp->sg_mem = del_list (nsgrp->sg_mem,
+ user_name);
+ nsgrp->sg_mem = add_list (nsgrp->sg_mem,
+ user_newname);
+ changed = true;
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing member in shadow group",
+ user_name, AUDIT_NO_ID, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "change '%s' to '%s' in shadow group '%s'",
+ user_name, user_newname,
+ nsgrp->sg_name));
+ }
+ } else {
+ /* User was a member but is no more a
+ * member of this group.
+ */
+ nsgrp->sg_mem = del_list (nsgrp->sg_mem, user_name);
+ changed = true;
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "removing user from shadow group",
+ user_name, AUDIT_NO_ID, 1);
+#endif
+ SYSLOG ((LOG_INFO,
+ "delete '%s' from shadow group '%s'",
+ user_name, nsgrp->sg_name));
+ }
+ } else if (is_member) {
+ /* User was not a member but is now a member this
+ * group.
+ */
+ nsgrp->sg_mem = add_list (nsgrp->sg_mem, user_newname);
+ changed = true;
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "adding user to shadow group",
+ user_newname, AUDIT_NO_ID, 1);
+#endif
+ SYSLOG ((LOG_INFO, "add '%s' to shadow group '%s'",
+ user_newname, nsgrp->sg_name));
+ }
+ if (!changed) {
+ continue;
+ }
+
+ changed = false;
+
+ /*
+ * Update the group entry to reflect the changes.
+ */
+ if (sgr_update (nsgrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), nsgrp->sg_name);
+ SYSLOG ((LOG_WARN, "failed to prepare the new %s entry '%s'",
+ sgr_dbname (), nsgrp->sg_name));
+ fail_exit (E_GRP_UPDATE);
+ }
+ }
+}
+#endif /* SHADOWGRP */
+
+/*
+ * grp_update - add user to secondary group set
+ *
+ * grp_update() takes the secondary group set given in user_groups and
+ * adds the user to each group given by that set.
+ */
+static void grp_update (void)
+{
+ update_group ();
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ update_gshadow ();
+ }
+#endif
+}
+
+/*
+ * process_flags - perform command line argument setting
+ *
+ * process_flags() interprets the command line arguments and sets the
+ * values that the user will be created with accordingly. The values
+ * are checked for sanity.
+ */
+static void process_flags (int argc, char **argv)
+{
+ const struct group *grp;
+
+ bool anyflag = false;
+
+ {
+ /*
+ * Parse the command line options.
+ */
+ int c;
+ static struct option long_options[] = {
+ {"append", no_argument, NULL, 'a'},
+ {"comment", required_argument, NULL, 'c'},
+ {"home", required_argument, NULL, 'd'},
+ {"expiredate", required_argument, NULL, 'e'},
+ {"inactive", required_argument, NULL, 'f'},
+ {"gid", required_argument, NULL, 'g'},
+ {"groups", required_argument, NULL, 'G'},
+ {"help", no_argument, NULL, 'h'},
+ {"login", required_argument, NULL, 'l'},
+ {"lock", no_argument, NULL, 'L'},
+ {"move-home", no_argument, NULL, 'm'},
+ {"non-unique", no_argument, NULL, 'o'},
+ {"password", required_argument, NULL, 'p'},
+ {"root", required_argument, NULL, 'R'},
+ {"shell", required_argument, NULL, 's'},
+ {"uid", required_argument, NULL, 'u'},
+ {"unlock", no_argument, NULL, 'U'},
+#ifdef ENABLE_SUBIDS
+ {"add-subuids", required_argument, NULL, 'v'},
+ {"del-subuids", required_argument, NULL, 'V'},
+ {"add-subgids", required_argument, NULL, 'w'},
+ {"del-subgids", required_argument, NULL, 'W'},
+#endif /* ENABLE_SUBIDS */
+#ifdef WITH_SELINUX
+ {"selinux-user", required_argument, NULL, 'Z'},
+#endif /* WITH_SELINUX */
+ {NULL, 0, NULL, '\0'}
+ };
+ while ((c = getopt_long (argc, argv,
+ "ac:d:e:f:g:G:hl:Lmop:R:s:u:U"
+#ifdef ENABLE_SUBIDS
+ "v:w:V:W:"
+#endif /* ENABLE_SUBIDS */
+#ifdef WITH_SELINUX
+ "Z:"
+#endif /* WITH_SELINUX */
+ , long_options, NULL)) != -1) {
+ switch (c) {
+ case 'a':
+ aflg = true;
+ break;
+ case 'c':
+ if (!VALID (optarg)) {
+ fprintf (stderr,
+ _("%s: invalid field '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ user_newcomment = optarg;
+ cflg = true;
+ break;
+ case 'd':
+ if (!VALID (optarg)) {
+ fprintf (stderr,
+ _("%s: invalid field '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ dflg = true;
+ user_newhome = optarg;
+ break;
+ case 'e':
+ if ('\0' != *optarg) {
+ user_newexpire = strtoday (optarg);
+ if (user_newexpire < -1) {
+ fprintf (stderr,
+ _("%s: invalid date '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ user_newexpire *= DAY / SCALE;
+ } else {
+ user_newexpire = -1;
+ }
+ eflg = true;
+ break;
+ case 'f':
+ if ( (getlong (optarg, &user_newinactive) == 0)
+ || (user_newinactive < -1)) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ fflg = true;
+ break;
+ case 'g':
+ grp = getgr_nam_gid (optarg);
+ if (NULL == grp) {
+ fprintf (stderr,
+ _("%s: group '%s' does not exist\n"),
+ Prog, optarg);
+ exit (E_NOTFOUND);
+ }
+ user_newgid = grp->gr_gid;
+ gflg = true;
+ break;
+ case 'G':
+ if (get_groups (optarg) != 0) {
+ exit (E_NOTFOUND);
+ }
+ Gflg = true;
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
+ case 'l':
+ if (!is_valid_user_name (optarg)) {
+ fprintf (stderr,
+ _("%s: invalid user name '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ lflg = true;
+ user_newname = optarg;
+ break;
+ case 'L':
+ Lflg = true;
+ break;
+ case 'm':
+ mflg = true;
+ break;
+ case 'o':
+ oflg = true;
+ break;
+ case 'p':
+ user_pass = optarg;
+ pflg = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 's':
+ if (!VALID (optarg)) {
+ fprintf (stderr,
+ _("%s: invalid field '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ user_newshell = optarg;
+ sflg = true;
+ break;
+ case 'u':
+ if ( (get_uid (optarg, &user_newid) ==0)
+ || (user_newid == (uid_t)-1)) {
+ fprintf (stderr,
+ _("%s: invalid user ID '%s'\n"),
+ Prog, optarg);
+ exit (E_BAD_ARG);
+ }
+ uflg = true;
+ break;
+ case 'U':
+ Uflg = true;
+ break;
+#ifdef ENABLE_SUBIDS
+ case 'v':
+ if (prepend_range (optarg, &add_sub_uids) == 0) {
+ fprintf (stderr,
+ _("%s: invalid subordinate uid range '%s'\n"),
+ Prog, optarg);
+ exit(E_BAD_ARG);
+ }
+ vflg = true;
+ break;
+ case 'V':
+ if (prepend_range (optarg, &del_sub_uids) == 0) {
+ fprintf (stderr,
+ _("%s: invalid subordinate uid range '%s'\n"),
+ Prog, optarg);
+ exit(E_BAD_ARG);
+ }
+ Vflg = true;
+ break;
+ case 'w':
+ if (prepend_range (optarg, &add_sub_gids) == 0) {
+ fprintf (stderr,
+ _("%s: invalid subordinate gid range '%s'\n"),
+ Prog, optarg);
+ exit(E_BAD_ARG);
+ }
+ wflg = true;
+ break;
+ case 'W':
+ if (prepend_range (optarg, &del_sub_gids) == 0) {
+ fprintf (stderr,
+ _("%s: invalid subordinate gid range '%s'\n"),
+ Prog, optarg);
+ exit(E_BAD_ARG);
+ }
+ Wflg = true;
+ break;
+#endif /* ENABLE_SUBIDS */
+#ifdef WITH_SELINUX
+ case 'Z':
+ if (is_selinux_enabled () > 0) {
+ user_selinux = optarg;
+ Zflg = true;
+ } else {
+ fprintf (stderr,
+ _("%s: -Z requires SELinux enabled kernel\n"),
+ Prog);
+ exit (E_BAD_ARG);
+ }
+ break;
+#endif /* WITH_SELINUX */
+ default:
+ usage (E_USAGE);
+ }
+ anyflag = true;
+ }
+ }
+
+ if (optind != argc - 1) {
+ usage (E_USAGE);
+ }
+
+ user_name = argv[argc - 1];
+
+ {
+ const struct passwd *pwd;
+ /* local, no need for xgetpwnam */
+ pwd = getpwnam (user_name);
+ if (NULL == pwd) {
+ fprintf (stderr,
+ _("%s: user '%s' does not exist\n"),
+ Prog, user_name);
+ exit (E_NOTFOUND);
+ }
+
+ user_id = pwd->pw_uid;
+ user_gid = pwd->pw_gid;
+ user_comment = xstrdup (pwd->pw_gecos);
+ user_home = xstrdup (pwd->pw_dir);
+ user_shell = xstrdup (pwd->pw_shell);
+ }
+
+ /* user_newname, user_newid, user_newgid can be used even when the
+ * options where not specified. */
+ if (!lflg) {
+ user_newname = user_name;
+ }
+ if (!uflg) {
+ user_newid = user_id;
+ }
+ if (!gflg) {
+ user_newgid = user_gid;
+ }
+
+#ifdef USE_NIS
+ /*
+ * Now make sure it isn't an NIS user.
+ */
+ if (__ispwNIS ()) {
+ char *nis_domain;
+ char *nis_master;
+
+ fprintf (stderr,
+ _("%s: user %s is a NIS user\n"),
+ Prog, user_name);
+
+ if ( !yp_get_default_domain (&nis_domain)
+ && !yp_master (nis_domain, "passwd.byname", &nis_master)) {
+ fprintf (stderr,
+ _("%s: %s is the NIS master\n"),
+ Prog, nis_master);
+ }
+ exit (E_NOTFOUND);
+ }
+#endif
+
+ {
+ const struct spwd *spwd = NULL;
+ /* local, no need for xgetspnam */
+ if (is_shadow_pwd && ((spwd = getspnam (user_name)) != NULL)) {
+ user_expire = spwd->sp_expire;
+ user_inactive = spwd->sp_inact;
+ }
+ }
+
+ if (!anyflag) {
+ fprintf (stderr, _("%s: no options\n"), Prog);
+ usage (E_USAGE);
+ }
+
+ if (aflg && (!Gflg)) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+ Prog, "-a", "-G");
+ usage (E_USAGE);
+ }
+
+ if ((Lflg && (pflg || Uflg)) || (pflg && Uflg)) {
+ fprintf (stderr,
+ _("%s: the -L, -p, and -U flags are exclusive\n"),
+ Prog);
+ usage (E_USAGE);
+ }
+
+ if (oflg && !uflg) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+ Prog, "-o", "-u");
+ usage (E_USAGE);
+ }
+
+ if (mflg && !dflg) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+ Prog, "-m", "-d");
+ usage (E_USAGE);
+ }
+
+ if (user_newid == user_id) {
+ uflg = false;
+ oflg = false;
+ }
+ if (user_newgid == user_gid) {
+ gflg = false;
+ }
+ if ( (NULL != user_newshell)
+ && (strcmp (user_newshell, user_shell) == 0)) {
+ sflg = false;
+ }
+ if (strcmp (user_newname, user_name) == 0) {
+ lflg = false;
+ }
+ if (user_newinactive == user_inactive) {
+ fflg = false;
+ }
+ if (user_newexpire == user_expire) {
+ eflg = false;
+ }
+ if ( (NULL != user_newhome)
+ && (strcmp (user_newhome, user_home) == 0)) {
+ dflg = false;
+ mflg = false;
+ }
+ if ( (NULL != user_newcomment)
+ && (strcmp (user_newcomment, user_comment) == 0)) {
+ cflg = false;
+ }
+
+ if (!(Uflg || uflg || sflg || pflg || mflg || Lflg ||
+ lflg || Gflg || gflg || fflg || eflg || dflg || cflg
+#ifdef ENABLE_SUBIDS
+ || vflg || Vflg || wflg || Wflg
+#endif /* ENABLE_SUBIDS */
+#ifdef WITH_SELINUX
+ || Zflg
+#endif /* WITH_SELINUX */
+ )) {
+ fprintf (stderr, _("%s: no changes\n"), Prog);
+ exit (E_SUCCESS);
+ }
+
+ if (!is_shadow_pwd && (eflg || fflg)) {
+ fprintf (stderr,
+ _("%s: shadow passwords required for -e and -f\n"),
+ Prog);
+ exit (E_USAGE);
+ }
+
+ /* local, no need for xgetpwnam */
+ if (lflg && (getpwnam (user_newname) != NULL)) {
+ fprintf (stderr,
+ _("%s: user '%s' already exists\n"),
+ Prog, user_newname);
+ exit (E_NAME_IN_USE);
+ }
+
+ /* local, no need for xgetpwuid */
+ if (uflg && !oflg && (getpwuid (user_newid) != NULL)) {
+ fprintf (stderr,
+ _("%s: UID '%lu' already exists\n"),
+ Prog, (unsigned long) user_newid);
+ exit (E_UID_IN_USE);
+ }
+
+#ifdef ENABLE_SUBIDS
+ if ( (vflg || Vflg)
+ && !is_sub_uid) {
+ fprintf (stderr,
+ _("%s: %s does not exist, you cannot use the flags %s or %s\n"),
+ Prog, sub_uid_dbname (), "-v", "-V");
+ exit (E_USAGE);
+ }
+
+ if ( (wflg || Wflg)
+ && !is_sub_gid) {
+ fprintf (stderr,
+ _("%s: %s does not exist, you cannot use the flags %s or %s\n"),
+ Prog, sub_gid_dbname (), "-w", "-W");
+ exit (E_USAGE);
+ }
+#endif /* ENABLE_SUBIDS */
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ * close_files() closes all of the files that were opened for this new
+ * user. This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+ if (pw_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (E_PW_UPDATE);
+ }
+ if (is_shadow_pwd && (spw_close () == 0)) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR,
+ "failure while writing changes to %s",
+ spw_dbname ()));
+ fail_exit (E_PW_UPDATE);
+ }
+
+ if (Gflg || lflg) {
+ if (gr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR,
+ "failure while writing changes to %s",
+ gr_dbname ()));
+ fail_exit (E_GRP_UPDATE);
+ }
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_close () == 0) {
+ fprintf (stderr,
+ _("%s: failure while writing changes to %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR,
+ "failure while writing changes to %s",
+ sgr_dbname ()));
+ fail_exit (E_GRP_UPDATE);
+ }
+ }
+#endif
+#ifdef SHADOWGRP
+ if (is_shadow_grp) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR,
+ "failed to unlock %s",
+ sgr_dbname ()));
+ /* continue */
+ }
+ }
+#endif
+ if (gr_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR,
+ "failed to unlock %s",
+ gr_dbname ()));
+ /* continue */
+ }
+ }
+
+ if (is_shadow_pwd) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR,
+ "failed to unlock %s",
+ spw_dbname ()));
+ /* continue */
+ }
+ }
+ if (pw_unlock () == 0) {
+ fprintf (stderr,
+ _("%s: failed to unlock %s\n"),
+ Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+
+ pw_locked = false;
+ spw_locked = false;
+ gr_locked = false;
+#ifdef SHADOWGRP
+ sgr_locked = false;
+#endif
+
+#ifdef ENABLE_SUBIDS
+ if (vflg || Vflg) {
+ if (sub_uid_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ()));
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ if (sub_uid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+ /* continue */
+ }
+ sub_uid_locked = false;
+ }
+ if (wflg || Wflg) {
+ if (sub_gid_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ()));
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+ if (sub_gid_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+ /* continue */
+ }
+ sub_gid_locked = false;
+ }
+#endif /* ENABLE_SUBIDS */
+
+ /*
+ * Close the DBM and/or flat files
+ */
+ endpwent ();
+ endspent ();
+ endgrent ();
+#ifdef SHADOWGRP
+ endsgent ();
+#endif
+}
+
+/*
+ * open_files - lock and open the password files
+ *
+ * open_files() opens the two password files.
+ */
+static void open_files (void)
+{
+ if (pw_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, pw_dbname ());
+ fail_exit (E_PW_UPDATE);
+ }
+ pw_locked = true;
+ if (pw_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, pw_dbname ());
+ fail_exit (E_PW_UPDATE);
+ }
+ if (is_shadow_pwd && (spw_lock () == 0)) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, spw_dbname ());
+ fail_exit (E_PW_UPDATE);
+ }
+ spw_locked = true;
+ if (is_shadow_pwd && (spw_open (O_CREAT | O_RDWR) == 0)) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, spw_dbname ());
+ fail_exit (E_PW_UPDATE);
+ }
+
+ if (Gflg || lflg) {
+ /*
+ * Lock and open the group file. This will load all of the
+ * group entries.
+ */
+ if (gr_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+ gr_locked = true;
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, gr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+#ifdef SHADOWGRP
+ if (is_shadow_grp && (sgr_lock () == 0)) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+ sgr_locked = true;
+ if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sgr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+#endif
+ }
+#ifdef ENABLE_SUBIDS
+ if (vflg || Vflg) {
+ if (sub_uid_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sub_uid_dbname ());
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ sub_uid_locked = true;
+ if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sub_uid_dbname ());
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ }
+ if (wflg || Wflg) {
+ if (sub_gid_lock () == 0) {
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, sub_gid_dbname ());
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+ sub_gid_locked = true;
+ if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
+ fprintf (stderr,
+ _("%s: cannot open %s\n"),
+ Prog, sub_gid_dbname ());
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+ }
+#endif /* ENABLE_SUBIDS */
+}
+
+/*
+ * usr_update - create the user entries
+ *
+ * usr_update() creates the password file entries for this user and
+ * will update the group entries if required.
+ */
+static void usr_update (void)
+{
+ struct passwd pwent;
+ const struct passwd *pwd;
+
+ struct spwd spent;
+ const struct spwd *spwd = NULL;
+
+ /*
+ * Locate the entry in /etc/passwd, which MUST exist.
+ */
+ pwd = pw_locate (user_name);
+ if (NULL == pwd) {
+ fprintf (stderr,
+ _("%s: user '%s' does not exist in %s\n"),
+ Prog, user_name, pw_dbname ());
+ fail_exit (E_NOTFOUND);
+ }
+ pwent = *pwd;
+ new_pwent (&pwent);
+
+
+ /* If the shadow file does not exist, it won't be created */
+ if (is_shadow_pwd) {
+ spwd = spw_locate (user_name);
+ if (NULL != spwd) {
+ /* Update the shadow entry if it exists */
+ spent = *spwd;
+ new_spent (&spent);
+ } else if ( ( pflg
+ && (strcmp (pwent.pw_passwd, SHADOW_PASSWD_STRING) == 0))
+ || eflg || fflg) {
+ /* In some cases, we force the creation of a
+ * shadow entry:
+ * + new password requested and passwd indicates
+ * a shadowed password
+ * + aging information is requested
+ */
+ memset (&spent, 0, sizeof spent);
+ spent.sp_namp = user_name;
+
+ /* The user explicitly asked for a shadow feature.
+ * Enable shadowed passwords for this new account.
+ */
+ spent.sp_pwdp = xstrdup (pwent.pw_passwd);
+ pwent.pw_passwd = xstrdup (SHADOW_PASSWD_STRING);
+
+ spent.sp_lstchg = (long) gettime () / SCALE;
+ if (0 == spent.sp_lstchg) {
+ /* Better disable aging than
+ * requiring a password change */
+ spent.sp_lstchg = -1;
+ }
+ spent.sp_min = getdef_num ("PASS_MIN_DAYS", -1);
+ spent.sp_max = getdef_num ("PASS_MAX_DAYS", -1);
+ spent.sp_warn = getdef_num ("PASS_WARN_AGE", -1);
+ spent.sp_inact = -1;
+ spent.sp_expire = -1;
+ spent.sp_flag = SHADOW_SP_FLAG_UNSET;
+ new_spent (&spent);
+ spwd = &spent; /* entry needs to be committed */
+ }
+ }
+
+ if (lflg || uflg || gflg || cflg || dflg || sflg || pflg
+ || Lflg || Uflg) {
+ if (pw_update (&pwent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, pw_dbname (), pwent.pw_name);
+ fail_exit (E_PW_UPDATE);
+ }
+ if (lflg && (pw_remove (user_name) == 0)) {
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, user_name, pw_dbname ());
+ fail_exit (E_PW_UPDATE);
+ }
+ }
+ if ((NULL != spwd) && (lflg || eflg || fflg || pflg || Lflg || Uflg)) {
+ if (spw_update (&spent) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, spw_dbname (), spent.sp_namp);
+ fail_exit (E_PW_UPDATE);
+ }
+ if (lflg && (spw_remove (user_name) == 0)) {
+ fprintf (stderr,
+ _("%s: cannot remove entry '%s' from %s\n"),
+ Prog, user_name, spw_dbname ());
+ fail_exit (E_PW_UPDATE);
+ }
+ }
+}
+
+/*
+ * move_home - move the user's home directory
+ *
+ * move_home() moves the user's home directory to a new location. The
+ * files will be copied if the directory cannot simply be renamed.
+ */
+static void move_home (void)
+{
+ struct stat sb;
+
+ if (access (user_newhome, F_OK) == 0) {
+ /*
+ * If the new home directory already exist, the user
+ * should not use -m.
+ */
+ fprintf (stderr,
+ _("%s: directory %s exists\n"),
+ Prog, user_newhome);
+ fail_exit (E_HOMEDIR);
+ }
+
+ if (stat (user_home, &sb) == 0) {
+ /*
+ * Don't try to move it if it is not a directory
+ * (but /dev/null for example). --marekm
+ */
+ if (!S_ISDIR (sb.st_mode)) {
+ fprintf (stderr,
+ _("%s: The previous home directory (%s) was "
+ "not a directory. It is not removed and no "
+ "home directories are created.\n"),
+ Prog, user_home);
+ fail_exit (E_HOMEDIR);
+ }
+
+#ifdef WITH_AUDIT
+ if (uflg || gflg) {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing home directory owner",
+ user_newname, (unsigned int) user_newid, 1);
+ }
+#endif
+
+ if (rename (user_home, user_newhome) == 0) {
+ /* FIXME: rename above may have broken symlinks
+ * pointing to the user's home directory
+ * with an absolute path. */
+ if (chown_tree (user_newhome,
+ user_id, uflg ? user_newid : (uid_t)-1,
+ user_gid, gflg ? user_newgid : (gid_t)-1) != 0) {
+ fprintf (stderr,
+ _("%s: Failed to change ownership of the home directory"),
+ Prog);
+ fail_exit (E_HOMEDIR);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "moving home directory",
+ user_newname, (unsigned int) user_newid,
+ 1);
+#endif
+ return;
+ } else {
+ if (EXDEV == errno) {
+ if (copy_tree (user_home, user_newhome, true,
+ true,
+ user_id,
+ uflg ? user_newid : (uid_t)-1,
+ user_gid,
+ gflg ? user_newgid : (gid_t)-1) == 0) {
+ if (remove_tree (user_home, true) != 0) {
+ fprintf (stderr,
+ _("%s: warning: failed to completely remove old home directory %s"),
+ Prog, user_home);
+ }
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK,
+ Prog,
+ "moving home directory",
+ user_newname,
+ (unsigned int) user_newid,
+ 1);
+#endif
+ return;
+ }
+
+ (void) remove_tree (user_newhome, true);
+ }
+ fprintf (stderr,
+ _("%s: cannot rename directory %s to %s\n"),
+ Prog, user_home, user_newhome);
+ fail_exit (E_HOMEDIR);
+ }
+ }
+}
+
+/*
+ * update_lastlog - update the lastlog file
+ *
+ * Relocate the "lastlog" entries for the user. The old entry is
+ * left alone in case the UID was shared. It doesn't hurt anything
+ * to just leave it be.
+ */
+static void update_lastlog (void)
+{
+ struct lastlog ll;
+ int fd;
+ off_t off_uid = (off_t) user_id * sizeof ll;
+ off_t off_newuid = (off_t) user_newid * sizeof ll;
+
+ if (access (LASTLOG_FILE, F_OK) != 0) {
+ return;
+ }
+
+ fd = open (LASTLOG_FILE, O_RDWR);
+
+ if (-1 == fd) {
+ fprintf (stderr,
+ _("%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"),
+ Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+ return;
+ }
+
+ if ( (lseek (fd, off_uid, SEEK_SET) == off_uid)
+ && (read (fd, &ll, sizeof ll) == (ssize_t) sizeof ll)) {
+ /* Copy the old entry to its new location */
+ if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
+ || (write (fd, &ll, sizeof ll) != (ssize_t) sizeof ll)
+ || (fsync (fd) != 0)
+ || (close (fd) != 0)) {
+ fprintf (stderr,
+ _("%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"),
+ Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+ }
+ } else {
+ /* Assume lseek or read failed because there is
+ * no entry for the old UID */
+
+ /* Check if the new UID already has an entry */
+ if ( (lseek (fd, off_newuid, SEEK_SET) == off_newuid)
+ && (read (fd, &ll, sizeof ll) == (ssize_t) sizeof ll)) {
+ /* Reset the new uid's lastlog entry */
+ memzero (&ll, sizeof (ll));
+ if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
+ || (write (fd, &ll, sizeof ll) != (ssize_t) sizeof ll)
+ || (fsync (fd) != 0)
+ || (close (fd) != 0)) {
+ fprintf (stderr,
+ _("%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"),
+ Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+ }
+ } else {
+ (void) close (fd);
+ }
+ }
+}
+
+/*
+ * update_faillog - update the faillog file
+ *
+ * Relocate the "faillog" entries for the user. The old entry is
+ * left alone in case the UID was shared. It doesn't hurt anything
+ * to just leave it be.
+ */
+static void update_faillog (void)
+{
+ struct faillog fl;
+ int fd;
+ off_t off_uid = (off_t) user_id * sizeof fl;
+ off_t off_newuid = (off_t) user_newid * sizeof fl;
+
+ if (access (FAILLOG_FILE, F_OK) != 0) {
+ return;
+ }
+
+ fd = open (FAILLOG_FILE, O_RDWR);
+
+ if (-1 == fd) {
+ fprintf (stderr,
+ _("%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"),
+ Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+ return;
+ }
+
+ if ( (lseek (fd, off_uid, SEEK_SET) == off_uid)
+ && (read (fd, (char *) &fl, sizeof fl) == (ssize_t) sizeof fl)) {
+ /* Copy the old entry to its new location */
+ if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
+ || (write (fd, &fl, sizeof fl) != (ssize_t) sizeof fl)
+ || (fsync (fd) != 0)
+ || (close (fd) != 0)) {
+ fprintf (stderr,
+ _("%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"),
+ Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+ }
+ } else {
+ /* Assume lseek or read failed because there is
+ * no entry for the old UID */
+
+ /* Check if the new UID already has an entry */
+ if ( (lseek (fd, off_newuid, SEEK_SET) == off_newuid)
+ && (read (fd, &fl, sizeof fl) == (ssize_t) sizeof fl)) {
+ /* Reset the new uid's faillog entry */
+ memzero (&fl, sizeof (fl));
+ if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
+ || (write (fd, &fl, sizeof fl) != (ssize_t) sizeof fl)
+ || (close (fd) != 0)) {
+ fprintf (stderr,
+ _("%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"),
+ Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+ }
+ } else {
+ (void) close (fd);
+ }
+ }
+}
+
+#ifndef NO_MOVE_MAILBOX
+/*
+ * This is the new and improved code to carefully chown/rename the user's
+ * mailbox. Maybe I am too paranoid but the mail spool dir sometimes
+ * happens to be mode 1777 (this makes mail user agents work without
+ * being setgid mail, but is NOT recommended; they all should be fixed
+ * to use movemail). --marekm
+ */
+static void move_mailbox (void)
+{
+ const char *maildir;
+ char mailfile[1024], newmailfile[1024];
+ int fd;
+ struct stat st;
+
+ maildir = getdef_str ("MAIL_DIR");
+#ifdef MAIL_SPOOL_DIR
+ if ((NULL == maildir) && (getdef_str ("MAIL_FILE") == NULL)) {
+ maildir = MAIL_SPOOL_DIR;
+ }
+#endif
+ if (NULL == maildir) {
+ return;
+ }
+
+ /*
+ * O_NONBLOCK is to make sure open won't hang on mandatory locks.
+ * We do fstat/fchown to make sure there are no races (someone
+ * replacing /var/spool/mail/luser with a hard link to /etc/passwd
+ * between stat and chown). --marekm
+ */
+ (void) snprintf (mailfile, sizeof mailfile, "%s/%s",
+ maildir, user_name);
+ mailfile[(sizeof mailfile) - 1] = '\0';
+ fd = open (mailfile, O_RDONLY | O_NONBLOCK, 0);
+ if (fd < 0) {
+ /* no need for warnings if the mailbox doesn't exist */
+ if (errno != ENOENT) {
+ perror (mailfile);
+ }
+ return;
+ }
+ if (fstat (fd, &st) < 0) {
+ perror ("fstat");
+ (void) close (fd);
+ return;
+ }
+ if (st.st_uid != user_id) {
+ /* better leave it alone */
+ fprintf (stderr, _("%s: warning: %s not owned by %s\n"),
+ Prog, mailfile, user_name);
+ (void) close (fd);
+ return;
+ }
+ if (uflg) {
+ if (fchown (fd, user_newid, (gid_t) -1) < 0) {
+ perror (_("failed to change mailbox owner"));
+ }
+#ifdef WITH_AUDIT
+ else {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing mail file owner",
+ user_newname, (unsigned int) user_newid, 1);
+ }
+#endif
+ }
+
+ (void) close (fd);
+
+ if (lflg) {
+ (void) snprintf (newmailfile, sizeof newmailfile, "%s/%s",
+ maildir, user_newname);
+ newmailfile[(sizeof newmailfile) - 1] = '\0';
+ if ( (link (mailfile, newmailfile) != 0)
+ || (unlink (mailfile) != 0)) {
+ perror (_("failed to rename mailbox"));
+ }
+#ifdef WITH_AUDIT
+ else {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing mail file name",
+ user_newname, (unsigned int) user_newid, 1);
+ }
+#endif
+ }
+}
+#endif
+
+/*
+ * main - usermod command
+ */
+int main (int argc, char **argv)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+ int retval;
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+
+ /*
+ * Get my name so that I can use it to report errors.
+ */
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ OPENLOG ("usermod");
+#ifdef WITH_AUDIT
+ audit_help_open ();
+#endif
+
+ sys_ngroups = sysconf (_SC_NGROUPS_MAX);
+ user_groups = (char **) malloc (sizeof (char *) * (1 + sys_ngroups));
+ user_groups[0] = (char *) 0;
+
+ is_shadow_pwd = spw_file_present ();
+#ifdef SHADOWGRP
+ is_shadow_grp = sgr_file_present ();
+#endif
+#ifdef ENABLE_SUBIDS
+ is_sub_uid = sub_uid_file_present ();
+ is_sub_gid = sub_gid_file_present ();
+#endif /* ENABLE_SUBIDS */
+
+ process_flags (argc, argv);
+
+ /*
+ * The home directory, the username and the user's UID should not
+ * be changed while the user is logged in.
+ */
+ if ( (uflg || lflg || dflg
+#ifdef ENABLE_SUBIDS
+ || Vflg || Wflg
+#endif /* ENABLE_SUBIDS */
+ )
+ && (user_busy (user_name, user_id) != 0)) {
+ exit (E_USER_BUSY);
+ }
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ exit (1);
+ }
+
+ retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_authenticate (pamh, 0);
+ }
+
+ if (PAM_SUCCESS == retval) {
+ retval = pam_acct_mgmt (pamh, 0);
+ }
+
+ if (PAM_SUCCESS != retval) {
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ exit (1);
+ }
+ (void) pam_end (pamh, retval);
+#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
+
+#ifdef WITH_TCB
+ if (shadowtcb_set_user (user_name) == SHADOWTCB_FAILURE) {
+ exit (E_PW_UPDATE);
+ }
+#endif
+
+ /*
+ * Do the hard stuff - open the files, change the user entries,
+ * change the home directory, then close and update the files.
+ */
+ open_files ();
+ if ( cflg || dflg || eflg || fflg || gflg || Lflg || lflg || pflg
+ || sflg || uflg || Uflg) {
+ usr_update ();
+ }
+ if (Gflg || lflg) {
+ grp_update ();
+ }
+#ifdef ENABLE_SUBIDS
+ if (Vflg) {
+ struct ulong_range_list_entry *ptr;
+ for (ptr = del_sub_uids; ptr != NULL; ptr = ptr->next) {
+ unsigned long count = ptr->range.last - ptr->range.first + 1;
+ if (sub_uid_remove(user_name, ptr->range.first, count) == 0) {
+ fprintf (stderr,
+ _("%s: failed to remove uid range %lu-%lu from '%s'\n"),
+ Prog, ptr->range.first, ptr->range.last,
+ sub_uid_dbname ());
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ }
+ }
+ if (vflg) {
+ struct ulong_range_list_entry *ptr;
+ for (ptr = add_sub_uids; ptr != NULL; ptr = ptr->next) {
+ unsigned long count = ptr->range.last - ptr->range.first + 1;
+ if (sub_uid_add(user_name, ptr->range.first, count) == 0) {
+ fprintf (stderr,
+ _("%s: failed to add uid range %lu-%lu to '%s'\n"),
+ Prog, ptr->range.first, ptr->range.last,
+ sub_uid_dbname ());
+ fail_exit (E_SUB_UID_UPDATE);
+ }
+ }
+ }
+ if (Wflg) {
+ struct ulong_range_list_entry *ptr;
+ for (ptr = del_sub_gids; ptr != NULL; ptr = ptr->next) {
+ unsigned long count = ptr->range.last - ptr->range.first + 1;
+ if (sub_gid_remove(user_name, ptr->range.first, count) == 0) {
+ fprintf (stderr,
+ _("%s: failed to remove gid range %lu-%lu from '%s'\n"),
+ Prog, ptr->range.first, ptr->range.last,
+ sub_gid_dbname ());
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+ }
+ }
+ if (wflg) {
+ struct ulong_range_list_entry *ptr;
+ for (ptr = add_sub_gids; ptr != NULL; ptr = ptr->next) {
+ unsigned long count = ptr->range.last - ptr->range.first + 1;
+ if (sub_gid_add(user_name, ptr->range.first, count) == 0) {
+ fprintf (stderr,
+ _("%s: failed to add gid range %lu-%lu to '%s'\n"),
+ Prog, ptr->range.first, ptr->range.last,
+ sub_gid_dbname ());
+ fail_exit (E_SUB_GID_UPDATE);
+ }
+ }
+ }
+#endif /* ENABLE_SUBIDS */
+ close_files ();
+
+#ifdef WITH_TCB
+ if ( (lflg || uflg)
+ && (shadowtcb_move (user_newname, user_newid) == SHADOWTCB_FAILURE) ) {
+ exit (E_PW_UPDATE);
+ }
+#endif
+
+ nscd_flush_cache ("passwd");
+ nscd_flush_cache ("group");
+
+#ifdef WITH_SELINUX
+ if (Zflg) {
+ if ('\0' != *user_selinux) {
+ if (set_seuser (user_name, user_selinux) != 0) {
+ fprintf (stderr,
+ _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
+ Prog, user_name, user_selinux);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "modifying User mapping ",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_SE_UPDATE);
+ }
+ } else {
+ if (del_seuser (user_name) != 0) {
+ fprintf (stderr,
+ _("%s: warning: the user name %s to SELinux user mapping removal failed.\n"),
+ Prog, user_name);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "removing SELinux user mapping",
+ user_name, (unsigned int) user_id,
+ SHADOW_AUDIT_FAILURE);
+#endif /* WITH_AUDIT */
+ fail_exit (E_SE_UPDATE);
+ }
+ }
+ }
+#endif /* WITH_SELINUX */
+
+ if (mflg) {
+ move_home ();
+ }
+
+#ifndef NO_MOVE_MAILBOX
+ if (lflg || uflg) {
+ move_mailbox ();
+ }
+#endif /* NO_MOVE_MAILBOX */
+
+ if (uflg) {
+ update_lastlog ();
+ update_faillog ();
+ }
+
+ if (!mflg && (uflg || gflg)) {
+ if (access (dflg ? user_newhome : user_home, F_OK) == 0) {
+ /*
+ * Change the UID on all of the files owned by
+ * `user_id' to `user_newid' in the user's home
+ * directory.
+ *
+ * move_home() already takes care of changing the
+ * ownership.
+ *
+ */
+#ifdef WITH_AUDIT
+ if (uflg || gflg) {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing home directory owner",
+ user_newname, (unsigned int) user_newid, 1);
+ }
+#endif
+ if (chown_tree (dflg ? user_newhome : user_home,
+ user_id,
+ uflg ? user_newid : (uid_t)-1,
+ user_gid,
+ gflg ? user_newgid : (gid_t)-1) != 0) {
+ fprintf (stderr,
+ _("%s: Failed to change ownership of the home directory"),
+ Prog);
+ fail_exit (E_HOMEDIR);
+ }
+ }
+ }
+
+ return E_SUCCESS;
+}
+
diff --git a/src/vipw.c b/src/vipw.c
new file mode 100644
index 0000000..6d730f6
--- /dev/null
+++ b/src/vipw.c
@@ -0,0 +1,562 @@
+/*
+ vipw, vigr edit the password or group file
+ with -s will edit shadow or gshadow file
+
+ Copyright (c) 1997 , Guy Maor <maor@ece.utexas.edu>
+ Copyright (c) 1999 - 2000, Marek Michałkiewicz
+ Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ Copyright (c) 2007 - 2013, Nicolas François
+ All rights reserved.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA. */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <getopt.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#endif /* WITH_SELINUX */
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <utime.h>
+#include "defines.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwio.h"
+#include "sgroupio.h"
+#include "shadowio.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+#ifdef WITH_TCB
+#include <tcb.h>
+#include "tcbfuncs.h"
+#endif /* WITH_TCB */
+
+#define MSG_WARN_EDIT_OTHER_FILE _( \
+ "You have modified %s.\n"\
+ "You may need to modify %s for consistency.\n"\
+ "Please use the command '%s' to do so.\n")
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static const char *filename, *fileeditname;
+static bool filelocked = false;
+static bool createedit = false;
+static int (*unlock) (void);
+static bool quiet = false;
+#ifdef WITH_TCB
+static const char *user = NULL;
+static bool tcb_mode = false;
+#define SHADOWTCB_SCRATCHDIR ":tmp"
+#endif /* WITH_TCB */
+
+/* local function prototypes */
+static void usage (int status);
+static int create_backup_file (FILE *, const char *, struct stat *);
+static void vipwexit (const char *msg, int syserr, int ret);
+static void vipwedit (const char *, int (*)(void), int (*)(void));
+
+/*
+ * usage - display usage message and exit
+ */
+static void usage (int status)
+{
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (stderr,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fputs (_(" -g, --group edit group database\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -p, --passwd edit passwd database\n"), usageout);
+ (void) fputs (_(" -q, --quiet quiet mode\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -s, --shadow edit shadow or gshadow database\n"), usageout);
+#ifdef WITH_TCB
+ (void) fputs (_(" -u, --user which user's tcb shadow file to edit\n"), usageout);
+#endif /* WITH_TCB */
+ (void) fputs (_("\n"), usageout);
+ exit (status);
+}
+
+/*
+ *
+ */
+static int create_backup_file (FILE * fp, const char *backup, struct stat *sb)
+{
+ struct utimbuf ub;
+ FILE *bkfp;
+ int c;
+ mode_t mask;
+
+ mask = umask (077);
+ bkfp = fopen (backup, "w");
+ (void) umask (mask);
+ if (NULL == bkfp) {
+ return -1;
+ }
+
+ c = 0;
+ if (fseeko (fp, 0, SEEK_SET) == 0)
+ while ((c = getc (fp)) != EOF) {
+ if (putc (c, bkfp) == EOF) {
+ break;
+ }
+ }
+ if ((EOF != c) || (ferror (fp) != 0) || (fflush (bkfp) != 0)) {
+ fclose (bkfp);
+ unlink (backup);
+ return -1;
+ }
+ if (fsync (fileno (bkfp)) != 0) {
+ (void) fclose (bkfp);
+ unlink (backup);
+ return -1;
+ }
+ if (fclose (bkfp) != 0) {
+ unlink (backup);
+ return -1;
+ }
+
+ ub.actime = sb->st_atime;
+ ub.modtime = sb->st_mtime;
+ if ( (utime (backup, &ub) != 0)
+ || (chmod (backup, sb->st_mode) != 0)
+ || (chown (backup, sb->st_uid, sb->st_gid) != 0)) {
+ unlink (backup);
+ return -1;
+ }
+ return 0;
+}
+
+/*
+ *
+ */
+static void vipwexit (const char *msg, int syserr, int ret)
+{
+ int err = errno;
+
+ if (createedit) {
+ if (unlink (fileeditname) != 0) {
+ fprintf (stderr, _("%s: failed to remove %s\n"), Prog, fileeditname);
+ /* continue */
+ }
+ }
+ if (filelocked) {
+ if ((*unlock) () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, fileeditname);
+ SYSLOG ((LOG_ERR, "failed to unlock %s", fileeditname));
+ /* continue */
+ }
+ }
+ if (NULL != msg) {
+ fprintf (stderr, "%s: %s", Prog, msg);
+ }
+ if (0 != syserr) {
+ fprintf (stderr, ": %s", strerror (err));
+ }
+ if ( (NULL != msg)
+ || (0 != syserr)) {
+ (void) fputs ("\n", stderr);
+ }
+ if (!quiet) {
+ fprintf (stdout, _("%s: %s is unchanged\n"), Prog,
+ filename);
+ }
+ exit (ret);
+}
+
+#ifndef DEFAULT_EDITOR
+#define DEFAULT_EDITOR "vi"
+#endif
+
+/*
+ *
+ */
+static void
+vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void))
+{
+ const char *editor;
+ pid_t pid;
+ struct stat st1, st2;
+ int status;
+ FILE *f;
+ /* FIXME: the following should have variable sizes */
+ char filebackup[1024], fileedit[1024];
+ char *to_rename;
+
+ snprintf (filebackup, sizeof filebackup, "%s-", file);
+#ifdef WITH_TCB
+ if (tcb_mode) {
+ if ( (mkdir (TCB_DIR "/" SHADOWTCB_SCRATCHDIR, 0700) != 0)
+ && (errno != EEXIST)) {
+ vipwexit (_("failed to create scratch directory"), errno, 1);
+ }
+ if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
+ vipwexit (_("failed to drop privileges"), errno, 1);
+ }
+ snprintf (fileedit, sizeof fileedit,
+ TCB_DIR "/" SHADOWTCB_SCRATCHDIR "/.vipw.shadow.%s",
+ user);
+ } else {
+#endif /* WITH_TCB */
+ snprintf (fileedit, sizeof fileedit, "%s.edit", file);
+#ifdef WITH_TCB
+ }
+#endif /* WITH_TCB */
+ unlock = file_unlock;
+ filename = file;
+ fileeditname = fileedit;
+
+ if (access (file, F_OK) != 0) {
+ vipwexit (file, 1, 1);
+ }
+#ifdef WITH_SELINUX
+ /* if SE Linux is enabled then set the context of all new files
+ to be the context of the file we are editing */
+ if (is_selinux_enabled () != 0) {
+ security_context_t passwd_context=NULL;
+ int ret = 0;
+ if (getfilecon (file, &passwd_context) < 0) {
+ vipwexit (_("Couldn't get file context"), errno, 1);
+ }
+ ret = setfscreatecon (passwd_context);
+ freecon (passwd_context);
+ if (0 != ret) {
+ vipwexit (_("setfscreatecon () failed"), errno, 1);
+ }
+ }
+#endif /* WITH_SELINUX */
+#ifdef WITH_TCB
+ if (tcb_mode && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) {
+ vipwexit (_("failed to gain privileges"), errno, 1);
+ }
+#endif /* WITH_TCB */
+ if (file_lock () == 0) {
+ vipwexit (_("Couldn't lock file"), errno, 5);
+ }
+ filelocked = true;
+#ifdef WITH_TCB
+ if (tcb_mode && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) {
+ vipwexit (_("failed to drop privileges"), errno, 1);
+ }
+#endif /* WITH_TCB */
+
+ /* edited copy has same owners, perm */
+ if (stat (file, &st1) != 0) {
+ vipwexit (file, 1, 1);
+ }
+ f = fopen (file, "r");
+ if (NULL == f) {
+ vipwexit (file, 1, 1);
+ }
+#ifdef WITH_TCB
+ if (tcb_mode && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE))
+ vipwexit (_("failed to gain privileges"), errno, 1);
+#endif /* WITH_TCB */
+ if (create_backup_file (f, fileedit, &st1) != 0) {
+ vipwexit (_("Couldn't make backup"), errno, 1);
+ }
+ (void) fclose (f);
+ createedit = true;
+
+ editor = getenv ("VISUAL");
+ if (NULL == editor) {
+ editor = getenv ("EDITOR");
+ }
+ if (NULL == editor) {
+ editor = DEFAULT_EDITOR;
+ }
+
+ pid = fork ();
+ if (-1 == pid) {
+ vipwexit ("fork", 1, 1);
+ } else if (0 == pid) {
+ /* use the system() call to invoke the editor so that it accepts
+ command line args in the EDITOR and VISUAL environment vars */
+ char *buf;
+ int status;
+
+ buf = (char *) malloc (strlen (editor) + strlen (fileedit) + 2);
+ snprintf (buf, strlen (editor) + strlen (fileedit) + 2,
+ "%s %s", editor, fileedit);
+ status = system (buf);
+ if (-1 == status) {
+ fprintf (stderr, _("%s: %s: %s\n"), Prog, editor,
+ strerror (errno));
+ exit (1);
+ } else if ( WIFEXITED (status)
+ && (WEXITSTATUS (status) != 0)) {
+ fprintf (stderr, _("%s: %s returned with status %d\n"),
+ Prog, editor, WEXITSTATUS (status));
+ exit (WEXITSTATUS (status));
+ } else if (WIFSIGNALED (status)) {
+ fprintf (stderr, _("%s: %s killed by signal %d\n"),
+ Prog, editor, WTERMSIG (status));
+ exit (1);
+ } else {
+ exit (0);
+ }
+ }
+
+ for (;;) {
+ pid = waitpid (pid, &status, WUNTRACED);
+ if ((pid != -1) && (WIFSTOPPED (status) != 0)) {
+ /* The child (editor) was suspended.
+ * Suspend vipw. */
+ kill (getpid (), SIGSTOP);
+ /* wake child when resumed */
+ kill (pid, SIGCONT);
+ } else {
+ break;
+ }
+ }
+
+ if (-1 == pid) {
+ vipwexit (editor, 1, 1);
+ } else if ( WIFEXITED (status)
+ && (WEXITSTATUS (status) != 0)) {
+ vipwexit (NULL, 0, WEXITSTATUS (status));
+ } else if (WIFSIGNALED (status)) {
+ fprintf (stderr, _("%s: %s killed by signal %d\n"),
+ Prog, editor, WTERMSIG(status));
+ vipwexit (NULL, 0, 1);
+ }
+
+ if (stat (fileedit, &st2) != 0) {
+ vipwexit (fileedit, 1, 1);
+ }
+ if (st1.st_mtime == st2.st_mtime) {
+ vipwexit (0, 0, 0);
+ }
+#ifdef WITH_SELINUX
+ /* unset the fscreatecon */
+ if (is_selinux_enabled () != 0) {
+ if (setfscreatecon (NULL) != 0) {
+ vipwexit (_("setfscreatecon () failed"), errno, 1);
+ }
+ }
+#endif /* WITH_SELINUX */
+
+ /*
+ * XXX - here we should check fileedit for errors; if there are any,
+ * ask the user what to do (edit again, save changes anyway, or quit
+ * without saving). Use pwck or grpck to do the check. --marekm
+ */
+ createedit = false;
+#ifdef WITH_TCB
+ if (tcb_mode) {
+ f = fopen (fileedit, "r");
+ if (NULL == f) {
+ vipwexit (_("failed to open scratch file"), errno, 1);
+ }
+ if (unlink (fileedit) != 0) {
+ vipwexit (_("failed to unlink scratch file"), errno, 1);
+ }
+ if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
+ vipwexit (_("failed to drop privileges"), errno, 1);
+ }
+ if (stat (file, &st1) != 0) {
+ vipwexit (_("failed to stat edited file"), errno, 1);
+ }
+ to_rename = malloc (strlen (file) + 2);
+ if (NULL == to_rename) {
+ vipwexit (_("failed to allocate memory"), errno, 1);
+ }
+ snprintf (to_rename, strlen (file) + 2, "%s+", file);
+ if (create_backup_file (f, to_rename, &st1) != 0) {
+ free (to_rename);
+ vipwexit (_("failed to create backup file"), errno, 1);
+ }
+ (void) fclose (f);
+ } else {
+#endif /* WITH_TCB */
+ to_rename = fileedit;
+#ifdef WITH_TCB
+ }
+#endif /* WITH_TCB */
+ unlink (filebackup);
+ link (file, filebackup);
+ if (rename (to_rename, file) == -1) {
+ fprintf (stderr,
+ _("%s: can't restore %s: %s (your changes are in %s)\n"),
+ Prog, file, strerror (errno), to_rename);
+#ifdef WITH_TCB
+ if (tcb_mode) {
+ free (to_rename);
+ }
+#endif /* WITH_TCB */
+ vipwexit (0, 0, 1);
+ }
+
+#ifdef WITH_TCB
+ if (tcb_mode) {
+ free (to_rename);
+ if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) {
+ vipwexit (_("failed to gain privileges"), errno, 1);
+ }
+ }
+#endif /* WITH_TCB */
+
+ if ((*file_unlock) () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, fileeditname);
+ SYSLOG ((LOG_ERR, "failed to unlock %s", fileeditname));
+ /* continue */
+ }
+ SYSLOG ((LOG_INFO, "file %s edited", fileeditname));
+}
+
+int main (int argc, char **argv)
+{
+ bool editshadow = false;
+ bool do_vipw;
+
+ Prog = Basename (argv[0]);
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ process_root_flag ("-R", argc, argv);
+
+ do_vipw = (strcmp (Prog, "vigr") != 0);
+
+ OPENLOG (do_vipw ? "vipw" : "vigr");
+
+ {
+ /*
+ * Parse the command line options.
+ */
+ int c;
+ static struct option long_options[] = {
+ {"group", no_argument, NULL, 'g'},
+ {"help", no_argument, NULL, 'h'},
+ {"passwd", no_argument, NULL, 'p'},
+ {"quiet", no_argument, NULL, 'q'},
+ {"root", required_argument, NULL, 'R'},
+ {"shadow", no_argument, NULL, 's'},
+#ifdef WITH_TCB
+ {"user", required_argument, NULL, 'u'},
+#endif /* WITH_TCB */
+ {NULL, 0, NULL, '\0'}
+ };
+ while ((c = getopt_long (argc, argv,
+#ifdef WITH_TCB
+ "ghpqR:su:",
+#else /* !WITH_TCB */
+ "ghpqR:s",
+#endif /* !WITH_TCB */
+ long_options, NULL)) != -1) {
+ switch (c) {
+ case 'g':
+ do_vipw = false;
+ break;
+ case 'h':
+ usage (E_SUCCESS);
+ break;
+ case 'p':
+ do_vipw = true;
+ break;
+ case 'q':
+ quiet = true;
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ case 's':
+ editshadow = true;
+ break;
+#ifdef WITH_TCB
+ case 'u':
+ user = optarg;
+ break;
+#endif /* WITH_TCB */
+ default:
+ usage (E_USAGE);
+ }
+ }
+
+ if (optind != argc) {
+ usage (E_USAGE);
+ }
+ }
+
+ if (do_vipw) {
+ if (editshadow) {
+#ifdef WITH_TCB
+ if (getdef_bool ("USE_TCB") && (NULL != user)) {
+ if (shadowtcb_set_user (user) == SHADOWTCB_FAILURE) {
+ fprintf (stderr,
+ _("%s: failed to find tcb directory for %s\n"),
+ Prog, user);
+ return E_SHADOW_NOTFOUND;
+ }
+ tcb_mode = true;
+ }
+#endif /* WITH_TCB */
+ vipwedit (spw_dbname (), spw_lock, spw_unlock);
+ printf (MSG_WARN_EDIT_OTHER_FILE,
+ spw_dbname (),
+ pw_dbname (),
+ "vipw");
+ } else {
+ vipwedit (pw_dbname (), pw_lock, pw_unlock);
+ if (spw_file_present ()) {
+ printf (MSG_WARN_EDIT_OTHER_FILE,
+ pw_dbname (),
+ spw_dbname (),
+ "vipw -s");
+ }
+ }
+ } else {
+#ifdef SHADOWGRP
+ if (editshadow) {
+ vipwedit (sgr_dbname (), sgr_lock, sgr_unlock);
+ printf (MSG_WARN_EDIT_OTHER_FILE,
+ sgr_dbname (),
+ gr_dbname (),
+ "vigr");
+ } else {
+#endif /* SHADOWGRP */
+ vipwedit (gr_dbname (), gr_lock, gr_unlock);
+#ifdef SHADOWGRP
+ if (sgr_file_present ()) {
+ printf (MSG_WARN_EDIT_OTHER_FILE,
+ gr_dbname (),
+ sgr_dbname (),
+ "vigr -s");
+ }
+ }
+#endif /* SHADOWGRP */
+ }
+
+ nscd_flush_cache ("passwd");
+ nscd_flush_cache ("group");
+
+ return E_SUCCESS;
+}
+
diff --git a/tests/README b/tests/README
new file mode 100644
index 0000000..54844a5
--- /dev/null
+++ b/tests/README
@@ -0,0 +1,21 @@
+This testsuite is NOT SECURE: it will temporarily change your passwords file
+with known passwords.
+You should run it on a chroot, or on a secured dedicated system.
+
+
+
+To test a Debian system:
+ $ mkdir sid-chroot
+ $ sudo debootstrap sid sid-chroot/ http://ftp.fr.debian.org/debian/
+edit or copy a sources.list
+ $ sudo cp /etc/apt/sources.list sid-chroot/etc/apt/
+edit or copy a resolv.conf
+ $ sudo cp /etc/resolv.conf sid-chroot/etc/
+ $ su - root -c "chroot sid-chroot/ /bin/bash"
+ # mount -t proc proc /proc
+ # mount -t devpts devpts /dev/pts
+ # aptitude update
+ # aptitude install expect
+ # cd /dev ; mknod --mode=666 /dev/ptmx c 5 2
+
+
diff --git a/tests/bug332198-test.exp b/tests/bug332198-test.exp
new file mode 100755
index 0000000..fd365bb
--- /dev/null
+++ b/tests/bug332198-test.exp
@@ -0,0 +1,61 @@
+#!/usr/bin/expect -f
+
+# This is a script for repeatedly logging into the localhost
+# using `rlogin` in order to apparently see a symptoms described
+# in bug #332198.
+# As described in the bug log, sometimes `rlogind` will fail to
+# establish a connection, because it starts "login" process and
+# the latter fails with "unable to determine TTY name, got /dev/pts/1"
+# message.
+#
+# BUGS
+#
+# * the script rlogins to localhost
+# * the script doesn't handle passwdord prompt, because it's intended
+# to use .rhosts auth and expects shell prompt immediately after
+# `rlogin`
+# * the regexp for shell prompt is hardcoded
+
+log_user 0
+match_max 8192
+
+while {1} {
+ set rlogin_spawn [spawn rlogin localhost]
+ if { $rlogin_spawn == 0 } { exit 1 }
+ expect {
+ -timeout 10 -re "^.*(Last login\[^\r\n\]*).*\n(\[^\r\n\]*\[#$\] )$" {
+ send_error "$expect_out(1,string)\n"
+ send_error "$expect_out(2,string)\n"
+# send_error "$expect_out(0,string)\n"
+ }
+ timeout {
+ send_error "TIMEOUT/prompt\n"
+ send_error "$expect_out(buffer)\n"
+ send_error "RETRYING\n"
+ log_user 1
+ send "tty /\r"
+ expect -timeout 2 -re "^.*\r?\n(\[^\r\n\]*# )$" {}
+ send "tty /\r"
+ expect -timeout 2 -re "^.*\r?\n(\[^\r\n\]*# )$" {}
+ send_error "\n"
+ exit 2
+ }
+ }
+ send "tty\r"
+ expect {
+ -timeout 4 -re "tty\r?\n(\[^\r\n\]*)\r?\n(\[^\r\n\]*\[#$\] )$" {
+ send_error "$expect_out(2,string)$expect_out(1,string)\n"
+# send_error "$expect_out(0,string)\n"
+ }
+ timeout { send_error "TIMEOUT/tty\n" ; exit 3 }
+ }
+ send "exit\r"
+ expect {
+ -timeout 2 eof {
+# send_error "OK4: EOF\n"
+ }
+ timeout { send_error "TIMEOUT/eof\n" ; exit 4 }
+ }
+ wait
+}
+# vi: set sw=4:
diff --git a/tests/bug334803-test.exp b/tests/bug334803-test.exp
new file mode 100755
index 0000000..05c7a91
--- /dev/null
+++ b/tests/bug334803-test.exp
@@ -0,0 +1,83 @@
+#!/usr/bin/expect --
+
+# This is a script for switching to another user and then
+# suspending (`suspend -f`) and resuming (`fg`) his shell
+
+package require cmdline
+set opts {
+ {s.arg "sudo su -" "user switching method"}
+ {u.arg "" "username to switch to"}
+}
+set usage ": \[options]\noptions:"
+array set conf [::cmdline::getoptions argv $opts $usage]
+
+log_user 1
+match_max 8192
+expect_after {
+ timeout { send_error "TIMEOUT\n" ; exit 1 }
+ eof { send_error "EXITED\n" ; exit 2 }
+}
+set timeout 2
+
+# user switching command, by default `sudo su -`
+set swcmd $conf(s)
+# ending of typicall shell prompt (zsh/sh):
+set shpmt "(%|#|\\$) \\Z"
+catch {set shpmt $env(EXPECT_PROMPT)}
+# initial username:
+set user0 [exec id -un]
+# user we switch to (with $swcmd), by default initial user
+if {$conf(u) != ""} {set swuser $conf(u)} else {set swuser $user0}
+
+# 1. start shell
+spawn bash
+expect -re "$shpmt" {}
+
+# 2. sudo-ing swuser's shell:
+send "$swcmd $swuser\r"
+expect {
+ -re "$swuser.*$shpmt" {}
+ -re "assword: ?\\Z" {
+ stty -echo
+ expect_user -timeout -1 -re "(.*)\n" {set swpwd $expect_out(1,string)}
+ stty echo
+ send "$swpwd\r"
+ expect -re "$swuser.*$shpmt" {}
+ }
+}
+
+# 3. getting pid and ppid of swuser's shell (needed for 5b):
+send "echo \$\$:\$PPID\r"
+expect -re "(?n)^(\[\[:digit:\]\]*):(\[\[:digit:\]\]*)\r?\n(.*)$shpmt" {}
+set swpid $expect_out(1,string)
+set swppid $expect_out(2,string)
+
+#send_error "$user0:$swpid:$swppid\n"
+
+# 4. suspending swuser's shell (trying to return to parent shell):
+send "suspend -f\r"
+expect {
+ -re "$shpmt" {
+ # 5a. got to parent shell -- resuming swuser's shell by `fg`:
+ send "fg\r"
+ set hung no
+ }
+ timeout {
+ # 5b. `suspend -f` has hung -- resuming swuser's shell by SIGCONT:
+ send_error "kill $swppid\n"
+ send_error [exec kill -CONT $swppid]
+ set hung yes
+ }
+}
+expect -re "$shpmt" {}
+
+# 6. exiting [both] shells
+#set swstat [wait -nowait]
+#send_error [pid]:[exp_pid]:$swstat\n
+send "exit\rexit\r"
+expect eof {}
+#send_error [wait -nowait]\n
+#exec kill -KILL -[exp_pid]
+if {$hung} {send_error "BUGGY\n" ; exit 3 }
+
+# vi:set sw=4:
diff --git a/tests/chage/01/data/chage1 b/tests/chage/01/data/chage1
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/01/data/chage1
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/01/data/chage2 b/tests/chage/01/data/chage2
new file mode 100644
index 0000000..7efdc0c
--- /dev/null
+++ b/tests/chage/01/data/chage2
@@ -0,0 +1,7 @@
+Last password change : Jul 28, 2005
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 1
+Maximum number of days between password change : 99996
+Number of days of warning before password expires : 5
diff --git a/tests/chage/01/data/chage3 b/tests/chage/01/data/chage3
new file mode 100644
index 0000000..a263db9
--- /dev/null
+++ b/tests/chage/01/data/chage3
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : Jan 01, 1970
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/01/data/chage4 b/tests/chage/01/data/chage4
new file mode 100644
index 0000000..11e2f2d
--- /dev/null
+++ b/tests/chage/01/data/chage4
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : Jan 02, 1970
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/01/data/chage5 b/tests/chage/01/data/chage5
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/01/data/chage5
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/01/data/chage6 b/tests/chage/01/data/chage6
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/01/data/chage6
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/01/data/chage7 b/tests/chage/01/data/chage7
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/01/data/chage7
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/01/data/chage7b b/tests/chage/01/data/chage7b
new file mode 100644
index 0000000..0cea901
--- /dev/null
+++ b/tests/chage/01/data/chage7b
@@ -0,0 +1,7 @@
+Last password change : Jul 26, 2005
+Password expires : Aug 09, 2005
+Password inactive : Sep 13, 2005
+Account expires : Jul 27, 2012
+Minimum number of days between password change : 13
+Maximum number of days between password change : 14
+Number of days of warning before password expires : 9
diff --git a/tests/chage/01/data/chage8 b/tests/chage/01/data/chage8
new file mode 100644
index 0000000..25151a2
--- /dev/null
+++ b/tests/chage/01/data/chage8
@@ -0,0 +1 @@
+chage: user 'myuser8' does not exist in /etc/passwd
diff --git a/tests/chage/01/data/group b/tests/chage/01/data/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/01/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/01/data/gshadow b/tests/chage/01/data/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/01/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/01/data/passwd b/tests/chage/01/data/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/01/data/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/01/data/shadow b/tests/chage/01/data/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/01/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/01/data/usage b/tests/chage/01/data/usage
new file mode 100644
index 0000000..31df15c
--- /dev/null
+++ b/tests/chage/01/data/usage
@@ -0,0 +1,16 @@
+Usage: chage [options] LOGIN
+
+Options:
+ -d, --lastday LAST_DAY set date of last password change to LAST_DAY
+ -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -h, --help display this help message and exit
+ -I, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -l, --list show account aging information
+ -m, --mindays MIN_DAYS set minimum number of days before password
+ change to MIN_DAYS
+ -M, --maxdays MAX_DAYS set maximim number of days before password
+ change to MAX_DAYS
+ -R, --root CHROOT_DIR directory to chroot into
+ -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/01/run b/tests/chage/01/run
new file mode 100755
index 0000000..df64325
--- /dev/null
+++ b/tests/chage/01/run
@@ -0,0 +1,206 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test chage options
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save()
+{
+ [ ! -d tmp ] && mkdir tmp
+ for i in passwd group shadow gshadow
+ do
+ [ -f /etc/$i ] && cp /etc/$i tmp/$i
+ [ -f /etc/$i- ] && cp /etc/$i- tmp/$i-
+ done
+
+ true
+}
+
+restore()
+{
+ for i in passwd group shadow gshadow
+ do
+ [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i
+ [ -f tmp/$i- ] && cp tmp/$i- /etc/$i- && rm tmp/$i-
+ done
+ rm -f tmp/out
+ rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'if [ "$?" != "0" ]; then echo "FAIL"; fi; restore' 0
+
+for i in passwd group shadow gshadow
+do
+ cp data/$i /etc
+done
+
+echo -n "testing option -l"
+chage -l myuser1 > tmp/out
+diff -au data/chage1 tmp/out
+echo -n .
+chage -l myuser2 > tmp/out
+diff -au data/chage2 tmp/out
+echo -n .
+chage -l myuser3 > tmp/out
+diff -au data/chage3 tmp/out
+echo -n .
+chage -l myuser4 > tmp/out
+diff -au data/chage4 tmp/out
+echo -n .
+chage -l myuser5 > tmp/out
+diff -au data/chage5 tmp/out
+echo -n .
+chage -l myuser6 > tmp/out
+diff -au data/chage6 tmp/out
+echo -n .
+chage --list myuser7 > tmp/out
+diff -au data/chage7 tmp/out
+echo -n .
+msg=$(chage -l myuser8 2> tmp/out) || err=$?
+[ "$err" = "1" ] && [ "$msg" = "" ] || exit 1
+diff -au data/chage8 tmp/out
+echo .
+
+echo "testing option -d"
+chage -d 2001-10-02 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:11597:0:99999:7:1::' ] || exit 1
+echo "testing option -d -1"
+chage -d -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:99999:7:1::' ] || exit 1
+echo "testing option -d 0"
+chage -d 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:0:99999:7:1::' ] || exit 1
+echo "testing option --lastday"
+chage --lastday 2011-11-02 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1::' ] || exit 1
+
+echo "testing option -E"
+chage -E 2010-10-02 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1:14884:' ] || exit 1
+echo "testing option -E -1"
+chage -E -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1::' ] || exit 1
+echo "testing option -E 0"
+chage -E 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1:0:' ] || exit 1
+echo "testing option --expiredate"
+chage --expiredate 2020-02-02 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1:18294:' ] || exit 1
+
+echo "testing option -I"
+# NOTE: I could pass a date to -I
+chage -I 42 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:42:18294:' ] || exit 1
+echo "testing option -I -1"
+# NOTE: this behavior is not documented
+chage -I -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7::18294:' ] || exit 1
+echo "testing option -I 0"
+# NOTE: We should check that this is the expected behavior
+chage -I 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:0:18294:' ] || exit 1
+echo "testing option --inactive"
+chage --inactive 12 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:12:18294:' ] || exit 1
+
+echo "testing option -m"
+chage -m 24 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:24:99999:7:12:18294:' ] || exit 1
+echo "testing option -m -1"
+# NOTE: this behavior is not documented
+chage -m -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280::99999:7:12:18294:' ] || exit 1
+echo "testing option -m 0"
+chage -m 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:12:18294:' ] || exit 1
+echo "testing option --mindays"
+chage --min 1 myuser7
+# NOTE: that shouldn't have work
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:99999:7:12:18294:' ] || exit 1
+
+echo "testing option -M"
+chage -M 25 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:25:7:12:18294:' ] || exit 1
+echo "testing option -M -1"
+# NOTE: this behavior is not documented
+chage -M -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1::7:12:18294:' ] || exit 1
+echo "testing option -M 0"
+chage -M 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:0:7:12:18294:' ] || exit 1
+echo "testing option --maxdays"
+chage --max 2 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:7:12:18294:' ] || exit 1
+
+echo "testing option -W"
+chage -W 26 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:26:12:18294:' ] || exit 1
+echo "testing option -W -1"
+# NOTE: this behavior is not documented
+chage -W -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2::12:18294:' ] || exit 1
+echo "testing option -W 0"
+chage -W 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:0:12:18294:' ] || exit 1
+echo "testing option --warndays"
+chage --warndays 3 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:3:12:18294:' ] || exit 1
+
+echo "testing with all options"
+chage -d 2030-03-02 -E 1979-11-24 -I 10 -m 11 -M 12 --warndays 4 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:21975:11:12:4:10:3614:' ] || exit 1
+
+echo "interractive test"
+./run1.exp
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12990:13:14:9:35:15548:' ] || exit 1
+
+echo "interractive test (default)"
+./run2.exp
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12990:13:14:9:35:15548:' ] || exit 1
+chage -l myuser7 > tmp/out
+diff -au data/chage7b tmp/out
+
+echo "usage"
+chage -h > tmp/out || {
+ if [ "$?" != "2" ]; then false; fi
+}
+diff -au data/usage tmp/out
+
+echo "OK"
diff --git a/tests/chage/01/run1.exp b/tests/chage/01/run1.exp
new file mode 100755
index 0000000..0160fb1
--- /dev/null
+++ b/tests/chage/01/run1.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser7
+expect -re "Minimum Password Age .11\]: "
+send "13\r"
+expect -re "Maximum Password Age .12\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2030-03-02\]: "
+send "2005-07-26\r"
+expect -re "Password Expiration Warning .4\]: "
+send "9\r"
+expect -re "Password Inactive .10\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .1979-11-24\]: "
+send "2012-07-27\r"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/01/run2.exp b/tests/chage/01/run2.exp
new file mode 100755
index 0000000..f4f342f
--- /dev/null
+++ b/tests/chage/01/run2.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser7
+expect -re "Minimum Password Age .13\]: "
+send "\r"
+expect -re "Maximum Password Age .14\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-26\]: "
+send "\r"
+expect -re "Password Expiration Warning .9\]: "
+send "\r"
+expect -re "Password Inactive .35\]: "
+send "\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .2012-07-27\]: "
+send "\r"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/02/data/group b/tests/chage/02/data/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/02/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/02/data/gshadow b/tests/chage/02/data/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/02/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/02/data/passwd b/tests/chage/02/data/passwd
new file mode 100644
index 0000000..5bec374
--- /dev/null
+++ b/tests/chage/02/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/02/data/shadow b/tests/chage/02/data/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chage/02/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chage/02/run b/tests/chage/02/run
new file mode 100755
index 0000000..74ac268
--- /dev/null
+++ b/tests/chage/02/run
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test chage with bogus inputs
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save()
+{
+ [ ! -d tmp ] && mkdir tmp
+ for i in passwd group shadow gshadow
+ do
+ [ -f /etc/$i ] && cp /etc/$i tmp/$i
+ [ -f /etc/$i- ] && cp /etc/$i- tmp/$i-
+ done
+
+ true
+}
+
+restore()
+{
+ for i in passwd group shadow gshadow
+ do
+ [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i
+ [ -f tmp/$i- ] && cp tmp/$i- /etc/$i- && rm tmp/$i-
+ done
+ rm -f tmp/out
+ rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'if [ "$?" != "0" ]; then echo "FAIL"; fi; restore' 0
+
+for i in passwd group shadow gshadow
+do
+ cp data/$i /etc
+done
+
+echo "interractive test"
+./run.exp $(date "+%Y-%m-%d")
+
+echo "OK"
diff --git a/tests/chage/02/run.exp b/tests/chage/02/run.exp
new file mode 100755
index 0000000..0dbb27d
--- /dev/null
+++ b/tests/chage/02/run.exp
@@ -0,0 +1,83 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+proc expect_error {} {
+ expect {
+ "chage: error changing fields" {
+ expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+ }
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+ }
+}
+
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser
+expect -re "Minimum Password Age .0\]: "
+send -- "-2\r"
+expect_error
+
+spawn /usr/bin/chage myuser
+expect -re "Minimum Password Age .0\]: "
+send "foo\r"
+expect_error
+
+# chage accepts to be given only spaces
+#spawn /usr/bin/chage myuser
+#expect -re "Minimum Password Age .0\]: "
+#send -- " \r"
+#expect_error
+#
+#chage may not parse all the arguments.
+#This may be a problem is a date is provided instead of just a number
+#spawn /usr/bin/chage myuser
+#expect -re "Minimum Password Age .0\]: "
+#send -- "1 2\r"
+#expect_error
+
+spawn /usr/bin/chage myuser
+expect -re "Minimum Password Age .0\]: "
+send "11\r"
+expect -re "Maximum Password Age .99999\]: "
+send -- "-2\r"
+expect_error
+
+spawn /usr/bin/chage myuser
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "foo\r"
+expect_error
+
+# chage should verify the range of the arguments
+#spawn /usr/bin/chage myuser
+#expect -re "Minimum Password Age .0\]: "
+#send "\r"
+#expect -re "Maximum Password Age .99999\]: "
+#send "100000\r"
+#expect_error
+
+#spawn /usr/bin/chage myuser
+#expect -re "Minimum Password Age .0\]: "
+#send "\r"
+#expect -re "Maximum Password Age .99999\]: "
+#send "\r"
+#expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-25]: "
+#send "12\n"
+#expect_error
+
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/03_chsh_usage/chage.test b/tests/chage/03_chsh_usage/chage.test
new file mode 100755
index 0000000..db6200c
--- /dev/null
+++ b/tests/chage/03_chsh_usage/chage.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chage usage (chage -h)..."
+chage -h >tmp/usage.out
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/03_chsh_usage/config.txt b/tests/chage/03_chsh_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/03_chsh_usage/config.txt
diff --git a/tests/chage/03_chsh_usage/config/etc/group b/tests/chage/03_chsh_usage/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/03_chsh_usage/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/03_chsh_usage/config/etc/gshadow b/tests/chage/03_chsh_usage/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/03_chsh_usage/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/03_chsh_usage/config/etc/passwd b/tests/chage/03_chsh_usage/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/03_chsh_usage/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/03_chsh_usage/config/etc/shadow b/tests/chage/03_chsh_usage/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/03_chsh_usage/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/03_chsh_usage/data/usage.out b/tests/chage/03_chsh_usage/data/usage.out
new file mode 100644
index 0000000..31df15c
--- /dev/null
+++ b/tests/chage/03_chsh_usage/data/usage.out
@@ -0,0 +1,16 @@
+Usage: chage [options] LOGIN
+
+Options:
+ -d, --lastday LAST_DAY set date of last password change to LAST_DAY
+ -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -h, --help display this help message and exit
+ -I, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -l, --list show account aging information
+ -m, --mindays MIN_DAYS set minimum number of days before password
+ change to MIN_DAYS
+ -M, --maxdays MAX_DAYS set maximim number of days before password
+ change to MAX_DAYS
+ -R, --root CHROOT_DIR directory to chroot into
+ -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/04_chsh_usage_invalid_option/chage.test b/tests/chage/04_chsh_usage_invalid_option/chage.test
new file mode 100755
index 0000000..1ba8163
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when an invalid option is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chage with an invalid option (chage -Z bin)..."
+chage -Z bin 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/04_chsh_usage_invalid_option/config.txt b/tests/chage/04_chsh_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/config.txt
diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/group b/tests/chage/04_chsh_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/gshadow b/tests/chage/04_chsh_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/passwd b/tests/chage/04_chsh_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/shadow b/tests/chage/04_chsh_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/04_chsh_usage_invalid_option/data/usage.out b/tests/chage/04_chsh_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..21f71d6
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/data/usage.out
@@ -0,0 +1,17 @@
+chage: invalid option -- 'Z'
+Usage: chage [options] LOGIN
+
+Options:
+ -d, --lastday LAST_DAY set date of last password change to LAST_DAY
+ -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -h, --help display this help message and exit
+ -I, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -l, --list show account aging information
+ -m, --mindays MIN_DAYS set minimum number of days before password
+ change to MIN_DAYS
+ -M, --maxdays MAX_DAYS set maximim number of days before password
+ change to MAX_DAYS
+ -R, --root CHROOT_DIR directory to chroot into
+ -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/05_chsh_usage_2_users/chage.test b/tests/chage/05_chsh_usage_2_users/chage.test
new file mode 100755
index 0000000..5860393
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when 2 users are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chage with 2 users (chage -I 12 bin nobody)..."
+chage -I 12 bin nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/05_chsh_usage_2_users/config.txt b/tests/chage/05_chsh_usage_2_users/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/config.txt
diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/group b/tests/chage/05_chsh_usage_2_users/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/gshadow b/tests/chage/05_chsh_usage_2_users/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/passwd b/tests/chage/05_chsh_usage_2_users/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/shadow b/tests/chage/05_chsh_usage_2_users/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/05_chsh_usage_2_users/data/usage.out b/tests/chage/05_chsh_usage_2_users/data/usage.out
new file mode 100644
index 0000000..31df15c
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/data/usage.out
@@ -0,0 +1,16 @@
+Usage: chage [options] LOGIN
+
+Options:
+ -d, --lastday LAST_DAY set date of last password change to LAST_DAY
+ -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -h, --help display this help message and exit
+ -I, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -l, --list show account aging information
+ -m, --mindays MIN_DAYS set minimum number of days before password
+ change to MIN_DAYS
+ -M, --maxdays MAX_DAYS set maximim number of days before password
+ change to MAX_DAYS
+ -R, --root CHROOT_DIR directory to chroot into
+ -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/06_chsh_usage_no_users/chage.test b/tests/chage/06_chsh_usage_no_users/chage.test
new file mode 100755
index 0000000..0851d6e
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when no users are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chage without an user (chage -I 12)..."
+chage -I 12 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/06_chsh_usage_no_users/config.txt b/tests/chage/06_chsh_usage_no_users/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/config.txt
diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/group b/tests/chage/06_chsh_usage_no_users/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/gshadow b/tests/chage/06_chsh_usage_no_users/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/passwd b/tests/chage/06_chsh_usage_no_users/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/shadow b/tests/chage/06_chsh_usage_no_users/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/06_chsh_usage_no_users/data/usage.out b/tests/chage/06_chsh_usage_no_users/data/usage.out
new file mode 100644
index 0000000..31df15c
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/data/usage.out
@@ -0,0 +1,16 @@
+Usage: chage [options] LOGIN
+
+Options:
+ -d, --lastday LAST_DAY set date of last password change to LAST_DAY
+ -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -h, --help display this help message and exit
+ -I, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -l, --list show account aging information
+ -m, --mindays MIN_DAYS set minimum number of days before password
+ change to MIN_DAYS
+ -M, --maxdays MAX_DAYS set maximim number of days before password
+ change to MAX_DAYS
+ -R, --root CHROOT_DIR directory to chroot into
+ -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/07_chsh_usage-l_exclusive/chage.test b/tests/chage/07_chsh_usage-l_exclusive/chage.test
new file mode 100755
index 0000000..9036f09
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/chage.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when -l is used with another option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for opt in "-m 12" "-M 12" "-d 2011-09-11" "-W 12" "-I 12" "-E 2011-09-11"
+do
+ echo -n "Use chage with -l and $opt (chage -l $opt bin)..."
+ chage -l $opt bin 2>tmp/usage.out && exit 1 || {
+ status=$?
+ }
+ echo "OK"
+
+ echo -n "Check returned status ($status)..."
+ test "$status" = "2"
+ echo "OK"
+
+ echo "chage reported:"
+ echo "======================================================================="
+ cat tmp/usage.out
+ echo "======================================================================="
+ echo -n "Check the usage message..."
+ diff -au data/usage.out tmp/usage.out
+ echo "usage message OK."
+ rm -f tmp/usage.out
+done
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/07_chsh_usage-l_exclusive/config.txt b/tests/chage/07_chsh_usage-l_exclusive/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/config.txt
diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/group b/tests/chage/07_chsh_usage-l_exclusive/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/gshadow b/tests/chage/07_chsh_usage-l_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/passwd b/tests/chage/07_chsh_usage-l_exclusive/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/shadow b/tests/chage/07_chsh_usage-l_exclusive/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/07_chsh_usage-l_exclusive/data/usage.out b/tests/chage/07_chsh_usage-l_exclusive/data/usage.out
new file mode 100644
index 0000000..b006b60
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/data/usage.out
@@ -0,0 +1,17 @@
+chage: do not include "l" with other flags
+Usage: chage [options] LOGIN
+
+Options:
+ -d, --lastday LAST_DAY set date of last password change to LAST_DAY
+ -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -h, --help display this help message and exit
+ -I, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -l, --list show account aging information
+ -m, --mindays MIN_DAYS set minimum number of days before password
+ change to MIN_DAYS
+ -M, --maxdays MAX_DAYS set maximim number of days before password
+ change to MAX_DAYS
+ -R, --root CHROOT_DIR directory to chroot into
+ -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/08_chsh_usage_invalid_date/chage.test b/tests/chage/08_chsh_usage_invalid_date/chage.test
new file mode 100755
index 0000000..90007fc
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/chage.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when -l is used with another option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for opt in "-d 2011-09" "-E 2011-09-09-11"
+do
+ echo -n "Use chage with an invalid date (chage $opt bin)..."
+ chage $opt bin 2>tmp/usage.out && exit 1 || {
+ status=$?
+ }
+ echo "OK"
+
+ echo -n "Check returned status ($status)..."
+ test "$status" = "2"
+ echo "OK"
+
+ echo "chage reported:"
+ echo "======================================================================="
+ cat tmp/usage.out
+ echo "======================================================================="
+ d=$(echo $opt | cut -d' ' -f2)
+ sed -e "s/'$d'/'DATE'/" -i tmp/usage.out
+ echo -n "Check the usage message..."
+ diff -au data/usage.out tmp/usage.out
+ echo "usage message OK."
+ rm -f tmp/usage.out
+done
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/08_chsh_usage_invalid_date/config.txt b/tests/chage/08_chsh_usage_invalid_date/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/config.txt
diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/group b/tests/chage/08_chsh_usage_invalid_date/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/gshadow b/tests/chage/08_chsh_usage_invalid_date/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/passwd b/tests/chage/08_chsh_usage_invalid_date/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/shadow b/tests/chage/08_chsh_usage_invalid_date/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/08_chsh_usage_invalid_date/data/usage.out b/tests/chage/08_chsh_usage_invalid_date/data/usage.out
new file mode 100644
index 0000000..cb49bf8
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/data/usage.out
@@ -0,0 +1,17 @@
+chage: invalid date 'DATE'
+Usage: chage [options] LOGIN
+
+Options:
+ -d, --lastday LAST_DAY set date of last password change to LAST_DAY
+ -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -h, --help display this help message and exit
+ -I, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -l, --list show account aging information
+ -m, --mindays MIN_DAYS set minimum number of days before password
+ change to MIN_DAYS
+ -M, --maxdays MAX_DAYS set maximim number of days before password
+ change to MAX_DAYS
+ -R, --root CHROOT_DIR directory to chroot into
+ -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/chage.test b/tests/chage/09_chsh_usage_invalid_numeric_arg/chage.test
new file mode 100755
index 0000000..36d11e5
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/chage.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when -l is used with another option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for opt in "-I -12" "-m -12" "-M -12" "-W -12" "-I a" "-m 12.5" "-M 12a" "-W a12"
+do
+ echo -n "Use chage with an invalid date (chage $opt bin)..."
+ chage $opt bin 2>tmp/usage.out && exit 1 || {
+ status=$?
+ }
+ echo "OK"
+
+ echo -n "Check returned status ($status)..."
+ test "$status" = "2"
+ echo "OK"
+
+ echo "chage reported:"
+ echo "======================================================================="
+ cat tmp/usage.out
+ echo "======================================================================="
+ v=$(echo $opt | cut -d' ' -f2)
+ sed -e "s/'$v'/'VAL'/" -i tmp/usage.out
+ echo -n "Check the usage message..."
+ diff -au data/usage.out tmp/usage.out
+ echo "usage message OK."
+ rm -f tmp/usage.out
+done
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config.txt b/tests/chage/09_chsh_usage_invalid_numeric_arg/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config.txt
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/group b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/gshadow b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/passwd b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/shadow b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/data/usage.out b/tests/chage/09_chsh_usage_invalid_numeric_arg/data/usage.out
new file mode 100644
index 0000000..9fb70d6
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/data/usage.out
@@ -0,0 +1,17 @@
+chage: invalid numeric argument 'VAL'
+Usage: chage [options] LOGIN
+
+Options:
+ -d, --lastday LAST_DAY set date of last password change to LAST_DAY
+ -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -h, --help display this help message and exit
+ -I, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -l, --list show account aging information
+ -m, --mindays MIN_DAYS set minimum number of days before password
+ change to MIN_DAYS
+ -M, --maxdays MAX_DAYS set maximim number of days before password
+ change to MAX_DAYS
+ -R, --root CHROOT_DIR directory to chroot into
+ -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/10_chsh-l/chage.test b/tests/chage/10_chsh-l/chage.test
new file mode 100755
index 0000000..394c981
--- /dev/null
+++ b/tests/chage/10_chsh-l/chage.test
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when -l is used with another option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for user in $(ls data/)
+do
+ echo -n "Get $user aging info (chage -l $user)..."
+ chage -l $user >tmp/$user
+ echo "OK"
+
+ echo "chage reported:"
+ echo "======================================================================="
+ cat tmp/$user
+ echo "======================================================================="
+ echo -n "Compare with expected output..."
+ diff -au data/$user tmp/$user
+ echo "OK"
+ rm -f tmp/$user
+done
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/10_chsh-l/config.txt b/tests/chage/10_chsh-l/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/10_chsh-l/config.txt
diff --git a/tests/chage/10_chsh-l/config/etc/group b/tests/chage/10_chsh-l/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/10_chsh-l/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/10_chsh-l/config/etc/gshadow b/tests/chage/10_chsh-l/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/10_chsh-l/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/10_chsh-l/config/etc/passwd b/tests/chage/10_chsh-l/config/etc/passwd
new file mode 100644
index 0000000..31046cf
--- /dev/null
+++ b/tests/chage/10_chsh-l/config/etc/passwd
@@ -0,0 +1,32 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
+myuser8:x:424249:424242::/home:/bin/bash
+myuser9:x:424250:424242::/home:/bin/bash
+myuser10:x:424251:424242::/home:/bin/bash
+myuser11:x:424252:424242::/home:/bin/bash
+myuser12:x:424253:424242::/home:/bin/bash
+myuser13:x:424254:424242::/home:/bin/bash
diff --git a/tests/chage/10_chsh-l/config/etc/shadow b/tests/chage/10_chsh-l/config/etc/shadow
new file mode 100644
index 0000000..4b81469
--- /dev/null
+++ b/tests/chage/10_chsh-l/config/etc/shadow
@@ -0,0 +1,30 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1::
+myuser8:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:9999:7:1::
+myuser9:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:0:9999:7:1::
+myuser10:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0::7:1::
+#myuser11:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1::
diff --git a/tests/chage/10_chsh-l/data/myuser1 b/tests/chage/10_chsh-l/data/myuser1
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser1
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/10_chsh-l/data/myuser10 b/tests/chage/10_chsh-l/data/myuser10
new file mode 100644
index 0000000..8a9e5d1
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser10
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : -1
+Number of days of warning before password expires : 7
diff --git a/tests/chage/10_chsh-l/data/myuser11 b/tests/chage/10_chsh-l/data/myuser11
new file mode 100644
index 0000000..a54ec7a
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser11
@@ -0,0 +1,7 @@
+Last password change : never
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : -1
+Maximum number of days between password change : -1
+Number of days of warning before password expires : -1
diff --git a/tests/chage/10_chsh-l/data/myuser2 b/tests/chage/10_chsh-l/data/myuser2
new file mode 100644
index 0000000..7efdc0c
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser2
@@ -0,0 +1,7 @@
+Last password change : Jul 28, 2005
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 1
+Maximum number of days between password change : 99996
+Number of days of warning before password expires : 5
diff --git a/tests/chage/10_chsh-l/data/myuser3 b/tests/chage/10_chsh-l/data/myuser3
new file mode 100644
index 0000000..a263db9
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser3
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : Jan 01, 1970
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/10_chsh-l/data/myuser4 b/tests/chage/10_chsh-l/data/myuser4
new file mode 100644
index 0000000..11e2f2d
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser4
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : Jan 02, 1970
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/10_chsh-l/data/myuser5 b/tests/chage/10_chsh-l/data/myuser5
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser5
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/10_chsh-l/data/myuser6 b/tests/chage/10_chsh-l/data/myuser6
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser6
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/10_chsh-l/data/myuser7 b/tests/chage/10_chsh-l/data/myuser7
new file mode 100644
index 0000000..63debfb
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser7
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : Dec 11, 2032
+Password inactive : Dec 12, 2032
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : 9999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/10_chsh-l/data/myuser8 b/tests/chage/10_chsh-l/data/myuser8
new file mode 100644
index 0000000..4a3f4bd
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser8
@@ -0,0 +1,7 @@
+Last password change : never
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : 9999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/10_chsh-l/data/myuser9 b/tests/chage/10_chsh-l/data/myuser9
new file mode 100644
index 0000000..09f6fdc
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser9
@@ -0,0 +1,7 @@
+Last password change : password must be changed
+Password expires : password must be changed
+Password inactive : password must be changed
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : 9999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/11_chsh_usage_invalid_user/chage.test b/tests/chage/11_chsh_usage_invalid_user/chage.test
new file mode 100755
index 0000000..46d9d65
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage warns in case of invalid user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chage with an invalid user (chage -I 12 foo)..."
+chage -I 12 foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/11_chsh_usage_invalid_user/config.txt b/tests/chage/11_chsh_usage_invalid_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/config.txt
diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/group b/tests/chage/11_chsh_usage_invalid_user/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/gshadow b/tests/chage/11_chsh_usage_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/passwd b/tests/chage/11_chsh_usage_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/shadow b/tests/chage/11_chsh_usage_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/11_chsh_usage_invalid_user/data/usage.out b/tests/chage/11_chsh_usage_invalid_user/data/usage.out
new file mode 100644
index 0000000..cdc8a1f
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/data/usage.out
@@ -0,0 +1 @@
+chage: user 'foo' does not exist in /etc/passwd
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/chage.test b/tests/chage/12_chsh_usage-l_invalid_user2/chage.test
new file mode 100755
index 0000000..d3b5255
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage warns in case of invalid user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chage with an invalid user (chage -l foo)..."
+chage -l foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config.txt b/tests/chage/12_chsh_usage-l_invalid_user2/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/config.txt
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/group b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/gshadow b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/passwd b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/shadow b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/data/usage.out b/tests/chage/12_chsh_usage-l_invalid_user2/data/usage.out
new file mode 100644
index 0000000..cdc8a1f
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/data/usage.out
@@ -0,0 +1 @@
+chage: user 'foo' does not exist in /etc/passwd
diff --git a/tests/chage/13_chsh_locked_passwd/chage.test b/tests/chage/13_chsh_locked_passwd/chage.test
new file mode 100755
index 0000000..aeeb412
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/chage.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage warns when passwd is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Use chage with an invalid user (chage -I 12 bin)..."
+chage -I 12 bin 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/13_chsh_locked_passwd/config.txt b/tests/chage/13_chsh_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/config.txt
diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/group b/tests/chage/13_chsh_locked_passwd/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/gshadow b/tests/chage/13_chsh_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/passwd b/tests/chage/13_chsh_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/shadow b/tests/chage/13_chsh_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/13_chsh_locked_passwd/data/usage.out b/tests/chage/13_chsh_locked_passwd/data/usage.out
new file mode 100644
index 0000000..caa44b5
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/data/usage.out
@@ -0,0 +1,2 @@
+chage: existing lock file /etc/passwd.lock without a PID
+chage: cannot lock /etc/passwd; try again later.
diff --git a/tests/chage/14_chsh_locked_shadow/chage.test b/tests/chage/14_chsh_locked_shadow/chage.test
new file mode 100755
index 0000000..3474d95
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/chage.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage warns when shadow is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Use chage with an invalid user (chage -I 12 bin)..."
+chage -I 12 bin 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/14_chsh_locked_shadow/config.txt b/tests/chage/14_chsh_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/config.txt
diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/group b/tests/chage/14_chsh_locked_shadow/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/gshadow b/tests/chage/14_chsh_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/passwd b/tests/chage/14_chsh_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/shadow b/tests/chage/14_chsh_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/14_chsh_locked_shadow/data/usage.out b/tests/chage/14_chsh_locked_shadow/data/usage.out
new file mode 100644
index 0000000..f396f3c
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/data/usage.out
@@ -0,0 +1,2 @@
+chage: existing lock file /etc/shadow.lock without a PID
+chage: cannot lock /etc/shadow; try again later.
diff --git a/tests/chage/15_chage-I_no_shadow_entry/chage.test b/tests/chage/15_chage-I_no_shadow_entry/chage.test
new file mode 100755
index 0000000..77a06a2
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's inactivity period (chage -I 12 bin)..."
+chage -I 12 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config.txt b/tests/chage/15_chage-I_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/group b/tests/chage/15_chage-I_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/gshadow b/tests/chage/15_chage-I_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/login.defs b/tests/chage/15_chage-I_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/passwd b/tests/chage/15_chage-I_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/shadow b/tests/chage/15_chage-I_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/15_chage-I_no_shadow_entry/data/passwd b/tests/chage/15_chage-I_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/15_chage-I_no_shadow_entry/data/shadow b/tests/chage/15_chage-I_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..d32d937
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*:::::12::
diff --git a/tests/chage/16_chage-m_no_shadow_entry/chage.test b/tests/chage/16_chage-m_no_shadow_entry/chage.test
new file mode 100755
index 0000000..778a65a
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's mindays (chage -m 12 bin)..."
+chage -m 12 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config.txt b/tests/chage/16_chage-m_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/group b/tests/chage/16_chage-m_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/gshadow b/tests/chage/16_chage-m_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/login.defs b/tests/chage/16_chage-m_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/passwd b/tests/chage/16_chage-m_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/shadow b/tests/chage/16_chage-m_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/16_chage-m_no_shadow_entry/data/passwd b/tests/chage/16_chage-m_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/16_chage-m_no_shadow_entry/data/shadow b/tests/chage/16_chage-m_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..dc6bc8b
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*::12:::::
diff --git a/tests/chage/17_chage-M_no_shadow_entry/chage.test b/tests/chage/17_chage-M_no_shadow_entry/chage.test
new file mode 100755
index 0000000..6b70f06
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's mindays (chage -M 12 bin)..."
+chage -M 12 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config.txt b/tests/chage/17_chage-M_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/group b/tests/chage/17_chage-M_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/gshadow b/tests/chage/17_chage-M_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/login.defs b/tests/chage/17_chage-M_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/passwd b/tests/chage/17_chage-M_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/shadow b/tests/chage/17_chage-M_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/17_chage-M_no_shadow_entry/data/passwd b/tests/chage/17_chage-M_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/17_chage-M_no_shadow_entry/data/shadow b/tests/chage/17_chage-M_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..fb623f7
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*:::12::::
diff --git a/tests/chage/18_chage-d_no_shadow_entry/chage.test b/tests/chage/18_chage-d_no_shadow_entry/chage.test
new file mode 100755
index 0000000..fb56cef
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's mindays (chage -d 2011-09-11 bin)..."
+chage -d 2011-09-11 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config.txt b/tests/chage/18_chage-d_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/group b/tests/chage/18_chage-d_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/gshadow b/tests/chage/18_chage-d_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/login.defs b/tests/chage/18_chage-d_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/passwd b/tests/chage/18_chage-d_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/shadow b/tests/chage/18_chage-d_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/18_chage-d_no_shadow_entry/data/passwd b/tests/chage/18_chage-d_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/18_chage-d_no_shadow_entry/data/shadow b/tests/chage/18_chage-d_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..df82e6c
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*:15228::::::
diff --git a/tests/chage/19_chage-W_no_shadow_entry/chage.test b/tests/chage/19_chage-W_no_shadow_entry/chage.test
new file mode 100755
index 0000000..410ccbb
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's mindays (chage -W 12 bin)..."
+chage -W 12 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config.txt b/tests/chage/19_chage-W_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/group b/tests/chage/19_chage-W_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/gshadow b/tests/chage/19_chage-W_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/login.defs b/tests/chage/19_chage-W_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/passwd b/tests/chage/19_chage-W_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/shadow b/tests/chage/19_chage-W_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/19_chage-W_no_shadow_entry/data/passwd b/tests/chage/19_chage-W_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/19_chage-W_no_shadow_entry/data/shadow b/tests/chage/19_chage-W_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..3265423
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*::::12:::
diff --git a/tests/chage/20_chage-E_no_shadow_entry/chage.test b/tests/chage/20_chage-E_no_shadow_entry/chage.test
new file mode 100755
index 0000000..52079f7
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's mindays (chage -E 2011-09-11 bin)..."
+chage -E 2011-09-11 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config.txt b/tests/chage/20_chage-E_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/group b/tests/chage/20_chage-E_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/gshadow b/tests/chage/20_chage-E_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/login.defs b/tests/chage/20_chage-E_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/passwd b/tests/chage/20_chage-E_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/shadow b/tests/chage/20_chage-E_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/20_chage-E_no_shadow_entry/data/passwd b/tests/chage/20_chage-E_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/20_chage-E_no_shadow_entry/data/shadow b/tests/chage/20_chage-E_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..752a49a
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*::::::15228:
diff --git a/tests/chage/21_chage_no_shadow_file/chage.test b/tests/chage/21_chage_no_shadow_file/chage.test
new file mode 100755
index 0000000..c2e8d0e
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/chage.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage warns when shadow is not enabled"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Use chage with an invalid user (chage -I 12 bin)..."
+chage -I 12 bin 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "15"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/21_chage_no_shadow_file/config.txt b/tests/chage/21_chage_no_shadow_file/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/config.txt
diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/group b/tests/chage/21_chage_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/gshadow b/tests/chage/21_chage_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/passwd b/tests/chage/21_chage_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/shadow b/tests/chage/21_chage_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/21_chage_no_shadow_file/data/usage.out b/tests/chage/21_chage_no_shadow_file/data/usage.out
new file mode 100644
index 0000000..07d7a30
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/data/usage.out
@@ -0,0 +1 @@
+chage: the shadow password file is not present
diff --git a/tests/chage/22_chage_myuser-l/chage.test b/tests/chage/22_chage_myuser-l/chage.test
new file mode 100755
index 0000000..34ad36d
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/chage.test
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage can be used to show one's aging info"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for user in $(ls data/)
+do
+ echo -n "Get $user aging info (chage -l $user)..."
+ su myuser1 -c "chage -l $user" >tmp/$user
+ echo "OK"
+
+ echo "chage reported:"
+ echo "======================================================================="
+ cat tmp/$user
+ echo "======================================================================="
+ echo -n "Compare with expected output..."
+ diff -au data/$user tmp/$user
+ echo "OK"
+ rm -f tmp/$user
+done
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/22_chage_myuser-l/config.txt b/tests/chage/22_chage_myuser-l/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/config.txt
diff --git a/tests/chage/22_chage_myuser-l/config/etc/group b/tests/chage/22_chage_myuser-l/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/22_chage_myuser-l/config/etc/gshadow b/tests/chage/22_chage_myuser-l/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/22_chage_myuser-l/config/etc/passwd b/tests/chage/22_chage_myuser-l/config/etc/passwd
new file mode 100644
index 0000000..31046cf
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/config/etc/passwd
@@ -0,0 +1,32 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
+myuser8:x:424249:424242::/home:/bin/bash
+myuser9:x:424250:424242::/home:/bin/bash
+myuser10:x:424251:424242::/home:/bin/bash
+myuser11:x:424252:424242::/home:/bin/bash
+myuser12:x:424253:424242::/home:/bin/bash
+myuser13:x:424254:424242::/home:/bin/bash
diff --git a/tests/chage/22_chage_myuser-l/config/etc/shadow b/tests/chage/22_chage_myuser-l/config/etc/shadow
new file mode 100644
index 0000000..4b81469
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/config/etc/shadow
@@ -0,0 +1,30 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1::
+myuser8:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:9999:7:1::
+myuser9:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:0:9999:7:1::
+myuser10:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0::7:1::
+#myuser11:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1::
diff --git a/tests/chage/22_chage_myuser-l/data/myuser1 b/tests/chage/22_chage_myuser-l/data/myuser1
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/data/myuser1
@@ -0,0 +1,7 @@
+Last password change : Jul 27, 2005
+Password expires : never
+Password inactive : never
+Account expires : never
+Minimum number of days between password change : 0
+Maximum number of days between password change : 99999
+Number of days of warning before password expires : 7
diff --git a/tests/chage/23_chage_myuser-I/chage.test b/tests/chage/23_chage_myuser-I/chage.test
new file mode 100755
index 0000000..0bd7043
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage forbids to change aging info"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myusers1 uses chage to change myuser1 aging info (chage -I 12 myuser2)..."
+su myuser1 -c "chage -I 12 myuser1" 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/23_chage_myuser-I/config.txt b/tests/chage/23_chage_myuser-I/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/config.txt
diff --git a/tests/chage/23_chage_myuser-I/config/etc/group b/tests/chage/23_chage_myuser-I/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/23_chage_myuser-I/config/etc/gshadow b/tests/chage/23_chage_myuser-I/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/23_chage_myuser-I/config/etc/passwd b/tests/chage/23_chage_myuser-I/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/23_chage_myuser-I/config/etc/shadow b/tests/chage/23_chage_myuser-I/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/23_chage_myuser-I/data/usage.out b/tests/chage/23_chage_myuser-I/data/usage.out
new file mode 100644
index 0000000..dc0d6ca
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/data/usage.out
@@ -0,0 +1 @@
+chage: Permission denied.
diff --git a/tests/chage/24_chage_myuser-l_other/chage.test b/tests/chage/24_chage_myuser-l_other/chage.test
new file mode 100755
index 0000000..ef2f8e2
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage forbids to get other accounts aging info"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myusers1 uses chage to get myuser2 aging info (chage -l myuser2)..."
+su myuser1 -c "chage -l myuser2" 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/24_chage_myuser-l_other/config.txt b/tests/chage/24_chage_myuser-l_other/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/config.txt
diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/group b/tests/chage/24_chage_myuser-l_other/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/gshadow b/tests/chage/24_chage_myuser-l_other/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/passwd b/tests/chage/24_chage_myuser-l_other/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/shadow b/tests/chage/24_chage_myuser-l_other/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/24_chage_myuser-l_other/data/usage.out b/tests/chage/24_chage_myuser-l_other/data/usage.out
new file mode 100644
index 0000000..dc0d6ca
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/data/usage.out
@@ -0,0 +1 @@
+chage: Permission denied.
diff --git a/tests/chage/25_chage_interractive/chage.test b/tests/chage/25_chage_interractive/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/25_chage_interractive/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/25_chage_interractive/config.txt b/tests/chage/25_chage_interractive/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/25_chage_interractive/config/etc/group b/tests/chage/25_chage_interractive/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/25_chage_interractive/config/etc/gshadow b/tests/chage/25_chage_interractive/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/25_chage_interractive/config/etc/login.defs b/tests/chage/25_chage_interractive/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/25_chage_interractive/config/etc/passwd b/tests/chage/25_chage_interractive/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/25_chage_interractive/config/etc/shadow b/tests/chage/25_chage_interractive/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/25_chage_interractive/data/shadow b/tests/chage/25_chage_interractive/data/shadow
new file mode 100644
index 0000000..334494a
--- /dev/null
+++ b/tests/chage/25_chage_interractive/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12990:13:14:9:35:15548:
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/25_chage_interractive/run.exp b/tests/chage/25_chage_interractive/run.exp
new file mode 100755
index 0000000..5b4b1d0
--- /dev/null
+++ b/tests/chage/25_chage_interractive/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "2005-07-26\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9\r"
+expect -re "Password Inactive .-1\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "2012-07-27\r"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/26_chage_interractive_date_0/chage.test b/tests/chage/26_chage_interractive_date_0/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/26_chage_interractive_date_0/config.txt b/tests/chage/26_chage_interractive_date_0/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/group b/tests/chage/26_chage_interractive_date_0/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/gshadow b/tests/chage/26_chage_interractive_date_0/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/login.defs b/tests/chage/26_chage_interractive_date_0/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/passwd b/tests/chage/26_chage_interractive_date_0/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/shadow b/tests/chage/26_chage_interractive_date_0/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/26_chage_interractive_date_0/data/shadow b/tests/chage/26_chage_interractive_date_0/data/shadow
new file mode 100644
index 0000000..293987c
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:13:14:9:35:0:
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/26_chage_interractive_date_0/run.exp b/tests/chage/26_chage_interractive_date_0/run.exp
new file mode 100755
index 0000000..2f97abb
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "0\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9\r"
+expect -re "Password Inactive .-1\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "0\r"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/27_chage_interractive_date_-1/chage.test b/tests/chage/27_chage_interractive_date_-1/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/27_chage_interractive_date_-1/config.txt b/tests/chage/27_chage_interractive_date_-1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/group b/tests/chage/27_chage_interractive_date_-1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/gshadow b/tests/chage/27_chage_interractive_date_-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/login.defs b/tests/chage/27_chage_interractive_date_-1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/passwd b/tests/chage/27_chage_interractive_date_-1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/shadow b/tests/chage/27_chage_interractive_date_-1/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/27_chage_interractive_date_-1/data/shadow b/tests/chage/27_chage_interractive_date_-1/data/shadow
new file mode 100644
index 0000000..800f1a2
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::13:14:9:35::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/27_chage_interractive_date_-1/run.exp b/tests/chage/27_chage_interractive_date_-1/run.exp
new file mode 100755
index 0000000..f4c20a1
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send -- "-1\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9\r"
+expect -re "Password Inactive .-1\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send -- "-1\r"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/chage.test b/tests/chage/28_chage_interractive_date_EPOCH/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config.txt b/tests/chage/28_chage_interractive_date_EPOCH/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/group b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/gshadow b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/login.defs b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/passwd b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/shadow b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/data/shadow b/tests/chage/28_chage_interractive_date_EPOCH/data/shadow
new file mode 100644
index 0000000..293987c
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:13:14:9:35:0:
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/run.exp b/tests/chage/28_chage_interractive_date_EPOCH/run.exp
new file mode 100755
index 0000000..a93e8cc
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "1970-01-01\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9\r"
+expect -re "Password Inactive .-1\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "1970-01-01\r"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/chage.test b/tests/chage/29_chage_interractive_date_pre-EPOCH/chage.test
new file mode 100755
index 0000000..99f2df4
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config.txt b/tests/chage/29_chage_interractive_date_pre-EPOCH/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/group b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/gshadow b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/login.defs b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/passwd b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/shadow b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/run.exp b/tests/chage/29_chage_interractive_date_pre-EPOCH/run.exp
new file mode 100755
index 0000000..a43fd04
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/run.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "1900-01-01\r"
+expect "chage: error changing fields\r\n"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/chage.test b/tests/chage/30_chage_interractive_date_pre-EPOCH2/chage.test
new file mode 100755
index 0000000..99f2df4
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config.txt b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/group b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/gshadow b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/login.defs b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/passwd b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/shadow b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/run.exp b/tests/chage/30_chage_interractive_date_pre-EPOCH2/run.exp
new file mode 100755
index 0000000..9c3c5db
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/run.exp
@@ -0,0 +1,32 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "1970-01-01\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9\r"
+expect -re "Password Inactive .-1\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "1900-01-01\r"
+expect "chage: error changing fields\r\n"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/31_chage_interractive_date_invalid/chage.test b/tests/chage/31_chage_interractive_date_invalid/chage.test
new file mode 100755
index 0000000..84e9390
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock /etc/shadow.lock' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/31_chage_interractive_date_invalid/config.txt b/tests/chage/31_chage_interractive_date_invalid/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/group b/tests/chage/31_chage_interractive_date_invalid/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/gshadow b/tests/chage/31_chage_interractive_date_invalid/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/login.defs b/tests/chage/31_chage_interractive_date_invalid/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/passwd b/tests/chage/31_chage_interractive_date_invalid/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/shadow b/tests/chage/31_chage_interractive_date_invalid/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/31_chage_interractive_date_invalid/run.exp b/tests/chage/31_chage_interractive_date_invalid/run.exp
new file mode 100755
index 0000000..91551d4
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/run.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "2000-13-42\r"
+expect "chage: error changing fields\r\n"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/32_chage_interractive_date_invalid2/chage.test b/tests/chage/32_chage_interractive_date_invalid2/chage.test
new file mode 100755
index 0000000..99f2df4
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config.txt b/tests/chage/32_chage_interractive_date_invalid2/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/group b/tests/chage/32_chage_interractive_date_invalid2/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/gshadow b/tests/chage/32_chage_interractive_date_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/login.defs b/tests/chage/32_chage_interractive_date_invalid2/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/passwd b/tests/chage/32_chage_interractive_date_invalid2/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/shadow b/tests/chage/32_chage_interractive_date_invalid2/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/32_chage_interractive_date_invalid2/run.exp b/tests/chage/32_chage_interractive_date_invalid2/run.exp
new file mode 100755
index 0000000..edc3f78
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/run.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "2000-mm-42\r"
+expect "chage: error changing fields\r\n"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/33_chage_interractive-W_invalid1/chage.test b/tests/chage/33_chage_interractive-W_invalid1/chage.test
new file mode 100755
index 0000000..fc4dd9d
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage interractive session checks field validity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config.txt b/tests/chage/33_chage_interractive-W_invalid1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/group b/tests/chage/33_chage_interractive-W_invalid1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/gshadow b/tests/chage/33_chage_interractive-W_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/login.defs b/tests/chage/33_chage_interractive-W_invalid1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/passwd b/tests/chage/33_chage_interractive-W_invalid1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/shadow b/tests/chage/33_chage_interractive-W_invalid1/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/33_chage_interractive-W_invalid1/run.exp b/tests/chage/33_chage_interractive-W_invalid1/run.exp
new file mode 100755
index 0000000..ac50231
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/run.exp
@@ -0,0 +1,32 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "0\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9a\r"
+#expect -re "Password Inactive .-1\]: "
+#send "35\r"
+#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+#send "0\r"
+expect "chage: error changing fields\r\n"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/34_chage_interractive-W_invalid2/chage.test b/tests/chage/34_chage_interractive-W_invalid2/chage.test
new file mode 100755
index 0000000..fc4dd9d
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage interractive session checks field validity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config.txt b/tests/chage/34_chage_interractive-W_invalid2/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/group b/tests/chage/34_chage_interractive-W_invalid2/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/gshadow b/tests/chage/34_chage_interractive-W_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/login.defs b/tests/chage/34_chage_interractive-W_invalid2/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/passwd b/tests/chage/34_chage_interractive-W_invalid2/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/shadow b/tests/chage/34_chage_interractive-W_invalid2/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/34_chage_interractive-W_invalid2/run.exp b/tests/chage/34_chage_interractive-W_invalid2/run.exp
new file mode 100755
index 0000000..04b6f57
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/run.exp
@@ -0,0 +1,32 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "0\r"
+expect -re "Password Expiration Warning .7\]: "
+send -- "-2\r"
+#expect -re "Password Inactive .-1\]: "
+#send "35\r"
+#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+#send "0\r"
+expect "chage: error changing fields\r\n"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/35_chage_interractive-W-1/chage.test b/tests/chage/35_chage_interractive-W-1/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/35_chage_interractive-W-1/config.txt b/tests/chage/35_chage_interractive-W-1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/group b/tests/chage/35_chage_interractive-W-1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/gshadow b/tests/chage/35_chage_interractive-W-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/login.defs b/tests/chage/35_chage_interractive-W-1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/passwd b/tests/chage/35_chage_interractive-W-1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/shadow b/tests/chage/35_chage_interractive-W-1/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/35_chage_interractive-W-1/data/shadow b/tests/chage/35_chage_interractive-W-1/data/shadow
new file mode 100644
index 0000000..4b74f15
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999::::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/35_chage_interractive-W-1/run.exp b/tests/chage/35_chage_interractive-W-1/run.exp
new file mode 100755
index 0000000..84fd749
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "\r"
+expect -re "Password Expiration Warning .7\]: "
+send -- "-1\r"
+expect -re "Password Inactive .-1\]: "
+send "\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "\r"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/36_chage_interractive-I_invalid1/chage.test b/tests/chage/36_chage_interractive-I_invalid1/chage.test
new file mode 100755
index 0000000..fc4dd9d
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage interractive session checks field validity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config.txt b/tests/chage/36_chage_interractive-I_invalid1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/group b/tests/chage/36_chage_interractive-I_invalid1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/gshadow b/tests/chage/36_chage_interractive-I_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/login.defs b/tests/chage/36_chage_interractive-I_invalid1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/passwd b/tests/chage/36_chage_interractive-I_invalid1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/shadow b/tests/chage/36_chage_interractive-I_invalid1/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/36_chage_interractive-I_invalid1/run.exp b/tests/chage/36_chage_interractive-I_invalid1/run.exp
new file mode 100755
index 0000000..1e3087b
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/run.exp
@@ -0,0 +1,32 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "\r"
+expect -re "Password Expiration Warning .7\]: "
+send "\r"
+expect -re "Password Inactive .-1\]: "
+send "9a\r"
+#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+#send "0\r"
+expect "chage: error changing fields\r\n"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/37_chage_interractive-I_invalid2/chage.test b/tests/chage/37_chage_interractive-I_invalid2/chage.test
new file mode 100755
index 0000000..fc4dd9d
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage interractive session checks field validity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config.txt b/tests/chage/37_chage_interractive-I_invalid2/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/group b/tests/chage/37_chage_interractive-I_invalid2/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/gshadow b/tests/chage/37_chage_interractive-I_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/login.defs b/tests/chage/37_chage_interractive-I_invalid2/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/passwd b/tests/chage/37_chage_interractive-I_invalid2/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/shadow b/tests/chage/37_chage_interractive-I_invalid2/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/37_chage_interractive-I_invalid2/run.exp b/tests/chage/37_chage_interractive-I_invalid2/run.exp
new file mode 100755
index 0000000..b059117
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/run.exp
@@ -0,0 +1,32 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "\r"
+expect -re "Password Expiration Warning .7\]: "
+send "\r"
+expect -re "Password Inactive .-1\]: "
+send -- "-2\r"
+#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+#send "0\r"
+expect "chage: error changing fields\r\n"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/38_chage_interractive-I-1/chage.test b/tests/chage/38_chage_interractive-I-1/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/38_chage_interractive-I-1/config.txt b/tests/chage/38_chage_interractive-I-1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/group b/tests/chage/38_chage_interractive-I-1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/gshadow b/tests/chage/38_chage_interractive-I-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/login.defs b/tests/chage/38_chage_interractive-I-1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/passwd b/tests/chage/38_chage_interractive-I-1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/shadow b/tests/chage/38_chage_interractive-I-1/config/etc/shadow
new file mode 100644
index 0000000..922d955
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:3::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/38_chage_interractive-I-1/data/shadow b/tests/chage/38_chage_interractive-I-1/data/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/38_chage_interractive-I-1/run.exp b/tests/chage/38_chage_interractive-I-1/run.exp
new file mode 100755
index 0000000..94eb463
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "\r"
+expect -re "Password Expiration Warning .7\]: "
+send "\r"
+expect -re "Password Inactive .3\]: "
+send -- "-1\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "\r"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/39_chage_interractive-d-1/chage.test b/tests/chage/39_chage_interractive-d-1/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/39_chage_interractive-d-1/config.txt b/tests/chage/39_chage_interractive-d-1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/group b/tests/chage/39_chage_interractive-d-1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/gshadow b/tests/chage/39_chage_interractive-d-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/login.defs b/tests/chage/39_chage_interractive-d-1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/passwd b/tests/chage/39_chage_interractive-d-1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/shadow b/tests/chage/39_chage_interractive-d-1/config/etc/shadow
new file mode 100644
index 0000000..a1afc12
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:99999:7:3::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/39_chage_interractive-d-1/data/shadow b/tests/chage/39_chage_interractive-d-1/data/shadow
new file mode 100644
index 0000000..a1afc12
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:99999:7:3::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/39_chage_interractive-d-1/run.exp b/tests/chage/39_chage_interractive-d-1/run.exp
new file mode 100755
index 0000000..362436b
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .-1\]: "
+send -- "-1\r"
+expect -re "Password Expiration Warning .7\]: "
+send "\r"
+expect -re "Password Inactive .3\]: "
+send "\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "\r"
+expect {
+ eof {
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chroot/chage/01_chage--root/chage.test b/tests/chroot/chage/01_chage--root/chage.test
new file mode 100755
index 0000000..df9aad5
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/chage.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage can change user's data in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change root's last day in chroot (chage --root $PWD/tmp/root -d 2012-12-12 root)..."
+chage --root $PWD/tmp/root -d 2012-12-12 root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/chage/01_chage--root/config.txt b/tests/chroot/chage/01_chage--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/chage/01_chage--root/config/etc/default/useradd b/tests/chroot/chage/01_chage--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/chage/01_chage--root/config/etc/group b/tests/chroot/chage/01_chage--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/chage/01_chage--root/config/etc/gshadow b/tests/chroot/chage/01_chage--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/chage/01_chage--root/config/etc/passwd b/tests/chroot/chage/01_chage--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/chage/01_chage--root/config/etc/shadow b/tests/chroot/chage/01_chage--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/group b/tests/chroot/chage/01_chage--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/gshadow b/tests/chroot/chage/01_chage--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/login.defs b/tests/chroot/chage/01_chage--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/passwd b/tests/chroot/chage/01_chage--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/shadow b/tests/chroot/chage/01_chage--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chage/01_chage--root/data/shadow b/tests/chroot/chage/01_chage--root/data/shadow
new file mode 100644
index 0000000..c9e698b
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:15686:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test b/tests/chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test
new file mode 100755
index 0000000..afbdb4b
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change nobody and lp's password in chroot..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --root $PWD/tmp/root -c SHA256
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config.txt b/tests/chroot/chgpasswd/01_chgpasswd--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/default/useradd b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/group b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/gshadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/passwd b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/shadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/group b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/gshadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/login.defs b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/passwd b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/shadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/data/gshadow b/tests/chroot/chgpasswd/01_chgpasswd--root/data/gshadow
new file mode 100644
index 0000000..2ea5fca
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA256 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test b/tests/chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test
new file mode 100755
index 0000000..17282f9
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change nobody and lp's password in chroot..."
+echo 'nobody:test
+lp:test2' | chpasswd --root $PWD/tmp/root -c SHA256
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/shadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config.txt b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/default/useradd b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/group b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/gshadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/passwd b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/shadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/group b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/gshadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/login.defs b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/passwd b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/shadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/data/shadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/data/shadow
new file mode 100644
index 0000000..8a67bed
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test b/tests/chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test
new file mode 100755
index 0000000..2e2f895
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change nobody and lp's password in chroot..."
+echo 'nobody:test
+lp:test2' | chpasswd --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/shadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config.txt b/tests/chroot/chpasswd/02_chpasswd--root_pam/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/default/useradd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/group b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/gshadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/passwd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/shadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/group b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/gshadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/login.defs b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/chpasswd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/chpasswd
new file mode 100644
index 0000000..da2adcc
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/chpasswd
@@ -0,0 +1,5 @@
+# The PAM configuration file for the Shadow 'chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/common-password b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords. Without this option,
+# the default is Unix crypt. Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/passwd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/shadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/data/shadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/data/shadow
new file mode 100644
index 0000000..5839a29
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chsh/01_chsh--root/chsh.test b/tests/chroot/chsh/01_chsh--root/chsh.test
new file mode 100755
index 0000000..b99cbb4
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/chsh.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chsh can change a user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change user in chroot (chsh --root $PWD/tmp/root -s /bin/dash root)..."
+chsh --root $PWD/tmp/root -s /bin/dash root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/chsh/01_chsh--root/config.txt b/tests/chroot/chsh/01_chsh--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/default/useradd b/tests/chroot/chsh/01_chsh--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/group b/tests/chroot/chsh/01_chsh--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/gshadow b/tests/chroot/chsh/01_chsh--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/passwd b/tests/chroot/chsh/01_chsh--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/shadow b/tests/chroot/chsh/01_chsh--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot.list b/tests/chroot/chsh/01_chsh--root/config_chroot.list
new file mode 100644
index 0000000..166e521
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot.list
@@ -0,0 +1 @@
+/bin/dash
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/group b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/gshadow b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/login.defs b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh
new file mode 100644
index 0000000..7eb604d
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh
@@ -0,0 +1,20 @@
+#
+# The PAM configuration file for the Shadow `chsh' service
+#
+
+# This will not allow a user to change their shell unless
+# their current one is listed in /etc/shells. This keeps
+# accounts with special shells from changing them.
+auth required pam_shells.so
+
+# This allows root to change user shell without being
+# prompted for a password
+auth sufficient pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-account b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-account
new file mode 100644
index 0000000..316b173
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-account
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system. The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
+# here's the fallback if no module succeeds
+account requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-auth b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-auth
new file mode 100644
index 0000000..5facfa2
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-auth
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth [success=1 default=ignore] pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-session b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-session
new file mode 100644
index 0000000..4ad1729
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-session
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-session - session-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of sessions of *any* kind (both interactive and
+# non-interactive).
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session [default=1] pam_permit.so
+# here's the fallback if no module succeeds
+session requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session required pam_unix.so
+# end of pam-auth-update config
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/passwd b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shadow b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shells b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shells
new file mode 100644
index 0000000..3cf5cc4
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shells
@@ -0,0 +1,3 @@
+# /etc/shells: valid login shells
+/bin/bash
+/bin/dash
diff --git a/tests/chroot/chsh/01_chsh--root/data/passwd b/tests/chroot/chsh/01_chsh--root/data/passwd
new file mode 100644
index 0000000..72c8a86
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/dash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config.txt b/tests/chroot/gpasswd/01_gpasswd--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/default/useradd b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/group b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/gshadow b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/passwd b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/shadow b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/group b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/gshadow b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/login.defs b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/passwd b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/shadow b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/data/group b/tests/chroot/gpasswd/01_gpasswd--root/data/group
new file mode 100644
index 0000000..5c28b63
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/data/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/data/gshadow b/tests/chroot/gpasswd/01_gpasswd--root/data/gshadow
new file mode 100644
index 0000000..7b869c2
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/gpasswd.test b/tests/chroot/gpasswd/01_gpasswd--root/gpasswd.test
new file mode 100755
index 0000000..8e861aa
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/gpasswd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+ls tmp/root/lib
+
+echo -n "Chang group in chroot (gpasswd -a root users -Q $PWD/tmp/root)..."
+gpasswd -a root users -Q $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/groupadd/01_groupadd--root/config.txt b/tests/chroot/groupadd/01_groupadd--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/default/useradd b/tests/chroot/groupadd/01_groupadd--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/group b/tests/chroot/groupadd/01_groupadd--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/gshadow b/tests/chroot/groupadd/01_groupadd--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/passwd b/tests/chroot/groupadd/01_groupadd--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/shadow b/tests/chroot/groupadd/01_groupadd--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/group b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/gshadow b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/login.defs b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/passwd b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/shadow b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/groupadd/01_groupadd--root/data/group b/tests/chroot/groupadd/01_groupadd--root/data/group
new file mode 100644
index 0000000..ffc452f
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+foo:x:1000:
diff --git a/tests/chroot/groupadd/01_groupadd--root/data/gshadow b/tests/chroot/groupadd/01_groupadd--root/data/gshadow
new file mode 100644
index 0000000..e4b350d
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
+foo:!::
diff --git a/tests/chroot/groupadd/01_groupadd--root/groupadd.test b/tests/chroot/groupadd/01_groupadd--root/groupadd.test
new file mode 100755
index 0000000..26f4c9b
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/groupadd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Add group foo in chroot (groupadd --root $PWD/tmp/root foo)..."
+groupadd --root $PWD/tmp/root foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/groupdel/01_groupdel--root/config.txt b/tests/chroot/groupdel/01_groupdel--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/default/useradd b/tests/chroot/groupdel/01_groupdel--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/group b/tests/chroot/groupdel/01_groupdel--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/gshadow b/tests/chroot/groupdel/01_groupdel--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/passwd b/tests/chroot/groupdel/01_groupdel--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/shadow b/tests/chroot/groupdel/01_groupdel--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/group b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/gshadow b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/login.defs b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/passwd b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/shadow b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/groupdel/01_groupdel--root/data/group b/tests/chroot/groupdel/01_groupdel--root/data/group
new file mode 100644
index 0000000..9ee4d56
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/groupdel/01_groupdel--root/data/gshadow b/tests/chroot/groupdel/01_groupdel--root/data/gshadow
new file mode 100644
index 0000000..b969cf2
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/groupdel/01_groupdel--root/groupdel.test b/tests/chroot/groupdel/01_groupdel--root/groupdel.test
new file mode 100755
index 0000000..6d7fa5a
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/groupdel.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmodd can delete a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Delete group users in chroot (groupdel --root $PWD/tmp/root users)..."
+groupdel --root $PWD/tmp/root users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/groupmod/01_groupmod--root/config.txt b/tests/chroot/groupmod/01_groupmod--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/default/useradd b/tests/chroot/groupmod/01_groupmod--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/group b/tests/chroot/groupmod/01_groupmod--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/gshadow b/tests/chroot/groupmod/01_groupmod--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/passwd b/tests/chroot/groupmod/01_groupmod--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/shadow b/tests/chroot/groupmod/01_groupmod--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/group b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/gshadow b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/login.defs b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/passwd b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/shadow b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/groupmod/01_groupmod--root/data/group b/tests/chroot/groupmod/01_groupmod--root/data/group
new file mode 100644
index 0000000..068bdf5
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+utilisateurs:x:100:
diff --git a/tests/chroot/groupmod/01_groupmod--root/data/gshadow b/tests/chroot/groupmod/01_groupmod--root/data/gshadow
new file mode 100644
index 0000000..249ec49
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
+utilisateurs:*::
diff --git a/tests/chroot/groupmod/01_groupmod--root/groupmod.test b/tests/chroot/groupmod/01_groupmod--root/groupmod.test
new file mode 100755
index 0000000..853df8f
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/groupmod.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change group in chroot (groupmod --root $PWD/tmp/root -n utilisateurs users)..."
+groupmod --root $PWD/tmp/root -n utilisateurs users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/grpck/01_grpck--root/config.txt b/tests/chroot/grpck/01_grpck--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/default/useradd b/tests/chroot/grpck/01_grpck--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/group b/tests/chroot/grpck/01_grpck--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/gshadow b/tests/chroot/grpck/01_grpck--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/passwd b/tests/chroot/grpck/01_grpck--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/shadow b/tests/chroot/grpck/01_grpck--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/group b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/gshadow b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/login.defs b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/passwd b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/shadow b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/grpck/01_grpck--root/data/group b/tests/chroot/grpck/01_grpck--root/data/group
new file mode 100644
index 0000000..dd74ea8
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+crontab:x:101:
+Debian-exim:x:102:
+nogroup:x:65534:
+myuser:x:424242:
diff --git a/tests/chroot/grpck/01_grpck--root/data/gshadow b/tests/chroot/grpck/01_grpck--root/data/gshadow
new file mode 100644
index 0000000..5b9b1d4
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+nogroup:*::
+myuser:x::
diff --git a/tests/chroot/grpck/01_grpck--root/grpck.test b/tests/chroot/grpck/01_grpck--root/grpck.test
new file mode 100755
index 0000000..93867d0
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/grpck.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can sort groups in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Sort groups in chroot (grpck --sort --root $PWD/tmp/root)..."
+grpck --sort --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/grpconv/01_grpconv--root/config.txt b/tests/chroot/grpconv/01_grpconv--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/default/useradd b/tests/chroot/grpconv/01_grpconv--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/group b/tests/chroot/grpconv/01_grpconv--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/gshadow b/tests/chroot/grpconv/01_grpconv--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/passwd b/tests/chroot/grpconv/01_grpconv--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/shadow b/tests/chroot/grpconv/01_grpconv--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/group b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/group
new file mode 100644
index 0000000..27f1e9a
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:foo:100:
+nogroup::65534:
+crontab:*:101:
+Debian-exim:!:102:
+myuser:*:424242:
diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/login.defs b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/passwd b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/shadow b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/grpconv/01_grpconv--root/data/group b/tests/chroot/grpconv/01_grpconv--root/data/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/grpconv/01_grpconv--root/data/gshadow b/tests/chroot/grpconv/01_grpconv--root/data/gshadow
new file mode 100644
index 0000000..5f81b8f
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/data/gshadow
@@ -0,0 +1,42 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:foo::
+nogroup:::
+crontab:*::
+Debian-exim:!::
+myuser:*::
diff --git a/tests/chroot/grpconv/01_grpconv--root/grpconv.test b/tests/chroot/grpconv/01_grpconv--root/grpconv.test
new file mode 100755
index 0000000..92e1bf0
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/grpconv.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpconv can change a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "grpconv in a chroot (grpconv --root $PWD/tmp/root)..."
+grpconv --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/gshadow
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config.txt b/tests/chroot/grpunconv/01_grpunconv--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/default/useradd b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/group b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/gshadow b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/gshadow
new file mode 100644
index 0000000..b21489b
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/passwd b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/shadow b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/group b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/gshadow b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..86f5654
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/login.defs b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/passwd b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/shadow b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/data/group b/tests/chroot/grpunconv/01_grpunconv--root/data/group
new file mode 100644
index 0000000..9a03703
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/data/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:
+nogroup:*:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242:
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/grpunconv.test b/tests/chroot/grpunconv/01_grpunconv--root/grpunconv.test
new file mode 100755
index 0000000..5d6edd5
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/grpunconv.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpunconv can change a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "grpunconv in a chroot (grpunconv --root $PWD/tmp/root)..."
+grpunconv --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+test ! -f tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/lastlog/01_lastlog--root/config.txt b/tests/chroot/lastlog/01_lastlog--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/default/useradd b/tests/chroot/lastlog/01_lastlog--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/group b/tests/chroot/lastlog/01_lastlog--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/gshadow b/tests/chroot/lastlog/01_lastlog--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/passwd b/tests/chroot/lastlog/01_lastlog--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/shadow b/tests/chroot/lastlog/01_lastlog--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/group b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/gshadow b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/login.defs b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/passwd b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/shadow b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/lastlog/01_lastlog--root/data/group b/tests/chroot/lastlog/01_lastlog--root/data/group
new file mode 100644
index 0000000..5c28b63
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/data/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/lastlog/01_lastlog--root/data/gshadow b/tests/chroot/lastlog/01_lastlog--root/data/gshadow
new file mode 100644
index 0000000..7b869c2
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/lastlog/01_lastlog--root/data/lastlog.list b/tests/chroot/lastlog/01_lastlog--root/data/lastlog.list
new file mode 100644
index 0000000..e95b205
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/data/lastlog.list
@@ -0,0 +1,2 @@
+Username
+myuser
diff --git a/tests/chroot/lastlog/01_lastlog--root/lastlog.test b/tests/chroot/lastlog/01_lastlog--root/lastlog.test
new file mode 100755
index 0000000..d61d9a7
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/lastlog.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; rm -f tmp/root/var/log/lastlog; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Create an empty /var/log/lastlog in the chroot..."
+> tmp/root/var/log/lastlog
+echo "OK"
+
+echo -n "lastlog --root $PWD/tmp/root -u 424242..."
+lastlog --root $PWD/tmp/root -u 424242> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+rm -f tmp/root/var/log/lastlog
+
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/login/01_login_sublogin/config.txt b/tests/chroot/login/01_login_sublogin/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/chroot/login/01_login_sublogin/config/etc/group b/tests/chroot/login/01_login_sublogin/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/login/01_login_sublogin/config/etc/gshadow b/tests/chroot/login/01_login_sublogin/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/login/01_login_sublogin/config/etc/login.defs b/tests/chroot/login/01_login_sublogin/config/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/login/01_login_sublogin/config/etc/passwd b/tests/chroot/login/01_login_sublogin/config/etc/passwd
new file mode 100644
index 0000000..7b82b88
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/nonexistent:*/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/login/01_login_sublogin/config/etc/shadow b/tests/chroot/login/01_login_sublogin/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot.list b/tests/chroot/login/01_login_sublogin/config_chroot.list
new file mode 100644
index 0000000..e22e8e8
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot.list
@@ -0,0 +1,3 @@
+/bin/dash
+/bin/sh
+/usr/bin/id
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/group b/tests/chroot/login/01_login_sublogin/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/gshadow b/tests/chroot/login/01_login_sublogin/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/login.defs b/tests/chroot/login/01_login_sublogin/config_chroot/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-account b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-account
new file mode 100644
index 0000000..316b173
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-account
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system. The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
+# here's the fallback if no module succeeds
+account requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-auth b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-auth
new file mode 100644
index 0000000..5facfa2
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-auth
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth [success=1 default=ignore] pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-password b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords. Without this option,
+# the default is Unix crypt. Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session
new file mode 100644
index 0000000..4ad1729
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-session - session-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of sessions of *any* kind (both interactive and
+# non-interactive).
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session [default=1] pam_permit.so
+# here's the fallback if no module succeeds
+session requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session required pam_unix.so
+# end of pam-auth-update config
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session-noninteractive b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session-noninteractive
new file mode 100644
index 0000000..c9144d5
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session-noninteractive
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-session-noninteractive - session-related modules
+# common to all non-interactive services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of all non-interactive sessions.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session [default=1] pam_permit.so
+# here's the fallback if no module succeeds
+session requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session required pam_unix.so
+# end of pam-auth-update config
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/login b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/login
new file mode 100644
index 0000000..f1e43b2
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/login
@@ -0,0 +1,107 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/other b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/other
new file mode 100644
index 0000000..59d776c
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/other
@@ -0,0 +1,16 @@
+#
+# /etc/pam.d/other - specify the PAM fallback behaviour
+#
+# Note that this file is used for any unspecified service; for example
+#if /etc/pam.d/cron specifies no session modules but cron calls
+#pam_open_session, the session module out of /etc/pam.d/other is
+#used. If you really want nothing to happen then use pam_permit.so or
+#pam_deny.so as appropriate.
+
+# We fall back to the system default in /etc/pam.d/common-*
+#
+
+@include common-auth
+@include common-account
+@include common-password
+@include common-session
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/passwd b/tests/chroot/login/01_login_sublogin/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/securetty b/tests/chroot/login/01_login_sublogin/config_chroot/etc/securetty
new file mode 100644
index 0000000..4d70544
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/securetty
@@ -0,0 +1,390 @@
+# /etc/securetty: list of terminals on which root is allowed to login.
+# See securetty(5) and login(1).
+
+console
+
+# Local X displays (allows empty passwords with pam_unix's nullok_secure)
+:0
+:0.0
+:0.1
+:1
+:1.0
+:1.1
+:2
+:2.0
+:2.1
+:3
+:3.0
+:3.1
+#...
+
+
+# ==========================================================
+#
+# TTYs sorted by major number according to Documentation/devices.txt
+#
+# ==========================================================
+
+# Virtual consoles
+tty1
+tty2
+tty3
+tty4
+tty5
+tty6
+tty7
+tty8
+tty9
+tty10
+tty11
+tty12
+tty13
+tty14
+tty15
+tty16
+tty17
+tty18
+tty19
+tty20
+tty21
+tty22
+tty23
+tty24
+tty25
+tty26
+tty27
+tty28
+tty29
+tty30
+tty31
+tty32
+tty33
+tty34
+tty35
+tty36
+tty37
+tty38
+tty39
+tty40
+tty41
+tty42
+tty43
+tty44
+tty45
+tty46
+tty47
+tty48
+tty49
+tty50
+tty51
+tty52
+tty53
+tty54
+tty55
+tty56
+tty57
+tty58
+tty59
+tty60
+tty61
+tty62
+tty63
+
+# UART serial ports
+ttyS0
+ttyS1
+ttyS2
+ttyS3
+ttyS4
+ttyS5
+#...ttyS191
+
+# Serial Mux devices (Linux/PA-RISC only)
+ttyB0
+ttyB1
+#...
+
+# Chase serial card
+ttyH0
+ttyH1
+#...
+
+# Cyclades serial cards
+ttyC0
+ttyC1
+#...ttyC31
+
+# Digiboard serial cards
+ttyD0
+ttyD1
+#...
+
+# Stallion serial cards
+ttyE0
+ttyE1
+#...ttyE255
+
+# Specialix serial cards
+ttyX0
+ttyX1
+#...
+
+# Comtrol Rocketport serial cards
+ttyR0
+ttyR1
+#...
+
+# SDL RISCom serial cards
+ttyL0
+ttyL1
+#...
+
+# Hayes ESP serial card
+ttyP0
+ttyP1
+#...
+
+# Computone IntelliPort II serial card
+ttyF0
+ttyF1
+#...ttyF255
+
+# Specialix IO8+ serial card
+ttyW0
+ttyW1
+#...
+
+# Comtrol VS-1000 serial controller
+ttyV0
+ttyV1
+#...
+
+# ISI serial card
+ttyM0
+ttyM1
+#...
+
+# Technology Concepts serial card
+ttyT0
+ttyT1
+#...
+
+# Specialix RIO serial card
+ttySR0
+ttySR1
+#...ttySR511
+
+# Chase Research AT/PCI-Fast serial card
+ttyCH0
+ttyCH1
+#...ttyCH63
+
+# Moxa Intellio serial card
+ttyMX0
+ttyMX1
+#...ttyMX127
+
+# SmartIO serial card
+ttySI0
+ttySI1
+#...
+
+# USB dongles
+ttyUSB0
+ttyUSB1
+ttyUSB2
+#...
+
+# LinkUp Systems L72xx UARTs
+ttyLU0
+ttyLU1
+ttyLU2
+ttyLU3
+
+# StrongARM builtin serial ports
+ttySA0
+ttySA1
+ttySA2
+
+# SCI serial port (SuperH) ports and SC26xx serial ports
+ttySC0
+ttySC1
+ttySC2
+ttySC3
+
+# ARM "AMBA" serial ports
+ttyAM0
+ttyAM1
+ttyAM2
+ttyAM3
+ttyAM4
+ttyAM5
+ttyAM6
+ttyAM7
+ttyAM8
+ttyAM9
+ttyAM10
+ttyAM11
+ttyAM12
+ttyAM13
+ttyAM14
+ttyAM15
+
+# Embedded ARM AMBA PL011 ports (e.g. emulated by QEMU)
+ttyAMA0
+ttyAMA1
+ttyAMA2
+ttyAMA3
+
+# DataBooster serial ports
+ttyDB0
+ttyDB1
+ttyDB2
+ttyDB3
+ttyDB4
+ttyDB5
+ttyDB6
+ttyDB7
+
+# SGI Altix console ports
+ttySG0
+
+# Motorola i.MX ports
+ttySMX0
+ttySMX1
+ttySMX2
+
+# Marvell MPSC ports
+ttyMM0
+ttyMM1
+
+# PPC CPM (SCC or SMC) ports
+ttyCPM0
+ttyCPM1
+ttyCPM2
+ttyCPM3
+ttyCPM4
+ttyCPM5
+
+# Altix serial cards
+ttyIOC0
+ttyIOC1
+#...ttyIOC31
+
+# NEC VR4100 series SIU
+ttyVR0
+
+# NEC VR4100 series SSIU
+ttyVR1
+
+# Altix ioc4 serial cards
+ttyIOC84
+ttyIOC85
+#...ttyIOC115
+
+# Altix ioc3 serial cards
+ttySIOC0
+ttySIOC1
+#...ttySIOC31
+
+# PPC PSC ports
+ttyPSC0
+ttyPSC1
+ttyPSC2
+ttyPSC3
+ttyPSC4
+ttyPSC5
+
+# ATMEL serial ports
+ttyAT0
+ttyAT1
+#...ttyAT15
+
+# Hilscher netX serial port
+ttyNX0
+ttyNX1
+#...ttyNX15
+
+# Xilinx uartlite - port
+ttyUL0
+ttyUL1
+ttyUL2
+ttyUL3
+
+# Xen virtual console - port 0
+xvc0
+
+# pmac_zilog - port
+ttyPZ0
+ttyPZ1
+ttyPZ2
+ttyPZ3
+
+# TX39/49 serial port
+ttyTX0
+ttyTX1
+ttyTX2
+ttyTX3
+ttyTX4
+ttyTX5
+ttyTX6
+ttyTX7
+
+# SC26xx serial ports (see SCI serial ports (SuperH))
+
+# MAX3100 serial ports
+ttyMAX0
+ttyMAX1
+ttyMAX2
+ttyMAX3
+
+# OMAP serial ports
+ttyO0
+ttyO1
+ttyO2
+ttyO3
+
+# User space serial ports
+ttyU0
+ttyU1
+
+# A2232 serial card
+ttyY0
+ttyY1
+
+# IBM 3270 terminal Unix tty access
+3270/tty1
+3270/tty2
+#...
+
+# IBM iSeries/pSeries virtual console
+hvc0
+hvc1
+#...
+#IBM pSeries console ports
+hvsi0
+hvsi1
+hvsi2
+
+# Equinox SST multi-port serial boards
+ttyEQ0
+ttyEQ1
+#...ttyEQ1027
+
+# ==========================================================
+#
+# Not in Documentation/Devicess.txt
+#
+# ==========================================================
+
+# Embedded Freescale i.MX ports
+ttymxc0
+ttymxc1
+ttymxc2
+ttymxc3
+ttymxc4
+ttymxc5
+
+# Serial Console for MIPS Swarm
+duart0
+duart1
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/security/limits.conf b/tests/chroot/login/01_login_sublogin/config_chroot/etc/security/limits.conf
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/security/limits.conf
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/shadow b/tests/chroot/login/01_login_sublogin/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/login/01_login_sublogin/login.exp b/tests/chroot/login/01_login_sublogin/login.exp
new file mode 100755
index 0000000..86253bc
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/login.exp
@@ -0,0 +1,25 @@
+#!/usr/bin/expect
+
+set timeout 10
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "strace -s 1000 -o /tmp/login.strace login\r"
+expect " login: "
+send "myuser\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "$ "
+
+send "# expect uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+send "id\r"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+send "exit\r"
+
+exit 0
diff --git a/tests/chroot/login/01_login_sublogin/login.test b/tests/chroot/login/01_login_sublogin/login.test
new file mode 100755
index 0000000..f5d271b
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/login.test
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+testname=$(basename $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "try regular login with user prompt"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+usermod -d $PWD/tmp/root myuser
+
+prepare_chroot
+
+./login.exp
+echo
+
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/pwck/01_pwck--root/config.txt b/tests/chroot/pwck/01_pwck--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/default/useradd b/tests/chroot/pwck/01_pwck--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/group b/tests/chroot/pwck/01_pwck--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/gshadow b/tests/chroot/pwck/01_pwck--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/passwd b/tests/chroot/pwck/01_pwck--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/shadow b/tests/chroot/pwck/01_pwck--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/group b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/gshadow b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/login.defs b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/passwd b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..76c6fc3
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
+testsuite::424244:424244::/home:/bin/bash
+testsuite1::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/shadow b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/pwck/01_pwck--root/data/pwck.out b/tests/chroot/pwck/01_pwck--root/data/pwck.out
new file mode 100644
index 0000000..92a5670
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/data/pwck.out
@@ -0,0 +1,59 @@
+user 'root': program '/bin/bash' does not exist
+user 'daemon': directory '/usr/sbin' does not exist
+user 'daemon': program '/bin/sh' does not exist
+user 'bin': directory '/bin' does not exist
+user 'bin': program '/bin/sh' does not exist
+user 'sys': directory '/dev' does not exist
+user 'sys': program '/bin/sh' does not exist
+user 'sync': directory '/bin' does not exist
+user 'sync': program '/bin/sync' does not exist
+user 'games': directory '/usr/games' does not exist
+user 'games': program '/bin/sh' does not exist
+user 'man': directory '/var/cache/man' does not exist
+user 'man': program '/bin/sh' does not exist
+user 'lp': directory '/var/spool/lpd' does not exist
+user 'lp': program '/bin/sh' does not exist
+user 'mail': directory '/var/mail' does not exist
+user 'mail': program '/bin/sh' does not exist
+user 'news': directory '/var/spool/news' does not exist
+user 'news': program '/bin/sh' does not exist
+user 'uucp': directory '/var/spool/uucp' does not exist
+user 'uucp': program '/bin/sh' does not exist
+user 'proxy': directory '/bin' does not exist
+user 'proxy': program '/bin/sh' does not exist
+user 'www-data': directory '/var/www' does not exist
+user 'www-data': program '/bin/sh' does not exist
+user 'backup': directory '/var/backups' does not exist
+user 'backup': program '/bin/sh' does not exist
+user 'list': directory '/var/list' does not exist
+user 'list': program '/bin/sh' does not exist
+user 'irc': directory '/var/run/ircd' does not exist
+user 'irc': program '/bin/sh' does not exist
+user 'gnats': directory '/var/lib/gnats' does not exist
+user 'gnats': program '/bin/sh' does not exist
+user 'nobody': directory '/nonexistent' does not exist
+user 'nobody': program '/bin/sh' does not exist
+user 'Debian-exim': directory '/var/spool/exim4' does not exist
+user 'Debian-exim': program '/bin/false' does not exist
+user 'myuser': directory '/home/' does not exist
+user 'myuser': program '/bin/sh' does not exist
+duplicate password entry
+delete line 'testsuite::424243:424243::/home:/bin/bash'? No
+user 'testsuite': no group 424243
+user 'testsuite': directory '/home' does not exist
+user 'testsuite': program '/bin/bash' does not exist
+no matching password file entry in /etc/shadow
+add user 'testsuite' in /etc/shadow? No
+duplicate password entry
+delete line 'testsuite::424244:424244::/home:/bin/bash'? No
+user 'testsuite': no group 424244
+user 'testsuite': directory '/home' does not exist
+user 'testsuite': program '/bin/bash' does not exist
+no matching password file entry in /etc/shadow
+add user 'testsuite' in /etc/shadow? No
+user 'testsuite1': no group 424243
+user 'testsuite1': directory '/home' does not exist
+user 'testsuite1': program '/bin/bash' does not exist
+no matching password file entry in /etc/shadow
+add user 'testsuite1' in /etc/shadow? No
+pwck: no changes
diff --git a/tests/chroot/pwck/01_pwck--root/pwck.test b/tests/chroot/pwck/01_pwck--root/pwck.test
new file mode 100755
index 0000000..25cba9f
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/pwck.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck can change a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "pwck in a chroot (pwck --read-only --root $PWD/tmp/root)..."
+pwck --read-only --root $PWD/tmp/root >tmp/pwck.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.out tmp/pwck.out
+echo "error message OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/pwconv/01_pwconv--root/config.txt b/tests/chroot/pwconv/01_pwconv--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/default/useradd b/tests/chroot/pwconv/01_pwconv--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/group b/tests/chroot/pwconv/01_pwconv--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/gshadow b/tests/chroot/pwconv/01_pwconv--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/passwd b/tests/chroot/pwconv/01_pwconv--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/shadow b/tests/chroot/pwconv/01_pwconv--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/group b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/gshadow b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/login.defs b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/passwd b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..1a85284
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/pwconv/01_pwconv--root/data/passwd b/tests/chroot/pwconv/01_pwconv--root/data/passwd
new file mode 100644
index 0000000..89b6962
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite:x:424243:424243::/home:/bin/bash
diff --git a/tests/chroot/pwconv/01_pwconv--root/data/shadow b/tests/chroot/pwconv/01_pwconv--root/data/shadow
new file mode 100644
index 0000000..38bf30c
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:@TODAY@:0:99999:7:::
+daemon:*:@TODAY@:0:99999:7:::
+bin:*:@TODAY@:0:99999:7:::
+sys:*:@TODAY@:0:99999:7:::
+sync:*:@TODAY@:0:99999:7:::
+games:*:@TODAY@:0:99999:7:::
+man:*:@TODAY@:0:99999:7:::
+lp:*:@TODAY@:0:99999:7:::
+mail:*:@TODAY@:0:99999:7:::
+news:*:@TODAY@:0:99999:7:::
+uucp:*:@TODAY@:0:99999:7:::
+proxy:*:@TODAY@:0:99999:7:::
+www-data:*:@TODAY@:0:99999:7:::
+backup:*:@TODAY@:0:99999:7:::
+list:*:@TODAY@:0:99999:7:::
+irc:*:@TODAY@:0:99999:7:::
+gnats:*:@TODAY@:0:99999:7:::
+nobody:*:@TODAY@:0:99999:7:::
+Debian-exim:!:@TODAY@:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:@TODAY@:0:99999:7:::
+testsuite::@TODAY@:0:99999:7:::
diff --git a/tests/chroot/pwconv/01_pwconv--root/pwconv.test b/tests/chroot/pwconv/01_pwconv--root/pwconv.test
new file mode 100755
index 0000000..3b92ab4
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/pwconv.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv can change a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "pwconv in a chroot (pwconv --root $PWD/tmp/root)..."
+pwconv --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/shadow
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config.txt b/tests/chroot/pwunconv/01_pwunconv--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/default/useradd b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/group b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/gshadow b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/passwd b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/shadow b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/group b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/gshadow b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/login.defs b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/passwd b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/shadow b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/data/passwd b/tests/chroot/pwunconv/01_pwunconv--root/data/passwd
new file mode 100644
index 0000000..1a85284
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/data/passwd
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/pwunconv.test b/tests/chroot/pwunconv/01_pwunconv--root/pwunconv.test
new file mode 100755
index 0000000..60c2552
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/pwunconv.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwunconv can change a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "pwunconv in a chroot (pwunconv --root $PWD/tmp/root)..."
+pwunconv --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+test ! -f tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/useradd/01_useradd--root/config.txt b/tests/chroot/useradd/01_useradd--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/default/useradd b/tests/chroot/useradd/01_useradd--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/group b/tests/chroot/useradd/01_useradd--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/gshadow b/tests/chroot/useradd/01_useradd--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/passwd b/tests/chroot/useradd/01_useradd--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/shadow b/tests/chroot/useradd/01_useradd--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/group b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/gshadow b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/login.defs b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/passwd b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/shadow b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/useradd/01_useradd--root/data/group b/tests/chroot/useradd/01_useradd--root/data/group
new file mode 100644
index 0000000..ffc452f
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+foo:x:1000:
diff --git a/tests/chroot/useradd/01_useradd--root/data/gshadow b/tests/chroot/useradd/01_useradd--root/data/gshadow
new file mode 100644
index 0000000..e4b350d
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
+foo:!::
diff --git a/tests/chroot/useradd/01_useradd--root/data/passwd b/tests/chroot/useradd/01_useradd--root/data/passwd
new file mode 100644
index 0000000..102186a
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
+foo:x:1000:1000::/home/foo:
diff --git a/tests/chroot/useradd/01_useradd--root/data/shadow b/tests/chroot/useradd/01_useradd--root/data/shadow
new file mode 100644
index 0000000..258cf2b
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:::
diff --git a/tests/chroot/useradd/01_useradd--root/useradd.test b/tests/chroot/useradd/01_useradd--root/useradd.test
new file mode 100755
index 0000000..aa9dd35
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/useradd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can add an user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Add user foo in chroot (useradd --root $PWD/tmp/root foo)..."
+useradd --root $PWD/tmp/root foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config.txt b/tests/chroot/useradd/02_useradd--root_login.defs/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/default/useradd b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/group b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/gshadow b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/passwd b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/shadow b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/group b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/gshadow b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/login.defs b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/login.defs
new file mode 100644
index 0000000..419eb13
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 2000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1500
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/passwd b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/shadow b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/group b/tests/chroot/useradd/02_useradd--root_login.defs/data/group
new file mode 100644
index 0000000..eb04ced
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+foo:x:2000:
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/gshadow b/tests/chroot/useradd/02_useradd--root_login.defs/data/gshadow
new file mode 100644
index 0000000..e4b350d
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
+foo:!::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/passwd b/tests/chroot/useradd/02_useradd--root_login.defs/data/passwd
new file mode 100644
index 0000000..25d10d6
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
+foo:x:2000:2000::/home/foo:
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/shadow b/tests/chroot/useradd/02_useradd--root_login.defs/data/shadow
new file mode 100644
index 0000000..258cf2b
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/useradd.test b/tests/chroot/useradd/02_useradd--root_login.defs/useradd.test
new file mode 100755
index 0000000..aa9dd35
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/useradd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can add an user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Add user foo in chroot (useradd --root $PWD/tmp/root foo)..."
+useradd --root $PWD/tmp/root foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config.txt b/tests/chroot/useradd/03_useradd--root_useradd.default/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/default/useradd b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/group b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/gshadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/passwd b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/shadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/default/useradd b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/default/useradd
new file mode 100644
index 0000000..5051e1d
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/group b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/gshadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/login.defs b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/passwd b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/shadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/group b/tests/chroot/useradd/03_useradd--root_useradd.default/data/group
new file mode 100644
index 0000000..ffc452f
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+foo:x:1000:
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/gshadow b/tests/chroot/useradd/03_useradd--root_useradd.default/data/gshadow
new file mode 100644
index 0000000..e4b350d
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
+foo:!::
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/passwd b/tests/chroot/useradd/03_useradd--root_useradd.default/data/passwd
new file mode 100644
index 0000000..22fa744
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
+foo:x:1000:1000::/tmp/foo:/bin/sh
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/shadow b/tests/chroot/useradd/03_useradd--root_useradd.default/data/shadow
new file mode 100644
index 0000000..f4c9dfb
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/useradd.test b/tests/chroot/useradd/03_useradd--root_useradd.default/useradd.test
new file mode 100755
index 0000000..aa9dd35
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/useradd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can add an user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Add user foo in chroot (useradd --root $PWD/tmp/root foo)..."
+useradd --root $PWD/tmp/root foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config.txt b/tests/chroot/useradd/04_useradd--root_useradd-D/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/default/useradd b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/group b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/gshadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/passwd b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/shadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/default/useradd b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/default/useradd
new file mode 100644
index 0000000..5051e1d
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/group b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/gshadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/login.defs b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/passwd b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/shadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/data/useradd.out b/tests/chroot/useradd/04_useradd--root_useradd-D/data/useradd.out
new file mode 100644
index 0000000..581c055
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/data/useradd.out
@@ -0,0 +1,7 @@
+GROUP=10
+HOME=/tmp
+INACTIVE=12
+EXPIRE=2007-12-02
+SHELL=/bin/sh
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/useradd.test b/tests/chroot/useradd/04_useradd--root_useradd-D/useradd.test
new file mode 100755
index 0000000..069e704
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/useradd.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can list defaults from a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "List defaults in chroot (useradd --root $PWD/tmp/root foo)..."
+useradd -D --root $PWD/tmp/root > tmp/useradd.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.out tmp/useradd.out
+echo "OK."
+rm -f tmp/useradd.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc//group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config.txt b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/default/useradd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/group b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/gshadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/passwd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/shadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/default/useradd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/default/useradd
new file mode 100644
index 0000000..d1406e4
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/group b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/gshadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/login.defs b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/passwd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/shadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/data/useradd.default b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/data/useradd.default
new file mode 100644
index 0000000..aaca91a
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/data/useradd.default
@@ -0,0 +1,38 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=424242
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2012-12-12
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test
new file mode 100755
index 0000000..97059da
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can list defaults from a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "List defaults in chroot (useradd -D --root $PWD/tmp/root -e 2012-12-12 -g 424242)..."
+useradd -D --root $PWD/tmp/root -e 2012-12-12 -g 424242
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc//group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+echo -n "Check the useradd's default file..."
+diff -au data/useradd.default tmp/root/etc/default/useradd
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+rm -f tmp/root/etc/default/useradd-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/userdel/01_userdel--root/config.txt b/tests/chroot/userdel/01_userdel--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/default/useradd b/tests/chroot/userdel/01_userdel--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/group b/tests/chroot/userdel/01_userdel--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/gshadow b/tests/chroot/userdel/01_userdel--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/passwd b/tests/chroot/userdel/01_userdel--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/shadow b/tests/chroot/userdel/01_userdel--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/group b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/gshadow b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/login.defs b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/passwd b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/shadow b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/userdel/01_userdel--root/data/group b/tests/chroot/userdel/01_userdel--root/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/userdel/01_userdel--root/data/gshadow b/tests/chroot/userdel/01_userdel--root/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/userdel/01_userdel--root/data/passwd b/tests/chroot/userdel/01_userdel--root/data/passwd
new file mode 100644
index 0000000..4736f1c
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/userdel/01_userdel--root/data/shadow b/tests/chroot/userdel/01_userdel--root/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/userdel/01_userdel--root/userdel.test b/tests/chroot/userdel/01_userdel--root/userdel.test
new file mode 100755
index 0000000..4ee203e
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/userdel.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel can change a user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Delete a user in chroot (userdel --root $PWD/tmp/root myuser)..."
+userdel --root $PWD/tmp/root myuser
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/usermod/01_usermod--root/config.txt b/tests/chroot/usermod/01_usermod--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/default/useradd b/tests/chroot/usermod/01_usermod--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/group b/tests/chroot/usermod/01_usermod--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/gshadow b/tests/chroot/usermod/01_usermod--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/passwd b/tests/chroot/usermod/01_usermod--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/shadow b/tests/chroot/usermod/01_usermod--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/group b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/gshadow b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/login.defs b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/passwd b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/shadow b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/usermod/01_usermod--root/data/passwd b/tests/chroot/usermod/01_usermod--root/data/passwd
new file mode 100644
index 0000000..1f47aaf
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:100:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/usermod/01_usermod--root/usermod.test b/tests/chroot/usermod/01_usermod--root/usermod.test
new file mode 100755
index 0000000..14f7a08
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/usermod.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can change a user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change user in chroot (usermod --root $PWD/tmp/root -g users root)..."
+usermod --root $PWD/tmp/root -g users root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/01/data/chsh1 b/tests/chsh/01/data/chsh1
new file mode 100644
index 0000000..01b3d53
--- /dev/null
+++ b/tests/chsh/01/data/chsh1
@@ -0,0 +1 @@
+You may not change the shell for 'myuser'.
diff --git a/tests/chsh/01/data/chsh2 b/tests/chsh/01/data/chsh2
new file mode 100644
index 0000000..b017d6d
--- /dev/null
+++ b/tests/chsh/01/data/chsh2
@@ -0,0 +1 @@
+You may not change the shell for 'myuser2'.
diff --git a/tests/chsh/01/data/group b/tests/chsh/01/data/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/01/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/01/data/gshadow b/tests/chsh/01/data/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/01/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/01/data/passwd b/tests/chsh/01/data/passwd
new file mode 100644
index 0000000..37b0467
--- /dev/null
+++ b/tests/chsh/01/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/01/data/shadow b/tests/chsh/01/data/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/01/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/01/data/shells b/tests/chsh/01/data/shells
new file mode 100644
index 0000000..4fd4378
--- /dev/null
+++ b/tests/chsh/01/data/shells
@@ -0,0 +1,16 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+/bin/zsh
+/usr/bin/esh
+/bin/bash
+/bin/rbash
diff --git a/tests/chsh/01/run b/tests/chsh/01/run
new file mode 100755
index 0000000..72760c2
--- /dev/null
+++ b/tests/chsh/01/run
@@ -0,0 +1,143 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test chage options
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save()
+{
+ [ ! -d tmp ] && mkdir tmp
+ for i in passwd group shadow gshadow shells
+ do
+ [ -f /etc/$i ] && cp /etc/$i tmp/$i
+ [ -f /etc/$i- ] && cp /etc/$i- tmp/$i-
+ done
+
+ true
+}
+
+restore()
+{
+ for i in passwd group shadow gshadow shells
+ do
+ [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i
+ [ -f tmp/$i- ] && cp tmp/$i- /etc/$i- && rm tmp/$i-
+ done
+ rm -f tmp/out
+ rm -f tmp/shell tmp/sh:ell
+ rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'if [ "$?" != "0" ]; then echo "FAIL"; fi; restore' 0
+
+for i in passwd group shadow gshadow shells
+do
+ cp data/$i /etc
+done
+
+echo -n "changing to a restricted shell, by root..."
+cp /bin/bash tmp/shell
+chsh -s $(pwd)/tmp/shell myuser
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:"$(pwd)"/tmp/shell" ] || exit 1
+echo "OK"
+
+echo -n "changing from a restricted shell, by myuser..."
+su myuser -c "chsh -s /bin/bash" 2> tmp/out && exit 1
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:"$(pwd)"/tmp/shell" ] || exit 1
+diff -au data/chsh1 tmp/out
+echo "OK"
+
+echo -n "changing from a restricted shell, by root..."
+chsh -s /bin/bash myuser
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+echo "OK"
+
+# Need to be done by expect now (chage asks for a passwd if not root)
+#echo -n "changing to a restricted shell, by myuser..."
+#su myuser -c "chsh -s $(pwd)/tmp/shell" 2> tmp/out && exit 1
+#ent=$(getent passwd myuser)
+#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null
+#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
+#echo "OK"
+
+#echo -n "changing to a new valid shell, by myuser..."
+#echo $(pwd)/tmp/shell >> /tmp/shells
+#su myuser -c "chsh -s $(pwd)/tmp/shell" 2> tmp/out && exit 1
+#ent=$(getent passwd myuser)
+#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null
+#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
+#echo "OK"
+
+echo -n "changing another user's shell..."
+su myuser -c "chsh -s /bin/sh myuser2" 2> tmp/out && exit 1
+ent=$(getent passwd myuser2)
+[ "$ent" = "myuser2:x:424243:424242::/home:/bin/sh" ] || exit 1
+diff -au data/chsh2 tmp/out
+echo "OK"
+
+#echo -n "changing to a non-executable shell..."
+#chmod a-x tmp/shell
+#su myuser -c "chsh -s $(pwd)/tmp/shell myuser" 2> tmp/out && exit 1
+#ent=$(getent passwd myuser)
+#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null
+#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
+#echo "OK"
+
+echo -n "changing to an invalid shell name..."
+cp /bin/bash tmp/sh:ell
+echo $(pwd)/tmp/sh:ell >> /etc/shells
+chsh -s $(pwd)/tmp/sh:ell myuser 2> tmp/out && exit 1
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+egrep "chsh: Invalid entry: .*/tmp/sh:ell" tmp/out > /dev/null
+[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
+echo "OK"
+
+echo "testing the interactive mode (1)..."
+rm -f tmp/out
+./run.exp /bin/bash myuser
+[ -f tmp/out ] && exit 1
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+echo "OK"
+
+#echo "testing the interactive mode (2)..."
+#rm -f tmp/out
+#su myuser -c "./run.exp /bin/bash"
+#[ -f tmp/out ] && exit 1
+#ent=$(getent passwd myuser)
+#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+#echo "OK"
+
+echo "testing the interactive mode (3)..."
+rm -f tmp/out
+./run.exp /bin/sh myuser
+[ -f tmp/out ] && exit 1
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:/bin/sh" ] || exit 1
+echo "OK"
+
+echo "testing the interactive mode (4)..."
+rm -f tmp/out
+./run.exp $(pwd)/tmp/sh:ell myuser && exit 1
+egrep "chsh: Invalid entry: .*/tmp/sh:ell" tmp/out > /dev/null
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:/bin/sh" ] || exit 1
+echo "OK"
+
diff --git a/tests/chsh/01/run.exp b/tests/chsh/01/run.exp
new file mode 100755
index 0000000..4890193
--- /dev/null
+++ b/tests/chsh/01/run.exp
@@ -0,0 +1,38 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+ puts "usage: run.exp \[shell] \[user]"
+ exit 1
+}
+set shell [lindex $argv 0]
+
+if {$argc == 2} {
+ spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+ spawn /usr/bin/chsh
+}
+
+expect "Changing the login shell for myuser"
+expect "Enter the new value, or press ENTER for the default"
+expect -re "Login Shell .*\]: "
+send "$shell\r"
+expect "$shell\r\n"
+expect {
+ eof {
+ if ([string compare $expect_out(buffer) ""]) {
+ set fp [open "tmp/out" w]
+ puts $fp "$expect_out(buffer)"
+ puts "\nFAIL"
+ exit 1
+ }
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/02_chsh_usage/chsh.test b/tests/chsh/02_chsh_usage/chsh.test
new file mode 100755
index 0000000..3a6e656
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/chsh.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chsh usage (chsh -h)..."
+chsh -h >tmp/usage.out
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/02_chsh_usage/config.txt b/tests/chsh/02_chsh_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/config.txt
diff --git a/tests/chsh/02_chsh_usage/config/etc/group b/tests/chsh/02_chsh_usage/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/config/etc/group
diff --git a/tests/chsh/02_chsh_usage/config/etc/gshadow b/tests/chsh/02_chsh_usage/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/config/etc/gshadow
diff --git a/tests/chsh/02_chsh_usage/config/etc/passwd b/tests/chsh/02_chsh_usage/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/config/etc/passwd
diff --git a/tests/chsh/02_chsh_usage/config/etc/shadow b/tests/chsh/02_chsh_usage/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/config/etc/shadow
diff --git a/tests/chsh/02_chsh_usage/data/usage.out b/tests/chsh/02_chsh_usage/data/usage.out
new file mode 100644
index 0000000..ef576ec
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/data/usage.out
@@ -0,0 +1,7 @@
+Usage: chsh [options] [LOGIN]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+
diff --git a/tests/chsh/03_chsh_usage_invalid_option/chsh.test b/tests/chsh/03_chsh_usage_invalid_option/chsh.test
new file mode 100755
index 0000000..4552cc3
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/chsh.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh displays its usage message is case of invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use wrong chsh option (chsh -Z)..."
+chsh -Z 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/03_chsh_usage_invalid_option/config.txt b/tests/chsh/03_chsh_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/config.txt
diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/group b/tests/chsh/03_chsh_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/config/etc/group
diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/gshadow b/tests/chsh/03_chsh_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/config/etc/gshadow
diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/passwd b/tests/chsh/03_chsh_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/config/etc/passwd
diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/shadow b/tests/chsh/03_chsh_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/config/etc/shadow
diff --git a/tests/chsh/03_chsh_usage_invalid_option/data/usage.out b/tests/chsh/03_chsh_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..e930bab
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/data/usage.out
@@ -0,0 +1,8 @@
+chsh: invalid option -- 'Z'
+Usage: chsh [options] [LOGIN]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+
diff --git a/tests/chsh/04_chsh_usage_2_users/chsh.test b/tests/chsh/04_chsh_usage_2_users/chsh.test
new file mode 100755
index 0000000..ef1c181
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/chsh.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh displays its usage message is case multiple users are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chsh with 2 users (chsh -s /bin/sh root bin)..."
+chsh -s /bin/sh root bin 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/04_chsh_usage_2_users/config.txt b/tests/chsh/04_chsh_usage_2_users/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/config.txt
diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/group b/tests/chsh/04_chsh_usage_2_users/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/config/etc/group
diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/gshadow b/tests/chsh/04_chsh_usage_2_users/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/config/etc/gshadow
diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/passwd b/tests/chsh/04_chsh_usage_2_users/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/config/etc/passwd
diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/shadow b/tests/chsh/04_chsh_usage_2_users/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/config/etc/shadow
diff --git a/tests/chsh/04_chsh_usage_2_users/data/usage.out b/tests/chsh/04_chsh_usage_2_users/data/usage.out
new file mode 100644
index 0000000..ef576ec
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/data/usage.out
@@ -0,0 +1,7 @@
+Usage: chsh [options] [LOGIN]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/chsh.test b/tests/chsh/05_chsh_myuser_restricted_shell/chsh.test
new file mode 100755
index 0000000..4844266
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/chsh.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+chmod a+w tmp
+
+echo -n "execute chsh..."
+su myuser -c "./run.exp /bin/sh"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config.txt b/tests/chsh/05_chsh_myuser_restricted_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config.txt
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/group b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/gshadow b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/passwd b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/passwd
new file mode 100644
index 0000000..37b0467
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shadow b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shells b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shells
new file mode 100644
index 0000000..16e922a
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shells
@@ -0,0 +1,15 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/rbash
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/run.exp b/tests/chsh/05_chsh_myuser_restricted_shell/run.exp
new file mode 100755
index 0000000..1abf085
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/run.exp
@@ -0,0 +1,34 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+ puts "usage: run.exp \[shell] \[user]"
+ exit 1
+}
+set shell [lindex $argv 0]
+
+if {$argc == 2} {
+ spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+ spawn /usr/bin/chsh
+}
+
+expect "You may not change the shell for 'myuser'.\r\n"
+expect {
+ eof {
+ if ([string compare $expect_out(buffer) ""]) {
+ set fp [open "tmp/out" w]
+ puts $fp "$expect_out(buffer)"
+ puts "\nFAIL"
+ exit 1
+ }
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/chsh.test b/tests/chsh/06_chsh_myuser_non_restricted_shell/chsh.test
new file mode 100755
index 0000000..d8d88ac
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/chsh.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+chmod a+w tmp
+
+echo -n "execute chsh..."
+su myuser -c "./run.exp /bin/sh"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config.txt b/tests/chsh/06_chsh_myuser_non_restricted_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config.txt
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/group b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/gshadow b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/passwd b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/passwd
new file mode 100644
index 0000000..37b0467
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shadow b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shells b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shells
new file mode 100644
index 0000000..d52a3bf
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shells
@@ -0,0 +1,16 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/bash
+/bin/rbash
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/data/passwd b/tests/chsh/06_chsh_myuser_non_restricted_shell/data/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/run.exp b/tests/chsh/06_chsh_myuser_non_restricted_shell/run.exp
new file mode 100755
index 0000000..0c0e023
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/run.exp
@@ -0,0 +1,40 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+ puts "usage: run.exp \[shell] \[user]"
+ exit 1
+}
+set shell [lindex $argv 0]
+
+if {$argc == 2} {
+ spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+ spawn /usr/bin/chsh
+}
+
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "Changing the login shell for myuser"
+expect "Enter the new value, or press ENTER for the default"
+expect -re "Login Shell .*\]: "
+send "$shell\r"
+expect "$shell\r\n"
+expect {
+ eof {
+ if ([string compare $expect_out(buffer) ""]) {
+ set fp [open "tmp/out" w]
+ puts $fp "$expect_out(buffer)"
+ puts "\nFAIL"
+ exit 1
+ }
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/07_chsh_usage_invalid_user/chsh.test b/tests/chsh/07_chsh_usage_invalid_user/chsh.test
new file mode 100755
index 0000000..5d76de2
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/chsh.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh checks that the user exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chsh for an invalid user (chsh wronguser)..."
+chsh wronguser 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/07_chsh_usage_invalid_user/config.txt b/tests/chsh/07_chsh_usage_invalid_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/config.txt
diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/group b/tests/chsh/07_chsh_usage_invalid_user/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/config/etc/group
diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/gshadow b/tests/chsh/07_chsh_usage_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/config/etc/gshadow
diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/passwd b/tests/chsh/07_chsh_usage_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/config/etc/passwd
diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/shadow b/tests/chsh/07_chsh_usage_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/config/etc/shadow
diff --git a/tests/chsh/07_chsh_usage_invalid_user/data/usage.out b/tests/chsh/07_chsh_usage_invalid_user/data/usage.out
new file mode 100644
index 0000000..f57326c
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/data/usage.out
@@ -0,0 +1 @@
+chsh: user 'wronguser' does not exist
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/chsh.test b/tests/chsh/08_chsh_myuser_to_restricted_shell/chsh.test
new file mode 100755
index 0000000..611d1a6
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/chsh.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+chmod a+w tmp
+
+echo -n "execute chsh..."
+su myuser -c "./run.exp /bin/bash"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config.txt b/tests/chsh/08_chsh_myuser_to_restricted_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config.txt
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/group b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/gshadow b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/passwd b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shadow b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shells b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shells
new file mode 100644
index 0000000..16e922a
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shells
@@ -0,0 +1,15 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/rbash
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/data/passwd b/tests/chsh/08_chsh_myuser_to_restricted_shell/data/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/run.exp b/tests/chsh/08_chsh_myuser_to_restricted_shell/run.exp
new file mode 100755
index 0000000..b1bd8d6
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/run.exp
@@ -0,0 +1,41 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+ puts "usage: run.exp \[shell] \[user]"
+ exit 1
+}
+set shell [lindex $argv 0]
+
+if {$argc == 2} {
+ spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+ spawn /usr/bin/chsh
+}
+
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "Changing the login shell for myuser"
+expect "Enter the new value, or press ENTER for the default"
+expect -re "Login Shell .*\]: "
+send "$shell\r"
+expect "$shell\r\n"
+expect "chsh: $shell is an invalid shell\r\n"
+expect {
+ eof {
+ if ([string compare $expect_out(buffer) ""]) {
+ set fp [open "tmp/out" w]
+ puts $fp "$expect_out(buffer)"
+ puts "\nFAIL"
+ exit 1
+ }
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/chsh.test b/tests/chsh/09_chsh_myuser_to_missing_shell/chsh.test
new file mode 100755
index 0000000..6248780
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/chsh.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+chmod a+w tmp
+
+echo /tmp/bash >> /etc/shells
+echo -n "execute chsh..."
+su myuser -c "./run.exp /tmp/bash"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config.txt b/tests/chsh/09_chsh_myuser_to_missing_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config.txt
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/group b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/gshadow b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/passwd b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shadow b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shells b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shells
new file mode 100644
index 0000000..16e922a
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shells
@@ -0,0 +1,15 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/rbash
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/data/passwd b/tests/chsh/09_chsh_myuser_to_missing_shell/data/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/run.exp b/tests/chsh/09_chsh_myuser_to_missing_shell/run.exp
new file mode 100755
index 0000000..b1bd8d6
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/run.exp
@@ -0,0 +1,41 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+ puts "usage: run.exp \[shell] \[user]"
+ exit 1
+}
+set shell [lindex $argv 0]
+
+if {$argc == 2} {
+ spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+ spawn /usr/bin/chsh
+}
+
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "Changing the login shell for myuser"
+expect "Enter the new value, or press ENTER for the default"
+expect -re "Login Shell .*\]: "
+send "$shell\r"
+expect "$shell\r\n"
+expect "chsh: $shell is an invalid shell\r\n"
+expect {
+ eof {
+ if ([string compare $expect_out(buffer) ""]) {
+ set fp [open "tmp/out" w]
+ puts $fp "$expect_out(buffer)"
+ puts "\nFAIL"
+ exit 1
+ }
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/chsh.test b/tests/chsh/10_chsh_myuser_to_non_executable_shell/chsh.test
new file mode 100755
index 0000000..7dd4642
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/chsh.test
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /tmp/bash' 0
+
+change_config
+
+chmod a+w tmp
+
+echo /tmp/bash >> /etc/shells
+cp /bin/bash /tmp/bash
+chmod a-x /tmp/bash
+
+echo -n "execute chsh..."
+su myuser -c "./run.exp /tmp/bash"
+echo "OK"
+rm -f /tmp/bash
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config.txt b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config.txt
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/group b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/gshadow b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/passwd b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shadow b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shells b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shells
new file mode 100644
index 0000000..16e922a
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shells
@@ -0,0 +1,15 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/rbash
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/data/passwd b/tests/chsh/10_chsh_myuser_to_non_executable_shell/data/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/run.exp b/tests/chsh/10_chsh_myuser_to_non_executable_shell/run.exp
new file mode 100755
index 0000000..b1bd8d6
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/run.exp
@@ -0,0 +1,41 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+ puts "usage: run.exp \[shell] \[user]"
+ exit 1
+}
+set shell [lindex $argv 0]
+
+if {$argc == 2} {
+ spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+ spawn /usr/bin/chsh
+}
+
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "Changing the login shell for myuser"
+expect "Enter the new value, or press ENTER for the default"
+expect -re "Login Shell .*\]: "
+send "$shell\r"
+expect "$shell\r\n"
+expect "chsh: $shell is an invalid shell\r\n"
+expect {
+ eof {
+ if ([string compare $expect_out(buffer) ""]) {
+ set fp [open "tmp/out" w]
+ puts $fp "$expect_out(buffer)"
+ puts "\nFAIL"
+ exit 1
+ }
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/11_chsh_auth_failure/chsh.test b/tests/chsh/11_chsh_auth_failure/chsh.test
new file mode 100755
index 0000000..dda9bc6
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/chsh.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh checks password for non root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+chmod a+w tmp
+
+echo -n "execute chsh..."
+su myuser -c "./run.exp /bin/bash"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/11_chsh_auth_failure/config.txt b/tests/chsh/11_chsh_auth_failure/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config.txt
diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/group b/tests/chsh/11_chsh_auth_failure/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/gshadow b/tests/chsh/11_chsh_auth_failure/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/passwd b/tests/chsh/11_chsh_auth_failure/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/shadow b/tests/chsh/11_chsh_auth_failure/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/shells b/tests/chsh/11_chsh_auth_failure/config/etc/shells
new file mode 100644
index 0000000..16e922a
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config/etc/shells
@@ -0,0 +1,15 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/rbash
diff --git a/tests/chsh/11_chsh_auth_failure/data/passwd b/tests/chsh/11_chsh_auth_failure/data/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/11_chsh_auth_failure/run.exp b/tests/chsh/11_chsh_auth_failure/run.exp
new file mode 100755
index 0000000..67e3455
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/run.exp
@@ -0,0 +1,36 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+ puts "usage: run.exp \[shell] \[user]"
+ exit 1
+}
+set shell [lindex $argv 0]
+
+if {$argc == 2} {
+ spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+ spawn /usr/bin/chsh
+}
+
+expect "Password: "
+send "wrong pass\r"
+expect "chsh: PAM: Authentication failure\r\n"
+expect {
+ eof {
+ if ([string compare $expect_out(buffer) ""]) {
+ set fp [open "tmp/out" w]
+ puts $fp "$expect_out(buffer)"
+ puts "\nFAIL"
+ exit 1
+ }
+ } default {
+ puts "\nFAIL"
+ exit 1
+ }
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/12_chsh_warning_missing_shell/chsh.test b/tests/chsh/12_chsh_warning_missing_shell/chsh.test
new file mode 100755
index 0000000..de12b13
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/chsh.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change shell to a missing shell (chsh -s /tmp/bash bin)..."
+chsh -s /tmp/bash bin 2>tmp/chsh.err
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "usage message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config.txt b/tests/chsh/12_chsh_warning_missing_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config.txt
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/group b/tests/chsh/12_chsh_warning_missing_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/gshadow b/tests/chsh/12_chsh_warning_missing_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/pam.d/chsh b/tests/chsh/12_chsh_warning_missing_shell/config/etc/pam.d/chsh
new file mode 100644
index 0000000..7eb604d
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/pam.d/chsh
@@ -0,0 +1,20 @@
+#
+# The PAM configuration file for the Shadow `chsh' service
+#
+
+# This will not allow a user to change their shell unless
+# their current one is listed in /etc/shells. This keeps
+# accounts with special shells from changing them.
+auth required pam_shells.so
+
+# This allows root to change user shell without being
+# prompted for a password
+auth sufficient pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/passwd b/tests/chsh/12_chsh_warning_missing_shell/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/shadow b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/shells b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shells
new file mode 100644
index 0000000..4fd4378
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shells
@@ -0,0 +1,16 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+/bin/zsh
+/usr/bin/esh
+/bin/bash
+/bin/rbash
diff --git a/tests/chsh/12_chsh_warning_missing_shell/data/chsh.err b/tests/chsh/12_chsh_warning_missing_shell/data/chsh.err
new file mode 100644
index 0000000..7801a16
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/data/chsh.err
@@ -0,0 +1 @@
+chsh: Warning: /tmp/bash does not exist
diff --git a/tests/chsh/12_chsh_warning_missing_shell/data/passwd b/tests/chsh/12_chsh_warning_missing_shell/data/passwd
new file mode 100644
index 0000000..7e745d9
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/tmp/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/13_chsh_warning_non_executable/chsh.test b/tests/chsh/13_chsh_warning_non_executable/chsh.test
new file mode 100755
index 0000000..c98bad7
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/chsh.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /tmp/bash' 0
+
+change_config
+
+cp /bin/bash /tmp/bash
+chmod a-x /tmp/bash
+
+echo -n "Change shell to a missing shell (chsh -s /tmp/bash bin)..."
+chsh -s /tmp/bash bin 2>tmp/chsh.err
+echo "OK"
+rm -f /tmp/bash
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "usage message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/13_chsh_warning_non_executable/config.txt b/tests/chsh/13_chsh_warning_non_executable/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config.txt
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/group b/tests/chsh/13_chsh_warning_non_executable/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/gshadow b/tests/chsh/13_chsh_warning_non_executable/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/pam.d/chsh b/tests/chsh/13_chsh_warning_non_executable/config/etc/pam.d/chsh
new file mode 100644
index 0000000..7eb604d
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/pam.d/chsh
@@ -0,0 +1,20 @@
+#
+# The PAM configuration file for the Shadow `chsh' service
+#
+
+# This will not allow a user to change their shell unless
+# their current one is listed in /etc/shells. This keeps
+# accounts with special shells from changing them.
+auth required pam_shells.so
+
+# This allows root to change user shell without being
+# prompted for a password
+auth sufficient pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/passwd b/tests/chsh/13_chsh_warning_non_executable/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/shadow b/tests/chsh/13_chsh_warning_non_executable/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/shells b/tests/chsh/13_chsh_warning_non_executable/config/etc/shells
new file mode 100644
index 0000000..4fd4378
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/shells
@@ -0,0 +1,16 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+/bin/zsh
+/usr/bin/esh
+/bin/bash
+/bin/rbash
diff --git a/tests/chsh/13_chsh_warning_non_executable/data/chsh.err b/tests/chsh/13_chsh_warning_non_executable/data/chsh.err
new file mode 100644
index 0000000..4a87ec2
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/data/chsh.err
@@ -0,0 +1 @@
+chsh: Warning: /tmp/bash is not executable
diff --git a/tests/chsh/13_chsh_warning_non_executable/data/passwd b/tests/chsh/13_chsh_warning_non_executable/data/passwd
new file mode 100644
index 0000000..7e745d9
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/tmp/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/14_chsh_locked_passwd/chsh.test b/tests/chsh/14_chsh_locked_passwd/chsh.test
new file mode 100755
index 0000000..c41e1eb
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/chsh.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh warns when passwd is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Change shell (chsh -s /bin/bash bin)..."
+chsh -s /bin/bash bin 2>tmp/chsh.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check the error message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "error message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/14_chsh_locked_passwd/config.txt b/tests/chsh/14_chsh_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/config.txt
diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/group b/tests/chsh/14_chsh_locked_passwd/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/gshadow b/tests/chsh/14_chsh_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/passwd b/tests/chsh/14_chsh_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/shadow b/tests/chsh/14_chsh_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chsh/14_chsh_locked_passwd/data/chsh.err b/tests/chsh/14_chsh_locked_passwd/data/chsh.err
new file mode 100644
index 0000000..c5ebce9
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/data/chsh.err
@@ -0,0 +1,2 @@
+chsh: existing lock file /etc/passwd.lock without a PID
+chsh: cannot lock /etc/passwd; try again later.
diff --git a/tests/chsh/15_chsh_PAM_error/chsh.test b/tests/chsh/15_chsh_PAM_error/chsh.test
new file mode 100755
index 0000000..c900e0c
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/chsh.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh warns when the chsh PAM configuration is invalid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the PAM configuration (/etc/pam.d/chsh /etc/pam.d/other)..."
+rm -f /etc/pam.d/chsh /etc/pam.d/other
+echo OK
+
+echo -n "Change shell (chsh -s /bin/bash bin)..."
+chsh -s /bin/bash bin 2>tmp/chsh.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check the error message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "error message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/15_chsh_PAM_error/config.txt b/tests/chsh/15_chsh_PAM_error/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config.txt
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/group b/tests/chsh/15_chsh_PAM_error/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/gshadow b/tests/chsh/15_chsh_PAM_error/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/chsh b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/chsh
new file mode 100644
index 0000000..9152969
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/chsh
@@ -0,0 +1 @@
+This file will be removed
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/other b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/other
new file mode 100644
index 0000000..9152969
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/other
@@ -0,0 +1 @@
+This file will be removed
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/passwd b/tests/chsh/15_chsh_PAM_error/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/shadow b/tests/chsh/15_chsh_PAM_error/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chsh/15_chsh_PAM_error/data/chsh.err b/tests/chsh/15_chsh_PAM_error/data/chsh.err
new file mode 100644
index 0000000..5c039d5
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/data/chsh.err
@@ -0,0 +1 @@
+chsh: PAM: Critical error - immediate abort
diff --git a/tests/cktools/01/data/group b/tests/cktools/01/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/01/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/01/data/gshadow b/tests/cktools/01/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/01/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/01/data/passwd b/tests/cktools/01/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/01/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/01/data/run2.err b/tests/cktools/01/data/run2.err
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/01/data/run2.err
diff --git a/tests/cktools/01/data/run2.out b/tests/cktools/01/data/run2.out
new file mode 100644
index 0000000..00df312
--- /dev/null
+++ b/tests/cktools/01/data/run2.out
@@ -0,0 +1,13 @@
+user 'lp': directory '/var/spool/lpd' does not exist
+user 'news': directory '/var/spool/news' does not exist
+user 'uucp': directory '/var/spool/uucp' does not exist
+user 'www-data': directory '/var/www' does not exist
+user 'list': directory '/var/list' does not exist
+user 'irc': directory '/var/run/ircd' does not exist
+user 'gnats': directory '/var/lib/gnats' does not exist
+user 'nobody': directory '/nonexistent' does not exist
+user 'Debian-exim': directory '/var/spool/exim4' does not exist
+user 'test': no group 10002
+no matching password file entry in /etc/shadow
+add user 'test' in /etc/shadow? No
+pwck: no changes
diff --git a/tests/cktools/01/data/shadow b/tests/cktools/01/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/01/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/01/run1 b/tests/cktools/01/run1
new file mode 100755
index 0000000..04aa793
--- /dev/null
+++ b/tests/cktools/01/run1
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+ [ ! -d tmp ] && mkdir tmp
+ for i in passwd group shadow gshadow
+ do
+ [ -f /etc/$i ] && cp /etc/$i tmp/$i
+ done
+
+ true
+}
+
+restore()
+{
+ for i in passwd group shadow gshadow
+ do
+ [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i
+ done
+ rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+ cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo "pwck accepts valid password file "
+msg=$(pwck -r | grep -v "^user .*: directory .* does not exist$")
+echo msg: $msg
+test "$msg" = "pwck: no changes"
+echo " OK"
+echo "grpck accepts valid password file "
+msg=$(grpck -r)
+test "$msg" = ""
+echo " OK"
+
diff --git a/tests/cktools/01/run2 b/tests/cktools/01/run2
new file mode 100755
index 0000000..df1e277
--- /dev/null
+++ b/tests/cktools/01/run2
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+ [ ! -d tmp ] && mkdir tmp
+ for i in passwd group shadow gshadow
+ do
+ [ -f /etc/$i ] && cp /etc/$i tmp/$i
+ done
+
+ true
+}
+
+restore()
+{
+ rm -f tmp/err tmp/out
+ for i in passwd group shadow gshadow
+ do
+ [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i
+ done
+ rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+ cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo -n "Add an user without an entry in shadow "
+echo "test:x:10002:10002::/tmp:/bin/false" >> /etc/passwd
+echo "OK"
+
+echo "Check that pwck detects it "
+pwck -r > tmp/out 2> tmp/err || true
+diff -au data/run2.out tmp/out
+diff -au data/run2.err tmp/err
+echo " OK"
+echo "grpck accepts valid password file "
+msg=$(grpck -r)
+test "$msg" = ""
+echo " OK"
+
+#echo -n "Make sure pwck can fix it "
+#pwcd
+#echo "OK"
diff --git a/tests/cktools/02_pwck_sort/config.txt b/tests/cktools/02_pwck_sort/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/02_pwck_sort/config/etc/group b/tests/cktools/02_pwck_sort/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/02_pwck_sort/config/etc/gshadow b/tests/cktools/02_pwck_sort/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/02_pwck_sort/config/etc/passwd b/tests/cktools/02_pwck_sort/config/etc/passwd
new file mode 100644
index 0000000..e69a810
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/config/etc/passwd
@@ -0,0 +1,20 @@
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+root:x:0:0:root:/root:/bin/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+games:x:5:60:games:/usr/games:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/02_pwck_sort/config/etc/shadow b/tests/cktools/02_pwck_sort/config/etc/shadow
new file mode 100644
index 0000000..42cf133
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/config/etc/shadow
@@ -0,0 +1,20 @@
+daemon:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/02_pwck_sort/data/passwd b/tests/cktools/02_pwck_sort/data/passwd
new file mode 100644
index 0000000..5b45b52
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
diff --git a/tests/cktools/02_pwck_sort/data/shadow b/tests/cktools/02_pwck_sort/data/shadow
new file mode 100644
index 0000000..8033f27
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
diff --git a/tests/cktools/02_pwck_sort/pwck.test b/tests/cktools/02_pwck_sort/pwck.test
new file mode 100755
index 0000000..9d6afb1
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/pwck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwck can sort the passwd entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the passwd entries (pwck -s)..."
+pwck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/03_grpck_sort/config.txt b/tests/cktools/03_grpck_sort/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/03_grpck_sort/config/etc/group b/tests/cktools/03_grpck_sort/config/etc/group
new file mode 100644
index 0000000..afbb01e
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/config/etc/group
@@ -0,0 +1,42 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/03_grpck_sort/config/etc/gshadow b/tests/cktools/03_grpck_sort/config/etc/gshadow
new file mode 100644
index 0000000..8182ad7
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/config/etc/gshadow
@@ -0,0 +1,42 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/03_grpck_sort/config/etc/passwd b/tests/cktools/03_grpck_sort/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/03_grpck_sort/config/etc/shadow b/tests/cktools/03_grpck_sort/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/03_grpck_sort/data/group b/tests/cktools/03_grpck_sort/data/group
new file mode 100644
index 0000000..1265953
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+nogroup:x:65534:
diff --git a/tests/cktools/03_grpck_sort/data/gshadow b/tests/cktools/03_grpck_sort/data/gshadow
new file mode 100644
index 0000000..f2209e3
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+nogroup:*::
diff --git a/tests/cktools/03_grpck_sort/grpck.test b/tests/cktools/03_grpck_sort/grpck.test
new file mode 100755
index 0000000..75e62cf
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/grpck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpck can sort the group entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the group entries (grpck -s)..."
+grpck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config.txt b/tests/cktools/04_pwck_sort_missing_shadow_user/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/group b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/gshadow b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/passwd b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/passwd
new file mode 100644
index 0000000..e69a810
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/passwd
@@ -0,0 +1,20 @@
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+root:x:0:0:root:/root:/bin/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+games:x:5:60:games:/usr/games:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/shadow b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/shadow
new file mode 100644
index 0000000..64573fa
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/shadow
@@ -0,0 +1,19 @@
+daemon:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/data/passwd b/tests/cktools/04_pwck_sort_missing_shadow_user/data/passwd
new file mode 100644
index 0000000..5b45b52
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/data/shadow b/tests/cktools/04_pwck_sort_missing_shadow_user/data/shadow
new file mode 100644
index 0000000..f1e4d80
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/pwck.test b/tests/cktools/04_pwck_sort_missing_shadow_user/pwck.test
new file mode 100755
index 0000000..9d6afb1
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/pwck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwck can sort the passwd entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the passwd entries (pwck -s)..."
+pwck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config.txt b/tests/cktools/05_grpck_sort_missing_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/group b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/group
new file mode 100644
index 0000000..afbb01e
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/gshadow b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..695bf8f
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+foo:*::
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/passwd b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/shadow b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/data/group b/tests/cktools/05_grpck_sort_missing_shadow_group/data/group
new file mode 100644
index 0000000..1265953
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+nogroup:x:65534:
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/data/gshadow b/tests/cktools/05_grpck_sort_missing_shadow_group/data/gshadow
new file mode 100644
index 0000000..7dcb3e5
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+foo:*::
+nogroup:*::
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/grpck.test b/tests/cktools/05_grpck_sort_missing_shadow_group/grpck.test
new file mode 100755
index 0000000..75e62cf
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/grpck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpck can sort the group entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the group entries (grpck -s)..."
+grpck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/06_pwck_sort_NIS_server/config.txt b/tests/cktools/06_pwck_sort_NIS_server/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/group b/tests/cktools/06_pwck_sort_NIS_server/config/etc/group
new file mode 100644
index 0000000..18eb6c2
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
++:::
diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/gshadow b/tests/cktools/06_pwck_sort_NIS_server/config/etc/gshadow
new file mode 100644
index 0000000..7a7ef3a
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
++:::
diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/passwd b/tests/cktools/06_pwck_sort_NIS_server/config/etc/passwd
new file mode 100644
index 0000000..365af62
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/passwd
@@ -0,0 +1,24 @@
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+root:x:0:0:root:/root:/bin/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+games:x:5:60:games:/usr/games:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
++miquels::::::
++:*:::::/etc/NoShell
+tester:*:299:10:Just a test account:/tmp:
+miquels:1234567890123:101:10:Miquel van Smoorenburg:/home/miquels:/bin/zsh
diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/shadow b/tests/cktools/06_pwck_sort_NIS_server/config/etc/shadow
new file mode 100644
index 0000000..5a24e78
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/shadow
@@ -0,0 +1,21 @@
+daemon:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
++::::::::
diff --git a/tests/cktools/06_pwck_sort_NIS_server/data/passwd b/tests/cktools/06_pwck_sort_NIS_server/data/passwd
new file mode 100644
index 0000000..c12f8a9
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/data/passwd
@@ -0,0 +1,24 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
++miquels::::::
++:*:::::/etc/NoShell
+tester:*:299:10:Just a test account:/tmp:
+miquels:1234567890123:101:10:Miquel van Smoorenburg:/home/miquels:/bin/zsh
diff --git a/tests/cktools/06_pwck_sort_NIS_server/data/shadow b/tests/cktools/06_pwck_sort_NIS_server/data/shadow
new file mode 100644
index 0000000..6a626df
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
++::::::::
diff --git a/tests/cktools/06_pwck_sort_NIS_server/pwck.test b/tests/cktools/06_pwck_sort_NIS_server/pwck.test
new file mode 100755
index 0000000..9d6afb1
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/pwck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwck can sort the passwd entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the passwd entries (pwck -s)..."
+pwck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/07_pwck_sort_NIS_client/config.txt b/tests/cktools/07_pwck_sort_NIS_client/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/group b/tests/cktools/07_pwck_sort_NIS_client/config/etc/group
new file mode 100644
index 0000000..f914b38
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
++:::
++miquels:::
++foo:::
diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/gshadow b/tests/cktools/07_pwck_sort_NIS_client/config/etc/gshadow
new file mode 100644
index 0000000..7a7ef3a
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
++:::
diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/passwd b/tests/cktools/07_pwck_sort_NIS_client/config/etc/passwd
new file mode 100644
index 0000000..913d7fc
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/passwd
@@ -0,0 +1,22 @@
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+root:x:0:0:root:/root:/bin/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+games:x:5:60:games:/usr/games:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
++miquels::::::
++:*:::::/etc/NoShell
diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/shadow b/tests/cktools/07_pwck_sort_NIS_client/config/etc/shadow
new file mode 100644
index 0000000..8f31dfb
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/shadow
@@ -0,0 +1,22 @@
+daemon:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
++::::::::
++foo2:!:::::::
diff --git a/tests/cktools/07_pwck_sort_NIS_client/data/passwd b/tests/cktools/07_pwck_sort_NIS_client/data/passwd
new file mode 100644
index 0000000..032bdd2
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
++miquels::::::
++:*:::::/etc/NoShell
diff --git a/tests/cktools/07_pwck_sort_NIS_client/data/shadow b/tests/cktools/07_pwck_sort_NIS_client/data/shadow
new file mode 100644
index 0000000..5350e77
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/data/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
++::::::::
++foo2:!:::::::
diff --git a/tests/cktools/07_pwck_sort_NIS_client/pwck.test b/tests/cktools/07_pwck_sort_NIS_client/pwck.test
new file mode 100755
index 0000000..9d6afb1
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/pwck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwck can sort the passwd entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the passwd entries (pwck -s)..."
+pwck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config.txt b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/group b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/gshadow b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/passwd b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/shadow b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/group b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/gshadow b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.exp b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.exp
new file mode 100755
index 0000000..6d0be77
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x'? "
+send "yes\r"
+expect "no matching group file entry in /etc/group"
+expect "delete line 'foo:*::'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.test b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.test
new file mode 100755
index 0000000..906d629
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config.txt b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/group b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/gshadow b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/passwd b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/shadow b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/data/gshadow b/tests/cktools/grpck/05_grpck_missing_field_group_keep/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.exp b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.exp
new file mode 100755
index 0000000..cfd779f
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x'? "
+send "no\r"
+expect "no matching group file entry in /etc/group"
+expect "delete line 'foo:*::'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.test b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config.txt b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/group b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/gshadow b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/passwd b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/shadow b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.exp b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.exp
new file mode 100755
index 0000000..48adf7a
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x'? "
+send "no\r"
+expect "no matching group file entry in /etc/group"
+expect "delete line 'foo:*::'? "
+send "no\r"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config.txt b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/group b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/gshadow b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/gshadow
new file mode 100644
index 0000000..b8fb234
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*:
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/passwd b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/shadow b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/data/gshadow b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/data/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.exp b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.exp
new file mode 100755
index 0000000..5229ab5
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "no matching group file entry in /etc/gshadow"
+expect "add group 'foo' in /etc/gshadow? "
+send "yes\r"
+expect "invalid shadow group file entry"
+expect "delete line 'foo:*:'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config.txt b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/group b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/gshadow b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/gshadow
new file mode 100644
index 0000000..b8fb234
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*:
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/passwd b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/shadow b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/data/gshadow b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.exp b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.exp
new file mode 100755
index 0000000..5181eba
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "no matching group file entry in /etc/gshadow"
+expect "add group 'foo' in /etc/gshadow? "
+send "no\r"
+expect "invalid shadow group file entry"
+expect "delete line 'foo:*:'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config.txt b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/group b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/gshadow b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..b8fb234
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*:
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/passwd b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/shadow b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.exp b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.exp
new file mode 100755
index 0000000..3ac4abe
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "no matching group file entry in /etc/gshadow"
+expect "add group 'foo' in /etc/gshadow? "
+send "no\r"
+expect "invalid shadow group file entry"
+expect "delete line 'foo:*:'? "
+send "no\r"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config.txt b/tests/cktools/grpck/10_grpck_missing_field_group_local/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/group b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/gshadow b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/passwd b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/shadow b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/data/group b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/data/gshadow b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.exp b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.exp
new file mode 100755
index 0000000..f8228c2
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck tmp/group tmp/gshadow\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x'? "
+send "yes\r"
+expect "no matching group file entry in tmp/group"
+expect "delete line 'foo:*::'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.test b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.test
new file mode 100755
index 0000000..63c75aa
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "copy group and gshadow localy..."
+cp /etc/group /etc/gshadow tmp/
+echo "OK"
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/gshadow
+echo "OK"
+
+rm -f tmp/group tmp/group- tmp/gshadow tmp/gshadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config.txt b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/group b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/gshadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/gshadow
new file mode 100644
index 0000000..b8fb234
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*:
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/passwd b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/shadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/group b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/gshadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/shadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.exp b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.exp
new file mode 100755
index 0000000..d111afc
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck tmp/group tmp/gshadow\r"
+expect "no matching group file entry in tmp/gshadow"
+expect "add group 'foo' in tmp/gshadow? "
+send "yes\r"
+expect "invalid shadow group file entry"
+expect "delete line 'foo:*:'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test
new file mode 100755
index 0000000..63c75aa
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "copy group and gshadow localy..."
+cp /etc/group /etc/gshadow tmp/
+echo "OK"
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/gshadow
+echo "OK"
+
+rm -f tmp/group tmp/group- tmp/gshadow tmp/gshadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config.txt b/tests/cktools/grpck/12_grpck_unknown_user_group/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/group b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/group
new file mode 100644
index 0000000..757aef8
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,foo2,bin
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/gshadow b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/gshadow
new file mode 100644
index 0000000..3e97ea4
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,bin
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/passwd b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/shadow b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/data/group b/tests/cktools/grpck/12_grpck_unknown_user_group/data/group
new file mode 100644
index 0000000..cf18eb5
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,bin
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.exp b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.exp
new file mode 100755
index 0000000..1dd1d01
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.test b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.test
new file mode 100755
index 0000000..741bfe1
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config.txt b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/group b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/group
new file mode 100644
index 0000000..cf18eb5
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,bin
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/gshadow b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..d2a1782
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,foo2,bin
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/passwd b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/shadow b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/data/gshadow b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/data/gshadow
new file mode 100644
index 0000000..3e97ea4
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,bin
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.exp b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.exp
new file mode 100755
index 0000000..b470a90
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.exp
@@ -0,0 +1,21 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "'foo2' is a member of the 'foo' group in /etc/gshadow but not in /etc/group"
+expect "shadow group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config.txt b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/group b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/group
new file mode 100644
index 0000000..cf18eb5
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,bin
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/gshadow b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..a7d227e
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*:foo3,foo4:foo3,daemon,bin,foo2
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/passwd b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/shadow b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/data/gshadow b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/data/gshadow
new file mode 100644
index 0000000..3e97ea4
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,bin
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.exp b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.exp
new file mode 100755
index 0000000..ec5378b
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "'foo3' is a member of the 'foo' group in /etc/gshadow but not in /etc/group"
+expect "'foo2' is a member of the 'foo' group in /etc/gshadow but not in /etc/group"
+expect "shadow group foo: no administrative user foo3"
+expect "delete administrative member 'foo3'? "
+send "yes\r"
+expect "shadow group foo: no administrative user foo4"
+expect "delete administrative member 'foo4'? "
+send "yes\r"
+expect "shadow group foo: no user foo3"
+expect "delete member 'foo3'? "
+send "yes\r"
+expect "shadow group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config.txt b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/group b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/group
new file mode 100644
index 0000000..4eeb1ff
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,foo2,foo2,bin
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/gshadow b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/gshadow
new file mode 100644
index 0000000..3e97ea4
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,bin
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/passwd b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/shadow b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/data/group b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/data/group
new file mode 100644
index 0000000..cf18eb5
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,bin
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.exp b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.exp
new file mode 100755
index 0000000..c12fbd8
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "yes\r"
+expect "group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test
new file mode 100755
index 0000000..741bfe1
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config.txt b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/group b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/group
new file mode 100644
index 0000000..7351800
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
+foo:x:1000:bin
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/gshadow b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/passwd b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/shadow b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/data/group b/tests/cktools/grpck/16_grpck_duplicate_entry_group/data/group
new file mode 100644
index 0000000..5c08ae1
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:bin
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.exp b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.exp
new file mode 100755
index 0000000..cce6802
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate group entry"
+expect "delete line 'foo:x:1000:daemon'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.test b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.test
new file mode 100755
index 0000000..741bfe1
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config.txt b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/group b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/group
new file mode 100644
index 0000000..fda0a6d
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/gshadow b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..124c805
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+foo:*::daemon
+crontab:x::
+Debian-exim:x::
+foo:*::bin
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/passwd b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/shadow b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/data/gshadow b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/data/gshadow
new file mode 100644
index 0000000..bdd8388
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::bin
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.exp b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.exp
new file mode 100755
index 0000000..1b123f1
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate shadow group entry"
+expect "delete line 'foo:*::daemon'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config.txt b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/group b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/group
new file mode 100644
index 0000000..7351800
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
+foo:x:1000:bin
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/gshadow b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/passwd b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/shadow b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.exp b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.exp
new file mode 100755
index 0000000..7e54415
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.exp
@@ -0,0 +1,24 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate group entry"
+expect "delete line 'foo:x:1000:daemon'? "
+send "no\r"
+expect "'daemon' is a member of the 'foo' group in /etc/group but not in /etc/gshadow"
+expect "duplicate group entry"
+expect "delete line 'foo:x:1000:bin'? "
+send "no \r"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config.txt b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/group b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/group
new file mode 100644
index 0000000..fda0a6d
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/gshadow b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..124c805
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+foo:*::daemon
+crontab:x::
+Debian-exim:x::
+foo:*::bin
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/passwd b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/shadow b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.exp b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.exp
new file mode 100755
index 0000000..aa7f11f
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate shadow group entry"
+expect "delete line 'foo:*::daemon'? "
+send "no\r"
+expect "duplicate shadow group entry"
+expect "delete line 'foo:*::bin'? "
+send "no\r"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config.txt b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/group b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/group
new file mode 100644
index 0000000..fda0a6d
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/gshadow b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/gshadow
new file mode 100644
index 0000000..124c805
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+foo:*::daemon
+crontab:x::
+Debian-exim:x::
+foo:*::bin
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/passwd b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/shadow b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/data/gshadow b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/data/gshadow
new file mode 100644
index 0000000..a1a4f31
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+foo:*::daemon
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.exp b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.exp
new file mode 100755
index 0000000..ce6cb2e
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate shadow group entry"
+expect "delete line 'foo:*::daemon'? "
+send "no\r"
+expect "duplicate shadow group entry"
+expect "delete line 'foo:*::bin'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config.txt b/tests/cktools/grpck/21_grpck_invalid_group_name/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/group b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/group
new file mode 100644
index 0000000..220f375
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+f o o:x:1000:
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/gshadow b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/gshadow
new file mode 100644
index 0000000..8337b65
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+f o o:*::
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/passwd b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/shadow b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.exp b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.exp
new file mode 100755
index 0000000..cb758db
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group name 'f o o'"
+expect "grpck: no changes"
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.test b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config.txt b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/group b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/group
new file mode 100644
index 0000000..e9efa8b
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:-1:
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/gshadow b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/passwd b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/shadow b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/group b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/gshadow b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.exp b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.exp
new file mode 100755
index 0000000..40f22df
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x:-1:'? "
+send "yes\r"
+expect "no matching group file entry in /etc/group"
+expect "delete line 'foo:*::'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test
new file mode 100755
index 0000000..906d629
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config.txt b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/group b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/group
new file mode 100644
index 0000000..c6a2e19
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4294967295:
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/gshadow b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/passwd b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/shadow b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.exp b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.exp
new file mode 100755
index 0000000..5c10a62
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.exp
@@ -0,0 +1,18 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group ID '4294967295'"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config.txt b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/group b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/group
new file mode 100644
index 0000000..cb278ce
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4294967296:
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/gshadow b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/passwd b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/shadow b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/group b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/gshadow b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.exp b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.exp
new file mode 100755
index 0000000..d5e5ddf
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x:4294967296:'? "
+send "yes\r"
+expect "no matching group file entry in /etc/group"
+expect "delete line 'foo:*::'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test
new file mode 100755
index 0000000..906d629
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config.txt b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/group b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/group
new file mode 100644
index 0000000..757aef8
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,foo2,bin
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/gshadow b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..d2a1782
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,foo2,bin
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/passwd b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/shadow b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.exp b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.exp
new file mode 100755
index 0000000..da5dee5
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "no\r"
+expect "shadow group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "no\r"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config.txt b/tests/cktools/grpck/26_grpck_no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/group b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..9303fe2
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:bar
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/gshadow b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..695bf8f
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+foo:*::
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/passwd b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/shadow b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/data/grpck.out b/tests/cktools/grpck/26_grpck_no_gshadow_file/data/grpck.out
new file mode 100644
index 0000000..929e0e8
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/data/grpck.out
@@ -0,0 +1,3 @@
+group foo: no user bar
+delete member 'bar'? No
+grpck: no changes
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/grpck.test b/tests/cktools/grpck/26_grpck_no_gshadow_file/grpck.test
new file mode 100755
index 0000000..0ccd682
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/grpck.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can check the group entries when there are no gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "done"
+
+echo -n "Check the group entries (grpck -r)..."
+grpck -r >tmp/grpck.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.out
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.out tmp/grpck.out
+echo "error message OK."
+rm -f tmp/grpck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config.txt b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/group b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..afbb01e
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/gshadow b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..695bf8f
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+foo:*::
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/passwd b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/shadow b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/data/group b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/data/group
new file mode 100644
index 0000000..1265953
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+nogroup:x:65534:
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test
new file mode 100755
index 0000000..31a6e9e
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can sort the group entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "done"
+
+echo -n "Sort the group entries (grpck -s)..."
+grpck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/28_grpck_usage/config.txt b/tests/cktools/grpck/28_grpck_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/default/useradd b/tests/cktools/grpck/28_grpck_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/group b/tests/cktools/grpck/28_grpck_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/gshadow b/tests/cktools/grpck/28_grpck_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/passwd b/tests/cktools/grpck/28_grpck_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/shadow b/tests/cktools/grpck/28_grpck_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/28_grpck_usage/data/usage.out b/tests/cktools/grpck/28_grpck_usage/data/usage.out
new file mode 100644
index 0000000..899e2d7
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/data/usage.out
@@ -0,0 +1,9 @@
+Usage: grpck [options] [group [gshadow]]
+
+Options:
+ -h, --help display this help message and exit
+ -r, --read-only display errors and warnings
+ but do not change files
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sort sort entries by UID
+
diff --git a/tests/cktools/grpck/28_grpck_usage/grpck.test b/tests/cktools/grpck/28_grpck_usage/grpck.test
new file mode 100755
index 0000000..e397aaf
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/grpck.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpck usage (grpck -h)..."
+grpck -h >tmp/usage.out
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config.txt b/tests/cktools/grpck/29_grpck_sort_readonly/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/default/useradd b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/group b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/gshadow b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/passwd b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/shadow b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/data/usage.out b/tests/cktools/grpck/29_grpck_sort_readonly/data/usage.out
new file mode 100644
index 0000000..cd278fa
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/data/usage.out
@@ -0,0 +1 @@
+grpck: -s and -r are incompatible
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/grpck.test b/tests/cktools/grpck/29_grpck_sort_readonly/grpck.test
new file mode 100755
index 0000000..417584f
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck report failure when sorting and read only are enabled"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpck usage (grpck -r -s)..."
+grpck -r -s 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/30_grpck_3_files/config.txt b/tests/cktools/grpck/30_grpck_3_files/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/default/useradd b/tests/cktools/grpck/30_grpck_3_files/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/group b/tests/cktools/grpck/30_grpck_3_files/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/gshadow b/tests/cktools/grpck/30_grpck_3_files/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/passwd b/tests/cktools/grpck/30_grpck_3_files/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/shadow b/tests/cktools/grpck/30_grpck_3_files/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/30_grpck_3_files/data/usage.out b/tests/cktools/grpck/30_grpck_3_files/data/usage.out
new file mode 100644
index 0000000..899e2d7
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/data/usage.out
@@ -0,0 +1,9 @@
+Usage: grpck [options] [group [gshadow]]
+
+Options:
+ -h, --help display this help message and exit
+ -r, --read-only display errors and warnings
+ but do not change files
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sort sort entries by UID
+
diff --git a/tests/cktools/grpck/30_grpck_3_files/grpck.test b/tests/cktools/grpck/30_grpck_3_files/grpck.test
new file mode 100755
index 0000000..e2614d9
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks its number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpck usage (grpck -r foo bar baz)..."
+grpck -r foo bar baz 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config.txt b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/group b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/gshadow b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/passwd b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/shadow b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/data/group b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.exp b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.exp
new file mode 100755
index 0000000..84b7354
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck tmp/group\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test
new file mode 100755
index 0000000..744dd07
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "copy group and gshadow localy..."
+cp /etc/group tmp/
+echo "OK"
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+rm -f tmp/group tmp/group- tmp/gshadow tmp/gshadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config.txt b/tests/cktools/grpck/32_grpck_sort_nis/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/group b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/group
new file mode 100644
index 0000000..e644ed9
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/group
@@ -0,0 +1,45 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
++:::
++foo1:::
+-foo2:
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/gshadow b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/gshadow
new file mode 100644
index 0000000..8182ad7
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/gshadow
@@ -0,0 +1,42 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/passwd b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/shadow b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/data/group b/tests/cktools/grpck/32_grpck_sort_nis/data/group
new file mode 100644
index 0000000..23467d3
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/data/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+nogroup:x:65534:
++:::
++foo1:::
+-foo2:
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/data/gshadow b/tests/cktools/grpck/32_grpck_sort_nis/data/gshadow
new file mode 100644
index 0000000..f2209e3
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+nogroup:*::
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/grpck.test b/tests/cktools/grpck/32_grpck_sort_nis/grpck.test
new file mode 100755
index 0000000..d509689
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/grpck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can sort the group entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the group entries (grpck -s)..."
+grpck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config.txt b/tests/cktools/grpck/33_grpck_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config.txt
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/default/useradd b/tests/cktools/grpck/33_grpck_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/group b/tests/cktools/grpck/33_grpck_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/gshadow b/tests/cktools/grpck/33_grpck_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/passwd b/tests/cktools/grpck/33_grpck_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/shadow b/tests/cktools/grpck/33_grpck_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/33_grpck_locked_group/data/grpck.err b/tests/cktools/grpck/33_grpck_locked_group/data/grpck.err
new file mode 100644
index 0000000..1f6325d
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/data/grpck.err
@@ -0,0 +1,2 @@
+grpck: existing lock file /etc/group.lock without a PID
+grpck: cannot lock /etc/group; try again later.
diff --git a/tests/cktools/grpck/33_grpck_locked_group/grpck.test b/tests/cktools/grpck/33_grpck_locked_group/grpck.test
new file mode 100755
index 0000000..0aa139c
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/grpck.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Check groups (grpck)..."
+grpck 2>tmp/grpck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config.txt b/tests/cktools/grpck/34_grpck_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config.txt
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/default/useradd b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/group b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/gshadow b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/passwd b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/shadow b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/data/grpck.err b/tests/cktools/grpck/34_grpck_locked_gshadow/data/grpck.err
new file mode 100644
index 0000000..868dee1
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/data/grpck.err
@@ -0,0 +1,2 @@
+grpck: existing lock file /etc/gshadow.lock without a PID
+grpck: cannot lock /etc/gshadow; try again later.
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/grpck.test b/tests/cktools/grpck/34_grpck_locked_gshadow/grpck.test
new file mode 100755
index 0000000..4c6ea0c
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/grpck.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Check groups (grpck)..."
+grpck 2>tmp/grpck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config.txt b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/group b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/group
new file mode 100644
index 0000000..213b065
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
++:::
+-bar:::
+foo:x:1000:bin
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/gshadow b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/passwd b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/shadow b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/data/group b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/data/group
new file mode 100644
index 0000000..6c080ef
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
++:::
+-bar:::
+foo:x:1000:bin
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.exp b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.exp
new file mode 100755
index 0000000..cce6802
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate group entry"
+expect "delete line 'foo:x:1000:daemon'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test
new file mode 100755
index 0000000..741bfe1
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config.txt b/tests/cktools/grpck/36_grpck_password_group_gshadow/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/group b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/group
new file mode 100644
index 0000000..52cf2af
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:toto:1000:
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/gshadow b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..817f174
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+foo:foo::
+Debian-exim:*::
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/passwd b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/shadow b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/data/grpck.out b/tests/cktools/grpck/36_grpck_password_group_gshadow/data/grpck.out
new file mode 100644
index 0000000..476a798
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/data/grpck.out
@@ -0,0 +1,2 @@
+group foo has an entry in /etc/gshadow, but its password field in /etc/group is not set to 'x'
+grpck: no changes
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/grpck.test b/tests/cktools/grpck/36_grpck_password_group_gshadow/grpck.test
new file mode 100755
index 0000000..d32ae67
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can sort the group entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check the group entries (grpck -r)..."
+grpck -r >tmp/grpck.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.out
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.out tmp/grpck.out
+echo "error message OK."
+rm -f tmp/grpck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config.txt b/tests/cktools/grpck/37_grpck_invalid_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/group b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/gshadow b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/passwd b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/shadow b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/data/usage.out b/tests/cktools/grpck/37_grpck_invalid_option/data/usage.out
new file mode 100644
index 0000000..1142051
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/data/usage.out
@@ -0,0 +1,10 @@
+grpck: unrecognized option '--invalid'
+Usage: grpck [options] [group [gshadow]]
+
+Options:
+ -h, --help display this help message and exit
+ -r, --read-only display errors and warnings
+ but do not change files
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sort sort entries by UID
+
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/grpck.test b/tests/cktools/grpck/37_grpck_invalid_option/grpck.test
new file mode 100755
index 0000000..b556148
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck reports usage when called withan invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call grpck with an invalid option (grpck --invalid)..."
+grpck --invalid 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config.txt b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config.txt
new file mode 100644
index 0000000..b3c3e75
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config.txt
@@ -0,0 +1,2 @@
+group foo
+user foo with typo in passwd
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/group b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/gshadow b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/passwd b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/passwd
new file mode 100644
index 0000000..4ee448d
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/shadow b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/passwd b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/passwd
new file mode 100644
index 0000000..2b911d1
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/passwd
@@ -0,0 +1,10 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/shadow b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.exp b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.exp
new file mode 100755
index 0000000..e9c675d
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:1000:1000::'? "
+send "yes\r"
+expect "no matching password file entry in /etc/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test
new file mode 100755
index 0000000..9f8c33a
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config.txt b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/group b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/gshadow b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/passwd b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/passwd
new file mode 100644
index 0000000..4ee448d
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/shadow b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/data/shadow b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.exp b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.exp
new file mode 100755
index 0000000..89341ff
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.exp
@@ -0,0 +1,22 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:1000:1000::'? "
+send "no\r"
+expect "no matching password file entry in /etc/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test
new file mode 100755
index 0000000..688759d
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config.txt b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/group b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/gshadow b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/passwd b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/passwd
new file mode 100644
index 0000000..4ee448d
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/shadow b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.exp b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.exp
new file mode 100755
index 0000000..bd4003d
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:1000:1000::'? "
+send "no\r"
+expect "no matching password file entry in /etc/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "no\r"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test
new file mode 100755
index 0000000..b9f4a13
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and does not change the system database if requested"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config.txt b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/group b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/gshadow b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/passwd b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/shadow b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/shadow
new file mode 100644
index 0000000..3a064c0
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7::
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/data/shadow b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/data/shadow
new file mode 100644
index 0000000..c9a0314
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/data/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:x:@TODAY@:0:99999:7:::
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.exp b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.exp
new file mode 100755
index 0000000..5a9b856
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "no matching password file entry in /etc/shadow"
+expect "add user 'foo' in /etc/shadow? "
+send "yes\r"
+expect "invalid shadow password file entry"
+expect "delete line 'foo:!:12977:0:99999:7::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test
new file mode 100755
index 0000000..688759d
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config.txt b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/group b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/gshadow b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/passwd b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/shadow b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/shadow
new file mode 100644
index 0000000..3a064c0
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7::
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/data/shadow b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.exp b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.exp
new file mode 100755
index 0000000..38a613d
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "no matching password file entry in /etc/shadow"
+expect "add user 'foo' in /etc/shadow? "
+send "no\r"
+expect "invalid shadow password file entry"
+expect "delete line 'foo:!:12977:0:99999:7::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test
new file mode 100755
index 0000000..688759d
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config.txt b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/group b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/gshadow b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/passwd b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/shadow b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/shadow
new file mode 100644
index 0000000..3a064c0
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7::
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.exp b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.exp
new file mode 100755
index 0000000..b445102
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "no matching password file entry in /etc/shadow"
+expect "add user 'foo' in /etc/shadow? "
+send "no\r"
+expect "invalid shadow password file entry"
+expect "delete line 'foo:!:12977:0:99999:7::'? "
+send "no\r"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test
new file mode 100755
index 0000000..893ba6e
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config.txt b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/group b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/gshadow b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/passwd b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/passwd
new file mode 100644
index 0000000..4ee448d
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/shadow b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/passwd b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/passwd
new file mode 100644
index 0000000..2b911d1
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/passwd
@@ -0,0 +1,10 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/shadow b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.exp b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.exp
new file mode 100755
index 0000000..31af089
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck tmp/passwd tmp/shadow\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:1000:1000::'? "
+send "yes\r"
+expect "no matching password file entry in tmp/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test
new file mode 100755
index 0000000..4ca903f
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and can change local databases"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "copy passwd and shadow localy..."
+cp /etc/passwd /etc/shadow tmp/
+echo "OK"
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+rm -f tmp/passwd tmp/passwd- tmp/shadow tmp/shadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config.txt b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/group b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/gshadow b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/passwd b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/shadow b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/shadow
new file mode 100644
index 0000000..3a064c0
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7::
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/passwd b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/shadow b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/shadow
new file mode 100644
index 0000000..c9a0314
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:x:@TODAY@:0:99999:7:::
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.exp b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.exp
new file mode 100755
index 0000000..2b2a09d
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck tmp/passwd tmp/shadow\r"
+expect "no matching password file entry in tmp/shadow"
+expect "add user 'foo' in tmp/shadow? "
+send "yes\r"
+expect "invalid shadow password file entry"
+expect "delete line 'foo:*:'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test
new file mode 100755
index 0000000..fd3f4e6
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change local databases"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "copy passwd and shadow localy..."
+cp /etc/passwd /etc/shadow tmp/
+echo "OK"
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+rm -f tmp/passwd tmp/passwd- tmp/shadow tmp/shadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config.txt b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/group b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/gshadow b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/passwd b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/passwd
new file mode 100644
index 0000000..58f2d75
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1001::/home:/bin/sh
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/shadow b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.exp b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.exp
new file mode 100755
index 0000000..fb8cba1
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.exp
@@ -0,0 +1,18 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "user 'foo': no group 1001"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test
new file mode 100755
index 0000000..8df5482
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check that the user's GID matches an existing group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config.txt b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/group b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/gshadow b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/passwd b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/passwd
new file mode 100644
index 0000000..33debc5
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/passwd
@@ -0,0 +1,12 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
+foo:x:1001:1001::/home:/bin/sh
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/shadow b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/data/passwd b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/data/passwd
new file mode 100644
index 0000000..a45f378
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/data/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1001:1001::/home:/bin/sh
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.exp b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.exp
new file mode 100755
index 0000000..9c460ce
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "duplicate password entry"
+expect "delete line 'foo:x:1000:1000::/home:/bin/sh'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test
new file mode 100755
index 0000000..4d4b957
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check that user are uniq"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config.txt b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/group b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/gshadow b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/passwd b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/shadow b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/shadow
new file mode 100644
index 0000000..a5344f5
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/shadow
@@ -0,0 +1,12 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/data/shadow b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/data/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/data/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.exp b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.exp
new file mode 100755
index 0000000..c7affdc
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "duplicate shadow password entry"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test
new file mode 100755
index 0000000..4430d1a
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check unicity of users in the shadow database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config.txt b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/group b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/gshadow b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/passwd b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/passwd
new file mode 100644
index 0000000..69c72ff
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/passwd
@@ -0,0 +1,12 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
+foo:x:1000:1000::/home:/bin/bash
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/shadow b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.exp b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.exp
new file mode 100755
index 0000000..61c6c6b
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "duplicate password entry"
+expect "delete line 'foo:x:1000:1000::/home:/bin/sh'? "
+send "no\r"
+expect "duplicate password entry"
+expect "delete line 'foo:x:1000:1000::/home:/bin/bash'? "
+send "no\r"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test
new file mode 100755
index 0000000..9ceb60e
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check unicity of users in passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config.txt b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/group b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/gshadow b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/passwd b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/shadow b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/shadow
new file mode 100644
index 0000000..a5344f5
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/shadow
@@ -0,0 +1,12 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.exp b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.exp
new file mode 100755
index 0000000..dc9ef89
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "duplicate shadow password entry"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "no\r"
+expect "duplicate shadow password entry"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "no\r"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test
new file mode 100755
index 0000000..8eed716
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks unicity of users in shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config.txt b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/group b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/gshadow b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/passwd b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/passwd
new file mode 100644
index 0000000..69c72ff
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/passwd
@@ -0,0 +1,12 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
+foo:x:1000:1000::/home:/bin/bash
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/shadow b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/data/passwd b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/data/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/data/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.exp b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.exp
new file mode 100755
index 0000000..d6ec869
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "duplicate password entry"
+expect "delete line 'foo:x:1000:1000::/home:/bin/sh'? "
+send "no\r"
+expect "duplicate password entry"
+expect "delete line 'foo:x:1000:1000::/home:/bin/bash'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test
new file mode 100755
index 0000000..d61a946
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks the unicity of users in passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config.txt b/tests/cktools/pwck/18_pwck_invalid_user_name/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/group b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/gshadow b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/passwd b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/passwd
new file mode 100644
index 0000000..a82dbf6
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+f o o:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/shadow b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/shadow
new file mode 100644
index 0000000..f771b66
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+f o o:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.exp b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.exp
new file mode 100755
index 0000000..a75ef35
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.exp
@@ -0,0 +1,18 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid user name 'f o o'"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.test b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.test
new file mode 100755
index 0000000..587f11c
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the validity of usernames"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config.txt b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/group b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/gshadow b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/passwd b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/passwd
new file mode 100644
index 0000000..850768a
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:-1:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/shadow b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/passwd b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/passwd
new file mode 100644
index 0000000..2b911d1
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/passwd
@@ -0,0 +1,10 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/shadow b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.exp b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.exp
new file mode 100755
index 0000000..cde86e5
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:-1:1000::/home:/bin/sh'? "
+send "yes\r"
+expect "no matching password file entry in /etc/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test
new file mode 100755
index 0000000..8b56894
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks the validity of UIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config.txt b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/group b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/gshadow b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/passwd b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..e438734
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:4294967295:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/shadow b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.exp b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.exp
new file mode 100755
index 0000000..315a72b
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.exp
@@ -0,0 +1,18 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid user ID '4294967295'"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test
new file mode 100755
index 0000000..19d157f
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the validity of the UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config.txt b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/group b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/gshadow b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/passwd b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/passwd
new file mode 100644
index 0000000..de8dd66
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:4294967296:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/shadow b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/passwd b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/passwd
new file mode 100644
index 0000000..2b911d1
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/passwd
@@ -0,0 +1,10 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/shadow b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.exp b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.exp
new file mode 100755
index 0000000..83575ac
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:4294967296:1000::/home:/bin/sh'? "
+send "yes\r"
+expect "no matching password file entry in /etc/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test
new file mode 100755
index 0000000..8b56894
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks the validity of UIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/22_pwck_usage/config.txt b/tests/cktools/pwck/22_pwck_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/group b/tests/cktools/pwck/22_pwck_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/gshadow b/tests/cktools/pwck/22_pwck_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/passwd b/tests/cktools/pwck/22_pwck_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/shadow b/tests/cktools/pwck/22_pwck_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/22_pwck_usage/data/usage.out b/tests/cktools/pwck/22_pwck_usage/data/usage.out
new file mode 100644
index 0000000..fa62941
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/data/usage.out
@@ -0,0 +1,10 @@
+Usage: pwck [options] [passwd [shadow]]
+
+Options:
+ -h, --help display this help message and exit
+ -q, --quiet report errors only
+ -r, --read-only display errors and warnings
+ but do not change files
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sort sort entries by UID
+
diff --git a/tests/cktools/pwck/22_pwck_usage/pwck.test b/tests/cktools/pwck/22_pwck_usage/pwck.test
new file mode 100755
index 0000000..ccca31a
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/pwck.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwck usage (pwck -h)..."
+pwck -h >tmp/usage.out
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config.txt b/tests/cktools/pwck/23_pwck_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/config.txt
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/group b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/gshadow b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/passwd b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/shadow b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/data/pwck.err b/tests/cktools/pwck/23_pwck_locked_passwd/data/pwck.err
new file mode 100644
index 0000000..798e427
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/data/pwck.err
@@ -0,0 +1,2 @@
+pwck: existing lock file /etc/passwd.lock without a PID
+pwck: cannot lock /etc/passwd; try again later.
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/pwck.test b/tests/cktools/pwck/23_pwck_locked_passwd/pwck.test
new file mode 100755
index 0000000..8731b28
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/pwck.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Check user database (pwck)..."
+pwck 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config.txt b/tests/cktools/pwck/24_pwck_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/config.txt
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/group b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/gshadow b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/passwd b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/shadow b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/data/pwck.err b/tests/cktools/pwck/24_pwck_locked_shadow/data/pwck.err
new file mode 100644
index 0000000..f8112fb
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/data/pwck.err
@@ -0,0 +1,2 @@
+pwck: existing lock file /etc/shadow.lock without a PID
+pwck: cannot lock /etc/shadow; try again later.
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/pwck.test b/tests/cktools/pwck/24_pwck_locked_shadow/pwck.test
new file mode 100755
index 0000000..61e2926
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/pwck.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck checks if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Check user database (pwck)..."
+pwck 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config.txt b/tests/cktools/pwck/25_pwck_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config.txt
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/group b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/gshadow b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/passwd b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/shadow b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/data/pwck.err b/tests/cktools/pwck/25_pwck_usage_invalid_option/data/pwck.err
new file mode 100644
index 0000000..b08f13f
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/data/pwck.err
@@ -0,0 +1,11 @@
+pwck: invalid option -- 'Z'
+Usage: pwck [options] [passwd [shadow]]
+
+Options:
+ -h, --help display this help message and exit
+ -q, --quiet report errors only
+ -r, --read-only display errors and warnings
+ but do not change files
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sort sort entries by UID
+
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/pwck.test b/tests/cktools/pwck/25_pwck_usage_invalid_option/pwck.test
new file mode 100755
index 0000000..a8d5941
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/pwck.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck displays its usage message when called with an invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call pwck with an invalid option (pwck -Z)..."
+pwck -Z 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config.txt b/tests/cktools/pwck/26_pwck_usage-s-r/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/config.txt
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/group b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/gshadow b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/passwd b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/shadow b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/data/pwck.err b/tests/cktools/pwck/26_pwck_usage-s-r/data/pwck.err
new file mode 100644
index 0000000..e44d375
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/data/pwck.err
@@ -0,0 +1 @@
+pwck: -s and -r are incompatible
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/pwck.test b/tests/cktools/pwck/26_pwck_usage-s-r/pwck.test
new file mode 100755
index 0000000..6f0a3b5
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/pwck.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck warns that -r and -s are exclusive"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call pwck with the -r and -s options (pwck -r -s)..."
+pwck -r -s 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config.txt b/tests/cktools/pwck/27_pwck_usage_3_files/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/config.txt
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/group b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/gshadow b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/passwd b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/shadow b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/data/pwck.err b/tests/cktools/pwck/27_pwck_usage_3_files/data/pwck.err
new file mode 100644
index 0000000..fa62941
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/data/pwck.err
@@ -0,0 +1,10 @@
+Usage: pwck [options] [passwd [shadow]]
+
+Options:
+ -h, --help display this help message and exit
+ -q, --quiet report errors only
+ -r, --read-only display errors and warnings
+ but do not change files
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sort sort entries by UID
+
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/pwck.test b/tests/cktools/pwck/27_pwck_usage_3_files/pwck.test
new file mode 100755
index 0000000..9c8c81d
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/pwck.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck displays its usage message when called with 3 files"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call pwck with 3 files (pwck data/passwd data/shadow data/foo)..."
+pwck data/passwd data/shadow data/foo 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config.txt b/tests/cktools/pwck/28_pwck_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/group b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/gshadow b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/passwd b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..57434e6
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/tmp:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/tmp:/bin/sh
+uucp:x:10:10:uucp:/tmp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/tmp:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/tmp:/bin/sh
+irc:x:39:39:ircd:/tmp:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh
+nobody:x:65534:65534:nobody:/tmp:/bin/sh
+Debian-exim:x:102:102::/tmp:/bin/false
+foo:pass:1000:1000::/home/foo:/bin/sh
+foo:pass:1001:1000::/tmp:/bin/sh
+foo2:pass:1000:1000::/tmp:/bin/shs
+foo3:x:1000:1000::/tmp:
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/shadow b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/data/pwck.out b/tests/cktools/pwck/28_pwck_no_shadow_file/data/pwck.out
new file mode 100644
index 0000000..e0cac3d
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/data/pwck.out
@@ -0,0 +1,7 @@
+duplicate password entry
+delete line 'foo:pass:1000:1000::/home/foo:/bin/sh'? No
+user 'foo': directory '/home/foo' does not exist
+duplicate password entry
+delete line 'foo:pass:1001:1000::/tmp:/bin/sh'? No
+user 'foo2': program '/bin/shs' does not exist
+pwck: no changes
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/pwck.test b/tests/cktools/pwck/28_pwck_no_shadow_file/pwck.test
new file mode 100755
index 0000000..e792f78
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/pwck.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck report issues when the shadow file does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Check user database (pwck -r)..."
+pwck -r >tmp/pwck.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check the report..."
+diff -au data/pwck.out tmp/pwck.out
+echo "report OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config.txt b/tests/cktools/pwck/29_pwck_password_change_in_future/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/group b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/gshadow b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/passwd b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/passwd
new file mode 100644
index 0000000..ded978d
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/tmp:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/tmp:/bin/sh
+uucp:x:10:10:uucp:/tmp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/tmp:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/tmp:/bin/sh
+irc:x:39:39:ircd:/tmp:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh
+nobody:x:65534:65534:nobody:/tmp:/bin/sh
+Debian-exim:x:102:102::/tmp:/bin/false
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/shadow b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/shadow
new file mode 100644
index 0000000..3781988
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:99997:0:99999:7:::
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/data/pwck.out b/tests/cktools/pwck/29_pwck_password_change_in_future/data/pwck.out
new file mode 100644
index 0000000..12d2fbf
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/data/pwck.out
@@ -0,0 +1,2 @@
+user foo: last password change in the future
+pwck: no changes
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/pwck.test b/tests/cktools/pwck/29_pwck_password_change_in_future/pwck.test
new file mode 100755
index 0000000..6ccd810
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck checks that the password was set in the past"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check user database (pwck -r)..."
+pwck -r >tmp/pwck.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check the report..."
+diff -au data/pwck.out tmp/pwck.out
+echo "report OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config.txt b/tests/cktools/pwck/30_pwck_NIS_entries/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/group b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/gshadow b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/passwd b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/passwd
new file mode 100644
index 0000000..e5bbc07
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/tmp:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/tmp:/bin/sh
+uucp:x:10:10:uucp:/tmp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/tmp:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/tmp:/bin/sh
+irc:x:39:39:ircd:/tmp:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh
+nobody:x:65534:65534:nobody:/tmp:/bin/sh
+Debian-exim:x:102:102::/tmp:/bin/false
+foo:x:1000:1000::/home:/bin/sh
++::::::
+-bar::::::
+foo:x:1001:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/shadow b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/shadow
new file mode 100644
index 0000000..d3c0765
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/shadow
@@ -0,0 +1,23 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:99997:0:99999:7:::
++::::::::
+-bar::::::::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/data/pwck.out b/tests/cktools/pwck/30_pwck_NIS_entries/data/pwck.out
new file mode 100644
index 0000000..56dce35
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/data/pwck.out
@@ -0,0 +1,10 @@
+duplicate password entry
+delete line 'foo:x:1000:1000::/home:/bin/sh'? No
+duplicate password entry
+delete line 'foo:x:1001:1000::/home:/bin/sh'? No
+duplicate shadow password entry
+delete line 'Debian-exim:!:12977:0:99999:7:::'? No
+user foo: last password change in the future
+duplicate shadow password entry
+delete line 'Debian-exim:!:12977:0:99999:7:::'? No
+pwck: no changes
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/pwck.test b/tests/cktools/pwck/30_pwck_NIS_entries/pwck.test
new file mode 100755
index 0000000..733fa94
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck ignores NIS lines silently"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check user database (pwck -r)..."
+pwck -r >tmp/pwck.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check the report..."
+diff -au data/pwck.out tmp/pwck.out
+echo "report OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config.txt b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/group b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/gshadow b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/passwd b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/passwd
new file mode 100644
index 0000000..fbeb96c
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/tmp:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/tmp:/bin/sh
+uucp:x:10:10:uucp:/tmp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/tmp:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/tmp:/bin/sh
+irc:x:39:39:ircd:/tmp:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh
+nobody:x:65534:65534:nobody:/tmp:/bin/sh
+Debian-exim:x:102:102::/tmp:/bin/false
+foo:pass:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/shadow b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/data/pwck.out b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/data/pwck.out
new file mode 100644
index 0000000..5cedc7c
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/data/pwck.out
@@ -0,0 +1,2 @@
+user foo has an entry in /etc/shadow, but its password field in /etc/passwd is not set to 'x'
+pwck: no changes
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test
new file mode 100755
index 0000000..4c5b1f5
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck checks that the password is set to x if there is a shadow entry"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check user database (pwck -r)..."
+pwck -r >tmp/pwck.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check the report..."
+diff -au data/pwck.out tmp/pwck.out
+echo "report OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/32_pwck_quiet/config.txt b/tests/cktools/pwck/32_pwck_quiet/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/group b/tests/cktools/pwck/32_pwck_quiet/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/gshadow b/tests/cktools/pwck/32_pwck_quiet/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/passwd b/tests/cktools/pwck/32_pwck_quiet/config/etc/passwd
new file mode 100644
index 0000000..4491abe
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+Debian-exim:x:103:102::/var/spool/exim4:/bin/false
+Debian-exim2:x:104:103::/var/spool/exim4:/bin/false
+Debian-exim3:x:102:103::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/shadow b/tests/cktools/pwck/32_pwck_quiet/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/32_pwck_quiet/data/pwck.out b/tests/cktools/pwck/32_pwck_quiet/data/pwck.out
new file mode 100644
index 0000000..c9a8c2c
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/data/pwck.out
@@ -0,0 +1,9 @@
+duplicate password entry
+delete line 'Debian-exim:x:102:102::/var/spool/exim4:/bin/false'? No
+duplicate password entry
+delete line 'Debian-exim:x:103:102::/var/spool/exim4:/bin/false'? No
+no matching password file entry in /etc/shadow
+add user 'Debian-exim2' in /etc/shadow? No
+no matching password file entry in /etc/shadow
+add user 'Debian-exim3' in /etc/shadow? No
+pwck: no changes
diff --git a/tests/cktools/pwck/32_pwck_quiet/pwck.test b/tests/cktools/pwck/32_pwck_quiet/pwck.test
new file mode 100755
index 0000000..c8a8b8e
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwck usage (pwck -q -r)..."
+pwck -q -r >tmp/pwck.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check the report..."
+diff -au data/pwck.out tmp/pwck.out
+echo "report OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cleanup.sh b/tests/cleanup.sh
new file mode 100755
index 0000000..26b1b27
--- /dev/null
+++ b/tests/cleanup.sh
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+for t in *
+do
+ if [ ! -d $t/data ]; then continue; fi
+ for i in passwd group shadow gshadow
+ do
+ if [ -f $t/data/$i ]
+ then
+ if cmp -s $t/config/etc/$i $t/data/$i
+ then
+ echo "# $t/data/$i identical to config"
+ svn rm "$t/data/$i"
+ fi
+ fi
+ done
+done
+
+for t in *
+do
+ cd $t
+ if [ ! -d data ]; then cd ..; continue; fi
+ for i in data/*
+ do
+ if [ ! -f $i ]; then continue; fi
+ if ! grep -q $i *.test
+ then
+ echo "# $t/$i not used"
+ svn rm "$i"
+ fi
+ done
+ cd ..
+done
diff --git a/tests/common/Makefile b/tests/common/Makefile
new file mode 100644
index 0000000..4ee04dd
--- /dev/null
+++ b/tests/common/Makefile
@@ -0,0 +1,14 @@
+all: \
+ fopen_failure.so \
+ link_failure.so \
+ open_RDONLY_failure.so \
+ open_RDWR_failure.so \
+ rename_failure.so \
+ rmdir_failure.so \
+ time_0.so \
+ time_past.so \
+ unlink_failure.so \
+ unlinkat_failure.so
+
+%.so: %.c
+ gcc -W -Wall -pedantic -g $< -shared -ldl -o $@
diff --git a/tests/common/compare_file.pl b/tests/common/compare_file.pl
new file mode 100755
index 0000000..eb498d3
--- /dev/null
+++ b/tests/common/compare_file.pl
@@ -0,0 +1,116 @@
+#!/usr/bin/perl
+
+open (TEMPLATE, $ARGV[0]) or die "Cannot open '".$ARGV[0]."': $!";
+my $template = join "", <TEMPLATE>;
+open (FILE, $ARGV[1]) or die "Cannot open '".$ARGV[1]."': $!";
+my $file = join "", <FILE>;
+
+my $today = int(time()/(24*3600));
+$template =~ s/\@TODAY\@/$today/g;
+
+my $tmp = $template;
+while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_DES ([^:]*)\@:(.*)$/s) {
+ my $user = $2;
+ my $pass = $3;
+ $tmp = $4;
+ if ($file =~ m/^$user:/m) {
+ $file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_DES $pass\@:$2/m;
+ my $cryptpass = $1;
+ # Check the password
+ my $checkpass = qx|/usr/bin/openssl passwd -crypt -salt '$cryptpass' $pass 2>tmp/openssl.err|;
+ chomp $checkpass;
+
+ system "cat tmp/openssl.err"
+ if ($checkpass ne $cryptpass);
+ system "rm -f tmp/openssl.err";
+ die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n"
+ if ($checkpass ne $cryptpass);
+ } else {
+ die "No user '$user' in ".$ARGV[1].".\n";
+ }
+}
+
+$tmp = $template;
+while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_MD5 ([^:]*)\@:(.*)$/s) {
+ my $user = $2;
+ my $pass = $3;
+ $tmp = $4;
+ if ($file =~ m/^$user:/m) {
+ $file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_MD5 $pass\@:$2/m;
+ my $cryptpass = $1;
+ # Check the password
+ my $salt = $cryptpass;
+ $salt =~ s/^\$1\$//;
+ $salt =~ s/\$.*$//;
+ my $checkpass = qx|/usr/bin/openssl passwd -1 -salt '$salt' '$pass'|;
+ chomp $checkpass;
+
+ die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n"
+ if ($checkpass ne $cryptpass);
+ } else {
+ die "No user '$user' in ".$ARGV[1].".\n";
+ }
+}
+
+$tmp = $template;
+while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_SHA256 ([^:]*)\@:(.*)$/s) {
+ my $user = $2;
+ my $pass = $3;
+ $tmp = $4;
+ if ($file =~ m/^$user:/m) {
+ $file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_SHA256 $pass\@:$2/m;
+ my $cryptpass = $1;
+ # Check the password
+ my $salt = $cryptpass;
+ $salt =~ s/^\$5\$//;
+ my $rounds = "";
+ if ($salt =~ s/^rounds=([0-9]*)\$//) {
+ $rounds = "-R $1";
+ }
+
+ $salt =~ s/\$.*$//;
+ my $checkpass = qx!echo '$pass' | /usr/bin/mkpasswd -m sha-256 --salt '$salt' $rounds --stdin!;
+ chomp $checkpass;
+
+ die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n"
+ if ($checkpass ne $cryptpass);
+ } else {
+ die "No user '$user' in ".$ARGV[1].".\n";
+ }
+}
+
+$tmp = $template;
+while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_SHA512 ([^:]*)\@:(.*)$/s) {
+ my $user = $2;
+ my $pass = $3;
+ $tmp = $4;
+ if ($file =~ m/^$user:/m) {
+ $file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_SHA512 $pass\@:$2/m;
+ my $cryptpass = $1;
+ # Check the password
+ my $salt = $cryptpass;
+ $salt =~ s/^\$6\$//;
+ my $rounds = "";
+ if ($salt =~ s/^rounds=([0-9]*)\$//) {
+ $rounds = "-R $1";
+ }
+
+ $salt =~ s/\$.*$//;
+ my $checkpass = qx!echo '$pass' | /usr/bin/mkpasswd -m sha-512 --salt '$salt' $rounds --stdin!;
+ chomp $checkpass;
+
+ die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n"
+ if ($checkpass ne $cryptpass);
+ } else {
+ die "No user '$user' in ".$ARGV[1].".\n";
+ }
+}
+
+
+exit 0 if ($file =~ m/^\Q$template\E$/s);
+
+print "Files differ.\n";
+
+system "diff", "-au", $ARGV[0], $ARGV[1];
+
+exit 1
diff --git a/tests/common/config.sh b/tests/common/config.sh
new file mode 100644
index 0000000..9b50485
--- /dev/null
+++ b/tests/common/config.sh
@@ -0,0 +1,121 @@
+# Generic functions to save, change, and restore configuration files
+
+set -e
+
+build_path=/root/build/shadow-4.1.5/
+
+# Save the configuration files in tmp.
+save_config ()
+{
+ [ ! -d tmp ] && mkdir tmp
+ find config -depth -path "*/.svn/*" -prune -o -type f -print | sed -e 's/config\///' |
+ while read file
+ do
+ mkdir -p "tmp/$(dirname "$file")"
+ [ -f "/$file" ] && cp -dp "/$file" "tmp/$file" || true
+ done
+}
+
+# Copy the config files from config to the system
+change_config ()
+{
+ find config -depth -path "*/.svn/*" -prune -o -type f -print | sed -e 's/config\///' |
+ while read file
+ do
+ cp -f "config/$file" "/$file"
+ done
+}
+
+# Restored the config files in the system.
+# The config files must be saved before with save_config ().
+restore_config ()
+{
+ find config -depth -path "*/.svn/*" -prune -o -type f -print | sed -e 's/config\///' |
+ while read file
+ do
+ if [ -f "tmp/$file" ]; then
+ cp -dp "tmp/$file" "/$file"
+ rm "tmp/$file"
+ else
+ rm -f "/$file"
+ fi
+ d="$(dirname "tmp/$file")"
+ while [ -n "$d" ] && [ "$d" != "." ]
+ do
+ rmdir "$d" 2>/dev/null || true
+ d="$(dirname "$d")"
+ done
+ done
+
+ rmdir tmp 2>/dev/null || true
+}
+
+prepare_chroot ()
+{
+ mkdir tmp/root
+ cp -rfdp config_chroot/* tmp/root/
+ find tmp/root/ -name .svn -type d -print0 | xargs -0 rm -rf
+
+ lists=/root/tests/common/config_chroot.list
+ [ -f config_chroot.list ] && lists="$lists config_chroot.list"
+ cat $lists | grep -v "#" | while read f
+ do
+ # Create parent directory if needed
+ d=$(dirname tmp/root/$f)
+ [ -d $d ] || mkdir -p $d
+ # Create hard link
+ ln $f tmp/root/$f
+ done
+
+ # Copy existing gcda
+ mkdir -p tmp/root$build_path/lib
+ mkdir -p tmp/root$build_path/libmisc
+ mkdir -p tmp/root$build_path/src
+ find "$build_path" -name "*.gcda" | while read f
+ do
+ ln $f tmp/root/$f
+ done
+}
+
+clean_chroot ()
+{
+ # Remove copied files
+ lists=/root/tests/common/config_chroot.list
+ [ -f config_chroot.list ] && lists="$lists config_chroot.list"
+ cat $lists | grep -v "#" | while read f
+ do
+ rm -f tmp/root/$f
+ # Remove parent directory if empty
+ d=$(dirname tmp/root/$f)
+ rmdir -p --ignore-fail-on-non-empty $d
+ done
+
+ find "$build_path" -name "*.gcda" | while read f
+ do
+ rm -f tmp/root/$f
+ done
+ find tmp/root -name "*.gcda" | while read f
+ do
+ g=${f#tmp/root}
+ mv "$f" "$g"
+ done
+ rmdir tmp/root$build_path/lib
+ rmdir tmp/root$build_path/libmisc
+ rmdir tmp/root$build_path/src
+ rmdir tmp/root$build_path
+ rmdir tmp/root/root/build
+ rmdir tmp/root/root
+
+ find config_chroot -type f | while read f
+ do
+ f=${f#config_chroot/}
+ rm -f tmp/root/$f
+ done
+
+ find config_chroot -depth -type d | while read d
+ do
+ d=${d#config_chroot}
+ [ -d "tmp/root$d" ] && rmdir tmp/root$d
+ done
+}
+
diff --git a/tests/common/config_chroot-i386.list b/tests/common/config_chroot-i386.list
new file mode 100644
index 0000000..ba7bf8a
--- /dev/null
+++ b/tests/common/config_chroot-i386.list
@@ -0,0 +1,25 @@
+/lib/i386-linux-gnu/ld-2.13.so
+/lib/i386-linux-gnu/ld-linux.so.2
+/lib/ld-linux.so.2
+/lib/i386-linux-gnu/libcrypt-2.13.so
+/lib/i386-linux-gnu/libcrypt.so.1
+/lib/i386-linux-gnu/libc-2.13.so
+/lib/i386-linux-gnu/libc.so.6
+/lib/i386-linux-gnu/libdl-2.13.so
+/lib/i386-linux-gnu/libdl.so.2
+/lib/i386-linux-gnu/libnsl-2.13.so
+/lib/i386-linux-gnu/libnsl.so.1
+/lib/i386-linux-gnu/libnss_compat-2.13.so
+/lib/i386-linux-gnu/libnss_compat.so.2
+/lib/i386-linux-gnu/libpamc.so.0
+/lib/i386-linux-gnu/libpamc.so.0.82.1
+/lib/i386-linux-gnu/libpam_misc.so.0
+/lib/i386-linux-gnu/libpam_misc.so.0.82.0
+/lib/i386-linux-gnu/libpam.so.0
+/lib/i386-linux-gnu/libpam.so.0.83.0
+/lib/i386-linux-gnu/libselinux.so.1
+/lib/i386-linux-gnu/security/pam_deny.so
+/lib/i386-linux-gnu/security/pam_permit.so
+/lib/i386-linux-gnu/security/pam_rootok.so
+/lib/i386-linux-gnu/security/pam_shells.so
+/lib/i386-linux-gnu/security/pam_unix.so
diff --git a/tests/common/config_chroot-powerpc.list b/tests/common/config_chroot-powerpc.list
new file mode 100644
index 0000000..e6c344e
--- /dev/null
+++ b/tests/common/config_chroot-powerpc.list
@@ -0,0 +1,25 @@
+/lib/powerpc-linux-gnu/ld-2.13.so
+/lib/powerpc-linux-gnu/ld.so.1
+/lib/ld.so.1
+/lib/powerpc-linux-gnu/libcrypt-2.13.so
+/lib/powerpc-linux-gnu/libcrypt.so.1
+/lib/powerpc-linux-gnu/libc-2.13.so
+/lib/powerpc-linux-gnu/libc.so.6
+/lib/powerpc-linux-gnu/libdl-2.13.so
+/lib/powerpc-linux-gnu/libdl.so.2
+/lib/powerpc-linux-gnu/libnsl-2.13.so
+/lib/powerpc-linux-gnu/libnsl.so.1
+/lib/powerpc-linux-gnu/libnss_compat-2.13.so
+/lib/powerpc-linux-gnu/libnss_compat.so.2
+/lib/powerpc-linux-gnu/libpamc.so.0
+/lib/powerpc-linux-gnu/libpamc.so.0.82.1
+/lib/powerpc-linux-gnu/libpam_misc.so.0
+/lib/powerpc-linux-gnu/libpam_misc.so.0.82.0
+/lib/powerpc-linux-gnu/libpam.so.0
+/lib/powerpc-linux-gnu/libpam.so.0.83.0
+/lib/powerpc-linux-gnu/libselinux.so.1
+/lib/powerpc-linux-gnu/security/pam_deny.so
+/lib/powerpc-linux-gnu/security/pam_permit.so
+/lib/powerpc-linux-gnu/security/pam_rootok.so
+/lib/powerpc-linux-gnu/security/pam_shells.so
+/lib/powerpc-linux-gnu/security/pam_unix.so
diff --git a/tests/common/fopen_failure.c b/tests/common/fopen_failure.c
new file mode 100644
index 0000000..750cd66
--- /dev/null
+++ b/tests/common/fopen_failure.c
@@ -0,0 +1,46 @@
+/*
+ * gcc fopen_failure.c -o fopen_failure.so -shared -ldl
+ * LD_PRELOAD=./fopen_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+
+typedef FILE * (*fopen_type) (const char *path, const char *mode);
+static fopen_type next_fopen;
+
+static const char *failure_path = NULL;
+
+FILE *fopen64 (const char *path, const char *mode)
+{
+printf ("fopen64(%s, %s)\n", path, mode);
+ if (NULL == next_fopen)
+ {
+ next_fopen = dlsym (RTLD_NEXT, "fopen64");
+ assert (NULL != next_fopen);
+ }
+ if (NULL == failure_path) {
+ failure_path = getenv ("FAILURE_PATH");
+ if (NULL == failure_path) {
+ fputs ("No FAILURE_PATH defined\n", stderr);
+ }
+ }
+
+ if ( (NULL != path)
+ && (NULL != failure_path)
+ && (strcmp (path, failure_path) == 0))
+ {
+ fprintf (stderr, "fopen64 FAILURE %s %s ...\n", path, mode);
+ errno = EIO;
+ return NULL;
+ }
+
+ return next_fopen (path, mode);
+}
+
diff --git a/tests/common/link_failure.c b/tests/common/link_failure.c
new file mode 100644
index 0000000..8cf460a
--- /dev/null
+++ b/tests/common/link_failure.c
@@ -0,0 +1,51 @@
+/*
+ * gcc link_failure.c -o link_failure.so -shared -ldl
+ * LD_PRELOAD=./link_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+
+typedef int (*link_type) (const char *oldpath, const char *newpath);
+static link_type next_link;
+
+static const char *failure_path = NULL;
+
+int link (const char *oldpath, const char *newpath)
+{
+ if (NULL == next_link)
+ {
+ next_link = dlsym (RTLD_NEXT, "link");
+ assert (NULL != next_link);
+ }
+ if (NULL == failure_path) {
+ failure_path = getenv ("FAILURE_PATH");
+ if (NULL == failure_path) {
+ fputs ("No FAILURE_PATH defined\n", stderr);
+ }
+ }
+
+ if ( (NULL != newpath)
+ && (NULL != failure_path)
+ && (strcmp (newpath, failure_path) == 0))
+ {
+ fprintf (stderr, "link FAILURE %s %s\n", oldpath, newpath);
+ errno = EIO;
+ return -1;
+ }
+
+ return next_link (oldpath, newpath);
+}
+
diff --git a/tests/common/log.sh b/tests/common/log.sh
new file mode 100644
index 0000000..4887970
--- /dev/null
+++ b/tests/common/log.sh
@@ -0,0 +1,46 @@
+# Helpers to log messages / status
+
+log_start ()
+{
+ test="$1"
+ rationale="$2"
+ cat << EOF
+
+###############################################################################
+#
+# Test: $test
+#
+###############################################################################
+#
+# Rationale: $rationale
+#
+###############################################################################
+EOF
+}
+
+log_end ()
+{
+ test="$1"
+ cat << EOF
+###############################################################################
+#
+# End of test $test
+#
+###############################################################################
+
+EOF
+}
+
+log_status ()
+{
+ test="$1"
+ status="$2"
+ cat << EOF
+###############################################################################
+#
+# Status of test $test: $status
+#
+###############################################################################
+EOF
+}
+
diff --git a/tests/common/open_RDONLY_failure.c b/tests/common/open_RDONLY_failure.c
new file mode 100644
index 0000000..e14859f
--- /dev/null
+++ b/tests/common/open_RDONLY_failure.c
@@ -0,0 +1,51 @@
+/*
+ * gcc open_RDONLY_failure.c -o open_RDONLY_failure.so -shared -ldl
+ * LD_PRELOAD=./open_RDONLY_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+
+typedef int (*open_type) (const char *pathname, int flag, ...);
+static open_type next_open64;
+
+static const char *failure_path = NULL;
+
+int open64 (const char *pathname, int flag, ...)
+{
+ if (NULL == next_open64)
+ {
+ next_open64 = dlsym (RTLD_NEXT, "open64");
+ assert (NULL != next_open64);
+ }
+ if (NULL == failure_path) {
+ failure_path = getenv ("FAILURE_PATH");
+ if (NULL == failure_path) {
+ fputs ("No FAILURE_PATH defined\n", stderr);
+ }
+ }
+
+ if ( (NULL != pathname)
+ && ((flag & O_ACCMODE) == O_RDONLY)
+ && (NULL != failure_path)
+ && (strcmp (pathname, failure_path) == 0))
+ {
+ fprintf (stderr, "open FAILURE %s %x ...\n", pathname, flag&O_ACCMODE);
+ errno = EIO;
+ return -1;
+ }
+
+ return next_open64 (pathname, flag);
+}
+
diff --git a/tests/common/open_RDWR_failure.c b/tests/common/open_RDWR_failure.c
new file mode 100644
index 0000000..5bf1069
--- /dev/null
+++ b/tests/common/open_RDWR_failure.c
@@ -0,0 +1,51 @@
+/*
+ * gcc open_RDWR_failure.c -o open_RDWR_failure.so -shared -ldl
+ * LD_PRELOAD=./open_RDWR_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+
+typedef int (*open_type) (const char *pathname, int flag, ...);
+static open_type next_open64;
+
+static const char *failure_path = NULL;
+
+int open64 (const char *pathname, int flag, ...)
+{
+ if (NULL == next_open64)
+ {
+ next_open64 = dlsym (RTLD_NEXT, "open64");
+ assert (NULL != next_open64);
+ }
+ if (NULL == failure_path) {
+ failure_path = getenv ("FAILURE_PATH");
+ if (NULL == failure_path) {
+ fputs ("No FAILURE_PATH defined\n", stderr);
+ }
+ }
+
+ if ( (NULL != pathname)
+ && ((flag & O_ACCMODE) == O_RDWR)
+ && (NULL != failure_path)
+ && (strcmp (pathname, failure_path) == 0))
+ {
+ fprintf (stderr, "open FAILURE %s %x ...\n", pathname, flag&O_ACCMODE);
+ errno = EIO;
+ return -1;
+ }
+
+ return next_open64 (pathname, flag);
+}
+
diff --git a/tests/common/rename_failure.c b/tests/common/rename_failure.c
new file mode 100644
index 0000000..dd02fe5
--- /dev/null
+++ b/tests/common/rename_failure.c
@@ -0,0 +1,50 @@
+/*
+ * gcc rename_failure.c -o rename_failure.so -shared -ldl
+ * LD_PRELOAD=./rename_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+
+typedef int (*rename_type) (const char *old, const char *new);
+static rename_type next_rename;
+
+static const char *failure_path = NULL;
+
+int rename (const char *old, const char *new)
+{
+ if (NULL == next_rename)
+ {
+ next_rename = dlsym (RTLD_NEXT, "rename");
+ assert (NULL != next_rename);
+ }
+ if (NULL == failure_path) {
+ failure_path = getenv ("FAILURE_PATH");
+ if (NULL == failure_path) {
+ fputs ("No FAILURE_PATH defined\n", stderr);
+ }
+ }
+
+ if ( (NULL != new)
+ && (NULL != failure_path)
+ && (strcmp (new, failure_path) == 0))
+ {
+ fprintf (stderr, "rename FAILURE %s %s\n", old, new);
+ errno = EIO;
+ return -1;
+ }
+
+ return next_rename (old, new);
+}
+
diff --git a/tests/common/rmdir_failure.c b/tests/common/rmdir_failure.c
new file mode 100644
index 0000000..9d775b1
--- /dev/null
+++ b/tests/common/rmdir_failure.c
@@ -0,0 +1,51 @@
+/*
+ * gcc rmdir_failure.c -o rmdir_failure.so -shared -ldl
+ * LD_PRELOAD=./rmdir_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+
+typedef int (*rmdir_type) (const char *path);
+static rmdir_type next_rmdir;
+
+static const char *failure_path = NULL;
+
+int rmdir (const char *path)
+{
+ if (NULL == next_rmdir)
+ {
+ next_rmdir = dlsym (RTLD_NEXT, "rmdir");
+ assert (NULL != next_rmdir);
+ }
+ if (NULL == failure_path) {
+ failure_path = getenv ("FAILURE_PATH");
+ if (NULL == failure_path) {
+ fputs ("No FAILURE_PATH defined\n", stderr);
+ }
+ }
+
+ if ( (NULL != path)
+ && (NULL != failure_path)
+ && (strcmp (path, failure_path) == 0))
+ {
+ fprintf (stderr, "rmdir FAILURE %s\n", path);
+ errno = EBUSY;
+ return -1;
+ }
+
+ return next_rmdir (path);
+}
+
diff --git a/tests/common/time_0.c b/tests/common/time_0.c
new file mode 100644
index 0000000..6937361
--- /dev/null
+++ b/tests/common/time_0.c
@@ -0,0 +1,16 @@
+/*
+ * gcc time_0.c -o time_0.so -shared
+ * LD_PRELOAD=./time_0.so ./test
+ */
+
+#include <stdio.h>
+#include <time.h>
+
+
+time_t time (time_t *t)
+{
+ fprintf (stderr, "time 0\n");
+
+ return (time_t)0;
+}
+
diff --git a/tests/common/time_past.c b/tests/common/time_past.c
new file mode 100644
index 0000000..d0eb741
--- /dev/null
+++ b/tests/common/time_past.c
@@ -0,0 +1,52 @@
+/*
+ * gcc time_past.c -o time_past.so -shared -ldl
+ * LD_PRELOAD=./time_past.so PAST_DAYS=2 ./test
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+
+typedef time_t (*time_type) (time_t *t);
+static time_type next_time;
+
+static int time_past = 0;
+static char *past = NULL;
+
+time_t time (time_t *t)
+{
+ time_t res;
+
+ if (NULL == next_time)
+ {
+ next_time = dlsym (RTLD_NEXT, "time");
+ assert (NULL != next_time);
+ }
+ if (NULL == past) {
+ const char *past = getenv ("PAST_DAYS");
+ if (NULL == past) {
+ fputs ("No PAST_DAYS defined\n", stderr);
+ }
+ time_past = atoi (past);
+ }
+
+ res = next_time (t);
+ res -= 24*60*60*time_past;
+
+ if (NULL != t) {
+ *t = res;
+ }
+
+ return res;
+}
+
diff --git a/tests/common/unlink_failure.c b/tests/common/unlink_failure.c
new file mode 100644
index 0000000..2281c8a
--- /dev/null
+++ b/tests/common/unlink_failure.c
@@ -0,0 +1,51 @@
+/*
+ * gcc unlink_failure.c -o unlink_failure.so -shared -ldl
+ * LD_PRELOAD=./unlink_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+
+typedef int (*unlink_type) (const char *path);
+static unlink_type next_unlink;
+
+static const char *failure_path = NULL;
+
+int unlink (const char *path)
+{
+ if (NULL == next_unlink)
+ {
+ next_unlink = dlsym (RTLD_NEXT, "unlink");
+ assert (NULL != next_unlink);
+ }
+ if (NULL == failure_path) {
+ failure_path = getenv ("FAILURE_PATH");
+ if (NULL == failure_path) {
+ fputs ("No FAILURE_PATH defined\n", stderr);
+ }
+ }
+
+ if ( (NULL != path)
+ && (NULL != failure_path)
+ && (strcmp (path, failure_path) == 0))
+ {
+ fprintf (stderr, "unlink FAILURE %s\n", path);
+ errno = EBUSY;
+ return -1;
+ }
+
+ return next_unlink (path);
+}
+
diff --git a/tests/common/unlinkat_failure.c b/tests/common/unlinkat_failure.c
new file mode 100644
index 0000000..5b8bf95
--- /dev/null
+++ b/tests/common/unlinkat_failure.c
@@ -0,0 +1,62 @@
+/*
+ * gcc unlinkat_failure.c -o unlinkat_failure.so -shared -ldl
+ * LD_PRELOAD=./unlinkat_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+
+typedef int (*unlinkat_type) (int dirfd, const char *pathname, int flags);
+static unlinkat_type next_unlinkat;
+
+static const char *failure_path = NULL;
+static dev_t failure_dev = -1;
+static ino_t failure_ino = -1;
+
+int unlinkat (int dirfd, const char *pathname, int flags)
+{
+ if (NULL == next_unlinkat)
+ {
+ next_unlinkat = dlsym (RTLD_NEXT, "unlinkat");
+ assert (NULL != next_unlinkat);
+ }
+ if (NULL == failure_path) {
+ struct stat sb;
+ failure_path = getenv ("FAILURE_PATH");
+ if (NULL == failure_path) {
+ fputs ("No FAILURE_PATH defined\n", stderr);
+ }
+ if (lstat (failure_path, &sb) != 0) {
+ fputs ("Can't lstat FAILURE_PATH\n", stderr);
+ }
+ failure_dev = sb.st_dev;
+ failure_ino = sb.st_ino;
+ }
+
+ if ( (NULL != pathname)
+ && (NULL != failure_path)) {
+ struct stat sb;
+ if ( (fstatat (dirfd, pathname, &sb, flags) == 0)
+ && (sb.st_dev == failure_dev)
+ && (sb.st_ino == failure_ino)) {
+ fprintf (stderr, "unlinkat FAILURE %s\n", failure_path);
+ errno = EBUSY;
+ return -1;
+ }
+ }
+
+ return next_unlinkat (dirfd, pathname, flags);
+}
+
diff --git a/tests/convtools/01/data/1/group b/tests/convtools/01/data/1/group
new file mode 100644
index 0000000..a34689a
--- /dev/null
+++ b/tests/convtools/01/data/1/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:
+nogroup:*:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/convtools/01/data/1/passwd b/tests/convtools/01/data/1/passwd
new file mode 100644
index 0000000..a9a08c8
--- /dev/null
+++ b/tests/convtools/01/data/1/passwd
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/convtools/01/data/2/group b/tests/convtools/01/data/2/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/convtools/01/data/2/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/convtools/01/data/2/gshadow b/tests/convtools/01/data/2/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/convtools/01/data/2/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/convtools/01/data/2/passwd b/tests/convtools/01/data/2/passwd
new file mode 100644
index 0000000..e8242fe
--- /dev/null
+++ b/tests/convtools/01/data/2/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite:x:424243:424243::/home:/bin/bash
diff --git a/tests/convtools/01/data/2/shadow b/tests/convtools/01/data/2/shadow
new file mode 100644
index 0000000..6689e4f
--- /dev/null
+++ b/tests/convtools/01/data/2/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+testsuite::12992:0:99999:7:::
diff --git a/tests/convtools/01/run b/tests/convtools/01/run
new file mode 100755
index 0000000..81ceef1
--- /dev/null
+++ b/tests/convtools/01/run
@@ -0,0 +1,117 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that su can be used to switch to root and to a normal account
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save()
+{
+ [ ! -d tmp ] && mkdir tmp
+ for i in passwd group shadow gshadow
+ do
+ [ -f /etc/$i ] && cp -dp /etc/$i tmp/$i
+ [ -f /etc/$i- ] && cp -dp /etc/$i- tmp/$i-
+ done
+ DATE=$(date '+%s')
+ DATE=$(( DATE/3600/24 ))
+ WARN=$( egrep "^PASS_WARN_AGE" /etc/login.defs | { read var val ; echo $val; } )
+ saveifs=$IFS
+ IFS=":"
+ cat data/2/shadow |
+ while read f1 f2 f3 f4 f5 f6 f7 f8 fres
+ do
+ echo "$f1:$f2:$DATE:$f4:$f5:$WARN:::"
+ done > tmp/shadow.2
+ IFS=$saveifs
+}
+
+restore()
+{
+ for i in passwd group shadow gshadow
+ do
+ [ -f tmp/$i ] && cp -dp tmp/$i /etc/$i && rm tmp/$i
+ [ -f tmp/$i- ] && cp -dp tmp/$i- /etc/$i- && rm tmp/$i-
+ done
+ rm tmp/shadow.2
+ rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+ rm -f /etc/$i
+done
+for i in passwd group
+do
+ cp -f data/1/$i /etc/
+done
+
+echo -n "pwconv "
+pwconv
+echo -n "checking..."
+diff -au /etc/passwd data/2/passwd
+diff -au /etc/shadow tmp/shadow.2
+diff -au /etc/group data/1/group
+perms=$(stat -c "%a %u %G" /etc/shadow)
+if [ "$perms" != "440 0 shadow" ]
+then
+ echo "Wrong mode or owners on /etc/shadow."
+ exit 1
+fi
+if [ -f /etc/gshadow ]
+then
+ echo "/etc/gshadow should not exist."
+ exit 1
+fi
+echo "OK"
+
+echo -n "grpconv "
+grpconv
+echo -n "checking..."
+diff -au /etc/passwd data/2/passwd
+diff -au /etc/shadow tmp/shadow.2
+diff -au /etc/group data/2/group
+diff -au /etc/gshadow data/2/gshadow
+echo "OK"
+
+echo -n "pwunconv "
+pwunconv
+echo -n "checking..."
+diff -au /etc/passwd data/1/passwd
+if [ -f /etc/shadow ]
+then
+ echo "/etc/shadow should not exist. "
+ exit 1
+fi
+diff -au /etc/group data/2/group
+diff -au /etc/gshadow data/2/gshadow
+echo "OK"
+
+echo -n "grpunconv "
+grpunconv
+echo -n "checking..."
+diff -au /etc/passwd data/1/passwd
+if [ -f /etc/shadow ]
+then
+ echo "/etc/shadow should not exist. "
+ exit 1
+fi
+diff -au /etc/group data/1/group
+if [ -f /etc/gshadow ]
+then
+ echo "/etc/gshadow should not exist. "
+ exit 1
+fi
+echo "OK"
+
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config.txt b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config.txt
new file mode 100644
index 0000000..8529433
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config.txt
@@ -0,0 +1,2 @@
+user foo, in group users
+group bar in gshadow, not group
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/group b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/gshadow b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/passwd b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/shadow b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/data/gshadow b/tests/convtools/02_grpconv_remove_gshadow_only_entries/data/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test b/tests/convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test
new file mode 100755
index 0000000..8092d3a
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv removes the gshadow only entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the group files (grpconv)..."
+grpconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/03_grpconv_copy_passwd/config.txt b/tests/convtools/03_grpconv_copy_passwd/config.txt
new file mode 100644
index 0000000..e904dbe
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/config.txt
@@ -0,0 +1,2 @@
+group foo with a password in /etc/group
+group foo not in gshadow
diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/group b/tests/convtools/03_grpconv_copy_passwd/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/gshadow b/tests/convtools/03_grpconv_copy_passwd/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/passwd b/tests/convtools/03_grpconv_copy_passwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/shadow b/tests/convtools/03_grpconv_copy_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/03_grpconv_copy_passwd/data/group b/tests/convtools/03_grpconv_copy_passwd/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/03_grpconv_copy_passwd/data/gshadow b/tests/convtools/03_grpconv_copy_passwd/data/gshadow
new file mode 100644
index 0000000..fed75fc
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:$1$foogroupPassword::
diff --git a/tests/convtools/03_grpconv_copy_passwd/grpconv.test b/tests/convtools/03_grpconv_copy_passwd/grpconv.test
new file mode 100755
index 0000000..2cf4989
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/grpconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv copies the password from group to gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the group files (grpconv)..."
+grpconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/04_grpconv_no_password/config.txt b/tests/convtools/04_grpconv_no_password/config.txt
new file mode 100644
index 0000000..71f8a48
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/config.txt
@@ -0,0 +1,2 @@
+group foo with an empty password in group
+group foo not in gshadow
diff --git a/tests/convtools/04_grpconv_no_password/config/etc/group b/tests/convtools/04_grpconv_no_password/config/etc/group
new file mode 100644
index 0000000..52ece62
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo::1000:
diff --git a/tests/convtools/04_grpconv_no_password/config/etc/gshadow b/tests/convtools/04_grpconv_no_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/04_grpconv_no_password/config/etc/passwd b/tests/convtools/04_grpconv_no_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/04_grpconv_no_password/config/etc/shadow b/tests/convtools/04_grpconv_no_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/04_grpconv_no_password/data/group b/tests/convtools/04_grpconv_no_password/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/04_grpconv_no_password/data/gshadow b/tests/convtools/04_grpconv_no_password/data/gshadow
new file mode 100644
index 0000000..5c62cfd
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:::
diff --git a/tests/convtools/04_grpconv_no_password/grpconv.test b/tests/convtools/04_grpconv_no_password/grpconv.test
new file mode 100755
index 0000000..da0fb07
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/grpconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv moves an empty password from group to gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the group files (grpconv)..."
+grpconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config.txt b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config.txt
new file mode 100644
index 0000000..891174b
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config.txt
@@ -0,0 +1,3 @@
+group foo in group with a password
+group foo in gshadow without password
+group foo member of users in group, not in gshadow
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/group b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/gshadow b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/passwd b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/shadow b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/group b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/gshadow b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/gshadow
new file mode 100644
index 0000000..fed75fc
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:$1$foogroupPassword::
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test
new file mode 100755
index 0000000..2d9f9f3
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv copies the password and membership from group to gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the group files (grpconv)..."
+grpconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/06_grpconv_error_group_locked/config.txt b/tests/convtools/06_grpconv_error_group_locked/config.txt
new file mode 100644
index 0000000..f055b05
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/config.txt
@@ -0,0 +1 @@
+group foo with a password, not in gshadow
diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/group b/tests/convtools/06_grpconv_error_group_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/gshadow b/tests/convtools/06_grpconv_error_group_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/passwd b/tests/convtools/06_grpconv_error_group_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/shadow b/tests/convtools/06_grpconv_error_group_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/06_grpconv_error_group_locked/data/grpconv.err b/tests/convtools/06_grpconv_error_group_locked/data/grpconv.err
new file mode 100644
index 0000000..4a63d73
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/data/grpconv.err
@@ -0,0 +1,2 @@
+grpconv: lock /etc/group.lock already used by PID <PID>
+grpconv: cannot lock /etc/group; try again later.
diff --git a/tests/convtools/06_grpconv_error_group_locked/grpconv.test b/tests/convtools/06_grpconv_error_group_locked/grpconv.test
new file mode 100755
index 0000000..0ed4ead
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/grpconv.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv tests if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+echo -n $$ > /etc/group.lock
+echo "done"
+
+echo -n "Convert the group files (grpconv)..."
+grpconv 2>tmp/grpconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/group..."
+rm -f /etc/group.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+sed -i -e "s/$$/<PID>/" tmp/grpconv.err
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config.txt b/tests/convtools/07_grpconv_error_gshadow_locked/config.txt
new file mode 100644
index 0000000..f055b05
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/config.txt
@@ -0,0 +1 @@
+group foo with a password, not in gshadow
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/group b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/gshadow b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/passwd b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/shadow b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/data/grpconv.err b/tests/convtools/07_grpconv_error_gshadow_locked/data/grpconv.err
new file mode 100644
index 0000000..527ecae
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/data/grpconv.err
@@ -0,0 +1,2 @@
+grpconv: existing lock file /etc/gshadow.lock without a PID
+grpconv: cannot lock /etc/gshadow; try again later.
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/grpconv.test b/tests/convtools/07_grpconv_error_gshadow_locked/grpconv.test
new file mode 100755
index 0000000..52e03c9
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/grpconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv tests if gshadow is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Convert the group files (grpconv)..."
+grpconv 2>tmp/grpconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/gshadow..."
+rm -f /etc/gshadow.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config.txt b/tests/convtools/08_grpunconv_no_gshadow_file/config.txt
new file mode 100644
index 0000000..48ac937
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/config.txt
@@ -0,0 +1 @@
+user foo, in group users
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/group b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/gshadow b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/passwd b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/shadow b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/grpunconv.test b/tests/convtools/08_grpunconv_no_gshadow_file/grpunconv.test
new file mode 100755
index 0000000..0be3ce8
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/grpunconv.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv exits successfully when the gshadow file does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "done"
+
+echo -n "Convert the group files (grpunconv)..."
+grpunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/09_grpunconv_error_group_locked/config.txt b/tests/convtools/09_grpunconv_error_group_locked/config.txt
new file mode 100644
index 0000000..f055b05
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/config.txt
@@ -0,0 +1 @@
+group foo with a password, not in gshadow
diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/group b/tests/convtools/09_grpunconv_error_group_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/gshadow b/tests/convtools/09_grpunconv_error_group_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/passwd b/tests/convtools/09_grpunconv_error_group_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/shadow b/tests/convtools/09_grpunconv_error_group_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/09_grpunconv_error_group_locked/data/grpunconv.err b/tests/convtools/09_grpunconv_error_group_locked/data/grpunconv.err
new file mode 100644
index 0000000..ddfae6f
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/data/grpunconv.err
@@ -0,0 +1,2 @@
+grpunconv: existing lock file /etc/group.lock without a PID
+grpunconv: cannot lock /etc/group; try again later.
diff --git a/tests/convtools/09_grpunconv_error_group_locked/grpunconv.test b/tests/convtools/09_grpunconv_error_group_locked/grpunconv.test
new file mode 100755
index 0000000..7503fe8
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/grpunconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Convert the group files (grpunconv)..."
+grpunconv 2>tmp/grpunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/group..."
+rm -f /etc/group.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config.txt b/tests/convtools/10_grpunconv_error_gshadow_locked/config.txt
new file mode 100644
index 0000000..f055b05
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config.txt
@@ -0,0 +1 @@
+group foo with a password, not in gshadow
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/group b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/gshadow b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/passwd b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/shadow b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/data/grpunconv.err b/tests/convtools/10_grpunconv_error_gshadow_locked/data/grpunconv.err
new file mode 100644
index 0000000..5547097
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/data/grpunconv.err
@@ -0,0 +1,2 @@
+grpunconv: existing lock file /etc/gshadow.lock without a PID
+grpunconv: cannot lock /etc/gshadow; try again later.
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/grpunconv.test b/tests/convtools/10_grpunconv_error_gshadow_locked/grpunconv.test
new file mode 100755
index 0000000..7b7490c
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/grpunconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Convert the group files (grpunconv)..."
+grpunconv 2>tmp/grpunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/gshadow..."
+rm -f /etc/gshadow.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config.txt b/tests/convtools/11_pwconv_error_passwd_locked/config.txt
new file mode 100644
index 0000000..eca9223
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+group foo with a password, not in gshadow
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/group b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/gshadow b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/passwd b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/shadow b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/data/pwconv.err b/tests/convtools/11_pwconv_error_passwd_locked/data/pwconv.err
new file mode 100644
index 0000000..bf83d74
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/data/pwconv.err
@@ -0,0 +1,2 @@
+pwconv: existing lock file /etc/passwd.lock without a PID
+pwconv: cannot lock /etc/passwd; try again later.
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/pwconv.test b/tests/convtools/11_pwconv_error_passwd_locked/pwconv.test
new file mode 100755
index 0000000..4d292cb
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/pwconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv tests if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Convert the passwd files (pwconv)..."
+pwconv 2>tmp/pwconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/passwd..."
+rm -f /etc/passwd.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config.txt b/tests/convtools/12_pwconv_error_shadow_locked/config.txt
new file mode 100644
index 0000000..eca9223
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+group foo with a password, not in gshadow
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/group b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/gshadow b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/passwd b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/shadow b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/data/pwconv.err b/tests/convtools/12_pwconv_error_shadow_locked/data/pwconv.err
new file mode 100644
index 0000000..3ac9048
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/data/pwconv.err
@@ -0,0 +1,2 @@
+pwconv: existing lock file /etc/shadow.lock without a PID
+pwconv: cannot lock /etc/shadow; try again later.
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/pwconv.test b/tests/convtools/12_pwconv_error_shadow_locked/pwconv.test
new file mode 100755
index 0000000..03bcf6b
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/pwconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv tests if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Convert the shadow files (pwconv)..."
+pwconv 2>tmp/pwconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/shadow..."
+rm -f /etc/shadow.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config.txt b/tests/convtools/13_pwunconv_error_passwd_locked/config.txt
new file mode 100644
index 0000000..eca9223
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+group foo with a password, not in gshadow
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/group b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/gshadow b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/passwd b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/shadow b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/data/pwunconv.err b/tests/convtools/13_pwunconv_error_passwd_locked/data/pwunconv.err
new file mode 100644
index 0000000..40d2244
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/data/pwunconv.err
@@ -0,0 +1,2 @@
+pwunconv: existing lock file /etc/passwd.lock without a PID
+pwunconv: cannot lock /etc/passwd; try again later.
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/pwunconv.test b/tests/convtools/13_pwunconv_error_passwd_locked/pwunconv.test
new file mode 100755
index 0000000..bfd7ed3
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/pwunconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv tests if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Convert the passwd files (pwunconv)..."
+pwunconv 2>tmp/pwunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/passwd..."
+rm -f /etc/passwd.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config.txt b/tests/convtools/14_pwunconv_error_shadow_locked/config.txt
new file mode 100644
index 0000000..eca9223
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+group foo with a password, not in gshadow
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/group b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/gshadow b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/passwd b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/shadow b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/data/pwunconv.err b/tests/convtools/14_pwunconv_error_shadow_locked/data/pwunconv.err
new file mode 100644
index 0000000..20de665
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/data/pwunconv.err
@@ -0,0 +1,2 @@
+pwunconv: existing lock file /etc/shadow.lock without a PID
+pwunconv: cannot lock /etc/shadow; try again later.
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/pwunconv.test b/tests/convtools/14_pwunconv_error_shadow_locked/pwunconv.test
new file mode 100755
index 0000000..79e6c4e
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/pwunconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv tests if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Convert the shadow files (pwunconv)..."
+pwunconv 2>tmp/pwunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/shadow..."
+rm -f /etc/shadow.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config.txt b/tests/convtools/15_pwconv_remove_shadow_only_entries/config.txt
new file mode 100644
index 0000000..9f8a836
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config.txt
@@ -0,0 +1,2 @@
+user foo, in group users
+group bar is gshadow, not group
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/group b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/gshadow b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/passwd b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/shadow b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/shadow
new file mode 100644
index 0000000..5f73f33
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/data/shadow b/tests/convtools/15_pwconv_remove_shadow_only_entries/data/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/pwconv.test b/tests/convtools/15_pwconv_remove_shadow_only_entries/pwconv.test
new file mode 100755
index 0000000..11abe4b
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/pwconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv removes the shadow only entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the passwd files (pwconv)..."
+pwconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/16_pwconv_copy_passwd/config.txt b/tests/convtools/16_pwconv_copy_passwd/config.txt
new file mode 100644
index 0000000..a6d9ecd
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/config.txt
@@ -0,0 +1 @@
+user foo with a password, not in shadow
diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/group b/tests/convtools/16_pwconv_copy_passwd/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/gshadow b/tests/convtools/16_pwconv_copy_passwd/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/passwd b/tests/convtools/16_pwconv_copy_passwd/config/etc/passwd
new file mode 100644
index 0000000..2a53add
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:$1$foogroupPassword:1000:1000:::/bin/false
diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/shadow b/tests/convtools/16_pwconv_copy_passwd/config/etc/shadow
new file mode 100644
index 0000000..498ef86
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:*:12977:0:99999:7:::
diff --git a/tests/convtools/16_pwconv_copy_passwd/data/passwd b/tests/convtools/16_pwconv_copy_passwd/data/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/convtools/16_pwconv_copy_passwd/data/shadow b/tests/convtools/16_pwconv_copy_passwd/data/shadow
new file mode 100644
index 0000000..54d97a4
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$foogroupPassword:@TODAY@:0:99999:7:::
diff --git a/tests/convtools/16_pwconv_copy_passwd/pwconv.test b/tests/convtools/16_pwconv_copy_passwd/pwconv.test
new file mode 100755
index 0000000..d25ceb2
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/pwconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv removes the shadow only entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the passwd files (pwconv)..."
+pwconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config.txt b/tests/convtools/17_pwunconv_no_shadow_file/config.txt
new file mode 100644
index 0000000..4d66ec7
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/config.txt
@@ -0,0 +1,6 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
+group bar is gshadow, not group
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/group b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/gshadow b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/passwd b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/shadow b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/pwunconv.test b/tests/convtools/17_pwunconv_no_shadow_file/pwunconv.test
new file mode 100755
index 0000000..afcd2d7
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/pwunconv.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv exits successfully when the shadow file does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Convert the passwd files (pwunconv)..."
+pwunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config.txt b/tests/convtools/18_pwunconv_user_not_in_shadow/config.txt
new file mode 100644
index 0000000..a6d9ecd
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config.txt
@@ -0,0 +1 @@
+user foo with a password, not in shadow
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/group b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/gshadow b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/passwd b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/shadow b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/data/passwd b/tests/convtools/18_pwunconv_user_not_in_shadow/data/passwd
new file mode 100644
index 0000000..28f6d45
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/data/passwd
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/pwunconv.test b/tests/convtools/18_pwunconv_user_not_in_shadow/pwunconv.test
new file mode 100755
index 0000000..44c5e5d
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/pwunconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv does not fail when a user is not in the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unconvert the shadow file (pwunconv)..."
+pwunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/19_pwconv_NIS/config.txt b/tests/convtools/19_pwconv_NIS/config.txt
new file mode 100644
index 0000000..a6d9ecd
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/config.txt
@@ -0,0 +1 @@
+user foo with a password, not in shadow
diff --git a/tests/convtools/19_pwconv_NIS/config/etc/group b/tests/convtools/19_pwconv_NIS/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/19_pwconv_NIS/config/etc/gshadow b/tests/convtools/19_pwconv_NIS/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/19_pwconv_NIS/config/etc/passwd b/tests/convtools/19_pwconv_NIS/config/etc/passwd
new file mode 100644
index 0000000..8be0d7b
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+foo:$1$foogroupPassword:1000:1000:::/bin/false
++::::::::
+-bar::::::::
diff --git a/tests/convtools/19_pwconv_NIS/config/etc/shadow b/tests/convtools/19_pwconv_NIS/config/etc/shadow
new file mode 100644
index 0000000..498ef86
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:*:12977:0:99999:7:::
diff --git a/tests/convtools/19_pwconv_NIS/data/passwd b/tests/convtools/19_pwconv_NIS/data/passwd
new file mode 100644
index 0000000..f474274
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
++::::::::
+-bar::::::::
diff --git a/tests/convtools/19_pwconv_NIS/data/shadow b/tests/convtools/19_pwconv_NIS/data/shadow
new file mode 100644
index 0000000..68bbd02
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/data/shadow
@@ -0,0 +1,20 @@
+root:x:@TODAY@:0:99999:7:::
+daemon:x:@TODAY@:0:99999:7:::
+bin:x:@TODAY@:0:99999:7:::
+sys:x:@TODAY@:0:99999:7:::
+sync:x:@TODAY@:0:99999:7:::
+games:x:@TODAY@:0:99999:7:::
+man:x:@TODAY@:0:99999:7:::
+lp:x:@TODAY@:0:99999:7:::
+mail:x:@TODAY@:0:99999:7:::
+news:x:@TODAY@:0:99999:7:::
+uucp:x:@TODAY@:0:99999:7:::
+proxy:x:@TODAY@:0:99999:7:::
+www-data:x:@TODAY@:0:99999:7:::
+backup:x:@TODAY@:0:99999:7:::
+list:x:@TODAY@:0:99999:7:::
+irc:x:@TODAY@:0:99999:7:::
+gnats:x:@TODAY@:0:99999:7:::
+nobody:x:@TODAY@:0:99999:7:::
+Debian-exim:!:@TODAY@:0:99999:7:::
+foo:$1$foogroupPassword:@TODAY@:0:99999:7:::
diff --git a/tests/convtools/19_pwconv_NIS/pwconv.test b/tests/convtools/19_pwconv_NIS/pwconv.test
new file mode 100755
index 0000000..62bd4db
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/pwconv.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv removes the shadow only entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Convert the passwd files (pwconv)..."
+pwconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/20_pwunconv_usage_option/config.txt b/tests/convtools/20_pwunconv_usage_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/group b/tests/convtools/20_pwunconv_usage_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/gshadow b/tests/convtools/20_pwunconv_usage_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/passwd b/tests/convtools/20_pwunconv_usage_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/shadow b/tests/convtools/20_pwunconv_usage_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/20_pwunconv_usage_option/data/usage.out b/tests/convtools/20_pwunconv_usage_option/data/usage.out
new file mode 100644
index 0000000..30fff4d
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/data/usage.out
@@ -0,0 +1,7 @@
+pwunconv: invalid option -- 'Z'
+Usage: pwunconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/20_pwunconv_usage_option/pwunconv.test b/tests/convtools/20_pwunconv_usage_option/pwunconv.test
new file mode 100755
index 0000000..fa2a9d7
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwunconv usage (pwunconv -Z)..."
+pwunconv -Z 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config.txt b/tests/convtools/21_pwunconv_keep_passwd_password/config.txt
new file mode 100644
index 0000000..cda229c
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/config.txt
@@ -0,0 +1 @@
+user foo with a password in passwd (and shadow)
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/group b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/gshadow b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/passwd b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/passwd
new file mode 100644
index 0000000..b58a62b
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000:::/bin/false
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/shadow b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/shadow
new file mode 100644
index 0000000..7e164e0
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:fooshadowpasswd:12977:0:99999:7:::
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/data/passwd b/tests/convtools/21_pwunconv_keep_passwd_password/data/passwd
new file mode 100644
index 0000000..56eb83b
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/data/passwd
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000:::/bin/false
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/pwunconv.test b/tests/convtools/21_pwunconv_keep_passwd_password/pwunconv.test
new file mode 100755
index 0000000..c795f1f
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/pwunconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv keeps the password from /etc/passwd (if not 'x'"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unconvert the shadow file (pwunconv)..."
+pwunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/22_grpunconv_usage_option/config.txt b/tests/convtools/22_grpunconv_usage_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/group b/tests/convtools/22_grpunconv_usage_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/gshadow b/tests/convtools/22_grpunconv_usage_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/passwd b/tests/convtools/22_grpunconv_usage_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/shadow b/tests/convtools/22_grpunconv_usage_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/22_grpunconv_usage_option/data/usage.out b/tests/convtools/22_grpunconv_usage_option/data/usage.out
new file mode 100644
index 0000000..7528279
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/data/usage.out
@@ -0,0 +1,7 @@
+grpunconv: invalid option -- 'Z'
+Usage: grpunconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/22_grpunconv_usage_option/grpunconv.test b/tests/convtools/22_grpunconv_usage_option/grpunconv.test
new file mode 100755
index 0000000..5c3bc82
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpunconv usage (grpunconv -Z)..."
+grpunconv -Z 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/23_grpunconv_keep_group_password/config.txt b/tests/convtools/23_grpunconv_keep_group_password/config.txt
new file mode 100644
index 0000000..cda229c
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/config.txt
@@ -0,0 +1 @@
+user foo with a password in passwd (and shadow)
diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/group b/tests/convtools/23_grpunconv_keep_group_password/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/gshadow b/tests/convtools/23_grpunconv_keep_group_password/config/etc/gshadow
new file mode 100644
index 0000000..51a7bdb
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:fooshadowpass::
diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/passwd b/tests/convtools/23_grpunconv_keep_group_password/config/etc/passwd
new file mode 100644
index 0000000..b58a62b
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000:::/bin/false
diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/shadow b/tests/convtools/23_grpunconv_keep_group_password/config/etc/shadow
new file mode 100644
index 0000000..7e164e0
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:fooshadowpasswd:12977:0:99999:7:::
diff --git a/tests/convtools/23_grpunconv_keep_group_password/data/group b/tests/convtools/23_grpunconv_keep_group_password/data/group
new file mode 100644
index 0000000..2a9e59e
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/data/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:foo
+nogroup:*:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/23_grpunconv_keep_group_password/grpunconv.test b/tests/convtools/23_grpunconv_keep_group_password/grpunconv.test
new file mode 100755
index 0000000..e3e0127
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/grpunconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv keeps the password from /etc/group (if not 'x'"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unconvert the shadow file (grpunconv)..."
+grpunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config.txt b/tests/convtools/24_grpunconv_no_gshadow_entry/config.txt
new file mode 100644
index 0000000..48ac937
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config.txt
@@ -0,0 +1 @@
+user foo, in group users
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/group b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/gshadow b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..671ebfe
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/passwd b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/shadow b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/data/group b/tests/convtools/24_grpunconv_no_gshadow_entry/data/group
new file mode 100644
index 0000000..6111866
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/data/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:x:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:x:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:foo
+nogroup:*:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:*:1000:
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/grpunconv.test b/tests/convtools/24_grpunconv_no_gshadow_entry/grpunconv.test
new file mode 100755
index 0000000..716d97a
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/grpunconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv succeeds even if some entries are no in gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the group files (grpunconv)..."
+grpunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/25_pwconv_usage_option/config.txt b/tests/convtools/25_pwconv_usage_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/config.txt
diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/group b/tests/convtools/25_pwconv_usage_option/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/config/etc/group
diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/gshadow b/tests/convtools/25_pwconv_usage_option/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/config/etc/gshadow
diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/passwd b/tests/convtools/25_pwconv_usage_option/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/config/etc/passwd
diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/shadow b/tests/convtools/25_pwconv_usage_option/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/config/etc/shadow
diff --git a/tests/convtools/25_pwconv_usage_option/data/usage.out b/tests/convtools/25_pwconv_usage_option/data/usage.out
new file mode 100644
index 0000000..8ecc6af
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/data/usage.out
@@ -0,0 +1,7 @@
+pwconv: invalid option -- 'Z'
+Usage: pwconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/25_pwconv_usage_option/pwconv.test b/tests/convtools/25_pwconv_usage_option/pwconv.test
new file mode 100755
index 0000000..7e6ccaf
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/pwconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwconv usage (pwconv -Z)..."
+pwconv -Z 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/26_grpconv_usage_option/config.txt b/tests/convtools/26_grpconv_usage_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/config.txt
diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/group b/tests/convtools/26_grpconv_usage_option/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/config/etc/group
diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/gshadow b/tests/convtools/26_grpconv_usage_option/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/config/etc/gshadow
diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/passwd b/tests/convtools/26_grpconv_usage_option/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/config/etc/passwd
diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/shadow b/tests/convtools/26_grpconv_usage_option/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/config/etc/shadow
diff --git a/tests/convtools/26_grpconv_usage_option/data/usage.out b/tests/convtools/26_grpconv_usage_option/data/usage.out
new file mode 100644
index 0000000..5da31b4
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/data/usage.out
@@ -0,0 +1,7 @@
+grpconv: invalid option -- 'Z'
+Usage: grpconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/26_grpconv_usage_option/grpconv.test b/tests/convtools/26_grpconv_usage_option/grpconv.test
new file mode 100755
index 0000000..18c033c
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/grpconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpconv usage (grpconv -Z)..."
+grpconv -Z 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/27_pwunconv_usage/config.txt b/tests/convtools/27_pwunconv_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/27_pwunconv_usage/config/etc/group b/tests/convtools/27_pwunconv_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/27_pwunconv_usage/config/etc/gshadow b/tests/convtools/27_pwunconv_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/27_pwunconv_usage/config/etc/passwd b/tests/convtools/27_pwunconv_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/27_pwunconv_usage/config/etc/shadow b/tests/convtools/27_pwunconv_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/27_pwunconv_usage/data/usage.out b/tests/convtools/27_pwunconv_usage/data/usage.out
new file mode 100644
index 0000000..71f04d9
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/data/usage.out
@@ -0,0 +1,6 @@
+Usage: pwunconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/27_pwunconv_usage/pwunconv.test b/tests/convtools/27_pwunconv_usage/pwunconv.test
new file mode 100755
index 0000000..4103eca
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/pwunconv.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwunconv usage (pwunconv -Z)..."
+pwunconv -h >tmp/usage.out
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config.txt b/tests/convtools/28_pwunconv_usage_extra_arg/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/group b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/passwd b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/shadow b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/data/usage.out b/tests/convtools/28_pwunconv_usage_extra_arg/data/usage.out
new file mode 100644
index 0000000..71f04d9
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/data/usage.out
@@ -0,0 +1,6 @@
+Usage: pwunconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/pwunconv.test b/tests/convtools/28_pwunconv_usage_extra_arg/pwunconv.test
new file mode 100755
index 0000000..d9a3808
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call pwunconv with an argument (pwunconv foo)..."
+pwunconv foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/29_grpconv_usage/config.txt b/tests/convtools/29_grpconv_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/config.txt
diff --git a/tests/convtools/29_grpconv_usage/config/etc/group b/tests/convtools/29_grpconv_usage/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/config/etc/group
diff --git a/tests/convtools/29_grpconv_usage/config/etc/gshadow b/tests/convtools/29_grpconv_usage/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/config/etc/gshadow
diff --git a/tests/convtools/29_grpconv_usage/config/etc/passwd b/tests/convtools/29_grpconv_usage/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/config/etc/passwd
diff --git a/tests/convtools/29_grpconv_usage/config/etc/shadow b/tests/convtools/29_grpconv_usage/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/config/etc/shadow
diff --git a/tests/convtools/29_grpconv_usage/data/usage.out b/tests/convtools/29_grpconv_usage/data/usage.out
new file mode 100644
index 0000000..80f0fd5
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/data/usage.out
@@ -0,0 +1,6 @@
+Usage: grpconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/29_grpconv_usage/grpconv.test b/tests/convtools/29_grpconv_usage/grpconv.test
new file mode 100755
index 0000000..a6fbd9e
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/grpconv.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpconv usage (grpconv -Z)..."
+grpconv -h >tmp/usage.out
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config.txt b/tests/convtools/30_grpconv_usage_extra_arg/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/config.txt
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/group b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/group
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/gshadow
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/passwd b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/passwd
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/shadow b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/shadow
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/data/usage.out b/tests/convtools/30_grpconv_usage_extra_arg/data/usage.out
new file mode 100644
index 0000000..80f0fd5
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/data/usage.out
@@ -0,0 +1,6 @@
+Usage: grpconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/grpconv.test b/tests/convtools/30_grpconv_usage_extra_arg/grpconv.test
new file mode 100755
index 0000000..a321a05
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/grpconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call grpconv with an extra argument (grpconv foo)..."
+grpconv foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/31_pwconv_usage/config.txt b/tests/convtools/31_pwconv_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/config.txt
diff --git a/tests/convtools/31_pwconv_usage/config/etc/group b/tests/convtools/31_pwconv_usage/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/config/etc/group
diff --git a/tests/convtools/31_pwconv_usage/config/etc/gshadow b/tests/convtools/31_pwconv_usage/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/config/etc/gshadow
diff --git a/tests/convtools/31_pwconv_usage/config/etc/passwd b/tests/convtools/31_pwconv_usage/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/config/etc/passwd
diff --git a/tests/convtools/31_pwconv_usage/config/etc/shadow b/tests/convtools/31_pwconv_usage/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/config/etc/shadow
diff --git a/tests/convtools/31_pwconv_usage/data/usage.out b/tests/convtools/31_pwconv_usage/data/usage.out
new file mode 100644
index 0000000..61b53c5
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/data/usage.out
@@ -0,0 +1,6 @@
+Usage: pwconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/31_pwconv_usage/pwconv.test b/tests/convtools/31_pwconv_usage/pwconv.test
new file mode 100755
index 0000000..dd86723
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/pwconv.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwconv usage (pwconv -Z)..."
+pwconv -h >tmp/usage.out
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config.txt b/tests/convtools/32_pwconv_usage_extra_arg/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/config.txt
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/group b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/group
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/gshadow
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/passwd b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/passwd
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/shadow b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/shadow
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/data/usage.out b/tests/convtools/32_pwconv_usage_extra_arg/data/usage.out
new file mode 100644
index 0000000..61b53c5
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/data/usage.out
@@ -0,0 +1,6 @@
+Usage: pwconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/pwconv.test b/tests/convtools/32_pwconv_usage_extra_arg/pwconv.test
new file mode 100755
index 0000000..1ae4ffe
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/pwconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call pwconv with an extra argument (pwconv foo)..."
+pwconv foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/33_grpunconv_usage/config.txt b/tests/convtools/33_grpunconv_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/33_grpunconv_usage/config/etc/group b/tests/convtools/33_grpunconv_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/33_grpunconv_usage/config/etc/gshadow b/tests/convtools/33_grpunconv_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/33_grpunconv_usage/config/etc/passwd b/tests/convtools/33_grpunconv_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/33_grpunconv_usage/config/etc/shadow b/tests/convtools/33_grpunconv_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/33_grpunconv_usage/data/usage.out b/tests/convtools/33_grpunconv_usage/data/usage.out
new file mode 100644
index 0000000..274b58d
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/data/usage.out
@@ -0,0 +1,6 @@
+Usage: grpunconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/33_grpunconv_usage/grpunconv.test b/tests/convtools/33_grpunconv_usage/grpunconv.test
new file mode 100755
index 0000000..d6f6539
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/grpunconv.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpunconv usage (grpunconv -Z)..."
+grpunconv -h >tmp/usage.out
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config.txt b/tests/convtools/34_grpunconv_usage_extra_arg/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/group b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/passwd b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/shadow b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/data/usage.out b/tests/convtools/34_grpunconv_usage_extra_arg/data/usage.out
new file mode 100644
index 0000000..274b58d
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/data/usage.out
@@ -0,0 +1,6 @@
+Usage: grpunconv [options]
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/grpunconv.test b/tests/convtools/34_grpunconv_usage_extra_arg/grpunconv.test
new file mode 100755
index 0000000..12a0d21
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call grpunconv with an extra argument (grpunconv foo)..."
+grpunconv foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/coverage.sh b/tests/coverage.sh
new file mode 100755
index 0000000..6deae84
--- /dev/null
+++ b/tests/coverage.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+# This script builds the code coverage of the testsuite.
+# The shadow utils must have been compiled with -fprofile-arcs -ftest-coverage
+
+cd ../build/shadow-4.1.3.1/
+rm -rf ../coverage
+mkdir ../coverage
+lcov --directory . --capture --output-file=lcov.data
+
+genhtml --frames --output-directory ../coverage/ --show-details lcov.data
diff --git a/tests/cptools/01/data/group b/tests/cptools/01/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cptools/01/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cptools/01/data/group.new b/tests/cptools/01/data/group.new
new file mode 100644
index 0000000..db5f134
--- /dev/null
+++ b/tests/cptools/01/data/group.new
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test:x:10000:
diff --git a/tests/cptools/01/data/gshadow b/tests/cptools/01/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cptools/01/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cptools/01/data/gshadow.new b/tests/cptools/01/data/gshadow.new
new file mode 100644
index 0000000..3c9bae9
--- /dev/null
+++ b/tests/cptools/01/data/gshadow.new
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test:x::
diff --git a/tests/cptools/01/data/passwd b/tests/cptools/01/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cptools/01/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cptools/01/data/passwd.new b/tests/cptools/01/data/passwd.new
new file mode 100644
index 0000000..148b794
--- /dev/null
+++ b/tests/cptools/01/data/passwd.new
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test:x:10002:10002::/tmp:/bin/false
diff --git a/tests/cptools/01/data/shadow b/tests/cptools/01/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cptools/01/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cptools/01/data/shadow.new b/tests/cptools/01/data/shadow.new
new file mode 100644
index 0000000..c6e351e
--- /dev/null
+++ b/tests/cptools/01/data/shadow.new
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test:!:10:0:99999:7:::
diff --git a/tests/cptools/01/run1 b/tests/cptools/01/run1
new file mode 100755
index 0000000..26fc044
--- /dev/null
+++ b/tests/cptools/01/run1
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+ [ ! -d tmp ] && mkdir tmp
+ for i in passwd group shadow gshadow
+ do
+ [ -f /etc/$i ] && cp /etc/$i tmp/$i
+ done
+
+ true
+}
+
+restore()
+{
+ for i in passwd group shadow gshadow
+ do
+ [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i
+ done
+ rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+ cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo -n "Copy passwd.new "
+cppw data/passwd.new
+echo "OK"
+
+echo -n "test if the password file was copied"
+diff -au /etc/passwd data/passwd.new
+echo " OK"
+
+echo -n "check that the other files were not modified"
+diff -au /etc/group data/group
+diff -au /etc/gshadow data/gshadow
+diff -au /etc/shadow data/shadow
+echo " OK"
diff --git a/tests/cptools/01/run2 b/tests/cptools/01/run2
new file mode 100755
index 0000000..c42238e
--- /dev/null
+++ b/tests/cptools/01/run2
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+ [ ! -d tmp ] && mkdir tmp
+ for i in passwd group shadow gshadow
+ do
+ [ -f /etc/$i ] && cp /etc/$i tmp/$i
+ done
+
+ true
+}
+
+restore()
+{
+ for i in passwd group shadow gshadow
+ do
+ [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i
+ done
+ rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+ cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo -n "Copy group.new "
+cpgr data/group.new
+echo "OK"
+
+echo -n "test if the password file was copied"
+diff -au /etc/group data/group.new
+echo " OK"
+
+echo -n "check that the other files were not modified"
+diff -au /etc/gshadow data/gshadow
+diff -au /etc/passwd data/passwd
+diff -au /etc/shadow data/shadow
+echo " OK"
diff --git a/tests/cptools/01/run3 b/tests/cptools/01/run3
new file mode 100755
index 0000000..d213e47
--- /dev/null
+++ b/tests/cptools/01/run3
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+ [ ! -d tmp ] && mkdir tmp
+ for i in passwd group shadow gshadow
+ do
+ [ -f /etc/$i ] && cp /etc/$i tmp/$i
+ done
+
+ true
+}
+
+restore()
+{
+ for i in passwd group shadow gshadow
+ do
+ [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i
+ done
+ rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+ cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo -n "Copy shadow.new "
+cppw -s data/shadow.new
+echo "OK"
+
+echo -n "test if the password file was copied"
+diff -au /etc/shadow data/shadow.new
+echo " OK"
+
+echo -n "check that the other files were not modified"
+diff -au /etc/group data/group
+diff -au /etc/gshadow data/gshadow
+diff -au /etc/passwd data/passwd
+echo " OK"
diff --git a/tests/cptools/01/run4 b/tests/cptools/01/run4
new file mode 100755
index 0000000..7cc3fb8
--- /dev/null
+++ b/tests/cptools/01/run4
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+ [ ! -d tmp ] && mkdir tmp
+ for i in passwd group shadow gshadow
+ do
+ [ -f /etc/$i ] && cp /etc/$i tmp/$i
+ done
+
+ true
+}
+
+restore()
+{
+ for i in passwd group shadow gshadow
+ do
+ [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i
+ done
+ rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+ cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo -n "Copy gshadow.new "
+cpgr -s data/gshadow.new
+echo "OK"
+
+echo -n "test if the password file was copied"
+diff -au /etc/gshadow data/gshadow.new
+echo " OK"
+
+echo -n "check that the other files were not modified"
+diff -au /etc/group data/group
+diff -au /etc/passwd data/passwd
+diff -au /etc/shadow data/shadow
+echo " OK"
diff --git a/tests/cptools/02_cppw_usage/config.txt b/tests/cptools/02_cppw_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/config.txt
diff --git a/tests/cptools/02_cppw_usage/config/etc/group b/tests/cptools/02_cppw_usage/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/config/etc/group
diff --git a/tests/cptools/02_cppw_usage/config/etc/gshadow b/tests/cptools/02_cppw_usage/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/config/etc/gshadow
diff --git a/tests/cptools/02_cppw_usage/config/etc/passwd b/tests/cptools/02_cppw_usage/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/config/etc/passwd
diff --git a/tests/cptools/02_cppw_usage/config/etc/shadow b/tests/cptools/02_cppw_usage/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/config/etc/shadow
diff --git a/tests/cptools/02_cppw_usage/cppw.test b/tests/cptools/02_cppw_usage/cppw.test
new file mode 100755
index 0000000..ef3b77f
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/cppw.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get cppw usage (cppw -h)..."
+cppw -h >tmp/usage.out
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/02_cppw_usage/data/usage.out b/tests/cptools/02_cppw_usage/data/usage.out
new file mode 100644
index 0000000..9efb2a7
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/data/usage.out
@@ -0,0 +1,3 @@
+Usage:
+`cppw <file>' copys over /etc/passwd `cppw -s <file>' copys over /etc/shadow
+`cpgr <file>' copys over /etc/group `cpgr -s <file>' copys over /etc/gshadow
diff --git a/tests/cptools/03_cppw_usage_invalid_option/config.txt b/tests/cptools/03_cppw_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/config.txt
diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/group b/tests/cptools/03_cppw_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/config/etc/group
diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/gshadow b/tests/cptools/03_cppw_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/config/etc/gshadow
diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/passwd b/tests/cptools/03_cppw_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/config/etc/passwd
diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/shadow b/tests/cptools/03_cppw_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/config/etc/shadow
diff --git a/tests/cptools/03_cppw_usage_invalid_option/cppw.test b/tests/cptools/03_cppw_usage_invalid_option/cppw.test
new file mode 100755
index 0000000..c6d41e9
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw reports usage of invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use wrong cppw option (cppw -Z)..."
+/usr/sbin/cppw -Z 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/03_cppw_usage_invalid_option/data/usage.out b/tests/cptools/03_cppw_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..633ff23
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/data/usage.out
@@ -0,0 +1,4 @@
+/usr/sbin/cppw: invalid option -- 'Z'
+Usage:
+`cppw <file>' copys over /etc/passwd `cppw -s <file>' copys over /etc/shadow
+`cpgr <file>' copys over /etc/group `cpgr -s <file>' copys over /etc/gshadow
diff --git a/tests/cptools/04_cppw_no_file_argument/config.txt b/tests/cptools/04_cppw_no_file_argument/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/config.txt
diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/group b/tests/cptools/04_cppw_no_file_argument/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/config/etc/group
diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/gshadow b/tests/cptools/04_cppw_no_file_argument/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/config/etc/gshadow
diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/passwd b/tests/cptools/04_cppw_no_file_argument/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/config/etc/passwd
diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/shadow b/tests/cptools/04_cppw_no_file_argument/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/config/etc/shadow
diff --git a/tests/cptools/04_cppw_no_file_argument/cppw.test b/tests/cptools/04_cppw_no_file_argument/cppw.test
new file mode 100755
index 0000000..7ccef73
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw reports an error if no files are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw without a file argument (cppw)..."
+cppw 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/04_cppw_no_file_argument/data/usage.out b/tests/cptools/04_cppw_no_file_argument/data/usage.out
new file mode 100644
index 0000000..808df39
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/data/usage.out
@@ -0,0 +1,2 @@
+cppw: wrong number of arguments, -h for usage
+cppw: no changes
diff --git a/tests/cptools/05_cppw_2_files/config.txt b/tests/cptools/05_cppw_2_files/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/config.txt
diff --git a/tests/cptools/05_cppw_2_files/config/etc/group b/tests/cptools/05_cppw_2_files/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/cptools/05_cppw_2_files/config/etc/gshadow b/tests/cptools/05_cppw_2_files/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/cptools/05_cppw_2_files/config/etc/passwd b/tests/cptools/05_cppw_2_files/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/cptools/05_cppw_2_files/config/etc/shadow b/tests/cptools/05_cppw_2_files/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/cptools/05_cppw_2_files/cppw.test b/tests/cptools/05_cppw_2_files/cppw.test
new file mode 100755
index 0000000..49ca1d5
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw reports an error if 2 files are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw with 2 files (cppw data/passwd data/passwd)..."
+cppw data/passwd data/passwd 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/05_cppw_2_files/data/passwd b/tests/cptools/05_cppw_2_files/data/passwd
new file mode 100644
index 0000000..e8e3c39
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/data/passwd
@@ -0,0 +1,17 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
diff --git a/tests/cptools/05_cppw_2_files/data/usage.out b/tests/cptools/05_cppw_2_files/data/usage.out
new file mode 100644
index 0000000..808df39
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/data/usage.out
@@ -0,0 +1,2 @@
+cppw: wrong number of arguments, -h for usage
+cppw: no changes
diff --git a/tests/cptools/06_cppw_no_file/config.txt b/tests/cptools/06_cppw_no_file/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/config.txt
diff --git a/tests/cptools/06_cppw_no_file/config/etc/group b/tests/cptools/06_cppw_no_file/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/config/etc/group
diff --git a/tests/cptools/06_cppw_no_file/config/etc/gshadow b/tests/cptools/06_cppw_no_file/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/config/etc/gshadow
diff --git a/tests/cptools/06_cppw_no_file/config/etc/passwd b/tests/cptools/06_cppw_no_file/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/config/etc/passwd
diff --git a/tests/cptools/06_cppw_no_file/config/etc/shadow b/tests/cptools/06_cppw_no_file/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/config/etc/shadow
diff --git a/tests/cptools/06_cppw_no_file/cppw.test b/tests/cptools/06_cppw_no_file/cppw.test
new file mode 100755
index 0000000..67a35a9
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw reports an error if no files are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw with a nonexistant file (cppw data/passwd)..."
+cppw data/passwd 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/06_cppw_no_file/data/usage.out b/tests/cptools/06_cppw_no_file/data/usage.out
new file mode 100644
index 0000000..133dea3
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/data/usage.out
@@ -0,0 +1,2 @@
+cppw: data/passwd: No such file or directory
+cppw: /etc/passwd is unchanged
diff --git a/tests/cptools/07_cppw_locked_passwd/config.txt b/tests/cptools/07_cppw_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/config.txt
diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/group b/tests/cptools/07_cppw_locked_passwd/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/config/etc/group
diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/gshadow b/tests/cptools/07_cppw_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/config/etc/gshadow
diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/passwd b/tests/cptools/07_cppw_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/config/etc/passwd
diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/shadow b/tests/cptools/07_cppw_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/config/etc/shadow
diff --git a/tests/cptools/07_cppw_locked_passwd/cppw.test b/tests/cptools/07_cppw_locked_passwd/cppw.test
new file mode 100755
index 0000000..366618e
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/cppw.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw checks if the password file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Use cppw (cppw data/passwd)..."
+cppw data/passwd 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/07_cppw_locked_passwd/data/passwd b/tests/cptools/07_cppw_locked_passwd/data/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/data/passwd
diff --git a/tests/cptools/07_cppw_locked_passwd/data/usage.out b/tests/cptools/07_cppw_locked_passwd/data/usage.out
new file mode 100644
index 0000000..c99e46a
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/data/usage.out
@@ -0,0 +1,3 @@
+cppw: existing lock file /etc/passwd.lock without a PID
+cppw: Couldn't lock file
+cppw: /etc/passwd is unchanged
diff --git a/tests/cptools/08_cppw-p/config.txt b/tests/cptools/08_cppw-p/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/config.txt
diff --git a/tests/cptools/08_cppw-p/config/etc/group b/tests/cptools/08_cppw-p/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/config/etc/group
diff --git a/tests/cptools/08_cppw-p/config/etc/gshadow b/tests/cptools/08_cppw-p/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/config/etc/gshadow
diff --git a/tests/cptools/08_cppw-p/config/etc/passwd b/tests/cptools/08_cppw-p/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/config/etc/passwd
diff --git a/tests/cptools/08_cppw-p/config/etc/shadow b/tests/cptools/08_cppw-p/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/config/etc/shadow
diff --git a/tests/cptools/08_cppw-p/cppw.test b/tests/cptools/08_cppw-p/cppw.test
new file mode 100755
index 0000000..d4ee864
--- /dev/null
+++ b/tests/cptools/08_cppw-p/cppw.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw -p option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw -p (cppw -p data/passwd)..."
+cppw -p data/passwd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/08_cppw-p/data/passwd b/tests/cptools/08_cppw-p/data/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/data/passwd
diff --git a/tests/cptools/09_cppw-g/config.txt b/tests/cptools/09_cppw-g/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/09_cppw-g/config.txt
diff --git a/tests/cptools/09_cppw-g/config/etc/group b/tests/cptools/09_cppw-g/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cptools/09_cppw-g/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cptools/09_cppw-g/config/etc/gshadow b/tests/cptools/09_cppw-g/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cptools/09_cppw-g/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cptools/09_cppw-g/config/etc/passwd b/tests/cptools/09_cppw-g/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/cptools/09_cppw-g/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/cptools/09_cppw-g/config/etc/shadow b/tests/cptools/09_cppw-g/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cptools/09_cppw-g/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cptools/09_cppw-g/cppw.test b/tests/cptools/09_cppw-g/cppw.test
new file mode 100755
index 0000000..7ac6d16
--- /dev/null
+++ b/tests/cptools/09_cppw-g/cppw.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw can copy the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw -g (cppw -g data/group)..."
+cppw -g data/group
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/09_cppw-g/data/group b/tests/cptools/09_cppw-g/data/group
new file mode 100644
index 0000000..11b5c11
--- /dev/null
+++ b/tests/cptools/09_cppw-g/data/group
@@ -0,0 +1,39 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
diff --git a/tests/cptools/10_cppw-g-s/config.txt b/tests/cptools/10_cppw-g-s/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/config.txt
diff --git a/tests/cptools/10_cppw-g-s/config/etc/group b/tests/cptools/10_cppw-g-s/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cptools/10_cppw-g-s/config/etc/gshadow b/tests/cptools/10_cppw-g-s/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cptools/10_cppw-g-s/config/etc/passwd b/tests/cptools/10_cppw-g-s/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/cptools/10_cppw-g-s/config/etc/shadow b/tests/cptools/10_cppw-g-s/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cptools/10_cppw-g-s/cppw.test b/tests/cptools/10_cppw-g-s/cppw.test
new file mode 100755
index 0000000..602c34a
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/cppw.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw can copy the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw -g -s (cppw -g -s data/gshadow)..."
+cppw -g -s data/gshadow
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/10_cppw-g-s/data/gshadow b/tests/cptools/10_cppw-g-s/data/gshadow
new file mode 100644
index 0000000..93fc055
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/data/gshadow
@@ -0,0 +1,39 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
diff --git a/tests/cptools/11_cppw-p-s/config.txt b/tests/cptools/11_cppw-p-s/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/config.txt
diff --git a/tests/cptools/11_cppw-p-s/config/etc/group b/tests/cptools/11_cppw-p-s/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cptools/11_cppw-p-s/config/etc/gshadow b/tests/cptools/11_cppw-p-s/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cptools/11_cppw-p-s/config/etc/passwd b/tests/cptools/11_cppw-p-s/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/cptools/11_cppw-p-s/config/etc/shadow b/tests/cptools/11_cppw-p-s/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cptools/11_cppw-p-s/cppw.test b/tests/cptools/11_cppw-p-s/cppw.test
new file mode 100755
index 0000000..3c68f05
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/cppw.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw can copy the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw -p -s (cppw -p -s data/shadow)..."
+cppw -p -s data/shadow
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/11_cppw-p-s/data/shadow b/tests/cptools/11_cppw-p-s/data/shadow
new file mode 100644
index 0000000..6214423
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/data/shadow
@@ -0,0 +1,16 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config.txt b/tests/cptools/12_cppw-s_no_shadow_file/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/config.txt
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/group b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/group
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/gshadow b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/gshadow
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/passwd b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/passwd
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/shadow b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/shadow
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/cppw.test b/tests/cptools/12_cppw-s_no_shadow_file/cppw.test
new file mode 100755
index 0000000..a0c2095
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/cppw.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw can copy a shadow file even if there were no shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Use cppw (cppw -s data/shadow)..."
+cppw -s data/shadow 2>tmp/cppw.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/cppw.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/cppw.err tmp/cppw.err
+echo "usage message OK."
+rm -f tmp/cppw.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/data/cppw.err b/tests/cptools/12_cppw-s_no_shadow_file/data/cppw.err
new file mode 100644
index 0000000..0c7d649
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/data/cppw.err
@@ -0,0 +1,2 @@
+cppw: /etc/shadow: No such file or directory
+cppw: /etc/shadow is unchanged
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/data/shadow b/tests/cptools/12_cppw-s_no_shadow_file/data/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/data/shadow
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test
new file mode 100755
index 0000000..d583517
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_chpasswd/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_chpasswd/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_chpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/group b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/gshadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/passwd b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/shadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/shadow
new file mode 100644
index 0000000..7607cc6
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/group b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/gshadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/login.defs b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/login.defs
new file mode 100644
index 0000000..98106ea
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+MD5_CRYPT_ENAB yes
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/passwd b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/shadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/01_chpasswd.test b/tests/crypt/login.defs_DES/01_chpasswd.test
new file mode 100755
index 0000000..d583517
--- /dev/null
+++ b/tests/crypt/login.defs_DES/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_chpasswd/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_chpasswd/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_chpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/01_chpasswd/group b/tests/crypt/login.defs_DES/01_chpasswd/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/01_chpasswd/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/01_chpasswd/gshadow b/tests/crypt/login.defs_DES/01_chpasswd/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/01_chpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/01_chpasswd/passwd b/tests/crypt/login.defs_DES/01_chpasswd/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/01_chpasswd/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/01_chpasswd/shadow b/tests/crypt/login.defs_DES/01_chpasswd/shadow
new file mode 100644
index 0000000..7607cc6
--- /dev/null
+++ b/tests/crypt/login.defs_DES/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test
new file mode 100755
index 0000000..2ae3f3b
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd --crypt-method MD5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/group b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/gshadow b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd.new b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd.new
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd.new
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/shadow b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/shadow
new file mode 100644
index 0000000..658661b
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test
new file mode 100755
index 0000000..9848828
--- /dev/null
+++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd --crypt-method DES
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 03_chpasswd--crypt-method-DES/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 03_chpasswd--crypt-method-DES/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 03_chpasswd--crypt-method-DES/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 03_chpasswd--crypt-method-DES/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/group b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/gshadow b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/passwd b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/shadow b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/shadow
new file mode 100644
index 0000000..7607cc6
--- /dev/null
+++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test
new file mode 100755
index 0000000..4c4f18a
--- /dev/null
+++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd --crypt-method NONE
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/group b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/gshadow b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/passwd b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/shadow b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/shadow
new file mode 100644
index 0000000..d2bde3b
--- /dev/null
+++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e.test b/tests/crypt/login.defs_DES/05_chpasswd-e.test
new file mode 100755
index 0000000..fdac6ae
--- /dev/null
+++ b/tests/crypt/login.defs_DES/05_chpasswd-e.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 05_chpasswd-e/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 05_chpasswd-e/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 05_chpasswd-e/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 05_chpasswd-e/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/group b/tests/crypt/login.defs_DES/05_chpasswd-e/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/05_chpasswd-e/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/gshadow b/tests/crypt/login.defs_DES/05_chpasswd-e/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/05_chpasswd-e/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/passwd b/tests/crypt/login.defs_DES/05_chpasswd-e/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/05_chpasswd-e/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/shadow b/tests/crypt/login.defs_DES/05_chpasswd-e/shadow
new file mode 100644
index 0000000..d2bde3b
--- /dev/null
+++ b/tests/crypt/login.defs_DES/05_chpasswd-e/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m.test b/tests/crypt/login.defs_DES/06_chpasswd-m.test
new file mode 100755
index 0000000..3428d89
--- /dev/null
+++ b/tests/crypt/login.defs_DES/06_chpasswd-m.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd -m
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 06_chpasswd-m/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 06_chpasswd-m/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 06_chpasswd-m/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 06_chpasswd-m/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/group b/tests/crypt/login.defs_DES/06_chpasswd-m/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/06_chpasswd-m/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/gshadow b/tests/crypt/login.defs_DES/06_chpasswd-m/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/06_chpasswd-m/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/passwd b/tests/crypt/login.defs_DES/06_chpasswd-m/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/06_chpasswd-m/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/shadow b/tests/crypt/login.defs_DES/06_chpasswd-m/shadow
new file mode 100644
index 0000000..658661b
--- /dev/null
+++ b/tests/crypt/login.defs_DES/06_chpasswd-m/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/07_chgpasswd.test b/tests/crypt/login.defs_DES/07_chgpasswd.test
new file mode 100755
index 0000000..5b7a073
--- /dev/null
+++ b/tests/crypt/login.defs_DES/07_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's password..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 07_chgpasswd/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 07_chgpasswd/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 07_chgpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 07_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/group b/tests/crypt/login.defs_DES/07_chgpasswd/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/07_chgpasswd/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/gshadow b/tests/crypt/login.defs_DES/07_chgpasswd/gshadow
new file mode 100644
index 0000000..53dba5e
--- /dev/null
+++ b/tests/crypt/login.defs_DES/07_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_DES test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/passwd b/tests/crypt/login.defs_DES/07_chgpasswd/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/07_chgpasswd/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/shadow b/tests/crypt/login.defs_DES/07_chgpasswd/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/07_chgpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test
new file mode 100755
index 0000000..405e8b2
--- /dev/null
+++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's password..."
+echo nogroup:test | chgpasswd --crypt-method MD5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/group b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/gshadow b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/gshadow
new file mode 100644
index 0000000..a709bcb
--- /dev/null
+++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/passwd b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/shadow b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test
new file mode 100755
index 0000000..1553e00
--- /dev/null
+++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's password..."
+echo nogroup:test | chgpasswd --crypt-method DES
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/group b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/gshadow b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/gshadow
new file mode 100644
index 0000000..53dba5e
--- /dev/null
+++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_DES test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/passwd b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/shadow b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test
new file mode 100755
index 0000000..a010de2
--- /dev/null
+++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's password..."
+echo nogroup:test | chgpasswd --crypt-method NONE
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/group b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/gshadow b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/gshadow
new file mode 100644
index 0000000..a8f0af9
--- /dev/null
+++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:test::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/passwd b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/shadow b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e.test b/tests/crypt/login.defs_DES/11_chgpasswd-e.test
new file mode 100755
index 0000000..6b801c1
--- /dev/null
+++ b/tests/crypt/login.defs_DES/11_chgpasswd-e.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nogroup:test | chgpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 11_chgpasswd-e/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 11_chgpasswd-e/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 11_chgpasswd-e/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 11_chgpasswd-e/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/group b/tests/crypt/login.defs_DES/11_chgpasswd-e/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/gshadow b/tests/crypt/login.defs_DES/11_chgpasswd-e/gshadow
new file mode 100644
index 0000000..a8f0af9
--- /dev/null
+++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:test::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/passwd b/tests/crypt/login.defs_DES/11_chgpasswd-e/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/shadow b/tests/crypt/login.defs_DES/11_chgpasswd-e/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m.test b/tests/crypt/login.defs_DES/12_chgpasswd-m.test
new file mode 100755
index 0000000..f271cb0
--- /dev/null
+++ b/tests/crypt/login.defs_DES/12_chgpasswd-m.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nogroup:test | chgpasswd -m
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 12_chgpasswd-m/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 12_chgpasswd-m/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 12_chgpasswd-m/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 12_chgpasswd-m/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/group b/tests/crypt/login.defs_DES/12_chgpasswd-m/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/gshadow b/tests/crypt/login.defs_DES/12_chgpasswd-m/gshadow
new file mode 100644
index 0000000..a709bcb
--- /dev/null
+++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/passwd b/tests/crypt/login.defs_DES/12_chgpasswd-m/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/shadow b/tests/crypt/login.defs_DES/12_chgpasswd-m/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/config/etc/group b/tests/crypt/login.defs_DES/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/config/etc/gshadow b/tests/crypt/login.defs_DES/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/config/etc/login.defs b/tests/crypt/login.defs_DES/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/crypt/login.defs_DES/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_DES/config/etc/passwd b/tests/crypt/login.defs_DES/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/config/etc/shadow b/tests/crypt/login.defs_DES/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_MD5/01_chpasswd.test b/tests/crypt/login.defs_MD5/01_chpasswd.test
new file mode 100755
index 0000000..d583517
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_chpasswd/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_chpasswd/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_chpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/group b/tests/crypt/login.defs_MD5/01_chpasswd/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/01_chpasswd/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/gshadow b/tests/crypt/login.defs_MD5/01_chpasswd/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/01_chpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/passwd b/tests/crypt/login.defs_MD5/01_chpasswd/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/01_chpasswd/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/shadow b/tests/crypt/login.defs_MD5/01_chpasswd/shadow
new file mode 100644
index 0000000..658661b
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd.test b/tests/crypt/login.defs_MD5/02_chgpasswd.test
new file mode 100755
index 0000000..c102e89
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/02_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 02_chgpasswd/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 02_chgpasswd/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 02_chgpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/group b/tests/crypt/login.defs_MD5/02_chgpasswd/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/02_chgpasswd/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/gshadow b/tests/crypt/login.defs_MD5/02_chgpasswd/gshadow
new file mode 100644
index 0000000..a709bcb
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/passwd b/tests/crypt/login.defs_MD5/02_chgpasswd/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/02_chgpasswd/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/shadow b/tests/crypt/login.defs_MD5/02_chgpasswd/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/02_chgpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_MD5/config/etc/group b/tests/crypt/login.defs_MD5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_MD5/config/etc/gshadow b/tests/crypt/login.defs_MD5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_MD5/config/etc/login.defs b/tests/crypt/login.defs_MD5/config/etc/login.defs
new file mode 100644
index 0000000..c035580
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD MD5
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_MD5/config/etc/passwd b/tests/crypt/login.defs_MD5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_MD5/config/etc/shadow b/tests/crypt/login.defs_MD5/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test
new file mode 100755
index 0000000..28ee58f
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd/shadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd/shadow
new file mode 100644
index 0000000..658661b
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test
new file mode 100755
index 0000000..a38a669
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd/gshadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd/gshadow
new file mode 100644
index 0000000..a709bcb
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/group b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/gshadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/login.defs b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/login.defs
new file mode 100644
index 0000000..c214714
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+MD5_CRYPT_ENAB yes
+#ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/passwd b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/shadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-max/01_chpasswd.test b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd.test
new file mode 100755
index 0000000..3c04e67
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the number of rounds..."
+grep -q '^nobody:\$5\$rounds=7000\$' /etc/shadow || {
+ grep "^nobody:" /etc/shadow
+ exit 1
+}
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-max/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd/shadow
new file mode 100644
index 0000000..e16a7b0
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd.test b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd.test
new file mode 100755
index 0000000..51adcbe
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the number of rounds..."
+grep -q '^nogroup:\$5\$rounds=7000\$' /etc/gshadow || {
+ grep "^nogroup:" /etc/gshadow
+ exit 1
+}
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd/gshadow
new file mode 100644
index 0000000..f235584
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/group b/tests/crypt/login.defs_SHA256-round-max/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/gshadow b/tests/crypt/login.defs_SHA256-round-max/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/login.defs b/tests/crypt/login.defs_SHA256-round-max/config/etc/login.defs
new file mode 100644
index 0000000..656950a
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD SHA256
+#SHA_CRYPT_MIN_ROUNDS 2000
+SHA_CRYPT_MAX_ROUNDS 7000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/passwd b/tests/crypt/login.defs_SHA256-round-max/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/shadow b/tests/crypt/login.defs_SHA256-round-max/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd.test b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd.test
new file mode 100755
index 0000000..ba6d6f2
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change an user's password with chpasswd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user nobody's password (echo nobody:test | chpasswd)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds1=$(sed -n 's/^nobody:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+echo -n "($rounds1)..."
+if [ "$rounds1" -lt 3000 ] || [ "$rounds1" -gt 10000 ]; then
+ echo "Wrong rounds: $rounds1"
+ grep "^nobody:" /etc/shadow
+ exit 1
+fi
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+echo ""
+echo "Make sure the number of rounds is not constant"
+
+echo -n " Change user nobody's password (echo nobody:test | chpasswd)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+rounds2=$(sed -n 's/^nobody:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+if [ "$rounds1" = "$rounds2" ]; then
+ echo "The number of rounds did not change."
+ echo "It may not be a error, please re-run this test."
+ exit 1
+fi
+echo -n "($rounds2)..."
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd/shadow
new file mode 100644
index 0000000..e16a7b0
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test
new file mode 100755
index 0000000..f730d51
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password with chgpasswd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group nogroup's password (echo nogroup:test | chgpasswd)..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds1=$(sed -n 's/^nogroup:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/gshadow)
+echo -n "($rounds1)..."
+if [ "$rounds1" -lt 3000 ] || [ "$rounds1" -gt 10000 ]; then
+ echo "Wrong rounds: $rounds1"
+ grep "^nogroup:" /etc/gshadow
+ exit 1
+fi
+echo "OK"
+
+echo ""
+echo "Make sure the number of rounds is not constant"
+
+echo -n " Change group nogroup's password (echo nogroup:test | chgpasswd)..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+rounds2=$(sed -n 's/^nogroup:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/gshadow)
+if [ "$rounds1" = "$rounds2" ]; then
+ echo "The number of rounds did not change."
+ echo "It may not be a error, please re-run this test."
+ exit 1
+fi
+echo -n "($rounds2)..."
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd/gshadow
new file mode 100644
index 0000000..f235584
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/group b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/gshadow b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/login.defs b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/login.defs
new file mode 100644
index 0000000..639fb92
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD SHA256
+SHA_CRYPT_MIN_ROUNDS 3000
+SHA_CRYPT_MAX_ROUNDS 10000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/passwd b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/shadow b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-min/01_chpasswd.test b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd.test
new file mode 100755
index 0000000..8a445e7
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the number of rounds..."
+grep -q '^nobody:\$5\$rounds=2000\$' /etc/shadow || {
+ grep "^nobody:" /etc/shadow
+ exit 1
+}
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-min/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd/shadow
new file mode 100644
index 0000000..e16a7b0
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd.test b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd.test
new file mode 100755
index 0000000..bbbac5b
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Changea group password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the number of rounds..."
+grep -q '^nogroup:\$5\$rounds=2000\$' /etc/gshadow || {
+ grep "^nogroup:" /etc/gshadow
+ exit 1
+}
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd/gshadow
new file mode 100644
index 0000000..f235584
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/group b/tests/crypt/login.defs_SHA256-round-min/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/gshadow b/tests/crypt/login.defs_SHA256-round-min/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/login.defs b/tests/crypt/login.defs_SHA256-round-min/config/etc/login.defs
new file mode 100644
index 0000000..b8087b2
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD SHA256
+SHA_CRYPT_MIN_ROUNDS 2000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/passwd b/tests/crypt/login.defs_SHA256-round-min/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/shadow b/tests/crypt/login.defs_SHA256-round-min/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256/01_chpasswd.test b/tests/crypt/login.defs_SHA256/01_chpasswd.test
new file mode 100755
index 0000000..28ee58f
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256/01_chpasswd/shadow
new file mode 100644
index 0000000..e16a7b0
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256/02_chgpasswd.test b/tests/crypt/login.defs_SHA256/02_chgpasswd.test
new file mode 100755
index 0000000..a38a669
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/02_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256/02_chgpasswd/gshadow
new file mode 100644
index 0000000..f235584
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256/config/etc/group b/tests/crypt/login.defs_SHA256/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_SHA256/config/etc/gshadow b/tests/crypt/login.defs_SHA256/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256/config/etc/login.defs b/tests/crypt/login.defs_SHA256/config/etc/login.defs
new file mode 100644
index 0000000..8001001
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD SHA256
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_SHA256/config/etc/passwd b/tests/crypt/login.defs_SHA256/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_SHA256/config/etc/shadow b/tests/crypt/login.defs_SHA256/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA512/01_chpasswd.test b/tests/crypt/login.defs_SHA512/01_chpasswd.test
new file mode 100755
index 0000000..28ee58f
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA512/01_chpasswd/shadow b/tests/crypt/login.defs_SHA512/01_chpasswd/shadow
new file mode 100644
index 0000000..5822203
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA512/02_chgpasswd.test b/tests/crypt/login.defs_SHA512/02_chgpasswd.test
new file mode 100755
index 0000000..b7ac288
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/02_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password with chgpasswd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA512/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA512/02_chgpasswd/gshadow
new file mode 100644
index 0000000..5c8c33a
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA512 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA512/config/etc/group b/tests/crypt/login.defs_SHA512/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_SHA512/config/etc/gshadow b/tests/crypt/login.defs_SHA512/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA512/config/etc/login.defs b/tests/crypt/login.defs_SHA512/config/etc/login.defs
new file mode 100644
index 0000000..76369b6
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD SHA512
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_SHA512/config/etc/passwd b/tests/crypt/login.defs_SHA512/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_SHA512/config/etc/shadow b/tests/crypt/login.defs_SHA512/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_none/01_chpasswd.test b/tests/crypt/login.defs_none/01_chpasswd.test
new file mode 100755
index 0000000..28ee58f
--- /dev/null
+++ b/tests/crypt/login.defs_none/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_none/01_chpasswd/shadow b/tests/crypt/login.defs_none/01_chpasswd/shadow
new file mode 100644
index 0000000..7607cc6
--- /dev/null
+++ b/tests/crypt/login.defs_none/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_none/02_chgpasswd.test b/tests/crypt/login.defs_none/02_chgpasswd.test
new file mode 100755
index 0000000..b7ac288
--- /dev/null
+++ b/tests/crypt/login.defs_none/02_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password with chgpasswd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_none/02_chgpasswd/gshadow b/tests/crypt/login.defs_none/02_chgpasswd/gshadow
new file mode 100644
index 0000000..53dba5e
--- /dev/null
+++ b/tests/crypt/login.defs_none/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_DES test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_none/config/etc/group b/tests/crypt/login.defs_none/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_none/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_none/config/etc/gshadow b/tests/crypt/login.defs_none/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_none/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_none/config/etc/login.defs b/tests/crypt/login.defs_none/config/etc/login.defs
new file mode 100644
index 0000000..f1f0a57
--- /dev/null
+++ b/tests/crypt/login.defs_none/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+#ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_none/config/etc/passwd b/tests/crypt/login.defs_none/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_none/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_none/config/etc/shadow b/tests/crypt/login.defs_none/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_none/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/debian/01/data/login_files b/tests/debian/01/data/login_files
new file mode 100644
index 0000000..04f4974
--- /dev/null
+++ b/tests/debian/01/data/login_files
@@ -0,0 +1,296 @@
+/.
+/bin
+/bin/login
+/bin/su
+/etc
+/etc/login.defs
+/etc/pam.d
+/etc/pam.d/login
+/etc/pam.d/su
+/etc/securetty
+/usr
+/usr/bin
+/usr/bin/faillog
+/usr/bin/lastlog
+/usr/bin/newgrp
+/usr/bin/sg
+/usr/sbin
+/usr/sbin/nologin
+/usr/share
+/usr/share/doc
+/usr/share/doc/login
+/usr/share/doc/login/NEWS.Debian.gz
+/usr/share/doc/login/NEWS.gz
+/usr/share/doc/login/README
+/usr/share/doc/login/TODO.gz
+/usr/share/doc/login/changelog.Debian.gz
+/usr/share/doc/login/changelog.gz
+/usr/share/doc/login/copyright
+/usr/share/lintian
+/usr/share/lintian/overrides
+/usr/share/lintian/overrides/login
+/usr/share/locale
+/usr/share/locale/bs
+/usr/share/locale/bs/LC_MESSAGES
+/usr/share/locale/bs/LC_MESSAGES/shadow.mo
+/usr/share/locale/ca
+/usr/share/locale/ca/LC_MESSAGES
+/usr/share/locale/ca/LC_MESSAGES/shadow.mo
+/usr/share/locale/cs
+/usr/share/locale/cs/LC_MESSAGES
+/usr/share/locale/cs/LC_MESSAGES/shadow.mo
+/usr/share/locale/da
+/usr/share/locale/da/LC_MESSAGES
+/usr/share/locale/da/LC_MESSAGES/shadow.mo
+/usr/share/locale/de
+/usr/share/locale/de/LC_MESSAGES
+/usr/share/locale/de/LC_MESSAGES/shadow.mo
+/usr/share/locale/dz
+/usr/share/locale/dz/LC_MESSAGES
+/usr/share/locale/dz/LC_MESSAGES/shadow.mo
+/usr/share/locale/el
+/usr/share/locale/el/LC_MESSAGES
+/usr/share/locale/el/LC_MESSAGES/shadow.mo
+/usr/share/locale/es
+/usr/share/locale/es/LC_MESSAGES
+/usr/share/locale/es/LC_MESSAGES/shadow.mo
+/usr/share/locale/eu
+/usr/share/locale/eu/LC_MESSAGES
+/usr/share/locale/eu/LC_MESSAGES/shadow.mo
+/usr/share/locale/fi
+/usr/share/locale/fi/LC_MESSAGES
+/usr/share/locale/fi/LC_MESSAGES/shadow.mo
+/usr/share/locale/fr
+/usr/share/locale/fr/LC_MESSAGES
+/usr/share/locale/fr/LC_MESSAGES/shadow.mo
+/usr/share/locale/gl
+/usr/share/locale/gl/LC_MESSAGES
+/usr/share/locale/gl/LC_MESSAGES/shadow.mo
+/usr/share/locale/he
+/usr/share/locale/he/LC_MESSAGES
+/usr/share/locale/he/LC_MESSAGES/shadow.mo
+/usr/share/locale/hu
+/usr/share/locale/hu/LC_MESSAGES
+/usr/share/locale/hu/LC_MESSAGES/shadow.mo
+/usr/share/locale/id
+/usr/share/locale/id/LC_MESSAGES
+/usr/share/locale/id/LC_MESSAGES/shadow.mo
+/usr/share/locale/it
+/usr/share/locale/it/LC_MESSAGES
+/usr/share/locale/it/LC_MESSAGES/shadow.mo
+/usr/share/locale/ja
+/usr/share/locale/ja/LC_MESSAGES
+/usr/share/locale/ja/LC_MESSAGES/shadow.mo
+/usr/share/locale/kk
+/usr/share/locale/kk/LC_MESSAGES
+/usr/share/locale/kk/LC_MESSAGES/shadow.mo
+/usr/share/locale/km
+/usr/share/locale/km/LC_MESSAGES
+/usr/share/locale/km/LC_MESSAGES/shadow.mo
+/usr/share/locale/ko
+/usr/share/locale/ko/LC_MESSAGES
+/usr/share/locale/ko/LC_MESSAGES/shadow.mo
+/usr/share/locale/nb
+/usr/share/locale/nb/LC_MESSAGES
+/usr/share/locale/nb/LC_MESSAGES/shadow.mo
+/usr/share/locale/ne
+/usr/share/locale/ne/LC_MESSAGES
+/usr/share/locale/ne/LC_MESSAGES/shadow.mo
+/usr/share/locale/nl
+/usr/share/locale/nl/LC_MESSAGES
+/usr/share/locale/nl/LC_MESSAGES/shadow.mo
+/usr/share/locale/nn
+/usr/share/locale/nn/LC_MESSAGES
+/usr/share/locale/nn/LC_MESSAGES/shadow.mo
+/usr/share/locale/pl
+/usr/share/locale/pl/LC_MESSAGES
+/usr/share/locale/pl/LC_MESSAGES/shadow.mo
+/usr/share/locale/pt
+/usr/share/locale/pt/LC_MESSAGES
+/usr/share/locale/pt/LC_MESSAGES/shadow.mo
+/usr/share/locale/pt_BR
+/usr/share/locale/pt_BR/LC_MESSAGES
+/usr/share/locale/pt_BR/LC_MESSAGES/shadow.mo
+/usr/share/locale/ro
+/usr/share/locale/ro/LC_MESSAGES
+/usr/share/locale/ro/LC_MESSAGES/shadow.mo
+/usr/share/locale/ru
+/usr/share/locale/ru/LC_MESSAGES
+/usr/share/locale/ru/LC_MESSAGES/shadow.mo
+/usr/share/locale/sk
+/usr/share/locale/sk/LC_MESSAGES
+/usr/share/locale/sk/LC_MESSAGES/shadow.mo
+/usr/share/locale/sq
+/usr/share/locale/sq/LC_MESSAGES
+/usr/share/locale/sq/LC_MESSAGES/shadow.mo
+/usr/share/locale/sv
+/usr/share/locale/sv/LC_MESSAGES
+/usr/share/locale/sv/LC_MESSAGES/shadow.mo
+/usr/share/locale/tl
+/usr/share/locale/tl/LC_MESSAGES
+/usr/share/locale/tl/LC_MESSAGES/shadow.mo
+/usr/share/locale/tr
+/usr/share/locale/tr/LC_MESSAGES
+/usr/share/locale/tr/LC_MESSAGES/shadow.mo
+/usr/share/locale/uk
+/usr/share/locale/uk/LC_MESSAGES
+/usr/share/locale/uk/LC_MESSAGES/shadow.mo
+/usr/share/locale/vi
+/usr/share/locale/vi/LC_MESSAGES
+/usr/share/locale/vi/LC_MESSAGES/shadow.mo
+/usr/share/locale/zh_CN
+/usr/share/locale/zh_CN/LC_MESSAGES
+/usr/share/locale/zh_CN/LC_MESSAGES/shadow.mo
+/usr/share/locale/zh_TW
+/usr/share/locale/zh_TW/LC_MESSAGES
+/usr/share/locale/zh_TW/LC_MESSAGES/shadow.mo
+/usr/share/man
+/usr/share/man/cs
+/usr/share/man/cs/man1
+/usr/share/man/cs/man1/su.1.gz
+/usr/share/man/cs/man5
+/usr/share/man/cs/man5/faillog.5.gz
+/usr/share/man/cs/man8
+/usr/share/man/cs/man8/faillog.8.gz
+/usr/share/man/cs/man8/lastlog.8.gz
+/usr/share/man/cs/man8/nologin.8.gz
+/usr/share/man/da
+/usr/share/man/da/man1
+/usr/share/man/da/man1/newgrp.1.gz
+/usr/share/man/da/man1/sg.1.gz
+/usr/share/man/da/man8
+/usr/share/man/da/man8/nologin.8.gz
+/usr/share/man/de
+/usr/share/man/de/man1
+/usr/share/man/de/man1/login.1.gz
+/usr/share/man/de/man1/newgrp.1.gz
+/usr/share/man/de/man1/sg.1.gz
+/usr/share/man/de/man1/su.1.gz
+/usr/share/man/de/man5
+/usr/share/man/de/man5/faillog.5.gz
+/usr/share/man/de/man5/login.defs.5.gz
+/usr/share/man/de/man8
+/usr/share/man/de/man8/faillog.8.gz
+/usr/share/man/de/man8/lastlog.8.gz
+/usr/share/man/de/man8/nologin.8.gz
+/usr/share/man/fi
+/usr/share/man/fi/man1
+/usr/share/man/fi/man1/su.1.gz
+/usr/share/man/fr
+/usr/share/man/fr/man1
+/usr/share/man/fr/man1/login.1.gz
+/usr/share/man/fr/man1/newgrp.1.gz
+/usr/share/man/fr/man1/sg.1.gz
+/usr/share/man/fr/man1/su.1.gz
+/usr/share/man/fr/man5
+/usr/share/man/fr/man5/faillog.5.gz
+/usr/share/man/fr/man5/login.defs.5.gz
+/usr/share/man/fr/man8
+/usr/share/man/fr/man8/faillog.8.gz
+/usr/share/man/fr/man8/lastlog.8.gz
+/usr/share/man/fr/man8/nologin.8.gz
+/usr/share/man/hu
+/usr/share/man/hu/man1
+/usr/share/man/hu/man1/login.1.gz
+/usr/share/man/hu/man1/newgrp.1.gz
+/usr/share/man/hu/man1/sg.1.gz
+/usr/share/man/hu/man1/su.1.gz
+/usr/share/man/hu/man8
+/usr/share/man/hu/man8/lastlog.8.gz
+/usr/share/man/id
+/usr/share/man/id/man1
+/usr/share/man/id/man1/login.1.gz
+/usr/share/man/it
+/usr/share/man/it/man1
+/usr/share/man/it/man1/login.1.gz
+/usr/share/man/it/man1/newgrp.1.gz
+/usr/share/man/it/man1/sg.1.gz
+/usr/share/man/it/man1/su.1.gz
+/usr/share/man/it/man5
+/usr/share/man/it/man5/faillog.5.gz
+/usr/share/man/it/man5/login.defs.5.gz
+/usr/share/man/it/man8
+/usr/share/man/it/man8/faillog.8.gz
+/usr/share/man/it/man8/lastlog.8.gz
+/usr/share/man/it/man8/nologin.8.gz
+/usr/share/man/ja
+/usr/share/man/ja/man1
+/usr/share/man/ja/man1/login.1.gz
+/usr/share/man/ja/man1/newgrp.1.gz
+/usr/share/man/ja/man1/sg.1.gz
+/usr/share/man/ja/man1/su.1.gz
+/usr/share/man/ja/man5
+/usr/share/man/ja/man5/faillog.5.gz
+/usr/share/man/ja/man5/login.defs.5.gz
+/usr/share/man/ja/man8
+/usr/share/man/ja/man8/faillog.8.gz
+/usr/share/man/ja/man8/lastlog.8.gz
+/usr/share/man/ko
+/usr/share/man/ko/man1
+/usr/share/man/ko/man1/login.1.gz
+/usr/share/man/ko/man1/su.1.gz
+/usr/share/man/man1
+/usr/share/man/man1/login.1.gz
+/usr/share/man/man1/newgrp.1.gz
+/usr/share/man/man1/sg.1.gz
+/usr/share/man/man1/su.1.gz
+/usr/share/man/man5
+/usr/share/man/man5/faillog.5.gz
+/usr/share/man/man5/login.defs.5.gz
+/usr/share/man/man8
+/usr/share/man/man8/faillog.8.gz
+/usr/share/man/man8/lastlog.8.gz
+/usr/share/man/man8/nologin.8.gz
+/usr/share/man/pl
+/usr/share/man/pl/man1
+/usr/share/man/pl/man1/newgrp.1.gz
+/usr/share/man/pl/man1/sg.1.gz
+/usr/share/man/pl/man5
+/usr/share/man/pl/man5/faillog.5.gz
+/usr/share/man/pl/man8
+/usr/share/man/pl/man8/faillog.8.gz
+/usr/share/man/pl/man8/lastlog.8.gz
+/usr/share/man/ru
+/usr/share/man/ru/man1
+/usr/share/man/ru/man1/login.1.gz
+/usr/share/man/ru/man1/newgrp.1.gz
+/usr/share/man/ru/man1/sg.1.gz
+/usr/share/man/ru/man1/su.1.gz
+/usr/share/man/ru/man5
+/usr/share/man/ru/man5/faillog.5.gz
+/usr/share/man/ru/man5/login.defs.5.gz
+/usr/share/man/ru/man8
+/usr/share/man/ru/man8/faillog.8.gz
+/usr/share/man/ru/man8/lastlog.8.gz
+/usr/share/man/ru/man8/nologin.8.gz
+/usr/share/man/sv
+/usr/share/man/sv/man1
+/usr/share/man/sv/man1/newgrp.1.gz
+/usr/share/man/sv/man1/sg.1.gz
+/usr/share/man/sv/man5
+/usr/share/man/sv/man5/faillog.5.gz
+/usr/share/man/sv/man8
+/usr/share/man/sv/man8/faillog.8.gz
+/usr/share/man/sv/man8/lastlog.8.gz
+/usr/share/man/sv/man8/nologin.8.gz
+/usr/share/man/tr
+/usr/share/man/tr/man1
+/usr/share/man/tr/man1/login.1.gz
+/usr/share/man/tr/man1/su.1.gz
+/usr/share/man/zh_CN
+/usr/share/man/zh_CN/man1
+/usr/share/man/zh_CN/man1/login.1.gz
+/usr/share/man/zh_CN/man1/newgrp.1.gz
+/usr/share/man/zh_CN/man1/sg.1.gz
+/usr/share/man/zh_CN/man1/su.1.gz
+/usr/share/man/zh_CN/man5
+/usr/share/man/zh_CN/man5/faillog.5.gz
+/usr/share/man/zh_CN/man5/login.defs.5.gz
+/usr/share/man/zh_CN/man8
+/usr/share/man/zh_CN/man8/faillog.8.gz
+/usr/share/man/zh_CN/man8/lastlog.8.gz
+/usr/share/man/zh_CN/man8/nologin.8.gz
+/usr/share/man/zh_TW
+/usr/share/man/zh_TW/man1
+/usr/share/man/zh_TW/man1/newgrp.1.gz
+/usr/share/man/zh_TW/man1/su.1.gz
diff --git a/tests/debian/01/data/passwd_files b/tests/debian/01/data/passwd_files
new file mode 100644
index 0000000..78380f4
--- /dev/null
+++ b/tests/debian/01/data/passwd_files
@@ -0,0 +1,400 @@
+/.
+/etc
+/etc/cron.daily
+/etc/cron.daily/passwd
+/etc/default
+/etc/default/useradd
+/etc/pam.d
+/etc/pam.d/chfn
+/etc/pam.d/chpasswd
+/etc/pam.d/chsh
+/etc/pam.d/groupmems
+/etc/pam.d/newusers
+/etc/pam.d/passwd
+/sbin
+/sbin/shadowconfig
+/usr
+/usr/bin
+/usr/bin/chage
+/usr/bin/chfn
+/usr/bin/chsh
+/usr/bin/expiry
+/usr/bin/gpasswd
+/usr/bin/passwd
+/usr/sbin
+/usr/sbin/chgpasswd
+/usr/sbin/chpasswd
+/usr/sbin/cpgr
+/usr/sbin/cppw
+/usr/sbin/groupadd
+/usr/sbin/groupdel
+/usr/sbin/groupmems
+/usr/sbin/groupmod
+/usr/sbin/grpck
+/usr/sbin/grpconv
+/usr/sbin/grpunconv
+/usr/sbin/newusers
+/usr/sbin/pwck
+/usr/sbin/pwconv
+/usr/sbin/pwunconv
+/usr/sbin/useradd
+/usr/sbin/userdel
+/usr/sbin/usermod
+/usr/sbin/vigr
+/usr/sbin/vipw
+/usr/share
+/usr/share/doc
+/usr/share/doc/passwd
+/usr/share/doc/passwd/NEWS.Debian.gz
+/usr/share/doc/passwd/NEWS.gz
+/usr/share/doc/passwd/README
+/usr/share/doc/passwd/README.Debian
+/usr/share/doc/passwd/TODO.gz
+/usr/share/doc/passwd/changelog.Debian.gz
+/usr/share/doc/passwd/changelog.gz
+/usr/share/doc/passwd/copyright
+/usr/share/doc/passwd/examples
+/usr/share/doc/passwd/examples/passwd.expire.cron
+/usr/share/lintian
+/usr/share/lintian/overrides
+/usr/share/lintian/overrides/passwd
+/usr/share/man
+/usr/share/man/cs
+/usr/share/man/cs/man1
+/usr/share/man/cs/man1/expiry.1.gz
+/usr/share/man/cs/man1/gpasswd.1.gz
+/usr/share/man/cs/man5
+/usr/share/man/cs/man5/gshadow.5.gz
+/usr/share/man/cs/man5/passwd.5.gz
+/usr/share/man/cs/man5/shadow.5.gz
+/usr/share/man/cs/man8
+/usr/share/man/cs/man8/groupadd.8.gz
+/usr/share/man/cs/man8/groupdel.8.gz
+/usr/share/man/cs/man8/groupmod.8.gz
+/usr/share/man/cs/man8/grpck.8.gz
+/usr/share/man/cs/man8/vipw.8.gz
+/usr/share/man/da
+/usr/share/man/da/man1
+/usr/share/man/da/man1/chfn.1.gz
+/usr/share/man/da/man5
+/usr/share/man/da/man5/gshadow.5.gz
+/usr/share/man/da/man8
+/usr/share/man/da/man8/groupdel.8.gz
+/usr/share/man/da/man8/vigr.8.gz
+/usr/share/man/da/man8/vipw.8.gz
+/usr/share/man/de
+/usr/share/man/de/man1
+/usr/share/man/de/man1/chage.1.gz
+/usr/share/man/de/man1/chfn.1.gz
+/usr/share/man/de/man1/chsh.1.gz
+/usr/share/man/de/man1/expiry.1.gz
+/usr/share/man/de/man1/gpasswd.1.gz
+/usr/share/man/de/man1/passwd.1.gz
+/usr/share/man/de/man5
+/usr/share/man/de/man5/gshadow.5.gz
+/usr/share/man/de/man5/passwd.5.gz
+/usr/share/man/de/man5/shadow.5.gz
+/usr/share/man/de/man8
+/usr/share/man/de/man8/chpasswd.8.gz
+/usr/share/man/de/man8/groupadd.8.gz
+/usr/share/man/de/man8/groupdel.8.gz
+/usr/share/man/de/man8/groupmems.8.gz
+/usr/share/man/de/man8/groupmod.8.gz
+/usr/share/man/de/man8/grpck.8.gz
+/usr/share/man/de/man8/grpconv.8.gz
+/usr/share/man/de/man8/grpunconv.8.gz
+/usr/share/man/de/man8/newusers.8.gz
+/usr/share/man/de/man8/pwck.8.gz
+/usr/share/man/de/man8/pwconv.8.gz
+/usr/share/man/de/man8/pwunconv.8.gz
+/usr/share/man/de/man8/useradd.8.gz
+/usr/share/man/de/man8/userdel.8.gz
+/usr/share/man/de/man8/usermod.8.gz
+/usr/share/man/de/man8/vigr.8.gz
+/usr/share/man/de/man8/vipw.8.gz
+/usr/share/man/fi
+/usr/share/man/fi/man1
+/usr/share/man/fi/man1/chfn.1.gz
+/usr/share/man/fi/man1/chsh.1.gz
+/usr/share/man/fr
+/usr/share/man/fr/man1
+/usr/share/man/fr/man1/chage.1.gz
+/usr/share/man/fr/man1/chfn.1.gz
+/usr/share/man/fr/man1/chsh.1.gz
+/usr/share/man/fr/man1/expiry.1.gz
+/usr/share/man/fr/man1/gpasswd.1.gz
+/usr/share/man/fr/man1/passwd.1.gz
+/usr/share/man/fr/man5
+/usr/share/man/fr/man5/gshadow.5.gz
+/usr/share/man/fr/man5/passwd.5.gz
+/usr/share/man/fr/man5/shadow.5.gz
+/usr/share/man/fr/man5/subgid.5.gz
+/usr/share/man/fr/man5/subuid.5.gz
+/usr/share/man/fr/man8
+/usr/share/man/fr/man8/chpasswd.8.gz
+/usr/share/man/fr/man8/groupadd.8.gz
+/usr/share/man/fr/man8/groupdel.8.gz
+/usr/share/man/fr/man8/groupmems.8.gz
+/usr/share/man/fr/man8/groupmod.8.gz
+/usr/share/man/fr/man8/grpck.8.gz
+/usr/share/man/fr/man8/grpconv.8.gz
+/usr/share/man/fr/man8/grpunconv.8.gz
+/usr/share/man/fr/man8/newusers.8.gz
+/usr/share/man/fr/man8/pwck.8.gz
+/usr/share/man/fr/man8/pwconv.8.gz
+/usr/share/man/fr/man8/pwunconv.8.gz
+/usr/share/man/fr/man8/shadowconfig.8.gz
+/usr/share/man/fr/man8/useradd.8.gz
+/usr/share/man/fr/man8/userdel.8.gz
+/usr/share/man/fr/man8/usermod.8.gz
+/usr/share/man/fr/man8/vigr.8.gz
+/usr/share/man/fr/man8/vipw.8.gz
+/usr/share/man/hu
+/usr/share/man/hu/man1
+/usr/share/man/hu/man1/chsh.1.gz
+/usr/share/man/hu/man1/gpasswd.1.gz
+/usr/share/man/hu/man1/passwd.1.gz
+/usr/share/man/hu/man5
+/usr/share/man/hu/man5/passwd.5.gz
+/usr/share/man/id
+/usr/share/man/id/man1
+/usr/share/man/id/man1/chsh.1.gz
+/usr/share/man/id/man8
+/usr/share/man/id/man8/useradd.8.gz
+/usr/share/man/it
+/usr/share/man/it/man1
+/usr/share/man/it/man1/chage.1.gz
+/usr/share/man/it/man1/chfn.1.gz
+/usr/share/man/it/man1/chsh.1.gz
+/usr/share/man/it/man1/expiry.1.gz
+/usr/share/man/it/man1/gpasswd.1.gz
+/usr/share/man/it/man1/passwd.1.gz
+/usr/share/man/it/man5
+/usr/share/man/it/man5/gshadow.5.gz
+/usr/share/man/it/man5/passwd.5.gz
+/usr/share/man/it/man5/shadow.5.gz
+/usr/share/man/it/man8
+/usr/share/man/it/man8/chpasswd.8.gz
+/usr/share/man/it/man8/groupadd.8.gz
+/usr/share/man/it/man8/groupdel.8.gz
+/usr/share/man/it/man8/groupmems.8.gz
+/usr/share/man/it/man8/groupmod.8.gz
+/usr/share/man/it/man8/grpck.8.gz
+/usr/share/man/it/man8/grpconv.8.gz
+/usr/share/man/it/man8/grpunconv.8.gz
+/usr/share/man/it/man8/newusers.8.gz
+/usr/share/man/it/man8/pwck.8.gz
+/usr/share/man/it/man8/pwconv.8.gz
+/usr/share/man/it/man8/pwunconv.8.gz
+/usr/share/man/it/man8/useradd.8.gz
+/usr/share/man/it/man8/userdel.8.gz
+/usr/share/man/it/man8/usermod.8.gz
+/usr/share/man/it/man8/vigr.8.gz
+/usr/share/man/it/man8/vipw.8.gz
+/usr/share/man/ja
+/usr/share/man/ja/man1
+/usr/share/man/ja/man1/chage.1.gz
+/usr/share/man/ja/man1/chfn.1.gz
+/usr/share/man/ja/man1/chsh.1.gz
+/usr/share/man/ja/man1/expiry.1.gz
+/usr/share/man/ja/man1/gpasswd.1.gz
+/usr/share/man/ja/man1/passwd.1.gz
+/usr/share/man/ja/man5
+/usr/share/man/ja/man5/passwd.5.gz
+/usr/share/man/ja/man5/shadow.5.gz
+/usr/share/man/ja/man8
+/usr/share/man/ja/man8/chpasswd.8.gz
+/usr/share/man/ja/man8/groupadd.8.gz
+/usr/share/man/ja/man8/groupdel.8.gz
+/usr/share/man/ja/man8/groupmod.8.gz
+/usr/share/man/ja/man8/grpck.8.gz
+/usr/share/man/ja/man8/grpconv.8.gz
+/usr/share/man/ja/man8/grpunconv.8.gz
+/usr/share/man/ja/man8/newusers.8.gz
+/usr/share/man/ja/man8/pwck.8.gz
+/usr/share/man/ja/man8/pwconv.8.gz
+/usr/share/man/ja/man8/pwunconv.8.gz
+/usr/share/man/ja/man8/shadowconfig.8.gz
+/usr/share/man/ja/man8/useradd.8.gz
+/usr/share/man/ja/man8/userdel.8.gz
+/usr/share/man/ja/man8/usermod.8.gz
+/usr/share/man/ja/man8/vigr.8.gz
+/usr/share/man/ja/man8/vipw.8.gz
+/usr/share/man/ko
+/usr/share/man/ko/man1
+/usr/share/man/ko/man1/chfn.1.gz
+/usr/share/man/ko/man1/chsh.1.gz
+/usr/share/man/ko/man5
+/usr/share/man/ko/man5/passwd.5.gz
+/usr/share/man/ko/man8
+/usr/share/man/ko/man8/vigr.8.gz
+/usr/share/man/ko/man8/vipw.8.gz
+/usr/share/man/man1
+/usr/share/man/man1/chage.1.gz
+/usr/share/man/man1/chfn.1.gz
+/usr/share/man/man1/chsh.1.gz
+/usr/share/man/man1/expiry.1.gz
+/usr/share/man/man1/gpasswd.1.gz
+/usr/share/man/man1/passwd.1.gz
+/usr/share/man/man5
+/usr/share/man/man5/gshadow.5.gz
+/usr/share/man/man5/passwd.5.gz
+/usr/share/man/man5/shadow.5.gz
+/usr/share/man/man5/subgid.5.gz
+/usr/share/man/man5/subuid.5.gz
+/usr/share/man/man8
+/usr/share/man/man8/chgpasswd.8.gz
+/usr/share/man/man8/chpasswd.8.gz
+/usr/share/man/man8/cpgr.8.gz
+/usr/share/man/man8/cppw.8.gz
+/usr/share/man/man8/groupadd.8.gz
+/usr/share/man/man8/groupdel.8.gz
+/usr/share/man/man8/groupmems.8.gz
+/usr/share/man/man8/groupmod.8.gz
+/usr/share/man/man8/grpck.8.gz
+/usr/share/man/man8/grpconv.8.gz
+/usr/share/man/man8/grpunconv.8.gz
+/usr/share/man/man8/newusers.8.gz
+/usr/share/man/man8/pwck.8.gz
+/usr/share/man/man8/pwconv.8.gz
+/usr/share/man/man8/pwunconv.8.gz
+/usr/share/man/man8/shadowconfig.8.gz
+/usr/share/man/man8/useradd.8.gz
+/usr/share/man/man8/userdel.8.gz
+/usr/share/man/man8/usermod.8.gz
+/usr/share/man/man8/vigr.8.gz
+/usr/share/man/man8/vipw.8.gz
+/usr/share/man/pl
+/usr/share/man/pl/man1
+/usr/share/man/pl/man1/chage.1.gz
+/usr/share/man/pl/man1/chsh.1.gz
+/usr/share/man/pl/man1/expiry.1.gz
+/usr/share/man/pl/man8
+/usr/share/man/pl/man8/groupadd.8.gz
+/usr/share/man/pl/man8/groupdel.8.gz
+/usr/share/man/pl/man8/groupmems.8.gz
+/usr/share/man/pl/man8/groupmod.8.gz
+/usr/share/man/pl/man8/grpck.8.gz
+/usr/share/man/pl/man8/shadowconfig.8.gz
+/usr/share/man/pl/man8/userdel.8.gz
+/usr/share/man/pl/man8/usermod.8.gz
+/usr/share/man/pl/man8/vigr.8.gz
+/usr/share/man/pl/man8/vipw.8.gz
+/usr/share/man/pt_BR
+/usr/share/man/pt_BR/man1
+/usr/share/man/pt_BR/man1/gpasswd.1.gz
+/usr/share/man/pt_BR/man5
+/usr/share/man/pt_BR/man5/passwd.5.gz
+/usr/share/man/pt_BR/man5/shadow.5.gz
+/usr/share/man/pt_BR/man8
+/usr/share/man/pt_BR/man8/groupadd.8.gz
+/usr/share/man/pt_BR/man8/groupdel.8.gz
+/usr/share/man/pt_BR/man8/groupmod.8.gz
+/usr/share/man/ru
+/usr/share/man/ru/man1
+/usr/share/man/ru/man1/chage.1.gz
+/usr/share/man/ru/man1/chfn.1.gz
+/usr/share/man/ru/man1/chsh.1.gz
+/usr/share/man/ru/man1/expiry.1.gz
+/usr/share/man/ru/man1/gpasswd.1.gz
+/usr/share/man/ru/man1/passwd.1.gz
+/usr/share/man/ru/man5
+/usr/share/man/ru/man5/gshadow.5.gz
+/usr/share/man/ru/man5/passwd.5.gz
+/usr/share/man/ru/man5/shadow.5.gz
+/usr/share/man/ru/man8
+/usr/share/man/ru/man8/chpasswd.8.gz
+/usr/share/man/ru/man8/groupadd.8.gz
+/usr/share/man/ru/man8/groupdel.8.gz
+/usr/share/man/ru/man8/groupmems.8.gz
+/usr/share/man/ru/man8/groupmod.8.gz
+/usr/share/man/ru/man8/grpck.8.gz
+/usr/share/man/ru/man8/grpconv.8.gz
+/usr/share/man/ru/man8/grpunconv.8.gz
+/usr/share/man/ru/man8/newusers.8.gz
+/usr/share/man/ru/man8/pwck.8.gz
+/usr/share/man/ru/man8/pwconv.8.gz
+/usr/share/man/ru/man8/pwunconv.8.gz
+/usr/share/man/ru/man8/useradd.8.gz
+/usr/share/man/ru/man8/userdel.8.gz
+/usr/share/man/ru/man8/usermod.8.gz
+/usr/share/man/ru/man8/vigr.8.gz
+/usr/share/man/ru/man8/vipw.8.gz
+/usr/share/man/sv
+/usr/share/man/sv/man1
+/usr/share/man/sv/man1/chage.1.gz
+/usr/share/man/sv/man1/chsh.1.gz
+/usr/share/man/sv/man1/expiry.1.gz
+/usr/share/man/sv/man1/passwd.1.gz
+/usr/share/man/sv/man5
+/usr/share/man/sv/man5/gshadow.5.gz
+/usr/share/man/sv/man5/passwd.5.gz
+/usr/share/man/sv/man8
+/usr/share/man/sv/man8/groupadd.8.gz
+/usr/share/man/sv/man8/groupdel.8.gz
+/usr/share/man/sv/man8/groupmems.8.gz
+/usr/share/man/sv/man8/groupmod.8.gz
+/usr/share/man/sv/man8/grpck.8.gz
+/usr/share/man/sv/man8/pwck.8.gz
+/usr/share/man/sv/man8/userdel.8.gz
+/usr/share/man/sv/man8/vigr.8.gz
+/usr/share/man/sv/man8/vipw.8.gz
+/usr/share/man/tr
+/usr/share/man/tr/man1
+/usr/share/man/tr/man1/chage.1.gz
+/usr/share/man/tr/man1/chfn.1.gz
+/usr/share/man/tr/man1/passwd.1.gz
+/usr/share/man/tr/man5
+/usr/share/man/tr/man5/passwd.5.gz
+/usr/share/man/tr/man5/shadow.5.gz
+/usr/share/man/tr/man8
+/usr/share/man/tr/man8/groupadd.8.gz
+/usr/share/man/tr/man8/groupdel.8.gz
+/usr/share/man/tr/man8/groupmod.8.gz
+/usr/share/man/tr/man8/useradd.8.gz
+/usr/share/man/tr/man8/userdel.8.gz
+/usr/share/man/tr/man8/usermod.8.gz
+/usr/share/man/zh_CN
+/usr/share/man/zh_CN/man1
+/usr/share/man/zh_CN/man1/chage.1.gz
+/usr/share/man/zh_CN/man1/chfn.1.gz
+/usr/share/man/zh_CN/man1/chsh.1.gz
+/usr/share/man/zh_CN/man1/expiry.1.gz
+/usr/share/man/zh_CN/man1/gpasswd.1.gz
+/usr/share/man/zh_CN/man1/passwd.1.gz
+/usr/share/man/zh_CN/man5
+/usr/share/man/zh_CN/man5/gshadow.5.gz
+/usr/share/man/zh_CN/man5/passwd.5.gz
+/usr/share/man/zh_CN/man5/shadow.5.gz
+/usr/share/man/zh_CN/man8
+/usr/share/man/zh_CN/man8/chpasswd.8.gz
+/usr/share/man/zh_CN/man8/groupadd.8.gz
+/usr/share/man/zh_CN/man8/groupdel.8.gz
+/usr/share/man/zh_CN/man8/groupmems.8.gz
+/usr/share/man/zh_CN/man8/groupmod.8.gz
+/usr/share/man/zh_CN/man8/grpck.8.gz
+/usr/share/man/zh_CN/man8/grpconv.8.gz
+/usr/share/man/zh_CN/man8/grpunconv.8.gz
+/usr/share/man/zh_CN/man8/newusers.8.gz
+/usr/share/man/zh_CN/man8/pwck.8.gz
+/usr/share/man/zh_CN/man8/pwconv.8.gz
+/usr/share/man/zh_CN/man8/pwunconv.8.gz
+/usr/share/man/zh_CN/man8/useradd.8.gz
+/usr/share/man/zh_CN/man8/userdel.8.gz
+/usr/share/man/zh_CN/man8/usermod.8.gz
+/usr/share/man/zh_CN/man8/vigr.8.gz
+/usr/share/man/zh_CN/man8/vipw.8.gz
+/usr/share/man/zh_TW
+/usr/share/man/zh_TW/man1
+/usr/share/man/zh_TW/man1/chfn.1.gz
+/usr/share/man/zh_TW/man1/chsh.1.gz
+/usr/share/man/zh_TW/man5
+/usr/share/man/zh_TW/man5/passwd.5.gz
+/usr/share/man/zh_TW/man8
+/usr/share/man/zh_TW/man8/chpasswd.8.gz
+/usr/share/man/zh_TW/man8/groupadd.8.gz
+/usr/share/man/zh_TW/man8/groupdel.8.gz
+/usr/share/man/zh_TW/man8/groupmod.8.gz
+/usr/share/man/zh_TW/man8/useradd.8.gz
+/usr/share/man/zh_TW/man8/userdel.8.gz
+/usr/share/man/zh_TW/man8/usermod.8.gz
diff --git a/tests/debian/01/run b/tests/debian/01/run
new file mode 100755
index 0000000..6db7cf0
--- /dev/null
+++ b/tests/debian/01/run
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# The goal of this test is to check the distributed files (as debdiff)
+
+save()
+{
+ [ ! -d tmp ] && mkdir tmp
+}
+
+restore()
+{
+ rm tmp/login_files tmp/passwd_files
+ rmdir tmp
+}
+
+save
+
+trap 'restore' 0
+
+dpkg -L login | sort > tmp/login_files
+dpkg -L passwd | sort > tmp/passwd_files
+
+echo -n "Checking the login files..."
+diff -u data/login_files tmp/login_files
+echo "OK"
+echo -n "Checking the passwd files..."
+diff -u data/passwd_files tmp/passwd_files
+echo OK
+
diff --git a/tests/debian/02/run b/tests/debian/02/run
new file mode 100755
index 0000000..a305c37
--- /dev/null
+++ b/tests/debian/02/run
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+# This test check if passwd or login provide files also distributed by
+# another package.
+# The goal is to detect new package for the Replaces or Conflicts fields,
+# or to tighten these relationships.
+#
+# It supposes that we will at least Replaces/Conflicts on the i386
+# architecture.
+
+wget -c http://ftp2.fr.debian.org/debian/dists/unstable/Contents-i386.gz
+
+for pkg in login passwd
+ do
+ dpkg -L $pkg | sed -e 's/^\///' |
+ {
+ while read file
+ do
+ [ -f "/$file" ] && echo "^$file "
+ done
+ } > files
+
+ echo "List of files that the $pkg package currently replaces:"
+ zgrep -E -f files Contents-i386.gz | grep -Ev " admin/(login|passwd)$"
+done
+
+rm -f files Contents-i386.gz
+
diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/group b/tests/expiry/01_expiry_-c_no_expiry/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/gshadow b/tests/expiry/01_expiry_-c_no_expiry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/passwd b/tests/expiry/01_expiry_-c_no_expiry/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/shadow b/tests/expiry/01_expiry_-c_no_expiry/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/01_expiry_-c_no_expiry/expiry.exp b/tests/expiry/01_expiry_-c_no_expiry/expiry.exp
new file mode 100755
index 0000000..a24b624
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/01_expiry_-c_no_expiry/expiry.test b/tests/expiry/01_expiry_-c_no_expiry/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/group b/tests/expiry/02_expiry_-c_expired/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/gshadow b/tests/expiry/02_expiry_-c_expired/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/passwd b/tests/expiry/02_expiry_-c_expired/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/shadow b/tests/expiry/02_expiry_-c_expired/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/02_expiry_-c_expired/expiry.exp b/tests/expiry/02_expiry_-c_expired/expiry.exp
new file mode 100755
index 0000000..a2dd1ba
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "1"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/02_expiry_-c_expired/expiry.test b/tests/expiry/02_expiry_-c_expired/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/group b/tests/expiry/03_expiry_-f_expired/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/gshadow b/tests/expiry/03_expiry_-f_expired/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/pam.d/common-password b/tests/expiry/03_expiry_-f_expired/config/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords. Without this option,
+# the default is Unix crypt. Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/passwd b/tests/expiry/03_expiry_-f_expired/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/shadow b/tests/expiry/03_expiry_-f_expired/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/03_expiry_-f_expired/data/shadow b/tests/expiry/03_expiry_-f_expired/data/shadow
new file mode 100644
index 0000000..83da315
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/data/shadow
@@ -0,0 +1,20 @@
+root:@PASS_SHA512 password@:@TODAY@:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/03_expiry_-f_expired/expiry.exp b/tests/expiry/03_expiry_-f_expired/expiry.exp
new file mode 100755
index 0000000..5f1b960
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/expiry.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -f\r"
+expect "Your password has expired. Choose a new password."
+expect "Enter new UNIX password: "
+send "password\r"
+expect "Retype new UNIX password: "
+send "password\r"
+expect "passwd: password updated successfully"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/03_expiry_-f_expired/expiry.test b/tests/expiry/03_expiry_-f_expired/expiry.test
new file mode 100755
index 0000000..252afb1
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/04_expiry_no_options/config/etc/group b/tests/expiry/04_expiry_no_options/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/04_expiry_no_options/config/etc/gshadow b/tests/expiry/04_expiry_no_options/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/04_expiry_no_options/config/etc/passwd b/tests/expiry/04_expiry_no_options/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/04_expiry_no_options/config/etc/shadow b/tests/expiry/04_expiry_no_options/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/04_expiry_no_options/data/usage.out b/tests/expiry/04_expiry_no_options/data/usage.out
new file mode 100644
index 0000000..ab67c87
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/data/usage.out
@@ -0,0 +1,8 @@
+Usage: expiry [options]
+
+Options:
+ -c, --check check the user's password expiration
+ -f, --force force password change if the user's password
+ is expired
+ -h, --help display this help message and exit
+
diff --git a/tests/expiry/04_expiry_no_options/expiry.test b/tests/expiry/04_expiry_no_options/expiry.test
new file mode 100755
index 0000000..02c6cbb
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/expiry.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry provides an Usage message if no options are given"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call expiry without any option (expiry)..."
+expiry 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "expiry reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/group b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/gshadow b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/passwd b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/shadow b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/expiry.exp b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.exp
new file mode 100755
index 0000000..a24b624
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/expiry.test b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.test
new file mode 100755
index 0000000..0251edd
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that there are no shadow files..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/group b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/gshadow b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/passwd b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/shadow b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..3789b9f
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.exp b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.exp
new file mode 100755
index 0000000..a24b624
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.test b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/group b/tests/expiry/07_expiry_-c_expired_account/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/gshadow b/tests/expiry/07_expiry_-c_expired_account/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/passwd b/tests/expiry/07_expiry_-c_expired_account/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/shadow b/tests/expiry/07_expiry_-c_expired_account/config/etc/shadow
new file mode 100644
index 0000000..319082d
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7::13000:
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/07_expiry_-c_expired_account/expiry.exp b/tests/expiry/07_expiry_-c_expired_account/expiry.exp
new file mode 100755
index 0000000..1f69e79
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "3"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/07_expiry_-c_expired_account/expiry.test b/tests/expiry/07_expiry_-c_expired_account/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/group b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/gshadow b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/passwd b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/shadow b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/shadow
new file mode 100644
index 0000000..65489e7
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:10:7:10::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/expiry.exp b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.exp
new file mode 100755
index 0000000..9ad091f
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "2"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/expiry.test b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/group b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/gshadow b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/passwd b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/shadow b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/shadow
new file mode 100644
index 0000000..bf371c0
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:9000:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.exp b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.exp
new file mode 100755
index 0000000..a24b624
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.test b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/10_expiry_bad_option/config/etc/group b/tests/expiry/10_expiry_bad_option/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/10_expiry_bad_option/config/etc/gshadow b/tests/expiry/10_expiry_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/10_expiry_bad_option/config/etc/passwd b/tests/expiry/10_expiry_bad_option/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/10_expiry_bad_option/config/etc/shadow b/tests/expiry/10_expiry_bad_option/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/10_expiry_bad_option/data/usage.out b/tests/expiry/10_expiry_bad_option/data/usage.out
new file mode 100644
index 0000000..c2d9716
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/data/usage.out
@@ -0,0 +1,9 @@
+expiry: invalid option -- 'Z'
+Usage: expiry [options]
+
+Options:
+ -c, --check check the user's password expiration
+ -f, --force force password change if the user's password
+ is expired
+ -h, --help display this help message and exit
+
diff --git a/tests/expiry/10_expiry_bad_option/expiry.test b/tests/expiry/10_expiry_bad_option/expiry.test
new file mode 100755
index 0000000..bcbbb60
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/expiry.test
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+log_start "$0" "expiry provides an Usage message if an invalid option is given"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call expiry with an invalid option (expiry -Z)..."
+expiry -Z 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "expiry reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/11_expiry_usage/config/etc/group b/tests/expiry/11_expiry_usage/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/11_expiry_usage/config/etc/gshadow b/tests/expiry/11_expiry_usage/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/11_expiry_usage/config/etc/passwd b/tests/expiry/11_expiry_usage/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/11_expiry_usage/config/etc/shadow b/tests/expiry/11_expiry_usage/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/11_expiry_usage/data/usage.out b/tests/expiry/11_expiry_usage/data/usage.out
new file mode 100644
index 0000000..ab67c87
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/data/usage.out
@@ -0,0 +1,8 @@
+Usage: expiry [options]
+
+Options:
+ -c, --check check the user's password expiration
+ -f, --force force password change if the user's password
+ is expired
+ -h, --help display this help message and exit
+
diff --git a/tests/expiry/11_expiry_usage/expiry.test b/tests/expiry/11_expiry_usage/expiry.test
new file mode 100755
index 0000000..8aa7aaf
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/expiry.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+log_start "$0" "expiry can displayits usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get expiry usage message (expiry --help)..."
+expiry --help >tmp/usage.out
+echo "OK"
+
+echo "expiry reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/group b/tests/expiry/12_expiry_extra_arg/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/gshadow b/tests/expiry/12_expiry_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/passwd b/tests/expiry/12_expiry_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/shadow b/tests/expiry/12_expiry_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/12_expiry_extra_arg/data/usage.out b/tests/expiry/12_expiry_extra_arg/data/usage.out
new file mode 100644
index 0000000..f250f48
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/data/usage.out
@@ -0,0 +1,9 @@
+expiry: unexpected argument: foo
+Usage: expiry [options]
+
+Options:
+ -c, --check check the user's password expiration
+ -f, --force force password change if the user's password
+ is expired
+ -h, --help display this help message and exit
+
diff --git a/tests/expiry/12_expiry_extra_arg/expiry.test b/tests/expiry/12_expiry_extra_arg/expiry.test
new file mode 100755
index 0000000..ea6fa08
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/expiry.test
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+log_start "$0" "expiry check that no argument remain onthecommand line"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call expiry with an extra argument (expiry -f foo)..."
+expiry -f foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "expiry reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/group b/tests/expiry/13_expiry_usage-c-f/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/gshadow b/tests/expiry/13_expiry_usage-c-f/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/passwd b/tests/expiry/13_expiry_usage-c-f/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/shadow b/tests/expiry/13_expiry_usage-c-f/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/13_expiry_usage-c-f/data/usage.out b/tests/expiry/13_expiry_usage-c-f/data/usage.out
new file mode 100644
index 0000000..d0305e3
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/data/usage.out
@@ -0,0 +1,9 @@
+expiry: options -c and -f conflict
+Usage: expiry [options]
+
+Options:
+ -c, --check check the user's password expiration
+ -f, --force force password change if the user's password
+ is expired
+ -h, --help display this help message and exit
+
diff --git a/tests/expiry/13_expiry_usage-c-f/expiry.test b/tests/expiry/13_expiry_usage-c-f/expiry.test
new file mode 100755
index 0000000..8a6a14a
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/expiry.test
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+log_start "$0" "expiry check that the -c and -f flags are not used at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call expiry with the -c and -f flags (expiry -f -c)..."
+expiry -f -c 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "expiry reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/chage.test b/tests/failures/chage/01_chage_openRW_passwd_failure/chage.test
new file mode 100755
index 0000000..9ae1ff7
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's shell (chage -I 12 bin)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd chage -I 12 bin 2>tmp/chage.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config.txt b/tests/failures/chage/01_chage_openRW_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/group b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/gshadow b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/login.defs b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/passwd b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/shadow b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/data/chage.err b/tests/failures/chage/01_chage_openRW_passwd_failure/data/chage.err
new file mode 100644
index 0000000..bdfd8e2
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/data/chage.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+chage: cannot open /etc/passwd
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/chage.test b/tests/failures/chage/02_chage_openRO_passwd_failure/chage.test
new file mode 100755
index 0000000..23df6c6
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's shell (chage -l bin)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/passwd chage -l bin 2>tmp/chage.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config.txt b/tests/failures/chage/02_chage_openRO_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/group b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/gshadow b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/login.defs b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/passwd b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/shadow b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/data/chage.err b/tests/failures/chage/02_chage_openRO_passwd_failure/data/chage.err
new file mode 100644
index 0000000..38f6955
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/data/chage.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 0 ...
+chage: cannot open /etc/passwd
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/chage.test b/tests/failures/chage/03_chage_openRW_shadow_failure/chage.test
new file mode 100755
index 0000000..1469b78
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's shell (chage -I 12 bin)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow chage -I 12 bin 2>tmp/chage.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config.txt b/tests/failures/chage/03_chage_openRW_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/group b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/gshadow b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/login.defs b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/passwd b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/shadow b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/data/chage.err b/tests/failures/chage/03_chage_openRW_shadow_failure/data/chage.err
new file mode 100644
index 0000000..a814928
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/data/chage.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+chage: cannot open /etc/shadow
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/chage.test b/tests/failures/chage/04_chage_openRO_shadow_failure/chage.test
new file mode 100755
index 0000000..55a0a94
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's shell (chage -l bin)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/shadow chage -l bin 2>tmp/chage.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config.txt b/tests/failures/chage/04_chage_openRO_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/group b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/gshadow b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/login.defs b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/passwd b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/shadow b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/data/chage.err b/tests/failures/chage/04_chage_openRO_shadow_failure/data/chage.err
new file mode 100644
index 0000000..38aeca7
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/data/chage.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 0 ...
+chage: cannot open /etc/shadow
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/chage.test b/tests/failures/chage/05_chage_rename_shadow_failure/chage.test
new file mode 100755
index 0000000..e5e406a
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures to write the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's inactivity period (chage -I 12 bin)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow chage -I 12 bin 2>tmp/chage.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config.txt b/tests/failures/chage/05_chage_rename_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/group b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/gshadow b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/login.defs b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/passwd b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/shadow b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/data/chage.err b/tests/failures/chage/05_chage_rename_shadow_failure/data/chage.err
new file mode 100644
index 0000000..963f430
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/data/chage.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+chage: failure while writing changes to /etc/shadow
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/chage.test b/tests/failures/chage/06_chage_rename_passwd_failure/chage.test
new file mode 100755
index 0000000..bd27260
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures to write the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's inactivity period (chage -I 12 bin)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd chage -I 12 bin 2>tmp/chage.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config.txt b/tests/failures/chage/06_chage_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/group b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/gshadow b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/login.defs b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/passwd b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/shadow b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/data/chage.err b/tests/failures/chage/06_chage_rename_passwd_failure/data/chage.err
new file mode 100644
index 0000000..188d7dd
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/data/chage.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+chage: failure while writing changes to /etc/passwd
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/data/shadow b/tests/failures/chage/06_chage_rename_passwd_failure/data/shadow
new file mode 100644
index 0000000..d32d937
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*:::::12::
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test
new file mode 100755
index 0000000..e0cedc9
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config.txt b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/group b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/gshadow b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/login.defs b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/passwd b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/shadow b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/data/chgpasswd.err b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/data/chgpasswd.err
new file mode 100644
index 0000000..572aa4a
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/data/chgpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+chgpasswd: cannot open /etc/group
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test
new file mode 100755
index 0000000..784ed0a
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config.txt b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/group b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/gshadow b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/login.defs b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/passwd b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/shadow b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/data/chgpasswd.err b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/data/chgpasswd.err
new file mode 100644
index 0000000..9db820b
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/data/chgpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+chgpasswd: cannot open /etc/gshadow
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test
new file mode 100755
index 0000000..7e8894a
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config.txt b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/group b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/group
new file mode 100644
index 0000000..aa30237
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:foo:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/gshadow b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..1b92e48
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/login.defs b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/passwd b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/shadow b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/shadow
new file mode 100644
index 0000000..5ef6dfe
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/chgpasswd.err b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/chgpasswd.err
new file mode 100644
index 0000000..0fb48ad
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/chgpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+chgpasswd: failure while writing changes to /etc/group
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/gshadow b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/gshadow
new file mode 100644
index 0000000..03d3b45
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:test2::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test
new file mode 100755
index 0000000..135f912
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config.txt b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/group b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/gshadow b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/login.defs b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/passwd b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..ae5682b
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/shadow b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5ef6dfe
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/data/chgpasswd.err b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/data/chgpasswd.err
new file mode 100644
index 0000000..187a8eb
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/data/chgpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+chgpasswd: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test
new file mode 100755
index 0000000..e161ecf
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config.txt b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/group b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/data/chpasswd.err
new file mode 100644
index 0000000..e9e6282
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/data/chpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+chpasswd: cannot open /etc/passwd
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test
new file mode 100755
index 0000000..90060b9
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config.txt b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/group b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/data/chpasswd.err
new file mode 100644
index 0000000..11554c1
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/data/chpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+chpasswd: cannot open /etc/shadow
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test
new file mode 100755
index 0000000..6bd8f60
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config.txt b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/group b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..ae5682b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..5ef6dfe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/chpasswd.err
new file mode 100644
index 0000000..0d71e50
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/chpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+chpasswd: failure while writing changes to /etc/passwd
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/shadow b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/shadow
new file mode 100644
index 0000000..08fa354
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:test2:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test
new file mode 100755
index 0000000..53fc373
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd reports failure to write /etc/shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config.txt b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/group b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..ae5682b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5ef6dfe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/data/chpasswd.err
new file mode 100644
index 0000000..dbe7aea
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/data/chpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+chpasswd: failure while writing changes to /etc/shadow
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test
new file mode 100755
index 0000000..049ebb9
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | LD_PRELOAD=../../../common/time_0.so chpasswd -e 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config.txt b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/group b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/gshadow b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/passwd b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/shadow b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/data/shadow b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/data/shadow
new file mode 100644
index 0000000..f7aa7c0
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:test2::0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test::0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/chsh.test b/tests/failures/chsh/01_chsh_open_passwd_failure/chsh.test
new file mode 100755
index 0000000..3e0e4a1
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/chsh.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chsh report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's shell (chsh -s /bin/sh bin)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd chsh -s /bin/sh bin 2>tmp/chsh.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "error message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config.txt b/tests/failures/chsh/01_chsh_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/group b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/gshadow b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/login.defs b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/passwd b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/shadow b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/data/chsh.err b/tests/failures/chsh/01_chsh_open_passwd_failure/data/chsh.err
new file mode 100644
index 0000000..0bf9b92
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/data/chsh.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+chsh: cannot open /etc/passwd
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/chsh.test b/tests/failures/chsh/02_chsh_rename_passwd_failure/chsh.test
new file mode 100755
index 0000000..e2c5ecd
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/chsh.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chsh report failures to write the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's shell (chsh -s /bin/sh bin)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd chsh -s /bin/sh bin 2>tmp/chsh.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "error message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config.txt b/tests/failures/chsh/02_chsh_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/group b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/gshadow b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/login.defs b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/passwd b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/shadow b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/data/chsh.err b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/chsh.err
new file mode 100644
index 0000000..958bf31
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/chsh.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+chsh: failure while writing changes to /etc/passwd
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/data/shadow b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/shadow
new file mode 100644
index 0000000..b678d83
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/shadow
@@ -0,0 +1,20 @@
+root:*:@TODAY@:0:99999:7:::
+daemon:*:@TODAY@:0:99999:7:::
+bin:*:@TODAY@:0:99999:7:::
+sys:*:@TODAY@:0:99999:7:::
+sync:*:@TODAY@:0:99999:7:::
+games:*:@TODAY@:0:99999:7:::
+man:*:@TODAY@:0:99999:7:::
+lp:*:@TODAY@:0:99999:7:::
+mail:*:@TODAY@:0:99999:7:::
+news:*:@TODAY@:0:99999:7:::
+uucp:*:@TODAY@:0:99999:7:::
+proxy:*:@TODAY@:0:99999:7:::
+www-data:*:@TODAY@:0:99999:7:::
+backup:*:@TODAY@:0:99999:7:::
+list:*:@TODAY@:0:99999:7:::
+irc:*:@TODAY@:0:99999:7:::
+gnats:*:@TODAY@:0:99999:7:::
+nobody:*:@TODAY@:0:99999:7:::
+Debian-exim:*:@TODAY@:0:99999:7:::
+foo:abc:@TODAY@:0:99999:7:::
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config.txt b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/group b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/gshadow b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/login.defs b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/passwd b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/shadow b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/cppw.test b/tests/failures/cppw/01_cppw_open_passwd_in_failure/cppw.test
new file mode 100755
index 0000000..57aa57b
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "cppw report failures when it cannot open the input passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Copy data/passwd (cppw data/passwd)..."
+LD_PRELOAD=../../../common/fopen_failure.so FAILURE_PATH=data/passwd /usr/sbin/cppw data/passwd 2>tmp/cppw.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/cppw.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/cppw.err tmp/cppw.err
+echo "error message OK."
+rm -f tmp/cppw.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/cppw.err b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/cppw.err
new file mode 100644
index 0000000..3816592
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/cppw.err
@@ -0,0 +1,3 @@
+fopen64 FAILURE data/passwd r ...
+cppw: data/passwd: Input/output error
+cppw: /etc/passwd is unchanged
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/passwd b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/passwd
new file mode 100644
index 0000000..e8e3c39
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/passwd
@@ -0,0 +1,17 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config.txt b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/group b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/gshadow b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/login.defs b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/passwd b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/shadow b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test
new file mode 100755
index 0000000..5ae4ef0
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "cppw report failures when it cannot open the input passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Copy data/passwd (cppw data/passwd)..."
+LD_PRELOAD=../../../common/fopen_failure.so FAILURE_PATH=/etc/passwd.new cppw data/passwd 2>tmp/cppw.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/cppw.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/cppw.err tmp/cppw.err
+echo "error message OK."
+rm -f tmp/cppw.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/cppw.err b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/cppw.err
new file mode 100644
index 0000000..78606fd
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/cppw.err
@@ -0,0 +1,3 @@
+fopen64 FAILURE /etc/passwd.new w ...
+cppw: Couldn't make copy: Input/output error
+cppw: /etc/passwd is unchanged
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/passwd b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/passwd
new file mode 100644
index 0000000..e8e3c39
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/passwd
@@ -0,0 +1,17 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config.txt b/tests/failures/cppw/03_cppw_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/group b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/gshadow b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/login.defs b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/passwd b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/shadow b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/cppw.test b/tests/failures/cppw/03_cppw_rename_passwd_failure/cppw.test
new file mode 100755
index 0000000..2e809a7
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "cppw report failures to write the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Copy data/passwd (cppw data/passwd)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd cppw data/passwd 2>tmp/cppw.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/cppw.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/cppw.err tmp/cppw.err
+echo "error message OK."
+rm -f tmp/cppw.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/data/cppw.err b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/cppw.err
new file mode 100644
index 0000000..7e27e3e
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/cppw.err
@@ -0,0 +1,3 @@
+rename FAILURE /etc/passwd.new /etc/passwd
+cppw: can't copy /etc/passwd.new: Input/output error)
+cppw: /etc/passwd is unchanged
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/data/passwd b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/passwd
new file mode 100644
index 0000000..e8e3c39
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/passwd
@@ -0,0 +1,17 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config.txt b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/group b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/01_gpasswd_group_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..b159e54
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+gpasswd: cannot open /etc/group
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test b/tests/failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test
new file mode 100755
index 0000000..a338a97
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -M root foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config.txt b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/group b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/gshadow b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/login.defs b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/passwd b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/shadow b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/data/gpasswd.err b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..7d0a31a
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+gpasswd: cannot open /etc/gshadow
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test
new file mode 100755
index 0000000..253afcf
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -M root foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config.txt b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/group b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..b159e54
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+gpasswd: cannot open /etc/group
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test
new file mode 100755
index 0000000..2b2e663
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -a root foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -a root foo 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config.txt b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/group b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..b159e54
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+gpasswd: cannot open /etc/group
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test
new file mode 100755
index 0000000..b52772e
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -d foo users)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -d foo users 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config.txt b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/group b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..b159e54
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+gpasswd: cannot open /etc/group
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test
new file mode 100755
index 0000000..2c34af4
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -r foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -r foo 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config.txt b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/group b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/gshadow b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/login.defs b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/passwd b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/shadow b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/data/gpasswd.err b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..7d0a31a
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+gpasswd: cannot open /etc/gshadow
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test
new file mode 100755
index 0000000..47c08e9
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -R foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow gpasswd -R foo 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config.txt b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/group b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/gshadow b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/login.defs b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/passwd b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/shadow b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/data/gpasswd.err b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..7d0a31a
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+gpasswd: cannot open /etc/gshadow
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test
new file mode 100755
index 0000000..84e92c1
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -A root foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow gpasswd -A root foo 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config.txt b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/group b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/gshadow b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/login.defs b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/passwd b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/shadow b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/data/gpasswd.err b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/data/gpasswd.err
new file mode 100644
index 0000000..448b6b3
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 0 ...
+gpasswd: cannot open /etc/group
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test
new file mode 100755
index 0000000..c4fc2a8
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -M root foo)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/group gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config.txt b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/group b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/gshadow b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/login.defs b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/passwd b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/shadow b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/data/gpasswd.err b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/data/gpasswd.err
new file mode 100644
index 0000000..b407c77
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 0 ...
+gpasswd: cannot open /etc/gshadow
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test
new file mode 100755
index 0000000..3093af9
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -M root foo)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/gshadow gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config.txt b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/group b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/gshadow b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/login.defs b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/passwd b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/shadow b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/data/gpasswd.err b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/data/gpasswd.err
new file mode 100644
index 0000000..ad9669b
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+gpasswd: failure while writing changes to /etc/group
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test
new file mode 100755
index 0000000..7b654ad
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot commit the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -a root foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group gpasswd -a root foo 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config.txt b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/group b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/gshadow b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/login.defs b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/passwd b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/shadow b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/gpasswd.err b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/gpasswd.err
new file mode 100644
index 0000000..75f3e72
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+gpasswd: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/group b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..f7ef7ea
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:root
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test
new file mode 100755
index 0000000..a7658f5
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot commit the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -a root foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow gpasswd -a root foo 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config.txt b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/group b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/gshadow b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/login.defs b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/passwd b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/shadow b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/group b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/groupadd.err b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/groupadd.err
new file mode 100644
index 0000000..add9af0
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/groupadd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+groupadd: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test
new file mode 100755
index 0000000..9114782
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd report failures to save a new gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow groupadd foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config.txt b/tests/failures/groupadd/02_groupadd_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/default/useradd b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/group b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/gshadow b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/login.defs b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/passwd b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/shadow b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/data/groupadd.err b/tests/failures/groupadd/02_groupadd_group_rename_failure/data/groupadd.err
new file mode 100644
index 0000000..62e2205
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/data/groupadd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+groupadd: failure while writing changes to /etc/group
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/groupadd.test b/tests/failures/groupadd/02_groupadd_group_rename_failure/groupadd.test
new file mode 100755
index 0000000..6cfac74
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd report failures to save a new group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group groupadd foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config.txt b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/group b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/passwd b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/shadow b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/data/groupadd.err b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/data/groupadd.err
new file mode 100644
index 0000000..820b124
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/data/groupadd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+groupadd: cannot open /etc/gshadow
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test
new file mode 100755
index 0000000..c00a1e3
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupadd foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config.txt b/tests/failures/groupadd/04_groupadd_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/default/useradd b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/group b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/gshadow b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/login.defs b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/passwd b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/shadow b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/data/groupadd.err b/tests/failures/groupadd/04_groupadd_group_open_failure/data/groupadd.err
new file mode 100644
index 0000000..ec69296
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/data/groupadd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+groupadd: cannot open /etc/group
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/groupadd.test b/tests/failures/groupadd/04_groupadd_group_open_failure/groupadd.test
new file mode 100755
index 0000000..a07a86a
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupadd foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config.txt b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/group b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..c8c759e
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/gshadow b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/login.defs b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/passwd b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/shadow b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/group b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/groupdel.err b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/groupdel.err
new file mode 100644
index 0000000..569464f
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/groupdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+groupdel: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test
new file mode 100755
index 0000000..5e4d8ad
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel report failures to save a new gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove group foo (groupdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow groupdel foo 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config.txt b/tests/failures/groupdel/02_groupdel_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/default/useradd b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/group b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..c8c759e
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/gshadow b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/login.defs b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/passwd b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/shadow b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/data/groupdel.err b/tests/failures/groupdel/02_groupdel_group_rename_failure/data/groupdel.err
new file mode 100644
index 0000000..b68ca55
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/data/groupdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+groupdel: failure while writing changes to /etc/group
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/groupdel.test b/tests/failures/groupdel/02_groupdel_group_rename_failure/groupdel.test
new file mode 100755
index 0000000..0be68eb
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel report failures to save a new group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove group foo (groupdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group groupdel foo 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config.txt b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/group b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..c8c759e
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/passwd b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/shadow b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/data/groupdel.err b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/data/groupdel.err
new file mode 100644
index 0000000..448878e
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/data/groupdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+groupdel: cannot open /etc/gshadow
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test
new file mode 100755
index 0000000..664ce9f
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove group foo (groupdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupdel foo 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config.txt b/tests/failures/groupdel/04_groupdel_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/default/useradd b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/group b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/group
new file mode 100644
index 0000000..c8c759e
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/gshadow b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/login.defs b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/passwd b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/shadow b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/data/groupdel.err b/tests/failures/groupdel/04_groupdel_group_open_failure/data/groupdel.err
new file mode 100644
index 0000000..212e9a1
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/data/groupdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+groupdel: cannot open /etc/group
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/groupdel.test b/tests/failures/groupdel/04_groupdel_group_open_failure/groupdel.test
new file mode 100755
index 0000000..8a05da7
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove group foo (groupdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupdel foo 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config.txt b/tests/failures/groupmems/01_groupmems_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/group b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/gshadow b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/passwd b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/shadow b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/data/groupmems.err b/tests/failures/groupmems/01_groupmems_group_open_failure/data/groupmems.err
new file mode 100644
index 0000000..1d13747
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/data/groupmems.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+groupmems: cannot open /etc/group
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/groupmems.test b/tests/failures/groupmems/01_groupmems_group_open_failure/groupmems.test
new file mode 100755
index 0000000..7b772cf
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/groupmems.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group 1001 (groupmems -g 1001 -a nobody)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupmems -g 1001 -a nobody 2>tmp/groupmems.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/groupmems.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmems.err tmp/groupmems.err
+echo "error message OK."
+rm -f tmp/groupmems.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config.txt b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/group b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/passwd b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/shadow b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/data/groupmems.err b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/data/groupmems.err
new file mode 100644
index 0000000..3e01ee1
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/data/groupmems.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+groupmems: cannot open /etc/gshadow
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test
new file mode 100755
index 0000000..8be4d6e
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group 1001 (groupmems -g 1001 -a nobody)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupmems -g 1001 -a nobody 2>tmp/groupmems.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/groupmems.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmems.err tmp/groupmems.err
+echo "error message OK."
+rm -f tmp/groupmems.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config.txt b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/group b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/gshadow b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/login.defs b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/passwd b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/shadow b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/group b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/groupmod.err b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/groupmod.err
new file mode 100644
index 0000000..652104e
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+groupmod: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test
new file mode 100755
index 0000000..4b19ee8
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow groupmod -n bar foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config.txt b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/default/useradd b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/group b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/gshadow b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/login.defs b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/passwd b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/shadow b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/group b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/groupmod.err b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/groupmod.err
new file mode 100644
index 0000000..ee51312
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+groupmod: failure while writing changes to /etc/passwd
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test
new file mode 100755
index 0000000..7b38a60
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod changes the primary group of users when it changes the GID of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config.txt b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/default/useradd b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/group b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/gshadow b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/login.defs b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/passwd b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/shadow b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/data/groupmod.err b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/data/groupmod.err
new file mode 100644
index 0000000..505d2d4
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+groupmod: failure while writing changes to /etc/group
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test
new file mode 100755
index 0000000..966ec7c
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group groupmod -n bar foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config.txt b/tests/failures/groupmod/04_groupmod_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/default/useradd b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/group b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/gshadow b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/login.defs b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/passwd b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/shadow b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/data/groupmod.err b/tests/failures/groupmod/04_groupmod_group_open_failure/data/groupmod.err
new file mode 100644
index 0000000..f892b68
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+groupmod: cannot open /etc/group
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/groupmod.test b/tests/failures/groupmod/04_groupmod_group_open_failure/groupmod.test
new file mode 100755
index 0000000..ec94d5e
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (groupmod -g 1001 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config.txt b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/group b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/passwd b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/shadow b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/data/groupmod.err b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/data/groupmod.err
new file mode 100644
index 0000000..0aca92f
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+groupmod: cannot open /etc/gshadow
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test
new file mode 100755
index 0000000..acf3248
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupmod -n bar foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config.txt b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/group b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/passwd b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/shadow b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/data/group b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test
new file mode 100755
index 0000000..c4d41de
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod does not need to open gshadow to change a gid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (groupmod -g 1001 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config.txt b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/default/useradd b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/group b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/gshadow b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/login.defs b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/passwd b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/passwd
new file mode 100644
index 0000000..e396cfd
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+baz:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/shadow b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/shadow
new file mode 100644
index 0000000..8f6ebbd
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/data/groupmod.err b/tests/failures/groupmod/07_groupmod_passwd_open_failure/data/groupmod.err
new file mode 100644
index 0000000..f8a82d0
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+groupmod: cannot open /etc/passwd
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test b/tests/failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test
new file mode 100755
index 0000000..2bcc782
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (groupmod -g 1001 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config.txt b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/default/useradd b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/group b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/gshadow b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/login.defs b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/passwd b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/passwd
new file mode 100644
index 0000000..e396cfd
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+baz:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/shadow b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/shadow
new file mode 100644
index 0000000..8f6ebbd
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test
new file mode 100755
index 0000000..b801985
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod does not open the passwd file if not needed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo with same gid (groupmod -g 1000 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd groupmod -g 1000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config.txt b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/default/useradd b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/group b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/gshadow b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/login.defs b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/passwd b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/passwd
new file mode 100644
index 0000000..e396cfd
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+baz:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/shadow b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/shadow
new file mode 100644
index 0000000..8f6ebbd
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/group b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/gshadow b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test
new file mode 100755
index 0000000..7480cf2
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod does not open the passwd file if not needed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo to bar (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd groupmod -n bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config.txt b/tests/failures/grpck/01_grpck_system_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/default/useradd b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/group b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/gshadow b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/login.defs b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/passwd b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/shadow b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/data/grpck.err b/tests/failures/grpck/01_grpck_system_group_open_failure/data/grpck.err
new file mode 100644
index 0000000..378a519
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/data/grpck.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+grpck: cannot open /etc/group
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/grpck.test b/tests/failures/grpck/01_grpck_system_group_open_failure/grpck.test
new file mode 100755
index 0000000..288099e
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check groups (grpck)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group grpck 2>tmp/grpck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config.txt b/tests/failures/grpck/02_grpck_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/default/useradd b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/group b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/gshadow b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/login.defs b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/passwd b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/shadow b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/data/grpck.err b/tests/failures/grpck/02_grpck_group_open_failure/data/grpck.err
new file mode 100644
index 0000000..c51c8a3
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/data/grpck.err
@@ -0,0 +1,2 @@
+open FAILURE data/group 2 ...
+grpck: cannot open data/group
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/grpck.test b/tests/failures/grpck/02_grpck_group_open_failure/grpck.test
new file mode 100755
index 0000000..41fe2a2
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check groups (grpck data/group)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/group grpck data/group 2>tmp/grpck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config.txt b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/default/useradd b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/group b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/gshadow b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/login.defs b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/passwd b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/shadow b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/data/grpck.err b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/data/grpck.err
new file mode 100644
index 0000000..d15a190
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/data/grpck.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+grpck: cannot open /etc/gshadow
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test
new file mode 100755
index 0000000..1016fc5
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck report failures when it cannot open the system gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check system groups (grpck)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow grpck 2>tmp/grpck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config.txt b/tests/failures/grpck/04_grpck_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/default/useradd b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/group b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/gshadow b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/login.defs b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/passwd b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/shadow b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/data/group b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/data/grpck.err b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/grpck.err
new file mode 100644
index 0000000..61aff8a
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/grpck.err
@@ -0,0 +1,2 @@
+open FAILURE data/gshadow 2 ...
+grpck: cannot open data/gshadow
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/data/gshadow b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/grpck.test b/tests/failures/grpck/04_grpck_gshadow_open_failure/grpck.test
new file mode 100755
index 0000000..2510878
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck report failures when it cannot open the local gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check local groups (grpck data/group data/gshadow)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/gshadow grpck data/group data/gshadow 2>tmp/grpck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config.txt b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/default/useradd b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/group b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/gshadow b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/login.defs b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/passwd b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/shadow b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/data/grpck.err b/tests/failures/grpck/05_grpck_sort_group_rename_failure/data/grpck.err
new file mode 100644
index 0000000..5eecbfd
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/data/grpck.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+grpck: failure while writing changes to /etc/group
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/grpck.test b/tests/failures/grpck/05_grpck_sort_group_rename_failure/grpck.test
new file mode 100755
index 0000000..40f3ebc
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort group (grpck -s)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group grpck -s 2>tmp/grpck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config.txt b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/group b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/gshadow b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/login.defs b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/passwd b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/shadow b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/group b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..a9a2e4c
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
+nogroup:x:65534:
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/grpck.err b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/grpck.err
new file mode 100644
index 0000000..275d87f
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/grpck.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+grpck: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test
new file mode 100755
index 0000000..18f6979
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort group (grpck -s)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow grpck -s 2>tmp/grpck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config.txt b/tests/failures/grpconv/01_grpconv_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/group b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/gshadow b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/login.defs b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/passwd b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/shadow b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/data/grpconv.err b/tests/failures/grpconv/01_grpconv_open_group_failure/data/grpconv.err
new file mode 100644
index 0000000..e02074e
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/data/grpconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+grpconv: cannot open /etc/group
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/grpconv.test b/tests/failures/grpconv/01_grpconv_open_group_failure/grpconv.test
new file mode 100755
index 0000000..3398314
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/grpconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpconv report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Disable shadow passwords (grpconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group grpconv 2>tmp/grpconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config.txt b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/group b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/gshadow b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/login.defs b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/passwd b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/shadow b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/data/grpconv.err b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/data/grpconv.err
new file mode 100644
index 0000000..101f3d5
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/data/grpconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+grpconv: cannot open /etc/gshadow
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test
new file mode 100755
index 0000000..77d4161
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpconv report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Enable gshadow passwords (grpconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow grpconv 2>tmp/grpconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config.txt b/tests/failures/grpconv/03_grpconv_rename_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/group b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/group
new file mode 100644
index 0000000..5d68f69
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:
+nogroup:*:65534:
+crontab:*:101:
+Debian-exim:*:102:
+foo:abc:1000:
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/gshadow b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/login.defs b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/passwd b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/shadow b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/data/grpconv.err b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/grpconv.err
new file mode 100644
index 0000000..c1a1171
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/grpconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+grpconv: failure while writing changes to /etc/group
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/data/gshadow b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/gshadow
new file mode 100644
index 0000000..372fb9b
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:*::
+Debian-exim:*::
+foo:abc::
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/grpconv.test b/tests/failures/grpconv/03_grpconv_rename_group_failure/grpconv.test
new file mode 100755
index 0000000..2d22d15
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/grpconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpconv report failures to write the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Enable gshadow passwords (grpconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group grpconv 2>tmp/grpconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config.txt b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/group b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/gshadow b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/login.defs b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/passwd b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/shadow b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/data/grpconv.err b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/data/grpconv.err
new file mode 100644
index 0000000..f4eee43
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/data/grpconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+grpconv: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test
new file mode 100755
index 0000000..0537ca4
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpconv report failures to write the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Enable gshadow passwords (grpconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow grpconv 2>tmp/grpconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config.txt b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/group b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/gshadow b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/login.defs b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/passwd b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/shadow b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/data/grpunconv.err b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/data/grpunconv.err
new file mode 100644
index 0000000..33ea6f3
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/data/grpunconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+grpunconv: failure while writing changes to /etc/group
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test
new file mode 100755
index 0000000..8b4e014
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpunconv reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (grpunconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group grpunconv 2>tmp/grpunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config.txt b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/group b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/gshadow b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/login.defs b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/passwd b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/shadow b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/data/grpunconv.err b/tests/failures/grpunconv/02_grpunconv_open_group_failure/data/grpunconv.err
new file mode 100644
index 0000000..fd1f2de
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/data/grpunconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+grpunconv: cannot open /etc/group
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test b/tests/failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test
new file mode 100755
index 0000000..014788e
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpunconv report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (grpunconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group grpunconv 2>tmp/grpunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config.txt b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/group b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/gshadow b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/login.defs b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/passwd b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/shadow b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/data/grpunconv.err b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/data/grpunconv.err
new file mode 100644
index 0000000..cb80cfd
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/data/grpunconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 0 ...
+grpunconv: cannot open /etc/gshadow
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test
new file mode 100755
index 0000000..4516e06
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpunconv report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable gshadow passwords (grpunconv)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/gshadow grpunconv 2>tmp/grpunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config.txt b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/group b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/gshadow b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/login.defs b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/passwd b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/shadow b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/group b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/group
new file mode 100644
index 0000000..54d3da4
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:
+nogroup:*:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:*:1000:
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/grpunconv.err b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/grpunconv.err
new file mode 100644
index 0000000..84fa124
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/grpunconv.err
@@ -0,0 +1,2 @@
+unlink FAILURE /etc/gshadow
+grpunconv: cannot delete /etc/gshadow
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test
new file mode 100755
index 0000000..4102719
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpunconv report failures when it cannot remove the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (grpunconv)..."
+LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/etc/gshadow grpunconv 2>tmp/grpunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config.txt b/tests/failures/newusers/01_newusers_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/default/useradd b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/group b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/gshadow b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/login.defs b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/passwd b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/shadow b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.err b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.err
new file mode 100644
index 0000000..b9a24a2
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+newusers: cannot open /etc/passwd
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.list b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/newusers.test b/tests/failures/newusers/01_newusers_open_passwd_failure/newusers.test
new file mode 100755
index 0000000..25462a8
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (newusers foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config.txt b/tests/failures/newusers/02_newusers_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/default/useradd b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/group b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/gshadow b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/login.defs b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/passwd b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/shadow b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.err b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.err
new file mode 100644
index 0000000..f46f22d
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+newusers: cannot open /etc/shadow
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.list b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/newusers.test b/tests/failures/newusers/02_newusers_open_shadow_failure/newusers.test
new file mode 100755
index 0000000..b7fc584
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (newusers foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config.txt b/tests/failures/newusers/03_newusers_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/default/useradd b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/group b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/gshadow b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/login.defs b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/passwd b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/shadow b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.err b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.err
new file mode 100644
index 0000000..3ec4f2f
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+newusers: cannot open /etc/group
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.list b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/newusers.test b/tests/failures/newusers/03_newusers_open_group_failure/newusers.test
new file mode 100755
index 0000000..95e075d
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (newusers foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config.txt b/tests/failures/newusers/04_newusers_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/default/useradd b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/group b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/gshadow b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/login.defs b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/passwd b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/shadow b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.err b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.err
new file mode 100644
index 0000000..e2a9ca0
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+newusers: cannot open /etc/gshadow
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.list b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/newusers.test b/tests/failures/newusers/04_newusers_open_gshadow_failure/newusers.test
new file mode 100755
index 0000000..6383079
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (newusers foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config.txt b/tests/failures/newusers/05_newusers_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/default/useradd b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/group b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/gshadow b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/login.defs b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/passwd b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/shadow b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.err b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.err
new file mode 100644
index 0000000..160bad7
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+newusers: failure while writing changes to /etc/passwd
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.list b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/newusers.test b/tests/failures/newusers/05_newusers_rename_passwd_failure/newusers.test
new file mode 100755
index 0000000..3fc3097
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures to write the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config.txt b/tests/failures/newusers/06_newusers_rename_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/group b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/gshadow b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/login.defs b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/passwd b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..03a7177
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/shadow b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.err b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.err
new file mode 100644
index 0000000..593b9ae
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+newusers: failure while writing changes to /etc/shadow
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.list b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/data/passwd b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/passwd
new file mode 100644
index 0000000..ce8e3c3
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/newusers.test b/tests/failures/newusers/06_newusers_rename_shadow_failure/newusers.test
new file mode 100755
index 0000000..aad005f
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures to write the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config.txt b/tests/failures/newusers/07_newusers_rename_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/group b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/gshadow b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/login.defs b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/passwd b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/passwd
new file mode 100644
index 0000000..03a7177
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/shadow b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.err b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.err
new file mode 100644
index 0000000..2ac5e86
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+newusers: failure while writing changes to /etc/group
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.list b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/passwd b/tests/failures/newusers/07_newusers_rename_group_failure/data/passwd
new file mode 100644
index 0000000..ce8e3c3
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/shadow b/tests/failures/newusers/07_newusers_rename_group_failure/data/shadow
new file mode 100644
index 0000000..602bef5
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:::
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/newusers.test b/tests/failures/newusers/07_newusers_rename_group_failure/newusers.test
new file mode 100755
index 0000000..20a8771
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures to write the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config.txt b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/group b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/gshadow b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/login.defs b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/passwd b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..03a7177
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/shadow b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/group b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.err b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.err
new file mode 100644
index 0000000..ca0738a
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+newusers: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.list b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/passwd b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/passwd
new file mode 100644
index 0000000..ce8e3c3
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/shadow b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/shadow
new file mode 100644
index 0000000..602bef5
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:::
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/newusers.test b/tests/failures/newusers/08_newusers_rename_gshadow_failure/newusers.test
new file mode 100755
index 0000000..8a8560f
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures to write the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config.txt b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/group b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/gshadow b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/login.defs b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/passwd b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/passwd
new file mode 100644
index 0000000..03a7177
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/shadow b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/group b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/gshadow b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.err b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.err
new file mode 100644
index 0000000..70bfcb5
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.err
@@ -0,0 +1,4 @@
+rename FAILURE /etc/nshadow /etc/shadow
+newusers: (user foo) pam_chauthtok() failed, error:
+Authentication token manipulation error
+newusers: (line 1, user foo) password not changed
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.list b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/passwd b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/passwd
new file mode 100644
index 0000000..ce8e3c3
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test
new file mode 100755
index 0000000..3ce542e
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures to write the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/10_newusers_time_0/config.txt b/tests/failures/newusers/10_newusers_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/default/useradd b/tests/failures/newusers/10_newusers_time_0/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/group b/tests/failures/newusers/10_newusers_time_0/config/etc/group
new file mode 100644
index 0000000..beb7c87
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/gshadow b/tests/failures/newusers/10_newusers_time_0/config/etc/gshadow
new file mode 100644
index 0000000..55b8e95
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/pam.d/common-password b/tests/failures/newusers/10_newusers_time_0/config/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords. Without this option,
+# the default is Unix crypt. Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/passwd b/tests/failures/newusers/10_newusers_time_0/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/shadow b/tests/failures/newusers/10_newusers_time_0/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/10_newusers_time_0/data/group b/tests/failures/newusers/10_newusers_time_0/data/group
new file mode 100644
index 0000000..dcabb32
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/failures/newusers/10_newusers_time_0/data/gshadow b/tests/failures/newusers/10_newusers_time_0/data/gshadow
new file mode 100644
index 0000000..dc9f7f6
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/failures/newusers/10_newusers_time_0/data/newusers.list b/tests/failures/newusers/10_newusers_time_0/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/10_newusers_time_0/data/passwd b/tests/failures/newusers/10_newusers_time_0/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/10_newusers_time_0/data/shadow b/tests/failures/newusers/10_newusers_time_0/data/shadow
new file mode 100644
index 0000000..37df8e5
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA512 fooPass@::0:99999:7:::
diff --git a/tests/failures/newusers/10_newusers_time_0/newusers.test b/tests/failures/newusers/10_newusers_time_0/newusers.test
new file mode 100755
index 0000000..27d5ce9
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/newusers.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/time_0.so newusers data/newusers.list 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config.txt b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/group b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/gshadow b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/passwd b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/shadow b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/data/pwck.err b/tests/failures/pwck/01_pwck_system_passwd_open_failure/data/pwck.err
new file mode 100644
index 0000000..9839b9e
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/data/pwck.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+pwck: cannot open /etc/passwd
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/pwck.test b/tests/failures/pwck/01_pwck_system_passwd_open_failure/pwck.test
new file mode 100755
index 0000000..f28c481
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check user db (pwck)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd pwck 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config.txt b/tests/failures/pwck/02_pwck_passwd_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/group b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/gshadow b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/passwd b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/shadow b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/data/pwck.err b/tests/failures/pwck/02_pwck_passwd_open_failure/data/pwck.err
new file mode 100644
index 0000000..7ffd649
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/data/pwck.err
@@ -0,0 +1,2 @@
+open FAILURE data/passwd 2 ...
+pwck: cannot open data/passwd
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/pwck.test b/tests/failures/pwck/02_pwck_passwd_open_failure/pwck.test
new file mode 100755
index 0000000..e9dcc9b
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check users (pwck data/passwd)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/passwd pwck data/passwd 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config.txt b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/group b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/gshadow b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/passwd b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/shadow b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/data/pwck.err b/tests/failures/pwck/03_pwck_system_shadow_open_failure/data/pwck.err
new file mode 100644
index 0000000..ee7dde0
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/data/pwck.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+pwck: cannot open /etc/shadow
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/pwck.test b/tests/failures/pwck/03_pwck_system_shadow_open_failure/pwck.test
new file mode 100755
index 0000000..5033612
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck report failures when it cannot open the system shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check system groups (pwck)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow pwck 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config.txt b/tests/failures/pwck/04_pwck_shadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/group b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/gshadow b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/passwd b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/shadow b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/data/passwd b/tests/failures/pwck/04_pwck_shadow_open_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/data/pwck.err b/tests/failures/pwck/04_pwck_shadow_open_failure/data/pwck.err
new file mode 100644
index 0000000..bac9260
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/data/pwck.err
@@ -0,0 +1,2 @@
+open FAILURE data/shadow 2 ...
+pwck: cannot open data/shadow
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/pwck.test b/tests/failures/pwck/04_pwck_shadow_open_failure/pwck.test
new file mode 100755
index 0000000..ef2b899
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck report failures when it cannot open the local shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check local groups (pwck data/group data/shadow)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/shadow pwck data/passwd data/shadow 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config.txt b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/group b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/gshadow b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/passwd b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/shadow b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/data/pwck.err b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/data/pwck.err
new file mode 100644
index 0000000..3b474db
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/data/pwck.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+pwck: failure while writing changes to /etc/passwd
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test
new file mode 100755
index 0000000..b02853e
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort passwd (pwck -s)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd pwck -s 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config.txt b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/group b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/gshadow b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/passwd b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/shadow b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/passwd b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/passwd
new file mode 100644
index 0000000..2be1ed6
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/pwck.err b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/pwck.err
new file mode 100644
index 0000000..3d6e8cb
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/pwck.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+pwck: failure while writing changes to /etc/shadow
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test
new file mode 100755
index 0000000..0b780e4
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck reports failure to write /etc/shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort group (pwck -s)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow pwck -s 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config.txt b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/group b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/gshadow b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/passwd b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/shadow b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/passwd b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/pwck.err b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/pwck.err
new file mode 100644
index 0000000..c66b0e3
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/pwck.err
@@ -0,0 +1,2 @@
+rename FAILURE tmp/passwd+ tmp/passwd
+pwck: failure while writing changes to tmp/passwd
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test
new file mode 100755
index 0000000..721734e
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck reports failure to write a passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+cp data/passwd tmp/
+
+echo -n "Sort passwd (pwck -s tmp/passwd)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=tmp/passwd pwck -s tmp/passwd 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+diff -au data/passwd tmp/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+rm -f tmp/passwd tmp/passwd+ tmp/passwd-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config.txt b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/group b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/gshadow b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/passwd b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/shadow b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd.out b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd.out
new file mode 100644
index 0000000..2be1ed6
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd.out
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/pwck.err b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/pwck.err
new file mode 100644
index 0000000..4b1415b
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/pwck.err
@@ -0,0 +1,2 @@
+rename FAILURE tmp/shadow+ tmp/shadow
+pwck: failure while writing changes to tmp/shadow
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/shadow b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test
new file mode 100755
index 0000000..435aa53
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck reports failure to write a shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+cp data/passwd data/shadow tmp/
+
+echo -n "Sort group (pwck -s tmp/passwd tmp/shadow)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=tmp/shadow pwck -s tmp/passwd tmp/shadow 2>tmp/pwck.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+diff -au data/passwd.out tmp/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+diff -au data/shadow tmp/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+rm -f tmp/passwd tmp/passwd- tmp/shadow tmp/shadow+ tmp/shadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config.txt b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/group b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/gshadow b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/passwd b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/passwd
new file mode 100644
index 0000000..3030f9e
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/passwd
@@ -0,0 +1,12 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
+bar:x:1001:1000::/home:/bin/sh
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/shadow b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/data/shadow b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/data/shadow
new file mode 100644
index 0000000..053ac3f
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/data/shadow
@@ -0,0 +1,12 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bar:x::0:99999:7:::
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.exp b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.exp
new file mode 100755
index 0000000..02e6798
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "LD_PRELOAD=../../../common/time_0.so pwck\r"
+expect "no matching password file entry in /etc/shadow"
+expect "add user 'bar' in /etc/shadow? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test
new file mode 100755
index 0000000..e473196
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "If time is 0, pwck creates shadow entry with no last password change date"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config.txt b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/group b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/gshadow b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/login.defs b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/passwd b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/shadow b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/data/pwconv.err b/tests/failures/pwconv/01_pwconv_open_passwd_failure/data/pwconv.err
new file mode 100644
index 0000000..d26864f
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/data/pwconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+pwconv: cannot open /etc/passwd
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test b/tests/failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test
new file mode 100755
index 0000000..cb14e0b
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Enable shadow passwords (pwconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd pwconv 2>tmp/pwconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config.txt b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/group b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/gshadow b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/login.defs b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/passwd b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/shadow b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/data/pwconv.err b/tests/failures/pwconv/02_pwconv_open_shadow_failure/data/pwconv.err
new file mode 100644
index 0000000..7727450
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/data/pwconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+pwconv: cannot open /etc/shadow
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test b/tests/failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test
new file mode 100755
index 0000000..031a72c
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Enable shadow passwords (pwconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow pwconv 2>tmp/pwconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config.txt b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/group b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/gshadow b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/login.defs b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/passwd b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/shadow b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/pwconv.err b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/pwconv.err
new file mode 100644
index 0000000..b8177df
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/pwconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+pwconv: failure while writing changes to /etc/passwd
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/shadow b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/shadow
new file mode 100644
index 0000000..b678d83
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/shadow
@@ -0,0 +1,20 @@
+root:*:@TODAY@:0:99999:7:::
+daemon:*:@TODAY@:0:99999:7:::
+bin:*:@TODAY@:0:99999:7:::
+sys:*:@TODAY@:0:99999:7:::
+sync:*:@TODAY@:0:99999:7:::
+games:*:@TODAY@:0:99999:7:::
+man:*:@TODAY@:0:99999:7:::
+lp:*:@TODAY@:0:99999:7:::
+mail:*:@TODAY@:0:99999:7:::
+news:*:@TODAY@:0:99999:7:::
+uucp:*:@TODAY@:0:99999:7:::
+proxy:*:@TODAY@:0:99999:7:::
+www-data:*:@TODAY@:0:99999:7:::
+backup:*:@TODAY@:0:99999:7:::
+list:*:@TODAY@:0:99999:7:::
+irc:*:@TODAY@:0:99999:7:::
+gnats:*:@TODAY@:0:99999:7:::
+nobody:*:@TODAY@:0:99999:7:::
+Debian-exim:*:@TODAY@:0:99999:7:::
+foo:abc:@TODAY@:0:99999:7:::
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test
new file mode 100755
index 0000000..44f2307
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv report failures to write the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Enable shadow passwords (pwconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd pwconv 2>tmp/pwconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config.txt b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/group b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/gshadow b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/login.defs b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/passwd b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/shadow b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/data/pwconv.err b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/data/pwconv.err
new file mode 100644
index 0000000..cf5ddf3
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/data/pwconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+pwconv: failure while writing changes to /etc/shadow
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test
new file mode 100755
index 0000000..589ed3e
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv report failures to write the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Enable shadow passwords (pwconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow pwconv 2>tmp/pwconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwconv/05_pwconv_time_0/config.txt b/tests/failures/pwconv/05_pwconv_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/group b/tests/failures/pwconv/05_pwconv_time_0/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/gshadow b/tests/failures/pwconv/05_pwconv_time_0/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/passwd b/tests/failures/pwconv/05_pwconv_time_0/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/shadow b/tests/failures/pwconv/05_pwconv_time_0/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwconv/05_pwconv_time_0/data/passwd b/tests/failures/pwconv/05_pwconv_time_0/data/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/05_pwconv_time_0/data/shadow b/tests/failures/pwconv/05_pwconv_time_0/data/shadow
new file mode 100644
index 0000000..a3b7cff
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:*::0:99999:7:::
+daemon:*::0:99999:7:::
+bin:*::0:99999:7:::
+sys:*::0:99999:7:::
+sync:*::0:99999:7:::
+games:*::0:99999:7:::
+man:*::0:99999:7:::
+lp:*::0:99999:7:::
+mail:*::0:99999:7:::
+news:*::0:99999:7:::
+uucp:*::0:99999:7:::
+proxy:*::0:99999:7:::
+www-data:*::0:99999:7:::
+backup:*::0:99999:7:::
+list:*::0:99999:7:::
+irc:*::0:99999:7:::
+gnats:*::0:99999:7:::
+nobody:*::0:99999:7:::
+Debian-exim:*::0:99999:7:::
+foo:abc::0:99999:7:::
diff --git a/tests/failures/pwconv/05_pwconv_time_0/pwconv.test b/tests/failures/pwconv/05_pwconv_time_0/pwconv.test
new file mode 100755
index 0000000..5c9a650
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/pwconv.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Convert to shadow (pwconv)..."
+LD_PRELOAD=../../../common/time_0.so pwconv 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config.txt b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/group b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/gshadow b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/login.defs b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/passwd b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/shadow b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/data/pwunconv.err b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/data/pwunconv.err
new file mode 100644
index 0000000..a1368c9
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/data/pwunconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+pwunconv: failure while writing changes to /etc/passwd
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test
new file mode 100755
index 0000000..3f1d312
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwunconv reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (pwunconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd pwunconv 2>tmp/pwunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config.txt b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/group b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/gshadow b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/login.defs b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/passwd b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/shadow b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/data/pwunconv.err b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/data/pwunconv.err
new file mode 100644
index 0000000..44cd4fa
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/data/pwunconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+pwunconv: cannot open /etc/passwd
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test
new file mode 100755
index 0000000..8212cf2
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwunconv report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (pwunconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd pwunconv 2>tmp/pwunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config.txt b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/group b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/gshadow b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/login.defs b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/passwd b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/shadow b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/data/pwunconv.err b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/data/pwunconv.err
new file mode 100644
index 0000000..a61ba35
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/data/pwunconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 0 ...
+pwunconv: cannot open /etc/shadow
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test
new file mode 100755
index 0000000..0c8f79f
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwunconv report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (pwunconv)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/shadow pwunconv 2>tmp/pwunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config.txt b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/group b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/gshadow b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/login.defs b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/passwd b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/shadow b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/passwd b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/passwd
new file mode 100644
index 0000000..3416c55
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/passwd
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+foo:!:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/pwunconv.err b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/pwunconv.err
new file mode 100644
index 0000000..a8ecf49
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/pwunconv.err
@@ -0,0 +1,2 @@
+unlink FAILURE /etc/shadow
+pwunconv: cannot delete /etc/shadow
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test
new file mode 100755
index 0000000..045719f
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwunconv report failures when it cannot remove the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (pwunconv)..."
+LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/etc/shadow pwunconv 2>tmp/pwunconv.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config.txt b/tests/failures/useradd/01_useradd_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/default/useradd b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/group b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/gshadow b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/login.defs b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/passwd b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/shadow b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/data/useradd.err b/tests/failures/useradd/01_useradd_open_passwd_failure/data/useradd.err
new file mode 100644
index 0000000..0a3ce8c
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+useradd: cannot open /etc/passwd
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/useradd.test b/tests/failures/useradd/01_useradd_open_passwd_failure/useradd.test
new file mode 100755
index 0000000..930d565
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config.txt b/tests/failures/useradd/02_useradd_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/default/useradd b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/group b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/gshadow b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/login.defs b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/passwd b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/shadow b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/data/useradd.err b/tests/failures/useradd/02_useradd_open_shadow_failure/data/useradd.err
new file mode 100644
index 0000000..8d691d1
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+useradd: cannot open /etc/shadow
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/useradd.test b/tests/failures/useradd/02_useradd_open_shadow_failure/useradd.test
new file mode 100755
index 0000000..0c3d7fc
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config.txt b/tests/failures/useradd/03_useradd_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/default/useradd b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/group b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/gshadow b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/login.defs b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/passwd b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/shadow b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/data/useradd.err b/tests/failures/useradd/03_useradd_open_group_failure/data/useradd.err
new file mode 100644
index 0000000..59a33be
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+useradd: cannot open /etc/group
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/useradd.test b/tests/failures/useradd/03_useradd_open_group_failure/useradd.test
new file mode 100755
index 0000000..b99d914
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config.txt b/tests/failures/useradd/04_useradd_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/default/useradd b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/group b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/gshadow b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/login.defs b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/passwd b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/shadow b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/data/useradd.err b/tests/failures/useradd/04_useradd_open_gshadow_failure/data/useradd.err
new file mode 100644
index 0000000..3e64279
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+useradd: cannot open /etc/gshadow
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/useradd.test b/tests/failures/useradd/04_useradd_open_gshadow_failure/useradd.test
new file mode 100755
index 0000000..5ab5eac
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config.txt b/tests/failures/useradd/05_useradd_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/default/useradd b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/group b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/gshadow b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/login.defs b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/passwd b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/shadow b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/data/useradd.err b/tests/failures/useradd/05_useradd_rename_passwd_failure/data/useradd.err
new file mode 100644
index 0000000..6d25d1d
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+useradd: failure while writing changes to /etc/passwd
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/useradd.test b/tests/failures/useradd/05_useradd_rename_passwd_failure/useradd.test
new file mode 100755
index 0000000..2428ed0
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config.txt b/tests/failures/useradd/06_useradd_rename_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/default/useradd b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/group b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/gshadow b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/login.defs b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/passwd b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/shadow b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/data/passwd b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/data/useradd.err b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/useradd.err
new file mode 100644
index 0000000..49e06ab
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+useradd: failure while writing changes to /etc/shadow
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/useradd.test b/tests/failures/useradd/06_useradd_rename_shadow_failure/useradd.test
new file mode 100755
index 0000000..50ec15f
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config.txt b/tests/failures/useradd/07_useradd_rename_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/default/useradd b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/group b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/gshadow b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/login.defs b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/passwd b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/shadow b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/data/passwd b/tests/failures/useradd/07_useradd_rename_group_failure/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/data/shadow b/tests/failures/useradd/07_useradd_rename_group_failure/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/data/useradd.err b/tests/failures/useradd/07_useradd_rename_group_failure/data/useradd.err
new file mode 100644
index 0000000..75a035e
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+useradd: failure while writing changes to /etc/group
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/useradd.test b/tests/failures/useradd/07_useradd_rename_group_failure/useradd.test
new file mode 100755
index 0000000..ed64725
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config.txt b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/default/useradd b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/group b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/gshadow b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/login.defs b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/passwd b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/shadow b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/group b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/passwd b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/shadow b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/useradd.err b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/useradd.err
new file mode 100644
index 0000000..a355259
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+useradd: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/useradd.test b/tests/failures/useradd/08_useradd_rename_gshadow_failure/useradd.test
new file mode 100755
index 0000000..11f7f68
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config.txt b/tests/failures/useradd/09_useradd_rename_defaults_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/default/useradd b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/group b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/gshadow b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/login.defs b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/passwd b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/shadow b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/data/useradd.err b/tests/failures/useradd/09_useradd_rename_defaults_failure/data/useradd.err
new file mode 100644
index 0000000..956521a
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/default/nuaddXXXXXX /etc/default/useradd
+useradd: rename: /etc/default/nuaddXXXXXX: Input/output error
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/useradd.test b/tests/failures/useradd/09_useradd_rename_defaults_failure/useradd.test
new file mode 100755
index 0000000..f845652
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set default value (useradd -D -g 10)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/default/useradd useradd -D -g 10 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+sed -e 's/nuadd....../nuaddXXXXXX/' -i tmp/useradd.err
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config.txt b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/default/useradd b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/group b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/gshadow b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/login.defs b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/passwd b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/shadow b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/data/useradd.err b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/data/useradd.err
new file mode 100644
index 0000000..7ec53ac
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/data/useradd.err
@@ -0,0 +1,2 @@
+link FAILURE /etc/default/useradd /etc/default/useradd-
+useradd: Cannot create backup file (/etc/default/useradd-): Input/output error
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test
new file mode 100755
index 0000000..241f727
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to create backup /etc/default/useradd-"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set default value (useradd -D -g 10)..."
+LD_PRELOAD=../../../common/link_failure.so FAILURE_PATH=/etc/default/useradd- useradd -D -g 10 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/11_useradd_time_0/config.txt b/tests/failures/useradd/11_useradd_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/default/useradd b/tests/failures/useradd/11_useradd_time_0/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/group b/tests/failures/useradd/11_useradd_time_0/config/etc/group
new file mode 100644
index 0000000..beb7c87
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/gshadow b/tests/failures/useradd/11_useradd_time_0/config/etc/gshadow
new file mode 100644
index 0000000..55b8e95
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/pam.d/common-password b/tests/failures/useradd/11_useradd_time_0/config/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords. Without this option,
+# the default is Unix crypt. Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/passwd b/tests/failures/useradd/11_useradd_time_0/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/shadow b/tests/failures/useradd/11_useradd_time_0/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/11_useradd_time_0/data/group b/tests/failures/useradd/11_useradd_time_0/data/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/useradd/11_useradd_time_0/data/gshadow b/tests/failures/useradd/11_useradd_time_0/data/gshadow
new file mode 100644
index 0000000..ed9618e
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/useradd/11_useradd_time_0/data/newusers.list b/tests/failures/useradd/11_useradd_time_0/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/useradd/11_useradd_time_0/data/passwd b/tests/failures/useradd/11_useradd_time_0/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/11_useradd_time_0/data/shadow b/tests/failures/useradd/11_useradd_time_0/data/shadow
new file mode 100644
index 0000000..d295f85
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!::0:99999:7:12:13849:
diff --git a/tests/failures/useradd/11_useradd_time_0/useradd.test b/tests/failures/useradd/11_useradd_time_0/useradd.test
new file mode 100755
index 0000000..1c61138
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (useradd foo)..."
+LD_PRELOAD=../../../common/time_0.so useradd foo 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config.txt b/tests/failures/useradd/12_useradd_open_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/default/useradd b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/group b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/gshadow b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/login.defs b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/passwd b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/shadow b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subgid b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subgid
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subuid b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subuid
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/data/useradd.err b/tests/failures/useradd/12_useradd_open_subuid_failure/data/useradd.err
new file mode 100644
index 0000000..6d84972
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subuid 2 ...
+useradd: cannot open /etc/subuid
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/useradd.test b/tests/failures/useradd/12_useradd_open_subuid_failure/useradd.test
new file mode 100755
index 0000000..0263300
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the /etc/subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config.txt b/tests/failures/useradd/13_useradd_open_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/default/useradd b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/group b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/gshadow b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/login.defs b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/passwd b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/shadow b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subgid b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subgid
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subuid b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subuid
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/data/useradd.err b/tests/failures/useradd/13_useradd_open_subgid_failure/data/useradd.err
new file mode 100644
index 0000000..594f4d6
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subgid 2 ...
+useradd: cannot open /etc/subgid
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/useradd.test b/tests/failures/useradd/13_useradd_open_subgid_failure/useradd.test
new file mode 100755
index 0000000..eff1bc9
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the /etc/subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config.txt b/tests/failures/useradd/14_username_rename_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/default/useradd b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/group b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/gshadow b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/login.defs b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/passwd b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/shadow b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subgid b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subgid
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subuid b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subuid
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/group b/tests/failures/useradd/14_username_rename_subuid_failure/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/gshadow b/tests/failures/useradd/14_username_rename_subuid_failure/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/passwd b/tests/failures/useradd/14_username_rename_subuid_failure/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/shadow b/tests/failures/useradd/14_username_rename_subuid_failure/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/useradd.err b/tests/failures/useradd/14_username_rename_subuid_failure/data/useradd.err
new file mode 100644
index 0000000..1798df6
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subuid+ /etc/subuid
+useradd: failure while writing changes to /etc/subuid
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/useradd.test b/tests/failures/useradd/14_username_rename_subuid_failure/useradd.test
new file mode 100755
index 0000000..5b007b9
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/subuid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subuid useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config.txt b/tests/failures/useradd/15_username_rename_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/default/useradd b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/group b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/gshadow b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/login.defs b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/passwd b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/shadow b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subgid b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subgid
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subuid b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subuid
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/group b/tests/failures/useradd/15_username_rename_subgid_failure/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/gshadow b/tests/failures/useradd/15_username_rename_subgid_failure/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/passwd b/tests/failures/useradd/15_username_rename_subgid_failure/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/shadow b/tests/failures/useradd/15_username_rename_subgid_failure/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/subuid b/tests/failures/useradd/15_username_rename_subgid_failure/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/useradd.err b/tests/failures/useradd/15_username_rename_subgid_failure/data/useradd.err
new file mode 100644
index 0000000..0d1b654
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subgid+ /etc/subgid
+useradd: failure while writing changes to /etc/subgid
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/useradd.test b/tests/failures/useradd/15_username_rename_subgid_failure/useradd.test
new file mode 100755
index 0000000..db47258
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/subgid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subgid useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config.txt b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/group b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/gshadow b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/login.defs b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/passwd b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/shadow b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/group b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/passwd b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/shadow b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/userdel.err b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/userdel.err
new file mode 100644
index 0000000..e84c8f8
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+userdel: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/userdel.test b/tests/failures/userdel/01_userdel_gshadow_rename_failure/userdel.test
new file mode 100755
index 0000000..3b7c17c
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config.txt b/tests/failures/userdel/02_userdel_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/default/useradd b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/group b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/gshadow b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/login.defs b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/passwd b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/shadow b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/data/passwd b/tests/failures/userdel/02_userdel_group_rename_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/data/shadow b/tests/failures/userdel/02_userdel_group_rename_failure/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/data/userdel.err b/tests/failures/userdel/02_userdel_group_rename_failure/data/userdel.err
new file mode 100644
index 0000000..21962cd
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+userdel: failure while writing changes to /etc/group
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/userdel.test b/tests/failures/userdel/02_userdel_group_rename_failure/userdel.test
new file mode 100755
index 0000000..da9b693
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config.txt b/tests/failures/userdel/03_userdel_shadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/default/useradd b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/group b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/gshadow b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/login.defs b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/passwd b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/shadow b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/data/passwd b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/data/userdel.err b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/userdel.err
new file mode 100644
index 0000000..a241b55
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+userdel: failure while writing changes to /etc/shadow
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/userdel.test b/tests/failures/userdel/03_userdel_shadow_rename_failure/userdel.test
new file mode 100755
index 0000000..6ad2516
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config.txt b/tests/failures/userdel/04_userdel_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/default/useradd b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/group b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/gshadow b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/login.defs b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/passwd b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/shadow b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/data/userdel.err b/tests/failures/userdel/04_userdel_passwd_rename_failure/data/userdel.err
new file mode 100644
index 0000000..7058c90
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+userdel: failure while writing changes to /etc/passwd
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/userdel.test b/tests/failures/userdel/04_userdel_passwd_rename_failure/userdel.test
new file mode 100755
index 0000000..945bf5b
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config.txt b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/default/useradd b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/group b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/gshadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/login.defs b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/passwd b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/shadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/var/mail/foo b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/var/mail/foo
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/var/mail/foo
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/group b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/gshadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/passwd b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/shadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/userdel.err b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/userdel.err
new file mode 100644
index 0000000..0ed73cf
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/userdel.err
@@ -0,0 +1,3 @@
+unlink FAILURE /var/mail/foo
+userdel: warning: can't remove /var/mail/foo: Device or resource busy
+userdel: foo home directory (/home/foo) not found
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/userdel.test b/tests/failures/userdel/05_userdel_failure_remove_mailbox/userdel.test
new file mode 100755
index 0000000..cd0b356
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/userdel.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel -r reports failure to remove the mailbox"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Changing ownership of /var/mail/foo..."
+chown foo:mail /var/mail/foo
+echo "OK"
+
+echo -n "delete user foo with its mail spool (userdel -r foo)..."
+LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/var/mail/foo userdel -r foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config.txt b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/default/useradd b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/group b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/gshadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/login.defs b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/passwd b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/shadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/group b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/gshadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/passwd b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/shadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/userdel.err b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/userdel.err
new file mode 100644
index 0000000..d46d879
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/userdel.err
@@ -0,0 +1,3 @@
+userdel: foo mail spool (/var/mail/foo) not found
+unlink FAILURE /home/foo/bar/baz
+userdel: error removing directory /home/foo
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test
new file mode 100755
index 0000000..d41d189
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel -r reports failure to remove a file in the home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an home directory for foo..."
+mkdir /home/foo
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0
+mkdir /home/foo/bar
+touch /home/foo/bar/baz
+chown -R foo:foo /home/foo
+echo "OK"
+
+echo -n "delete user foo with its mail spool (userdel -r foo)..."
+LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/home/foo/bar/baz userdel -r foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+rm -rf /home/foo
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config.txt b/tests/failures/userdel/07_userdel_failure_remove_homedir/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/default/useradd b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/group b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/gshadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/login.defs b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/passwd b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/shadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/group b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/gshadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/passwd b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/shadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/userdel.err b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/userdel.err
new file mode 100644
index 0000000..f874083
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/userdel.err
@@ -0,0 +1,3 @@
+userdel: foo mail spool (/var/mail/foo) not found
+rmdir FAILURE /home/foo
+userdel: error removing directory /home/foo
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/userdel.test b/tests/failures/userdel/07_userdel_failure_remove_homedir/userdel.test
new file mode 100755
index 0000000..deca402
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/userdel.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel -r reports failure to remove the home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an home directory for foo..."
+mkdir /home/foo
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0
+mkdir /home/foo/bar
+touch /home/foo/bar/baz
+chown -R foo:foo /home/foo
+echo "OK"
+
+echo -n "delete user foo with its mail spool (userdel -r foo)..."
+LD_PRELOAD=../../../common/rmdir_failure.so FAILURE_PATH=/home/foo userdel -r foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+rm -rf /home/foo
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config.txt b/tests/failures/userdel/08_userdel_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/default/useradd b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/group b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/gshadow b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/login.defs b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/passwd b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..c41f98b
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:foo:/home/foo:/bin/sh
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/shadow b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/data/userdel.err b/tests/failures/userdel/08_userdel_open_passwd_failure/data/userdel.err
new file mode 100644
index 0000000..5329f8a
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+userdel: cannot open /etc/passwd
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/userdel.test b/tests/failures/userdel/08_userdel_open_passwd_failure/userdel.test
new file mode 100755
index 0000000..dfa5bc6
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config.txt b/tests/failures/userdel/09_userdel_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/default/useradd b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/group b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/gshadow b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/login.defs b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/passwd b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..c41f98b
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:foo:/home/foo:/bin/sh
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/shadow b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/data/userdel.err b/tests/failures/userdel/09_userdel_open_shadow_failure/data/userdel.err
new file mode 100644
index 0000000..b15cf95
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+userdel: cannot open /etc/shadow
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/userdel.test b/tests/failures/userdel/09_userdel_open_shadow_failure/userdel.test
new file mode 100755
index 0000000..434cf32
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config.txt b/tests/failures/userdel/10_userdel_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/default/useradd b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/group b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/gshadow b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/login.defs b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/passwd b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..c41f98b
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:foo:/home/foo:/bin/sh
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/shadow b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/data/userdel.err b/tests/failures/userdel/10_userdel_open_group_failure/data/userdel.err
new file mode 100644
index 0000000..e671f64
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+userdel: cannot open /etc/group
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/userdel.test b/tests/failures/userdel/10_userdel_open_group_failure/userdel.test
new file mode 100755
index 0000000..2e3ad62
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config.txt b/tests/failures/userdel/11_userdel_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/default/useradd b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/group b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/gshadow b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/login.defs b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/passwd b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..c41f98b
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:foo:/home/foo:/bin/sh
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/shadow b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/data/userdel.err b/tests/failures/userdel/11_userdel_open_gshadow_failure/data/userdel.err
new file mode 100644
index 0000000..e24e7f4
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+userdel: cannot open /etc/gshadow
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/userdel.test b/tests/failures/userdel/11_userdel_open_gshadow_failure/userdel.test
new file mode 100755
index 0000000..4a75f66
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config.txt b/tests/failures/userdel/12_userdel_open_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/default/useradd b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/group b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/gshadow b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/login.defs b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/passwd b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/shadow b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subgid b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subgid
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subuid b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subuid
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/data/userdel.err b/tests/failures/userdel/12_userdel_open_subuid_failure/data/userdel.err
new file mode 100644
index 0000000..cd0d1c4
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subuid 2 ...
+userdel: cannot open /etc/subuid
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/userdel.test b/tests/failures/userdel/12_userdel_open_subuid_failure/userdel.test
new file mode 100755
index 0000000..844f04f
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the /etc/subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config.txt b/tests/failures/userdel/13_userdel_open_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/default/useradd b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/group b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/gshadow b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/login.defs b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/passwd b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/shadow b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subgid b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subgid
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subuid b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subuid
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/data/userdel.err b/tests/failures/userdel/13_userdel_open_subgid_failure/data/userdel.err
new file mode 100644
index 0000000..bcc53e2
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subgid 2 ...
+userdel: cannot open /etc/subgid
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/userdel.test b/tests/failures/userdel/13_userdel_open_subgid_failure/userdel.test
new file mode 100755
index 0000000..2a67bcb
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the /etc/subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config.txt b/tests/failures/userdel/14_userdel_rename_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/default/useradd b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/group b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/gshadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/login.defs b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/passwd b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/shadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subgid b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subuid b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/group b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/gshadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/passwd b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/shadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/userdel.err b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/userdel.err
new file mode 100644
index 0000000..ae0d56e
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subuid+ /etc/subuid
+userdel: failure while writing changes to /etc/subuid
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/usedel.test b/tests/failures/userdel/14_userdel_rename_subuid_failure/usedel.test
new file mode 100755
index 0000000..a6e7d43
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/usedel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/subuid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subuid userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config.txt b/tests/failures/userdel/15_userdel_rename_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/default/useradd b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/group b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/gshadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/login.defs b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/passwd b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/shadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subgid b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subuid b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..a0bb603
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+root:200000:10000
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/group b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/gshadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/passwd b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/shadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/subuid b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/subuid
new file mode 100644
index 0000000..83a5781
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/subuid
@@ -0,0 +1 @@
+root:200000:10000
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/userdel.err b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/userdel.err
new file mode 100644
index 0000000..35e206c
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subgid+ /etc/subgid
+userdel: failure while writing changes to /etc/subgid
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/usedel.test b/tests/failures/userdel/15_userdel_rename_subgid_failure/usedel.test
new file mode 100755
index 0000000..5312e8b
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/usedel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/subgid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subgid userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config.txt b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/group b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/gshadow b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/login.defs b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/passwd b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/shadow b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/group b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..41fb326
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:bar
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/passwd b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/passwd
new file mode 100644
index 0000000..656230a
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/shadow b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/usermod.err b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/usermod.err
new file mode 100644
index 0000000..449003a
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+usermod: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test
new file mode 100755
index 0000000..e7d1c2d
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config.txt b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/default/useradd b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/group b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/gshadow b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/login.defs b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/passwd b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/shadow b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/data/usermod.err b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/data/usermod.err
new file mode 100644
index 0000000..a5fd4c3
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+usermod: failure while writing changes to /etc/passwd
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test
new file mode 100755
index 0000000..119d76a
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change UID of foo to 1001 (usermod -u 1001 foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd usermod -u 1001 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config.txt b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/default/useradd b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/group b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/gshadow b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/login.defs b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/passwd b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/shadow b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/passwd b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/passwd
new file mode 100644
index 0000000..656230a
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/shadow b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/usermod.err b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/usermod.err
new file mode 100644
index 0000000..69a5e8b
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+usermod: failure while writing changes to /etc/group
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test
new file mode 100755
index 0000000..c5d69bb
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename user foo to bar (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config.txt b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/default/useradd b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/group b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/gshadow b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/login.defs b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/passwd b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/shadow b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/passwd b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/passwd
new file mode 100644
index 0000000..656230a
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/shadow b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test
new file mode 100755
index 0000000..2e64fd3
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not try to rewrite gshadow if not changed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow usermod -l bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config.txt b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/default/useradd b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/group b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/gshadow b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/login.defs b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/passwd b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/shadow b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/passwd b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/passwd
new file mode 100644
index 0000000..09a6642
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000:::/bin/false
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/usermod.err b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/usermod.err
new file mode 100644
index 0000000..43c186a
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+usermod: failure while writing changes to /etc/shadow
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test
new file mode 100755
index 0000000..df94b43
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod reports failure to write /etc/shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change name of foo to bar (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config.txt b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/default/useradd b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/group b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/gshadow b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/login.defs b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/passwd b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/shadow b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/data/usermod.err b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/data/usermod.err
new file mode 100644
index 0000000..e060976
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+usermod: cannot open /etc/passwd
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test
new file mode 100755
index 0000000..5e069f6
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user foo (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config.txt b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/default/useradd b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/group b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/gshadow b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/login.defs b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/passwd b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/shadow b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/data/usermod.err b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/data/usermod.err
new file mode 100644
index 0000000..40e3a5b
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+usermod: cannot open /etc/shadow
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test
new file mode 100755
index 0000000..c5ac414
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user foo (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config.txt b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/default/useradd b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/group b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/gshadow b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/login.defs b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/passwd b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/shadow b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/data/usermod.err b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/data/usermod.err
new file mode 100644
index 0000000..5329b28
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+usermod: cannot open /etc/group
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test
new file mode 100755
index 0000000..fbca278
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user foo (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config.txt b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/default/useradd b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/group b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/gshadow b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/login.defs b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/passwd b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/shadow b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/data/usermod.err b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/data/usermod.err
new file mode 100644
index 0000000..e398343
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+usermod: cannot open /etc/gshadow
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test
new file mode 100755
index 0000000..6e7ba24
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user foo (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config.txt b/tests/failures/usermod/10_usermod_-p_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/default/useradd b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/group b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/gshadow b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/passwd b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/shadow b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/data/passwd b/tests/failures/usermod/10_usermod_-p_time_0/data/passwd
new file mode 100644
index 0000000..d9798a6
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/data/shadow b/tests/failures/usermod/10_usermod_-p_time_0/data/shadow
new file mode 100644
index 0000000..13fca93
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:foopass::0:99999:7:::
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/usermod.test b/tests/failures/usermod/10_usermod_-p_time_0/usermod.test
new file mode 100755
index 0000000..f54c918
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's password (usermod -p foopass foo)..."
+LD_PRELOAD=../../../common/time_0.so usermod -p foopass foo 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config.txt b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/default/useradd b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/group b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/gshadow b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/passwd b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/shadow b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/data/shadow b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/data/shadow
new file mode 100644
index 0000000..6faa0c5
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblahblah::0:99999:7:12::
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test
new file mode 100755
index 0000000..56e9c83
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's password (usermod -f 12 foo)..."
+LD_PRELOAD=../../../common/time_0.so usermod -f 12 foo 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config.txt b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/default/useradd b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/group b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/gshadow b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/login.defs b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/passwd b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/shadow b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/data/usermod.err b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/data/usermod.err
new file mode 100644
index 0000000..a5fd4c3
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+usermod: failure while writing changes to /etc/passwd
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test
new file mode 100755
index 0000000..d7c95b7
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod reports failure to unlock /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change UID of foo to 1001 (usermod -u 1001 foo)..."
+LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/etc/passwd.lock usermod -u 1001 foo 2>tmp/usermod.err
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config.txt b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/default/useradd b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/group b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/gshadow b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/login.defs b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/passwd b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/shadow b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subgid b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subuid b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/data/usermod.err b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/data/usermod.err
new file mode 100644
index 0000000..a83d4bf
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subuid 2 ...
+usermod: cannot open /etc/subuid
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test
new file mode 100755
index 0000000..fdff7e1
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the /etc/subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add range for user foo (usermod -v 100000-100000 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config.txt b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/default/useradd b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/group b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/gshadow b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/login.defs b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/passwd b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/shadow b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subgid b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subuid b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/data/usermod.err b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/data/usermod.err
new file mode 100644
index 0000000..a83d4bf
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subuid 2 ...
+usermod: cannot open /etc/subuid
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test
new file mode 100755
index 0000000..47ff348
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the /etc/subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add range for user foo (usermod -V 100000-100000 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid usermod -V 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config.txt b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/default/useradd b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/group b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/gshadow b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/login.defs b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/passwd b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/shadow b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subgid b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subuid b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/data/usermod.err b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/data/usermod.err
new file mode 100644
index 0000000..7cb1df5
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subgid 2 ...
+usermod: cannot open /etc/subgid
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test
new file mode 100755
index 0000000..3469d93
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the /etc/subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add range for user foo (usermod -w 100000-100000 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config.txt b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/default/useradd b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/group b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/gshadow b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/login.defs b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/passwd b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/shadow b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subgid b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subuid b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/data/usermod.err b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/data/usermod.err
new file mode 100644
index 0000000..7cb1df5
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subgid 2 ...
+usermod: cannot open /etc/subgid
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test
new file mode 100755
index 0000000..a03c2c5
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the /etc/subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add range for user foo (usermod -W 100000-100000 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid usermod -W 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config.txt b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/default/useradd b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/group b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/gshadow b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/login.defs b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/passwd b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/shadow b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subgid b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subuid b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/data/usermod.err b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/data/usermod.err
new file mode 100644
index 0000000..d498ae9
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subuid+ /etc/subuid
+usermod: failure while writing changes to /etc/subuid
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test
new file mode 100755
index 0000000..0e39b61
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod reports failure to write /etc/subuid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add subordinate uid for user foo (usermod -v 100000-100000 foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subuid usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config.txt b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/default/useradd b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/group b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/gshadow b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/login.defs b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/passwd b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/shadow b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subgid b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subuid b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/data/usermod.err b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/data/usermod.err
new file mode 100644
index 0000000..ee968b8
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subgid+ /etc/subgid
+usermod: failure while writing changes to /etc/subgid
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test
new file mode 100755
index 0000000..c14e5c1
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod reports failure to write /etc/subgid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add subordinate uid for user foo (usermod -w 100000-100000 foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subgid usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test
new file mode 100755
index 0000000..c62fc54
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd fails if a group does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's, disk's, and foooo's password..."
+echo 'nogroup:test
+disk:test2
+foooo:test3' | chgpasswd 2>tmp/chgpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/group b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/gshadow b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/login.defs b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/passwd b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/shadow b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/data/chgpasswd.err b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/data/chgpasswd.err
new file mode 100644
index 0000000..38413df
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/data/chgpasswd.err
@@ -0,0 +1,2 @@
+chgpasswd: line 3: group 'foooo' does not exist
+chgpasswd: error detected, changes ignored
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test
new file mode 100755
index 0000000..4029ad7
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can change mulitple groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's and disk's password..."
+echo 'nogroup:test
+disk:test2' | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/group b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/gshadow b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/login.defs b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/passwd b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/shadow b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/data/gshadow b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/data/gshadow
new file mode 100644
index 0000000..10d3a52
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:@PASS_DES test2@::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_DES test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test
new file mode 100755
index 0000000..96900fb
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd changes the pasword in group if gshadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/gshadow..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Change nogroup's and disk's password..."
+echo 'nogroup:test
+disk:test2' | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check that gshadow does not exist..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/group b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/gshadow b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/login.defs b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/passwd b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/shadow b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/data/group b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/data/group
new file mode 100644
index 0000000..7f5e536
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:@PASS_DES test2@:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:@PASS_DES test@:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test
new file mode 100755
index 0000000..8def840
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd changes the group entry if there are no entries in gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's and disk's password..."
+echo 'nogroup:test
+disk:test2' | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/group b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/gshadow b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..54dc57e
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/gshadow
@@ -0,0 +1,40 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/login.defs b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/passwd b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/shadow b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/group b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/gshadow b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/gshadow
new file mode 100644
index 0000000..544e0d1
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:@PASS_DES test2@::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+nogroup:@PASS_DES test@::
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test
new file mode 100755
index 0000000..53ffbf2
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd fails if no password are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's password..."
+echo 'nogroup:test
+disk' | chgpasswd 2>tmp/chgpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/group b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/gshadow b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/login.defs b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/passwd b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/shadow b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/data/chgpasswd.err b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/data/chgpasswd.err
new file mode 100644
index 0000000..86c0803
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/data/chgpasswd.err
@@ -0,0 +1,2 @@
+chgpasswd: line 2: missing new password
+chgpasswd: error detected, changes ignored
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test b/tests/grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test
new file mode 100755
index 0000000..1075f0f
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chgpasswd usage (chgpasswd -h)..."
+chgpasswd -h >tmp/usage.out
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config.txt b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/default/useradd b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/group b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/gshadow b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/passwd b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/shadow b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/data/usage.out b/tests/grouptools/chgpasswd/06_chgpasswd_usage/data/usage.out
new file mode 100644
index 0000000..46b49c3
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/data/usage.out
@@ -0,0 +1,12 @@
+Usage: chgpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test
new file mode 100755
index 0000000..56de5cb
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd displays its usage message in case on non recognized option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chgpasswd usage (chgpasswd --foo)..."
+chgpasswd --foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config.txt b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/default/useradd b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/group b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/gshadow b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/passwd b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/shadow b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/data/usage.out b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/data/usage.out
new file mode 100644
index 0000000..e96d97c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: unrecognized option '--foo'
+Usage: chgpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test
new file mode 100755
index 0000000..f6b96d5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks that -e and -m are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password are encrypted and must use md5 (chgpasswd -m -e)..."
+echo 'nobody:test' | chgpasswd -m -e 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config.txt b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/default/useradd b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/group b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/gshadow b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/passwd b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/shadow b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/data/usage.out b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/data/usage.out
new file mode 100644
index 0000000..d3a57b6
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: the -c, -e, and -m flags are exclusive
+Usage: chgpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test
new file mode 100755
index 0000000..9da58d6
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks that -e and -c are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password are encrypted and must use another method (chgpasswd -c SHA512 -e)..."
+echo 'nobody:test' | chgpasswd -c SHA512 -e 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config.txt b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/default/useradd b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/group b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/gshadow b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/passwd b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/shadow b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/data/usage.out b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/data/usage.out
new file mode 100644
index 0000000..d3a57b6
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: the -c, -e, and -m flags are exclusive
+Usage: chgpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test
new file mode 100755
index 0000000..e83338f
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks that -c and -m are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chgpasswd -m -c SHA256)..."
+echo 'nobody:test' | chgpasswd -m -c SHA256 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config.txt b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/default/useradd b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/group b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/gshadow b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/passwd b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/shadow b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/data/usage.out b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/data/usage.out
new file mode 100644
index 0000000..d3a57b6
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: the -c, -e, and -m flags are exclusive
+Usage: chgpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test
new file mode 100755
index 0000000..293e932
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks that -c is provided if -s is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chgpasswd --sha-rounds 12)..."
+echo 'nobody:test' | chgpasswd --sha-rounds 12 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config.txt b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/default/useradd b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/group b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/gshadow b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/passwd b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/shadow b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/data/usage.out b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/data/usage.out
new file mode 100644
index 0000000..4bd98d4
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: -s flag is only allowed with the -c flag
+Usage: chgpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test
new file mode 100755
index 0000000..ebfcde6
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks the -s argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chgpasswd --sha-rounds 12foo -c SHA512)..."
+echo 'nobody:test' | chgpasswd --sha-rounds 12foo -c SHA512 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config.txt b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/default/useradd b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/group b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/gshadow b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/passwd b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/shadow b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/data/usage.out b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/data/usage.out
new file mode 100644
index 0000000..690a502
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: invalid numeric argument '12foo'
+Usage: chgpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test
new file mode 100755
index 0000000..8cff29b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks the -c argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chgpasswd --crypt-method SHA513)..."
+echo 'nobody:test' | chgpasswd --crypt-method SHA513 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config.txt b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/default/useradd b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/group b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/gshadow b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/passwd b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/shadow b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/data/usage.out b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/data/usage.out
new file mode 100644
index 0000000..a103cd5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: unsupported crypt method: SHA513
+Usage: chgpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test
new file mode 100755
index 0000000..c622581
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/group b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/gshadow b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/passwd b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/shadow b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/data/gshadow b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/data/gshadow
new file mode 100644
index 0000000..71489d5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:test2::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:test::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test
new file mode 100755
index 0000000..964d193
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create md5 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --md5)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --md5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/group b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/gshadow b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/passwd b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/shadow b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/data/gshadow b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/data/gshadow
new file mode 100644
index 0000000..eea258e
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_MD5 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test
new file mode 100755
index 0000000..98cf6d0
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use encrypted passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd -c NONE)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -c NONE
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/group b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/gshadow b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/passwd b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/shadow b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/data/gshadow b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/data/gshadow
new file mode 100644
index 0000000..71489d5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:test2::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:test::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test
new file mode 100755
index 0000000..920589b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create MD5 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method MD5)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method MD5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/group b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/gshadow b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/passwd b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/shadow b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/data/gshadow b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/data/gshadow
new file mode 100644
index 0000000..eea258e
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_MD5 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test
new file mode 100755
index 0000000..bf504af
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create DES passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method DES)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method DES
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/group b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/gshadow b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/passwd b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/shadow b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/data/gshadow b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/data/gshadow
new file mode 100644
index 0000000..dcf1749
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_DES test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_DES test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test
new file mode 100755
index 0000000..07770c4
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA256 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA256)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA256
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/group b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/gshadow b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/passwd b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/shadow b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/data/gshadow b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/data/gshadow
new file mode 100644
index 0000000..e22ddf5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA256 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test
new file mode 100755
index 0000000..e269270
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA256 passwords and use at least 1000 rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA256 -s 900)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA256 -s 900
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+grep nogroup /etc/gshadow | grep -q ':\$5\$rounds=1000\$'
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/group b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/gshadow b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/passwd b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/shadow b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/data/gshadow b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/data/gshadow
new file mode 100644
index 0000000..e22ddf5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA256 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test
new file mode 100755
index 0000000..7d33204
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA256 passwords and use the requested number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA256 -s 9000)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA256 -s 9000
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+grep nogroup /etc/gshadow | grep -q ':\$5\$rounds=9000\$'
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/group b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/gshadow b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/passwd b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/shadow b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/data/gshadow b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/data/gshadow
new file mode 100644
index 0000000..e22ddf5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA256 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test
new file mode 100755
index 0000000..1a560dc
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA512 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA512)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA512
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/group b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/gshadow b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/passwd b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/shadow b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/data/gshadow b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/data/gshadow
new file mode 100644
index 0000000..f4f8034
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA512 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA512 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test
new file mode 100755
index 0000000..5af55f8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA512 passwords and use at least 1000 rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA512 -s 900)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA512 -s 900
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+grep nogroup /etc/gshadow | grep -q ':\$6\$rounds=1000\$'
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/group b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/gshadow b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/passwd b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/shadow b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/data/gshadow b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/data/gshadow
new file mode 100644
index 0000000..f4f8034
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA512 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA512 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test
new file mode 100755
index 0000000..2e85531
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA512 passwords and use the requested number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA512 -s 9000)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA512 -s 9000
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+grep nogroup /etc/gshadow | grep -q ':\$6\$rounds=9000\$'
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/group b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/gshadow b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/passwd b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/shadow b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/data/gshadow b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/data/gshadow
new file mode 100644
index 0000000..f4f8034
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA512 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA512 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test
new file mode 100755
index 0000000..17f6f95
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd changes the group file if gshadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/gshadow..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Change nogroup's and lp's password..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check that gshadow does not exist..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/group b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..d5d9eb7
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:foo:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:bar:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/gshadow b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/passwd b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/shadow b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/data/group b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/data/group
new file mode 100644
index 0000000..575c221
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:test2:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:test:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test
new file mode 100755
index 0000000..17f6f95
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd changes the group file if gshadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/gshadow..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Change nogroup's and lp's password..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check that gshadow does not exist..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/group b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/gshadow b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/passwd b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/shadow b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/data/group b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/data/group
new file mode 100644
index 0000000..575c221
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:test2:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:test:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test
new file mode 100755
index 0000000..1d9af4b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd changes the group entry if there are no gshadow entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's and lp's password..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/group b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/gshadow b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..aecd9b9
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/gshadow
@@ -0,0 +1,40 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/passwd b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/shadow b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/shadow
new file mode 100644
index 0000000..f4f74a5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/shadow
@@ -0,0 +1,18 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/group b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/gshadow b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/gshadow
new file mode 100644
index 0000000..3652f6f
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:test::
+crontab:x::
+Debian-exim:x::
+lp:test2::
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test
new file mode 100755
index 0000000..c0be3c9
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config.txt b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config.txt
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/default/useradd b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/group b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/gshadow b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/passwd b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/shadow b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/data/chgpasswd.err b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/data/chgpasswd.err
new file mode 100644
index 0000000..5c91d93
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/data/chgpasswd.err
@@ -0,0 +1,2 @@
+chgpasswd: existing lock file /etc/group.lock without a PID
+chgpasswd: cannot lock /etc/group; try again later.
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test
new file mode 100755
index 0000000..368e4b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config.txt b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config.txt
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/default/useradd b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/group b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/gshadow b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/passwd b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/shadow b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/data/chgpasswd.err b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/data/chgpasswd.err
new file mode 100644
index 0000000..dcef785
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/data/chgpasswd.err
@@ -0,0 +1,2 @@
+chgpasswd: existing lock file /etc/gshadow.lock without a PID
+chgpasswd: cannot lock /etc/gshadow; try again later.
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test
new file mode 100755
index 0000000..1dede9e
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks that users exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chgpasswd)..."
+echo 'nogroup:test
+bar:bar2
+lp:test2' | chgpasswd 2>tmp/chgpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config.txt b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config.txt
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/default/useradd b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/group b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/gshadow b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/passwd b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/shadow b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/data/chgpasswd.err b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/data/chgpasswd.err
new file mode 100644
index 0000000..bf4249e
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/data/chgpasswd.err
@@ -0,0 +1,2 @@
+chgpasswd: line 2: group 'bar' does not exist
+chgpasswd: error detected, changes ignored
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..3084f76
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..75a8abe
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..08ee996
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (0 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..8b3971e
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..5054bf7
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..f9879d9
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..965a4d6
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..aa85a13
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root,daemon
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..1e2ca45
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::root,daemon
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..dfbd793
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 2 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to root,daemon (gpasswd -M root,daemon users)..."
+gpasswd -M root,daemon users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..afcbd74
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:x::
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..3084f76
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..bbe0311
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:*:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..9abbd26
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:*::
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..75a8abe
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..0404aba
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:*:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..cda0d0a
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:*::foo
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..08ee996
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (0 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..e2d8b14
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:password:100:bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..86fa988
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:password::foo
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..f9879d9
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..bbe0311
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:*:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..cda0d0a
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:*::foo
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..965a4d6
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..bbe0311
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:*:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..aa85a13
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root,daemon
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..692d0f7
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:*::root,daemon
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..dfbd793
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 2 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to root,daemon (gpasswd -M root,daemon users)..."
+gpasswd -M root,daemon users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..b1450c9
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..bd95302
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..e6e6ab0
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (0 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..8b3971e
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5054bf7
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..e5b40b4
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..8b92888
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..aa85a13
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root,daemon
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..2b2b2ac
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 2 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "set the list of members to root,daemon (gpasswd -M root,daemon users)..."
+gpasswd -M root,daemon users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config.txt b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/group b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/gshadow b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/login.defs b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/login.defs
new file mode 100644
index 0000000..91c4b42
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/passwd b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/shadow b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/data/gshadow b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/data/gshadow
new file mode 100644
index 0000000..6b880f5
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:@PASS_DES usersPAS@::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.exp b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.exp
new file mode 100755
index 0000000..c6e20fd
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.exp
@@ -0,0 +1,70 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+ puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+ exit 1
+}
+
+set run_user [lindex $argv 0]
+set group [lindex $argv 1]
+set g_password [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r" ;# restore the prompt for the logs
+send "whoami\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "$run_user"
+}
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "gpasswd $group\r" ;# Change the password
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "\n# password '$g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+ # Wait for the new prompt
+ "$user_prompt" {
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test
new file mode 100755
index 0000000..5d316e2
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp root users usersPAS '# '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config.txt b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/login.defs b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/login.defs
new file mode 100644
index 0000000..91c4b42
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..4bce8b4
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:@PASS_DES usersPAS@::foo
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.exp b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.exp
new file mode 100755
index 0000000..c6e20fd
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.exp
@@ -0,0 +1,70 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+ puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+ exit 1
+}
+
+set run_user [lindex $argv 0]
+set group [lindex $argv 1]
+set g_password [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r" ;# restore the prompt for the logs
+send "whoami\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "$run_user"
+}
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "gpasswd $group\r" ;# Change the password
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "\n# password '$g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+ # Wait for the new prompt
+ "$user_prompt" {
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..5d316e2
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp root users usersPAS '# '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/login.defs b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..91c4b42
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/data/group b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/data/group
new file mode 100644
index 0000000..76ead96
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:@PASS_DES usersPAS@:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.exp b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.exp
new file mode 100755
index 0000000..c6e20fd
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.exp
@@ -0,0 +1,70 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+ puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+ exit 1
+}
+
+set run_user [lindex $argv 0]
+set group [lindex $argv 1]
+set g_password [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r" ;# restore the prompt for the logs
+send "whoami\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "$run_user"
+}
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "gpasswd $group\r" ;# Change the password
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "\n# password '$g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+ # Wait for the new prompt
+ "$user_prompt" {
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..9f90aaf
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+./gpasswd.exp root users usersPAS '# '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config.txt b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/group b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/gshadow b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/gshadow
new file mode 100644
index 0000000..aef7f5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/login.defs b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/login.defs
new file mode 100644
index 0000000..91c4b42
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/passwd b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/shadow b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/data/gshadow b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/data/gshadow
new file mode 100644
index 0000000..048d86a
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:@PASS_DES usersPAS@:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.exp b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.exp
new file mode 100755
index 0000000..c6e20fd
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.exp
@@ -0,0 +1,70 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+ puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+ exit 1
+}
+
+set run_user [lindex $argv 0]
+set group [lindex $argv 1]
+set g_password [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r" ;# restore the prompt for the logs
+send "whoami\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "$run_user"
+}
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "gpasswd $group\r" ;# Change the password
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "\n# password '$g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+ # Wait for the new prompt
+ "$user_prompt" {
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test
new file mode 100755
index 0000000..9ae0cd8
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config.txt b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/group b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/gshadow b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/passwd b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/shadow b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.exp b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.exp
new file mode 100755
index 0000000..1c7ca5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.exp
@@ -0,0 +1,60 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+ puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+ exit 1
+}
+
+set run_user [lindex $argv 0]
+set group [lindex $argv 1]
+set g_password [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r" ;# restore the prompt for the logs
+send "whoami\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "$run_user"
+}
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "gpasswd $group\r" ;# Change the password
+expect "gpasswd: Permission denied." ;# Not an admin
+
+send_user "\n"
+send_user "# expect prompt '$user_prompt'\n"
+
+expect {
+ # Wait for the new prompt
+ "$user_prompt" {
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test
new file mode 100755
index 0000000..d75576e
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.exp b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.exp
new file mode 100755
index 0000000..7b16acb
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.exp
@@ -0,0 +1,59 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+ puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+ exit 1
+}
+
+set run_user [lindex $argv 0]
+set group [lindex $argv 1]
+set g_password [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r" ;# restore the prompt for the logs
+send "whoami\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "$run_user"
+}
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "gpasswd $group\r" ;# Change the password
+expect "gpasswd: Permission denied." ;# Not an admin
+
+send_user "# expect prompt '$user_prompt'\n"
+
+expect {
+ # Wait for the new prompt
+ "$user_prompt" {
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..c61fa9b
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config.txt b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/default/useradd b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/group b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/gshadow b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/passwd b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/shadow b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/group b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/gshadow b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/gshadow
new file mode 100644
index 0000000..ef584f0
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test b/tests/grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test
new file mode 100755
index 0000000..f942690
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the pasword of group users (gpasswd -r users)..."
+gpasswd -r users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config.txt b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/group b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..10880c6
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:::foo
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..f942690
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the pasword of group users (gpasswd -r users)..."
+gpasswd -r users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/data/group b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/data/group
new file mode 100644
index 0000000..cc8c43e
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users::100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..7658654
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Remove the pasword of group users (gpasswd -r users)..."
+gpasswd -r users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config.txt b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/default/useradd b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/group b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/gshadow b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/passwd b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/shadow b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/group b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/gshadow b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/gshadow
new file mode 100644
index 0000000..ef7c9e5
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:!::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test b/tests/grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test
new file mode 100755
index 0000000..20e41f7
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can lock the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock the pasword of group users (gpasswd -R users)..."
+gpasswd -R users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config.txt b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/group b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..761abe1
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:!::foo
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..20e41f7
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can lock the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock the pasword of group users (gpasswd -R users)..."
+gpasswd -R users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/data/group b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/data/group
new file mode 100644
index 0000000..cc423f5
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:!:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..7d9b49a
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can lock the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Lock the pasword of group users (gpasswd -R users)..."
+gpasswd -R users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config.txt b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/default/useradd b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/group b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/gshadow b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/passwd b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/shadow b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/group b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/group
new file mode 100644
index 0000000..1b4936a
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/gshadow b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/gshadow
new file mode 100644
index 0000000..f590939
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test
new file mode 100755
index 0000000..81b50c9
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can add an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo to group bin (gpasswd -a foo bin)..."
+gpasswd -a foo bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..a3846bc
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/group
new file mode 100644
index 0000000..1b4936a
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..33b3bb4
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bin:x::foo
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..81b50c9
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can add an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo to group bin (gpasswd -a foo bin)..."
+gpasswd -a foo bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/data/group
new file mode 100644
index 0000000..1b4936a
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..b257fe8
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can add an user to a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Add user foo to group bin (gpasswd -a foo bin)..."
+gpasswd -a foo bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config.txt b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/default/useradd b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/group b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/gshadow b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/passwd b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/shadow b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/group b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/gshadow b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test
new file mode 100755
index 0000000..fef6ba0
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config.txt b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/default/useradd b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/group b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/group
new file mode 100644
index 0000000..b7bf0a4
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/gshadow b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/gshadow
new file mode 100644
index 0000000..71ef67c
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/passwd b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/shadow b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/group b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/group
new file mode 100644
index 0000000..85a95f2
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/gshadow b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/gshadow
new file mode 100644
index 0000000..f704a9d
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test
new file mode 100755
index 0000000..0a34349
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (don't touch other usrs/groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config.txt b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/default/useradd b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/group b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/group
new file mode 100644
index 0000000..2cfa18e
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:bin,foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/gshadow b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/gshadow
new file mode 100644
index 0000000..7207bd2
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:bin,foo,root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/passwd b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/shadow b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/group b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/group
new file mode 100644
index 0000000..38d5cf2
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:bin,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/gshadow b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/gshadow
new file mode 100644
index 0000000..83e5365
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:bin,root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test
new file mode 100755
index 0000000..e279235
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+# TODO: maybe this is wrong
+log_start "$0" "gpasswd can remove an user to a group (don't touch administrative users)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..afcbd74
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:x::
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..fef6ba0
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..db1fe5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:password:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..1c18211
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:password::
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..fef6ba0
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..b7bf0a4
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..bc29364
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/group
new file mode 100644
index 0000000..85a95f2
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..3e0af1e
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:x::root
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..0a34349
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (don't touch other usrs/groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..20985d5
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..db1fe5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:password:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/data/group
new file mode 100644
index 0000000..ff80f13
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:password:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..20985d5
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..b7bf0a4
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..bc29364
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/data/group
new file mode 100644
index 0000000..85a95f2
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..6ec2ebc
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (don't touch other usrs/groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config.txt b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/default/useradd b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/group b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/gshadow b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/passwd b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/shadow b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/data/gpasswd.err b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/data/gpasswd.err
new file mode 100644
index 0000000..dec0fe7
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/data/gpasswd.err
@@ -0,0 +1,2 @@
+gpasswd: existing lock file /etc/group.lock without a PID
+gpasswd: cannot lock /etc/group; try again later.
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test
new file mode 100755
index 0000000..55cd038
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -r checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Remove the password of group users (gpasswd -r users)..."
+gpasswd -r users 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config.txt b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/default/useradd b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/group b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/gshadow b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/passwd b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/shadow b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/data/gpasswd.err b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/data/gpasswd.err
new file mode 100644
index 0000000..4c5a872
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/data/gpasswd.err
@@ -0,0 +1,2 @@
+gpasswd: existing lock file /etc/gshadow.lock without a PID
+gpasswd: cannot lock /etc/gshadow; try again later.
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test
new file mode 100755
index 0000000..0c7a649
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -r checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Remove the password of group users (gpasswd -r users)..."
+gpasswd -r users 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config.txt b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/default/useradd b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/group b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/gshadow b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/passwd b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/shadow b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/data/gpasswd.err b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/data/gpasswd.err
new file mode 100644
index 0000000..1cba130
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: group 'usersss' does not exist in /etc/group
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test
new file mode 100755
index 0000000..b9ec058
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -r fails if the group does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the password of unknown group usersss (gpasswd -r usersss)..."
+gpasswd -r usersss 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3" # E_BAD_ARG
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config.txt b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/default/useradd b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/group b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/gshadow b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/passwd b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/shadow b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/data/gpasswd.err b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/data/gpasswd.err
new file mode 100644
index 0000000..1ae3559
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: user 'foooo' does not exist
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test
new file mode 100755
index 0000000..0c7175b
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -a fails if the user does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foooo to group users (gpasswd -a foooo users)..."
+gpasswd -a foooo users 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3" # E_BAD_ARG
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config.txt b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/default/useradd b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/group b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/gshadow b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/passwd b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/shadow b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/data/gpasswd.err b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/data/gpasswd.err
new file mode 100644
index 0000000..1ae3559
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: user 'foooo' does not exist
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test
new file mode 100755
index 0000000..bb3ab61
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -M fails if an user does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set members of users to root,foooo,bin (gpasswd -M root,foooo,bin users)..."
+gpasswd -M root,foooo,bin users 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3" # E_BAD_ARG
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..6f73977
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..4cc3100
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (1 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -A \"\" users)..."
+gpasswd -A "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..37489ea
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo,bin:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..6ed3642
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (2 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -A \"\" users)..."
+gpasswd -A "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..6f73977
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..ca37b35
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (0 -> 1 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -A foo users)..."
+gpasswd -A foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..38c2da7
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..f74646e
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:bin:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..59e5042
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..2d64aaa
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (1 -> 1 users)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -A foo users)..."
+gpasswd -A foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..38c2da7
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..77f563e
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo,bin:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..59e5042
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..2701d17
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (2 -> 1 users)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -A foo users)..."
+gpasswd -A foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..38c2da7
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..77f563e
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo,bin:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..651998f
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:daemon,foo:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..5964aa9
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (2 -> 2 users)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -A daemon,foo users)..."
+gpasswd -A daemon,foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..e3aaaf8
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..8c7367f
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..77a3300
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:x:foo:
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..bbd88af
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can set the list of admins if there is no shadow group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set the admin list of users to foo (gpasswd -A foo users)..."
+gpasswd -A foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/data/gpasswd.err b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/data/gpasswd.err
new file mode 100644
index 0000000..55bd0cc
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: shadow group passwords required for -A
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..6074c46
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -A checks if the gshadow file exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Set the lists of admins to foo (gpasswd -A foo users)..."
+gpasswd -A foo users 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "17" # E_GSHADOW_NOTFOUND
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config.txt b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/default/useradd b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/group b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/group
new file mode 100644
index 0000000..1b4936a
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/gshadow b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/gshadow
new file mode 100644
index 0000000..f590939
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/passwd b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/shadow b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test
new file mode 100755
index 0000000..488c921
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can add an user to a group (already member)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo to group bin (gpasswd -a foo bin)..."
+gpasswd -a foo bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config.txt b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/default/useradd b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/group b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/gshadow b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/gshadow
new file mode 100644
index 0000000..ea4d4ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/passwd b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/shadow b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/data/gpasswd.err b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/data/gpasswd.err
new file mode 100644
index 0000000..e6582d4
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: user 'foo' is not a member of 'users'
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test
new file mode 100755
index 0000000..80b24c7
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (not in the group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3" # E_BAD_ARG
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config.txt b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/default/useradd b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/group b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/gshadow b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/gshadow
new file mode 100644
index 0000000..ea4d4ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/passwd b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/shadow b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/data/group b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test
new file mode 100755
index 0000000..3bc2038
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (not in the group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config.txt b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/default/useradd b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/group b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/gshadow b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/passwd b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/shadow b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/data/gshadow b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test
new file mode 100755
index 0000000..5d49520
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (not in the group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config.txt b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config.txt
new file mode 100644
index 0000000..ffddf4e
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user useruseruseruseruseruseruseruser, 32 chars
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/default/useradd b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/group b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/group
new file mode 100644
index 0000000..bee1474
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+useruseruseruseruseruseruseruser:x:1000:
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/gshadow b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/gshadow
new file mode 100644
index 0000000..a8d50cc
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+useruseruseruseruseruseruseruser:*::
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/passwd b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/passwd
new file mode 100644
index 0000000..aff85eb
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+useruseruseruseruseruseruseruser:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/shadow b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/shadow
new file mode 100644
index 0000000..ae1c044
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+useruseruseruseruseruseruseruser:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/group b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/group
new file mode 100644
index 0000000..7835fe7
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:useruseruseruseruseruseruseruser
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+useruseruseruseruseruseruseruser:x:1000:
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/gshadow b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/gshadow
new file mode 100644
index 0000000..f8e3924
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::useruseruseruseruseruseruseruser
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+useruseruseruseruseruseruseruser:*::
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test
new file mode 100755
index 0000000..594b8c3
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can add an user with 32 characters to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user useruseruseruseruseruseruseruser to group bin (gpasswd -a useruseruseruseruseruseruseruser bin)..."
+gpasswd -a useruseruseruseruseruseruseruser bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config.txt b/tests/grouptools/gpasswd/61_gpasswd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/group b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/gshadow b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/passwd b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/shadow b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/data/usage.out b/tests/grouptools/gpasswd/61_gpasswd_usage/data/usage.out
new file mode 100644
index 0000000..d1c98d7
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/data/usage.out
@@ -0,0 +1,13 @@
+Usage: gpasswd [option] GROUP
+
+Options:
+ -a, --add USER add USER to GROUP
+ -d, --delete USER remove USER from GROUP
+ -h, --help display this help message and exit
+ -Q, --root CHROOT_DIR directory to chroot into
+ -r, --remove-password remove the GROUP's password
+ -R, --restrict restrict access to GROUP to its members
+ -M, --members USER,... set the list of members of GROUP
+ -A, --administrators ADMIN,...
+ set the list of administrators for GROUP
+Except for the -A and -M options, the options cannot be combined.
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/gpasswd.test b/tests/grouptools/gpasswd/61_gpasswd_usage/gpasswd.test
new file mode 100755
index 0000000..50732c6
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/gpasswd.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get gpasswd usage (gpasswd -h)..."
+gpasswd -h >tmp/usage.out
+
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config.txt b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/default/useradd b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/group b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/gshadow b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/passwd b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/shadow b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/data/gpasswd.err b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/data/gpasswd.err
new file mode 100644
index 0000000..1ae3559
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: user 'foooo' does not exist
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test
new file mode 100755
index 0000000..2be948c
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -A fails if an user does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set admins of users to root,foooo,bin (gpasswd -A root,foooo,bin users)..."
+gpasswd -A root,foooo,bin users 2>tmp/gpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3" # E_BAD_ARG
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config.txt b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/group b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/gshadow b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/passwd b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/shadow b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/data/usage.out b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/data/usage.out
new file mode 100644
index 0000000..587d234
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/data/usage.out
@@ -0,0 +1,14 @@
+gpasswd: invalid option -- 'Z'
+Usage: gpasswd [option] GROUP
+
+Options:
+ -a, --add USER add USER to GROUP
+ -d, --delete USER remove USER from GROUP
+ -h, --help display this help message and exit
+ -Q, --root CHROOT_DIR directory to chroot into
+ -r, --remove-password remove the GROUP's password
+ -R, --restrict restrict access to GROUP to its members
+ -M, --members USER,... set the list of members of GROUP
+ -A, --administrators ADMIN,...
+ set the list of administrators for GROUP
+Except for the -A and -M options, the options cannot be combined.
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test
new file mode 100755
index 0000000..aca4873
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd displays its usage message in case of bad option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use gpasswd invalid option (gpasswd -Z)..."
+gpasswd -Z 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config.txt b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/group b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/gshadow b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/passwd b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/shadow b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/data/usage.out b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/data/usage.out
new file mode 100644
index 0000000..d1c98d7
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/data/usage.out
@@ -0,0 +1,13 @@
+Usage: gpasswd [option] GROUP
+
+Options:
+ -a, --add USER add USER to GROUP
+ -d, --delete USER remove USER from GROUP
+ -h, --help display this help message and exit
+ -Q, --root CHROOT_DIR directory to chroot into
+ -r, --remove-password remove the GROUP's password
+ -R, --restrict restrict access to GROUP to its members
+ -M, --members USER,... set the list of members of GROUP
+ -A, --administrators ADMIN,...
+ set the list of administrators for GROUP
+Except for the -A and -M options, the options cannot be combined.
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test
new file mode 100755
index 0000000..009f5a3
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd displays its usage message in case of multiple exclusive options"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use gpasswd option (gpasswd -a root -d root users)..."
+gpasswd -a root -d root users 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config.txt b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/group b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/gshadow b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/passwd b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/shadow b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/data/usage.out b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/data/usage.out
new file mode 100644
index 0000000..d1c98d7
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/data/usage.out
@@ -0,0 +1,13 @@
+Usage: gpasswd [option] GROUP
+
+Options:
+ -a, --add USER add USER to GROUP
+ -d, --delete USER remove USER from GROUP
+ -h, --help display this help message and exit
+ -Q, --root CHROOT_DIR directory to chroot into
+ -r, --remove-password remove the GROUP's password
+ -R, --restrict restrict access to GROUP to its members
+ -M, --members USER,... set the list of members of GROUP
+ -A, --administrators ADMIN,...
+ set the list of administrators for GROUP
+Except for the -A and -M options, the options cannot be combined.
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test
new file mode 100755
index 0000000..871c264
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd displays its usage message in case the group is not specified"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use gpasswd option (gpasswd -a root)..."
+gpasswd -a root 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config.txt b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/group b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/gshadow b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/passwd b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/shadow b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/data/usage.out b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/data/usage.out
new file mode 100644
index 0000000..d1c98d7
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/data/usage.out
@@ -0,0 +1,13 @@
+Usage: gpasswd [option] GROUP
+
+Options:
+ -a, --add USER add USER to GROUP
+ -d, --delete USER remove USER from GROUP
+ -h, --help display this help message and exit
+ -Q, --root CHROOT_DIR directory to chroot into
+ -r, --remove-password remove the GROUP's password
+ -R, --restrict restrict access to GROUP to its members
+ -M, --members USER,... set the list of members of GROUP
+ -A, --administrators ADMIN,...
+ set the list of administrators for GROUP
+Except for the -A and -M options, the options cannot be combined.
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test
new file mode 100755
index 0000000..67827b6
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd displays its usage message in case multiple groups are specified"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use gpasswd option (gpasswd -a root root users)..."
+gpasswd -a root root users 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config.txt b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/group b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/gshadow b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/passwd b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/shadow b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.exp b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.exp
new file mode 100755
index 0000000..11ca9ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.exp
@@ -0,0 +1,59 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+ puts "usage: gpasswd.exp <run_user> <group> <user_prompt>"
+ exit 1
+}
+
+set run_user [lindex $argv 0]
+set group [lindex $argv 1]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r" ;# restore the prompt for the logs
+send "whoami\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "$run_user"
+}
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's admins to 'root'\n"
+send_user "# and expect a permission denied"
+send "\r" ;# restore the prompt for the logs
+send "gpasswd -A root $group\r" ;# Change the password
+expect "gpasswd: Permission denied." ;# Not an admin
+
+send_user "\n"
+send_user "# expect prompt '$user_prompt'\n"
+
+expect {
+ # Wait for the new prompt
+ "$user_prompt" {
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test
new file mode 100755
index 0000000..95d557d
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config.txt b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/group b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/gshadow b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/passwd b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/shadow b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.exp b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.exp
new file mode 100755
index 0000000..2b31498
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.exp
@@ -0,0 +1,60 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+ puts "usage: gpasswd.exp <run_user> <group> <user_prompt>"
+ exit 1
+}
+
+set run_user [lindex $argv 0]
+set group [lindex $argv 1]
+set g_password [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r" ;# restore the prompt for the logs
+send "whoami\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "$run_user"
+}
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's members to root\n"
+send_user "# and expect a permission denied"
+send "\r" ;# restore the prompt for the logs
+send "gpasswd -M root $group\r" ;# Change the password
+expect "gpasswd: Permission denied." ;# Not an admin
+
+send_user "\n"
+send_user "# expect prompt '$user_prompt'\n"
+
+expect {
+ # Wait for the new prompt
+ "$user_prompt" {
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test
new file mode 100755
index 0000000..95d557d
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config.txt b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/group b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/gshadow b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/gshadow
new file mode 100644
index 0000000..aef7f5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/login.defs b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/login.defs
new file mode 100644
index 0000000..91c4b42
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/passwd b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/shadow b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/data/gshadow b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/data/gshadow
new file mode 100644
index 0000000..048d86a
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:@PASS_DES usersPAS@:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.exp b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.exp
new file mode 100755
index 0000000..b207719
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.exp
@@ -0,0 +1,87 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+ puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+ exit 1
+}
+
+set run_user [lindex $argv 0]
+set group [lindex $argv 1]
+set g_password [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r" ;# restore the prompt for the logs
+send "whoami\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "$run_user"
+}
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "gpasswd $group\r" ;# Change the password
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r" ;# Send the password
+
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+
+send_user "# expect failure an retry"
+expect "They don't match; try again"
+
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "\n# password '$g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+ # Wait for the new prompt
+ "$user_prompt" {
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test
new file mode 100755
index 0000000..9ae0cd8
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config.txt b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/group b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/gshadow b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/gshadow
new file mode 100644
index 0000000..aef7f5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/login.defs b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/login.defs
new file mode 100644
index 0000000..cff57e2
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 4
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/passwd b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/shadow b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/data/gshadow b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/data/gshadow
new file mode 100644
index 0000000..048d86a
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:@PASS_DES usersPAS@:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.exp b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.exp
new file mode 100755
index 0000000..b8ac4e9
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.exp
@@ -0,0 +1,96 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+ puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+ exit 1
+}
+
+set run_user [lindex $argv 0]
+set group [lindex $argv 1]
+set g_password [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r" ;# restore the prompt for the logs
+send "whoami\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "$run_user"
+}
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "gpasswd $group\r" ;# Change the password
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r" ;# Send the password
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+send_user "# expect failure 1 and retry"
+expect "They don't match; try again"
+
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r" ;# Send the password
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+send_user "# expect failure 2 and retry"
+expect "They don't match; try again"
+
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "\n# password '$g_password' sent for the last try\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+ # Wait for the new prompt
+ "$user_prompt" {
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test
new file mode 100755
index 0000000..9ae0cd8
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config.txt b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/group b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/gshadow b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/gshadow
new file mode 100644
index 0000000..aef7f5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/login.defs b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/login.defs
new file mode 100644
index 0000000..cff57e2
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 4
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/passwd b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/shadow b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.exp b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.exp
new file mode 100755
index 0000000..8b85ba9
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.exp
@@ -0,0 +1,96 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+ puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+ exit 1
+}
+
+set run_user [lindex $argv 0]
+set group [lindex $argv 1]
+set g_password [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r" ;# restore the prompt for the logs
+send "whoami\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "$run_user"
+}
+
+expect "$user_prompt" ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "gpasswd $group\r" ;# Change the password
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r" ;# Send the password
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+send_user "# expect failure 1 and retry"
+expect "They don't match; try again"
+
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r" ;# Send the password
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+send_user "# expect failure 2 and retry"
+expect "They don't match; try again"
+
+expect "New Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r" ;# Send the password
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: " ;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r" ;# Send the password
+send_user "# expect failure 3 and retry"
+expect "gpasswd: Try again later"
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+ # Wait for the new prompt
+ "$user_prompt" {
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test
new file mode 100755
index 0000000..d75576e
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config.txt b/tests/grouptools/gpasswd/72_gpasswd-M-A/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/group b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/gshadow b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/passwd b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/shadow b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/data/group b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/group
new file mode 100644
index 0000000..aa85a13
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root,daemon
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/data/gshadow b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/gshadow
new file mode 100644
index 0000000..de77657
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:root,bin:root,daemon
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test b/tests/grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test
new file mode 100755
index 0000000..1a77cee
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members and admins"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to root,daemon (gpasswd -M root,daemon -A root,bin users)..."
+gpasswd -M root,daemon -A root,bin users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config.txt b/tests/grouptools/groupadd/01_groupadd_add_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/default/useradd b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/group b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/gshadow b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/login.defs b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/passwd b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/shadow b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/data/group b/tests/grouptools/groupadd/01_groupadd_add_group/data/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/data/gshadow b/tests/grouptools/groupadd/01_groupadd_add_group/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/groupadd.test b/tests/grouptools/groupadd/01_groupadd_add_group/groupadd.test
new file mode 100755
index 0000000..c48da8e
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group (GID_MIN set to 100 in /etc/login.defs)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config.txt b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/default/useradd b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/group b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/gshadow b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/login.defs b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/login.defs
new file mode 100644
index 0000000..68b7f5d
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/passwd b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/shadow b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/group b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/gshadow b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test
new file mode 100755
index 0000000..05c1038
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group (GID_MIN set to 1000 in /etc/login.defs)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config.txt b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/default/useradd b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/group b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/gshadow b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/login.defs b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/passwd b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/shadow b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/group b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/group
new file mode 100644
index 0000000..f3d8204
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:2000:
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/gshadow b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test
new file mode 100755
index 0000000..bad185a
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group, respect -K GID_MIN"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd -K GID_MIN=2000 foo)..."
+groupadd -K GID_MIN=2000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config.txt b/tests/grouptools/groupadd/04_groupadd_set_password/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/default/useradd b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/group b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/gshadow b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/login.defs b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/passwd b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/shadow b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/data/group b/tests/grouptools/groupadd/04_groupadd_set_password/data/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/data/gshadow b/tests/grouptools/groupadd/04_groupadd_set_password/data/gshadow
new file mode 100644
index 0000000..57a72a7
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:password::
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/groupadd.test b/tests/grouptools/groupadd/04_groupadd_set_password/groupadd.test
new file mode 100755
index 0000000..01ce95e
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group and set the password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo with a password (groupadd -p password foo)..."
+groupadd -p password foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config.txt b/tests/grouptools/groupadd/05_groupadd_set_GID/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/default/useradd b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/group b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/gshadow b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/login.defs b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/passwd b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/shadow b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/data/group b/tests/grouptools/groupadd/05_groupadd_set_GID/data/group
new file mode 100644
index 0000000..3bd92e7
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1500:
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/data/gshadow b/tests/grouptools/groupadd/05_groupadd_set_GID/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/groupadd.test b/tests/grouptools/groupadd/05_groupadd_set_GID/groupadd.test
new file mode 100755
index 0000000..306767b
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group and set the GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo with GID 1500 (groupadd -p 1500 foo)..."
+groupadd -g 1500 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config.txt b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/default/useradd b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/group b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/gshadow b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/login.defs b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/passwd b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/shadow b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test
new file mode 100755
index 0000000..25546eb
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd -f exits with succes if the user already exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd -f foo)..."
+groupadd -f foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config.txt b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/default/useradd b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/group b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/group
new file mode 100644
index 0000000..5c3fef9
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1003:
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/gshadow b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/login.defs b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/passwd b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/shadow b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/group b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/group
new file mode 100644
index 0000000..66c892a
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1003:
+bar:x:1004:
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/gshadow b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/gshadow
new file mode 100644
index 0000000..e718821
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:!::
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test
new file mode 100755
index 0000000..3f3f32f
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd -f uses another GID if an user already exists with this GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group bar, GID 1003 (groupadd -g 1003 -f bar)..."
+groupadd -g 1003 -f bar
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config.txt b/tests/grouptools/groupadd/08_groupadd_locked_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/default/useradd b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/group b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/gshadow b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/passwd b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/shadow b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/data/groupadd.err b/tests/grouptools/groupadd/08_groupadd_locked_group/data/groupadd.err
new file mode 100644
index 0000000..33604e5
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/data/groupadd.err
@@ -0,0 +1,2 @@
+groupadd: existing lock file /etc/group.lock without a PID
+groupadd: cannot lock /etc/group; try again later.
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/groupadd.test b/tests/grouptools/groupadd/08_groupadd_locked_group/groupadd.test
new file mode 100755
index 0000000..aa3250e
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/groupadd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config.txt b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/default/useradd b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/group b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/passwd b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/shadow b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/data/groupadd.err b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/data/groupadd.err
new file mode 100644
index 0000000..c64e0a9
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/data/groupadd.err
@@ -0,0 +1,2 @@
+groupadd: existing lock file /etc/gshadow.lock without a PID
+groupadd: cannot lock /etc/gshadow; try again later.
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test
new file mode 100755
index 0000000..ac6645c
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config.txt b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/default/useradd b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/group b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/group
new file mode 100644
index 0000000..5c3fef9
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1003:
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/gshadow b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/login.defs b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/passwd b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/shadow b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/group b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/group
new file mode 100644
index 0000000..64cb8f1
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1003:
+bar:x:1003:
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/gshadow b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/gshadow
new file mode 100644
index 0000000..e718821
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:!::
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test
new file mode 100755
index 0000000..3597a31
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd -o accepts to add a group with an already used GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group bar, GID 1003 (groupadd -g 1003 -o bar)..."
+groupadd -g 1003 -o bar
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config.txt b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/default/useradd b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/group b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/gshadow b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/passwd b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/shadow b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/data/groupadd.err b/tests/grouptools/groupadd/11_groupadd_invalid_GID/data/groupadd.err
new file mode 100644
index 0000000..1b0872b
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: invalid group ID '1002a'
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test b/tests/grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test
new file mode 100755
index 0000000..9a1d542
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the given GID is a valid numeric ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID 1002a (groupadd -g 1002a foo)..."
+groupadd -g 1002a foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config.txt b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/default/useradd b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/group b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/gshadow b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/passwd b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/shadow b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/data/groupadd.err b/tests/grouptools/groupadd/12_groupadd_negativ_GID/data/groupadd.err
new file mode 100644
index 0000000..26012b6
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: invalid group ID '-1002'
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test b/tests/grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test
new file mode 100755
index 0000000..b46434c
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the given GID is a valid numeric ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID -1002 (groupadd -g -1002 foo)..."
+groupadd -g -1002 foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config.txt b/tests/grouptools/groupadd/13_groupadd_invalid_name/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/default/useradd b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/group b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/gshadow b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/passwd b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/shadow b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/data/groupadd.err b/tests/grouptools/groupadd/13_groupadd_invalid_name/data/groupadd.err
new file mode 100644
index 0000000..e7ca762
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: 'foo:bar' is not a valid group name
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/groupadd.test b/tests/grouptools/groupadd/13_groupadd_invalid_name/groupadd.test
new file mode 100755
index 0000000..fab3011
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the given name is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo:bar (groupadd foo:bar)..."
+groupadd foo:bar 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config.txt b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/default/useradd b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/group b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/gshadow b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/passwd b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/shadow b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/data/groupadd.err b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/data/groupadd.err
new file mode 100644
index 0000000..f2685c5
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/data/groupadd.err
@@ -0,0 +1 @@
+configuration error - unknown item 'FOO' (notify administrator)
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test
new file mode 100755
index 0000000..7e28a7f
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the option provided with -K is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group -K FOO=100 foo (groupadd -K FOO=100 foo)..."
+groupadd -K FOO=100 foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config.txt b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/default/useradd b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/group b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/gshadow b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/passwd b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/shadow b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/data/groupadd.err b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/data/groupadd.err
new file mode 100644
index 0000000..8661719
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: -K requires KEY=VALUE
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test
new file mode 100755
index 0000000..affd681
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the option provided with -K has a value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group -K GID_MAX foo (groupadd -K GID_MAX foo)..."
+groupadd -K GID_MAX foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config.txt b/tests/grouptools/groupadd/16_groupadd_existing_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/default/useradd b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/group b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/gshadow b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/passwd b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/shadow b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/data/groupadd.err b/tests/grouptools/groupadd/16_groupadd_existing_group/data/groupadd.err
new file mode 100644
index 0000000..be5ec5f
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: group 'foo' already exists
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/groupadd.test b/tests/grouptools/groupadd/16_groupadd_existing_group/groupadd.test
new file mode 100755
index 0000000..7136dfa
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the group already exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config.txt b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/default/useradd b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/group b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/gshadow b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/login.defs b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/login.defs
new file mode 100644
index 0000000..8d56b7f
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/login.defs
@@ -0,0 +1,316 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+SYS_GID_MIN 500
+GID_MIN 1000
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/passwd b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/shadow b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/group b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/group
new file mode 100644
index 0000000..b5b6ce2
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/gshadow b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test
new file mode 100755
index 0000000..1d5c9a8
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a system group (GID_MIN set to 1000, and SYS_GID_MIN set to 500 in /etc/login.defs)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add system group foo (groupadd --system foo)..."
+groupadd --system foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config.txt b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/default/useradd b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/group b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/group
new file mode 100644
index 0000000..15f4c27
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/gshadow b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/login.defs b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/login.defs
new file mode 100644
index 0000000..227549c
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 1001
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/passwd b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/shadow b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/data/groupadd.err b/tests/grouptools/groupadd/18_groupadd_no_more_GID/data/groupadd.err
new file mode 100644
index 0000000..b3fd5c1
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: Can't get unique GID (no more available GIDs)
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test b/tests/grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test
new file mode 100755
index 0000000..d4aeec4
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the a GID is still available (GID_MIN=1000, GID_MAX=1001)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config.txt b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/default/useradd b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/group b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/group
new file mode 100644
index 0000000..db0f483
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:300:
+foo2:x:301:
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/gshadow b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/login.defs b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/login.defs
new file mode 100644
index 0000000..756e743
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+SYS_GID_MIN 300
+SYS_GID_MAX 301
+GID_MIN 1000
+GID_MAX 1001
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/passwd b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/shadow b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/data/groupadd.err b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/data/groupadd.err
new file mode 100644
index 0000000..2809cdd
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: Can't get unique system GID (no more available GIDs)
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test
new file mode 100755
index 0000000..728cdbc
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the a GID is still available (GID_MIN=300, GID_MAX=301)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add system group foo (groupadd -r foo)..."
+groupadd -r foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config.txt b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/default/useradd b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/group b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/gshadow b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/passwd b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/shadow b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/data/groupadd.err b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/data/groupadd.err
new file mode 100644
index 0000000..2ab5ee7
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: GID '1000' already exists
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test
new file mode 100755
index 0000000..c65be1b
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the given GID is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group bar, GID 1000 (groupadd -g 1000 bar)..."
+groupadd -g 1000 bar 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config.txt b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/default/useradd b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/group b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/gshadow b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/passwd b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/shadow b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/data/groupadd.err b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/data/groupadd.err
new file mode 100644
index 0000000..686e195
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: invalid group ID '4294967295'
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test
new file mode 100755
index 0000000..ce73d7f
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the given GID is a valid numeric ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..."
+groupadd -g 4294967295 foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config.txt b/tests/grouptools/groupadd/22_groupadd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/default/useradd b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/group b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/gshadow b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/passwd b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/shadow b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/data/usage.out b/tests/grouptools/groupadd/22_groupadd_usage/data/usage.out
new file mode 100644
index 0000000..bb5b556
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/data/usage.out
@@ -0,0 +1,14 @@
+Usage: groupadd [options] GROUP
+
+Options:
+ -f, --force exit successfully if the group already exists,
+ and cancel -g if the GID is already used
+ -g, --gid GID use GID for the new group
+ -h, --help display this help message and exit
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -o, --non-unique allow to create groups with duplicate
+ (non-unique) GID
+ -p, --password PASSWORD use this encrypted password for the new group
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/groupadd.test b/tests/grouptools/groupadd/22_groupadd_usage/groupadd.test
new file mode 100755
index 0000000..e273408
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/groupadd.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get groupadd usage (groupadd -h)..."
+groupadd -h >tmp/usage.out
+
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config.txt b/tests/grouptools/groupadd/23_groupadd_no_groups/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/default/useradd b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/group b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/gshadow b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/passwd b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/shadow b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/data/groupadd.err b/tests/grouptools/groupadd/23_groupadd_no_groups/data/groupadd.err
new file mode 100644
index 0000000..bb5b556
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/data/groupadd.err
@@ -0,0 +1,14 @@
+Usage: groupadd [options] GROUP
+
+Options:
+ -f, --force exit successfully if the group already exists,
+ and cancel -g if the GID is already used
+ -g, --gid GID use GID for the new group
+ -h, --help display this help message and exit
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -o, --non-unique allow to create groups with duplicate
+ (non-unique) GID
+ -p, --password PASSWORD use this encrypted password for the new group
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/groupadd.test b/tests/grouptools/groupadd/23_groupadd_no_groups/groupadd.test
new file mode 100755
index 0000000..bb38d63
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd requires the group to create"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..."
+groupadd 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config.txt b/tests/grouptools/groupadd/24_groupadd_2_groups/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/default/useradd b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/group b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/gshadow b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/passwd b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/shadow b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/data/groupadd.err b/tests/grouptools/groupadd/24_groupadd_2_groups/data/groupadd.err
new file mode 100644
index 0000000..bb5b556
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/data/groupadd.err
@@ -0,0 +1,14 @@
+Usage: groupadd [options] GROUP
+
+Options:
+ -f, --force exit successfully if the group already exists,
+ and cancel -g if the GID is already used
+ -g, --gid GID use GID for the new group
+ -h, --help display this help message and exit
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -o, --non-unique allow to create groups with duplicate
+ (non-unique) GID
+ -p, --password PASSWORD use this encrypted password for the new group
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/groupadd.test b/tests/grouptools/groupadd/24_groupadd_2_groups/groupadd.test
new file mode 100755
index 0000000..0f12ae2
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can only create a single group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..."
+groupadd group1 group2 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config.txt b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/default/useradd b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/group b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/gshadow b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/login.defs b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/passwd b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/shadow b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/data/group b/tests/grouptools/groupadd/25_groupadd_no_gshadow/data/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test b/tests/grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test
new file mode 100755
index 0000000..87f80fb
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group without /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove gshadow..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config.txt b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/default/useradd b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/group b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/gshadow b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/passwd b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/shadow b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/data/groupadd.err b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/data/groupadd.err
new file mode 100644
index 0000000..bb5b556
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/data/groupadd.err
@@ -0,0 +1,14 @@
+Usage: groupadd [options] GROUP
+
+Options:
+ -f, --force exit successfully if the group already exists,
+ and cancel -g if the GID is already used
+ -g, --gid GID use GID for the new group
+ -h, --help display this help message and exit
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -o, --non-unique allow to create groups with duplicate
+ (non-unique) GID
+ -p, --password PASSWORD use this encrypted password for the new group
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test
new file mode 100755
index 0000000..826a47a
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd -o require -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..."
+groupadd -o group1 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config.txt b/tests/grouptools/groupadd/27_groupadd_invalid_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/group b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/gshadow b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/passwd b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/shadow b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/data/groupadd.err b/tests/grouptools/groupadd/27_groupadd_invalid_option/data/groupadd.err
new file mode 100644
index 0000000..d3cae91
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/data/groupadd.err
@@ -0,0 +1,15 @@
+groupadd: unrecognized option '--zzinvalid'
+Usage: groupadd [options] GROUP
+
+Options:
+ -f, --force exit successfully if the group already exists,
+ and cancel -g if the GID is already used
+ -g, --gid GID use GID for the new group
+ -h, --help display this help message and exit
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -o, --non-unique allow to create groups with duplicate
+ (non-unique) GID
+ -p, --password PASSWORD use this encrypted password for the new group
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/groupadd.test b/tests/grouptools/groupadd/27_groupadd_invalid_option/groupadd.test
new file mode 100755
index 0000000..c8c0e9b
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd provide usage when called with an invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupadd with invalid options (groupadd --zzinvalid foo)..."
+groupadd --zzinvalid foo 2>tmp/groupadd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config.txt b/tests/grouptools/groupdel/01_groupdel_delete_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/default/useradd b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/group b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/gshadow b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/login.defs b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/passwd b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/shadow b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/data/group b/tests/grouptools/groupdel/01_groupdel_delete_group/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/data/gshadow b/tests/grouptools/groupdel/01_groupdel_delete_group/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/groupdel.test b/tests/grouptools/groupdel/01_groupdel_delete_group/groupdel.test
new file mode 100755
index 0000000..b590f9d
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/groupdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel can delete a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config.txt b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/group b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/data/group b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test
new file mode 100755
index 0000000..0ab4f19
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel can delete a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config.txt b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/group b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/data/group b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test
new file mode 100755
index 0000000..b0c0793
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel can delete a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config.txt b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/default/useradd b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/group b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/gshadow b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/login.defs b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/passwd b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/shadow b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/data/groupdel.err b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/data/groupdel.err
new file mode 100644
index 0000000..f33297a
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/data/groupdel.err
@@ -0,0 +1 @@
+groupdel: cannot remove the primary group of user 'bar'
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test
new file mode 100755
index 0000000..cab95ca
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel doesn't delete a group used as a primary group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "8"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config.txt b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/default/useradd b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/group b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/group
new file mode 100644
index 0000000..3196692
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/gshadow b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/gshadow
new file mode 100644
index 0000000..3a02ae8
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/login.defs b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/passwd b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/shadow b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/data/groupdel.err b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/data/groupdel.err
new file mode 100644
index 0000000..21d6add
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/data/groupdel.err
@@ -0,0 +1 @@
+groupdel: group 'foo' does not exist
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test
new file mode 100755
index 0000000..76b6bfa
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel fails if the group is not valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config.txt b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/default/useradd b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/group b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/gshadow b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/login.defs b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/passwd b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/shadow b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/data/groupdel.err b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/data/groupdel.err
new file mode 100644
index 0000000..ed52317
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/data/groupdel.err
@@ -0,0 +1,2 @@
+groupdel: existing lock file /etc/group.lock without a PID
+groupdel: cannot lock /etc/group; try again later.
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test
new file mode 100755
index 0000000..d2f54c9
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config.txt b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/default/useradd b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/group b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/login.defs b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/passwd b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/shadow b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/data/groupdel.err b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/data/groupdel.err
new file mode 100644
index 0000000..66f2eaf
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/data/groupdel.err
@@ -0,0 +1,2 @@
+groupdel: existing lock file /etc/gshadow.lock without a PID
+groupdel: cannot lock /etc/gshadow; try again later.
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test
new file mode 100755
index 0000000..ea7a4cc
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config.txt b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/default/useradd b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/group b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/group
new file mode 100644
index 0000000..3196692
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/gshadow b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/gshadow
new file mode 100644
index 0000000..3a02ae8
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/login.defs b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/passwd b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/shadow b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/data/groupdel.err b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/data/groupdel.err
new file mode 100644
index 0000000..e1d7f41
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/data/groupdel.err
@@ -0,0 +1,6 @@
+Usage: groupdel [options] GROUP
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test
new file mode 100755
index 0000000..2cdc0d5
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel checks if a group is provided in parameter"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete a group (groupdel)..."
+groupdel 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config.txt b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/default/useradd b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/group b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/group
new file mode 100644
index 0000000..3196692
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/gshadow b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/gshadow
new file mode 100644
index 0000000..3a02ae8
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/login.defs b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/passwd b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/shadow b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/data/groupdel.err b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/data/groupdel.err
new file mode 100644
index 0000000..e1d7f41
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/data/groupdel.err
@@ -0,0 +1,6 @@
+Usage: groupdel [options] GROUP
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test
new file mode 100755
index 0000000..d833deb
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel does not delete two groups at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete two groups (groupdel foo bar)..."
+groupdel foo bar 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config.txt b/tests/grouptools/groupdel/10_groupdel_usage/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/default/useradd b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/group b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/gshadow b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/login.defs b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/passwd b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/shadow b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/data/usage.out b/tests/grouptools/groupdel/10_groupdel_usage/data/usage.out
new file mode 100644
index 0000000..e1d7f41
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/data/usage.out
@@ -0,0 +1,6 @@
+Usage: groupdel [options] GROUP
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/groupdel.test b/tests/grouptools/groupdel/10_groupdel_usage/groupdel.test
new file mode 100755
index 0000000..4a696a1
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/groupdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get groupdel usage message (groupdel --help)..."
+groupdel --help >tmp/usage.out
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usage.out tmp/usage.out
+echo "error message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config.txt b/tests/grouptools/groupdel/11_groupdel_invalid_option/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/default/useradd b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/group b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/gshadow b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/login.defs b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/passwd b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/shadow b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/data/groupdel.err b/tests/grouptools/groupdel/11_groupdel_invalid_option/data/groupdel.err
new file mode 100644
index 0000000..7502ba5
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/data/groupdel.err
@@ -0,0 +1,7 @@
+groupdel: invalid option -- 'Z'
+Usage: groupdel [options] GROUP
+
+Options:
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/groupdel.test b/tests/grouptools/groupdel/11_groupdel_invalid_option/groupdel.test
new file mode 100755
index 0000000..8072a4f
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel displays its usage message when called with an invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupdel with an invalid option (groupdel -Z foo)..."
+groupdel -Z foo 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config.txt b/tests/grouptools/groupmems/01_groupmems_root_add_user/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/group b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/gshadow b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/passwd b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/shadow b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/data/group b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/group
new file mode 100644
index 0000000..62aeba4
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/data/gshadow b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/gshadow
new file mode 100644
index 0000000..563a8ba
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::utest1
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/groupmems.test b/tests/grouptools/groupmems/01_groupmems_root_add_user/groupmems.test
new file mode 100755
index 0000000..74c7420
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can add an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user utest1 to group gtest1..."
+groupmems -a utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config.txt b/tests/grouptools/groupmems/02_groupmems_root_del_user/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/group b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/group
new file mode 100644
index 0000000..62aeba4
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/gshadow b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/gshadow
new file mode 100644
index 0000000..563a8ba
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::utest1
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/passwd b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/shadow b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/data/group b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/data/gshadow b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/groupmems.test b/tests/grouptools/groupmems/02_groupmems_root_del_user/groupmems.test
new file mode 100755
index 0000000..fca4fdb
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can remove an user from a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user utest1 from group gtest1..."
+groupmems -d utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config.txt b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/group b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/group
new file mode 100644
index 0000000..62aeba4
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/gshadow b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/gshadow
new file mode 100644
index 0000000..a559a9a
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:utest1:
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/passwd b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/shadow b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/group b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/gshadow b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test
new file mode 100755
index 0000000..6e5de89
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can remove an user from a group (only admin in gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user utest1 from group gtest1..."
+groupmems -d utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config.txt b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/group b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/group
new file mode 100644
index 0000000..62aeba4
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/gshadow b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/gshadow
new file mode 100644
index 0000000..793955f
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:utest1:utest1
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/passwd b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/shadow b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/group b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/gshadow b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test
new file mode 100755
index 0000000..e4d9d07
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can remove an user from a group (both from the admins and members in gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user utest1 from group gtest1..."
+groupmems -d utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config.txt b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..fbc5ea6
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:sasl
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..63f3a76
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::sasl
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/group b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/group
new file mode 100644
index 0000000..f4d05d0
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:sasl,utest1
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..567fc66
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::sasl,utest1
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..3fbfac2
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can add an user to a group with multipleusers (even admins according to gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user utest1 to group gtest1..."
+groupmems -a utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..ce188f9
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:sasl,tape
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..27eb919
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:tape:sasl,tape
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..6080f7c
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:sasl,tape,utest1
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..e6f9902
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:tape:sasl,tape,utest1
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..74c7420
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can add an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user utest1 to group gtest1..."
+groupmems -a utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config.txt b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..f1b2832
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1,sasl
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..567fc66
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::sasl,utest1
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/group b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/group
new file mode 100644
index 0000000..fbc5ea6
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:sasl
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..63f3a76
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::sasl
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..8c1576b
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can remove an user from a group with multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user utest1 from group gtest1..."
+groupmems -d utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..9c4e2c0
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:tape,utest1,sasl,staff
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..b5e0c75
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:tape:sasl,utest1,staff
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..2e57cf6
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:tape,sasl,staff
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..411f209
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:tape:sasl,staff
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..d340e3d
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can remove an user from a group with multiple users (even admins according to gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user utest1 from group gtest1..."
+groupmems -d utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config.txt b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/group b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/group
new file mode 100644
index 0000000..62aeba4
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/gshadow b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/gshadow
new file mode 100644
index 0000000..563a8ba
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::utest1
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/passwd b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/shadow b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/group b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/gshadow b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test b/tests/grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test
new file mode 100755
index 0000000..c8cf32d
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can purge all users from a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Purge group gtest1..."
+groupmems -p -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config.txt b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..8d6f75b
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1,dip,plugdev
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..ea0fc85
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::utest1,plugdev,tape
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/group b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..be32ef8
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can purge all users from a group (mutliple users)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Purge group gtest1..."
+groupmems -p -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..8d6f75b
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1,dip,plugdev
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..3677f64
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:plugdev,daemon,backup:utest1,plugdev,tape
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..623fd20
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can purge all users from a group (mulitple users and admins)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Purge group gtest1..."
+groupmems -p -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config.txt b/tests/grouptools/groupmems/12_groupmems_user_add_user/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/group b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/gshadow b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/passwd b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/shadow b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/data/group b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/data/gshadow b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/groupmems.test b/tests/grouptools/groupmems/12_groupmems_user_add_user/groupmems.test
new file mode 100755
index 0000000..fc9360b
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can add an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/run_groupmems.exp b/tests/grouptools/groupmems/12_groupmems_user_add_user/run_groupmems.exp
new file mode 100755
index 0000000..40552a8
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config.txt b/tests/grouptools/groupmems/13_groupmems_user_del_user/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/group b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/gshadow b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/passwd b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/shadow b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/data/group b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/data/gshadow b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/groupmems.test b/tests/grouptools/groupmems/13_groupmems_user_del_user/groupmems.test
new file mode 100755
index 0000000..6edd279
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can remove an user from a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/run_groupmems.exp b/tests/grouptools/groupmems/13_groupmems_user_del_user/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config.txt b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/group b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/gshadow b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/gshadow
new file mode 100644
index 0000000..7bc44c5
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:utest1:
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/passwd b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/shadow b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/group b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/gshadow b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test
new file mode 100755
index 0000000..38d0dcd
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can remove an user from a group (only member according to gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/run_groupmems.exp b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config.txt b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/group b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/gshadow b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/gshadow
new file mode 100644
index 0000000..c824f7b
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:utest1:utest1
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/passwd b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/shadow b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/group b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/gshadow b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test
new file mode 100755
index 0000000..9377a02
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can remove an user from a group (both gshadow members and admins)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/run_groupmems.exp b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config.txt b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..f1718b3
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..e4953ce
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::sasl
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/group b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/group
new file mode 100644
index 0000000..b79c5b0
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,utest1
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..b5681f7
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::sasl,utest1
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..39acbdb
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can add an user to a group with multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/run_groupmems.exp b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/run_groupmems.exp
new file mode 100755
index 0000000..40552a8
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..d28c3ef
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,tape
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..a8221cb
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:tape:sasl,tape
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..9ab6baf
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,tape,utest1
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..599f28b
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:tape:sasl,tape,utest1
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..c4073de
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can add an user to a group with muyltiple users (even gshadow admins)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/run_groupmems.exp b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/run_groupmems.exp
new file mode 100755
index 0000000..40552a8
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config.txt b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..dfa09d4
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,sasl
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..b5681f7
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::sasl,utest1
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/group b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/group
new file mode 100644
index 0000000..f1718b3
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..e4953ce
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::sasl
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..9bd46b6
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can remove an user from a group with multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/run_groupmems.exp b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..5ebdeca
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:tape,utest1,sasl,staff
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..934d2af
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:tape:sasl,utest1,staff
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..406d078
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:tape,sasl,staff
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..8fe2213
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:tape:sasl,staff
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..68ebb2f
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can remove an user from a group with multiple users (even gshadow admins)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/run_groupmems.exp b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config.txt b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/group b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/gshadow b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/passwd b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/shadow b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/group b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/gshadow b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test b/tests/grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test
new file mode 100755
index 0000000..2398841
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/run_groupmems.exp b/tests/grouptools/groupmems/20_groupmems_user_purge_user/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config.txt b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..d0009e5
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,dip,plugdev
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..dfce137
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,plugdev,tape
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/group b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..e63fc92
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users when multiple users were already in the group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/run_groupmems.exp b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..d0009e5
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,dip,plugdev
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..2f63428
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:plugdev,daemon,backup:utest1,plugdev,tape
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..bbcd7d6
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users when multiple users were already in the group (even gshadow admins)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/run_groupmems.exp b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config.txt b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/group b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/group
new file mode 100644
index 0000000..0b80d30
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/gshadow b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/gshadow
new file mode 100644
index 0000000..750ecea
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/passwd b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/shadow b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test
new file mode 100755
index 0000000..f287ade
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) fails for users not in the groups group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/run_groupmems.exp b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/run_groupmems.exp
new file mode 100755
index 0000000..5b5c780
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/run_groupmems.exp
@@ -0,0 +1,41 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "groupmems: Permission denied"
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "126\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config.txt b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/group b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/group
new file mode 100644
index 0000000..230ff8e
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
+gmyuser:x:424243:
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/gshadow b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/gshadow
new file mode 100644
index 0000000..cd86429
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
+gmyuser:x::
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/passwd b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/shadow b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test
new file mode 100755
index 0000000..3a78eff
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if a regular user tries to change (-a) another group with -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/run_groupmems.exp b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/run_groupmems.exp
new file mode 100755
index 0000000..fa6fa36
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1 -g gmyuser\r" ;#
+expect "groupmems: only root can use the -g/--group option"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "3\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config.txt b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/group b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/group
new file mode 100644
index 0000000..230ff8e
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
+gmyuser:x:424243:
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/gshadow b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/gshadow
new file mode 100644
index 0000000..cd86429
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
+gmyuser:x::
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/passwd b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/passwd
new file mode 100644
index 0000000..9e07aa1
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424243::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/shadow b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test
new file mode 100755
index 0000000..2a65f7b
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if the name of the user's primary group differ from the user's name"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/run_groupmems.exp b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/run_groupmems.exp
new file mode 100755
index 0000000..6ecad00
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424243(gmyuser) groups=424243(gmyuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424243(gmyuser) groups=424243(gmyuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "groupmems: your groupname does not match your username"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "5\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config.txt b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/group b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/gshadow b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/passwd b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/shadow b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test
new file mode 100755
index 0000000..d2b3383
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if the user is already a member of the group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/run_groupmems.exp b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/run_groupmems.exp
new file mode 100755
index 0000000..4187218
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: user 'utest1' is already a member of 'myuser'"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "7\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config.txt b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/group b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/gshadow b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/passwd b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/shadow b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test
new file mode 100755
index 0000000..1a5666a
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if the user is already a member of the group (even if it is not according to gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/run_groupmems.exp b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/run_groupmems.exp
new file mode 100755
index 0000000..4187218
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: user 'utest1' is already a member of 'myuser'"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "7\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config.txt b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/group b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/gshadow b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/passwd b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/shadow b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/data/group b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/data/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test
new file mode 100755
index 0000000..23b224a
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems adds the user if it does not exist in group (but exists in gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/run_groupmems.exp b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/run_groupmems.exp
new file mode 100755
index 0000000..259d82a
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/run_groupmems.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config.txt b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/group b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/gshadow b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/passwd b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/shadow b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test
new file mode 100755
index 0000000..201bb9a
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails when the user to be added does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/run_groupmems.exp b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/run_groupmems.exp
new file mode 100755
index 0000000..aea1ddc
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest2\r" ;#
+expect "groupmems: user 'utest2' does not exist"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "8\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config.txt b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/group b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..9ceded0
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,root,bin
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..46c2778
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/group b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/group
new file mode 100644
index 0000000..6249a8a
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,root,bin,utest1
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/gshadow b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/gshadow
new file mode 100644
index 0000000..3748fc5
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::sasl,root,bin,utest1
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test
new file mode 100755
index 0000000..783876a
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can add an user to a group, and creates the gshadow entry if it did not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/run_groupmems.exp b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/run_groupmems.exp
new file mode 100755
index 0000000..40552a8
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config.txt b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/group b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..9ceded0
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,root,bin
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..46c2778
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/data/group b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/data/group
new file mode 100644
index 0000000..6249a8a
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,root,bin,utest1
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test
new file mode 100755
index 0000000..31983b6
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can add an user to a group, even if the gshadow file does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/run_groupmems.exp b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/run_groupmems.exp
new file mode 100755
index 0000000..40552a8
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config.txt b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/group b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/group
new file mode 100644
index 0000000..248e7b7
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:bin,daemon
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/gshadow b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/gshadow
new file mode 100644
index 0000000..d2f4c7b
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:bin,daemon:
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/passwd b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/shadow b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test
new file mode 100755
index 0000000..243d830
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems -d fails if the user is not a member of the group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/run_groupmems.exp b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/run_groupmems.exp
new file mode 100755
index 0000000..a1bd34b
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: user 'utest1' is not a member of 'myuser'"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "6\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config.txt b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/group b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/group
new file mode 100644
index 0000000..2ef69bb
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:daemon,utest1,bin
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/gshadow b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..eefaca8
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:daemon:bin
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/passwd b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/shadow b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/data/group b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/data/group
new file mode 100644
index 0000000..d1fae98
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:daemon,bin
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test
new file mode 100755
index 0000000..b42c8f7
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems removes the user if it exists in group (but does not exist in gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/run_groupmems.exp b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/run_groupmems.exp
new file mode 100755
index 0000000..1b3dd1c
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/run_groupmems.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config.txt b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/group b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/group
new file mode 100644
index 0000000..0a4716b
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,utest2
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/gshadow b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/gshadow
new file mode 100644
index 0000000..0a1cb18
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:utest2:utest1
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/passwd b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/shadow b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/group b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/gshadow b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test
new file mode 100755
index 0000000..da1ebc5
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems accepts to remove the user if this user does not (no more) exist)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/run_groupmems.exp b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/run_groupmems.exp
new file mode 100755
index 0000000..d37095b
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/run_groupmems.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest2\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config.txt b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/group b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..0f4bff9
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:daemon,utest1,utest2,bin
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..46c2778
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/group b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/group
new file mode 100644
index 0000000..497eed7
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:daemon,utest2,bin
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/gshadow b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/gshadow
new file mode 100644
index 0000000..487ecb3
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::daemon,utest2,bin
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test
new file mode 100755
index 0000000..43f2e5d
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems -d will copy the group entry to gshadow if there were no entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/run_groupmems.exp b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config.txt b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/group b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/data/group b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test
new file mode 100755
index 0000000..22a83e5
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can remove an user from a group if there are no gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/run_groupmems.exp b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config.txt b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/group b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/gshadow b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/gshadow
new file mode 100644
index 0000000..288d6c3
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::<
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/passwd b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/shadow b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/data/gshadow b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test
new file mode 100755
index 0000000..d97b904
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users even if the group is empty"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/run_groupmems.exp b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config.txt b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/group b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..46c2778
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/group b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/gshadow b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test
new file mode 100755
index 0000000..f9d58f6
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users even if there are no gshadow group (and a gshadow group is created)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/run_groupmems.exp b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config.txt b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/group b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/data/group b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test
new file mode 100755
index 0000000..e6e8e9c
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users, even if there are no gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/run_groupmems.exp b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config.txt b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/group b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/group
new file mode 100644
index 0000000..230ff8e
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
+gmyuser:x:424243:
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/gshadow b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/gshadow
new file mode 100644
index 0000000..cd86429
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
+gmyuser:x::
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/passwd b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/shadow b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test
new file mode 100755
index 0000000..a2976d1
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if a regular user tries to change (-d) another group with -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/run_groupmems.exp b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/run_groupmems.exp
new file mode 100755
index 0000000..c471c2c
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1 -g gmyuser\r" ;#
+expect "groupmems: only root can use the -g/--group option"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "3\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config.txt b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/group b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/group
new file mode 100644
index 0000000..230ff8e
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
+gmyuser:x:424243:
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/gshadow b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/gshadow
new file mode 100644
index 0000000..cd86429
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
+gmyuser:x::
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/passwd b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/shadow b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test
new file mode 100755
index 0000000..f70f12a
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if a regular user tries to change (-p) another group with -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/run_groupmems.exp b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/run_groupmems.exp
new file mode 100755
index 0000000..5e263a3
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p -g gmyuser\r" ;#
+expect "groupmems: only root can use the -g/--group option"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "3\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config.txt b/tests/grouptools/groupmems/42_groupmems_user_list_users/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/group b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/group
new file mode 100644
index 0000000..bd6da4e
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/gshadow b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/gshadow
new file mode 100644
index 0000000..02b9401
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/passwd b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/shadow b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/groupmems.test b/tests/grouptools/groupmems/42_groupmems_user_list_users/groupmems.test
new file mode 100755
index 0000000..cb6bff4
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can list the users of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/run_groupmems.exp b/tests/grouptools/groupmems/42_groupmems_user_list_users/run_groupmems.exp
new file mode 100755
index 0000000..2b9b217
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -l\r" ;#
+expect -re "\nutest1 bin daemon \r"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config.txt b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/group b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/group
new file mode 100644
index 0000000..bd6da4e
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/gshadow b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/gshadow
new file mode 100644
index 0000000..74f0e82
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:nouser,root:
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/passwd b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/shadow b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test
new file mode 100755
index 0000000..9d2388b
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can list the users of a group, and gshadow is not taken into account"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/run_groupmems.exp b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/run_groupmems.exp
new file mode 100755
index 0000000..2b9b217
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -l\r" ;#
+expect -re "\nutest1 bin daemon \r"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config.txt b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/group b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/group
new file mode 100644
index 0000000..287981e
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/gshadow b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/gshadow
new file mode 100644
index 0000000..f9ba86a
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
+gtest1:*::
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/passwd b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/shadow b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test
new file mode 100755
index 0000000..33e4fc4
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can list the users of another group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/run_groupmems.exp b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/run_groupmems.exp
new file mode 100755
index 0000000..8bba8ba
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -l -g gtest1\r" ;#
+expect -re "\nutest1 bin utmp \r"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config.txt b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/group b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/group
new file mode 100644
index 0000000..bd6da4e
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/gshadow
new file mode 100644
index 0000000..02b9401
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/passwd b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/shadow b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test
new file mode 100755
index 0000000..58f09cd
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can list the users of a group, even if group is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/run_groupmems.exp
new file mode 100755
index 0000000..2b9b217
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -l\r" ;#
+expect -re "\nutest1 bin daemon \r"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config.txt b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/group
new file mode 100644
index 0000000..bd6da4e
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..02b9401
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test
new file mode 100755
index 0000000..a01a10e
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can list the users of a group, even if gshadow is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/run_groupmems.exp
new file mode 100755
index 0000000..2b9b217
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -l\r" ;#
+expect -re "\nutest1 bin daemon \r"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config.txt b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/group b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/passwd b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/shadow b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test
new file mode 100755
index 0000000..302b689
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-a) fails if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/run_groupmems.exp
new file mode 100755
index 0000000..0b10b00
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/group; try again later."
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config.txt b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test
new file mode 100755
index 0000000..38ac7a2
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-a) fails if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/run_groupmems.exp
new file mode 100755
index 0000000..123c573
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/gshadow; try again later."
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config.txt b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/group b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/passwd b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/shadow b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test
new file mode 100755
index 0000000..cfb8699
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-d) fails if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/run_groupmems.exp
new file mode 100755
index 0000000..267548c
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/group; try again later."
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config.txt b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test
new file mode 100755
index 0000000..c2b5626
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-d) fails if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/run_groupmems.exp
new file mode 100755
index 0000000..b32825a
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/gshadow; try again later."
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config.txt b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/group b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/passwd b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/shadow b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test
new file mode 100755
index 0000000..75272b3
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-p) fails if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/run_groupmems.exp
new file mode 100755
index 0000000..b7b7bb5
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/group; try again later."
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config.txt b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test
new file mode 100755
index 0000000..ecff63f
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-p) fails if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/run_groupmems.exp
new file mode 100755
index 0000000..56bb187
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r" ;#
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r" ;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/gshadow; try again later."
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config.txt b/tests/grouptools/groupmems/53_groupmems_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/group b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/gshadow b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/passwd b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/shadow b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/data/usage.out b/tests/grouptools/groupmems/53_groupmems_usage/data/usage.out
new file mode 100644
index 0000000..584313c
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/data/usage.out
@@ -0,0 +1,13 @@
+Usage: groupmems [options] [action]
+
+Options:
+ -g, --group groupname change groupname instead of the user's group
+ (root only)
+ -R, --root CHROOT_DIR directory to chroot into
+
+Actions:
+ -a, --add username add username to the members of the group
+ -d, --delete username remove username from the members of the group
+ -h, --help display this help message and exit
+ -p, --purge purge all members from the group
+ -l, --list list the members of the group
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/groupmems.test b/tests/grouptools/groupmems/53_groupmems_usage/groupmems.test
new file mode 100755
index 0000000..7b3784a
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/groupmems.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get groupmems usage (groupmems -h)..."
+groupmems -h >tmp/usage.out
+
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config.txt b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/group b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/gshadow b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/login.defs b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/passwd b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/shadow b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/data/groupmems.err b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/data/groupmems.err
new file mode 100644
index 0000000..a6ac1f6
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/data/groupmems.err
@@ -0,0 +1,14 @@
+groupmems: invalid option -- 'Z'
+Usage: groupmems [options] [action]
+
+Options:
+ -g, --group groupname change groupname instead of the user's group
+ (root only)
+ -R, --root CHROOT_DIR directory to chroot into
+
+Actions:
+ -a, --add username add username to the members of the group
+ -d, --delete username remove username from the members of the group
+ -h, --help display this help message and exit
+ -p, --purge purge all members from the group
+ -l, --list list the members of the group
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test
new file mode 100755
index 0000000..d0e1fa7
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems reports usage when called with an invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupmems with an invalid option (groupmems -Z bar -g 1000 foo)..."
+groupmems -Z bar -g 1000 -a foo 2>tmp/groupmems.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/groupmems.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmems.err tmp/groupmems.err
+echo "error message OK."
+rm -f tmp/groupmems.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config.txt b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/group b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/gshadow b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/login.defs b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/passwd b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/shadow b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/data/groupmems.err b/tests/grouptools/groupmems/55_groupmems_usage-a-d/data/groupmems.err
new file mode 100644
index 0000000..584313c
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/data/groupmems.err
@@ -0,0 +1,13 @@
+Usage: groupmems [options] [action]
+
+Options:
+ -g, --group groupname change groupname instead of the user's group
+ (root only)
+ -R, --root CHROOT_DIR directory to chroot into
+
+Actions:
+ -a, --add username add username to the members of the group
+ -d, --delete username remove username from the members of the group
+ -h, --help display this help message and exit
+ -p, --purge purge all members from the group
+ -l, --list list the members of the group
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test b/tests/grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test
new file mode 100755
index 0000000..679361f
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems reports usage if the -a and -d options are used atthe same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupmems with the -a and -d options (groupmems -a root -d nobody -g foo)..."
+groupmems -a root -d nobody -g foo 2>tmp/groupmems.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/groupmems.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmems.err tmp/groupmems.err
+echo "error message OK."
+rm -f tmp/groupmems.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config.txt b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/group b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/gshadow b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/login.defs b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/passwd b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/shadow b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/data/groupmems.err b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/data/groupmems.err
new file mode 100644
index 0000000..584313c
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/data/groupmems.err
@@ -0,0 +1,13 @@
+Usage: groupmems [options] [action]
+
+Options:
+ -g, --group groupname change groupname instead of the user's group
+ (root only)
+ -R, --root CHROOT_DIR directory to chroot into
+
+Actions:
+ -a, --add username add username to the members of the group
+ -d, --delete username remove username from the members of the group
+ -h, --help display this help message and exit
+ -p, --purge purge all members from the group
+ -l, --list list the members of the group
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test
new file mode 100755
index 0000000..bdd0632
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems reports usage if extra arguments are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupmems with an extra argument (groupmems -a root -g foo foo)..."
+groupmems -a root -g foo foo 2>tmp/groupmems.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/groupmems.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmems.err tmp/groupmems.err
+echo "error message OK."
+rm -f tmp/groupmems.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config.txt b/tests/grouptools/groupmems/57_groupmems_authentication/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/group b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/group
new file mode 100644
index 0000000..287981e
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/gshadow b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/gshadow
new file mode 100644
index 0000000..f9ba86a
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
+gtest1:*::
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-account b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-account
new file mode 100644
index 0000000..316b173
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-account
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system. The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
+# here's the fallback if no module succeeds
+account requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-auth b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-auth
new file mode 100644
index 0000000..5facfa2
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-auth
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth [success=1 default=ignore] pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/groupmems
new file mode 100644
index 0000000..2b65f34
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/groupmems
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'groupmod' service
+#
+
+# This allows root to modify groups without being prompted for a password
+auth sufficient pam_rootok.so
+
+@include common-auth
+@include common-account
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/passwd b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/shadow b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/data/group b/tests/grouptools/groupmems/57_groupmems_authentication/data/group
new file mode 100644
index 0000000..7214940
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/data/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon,nobody
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/data/gshadow b/tests/grouptools/groupmems/57_groupmems_authentication/data/gshadow
new file mode 100644
index 0000000..b79987c
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/data/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon,nobody
+gtest1:*::
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/groupmems.test b/tests/grouptools/groupmems/57_groupmems_authentication/groupmems.test
new file mode 100755
index 0000000..4abad1b
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) authenticate the caller"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/run_groupmems.exp b/tests/grouptools/groupmems/57_groupmems_authentication/run_groupmems.exp
new file mode 100755
index 0000000..1cb9847
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/run_groupmems.exp
@@ -0,0 +1,43 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a nobody\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config.txt b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/group b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/group
new file mode 100644
index 0000000..287981e
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/gshadow b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/gshadow
new file mode 100644
index 0000000..f9ba86a
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
+gtest1:*::
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-account b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-account
new file mode 100644
index 0000000..316b173
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-account
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system. The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
+# here's the fallback if no module succeeds
+account requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-auth b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-auth
new file mode 100644
index 0000000..5facfa2
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-auth
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth [success=1 default=ignore] pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/groupmems
new file mode 100644
index 0000000..2b65f34
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/groupmems
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'groupmod' service
+#
+
+# This allows root to modify groups without being prompted for a password
+auth sufficient pam_rootok.so
+
+@include common-auth
+@include common-account
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/passwd b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/shadow b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test
new file mode 100755
index 0000000..bf741c9
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) authenticates the caller"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/run_groupmems.exp b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/run_groupmems.exp
new file mode 100755
index 0000000..1a14059
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/run_groupmems.exp
@@ -0,0 +1,44 @@
+#!/usr/bin/expect
+
+set timeout 3
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a nobody\r"
+expect "Password: "
+send "!myuserF00barbaz\r"
+expect -re "groupmems: PAM: Authentication failure\r"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "1\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config.txt b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/group b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/group
new file mode 100644
index 0000000..287981e
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/gshadow b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/gshadow
new file mode 100644
index 0000000..f9ba86a
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
+gtest1:*::
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-account b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-account
new file mode 100644
index 0000000..c175a14
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-account
@@ -0,0 +1 @@
+account requisite pam_deny.so
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-auth b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-auth
new file mode 100644
index 0000000..5facfa2
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-auth
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth [success=1 default=ignore] pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/groupmems
new file mode 100644
index 0000000..2b65f34
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/groupmems
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'groupmod' service
+#
+
+# This allows root to modify groups without being prompted for a password
+auth sufficient pam_rootok.so
+
+@include common-auth
+@include common-account
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/passwd b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/shadow b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test
new file mode 100755
index 0000000..bf741c9
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) authenticates the caller"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/run_groupmems.exp b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/run_groupmems.exp
new file mode 100755
index 0000000..80ad09d
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/run_groupmems.exp
@@ -0,0 +1,44 @@
+#!/usr/bin/expect
+
+set timeout 3
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a nobody\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect -re "groupmems: PAM: Authentication failure\r"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "1\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config.txt b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/group b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/group
new file mode 100644
index 0000000..287981e
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/gshadow b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/gshadow
new file mode 100644
index 0000000..f9ba86a
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
+gtest1:*::
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/groupmems
new file mode 100644
index 0000000..9152969
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/groupmems
@@ -0,0 +1 @@
+This file will be removed
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/other b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/other
new file mode 100644
index 0000000..9152969
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/other
@@ -0,0 +1 @@
+This file will be removed
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/passwd b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/shadow b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test
new file mode 100755
index 0000000..fb5129d
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) authenticates the caller"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove PAM configuration (/etc/pam.d/other /etc/pam.d/groupmems)..."
+rm -f /etc/pam.d/other /etc/pam.d/groupmems
+echo "OK"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/run_groupmems.exp b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/run_groupmems.exp
new file mode 100755
index 0000000..0c4c479
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 3
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+ puts "usage: run_groupmems.exp"
+ exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a nobody\r"
+expect -re "groupmems: PAM: Critical error . immediate abort"
+
+expect "$ " ;# Wait for the prompt
+send "echo $?\r"
+expect "1\r"
+expect "$ " ;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config.txt b/tests/grouptools/groupmod/01_groupmod_change_gid/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/default/useradd b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/group b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/gshadow b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/login.defs b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/passwd b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/shadow b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/data/group b/tests/grouptools/groupmod/01_groupmod_change_gid/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/groupmod.test b/tests/grouptools/groupmod/01_groupmod_change_gid/groupmod.test
new file mode 100755
index 0000000..5c32e0b
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config.txt b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/default/useradd b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/group b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/gshadow b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/login.defs b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/passwd b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/shadow b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/group b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/passwd b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/passwd
new file mode 100644
index 0000000..9fd396a
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:::/bin/false
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test
new file mode 100755
index 0000000..f92fc52
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod changes the primary group of users when it changes the GID of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config.txt b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/data/group b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test
new file mode 100755
index 0000000..4b327c5
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID of a group (no gshadow group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config.txt b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/group b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/data/group b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test
new file mode 100755
index 0000000..6ba1e5e
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config.txt b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config.txt
new file mode 100644
index 0000000..872618a
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config.txt
@@ -0,0 +1,2 @@
+group foo, GID 1000
+group bar, GID 1001
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/default/useradd b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/group b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/gshadow b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/login.defs b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/passwd b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/shadow b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/data/group b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/data/group
new file mode 100644
index 0000000..2c24807
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
+bar:x:1001:
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test
new file mode 100755
index 0000000..51f92a7
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID of a group to an already used GID, with -o"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 -o foo)..."
+groupmod -g 1001 -o foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config.txt b/tests/grouptools/groupmod/06_groupmod_change_group_name/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/default/useradd b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/group b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/gshadow b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/login.defs b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/passwd b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/shadow b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/data/group b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/data/gshadow b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/groupmod.test b/tests/grouptools/groupmod/06_groupmod_change_group_name/groupmod.test
new file mode 100755
index 0000000..cb567a8
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+groupmod -n bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config.txt b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/data/group b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test
new file mode 100755
index 0000000..65391ba
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group (no gshadow group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+groupmod -n bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config.txt b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/group b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/data/group b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test
new file mode 100755
index 0000000..dee0d5b
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+groupmod -n bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config.txt b/tests/grouptools/groupmod/09_groupmod_set_password/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/default/useradd b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/group b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/gshadow b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/login.defs b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/passwd b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/shadow b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/data/gshadow b/tests/grouptools/groupmod/09_groupmod_set_password/data/gshadow
new file mode 100644
index 0000000..601bd46
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:foopassw::
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/groupmod.test b/tests/grouptools/groupmod/09_groupmod_set_password/groupmod.test
new file mode 100755
index 0000000..dd2b400
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config.txt b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/data/gshadow b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/data/gshadow
new file mode 100644
index 0000000..601bd46
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:foopassw::
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test
new file mode 100755
index 0000000..01a7d46
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config.txt b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/group b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..7c2b4e8
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:oldpass:1000:
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/data/group b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/data/group
new file mode 100644
index 0000000..fafb2ea
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:foopassw:1000:
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test
new file mode 100755
index 0000000..44597ad
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config.txt b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/default/useradd b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/group b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/gshadow b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/login.defs b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/passwd b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/shadow b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/data/groupmod.err b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/data/groupmod.err
new file mode 100644
index 0000000..35720f8
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: group 'bar' does not exist
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test
new file mode 100755
index 0000000..4c7f477
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the group exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of bar to 1001 (groupmod -g 1001 bar)..."
+groupmod -g 1001 bar 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config.txt b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config.txt
new file mode 100644
index 0000000..872618a
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config.txt
@@ -0,0 +1,2 @@
+group foo, GID 1000
+group bar, GID 1001
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/default/useradd b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/group b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/gshadow b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/login.defs b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/passwd b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/shadow b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/data/groupmod.err b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/data/groupmod.err
new file mode 100644
index 0000000..796f655
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: GID '1001' already exists
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test
new file mode 100755
index 0000000..9ce5bfe
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the new GID is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config.txt b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config.txt
new file mode 100644
index 0000000..872618a
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config.txt
@@ -0,0 +1,2 @@
+group foo, GID 1000
+group bar, GID 1001
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/default/useradd b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/group b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/gshadow b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/login.defs b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/passwd b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/shadow b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/data/groupmod.err b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/data/groupmod.err
new file mode 100644
index 0000000..97ea6f6
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: group 'bar' already exists
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test
new file mode 100755
index 0000000..1245a9d
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the new group name is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod --new-name bar foo)..."
+groupmod --new-name bar foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config.txt b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config.txt
new file mode 100644
index 0000000..872618a
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config.txt
@@ -0,0 +1,2 @@
+group foo, GID 1000
+group bar, GID 1001
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/default/useradd b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/group b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/gshadow b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/login.defs b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/passwd b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/shadow b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/data/groupmod.err b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/data/groupmod.err
new file mode 100644
index 0000000..1a0e537
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: invalid group name 'to:to'
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test
new file mode 100755
index 0000000..f326d1d
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the new group name is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to to:to (groupmod --new-name to:to foo)..."
+groupmod --new-name to:to foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config.txt b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/default/useradd b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/group b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/gshadow b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/login.defs b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/passwd b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/shadow b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test
new file mode 100755
index 0000000..f9a3519
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can rename a group to its name"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to foo (groupmod -n foo foo)..."
+groupmod -n foo foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config.txt b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/default/useradd b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/group b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/gshadow b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/login.defs b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/passwd b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/shadow b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/data/groupmod.err b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/data/groupmod.err
new file mode 100644
index 0000000..e399ec7
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/data/groupmod.err
@@ -0,0 +1,2 @@
+groupmod: existing lock file /etc/group.lock without a PID
+groupmod: cannot lock /etc/group; try again later.
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test
new file mode 100755
index 0000000..21a0a1b
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config.txt b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/default/useradd b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/group b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/login.defs b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/passwd b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/shadow b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/data/group b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test
new file mode 100755
index 0000000..60b4c4f
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the gshadow file is locked only if gshadow is changed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Delete lock file for /etc/gshadow..."
+rm -f /etc/gshadow.lock
+echo "done"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config.txt b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/default/useradd b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/group b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/gshadow b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/login.defs b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/passwd b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/shadow b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/data/groupmod.err b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/data/groupmod.err
new file mode 100644
index 0000000..c8745ef
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: invalid group ID '1001a'
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test
new file mode 100755
index 0000000..d3ae0a1
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the specified GID is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of bar to 1001a (groupmod -g 1001a bar)..."
+groupmod -g 1001a bar 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config.txt b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/default/useradd b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/group b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/gshadow b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/login.defs b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/passwd b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/shadow b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/data/groupmod.err b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/data/groupmod.err
new file mode 100644
index 0000000..824372f
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: invalid group ID '-1001'
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test
new file mode 100755
index 0000000..cc583b9
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the specified GID is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of bar to -1001 (groupmod -g -1001 bar)..."
+groupmod -g -1001 bar 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config.txt b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/default/useradd b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/group b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/gshadow b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/login.defs b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/passwd b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/shadow b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/data/groupmod.err b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/data/groupmod.err
new file mode 100644
index 0000000..c9b28d7
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/data/groupmod.err
@@ -0,0 +1,11 @@
+Usage: groupmod [options] GROUP
+
+Options:
+ -g, --gid GID change the group ID to GID
+ -h, --help display this help message and exit
+ -n, --new-name NEW_GROUP change the name to NEW_GROUP
+ -o, --non-unique allow to use a duplicate (non-unique) GID
+ -p, --password PASSWORD change the password to this (encrypted)
+ PASSWORD
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test
new file mode 100755
index 0000000..bcfbb64
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks a group parameter was given"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change GID to 1001 (groupmod -g 1001)..."
+groupmod -g 1001 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/group b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/gshadow b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/login.defs b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/passwd b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/shadow b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/group b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/gshadow b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/gshadow
new file mode 100644
index 0000000..08d25a2
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo2:*::
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test
new file mode 100755
index 0000000..612ac24
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID of a group and the group's name"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID and name of foo to 1001/foo2 (groupmod -g 1001 -n foo2 foo)..."
+groupmod -g 1001 -n foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/group b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/gshadow b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/login.defs b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/passwd b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/shadow b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/group b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/group
new file mode 100644
index 0000000..e898b8d
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo3:x:1001:
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/gshadow b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/gshadow
new file mode 100644
index 0000000..3c65dec
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo3:toto::
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/passwd b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/passwd
new file mode 100644
index 0000000..9fd396a
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:::/bin/false
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test
new file mode 100755
index 0000000..5f1c0f8
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID, the name, and the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID, name and password of foo (groupmod -n foo3 -g 1001 -p toto foo)..."
+groupmod -n foo3 -g 1001 -p toto foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/group b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/login.defs b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/passwd b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/shadow b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/data/groupmod.err b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/data/groupmod.err
new file mode 100644
index 0000000..3b3400f
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/data/groupmod.err
@@ -0,0 +1,2 @@
+groupmod: existing lock file /etc/gshadow.lock without a PID
+groupmod: cannot lock /etc/gshadow; try again later.
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test
new file mode 100755
index 0000000..a07c6a1
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change GID and name of foo to 1001 (groupmod -g 1001 -n bar foo)..."
+groupmod -g 1001 -n bar foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/group b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/gshadow b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/login.defs b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/passwd b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/shadow b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/data/groupmod.err b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/data/groupmod.err
new file mode 100644
index 0000000..5d391a0
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/data/groupmod.err
@@ -0,0 +1,2 @@
+groupmod: existing lock file /etc/passwd.lock without a PID
+groupmod: cannot lock /etc/passwd; try again later.
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test
new file mode 100755
index 0000000..b56d14c
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/group b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/gshadow b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/login.defs b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/passwd b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/shadow b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/group b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/gshadow b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test
new file mode 100755
index 0000000..d0831fd
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the passwd file is locked only if passwd is changed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Change name of foo to bar (groupmod -n bar foo)..."
+groupmod -n bar foo
+echo "OK"
+
+echo -n "Delete lock file for /etc/gshadow..."
+rm -f /etc/passwd.lock
+echo "done"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config.txt b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/default/useradd b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/group b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/gshadow b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/login.defs b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/passwd b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/shadow b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/data/groupmod.err b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/data/groupmod.err
new file mode 100644
index 0000000..70d741a
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: invalid group ID '4294967295'
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test
new file mode 100755
index 0000000..6dc895f
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the specified GID is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of bar to 4294967295 (groupmod -g 4294967295 bar)..."
+groupmod -g 4294967295 bar 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config.txt b/tests/grouptools/groupmod/28_groupmod_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/default/useradd b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/group b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/gshadow b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/passwd b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/shadow b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/data/usage.out b/tests/grouptools/groupmod/28_groupmod_usage/data/usage.out
new file mode 100644
index 0000000..c9b28d7
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/data/usage.out
@@ -0,0 +1,11 @@
+Usage: groupmod [options] GROUP
+
+Options:
+ -g, --gid GID change the group ID to GID
+ -h, --help display this help message and exit
+ -n, --new-name NEW_GROUP change the name to NEW_GROUP
+ -o, --non-unique allow to use a duplicate (non-unique) GID
+ -p, --password PASSWORD change the password to this (encrypted)
+ PASSWORD
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/groupmod.test b/tests/grouptools/groupmod/28_groupmod_usage/groupmod.test
new file mode 100755
index 0000000..29fe545
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/groupmod.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get groupmod usage (groupmod -h)..."
+groupmod -h >tmp/usage.out
+
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config.txt b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/default/useradd b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/group b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/gshadow b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/login.defs b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/passwd b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/shadow b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/group b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/gshadow b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test
new file mode 100755
index 0000000..f899420
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group and keep the same gid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar and keep the same gid (groupmod -n bar -g 1000 foo)..."
+groupmod -n bar -g 1000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config.txt b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/default/useradd b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/group b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/gshadow b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/login.defs b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/passwd b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/shadow b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test
new file mode 100755
index 0000000..976476c
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can keep the name and gid for a group and does not complain"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar and keep the same gid (groupmod -n foo -g 1000 foo)..."
+groupmod -n foo -g 1000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config.txt b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/default/useradd b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/group b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/gshadow b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/login.defs b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/passwd b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/shadow b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test
new file mode 100755
index 0000000..95262ef
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod keeps the same gid and does not complain if there are no other changes"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Keep the same gid and no other changes (groupmod -g 1000 foo)..."
+groupmod -g 1000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config.txt b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/default/useradd b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/group b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/gshadow b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/passwd b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/shadow b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/data/groupmod.err b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/data/groupmod.err
new file mode 100644
index 0000000..c9b28d7
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/data/groupmod.err
@@ -0,0 +1,11 @@
+Usage: groupmod [options] GROUP
+
+Options:
+ -g, --gid GID change the group ID to GID
+ -h, --help display this help message and exit
+ -n, --new-name NEW_GROUP change the name to NEW_GROUP
+ -o, --non-unique allow to use a duplicate (non-unique) GID
+ -p, --password PASSWORD change the password to this (encrypted)
+ PASSWORD
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test
new file mode 100755
index 0000000..13d13ee
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod -o requires -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "groupmod -o -n bar foo..."
+groupmod -o -n bar foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config.txt b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/default/useradd b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/group b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/gshadow b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/login.defs b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/passwd b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/shadow b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/data/group b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/data/group
new file mode 100644
index 0000000..fafb2ea
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:foopassw:1000:
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test
new file mode 100755
index 0000000..44597ad
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config.txt b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/default/useradd b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/group b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/group
new file mode 100644
index 0000000..7c2b4e8
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:oldpass:1000:
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/gshadow b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/login.defs b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/passwd b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/shadow b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/group b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/group
new file mode 100644
index 0000000..fafb2ea
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:foopassw:1000:
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/gshadow b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/gshadow
new file mode 100644
index 0000000..601bd46
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:foopassw::
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test
new file mode 100755
index 0000000..a765f4d
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change password of foo (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config.txt b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..7c2b4e8
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:oldpass:1000:
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/data/group b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/data/group
new file mode 100644
index 0000000..fafb2ea
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:foopassw:1000:
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test
new file mode 100755
index 0000000..1e2303c
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change password of foo (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config.txt b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/data/gshadow b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/data/gshadow
new file mode 100644
index 0000000..601bd46
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:foopassw::
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test
new file mode 100755
index 0000000..c2a0b6b
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change password of foo (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config.txt b/tests/grouptools/groupmod/37_groupmod_invalid_option/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/group b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/gshadow b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/login.defs b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/passwd b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/shadow b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/data/groupmod.err b/tests/grouptools/groupmod/37_groupmod_invalid_option/data/groupmod.err
new file mode 100644
index 0000000..6bec2e0
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/data/groupmod.err
@@ -0,0 +1,12 @@
+groupmod: invalid option -- 'Z'
+Usage: groupmod [options] GROUP
+
+Options:
+ -g, --gid GID change the group ID to GID
+ -h, --help display this help message and exit
+ -n, --new-name NEW_GROUP change the name to NEW_GROUP
+ -o, --non-unique allow to use a duplicate (non-unique) GID
+ -p, --password PASSWORD change the password to this (encrypted)
+ PASSWORD
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/groupmod.test b/tests/grouptools/groupmod/37_groupmod_invalid_option/groupmod.test
new file mode 100755
index 0000000..23c394f
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod reports usage when called with an invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupmod with an invalid option (groupmod -Z bar -g 1000 foo)..."
+groupmod -Z bar -g 1000 foo 2>tmp/groupmod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/01_faillog_no_faillog/config.txt b/tests/log/faillog/01_faillog_no_faillog/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/group b/tests/log/faillog/01_faillog_no_faillog/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/gshadow b/tests/log/faillog/01_faillog_no_faillog/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/passwd b/tests/log/faillog/01_faillog_no_faillog/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/shadow b/tests/log/faillog/01_faillog_no_faillog/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/01_faillog_no_faillog/data/faillog.err b/tests/log/faillog/01_faillog_no_faillog/data/faillog.err
new file mode 100644
index 0000000..501b7cd
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/data/faillog.err
@@ -0,0 +1 @@
+faillog: Cannot open /var/log/faillog: No such file or directory
diff --git a/tests/log/faillog/01_faillog_no_faillog/faillog.test b/tests/log/faillog/01_faillog_no_faillog/faillog.test
new file mode 100755
index 0000000..716bbf1
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/faillog.test
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog detects missing /var/log/faillog and does not create it"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/faillog' 0
+
+change_config
+
+echo -n "Remove /var/log/faillog (it will not be restored)..."
+rm -f /var/log/faillog
+echo "OK"
+
+echo -n "Execute faillog (faillog)..."
+faillog 2>tmp/faillog.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "usage message OK."
+rm -f tmp/faillog.err
+
+echo -n "Check that the /var/log/faillog file was not created"...
+test ! -f /var/log/faillog
+echo "OK"
+
+touch /var/log/faillog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/02_faillog_usage/config.txt b/tests/log/faillog/02_faillog_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/02_faillog_usage/config/etc/group b/tests/log/faillog/02_faillog_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/02_faillog_usage/config/etc/gshadow b/tests/log/faillog/02_faillog_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/02_faillog_usage/config/etc/passwd b/tests/log/faillog/02_faillog_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/02_faillog_usage/config/etc/shadow b/tests/log/faillog/02_faillog_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/02_faillog_usage/data/usage.out b/tests/log/faillog/02_faillog_usage/data/usage.out
new file mode 100644
index 0000000..d5d2839
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/data/usage.out
@@ -0,0 +1,14 @@
+Usage: faillog [options]
+
+Options:
+ -a, --all display faillog records for all users
+ -h, --help display this help message and exit
+ -l, --lock-secs SEC after failed login lock account for SEC seconds
+ -m, --maximum MAX set maximum failed login counters to MAX
+ -r, --reset reset the counters of login failures
+ -R, --root CHROOT_DIR directory to chroot into
+ -t, --time DAYS display faillog records more recent than DAYS
+ -u, --user LOGIN/RANGE display faillog record or maintains failure
+ counters and limits (if used with -r, -m,
+ or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/02_faillog_usage/faillog.test b/tests/log/faillog/02_faillog_usage/faillog.test
new file mode 100755
index 0000000..b9a0b9c
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/faillog.test
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get faillog usage (faillog -h)..."
+faillog -h >tmp/usage.out
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/03_faillog_format/config.txt b/tests/log/faillog/03_faillog_format/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/03_faillog_format/config/etc/group b/tests/log/faillog/03_faillog_format/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/03_faillog_format/config/etc/gshadow b/tests/log/faillog/03_faillog_format/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/03_faillog_format/config/etc/pam.d/login b/tests/log/faillog/03_faillog_format/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/03_faillog_format/config/etc/passwd b/tests/log/faillog/03_faillog_format/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/log/faillog/03_faillog_format/config/etc/shadow b/tests/log/faillog/03_faillog_format/config/etc/shadow
new file mode 100644
index 0000000..3b8a1ed
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:pass:12977:0:99999:7:::
diff --git a/tests/log/faillog/03_faillog_format/data/faillog.out b/tests/log/faillog/03_faillog_format/data/faillog.out
new file mode 100644
index 0000000..5855881
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/data/faillog.out
@@ -0,0 +1,2 @@
+Login Failures Maximum Latest On
+
diff --git a/tests/log/faillog/03_faillog_format/data/lastlog.out b/tests/log/faillog/03_faillog_format/data/lastlog.out
new file mode 100644
index 0000000..280e1ab
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/data/lastlog.out
@@ -0,0 +1,20 @@
+Username Port From Latest
+root **Never logged in**
+daemon **Never logged in**
+bin **Never logged in**
+sys **Never logged in**
+sync **Never logged in**
+games **Never logged in**
+man **Never logged in**
+lp **Never logged in**
+mail **Never logged in**
+news **Never logged in**
+uucp **Never logged in**
+proxy **Never logged in**
+www-data **Never logged in**
+backup **Never logged in**
+list **Never logged in**
+irc **Never logged in**
+gnats **Never logged in**
+nobody **Never logged in**
+Debian-exim **Never logged in**
diff --git a/tests/log/faillog/03_faillog_format/faillog.test b/tests/log/faillog/03_faillog_format/faillog.test
new file mode 100755
index 0000000..489776e
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+cp data/faillog.out tmp/faillog.out1
+cp data/faillog.out tmp/faillog.out2
+TTY=$(ls /dev/pts | sort -n|tail -1)
+TTY=$((TTY+1))
+
+DATE=$(LC_ALL=C date +"%D %H:%M:%S %z")
+# pam_tally do not report the line of failure ?
+printf "%-9s %5d %5d %s %s\n" foo 1 0 "$DATE" "">> tmp/faillog.out1
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+DATE=$(LC_ALL=C date +"%D %H:%M:%S %z")
+# pam_tally do not report the line of failure ?
+printf "%-9s %5d %5d %s %s\n" foo 1 0 "$DATE" "">> tmp/faillog.out2
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the faillog message..."
+diff -au tmp/faillog.out tmp/faillog.out1 || diff -au tmp/faillog.out tmp/faillog.out2
+echo "faillog message OK."
+rm -f tmp/faillog.out tmp/faillog.out1 tmp/faillog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/03_faillog_format/login.exp b/tests/log/faillog/03_faillog_format/login.exp
new file mode 100755
index 0000000..bb91e57
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/login.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login foo\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/04_faillog_mulitple/config.txt b/tests/log/faillog/04_faillog_mulitple/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/group b/tests/log/faillog/04_faillog_mulitple/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/gshadow b/tests/log/faillog/04_faillog_mulitple/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/pam.d/login b/tests/log/faillog/04_faillog_mulitple/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/passwd b/tests/log/faillog/04_faillog_mulitple/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/shadow b/tests/log/faillog/04_faillog_mulitple/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/04_faillog_mulitple/data/faillog.list b/tests/log/faillog/04_faillog_mulitple/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 0
+baz 1 0
diff --git a/tests/log/faillog/04_faillog_mulitple/faillog.test b/tests/log/faillog/04_faillog_mulitple/faillog.test
new file mode 100755
index 0000000..2184ee8
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/faillog.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/04_faillog_mulitple/login.exp b/tests/log/faillog/04_faillog_mulitple/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/05_faillog-u_ID/config.txt b/tests/log/faillog/05_faillog-u_ID/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/group b/tests/log/faillog/05_faillog-u_ID/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/gshadow b/tests/log/faillog/05_faillog-u_ID/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/passwd b/tests/log/faillog/05_faillog-u_ID/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/shadow b/tests/log/faillog/05_faillog-u_ID/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/05_faillog-u_ID/data/faillog.list b/tests/log/faillog/05_faillog-u_ID/data/faillog.list
new file mode 100644
index 0000000..3a1241d
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/data/faillog.list
@@ -0,0 +1,3 @@
+Login Failures Maximum
+
+bar 0 0
diff --git a/tests/log/faillog/05_faillog-u_ID/faillog.test b/tests/log/faillog/05_faillog-u_ID/faillog.test
new file mode 100755
index 0000000..42382d0
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/faillog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u 1001..."
+faillog -u 1001> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/06_faillog-u_name/config.txt b/tests/log/faillog/06_faillog-u_name/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/group b/tests/log/faillog/06_faillog-u_name/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/gshadow b/tests/log/faillog/06_faillog-u_name/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/passwd b/tests/log/faillog/06_faillog-u_name/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/shadow b/tests/log/faillog/06_faillog-u_name/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/06_faillog-u_name/data/faillog.list b/tests/log/faillog/06_faillog-u_name/data/faillog.list
new file mode 100644
index 0000000..a635b62
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/data/faillog.list
@@ -0,0 +1,3 @@
+Login
+
+baz
diff --git a/tests/log/faillog/06_faillog-u_name/faillog.test b/tests/log/faillog/06_faillog-u_name/faillog.test
new file mode 100755
index 0000000..1061e20
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/faillog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u baz..."
+faillog -u baz> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/faillog.out | cut -d" " -f1 > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config.txt b/tests/log/faillog/07_faillog-u_ID_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/group b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/gshadow b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/passwd b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/shadow b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/data/faillog.list b/tests/log/faillog/07_faillog-u_ID_invalid/data/faillog.list
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/data/faillog.list
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/faillog.test b/tests/log/faillog/07_faillog-u_ID_invalid/faillog.test
new file mode 100755
index 0000000..7f8bd7b
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u 1003..."
+faillog -u 1003> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+diff -au data/faillog.list tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config.txt b/tests/log/faillog/08_faillog-u_name_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/group b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/gshadow b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/passwd b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/shadow b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/data/faillog.err b/tests/log/faillog/08_faillog-u_name_invalid/data/faillog.err
new file mode 100644
index 0000000..402e2c6
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/data/faillog.err
@@ -0,0 +1 @@
+faillog: Unknown user or range: me
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/faillog.test b/tests/log/faillog/08_faillog-u_name_invalid/faillog.test
new file mode 100755
index 0000000..8b2348c
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u me..."
+faillog -u me 2>tmp/faillog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/09_faillog-u_range/config.txt b/tests/log/faillog/09_faillog-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/group b/tests/log/faillog/09_faillog-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/gshadow b/tests/log/faillog/09_faillog-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/pam.d/login b/tests/log/faillog/09_faillog-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/passwd b/tests/log/faillog/09_faillog-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/shadow b/tests/log/faillog/09_faillog-u_range/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/09_faillog-u_range/data/faillog.list b/tests/log/faillog/09_faillog-u_range/data/faillog.list
new file mode 100644
index 0000000..c4984b9
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/data/faillog.list
@@ -0,0 +1,4 @@
+Login Failures Maximum
+
+irc 1 0
+foo 1 0
diff --git a/tests/log/faillog/09_faillog-u_range/faillog.test b/tests/log/faillog/09_faillog-u_range/faillog.test
new file mode 100755
index 0000000..53ef9f6
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/faillog.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Trigger a connection as irc..."
+./login.exp irc
+echo "OK"
+
+echo -n "faillog -u 38-1001..."
+faillog -u 38-1001> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/09_faillog-u_range/login.exp b/tests/log/faillog/09_faillog-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/10_faillog-u_open_range/config.txt b/tests/log/faillog/10_faillog-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/group b/tests/log/faillog/10_faillog-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/gshadow b/tests/log/faillog/10_faillog-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/passwd b/tests/log/faillog/10_faillog-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/shadow b/tests/log/faillog/10_faillog-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/10_faillog-u_open_range/data/faillog.list b/tests/log/faillog/10_faillog-u_open_range/data/faillog.list
new file mode 100644
index 0000000..a6afb8c
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/data/faillog.list
@@ -0,0 +1,22 @@
+Login Failures Maximum
+
+root 0 0
+daemon 0 0
+bin 0 0
+bar 0 0
+sys 0 0
+sync 0 0
+games 0 0
+man 0 0
+lp 0 0
+mail 0 0
+news 0 0
+uucp 0 0
+proxy 0 0
+www-data 0 0
+backup 0 0
+list 0 0
+irc 0 0
+gnats 0 0
+Debian-exim 0 0
+foo 0 0
diff --git a/tests/log/faillog/10_faillog-u_open_range/faillog.test b/tests/log/faillog/10_faillog-u_open_range/faillog.test
new file mode 100755
index 0000000..9587bb9
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/faillog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog supports open ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u -1001..."
+faillog -a -u -1001> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/11_faillog-u_range_open/config.txt b/tests/log/faillog/11_faillog-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/group b/tests/log/faillog/11_faillog-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/gshadow b/tests/log/faillog/11_faillog-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/passwd b/tests/log/faillog/11_faillog-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/shadow b/tests/log/faillog/11_faillog-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/11_faillog-u_range_open/data/faillog.list b/tests/log/faillog/11_faillog-u_range_open/data/faillog.list
new file mode 100644
index 0000000..555ada5
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/data/faillog.list
@@ -0,0 +1,10 @@
+Login Failures Maximum
+
+bar 0 0
+list 0 0
+irc 0 0
+gnats 0 0
+nobody 0 0
+Debian-exim 0 0
+foo 0 0
+baz 0 0
diff --git a/tests/log/faillog/11_faillog-u_range_open/faillog.test b/tests/log/faillog/11_faillog-u_range_open/faillog.test
new file mode 100755
index 0000000..30c7728
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/faillog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog supports open ranges (2)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u 38-..."
+faillog -a -u 38-> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config.txt b/tests/log/faillog/12_faillog-u_range_invalid1/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/group b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/gshadow b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/passwd b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/shadow b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/data/faillog.err b/tests/log/faillog/12_faillog-u_range_invalid1/data/faillog.err
new file mode 100644
index 0000000..56b4173
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/data/faillog.err
@@ -0,0 +1 @@
+faillog: Unknown user or range: foo-bar
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/faillog.test b/tests/log/faillog/12_faillog-u_range_invalid1/faillog.test
new file mode 100755
index 0000000..9a73394
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u foo-bar..."
+faillog -u foo-bar 2>tmp/faillog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config.txt b/tests/log/faillog/13_faillog-u_range_invalid2/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/group b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/gshadow b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/passwd b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/shadow b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/data/faillog.err b/tests/log/faillog/13_faillog-u_range_invalid2/data/faillog.err
new file mode 100644
index 0000000..e9f6720
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/data/faillog.err
@@ -0,0 +1 @@
+faillog: Unknown user or range: foo-
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/faillog.test b/tests/log/faillog/13_faillog-u_range_invalid2/faillog.test
new file mode 100755
index 0000000..14f7170
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u foo-..."
+faillog -u foo- 2>tmp/faillog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config.txt b/tests/log/faillog/14_faillog-u_range_invalid3/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/group b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/gshadow b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/passwd b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/shadow b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/data/faillog.err b/tests/log/faillog/14_faillog-u_range_invalid3/data/faillog.err
new file mode 100644
index 0000000..33c3b8c
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/data/faillog.err
@@ -0,0 +1 @@
+faillog: Unknown user or range: -foo
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/faillog.test b/tests/log/faillog/14_faillog-u_range_invalid3/faillog.test
new file mode 100755
index 0000000..fdd0027
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u -foo..."
+faillog -u -foo 2>tmp/faillog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/15_faillog_bad_option/config.txt b/tests/log/faillog/15_faillog_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/group b/tests/log/faillog/15_faillog_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/gshadow b/tests/log/faillog/15_faillog_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/passwd b/tests/log/faillog/15_faillog_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/shadow b/tests/log/faillog/15_faillog_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/15_faillog_bad_option/data/usage.out b/tests/log/faillog/15_faillog_bad_option/data/usage.out
new file mode 100644
index 0000000..0644274
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/data/usage.out
@@ -0,0 +1,15 @@
+faillog: invalid option -- 'Z'
+Usage: faillog [options]
+
+Options:
+ -a, --all display faillog records for all users
+ -h, --help display this help message and exit
+ -l, --lock-secs SEC after failed login lock account for SEC seconds
+ -m, --maximum MAX set maximum failed login counters to MAX
+ -r, --reset reset the counters of login failures
+ -R, --root CHROOT_DIR directory to chroot into
+ -t, --time DAYS display faillog records more recent than DAYS
+ -u, --user LOGIN/RANGE display faillog record or maintains failure
+ counters and limits (if used with -r, -m,
+ or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/15_faillog_bad_option/faillog.test b/tests/log/faillog/15_faillog_bad_option/faillog.test
new file mode 100755
index 0000000..3e566cd
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get faillog usage (faillog -Z)..."
+faillog -Z 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/16_faillog_extra_arg/config.txt b/tests/log/faillog/16_faillog_extra_arg/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/group b/tests/log/faillog/16_faillog_extra_arg/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/gshadow b/tests/log/faillog/16_faillog_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/passwd b/tests/log/faillog/16_faillog_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/shadow b/tests/log/faillog/16_faillog_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/16_faillog_extra_arg/data/usage.out b/tests/log/faillog/16_faillog_extra_arg/data/usage.out
new file mode 100644
index 0000000..1ec1fa2
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/data/usage.out
@@ -0,0 +1,15 @@
+faillog: unexpected argument: foo
+Usage: faillog [options]
+
+Options:
+ -a, --all display faillog records for all users
+ -h, --help display this help message and exit
+ -l, --lock-secs SEC after failed login lock account for SEC seconds
+ -m, --maximum MAX set maximum failed login counters to MAX
+ -r, --reset reset the counters of login failures
+ -R, --root CHROOT_DIR directory to chroot into
+ -t, --time DAYS display faillog records more recent than DAYS
+ -u, --user LOGIN/RANGE display faillog record or maintains failure
+ counters and limits (if used with -r, -m,
+ or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/16_faillog_extra_arg/faillog.test b/tests/log/faillog/16_faillog_extra_arg/faillog.test
new file mode 100755
index 0000000..09770ca
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog checks if there are extra arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get faillog usage (faillog foo)..."
+faillog foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/17_faillog-t/config.txt b/tests/log/faillog/17_faillog-t/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/17_faillog-t/config/etc/group b/tests/log/faillog/17_faillog-t/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/17_faillog-t/config/etc/gshadow b/tests/log/faillog/17_faillog-t/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/17_faillog-t/config/etc/pam.d/login b/tests/log/faillog/17_faillog-t/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/17_faillog-t/config/etc/passwd b/tests/log/faillog/17_faillog-t/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/17_faillog-t/config/etc/shadow b/tests/log/faillog/17_faillog-t/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/17_faillog-t/data/faillog.list b/tests/log/faillog/17_faillog-t/data/faillog.list
new file mode 100644
index 0000000..f5d3d8c
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/data/faillog.list
@@ -0,0 +1,4 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 0
diff --git a/tests/log/faillog/17_faillog-t/faillog.test b/tests/log/faillog/17_faillog-t/faillog.test
new file mode 100755
index 0000000..217a63b
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/faillog.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=2 ./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=4 ./login.exp baz
+echo "OK"
+
+echo -n "faillog..."
+faillog -t 3 > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/17_faillog-t/login.exp b/tests/log/faillog/17_faillog-t/login.exp
new file mode 100755
index 0000000..66de74b
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -p $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/18_faillog-t_invalid/config.txt b/tests/log/faillog/18_faillog-t_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/group b/tests/log/faillog/18_faillog-t_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/gshadow b/tests/log/faillog/18_faillog-t_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/passwd b/tests/log/faillog/18_faillog-t_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/shadow b/tests/log/faillog/18_faillog-t_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/18_faillog-t_invalid/data/faillog.err b/tests/log/faillog/18_faillog-t_invalid/data/faillog.err
new file mode 100644
index 0000000..009c0f6
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/data/faillog.err
@@ -0,0 +1 @@
+faillog: invalid numeric argument 'bad'
diff --git a/tests/log/faillog/18_faillog-t_invalid/faillog.test b/tests/log/faillog/18_faillog-t_invalid/faillog.test
new file mode 100755
index 0000000..0405bca
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -t bad..."
+faillog -t bad 2>tmp/faillog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config.txt b/tests/log/faillog/19_faillog_multiple_same_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/group b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/gshadow b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/pam.d/login b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/passwd b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/shadow b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/data/faillog.list b/tests/log/faillog/19_faillog_multiple_same_user/data/faillog.list
new file mode 100644
index 0000000..935d843
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 2 0
+foo 1 0
+baz 1 0
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/faillog.test b/tests/log/faillog/19_faillog_multiple_same_user/faillog.test
new file mode 100755
index 0000000..21a6fff
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/faillog.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/login.exp b/tests/log/faillog/19_faillog_multiple_same_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/20_faillog-r-u/config.txt b/tests/log/faillog/20_faillog-r-u/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/group b/tests/log/faillog/20_faillog-r-u/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/gshadow b/tests/log/faillog/20_faillog-r-u/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/pam.d/login b/tests/log/faillog/20_faillog-r-u/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/passwd b/tests/log/faillog/20_faillog-r-u/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/shadow b/tests/log/faillog/20_faillog-r-u/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/20_faillog-r-u/data/faillog.list b/tests/log/faillog/20_faillog-r-u/data/faillog.list
new file mode 100644
index 0000000..12c3f70
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 0
+baz 0 0
diff --git a/tests/log/faillog/20_faillog-r-u/faillog.test b/tests/log/faillog/20_faillog-r-u/faillog.test
new file mode 100755
index 0000000..4aa3d90
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/faillog.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -r -u baz)..."
+faillog -r -u baz
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/20_faillog-r-u/login.exp b/tests/log/faillog/20_faillog-r-u/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/21_faillog-r-u_range/config.txt b/tests/log/faillog/21_faillog-r-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/group b/tests/log/faillog/21_faillog-r-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/gshadow b/tests/log/faillog/21_faillog-r-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/pam.d/login b/tests/log/faillog/21_faillog-r-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/passwd b/tests/log/faillog/21_faillog-r-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/shadow b/tests/log/faillog/21_faillog-r-u_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/21_faillog-r-u_range/data/faillog.list b/tests/log/faillog/21_faillog-r-u_range/data/faillog.list
new file mode 100644
index 0000000..fd0df36
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 0 0
+foo 0 0
+baz 1 0
diff --git a/tests/log/faillog/21_faillog-r-u_range/faillog.test b/tests/log/faillog/21_faillog-r-u_range/faillog.test
new file mode 100755
index 0000000..1b89358
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/faillog.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset users (faillog -r -u 1000-1001)..."
+faillog -r -u 1000-1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/21_faillog-r-u_range/login.exp b/tests/log/faillog/21_faillog-r-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/22_faillog_removed_user/config.txt b/tests/log/faillog/22_faillog_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/group b/tests/log/faillog/22_faillog_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/gshadow b/tests/log/faillog/22_faillog_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/pam.d/login b/tests/log/faillog/22_faillog_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/passwd b/tests/log/faillog/22_faillog_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/shadow b/tests/log/faillog/22_faillog_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/22_faillog_removed_user/data/faillog.list b/tests/log/faillog/22_faillog_removed_user/data/faillog.list
new file mode 100644
index 0000000..09f68d0
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/data/faillog.list
@@ -0,0 +1,4 @@
+Login Failures Maximum
+
+foo 1 0
+baz 1 0
diff --git a/tests/log/faillog/22_faillog_removed_user/faillog.test b/tests/log/faillog/22_faillog_removed_user/faillog.test
new file mode 100755
index 0000000..d72ee5b
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/22_faillog_removed_user/login.exp b/tests/log/faillog/22_faillog_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config.txt b/tests/log/faillog/23_faillog-a_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/group b/tests/log/faillog/23_faillog-a_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/gshadow b/tests/log/faillog/23_faillog-a_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/pam.d/login b/tests/log/faillog/23_faillog-a_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/passwd b/tests/log/faillog/23_faillog-a_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/shadow b/tests/log/faillog/23_faillog-a_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/23_faillog-a_removed_user/data/faillog.list b/tests/log/faillog/23_faillog-a_removed_user/data/faillog.list
new file mode 100644
index 0000000..1eb072b
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/data/faillog.list
@@ -0,0 +1,23 @@
+Login Failures Maximum
+
+root 0 0
+daemon 0 0
+bin 0 0
+sys 0 0
+sync 0 0
+games 0 0
+man 0 0
+lp 0 0
+mail 0 0
+news 0 0
+uucp 0 0
+proxy 0 0
+www-data 0 0
+backup 0 0
+list 0 0
+irc 0 0
+gnats 0 0
+nobody 0 0
+Debian-exim 0 0
+foo 1 0
+baz 1 0
diff --git a/tests/log/faillog/23_faillog-a_removed_user/faillog.test b/tests/log/faillog/23_faillog-a_removed_user/faillog.test
new file mode 100755
index 0000000..c440672
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/23_faillog-a_removed_user/login.exp b/tests/log/faillog/23_faillog-a_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config.txt b/tests/log/faillog/24_faillog-u_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/group b/tests/log/faillog/24_faillog-u_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/gshadow b/tests/log/faillog/24_faillog-u_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/pam.d/login b/tests/log/faillog/24_faillog-u_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/passwd b/tests/log/faillog/24_faillog-u_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/shadow b/tests/log/faillog/24_faillog-u_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/24_faillog-u_removed_user/data/faillog.list b/tests/log/faillog/24_faillog-u_removed_user/data/faillog.list
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/data/faillog.list
diff --git a/tests/log/faillog/24_faillog-u_removed_user/faillog.test b/tests/log/faillog/24_faillog-u_removed_user/faillog.test
new file mode 100755
index 0000000..d1fff47
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -a -u 1001..."
+faillog -a -u 1001> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/24_faillog-u_removed_user/login.exp b/tests/log/faillog/24_faillog-u_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config.txt b/tests/log/faillog/25_faillog-r-u_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list b/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list
new file mode 100644
index 0000000..1ad3edf
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list
@@ -0,0 +1,24 @@
+Login Failures Maximum
+
+root 0 0
+daemon 0 0
+bin 0 0
+bar 0 0
+sys 0 0
+sync 0 0
+games 0 0
+man 0 0
+lp 0 0
+mail 0 0
+news 0 0
+uucp 0 0
+proxy 0 0
+www-data 0 0
+backup 0 0
+list 0 0
+irc 0 0
+gnats 0 0
+nobody 0 0
+Debian-exim 0 0
+foo 0 0
+baz 0 0
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test b/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test
new file mode 100755
index 0000000..f48435a
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+cp -a /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -r -u 1000..."
+faillog -r -u 1000
+echo "OK."
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/login.exp b/tests/log/faillog/25_faillog-r-u_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config.txt b/tests/log/faillog/26_faillog-r-u_range_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/group b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/gshadow b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/pam.d/login b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/passwd b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/shadow b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/data/faillog.list b/tests/log/faillog/26_faillog-r-u_range_removed_user/data/faillog.list
new file mode 100644
index 0000000..0f9aacf
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/data/faillog.list
@@ -0,0 +1,24 @@
+Login Failures Maximum
+
+root 0 0
+daemon 0 0
+bin 0 0
+bar 0 0
+sys 0 0
+sync 0 0
+games 0 0
+man 0 0
+lp 0 0
+mail 0 0
+news 0 0
+uucp 0 0
+proxy 0 0
+www-data 0 0
+backup 0 0
+list 0 0
+irc 0 0
+gnats 0 0
+nobody 0 0
+Debian-exim 0 0
+foo 1 0
+baz 0 0
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/faillog.test b/tests/log/faillog/26_faillog-r-u_range_removed_user/faillog.test
new file mode 100755
index 0000000..5c140b9
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/faillog.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+cp -a /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -r -u 40-2000..."
+faillog -r -u 40-2000
+echo "OK."
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/login.exp b/tests/log/faillog/26_faillog-r-u_range_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config.txt b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/group b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/gshadow b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/pam.d/login b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/passwd b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/shadow b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/data/faillog.list b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/data/faillog.list
new file mode 100644
index 0000000..1ad3edf
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/data/faillog.list
@@ -0,0 +1,24 @@
+Login Failures Maximum
+
+root 0 0
+daemon 0 0
+bin 0 0
+bar 0 0
+sys 0 0
+sync 0 0
+games 0 0
+man 0 0
+lp 0 0
+mail 0 0
+news 0 0
+uucp 0 0
+proxy 0 0
+www-data 0 0
+backup 0 0
+list 0 0
+irc 0 0
+gnats 0 0
+nobody 0 0
+Debian-exim 0 0
+foo 0 0
+baz 0 0
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test
new file mode 100755
index 0000000..ecf1f97
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp bar
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+cp -a /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -r -u 40-2000..."
+faillog -a -r -u 40-2000
+echo "OK."
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/login.exp b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config.txt b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/group b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/gshadow b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/pam.d/login b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/passwd b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/shadow b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/data/faillog.list b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/data/faillog.list
new file mode 100644
index 0000000..3544ec4
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/data/faillog.list
@@ -0,0 +1,24 @@
+Login Failures Maximum
+
+root 0 0
+daemon 0 0
+bin 0 0
+bar 1 0
+sys 0 0
+sync 0 0
+games 0 0
+man 0 0
+lp 0 0
+mail 0 0
+news 0 0
+uucp 0 0
+proxy 0 0
+www-data 0 0
+backup 0 0
+list 0 0
+irc 0 0
+gnats 0 0
+nobody 0 0
+Debian-exim 0 0
+foo 0 0
+baz 0 0
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test
new file mode 100755
index 0000000..5790ad9
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp bar
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+cp -a /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -r -u -1000..."
+faillog -a -r -u -1000
+echo "OK."
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/login.exp b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config.txt b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/group b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/gshadow b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/pam.d/login b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/passwd b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/shadow b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/data/faillog.list b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/data/faillog.list
new file mode 100644
index 0000000..0f9aacf
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/data/faillog.list
@@ -0,0 +1,24 @@
+Login Failures Maximum
+
+root 0 0
+daemon 0 0
+bin 0 0
+bar 0 0
+sys 0 0
+sync 0 0
+games 0 0
+man 0 0
+lp 0 0
+mail 0 0
+news 0 0
+uucp 0 0
+proxy 0 0
+www-data 0 0
+backup 0 0
+list 0 0
+irc 0 0
+gnats 0 0
+nobody 0 0
+Debian-exim 0 0
+foo 1 0
+baz 0 0
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test
new file mode 100755
index 0000000..9579ca6
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp bar
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+cp -a /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -r -u 1001-..."
+faillog -a -r -u 1001-
+echo "OK."
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/login.exp b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/30_faillog-r/config.txt b/tests/log/faillog/30_faillog-r/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/30_faillog-r/config/etc/group b/tests/log/faillog/30_faillog-r/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/30_faillog-r/config/etc/gshadow b/tests/log/faillog/30_faillog-r/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/30_faillog-r/config/etc/pam.d/login b/tests/log/faillog/30_faillog-r/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/30_faillog-r/config/etc/passwd b/tests/log/faillog/30_faillog-r/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/30_faillog-r/config/etc/shadow b/tests/log/faillog/30_faillog-r/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/30_faillog-r/data/faillog.list b/tests/log/faillog/30_faillog-r/data/faillog.list
new file mode 100644
index 0000000..d96a936
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 0 0
+foo 0 0
+baz 0 0
diff --git a/tests/log/faillog/30_faillog-r/faillog.test b/tests/log/faillog/30_faillog-r/faillog.test
new file mode 100755
index 0000000..cfb441f
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/faillog.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -r)..."
+faillog -r
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/30_faillog-r/login.exp b/tests/log/faillog/30_faillog-r/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config.txt b/tests/log/faillog/31_faillog-r-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/group b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/gshadow b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/pam.d/login b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/passwd b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/shadow b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/data/faillog.list b/tests/log/faillog/31_faillog-r-u_open_range/data/faillog.list
new file mode 100644
index 0000000..fd0df36
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 0 0
+foo 0 0
+baz 1 0
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/faillog.test b/tests/log/faillog/31_faillog-r-u_open_range/faillog.test
new file mode 100755
index 0000000..9eb7beb
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/faillog.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset users count (faillog -r -u -1001)..."
+faillog -r -u -1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/login.exp b/tests/log/faillog/31_faillog-r-u_open_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/32_faillog-l/config.txt b/tests/log/faillog/32_faillog-l/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/32_faillog-l/config/etc/group b/tests/log/faillog/32_faillog-l/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/32_faillog-l/config/etc/gshadow b/tests/log/faillog/32_faillog-l/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/32_faillog-l/config/etc/pam.d/login b/tests/log/faillog/32_faillog-l/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/32_faillog-l/config/etc/passwd b/tests/log/faillog/32_faillog-l/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/32_faillog-l/config/etc/shadow b/tests/log/faillog/32_faillog-l/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/32_faillog-l/data/faillog.list b/tests/log/faillog/32_faillog-l/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 0
+baz 1 0
diff --git a/tests/log/faillog/32_faillog-l/faillog.test b/tests/log/faillog/32_faillog-l/faillog.test
new file mode 100755
index 0000000..1e6360e
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/faillog.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -l 10)..."
+faillog -l 10
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should between 6 and 8 secondes remaining for baz..."
+grep "^baz .* \[[678]s left\]$" tmp/faillog.out
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/32_faillog-l/login.exp b/tests/log/faillog/32_faillog-l/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/33_faillog-l-u_user/config.txt b/tests/log/faillog/33_faillog-l-u_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/group b/tests/log/faillog/33_faillog-l-u_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/gshadow b/tests/log/faillog/33_faillog-l-u_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/pam.d/login b/tests/log/faillog/33_faillog-l-u_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/passwd b/tests/log/faillog/33_faillog-l-u_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/shadow b/tests/log/faillog/33_faillog-l-u_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/33_faillog-l-u_user/data/faillog.list b/tests/log/faillog/33_faillog-l-u_user/data/faillog.list
new file mode 100644
index 0000000..817ff45
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/data/faillog.list
@@ -0,0 +1 @@
+foo 1 0
diff --git a/tests/log/faillog/33_faillog-l-u_user/faillog.test b/tests/log/faillog/33_faillog-l-u_user/faillog.test
new file mode 100755
index 0000000..f9ccf53
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/faillog.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -u foo)..."
+faillog -l 10 -u foo
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+grep "left\|lock" tmp/faillog.out | cut -c-28 > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/33_faillog-l-u_user/login.exp b/tests/log/faillog/33_faillog-l-u_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/34_faillog-l-u_range/config.txt b/tests/log/faillog/34_faillog-l-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/group b/tests/log/faillog/34_faillog-l-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/gshadow b/tests/log/faillog/34_faillog-l-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/pam.d/login b/tests/log/faillog/34_faillog-l-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/passwd b/tests/log/faillog/34_faillog-l-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/shadow b/tests/log/faillog/34_faillog-l-u_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/34_faillog-l-u_range/data/faillog.list b/tests/log/faillog/34_faillog-l-u_range/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 0
+baz 1 0
diff --git a/tests/log/faillog/34_faillog-l-u_range/faillog.test b/tests/log/faillog/34_faillog-l-u_range/faillog.test
new file mode 100755
index 0000000..980b95e
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/faillog.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -u 1000-1001)..."
+faillog -l 10 -u 1000-1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be between 3 and 5 secondes remaining for bar..."
+grep "^bar .* \[[345]s left\]$" tmp/faillog.out
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/34_faillog-l-u_range/login.exp b/tests/log/faillog/34_faillog-l-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config.txt b/tests/log/faillog/35_faillog-l-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/group b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/gshadow b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/pam.d/login b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/passwd b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/shadow b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/data/faillog.list b/tests/log/faillog/35_faillog-l-u_open_range/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 0
+baz 1 0
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/faillog.test b/tests/log/faillog/35_faillog-l-u_open_range/faillog.test
new file mode 100755
index 0000000..3cc9655
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/faillog.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -u -1001)..."
+faillog -l 10 -u -1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be between 2 and 5 secondes remaining for bar..."
+grep "^bar .* \[[2345]s left\]$" tmp/faillog.out
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/login.exp b/tests/log/faillog/35_faillog-l-u_open_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config.txt b/tests/log/faillog/36_faillog-l-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/group b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/gshadow b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/pam.d/login b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/passwd b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/shadow b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/data/faillog.list b/tests/log/faillog/36_faillog-l-u_range_open/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 0
+baz 1 0
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/faillog.test b/tests/log/faillog/36_faillog-l-u_range_open/faillog.test
new file mode 100755
index 0000000..caf0742
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/faillog.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -u 1000-1001)..."
+faillog -l 10 -u 1001-
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be 6 or 7 secondes remaining for baz..."
+grep "^baz .* \[[67]s left\]$" tmp/faillog.out
+echo "OK"
+echo "There should be 3 or 4 secondes remaining for bar..."
+grep "^bar .* \[[34]s left\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/login.exp b/tests/log/faillog/36_faillog-l-u_range_open/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config.txt b/tests/log/faillog/37_faillog-l-a-u_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/group b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/gshadow b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/pam.d/login b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/passwd b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/shadow b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/data/faillog.list b/tests/log/faillog/37_faillog-l-a-u_user/data/faillog.list
new file mode 100644
index 0000000..817ff45
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/data/faillog.list
@@ -0,0 +1 @@
+foo 1 0
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/faillog.test b/tests/log/faillog/37_faillog-l-a-u_user/faillog.test
new file mode 100755
index 0000000..9128abc
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/faillog.test
@@ -0,0 +1,70 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove user foo from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset old foo (faillog -l 10 -u 1000)..."
+faillog -l 10 -a -u 1000
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+grep "left\|lock" tmp/faillog.out | cut -c-28 > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/login.exp b/tests/log/faillog/37_faillog-l-a-u_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config.txt b/tests/log/faillog/38_faillog-l-a-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/group b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/gshadow b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/pam.d/login b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/passwd b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/shadow b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/data/faillog.list b/tests/log/faillog/38_faillog-l-a-u_range/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 0
+baz 1 0
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/faillog.test b/tests/log/faillog/38_faillog-l-a-u_range/faillog.test
new file mode 100755
index 0000000..a585e17
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/faillog.test
@@ -0,0 +1,73 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -a -u 1000-1001)..."
+faillog -l 10 -a -u 1000-1001
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be between 2 and 4 secondes remaining for bar..."
+grep "^bar .* \[[2-4]s left\]$" tmp/faillog.out
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/login.exp b/tests/log/faillog/38_faillog-l-a-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config.txt b/tests/log/faillog/39_faillog-l-a-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/group b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/gshadow b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/pam.d/login b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/passwd b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/shadow b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/data/faillog.list b/tests/log/faillog/39_faillog-l-a-u_open_range/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 0
+baz 1 0
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/faillog.test b/tests/log/faillog/39_faillog-l-a-u_open_range/faillog.test
new file mode 100755
index 0000000..b81b396
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/faillog.test
@@ -0,0 +1,73 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -a -u -1001)..."
+faillog -l 10 -a -u -1001
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be between 2 and 4 secondes remaining for bar..."
+grep "^bar .* \[[234]s left\]$" tmp/faillog.out
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/login.exp b/tests/log/faillog/39_faillog-l-a-u_open_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config.txt b/tests/log/faillog/40_faillog-l-a-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/group b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/gshadow b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/pam.d/login b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/passwd b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/shadow b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/data/faillog.list b/tests/log/faillog/40_faillog-l-a-u_range_open/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 0
+baz 1 0
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/faillog.test b/tests/log/faillog/40_faillog-l-a-u_range_open/faillog.test
new file mode 100755
index 0000000..3f25fc5
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/faillog.test
@@ -0,0 +1,73 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -a -l 10 -u 1001-)..."
+faillog -a -l 10 -u 1001-
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be between 6 and 8 secondes remaining for baz..."
+grep "^baz .* \[[6-8]s left\]$" tmp/faillog.out
+echo "OK"
+echo "There should be between 2 and 4 secondes remaining for bar..."
+grep "^bar .* \[[2-4]s left\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/login.exp b/tests/log/faillog/40_faillog-l-a-u_range_open/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/41_faillog-l_invalid/config.txt b/tests/log/faillog/41_faillog-l_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/group b/tests/log/faillog/41_faillog-l_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/gshadow b/tests/log/faillog/41_faillog-l_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/passwd b/tests/log/faillog/41_faillog-l_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/shadow b/tests/log/faillog/41_faillog-l_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/41_faillog-l_invalid/data/faillog.err b/tests/log/faillog/41_faillog-l_invalid/data/faillog.err
new file mode 100644
index 0000000..009c0f6
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/data/faillog.err
@@ -0,0 +1 @@
+faillog: invalid numeric argument 'bad'
diff --git a/tests/log/faillog/41_faillog-l_invalid/faillog.test b/tests/log/faillog/41_faillog-l_invalid/faillog.test
new file mode 100755
index 0000000..3907eee
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -l bad..."
+faillog -l bad 2>tmp/faillog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/42_faillog-m/config.txt b/tests/log/faillog/42_faillog-m/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/42_faillog-m/config/etc/group b/tests/log/faillog/42_faillog-m/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/42_faillog-m/config/etc/gshadow b/tests/log/faillog/42_faillog-m/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/42_faillog-m/config/etc/pam.d/login b/tests/log/faillog/42_faillog-m/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/42_faillog-m/config/etc/passwd b/tests/log/faillog/42_faillog-m/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/42_faillog-m/config/etc/shadow b/tests/log/faillog/42_faillog-m/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/42_faillog-m/data/faillog.list b/tests/log/faillog/42_faillog-m/data/faillog.list
new file mode 100644
index 0000000..29b7516
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 10
+foo 1 10
+baz 1 10
diff --git a/tests/log/faillog/42_faillog-m/faillog.test b/tests/log/faillog/42_faillog-m/faillog.test
new file mode 100755
index 0000000..867d41c
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -m 10)..."
+faillog -m 10
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/42_faillog-m/login.exp b/tests/log/faillog/42_faillog-m/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/43_faillog-m-u_user/config.txt b/tests/log/faillog/43_faillog-m-u_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/group b/tests/log/faillog/43_faillog-m-u_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/gshadow b/tests/log/faillog/43_faillog-m-u_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/pam.d/login b/tests/log/faillog/43_faillog-m-u_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/passwd b/tests/log/faillog/43_faillog-m-u_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/shadow b/tests/log/faillog/43_faillog-m-u_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/43_faillog-m-u_user/data/faillog.list b/tests/log/faillog/43_faillog-m-u_user/data/faillog.list
new file mode 100644
index 0000000..5ec2414
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 10
+baz 1 0
diff --git a/tests/log/faillog/43_faillog-m-u_user/faillog.test b/tests/log/faillog/43_faillog-m-u_user/faillog.test
new file mode 100755
index 0000000..d86c6ea
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -u foo)..."
+faillog -m 10 -u foo
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/43_faillog-m-u_user/login.exp b/tests/log/faillog/43_faillog-m-u_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/44_faillog-m-u_range/config.txt b/tests/log/faillog/44_faillog-m-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/group b/tests/log/faillog/44_faillog-m-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/gshadow b/tests/log/faillog/44_faillog-m-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/pam.d/login b/tests/log/faillog/44_faillog-m-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/passwd b/tests/log/faillog/44_faillog-m-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/shadow b/tests/log/faillog/44_faillog-m-u_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/44_faillog-m-u_range/data/faillog.list b/tests/log/faillog/44_faillog-m-u_range/data/faillog.list
new file mode 100644
index 0000000..9af27b0
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 10
+foo 1 10
+baz 1 0
diff --git a/tests/log/faillog/44_faillog-m-u_range/faillog.test b/tests/log/faillog/44_faillog-m-u_range/faillog.test
new file mode 100755
index 0000000..f410ac3
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -u 1000-1001)..."
+faillog -m 10 -u 1000-1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/44_faillog-m-u_range/login.exp b/tests/log/faillog/44_faillog-m-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config.txt b/tests/log/faillog/45_faillog-m-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/group b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/gshadow b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/pam.d/login b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/passwd b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/shadow b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/data/faillog.list b/tests/log/faillog/45_faillog-m-u_open_range/data/faillog.list
new file mode 100644
index 0000000..9af27b0
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 10
+foo 1 10
+baz 1 0
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/faillog.test b/tests/log/faillog/45_faillog-m-u_open_range/faillog.test
new file mode 100755
index 0000000..77d9202
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog can set the maximum number of fail logins for a range of users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -u -1001)..."
+faillog -m 10 -u -1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/login.exp b/tests/log/faillog/45_faillog-m-u_open_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config.txt b/tests/log/faillog/46_faillog-m-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/group b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/gshadow b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/pam.d/login b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/passwd b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/shadow b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/data/faillog.list b/tests/log/faillog/46_faillog-m-u_range_open/data/faillog.list
new file mode 100644
index 0000000..ea0845d
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 10
+foo 1 0
+baz 1 10
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/faillog.test b/tests/log/faillog/46_faillog-m-u_range_open/faillog.test
new file mode 100755
index 0000000..0bed617
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog can set the maximum number of fail logins for a range of users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -u 1000-1001)..."
+faillog -m 10 -u 1001-
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/login.exp b/tests/log/faillog/46_faillog-m-u_range_open/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config.txt b/tests/log/faillog/47_faillog-m-a-u_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/group b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/gshadow b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/pam.d/login b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/passwd b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/shadow b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/data/faillog.list b/tests/log/faillog/47_faillog-m-a-u_user/data/faillog.list
new file mode 100644
index 0000000..5ec2414
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 0
+foo 1 10
+baz 1 0
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/faillog.test b/tests/log/faillog/47_faillog-m-a-u_user/faillog.test
new file mode 100755
index 0000000..64d7f6c
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/faillog.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog can set the maximum number an removed user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove user foo from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset old foo (faillog -m 10 -a -u 1000)..."
+faillog -m 10 -a -u 1000
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/login.exp b/tests/log/faillog/47_faillog-m-a-u_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config.txt b/tests/log/faillog/48_faillog-m-a-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/group b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/gshadow b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/pam.d/login b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/passwd b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/shadow b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/data/faillog.list b/tests/log/faillog/48_faillog-m-a-u_range/data/faillog.list
new file mode 100644
index 0000000..9af27b0
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 10
+foo 1 10
+baz 1 0
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/faillog.test b/tests/log/faillog/48_faillog-m-a-u_range/faillog.test
new file mode 100755
index 0000000..cd35f27
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/faillog.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -a -u 1000-1001)..."
+faillog -m 10 -a -u 1000-1001
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/login.exp b/tests/log/faillog/48_faillog-m-a-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config.txt b/tests/log/faillog/49_faillog-m-a-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/group b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/gshadow b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/pam.d/login b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/passwd b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/shadow b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/data/faillog.list b/tests/log/faillog/49_faillog-m-a-u_open_range/data/faillog.list
new file mode 100644
index 0000000..9af27b0
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 10
+foo 1 10
+baz 1 0
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/faillog.test b/tests/log/faillog/49_faillog-m-a-u_open_range/faillog.test
new file mode 100755
index 0000000..8b865b3
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/faillog.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -a -u -1001)..."
+faillog -m 10 -a -u -1001
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/login.exp b/tests/log/faillog/49_faillog-m-a-u_open_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config.txt b/tests/log/faillog/50_faillog-m-a-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/group b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/gshadow b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/pam.d/login b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/passwd b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/shadow b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/data/faillog.list b/tests/log/faillog/50_faillog-m-a-u_range_open/data/faillog.list
new file mode 100644
index 0000000..ea0845d
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/data/faillog.list
@@ -0,0 +1,5 @@
+Login Failures Maximum
+
+bar 1 10
+foo 1 0
+baz 1 10
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/faillog.test b/tests/log/faillog/50_faillog-m-a-u_range_open/faillog.test
new file mode 100755
index 0000000..c315f7c
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/faillog.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -a -u 1001-)..."
+faillog -m 10 -a -u 1001-
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/login.exp b/tests/log/faillog/50_faillog-m-a-u_range_open/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/51_faillog-m_invalid/config.txt b/tests/log/faillog/51_faillog-m_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/group b/tests/log/faillog/51_faillog-m_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/gshadow b/tests/log/faillog/51_faillog-m_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/passwd b/tests/log/faillog/51_faillog-m_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/shadow b/tests/log/faillog/51_faillog-m_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/51_faillog-m_invalid/data/faillog.err b/tests/log/faillog/51_faillog-m_invalid/data/faillog.err
new file mode 100644
index 0000000..009c0f6
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/data/faillog.err
@@ -0,0 +1 @@
+faillog: invalid numeric argument 'bad'
diff --git a/tests/log/faillog/51_faillog-m_invalid/faillog.test b/tests/log/faillog/51_faillog-m_invalid/faillog.test
new file mode 100755
index 0000000..9e49dbc
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -m bad..."
+faillog -m bad 2>tmp/faillog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config.txt b/tests/log/faillog/52_faillog-t-l_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/group b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/gshadow b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/passwd b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/shadow b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/data/usage.out b/tests/log/faillog/52_faillog-t-l_exclusive/data/usage.out
new file mode 100644
index 0000000..d5d2839
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/data/usage.out
@@ -0,0 +1,14 @@
+Usage: faillog [options]
+
+Options:
+ -a, --all display faillog records for all users
+ -h, --help display this help message and exit
+ -l, --lock-secs SEC after failed login lock account for SEC seconds
+ -m, --maximum MAX set maximum failed login counters to MAX
+ -r, --reset reset the counters of login failures
+ -R, --root CHROOT_DIR directory to chroot into
+ -t, --time DAYS display faillog records more recent than DAYS
+ -u, --user LOGIN/RANGE display faillog record or maintains failure
+ counters and limits (if used with -r, -m,
+ or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/faillog.test b/tests/log/faillog/52_faillog-t-l_exclusive/faillog.test
new file mode 100755
index 0000000..fee2889
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog does not accept -l and -t atthe same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Bad faillog usage (faillog -t 10 -l 10)..."
+faillog -t 10 -l 10 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config.txt b/tests/log/faillog/53_faillog-t-m_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/group b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/gshadow b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/passwd b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/shadow b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/data/usage.out b/tests/log/faillog/53_faillog-t-m_exclusive/data/usage.out
new file mode 100644
index 0000000..d5d2839
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/data/usage.out
@@ -0,0 +1,14 @@
+Usage: faillog [options]
+
+Options:
+ -a, --all display faillog records for all users
+ -h, --help display this help message and exit
+ -l, --lock-secs SEC after failed login lock account for SEC seconds
+ -m, --maximum MAX set maximum failed login counters to MAX
+ -r, --reset reset the counters of login failures
+ -R, --root CHROOT_DIR directory to chroot into
+ -t, --time DAYS display faillog records more recent than DAYS
+ -u, --user LOGIN/RANGE display faillog record or maintains failure
+ counters and limits (if used with -r, -m,
+ or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/faillog.test b/tests/log/faillog/53_faillog-t-m_exclusive/faillog.test
new file mode 100755
index 0000000..0844392
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog does not accept -m and -t atthe same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Bad faillog usage (faillog -t 1 -m 1)..."
+faillog -t 1 -m 1 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config.txt b/tests/log/faillog/54_faillog-t-r_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/group b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/gshadow b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/passwd b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/shadow b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/data/usage.out b/tests/log/faillog/54_faillog-t-r_exclusive/data/usage.out
new file mode 100644
index 0000000..d5d2839
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/data/usage.out
@@ -0,0 +1,14 @@
+Usage: faillog [options]
+
+Options:
+ -a, --all display faillog records for all users
+ -h, --help display this help message and exit
+ -l, --lock-secs SEC after failed login lock account for SEC seconds
+ -m, --maximum MAX set maximum failed login counters to MAX
+ -r, --reset reset the counters of login failures
+ -R, --root CHROOT_DIR directory to chroot into
+ -t, --time DAYS display faillog records more recent than DAYS
+ -u, --user LOGIN/RANGE display faillog record or maintains failure
+ counters and limits (if used with -r, -m,
+ or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/faillog.test b/tests/log/faillog/54_faillog-t-r_exclusive/faillog.test
new file mode 100755
index 0000000..72cf6c7
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog does not accept -r and -t atthe same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Bad faillog usage (faillog -t -r)..."
+faillog -t 1 -r 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/55_faillog_no_changes/config.txt b/tests/log/faillog/55_faillog_no_changes/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/group b/tests/log/faillog/55_faillog_no_changes/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/gshadow b/tests/log/faillog/55_faillog_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/pam.d/login b/tests/log/faillog/55_faillog_no_changes/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/passwd b/tests/log/faillog/55_faillog_no_changes/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/shadow b/tests/log/faillog/55_faillog_no_changes/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/55_faillog_no_changes/data/faillog.stat b/tests/log/faillog/55_faillog_no_changes/data/faillog.stat
new file mode 100644
index 0000000..fb96c4d
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/data/faillog.stat
@@ -0,0 +1 @@
+0 root:root `/var/log/faillog'
diff --git a/tests/log/faillog/55_faillog_no_changes/faillog.test b/tests/log/faillog/55_faillog_no_changes/faillog.test
new file mode 100755
index 0000000..6be6fb7
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/faillog.test
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "reset baz (faillog -l 0 -m 0 -u baz)..."
+faillog -l 0 -m 0 -u baz
+echo "OK"
+
+echo -n "Check permissions and size of the faillog..."
+stat --printf "%s %U:%G %N\n" /var/log/faillog | sort > tmp/faillog.stat
+diff -rauN data/faillog.stat tmp/faillog.stat
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/55_faillog_no_changes/login.exp b/tests/log/faillog/55_faillog_no_changes/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config.txt b/tests/log/faillog/56_faillog-l-m_empty_file/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/group b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/gshadow b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/pam.d/login b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/passwd b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/shadow b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/data/faillog.stat b/tests/log/faillog/56_faillog-l-m_empty_file/data/faillog.stat
new file mode 100644
index 0000000..66b0df0
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/data/faillog.stat
@@ -0,0 +1 @@
+24072 root:root `/var/log/faillog'
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/faillog.test b/tests/log/faillog/56_faillog-l-m_empty_file/faillog.test
new file mode 100755
index 0000000..bb0ef15
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/faillog.test
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "reset baz (faillog -l 0 -m 0 -u baz)..."
+faillog -a -l 1 -m 1 -u 1000-1002
+echo "OK"
+
+echo -n "Check size of the faillog..."
+stat --printf "%s %U:%G %N\n" /var/log/faillog | sort > tmp/faillog.stat
+diff -rauN data/faillog.stat tmp/faillog.stat
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config.txt b/tests/log/faillog/57_faillog-r_empty_file/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/group b/tests/log/faillog/57_faillog-r_empty_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/gshadow b/tests/log/faillog/57_faillog-r_empty_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/pam.d/login b/tests/log/faillog/57_faillog-r_empty_file/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/passwd b/tests/log/faillog/57_faillog-r_empty_file/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/shadow b/tests/log/faillog/57_faillog-r_empty_file/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/57_faillog-r_empty_file/data/faillog.stat b/tests/log/faillog/57_faillog-r_empty_file/data/faillog.stat
new file mode 100644
index 0000000..fb96c4d
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/data/faillog.stat
@@ -0,0 +1 @@
+0 root:root `/var/log/faillog'
diff --git a/tests/log/faillog/57_faillog-r_empty_file/faillog.test b/tests/log/faillog/57_faillog-r_empty_file/faillog.test
new file mode 100755
index 0000000..f52f470
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/faillog.test
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "reset baz (faillog -l 0 -m 0 -u baz)..."
+faillog -a -r -u 1000-1002
+echo "OK"
+
+echo -n "Check size of the faillog..."
+stat --printf "%s %U:%G %N\n" /var/log/faillog | sort > tmp/faillog.stat
+diff -rauN data/faillog.stat tmp/faillog.stat
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config.txt b/tests/log/faillog/58_faillog-l_no_failcount/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/group b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/gshadow b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/pam.d/login b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/passwd b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/shadow b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/data/faillog.list b/tests/log/faillog/58_faillog-l_no_failcount/data/faillog.list
new file mode 100644
index 0000000..405c169
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/data/faillog.list
@@ -0,0 +1,3 @@
+Login Failures Maximum
+
+foo 0 0
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/faillog.test b/tests/log/faillog/58_faillog-l_no_failcount/faillog.test
new file mode 100755
index 0000000..41e951f
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports the locktime even if timeout is not passwed when there are no failures"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "set locktime for foo (faillog -l 10 -u foo)..."
+faillog -l 10 -u foo
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Reset failure counter for foo..."
+faillog -r -u foo
+echo "OK"
+
+echo -n "faillog..."
+faillog -u foo> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/login.exp b/tests/log/faillog/58_faillog-l_no_failcount/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config.txt b/tests/log/lastlog/01_lastlog_no_lastlog/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/group b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/gshadow b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/passwd b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/shadow b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/data/lastlog.err b/tests/log/lastlog/01_lastlog_no_lastlog/data/lastlog.err
new file mode 100644
index 0000000..935fdb5
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/data/lastlog.err
@@ -0,0 +1 @@
+/var/log/lastlog: No such file or directory
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/lastlog.test b/tests/log/lastlog/01_lastlog_no_lastlog/lastlog.test
new file mode 100755
index 0000000..d903f88
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/lastlog.test
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog detects missing /var/log/lastlog and does not create it"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/lastlog' 0
+
+change_config
+
+echo -n "Remove /var/log/lastlog (it will not be restored)..."
+rm -f /var/log/lastlog
+echo "OK"
+
+echo -n "Execute lastlog (lastlog)..."
+lastlog 2>tmp/lastlog.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "usage message OK."
+rm -f tmp/lastlog.err
+
+echo -n "Check that the /var/log/lastlog file was not created"...
+test ! -f /var/log/lastlog
+echo "OK"
+
+touch /var/log/lastlog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/02_lastlog_usage/config.txt b/tests/log/lastlog/02_lastlog_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/group b/tests/log/lastlog/02_lastlog_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/gshadow b/tests/log/lastlog/02_lastlog_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/passwd b/tests/log/lastlog/02_lastlog_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/shadow b/tests/log/lastlog/02_lastlog_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/02_lastlog_usage/data/usage.out b/tests/log/lastlog/02_lastlog_usage/data/usage.out
new file mode 100644
index 0000000..410197e
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/data/usage.out
@@ -0,0 +1,9 @@
+Usage: lastlog [options]
+
+Options:
+ -b, --before DAYS print only lastlog records older than DAYS
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+ -t, --time DAYS print only lastlog records more recent than DAYS
+ -u, --user LOGIN print lastlog record of the specified LOGIN
+
diff --git a/tests/log/lastlog/02_lastlog_usage/lastlog.test b/tests/log/lastlog/02_lastlog_usage/lastlog.test
new file mode 100755
index 0000000..344a104
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/lastlog.test
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get lastlog usage (lastlog -h)..."
+lastlog -h >tmp/usage.out
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/03_lastlog_format/config.txt b/tests/log/lastlog/03_lastlog_format/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/group b/tests/log/lastlog/03_lastlog_format/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/gshadow b/tests/log/lastlog/03_lastlog_format/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/passwd b/tests/log/lastlog/03_lastlog_format/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/shadow b/tests/log/lastlog/03_lastlog_format/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/03_lastlog_format/data/lastlog.out b/tests/log/lastlog/03_lastlog_format/data/lastlog.out
new file mode 100644
index 0000000..280e1ab
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/data/lastlog.out
@@ -0,0 +1,20 @@
+Username Port From Latest
+root **Never logged in**
+daemon **Never logged in**
+bin **Never logged in**
+sys **Never logged in**
+sync **Never logged in**
+games **Never logged in**
+man **Never logged in**
+lp **Never logged in**
+mail **Never logged in**
+news **Never logged in**
+uucp **Never logged in**
+proxy **Never logged in**
+www-data **Never logged in**
+backup **Never logged in**
+list **Never logged in**
+irc **Never logged in**
+gnats **Never logged in**
+nobody **Never logged in**
+Debian-exim **Never logged in**
diff --git a/tests/log/lastlog/03_lastlog_format/lastlog.test b/tests/log/lastlog/03_lastlog_format/lastlog.test
new file mode 100755
index 0000000..b59c19b
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/lastlog.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+cp data/lastlog.out tmp/lastlog.out1
+cp data/lastlog.out tmp/lastlog.out2
+TTY=0
+while true
+do
+ [ ! -e /dev/pts/$TTY ] && break
+ TTY=$((TTY+1))
+done
+
+
+DATE=$(LC_ALL=C date +"%a %b %e %H:%M:%S %z %Y")
+printf "%-16s %-8.8s %-16.16s %s\n" foo "pts/$TTY" "" "$DATE" >> tmp/lastlog.out1
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+DATE=$(LC_ALL=C date +"%a %b %e %H:%M:%S %z %Y")
+printf "%-16s %-8.8s %-16.16s %s\n" foo "pts/$TTY" "" "$DATE" >> tmp/lastlog.out2
+
+echo -n "lastlog..."
+lastlog > tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the lastlog message..."
+diff -au tmp/lastlog.out tmp/lastlog.out1 || diff -au tmp/lastlog.out tmp/lastlog.out2
+echo "lastlog message OK."
+rm -f tmp/lastlog.out tmp/lastlog.out1 tmp/lastlog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/03_lastlog_format/login.exp b/tests/log/lastlog/03_lastlog_format/login.exp
new file mode 100755
index 0000000..c8866d9
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/login.exp
@@ -0,0 +1,13 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -f foo\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/lastlog/04_lastlog_mulitple/config.txt b/tests/log/lastlog/04_lastlog_mulitple/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/group b/tests/log/lastlog/04_lastlog_mulitple/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/gshadow b/tests/log/lastlog/04_lastlog_mulitple/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/passwd b/tests/log/lastlog/04_lastlog_mulitple/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/shadow b/tests/log/lastlog/04_lastlog_mulitple/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/04_lastlog_mulitple/data/lastlog.list b/tests/log/lastlog/04_lastlog_mulitple/data/lastlog.list
new file mode 100644
index 0000000..ae27a13
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/data/lastlog.list
@@ -0,0 +1,4 @@
+Username
+bar
+foo
+baz
diff --git a/tests/log/lastlog/04_lastlog_mulitple/lastlog.test b/tests/log/lastlog/04_lastlog_mulitple/lastlog.test
new file mode 100755
index 0000000..630c7f5
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/lastlog.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "lastlog..."
+lastlog > tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | grep -v "Never logged in" | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/04_lastlog_mulitple/login.exp b/tests/log/lastlog/04_lastlog_mulitple/login.exp
new file mode 100755
index 0000000..664f919
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/login.exp
@@ -0,0 +1,19 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -f $user\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/lastlog/05_lastlog-u_ID/config.txt b/tests/log/lastlog/05_lastlog-u_ID/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/group b/tests/log/lastlog/05_lastlog-u_ID/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/gshadow b/tests/log/lastlog/05_lastlog-u_ID/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/passwd b/tests/log/lastlog/05_lastlog-u_ID/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/shadow b/tests/log/lastlog/05_lastlog-u_ID/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/05_lastlog-u_ID/data/lastlog.list b/tests/log/lastlog/05_lastlog-u_ID/data/lastlog.list
new file mode 100644
index 0000000..aa542b8
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/data/lastlog.list
@@ -0,0 +1,2 @@
+Username
+bar
diff --git a/tests/log/lastlog/05_lastlog-u_ID/lastlog.test b/tests/log/lastlog/05_lastlog-u_ID/lastlog.test
new file mode 100755
index 0000000..b1de502
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/lastlog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u 1001..."
+lastlog -u 1001> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/06_lastlog-u_name/config.txt b/tests/log/lastlog/06_lastlog-u_name/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/group b/tests/log/lastlog/06_lastlog-u_name/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/gshadow b/tests/log/lastlog/06_lastlog-u_name/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/passwd b/tests/log/lastlog/06_lastlog-u_name/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/shadow b/tests/log/lastlog/06_lastlog-u_name/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/06_lastlog-u_name/data/lastlog.list b/tests/log/lastlog/06_lastlog-u_name/data/lastlog.list
new file mode 100644
index 0000000..f886a83
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/data/lastlog.list
@@ -0,0 +1,2 @@
+Username
+baz
diff --git a/tests/log/lastlog/06_lastlog-u_name/lastlog.test b/tests/log/lastlog/06_lastlog-u_name/lastlog.test
new file mode 100755
index 0000000..b17312a
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/lastlog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u baz..."
+lastlog -u baz> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config.txt b/tests/log/lastlog/07_lastlog-u_ID_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/group b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/gshadow b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/passwd b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/shadow b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/data/lastlog.list b/tests/log/lastlog/07_lastlog-u_ID_invalid/data/lastlog.list
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/data/lastlog.list
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/lastlog.test b/tests/log/lastlog/07_lastlog-u_ID_invalid/lastlog.test
new file mode 100755
index 0000000..36d1a2a
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/lastlog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u 1003..."
+lastlog -u 1003> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+diff -au data/lastlog.list tmp/lastlog.out
+echo "OK."
+
+rm -f tmp/lastlog.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config.txt b/tests/log/lastlog/08_lastlog-u_name_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/group b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/gshadow b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/passwd b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/shadow b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/data/lastlog.err b/tests/log/lastlog/08_lastlog-u_name_invalid/data/lastlog.err
new file mode 100644
index 0000000..c604c0e
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: Unknown user or range: me
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/lastlog.test b/tests/log/lastlog/08_lastlog-u_name_invalid/lastlog.test
new file mode 100755
index 0000000..66fdad0
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u me..."
+lastlog -u me 2>tmp/lastlog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/09_lastlog-u_range/config.txt b/tests/log/lastlog/09_lastlog-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/group b/tests/log/lastlog/09_lastlog-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/gshadow b/tests/log/lastlog/09_lastlog-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/passwd b/tests/log/lastlog/09_lastlog-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/shadow b/tests/log/lastlog/09_lastlog-u_range/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/09_lastlog-u_range/data/lastlog.list b/tests/log/lastlog/09_lastlog-u_range/data/lastlog.list
new file mode 100644
index 0000000..0d06c77
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/data/lastlog.list
@@ -0,0 +1,7 @@
+Username
+bar
+list
+irc
+gnats
+Debian-exim
+foo
diff --git a/tests/log/lastlog/09_lastlog-u_range/lastlog.test b/tests/log/lastlog/09_lastlog-u_range/lastlog.test
new file mode 100755
index 0000000..232d088
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/lastlog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u 38-1001..."
+lastlog -u 38-1001> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config.txt b/tests/log/lastlog/10_lastlog-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/group b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/gshadow b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/passwd b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/shadow b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/data/lastlog.list b/tests/log/lastlog/10_lastlog-u_open_range/data/lastlog.list
new file mode 100644
index 0000000..692874a
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/data/lastlog.list
@@ -0,0 +1,21 @@
+Username
+root
+daemon
+bin
+bar
+sys
+sync
+games
+man
+lp
+mail
+news
+uucp
+proxy
+www-data
+backup
+list
+irc
+gnats
+Debian-exim
+foo
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/lastlog.test b/tests/log/lastlog/10_lastlog-u_open_range/lastlog.test
new file mode 100755
index 0000000..5bc3d6b
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/lastlog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog supports open ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u -1001..."
+lastlog -u -1001> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config.txt b/tests/log/lastlog/11_lastlog-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/group b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/gshadow b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/passwd b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/shadow b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/data/lastlog.list b/tests/log/lastlog/11_lastlog-u_range_open/data/lastlog.list
new file mode 100644
index 0000000..4ad4379
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/data/lastlog.list
@@ -0,0 +1,9 @@
+Username
+bar
+list
+irc
+gnats
+nobody
+Debian-exim
+foo
+baz
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/lastlog.test b/tests/log/lastlog/11_lastlog-u_range_open/lastlog.test
new file mode 100755
index 0000000..ab36308
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/lastlog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog supports open ranges (2)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u 38-..."
+lastlog -u 38-> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config.txt b/tests/log/lastlog/12_lastlog-u_range_invalid1/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/group b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/gshadow b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/passwd b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/shadow b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/data/lastlog.err b/tests/log/lastlog/12_lastlog-u_range_invalid1/data/lastlog.err
new file mode 100644
index 0000000..1341607
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: Unknown user or range: foo-bar
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/lastlog.test b/tests/log/lastlog/12_lastlog-u_range_invalid1/lastlog.test
new file mode 100755
index 0000000..85879b2
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u foo-bar..."
+lastlog -u foo-bar 2>tmp/lastlog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config.txt b/tests/log/lastlog/13_lastlog-u_range_invalid2/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/group b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/gshadow b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/passwd b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/shadow b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/data/lastlog.err b/tests/log/lastlog/13_lastlog-u_range_invalid2/data/lastlog.err
new file mode 100644
index 0000000..cff222b
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: Unknown user or range: foo-
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/lastlog.test b/tests/log/lastlog/13_lastlog-u_range_invalid2/lastlog.test
new file mode 100755
index 0000000..6d6d09b
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u foo-..."
+lastlog -u foo- 2>tmp/lastlog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config.txt b/tests/log/lastlog/14_lastlog-u_range_invalid3/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/group b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/gshadow b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/passwd b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/shadow b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/data/lastlog.err b/tests/log/lastlog/14_lastlog-u_range_invalid3/data/lastlog.err
new file mode 100644
index 0000000..999f9a2
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: Unknown user or range: -foo
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/lastlog.test b/tests/log/lastlog/14_lastlog-u_range_invalid3/lastlog.test
new file mode 100755
index 0000000..6cd61ef
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u -foo..."
+lastlog -u -foo 2>tmp/lastlog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/15_lastlog_bad_option/config.txt b/tests/log/lastlog/15_lastlog_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/group b/tests/log/lastlog/15_lastlog_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/gshadow b/tests/log/lastlog/15_lastlog_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/passwd b/tests/log/lastlog/15_lastlog_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/shadow b/tests/log/lastlog/15_lastlog_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/15_lastlog_bad_option/data/usage.out b/tests/log/lastlog/15_lastlog_bad_option/data/usage.out
new file mode 100644
index 0000000..fe1385a
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/data/usage.out
@@ -0,0 +1,10 @@
+lastlog: invalid option -- 'Z'
+Usage: lastlog [options]
+
+Options:
+ -b, --before DAYS print only lastlog records older than DAYS
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+ -t, --time DAYS print only lastlog records more recent than DAYS
+ -u, --user LOGIN print lastlog record of the specified LOGIN
+
diff --git a/tests/log/lastlog/15_lastlog_bad_option/lastlog.test b/tests/log/lastlog/15_lastlog_bad_option/lastlog.test
new file mode 100755
index 0000000..9e56fe2
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/lastlog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get lastlog usage (lastlog -Z)..."
+lastlog -Z 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config.txt b/tests/log/lastlog/16_lastlog_extra_arg/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/group b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/gshadow b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/passwd b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/shadow b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/data/usage.out b/tests/log/lastlog/16_lastlog_extra_arg/data/usage.out
new file mode 100644
index 0000000..ab3455b
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/data/usage.out
@@ -0,0 +1,10 @@
+lastlog: unexpected argument: foo
+Usage: lastlog [options]
+
+Options:
+ -b, --before DAYS print only lastlog records older than DAYS
+ -h, --help display this help message and exit
+ -R, --root CHROOT_DIR directory to chroot into
+ -t, --time DAYS print only lastlog records more recent than DAYS
+ -u, --user LOGIN print lastlog record of the specified LOGIN
+
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/lastlog.test b/tests/log/lastlog/16_lastlog_extra_arg/lastlog.test
new file mode 100755
index 0000000..387c292
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/lastlog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog checks if there are extra arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get lastlog usage (lastlog foo)..."
+lastlog foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/17_lastlog-t/config.txt b/tests/log/lastlog/17_lastlog-t/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/group b/tests/log/lastlog/17_lastlog-t/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/gshadow b/tests/log/lastlog/17_lastlog-t/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/passwd b/tests/log/lastlog/17_lastlog-t/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/shadow b/tests/log/lastlog/17_lastlog-t/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/17_lastlog-t/data/lastlog.list b/tests/log/lastlog/17_lastlog-t/data/lastlog.list
new file mode 100644
index 0000000..f81812d
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/data/lastlog.list
@@ -0,0 +1,3 @@
+Username
+bar
+foo
diff --git a/tests/log/lastlog/17_lastlog-t/lastlog.test b/tests/log/lastlog/17_lastlog-t/lastlog.test
new file mode 100755
index 0000000..a000cae
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/lastlog.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=2 ./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=4 ./login.exp baz
+echo "OK"
+
+echo -n "lastlog..."
+lastlog -t 3 > tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/17_lastlog-t/login.exp b/tests/log/lastlog/17_lastlog-t/login.exp
new file mode 100755
index 0000000..a005233
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/login.exp
@@ -0,0 +1,19 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -p -f $user\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/lastlog/18_lastlog-b/config.txt b/tests/log/lastlog/18_lastlog-b/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/group b/tests/log/lastlog/18_lastlog-b/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/gshadow b/tests/log/lastlog/18_lastlog-b/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/passwd b/tests/log/lastlog/18_lastlog-b/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/shadow b/tests/log/lastlog/18_lastlog-b/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/18_lastlog-b/data/lastlog.list b/tests/log/lastlog/18_lastlog-b/data/lastlog.list
new file mode 100644
index 0000000..219b8da
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/data/lastlog.list
@@ -0,0 +1,21 @@
+Username
+root
+daemon
+bin
+sys
+sync
+games
+man
+lp
+mail
+news
+uucp
+proxy
+www-data
+backup
+list
+irc
+gnats
+nobody
+Debian-exim
+baz
diff --git a/tests/log/lastlog/18_lastlog-b/lastlog.test b/tests/log/lastlog/18_lastlog-b/lastlog.test
new file mode 100755
index 0000000..17349a3
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/lastlog.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=2 ./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=4 ./login.exp baz
+echo "OK"
+
+echo -n "lastlog..."
+lastlog -b 3 > tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/18_lastlog-b/login.exp b/tests/log/lastlog/18_lastlog-b/login.exp
new file mode 100755
index 0000000..a005233
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/login.exp
@@ -0,0 +1,19 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set user [lindex $argv 0]
+} else {
+ set user "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -p -f $user\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config.txt b/tests/log/lastlog/19_lastlog-t_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/group b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/gshadow b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/passwd b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/shadow b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/data/lastlog.err b/tests/log/lastlog/19_lastlog-t_invalid/data/lastlog.err
new file mode 100644
index 0000000..8197db7
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: invalid numeric argument '-2'
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/lastlog.test b/tests/log/lastlog/19_lastlog-t_invalid/lastlog.test
new file mode 100755
index 0000000..50f71b5
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -t -2..."
+lastlog -t -2 2>tmp/lastlog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config.txt b/tests/log/lastlog/20_lastlog-b_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/group b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/gshadow b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/passwd b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/shadow b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/data/lastlog.err b/tests/log/lastlog/20_lastlog-b_invalid/data/lastlog.err
new file mode 100644
index 0000000..34429d4
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: invalid numeric argument '2a'
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/lastlog.test b/tests/log/lastlog/20_lastlog-b_invalid/lastlog.test
new file mode 100755
index 0000000..af96813
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid -b argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -t 2a..."
+lastlog -b 2a 2>tmp/lastlog.err && exit 1 || {
+ status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/login/01_login_prompt/config.txt b/tests/login/01_login_prompt/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/login/01_login_prompt/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/login/01_login_prompt/config/etc/group b/tests/login/01_login_prompt/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/login/01_login_prompt/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/login/01_login_prompt/config/etc/gshadow b/tests/login/01_login_prompt/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/login/01_login_prompt/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/login/01_login_prompt/config/etc/login.defs b/tests/login/01_login_prompt/config/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/login/01_login_prompt/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/login/01_login_prompt/config/etc/passwd b/tests/login/01_login_prompt/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/login/01_login_prompt/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/login/01_login_prompt/config/etc/shadow b/tests/login/01_login_prompt/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/login/01_login_prompt/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/login/01_login_prompt/login.exp b/tests/login/01_login_prompt/login.exp
new file mode 100755
index 0000000..05323aa
--- /dev/null
+++ b/tests/login/01_login_prompt/login.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login\r"
+expect " login: "
+send "myuser\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "$ "
+
+send "# expect uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+send "id\r"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+send "exit\r"
+
+exit 0
diff --git a/tests/login/01_login_prompt/login.test b/tests/login/01_login_prompt/login.test
new file mode 100755
index 0000000..5ef6e92
--- /dev/null
+++ b/tests/login/01_login_prompt/login.test
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+testname=$(basename $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "try regular login with user prompt"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./login.exp
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/login/02_login_user/config.txt b/tests/login/02_login_user/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/login/02_login_user/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/login/02_login_user/config/etc/group b/tests/login/02_login_user/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/login/02_login_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/login/02_login_user/config/etc/gshadow b/tests/login/02_login_user/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/login/02_login_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/login/02_login_user/config/etc/login.defs b/tests/login/02_login_user/config/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/login/02_login_user/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/login/02_login_user/config/etc/passwd b/tests/login/02_login_user/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/login/02_login_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/login/02_login_user/config/etc/shadow b/tests/login/02_login_user/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/login/02_login_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/login/02_login_user/login.exp b/tests/login/02_login_user/login.exp
new file mode 100755
index 0000000..c8b9b34
--- /dev/null
+++ b/tests/login/02_login_user/login.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login myuser\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "$ "
+
+send "id\r"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+send "exit\r"
+
+exit 0
+
diff --git a/tests/login/02_login_user/login.test b/tests/login/02_login_user/login.test
new file mode 100755
index 0000000..5ef6e92
--- /dev/null
+++ b/tests/login/02_login_user/login.test
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+testname=$(basename $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "try regular login with user prompt"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./login.exp
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/login/03_login_check_tty/config.txt b/tests/login/03_login_check_tty/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/login/03_login_check_tty/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/login/03_login_check_tty/config/etc/group b/tests/login/03_login_check_tty/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/login/03_login_check_tty/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/login/03_login_check_tty/config/etc/gshadow b/tests/login/03_login_check_tty/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/login/03_login_check_tty/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/login/03_login_check_tty/config/etc/login.defs b/tests/login/03_login_check_tty/config/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/login/03_login_check_tty/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/login/03_login_check_tty/config/etc/passwd b/tests/login/03_login_check_tty/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/login/03_login_check_tty/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/login/03_login_check_tty/config/etc/shadow b/tests/login/03_login_check_tty/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/login/03_login_check_tty/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/login/03_login_check_tty/login.exp b/tests/login/03_login_check_tty/login.exp
new file mode 100755
index 0000000..cb51124
--- /dev/null
+++ b/tests/login/03_login_check_tty/login.exp
@@ -0,0 +1,22 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login myuser\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "$ "
+
+send "# expecting c--x-wx--T 88 424242/myuser 5/tty\r"
+expect "$ "
+send "stat -c '%A %t %u/%U %g/%G' `tty`\r"
+expect "crw------- 88 424242/myuser 5/tty\r"
+expect "$ "
+send "exit\r"
+
+exit 0
+
diff --git a/tests/login/03_login_check_tty/login.test b/tests/login/03_login_check_tty/login.test
new file mode 100755
index 0000000..5ef6e92
--- /dev/null
+++ b/tests/login/03_login_check_tty/login.test
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+testname=$(basename $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "try regular login with user prompt"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./login.exp
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/01_create_user/config.txt b/tests/newusers/01_create_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/01_create_user/config.txt
diff --git a/tests/newusers/01_create_user/config/etc/group b/tests/newusers/01_create_user/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/01_create_user/config/etc/gshadow b/tests/newusers/01_create_user/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/01_create_user/config/etc/pam.d/common-password b/tests/newusers/01_create_user/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/01_create_user/config/etc/pam.d/newusers b/tests/newusers/01_create_user/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/01_create_user/config/etc/passwd b/tests/newusers/01_create_user/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/01_create_user/config/etc/shadow b/tests/newusers/01_create_user/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/01_create_user/data/group b/tests/newusers/01_create_user/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/01_create_user/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/01_create_user/data/gshadow b/tests/newusers/01_create_user/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/01_create_user/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/01_create_user/data/newusers.list b/tests/newusers/01_create_user/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/01_create_user/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/01_create_user/data/passwd b/tests/newusers/01_create_user/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/01_create_user/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/01_create_user/data/shadow b/tests/newusers/01_create_user/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/01_create_user/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/01_create_user/newusers.test b/tests/newusers/01_create_user/newusers.test
new file mode 100755
index 0000000..049dd17
--- /dev/null
+++ b/tests/newusers/01_create_user/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/02_update_password/config.txt b/tests/newusers/02_update_password/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/02_update_password/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/02_update_password/config/etc/group b/tests/newusers/02_update_password/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/02_update_password/config/etc/gshadow b/tests/newusers/02_update_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/02_update_password/config/etc/pam.d/common-password b/tests/newusers/02_update_password/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/02_update_password/config/etc/pam.d/newusers b/tests/newusers/02_update_password/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/02_update_password/config/etc/passwd b/tests/newusers/02_update_password/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/02_update_password/config/etc/shadow b/tests/newusers/02_update_password/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/02_update_password/data/newusers.list b/tests/newusers/02_update_password/data/newusers.list
new file mode 100644
index 0000000..cc3b9ad
--- /dev/null
+++ b/tests/newusers/02_update_password/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/02_update_password/data/shadow b/tests/newusers/02_update_password/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/02_update_password/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/02_update_password/newusers.test b/tests/newusers/02_update_password/newusers.test
new file mode 100755
index 0000000..17d08e2
--- /dev/null
+++ b/tests/newusers/02_update_password/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/03_no_update_pid/config.txt b/tests/newusers/03_no_update_pid/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/03_no_update_pid/config/etc/group b/tests/newusers/03_no_update_pid/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/03_no_update_pid/config/etc/gshadow b/tests/newusers/03_no_update_pid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/03_no_update_pid/config/etc/pam.d/common-password b/tests/newusers/03_no_update_pid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/03_no_update_pid/config/etc/pam.d/newusers b/tests/newusers/03_no_update_pid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/03_no_update_pid/config/etc/passwd b/tests/newusers/03_no_update_pid/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/03_no_update_pid/config/etc/shadow b/tests/newusers/03_no_update_pid/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/03_no_update_pid/data/newusers.list b/tests/newusers/03_no_update_pid/data/newusers.list
new file mode 100644
index 0000000..e3128e7
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:4242::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/03_no_update_pid/data/shadow b/tests/newusers/03_no_update_pid/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/03_no_update_pid/newusers.test b/tests/newusers/03_no_update_pid/newusers.test
new file mode 100755
index 0000000..5e59924
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers does not change the pid of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/04_no_update_gid/config.txt b/tests/newusers/04_no_update_gid/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/04_no_update_gid/config/etc/group b/tests/newusers/04_no_update_gid/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/04_no_update_gid/config/etc/gshadow b/tests/newusers/04_no_update_gid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/04_no_update_gid/config/etc/pam.d/common-password b/tests/newusers/04_no_update_gid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/04_no_update_gid/config/etc/pam.d/newusers b/tests/newusers/04_no_update_gid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/04_no_update_gid/config/etc/passwd b/tests/newusers/04_no_update_gid/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/04_no_update_gid/config/etc/shadow b/tests/newusers/04_no_update_gid/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/04_no_update_gid/data/newusers.list b/tests/newusers/04_no_update_gid/data/newusers.list
new file mode 100644
index 0000000..2610f3c
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:4242:4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/04_no_update_gid/data/shadow b/tests/newusers/04_no_update_gid/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/04_no_update_gid/newusers.test b/tests/newusers/04_no_update_gid/newusers.test
new file mode 100755
index 0000000..c1dabfa
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers does not change the gid of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/05_create_user_pid/config.txt b/tests/newusers/05_create_user_pid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config.txt
diff --git a/tests/newusers/05_create_user_pid/config/etc/group b/tests/newusers/05_create_user_pid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/05_create_user_pid/config/etc/gshadow b/tests/newusers/05_create_user_pid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/05_create_user_pid/config/etc/pam.d/common-password b/tests/newusers/05_create_user_pid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/05_create_user_pid/config/etc/pam.d/newusers b/tests/newusers/05_create_user_pid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/05_create_user_pid/config/etc/passwd b/tests/newusers/05_create_user_pid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/05_create_user_pid/config/etc/shadow b/tests/newusers/05_create_user_pid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/05_create_user_pid/data/group b/tests/newusers/05_create_user_pid/data/group
new file mode 100644
index 0000000..96574a5
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4242:
diff --git a/tests/newusers/05_create_user_pid/data/gshadow b/tests/newusers/05_create_user_pid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/05_create_user_pid/data/newusers.list b/tests/newusers/05_create_user_pid/data/newusers.list
new file mode 100644
index 0000000..f374b1b
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:4242::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/05_create_user_pid/data/passwd b/tests/newusers/05_create_user_pid/data/passwd
new file mode 100644
index 0000000..a45d9a7
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/05_create_user_pid/data/shadow b/tests/newusers/05_create_user_pid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/05_create_user_pid/newusers.test b/tests/newusers/05_create_user_pid/newusers.test
new file mode 100755
index 0000000..d2aa56a
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with a given pid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/06_create_user_gid/config.txt b/tests/newusers/06_create_user_gid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config.txt
diff --git a/tests/newusers/06_create_user_gid/config/etc/group b/tests/newusers/06_create_user_gid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/06_create_user_gid/config/etc/gshadow b/tests/newusers/06_create_user_gid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/06_create_user_gid/config/etc/pam.d/common-password b/tests/newusers/06_create_user_gid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/06_create_user_gid/config/etc/pam.d/newusers b/tests/newusers/06_create_user_gid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/06_create_user_gid/config/etc/passwd b/tests/newusers/06_create_user_gid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/06_create_user_gid/config/etc/shadow b/tests/newusers/06_create_user_gid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/06_create_user_gid/data/group b/tests/newusers/06_create_user_gid/data/group
new file mode 100644
index 0000000..96574a5
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4242:
diff --git a/tests/newusers/06_create_user_gid/data/gshadow b/tests/newusers/06_create_user_gid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/06_create_user_gid/data/newusers.list b/tests/newusers/06_create_user_gid/data/newusers.list
new file mode 100644
index 0000000..50e7505
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/06_create_user_gid/data/passwd b/tests/newusers/06_create_user_gid/data/passwd
new file mode 100644
index 0000000..8ed5455
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/06_create_user_gid/data/shadow b/tests/newusers/06_create_user_gid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/06_create_user_gid/newusers.test b/tests/newusers/06_create_user_gid/newusers.test
new file mode 100755
index 0000000..57cb0d5
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with a given gid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/07_create_user_pid_gid/config.txt b/tests/newusers/07_create_user_pid_gid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config.txt
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/group b/tests/newusers/07_create_user_pid_gid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/gshadow b/tests/newusers/07_create_user_pid_gid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/common-password b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/newusers b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/passwd b/tests/newusers/07_create_user_pid_gid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/shadow b/tests/newusers/07_create_user_pid_gid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/07_create_user_pid_gid/data/group b/tests/newusers/07_create_user_pid_gid/data/group
new file mode 100644
index 0000000..96574a5
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4242:
diff --git a/tests/newusers/07_create_user_pid_gid/data/gshadow b/tests/newusers/07_create_user_pid_gid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/07_create_user_pid_gid/data/newusers.list b/tests/newusers/07_create_user_pid_gid/data/newusers.list
new file mode 100644
index 0000000..1701c92
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:4242:4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/07_create_user_pid_gid/data/passwd b/tests/newusers/07_create_user_pid_gid/data/passwd
new file mode 100644
index 0000000..a45d9a7
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/07_create_user_pid_gid/data/shadow b/tests/newusers/07_create_user_pid_gid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/07_create_user_pid_gid/newusers.test b/tests/newusers/07_create_user_pid_gid/newusers.test
new file mode 100755
index 0000000..e9b0914
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with given pid and gid (both identical)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/08_create_user_pid_other-gid/config.txt b/tests/newusers/08_create_user_pid_other-gid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config.txt
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/group b/tests/newusers/08_create_user_pid_other-gid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/gshadow b/tests/newusers/08_create_user_pid_other-gid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/common-password b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/newusers b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/passwd b/tests/newusers/08_create_user_pid_other-gid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/shadow b/tests/newusers/08_create_user_pid_other-gid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/08_create_user_pid_other-gid/data/group b/tests/newusers/08_create_user_pid_other-gid/data/group
new file mode 100644
index 0000000..b2d9984
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4243:
diff --git a/tests/newusers/08_create_user_pid_other-gid/data/gshadow b/tests/newusers/08_create_user_pid_other-gid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/08_create_user_pid_other-gid/data/newusers.list b/tests/newusers/08_create_user_pid_other-gid/data/newusers.list
new file mode 100644
index 0000000..a71043d
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:4242:4243:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/08_create_user_pid_other-gid/data/passwd b/tests/newusers/08_create_user_pid_other-gid/data/passwd
new file mode 100644
index 0000000..fdefa6c
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:4243:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/08_create_user_pid_other-gid/data/shadow b/tests/newusers/08_create_user_pid_other-gid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/08_create_user_pid_other-gid/newusers.test b/tests/newusers/08_create_user_pid_other-gid/newusers.test
new file mode 100755
index 0000000..66573df
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with given pid and gid (with different id)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config.txt b/tests/newusers/09_create_user_pid-as-user-bar/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config.txt
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/group b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/group
new file mode 100644
index 0000000..7c6bf3a
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1042:
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/gshadow b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/gshadow
new file mode 100644
index 0000000..0586f95
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/common-password b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/newusers b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/passwd b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/passwd
new file mode 100644
index 0000000..26d70f2
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1042::/:/bin/false
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/shadow b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/shadow
new file mode 100644
index 0000000..aa523bd
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/group b/tests/newusers/09_create_user_pid-as-user-bar/data/group
new file mode 100644
index 0000000..90da8d7
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1042:
+foo:x:1043:
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/gshadow b/tests/newusers/09_create_user_pid-as-user-bar/data/gshadow
new file mode 100644
index 0000000..d11bb83
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
+foo:*::
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/newusers.list b/tests/newusers/09_create_user_pid-as-user-bar/data/newusers.list
new file mode 100644
index 0000000..5685534
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:bar::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/passwd b/tests/newusers/09_create_user_pid-as-user-bar/data/passwd
new file mode 100644
index 0000000..5f9155b
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1042::/:/bin/false
+foo:x:1042:1043:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/shadow b/tests/newusers/09_create_user_pid-as-user-bar/data/shadow
new file mode 100644
index 0000000..28046f8
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/newusers.test b/tests/newusers/09_create_user_pid-as-user-bar/newusers.test
new file mode 100755
index 0000000..93deeb2
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with the pid of a named user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config.txt b/tests/newusers/10_create_user_gid-as-group-bar/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config.txt
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/group b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/group
new file mode 100644
index 0000000..4e6b697
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1043:
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/gshadow b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/gshadow
new file mode 100644
index 0000000..0586f95
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/common-password b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/newusers b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/passwd b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/passwd
new file mode 100644
index 0000000..901ce16
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1043::/:/bin/false
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/shadow b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/shadow
new file mode 100644
index 0000000..aa523bd
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/data/newusers.list b/tests/newusers/10_create_user_gid-as-group-bar/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/data/passwd b/tests/newusers/10_create_user_gid-as-group-bar/data/passwd
new file mode 100644
index 0000000..e474273
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1043::/:/bin/false
+foo:x:1043:1043:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/data/shadow b/tests/newusers/10_create_user_gid-as-group-bar/data/shadow
new file mode 100644
index 0000000..28046f8
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/newusers.test b/tests/newusers/10_create_user_gid-as-group-bar/newusers.test
new file mode 100755
index 0000000..ba852a4
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with the gid of a named group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/11_update_gecos/config.txt b/tests/newusers/11_update_gecos/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/11_update_gecos/config/etc/group b/tests/newusers/11_update_gecos/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/11_update_gecos/config/etc/gshadow b/tests/newusers/11_update_gecos/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/11_update_gecos/config/etc/pam.d/common-password b/tests/newusers/11_update_gecos/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/11_update_gecos/config/etc/pam.d/newusers b/tests/newusers/11_update_gecos/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/11_update_gecos/config/etc/passwd b/tests/newusers/11_update_gecos/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/11_update_gecos/config/etc/shadow b/tests/newusers/11_update_gecos/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/11_update_gecos/data/newusers.list b/tests/newusers/11_update_gecos/data/newusers.list
new file mode 100644
index 0000000..d4ac60c
--- /dev/null
+++ b/tests/newusers/11_update_gecos/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field - updated::/bin/sh
diff --git a/tests/newusers/11_update_gecos/data/passwd b/tests/newusers/11_update_gecos/data/passwd
new file mode 100644
index 0000000..c84bc61
--- /dev/null
+++ b/tests/newusers/11_update_gecos/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field - updated::/bin/sh
diff --git a/tests/newusers/11_update_gecos/data/shadow b/tests/newusers/11_update_gecos/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/11_update_gecos/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/11_update_gecos/newusers.test b/tests/newusers/11_update_gecos/newusers.test
new file mode 100755
index 0000000..fb57724
--- /dev/null
+++ b/tests/newusers/11_update_gecos/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the gecos of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/12_update_shell/config.txt b/tests/newusers/12_update_shell/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/12_update_shell/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/12_update_shell/config/etc/group b/tests/newusers/12_update_shell/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/12_update_shell/config/etc/gshadow b/tests/newusers/12_update_shell/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/12_update_shell/config/etc/pam.d/common-password b/tests/newusers/12_update_shell/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/12_update_shell/config/etc/pam.d/newusers b/tests/newusers/12_update_shell/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/12_update_shell/config/etc/passwd b/tests/newusers/12_update_shell/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/12_update_shell/config/etc/shadow b/tests/newusers/12_update_shell/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/12_update_shell/data/newusers.list b/tests/newusers/12_update_shell/data/newusers.list
new file mode 100644
index 0000000..55add69
--- /dev/null
+++ b/tests/newusers/12_update_shell/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/bash
diff --git a/tests/newusers/12_update_shell/data/passwd b/tests/newusers/12_update_shell/data/passwd
new file mode 100644
index 0000000..8fc494c
--- /dev/null
+++ b/tests/newusers/12_update_shell/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/bash
diff --git a/tests/newusers/12_update_shell/data/shadow b/tests/newusers/12_update_shell/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/12_update_shell/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/12_update_shell/newusers.test b/tests/newusers/12_update_shell/newusers.test
new file mode 100755
index 0000000..aca2591
--- /dev/null
+++ b/tests/newusers/12_update_shell/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the shell of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/13_create_user_new-home/config.txt b/tests/newusers/13_create_user_new-home/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config.txt
diff --git a/tests/newusers/13_create_user_new-home/config/etc/group b/tests/newusers/13_create_user_new-home/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/13_create_user_new-home/config/etc/gshadow b/tests/newusers/13_create_user_new-home/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/13_create_user_new-home/config/etc/pam.d/common-password b/tests/newusers/13_create_user_new-home/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/13_create_user_new-home/config/etc/pam.d/newusers b/tests/newusers/13_create_user_new-home/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/13_create_user_new-home/config/etc/passwd b/tests/newusers/13_create_user_new-home/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/13_create_user_new-home/config/etc/shadow b/tests/newusers/13_create_user_new-home/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/13_create_user_new-home/data/group b/tests/newusers/13_create_user_new-home/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/13_create_user_new-home/data/gshadow b/tests/newusers/13_create_user_new-home/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/13_create_user_new-home/data/home_ls-a b/tests/newusers/13_create_user_new-home/data/home_ls-a
new file mode 100644
index 0000000..81b7cb2
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/home_ls-a
@@ -0,0 +1,2 @@
+drwxr-xr-x foo:foo `/tmp/test-newusers/.'
+drwxrwxrwt root:root `/tmp/test-newusers/..'
diff --git a/tests/newusers/13_create_user_new-home/data/newusers.list b/tests/newusers/13_create_user_new-home/data/newusers.list
new file mode 100644
index 0000000..d2dacfd
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field:/tmp/test-newusers:/bin/sh
diff --git a/tests/newusers/13_create_user_new-home/data/passwd b/tests/newusers/13_create_user_new-home/data/passwd
new file mode 100644
index 0000000..a6c525b
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field:/tmp/test-newusers:/bin/sh
diff --git a/tests/newusers/13_create_user_new-home/data/shadow b/tests/newusers/13_create_user_new-home/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/13_create_user_new-home/newusers.test b/tests/newusers/13_create_user_new-home/newusers.test
new file mode 100755
index 0000000..3a693c1
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/newusers.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers creates the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Home directory does not exist yet..."
+test ! -d /tmp/test-newusers
+echo "OK"
+
+trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+echo -n "Home directory was created..."
+test -d /tmp/test-newusers
+echo "OK"
+
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+
+echo -n "Removing home directory..."
+rm -rf /tmp/test-newusers
+echo "OK"
+
+# cleanup
+rm -f tmp/home_ls-a
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/14_create_user_existing-home/config.txt b/tests/newusers/14_create_user_existing-home/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config.txt
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/group b/tests/newusers/14_create_user_existing-home/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/gshadow b/tests/newusers/14_create_user_existing-home/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/pam.d/common-password b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/pam.d/newusers b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/passwd b/tests/newusers/14_create_user_existing-home/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/shadow b/tests/newusers/14_create_user_existing-home/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/14_create_user_existing-home/data/group b/tests/newusers/14_create_user_existing-home/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/14_create_user_existing-home/data/gshadow b/tests/newusers/14_create_user_existing-home/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/14_create_user_existing-home/data/home_ls-a b/tests/newusers/14_create_user_existing-home/data/home_ls-a
new file mode 100644
index 0000000..50cd7c4
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/home_ls-a
@@ -0,0 +1,2 @@
+drwxr-xr-x root:root `/tmp/test-newusers/.'
+drwxrwxrwt root:root `/tmp/test-newusers/..'
diff --git a/tests/newusers/14_create_user_existing-home/data/newusers.list b/tests/newusers/14_create_user_existing-home/data/newusers.list
new file mode 100644
index 0000000..d2dacfd
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field:/tmp/test-newusers:/bin/sh
diff --git a/tests/newusers/14_create_user_existing-home/data/passwd b/tests/newusers/14_create_user_existing-home/data/passwd
new file mode 100644
index 0000000..a6c525b
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field:/tmp/test-newusers:/bin/sh
diff --git a/tests/newusers/14_create_user_existing-home/data/shadow b/tests/newusers/14_create_user_existing-home/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/14_create_user_existing-home/newusers.test b/tests/newusers/14_create_user_existing-home/newusers.test
new file mode 100755
index 0000000..1410aa2
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/newusers.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with an existing home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Home directory does not exist yet..."
+test ! -d /tmp/test-newusers
+echo "OK"
+
+mkdir /tmp/test-newusers
+
+trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+echo -n "Home directory was created..."
+test -d /tmp/test-newusers
+echo "OK"
+
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+
+echo -n "Removing home directory..."
+rm -rf /tmp/test-newusers
+echo "OK"
+
+# cleanup
+rm -f tmp/home_ls-a
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/15_update_new-home/config.txt b/tests/newusers/15_update_new-home/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/15_update_new-home/config/etc/group b/tests/newusers/15_update_new-home/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/15_update_new-home/config/etc/gshadow b/tests/newusers/15_update_new-home/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/15_update_new-home/config/etc/pam.d/common-password b/tests/newusers/15_update_new-home/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/15_update_new-home/config/etc/pam.d/newusers b/tests/newusers/15_update_new-home/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/15_update_new-home/config/etc/passwd b/tests/newusers/15_update_new-home/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/15_update_new-home/config/etc/shadow b/tests/newusers/15_update_new-home/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/15_update_new-home/data/home_ls-a b/tests/newusers/15_update_new-home/data/home_ls-a
new file mode 100644
index 0000000..81b7cb2
--- /dev/null
+++ b/tests/newusers/15_update_new-home/data/home_ls-a
@@ -0,0 +1,2 @@
+drwxr-xr-x foo:foo `/tmp/test-newusers/.'
+drwxrwxrwt root:root `/tmp/test-newusers/..'
diff --git a/tests/newusers/15_update_new-home/data/newusers.list b/tests/newusers/15_update_new-home/data/newusers.list
new file mode 100644
index 0000000..b2025de
--- /dev/null
+++ b/tests/newusers/15_update_new-home/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field:/tmp/test-newusers:/bin/bash
diff --git a/tests/newusers/15_update_new-home/data/passwd b/tests/newusers/15_update_new-home/data/passwd
new file mode 100644
index 0000000..1db48b7
--- /dev/null
+++ b/tests/newusers/15_update_new-home/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field:/tmp/test-newusers:/bin/bash
diff --git a/tests/newusers/15_update_new-home/data/shadow b/tests/newusers/15_update_new-home/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/15_update_new-home/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/15_update_new-home/newusers.test b/tests/newusers/15_update_new-home/newusers.test
new file mode 100755
index 0000000..bc20ecf
--- /dev/null
+++ b/tests/newusers/15_update_new-home/newusers.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+# TODO: check what happens to the old home
+log_start "$0" "newusers can update the home directory of an user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Home directory does not exist yet..."
+test ! -d /tmp/test-newusers
+echo "OK"
+
+trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+echo -n "Home directory was created..."
+test -d /tmp/test-newusers
+echo "OK"
+
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+
+echo -n "Removing home directory..."
+rm -rf /tmp/test-newusers
+echo "OK"
+
+# cleanup
+rm -f tmp/home_ls-a
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/16_update_existing-home/config.txt b/tests/newusers/16_update_existing-home/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/16_update_existing-home/config/etc/group b/tests/newusers/16_update_existing-home/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/16_update_existing-home/config/etc/gshadow b/tests/newusers/16_update_existing-home/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/16_update_existing-home/config/etc/pam.d/common-password b/tests/newusers/16_update_existing-home/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/16_update_existing-home/config/etc/pam.d/newusers b/tests/newusers/16_update_existing-home/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/16_update_existing-home/config/etc/passwd b/tests/newusers/16_update_existing-home/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/16_update_existing-home/config/etc/shadow b/tests/newusers/16_update_existing-home/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/16_update_existing-home/data/home_ls-a b/tests/newusers/16_update_existing-home/data/home_ls-a
new file mode 100644
index 0000000..50cd7c4
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/data/home_ls-a
@@ -0,0 +1,2 @@
+drwxr-xr-x root:root `/tmp/test-newusers/.'
+drwxrwxrwt root:root `/tmp/test-newusers/..'
diff --git a/tests/newusers/16_update_existing-home/data/newusers.list b/tests/newusers/16_update_existing-home/data/newusers.list
new file mode 100644
index 0000000..b2025de
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field:/tmp/test-newusers:/bin/bash
diff --git a/tests/newusers/16_update_existing-home/data/passwd b/tests/newusers/16_update_existing-home/data/passwd
new file mode 100644
index 0000000..1db48b7
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field:/tmp/test-newusers:/bin/bash
diff --git a/tests/newusers/16_update_existing-home/data/shadow b/tests/newusers/16_update_existing-home/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/16_update_existing-home/newusers.test b/tests/newusers/16_update_existing-home/newusers.test
new file mode 100755
index 0000000..1d901fa
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/newusers.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the home directory of an user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Home directory does not exist yet..."
+test ! -d /tmp/test-newusers
+echo "OK"
+
+mkdir /tmp/test-newusers
+trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+echo -n "Home directory was created..."
+test -d /tmp/test-newusers
+echo "OK"
+
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+
+echo -n "Removing home directory..."
+rm -rf /tmp/test-newusers
+echo "OK"
+
+# cleanup
+rm -f tmp/home_ls-a
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/17_create_user_pid-already-used/config.txt b/tests/newusers/17_create_user_pid-already-used/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config.txt
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/group b/tests/newusers/17_create_user_pid-already-used/config/etc/group
new file mode 100644
index 0000000..7c6bf3a
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1042:
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/gshadow b/tests/newusers/17_create_user_pid-already-used/config/etc/gshadow
new file mode 100644
index 0000000..0586f95
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/common-password b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/newusers b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/passwd b/tests/newusers/17_create_user_pid-already-used/config/etc/passwd
new file mode 100644
index 0000000..26d70f2
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1042::/:/bin/false
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/shadow b/tests/newusers/17_create_user_pid-already-used/config/etc/shadow
new file mode 100644
index 0000000..aa523bd
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/newusers/17_create_user_pid-already-used/data/group b/tests/newusers/17_create_user_pid-already-used/data/group
new file mode 100644
index 0000000..90da8d7
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1042:
+foo:x:1043:
diff --git a/tests/newusers/17_create_user_pid-already-used/data/gshadow b/tests/newusers/17_create_user_pid-already-used/data/gshadow
new file mode 100644
index 0000000..d11bb83
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
+foo:*::
diff --git a/tests/newusers/17_create_user_pid-already-used/data/newusers.list b/tests/newusers/17_create_user_pid-already-used/data/newusers.list
new file mode 100644
index 0000000..f1c75fe
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:1042::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/17_create_user_pid-already-used/data/passwd b/tests/newusers/17_create_user_pid-already-used/data/passwd
new file mode 100644
index 0000000..5f9155b
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1042::/:/bin/false
+foo:x:1042:1043:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/17_create_user_pid-already-used/data/shadow b/tests/newusers/17_create_user_pid-already-used/data/shadow
new file mode 100644
index 0000000..28046f8
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/17_create_user_pid-already-used/newusers.test b/tests/newusers/17_create_user_pid-already-used/newusers.test
new file mode 100755
index 0000000..8546a9b
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with a pid already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/18_create_user_gid-already-used/config.txt b/tests/newusers/18_create_user_gid-already-used/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config.txt
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/group b/tests/newusers/18_create_user_gid-already-used/config/etc/group
new file mode 100644
index 0000000..4e6b697
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1043:
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/gshadow b/tests/newusers/18_create_user_gid-already-used/config/etc/gshadow
new file mode 100644
index 0000000..0586f95
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/common-password b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/newusers b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/passwd b/tests/newusers/18_create_user_gid-already-used/config/etc/passwd
new file mode 100644
index 0000000..901ce16
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1043::/:/bin/false
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/shadow b/tests/newusers/18_create_user_gid-already-used/config/etc/shadow
new file mode 100644
index 0000000..aa523bd
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/newusers/18_create_user_gid-already-used/data/newusers.list b/tests/newusers/18_create_user_gid-already-used/data/newusers.list
new file mode 100644
index 0000000..1714418
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::1043:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/18_create_user_gid-already-used/data/passwd b/tests/newusers/18_create_user_gid-already-used/data/passwd
new file mode 100644
index 0000000..e474273
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1043::/:/bin/false
+foo:x:1043:1043:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/18_create_user_gid-already-used/data/shadow b/tests/newusers/18_create_user_gid-already-used/data/shadow
new file mode 100644
index 0000000..28046f8
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/18_create_user_gid-already-used/newusers.test b/tests/newusers/18_create_user_gid-already-used/newusers.test
new file mode 100755
index 0000000..7b15be8
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with a gid already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/19_update_keep-old-home/config.txt b/tests/newusers/19_update_keep-old-home/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/group b/tests/newusers/19_update_keep-old-home/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/gshadow b/tests/newusers/19_update_keep-old-home/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/pam.d/common-password b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/pam.d/newusers b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/passwd b/tests/newusers/19_update_keep-old-home/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/shadow b/tests/newusers/19_update_keep-old-home/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/19_update_keep-old-home/data/home_ls-a b/tests/newusers/19_update_keep-old-home/data/home_ls-a
new file mode 100644
index 0000000..85833ad
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/data/home_ls-a
@@ -0,0 +1,2 @@
+drwxr-xr-x foo:foo `/tmp/test-newusers2/.'
+drwxrwxrwt root:root `/tmp/test-newusers2/..'
diff --git a/tests/newusers/19_update_keep-old-home/data/home_ls-a.old b/tests/newusers/19_update_keep-old-home/data/home_ls-a.old
new file mode 100644
index 0000000..c8d0412
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/data/home_ls-a.old
@@ -0,0 +1,3 @@
+-rw-r--r-- root:root `/tmp/test-newusers/foo'
+drwxr-xr-x root:root `/tmp/test-newusers/.'
+drwxrwxrwt root:root `/tmp/test-newusers/..'
diff --git a/tests/newusers/19_update_keep-old-home/data/newusers.list b/tests/newusers/19_update_keep-old-home/data/newusers.list
new file mode 100644
index 0000000..7864ffe
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field:/tmp/test-newusers2:/bin/bash
diff --git a/tests/newusers/19_update_keep-old-home/data/passwd b/tests/newusers/19_update_keep-old-home/data/passwd
new file mode 100644
index 0000000..23cd129
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field:/tmp/test-newusers2:/bin/bash
diff --git a/tests/newusers/19_update_keep-old-home/data/shadow b/tests/newusers/19_update_keep-old-home/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/19_update_keep-old-home/newusers.test b/tests/newusers/19_update_keep-old-home/newusers.test
new file mode 100755
index 0000000..74eea45
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/newusers.test
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+# I don't know if it's really a feature
+log_start "$0" "newusers keeps the old home when changing the home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Home directory does not exist yet..."
+test ! -d /tmp/test-newusers
+echo "OK"
+
+mkdir /tmp/test-newusers
+echo foo > /tmp/test-newusers/foo
+trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+echo -n "Home directory was created..."
+test -d /tmp/test-newusers2
+echo "OK"
+echo -n "Old home directory is still there..."
+test -d /tmp/test-newusers
+echo "OK"
+
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a.old
+diff -rauN data/home_ls-a.old tmp/home_ls-a.old
+echo "OK"
+echo -n "Check content of /tmp/test-newusers2..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers2/* /tmp/test-newusers2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+
+echo -n "Removing home directories..."
+rm -rf /tmp/test-newusers /tmp/test-newusers2
+echo "OK"
+
+# cleanup
+rm -f tmp/home_ls-a tmp/home_ls-a.old
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/20_multiple_users/config.txt b/tests/newusers/20_multiple_users/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/20_multiple_users/config/etc/group b/tests/newusers/20_multiple_users/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/20_multiple_users/config/etc/gshadow b/tests/newusers/20_multiple_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/20_multiple_users/config/etc/pam.d/common-password b/tests/newusers/20_multiple_users/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/20_multiple_users/config/etc/pam.d/newusers b/tests/newusers/20_multiple_users/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/20_multiple_users/config/etc/passwd b/tests/newusers/20_multiple_users/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/20_multiple_users/config/etc/shadow b/tests/newusers/20_multiple_users/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/20_multiple_users/data/group b/tests/newusers/20_multiple_users/data/group
new file mode 100644
index 0000000..ee3ddc0
--- /dev/null
+++ b/tests/newusers/20_multiple_users/data/group
@@ -0,0 +1,58 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
+foo1:x:1000:
+foo1a:x:1001:
+foo2:x:2000:
+foo3:x:2001:
+foo4:x:3000:
+foo5:x:3005:
+foo6:x:3002:
+foo7:x:61000:
+foo8:x:3003:
+foo9:x:3006:
+foo10:x:3004:
+foo11:x:63000:
+foo12:x:3007:
+foo13:x:3008:
+foo14:x:59000:
+foo15:x:59001:
diff --git a/tests/newusers/20_multiple_users/data/gshadow b/tests/newusers/20_multiple_users/data/gshadow
new file mode 100644
index 0000000..37b6caa
--- /dev/null
+++ b/tests/newusers/20_multiple_users/data/gshadow
@@ -0,0 +1,57 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo1a:*::
+foo2:*::
+foo3:*::
+foo4:*::
+foo5:*::
+foo6:*::
+foo7:*::
+foo8:*::
+foo9:*::
+foo10:*::
+foo11:*::
+foo12:*::
+foo13:*::
+foo14:*::
+foo15:*::
diff --git a/tests/newusers/20_multiple_users/data/newusers.list b/tests/newusers/20_multiple_users/data/newusers.list
new file mode 100644
index 0000000..68d54c2
--- /dev/null
+++ b/tests/newusers/20_multiple_users/data/newusers.list
@@ -0,0 +1,17 @@
+foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh
+foo1a:foo1aPas:foo1::User Foo - Gecos Field::/bin/sh
+foo1b:foo1bPas::foo1a:User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:2000:2000:User Foo - Gecos Field::/bin/sh
+foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh
+foo4:foo4Pass:3000::User Foo - Gecos Field::/bin/sh
+foo5:foo5Pass::3005:User Foo - Gecos Field::/bin/sh
+foo6:foo6Pass:::User Foo - Gecos Field::/bin/sh
+foo7:foo7Pass:61000:61000:User Foo - Gecos Field::/bin/sh
+foo8:foo8Pass:::User Foo - Gecos Field::/bin/sh
+foo9:foo9Pass:62000::User Foo - Gecos Field::/bin/sh
+foo10:foo10Pas:::User Foo - Gecos Field::/bin/sh
+foo11:foo11Pas::63000:User Foo - Gecos Field::/bin/sh
+foo12:foo12Pas:::User Foo - Gecos Field::/bin/sh
+foo13:foo13Pas:::User Foo - Gecos Field::/bin/sh
+foo14:foo14Pas:59000::User Foo - Gecos Field::/bin/sh
+foo15:foo15Pas:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/20_multiple_users/data/passwd b/tests/newusers/20_multiple_users/data/passwd
new file mode 100644
index 0000000..1dde7d5
--- /dev/null
+++ b/tests/newusers/20_multiple_users/data/passwd
@@ -0,0 +1,37 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
+foo1:x:1000:1000:User Foo - Gecos Field::/bin/sh
+foo1a:x:1000:1001:User Foo - Gecos Field::/bin/sh
+foo1b:x:1001:1001:User Foo - Gecos Field::/bin/sh
+foo2:x:2000:2000:User Foo - Gecos Field::/bin/sh
+foo3:x:2001:2001:User Foo - Gecos Field::/bin/sh
+foo4:x:3000:3000:User Foo - Gecos Field::/bin/sh
+foo5:x:3001:3005:User Foo - Gecos Field::/bin/sh
+foo6:x:3002:3002:User Foo - Gecos Field::/bin/sh
+foo7:x:61000:61000:User Foo - Gecos Field::/bin/sh
+foo8:x:3003:3003:User Foo - Gecos Field::/bin/sh
+foo9:x:62000:3006:User Foo - Gecos Field::/bin/sh
+foo10:x:3004:3004:User Foo - Gecos Field::/bin/sh
+foo11:x:3005:63000:User Foo - Gecos Field::/bin/sh
+foo12:x:3006:3007:User Foo - Gecos Field::/bin/sh
+foo13:x:3007:3008:User Foo - Gecos Field::/bin/sh
+foo14:x:59000:59000:User Foo - Gecos Field::/bin/sh
+foo15:x:59001:59001:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/20_multiple_users/data/shadow b/tests/newusers/20_multiple_users/data/shadow
new file mode 100644
index 0000000..f77568e
--- /dev/null
+++ b/tests/newusers/20_multiple_users/data/shadow
@@ -0,0 +1,37 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
+foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7:::
+foo1a:@PASS_DES foo1aPas@:@TODAY@:0:99999:7:::
+foo1b:@PASS_DES foo1bPas@:@TODAY@:0:99999:7:::
+foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7:::
+foo3:@PASS_DES foo3Pass@:@TODAY@:0:99999:7:::
+foo4:@PASS_DES foo4Pass@:@TODAY@:0:99999:7:::
+foo5:@PASS_DES foo5Pass@:@TODAY@:0:99999:7:::
+foo6:@PASS_DES foo6Pass@:@TODAY@:0:99999:7:::
+foo7:@PASS_DES foo7Pass@:@TODAY@:0:99999:7:::
+foo8:@PASS_DES foo8Pass@:@TODAY@:0:99999:7:::
+foo9:@PASS_DES foo9Pass@:@TODAY@:0:99999:7:::
+foo10:@PASS_DES foo10Pas@:@TODAY@:0:99999:7:::
+foo11:@PASS_DES foo11Pas@:@TODAY@:0:99999:7:::
+foo12:@PASS_DES foo12Pas@:@TODAY@:0:99999:7:::
+foo13:@PASS_DES foo13Pas@:@TODAY@:0:99999:7:::
+foo14:@PASS_DES foo14Pas@:@TODAY@:0:99999:7:::
+foo15:@PASS_DES foo15Pas@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/20_multiple_users/newusers.test b/tests/newusers/20_multiple_users/newusers.test
new file mode 100755
index 0000000..8868f63
--- /dev/null
+++ b/tests/newusers/20_multiple_users/newusers.test
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can add multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+cp /etc/shadow /tmp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/21_create_user_UID_MAX/config.txt b/tests/newusers/21_create_user_UID_MAX/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config.txt
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/group b/tests/newusers/21_create_user_UID_MAX/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/gshadow b/tests/newusers/21_create_user_UID_MAX/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/common-password b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/newusers b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/passwd b/tests/newusers/21_create_user_UID_MAX/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/shadow b/tests/newusers/21_create_user_UID_MAX/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/21_create_user_UID_MAX/data/group b/tests/newusers/21_create_user_UID_MAX/data/group
new file mode 100644
index 0000000..f1809d9
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:60000:
+foo2:x:1000:
diff --git a/tests/newusers/21_create_user_UID_MAX/data/gshadow b/tests/newusers/21_create_user_UID_MAX/data/gshadow
new file mode 100644
index 0000000..5e2c5d3
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
diff --git a/tests/newusers/21_create_user_UID_MAX/data/newusers.list b/tests/newusers/21_create_user_UID_MAX/data/newusers.list
new file mode 100644
index 0000000..30e9ec4
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/data/newusers.list
@@ -0,0 +1,2 @@
+foo1:foo1Pass:60000::User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/21_create_user_UID_MAX/data/passwd b/tests/newusers/21_create_user_UID_MAX/data/passwd
new file mode 100644
index 0000000..0af03d5
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:60000:60000:User Foo - Gecos Field::/bin/sh
+foo2:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/21_create_user_UID_MAX/data/shadow b/tests/newusers/21_create_user_UID_MAX/data/shadow
new file mode 100644
index 0000000..e33ca21
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7:::
+foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/21_create_user_UID_MAX/newusers.test b/tests/newusers/21_create_user_UID_MAX/newusers.test
new file mode 100755
index 0000000..bb0e4cf
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers reuses a lower UID when UID_MAX is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/22_create_user_GID_MAX/config.txt b/tests/newusers/22_create_user_GID_MAX/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config.txt
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/group b/tests/newusers/22_create_user_GID_MAX/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/gshadow b/tests/newusers/22_create_user_GID_MAX/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/common-password b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/newusers b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/passwd b/tests/newusers/22_create_user_GID_MAX/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/shadow b/tests/newusers/22_create_user_GID_MAX/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/22_create_user_GID_MAX/data/group b/tests/newusers/22_create_user_GID_MAX/data/group
new file mode 100644
index 0000000..f1809d9
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:60000:
+foo2:x:1000:
diff --git a/tests/newusers/22_create_user_GID_MAX/data/gshadow b/tests/newusers/22_create_user_GID_MAX/data/gshadow
new file mode 100644
index 0000000..5e2c5d3
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
diff --git a/tests/newusers/22_create_user_GID_MAX/data/newusers.list b/tests/newusers/22_create_user_GID_MAX/data/newusers.list
new file mode 100644
index 0000000..08a2eff
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/data/newusers.list
@@ -0,0 +1,2 @@
+foo1:foo1Pass::60000:User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:60000::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/22_create_user_GID_MAX/data/passwd b/tests/newusers/22_create_user_GID_MAX/data/passwd
new file mode 100644
index 0000000..7f7ec76
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:60000:User Foo - Gecos Field::/bin/sh
+foo2:x:60000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/22_create_user_GID_MAX/data/shadow b/tests/newusers/22_create_user_GID_MAX/data/shadow
new file mode 100644
index 0000000..e33ca21
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7:::
+foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/22_create_user_GID_MAX/newusers.test b/tests/newusers/22_create_user_GID_MAX/newusers.test
new file mode 100755
index 0000000..e07b081
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers reuses a lower GID when GID_MAX is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/23_create_user_error_negativ_UID/config.txt b/tests/newusers/23_create_user_error_negativ_UID/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/config.txt
diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/group b/tests/newusers/23_create_user_error_negativ_UID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/gshadow b/tests/newusers/23_create_user_error_negativ_UID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/passwd b/tests/newusers/23_create_user_error_negativ_UID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/shadow b/tests/newusers/23_create_user_error_negativ_UID/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/23_create_user_error_negativ_UID/data/newusers.err b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.err
new file mode 100644
index 0000000..d19a181
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: user '-1' does not exist
+newusers: line 1: can't create user
+newusers: error detected, changes ignored
diff --git a/tests/newusers/23_create_user_error_negativ_UID/data/newusers.list b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.list
new file mode 100644
index 0000000..16f7a03
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:-1::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/23_create_user_error_negativ_UID/newusers.test b/tests/newusers/23_create_user_error_negativ_UID/newusers.test
new file mode 100755
index 0000000..6970422
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails with negativ UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/24_create_user_error_invalid_UID/config.txt b/tests/newusers/24_create_user_error_invalid_UID/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/config.txt
diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/group b/tests/newusers/24_create_user_error_invalid_UID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/gshadow b/tests/newusers/24_create_user_error_invalid_UID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/passwd b/tests/newusers/24_create_user_error_invalid_UID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/shadow b/tests/newusers/24_create_user_error_invalid_UID/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/24_create_user_error_invalid_UID/data/newusers.err b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.err
new file mode 100644
index 0000000..d31a570
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid user ID '1foo'
+newusers: line 1: can't create user
+newusers: error detected, changes ignored
diff --git a/tests/newusers/24_create_user_error_invalid_UID/data/newusers.list b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.list
new file mode 100644
index 0000000..11bf6b7
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:1foo::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/24_create_user_error_invalid_UID/newusers.test b/tests/newusers/24_create_user_error_invalid_UID/newusers.test
new file mode 100755
index 0000000..33d4c8b
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails with invalid UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config.txt b/tests/newusers/25_create_user_error_no_remaining_UID/config.txt
new file mode 100644
index 0000000..63f3a93
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config.txt
@@ -0,0 +1,2 @@
+UID_MIN 1000
+UID_MAX 1001
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/group b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/gshadow b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/login.defs b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/login.defs
new file mode 100644
index 0000000..d404e72
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 1001
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/passwd b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/shadow b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.err b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.err
new file mode 100644
index 0000000..e12137f
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: Can't get unique UID (no more available UIDs)
+newusers: line 3: can't create user
+newusers: error detected, changes ignored
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.list b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.list
new file mode 100644
index 0000000..8d89304
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.list
@@ -0,0 +1,3 @@
+foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:::User Foo - Gecos Field::/bin/sh
+foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/newusers.test b/tests/newusers/25_create_user_error_no_remaining_UID/newusers.test
new file mode 100755
index 0000000..6412388
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/newusers.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails when there are no more available UIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+echo "newusers returned status '$status'"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config.txt b/tests/newusers/26_create_user_error_no_remaining_GID/config.txt
new file mode 100644
index 0000000..06fe808
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config.txt
@@ -0,0 +1,4 @@
+UID_MIN 1000
+UID_MAX 1002
+GID_MIN 1000
+GID_MAX 1001
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/group b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/gshadow b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/login.defs b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/login.defs
new file mode 100644
index 0000000..67a0296
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 1002
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 1001
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/passwd b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/shadow b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.err b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.err
new file mode 100644
index 0000000..1c50637
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: Can't get unique GID (no more available GIDs)
+newusers: line 3: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.list b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.list
new file mode 100644
index 0000000..8d89304
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.list
@@ -0,0 +1,3 @@
+foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:::User Foo - Gecos Field::/bin/sh
+foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/newusers.test b/tests/newusers/26_create_user_error_no_remaining_GID/newusers.test
new file mode 100755
index 0000000..f4c9683
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/newusers.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails when there are no more available GIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+echo "newusers returned status '$status'"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/27_create_user_error_invalid_username/config.txt b/tests/newusers/27_create_user_error_invalid_username/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/config.txt
diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/group b/tests/newusers/27_create_user_error_invalid_username/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/gshadow b/tests/newusers/27_create_user_error_invalid_username/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/passwd b/tests/newusers/27_create_user_error_invalid_username/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/shadow b/tests/newusers/27_create_user_error_invalid_username/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/27_create_user_error_invalid_username/data/newusers.err b/tests/newusers/27_create_user_error_invalid_username/data/newusers.err
new file mode 100644
index 0000000..1781a93
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid group name 'f o o'
+newusers: line 1: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/27_create_user_error_invalid_username/data/newusers.list b/tests/newusers/27_create_user_error_invalid_username/data/newusers.list
new file mode 100644
index 0000000..9b2d68b
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/data/newusers.list
@@ -0,0 +1 @@
+f o o:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/27_create_user_error_invalid_username/newusers.test b/tests/newusers/27_create_user_error_invalid_username/newusers.test
new file mode 100755
index 0000000..7ba2780
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails if the username is invalid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config.txt b/tests/newusers/28_create_user_error_invalid_groupname/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/config.txt
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/group b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/gshadow b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/passwd b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/shadow b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.err b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.err
new file mode 100644
index 0000000..1781a93
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid group name 'f o o'
+newusers: line 1: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.list b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.list
new file mode 100644
index 0000000..f57cf94
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::f o o:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/newusers.test b/tests/newusers/28_create_user_error_invalid_groupname/newusers.test
new file mode 100755
index 0000000..6503bf1
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails if the groupname is invalid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config.txt b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config.txt
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/group b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/gshadow b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/passwd b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/shadow b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.err b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.err
new file mode 100644
index 0000000..420b076
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid user name 'f o o'
+newusers: line 1: can't create user
+newusers: error detected, changes ignored
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.list b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.list
new file mode 100644
index 0000000..6f74caf
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.list
@@ -0,0 +1 @@
+f o o:fooPass::foo:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test
new file mode 100755
index 0000000..9131db7
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails if the username is invalid (even if groupname is valid)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/30_create_user_different_groupname/config.txt b/tests/newusers/30_create_user_different_groupname/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config.txt
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/group b/tests/newusers/30_create_user_different_groupname/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/gshadow b/tests/newusers/30_create_user_different_groupname/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/common-password b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/newusers b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/passwd b/tests/newusers/30_create_user_different_groupname/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/shadow b/tests/newusers/30_create_user_different_groupname/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/30_create_user_different_groupname/data/group b/tests/newusers/30_create_user_different_groupname/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/newusers/30_create_user_different_groupname/data/gshadow b/tests/newusers/30_create_user_different_groupname/data/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/newusers/30_create_user_different_groupname/data/newusers.list b/tests/newusers/30_create_user_different_groupname/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/30_create_user_different_groupname/data/passwd b/tests/newusers/30_create_user_different_groupname/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/30_create_user_different_groupname/data/shadow b/tests/newusers/30_create_user_different_groupname/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/30_create_user_different_groupname/newusers.test b/tests/newusers/30_create_user_different_groupname/newusers.test
new file mode 100755
index 0000000..c5fd4bb
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user and new group with different names"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/31_create_user_error_invalid_GID/config.txt b/tests/newusers/31_create_user_error_invalid_GID/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/config.txt
diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/group b/tests/newusers/31_create_user_error_invalid_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/gshadow b/tests/newusers/31_create_user_error_invalid_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/passwd b/tests/newusers/31_create_user_error_invalid_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/shadow b/tests/newusers/31_create_user_error_invalid_GID/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/31_create_user_error_invalid_GID/data/newusers.err b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.err
new file mode 100644
index 0000000..8a425df
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid group ID '1foo'
+newusers: line 1: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/31_create_user_error_invalid_GID/data/newusers.list b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.list
new file mode 100644
index 0000000..09a2d0b
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::1foo:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/31_create_user_error_invalid_GID/newusers.test b/tests/newusers/31_create_user_error_invalid_GID/newusers.test
new file mode 100755
index 0000000..01e701e
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails with invalid GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config.txt b/tests/newusers/32_create_user_error_gshadow_group_exists/config.txt
new file mode 100644
index 0000000..9f0f610
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config.txt
@@ -0,0 +1 @@
+group bar exist in gshadow, not in group
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/group b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/gshadow b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/passwd b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/shadow b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.err b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.err
new file mode 100644
index 0000000..4d8ae70
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: group 'bar' is a shadow group, but does not exist in /etc/group
+newusers: line 1: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.list b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/newusers.test b/tests/newusers/32_create_user_error_gshadow_group_exists/newusers.test
new file mode 100755
index 0000000..40749e3
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails if a user references a group which exist in gshadow and not in group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/33_update_password_no_shadow_password/config.txt b/tests/newusers/33_update_password_no_shadow_password/config.txt
new file mode 100644
index 0000000..02cfc9a
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config.txt
@@ -0,0 +1,2 @@
+User foo exists, with password fooPass
+no user foo in /etc/shadow
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/group b/tests/newusers/33_update_password_no_shadow_password/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/gshadow b/tests/newusers/33_update_password_no_shadow_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/common-password b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/newusers b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/passwd b/tests/newusers/33_update_password_no_shadow_password/config/etc/passwd
new file mode 100644
index 0000000..90bf0ab
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/shadow b/tests/newusers/33_update_password_no_shadow_password/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/33_update_password_no_shadow_password/data/newusers.list b/tests/newusers/33_update_password_no_shadow_password/data/newusers.list
new file mode 100644
index 0000000..cc3b9ad
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/33_update_password_no_shadow_password/data/passwd b/tests/newusers/33_update_password_no_shadow_password/data/passwd
new file mode 100644
index 0000000..33b4c02
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:@PASS_DES fooPass2@:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/33_update_password_no_shadow_password/newusers.test b/tests/newusers/33_update_password_no_shadow_password/newusers.test
new file mode 100755
index 0000000..38189f7
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of a user which does not exist in shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/34_update_password_no_shadow/config.txt b/tests/newusers/34_update_password_no_shadow/config.txt
new file mode 100644
index 0000000..557c421
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config.txt
@@ -0,0 +1,2 @@
+User foo exists, with password fooPass
+/etc/shadow will be destroyed
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/group b/tests/newusers/34_update_password_no_shadow/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/gshadow b/tests/newusers/34_update_password_no_shadow/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/common-password b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/newusers b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/passwd b/tests/newusers/34_update_password_no_shadow/config/etc/passwd
new file mode 100644
index 0000000..90bf0ab
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/shadow b/tests/newusers/34_update_password_no_shadow/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/34_update_password_no_shadow/data/newusers.list b/tests/newusers/34_update_password_no_shadow/data/newusers.list
new file mode 100644
index 0000000..cc3b9ad
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/34_update_password_no_shadow/data/passwd b/tests/newusers/34_update_password_no_shadow/data/passwd
new file mode 100644
index 0000000..33b4c02
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:@PASS_DES fooPass2@:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/34_update_password_no_shadow/newusers.test b/tests/newusers/34_update_password_no_shadow/newusers.test
new file mode 100755
index 0000000..1a9979e
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/newusers.test
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user, when there is no shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+rm -f /etc/shadow /etc/gshadow
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/35_read_from_stdin/config.txt b/tests/newusers/35_read_from_stdin/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config.txt
diff --git a/tests/newusers/35_read_from_stdin/config/etc/group b/tests/newusers/35_read_from_stdin/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/35_read_from_stdin/config/etc/gshadow b/tests/newusers/35_read_from_stdin/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/35_read_from_stdin/config/etc/pam.d/common-password b/tests/newusers/35_read_from_stdin/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/35_read_from_stdin/config/etc/pam.d/newusers b/tests/newusers/35_read_from_stdin/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/35_read_from_stdin/config/etc/passwd b/tests/newusers/35_read_from_stdin/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/35_read_from_stdin/config/etc/shadow b/tests/newusers/35_read_from_stdin/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/35_read_from_stdin/data/group b/tests/newusers/35_read_from_stdin/data/group
new file mode 100644
index 0000000..15f4c27
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/newusers/35_read_from_stdin/data/gshadow b/tests/newusers/35_read_from_stdin/data/gshadow
new file mode 100644
index 0000000..5e2c5d3
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
diff --git a/tests/newusers/35_read_from_stdin/data/newusers.list b/tests/newusers/35_read_from_stdin/data/newusers.list
new file mode 100644
index 0000000..b51078f
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/data/newusers.list
@@ -0,0 +1,2 @@
+foo1:foo1Pass:::User foo1 - Gecos Field::/bin/sh
+foo2:foo2Pass:::User foo2 - Gecos Field::/bin/sh
diff --git a/tests/newusers/35_read_from_stdin/data/passwd b/tests/newusers/35_read_from_stdin/data/passwd
new file mode 100644
index 0000000..0c6350e
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:User foo1 - Gecos Field::/bin/sh
+foo2:x:1001:1001:User foo2 - Gecos Field::/bin/sh
diff --git a/tests/newusers/35_read_from_stdin/data/shadow b/tests/newusers/35_read_from_stdin/data/shadow
new file mode 100644
index 0000000..e33ca21
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7:::
+foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/35_read_from_stdin/newusers.test b/tests/newusers/35_read_from_stdin/newusers.test
new file mode 100755
index 0000000..a135564
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can read the list from stdin"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+cat data/newusers.list | newusers
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/36_create_user_encrypted/config.txt b/tests/newusers/36_create_user_encrypted/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/config.txt
diff --git a/tests/newusers/36_create_user_encrypted/config/etc/group b/tests/newusers/36_create_user_encrypted/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/36_create_user_encrypted/config/etc/gshadow b/tests/newusers/36_create_user_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/36_create_user_encrypted/config/etc/passwd b/tests/newusers/36_create_user_encrypted/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/36_create_user_encrypted/config/etc/shadow b/tests/newusers/36_create_user_encrypted/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/36_create_user_encrypted/data/group b/tests/newusers/36_create_user_encrypted/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/36_create_user_encrypted/data/gshadow b/tests/newusers/36_create_user_encrypted/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/36_create_user_encrypted/data/newusers.list b/tests/newusers/36_create_user_encrypted/data/newusers.list
new file mode 100644
index 0000000..4b43ba5
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/data/newusers.list
@@ -0,0 +1 @@
+foo:fo9LtdQDLJ8Fs:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/36_create_user_encrypted/data/passwd b/tests/newusers/36_create_user_encrypted/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/36_create_user_encrypted/data/shadow b/tests/newusers/36_create_user_encrypted/data/shadow
new file mode 100644
index 0000000..1d221a8
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:fo9LtdQDLJ8Fs:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/36_create_user_encrypted/newusers.test b/tests/newusers/36_create_user_encrypted/newusers.test
new file mode 100755
index 0000000..ab0a264
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user, and provide an already encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c NONE data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config.txt b/tests/newusers/37_create_user_encrypt_MD5-PAM/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config.txt
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/group b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/gshadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/common-password b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/newusers b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/passwd b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/shadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/group b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/gshadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/newusers.list b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/passwd b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/shadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/shadow
new file mode 100644
index 0000000..cff74f8
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_MD5 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/newusers.test b/tests/newusers/37_create_user_encrypt_MD5-PAM/newusers.test
new file mode 100755
index 0000000..f916194
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the MD5 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/37_create_user_encrypt_MD5/config.txt b/tests/newusers/37_create_user_encrypt_MD5/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/config.txt
diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/group b/tests/newusers/37_create_user_encrypt_MD5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/gshadow b/tests/newusers/37_create_user_encrypt_MD5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/passwd b/tests/newusers/37_create_user_encrypt_MD5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/shadow b/tests/newusers/37_create_user_encrypt_MD5/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/group b/tests/newusers/37_create_user_encrypt_MD5/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/gshadow b/tests/newusers/37_create_user_encrypt_MD5/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/newusers.list b/tests/newusers/37_create_user_encrypt_MD5/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/passwd b/tests/newusers/37_create_user_encrypt_MD5/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/shadow b/tests/newusers/37_create_user_encrypt_MD5/data/shadow
new file mode 100644
index 0000000..cff74f8
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_MD5 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/37_create_user_encrypt_MD5/newusers.test b/tests/newusers/37_create_user_encrypt_MD5/newusers.test
new file mode 100755
index 0000000..e497ca9
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the MD5 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c MD5 data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config.txt b/tests/newusers/38_update_password_no_shadow_encrypted/config.txt
new file mode 100644
index 0000000..b24760e
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/config.txt
@@ -0,0 +1,2 @@
+User foo exists, with password fooPass
+shadow and gshadow will be removed.
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/group b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/gshadow b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/passwd b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/passwd
new file mode 100644
index 0000000..90bf0ab
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/shadow b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/data/newusers.list b/tests/newusers/38_update_password_no_shadow_encrypted/data/newusers.list
new file mode 100644
index 0000000..d70655e
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/data/newusers.list
@@ -0,0 +1 @@
+foo:fozvMZd6F6hFU:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/data/passwd b/tests/newusers/38_update_password_no_shadow_encrypted/data/passwd
new file mode 100644
index 0000000..a8e6425
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:fozvMZd6F6hFU:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/newusers.test b/tests/newusers/38_update_password_no_shadow_encrypted/newusers.test
new file mode 100755
index 0000000..ba0b660
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/newusers.test
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user in the passwd file, with a pre-encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+rm -f /etc/shadow /etc/gshadow
+
+newusers -c NONE data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config.txt b/tests/newusers/39_update_password_no_shadow_password_encrypted/config.txt
new file mode 100644
index 0000000..f21646b
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config.txt
@@ -0,0 +1,2 @@
+User foo exists, with password fooPass
+No user foo in shadow
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/group b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/gshadow b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/passwd b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/passwd
new file mode 100644
index 0000000..90bf0ab
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/shadow b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/data/newusers.list b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/newusers.list
new file mode 100644
index 0000000..d70655e
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/newusers.list
@@ -0,0 +1 @@
+foo:fozvMZd6F6hFU:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/data/passwd b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/passwd
new file mode 100644
index 0000000..a8e6425
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:fozvMZd6F6hFU:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/newusers.test b/tests/newusers/39_update_password_no_shadow_password_encrypted/newusers.test
new file mode 100755
index 0000000..1daf41f
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user with a pre-encrypted password, when this user has no shadow entry"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c NONE data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/40_update_password_encrypted/config.txt b/tests/newusers/40_update_password_encrypted/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/40_update_password_encrypted/config/etc/group b/tests/newusers/40_update_password_encrypted/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/40_update_password_encrypted/config/etc/gshadow b/tests/newusers/40_update_password_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/40_update_password_encrypted/config/etc/passwd b/tests/newusers/40_update_password_encrypted/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/40_update_password_encrypted/config/etc/shadow b/tests/newusers/40_update_password_encrypted/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/40_update_password_encrypted/data/newusers.list b/tests/newusers/40_update_password_encrypted/data/newusers.list
new file mode 100644
index 0000000..cc3b9ad
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/40_update_password_encrypted/data/shadow b/tests/newusers/40_update_password_encrypted/data/shadow
new file mode 100644
index 0000000..b466143
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:fooPass2:13906:0:99999:7:::
diff --git a/tests/newusers/40_update_password_encrypted/newusers.test b/tests/newusers/40_update_password_encrypted/newusers.test
new file mode 100755
index 0000000..bb6be18
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user with a pre-encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c NONE data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config.txt b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config.txt
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/group b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/gshadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/common-password b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/common-password
new file mode 100644
index 0000000..ab27f3e
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha256
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/newusers b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/passwd b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/shadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/group b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/gshadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/newusers.list b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/passwd b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/shadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/newusers.test b/tests/newusers/41_create_user_encrypt_SHA256-PAM/newusers.test
new file mode 100755
index 0000000..284bb3e
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config.txt b/tests/newusers/41_create_user_encrypt_SHA256/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/config.txt
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/group b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/gshadow b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/passwd b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/shadow b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/group b/tests/newusers/41_create_user_encrypt_SHA256/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/gshadow b/tests/newusers/41_create_user_encrypt_SHA256/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/newusers.list b/tests/newusers/41_create_user_encrypt_SHA256/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/passwd b/tests/newusers/41_create_user_encrypt_SHA256/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/shadow b/tests/newusers/41_create_user_encrypt_SHA256/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/newusers.test b/tests/newusers/41_create_user_encrypt_SHA256/newusers.test
new file mode 100755
index 0000000..ba0828d
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c SHA256 data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config.txt b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config.txt
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/group b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/gshadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/common-password b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/common-password
new file mode 100644
index 0000000..cc251ad
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/newusers b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/passwd b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/shadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/group b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/gshadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/newusers.list b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/passwd b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/shadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/shadow
new file mode 100644
index 0000000..1f9ef64
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA512 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/newusers.test b/tests/newusers/42_create_user_encrypt_SHA512-PAM/newusers.test
new file mode 100755
index 0000000..796dbcc
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA512 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config.txt b/tests/newusers/42_create_user_encrypt_SHA512/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/config.txt
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/group b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/gshadow b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/passwd b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/shadow b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/group b/tests/newusers/42_create_user_encrypt_SHA512/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/gshadow b/tests/newusers/42_create_user_encrypt_SHA512/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/newusers.list b/tests/newusers/42_create_user_encrypt_SHA512/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/passwd b/tests/newusers/42_create_user_encrypt_SHA512/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/shadow b/tests/newusers/42_create_user_encrypt_SHA512/data/shadow
new file mode 100644
index 0000000..1f9ef64
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA512 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/newusers.test b/tests/newusers/42_create_user_encrypt_SHA512/newusers.test
new file mode 100755
index 0000000..9036b9b
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA512 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c SHA512 data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config.txt b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config.txt
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/common-password b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/common-password
new file mode 100644
index 0000000..a15d7a6
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha256 rounds=3000
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/newusers b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/newusers.list b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test
new file mode 100755
index 0000000..6260beb
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm and a specified number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "newusers -c SHA256 -s 3000 data/newusers.list"
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+echo -n "($rounds)..."
+if [ ! "$rounds" = 3000 ]; then
+ echo "Wrong number of rounds"
+ grep "^foo:" /etc/shadow
+ exit 1
+fi
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config.txt b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config.txt
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/newusers.list b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test
new file mode 100755
index 0000000..26f87f2
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm and a specified number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "newusers -c SHA256 -s 3000 data/newusers.list"
+newusers -c SHA256 -s 3000 data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+echo -n "($rounds)..."
+if [ ! "$rounds" = 3000 ]; then
+ echo "Wrong number of rounds"
+ grep "^foo:" /etc/shadow
+ exit 1
+fi
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config.txt b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config.txt
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/common-password b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/common-password
new file mode 100644
index 0000000..7bdd3a2
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha256 rounds=300
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/newusers b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/newusers.list b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test
new file mode 100755
index 0000000..e2c2c99
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers: the minimum number of rounds for SHA256 is 1000"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "newusers data/newusers.list"
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+echo -n "($rounds)..."
+if [ ! "$rounds" = 1000 ] && [ ! "$rounds" = "" ]; then
+ echo "Wrong number of rounds"
+ grep "^foo:" /etc/shadow
+ exit 1
+fi
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config.txt b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config.txt
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/newusers.list b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test
new file mode 100755
index 0000000..bea0ad8
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers: the minimum number of rounds for SHA256 is 1000"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "newusers -c SHA256 -s 300 data/newusers.list"
+newusers -c SHA256 -s 300 data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+echo -n "($rounds)..."
+if [ ! "$rounds" = 1000 ]; then
+ echo "Wrong number of rounds"
+ grep "^foo:" /etc/shadow
+ exit 1
+fi
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config.txt b/tests/newusers/45_create_user_encrypt_rounds_3000/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config.txt
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/group b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/gshadow b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/passwd b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/shadow b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.err b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.err
new file mode 100644
index 0000000..4b285af
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.err
@@ -0,0 +1,8 @@
+newusers: -s flag is only allowed with the -c flag
+Usage: newusers [options] [input]
+
+ -c, --crypt-method the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -r, --system create system accounts
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.list b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/newusers.test b/tests/newusers/45_create_user_encrypt_rounds_3000/newusers.test
new file mode 100755
index 0000000..acc9648
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers: the number of rounds cannot be specified without a -c method"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "newusers -s 3000 data/newusers.list ..."
+newusers -s 3000 data/newusers.list 2> tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config.txt b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config.txt
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/group b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/gshadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/passwd b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/shadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/group b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/gshadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/newusers.list b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/passwd b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/shadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/shadow
new file mode 100644
index 0000000..cff74f8
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_MD5 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test
new file mode 100755
index 0000000..2a5bfb8
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers ignore the number of rounds with the MD5 method"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "newusers -c MD5 -s 3000 data/newusers.list"
+newusers -c MD5 -s 3000 data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config.txt b/tests/newusers/47_create_user_error_UID_4294967295/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/config.txt
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/group b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/gshadow b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/passwd b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/shadow b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.err b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.err
new file mode 100644
index 0000000..3fa2568
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid user ID '4294967295'
+newusers: line 1: can't create user
+newusers: error detected, changes ignored
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.list b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.list
new file mode 100644
index 0000000..db2d9a9
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:4294967295::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/newusers.test b/tests/newusers/47_create_user_error_UID_4294967295/newusers.test
new file mode 100755
index 0000000..33d4c8b
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails with invalid UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config.txt b/tests/newusers/48_create_user_error_GID_4294967295/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/config.txt
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/group b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/gshadow b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/passwd b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/shadow b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.err b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.err
new file mode 100644
index 0000000..72803c5
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid group ID '4294967295'
+newusers: line 1: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.list b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.list
new file mode 100644
index 0000000..734a204
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:2147483648:4294967295:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/newusers.test b/tests/newusers/48_create_user_error_GID_4294967295/newusers.test
new file mode 100755
index 0000000..33d4c8b
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails with invalid UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/49_multiple_system_users/config.txt b/tests/newusers/49_multiple_system_users/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/49_multiple_system_users/config/etc/group b/tests/newusers/49_multiple_system_users/config/etc/group
new file mode 100644
index 0000000..35fb1e9
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
+fooo:x:997:
diff --git a/tests/newusers/49_multiple_system_users/config/etc/gshadow b/tests/newusers/49_multiple_system_users/config/etc/gshadow
new file mode 100644
index 0000000..72f456f
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
+fooo:x::
diff --git a/tests/newusers/49_multiple_system_users/config/etc/pam.d/common-password b/tests/newusers/49_multiple_system_users/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/49_multiple_system_users/config/etc/pam.d/newusers b/tests/newusers/49_multiple_system_users/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/49_multiple_system_users/config/etc/passwd b/tests/newusers/49_multiple_system_users/config/etc/passwd
new file mode 100644
index 0000000..a4907a1
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:998:998::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
+fooo:x:997:997:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/49_multiple_system_users/config/etc/shadow b/tests/newusers/49_multiple_system_users/config/etc/shadow
new file mode 100644
index 0000000..4fee3da
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
+fooo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/49_multiple_system_users/data/group b/tests/newusers/49_multiple_system_users/data/group
new file mode 100644
index 0000000..d9abdaa
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/data/group
@@ -0,0 +1,59 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
+fooo:x:997:
+foo1:x:996:
+foo1a:x:999:
+foo2:x:2000:
+foo3:x:994:
+foo4:x:998:
+foo5:x:3005:
+foo6:x:992:
+foo7:x:61000:
+foo8:x:991:
+foo9:x:995:
+foo10:x:990:
+foo11:x:63000:
+foo12:x:988:
+foo13:x:987:
+foo14:x:993:
+foo15:x:986:
diff --git a/tests/newusers/49_multiple_system_users/data/gshadow b/tests/newusers/49_multiple_system_users/data/gshadow
new file mode 100644
index 0000000..51dc764
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/data/gshadow
@@ -0,0 +1,59 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
+fooo:x::
+foo1:*::
+foo1a:*::
+foo2:*::
+foo3:*::
+foo4:*::
+foo5:*::
+foo6:*::
+foo7:*::
+foo8:*::
+foo9:*::
+foo10:*::
+foo11:*::
+foo12:*::
+foo13:*::
+foo14:*::
+foo15:*::
diff --git a/tests/newusers/49_multiple_system_users/data/newusers.list b/tests/newusers/49_multiple_system_users/data/newusers.list
new file mode 100644
index 0000000..68d54c2
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/data/newusers.list
@@ -0,0 +1,17 @@
+foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh
+foo1a:foo1aPas:foo1::User Foo - Gecos Field::/bin/sh
+foo1b:foo1bPas::foo1a:User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:2000:2000:User Foo - Gecos Field::/bin/sh
+foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh
+foo4:foo4Pass:3000::User Foo - Gecos Field::/bin/sh
+foo5:foo5Pass::3005:User Foo - Gecos Field::/bin/sh
+foo6:foo6Pass:::User Foo - Gecos Field::/bin/sh
+foo7:foo7Pass:61000:61000:User Foo - Gecos Field::/bin/sh
+foo8:foo8Pass:::User Foo - Gecos Field::/bin/sh
+foo9:foo9Pass:62000::User Foo - Gecos Field::/bin/sh
+foo10:foo10Pas:::User Foo - Gecos Field::/bin/sh
+foo11:foo11Pas::63000:User Foo - Gecos Field::/bin/sh
+foo12:foo12Pas:::User Foo - Gecos Field::/bin/sh
+foo13:foo13Pas:::User Foo - Gecos Field::/bin/sh
+foo14:foo14Pas:59000::User Foo - Gecos Field::/bin/sh
+foo15:foo15Pas:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/49_multiple_system_users/data/passwd b/tests/newusers/49_multiple_system_users/data/passwd
new file mode 100644
index 0000000..fb8a075
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/data/passwd
@@ -0,0 +1,38 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:998:998::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
+fooo:x:997:997:User Foo - Gecos Field::/bin/sh
+foo1:x:996:996:User Foo - Gecos Field::/bin/sh
+foo1a:x:996:999:User Foo - Gecos Field::/bin/sh
+foo1b:x:995:999:User Foo - Gecos Field::/bin/sh
+foo2:x:2000:2000:User Foo - Gecos Field::/bin/sh
+foo3:x:994:994:User Foo - Gecos Field::/bin/sh
+foo4:x:3000:998:User Foo - Gecos Field::/bin/sh
+foo5:x:993:3005:User Foo - Gecos Field::/bin/sh
+foo6:x:992:992:User Foo - Gecos Field::/bin/sh
+foo7:x:61000:61000:User Foo - Gecos Field::/bin/sh
+foo8:x:991:991:User Foo - Gecos Field::/bin/sh
+foo9:x:62000:995:User Foo - Gecos Field::/bin/sh
+foo10:x:990:990:User Foo - Gecos Field::/bin/sh
+foo11:x:989:63000:User Foo - Gecos Field::/bin/sh
+foo12:x:988:988:User Foo - Gecos Field::/bin/sh
+foo13:x:987:987:User Foo - Gecos Field::/bin/sh
+foo14:x:59000:993:User Foo - Gecos Field::/bin/sh
+foo15:x:986:986:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/49_multiple_system_users/data/shadow b/tests/newusers/49_multiple_system_users/data/shadow
new file mode 100644
index 0000000..bd434e3
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/data/shadow
@@ -0,0 +1,38 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
+fooo:eKzSSVkXDoVUM:13906:0:99999:7:::
+foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7:::
+foo1a:@PASS_DES foo1aPas@:@TODAY@:0:99999:7:::
+foo1b:@PASS_DES foo1bPas@:@TODAY@:0:99999:7:::
+foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7:::
+foo3:@PASS_DES foo3Pass@:@TODAY@:0:99999:7:::
+foo4:@PASS_DES foo4Pass@:@TODAY@:0:99999:7:::
+foo5:@PASS_DES foo5Pass@:@TODAY@:0:99999:7:::
+foo6:@PASS_DES foo6Pass@:@TODAY@:0:99999:7:::
+foo7:@PASS_DES foo7Pass@:@TODAY@:0:99999:7:::
+foo8:@PASS_DES foo8Pass@:@TODAY@:0:99999:7:::
+foo9:@PASS_DES foo9Pass@:@TODAY@:0:99999:7:::
+foo10:@PASS_DES foo10Pas@:@TODAY@:0:99999:7:::
+foo11:@PASS_DES foo11Pas@:@TODAY@:0:99999:7:::
+foo12:@PASS_DES foo12Pas@:@TODAY@:0:99999:7:::
+foo13:@PASS_DES foo13Pas@:@TODAY@:0:99999:7:::
+foo14:@PASS_DES foo14Pas@:@TODAY@:0:99999:7:::
+foo15:@PASS_DES foo15Pas@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/49_multiple_system_users/newusers.test b/tests/newusers/49_multiple_system_users/newusers.test
new file mode 100755
index 0000000..f9075d2
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can add multiple system users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers --system data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/50_usage/config.txt b/tests/newusers/50_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/50_usage/config.txt
diff --git a/tests/newusers/50_usage/config/etc/group b/tests/newusers/50_usage/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/50_usage/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/50_usage/config/etc/gshadow b/tests/newusers/50_usage/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/50_usage/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/50_usage/config/etc/passwd b/tests/newusers/50_usage/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/50_usage/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/50_usage/config/etc/shadow b/tests/newusers/50_usage/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/50_usage/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/50_usage/data/usage.out b/tests/newusers/50_usage/data/usage.out
new file mode 100644
index 0000000..82fa641
--- /dev/null
+++ b/tests/newusers/50_usage/data/usage.out
@@ -0,0 +1,7 @@
+Usage: newusers [options]
+
+Options:
+ -h, --help display this help message and exit
+ -r, --system create system accounts
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/newusers/50_usage/newusers.test b/tests/newusers/50_usage/newusers.test
new file mode 100755
index 0000000..3dca38a
--- /dev/null
+++ b/tests/newusers/50_usage/newusers.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get newusers usage (newusers -h)..."
+newusers -h >tmp/usage.out
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/51_usage_invalid_option/config.txt b/tests/newusers/51_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/config.txt
diff --git a/tests/newusers/51_usage_invalid_option/config/etc/group b/tests/newusers/51_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/51_usage_invalid_option/config/etc/gshadow b/tests/newusers/51_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/51_usage_invalid_option/config/etc/passwd b/tests/newusers/51_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/51_usage_invalid_option/config/etc/shadow b/tests/newusers/51_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/51_usage_invalid_option/data/usage.out b/tests/newusers/51_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..e111c34
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/data/usage.out
@@ -0,0 +1,8 @@
+newusers: invalid option -- 'Z'
+Usage: newusers [options]
+
+Options:
+ -h, --help display this help message and exit
+ -r, --system create system accounts
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/newusers/51_usage_invalid_option/newusers.test b/tests/newusers/51_usage_invalid_option/newusers.test
new file mode 100755
index 0000000..77dc821
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers displays its usage message in case of bad usage"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call newusers with an invalid option (newusers -Z)..."
+newusers -Z bin 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/52_usage_2_input_files/config.txt b/tests/newusers/52_usage_2_input_files/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/config.txt
diff --git a/tests/newusers/52_usage_2_input_files/config/etc/group b/tests/newusers/52_usage_2_input_files/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/52_usage_2_input_files/config/etc/gshadow b/tests/newusers/52_usage_2_input_files/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/52_usage_2_input_files/config/etc/passwd b/tests/newusers/52_usage_2_input_files/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/52_usage_2_input_files/config/etc/shadow b/tests/newusers/52_usage_2_input_files/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/52_usage_2_input_files/data/usage.out b/tests/newusers/52_usage_2_input_files/data/usage.out
new file mode 100644
index 0000000..82fa641
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/data/usage.out
@@ -0,0 +1,7 @@
+Usage: newusers [options]
+
+Options:
+ -h, --help display this help message and exit
+ -r, --system create system accounts
+ -R, --root CHROOT_DIR directory to chroot into
+
diff --git a/tests/newusers/52_usage_2_input_files/newusers.test b/tests/newusers/52_usage_2_input_files/newusers.test
new file mode 100755
index 0000000..255f1c4
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers displays its usage message in case of bad usage"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call newusers with 2 input files (newusers list1 list2)..."
+newusers list1 list2 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/53_locked_passwd/config.txt b/tests/newusers/53_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/config.txt
diff --git a/tests/newusers/53_locked_passwd/config/etc/group b/tests/newusers/53_locked_passwd/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/53_locked_passwd/config/etc/gshadow b/tests/newusers/53_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/53_locked_passwd/config/etc/passwd b/tests/newusers/53_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/53_locked_passwd/config/etc/shadow b/tests/newusers/53_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/53_locked_passwd/data/newusers.list b/tests/newusers/53_locked_passwd/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/53_locked_passwd/data/usage.out b/tests/newusers/53_locked_passwd/data/usage.out
new file mode 100644
index 0000000..7a0563f
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/data/usage.out
@@ -0,0 +1,2 @@
+newusers: existing lock file /etc/passwd.lock without a PID
+newusers: cannot lock /etc/passwd; try again later.
diff --git a/tests/newusers/53_locked_passwd/newusers.test b/tests/newusers/53_locked_passwd/newusers.test
new file mode 100755
index 0000000..790582e
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/newusers.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when passwd is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Create user foo (newusers foo)..."
+newusers data/newusers.list 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/54_locked_shadow/config.txt b/tests/newusers/54_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/config.txt
diff --git a/tests/newusers/54_locked_shadow/config/etc/group b/tests/newusers/54_locked_shadow/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/54_locked_shadow/config/etc/gshadow b/tests/newusers/54_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/54_locked_shadow/config/etc/passwd b/tests/newusers/54_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/54_locked_shadow/config/etc/shadow b/tests/newusers/54_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/54_locked_shadow/data/newusers.list b/tests/newusers/54_locked_shadow/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/54_locked_shadow/data/usage.out b/tests/newusers/54_locked_shadow/data/usage.out
new file mode 100644
index 0000000..309a750
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/data/usage.out
@@ -0,0 +1,2 @@
+newusers: existing lock file /etc/shadow.lock without a PID
+newusers: cannot lock /etc/shadow; try again later.
diff --git a/tests/newusers/54_locked_shadow/newusers.test b/tests/newusers/54_locked_shadow/newusers.test
new file mode 100755
index 0000000..c8b5038
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/newusers.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when shadow is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Create user foo (newusers foo)..."
+newusers data/newusers.list 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/55_locked_group/config.txt b/tests/newusers/55_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/55_locked_group/config.txt
diff --git a/tests/newusers/55_locked_group/config/etc/group b/tests/newusers/55_locked_group/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/55_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/55_locked_group/config/etc/gshadow b/tests/newusers/55_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/55_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/55_locked_group/config/etc/passwd b/tests/newusers/55_locked_group/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/55_locked_group/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/55_locked_group/config/etc/shadow b/tests/newusers/55_locked_group/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/55_locked_group/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/55_locked_group/data/newusers.list b/tests/newusers/55_locked_group/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/55_locked_group/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/55_locked_group/data/usage.out b/tests/newusers/55_locked_group/data/usage.out
new file mode 100644
index 0000000..ad33b0c
--- /dev/null
+++ b/tests/newusers/55_locked_group/data/usage.out
@@ -0,0 +1,2 @@
+newusers: existing lock file /etc/group.lock without a PID
+newusers: cannot lock /etc/group; try again later.
diff --git a/tests/newusers/55_locked_group/newusers.test b/tests/newusers/55_locked_group/newusers.test
new file mode 100755
index 0000000..cae0458
--- /dev/null
+++ b/tests/newusers/55_locked_group/newusers.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when group is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Create user foo (newusers foo)..."
+newusers data/newusers.list 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/56_locked_gshadow/config.txt b/tests/newusers/56_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/config.txt
diff --git a/tests/newusers/56_locked_gshadow/config/etc/group b/tests/newusers/56_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/56_locked_gshadow/config/etc/gshadow b/tests/newusers/56_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/56_locked_gshadow/config/etc/passwd b/tests/newusers/56_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/56_locked_gshadow/config/etc/shadow b/tests/newusers/56_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/56_locked_gshadow/data/newusers.list b/tests/newusers/56_locked_gshadow/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/56_locked_gshadow/data/usage.out b/tests/newusers/56_locked_gshadow/data/usage.out
new file mode 100644
index 0000000..1d874cf
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/data/usage.out
@@ -0,0 +1,2 @@
+newusers: existing lock file /etc/gshadow.lock without a PID
+newusers: cannot lock /etc/gshadow; try again later.
diff --git a/tests/newusers/56_locked_gshadow/newusers.test b/tests/newusers/56_locked_gshadow/newusers.test
new file mode 100755
index 0000000..a317867
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/newusers.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when gshadow is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Create user foo (newusers foo)..."
+newusers data/newusers.list 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/57_missing_input_file/config.txt b/tests/newusers/57_missing_input_file/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/config.txt
diff --git a/tests/newusers/57_missing_input_file/config/etc/group b/tests/newusers/57_missing_input_file/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/57_missing_input_file/config/etc/gshadow b/tests/newusers/57_missing_input_file/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/57_missing_input_file/config/etc/passwd b/tests/newusers/57_missing_input_file/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/57_missing_input_file/config/etc/shadow b/tests/newusers/57_missing_input_file/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/57_missing_input_file/data/usage.out b/tests/newusers/57_missing_input_file/data/usage.out
new file mode 100644
index 0000000..6b55e2a
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/data/usage.out
@@ -0,0 +1 @@
+newusers: data/newusers.list: No such file or directory
diff --git a/tests/newusers/57_missing_input_file/newusers.test b/tests/newusers/57_missing_input_file/newusers.test
new file mode 100755
index 0000000..7e74f73
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when the input file cann be read"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call newusers with missing input file (newusers data/newusers.list)..."
+newusers data/newusers.list 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/58_invalid_input_file/config.txt b/tests/newusers/58_invalid_input_file/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/config.txt
diff --git a/tests/newusers/58_invalid_input_file/config/etc/group b/tests/newusers/58_invalid_input_file/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/58_invalid_input_file/config/etc/gshadow b/tests/newusers/58_invalid_input_file/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/58_invalid_input_file/config/etc/passwd b/tests/newusers/58_invalid_input_file/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/58_invalid_input_file/config/etc/shadow b/tests/newusers/58_invalid_input_file/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/58_invalid_input_file/data/newusers.err b/tests/newusers/58_invalid_input_file/data/newusers.err
new file mode 100644
index 0000000..fe15bdc
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/data/newusers.err
@@ -0,0 +1,2 @@
+newusers: line 1: invalid line
+newusers: error detected, changes ignored
diff --git a/tests/newusers/58_invalid_input_file/data/newusers.list b/tests/newusers/58_invalid_input_file/data/newusers.list
new file mode 100644
index 0000000..56266fd
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/data/newusers.list
@@ -0,0 +1 @@
+foo:foo:Pass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/58_invalid_input_file/newusers.test b/tests/newusers/58_invalid_input_file/newusers.test
new file mode 100755
index 0000000..b4f7889
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when the input is invalid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call newusers with invalid input (newusers data/newusers.list)..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "usage message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/59_no_gshadow_file/config.txt b/tests/newusers/59_no_gshadow_file/config.txt
new file mode 100644
index 0000000..557c421
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config.txt
@@ -0,0 +1,2 @@
+User foo exists, with password fooPass
+/etc/shadow will be destroyed
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/group b/tests/newusers/59_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/gshadow b/tests/newusers/59_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/pam.d/common-password b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/pam.d/newusers b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/passwd b/tests/newusers/59_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/shadow b/tests/newusers/59_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/59_no_gshadow_file/data/group b/tests/newusers/59_no_gshadow_file/data/group
new file mode 100644
index 0000000..a0ff22a
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:*:1000:
diff --git a/tests/newusers/59_no_gshadow_file/data/newusers.list b/tests/newusers/59_no_gshadow_file/data/newusers.list
new file mode 100644
index 0000000..cc3b9ad
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/59_no_gshadow_file/data/passwd b/tests/newusers/59_no_gshadow_file/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/59_no_gshadow_file/data/shadow b/tests/newusers/59_no_gshadow_file/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/59_no_gshadow_file/newusers.test b/tests/newusers/59_no_gshadow_file/newusers.test
new file mode 100755
index 0000000..bf18186
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/newusers.test
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user, when there is no gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+rm -f /etc/gshadow
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/60_update_no_gecos/config.txt b/tests/newusers/60_update_no_gecos/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/60_update_no_gecos/config/etc/group b/tests/newusers/60_update_no_gecos/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/60_update_no_gecos/config/etc/gshadow b/tests/newusers/60_update_no_gecos/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/60_update_no_gecos/config/etc/pam.d/common-password b/tests/newusers/60_update_no_gecos/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/60_update_no_gecos/config/etc/pam.d/newusers b/tests/newusers/60_update_no_gecos/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/60_update_no_gecos/config/etc/passwd b/tests/newusers/60_update_no_gecos/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/60_update_no_gecos/config/etc/shadow b/tests/newusers/60_update_no_gecos/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/60_update_no_gecos/data/newusers.list b/tests/newusers/60_update_no_gecos/data/newusers.list
new file mode 100644
index 0000000..6233663
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::::/bin/bash
diff --git a/tests/newusers/60_update_no_gecos/data/passwd b/tests/newusers/60_update_no_gecos/data/passwd
new file mode 100644
index 0000000..8fc494c
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/bash
diff --git a/tests/newusers/60_update_no_gecos/data/shadow b/tests/newusers/60_update_no_gecos/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/60_update_no_gecos/newusers.test b/tests/newusers/60_update_no_gecos/newusers.test
new file mode 100755
index 0000000..fb57724
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the gecos of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/61_update_no_shell/config.txt b/tests/newusers/61_update_no_shell/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/61_update_no_shell/config/etc/group b/tests/newusers/61_update_no_shell/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/61_update_no_shell/config/etc/gshadow b/tests/newusers/61_update_no_shell/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/61_update_no_shell/config/etc/pam.d/common-password b/tests/newusers/61_update_no_shell/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/61_update_no_shell/config/etc/pam.d/newusers b/tests/newusers/61_update_no_shell/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/61_update_no_shell/config/etc/passwd b/tests/newusers/61_update_no_shell/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/61_update_no_shell/config/etc/shadow b/tests/newusers/61_update_no_shell/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/61_update_no_shell/data/newusers.list b/tests/newusers/61_update_no_shell/data/newusers.list
new file mode 100644
index 0000000..75e0582
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field - updated::
diff --git a/tests/newusers/61_update_no_shell/data/passwd b/tests/newusers/61_update_no_shell/data/passwd
new file mode 100644
index 0000000..c84bc61
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field - updated::/bin/sh
diff --git a/tests/newusers/61_update_no_shell/data/shadow b/tests/newusers/61_update_no_shell/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/61_update_no_shell/newusers.test b/tests/newusers/61_update_no_shell/newusers.test
new file mode 100755
index 0000000..fb57724
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the gecos of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/group b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/gshadow b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/passwd b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/shadow b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/shadow
new file mode 100644
index 0000000..3112803
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12978:0:99999:7:::
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/data/passwd.out b/tests/passwd/01_passwd_-S_root_locked_account/data/passwd.out
new file mode 100644
index 0000000..86a73e1
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/data/passwd.out
@@ -0,0 +1 @@
+foo L 07/14/2005 0 99999 7 -1
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/passwd.test b/tests/passwd/01_passwd_-S_root_locked_account/passwd.test
new file mode 100755
index 0000000..0641638
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Request password information for user foo (passwd -S foo)..."
+passwd -S foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/group b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/gshadow b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/passwd b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/shadow b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/data/passwd.out b/tests/passwd/02_passwd_-S_root_valid_account/data/passwd.out
new file mode 100644
index 0000000..55af5a7
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/data/passwd.out
@@ -0,0 +1 @@
+foo P 07/13/2005 0 99999 7 -1
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/passwd.test b/tests/passwd/02_passwd_-S_root_valid_account/passwd.test
new file mode 100755
index 0000000..0641638
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Request password information for user foo (passwd -S foo)..."
+passwd -S foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/group b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/gshadow b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/passwd b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/shadow b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/shadow
new file mode 100644
index 0000000..9b3b67f
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo::12988:0:99998:8:::
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/data/passwd.out b/tests/passwd/03_passwd_-S_root_empty_password/data/passwd.out
new file mode 100644
index 0000000..c64fb61
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/data/passwd.out
@@ -0,0 +1 @@
+foo NP 07/24/2005 0 99998 8 -1
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/passwd.test b/tests/passwd/03_passwd_-S_root_empty_password/passwd.test
new file mode 100755
index 0000000..0641638
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Request password information for user foo (passwd -S foo)..."
+passwd -S foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/group b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/gshadow b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/passwd b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/shadow b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/data/passwd.out b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/data/passwd.out
new file mode 100644
index 0000000..e86159d
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/data/passwd.out
@@ -0,0 +1 @@
+foo P
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test
new file mode 100755
index 0000000..e084d34
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Request password information for user foo (passwd -S foo)..."
+passwd -S foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that /etc/shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/group b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/gshadow b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/passwd b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..dfb11c8
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!:1000:1000:::/bin/false
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/shadow b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/data/passwd.out b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/data/passwd.out
new file mode 100644
index 0000000..9ba8956
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/data/passwd.out
@@ -0,0 +1 @@
+foo L
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test
new file mode 100755
index 0000000..0641638
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Request password information for user foo (passwd -S foo)..."
+passwd -S foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/group b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/gshadow b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/passwd b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/shadow b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/data/passwd.out b/tests/passwd/06_passwd_-l_root_lock_account/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/data/shadow b/tests/passwd/06_passwd_-l_root_lock_account/data/shadow
new file mode 100644
index 0000000..79c859a
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/passwd.test b/tests/passwd/06_passwd_-l_root_lock_account/passwd.test
new file mode 100755
index 0000000..3fabb12
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can lock a password with passwd -l"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock foo's password (passwd -l foo)..."
+passwd -l foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/group b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/gshadow b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/passwd b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..440df65
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:1000:1000:::/bin/false
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/shadow b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..3ca4f73
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:1000:1000:::/bin/false
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd.out b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test
new file mode 100755
index 0000000..099c380
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can lock a password in /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock foo's password (passwd -l foo)..."
+passwd -l foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/group b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/gshadow b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/passwd b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/shadow b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/shadow
new file mode 100644
index 0000000..79c859a
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/data/passwd.out b/tests/passwd/08_passwd_-u_root_unlock_account/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/data/shadow b/tests/passwd/08_passwd_-u_root_unlock_account/data/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/passwd.test b/tests/passwd/08_passwd_-u_root_unlock_account/passwd.test
new file mode 100755
index 0000000..b5ac0d8
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can unlock a password with passwd -u"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "unlock foo's password (passwd -u foo)..."
+passwd -u foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/group b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/gshadow b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/passwd b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/shadow b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/data/passwd.err b/tests/passwd/09_passwd_-u_root_unlock_to_empty/data/passwd.err
new file mode 100644
index 0000000..2987d41
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/data/passwd.err
@@ -0,0 +1,2 @@
+passwd: unlocking the password would result in a passwordless account.
+You should set a password with usermod -p to unlock the password of this account.
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/passwd.test b/tests/passwd/09_passwd_-u_root_unlock_to_empty/passwd.test
new file mode 100755
index 0000000..a61e23d
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/passwd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd -u cannot create a passwordless account"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unlock foo's pasword (passwd -u foo)..."
+passwd -u foo 2> tmp/passwd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.err
+echo "======================================================================="
+echo -n "Check the error message..."
+diff -au data/passwd.err tmp/passwd.err
+echo "error message OK."
+rm -f tmp/passwd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/10_passwd_-d_root/config/etc/group b/tests/passwd/10_passwd_-d_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/10_passwd_-d_root/config/etc/gshadow b/tests/passwd/10_passwd_-d_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/10_passwd_-d_root/config/etc/passwd b/tests/passwd/10_passwd_-d_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/10_passwd_-d_root/config/etc/shadow b/tests/passwd/10_passwd_-d_root/config/etc/shadow
new file mode 100644
index 0000000..79c859a
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/10_passwd_-d_root/data/passwd.out b/tests/passwd/10_passwd_-d_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/10_passwd_-d_root/data/shadow b/tests/passwd/10_passwd_-d_root/data/shadow
new file mode 100644
index 0000000..85ef660
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo::12977:0:99999:7:::
diff --git a/tests/passwd/10_passwd_-d_root/passwd.test b/tests/passwd/10_passwd_-d_root/passwd.test
new file mode 100755
index 0000000..e1ac5f2
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can delete a password with passwd -d"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete foo's password (passwd -d foo)..."
+passwd -d foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/group b/tests/passwd/11_passwd_--mindays_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/gshadow b/tests/passwd/11_passwd_--mindays_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/passwd b/tests/passwd/11_passwd_--mindays_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/shadow b/tests/passwd/11_passwd_--mindays_root/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/11_passwd_--mindays_root/data/passwd.out b/tests/passwd/11_passwd_--mindays_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/11_passwd_--mindays_root/data/shadow b/tests/passwd/11_passwd_--mindays_root/data/shadow
new file mode 100644
index 0000000..f424ad6
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:10:99999:7:::
diff --git a/tests/passwd/11_passwd_--mindays_root/passwd.test b/tests/passwd/11_passwd_--mindays_root/passwd.test
new file mode 100755
index 0000000..409396f
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can use passwd --mindays"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the min number of days for foo's password (passwd --mindays 10 foo)..."
+passwd --mindays 10 foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/group b/tests/passwd/12_passwd_--maxdays_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/gshadow b/tests/passwd/12_passwd_--maxdays_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/passwd b/tests/passwd/12_passwd_--maxdays_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/shadow b/tests/passwd/12_passwd_--maxdays_root/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/12_passwd_--maxdays_root/data/passwd.out b/tests/passwd/12_passwd_--maxdays_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/12_passwd_--maxdays_root/data/shadow b/tests/passwd/12_passwd_--maxdays_root/data/shadow
new file mode 100644
index 0000000..82f40b6
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:10:7:::
diff --git a/tests/passwd/12_passwd_--maxdays_root/passwd.test b/tests/passwd/12_passwd_--maxdays_root/passwd.test
new file mode 100755
index 0000000..a895e3e
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can use passwd --maxdays"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the max number of days for foo's password (passwd --maxdays 10 foo)..."
+passwd --maxdays 10 foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/group b/tests/passwd/13_passwd_--warndays_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/gshadow b/tests/passwd/13_passwd_--warndays_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/passwd b/tests/passwd/13_passwd_--warndays_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/shadow b/tests/passwd/13_passwd_--warndays_root/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/13_passwd_--warndays_root/data/passwd.out b/tests/passwd/13_passwd_--warndays_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/13_passwd_--warndays_root/data/shadow b/tests/passwd/13_passwd_--warndays_root/data/shadow
new file mode 100644
index 0000000..a62edfa
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:10:::
diff --git a/tests/passwd/13_passwd_--warndays_root/passwd.test b/tests/passwd/13_passwd_--warndays_root/passwd.test
new file mode 100755
index 0000000..18a8b87
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can use passwd --warndays"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the number of warning days for foo's password (passwd --warndays 10 foo)..."
+passwd --warndays 10 foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/group b/tests/passwd/14_passwd_--inactive_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/gshadow b/tests/passwd/14_passwd_--inactive_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/passwd b/tests/passwd/14_passwd_--inactive_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/shadow b/tests/passwd/14_passwd_--inactive_root/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/14_passwd_--inactive_root/data/passwd.out b/tests/passwd/14_passwd_--inactive_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/14_passwd_--inactive_root/data/shadow b/tests/passwd/14_passwd_--inactive_root/data/shadow
new file mode 100644
index 0000000..52dc304
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:10::
diff --git a/tests/passwd/14_passwd_--inactive_root/passwd.test b/tests/passwd/14_passwd_--inactive_root/passwd.test
new file mode 100755
index 0000000..52dbab0
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can use passwd --inactive"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the number of inactive days for foo's password (passwd --inactive 10 foo)..."
+passwd --inactive 10 foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/group b/tests/passwd/15_passwd_--expire_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/gshadow b/tests/passwd/15_passwd_--expire_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/passwd b/tests/passwd/15_passwd_--expire_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/shadow b/tests/passwd/15_passwd_--expire_root/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/15_passwd_--expire_root/data/passwd.out b/tests/passwd/15_passwd_--expire_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/15_passwd_--expire_root/data/shadow b/tests/passwd/15_passwd_--expire_root/data/shadow
new file mode 100644
index 0000000..4cd6096
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:0:0:99999:7:::
diff --git a/tests/passwd/15_passwd_--expire_root/passwd.test b/tests/passwd/15_passwd_--expire_root/passwd.test
new file mode 100755
index 0000000..f2ab71d
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can use passwd --expire"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set foo's password as expired (passwd --expire foo)..."
+passwd --expire foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/group b/tests/passwd/16_passwd_-S-a_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/gshadow b/tests/passwd/16_passwd_-S-a_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/passwd b/tests/passwd/16_passwd_-S-a_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/shadow b/tests/passwd/16_passwd_-S-a_root/config/etc/shadow
new file mode 100644
index 0000000..3112803
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12978:0:99999:7:::
diff --git a/tests/passwd/16_passwd_-S-a_root/data/passwd.out b/tests/passwd/16_passwd_-S-a_root/data/passwd.out
new file mode 100644
index 0000000..5a1b479
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/data/passwd.out
@@ -0,0 +1,20 @@
+root P 07/27/2005 0 99999 7 -1
+daemon L 07/13/2005 0 99999 7 -1
+bin L 07/13/2005 0 99999 7 -1
+sys L 07/13/2005 0 99999 7 -1
+sync L 07/13/2005 0 99999 7 -1
+games L 07/13/2005 0 99999 7 -1
+man L 07/13/2005 0 99999 7 -1
+lp L 07/13/2005 0 99999 7 -1
+mail L 07/13/2005 0 99999 7 -1
+news L 07/13/2005 0 99999 7 -1
+uucp L 07/13/2005 0 99999 7 -1
+proxy L 07/13/2005 0 99999 7 -1
+www-data L 07/13/2005 0 99999 7 -1
+backup L 07/13/2005 0 99999 7 -1
+list L 07/13/2005 0 99999 7 -1
+irc L 07/13/2005 0 99999 7 -1
+gnats L 07/13/2005 0 99999 7 -1
+nobody L 07/13/2005 0 99999 7 -1
+Debian-exim L 07/13/2005 0 99999 7 -1
+foo L 07/14/2005 0 99999 7 -1
diff --git a/tests/passwd/16_passwd_-S-a_root/passwd.test b/tests/passwd/16_passwd_-S-a_root/passwd.test
new file mode 100755
index 0000000..1b64c53
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/passwd.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+echo -n "passwd -S -a..."
+passwd -S -a > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/group b/tests/passwd/17_passwd_root_change_password/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/gshadow b/tests/passwd/17_passwd_root_change_password/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/pam.d/common-password b/tests/passwd/17_passwd_root_change_password/config/etc/pam.d/common-password
new file mode 100644
index 0000000..38bce56
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords. Without this option,
+# the default is Unix crypt. Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/passwd b/tests/passwd/17_passwd_root_change_password/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/shadow b/tests/passwd/17_passwd_root_change_password/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/17_passwd_root_change_password/data/shadow b/tests/passwd/17_passwd_root_change_password/data/shadow
new file mode 100644
index 0000000..6731888
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/data/shadow
@@ -0,0 +1,20 @@
+root:@PASS_MD5 rootpassword@:@TODAY@:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/17_passwd_root_change_password/passwd.exp b/tests/passwd/17_passwd_root_change_password/passwd.exp
new file mode 100755
index 0000000..2696ffb
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/passwd.exp
@@ -0,0 +1,22 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "passwd\r"
+expect "Enter new UNIX password: "
+send "rootpassword\r"
+expect "Retype new UNIX password: "
+send "rootpassword\r"
+expect "passwd: password updated successfully"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/passwd/17_passwd_root_change_password/passwd.test b/tests/passwd/17_passwd_root_change_password/passwd.test
new file mode 100755
index 0000000..e181273
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/passwd.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can change her password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./passwd.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/group b/tests/passwd/18_passwd_root_change_password_user/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/gshadow b/tests/passwd/18_passwd_root_change_password_user/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/pam.d/common-password b/tests/passwd/18_passwd_root_change_password_user/config/etc/pam.d/common-password
new file mode 100644
index 0000000..442182a
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords. Without this option,
+# the default is Unix crypt. Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/passwd b/tests/passwd/18_passwd_root_change_password_user/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/shadow b/tests/passwd/18_passwd_root_change_password_user/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/18_passwd_root_change_password_user/data/shadow b/tests/passwd/18_passwd_root_change_password_user/data/shadow
new file mode 100644
index 0000000..30ac54d
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES foopassword@:@TODAY@:0:99999:7:::
diff --git a/tests/passwd/18_passwd_root_change_password_user/passwd.exp b/tests/passwd/18_passwd_root_change_password_user/passwd.exp
new file mode 100755
index 0000000..5150c6a
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/passwd.exp
@@ -0,0 +1,22 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "passwd foo\r"
+expect "Enter new UNIX password: "
+send "foopassword\r"
+expect "Retype new UNIX password: "
+send "foopassword\r"
+expect "passwd: password updated successfully"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/passwd/18_passwd_root_change_password_user/passwd.test b/tests/passwd/18_passwd_root_change_password_user/passwd.test
new file mode 100755
index 0000000..e181273
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/passwd.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can change her password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./passwd.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/group b/tests/passwd/19_passwd_user_change_password/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/gshadow b/tests/passwd/19_passwd_user_change_password/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/pam.d/common-password b/tests/passwd/19_passwd_user_change_password/config/etc/pam.d/common-password
new file mode 100644
index 0000000..a0d4283
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords. Without this option,
+# the default is Unix crypt. Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha256
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/passwd b/tests/passwd/19_passwd_user_change_password/config/etc/passwd
new file mode 100644
index 0000000..82223ff
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/bash
diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/shadow b/tests/passwd/19_passwd_user_change_password/config/etc/shadow
new file mode 100644
index 0000000..18a7168
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7:::
diff --git a/tests/passwd/19_passwd_user_change_password/data/shadow b/tests/passwd/19_passwd_user_change_password/data/shadow
new file mode 100644
index 0000000..a638637
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 password-foo@:@TODAY@:0:99999:7:::
diff --git a/tests/passwd/19_passwd_user_change_password/passwd.exp b/tests/passwd/19_passwd_user_change_password/passwd.exp
new file mode 100755
index 0000000..6a3f1b6
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/passwd.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+send "su -l foo\r"
+expect "$ "
+send "id\r"
+expect "uid=1000(foo) gid=1000(foo) groups=1000(foo)"
+
+send "passwd\r"
+expect "Changing password for foo."
+expect "(current) UNIX password: "
+send "foopassword\r"
+expect "Enter new UNIX password: "
+send "password-foo\r"
+expect "Retype new UNIX password: "
+send "password-foo\r"
+expect "passwd: password updated successfully"
+expect "$ "
+send "echo \$?\r"
+expect "0"
+expect "$ "
+send "exit\r"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/passwd/19_passwd_user_change_password/passwd.test b/tests/passwd/19_passwd_user_change_password/passwd.test
new file mode 100755
index 0000000..e181273
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/passwd.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can change her password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./passwd.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/group b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/gshadow b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/pam.d/common-password b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords. Without this option,
+# the default is Unix crypt. Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/passwd b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/passwd
new file mode 100644
index 0000000..82223ff
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/bash
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/shadow b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/shadow
new file mode 100644
index 0000000..18a7168
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7:::
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/data/shadow b/tests/passwd/20_passwd_user_change_password_same_user/data/shadow
new file mode 100644
index 0000000..542ae82
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA512 password-foo@:@TODAY@:0:99999:7:::
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/passwd.exp b/tests/passwd/20_passwd_user_change_password_same_user/passwd.exp
new file mode 100755
index 0000000..70d4b80
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/passwd.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+send "su -l foo\r"
+expect "$ "
+send "id\r"
+expect "uid=1000(foo) gid=1000(foo) groups=1000(foo)"
+
+send "passwd foo\r"
+expect "Changing password for foo."
+expect "(current) UNIX password: "
+send "foopassword\r"
+expect "Enter new UNIX password: "
+send "password-foo\r"
+expect "Retype new UNIX password: "
+send "password-foo\r"
+expect "passwd: password updated successfully"
+expect "$ "
+send "echo \$?\r"
+expect "0"
+expect "$ "
+send "exit\r"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/passwd.test b/tests/passwd/20_passwd_user_change_password_same_user/passwd.test
new file mode 100755
index 0000000..e181273
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/passwd.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can change her password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./passwd.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/group b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/group
new file mode 100644
index 0000000..fb4f67e
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo1:x:1001:
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/gshadow b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/gshadow
new file mode 100644
index 0000000..3e73b5a
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo1:*::
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/passwd b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/passwd
new file mode 100644
index 0000000..54cce8e
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/bash
+foo1:x:1001:1001:::/bin/bash
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/shadow b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/shadow
new file mode 100644
index 0000000..4f88f0c
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7:::
+foo1:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7:::
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/data/passwd.err b/tests/passwd/21_passwd_user_change_password_other_user/data/passwd.err
new file mode 100644
index 0000000..5b45f51
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/data/passwd.err
@@ -0,0 +1 @@
+passwd: You may not view or modify password information for foo1.
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/passwd.test b/tests/passwd/21_passwd_user_change_password_other_user/passwd.test
new file mode 100755
index 0000000..bcb0a10
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/passwd.test
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can change her password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+su -l foo -c "passwd foo1" 2>tmp/passwd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/passwd.err tmp/passwd.err
+echo "error message OK."
+rm -f tmp/passwd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/22_passwd_usage/config.txt b/tests/passwd/22_passwd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/passwd/22_passwd_usage/config/etc/group b/tests/passwd/22_passwd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/passwd/22_passwd_usage/config/etc/gshadow b/tests/passwd/22_passwd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/passwd/22_passwd_usage/config/etc/passwd b/tests/passwd/22_passwd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/passwd/22_passwd_usage/config/etc/shadow b/tests/passwd/22_passwd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/passwd/22_passwd_usage/data/usage.out b/tests/passwd/22_passwd_usage/data/usage.out
new file mode 100644
index 0000000..21552fe
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/data/usage.out
@@ -0,0 +1,22 @@
+Usage: passwd [options] [LOGIN]
+
+Options:
+ -a, --all report password status on all accounts
+ -d, --delete delete the password for the named account
+ -e, --expire force expire the password for the named account
+ -h, --help display this help message and exit
+ -k, --keep-tokens change password only if expired
+ -i, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -l, --lock lock the password of the named account
+ -n, --mindays MIN_DAYS set minimum number of days before password
+ change to MIN_DAYS
+ -q, --quiet quiet mode
+ -r, --repository REPOSITORY change password in REPOSITORY repository
+ -R, --root CHROOT_DIR directory to chroot into
+ -S, --status report password status on the named account
+ -u, --unlock unlock the password of the named account
+ -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
+ -x, --maxdays MAX_DAYS set maximum number of days before password
+ change to MAX_DAYS
+
diff --git a/tests/passwd/22_passwd_usage/passwd.test b/tests/passwd/22_passwd_usage/passwd.test
new file mode 100755
index 0000000..077ec90
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/passwd.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get passwd usage (passwd -h)..."
+passwd -h >tmp/usage.out
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/run_all b/tests/run_all
new file mode 100755
index 0000000..c5517d5
--- /dev/null
+++ b/tests/run_all
@@ -0,0 +1,1305 @@
+#!/bin/sh
+
+set -e
+
+export LC_ALL=C
+unset LANG
+unset LANGUAGE
+. common/config.sh
+
+USE_PAM="yes"
+FAILURE_TESTS="yes"
+
+succeded=0
+failed=0
+failed_tests=""
+
+run_test()
+{
+ [ -f RUN_TEST.STOP ] && exit 1
+
+ if $1 > $1.log
+ then
+ succeded=$((succeded+1))
+ echo -n "+"
+ else
+ failed=$((failed+1))
+ failed_tests="$failed_tests $1"
+ echo -n "-"
+ fi
+ cat $1.log >> testsuite.log
+ [ -f /etc/passwd.lock ] && echo $1 /etc/passwd.lock || true
+ [ -f /etc/group.lock ] && echo $1 /etc/group.lock || true
+ [ -f /etc/shadow.lock ] && echo $1 /etc/shadow.lock || true
+ [ -f /etc/gshadow.lock ] && echo $1 /etc/gshadow.lock || true
+ if [ "$(stat -c"%G" /etc/shadow)" != "shadow" ]
+ then
+ echo $1
+ ls -l /etc/shadow
+ chgrp shadow /etc/shadow
+ fi
+ if [ -d /nonexistent ]
+ then
+ echo $1 /nonexistent
+ rmdir /nonexistent
+ fi
+}
+
+echo "+: test passed"
+echo "-: test failed"
+
+# Empty the complete log.
+> testsuite.log
+
+find ${build_path} -name "*.gcda" -delete
+run_test ./su/01/su_root.test
+run_test ./su/01/su_user.test
+find ${build_path} -name "*.gcda" -exec chmod a+rw {} \;
+run_test ./su/02/env_FOO-options_--login
+run_test ./su/02/env_FOO-options_--login_bash
+run_test ./su/02/env_FOO-options_--preserve-environment
+run_test ./su/02/env_FOO-options_--preserve-environment_bash
+run_test ./su/02/env_FOO-options_-
+run_test ./su/02/env_FOO-options_-_bash
+run_test ./su/02/env_FOO-options_-l-m
+run_test ./su/02/env_FOO-options_-l-m_bash
+run_test ./su/02/env_FOO-options_-l
+run_test ./su/02/env_FOO-options_-l_bash
+run_test ./su/02/env_FOO-options_-m_bash
+run_test ./su/02/env_FOO-options_-m
+run_test ./su/02/env_FOO-options_-p
+run_test ./su/02/env_FOO-options_-p_bash
+run_test ./su/02/env_FOO-options__bash
+run_test ./su/02/env_FOO-options_
+run_test ./su/02/env_FOO-options_-p-
+run_test ./su/02/env_FOO-options_-p-_bash
+run_test ./su/02/env_special-options_-l-p
+run_test ./su/02/env_special-options_-l
+run_test ./su/02/env_special-options_-l-p_bash
+run_test ./su/02/env_special-options_-l_bash
+run_test ./su/02/env_special-options_-p
+run_test ./su/02/env_special-options_-p_bash
+run_test ./su/02/env_special-options_
+run_test ./su/02/env_special-options__bash
+run_test ./su/02/env_special_root-options_-l-p
+run_test ./su/02/env_special_root-options_-l-p_bash
+run_test ./su/02/env_special_root-options_-l
+run_test ./su/02/env_special_root-options_-l_bash
+run_test ./su/02/env_special_root-options_-p
+run_test ./su/02/env_special_root-options_-p_bash
+run_test ./su/02/env_special_root-options_
+run_test ./su/02/env_special_root-options__bash
+run_test ./su/03/su_run_command01.test
+run_test ./su/03/su_run_command02.test
+run_test ./su/03/su_run_command03.test
+run_test ./su/03/su_run_command04.test
+run_test ./su/03/su_run_command05.test
+run_test ./su/03/su_run_command06.test
+run_test ./su/03/su_run_command07.test
+run_test ./su/03/su_run_command08.test
+run_test ./su/03/su_run_command09.test
+run_test ./su/03/su_run_command10.test
+run_test ./su/03/su_run_command11.test
+run_test ./su/03/su_run_command12.test
+run_test ./su/03/su_run_command13.test
+run_test ./su/03/su_run_command14.test
+run_test ./su/03/su_run_command15.test
+run_test ./su/03/su_run_command16.test
+run_test ./su/03/su_run_command17.test
+run_test ./su/04/su_wrong_user.test
+run_test ./su/04/su_user_wrong_passwd.test
+run_test ./su/04/su_user_wrong_passwd_syslog.test
+run_test ./su/05/su_user_wrong_passwd_syslog.test
+run_test ./su/06/su_user_syslog.test
+run_test ./su/07/su_user_syslog.test
+run_test ./su/08/env_special-options_
+run_test ./su/08/env_special_root-options_
+run_test ./su/09/env_special-options_
+run_test ./su/09/env_special_root-options_
+run_test ./su/10_su_sulog_success/su.test
+run_test ./su/11_su_sulog_failure/su.test
+run_test ./su/12_su_child_failure/su.test
+run_test ./su/13_su_child_success/su.test
+run_test ./chage/01/run
+find ${build_path} -name "*.gcda" -exec chmod a+rw {} \;
+run_test ./chage/02/run
+run_test ./chage/03_chsh_usage/chage.test
+run_test ./chage/04_chsh_usage_invalid_option/chage.test
+run_test ./chage/05_chsh_usage_2_users/chage.test
+run_test ./chage/06_chsh_usage_no_users/chage.test
+run_test ./chage/07_chsh_usage-l_exclusive/chage.test
+run_test ./chage/08_chsh_usage_invalid_date/chage.test
+run_test ./chage/09_chsh_usage_invalid_numeric_arg/chage.test
+run_test ./chage/10_chsh-l/chage.test
+run_test ./chage/11_chsh_usage_invalid_user/chage.test
+run_test ./chage/12_chsh_usage-l_invalid_user2/chage.test
+run_test ./chage/13_chsh_locked_passwd/chage.test
+run_test ./chage/14_chsh_locked_shadow/chage.test
+run_test ./chage/15_chage-I_no_shadow_entry/chage.test
+run_test ./chage/16_chage-m_no_shadow_entry/chage.test
+run_test ./chage/17_chage-M_no_shadow_entry/chage.test
+run_test ./chage/18_chage-d_no_shadow_entry/chage.test
+run_test ./chage/19_chage-W_no_shadow_entry/chage.test
+run_test ./chage/20_chage-E_no_shadow_entry/chage.test
+run_test ./chage/21_chage_no_shadow_file/chage.test
+run_test ./chage/22_chage_myuser-l/chage.test
+run_test ./chage/23_chage_myuser-I/chage.test
+run_test ./chage/24_chage_myuser-l_other/chage.test
+run_test ./chage/25_chage_interractive/chage.test
+run_test ./chage/26_chage_interractive_date_0/chage.test
+run_test ./chage/27_chage_interractive_date_-1/chage.test
+run_test ./chage/28_chage_interractive_date_EPOCH/chage.test
+run_test ./chage/29_chage_interractive_date_pre-EPOCH/chage.test
+run_test ./chage/30_chage_interractive_date_pre-EPOCH2/chage.test
+run_test ./chage/31_chage_interractive_date_invalid/chage.test
+run_test ./chage/32_chage_interractive_date_invalid2/chage.test
+run_test ./chage/33_chage_interractive-W_invalid1/chage.test
+run_test ./chage/34_chage_interractive-W_invalid2/chage.test
+run_test ./chage/35_chage_interractive-W-1/chage.test
+run_test ./chage/36_chage_interractive-I_invalid1/chage.test
+run_test ./chage/37_chage_interractive-I_invalid2/chage.test
+run_test ./chage/38_chage_interractive-I-1/chage.test
+run_test ./chage/39_chage_interractive-d-1/chage.test
+run_test ./chsh/01/run
+run_test ./chsh/02_chsh_usage/chsh.test
+run_test ./chsh/03_chsh_usage_invalid_option/chsh.test
+run_test ./chsh/04_chsh_usage_2_users/chsh.test
+run_test ./chsh/05_chsh_myuser_restricted_shell/chsh.test
+run_test ./chsh/06_chsh_myuser_non_restricted_shell/chsh.test
+run_test ./chsh/07_chsh_usage_invalid_user/chsh.test
+run_test ./chsh/08_chsh_myuser_to_restricted_shell/chsh.test
+run_test ./chsh/09_chsh_myuser_to_missing_shell/chsh.test
+run_test ./chsh/10_chsh_myuser_to_non_executable_shell/chsh.test
+run_test ./chsh/11_chsh_auth_failure/chsh.test
+run_test ./chsh/12_chsh_warning_missing_shell/chsh.test
+run_test ./chsh/13_chsh_warning_non_executable/chsh.test
+run_test ./chsh/14_chsh_locked_passwd/chsh.test
+run_test ./chsh/15_chsh_PAM_error/chsh.test
+run_test ./chroot/chage/01_chage--root/chage.test
+run_test ./chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test
+run_test ./chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test
+run_test ./chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test
+run_test ./chroot/chsh/01_chsh--root/chsh.test
+run_test ./chroot/gpasswd/01_gpasswd--root/gpasswd.test
+run_test ./chroot/groupadd/01_groupadd--root/groupadd.test
+run_test ./chroot/groupdel/01_groupdel--root/groupdel.test
+run_test ./chroot/groupmod/01_groupmod--root/groupmod.test
+run_test ./chroot/grpck/01_grpck--root/grpck.test
+run_test ./chroot/grpconv/01_grpconv--root/grpconv.test
+run_test ./chroot/grpunconv/01_grpunconv--root/grpunconv.test
+run_test ./chroot/lastlog/01_lastlog--root/lastlog.test
+run_test ./chroot/login/01_login_sublogin/login.test
+run_test ./chroot/pwck/01_pwck--root/pwck.test
+run_test ./chroot/pwconv/01_pwconv--root/pwconv.test
+run_test ./chroot/pwunconv/01_pwunconv--root/pwunconv.test
+run_test ./chroot/useradd/01_useradd--root/useradd.test
+run_test ./chroot/useradd/02_useradd--root_login.defs/useradd.test
+run_test ./chroot/useradd/03_useradd--root_useradd.default/useradd.test
+run_test ./chroot/useradd/04_useradd--root_useradd-D/useradd.test
+run_test ./chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test
+run_test ./chroot/userdel/01_userdel--root/userdel.test
+run_test ./chroot/usermod/01_usermod--root/usermod.test
+run_test ./convtools/01/run
+run_test ./convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test
+run_test ./convtools/03_grpconv_copy_passwd/grpconv.test
+run_test ./convtools/04_grpconv_no_password/grpconv.test
+run_test ./convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test
+run_test ./convtools/06_grpconv_error_group_locked/grpconv.test
+run_test ./convtools/07_grpconv_error_gshadow_locked/grpconv.test
+run_test ./convtools/08_grpunconv_no_gshadow_file/grpunconv.test
+run_test ./convtools/09_grpunconv_error_group_locked/grpunconv.test
+run_test ./convtools/10_grpunconv_error_gshadow_locked/grpunconv.test
+run_test ./convtools/11_pwconv_error_passwd_locked/pwconv.test
+run_test ./convtools/12_pwconv_error_shadow_locked/pwconv.test
+run_test ./convtools/13_pwunconv_error_passwd_locked/pwunconv.test
+run_test ./convtools/14_pwunconv_error_shadow_locked/pwunconv.test
+run_test ./convtools/15_pwconv_remove_shadow_only_entries/pwconv.test
+run_test ./convtools/16_pwconv_copy_passwd/pwconv.test
+run_test ./convtools/17_pwunconv_no_shadow_file/pwunconv.test
+run_test ./convtools/18_pwunconv_user_not_in_shadow/pwunconv.test
+run_test ./convtools/19_pwconv_NIS/pwconv.test
+run_test ./convtools/20_pwunconv_usage_option/pwunconv.test
+run_test ./convtools/21_pwunconv_keep_passwd_password/pwunconv.test
+run_test ./convtools/22_grpunconv_usage_option/grpunconv.test
+run_test ./convtools/23_grpunconv_keep_group_password/grpunconv.test
+run_test ./convtools/24_grpunconv_no_gshadow_entry/grpunconv.test
+run_test ./convtools/25_pwconv_usage_option/pwconv.test
+run_test ./convtools/26_grpconv_usage_option/grpconv.test
+run_test ./convtools/27_pwunconv_usage/pwunconv.test
+run_test ./convtools/28_pwunconv_usage_extra_arg/pwunconv.test
+run_test ./convtools/29_grpconv_usage/grpconv.test
+run_test ./convtools/30_grpconv_usage_extra_arg/grpconv.test
+run_test ./convtools/31_pwconv_usage/pwconv.test
+run_test ./convtools/32_pwconv_usage_extra_arg/pwconv.test
+run_test ./convtools/33_grpunconv_usage/grpunconv.test
+run_test ./convtools/34_grpunconv_usage_extra_arg/grpunconv.test
+run_test ./cptools/02_cppw_usage/cppw.test
+run_test ./cptools/03_cppw_usage_invalid_option/cppw.test
+run_test ./cptools/04_cppw_no_file_argument/cppw.test
+run_test ./cptools/05_cppw_2_files/cppw.test
+run_test ./cptools/06_cppw_no_file/cppw.test
+run_test ./cptools/07_cppw_locked_passwd/cppw.test
+run_test ./cptools/08_cppw-p/cppw.test
+run_test ./cptools/09_cppw-g/cppw.test
+run_test ./cptools/10_cppw-g-s/cppw.test
+run_test ./cptools/11_cppw-p-s/cppw.test
+run_test ./cptools/12_cppw-s_no_shadow_file/cppw.test
+run_test ./debian/01/run
+run_test ./grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test
+run_test ./grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test
+run_test ./grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test
+run_test ./grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test
+run_test ./grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test
+run_test ./grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test
+run_test ./grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test
+run_test ./grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test
+run_test ./grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test
+run_test ./grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test
+run_test ./grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test
+run_test ./grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test
+run_test ./grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test
+run_test ./grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test
+run_test ./grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test
+run_test ./grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test
+run_test ./grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test
+run_test ./grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test
+run_test ./grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test
+run_test ./grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test
+run_test ./grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test
+run_test ./grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test
+run_test ./grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test
+run_test ./grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test
+run_test ./grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test
+run_test ./grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test
+run_test ./grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test
+run_test ./grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test
+run_test ./grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test
+run_test ./grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test
+run_test ./grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test
+run_test ./grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test
+run_test ./grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test
+run_test ./grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test
+run_test ./grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test
+run_test ./grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/61_gpasswd_usage/gpasswd.test
+run_test ./grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test
+run_test ./grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test
+run_test ./grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test
+run_test ./grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test
+run_test ./grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test
+run_test ./grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test
+run_test ./grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test
+run_test ./grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test
+run_test ./grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test
+run_test ./grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test
+run_test ./grouptools/groupadd/01_groupadd_add_group/groupadd.test
+run_test ./grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test
+run_test ./grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test
+run_test ./grouptools/groupadd/04_groupadd_set_password/groupadd.test
+run_test ./grouptools/groupadd/05_groupadd_set_GID/groupadd.test
+run_test ./grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test
+run_test ./grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/08_groupadd_locked_group/groupadd.test
+run_test ./grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test
+run_test ./grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test
+run_test ./grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test
+run_test ./grouptools/groupadd/13_groupadd_invalid_name/groupadd.test
+run_test ./grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test
+run_test ./grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test
+run_test ./grouptools/groupadd/16_groupadd_existing_group/groupadd.test
+run_test ./grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test
+run_test ./grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test
+run_test ./grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test
+run_test ./grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test
+run_test ./grouptools/groupadd/22_groupadd_usage/groupadd.test
+run_test ./grouptools/groupadd/23_groupadd_no_groups/groupadd.test
+run_test ./grouptools/groupadd/24_groupadd_2_groups/groupadd.test
+run_test ./grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test
+run_test ./grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test
+run_test ./grouptools/groupadd/27_groupadd_invalid_option/groupadd.test
+run_test ./grouptools/groupdel/01_groupdel_delete_group/groupdel.test
+run_test ./grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test
+run_test ./grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test
+run_test ./grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test
+run_test ./grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test
+run_test ./grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test
+run_test ./grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test
+run_test ./grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test
+run_test ./grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test
+run_test ./grouptools/groupdel/10_groupdel_usage/groupdel.test
+run_test ./grouptools/groupdel/11_groupdel_invalid_option/groupdel.test
+run_test ./grouptools/groupmems/01_groupmems_root_add_user/groupmems.test
+run_test ./grouptools/groupmems/02_groupmems_root_del_user/groupmems.test
+run_test ./grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test
+run_test ./grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test
+run_test ./grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test
+run_test ./grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/12_groupmems_user_add_user/groupmems.test
+run_test ./grouptools/groupmems/13_groupmems_user_del_user/groupmems.test
+run_test ./grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test
+run_test ./grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test
+run_test ./grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test
+run_test ./grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test
+run_test ./grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test
+run_test ./grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test
+run_test ./grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test
+run_test ./grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test
+run_test ./grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test
+run_test ./grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test
+run_test ./grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test
+run_test ./grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test
+run_test ./grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test
+run_test ./grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/42_groupmems_user_list_users/groupmems.test
+run_test ./grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test
+run_test ./grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test
+run_test ./grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test
+run_test ./grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/53_groupmems_usage/groupmems.test
+run_test ./grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test
+run_test ./grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test
+run_test ./grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test
+run_test ./grouptools/groupmems/57_groupmems_authentication/groupmems.test
+run_test ./grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test
+run_test ./grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test
+run_test ./grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test
+run_test ./grouptools/groupmod/01_groupmod_change_gid/groupmod.test
+run_test ./grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test
+run_test ./grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test
+run_test ./grouptools/groupmod/06_groupmod_change_group_name/groupmod.test
+run_test ./grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/09_groupmod_set_password/groupmod.test
+run_test ./grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test
+run_test ./grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test
+run_test ./grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test
+run_test ./grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test
+run_test ./grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test
+run_test ./grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test
+run_test ./grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test
+run_test ./grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test
+run_test ./grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test
+run_test ./grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test
+run_test ./grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test
+run_test ./grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test
+run_test ./grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test
+run_test ./grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test
+run_test ./grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test
+run_test ./grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test
+run_test ./grouptools/groupmod/28_groupmod_usage/groupmod.test
+run_test ./grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test
+run_test ./grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test
+run_test ./grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test
+run_test ./grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test
+run_test ./grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test
+run_test ./grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test
+run_test ./grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/37_groupmod_invalid_option/groupmod.test
+run_test ./log/faillog/01_faillog_no_faillog/faillog.test
+run_test ./log/faillog/02_faillog_usage/faillog.test
+run_test ./log/faillog/03_faillog_format/faillog.test
+run_test ./log/faillog/04_faillog_mulitple/faillog.test
+run_test ./log/faillog/05_faillog-u_ID/faillog.test
+run_test ./log/faillog/06_faillog-u_name/faillog.test
+run_test ./log/faillog/07_faillog-u_ID_invalid/faillog.test
+run_test ./log/faillog/08_faillog-u_name_invalid/faillog.test
+run_test ./log/faillog/09_faillog-u_range/faillog.test
+run_test ./log/faillog/10_faillog-u_open_range/faillog.test
+run_test ./log/faillog/11_faillog-u_range_open/faillog.test
+run_test ./log/faillog/12_faillog-u_range_invalid1/faillog.test
+run_test ./log/faillog/13_faillog-u_range_invalid2/faillog.test
+run_test ./log/faillog/14_faillog-u_range_invalid3/faillog.test
+run_test ./log/faillog/15_faillog_bad_option/faillog.test
+run_test ./log/faillog/16_faillog_extra_arg/faillog.test
+run_test ./log/faillog/17_faillog-t/faillog.test
+run_test ./log/faillog/18_faillog-t_invalid/faillog.test
+run_test ./log/faillog/19_faillog_multiple_same_user/faillog.test
+run_test ./log/faillog/20_faillog-r-u/faillog.test
+run_test ./log/faillog/21_faillog-r-u_range/faillog.test
+run_test ./log/faillog/22_faillog_removed_user/faillog.test
+run_test ./log/faillog/23_faillog-a_removed_user/faillog.test
+run_test ./log/faillog/24_faillog-u_removed_user/faillog.test
+run_test ./log/faillog/25_faillog-r-u_removed_user/faillog.test
+run_test ./log/faillog/26_faillog-r-u_range_removed_user/faillog.test
+run_test ./log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test
+run_test ./log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test
+run_test ./log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test
+run_test ./log/faillog/30_faillog-r/faillog.test
+run_test ./log/faillog/31_faillog-r-u_open_range/faillog.test
+run_test ./log/faillog/32_faillog-l/faillog.test
+run_test ./log/faillog/33_faillog-l-u_user/faillog.test
+run_test ./log/faillog/34_faillog-l-u_range/faillog.test
+run_test ./log/faillog/35_faillog-l-u_open_range/faillog.test
+run_test ./log/faillog/36_faillog-l-u_range_open/faillog.test
+run_test ./log/faillog/37_faillog-l-a-u_user/faillog.test
+run_test ./log/faillog/38_faillog-l-a-u_range/faillog.test
+run_test ./log/faillog/39_faillog-l-a-u_open_range/faillog.test
+run_test ./log/faillog/40_faillog-l-a-u_range_open/faillog.test
+run_test ./log/faillog/41_faillog-l_invalid/faillog.test
+run_test ./log/faillog/42_faillog-m/faillog.test
+run_test ./log/faillog/43_faillog-m-u_user/faillog.test
+run_test ./log/faillog/44_faillog-m-u_range/faillog.test
+run_test ./log/faillog/45_faillog-m-u_open_range/faillog.test
+run_test ./log/faillog/46_faillog-m-u_range_open/faillog.test
+run_test ./log/faillog/47_faillog-m-a-u_user/faillog.test
+run_test ./log/faillog/48_faillog-m-a-u_range/faillog.test
+run_test ./log/faillog/49_faillog-m-a-u_open_range/faillog.test
+run_test ./log/faillog/50_faillog-m-a-u_range_open/faillog.test
+run_test ./log/faillog/51_faillog-m_invalid/faillog.test
+run_test ./log/faillog/52_faillog-t-l_exclusive/faillog.test
+run_test ./log/faillog/53_faillog-t-m_exclusive/faillog.test
+run_test ./log/faillog/54_faillog-t-r_exclusive/faillog.test
+run_test ./log/faillog/55_faillog_no_changes/faillog.test
+run_test ./log/faillog/56_faillog-l-m_empty_file/faillog.test
+run_test ./log/faillog/57_faillog-r_empty_file/faillog.test
+run_test ./log/faillog/58_faillog-l_no_failcount/faillog.test
+run_test ./log/lastlog/01_lastlog_no_lastlog/lastlog.test
+run_test ./log/lastlog/02_lastlog_usage/lastlog.test
+run_test ./log/lastlog/03_lastlog_format/lastlog.test
+run_test ./log/lastlog/04_lastlog_mulitple/lastlog.test
+run_test ./log/lastlog/05_lastlog-u_ID/lastlog.test
+run_test ./log/lastlog/06_lastlog-u_name/lastlog.test
+run_test ./log/lastlog/07_lastlog-u_ID_invalid/lastlog.test
+run_test ./log/lastlog/08_lastlog-u_name_invalid/lastlog.test
+run_test ./log/lastlog/09_lastlog-u_range/lastlog.test
+run_test ./log/lastlog/10_lastlog-u_open_range/lastlog.test
+run_test ./log/lastlog/11_lastlog-u_range_open/lastlog.test
+run_test ./log/lastlog/12_lastlog-u_range_invalid1/lastlog.test
+run_test ./log/lastlog/13_lastlog-u_range_invalid2/lastlog.test
+run_test ./log/lastlog/14_lastlog-u_range_invalid3/lastlog.test
+run_test ./log/lastlog/15_lastlog_bad_option/lastlog.test
+run_test ./log/lastlog/16_lastlog_extra_arg/lastlog.test
+run_test ./log/lastlog/17_lastlog-t/lastlog.test
+run_test ./log/lastlog/18_lastlog-b/lastlog.test
+run_test ./log/lastlog/19_lastlog-t_invalid/lastlog.test
+run_test ./log/lastlog/20_lastlog-b_invalid/lastlog.test
+run_test ./usertools/01/01_useradd_add_user.test
+run_test ./usertools/01/01_userdel_delete_user.test
+run_test ./usertools/01/02_useradd_recreate_deleted_user.test
+run_test ./usertools/01/03_useradd_additional_options.test
+run_test ./usertools/01/04_useradd_add_user_with_existing_UID_fail.test
+run_test ./usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test
+run_test ./usertools/01/04_useradd_specified_UID.test
+run_test ./usertools/01/04_useradd_specified_UID_and_GID.test
+run_test ./usertools/01/04_userdel_delete_user_with_non_unique_UID.test
+run_test ./usertools/01/05_useradd_invalid_numeric_primary_group.test
+run_test ./usertools/01/06_useradd_invalid_named_primary_group.test
+run_test ./usertools/01/07_useradd_numerical_primary_group.test
+run_test ./usertools/01/08_useradd_named_primary_group.test
+run_test ./usertools/01/09_usermod_change_user_info.test
+run_test ./usertools/01/10_usermod_rename_user.test
+run_test ./usertools/01/10_usermod_rename_user_in_group.test
+run_test ./usertools/01/11_usermod_change_password.test
+run_test ./usertools/01/11_usermod_lock_password.test
+run_test ./usertools/01/11_usermod_unlock_empty_password.test
+run_test ./usertools/01/11_usermod_unlock_password.test
+run_test ./usertools/01/12_usermod_change_gid_name.test
+run_test ./usertools/01/12_usermod_change_gid_number.test
+run_test ./usertools/01/13_useradd_negative_UID.test
+run_test ./usertools/01/14_useradd_out_of_range_UID.test
+run_test ./usertools/01/15_useradd_specified_large_UID.test
+run_test ./usertools/01/16_useradd_add_user_to_multiple_groups.test
+run_test ./usertools/01/16_useradd_add_user_to_one_group.test
+run_test ./usertools/01/17_useradd_create_homedir.test
+run_test ./usertools/01/18_userdel_remove_homedir.test
+run_test ./usertools/01/19_userdel_delete_user_in_group.test
+run_test ./usertools/01/20_usermod_change_homedir.test
+run_test ./usertools/01/21_usermod_change_and_move_homedir.test
+run_test ./usertools/01/22_usermod_new_groups.test
+run_test ./usertools/01/23_usermod_add_groups.test
+run_test ./usertools/01/24_usermod_new_groups_remove_old_groups.test
+run_test ./usertools/01/25_useradd_specified_large_UID2.test
+run_test ./usertools/01/26_useradd_UID_-1.test
+run_test ./usertools/02/useradd_default_default_values.test
+run_test ./usertools/02/useradd_get_default_values.test
+run_test ./usertools/02/useradd_change_default_INACTIVE.test
+run_test ./usertools/02/useradd_change_default_SHELL.test
+run_test ./usertools/02/useradd_change_default_EXPIRE.test
+run_test ./usertools/02/useradd_change_default_GROUP.test
+run_test ./usertools/02/useradd_change_default_HOME.test
+run_test ./usertools/02/useradd_change_defaults.test
+run_test ./usertools/03/useradd_change_defaults.test
+run_test ./usertools/04/01_useradd_add_user.test
+run_test ./usertools/05_userdel_del_from_group_members/userdel.test
+run_test ./usertools/06_userdel_del_from_gshadow_members/userdel.test
+run_test ./usertools/07_userdel_del_from_gshadow_admins/userdel.test
+run_test ./usertools/08_userdel_del_from_group_and_gshadow/userdel.test
+run_test ./usertools/09_userdel_del_homedir/userdel.test
+run_test ./usertools/10_userdel_del_homedir_wrong_owner/userdel.test
+run_test ./usertools/11_usermod_move_homedir/usermod.test
+run_test ./usertools/12_usermod_move_homedir_dev_null/usermod.test
+run_test ./usertools/13_usermod_move_homedir_file/usermod.test
+run_test ./usertools/14_usermod_move_homedir_other_device/usermod.test
+run_test ./usertools/15_usermod_change_supplementary_groups/usermod.test
+run_test ./usertools/16_usermod_remove_supplementary_groups/usermod.test
+run_test ./usertools/17_usermod_change_supplementary_groups_numerical/usermod.test
+run_test ./usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test
+run_test ./usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test
+run_test ./usertools/20_usermod_rename_user_in_member_lists/usermod.test
+run_test ./usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test
+run_test ./usertools/22_usermod-a_existing_supplementary_group/usermod.test
+run_test ./usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test
+run_test ./usertools/24_usermod_locked_passwd/usermod.test
+run_test ./usertools/25_usermod-G_locked_group/usermod.test
+run_test ./usertools/26_usermod_locked_shadow/usermod.test
+run_test ./usertools/27_usermod-G_locked_gshadow/usermod.test
+run_test ./usertools/28_usermod-c_locked_group/usermod.test
+run_test ./usertools/29_usermod-c_locked_gshadow/usermod.test
+run_test ./usertools/30_usermod-l_locked_group/usermod.test
+run_test ./usertools/31_usermod-l_locked_gshadow/usermod.test
+run_test ./usertools/32_usermod-u_new_UID/usermod.test
+run_test ./usertools/33_usermod-u_existing_UID/usermod.test
+run_test ./usertools/34_usermod-u-o_existing_UID/usermod.test
+run_test ./usertools/35_usermod-u_invalid_UID/usermod.test
+run_test ./usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test
+run_test ./usertools/37_Debian_Bug_470745/usermod.test
+run_test ./usertools/38_usermod_invalid_user/usermod.test
+run_test ./usertools/39_usermod_-c_invalid_comment/usermod.test
+run_test ./usertools/40_usermod_-d_invalid_homedir/usermod.test
+run_test ./usertools/41_usermod_-d_invalid_shell/usermod.test
+run_test ./usertools/42_usermod_-g_invalid_group_name/usermod.test
+run_test ./usertools/43_usermod_-g_invalid_group_ID/usermod.test
+run_test ./usertools/44_usermod-l_existing_username/usermod.test
+run_test ./usertools/45_usermod-l_existing_username_passwd/usermod.test
+run_test ./usertools/46_usermod-l_existing_username_shadow/usermod.test
+run_test ./usertools/47_usermod-l_no_shadow_file/usermod.test
+run_test ./usertools/48_userdel_keep_group_if_primary_other_user/userdel.test
+run_test ./usertools/49_userdel_delete_users_group/userdel.test
+run_test ./usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test
+run_test ./usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test
+run_test ./usertools/52_userdel_delete_user_no_shadow_entry/userdel.test
+run_test ./usertools/53_userdel_delete_user_no_shadow_file/userdel.test
+run_test ./usertools/54_usermod-u_invalid_UID_4294967295/usermod.test
+run_test ./usertools/55_userdel_busy_user/userdel.test
+run_test ./usertools/56_userdel_locked_passwd/userdel.test
+run_test ./usertools/57_userdel_locked_group/userdel.test
+run_test ./usertools/58_userdel_locked_shadow/userdel.test
+run_test ./usertools/59_userdel_locked_gshadow/userdel.test
+run_test ./usertools/60_userdel_invalid_user/userdel.test
+run_test ./usertools/61_userdel_del_homedir_with_symlinks/userdel.test
+if [ "$USE_PAM" = "yes" ]; then
+ run_test ./usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test
+else
+ run_test ./usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test
+ run_test ./usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test
+ run_test ./usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test
+ run_test ./usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test
+ run_test ./usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test
+fi
+run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
+run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
+run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
+run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
+run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
+run_test ./usertools/useradd/01_useradd_usage/useradd.test
+run_test ./usertools/useradd/02_useradd_usage_invalid_option/useradd.test
+run_test ./usertools/useradd/03_useradd_usage_no_users/useradd.test
+run_test ./usertools/useradd/04_useradd_usage_2_users/useradd.test
+run_test ./usertools/useradd/05_useradd_usage-b_invalid1/useradd.test
+run_test ./usertools/useradd/06_useradd_usage-b_invalid2/useradd.test
+run_test ./usertools/useradd/07_useradd_usage-b_invalid3/useradd.test
+run_test ./usertools/useradd/08_useradd_usage-c_invalid1/useradd.test
+run_test ./usertools/useradd/09_useradd_usage-c_invalid2/useradd.test
+run_test ./usertools/useradd/10_useradd_usage-d_invalid1/useradd.test
+run_test ./usertools/useradd/11_useradd_usage-d_invalid2/useradd.test
+run_test ./usertools/useradd/12_useradd_usage-d_invalid3/useradd.test
+run_test ./usertools/useradd/13_useradd_usage-e_invalid1/useradd.test
+run_test ./usertools/useradd/14_useradd_usage-e_invalid2/useradd.test
+run_test ./usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test
+run_test ./usertools/useradd/16_useradd_usage-f_invalid1/useradd.test
+run_test ./usertools/useradd/17_useradd_usage-f_invalid2/useradd.test
+run_test ./usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test
+run_test ./usertools/useradd/19_useradd_usage-K_invalid1/useradd.test
+run_test ./usertools/useradd/20_useradd_usage-O_invalid2/useradd.test
+run_test ./usertools/useradd/21_useradd_usage-p_invalid1/useradd.test
+run_test ./usertools/useradd/22_useradd_usage-p_invalid2/useradd.test
+run_test ./usertools/useradd/23_useradd_usage-s_invalid1/useradd.test
+run_test ./usertools/useradd/24_useradd_usage-s_invalid2/useradd.test
+run_test ./usertools/useradd/25_useradd_usage-s_invalid3/useradd.test
+run_test ./usertools/useradd/26_useradd_usage-o_without-u/useradd.test
+run_test ./usertools/useradd/27_useradd_usage-k_without-m/useradd.test
+run_test ./usertools/useradd/28_useradd_usage-U_with-g/useradd.test
+run_test ./usertools/useradd/29_useradd_usage-U_with-N/useradd.test
+run_test ./usertools/useradd/30_useradd_usage-m_with-M/useradd.test
+run_test ./usertools/useradd/31_useradd_usage_user_with-D/useradd.test
+run_test ./usertools/useradd/32_useradd_usage-D_with_other/useradd.test
+run_test ./usertools/useradd/33_useradd_usage_invalid_username/useradd.test
+run_test ./usertools/useradd/35_useradd_default_GROUP_name/useradd.test
+run_test ./usertools/useradd/34_useradd_default_GROUP_GID/useradd.test
+run_test ./usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test
+run_test ./usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test
+run_test ./usertools/useradd/38_useradd_default_INACTIVE/useradd.test
+run_test ./usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test
+run_test ./usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test
+run_test ./usertools/useradd/41_useradd_default_default_SKEL/useradd.test
+run_test ./usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test
+run_test ./usertools/useradd/43_useradd_default_no_final_eol/useradd.test
+run_test ./usertools/useradd/44_useradd_default_no_file/useradd.test
+run_test ./usertools/useradd/45_useradd-G_UID_name/useradd.test
+run_test ./usertools/useradd/46_useradd-G_UID_duplicate/useradd.test
+run_test ./usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test
+run_test ./usertools/useradd/48_useradd-G_name_duplicate/useradd.test
+run_test ./usertools/useradd/49_useradd-G_invalid_group/useradd.test
+run_test ./usertools/useradd/50_useradd-r/useradd.test
+run_test ./usertools/useradd/51_useradd_already_exist/useradd.test
+run_test ./usertools/useradd/52_useradd-U_group_already_exist/useradd.test
+run_test ./usertools/useradd/53_useradd-G_empty/useradd.test
+run_test ./usertools/useradd/54_useradd_no_shadow_file/useradd.test
+run_test ./usertools/useradd/55_useradd_no_gshadow_file/useradd.test
+run_test ./usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test
+run_test ./usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test
+run_test ./usertools/useradd/58_useradd-e_empty/useradd.test
+run_test ./usertools/useradd/59_useradd-e-1-f-1/useradd.test
+run_test ./usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test
+run_test ./usertools/useradd/61_useradd-K/useradd.test
+run_test ./usertools/useradd/62_useradd-p/useradd.test
+run_test ./usertools/useradd/63_useradd-s/useradd.test
+run_test ./usertools/useradd/64_useradd_locked_passwd/useradd.test
+run_test ./usertools/useradd/65_useradd_locked_group/useradd.test
+run_test ./usertools/useradd/66_useradd_locked_shadow/useradd.test
+run_test ./usertools/useradd/67_useradd_locked_gshadow/useradd.test
+run_test ./usertools/useradd/68_useradd-s_empty/useradd.test
+run_test ./usertools/userdel/01_userdel_usage/userdel.test
+run_test ./usertools/userdel/02_userdel_usage_invalid_option/userdel.test
+run_test ./usertools/userdel/03_userdel_usage_no_users/userdel.test
+run_test ./usertools/userdel/04_userdel_usage_2_users/userdel.test
+run_test ./usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test
+run_test ./usertools/userdel/06_userdel_no_usergroup/userdel.test
+run_test ./usertools/userdel/07_userdel_usergroup_not_primary/userdel.test
+run_test ./usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test
+run_test ./usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test
+run_test ./usertools/userdel/10_userdel_del_homedir_symlink/userdel.test
+run_test ./usertools/usermod/01_usermod-p_no_shadow_file/usermod.test
+run_test ./usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test
+run_test ./usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test
+run_test ./usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test
+run_test ./usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test
+run_test ./usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test
+run_test ./usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test
+run_test ./usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test
+run_test ./usertools/usermod/10_usermod_usage/usermod.test
+run_test ./usertools/usermod/11_usermod_usage_bad_option/usermod.test
+run_test ./usertools/usermod/12_usermod_usage_bad-f/usermod.test
+run_test ./usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test
+run_test ./usertools/usermod/14_usermod_usage_no_options/usermod.test
+run_test ./usertools/usermod/15_usermod_usage_no_user/usermod.test
+run_test ./usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test
+run_test ./usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test
+run_test ./usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test
+run_test ./usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test
+run_test ./usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test
+run_test ./usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test
+run_test ./usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test
+run_test ./usertools/usermod/23_usermod-e_date/usermod.test
+run_test ./usertools/usermod/24_usermod-e_date/usermod.test
+run_test ./usertools/usermod/25_usermod-e_empty_arg/usermod.test
+run_test ./usertools/usermod/26_usermod-e-1/usermod.test
+run_test ./usertools/usermod/27_usermod-e_invalid1/usermod.test
+run_test ./usertools/usermod/28_usermod-e_invalid2/usermod.test
+run_test ./usertools/usermod/29_usermod_no_changes/usermod.test
+run_test ./usertools/usermod/30_usermod_usage-a_without-G/usermod.test
+run_test ./usertools/usermod/31_usermod_usage-o_without-u/usermod.test
+run_test ./usertools/usermod/32_usermod_usage-m_without-d/usermod.test
+run_test ./usertools/usermod/33_usermod_change_shell/usermod.test
+run_test ./usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test
+run_test ./usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test
+run_test ./usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test
+run_test ./usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test
+run_test ./usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test
+run_test ./usertools/usermod/41_usermod-u_faillog_not_created/usermod.test
+run_test ./usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test
+run_test ./usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test
+run_test ./usertools/usermod/44_usermod-l_move_mailbox/usermod.test
+run_test ./usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test
+run_test ./usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test
+run_test ./usertools/usermod/47_usermod-u_default_maildir/usermod.test
+run_test ./usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test
+run_test ./usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test
+run_test ./usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test
+run_test ./usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test
+run_test ./usertools/usermod/52_usermod_move_homedir_symlink/usermod.test
+run_test ./cptools/01/run1
+run_test ./cptools/01/run2
+run_test ./cptools/01/run3
+run_test ./cptools/01/run4
+run_test ./cktools/01/run1
+run_test ./cktools/01/run2
+run_test ./cktools/02_pwck_sort/pwck.test
+run_test ./cktools/03_grpck_sort/grpck.test
+run_test ./cktools/04_pwck_sort_missing_shadow_user/pwck.test
+run_test ./cktools/05_grpck_sort_missing_shadow_group/grpck.test
+run_test ./cktools/06_pwck_sort_NIS_server/pwck.test
+run_test ./cktools/07_pwck_sort_NIS_client/pwck.test
+run_test ./cktools/grpck/04_grpck_missing_field_group_delete/grpck.test
+run_test ./cktools/grpck/05_grpck_missing_field_group_keep/grpck.test
+run_test ./cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test
+run_test ./cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test
+run_test ./cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test
+run_test ./cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test
+run_test ./cktools/grpck/10_grpck_missing_field_group_local/grpck.test
+run_test ./cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test
+run_test ./cktools/grpck/12_grpck_unknown_user_group/grpck.test
+run_test ./cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test
+run_test ./cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test
+run_test ./cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test
+run_test ./cktools/grpck/16_grpck_duplicate_entry_group/grpck.test
+run_test ./cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test
+run_test ./cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test
+run_test ./cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test
+run_test ./cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test
+run_test ./cktools/grpck/21_grpck_invalid_group_name/grpck.test
+run_test ./cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test
+run_test ./cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test
+run_test ./cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test
+run_test ./cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test
+run_test ./cktools/grpck/26_grpck_no_gshadow_file/grpck.test
+run_test ./cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test
+run_test ./cktools/grpck/28_grpck_usage/grpck.test
+run_test ./cktools/grpck/29_grpck_sort_readonly/grpck.test
+run_test ./cktools/grpck/30_grpck_3_files/grpck.test
+run_test ./cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test
+run_test ./cktools/grpck/32_grpck_sort_nis/grpck.test
+run_test ./cktools/grpck/33_grpck_locked_group/grpck.test
+run_test ./cktools/grpck/34_grpck_locked_gshadow/grpck.test
+run_test ./cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test
+run_test ./cktools/grpck/36_grpck_password_group_gshadow/grpck.test
+run_test ./cktools/grpck/37_grpck_invalid_option/grpck.test
+run_test ./cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test
+run_test ./cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test
+run_test ./cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test
+run_test ./cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test
+run_test ./cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test
+run_test ./cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test
+run_test ./cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test
+run_test ./cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test
+run_test ./cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test
+run_test ./cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test
+run_test ./cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test
+run_test ./cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test
+run_test ./cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test
+run_test ./cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test
+run_test ./cktools/pwck/18_pwck_invalid_user_name/pwck.test
+run_test ./cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test
+run_test ./cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test
+run_test ./cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test
+run_test ./cktools/pwck/22_pwck_usage/pwck.test
+run_test ./cktools/pwck/23_pwck_locked_passwd/pwck.test
+run_test ./cktools/pwck/24_pwck_locked_shadow/pwck.test
+run_test ./cktools/pwck/25_pwck_usage_invalid_option/pwck.test
+run_test ./cktools/pwck/26_pwck_usage-s-r/pwck.test
+run_test ./cktools/pwck/27_pwck_usage_3_files/pwck.test
+run_test ./cktools/pwck/28_pwck_no_shadow_file/pwck.test
+run_test ./cktools/pwck/29_pwck_password_change_in_future/pwck.test
+run_test ./cktools/pwck/30_pwck_NIS_entries/pwck.test
+run_test ./cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test
+run_test ./cktools/pwck/32_pwck_quiet/pwck.test
+if [ "$USE_PAM" != "yes" ]; then
+ run_test ./crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test
+ run_test ./crypt/login.defs_DES/01_chpasswd.test
+ run_test ./crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test
+ run_test ./crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test
+ run_test ./crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test
+ run_test ./crypt/login.defs_DES/05_chpasswd-e.test
+ run_test ./crypt/login.defs_DES/06_chpasswd-m.test
+fi
+run_test ./crypt/login.defs_DES/07_chgpasswd.test
+run_test ./crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test
+run_test ./crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test
+run_test ./crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test
+run_test ./crypt/login.defs_DES/11_chgpasswd-e.test
+run_test ./crypt/login.defs_DES/12_chgpasswd-m.test
+if [ "$USE_PAM" != "yes" ]; then
+ run_test ./crypt/login.defs_MD5/01_chpasswd.test
+ run_test ./crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test
+fi
+run_test ./crypt/login.defs_MD5/02_chgpasswd.test
+run_test ./crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test
+if [ "$USE_PAM" != "yes" ]; then
+ run_test ./crypt/login.defs_SHA256-round-max/01_chpasswd.test
+ run_test ./crypt/login.defs_SHA256-round-min-max/01_chpasswd.test
+ run_test ./crypt/login.defs_SHA256-round-min/01_chpasswd.test
+ run_test ./crypt/login.defs_SHA256/01_chpasswd.test
+ run_test ./crypt/login.defs_SHA512/01_chpasswd.test
+ run_test ./crypt/login.defs_none/01_chpasswd.test
+fi
+run_test ./crypt/login.defs_SHA256-round-max/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256-round-min/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA512/02_chgpasswd.test
+run_test ./crypt/login.defs_none/02_chgpasswd.test
+run_test ./newusers/01_create_user/newusers.test
+run_test ./newusers/02_update_password/newusers.test
+run_test ./newusers/03_no_update_pid/newusers.test
+run_test ./newusers/04_no_update_gid/newusers.test
+run_test ./newusers/05_create_user_pid/newusers.test
+run_test ./newusers/06_create_user_gid/newusers.test
+run_test ./newusers/07_create_user_pid_gid/newusers.test
+run_test ./newusers/08_create_user_pid_other-gid/newusers.test
+run_test ./newusers/09_create_user_pid-as-user-bar/newusers.test
+run_test ./newusers/10_create_user_gid-as-group-bar/newusers.test
+run_test ./newusers/11_update_gecos/newusers.test
+run_test ./newusers/12_update_shell/newusers.test
+run_test ./newusers/13_create_user_new-home/newusers.test
+run_test ./newusers/14_create_user_existing-home/newusers.test
+run_test ./newusers/15_update_new-home/newusers.test
+run_test ./newusers/16_update_existing-home/newusers.test
+run_test ./newusers/17_create_user_pid-already-used/newusers.test
+run_test ./newusers/18_create_user_gid-already-used/newusers.test
+run_test ./newusers/19_update_keep-old-home/newusers.test
+run_test ./newusers/20_multiple_users/newusers.test
+run_test ./newusers/21_create_user_UID_MAX/newusers.test
+run_test ./newusers/22_create_user_GID_MAX/newusers.test
+run_test ./newusers/23_create_user_error_negativ_UID/newusers.test
+run_test ./newusers/24_create_user_error_invalid_UID/newusers.test
+run_test ./newusers/25_create_user_error_no_remaining_UID/newusers.test
+run_test ./newusers/26_create_user_error_no_remaining_GID/newusers.test
+run_test ./newusers/27_create_user_error_invalid_username/newusers.test
+run_test ./newusers/28_create_user_error_invalid_groupname/newusers.test
+run_test ./newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test
+run_test ./newusers/30_create_user_different_groupname/newusers.test
+run_test ./newusers/31_create_user_error_invalid_GID/newusers.test
+run_test ./newusers/32_create_user_error_gshadow_group_exists/newusers.test
+run_test ./newusers/33_update_password_no_shadow_password/newusers.test
+run_test ./newusers/34_update_password_no_shadow/newusers.test
+run_test ./newusers/35_read_from_stdin/newusers.test
+if [ "$USE_PAM" != "yes" ]; then
+ run_test ./newusers/36_create_user_encrypted/newusers.test
+ run_test ./newusers/37_create_user_encrypt_MD5/newusers.test
+ run_test ./newusers/38_update_password_no_shadow_encrypted/newusers.test
+ run_test ./newusers/39_update_password_no_shadow_password_encrypted/newusers.test
+ run_test ./newusers/40_update_password_encrypted/newusers.test
+ run_test ./newusers/41_create_user_encrypt_SHA256/newusers.test
+ run_test ./newusers/42_create_user_encrypt_SHA512/newusers.test
+ run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test
+ run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test
+ run_test ./newusers/45_create_user_encrypt_rounds_3000/newusers.test
+ run_test ./newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test
+else
+
+ run_test ./newusers/37_create_user_encrypt_MD5-PAM/newusers.test
+
+
+
+ run_test ./newusers/41_create_user_encrypt_SHA256-PAM/newusers.test
+ run_test ./newusers/42_create_user_encrypt_SHA512-PAM/newusers.test
+ run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test
+ run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test
+
+
+fi
+run_test ./newusers/47_create_user_error_UID_4294967295/newusers.test
+run_test ./newusers/48_create_user_error_GID_4294967295/newusers.test
+run_test ./newusers/49_multiple_system_users/newusers.test
+run_test ./newusers/50_usage/newusers.test
+run_test ./newusers/51_usage_invalid_option/newusers.test
+run_test ./newusers/52_usage_2_input_files/newusers.test
+run_test ./newusers/53_locked_passwd/newusers.test
+run_test ./newusers/54_locked_shadow/newusers.test
+run_test ./newusers/55_locked_group/newusers.test
+run_test ./newusers/56_locked_gshadow/newusers.test
+run_test ./newusers/57_missing_input_file/newusers.test
+run_test ./newusers/58_invalid_input_file/newusers.test
+run_test ./newusers/59_no_gshadow_file/newusers.test
+run_test ./newusers/60_update_no_gecos/newusers.test
+run_test ./newusers/61_update_no_shell/newusers.test
+run_test ./split_groups/01_useradd_split_group/useradd.test
+run_test ./split_groups/02_useradd_no_split_group/useradd.test
+run_test ./split_groups/03_useradd_split_group_already_split/useradd.test
+run_test ./split_groups/04_useradd_split_group_already_full/useradd.test
+run_test ./split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test
+run_test ./split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test
+run_test ./split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test
+run_test ./split_groups/08_useradd_no_split_group_already_split/useradd.test
+run_test ./split_groups/09_groupdel_split_group_already_split/groupdel.test
+run_test ./split_groups/10_groupdel_no_split_group_already_split/groupdel.test
+if [ "$FAILURE_TESTS" = "yes" ]; then
+run_test ./failures/chage/01_chage_openRW_passwd_failure/chage.test
+run_test ./failures/chage/02_chage_openRO_passwd_failure/chage.test
+run_test ./failures/chage/03_chage_openRW_shadow_failure/chage.test
+run_test ./failures/chage/04_chage_openRO_shadow_failure/chage.test
+run_test ./failures/chage/05_chage_rename_shadow_failure/chage.test
+run_test ./failures/chage/06_chage_rename_passwd_failure/chage.test
+run_test ./failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test
+run_test ./failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test
+run_test ./failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test
+run_test ./failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test
+if [ "$USE_PAM" = "yes" ]; then
+ run_test ./failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test
+ run_test ./failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test
+ run_test ./failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test
+ run_test ./failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test
+ run_test ./failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test
+fi
+run_test ./failures/chsh/01_chsh_open_passwd_failure/chsh.test
+run_test ./failures/chsh/02_chsh_rename_passwd_failure/chsh.test
+run_test ./failures/cppw/01_cppw_open_passwd_in_failure/cppw.test
+run_test ./failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test
+run_test ./failures/cppw/03_cppw_rename_passwd_failure/cppw.test
+run_test ./failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test
+run_test ./failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test
+run_test ./failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test
+run_test ./failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test
+run_test ./failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test
+run_test ./failures/groupadd/02_groupadd_group_rename_failure/groupadd.test
+run_test ./failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test
+run_test ./failures/groupadd/04_groupadd_group_open_failure/groupadd.test
+run_test ./failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test
+run_test ./failures/groupdel/02_groupdel_group_rename_failure/groupdel.test
+run_test ./failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test
+run_test ./failures/groupdel/04_groupdel_group_open_failure/groupdel.test
+run_test ./failures/groupmems/01_groupmems_group_open_failure/groupmems.test
+run_test ./failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test
+run_test ./failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test
+run_test ./failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test
+run_test ./failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test
+run_test ./failures/groupmod/04_groupmod_group_open_failure/groupmod.test
+run_test ./failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test
+run_test ./failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test
+run_test ./failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test
+run_test ./failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test
+run_test ./failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test
+run_test ./failures/grpck/01_grpck_system_group_open_failure/grpck.test
+run_test ./failures/grpck/02_grpck_group_open_failure/grpck.test
+run_test ./failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test
+run_test ./failures/grpck/04_grpck_gshadow_open_failure/grpck.test
+run_test ./failures/grpck/05_grpck_sort_group_rename_failure/grpck.test
+run_test ./failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test
+run_test ./failures/grpconv/01_grpconv_open_group_failure/grpconv.test
+run_test ./failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test
+run_test ./failures/grpconv/03_grpconv_rename_group_failure/grpconv.test
+run_test ./failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test
+run_test ./failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test
+run_test ./failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test
+run_test ./failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test
+run_test ./failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test
+run_test ./failures/newusers/01_newusers_open_passwd_failure/newusers.test
+run_test ./failures/newusers/02_newusers_open_shadow_failure/newusers.test
+run_test ./failures/newusers/03_newusers_open_group_failure/newusers.test
+run_test ./failures/newusers/04_newusers_open_gshadow_failure/newusers.test
+run_test ./failures/newusers/05_newusers_rename_passwd_failure/newusers.test
+run_test ./failures/newusers/06_newusers_rename_shadow_failure/newusers.test
+run_test ./failures/newusers/07_newusers_rename_group_failure/newusers.test
+run_test ./failures/newusers/08_newusers_rename_gshadow_failure/newusers.test
+run_test ./failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test
+run_test ./failures/newusers/10_newusers_time_0/newusers.test
+run_test ./failures/pwck/01_pwck_system_passwd_open_failure/pwck.test
+run_test ./failures/pwck/02_pwck_passwd_open_failure/pwck.test
+run_test ./failures/pwck/03_pwck_system_shadow_open_failure/pwck.test
+run_test ./failures/pwck/04_pwck_shadow_open_failure/pwck.test
+run_test ./failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test
+run_test ./failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test
+run_test ./failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test
+run_test ./failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test
+run_test ./failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test
+run_test ./failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test
+run_test ./failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test
+run_test ./failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test
+run_test ./failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test
+run_test ./failures/pwconv/05_pwconv_time_0/pwconv.test
+run_test ./failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test
+run_test ./failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test
+run_test ./failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test
+run_test ./failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test
+run_test ./failures/useradd/01_useradd_open_passwd_failure/useradd.test
+run_test ./failures/useradd/02_useradd_open_shadow_failure/useradd.test
+run_test ./failures/useradd/03_useradd_open_group_failure/useradd.test
+run_test ./failures/useradd/04_useradd_open_gshadow_failure/useradd.test
+run_test ./failures/useradd/05_useradd_rename_passwd_failure/useradd.test
+run_test ./failures/useradd/06_useradd_rename_shadow_failure/useradd.test
+run_test ./failures/useradd/07_useradd_rename_group_failure/useradd.test
+run_test ./failures/useradd/08_useradd_rename_gshadow_failure/useradd.test
+run_test ./failures/useradd/09_useradd_rename_defaults_failure/useradd.test
+run_test ./failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test
+run_test ./failures/useradd/11_useradd_time_0/useradd.test
+run_test ./failures/useradd/12_useradd_open_subuid_failure/useradd.test
+run_test ./failures/useradd/13_useradd_open_subgid_failure/useradd.test
+run_test ./failures/useradd/14_username_rename_subuid_failure/useradd.test
+run_test ./failures/useradd/15_username_rename_subgid_failure/useradd.test
+run_test ./failures/userdel/01_userdel_gshadow_rename_failure/userdel.test
+run_test ./failures/userdel/02_userdel_group_rename_failure/userdel.test
+run_test ./failures/userdel/03_userdel_shadow_rename_failure/userdel.test
+run_test ./failures/userdel/04_userdel_passwd_rename_failure/userdel.test
+run_test ./failures/userdel/05_userdel_failure_remove_mailbox/userdel.test
+run_test ./failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test
+run_test ./failures/userdel/07_userdel_failure_remove_homedir/userdel.test
+run_test ./failures/userdel/08_userdel_open_passwd_failure/userdel.test
+run_test ./failures/userdel/09_userdel_open_shadow_failure/userdel.test
+run_test ./failures/userdel/10_userdel_open_group_failure/userdel.test
+run_test ./failures/userdel/11_userdel_open_gshadow_failure/userdel.test
+run_test ./failures/userdel/12_userdel_open_subuid_failure/userdel.test
+run_test ./failures/userdel/13_userdel_open_subgid_failure/userdel.test
+run_test ./failures/userdel/14_userdel_rename_subuid_failure/usedel.test
+run_test ./failures/userdel/15_userdel_rename_subgid_failure/usedel.test
+run_test ./failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test
+run_test ./failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test
+run_test ./failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test
+run_test ./failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test
+run_test ./failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test
+run_test ./failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test
+run_test ./failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test
+run_test ./failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test
+run_test ./failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test
+run_test ./failures/usermod/10_usermod_-p_time_0/usermod.test
+run_test ./failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test
+#run_test ./failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test
+run_test ./failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test
+run_test ./failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test
+run_test ./failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test
+run_test ./failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test
+run_test ./failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test
+run_test ./failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test
+fi
+run_test ./expiry/01_expiry_-c_no_expiry/expiry.test
+run_test ./expiry/02_expiry_-c_expired/expiry.test
+run_test ./expiry/03_expiry_-f_expired/expiry.test
+run_test ./expiry/04_expiry_no_options/expiry.test
+run_test ./expiry/05_expiry_-c_no_shadow_file/expiry.test
+run_test ./expiry/06_expiry_-c_no_shadow_entry/expiry.test
+run_test ./expiry/07_expiry_-c_expired_account/expiry.test
+run_test ./expiry/08_expiry_-c_expired_max+inact/expiry.test
+run_test ./expiry/09_expiry_-c_expired_not_inactive/expiry.test
+run_test ./expiry/10_expiry_bad_option/expiry.test
+run_test ./expiry/11_expiry_usage/expiry.test
+run_test ./expiry/12_expiry_extra_arg/expiry.test
+run_test ./expiry/13_expiry_usage-c-f/expiry.test
+run_test ./passwd/01_passwd_-S_root_locked_account/passwd.test
+run_test ./passwd/02_passwd_-S_root_valid_account/passwd.test
+run_test ./passwd/03_passwd_-S_root_empty_password/passwd.test
+run_test ./passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test
+run_test ./passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test
+run_test ./passwd/06_passwd_-l_root_lock_account/passwd.test
+run_test ./passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test
+run_test ./passwd/08_passwd_-u_root_unlock_account/passwd.test
+run_test ./passwd/09_passwd_-u_root_unlock_to_empty/passwd.test
+run_test ./passwd/10_passwd_-d_root/passwd.test
+run_test ./passwd/11_passwd_--mindays_root/passwd.test
+run_test ./passwd/12_passwd_--maxdays_root/passwd.test
+run_test ./passwd/13_passwd_--warndays_root/passwd.test
+run_test ./passwd/14_passwd_--inactive_root/passwd.test
+run_test ./passwd/15_passwd_--expire_root/passwd.test
+run_test ./passwd/16_passwd_-S-a_root/passwd.test
+run_test ./passwd/17_passwd_root_change_password/passwd.test
+run_test ./passwd/18_passwd_root_change_password_user/passwd.test
+run_test ./passwd/19_passwd_user_change_password/passwd.test
+run_test ./passwd/20_passwd_user_change_password_same_user/passwd.test
+run_test ./passwd/21_passwd_user_change_password_other_user/passwd.test
+run_test ./passwd/22_passwd_usage/passwd.test
+run_test ./login/01_login_prompt/login.test
+run_test ./login/02_login_user/login.test
+run_test ./login/03_login_check_tty/login.test
+find ${build_path} -name "*.gcda" -exec chmod a+rw {} \;
+run_test ./subids/01_useradd_no_subids/useradd.test
+run_test ./subids/02_useradd_with_subids/useradd.test
+run_test ./subids/03_useradd_no_subgid/useradd.test
+run_test ./subids/04_useradd_no_subuid/useradd.test
+run_test ./subids/05_useradd_fill_gap_start/useradd.test
+run_test ./subids/06_useradd_fill_gap_middle/useradd.test
+run_test ./subids/07_useradd_fill_gap_end/useradd.test
+run_test ./subids/08_useradd_no_more_subuids_start/useradd.test
+run_test ./subids/09_useradd_no_more_subgids_start/useradd.test
+run_test ./subids/10_useradd_no_more_subuids_end/useradd.test
+run_test ./subids/11_useradd_no_more_subgids_end/useradd.test
+run_test ./subids/12_useradd_invalid_subuid_configuration1/useradd.test
+run_test ./subids/13_useradd_invalid_subuid_configuration2/useradd.test
+run_test ./subids/14_useradd_invalid_subuid_configuration3/useradd.test
+run_test ./subids/15_useradd_invalid_subgid_configuration1/useradd.test
+run_test ./subids/16_useradd_invalid_subgid_configuration2/useradd.test
+run_test ./subids/17_useradd_invalid_subgid_configuration3/useradd.test
+run_test ./subids/18_useradd_min=max/useradd.test
+run_test ./subids/19_useradd_locked_subuid/useradd.test
+run_test ./subids/20_useradd_locked_subgid/useradd.test
+run_test ./subids/21_usermod_create_subuid_range/usermod.test
+run_test ./subids/22_usermod_create_subgid_range/usermod.test
+run_test ./subids/23_usermod_create_subids_ranges/usermod.test
+run_test ./subids/24_usermod_create_subids_overlapping_ranges/usermod.test
+run_test ./subids/25_usermod_add_range/usermod.test
+run_test ./subids/26_usermod_add_overlapping_ranges/usermod.test
+run_test ./subids/27_usermod_remove_range_all/usermod.test
+run_test ./subids/28_usermod_remove_range_partial_begin/usermod.test
+run_test ./subids/29_usermod_remove_range_partial_middle/usermod.test
+run_test ./subids/30_usermod_remove_range_partial_end/usermod.test
+run_test ./subids/31_usermod_remove_outside_range/usermod.test
+run_test ./subids/32_usermod_remove_overlapping_range_begin/usermod.test
+run_test ./subids/33_usermod_remove_overlapping_range_end/usermod.test
+run_test ./subids/34_usermod_remove_overlapping_range_all/usermod.test
+run_test ./subids/35_usermod_remove_only_user_ranges/usermod.test
+run_test ./subids/36_usermod_remove_with_comment/usermod.test
+run_test ./subids/37_usermod_-v_invalid_range/usermod.test
+run_test ./subids/38_usermod_-V_invalid_range/usermod.test
+run_test ./subids/39_usermod_-w_invalid_range/usermod.test
+run_test ./subids/40_usermod_-W_invalid_range/usermod.test
+run_test ./subids/41_usermod_locked_subuid/usermod.test
+run_test ./subids/42_usermod_locked_subgid/usermod.test
+run_test ./subids/43_usermod_-w_no_subgid/usermod.test
+run_test ./subids/44_usermod_-W_no_subgid/usermod.test
+run_test ./subids/45_usermod_-v_no_subgid/usermod.test
+run_test ./subids/46_usermod_-V_no_subgid/usermod.test
+run_test ./subids/47_usermod_-v_invalid_range2/usermod.test
+run_test ./subids/48_usermod_-v_invalid_range3/usermod.test
+run_test ./subids/49_usermod_-v_invalid_range4/usermod.test
+run_test ./subids/50_usermod_-v_invalid_range5/usermod.test
+run_test ./subids/51_usermod_-v_invalid_range6/usermod.test
+run_test ./subids/52_usermod_-v_invalid_range7/usermod.test
+run_test ./subids/53_userdel_one_subuid_range/userdel.test
+run_test ./subids/54_userdel_one_subgid_range/userdel.test
+run_test ./subids/55_userdel_no_subuid/userdel.test
+run_test ./subids/56_userdel_no_subgid/userdel.test
+run_test ./subids/57_userdel_multiple_ranges/userdel.test
+run_test ./subids/58_newusers_with_subids/newusers.test
+run_test ./subids/59_newusers_no_subuid/newusers.test
+run_test ./subids/60_newusers_no_subgid/newusers.test
+run_test ./subids/61_newusers_user_alread_has_subgids/newusers.test
+run_test ./subids/62_newusers_user_alread_has_subuids/newusers.test
+run_test ./subids/63_useradd_fill_gap4/useradd.test
+run_test ./subids/64_useradd_fill_gap5/useradd.test
+run_test ./subids/65_useradd_fill_gap6/useradd.test
+run_test ./subids/66_subordinate_range_cmp/useradd.test
+run_test ./subids/67_invalid_subuid_file1/useradd.test
+run_test ./subids/68_invalid_subuid_file2/useradd.test
+run_test ./subids/69_invalid_subuid_file3/useradd.test
+run_test ./subids/70_invalid_subuid_file4/useradd.test
+
+echo
+echo "$succeded test(s) passed"
+echo "$failed test(s) failed"
+echo "log written in 'testsuite.log'"
+if [ "$failed" != "0" ]
+then
+ echo "the following tests failed:"
+ echo $failed_tests
+fi
+
diff --git a/tests/run_all.coverage b/tests/run_all.coverage
new file mode 100755
index 0000000..a49be43
--- /dev/null
+++ b/tests/run_all.coverage
@@ -0,0 +1,1324 @@
+#!/bin/sh
+
+set -e
+
+export LC_ALL=C
+unset LANG
+unset LANGUAGE
+. common/config.sh
+
+USE_PAM="yes"
+FAILURE_TESTS="yes"
+
+succeded=0
+failed=0
+failed_tests=""
+
+run_test()
+{
+ find $build_path -name "*.gcda" -delete
+ find $build_path -name "*.gcno" | while read f
+ do
+ g=${f%gcno}gcda
+ touch $g
+ chmod a+rw $g
+ done
+
+ if $1 > $1.log
+ then
+ succeded=$((succeded+1))
+ echo -n "+"
+ else
+ failed=$((failed+1))
+ failed_tests="$failed_tests $1"
+ echo -n "-"
+ fi
+ cat $1.log >> testsuite.log
+ [ -f /etc/passwd.lock ] && echo $1 /etc/passwd.lock || true
+ [ -f /etc/group.lock ] && echo $1 /etc/group.lock || true
+ [ -f /etc/shadow.lock ] && echo $1 /etc/shadow.lock || true
+ [ -f /etc/gshadow.lock ] && echo $1 /etc/gshadow.lock || true
+ if [ "$(stat -c"%G" /etc/shadow)" != "shadow" ]
+ then
+ echo $1
+ ls -l /etc/shadow
+ chgrp shadow /etc/shadow
+ fi
+ if [ -d /nonexistent ]
+ then
+ echo $1 /nonexistent
+ rmdir /nonexistent
+ fi
+
+ find $build_path -name "*.gcda" -size 0 -delete
+ if echo $1 | grep -v -q debian
+ then
+ TESTNAME=$(echo $1| sed -e 's/^\.\///' -e 's/[.\/=-]/_/g')
+ lcov -q -c -d $build_path -o app_test.info -t $TESTNAME
+ lcov -q -a app_total.info -a app_test.info -o app_total.info
+ rm -f app_test.info
+ fi
+}
+
+echo "+: test passed"
+echo "-: test failed"
+
+# Empty the complete log.
+> testsuite.log
+
+lcov -q -c -i -d $build_path -o app_base.info
+lcov -q -a app_base.info -o app_total.info
+rm -f app_base.info
+
+run_test ./su/01/su_root.test
+run_test ./su/01/su_user.test
+run_test ./su/02/env_FOO-options_--login
+run_test ./su/02/env_FOO-options_--login_bash
+run_test ./su/02/env_FOO-options_--preserve-environment
+run_test ./su/02/env_FOO-options_--preserve-environment_bash
+run_test ./su/02/env_FOO-options_-
+run_test ./su/02/env_FOO-options_-_bash
+run_test ./su/02/env_FOO-options_-l-m
+run_test ./su/02/env_FOO-options_-l-m_bash
+run_test ./su/02/env_FOO-options_-l
+run_test ./su/02/env_FOO-options_-l_bash
+run_test ./su/02/env_FOO-options_-m_bash
+run_test ./su/02/env_FOO-options_-m
+run_test ./su/02/env_FOO-options_-p
+run_test ./su/02/env_FOO-options_-p_bash
+run_test ./su/02/env_FOO-options__bash
+run_test ./su/02/env_FOO-options_
+run_test ./su/02/env_FOO-options_-p-
+run_test ./su/02/env_FOO-options_-p-_bash
+run_test ./su/02/env_special-options_-l-p
+run_test ./su/02/env_special-options_-l
+run_test ./su/02/env_special-options_-l-p_bash
+run_test ./su/02/env_special-options_-l_bash
+run_test ./su/02/env_special-options_-p
+run_test ./su/02/env_special-options_-p_bash
+run_test ./su/02/env_special-options_
+run_test ./su/02/env_special-options__bash
+run_test ./su/02/env_special_root-options_-l-p
+run_test ./su/02/env_special_root-options_-l-p_bash
+run_test ./su/02/env_special_root-options_-l
+run_test ./su/02/env_special_root-options_-l_bash
+run_test ./su/02/env_special_root-options_-p
+run_test ./su/02/env_special_root-options_-p_bash
+run_test ./su/02/env_special_root-options_
+run_test ./su/02/env_special_root-options__bash
+run_test ./su/03/su_run_command01.test
+run_test ./su/03/su_run_command02.test
+run_test ./su/03/su_run_command03.test
+run_test ./su/03/su_run_command04.test
+run_test ./su/03/su_run_command05.test
+run_test ./su/03/su_run_command06.test
+run_test ./su/03/su_run_command07.test
+run_test ./su/03/su_run_command08.test
+run_test ./su/03/su_run_command09.test
+run_test ./su/03/su_run_command10.test
+run_test ./su/03/su_run_command11.test
+run_test ./su/03/su_run_command12.test
+run_test ./su/03/su_run_command13.test
+run_test ./su/03/su_run_command14.test
+run_test ./su/03/su_run_command15.test
+run_test ./su/03/su_run_command16.test
+run_test ./su/03/su_run_command17.test
+run_test ./su/04/su_wrong_user.test
+run_test ./su/04/su_user_wrong_passwd.test
+run_test ./su/04/su_user_wrong_passwd_syslog.test
+run_test ./su/05/su_user_wrong_passwd_syslog.test
+run_test ./su/06/su_user_syslog.test
+run_test ./su/07/su_user_syslog.test
+run_test ./su/08/env_special-options_
+run_test ./su/08/env_special_root-options_
+run_test ./su/09/env_special-options_
+run_test ./su/09/env_special_root-options_
+run_test ./su/10_su_sulog_success/su.test
+run_test ./su/11_su_sulog_failure/su.test
+run_test ./su/12_su_child_failure/su.test
+run_test ./su/13_su_child_success/su.test
+run_test ./chage/01/run
+run_test ./chage/02/run
+run_test ./chage/03_chsh_usage/chage.test
+run_test ./chage/04_chsh_usage_invalid_option/chage.test
+run_test ./chage/05_chsh_usage_2_users/chage.test
+run_test ./chage/06_chsh_usage_no_users/chage.test
+run_test ./chage/07_chsh_usage-l_exclusive/chage.test
+run_test ./chage/08_chsh_usage_invalid_date/chage.test
+run_test ./chage/09_chsh_usage_invalid_numeric_arg/chage.test
+run_test ./chage/10_chsh-l/chage.test
+run_test ./chage/11_chsh_usage_invalid_user/chage.test
+run_test ./chage/12_chsh_usage-l_invalid_user2/chage.test
+run_test ./chage/13_chsh_locked_passwd/chage.test
+run_test ./chage/14_chsh_locked_shadow/chage.test
+run_test ./chage/15_chage-I_no_shadow_entry/chage.test
+run_test ./chage/16_chage-m_no_shadow_entry/chage.test
+run_test ./chage/17_chage-M_no_shadow_entry/chage.test
+run_test ./chage/18_chage-d_no_shadow_entry/chage.test
+run_test ./chage/19_chage-W_no_shadow_entry/chage.test
+run_test ./chage/20_chage-E_no_shadow_entry/chage.test
+run_test ./chage/21_chage_no_shadow_file/chage.test
+run_test ./chage/22_chage_myuser-l/chage.test
+run_test ./chage/23_chage_myuser-I/chage.test
+run_test ./chage/24_chage_myuser-l_other/chage.test
+run_test ./chage/25_chage_interractive/chage.test
+run_test ./chage/26_chage_interractive_date_0/chage.test
+run_test ./chage/27_chage_interractive_date_-1/chage.test
+run_test ./chage/28_chage_interractive_date_EPOCH/chage.test
+run_test ./chage/29_chage_interractive_date_pre-EPOCH/chage.test
+run_test ./chage/30_chage_interractive_date_pre-EPOCH2/chage.test
+run_test ./chage/31_chage_interractive_date_invalid/chage.test
+run_test ./chage/32_chage_interractive_date_invalid2/chage.test
+run_test ./chage/33_chage_interractive-W_invalid1/chage.test
+run_test ./chage/34_chage_interractive-W_invalid2/chage.test
+run_test ./chage/35_chage_interractive-W-1/chage.test
+run_test ./chage/36_chage_interractive-I_invalid1/chage.test
+run_test ./chage/37_chage_interractive-I_invalid2/chage.test
+run_test ./chage/38_chage_interractive-I-1/chage.test
+run_test ./chage/39_chage_interractive-d-1/chage.test
+run_test ./chsh/01/run
+run_test ./chsh/02_chsh_usage/chsh.test
+run_test ./chsh/03_chsh_usage_invalid_option/chsh.test
+run_test ./chsh/04_chsh_usage_2_users/chsh.test
+run_test ./chsh/05_chsh_myuser_restricted_shell/chsh.test
+run_test ./chsh/06_chsh_myuser_non_restricted_shell/chsh.test
+run_test ./chsh/07_chsh_usage_invalid_user/chsh.test
+run_test ./chsh/08_chsh_myuser_to_restricted_shell/chsh.test
+run_test ./chsh/09_chsh_myuser_to_missing_shell/chsh.test
+run_test ./chsh/10_chsh_myuser_to_non_executable_shell/chsh.test
+run_test ./chsh/11_chsh_auth_failure/chsh.test
+run_test ./chsh/12_chsh_warning_missing_shell/chsh.test
+run_test ./chsh/13_chsh_warning_non_executable/chsh.test
+run_test ./chsh/14_chsh_locked_passwd/chsh.test
+run_test ./chsh/15_chsh_PAM_error/chsh.test
+run_test ./chroot/chage/01_chage--root/chage.test
+run_test ./chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test
+run_test ./chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test
+run_test ./chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test
+run_test ./chroot/chsh/01_chsh--root/chsh.test
+run_test ./chroot/gpasswd/01_gpasswd--root/gpasswd.test
+run_test ./chroot/groupadd/01_groupadd--root/groupadd.test
+run_test ./chroot/groupdel/01_groupdel--root/groupdel.test
+run_test ./chroot/groupmod/01_groupmod--root/groupmod.test
+run_test ./chroot/grpck/01_grpck--root/grpck.test
+run_test ./chroot/grpconv/01_grpconv--root/grpconv.test
+run_test ./chroot/grpunconv/01_grpunconv--root/grpunconv.test
+run_test ./chroot/lastlog/01_lastlog--root/lastlog.test
+run_test ./chroot/login/01_login_sublogin/login.test
+run_test ./chroot/pwck/01_pwck--root/pwck.test
+run_test ./chroot/pwconv/01_pwconv--root/pwconv.test
+run_test ./chroot/pwunconv/01_pwunconv--root/pwunconv.test
+run_test ./chroot/useradd/01_useradd--root/useradd.test
+run_test ./chroot/useradd/02_useradd--root_login.defs/useradd.test
+run_test ./chroot/useradd/03_useradd--root_useradd.default/useradd.test
+run_test ./chroot/useradd/04_useradd--root_useradd-D/useradd.test
+run_test ./chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test
+run_test ./chroot/userdel/01_userdel--root/userdel.test
+run_test ./chroot/usermod/01_usermod--root/usermod.test
+run_test ./convtools/01/run
+run_test ./convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test
+run_test ./convtools/03_grpconv_copy_passwd/grpconv.test
+run_test ./convtools/04_grpconv_no_password/grpconv.test
+run_test ./convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test
+run_test ./convtools/06_grpconv_error_group_locked/grpconv.test
+run_test ./convtools/07_grpconv_error_gshadow_locked/grpconv.test
+run_test ./convtools/08_grpunconv_no_gshadow_file/grpunconv.test
+run_test ./convtools/09_grpunconv_error_group_locked/grpunconv.test
+run_test ./convtools/10_grpunconv_error_gshadow_locked/grpunconv.test
+run_test ./convtools/11_pwconv_error_passwd_locked/pwconv.test
+run_test ./convtools/12_pwconv_error_shadow_locked/pwconv.test
+run_test ./convtools/13_pwunconv_error_passwd_locked/pwunconv.test
+run_test ./convtools/14_pwunconv_error_shadow_locked/pwunconv.test
+run_test ./convtools/15_pwconv_remove_shadow_only_entries/pwconv.test
+run_test ./convtools/16_pwconv_copy_passwd/pwconv.test
+run_test ./convtools/17_pwunconv_no_shadow_file/pwunconv.test
+run_test ./convtools/18_pwunconv_user_not_in_shadow/pwunconv.test
+run_test ./convtools/19_pwconv_NIS/pwconv.test
+run_test ./convtools/20_pwunconv_usage_option/pwunconv.test
+run_test ./convtools/21_pwunconv_keep_passwd_password/pwunconv.test
+run_test ./convtools/22_grpunconv_usage_option/grpunconv.test
+run_test ./convtools/23_grpunconv_keep_group_password/grpunconv.test
+run_test ./convtools/24_grpunconv_no_gshadow_entry/grpunconv.test
+run_test ./convtools/25_pwconv_usage_option/pwconv.test
+run_test ./convtools/26_grpconv_usage_option/grpconv.test
+run_test ./convtools/27_pwunconv_usage/pwunconv.test
+run_test ./convtools/28_pwunconv_usage_extra_arg/pwunconv.test
+run_test ./convtools/29_grpconv_usage/grpconv.test
+run_test ./convtools/30_grpconv_usage_extra_arg/grpconv.test
+run_test ./convtools/31_pwconv_usage/pwconv.test
+run_test ./convtools/32_pwconv_usage_extra_arg/pwconv.test
+run_test ./convtools/33_grpunconv_usage/grpunconv.test
+run_test ./convtools/34_grpunconv_usage_extra_arg/grpunconv.test
+run_test ./cptools/02_cppw_usage/cppw.test
+run_test ./cptools/03_cppw_usage_invalid_option/cppw.test
+run_test ./cptools/04_cppw_no_file_argument/cppw.test
+run_test ./cptools/05_cppw_2_files/cppw.test
+run_test ./cptools/06_cppw_no_file/cppw.test
+run_test ./cptools/07_cppw_locked_passwd/cppw.test
+run_test ./cptools/08_cppw-p/cppw.test
+run_test ./cptools/09_cppw-g/cppw.test
+run_test ./cptools/10_cppw-g-s/cppw.test
+run_test ./cptools/11_cppw-p-s/cppw.test
+run_test ./cptools/12_cppw-s_no_shadow_file/cppw.test
+run_test ./debian/01/run
+run_test ./grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test
+run_test ./grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test
+run_test ./grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test
+run_test ./grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test
+run_test ./grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test
+run_test ./grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test
+run_test ./grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test
+run_test ./grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test
+run_test ./grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test
+run_test ./grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test
+run_test ./grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test
+run_test ./grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test
+run_test ./grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test
+run_test ./grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test
+run_test ./grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test
+run_test ./grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test
+run_test ./grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test
+run_test ./grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test
+run_test ./grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test
+run_test ./grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test
+run_test ./grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test
+run_test ./grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test
+run_test ./grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test
+run_test ./grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test
+run_test ./grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test
+run_test ./grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test
+run_test ./grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test
+run_test ./grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test
+run_test ./grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test
+run_test ./grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test
+run_test ./grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test
+run_test ./grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test
+run_test ./grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test
+run_test ./grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test
+run_test ./grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test
+run_test ./grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/61_gpasswd_usage/gpasswd.test
+run_test ./grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test
+run_test ./grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test
+run_test ./grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test
+run_test ./grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test
+run_test ./grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test
+run_test ./grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test
+run_test ./grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test
+run_test ./grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test
+run_test ./grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test
+run_test ./grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test
+run_test ./grouptools/groupadd/01_groupadd_add_group/groupadd.test
+run_test ./grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test
+run_test ./grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test
+run_test ./grouptools/groupadd/04_groupadd_set_password/groupadd.test
+run_test ./grouptools/groupadd/05_groupadd_set_GID/groupadd.test
+run_test ./grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test
+run_test ./grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/08_groupadd_locked_group/groupadd.test
+run_test ./grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test
+run_test ./grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test
+run_test ./grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test
+run_test ./grouptools/groupadd/13_groupadd_invalid_name/groupadd.test
+run_test ./grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test
+run_test ./grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test
+run_test ./grouptools/groupadd/16_groupadd_existing_group/groupadd.test
+run_test ./grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test
+run_test ./grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test
+run_test ./grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test
+run_test ./grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test
+run_test ./grouptools/groupadd/22_groupadd_usage/groupadd.test
+run_test ./grouptools/groupadd/23_groupadd_no_groups/groupadd.test
+run_test ./grouptools/groupadd/24_groupadd_2_groups/groupadd.test
+run_test ./grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test
+run_test ./grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test
+run_test ./grouptools/groupadd/27_groupadd_invalid_option/groupadd.test
+run_test ./grouptools/groupdel/01_groupdel_delete_group/groupdel.test
+run_test ./grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test
+run_test ./grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test
+run_test ./grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test
+run_test ./grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test
+run_test ./grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test
+run_test ./grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test
+run_test ./grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test
+run_test ./grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test
+run_test ./grouptools/groupdel/10_groupdel_usage/groupdel.test
+run_test ./grouptools/groupdel/11_groupdel_invalid_option/groupdel.test
+run_test ./grouptools/groupmems/01_groupmems_root_add_user/groupmems.test
+run_test ./grouptools/groupmems/02_groupmems_root_del_user/groupmems.test
+run_test ./grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test
+run_test ./grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test
+run_test ./grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test
+run_test ./grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/12_groupmems_user_add_user/groupmems.test
+run_test ./grouptools/groupmems/13_groupmems_user_del_user/groupmems.test
+run_test ./grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test
+run_test ./grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test
+run_test ./grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test
+run_test ./grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test
+run_test ./grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test
+run_test ./grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test
+run_test ./grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test
+run_test ./grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test
+run_test ./grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test
+run_test ./grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test
+run_test ./grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test
+run_test ./grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test
+run_test ./grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test
+run_test ./grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/42_groupmems_user_list_users/groupmems.test
+run_test ./grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test
+run_test ./grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test
+run_test ./grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test
+run_test ./grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/53_groupmems_usage/groupmems.test
+run_test ./grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test
+run_test ./grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test
+run_test ./grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test
+run_test ./grouptools/groupmems/57_groupmems_authentication/groupmems.test
+run_test ./grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test
+run_test ./grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test
+run_test ./grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test
+run_test ./grouptools/groupmod/01_groupmod_change_gid/groupmod.test
+run_test ./grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test
+run_test ./grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test
+run_test ./grouptools/groupmod/06_groupmod_change_group_name/groupmod.test
+run_test ./grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/09_groupmod_set_password/groupmod.test
+run_test ./grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test
+run_test ./grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test
+run_test ./grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test
+run_test ./grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test
+run_test ./grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test
+run_test ./grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test
+run_test ./grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test
+run_test ./grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test
+run_test ./grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test
+run_test ./grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test
+run_test ./grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test
+run_test ./grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test
+run_test ./grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test
+run_test ./grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test
+run_test ./grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test
+run_test ./grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test
+run_test ./grouptools/groupmod/28_groupmod_usage/groupmod.test
+run_test ./grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test
+run_test ./grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test
+run_test ./grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test
+run_test ./grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test
+run_test ./grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test
+run_test ./grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test
+run_test ./grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/37_groupmod_invalid_option/groupmod.test
+run_test ./log/faillog/01_faillog_no_faillog/faillog.test
+run_test ./log/faillog/02_faillog_usage/faillog.test
+run_test ./log/faillog/03_faillog_format/faillog.test
+run_test ./log/faillog/04_faillog_mulitple/faillog.test
+run_test ./log/faillog/05_faillog-u_ID/faillog.test
+run_test ./log/faillog/06_faillog-u_name/faillog.test
+run_test ./log/faillog/07_faillog-u_ID_invalid/faillog.test
+run_test ./log/faillog/08_faillog-u_name_invalid/faillog.test
+run_test ./log/faillog/09_faillog-u_range/faillog.test
+run_test ./log/faillog/10_faillog-u_open_range/faillog.test
+run_test ./log/faillog/11_faillog-u_range_open/faillog.test
+run_test ./log/faillog/12_faillog-u_range_invalid1/faillog.test
+run_test ./log/faillog/13_faillog-u_range_invalid2/faillog.test
+run_test ./log/faillog/14_faillog-u_range_invalid3/faillog.test
+run_test ./log/faillog/15_faillog_bad_option/faillog.test
+run_test ./log/faillog/16_faillog_extra_arg/faillog.test
+run_test ./log/faillog/17_faillog-t/faillog.test
+run_test ./log/faillog/18_faillog-t_invalid/faillog.test
+run_test ./log/faillog/19_faillog_multiple_same_user/faillog.test
+run_test ./log/faillog/20_faillog-r-u/faillog.test
+run_test ./log/faillog/21_faillog-r-u_range/faillog.test
+run_test ./log/faillog/22_faillog_removed_user/faillog.test
+run_test ./log/faillog/23_faillog-a_removed_user/faillog.test
+run_test ./log/faillog/24_faillog-u_removed_user/faillog.test
+run_test ./log/faillog/25_faillog-r-u_removed_user/faillog.test
+run_test ./log/faillog/26_faillog-r-u_range_removed_user/faillog.test
+run_test ./log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test
+run_test ./log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test
+run_test ./log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test
+run_test ./log/faillog/30_faillog-r/faillog.test
+run_test ./log/faillog/31_faillog-r-u_open_range/faillog.test
+run_test ./log/faillog/32_faillog-l/faillog.test
+run_test ./log/faillog/33_faillog-l-u_user/faillog.test
+run_test ./log/faillog/34_faillog-l-u_range/faillog.test
+run_test ./log/faillog/35_faillog-l-u_open_range/faillog.test
+run_test ./log/faillog/36_faillog-l-u_range_open/faillog.test
+run_test ./log/faillog/37_faillog-l-a-u_user/faillog.test
+run_test ./log/faillog/38_faillog-l-a-u_range/faillog.test
+run_test ./log/faillog/39_faillog-l-a-u_open_range/faillog.test
+run_test ./log/faillog/40_faillog-l-a-u_range_open/faillog.test
+run_test ./log/faillog/41_faillog-l_invalid/faillog.test
+run_test ./log/faillog/42_faillog-m/faillog.test
+run_test ./log/faillog/43_faillog-m-u_user/faillog.test
+run_test ./log/faillog/44_faillog-m-u_range/faillog.test
+run_test ./log/faillog/45_faillog-m-u_open_range/faillog.test
+run_test ./log/faillog/46_faillog-m-u_range_open/faillog.test
+run_test ./log/faillog/47_faillog-m-a-u_user/faillog.test
+run_test ./log/faillog/48_faillog-m-a-u_range/faillog.test
+run_test ./log/faillog/49_faillog-m-a-u_open_range/faillog.test
+run_test ./log/faillog/50_faillog-m-a-u_range_open/faillog.test
+run_test ./log/faillog/51_faillog-m_invalid/faillog.test
+run_test ./log/faillog/52_faillog-t-l_exclusive/faillog.test
+run_test ./log/faillog/53_faillog-t-m_exclusive/faillog.test
+run_test ./log/faillog/54_faillog-t-r_exclusive/faillog.test
+run_test ./log/faillog/55_faillog_no_changes/faillog.test
+run_test ./log/faillog/56_faillog-l-m_empty_file/faillog.test
+run_test ./log/faillog/57_faillog-r_empty_file/faillog.test
+run_test ./log/faillog/58_faillog-l_no_failcount/faillog.test
+run_test ./log/lastlog/01_lastlog_no_lastlog/lastlog.test
+run_test ./log/lastlog/02_lastlog_usage/lastlog.test
+run_test ./log/lastlog/03_lastlog_format/lastlog.test
+run_test ./log/lastlog/04_lastlog_mulitple/lastlog.test
+run_test ./log/lastlog/05_lastlog-u_ID/lastlog.test
+run_test ./log/lastlog/06_lastlog-u_name/lastlog.test
+run_test ./log/lastlog/07_lastlog-u_ID_invalid/lastlog.test
+run_test ./log/lastlog/08_lastlog-u_name_invalid/lastlog.test
+run_test ./log/lastlog/09_lastlog-u_range/lastlog.test
+run_test ./log/lastlog/10_lastlog-u_open_range/lastlog.test
+run_test ./log/lastlog/11_lastlog-u_range_open/lastlog.test
+run_test ./log/lastlog/12_lastlog-u_range_invalid1/lastlog.test
+run_test ./log/lastlog/13_lastlog-u_range_invalid2/lastlog.test
+run_test ./log/lastlog/14_lastlog-u_range_invalid3/lastlog.test
+run_test ./log/lastlog/15_lastlog_bad_option/lastlog.test
+run_test ./log/lastlog/16_lastlog_extra_arg/lastlog.test
+run_test ./log/lastlog/17_lastlog-t/lastlog.test
+run_test ./log/lastlog/18_lastlog-b/lastlog.test
+run_test ./log/lastlog/19_lastlog-t_invalid/lastlog.test
+run_test ./log/lastlog/20_lastlog-b_invalid/lastlog.test
+run_test ./usertools/01/01_useradd_add_user.test
+run_test ./usertools/01/01_userdel_delete_user.test
+run_test ./usertools/01/02_useradd_recreate_deleted_user.test
+run_test ./usertools/01/03_useradd_additional_options.test
+run_test ./usertools/01/04_useradd_add_user_with_existing_UID_fail.test
+run_test ./usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test
+run_test ./usertools/01/04_useradd_specified_UID.test
+run_test ./usertools/01/04_useradd_specified_UID_and_GID.test
+run_test ./usertools/01/04_userdel_delete_user_with_non_unique_UID.test
+run_test ./usertools/01/05_useradd_invalid_numeric_primary_group.test
+run_test ./usertools/01/06_useradd_invalid_named_primary_group.test
+run_test ./usertools/01/07_useradd_numerical_primary_group.test
+run_test ./usertools/01/08_useradd_named_primary_group.test
+run_test ./usertools/01/09_usermod_change_user_info.test
+run_test ./usertools/01/10_usermod_rename_user.test
+run_test ./usertools/01/10_usermod_rename_user_in_group.test
+run_test ./usertools/01/11_usermod_change_password.test
+run_test ./usertools/01/11_usermod_lock_password.test
+run_test ./usertools/01/11_usermod_unlock_empty_password.test
+run_test ./usertools/01/11_usermod_unlock_password.test
+run_test ./usertools/01/12_usermod_change_gid_name.test
+run_test ./usertools/01/12_usermod_change_gid_number.test
+run_test ./usertools/01/13_useradd_negative_UID.test
+run_test ./usertools/01/14_useradd_out_of_range_UID.test
+run_test ./usertools/01/15_useradd_specified_large_UID.test
+run_test ./usertools/01/16_useradd_add_user_to_multiple_groups.test
+run_test ./usertools/01/16_useradd_add_user_to_one_group.test
+run_test ./usertools/01/17_useradd_create_homedir.test
+run_test ./usertools/01/18_userdel_remove_homedir.test
+run_test ./usertools/01/19_userdel_delete_user_in_group.test
+run_test ./usertools/01/20_usermod_change_homedir.test
+run_test ./usertools/01/21_usermod_change_and_move_homedir.test
+run_test ./usertools/01/22_usermod_new_groups.test
+run_test ./usertools/01/23_usermod_add_groups.test
+run_test ./usertools/01/24_usermod_new_groups_remove_old_groups.test
+run_test ./usertools/01/25_useradd_specified_large_UID2.test
+run_test ./usertools/01/26_useradd_UID_-1.test
+run_test ./usertools/02/useradd_default_default_values.test
+run_test ./usertools/02/useradd_get_default_values.test
+run_test ./usertools/02/useradd_change_default_INACTIVE.test
+run_test ./usertools/02/useradd_change_default_SHELL.test
+run_test ./usertools/02/useradd_change_default_EXPIRE.test
+run_test ./usertools/02/useradd_change_default_GROUP.test
+run_test ./usertools/02/useradd_change_default_HOME.test
+run_test ./usertools/02/useradd_change_defaults.test
+run_test ./usertools/03/useradd_change_defaults.test
+run_test ./usertools/04/01_useradd_add_user.test
+run_test ./usertools/05_userdel_del_from_group_members/userdel.test
+run_test ./usertools/06_userdel_del_from_gshadow_members/userdel.test
+run_test ./usertools/07_userdel_del_from_gshadow_admins/userdel.test
+run_test ./usertools/08_userdel_del_from_group_and_gshadow/userdel.test
+run_test ./usertools/09_userdel_del_homedir/userdel.test
+run_test ./usertools/10_userdel_del_homedir_wrong_owner/userdel.test
+run_test ./usertools/11_usermod_move_homedir/usermod.test
+run_test ./usertools/12_usermod_move_homedir_dev_null/usermod.test
+run_test ./usertools/13_usermod_move_homedir_file/usermod.test
+run_test ./usertools/14_usermod_move_homedir_other_device/usermod.test
+run_test ./usertools/15_usermod_change_supplementary_groups/usermod.test
+run_test ./usertools/16_usermod_remove_supplementary_groups/usermod.test
+run_test ./usertools/17_usermod_change_supplementary_groups_numerical/usermod.test
+run_test ./usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test
+run_test ./usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test
+run_test ./usertools/20_usermod_rename_user_in_member_lists/usermod.test
+run_test ./usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test
+run_test ./usertools/22_usermod-a_existing_supplementary_group/usermod.test
+run_test ./usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test
+run_test ./usertools/24_usermod_locked_passwd/usermod.test
+run_test ./usertools/25_usermod-G_locked_group/usermod.test
+run_test ./usertools/26_usermod_locked_shadow/usermod.test
+run_test ./usertools/27_usermod-G_locked_gshadow/usermod.test
+run_test ./usertools/28_usermod-c_locked_group/usermod.test
+run_test ./usertools/29_usermod-c_locked_gshadow/usermod.test
+run_test ./usertools/30_usermod-l_locked_group/usermod.test
+run_test ./usertools/31_usermod-l_locked_gshadow/usermod.test
+run_test ./usertools/32_usermod-u_new_UID/usermod.test
+run_test ./usertools/33_usermod-u_existing_UID/usermod.test
+run_test ./usertools/34_usermod-u-o_existing_UID/usermod.test
+run_test ./usertools/35_usermod-u_invalid_UID/usermod.test
+run_test ./usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test
+run_test ./usertools/37_Debian_Bug_470745/usermod.test
+run_test ./usertools/38_usermod_invalid_user/usermod.test
+run_test ./usertools/39_usermod_-c_invalid_comment/usermod.test
+run_test ./usertools/40_usermod_-d_invalid_homedir/usermod.test
+run_test ./usertools/41_usermod_-d_invalid_shell/usermod.test
+run_test ./usertools/42_usermod_-g_invalid_group_name/usermod.test
+run_test ./usertools/43_usermod_-g_invalid_group_ID/usermod.test
+run_test ./usertools/44_usermod-l_existing_username/usermod.test
+run_test ./usertools/45_usermod-l_existing_username_passwd/usermod.test
+run_test ./usertools/46_usermod-l_existing_username_shadow/usermod.test
+run_test ./usertools/47_usermod-l_no_shadow_file/usermod.test
+run_test ./usertools/48_userdel_keep_group_if_primary_other_user/userdel.test
+run_test ./usertools/49_userdel_delete_users_group/userdel.test
+run_test ./usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test
+run_test ./usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test
+run_test ./usertools/52_userdel_delete_user_no_shadow_entry/userdel.test
+run_test ./usertools/53_userdel_delete_user_no_shadow_file/userdel.test
+run_test ./usertools/54_usermod-u_invalid_UID_4294967295/usermod.test
+run_test ./usertools/55_userdel_busy_user/userdel.test
+run_test ./usertools/56_userdel_locked_passwd/userdel.test
+run_test ./usertools/57_userdel_locked_group/userdel.test
+run_test ./usertools/58_userdel_locked_shadow/userdel.test
+run_test ./usertools/59_userdel_locked_gshadow/userdel.test
+run_test ./usertools/60_userdel_invalid_user/userdel.test
+run_test ./usertools/61_userdel_del_homedir_with_symlinks/userdel.test
+if [ "$USE_PAM" = "yes" ]; then
+ run_test ./usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test
+ run_test ./usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test
+else
+ run_test ./usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test
+ run_test ./usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test
+ run_test ./usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test
+ run_test ./usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test
+ run_test ./usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test
+fi
+run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
+run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
+run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
+run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
+run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
+run_test ./usertools/useradd/01_useradd_usage/useradd.test
+run_test ./usertools/useradd/02_useradd_usage_invalid_option/useradd.test
+run_test ./usertools/useradd/03_useradd_usage_no_users/useradd.test
+run_test ./usertools/useradd/04_useradd_usage_2_users/useradd.test
+run_test ./usertools/useradd/05_useradd_usage-b_invalid1/useradd.test
+run_test ./usertools/useradd/06_useradd_usage-b_invalid2/useradd.test
+run_test ./usertools/useradd/07_useradd_usage-b_invalid3/useradd.test
+run_test ./usertools/useradd/08_useradd_usage-c_invalid1/useradd.test
+run_test ./usertools/useradd/09_useradd_usage-c_invalid2/useradd.test
+run_test ./usertools/useradd/10_useradd_usage-d_invalid1/useradd.test
+run_test ./usertools/useradd/11_useradd_usage-d_invalid2/useradd.test
+run_test ./usertools/useradd/12_useradd_usage-d_invalid3/useradd.test
+run_test ./usertools/useradd/13_useradd_usage-e_invalid1/useradd.test
+run_test ./usertools/useradd/14_useradd_usage-e_invalid2/useradd.test
+run_test ./usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test
+run_test ./usertools/useradd/16_useradd_usage-f_invalid1/useradd.test
+run_test ./usertools/useradd/17_useradd_usage-f_invalid2/useradd.test
+run_test ./usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test
+run_test ./usertools/useradd/19_useradd_usage-K_invalid1/useradd.test
+run_test ./usertools/useradd/20_useradd_usage-O_invalid2/useradd.test
+run_test ./usertools/useradd/21_useradd_usage-p_invalid1/useradd.test
+run_test ./usertools/useradd/22_useradd_usage-p_invalid2/useradd.test
+run_test ./usertools/useradd/23_useradd_usage-s_invalid1/useradd.test
+run_test ./usertools/useradd/24_useradd_usage-s_invalid2/useradd.test
+run_test ./usertools/useradd/25_useradd_usage-s_invalid3/useradd.test
+run_test ./usertools/useradd/26_useradd_usage-o_without-u/useradd.test
+run_test ./usertools/useradd/27_useradd_usage-k_without-m/useradd.test
+run_test ./usertools/useradd/28_useradd_usage-U_with-g/useradd.test
+run_test ./usertools/useradd/29_useradd_usage-U_with-N/useradd.test
+run_test ./usertools/useradd/30_useradd_usage-m_with-M/useradd.test
+run_test ./usertools/useradd/31_useradd_usage_user_with-D/useradd.test
+run_test ./usertools/useradd/32_useradd_usage-D_with_other/useradd.test
+run_test ./usertools/useradd/33_useradd_usage_invalid_username/useradd.test
+run_test ./usertools/useradd/35_useradd_default_GROUP_name/useradd.test
+run_test ./usertools/useradd/34_useradd_default_GROUP_GID/useradd.test
+run_test ./usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test
+run_test ./usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test
+run_test ./usertools/useradd/38_useradd_default_INACTIVE/useradd.test
+run_test ./usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test
+run_test ./usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test
+run_test ./usertools/useradd/41_useradd_default_default_SKEL/useradd.test
+run_test ./usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test
+run_test ./usertools/useradd/43_useradd_default_no_final_eol/useradd.test
+run_test ./usertools/useradd/44_useradd_default_no_file/useradd.test
+run_test ./usertools/useradd/45_useradd-G_UID_name/useradd.test
+run_test ./usertools/useradd/46_useradd-G_UID_duplicate/useradd.test
+run_test ./usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test
+run_test ./usertools/useradd/48_useradd-G_name_duplicate/useradd.test
+run_test ./usertools/useradd/49_useradd-G_invalid_group/useradd.test
+run_test ./usertools/useradd/50_useradd-r/useradd.test
+run_test ./usertools/useradd/51_useradd_already_exist/useradd.test
+run_test ./usertools/useradd/52_useradd-U_group_already_exist/useradd.test
+run_test ./usertools/useradd/53_useradd-G_empty/useradd.test
+run_test ./usertools/useradd/54_useradd_no_shadow_file/useradd.test
+run_test ./usertools/useradd/55_useradd_no_gshadow_file/useradd.test
+run_test ./usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test
+run_test ./usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test
+run_test ./usertools/useradd/58_useradd-e_empty/useradd.test
+run_test ./usertools/useradd/59_useradd-e-1-f-1/useradd.test
+run_test ./usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test
+run_test ./usertools/useradd/61_useradd-K/useradd.test
+run_test ./usertools/useradd/62_useradd-p/useradd.test
+run_test ./usertools/useradd/63_useradd-s/useradd.test
+run_test ./usertools/useradd/64_useradd_locked_passwd/useradd.test
+run_test ./usertools/useradd/65_useradd_locked_group/useradd.test
+run_test ./usertools/useradd/66_useradd_locked_shadow/useradd.test
+run_test ./usertools/useradd/67_useradd_locked_gshadow/useradd.test
+run_test ./usertools/useradd/68_useradd-s_empty/useradd.test
+run_test ./usertools/userdel/01_userdel_usage/userdel.test
+run_test ./usertools/userdel/02_userdel_usage_invalid_option/userdel.test
+run_test ./usertools/userdel/03_userdel_usage_no_users/userdel.test
+run_test ./usertools/userdel/04_userdel_usage_2_users/userdel.test
+run_test ./usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test
+run_test ./usertools/userdel/06_userdel_no_usergroup/userdel.test
+run_test ./usertools/userdel/07_userdel_usergroup_not_primary/userdel.test
+run_test ./usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test
+run_test ./usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test
+run_test ./usertools/userdel/10_userdel_del_homedir_symlink/userdel.test
+run_test ./usertools/usermod/01_usermod-p_no_shadow_file/usermod.test
+run_test ./usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test
+run_test ./usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test
+run_test ./usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test
+run_test ./usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test
+run_test ./usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test
+run_test ./usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test
+run_test ./usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test
+run_test ./usertools/usermod/10_usermod_usage/usermod.test
+run_test ./usertools/usermod/11_usermod_usage_bad_option/usermod.test
+run_test ./usertools/usermod/12_usermod_usage_bad-f/usermod.test
+run_test ./usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test
+run_test ./usertools/usermod/14_usermod_usage_no_options/usermod.test
+run_test ./usertools/usermod/15_usermod_usage_no_user/usermod.test
+run_test ./usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test
+run_test ./usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test
+run_test ./usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test
+run_test ./usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test
+run_test ./usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test
+run_test ./usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test
+run_test ./usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test
+run_test ./usertools/usermod/23_usermod-e_date/usermod.test
+run_test ./usertools/usermod/24_usermod-e_date/usermod.test
+run_test ./usertools/usermod/25_usermod-e_empty_arg/usermod.test
+run_test ./usertools/usermod/26_usermod-e-1/usermod.test
+run_test ./usertools/usermod/27_usermod-e_invalid1/usermod.test
+run_test ./usertools/usermod/28_usermod-e_invalid2/usermod.test
+run_test ./usertools/usermod/29_usermod_no_changes/usermod.test
+run_test ./usertools/usermod/30_usermod_usage-a_without-G/usermod.test
+run_test ./usertools/usermod/31_usermod_usage-o_without-u/usermod.test
+run_test ./usertools/usermod/32_usermod_usage-m_without-d/usermod.test
+run_test ./usertools/usermod/33_usermod_change_shell/usermod.test
+run_test ./usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test
+run_test ./usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test
+run_test ./usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test
+run_test ./usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test
+run_test ./usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test
+run_test ./usertools/usermod/41_usermod-u_faillog_not_created/usermod.test
+run_test ./usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test
+run_test ./usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test
+run_test ./usertools/usermod/44_usermod-l_move_mailbox/usermod.test
+run_test ./usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test
+run_test ./usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test
+run_test ./usertools/usermod/47_usermod-u_default_maildir/usermod.test
+run_test ./usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test
+run_test ./usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test
+run_test ./usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test
+run_test ./usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test
+run_test ./usertools/usermod/52_usermod_move_homedir_symlink/usermod.test
+run_test ./cptools/01/run1
+run_test ./cptools/01/run2
+run_test ./cptools/01/run3
+run_test ./cptools/01/run4
+run_test ./cktools/01/run1
+run_test ./cktools/01/run2
+run_test ./cktools/02_pwck_sort/pwck.test
+run_test ./cktools/03_grpck_sort/grpck.test
+run_test ./cktools/04_pwck_sort_missing_shadow_user/pwck.test
+run_test ./cktools/05_grpck_sort_missing_shadow_group/grpck.test
+run_test ./cktools/06_pwck_sort_NIS_server/pwck.test
+run_test ./cktools/07_pwck_sort_NIS_client/pwck.test
+run_test ./cktools/grpck/04_grpck_missing_field_group_delete/grpck.test
+run_test ./cktools/grpck/05_grpck_missing_field_group_keep/grpck.test
+run_test ./cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test
+run_test ./cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test
+run_test ./cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test
+run_test ./cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test
+run_test ./cktools/grpck/10_grpck_missing_field_group_local/grpck.test
+run_test ./cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test
+run_test ./cktools/grpck/12_grpck_unknown_user_group/grpck.test
+run_test ./cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test
+run_test ./cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test
+run_test ./cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test
+run_test ./cktools/grpck/16_grpck_duplicate_entry_group/grpck.test
+run_test ./cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test
+run_test ./cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test
+run_test ./cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test
+run_test ./cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test
+run_test ./cktools/grpck/21_grpck_invalid_group_name/grpck.test
+run_test ./cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test
+run_test ./cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test
+run_test ./cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test
+run_test ./cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test
+run_test ./cktools/grpck/26_grpck_no_gshadow_file/grpck.test
+run_test ./cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test
+run_test ./cktools/grpck/28_grpck_usage/grpck.test
+run_test ./cktools/grpck/29_grpck_sort_readonly/grpck.test
+run_test ./cktools/grpck/30_grpck_3_files/grpck.test
+run_test ./cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test
+run_test ./cktools/grpck/32_grpck_sort_nis/grpck.test
+run_test ./cktools/grpck/33_grpck_locked_group/grpck.test
+run_test ./cktools/grpck/34_grpck_locked_gshadow/grpck.test
+run_test ./cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test
+run_test ./cktools/grpck/36_grpck_password_group_gshadow/grpck.test
+run_test ./cktools/grpck/37_grpck_invalid_option/grpck.test
+run_test ./cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test
+run_test ./cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test
+run_test ./cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test
+run_test ./cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test
+run_test ./cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test
+run_test ./cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test
+run_test ./cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test
+run_test ./cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test
+run_test ./cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test
+run_test ./cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test
+run_test ./cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test
+run_test ./cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test
+run_test ./cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test
+run_test ./cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test
+run_test ./cktools/pwck/18_pwck_invalid_user_name/pwck.test
+run_test ./cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test
+run_test ./cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test
+run_test ./cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test
+run_test ./cktools/pwck/22_pwck_usage/pwck.test
+run_test ./cktools/pwck/23_pwck_locked_passwd/pwck.test
+run_test ./cktools/pwck/24_pwck_locked_shadow/pwck.test
+run_test ./cktools/pwck/25_pwck_usage_invalid_option/pwck.test
+run_test ./cktools/pwck/26_pwck_usage-s-r/pwck.test
+run_test ./cktools/pwck/27_pwck_usage_3_files/pwck.test
+run_test ./cktools/pwck/28_pwck_no_shadow_file/pwck.test
+run_test ./cktools/pwck/29_pwck_password_change_in_future/pwck.test
+run_test ./cktools/pwck/30_pwck_NIS_entries/pwck.test
+run_test ./cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test
+run_test ./cktools/pwck/32_pwck_quiet/pwck.test
+if [ "$USE_PAM" != "yes" ]; then
+ run_test ./crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test
+ run_test ./crypt/login.defs_DES/01_chpasswd.test
+ run_test ./crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test
+ run_test ./crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test
+ run_test ./crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test
+ run_test ./crypt/login.defs_DES/05_chpasswd-e.test
+ run_test ./crypt/login.defs_DES/06_chpasswd-m.test
+fi
+run_test ./crypt/login.defs_DES/07_chgpasswd.test
+run_test ./crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test
+run_test ./crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test
+run_test ./crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test
+run_test ./crypt/login.defs_DES/11_chgpasswd-e.test
+run_test ./crypt/login.defs_DES/12_chgpasswd-m.test
+if [ "$USE_PAM" != "yes" ]; then
+ run_test ./crypt/login.defs_MD5/01_chpasswd.test
+ run_test ./crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test
+fi
+run_test ./crypt/login.defs_MD5/02_chgpasswd.test
+run_test ./crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test
+if [ "$USE_PAM" != "yes" ]; then
+ run_test ./crypt/login.defs_SHA256-round-max/01_chpasswd.test
+ run_test ./crypt/login.defs_SHA256-round-min-max/01_chpasswd.test
+ run_test ./crypt/login.defs_SHA256-round-min/01_chpasswd.test
+ run_test ./crypt/login.defs_SHA256/01_chpasswd.test
+ run_test ./crypt/login.defs_SHA512/01_chpasswd.test
+ run_test ./crypt/login.defs_none/01_chpasswd.test
+fi
+run_test ./crypt/login.defs_SHA256-round-max/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256-round-min/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA512/02_chgpasswd.test
+run_test ./crypt/login.defs_none/02_chgpasswd.test
+run_test ./newusers/01_create_user/newusers.test
+run_test ./newusers/02_update_password/newusers.test
+run_test ./newusers/03_no_update_pid/newusers.test
+run_test ./newusers/04_no_update_gid/newusers.test
+run_test ./newusers/05_create_user_pid/newusers.test
+run_test ./newusers/06_create_user_gid/newusers.test
+run_test ./newusers/07_create_user_pid_gid/newusers.test
+run_test ./newusers/08_create_user_pid_other-gid/newusers.test
+run_test ./newusers/09_create_user_pid-as-user-bar/newusers.test
+run_test ./newusers/10_create_user_gid-as-group-bar/newusers.test
+run_test ./newusers/11_update_gecos/newusers.test
+run_test ./newusers/12_update_shell/newusers.test
+run_test ./newusers/13_create_user_new-home/newusers.test
+run_test ./newusers/14_create_user_existing-home/newusers.test
+run_test ./newusers/15_update_new-home/newusers.test
+run_test ./newusers/16_update_existing-home/newusers.test
+run_test ./newusers/17_create_user_pid-already-used/newusers.test
+run_test ./newusers/18_create_user_gid-already-used/newusers.test
+run_test ./newusers/19_update_keep-old-home/newusers.test
+run_test ./newusers/20_multiple_users/newusers.test
+run_test ./newusers/21_create_user_UID_MAX/newusers.test
+run_test ./newusers/22_create_user_GID_MAX/newusers.test
+run_test ./newusers/23_create_user_error_negativ_UID/newusers.test
+run_test ./newusers/24_create_user_error_invalid_UID/newusers.test
+run_test ./newusers/25_create_user_error_no_remaining_UID/newusers.test
+run_test ./newusers/26_create_user_error_no_remaining_GID/newusers.test
+run_test ./newusers/27_create_user_error_invalid_username/newusers.test
+run_test ./newusers/28_create_user_error_invalid_groupname/newusers.test
+run_test ./newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test
+run_test ./newusers/30_create_user_different_groupname/newusers.test
+run_test ./newusers/31_create_user_error_invalid_GID/newusers.test
+run_test ./newusers/32_create_user_error_gshadow_group_exists/newusers.test
+run_test ./newusers/33_update_password_no_shadow_password/newusers.test
+run_test ./newusers/34_update_password_no_shadow/newusers.test
+run_test ./newusers/35_read_from_stdin/newusers.test
+if [ "$USE_PAM" != "yes" ]; then
+ run_test ./newusers/36_create_user_encrypted/newusers.test
+ run_test ./newusers/37_create_user_encrypt_MD5/newusers.test
+ run_test ./newusers/38_update_password_no_shadow_encrypted/newusers.test
+ run_test ./newusers/39_update_password_no_shadow_password_encrypted/newusers.test
+ run_test ./newusers/40_update_password_encrypted/newusers.test
+ run_test ./newusers/41_create_user_encrypt_SHA256/newusers.test
+ run_test ./newusers/42_create_user_encrypt_SHA512/newusers.test
+ run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test
+ run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test
+ run_test ./newusers/45_create_user_encrypt_rounds_3000/newusers.test
+ run_test ./newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test
+else
+
+ run_test ./newusers/37_create_user_encrypt_MD5-PAM/newusers.test
+
+
+
+ run_test ./newusers/41_create_user_encrypt_SHA256-PAM/newusers.test
+ run_test ./newusers/42_create_user_encrypt_SHA512-PAM/newusers.test
+ run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test
+ run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test
+
+
+fi
+run_test ./newusers/47_create_user_error_UID_4294967295/newusers.test
+run_test ./newusers/48_create_user_error_GID_4294967295/newusers.test
+run_test ./newusers/49_multiple_system_users/newusers.test
+run_test ./newusers/50_usage/newusers.test
+run_test ./newusers/51_usage_invalid_option/newusers.test
+run_test ./newusers/52_usage_2_input_files/newusers.test
+run_test ./newusers/53_locked_passwd/newusers.test
+run_test ./newusers/54_locked_shadow/newusers.test
+run_test ./newusers/55_locked_group/newusers.test
+run_test ./newusers/56_locked_gshadow/newusers.test
+run_test ./newusers/57_missing_input_file/newusers.test
+run_test ./newusers/58_invalid_input_file/newusers.test
+run_test ./newusers/59_no_gshadow_file/newusers.test
+run_test ./newusers/60_update_no_gecos/newusers.test
+run_test ./newusers/61_update_no_shell/newusers.test
+run_test ./split_groups/01_useradd_split_group/useradd.test
+run_test ./split_groups/02_useradd_no_split_group/useradd.test
+run_test ./split_groups/03_useradd_split_group_already_split/useradd.test
+run_test ./split_groups/04_useradd_split_group_already_full/useradd.test
+run_test ./split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test
+run_test ./split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test
+run_test ./split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test
+run_test ./split_groups/08_useradd_no_split_group_already_split/useradd.test
+run_test ./split_groups/09_groupdel_split_group_already_split/groupdel.test
+run_test ./split_groups/10_groupdel_no_split_group_already_split/groupdel.test
+if [ "$FAILURE_TESTS" = "yes" ]; then
+run_test ./failures/chage/01_chage_openRW_passwd_failure/chage.test
+run_test ./failures/chage/02_chage_openRO_passwd_failure/chage.test
+run_test ./failures/chage/03_chage_openRW_shadow_failure/chage.test
+run_test ./failures/chage/04_chage_openRO_shadow_failure/chage.test
+run_test ./failures/chage/05_chage_rename_shadow_failure/chage.test
+run_test ./failures/chage/06_chage_rename_passwd_failure/chage.test
+run_test ./failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test
+run_test ./failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test
+run_test ./failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test
+run_test ./failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test
+if [ "$USE_PAM" = "yes" ]; then
+ run_test ./failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test
+ run_test ./failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test
+ run_test ./failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test
+ run_test ./failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test
+ run_test ./failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test
+fi
+run_test ./failures/chsh/01_chsh_open_passwd_failure/chsh.test
+run_test ./failures/chsh/02_chsh_rename_passwd_failure/chsh.test
+run_test ./failures/cppw/01_cppw_open_passwd_in_failure/cppw.test
+run_test ./failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test
+run_test ./failures/cppw/03_cppw_rename_passwd_failure/cppw.test
+run_test ./failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test
+run_test ./failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test
+run_test ./failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test
+run_test ./failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test
+run_test ./failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test
+run_test ./failures/groupadd/02_groupadd_group_rename_failure/groupadd.test
+run_test ./failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test
+run_test ./failures/groupadd/04_groupadd_group_open_failure/groupadd.test
+run_test ./failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test
+run_test ./failures/groupdel/02_groupdel_group_rename_failure/groupdel.test
+run_test ./failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test
+run_test ./failures/groupdel/04_groupdel_group_open_failure/groupdel.test
+run_test ./failures/groupmems/01_groupmems_group_open_failure/groupmems.test
+run_test ./failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test
+run_test ./failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test
+run_test ./failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test
+run_test ./failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test
+run_test ./failures/groupmod/04_groupmod_group_open_failure/groupmod.test
+run_test ./failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test
+run_test ./failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test
+run_test ./failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test
+run_test ./failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test
+run_test ./failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test
+run_test ./failures/grpck/01_grpck_system_group_open_failure/grpck.test
+run_test ./failures/grpck/02_grpck_group_open_failure/grpck.test
+run_test ./failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test
+run_test ./failures/grpck/04_grpck_gshadow_open_failure/grpck.test
+run_test ./failures/grpck/05_grpck_sort_group_rename_failure/grpck.test
+run_test ./failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test
+run_test ./failures/grpconv/01_grpconv_open_group_failure/grpconv.test
+run_test ./failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test
+run_test ./failures/grpconv/03_grpconv_rename_group_failure/grpconv.test
+run_test ./failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test
+run_test ./failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test
+run_test ./failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test
+run_test ./failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test
+run_test ./failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test
+run_test ./failures/newusers/01_newusers_open_passwd_failure/newusers.test
+run_test ./failures/newusers/02_newusers_open_shadow_failure/newusers.test
+run_test ./failures/newusers/03_newusers_open_group_failure/newusers.test
+run_test ./failures/newusers/04_newusers_open_gshadow_failure/newusers.test
+run_test ./failures/newusers/05_newusers_rename_passwd_failure/newusers.test
+run_test ./failures/newusers/06_newusers_rename_shadow_failure/newusers.test
+run_test ./failures/newusers/07_newusers_rename_group_failure/newusers.test
+run_test ./failures/newusers/08_newusers_rename_gshadow_failure/newusers.test
+run_test ./failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test
+run_test ./failures/newusers/10_newusers_time_0/newusers.test
+run_test ./failures/pwck/01_pwck_system_passwd_open_failure/pwck.test
+run_test ./failures/pwck/02_pwck_passwd_open_failure/pwck.test
+run_test ./failures/pwck/03_pwck_system_shadow_open_failure/pwck.test
+run_test ./failures/pwck/04_pwck_shadow_open_failure/pwck.test
+run_test ./failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test
+run_test ./failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test
+run_test ./failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test
+run_test ./failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test
+run_test ./failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test
+run_test ./failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test
+run_test ./failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test
+run_test ./failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test
+run_test ./failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test
+run_test ./failures/pwconv/05_pwconv_time_0/pwconv.test
+run_test ./failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test
+run_test ./failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test
+run_test ./failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test
+run_test ./failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test
+run_test ./failures/useradd/01_useradd_open_passwd_failure/useradd.test
+run_test ./failures/useradd/02_useradd_open_shadow_failure/useradd.test
+run_test ./failures/useradd/03_useradd_open_group_failure/useradd.test
+run_test ./failures/useradd/04_useradd_open_gshadow_failure/useradd.test
+run_test ./failures/useradd/05_useradd_rename_passwd_failure/useradd.test
+run_test ./failures/useradd/06_useradd_rename_shadow_failure/useradd.test
+run_test ./failures/useradd/07_useradd_rename_group_failure/useradd.test
+run_test ./failures/useradd/08_useradd_rename_gshadow_failure/useradd.test
+run_test ./failures/useradd/09_useradd_rename_defaults_failure/useradd.test
+run_test ./failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test
+run_test ./failures/useradd/11_useradd_time_0/useradd.test
+run_test ./failures/useradd/12_useradd_open_subuid_failure/useradd.test
+run_test ./failures/useradd/13_useradd_open_subgid_failure/useradd.test
+run_test ./failures/useradd/14_username_rename_subuid_failure/useradd.test
+run_test ./failures/useradd/15_username_rename_subgid_failure/useradd.test
+run_test ./failures/userdel/01_userdel_gshadow_rename_failure/userdel.test
+run_test ./failures/userdel/02_userdel_group_rename_failure/userdel.test
+run_test ./failures/userdel/03_userdel_shadow_rename_failure/userdel.test
+run_test ./failures/userdel/04_userdel_passwd_rename_failure/userdel.test
+run_test ./failures/userdel/05_userdel_failure_remove_mailbox/userdel.test
+run_test ./failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test
+run_test ./failures/userdel/07_userdel_failure_remove_homedir/userdel.test
+run_test ./failures/userdel/08_userdel_open_passwd_failure/userdel.test
+run_test ./failures/userdel/09_userdel_open_shadow_failure/userdel.test
+run_test ./failures/userdel/10_userdel_open_group_failure/userdel.test
+run_test ./failures/userdel/11_userdel_open_gshadow_failure/userdel.test
+run_test ./failures/userdel/12_userdel_open_subuid_failure/userdel.test
+run_test ./failures/userdel/13_userdel_open_subgid_failure/userdel.test
+run_test ./failures/userdel/14_userdel_rename_subuid_failure/usedel.test
+run_test ./failures/userdel/15_userdel_rename_subgid_failure/usedel.test
+run_test ./failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test
+run_test ./failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test
+run_test ./failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test
+run_test ./failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test
+run_test ./failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test
+run_test ./failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test
+run_test ./failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test
+run_test ./failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test
+run_test ./failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test
+run_test ./failures/usermod/10_usermod_-p_time_0/usermod.test
+run_test ./failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test
+#run_test ./failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test
+run_test ./failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test
+run_test ./failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test
+run_test ./failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test
+run_test ./failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test
+run_test ./failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test
+run_test ./failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test
+fi
+run_test ./expiry/01_expiry_-c_no_expiry/expiry.test
+run_test ./expiry/02_expiry_-c_expired/expiry.test
+run_test ./expiry/03_expiry_-f_expired/expiry.test
+run_test ./expiry/04_expiry_no_options/expiry.test
+run_test ./expiry/05_expiry_-c_no_shadow_file/expiry.test
+run_test ./expiry/06_expiry_-c_no_shadow_entry/expiry.test
+run_test ./expiry/07_expiry_-c_expired_account/expiry.test
+run_test ./expiry/08_expiry_-c_expired_max+inact/expiry.test
+run_test ./expiry/09_expiry_-c_expired_not_inactive/expiry.test
+run_test ./expiry/10_expiry_bad_option/expiry.test
+run_test ./expiry/11_expiry_usage/expiry.test
+run_test ./expiry/12_expiry_extra_arg/expiry.test
+run_test ./expiry/13_expiry_usage-c-f/expiry.test
+run_test ./passwd/01_passwd_-S_root_locked_account/passwd.test
+run_test ./passwd/02_passwd_-S_root_valid_account/passwd.test
+run_test ./passwd/03_passwd_-S_root_empty_password/passwd.test
+run_test ./passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test
+run_test ./passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test
+run_test ./passwd/06_passwd_-l_root_lock_account/passwd.test
+run_test ./passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test
+run_test ./passwd/08_passwd_-u_root_unlock_account/passwd.test
+run_test ./passwd/09_passwd_-u_root_unlock_to_empty/passwd.test
+run_test ./passwd/10_passwd_-d_root/passwd.test
+run_test ./passwd/11_passwd_--mindays_root/passwd.test
+run_test ./passwd/12_passwd_--maxdays_root/passwd.test
+run_test ./passwd/13_passwd_--warndays_root/passwd.test
+run_test ./passwd/14_passwd_--inactive_root/passwd.test
+run_test ./passwd/15_passwd_--expire_root/passwd.test
+run_test ./passwd/16_passwd_-S-a_root/passwd.test
+run_test ./passwd/17_passwd_root_change_password/passwd.test
+run_test ./passwd/18_passwd_root_change_password_user/passwd.test
+run_test ./passwd/19_passwd_user_change_password/passwd.test
+run_test ./passwd/20_passwd_user_change_password_same_user/passwd.test
+run_test ./passwd/21_passwd_user_change_password_other_user/passwd.test
+run_test ./passwd/22_passwd_usage/passwd.test
+run_test ./login/01_login_prompt/login.test
+run_test ./login/02_login_user/login.test
+run_test ./login/03_login_check_tty/login.test
+run_test ./subids/01_useradd_no_subids/useradd.test
+run_test ./subids/02_useradd_with_subids/useradd.test
+run_test ./subids/03_useradd_no_subgid/useradd.test
+run_test ./subids/04_useradd_no_subuid/useradd.test
+run_test ./subids/05_useradd_fill_gap_start/useradd.test
+run_test ./subids/06_useradd_fill_gap_middle/useradd.test
+run_test ./subids/07_useradd_fill_gap_end/useradd.test
+run_test ./subids/08_useradd_no_more_subuids_start/useradd.test
+run_test ./subids/09_useradd_no_more_subgids_start/useradd.test
+run_test ./subids/10_useradd_no_more_subuids_end/useradd.test
+run_test ./subids/11_useradd_no_more_subgids_end/useradd.test
+run_test ./subids/12_useradd_invalid_subuid_configuration1/useradd.test
+run_test ./subids/13_useradd_invalid_subuid_configuration2/useradd.test
+run_test ./subids/14_useradd_invalid_subuid_configuration3/useradd.test
+run_test ./subids/15_useradd_invalid_subgid_configuration1/useradd.test
+run_test ./subids/16_useradd_invalid_subgid_configuration2/useradd.test
+run_test ./subids/17_useradd_invalid_subgid_configuration3/useradd.test
+run_test ./subids/18_useradd_min=max/useradd.test
+run_test ./subids/19_useradd_locked_subuid/useradd.test
+run_test ./subids/20_useradd_locked_subgid/useradd.test
+run_test ./subids/21_usermod_create_subuid_range/usermod.test
+run_test ./subids/22_usermod_create_subgid_range/usermod.test
+run_test ./subids/23_usermod_create_subids_ranges/usermod.test
+run_test ./subids/24_usermod_create_subids_overlapping_ranges/usermod.test
+run_test ./subids/25_usermod_add_range/usermod.test
+run_test ./subids/26_usermod_add_overlapping_ranges/usermod.test
+run_test ./subids/27_usermod_remove_range_all/usermod.test
+run_test ./subids/28_usermod_remove_range_partial_begin/usermod.test
+run_test ./subids/29_usermod_remove_range_partial_middle/usermod.test
+run_test ./subids/30_usermod_remove_range_partial_end/usermod.test
+run_test ./subids/31_usermod_remove_outside_range/usermod.test
+run_test ./subids/32_usermod_remove_overlapping_range_begin/usermod.test
+run_test ./subids/33_usermod_remove_overlapping_range_end/usermod.test
+run_test ./subids/34_usermod_remove_overlapping_range_all/usermod.test
+run_test ./subids/35_usermod_remove_only_user_ranges/usermod.test
+run_test ./subids/36_usermod_remove_with_comment/usermod.test
+run_test ./subids/37_usermod_-v_invalid_range/usermod.test
+run_test ./subids/38_usermod_-V_invalid_range/usermod.test
+run_test ./subids/39_usermod_-w_invalid_range/usermod.test
+run_test ./subids/40_usermod_-W_invalid_range/usermod.test
+run_test ./subids/41_usermod_locked_subuid/usermod.test
+run_test ./subids/42_usermod_locked_subgid/usermod.test
+run_test ./subids/43_usermod_-w_no_subgid/usermod.test
+run_test ./subids/44_usermod_-W_no_subgid/usermod.test
+run_test ./subids/45_usermod_-v_no_subgid/usermod.test
+run_test ./subids/46_usermod_-V_no_subgid/usermod.test
+run_test ./subids/47_usermod_-v_invalid_range2/usermod.test
+run_test ./subids/48_usermod_-v_invalid_range3/usermod.test
+run_test ./subids/49_usermod_-v_invalid_range4/usermod.test
+run_test ./subids/50_usermod_-v_invalid_range5/usermod.test
+run_test ./subids/51_usermod_-v_invalid_range6/usermod.test
+run_test ./subids/52_usermod_-v_invalid_range7/usermod.test
+run_test ./subids/53_userdel_one_subuid_range/userdel.test
+run_test ./subids/54_userdel_one_subgid_range/userdel.test
+run_test ./subids/55_userdel_no_subuid/userdel.test
+run_test ./subids/56_userdel_no_subgid/userdel.test
+run_test ./subids/57_userdel_multiple_ranges/userdel.test
+run_test ./subids/58_newusers_with_subids/newusers.test
+run_test ./subids/59_newusers_no_subuid/newusers.test
+run_test ./subids/60_newusers_no_subgid/newusers.test
+run_test ./subids/61_newusers_user_alread_has_subgids/newusers.test
+run_test ./subids/62_newusers_user_alread_has_subuids/newusers.test
+run_test ./subids/63_useradd_fill_gap4/useradd.test
+run_test ./subids/64_useradd_fill_gap5/useradd.test
+run_test ./subids/65_useradd_fill_gap6/useradd.test
+run_test ./subids/66_subordinate_range_cmp/useradd.test
+run_test ./subids/67_invalid_subuid_file1/useradd.test
+run_test ./subids/68_invalid_subuid_file2/useradd.test
+run_test ./subids/69_invalid_subuid_file3/useradd.test
+run_test ./subids/70_invalid_subuid_file4/useradd.test
+
+echo
+
+genhtml --quiet --frames --output-directory coverage.test --show-details app_total.info
+
+echo
+echo "$succeded test(s) passed"
+echo "$failed test(s) failed"
+echo "log written in 'testsuite.log'"
+if [ "$failed" != "0" ]
+then
+ echo "the following tests failed:"
+ echo $failed_tests
+fi
+
diff --git a/tests/split_groups/01_useradd_split_group/config.txt b/tests/split_groups/01_useradd_split_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/default/useradd b/tests/split_groups/01_useradd_split_group/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/group b/tests/split_groups/01_useradd_split_group/config/etc/group
new file mode 100644
index 0000000..af7aa3b
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/gshadow b/tests/split_groups/01_useradd_split_group/config/etc/gshadow
new file mode 100644
index 0000000..cfa80d5
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2
+foo1:*::
+foo2:*::
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/login.defs b/tests/split_groups/01_useradd_split_group/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+MAX_MEMBERS_PER_GROUP 2
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/passwd b/tests/split_groups/01_useradd_split_group/config/etc/passwd
new file mode 100644
index 0000000..708e6ef
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/shadow b/tests/split_groups/01_useradd_split_group/config/etc/shadow
new file mode 100644
index 0000000..f13ec56
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/split_groups/01_useradd_split_group/data/group b/tests/split_groups/01_useradd_split_group/data/group
new file mode 100644
index 0000000..f7d6d12
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/data/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/01_useradd_split_group/data/gshadow b/tests/split_groups/01_useradd_split_group/data/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/data/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/01_useradd_split_group/data/passwd b/tests/split_groups/01_useradd_split_group/data/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/01_useradd_split_group/data/shadow b/tests/split_groups/01_useradd_split_group/data/shadow
new file mode 100644
index 0000000..cb7911b
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/data/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:@TODAY@:0:99999:7:::
diff --git a/tests/split_groups/01_useradd_split_group/useradd.test b/tests/split_groups/01_useradd_split_group/useradd.test
new file mode 100755
index 0000000..402aad9
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group with a full line"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo3, in group foo (useradd -G foo foo3)..."
+useradd -G foo foo3
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/02_useradd_no_split_group/config.txt b/tests/split_groups/02_useradd_no_split_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/default/useradd b/tests/split_groups/02_useradd_no_split_group/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/group b/tests/split_groups/02_useradd_no_split_group/config/etc/group
new file mode 100644
index 0000000..af7aa3b
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/gshadow b/tests/split_groups/02_useradd_no_split_group/config/etc/gshadow
new file mode 100644
index 0000000..cfa80d5
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2
+foo1:*::
+foo2:*::
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/login.defs b/tests/split_groups/02_useradd_no_split_group/config/etc/login.defs
new file mode 100644
index 0000000..46b2876
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+MAX_MEMBERS_PER_GROUP 0
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/passwd b/tests/split_groups/02_useradd_no_split_group/config/etc/passwd
new file mode 100644
index 0000000..708e6ef
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/shadow b/tests/split_groups/02_useradd_no_split_group/config/etc/shadow
new file mode 100644
index 0000000..f13ec56
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/split_groups/02_useradd_no_split_group/data/group b/tests/split_groups/02_useradd_no_split_group/data/group
new file mode 100644
index 0000000..355db7e
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/data/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2,foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/02_useradd_no_split_group/data/gshadow b/tests/split_groups/02_useradd_no_split_group/data/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/data/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/02_useradd_no_split_group/data/passwd b/tests/split_groups/02_useradd_no_split_group/data/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/02_useradd_no_split_group/data/shadow b/tests/split_groups/02_useradd_no_split_group/data/shadow
new file mode 100644
index 0000000..cb7911b
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/data/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:@TODAY@:0:99999:7:::
diff --git a/tests/split_groups/02_useradd_no_split_group/useradd.test b/tests/split_groups/02_useradd_no_split_group/useradd.test
new file mode 100755
index 0000000..402aad9
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group with a full line"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo3, in group foo (useradd -G foo foo3)..."
+useradd -G foo foo3
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config.txt b/tests/split_groups/03_useradd_split_group_already_split/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/default/useradd b/tests/split_groups/03_useradd_split_group_already_split/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/group b/tests/split_groups/03_useradd_split_group_already_split/config/etc/group
new file mode 100644
index 0000000..f7d6d12
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/gshadow b/tests/split_groups/03_useradd_split_group_already_split/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/login.defs b/tests/split_groups/03_useradd_split_group_already_split/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+MAX_MEMBERS_PER_GROUP 2
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/passwd b/tests/split_groups/03_useradd_split_group_already_split/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/shadow b/tests/split_groups/03_useradd_split_group_already_split/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/group b/tests/split_groups/03_useradd_split_group_already_split/data/group
new file mode 100644
index 0000000..3c1c18b
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/data/group
@@ -0,0 +1,47 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3,foo4
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
+foo4:x:1003:
diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/gshadow b/tests/split_groups/03_useradd_split_group_already_split/data/gshadow
new file mode 100644
index 0000000..ca307ab
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/data/gshadow
@@ -0,0 +1,46 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3,foo4
+foo1:*::
+foo2:*::
+foo3:!::
+foo4:!::
diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/passwd b/tests/split_groups/03_useradd_split_group_already_split/data/passwd
new file mode 100644
index 0000000..f60db36
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/data/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
+foo4:x:1003:1003::/home/foo4:/bin/sh
diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/shadow b/tests/split_groups/03_useradd_split_group_already_split/data/shadow
new file mode 100644
index 0000000..3ee0375
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/data/shadow
@@ -0,0 +1,23 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
+foo4:!:@TODAY@:0:99999:7:::
diff --git a/tests/split_groups/03_useradd_split_group_already_split/useradd.test b/tests/split_groups/03_useradd_split_group_already_split/useradd.test
new file mode 100755
index 0000000..5c8fbad
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group already split"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config.txt b/tests/split_groups/04_useradd_split_group_already_full/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/default/useradd b/tests/split_groups/04_useradd_split_group_already_full/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/group b/tests/split_groups/04_useradd_split_group_already_full/config/etc/group
new file mode 100644
index 0000000..355db7e
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2,foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/gshadow b/tests/split_groups/04_useradd_split_group_already_full/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/login.defs b/tests/split_groups/04_useradd_split_group_already_full/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+MAX_MEMBERS_PER_GROUP 2
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/passwd b/tests/split_groups/04_useradd_split_group_already_full/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/shadow b/tests/split_groups/04_useradd_split_group_already_full/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/group b/tests/split_groups/04_useradd_split_group_already_full/data/group
new file mode 100644
index 0000000..3c1c18b
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/data/group
@@ -0,0 +1,47 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3,foo4
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
+foo4:x:1003:
diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/gshadow b/tests/split_groups/04_useradd_split_group_already_full/data/gshadow
new file mode 100644
index 0000000..ca307ab
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/data/gshadow
@@ -0,0 +1,46 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3,foo4
+foo1:*::
+foo2:*::
+foo3:!::
+foo4:!::
diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/passwd b/tests/split_groups/04_useradd_split_group_already_full/data/passwd
new file mode 100644
index 0000000..f60db36
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/data/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
+foo4:x:1003:1003::/home/foo4:/bin/sh
diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/shadow b/tests/split_groups/04_useradd_split_group_already_full/data/shadow
new file mode 100644
index 0000000..3ee0375
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/data/shadow
@@ -0,0 +1,23 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
+foo4:!:@TODAY@:0:99999:7:::
diff --git a/tests/split_groups/04_useradd_split_group_already_full/useradd.test b/tests/split_groups/04_useradd_split_group_already_full/useradd.test
new file mode 100755
index 0000000..f4aab68
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group with already more user than allowed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config.txt b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/group b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/group
new file mode 100644
index 0000000..bdc8297
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:pass1:999:foo1,foo2
+foo:pass2:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/gshadow b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/login.defs b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+MAX_MEMBERS_PER_GROUP 2
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/passwd b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/shadow b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/data/useradd.err b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/data/useradd.err
new file mode 100644
index 0000000..050950f
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/data/useradd.err
@@ -0,0 +1,2 @@
+Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck.
+useradd: failed to prepare the new /etc/group entry 'foo'
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test
new file mode 100755
index 0000000..165e47d
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group already split, with different group passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config.txt b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/group b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/group
new file mode 100644
index 0000000..792c688
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:pass:998:foo1,foo2
+foo:pass:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/gshadow b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/login.defs b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+MAX_MEMBERS_PER_GROUP 2
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/passwd b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/shadow b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/data/useradd.err b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/data/useradd.err
new file mode 100644
index 0000000..050950f
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/data/useradd.err
@@ -0,0 +1,2 @@
+Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck.
+useradd: failed to prepare the new /etc/group entry 'foo'
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test
new file mode 100755
index 0000000..970d10c
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group already split, with different GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config.txt b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/default/useradd b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/group b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/group
new file mode 100644
index 0000000..c4ea1f0
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3,foo1
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/gshadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/login.defs b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+MAX_MEMBERS_PER_GROUP 2
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/passwd b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/shadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/group b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/group
new file mode 100644
index 0000000..3c1c18b
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/group
@@ -0,0 +1,47 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3,foo4
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
+foo4:x:1003:
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/gshadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/gshadow
new file mode 100644
index 0000000..ca307ab
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/gshadow
@@ -0,0 +1,46 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3,foo4
+foo1:*::
+foo2:*::
+foo3:!::
+foo4:!::
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/passwd b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/passwd
new file mode 100644
index 0000000..f60db36
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
+foo4:x:1003:1003::/home/foo4:/bin/sh
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/shadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/shadow
new file mode 100644
index 0000000..3ee0375
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/shadow
@@ -0,0 +1,23 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
+foo4:!:@TODAY@:0:99999:7:::
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test
new file mode 100755
index 0000000..5c8fbad
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group already split"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config.txt b/tests/split_groups/08_useradd_no_split_group_already_split/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/group b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/group
new file mode 100644
index 0000000..f7d6d12
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/gshadow b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/login.defs b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/login.defs
new file mode 100644
index 0000000..46b2876
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+MAX_MEMBERS_PER_GROUP 0
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/passwd b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/shadow b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/data/useradd.err b/tests/split_groups/08_useradd_no_split_group_already_split/data/useradd.err
new file mode 100644
index 0000000..050950f
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/data/useradd.err
@@ -0,0 +1,2 @@
+Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck.
+useradd: failed to prepare the new /etc/group entry 'foo'
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/useradd.test b/tests/split_groups/08_useradd_no_split_group_already_split/useradd.test
new file mode 100755
index 0000000..055dec9
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group already split, with MAX_MEMBERS_PER_GROUP set to 0"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config.txt b/tests/split_groups/09_groupdel_split_group_already_split/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/group b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/group
new file mode 100644
index 0000000..f7d6d12
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/gshadow b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/login.defs b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+MAX_MEMBERS_PER_GROUP 2
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/passwd b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/shadow b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/data/group b/tests/split_groups/09_groupdel_split_group_already_split/data/group
new file mode 100644
index 0000000..7053f0e
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/data/gshadow b/tests/split_groups/09_groupdel_split_group_already_split/data/gshadow
new file mode 100644
index 0000000..f2ee7ec
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/groupdel.test b/tests/split_groups/09_groupdel_split_group_already_split/groupdel.test
new file mode 100755
index 0000000..0789a2e
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/groupdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete a split group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config.txt b/tests/split_groups/10_groupdel_no_split_group_already_split/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/group b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/group
new file mode 100644
index 0000000..f7d6d12
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/gshadow b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/login.defs b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/login.defs
new file mode 100644
index 0000000..46b2876
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+MAX_MEMBERS_PER_GROUP 0
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/passwd b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/shadow b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/data/groupdel.err b/tests/split_groups/10_groupdel_no_split_group_already_split/data/groupdel.err
new file mode 100644
index 0000000..7bd0741
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/data/groupdel.err
@@ -0,0 +1,2 @@
+Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck.
+groupdel: cannot remove entry 'foo' from /etc/group
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/groupdel.test b/tests/split_groups/10_groupdel_no_split_group_already_split/groupdel.test
new file mode 100755
index 0000000..b1086b6
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete a split group, with MAX_MEMBERS_PER_GROUP set to 0"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo 2>tmp/groupdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/01/config.txt b/tests/su/01/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/01/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/01/config/etc/group b/tests/su/01/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/01/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/01/config/etc/gshadow b/tests/su/01/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/01/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/01/config/etc/passwd b/tests/su/01/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/01/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/01/config/etc/shadow b/tests/su/01/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/01/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/01/run_su.exp b/tests/su/01/run_su.exp
new file mode 100755
index 0000000..2610363
--- /dev/null
+++ b/tests/su/01/run_su.exp
@@ -0,0 +1,73 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+ puts "usage: run_su.exp <user> <password> <prompt>"
+ exit 1
+}
+
+set user [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "uid=424243(testsuite) gid=424243 groups=424243"
+}
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "su $user\r" ;# Switch to the user
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r" ;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect prompt '$prompt'"
+
+expect {
+ # Wait for the new prompt
+ "$prompt" {
+ send_user "\n\n# make sure we are '$user'\n"
+ send_user "# id should return '($user).*($user).*($user)"
+ send "\r" ;# restore the prompt for the logs
+ send "id\r" ;# Verify the id
+
+ expect {
+ -re "\\($user\\).*\\($user\\).*\\($user\\)" {
+ expect "$prompt"
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+ }
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/su/01/su_root.test b/tests/su/01/su_root.test
new file mode 100755
index 0000000..1bc2268
--- /dev/null
+++ b/tests/su/01/su_root.test
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to root"
+
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp root rootF00barbaz '# '
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/01/su_user.test b/tests/su/01/su_user.test
new file mode 100755
index 0000000..7fd1f57
--- /dev/null
+++ b/tests/su/01/su_user.test
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp myuser myuserF00barbaz '$ '
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/02/config.txt b/tests/su/02/config.txt
new file mode 100644
index 0000000..70dfcd2
--- /dev/null
+++ b/tests/su/02/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+# /etc/profile is empty to avoid interferences.
diff --git a/tests/su/02/config/etc/group b/tests/su/02/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/02/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/02/config/etc/gshadow b/tests/su/02/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/02/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/02/config/etc/passwd b/tests/su/02/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/su/02/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/02/config/etc/profile b/tests/su/02/config/etc/profile
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/02/config/etc/profile
diff --git a/tests/su/02/config/etc/shadow b/tests/su/02/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/02/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/02/env_FOO-options_ b/tests/su/02/env_FOO-options_
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_- b/tests/su/02/env_FOO-options_-
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_--login b/tests/su/02/env_FOO-options_--login
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--login
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_--login.exp b/tests/su/02/env_FOO-options_--login.exp
new file mode 100755
index 0000000..8cd7679
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--login.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su --login, make a login shell
+#
+#=============================================================================
+send "/bin/su --login $command myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be empty"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_--login_bash b/tests/su/02/env_FOO-options_--login_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--login_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_--preserve-environment b/tests/su/02/env_FOO-options_--preserve-environment
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--preserve-environment
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_--preserve-environment.exp b/tests/su/02/env_FOO-options_--preserve-environment.exp
new file mode 100755
index 0000000..88932bb
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--preserve-environment.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su --preserve-environment, as for regular su, environment is preserved
+#
+#=============================================================================
+send "/bin/su $command -m myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_--preserve-environment_bash b/tests/su/02/env_FOO-options_--preserve-environment_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--preserve-environment_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-.exp b/tests/su/02/env_FOO-options_-.exp
new file mode 100755
index 0000000..6ba3e00
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -, make a login shell
+#
+#=============================================================================
+send "/bin/su - $command myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be empty"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-_bash b/tests/su/02/env_FOO-options_-_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-l b/tests/su/02/env_FOO-options_-l
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-l-m b/tests/su/02/env_FOO-options_-l-m
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l-m
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-l-m.exp b/tests/su/02/env_FOO-options_-l-m.exp
new file mode 100755
index 0000000..8b187a6
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l-m.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -l -m, make a login shell, but preserve environment
+#
+#=============================================================================
+send "/bin/su -l -m $command myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-l-m_bash b/tests/su/02/env_FOO-options_-l-m_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l-m_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-l.exp b/tests/su/02/env_FOO-options_-l.exp
new file mode 100755
index 0000000..a23f8c4
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -l, make a login shell
+#
+#=============================================================================
+send "/bin/su - $command myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be empty"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-l_bash b/tests/su/02/env_FOO-options_-l_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-m b/tests/su/02/env_FOO-options_-m
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-m
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-m.exp b/tests/su/02/env_FOO-options_-m.exp
new file mode 100755
index 0000000..061aacb
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-m.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -m, as for regular su, environment is preserved
+#
+#=============================================================================
+send "/bin/su $command -m myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-m_bash b/tests/su/02/env_FOO-options_-m_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-m_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-p b/tests/su/02/env_FOO-options_-p
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-p- b/tests/su/02/env_FOO-options_-p-
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p-
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-p-.exp b/tests/su/02/env_FOO-options_-p-.exp
new file mode 100755
index 0000000..fc84896
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p-.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -p -, make a login shell, but preserve environment
+#
+#=============================================================================
+send "/bin/su -p $command - myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-p-_bash b/tests/su/02/env_FOO-options_-p-_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p-_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-p.exp b/tests/su/02/env_FOO-options_-p.exp
new file mode 100755
index 0000000..061aacb
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -m, as for regular su, environment is preserved
+#
+#=============================================================================
+send "/bin/su $command -m myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-p_bash b/tests/su/02/env_FOO-options_-p_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_.exp b/tests/su/02/env_FOO-options_.exp
new file mode 100755
index 0000000..ff87b2e
--- /dev/null
+++ b/tests/su/02/env_FOO-options_.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# Regular su, preserve environment
+#
+#=============================================================================
+send "/bin/su myuser $command\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options__bash b/tests/su/02/env_FOO-options__bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options__bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special-options_ b/tests/su/02/env_special-options_
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special-options_-l b/tests/su/02/env_special-options_-l
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-l
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special-options_-l-p b/tests/su/02/env_special-options_-l-p
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-l-p
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special-options_-l-p.exp b/tests/su/02/env_special-options_-l-p.exp
new file mode 100755
index 0000000..15c10b6
--- /dev/null
+++ b/tests/su/02/env_special-options_-l-p.exp
@@ -0,0 +1,55 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# su -m -l, make a login shell, but preserve environment
+# However, PATH is not preserved, but set to what it would be with login
+#
+#=============================================================================
+send "/bin/su -p $command -l myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# Even with -p, PATH is reset"
+send "\r"
+expect "$ "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r"
+expect "$ "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special-options_-l-p_bash b/tests/su/02/env_special-options_-l-p_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-l-p_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special-options_-l.exp b/tests/su/02/env_special-options_-l.exp
new file mode 100755
index 0000000..75df5dc
--- /dev/null
+++ b/tests/su/02/env_special-options_-l.exp
@@ -0,0 +1,54 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# su -l, make a login shell
+#
+#=============================================================================
+send "/bin/su - $command myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# PATH should be '/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games'"
+send "\r"
+expect "$ "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r"
+expect "$ "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/home/'myuser'myuser'/bin/sh'\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special-options_-l_bash b/tests/su/02/env_special-options_-l_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-l_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special-options_-p b/tests/su/02/env_special-options_-p
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-p
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special-options_-p.exp b/tests/su/02/env_special-options_-p.exp
new file mode 100755
index 0000000..3a7143c
--- /dev/null
+++ b/tests/su/02/env_special-options_-p.exp
@@ -0,0 +1,56 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect -re "PATH=\"(.*)\"\r" {set PATH $expect_out(1,string)}
+send_user "PATH='$PATH'"
+expect "# "
+
+#=============================================================================
+#
+# su -m, as for regular su, environment is preserved
+#
+#=============================================================================
+send "/bin/su $command -m myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# Even with -p, PATH is reset"
+send "\r"
+expect "$ "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r"
+expect "$ "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special-options_-p_bash b/tests/su/02/env_special-options_-p_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-p_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special-options_.exp b/tests/su/02/env_special-options_.exp
new file mode 100755
index 0000000..63d70e1
--- /dev/null
+++ b/tests/su/02/env_special-options_.exp
@@ -0,0 +1,55 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# Regular su, preserve environment
+# However, PATH is reset
+#
+#=============================================================================
+send "/bin/su myuser $command\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# PATH should be '/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games'"
+send "\r"
+expect "$ "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r"
+expect "$ "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/home/'myuser'myuser'/bin/sh'\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special-options__bash b/tests/su/02/env_special-options__bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options__bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_ b/tests/su/02/env_special_root-options_
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-l b/tests/su/02/env_special_root-options_-l
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-l-p b/tests/su/02/env_special_root-options_-l-p
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l-p
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-l-p.exp b/tests/su/02/env_special_root-options_-l-p.exp
new file mode 100755
index 0000000..8ddae3d
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l-p.exp
@@ -0,0 +1,57 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# su -l -p root, make a login shell, but preserve environment
+# However, PATH is not preserved, but set to what it would be with login
+# for root
+#
+#=============================================================================
+send "/bin/su -p $command - root\r"
+expect "# "
+
+send "id\n"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send_user "\n# Even with -p, PATH is reset"
+send "\r"
+expect "# "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r"
+expect "# "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "# "
+
+send "exit\r"
+expect "# "
+
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special_root-options_-l-p_bash b/tests/su/02/env_special_root-options_-l-p_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l-p_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-l.exp b/tests/su/02/env_special_root-options_-l.exp
new file mode 100755
index 0000000..6a58849
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l.exp
@@ -0,0 +1,54 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# su -l root, make a login shell
+#
+#=============================================================================
+send "/bin/su $command -l root\r"
+expect "# "
+
+send "id\n"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send_user "\n# PATH should be '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'"
+send "\r"
+expect "# "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r"
+expect "# "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "# "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special_root-options_-l_bash b/tests/su/02/env_special_root-options_-l_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-p b/tests/su/02/env_special_root-options_-p
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-p
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-p.exp b/tests/su/02/env_special_root-options_-p.exp
new file mode 100755
index 0000000..453c02c
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-p.exp
@@ -0,0 +1,56 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect -re "PATH=\"(.*)\"\r" {set PATH $expect_out(1,string)}
+send_user "PATH='$PATH'"
+expect "# "
+
+#=============================================================================
+#
+# su -p root, as for regular su, environment is preserved
+#
+#=============================================================================
+send "/bin/su $command -m\r"
+expect "# "
+
+send "id\n"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send_user "\n# Even with -p, PATH is reset"
+send "\r"
+expect "# "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r"
+expect "# "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "# "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special_root-options_-p_bash b/tests/su/02/env_special_root-options_-p_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-p_bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_.exp b/tests/su/02/env_special_root-options_.exp
new file mode 100755
index 0000000..0b86452
--- /dev/null
+++ b/tests/su/02/env_special_root-options_.exp
@@ -0,0 +1,55 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# Regular su to root, preserve environment
+# However, PATH is reset
+#
+#=============================================================================
+send "/bin/su $command\r"
+expect "# "
+
+send "id\n"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send_user "\n# PATH should be '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'"
+send "\r"
+expect "# "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r"
+expect "# "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "# "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special_root-options__bash b/tests/su/02/env_special_root-options__bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options__bash
@@ -0,0 +1 @@
+run_env_test.sh \ No newline at end of file
diff --git a/tests/su/02/run_env_test.sh b/tests/su/02/run_env_test.sh
new file mode 100755
index 0000000..525d619
--- /dev/null
+++ b/tests/su/02/run_env_test.sh
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+testname=$(basename $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+command=""
+
+case "$testname" in
+ *_bash)
+ log_start "$0" "propagation of environment variable FOO in command bash: $testname"
+ testname=$(echo "$testname" | sed -s 's/_bash$//')
+ command="-c bash"
+ echo testname: $testname
+ ;;
+ *)
+ log_start "$0" "propagation of environment variable FOO: $test"
+ ;;
+esac
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+"./$testname.exp" "$command"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/config/etc/group b/tests/su/03/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/03/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/03/config/etc/gshadow b/tests/su/03/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/03/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/03/config/etc/passwd b/tests/su/03/config/etc/passwd
new file mode 100644
index 0000000..eabf509
--- /dev/null
+++ b/tests/su/03/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:
+testsuite::424242:424242::/home/:
diff --git a/tests/su/03/config/etc/shadow b/tests/su/03/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/03/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/03/data/ls.out b/tests/su/03/data/ls.out
new file mode 100644
index 0000000..ee19d5d
--- /dev/null
+++ b/tests/su/03/data/ls.out
@@ -0,0 +1 @@
+etc
diff --git a/tests/su/03/su_run_command01.test b/tests/su/03/su_run_command01.test
new file mode 100755
index 0000000..776d43f
--- /dev/null
+++ b/tests/su/03/su_run_command01.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands: su myuser -c 'ls config'"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su myuser -c 'ls config'> tmp/out 2> tmp/err"
+/bin/su myuser -c 'ls config'> tmp/out 2> tmp/err
+
+echo "su reported:"
+echo "=== stdout ==="
+cat tmp/out
+echo "=== stderr ==="
+cat tmp/err
+echo "=============="
+
+echo -n "Checking tmp/out..."
+diff -au data/ls.out tmp/out
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command02.test b/tests/su/03/su_run_command02.test
new file mode 100755
index 0000000..ff0c434
--- /dev/null
+++ b/tests/su/03/su_run_command02.test
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands: su -- myuser -c 'ls config'"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -- myuser -c 'ls config'> tmp/out 2> tmp/err"
+/bin/su -- myuser -c 'ls config'> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+diff -au data/ls.out tmp/out
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command03.test b/tests/su/03/su_run_command03.test
new file mode 100755
index 0000000..2abde6a
--- /dev/null
+++ b/tests/su/03/su_run_command03.test
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands: su myuser -- -c 'ls config'"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su myuser -- -c 'ls config'> tmp/out 2> tmp/err"
+/bin/su myuser -- -c 'ls config'> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+diff -au data/ls.out tmp/out
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command04.test b/tests/su/03/su_run_command04.test
new file mode 100755
index 0000000..c2a09c2
--- /dev/null
+++ b/tests/su/03/su_run_command04.test
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands: su -c 'ls config' myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -c 'ls config' myuser> tmp/out 2> tmp/err"
+/bin/su -c 'ls config' myuser> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+diff -au data/ls.out tmp/out
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command05.test b/tests/su/03/su_run_command05.test
new file mode 100755
index 0000000..f7d278b
--- /dev/null
+++ b/tests/su/03/su_run_command05.test
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands: su -c 'ls config' -- myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -c 'ls config' -- myuser> tmp/out 2> tmp/err"
+/bin/su -c 'ls config' -- myuser> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+diff -au data/ls.out tmp/out
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command06.test b/tests/su/03/su_run_command06.test
new file mode 100755
index 0000000..146af83
--- /dev/null
+++ b/tests/su/03/su_run_command06.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su myuser -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su myuser -c pwd> tmp/out 2> tmp/err"
+/bin/su myuser -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ */su/03)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command07.test b/tests/su/03/su_run_command07.test
new file mode 100755
index 0000000..9f08c2a
--- /dev/null
+++ b/tests/su/03/su_run_command07.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su - myuser -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su - myuser -c pwd> tmp/out 2> tmp/err"
+/bin/su - myuser -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ /home)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '/home'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command08.test b/tests/su/03/su_run_command08.test
new file mode 100755
index 0000000..51b8bab
--- /dev/null
+++ b/tests/su/03/su_run_command08.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su - -- myuser -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su - -- myuser -c pwd> tmp/out 2> tmp/err"
+/bin/su - -- myuser -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ /home)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '/home'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command09.test b/tests/su/03/su_run_command09.test
new file mode 100755
index 0000000..d24df2c
--- /dev/null
+++ b/tests/su/03/su_run_command09.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su - myuser -- -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su - myuser -- -c pwd> tmp/out 2> tmp/err"
+/bin/su - myuser -- -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ /home)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '/home'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command10.test b/tests/su/03/su_run_command10.test
new file mode 100755
index 0000000..c74f79f
--- /dev/null
+++ b/tests/su/03/su_run_command10.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -l myuser -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -l myuser -c pwd> tmp/out 2> tmp/err"
+/bin/su -l myuser -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ /home)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '/home'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command11.test b/tests/su/03/su_run_command11.test
new file mode 100755
index 0000000..8a6311b
--- /dev/null
+++ b/tests/su/03/su_run_command11.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su --login -- myuser -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su --login -- myuser -c pwd> tmp/out 2> tmp/err"
+/bin/su --login -- myuser -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ /home)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '/home'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command12.test b/tests/su/03/su_run_command12.test
new file mode 100755
index 0000000..6ac4f20
--- /dev/null
+++ b/tests/su/03/su_run_command12.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -l myuser -- -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -l myuser -- -c pwd> tmp/out 2> tmp/err"
+/bin/su -l myuser -- -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ /home)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '/home'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command13.test b/tests/su/03/su_run_command13.test
new file mode 100755
index 0000000..c52dd93
--- /dev/null
+++ b/tests/su/03/su_run_command13.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -p -c pwd -- - myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -p -c pwd -- - myuser> tmp/out 2> tmp/err"
+/bin/su -p -c pwd -- - myuser> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ */su/03)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || {
+ echo "FAIL"
+ echo "tmp/err is not empty:"
+ cat tmp/err
+ false
+}
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command14.test b/tests/su/03/su_run_command14.test
new file mode 100755
index 0000000..82f2927
--- /dev/null
+++ b/tests/su/03/su_run_command14.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -p -c pwd - myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -p -c pwd - myuser> tmp/out 2> tmp/err"
+/bin/su -p -c pwd - myuser> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ */su/03)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command15.test b/tests/su/03/su_run_command15.test
new file mode 100755
index 0000000..7e34e48
--- /dev/null
+++ b/tests/su/03/su_run_command15.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -c pwd -p - myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -c pwd -p - myuser> tmp/out 2> tmp/err"
+/bin/su -c pwd -p - myuser> tmp/out 2> tmp/err
+
+echo "su reported:"
+echo "=== stdout ==="
+cat tmp/out
+echo "=== stderr ==="
+cat tmp/err
+echo "=============="
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ */su/03)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command16.test b/tests/su/03/su_run_command16.test
new file mode 100755
index 0000000..4fbe1af
--- /dev/null
+++ b/tests/su/03/su_run_command16.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -c pwd - -p myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -c pwd - -p myuser> tmp/out 2> tmp/err"
+/bin/su -c pwd - -p myuser> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ */su/03)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command17.test b/tests/su/03/su_run_command17.test
new file mode 100755
index 0000000..c1f15c5
--- /dev/null
+++ b/tests/su/03/su_run_command17.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -c pwd - myuser -p"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -c pwd - myuser -p> tmp/out 2> tmp/err"
+/bin/su -c pwd - myuser -p> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+ */su/03)
+ echo "OK"
+ ;;
+ *)
+ echo "FAIL"
+ echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+ rm -f tmp/out
+ false
+ ;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/04/config.txt b/tests/su/04/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/04/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/04/config/etc/group b/tests/su/04/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/04/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/04/config/etc/gshadow b/tests/su/04/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/04/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/04/config/etc/login.defs b/tests/su/04/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/su/04/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/04/config/etc/passwd b/tests/su/04/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/04/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/04/config/etc/shadow b/tests/su/04/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/04/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/04/config/var/log/auth.log b/tests/su/04/config/var/log/auth.log
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/04/config/var/log/auth.log
diff --git a/tests/su/04/data/wrong_user.err b/tests/su/04/data/wrong_user.err
new file mode 100644
index 0000000..774438e
--- /dev/null
+++ b/tests/su/04/data/wrong_user.err
@@ -0,0 +1 @@
+No passwd entry for user 'myuser2'
diff --git a/tests/su/04/run_su_failed.exp b/tests/su/04/run_su_failed.exp
new file mode 100755
index 0000000..3ef2443
--- /dev/null
+++ b/tests/su/04/run_su_failed.exp
@@ -0,0 +1,58 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+ puts "usage: run_su.exp <user> <password> <prompt>"
+ exit 1
+}
+
+set user [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424243(testsuite) gid=424243 groups=424243\r"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "su $user\r" ;# Switch to the user
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r" ;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect failure"
+
+expect "su: Authentication failure\r"
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n# make sure we are still 'testsuite'"
+send "\r" ;# restore the prompt for the logs
+expect "$ " ;# Wait for the prompt
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424243(testsuite) gid=424243 groups=424243\r"
+expect "$ " ;# Wait for the prompt
+send "exit\r"
+puts "\nPASS"
+exit 0
diff --git a/tests/su/04/su_user_wrong_passwd.test b/tests/su/04/su_user_wrong_passwd.test
new file mode 100755
index 0000000..757f0f1
--- /dev/null
+++ b/tests/su/04/su_user_wrong_passwd.test
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su_failed.exp myuser myuserF00barbaz_wrongpass '$ '
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/04/su_user_wrong_passwd_syslog.test b/tests/su/04/su_user_wrong_passwd_syslog.test
new file mode 100755
index 0000000..6c6a55d
--- /dev/null
+++ b/tests/su/04/su_user_wrong_passwd_syslog.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su_failed.exp myuser myuserF00barbaz_wrongpass '$ '
+
+echo
+
+echo -n "Syncing disks..."
+sync
+echo "OK"
+echo "auth.log contains:"
+echo "======================================================================="
+cat /var/log/auth.log
+echo "======================================================================="
+echo -n "Looking for 'FAILED su for myuser by testsuite' in /var/log/auth.log..."
+grep -q "FAILED su for myuser by testsuite" /var/log/auth.log
+echo "OK"
+echo -n "Looking for '- pts/[0-9]+ testsuite:myuser' in /var/log/auth.log..."
+grep -q -E "\- /dev/pts/[0-9]+ testsuite:myuser" /var/log/auth.log
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/04/su_wrong_user.test b/tests/su/04/su_wrong_user.test
new file mode 100755
index 0000000..96b4dc3
--- /dev/null
+++ b/tests/su/04/su_wrong_user.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "su with a wrong user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su myuser2 -c pwd> tmp/out 2> tmp/err"
+/bin/su myuser2 -c pwd> tmp/out 2> tmp/err || {
+ status=$?
+}
+
+echo -n "Checking status=1..."
+test "$status" = "1"
+echo OK
+
+echo -n "Checking tmp/out..."
+[ "$(wc -c tmp/out)" = "0 tmp/out" ] || {
+ echo "FAIL"
+ echo "tmp/out is not empty:"
+ cat tmp/out
+ false
+}
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+diff -au data/wrong_user.err tmp/err
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/05/config.txt b/tests/su/05/config.txt
new file mode 100644
index 0000000..e70e04e
--- /dev/null
+++ b/tests/su/05/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+#
+# Same config as 04, with SYSLOG_SU_ENAB set to "no"
diff --git a/tests/su/05/config/etc/group b/tests/su/05/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/05/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/05/config/etc/gshadow b/tests/su/05/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/05/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/05/config/etc/login.defs b/tests/su/05/config/etc/login.defs
new file mode 100644
index 0000000..9194c83
--- /dev/null
+++ b/tests/su/05/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB no
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/05/config/etc/passwd b/tests/su/05/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/05/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/05/config/etc/shadow b/tests/su/05/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/05/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/05/config/var/log/auth.log b/tests/su/05/config/var/log/auth.log
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/05/config/var/log/auth.log
diff --git a/tests/su/05/run_su_failed.exp b/tests/su/05/run_su_failed.exp
new file mode 100755
index 0000000..3ef2443
--- /dev/null
+++ b/tests/su/05/run_su_failed.exp
@@ -0,0 +1,58 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+ puts "usage: run_su.exp <user> <password> <prompt>"
+ exit 1
+}
+
+set user [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424243(testsuite) gid=424243 groups=424243\r"
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "su $user\r" ;# Switch to the user
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r" ;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect failure"
+
+expect "su: Authentication failure\r"
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n# make sure we are still 'testsuite'"
+send "\r" ;# restore the prompt for the logs
+expect "$ " ;# Wait for the prompt
+send "id\r" ;# Verify we are really testsuite
+
+expect "uid=424243(testsuite) gid=424243 groups=424243\r"
+expect "$ " ;# Wait for the prompt
+send "exit\r"
+puts "\nPASS"
+exit 0
diff --git a/tests/su/05/su_user_wrong_passwd_syslog.test b/tests/su/05/su_user_wrong_passwd_syslog.test
new file mode 100755
index 0000000..339e6ff
--- /dev/null
+++ b/tests/su/05/su_user_wrong_passwd_syslog.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su_failed.exp myuser myuserF00barbaz_wrongpass '$ '
+
+echo
+
+echo -n "Syncing disks..."
+sync
+echo "OK"
+echo "auth.log contains:"
+echo "======================================================================="
+cat /var/log/auth.log
+echo "======================================================================="
+echo -n "Looking for 'FAILED su for myuser by testsuite' in /var/log/auth.log..."
+grep -q "FAILED su for myuser by testsuite" /var/log/auth.log
+echo "OK"
+echo -n "'- pts/[0-9]+ testsuite:myuser' should not be logged in /var/log/auth.log..."
+grep -v -q -E "\- pts/[0-9]+ testsuite:myuser" /var/log/auth.log
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/06/config.txt b/tests/su/06/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/06/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/06/config/etc/group b/tests/su/06/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/06/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/06/config/etc/gshadow b/tests/su/06/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/06/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/06/config/etc/login.defs b/tests/su/06/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/su/06/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/06/config/etc/passwd b/tests/su/06/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/06/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/06/config/etc/shadow b/tests/su/06/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/06/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/06/config/var/log/auth.log b/tests/su/06/config/var/log/auth.log
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/06/config/var/log/auth.log
diff --git a/tests/su/06/run_su.exp b/tests/su/06/run_su.exp
new file mode 100755
index 0000000..2610363
--- /dev/null
+++ b/tests/su/06/run_su.exp
@@ -0,0 +1,73 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+ puts "usage: run_su.exp <user> <password> <prompt>"
+ exit 1
+}
+
+set user [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "uid=424243(testsuite) gid=424243 groups=424243"
+}
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "su $user\r" ;# Switch to the user
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r" ;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect prompt '$prompt'"
+
+expect {
+ # Wait for the new prompt
+ "$prompt" {
+ send_user "\n\n# make sure we are '$user'\n"
+ send_user "# id should return '($user).*($user).*($user)"
+ send "\r" ;# restore the prompt for the logs
+ send "id\r" ;# Verify the id
+
+ expect {
+ -re "\\($user\\).*\\($user\\).*\\($user\\)" {
+ expect "$prompt"
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+ }
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/su/06/su_user_syslog.test b/tests/su/06/su_user_syslog.test
new file mode 100755
index 0000000..50ca92e
--- /dev/null
+++ b/tests/su/06/su_user_syslog.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp myuser myuserF00barbaz '$ '
+
+echo
+echo -n "Syncing disks..."
+sync
+echo "OK"
+echo "auth.log contains:"
+echo "======================================================================="
+cat /var/log/auth.log
+echo "======================================================================="
+echo -n "Looking for 'Successful su for myuser by testsuite' in /var/log/auth.log..."
+grep -q "Successful su for myuser by testsuite" /var/log/auth.log
+echo "OK"
+echo -n "Looking for '+ pts/[0-9]+ tstsuite:myuser' in /var/log/auth.log..."
+grep -q -E "\+ /dev/pts/[0-9]+ testsuite:myuser" /var/log/auth.log
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/07/config.txt b/tests/su/07/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/07/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/07/config/etc/group b/tests/su/07/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/07/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/07/config/etc/gshadow b/tests/su/07/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/07/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/07/config/etc/login.defs b/tests/su/07/config/etc/login.defs
new file mode 100644
index 0000000..9194c83
--- /dev/null
+++ b/tests/su/07/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB no
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/07/config/etc/passwd b/tests/su/07/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/07/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/07/config/etc/shadow b/tests/su/07/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/07/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/07/config/var/log/auth.log b/tests/su/07/config/var/log/auth.log
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/07/config/var/log/auth.log
diff --git a/tests/su/07/run_su.exp b/tests/su/07/run_su.exp
new file mode 100755
index 0000000..2610363
--- /dev/null
+++ b/tests/su/07/run_su.exp
@@ -0,0 +1,73 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+ puts "usage: run_su.exp <user> <password> <prompt>"
+ exit 1
+}
+
+set user [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "uid=424243(testsuite) gid=424243 groups=424243"
+}
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "su $user\r" ;# Switch to the user
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r" ;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect prompt '$prompt'"
+
+expect {
+ # Wait for the new prompt
+ "$prompt" {
+ send_user "\n\n# make sure we are '$user'\n"
+ send_user "# id should return '($user).*($user).*($user)"
+ send "\r" ;# restore the prompt for the logs
+ send "id\r" ;# Verify the id
+
+ expect {
+ -re "\\($user\\).*\\($user\\).*\\($user\\)" {
+ expect "$prompt"
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+ }
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/su/07/su_user_syslog.test b/tests/su/07/su_user_syslog.test
new file mode 100755
index 0000000..3c84121
--- /dev/null
+++ b/tests/su/07/su_user_syslog.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp myuser myuserF00barbaz '$ '
+
+echo
+echo -n "Syncing disks..."
+sync
+echo "OK"
+echo "auth.log contains:"
+echo "======================================================================="
+cat /var/log/auth.log
+echo "======================================================================="
+echo -n "Looking for 'Successful su for myuser by testsuite' in /var/log/auth.log..."
+grep -q "Successful su for myuser by testsuite" /var/log/auth.log
+echo "OK"
+echo -n "Looking for '+ pts/[0-9]+ tstsuite:myuser' in /var/log/auth.log..."
+grep -v -q -E "\+ pts/[0-9]+ testsuite:myuser" /var/log/auth.log
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/08/config.txt b/tests/su/08/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/08/config.txt
diff --git a/tests/su/08/config/etc/group b/tests/su/08/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/08/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/08/config/etc/gshadow b/tests/su/08/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/08/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/08/config/etc/login.defs b/tests/su/08/config/etc/login.defs
new file mode 100644
index 0000000..76d8ddb
--- /dev/null
+++ b/tests/su/08/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/08/config/etc/passwd b/tests/su/08/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/su/08/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/08/config/etc/shadow b/tests/su/08/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/08/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/08/env_special-options_ b/tests/su/08/env_special-options_
new file mode 120000
index 0000000..6371937
--- /dev/null
+++ b/tests/su/08/env_special-options_
@@ -0,0 +1 @@
+../02/env_special-options_ \ No newline at end of file
diff --git a/tests/su/08/env_special-options_.exp b/tests/su/08/env_special-options_.exp
new file mode 120000
index 0000000..29a97c5
--- /dev/null
+++ b/tests/su/08/env_special-options_.exp
@@ -0,0 +1 @@
+../02/env_special-options_.exp \ No newline at end of file
diff --git a/tests/su/08/env_special_root-options_ b/tests/su/08/env_special_root-options_
new file mode 120000
index 0000000..0494b21
--- /dev/null
+++ b/tests/su/08/env_special_root-options_
@@ -0,0 +1 @@
+../02/env_special_root-options_ \ No newline at end of file
diff --git a/tests/su/08/env_special_root-options_.exp b/tests/su/08/env_special_root-options_.exp
new file mode 120000
index 0000000..c306c0a
--- /dev/null
+++ b/tests/su/08/env_special_root-options_.exp
@@ -0,0 +1 @@
+../02/env_special_root-options_.exp \ No newline at end of file
diff --git a/tests/su/09/config.txt b/tests/su/09/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/09/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/09/config/etc/group b/tests/su/09/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/09/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/09/config/etc/gshadow b/tests/su/09/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/09/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/09/config/etc/login.defs b/tests/su/09/config/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/su/09/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/09/config/etc/passwd b/tests/su/09/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/su/09/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/09/config/etc/shadow b/tests/su/09/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/09/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/09/env_special-options_ b/tests/su/09/env_special-options_
new file mode 120000
index 0000000..6371937
--- /dev/null
+++ b/tests/su/09/env_special-options_
@@ -0,0 +1 @@
+../02/env_special-options_ \ No newline at end of file
diff --git a/tests/su/09/env_special-options_.exp b/tests/su/09/env_special-options_.exp
new file mode 100755
index 0000000..66f13fd
--- /dev/null
+++ b/tests/su/09/env_special-options_.exp
@@ -0,0 +1,55 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# Regular su, preserve environment
+# However, PATH is reset
+#
+#=============================================================================
+send "/bin/su myuser $command\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# PATH should be '/bin:/usr/bin'"
+send "\r"
+expect "$ "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/bin:/usr/bin\"\r"
+expect "$ "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/home/'myuser'myuser'/bin/sh'\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/09/env_special_root-options_ b/tests/su/09/env_special_root-options_
new file mode 120000
index 0000000..0494b21
--- /dev/null
+++ b/tests/su/09/env_special_root-options_
@@ -0,0 +1 @@
+../02/env_special_root-options_ \ No newline at end of file
diff --git a/tests/su/09/env_special_root-options_.exp b/tests/su/09/env_special_root-options_.exp
new file mode 100755
index 0000000..a9cc1d8
--- /dev/null
+++ b/tests/su/09/env_special_root-options_.exp
@@ -0,0 +1,55 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+ set command [lindex $argv 0]
+} else {
+ set command ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# Regular su to root, preserve environment
+# However, PATH is reset
+#
+#=============================================================================
+send "/bin/su $command\r"
+expect "# "
+
+send "id\n"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send_user "\n# PATH should be '/sbin:/bin:/usr/sbin:/usr/bin'"
+send "\r"
+expect "# "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/sbin:/bin:/usr/sbin:/usr/bin\"\r"
+expect "# "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "# "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/10_su_sulog_success/config.txt b/tests/su/10_su_sulog_success/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/10_su_sulog_success/config/etc/group b/tests/su/10_su_sulog_success/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/10_su_sulog_success/config/etc/gshadow b/tests/su/10_su_sulog_success/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/10_su_sulog_success/config/etc/login.defs b/tests/su/10_su_sulog_success/config/etc/login.defs
new file mode 100644
index 0000000..01f6718
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB no
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/10_su_sulog_success/config/etc/passwd b/tests/su/10_su_sulog_success/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/10_su_sulog_success/config/etc/shadow b/tests/su/10_su_sulog_success/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/10_su_sulog_success/config/var/log/sulog b/tests/su/10_su_sulog_success/config/var/log/sulog
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/var/log/sulog
diff --git a/tests/su/10_su_sulog_success/data/sulog b/tests/su/10_su_sulog_success/data/sulog
new file mode 100644
index 0000000..cba81e9
--- /dev/null
+++ b/tests/su/10_su_sulog_success/data/sulog
@@ -0,0 +1 @@
+2 /var/log/sulog
diff --git a/tests/su/10_su_sulog_success/run_su.exp b/tests/su/10_su_sulog_success/run_su.exp
new file mode 100755
index 0000000..2610363
--- /dev/null
+++ b/tests/su/10_su_sulog_success/run_su.exp
@@ -0,0 +1,73 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+ puts "usage: run_su.exp <user> <password> <prompt>"
+ exit 1
+}
+
+set user [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "uid=424243(testsuite) gid=424243 groups=424243"
+}
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "su $user\r" ;# Switch to the user
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r" ;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect prompt '$prompt'"
+
+expect {
+ # Wait for the new prompt
+ "$prompt" {
+ send_user "\n\n# make sure we are '$user'\n"
+ send_user "# id should return '($user).*($user).*($user)"
+ send "\r" ;# restore the prompt for the logs
+ send "id\r" ;# Verify the id
+
+ expect {
+ -re "\\($user\\).*\\($user\\).*\\($user\\)" {
+ expect "$prompt"
+ send "exit\r"
+ expect "$ "
+ puts "\nPASS"
+ exit 0
+ }
+ }
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/su/10_su_sulog_success/su.test b/tests/su/10_su_sulog_success/su.test
new file mode 100755
index 0000000..79beb18
--- /dev/null
+++ b/tests/su/10_su_sulog_success/su.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp myuser myuserF00barbaz '$ '
+
+echo -n "Check /var/log/sulog..."
+wc -l /var/log/sulog > tmp/sulog
+d=$(date +"SU %m/%d %H:%M")
+cat /var/log/sulog | \
+ egrep -v "$d \+ /dev/pts/[0-9]* root-testsuite" | \
+ egrep -v "$d \+ /dev/pts/[0-9]* testsuite-myuser" \
+ >> tmp/sulog || true
+diff -auN tmp/sulog data/sulog
+echo "OK"
+rm -f tmp/sulog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/11_su_sulog_failure/config.txt b/tests/su/11_su_sulog_failure/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/11_su_sulog_failure/config/etc/group b/tests/su/11_su_sulog_failure/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/11_su_sulog_failure/config/etc/gshadow b/tests/su/11_su_sulog_failure/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/11_su_sulog_failure/config/etc/login.defs b/tests/su/11_su_sulog_failure/config/etc/login.defs
new file mode 100644
index 0000000..01f6718
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB no
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/11_su_sulog_failure/config/etc/passwd b/tests/su/11_su_sulog_failure/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/11_su_sulog_failure/config/etc/shadow b/tests/su/11_su_sulog_failure/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/11_su_sulog_failure/config/var/log/sulog b/tests/su/11_su_sulog_failure/config/var/log/sulog
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/var/log/sulog
diff --git a/tests/su/11_su_sulog_failure/data/sulog b/tests/su/11_su_sulog_failure/data/sulog
new file mode 100644
index 0000000..cba81e9
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/data/sulog
@@ -0,0 +1 @@
+2 /var/log/sulog
diff --git a/tests/su/11_su_sulog_failure/run_su.exp b/tests/su/11_su_sulog_failure/run_su.exp
new file mode 100755
index 0000000..57bb98f
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/run_su.exp
@@ -0,0 +1,67 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+ puts "usage: run_su.exp <user> <password> <prompt>"
+ exit 1
+}
+
+set user [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r" ;# restore the prompt for the logs
+send "id\r" ;# Verify we are really testsuite
+
+expect {
+ timeout {
+ puts "\ntimeout...FAIL"
+ exit 1
+ }
+ "uid=424243(testsuite) gid=424243 groups=424243"
+}
+
+expect "$ " ;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r" ;# restore the prompt for the logs
+send "su $user\r" ;# Switch to the user
+expect "Password: " ;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password wrong\r" ;# Send the password
+
+send_user "\n# password '$password wrong' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect {
+ # Wait for the new prompt
+ "$ " {
+ send_user "\n\n# make sure we are 'testsuite'\n"
+ send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+ send "\r" ;# restore the prompt for the logs
+ send "id\r" ;# Verify the id
+ expect "uid=424243(testsuite) gid=424243 groups=424243"
+ send "exit\r"
+ puts "\nPASS"
+ exit 0
+ }
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/su/11_su_sulog_failure/su.test b/tests/su/11_su_sulog_failure/su.test
new file mode 100755
index 0000000..9ca1769
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/su.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp myuser myuserF00barbaz '$ '
+
+echo -n "Check /var/log/sulog..."
+wc -l /var/log/sulog > tmp/sulog
+d1=$(date +"SU %m/%d %H:%M")
+d2=$(date -d"1 minute ago" +"SU %m/%d %H:%M")
+cat /var/log/sulog | \
+ egrep -v "$d1 \+ /dev/pts/[0-9]* root-testsuite" | \
+ egrep -v "$d2 \+ /dev/pts/[0-9]* root-testsuite" | \
+ egrep -v "$d1 - /dev/pts/[0-9]* testsuite-myuser" | \
+ egrep -v "$d2 - /dev/pts/[0-9]* testsuite-myuser" \
+ >> tmp/sulog || true
+diff -au data/sulog tmp/sulog
+echo "OK"
+rm -f tmp/sulog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/12_su_child_failure/config.txt b/tests/su/12_su_child_failure/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/12_su_child_failure/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/12_su_child_failure/config/etc/group b/tests/su/12_su_child_failure/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/12_su_child_failure/config/etc/gshadow b/tests/su/12_su_child_failure/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/12_su_child_failure/config/etc/login.defs b/tests/su/12_su_child_failure/config/etc/login.defs
new file mode 100644
index 0000000..01f6718
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB no
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/12_su_child_failure/config/etc/passwd b/tests/su/12_su_child_failure/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/12_su_child_failure/config/etc/shadow b/tests/su/12_su_child_failure/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/12_su_child_failure/config/var/log/sulog b/tests/su/12_su_child_failure/config/var/log/sulog
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/var/log/sulog
diff --git a/tests/su/12_su_child_failure/su.test b/tests/su/12_su_child_failure/su.test
new file mode 100755
index 0000000..948f113
--- /dev/null
+++ b/tests/su/12_su_child_failure/su.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su return failures of its child"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Run su, execute false..."
+su -l myuser -c false && exit || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check the return status..."
+[ "$status" = "1" ]
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/13_su_child_success/config.txt b/tests/su/13_su_child_success/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/13_su_child_success/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/13_su_child_success/config/etc/group b/tests/su/13_su_child_success/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/13_su_child_success/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/13_su_child_success/config/etc/gshadow b/tests/su/13_su_child_success/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/13_su_child_success/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/13_su_child_success/config/etc/login.defs b/tests/su/13_su_child_success/config/etc/login.defs
new file mode 100644
index 0000000..01f6718
--- /dev/null
+++ b/tests/su/13_su_child_success/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB no
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/13_su_child_success/config/etc/passwd b/tests/su/13_su_child_success/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/13_su_child_success/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/13_su_child_success/config/etc/shadow b/tests/su/13_su_child_success/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/13_su_child_success/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/13_su_child_success/config/var/log/sulog b/tests/su/13_su_child_success/config/var/log/sulog
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/13_su_child_success/config/var/log/sulog
diff --git a/tests/su/13_su_child_success/su.test b/tests/su/13_su_child_success/su.test
new file mode 100755
index 0000000..6ff932c
--- /dev/null
+++ b/tests/su/13_su_child_success/su.test
@@ -0,0 +1,31 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su return failures of its child"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Run su, execute false..."
+su -l myuser -c true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/01_useradd_no_subids/config.txt b/tests/subids/01_useradd_no_subids/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config.txt
diff --git a/tests/subids/01_useradd_no_subids/config/etc/default/useradd b/tests/subids/01_useradd_no_subids/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/01_useradd_no_subids/config/etc/group b/tests/subids/01_useradd_no_subids/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/01_useradd_no_subids/config/etc/gshadow b/tests/subids/01_useradd_no_subids/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/01_useradd_no_subids/config/etc/passwd b/tests/subids/01_useradd_no_subids/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/01_useradd_no_subids/config/etc/shadow b/tests/subids/01_useradd_no_subids/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/01_useradd_no_subids/config/etc/subgid b/tests/subids/01_useradd_no_subids/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/subgid
diff --git a/tests/subids/01_useradd_no_subids/config/etc/subuid b/tests/subids/01_useradd_no_subids/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/subuid
diff --git a/tests/subids/01_useradd_no_subids/data/group b/tests/subids/01_useradd_no_subids/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/01_useradd_no_subids/data/gshadow b/tests/subids/01_useradd_no_subids/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/01_useradd_no_subids/data/passwd b/tests/subids/01_useradd_no_subids/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/01_useradd_no_subids/data/shadow b/tests/subids/01_useradd_no_subids/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/01_useradd_no_subids/useradd.test b/tests/subids/01_useradd_no_subids/useradd.test
new file mode 100755
index 0000000..768d0aa
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/useradd.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd does not create /etc/sub[ug]id"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subgid /etc/subuid..."
+rm -f /etc/subgid /etc/subuid
+echo "OK"
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that /etc/subuid and /etc/subgid were not created..."
+test ! -f /etc/subgid
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/02_useradd_with_subids/config.txt b/tests/subids/02_useradd_with_subids/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config.txt
diff --git a/tests/subids/02_useradd_with_subids/config/etc/default/useradd b/tests/subids/02_useradd_with_subids/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/02_useradd_with_subids/config/etc/group b/tests/subids/02_useradd_with_subids/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/02_useradd_with_subids/config/etc/gshadow b/tests/subids/02_useradd_with_subids/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/02_useradd_with_subids/config/etc/passwd b/tests/subids/02_useradd_with_subids/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/02_useradd_with_subids/config/etc/shadow b/tests/subids/02_useradd_with_subids/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/02_useradd_with_subids/config/etc/subgid b/tests/subids/02_useradd_with_subids/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/subgid
diff --git a/tests/subids/02_useradd_with_subids/config/etc/subuid b/tests/subids/02_useradd_with_subids/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/subuid
diff --git a/tests/subids/02_useradd_with_subids/data/group b/tests/subids/02_useradd_with_subids/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/02_useradd_with_subids/data/gshadow b/tests/subids/02_useradd_with_subids/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/02_useradd_with_subids/data/passwd b/tests/subids/02_useradd_with_subids/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/02_useradd_with_subids/data/shadow b/tests/subids/02_useradd_with_subids/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/02_useradd_with_subids/data/subgid b/tests/subids/02_useradd_with_subids/data/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/02_useradd_with_subids/data/subuid b/tests/subids/02_useradd_with_subids/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/02_useradd_with_subids/useradd.test b/tests/subids/02_useradd_with_subids/useradd.test
new file mode 100755
index 0000000..e9154c1
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd adds subids in /etc/sub[ug]id"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/03_useradd_no_subgid/config.txt b/tests/subids/03_useradd_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config.txt
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/default/useradd b/tests/subids/03_useradd_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/group b/tests/subids/03_useradd_no_subgid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/gshadow b/tests/subids/03_useradd_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/passwd b/tests/subids/03_useradd_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/shadow b/tests/subids/03_useradd_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/subgid b/tests/subids/03_useradd_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/subgid
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/subuid b/tests/subids/03_useradd_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/subuid
diff --git a/tests/subids/03_useradd_no_subgid/data/group b/tests/subids/03_useradd_no_subgid/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/03_useradd_no_subgid/data/gshadow b/tests/subids/03_useradd_no_subgid/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/03_useradd_no_subgid/data/passwd b/tests/subids/03_useradd_no_subgid/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/03_useradd_no_subgid/data/shadow b/tests/subids/03_useradd_no_subgid/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/03_useradd_no_subgid/data/subuid b/tests/subids/03_useradd_no_subgid/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/03_useradd_no_subgid/useradd.test b/tests/subids/03_useradd_no_subgid/useradd.test
new file mode 100755
index 0000000..5312710
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/useradd.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd creates subids in /etc/subuid even if /etc/subgid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subgid..."
+rm -f /etc/subgid
+echo "OK"
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+test ! -f /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/04_useradd_no_subuid/config.txt b/tests/subids/04_useradd_no_subuid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config.txt
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/default/useradd b/tests/subids/04_useradd_no_subuid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/group b/tests/subids/04_useradd_no_subuid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/gshadow b/tests/subids/04_useradd_no_subuid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/passwd b/tests/subids/04_useradd_no_subuid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/shadow b/tests/subids/04_useradd_no_subuid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/subgid b/tests/subids/04_useradd_no_subuid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/subgid
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/subuid b/tests/subids/04_useradd_no_subuid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/subuid
diff --git a/tests/subids/04_useradd_no_subuid/data/group b/tests/subids/04_useradd_no_subuid/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/04_useradd_no_subuid/data/gshadow b/tests/subids/04_useradd_no_subuid/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/04_useradd_no_subuid/data/passwd b/tests/subids/04_useradd_no_subuid/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/04_useradd_no_subuid/data/shadow b/tests/subids/04_useradd_no_subuid/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/04_useradd_no_subuid/data/subgid b/tests/subids/04_useradd_no_subuid/data/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/data/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/04_useradd_no_subuid/useradd.test b/tests/subids/04_useradd_no_subuid/useradd.test
new file mode 100755
index 0000000..ce0b8b7
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/useradd.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd creates subids in /etc/subgid even if /etc/subuid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/subuid..."
+rm -f /etc/subuid
+echo "OK"
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/05_useradd_fill_gap_start/config.txt b/tests/subids/05_useradd_fill_gap_start/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config.txt
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/default/useradd b/tests/subids/05_useradd_fill_gap_start/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/group b/tests/subids/05_useradd_fill_gap_start/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/gshadow b/tests/subids/05_useradd_fill_gap_start/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/passwd b/tests/subids/05_useradd_fill_gap_start/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/shadow b/tests/subids/05_useradd_fill_gap_start/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/subgid b/tests/subids/05_useradd_fill_gap_start/config/etc/subgid
new file mode 100644
index 0000000..909f4ac
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/subgid
@@ -0,0 +1 @@
+root:110000:10000
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/subuid b/tests/subids/05_useradd_fill_gap_start/config/etc/subuid
new file mode 100644
index 0000000..909f4ac
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/subuid
@@ -0,0 +1 @@
+root:110000:10000
diff --git a/tests/subids/05_useradd_fill_gap_start/data/group b/tests/subids/05_useradd_fill_gap_start/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/05_useradd_fill_gap_start/data/gshadow b/tests/subids/05_useradd_fill_gap_start/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/05_useradd_fill_gap_start/data/passwd b/tests/subids/05_useradd_fill_gap_start/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/05_useradd_fill_gap_start/data/shadow b/tests/subids/05_useradd_fill_gap_start/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/05_useradd_fill_gap_start/data/subgid b/tests/subids/05_useradd_fill_gap_start/data/subgid
new file mode 100644
index 0000000..73b5737
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/subgid
@@ -0,0 +1,2 @@
+root:110000:10000
+foo:100000:10000
diff --git a/tests/subids/05_useradd_fill_gap_start/data/subuid b/tests/subids/05_useradd_fill_gap_start/data/subuid
new file mode 100644
index 0000000..73b5737
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/subuid
@@ -0,0 +1,2 @@
+root:110000:10000
+foo:100000:10000
diff --git a/tests/subids/05_useradd_fill_gap_start/useradd.test b/tests/subids/05_useradd_fill_gap_start/useradd.test
new file mode 100755
index 0000000..ac7e9ff
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd creates subids in /etc/sub[ug]id at the begining"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/06_useradd_fill_gap_middle/config.txt b/tests/subids/06_useradd_fill_gap_middle/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config.txt
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/default/useradd b/tests/subids/06_useradd_fill_gap_middle/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/group b/tests/subids/06_useradd_fill_gap_middle/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/gshadow b/tests/subids/06_useradd_fill_gap_middle/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/passwd b/tests/subids/06_useradd_fill_gap_middle/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/shadow b/tests/subids/06_useradd_fill_gap_middle/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/subgid b/tests/subids/06_useradd_fill_gap_middle/config/etc/subgid
new file mode 100644
index 0000000..8b9c643
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/subgid
@@ -0,0 +1,2 @@
+root:100000:100000
+root:210000:10000
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/subuid b/tests/subids/06_useradd_fill_gap_middle/config/etc/subuid
new file mode 100644
index 0000000..8b9c643
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/subuid
@@ -0,0 +1,2 @@
+root:100000:100000
+root:210000:10000
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/group b/tests/subids/06_useradd_fill_gap_middle/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/gshadow b/tests/subids/06_useradd_fill_gap_middle/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/passwd b/tests/subids/06_useradd_fill_gap_middle/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/shadow b/tests/subids/06_useradd_fill_gap_middle/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/subgid b/tests/subids/06_useradd_fill_gap_middle/data/subgid
new file mode 100644
index 0000000..c6e45a0
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/subgid
@@ -0,0 +1,3 @@
+root:100000:100000
+root:210000:10000
+foo:200000:10000
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/subuid b/tests/subids/06_useradd_fill_gap_middle/data/subuid
new file mode 100644
index 0000000..c6e45a0
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/subuid
@@ -0,0 +1,3 @@
+root:100000:100000
+root:210000:10000
+foo:200000:10000
diff --git a/tests/subids/06_useradd_fill_gap_middle/useradd.test b/tests/subids/06_useradd_fill_gap_middle/useradd.test
new file mode 100755
index 0000000..484164e
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd creates subids in /etc/sub[ug]id between 2 used ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/07_useradd_fill_gap_end/config.txt b/tests/subids/07_useradd_fill_gap_end/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config.txt
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/default/useradd b/tests/subids/07_useradd_fill_gap_end/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/group b/tests/subids/07_useradd_fill_gap_end/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/gshadow b/tests/subids/07_useradd_fill_gap_end/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/passwd b/tests/subids/07_useradd_fill_gap_end/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/shadow b/tests/subids/07_useradd_fill_gap_end/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/subgid b/tests/subids/07_useradd_fill_gap_end/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/subuid b/tests/subids/07_useradd_fill_gap_end/config/etc/subuid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/subuid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/07_useradd_fill_gap_end/data/group b/tests/subids/07_useradd_fill_gap_end/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/07_useradd_fill_gap_end/data/gshadow b/tests/subids/07_useradd_fill_gap_end/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/07_useradd_fill_gap_end/data/passwd b/tests/subids/07_useradd_fill_gap_end/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/07_useradd_fill_gap_end/data/shadow b/tests/subids/07_useradd_fill_gap_end/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/07_useradd_fill_gap_end/data/subgid b/tests/subids/07_useradd_fill_gap_end/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/07_useradd_fill_gap_end/data/subuid b/tests/subids/07_useradd_fill_gap_end/data/subuid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/subuid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/07_useradd_fill_gap_end/useradd.test b/tests/subids/07_useradd_fill_gap_end/useradd.test
new file mode 100755
index 0000000..1175451
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd creates subids in /etc/sub[ug]id at the end"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config.txt b/tests/subids/08_useradd_no_more_subuids_start/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config.txt
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/default/useradd b/tests/subids/08_useradd_no_more_subuids_start/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/group b/tests/subids/08_useradd_no_more_subuids_start/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/gshadow b/tests/subids/08_useradd_no_more_subuids_start/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/passwd b/tests/subids/08_useradd_no_more_subuids_start/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/shadow b/tests/subids/08_useradd_no_more_subuids_start/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/subgid b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subgid
new file mode 100644
index 0000000..2342814
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subgid
@@ -0,0 +1 @@
+root:110000:600100000
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/subuid b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subuid
new file mode 100644
index 0000000..bafb12d
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subuid
@@ -0,0 +1 @@
+root:109999:600100000
diff --git a/tests/subids/08_useradd_no_more_subuids_start/data/useradd.err b/tests/subids/08_useradd_no_more_subuids_start/data/useradd.err
new file mode 100644
index 0000000..133e01f
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Can't get unique subordinate UID range
+useradd: can't create subordinate user IDs
diff --git a/tests/subids/08_useradd_no_more_subuids_start/useradd.test b/tests/subids/08_useradd_no_more_subuids_start/useradd.test
new file mode 100755
index 0000000..fea00a1
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports failure if there are no subids available in /etc/subuid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config.txt b/tests/subids/09_useradd_no_more_subgids_start/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config.txt
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/default/useradd b/tests/subids/09_useradd_no_more_subgids_start/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/group b/tests/subids/09_useradd_no_more_subgids_start/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/gshadow b/tests/subids/09_useradd_no_more_subgids_start/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/passwd b/tests/subids/09_useradd_no_more_subgids_start/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/shadow b/tests/subids/09_useradd_no_more_subgids_start/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/subgid b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subgid
new file mode 100644
index 0000000..bafb12d
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subgid
@@ -0,0 +1 @@
+root:109999:600100000
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/subuid b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subuid
new file mode 100644
index 0000000..2342814
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subuid
@@ -0,0 +1 @@
+root:110000:600100000
diff --git a/tests/subids/09_useradd_no_more_subgids_start/data/useradd.err b/tests/subids/09_useradd_no_more_subgids_start/data/useradd.err
new file mode 100644
index 0000000..d832f1f
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Can't get unique subordinate GID range
+useradd: can't create subordinate group IDs
diff --git a/tests/subids/09_useradd_no_more_subgids_start/useradd.test b/tests/subids/09_useradd_no_more_subgids_start/useradd.test
new file mode 100755
index 0000000..3f23799
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports failure if there are no subids available in /etc/subgid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config.txt b/tests/subids/10_useradd_no_more_subuids_end/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config.txt
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/default/useradd b/tests/subids/10_useradd_no_more_subuids_end/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/group b/tests/subids/10_useradd_no_more_subuids_end/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/gshadow b/tests/subids/10_useradd_no_more_subuids_end/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/passwd b/tests/subids/10_useradd_no_more_subuids_end/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/shadow b/tests/subids/10_useradd_no_more_subuids_end/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/subgid b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/subuid b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subuid
new file mode 100644
index 0000000..b6bb132
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subuid
@@ -0,0 +1 @@
+root:100000:599990002
diff --git a/tests/subids/10_useradd_no_more_subuids_end/data/useradd.err b/tests/subids/10_useradd_no_more_subuids_end/data/useradd.err
new file mode 100644
index 0000000..133e01f
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Can't get unique subordinate UID range
+useradd: can't create subordinate user IDs
diff --git a/tests/subids/10_useradd_no_more_subuids_end/useradd.test b/tests/subids/10_useradd_no_more_subuids_end/useradd.test
new file mode 100755
index 0000000..fea00a1
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports failure if there are no subids available in /etc/subuid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config.txt b/tests/subids/11_useradd_no_more_subgids_end/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config.txt
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/default/useradd b/tests/subids/11_useradd_no_more_subgids_end/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/group b/tests/subids/11_useradd_no_more_subgids_end/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/gshadow b/tests/subids/11_useradd_no_more_subgids_end/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/passwd b/tests/subids/11_useradd_no_more_subgids_end/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/shadow b/tests/subids/11_useradd_no_more_subgids_end/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/subgid b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subgid
new file mode 100644
index 0000000..b6bb132
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990002
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/subuid b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subuid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subuid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/11_useradd_no_more_subgids_end/data/useradd.err b/tests/subids/11_useradd_no_more_subgids_end/data/useradd.err
new file mode 100644
index 0000000..d832f1f
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Can't get unique subordinate GID range
+useradd: can't create subordinate group IDs
diff --git a/tests/subids/11_useradd_no_more_subgids_end/useradd.test b/tests/subids/11_useradd_no_more_subgids_end/useradd.test
new file mode 100755
index 0000000..3f23799
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports failure if there are no subids available in /etc/subgid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config.txt b/tests/subids/12_useradd_invalid_subuid_configuration1/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config.txt
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/default/useradd b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/group b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/gshadow b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/login.defs b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/login.defs
new file mode 100644
index 0000000..0b9dd31
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+# Per user subordinate UIDs
+SUB_UID_MAX 100000
+SUB_UID_MIN 600100000
+SUB_UID_COUNT 10000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+# Per user subordinate GIDs
+#SUB_GID_MAX 100000
+#SUB_GID_MIN 600100000
+#SUB_GID_COUNT 10000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/passwd b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/shadow b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subgid b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subgid
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subuid b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subuid
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/data/useradd.err b/tests/subids/12_useradd_invalid_subuid_configuration1/data/useradd.err
new file mode 100644
index 0000000..c7c46fb
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_UID_MIN (600100000), SUB_UID_MAX (100000), SUB_UID_COUNT (10000)
+useradd: can't create subordinate user IDs
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/useradd.test b/tests/subids/12_useradd_invalid_subuid_configuration1/useradd.test
new file mode 100755
index 0000000..a350e39
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subuid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config.txt b/tests/subids/13_useradd_invalid_subuid_configuration2/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config.txt
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/default/useradd b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/group b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/gshadow b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/login.defs b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/login.defs
new file mode 100644
index 0000000..4c50cfa
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+# Per user subordinate UIDs
+SUB_UID_MIN 100000
+SUB_UID_MAX 600100000
+SUB_UID_COUNT 600100000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+# Per user subordinate GIDs
+#SUB_GID_MIN 100000
+#SUB_GID_MAX 600100000
+#SUB_GID_COUNT 600100000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/passwd b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/shadow b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subgid b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subgid
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subuid b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subuid
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/data/useradd.err b/tests/subids/13_useradd_invalid_subuid_configuration2/data/useradd.err
new file mode 100644
index 0000000..469e0a8
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_UID_MIN (100000), SUB_UID_MAX (600100000), SUB_UID_COUNT (600100000)
+useradd: can't create subordinate user IDs
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/useradd.test b/tests/subids/13_useradd_invalid_subuid_configuration2/useradd.test
new file mode 100755
index 0000000..a350e39
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subuid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config.txt b/tests/subids/14_useradd_invalid_subuid_configuration3/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config.txt
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/default/useradd b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/group b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/gshadow b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/login.defs b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/login.defs
new file mode 100644
index 0000000..1b7ca63
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+# Per user subordinate UIDs
+SUB_UID_MIN 100000
+SUB_UID_MAX 100000
+SUB_UID_COUNT 2
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+# Per user subordinate GIDs
+#SUB_GID_MIN 100000
+#SUB_GID_MAX 100000
+#SUB_GID_COUNT 2
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/passwd b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/shadow b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subgid b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subgid
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subuid b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subuid
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/data/useradd.err b/tests/subids/14_useradd_invalid_subuid_configuration3/data/useradd.err
new file mode 100644
index 0000000..3ab22c5
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_UID_MIN (100000), SUB_UID_MAX (100000), SUB_UID_COUNT (2)
+useradd: can't create subordinate user IDs
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/useradd.test b/tests/subids/14_useradd_invalid_subuid_configuration3/useradd.test
new file mode 100755
index 0000000..a350e39
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subuid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config.txt b/tests/subids/15_useradd_invalid_subgid_configuration1/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config.txt
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/default/useradd b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/group b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/gshadow b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/login.defs b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/login.defs
new file mode 100644
index 0000000..2bd2b00
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+# Per user subordinate UIDs
+#SUB_UID_MAX 100000
+#SUB_UID_MIN 600100000
+#SUB_UID_COUNT 10000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+# Per user subordinate GIDs
+SUB_GID_MAX 100000
+SUB_GID_MIN 600100000
+SUB_GID_COUNT 10000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/passwd b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/shadow b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subgid b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subgid
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subuid b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subuid
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/data/useradd.err b/tests/subids/15_useradd_invalid_subgid_configuration1/data/useradd.err
new file mode 100644
index 0000000..9c4c664
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_GID_MIN (600100000), SUB_GID_MAX (100000), SUB_GID_COUNT (10000)
+useradd: can't create subordinate group IDs
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/useradd.test b/tests/subids/15_useradd_invalid_subgid_configuration1/useradd.test
new file mode 100755
index 0000000..a737c53
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subgid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config.txt b/tests/subids/16_useradd_invalid_subgid_configuration2/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config.txt
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/default/useradd b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/group b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/gshadow b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/login.defs b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/login.defs
new file mode 100644
index 0000000..631c644
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+# Per user subordinate UIDs
+#SUB_UID_MIN 100000
+#SUB_UID_MAX 600100000
+#SUB_UID_COUNT 600100000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+# Per user subordinate GIDs
+SUB_GID_MIN 100000
+SUB_GID_MAX 600100000
+SUB_GID_COUNT 600100000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/passwd b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/shadow b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subgid b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subgid
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subuid b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subuid
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/data/useradd.err b/tests/subids/16_useradd_invalid_subgid_configuration2/data/useradd.err
new file mode 100644
index 0000000..53b37e0
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_GID_MIN (100000), SUB_GID_MAX (600100000), SUB_GID_COUNT (600100000)
+useradd: can't create subordinate group IDs
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/useradd.test b/tests/subids/16_useradd_invalid_subgid_configuration2/useradd.test
new file mode 100755
index 0000000..a737c53
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subgid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config.txt b/tests/subids/17_useradd_invalid_subgid_configuration3/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config.txt
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/default/useradd b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/group b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/gshadow b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/login.defs b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/login.defs
new file mode 100644
index 0000000..e7303b0
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+# Per user subordinate UIDs
+#SUB_UID_MIN 100000
+#SUB_UID_MAX 100000
+#SUB_UID_COUNT 2
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+# Per user subordinate GIDs
+SUB_GID_MIN 100000
+SUB_GID_MAX 100000
+SUB_GID_COUNT 2
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/passwd b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/shadow b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subgid b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subgid
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subuid b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subuid
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/data/useradd.err b/tests/subids/17_useradd_invalid_subgid_configuration3/data/useradd.err
new file mode 100644
index 0000000..fd9289d
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_GID_MIN (100000), SUB_GID_MAX (100000), SUB_GID_COUNT (2)
+useradd: can't create subordinate group IDs
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/useradd.test b/tests/subids/17_useradd_invalid_subgid_configuration3/useradd.test
new file mode 100755
index 0000000..a737c53
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subgid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/18_useradd_min=max/config.txt b/tests/subids/18_useradd_min=max/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config.txt
diff --git a/tests/subids/18_useradd_min=max/config/etc/default/useradd b/tests/subids/18_useradd_min=max/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/18_useradd_min=max/config/etc/group b/tests/subids/18_useradd_min=max/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/18_useradd_min=max/config/etc/gshadow b/tests/subids/18_useradd_min=max/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/18_useradd_min=max/config/etc/login.defs b/tests/subids/18_useradd_min=max/config/etc/login.defs
new file mode 100644
index 0000000..8205a7f
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+# Per user subordinate UIDs
+SUB_UID_MIN 100000
+SUB_UID_MAX 100000
+SUB_UID_COUNT 1
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+# Per user subordinate GIDs
+SUB_GID_MIN 100000
+SUB_GID_MAX 100000
+SUB_GID_COUNT 1
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/18_useradd_min=max/config/etc/passwd b/tests/subids/18_useradd_min=max/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/18_useradd_min=max/config/etc/shadow b/tests/subids/18_useradd_min=max/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/18_useradd_min=max/config/etc/subgid b/tests/subids/18_useradd_min=max/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/subgid
diff --git a/tests/subids/18_useradd_min=max/config/etc/subuid b/tests/subids/18_useradd_min=max/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/subuid
diff --git a/tests/subids/18_useradd_min=max/data/group b/tests/subids/18_useradd_min=max/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/18_useradd_min=max/data/gshadow b/tests/subids/18_useradd_min=max/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/18_useradd_min=max/data/passwd b/tests/subids/18_useradd_min=max/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/18_useradd_min=max/data/shadow b/tests/subids/18_useradd_min=max/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/18_useradd_min=max/data/subgid b/tests/subids/18_useradd_min=max/data/subgid
new file mode 100644
index 0000000..25a4ca7
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/subgid
@@ -0,0 +1 @@
+foo:100000:1
diff --git a/tests/subids/18_useradd_min=max/data/subuid b/tests/subids/18_useradd_min=max/data/subuid
new file mode 100644
index 0000000..25a4ca7
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/subuid
@@ -0,0 +1 @@
+foo:100000:1
diff --git a/tests/subids/18_useradd_min=max/useradd.test b/tests/subids/18_useradd_min=max/useradd.test
new file mode 100755
index 0000000..10bb7b7
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd can create one subid in /etc/sub[ug]id when SUB_.ID_MIN=SUB_.ID_MAX"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/19_useradd_locked_subuid/config.txt b/tests/subids/19_useradd_locked_subuid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config.txt
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/default/useradd b/tests/subids/19_useradd_locked_subuid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/group b/tests/subids/19_useradd_locked_subuid/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/gshadow b/tests/subids/19_useradd_locked_subuid/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/passwd b/tests/subids/19_useradd_locked_subuid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/shadow b/tests/subids/19_useradd_locked_subuid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/subgid b/tests/subids/19_useradd_locked_subuid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/subgid
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/subuid b/tests/subids/19_useradd_locked_subuid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/subuid
diff --git a/tests/subids/19_useradd_locked_subuid/data/useradd.err b/tests/subids/19_useradd_locked_subuid/data/useradd.err
new file mode 100644
index 0000000..c785407
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/subuid.lock without a PID
+useradd: cannot lock /etc/subuid; try again later.
diff --git a/tests/subids/19_useradd_locked_subuid/useradd.test b/tests/subids/19_useradd_locked_subuid/useradd.test
new file mode 100755
index 0000000..279573f
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/useradd.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd checks if the subuid file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subuid.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/subuid..."
+touch /etc/subuid.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/subuid.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/20_useradd_locked_subgid/config.txt b/tests/subids/20_useradd_locked_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config.txt
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/default/useradd b/tests/subids/20_useradd_locked_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/group b/tests/subids/20_useradd_locked_subgid/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/gshadow b/tests/subids/20_useradd_locked_subgid/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/passwd b/tests/subids/20_useradd_locked_subgid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/shadow b/tests/subids/20_useradd_locked_subgid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/subgid b/tests/subids/20_useradd_locked_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/subgid
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/subuid b/tests/subids/20_useradd_locked_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/subuid
diff --git a/tests/subids/20_useradd_locked_subgid/data/useradd.err b/tests/subids/20_useradd_locked_subgid/data/useradd.err
new file mode 100644
index 0000000..13bbf3b
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/subgid.lock without a PID
+useradd: cannot lock /etc/subgid; try again later.
diff --git a/tests/subids/20_useradd_locked_subgid/useradd.test b/tests/subids/20_useradd_locked_subgid/useradd.test
new file mode 100755
index 0000000..145ac98
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/useradd.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd checks if the subgid file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subgid.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/subgid..."
+touch /etc/subgid.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/subgid.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/21_usermod_create_subuid_range/config.txt b/tests/subids/21_usermod_create_subuid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/default/useradd b/tests/subids/21_usermod_create_subuid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/group b/tests/subids/21_usermod_create_subuid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/gshadow b/tests/subids/21_usermod_create_subuid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/passwd b/tests/subids/21_usermod_create_subuid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/shadow b/tests/subids/21_usermod_create_subuid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/subgid b/tests/subids/21_usermod_create_subuid_range/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/subgid
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/subuid b/tests/subids/21_usermod_create_subuid_range/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/subuid
diff --git a/tests/subids/21_usermod_create_subuid_range/data/subuid b/tests/subids/21_usermod_create_subuid_range/data/subuid
new file mode 100644
index 0000000..b1cd704
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/data/subuid
@@ -0,0 +1 @@
+foo:100000:501
diff --git a/tests/subids/21_usermod_create_subuid_range/usermod.test b/tests/subids/21_usermod_create_subuid_range/usermod.test
new file mode 100755
index 0000000..3c5470d
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can create a subuid range"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create range of subuid for user foo (usermod -v 100000-100500 foo)..."
+usermod -v 100000-100500 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/22_usermod_create_subgid_range/config.txt b/tests/subids/22_usermod_create_subgid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/default/useradd b/tests/subids/22_usermod_create_subgid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/group b/tests/subids/22_usermod_create_subgid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/gshadow b/tests/subids/22_usermod_create_subgid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/passwd b/tests/subids/22_usermod_create_subgid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/shadow b/tests/subids/22_usermod_create_subgid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/subgid b/tests/subids/22_usermod_create_subgid_range/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/subgid
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/subuid b/tests/subids/22_usermod_create_subgid_range/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/subuid
diff --git a/tests/subids/22_usermod_create_subgid_range/data/subgid b/tests/subids/22_usermod_create_subgid_range/data/subgid
new file mode 100644
index 0000000..b1cd704
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/data/subgid
@@ -0,0 +1 @@
+foo:100000:501
diff --git a/tests/subids/22_usermod_create_subgid_range/usermod.test b/tests/subids/22_usermod_create_subgid_range/usermod.test
new file mode 100755
index 0000000..a5045a4
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can create a subgid range"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create range of subgid for user foo (usermod -w 100000-100500 foo)..."
+usermod -w 100000-100500 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/23_usermod_create_subids_ranges/config.txt b/tests/subids/23_usermod_create_subids_ranges/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/default/useradd b/tests/subids/23_usermod_create_subids_ranges/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/group b/tests/subids/23_usermod_create_subids_ranges/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/gshadow b/tests/subids/23_usermod_create_subids_ranges/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/passwd b/tests/subids/23_usermod_create_subids_ranges/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/shadow b/tests/subids/23_usermod_create_subids_ranges/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/subgid b/tests/subids/23_usermod_create_subids_ranges/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/subgid
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/subuid b/tests/subids/23_usermod_create_subids_ranges/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/subuid
diff --git a/tests/subids/23_usermod_create_subids_ranges/data/subgid b/tests/subids/23_usermod_create_subids_ranges/data/subgid
new file mode 100644
index 0000000..e0a6b2f
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/data/subgid
@@ -0,0 +1,3 @@
+foo:102000:501
+foo:101000:502
+foo:100000:502
diff --git a/tests/subids/23_usermod_create_subids_ranges/data/subuid b/tests/subids/23_usermod_create_subids_ranges/data/subuid
new file mode 100644
index 0000000..8d10ef6
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/data/subuid
@@ -0,0 +1,2 @@
+foo:100000:501
+foo:101000:501
diff --git a/tests/subids/23_usermod_create_subids_ranges/usermod.test b/tests/subids/23_usermod_create_subids_ranges/usermod.test
new file mode 100755
index 0000000..fccfade
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can create multiple subuid and subgid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create ranges of subuid and subgid for user foo (usermod -v 101000-101500 -w 100000-100501 -w 101000-101501 -w 102000-102500 -v 100000-100500 foo)..."
+usermod -v 101000-101500 -w 100000-100501 -w 101000-101501 -w 102000-102500 -v 100000-100500 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config.txt b/tests/subids/24_usermod_create_subids_overlapping_ranges/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/default/useradd b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/group b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/gshadow b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/passwd b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/shadow b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subgid b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subgid
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subuid b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subuid
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subgid b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subgid
new file mode 100644
index 0000000..e1960c7
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subgid
@@ -0,0 +1,3 @@
+foo:100000:402
+foo:100500:1002
+foo:100000:502
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subuid b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subuid
new file mode 100644
index 0000000..e07aca9
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subuid
@@ -0,0 +1,4 @@
+foo:200011:10
+foo:200000:11
+foo:100000:1001
+foo:101000:501
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/usermod.test b/tests/subids/24_usermod_create_subids_overlapping_ranges/usermod.test
new file mode 100755
index 0000000..ad1725b
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can create overlapping subuid and subgid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create ranges of subuid and subgid for user foo (usermod -v 101000-101500 -w 100000-100501 -w 100500-101501 -v 100000-101000 -v 200000-200010 -v 200011-200020 -w 100000-100401 foo)..."
+usermod -v 101000-101500 -w 100000-100501 -w 100500-101501 -v 100000-101000 -v 200000-200010 -v 200011-200020 -w 100000-100401 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/25_usermod_add_range/config.txt b/tests/subids/25_usermod_add_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/25_usermod_add_range/config/etc/default/useradd b/tests/subids/25_usermod_add_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/25_usermod_add_range/config/etc/group b/tests/subids/25_usermod_add_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/25_usermod_add_range/config/etc/gshadow b/tests/subids/25_usermod_add_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/25_usermod_add_range/config/etc/passwd b/tests/subids/25_usermod_add_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/25_usermod_add_range/config/etc/shadow b/tests/subids/25_usermod_add_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/25_usermod_add_range/config/etc/subgid b/tests/subids/25_usermod_add_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/25_usermod_add_range/config/etc/subuid b/tests/subids/25_usermod_add_range/config/etc/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/25_usermod_add_range/data/subgid b/tests/subids/25_usermod_add_range/data/subgid
new file mode 100644
index 0000000..e4babf0
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/data/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:150000:502
diff --git a/tests/subids/25_usermod_add_range/data/subuid b/tests/subids/25_usermod_add_range/data/subuid
new file mode 100644
index 0000000..80fb282
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/data/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:120000:501
diff --git a/tests/subids/25_usermod_add_range/usermod.test b/tests/subids/25_usermod_add_range/usermod.test
new file mode 100755
index 0000000..5278875
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can add subuid and subgid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add ranges of subuid and subgid for user foo (usermod -v 120000-120500 -w 150000-150501 foo)..."
+usermod -v 120000-120500 -w 150000-150501 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config.txt b/tests/subids/26_usermod_add_overlapping_ranges/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/default/useradd b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/group b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/gshadow b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/passwd b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/shadow b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subgid b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subgid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subuid b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/data/subgid b/tests/subids/26_usermod_add_overlapping_ranges/data/subgid
new file mode 100644
index 0000000..455f531
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/data/subgid
@@ -0,0 +1,3 @@
+foo:100000:10000
+foo:200000:10000
+foo:100000:50502
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/data/subuid b/tests/subids/26_usermod_add_overlapping_ranges/data/subuid
new file mode 100644
index 0000000..072266b
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/data/subuid
@@ -0,0 +1,3 @@
+foo:100000:10000
+foo:200000:10000
+foo:110000:10501
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/usermod.test b/tests/subids/26_usermod_add_overlapping_ranges/usermod.test
new file mode 100755
index 0000000..9224181
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can add subuid and subgid ranges overlapping with existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add ranges of subuid and subgid for user foo (usermod -v 110000-120500 -w 100000-150501 -v 200000-200500 foo)..."
+usermod -v 110000-120500 -w 100000-150501 -v 200000-200500 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/27_usermod_remove_range_all/config.txt b/tests/subids/27_usermod_remove_range_all/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/default/useradd b/tests/subids/27_usermod_remove_range_all/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/group b/tests/subids/27_usermod_remove_range_all/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/gshadow b/tests/subids/27_usermod_remove_range_all/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/passwd b/tests/subids/27_usermod_remove_range_all/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/shadow b/tests/subids/27_usermod_remove_range_all/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/subgid b/tests/subids/27_usermod_remove_range_all/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/subuid b/tests/subids/27_usermod_remove_range_all/config/etc/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/27_usermod_remove_range_all/data/subgid b/tests/subids/27_usermod_remove_range_all/data/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/data/subgid
diff --git a/tests/subids/27_usermod_remove_range_all/data/subuid b/tests/subids/27_usermod_remove_range_all/data/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/data/subuid
diff --git a/tests/subids/27_usermod_remove_range_all/usermod.test b/tests/subids/27_usermod_remove_range_all/usermod.test
new file mode 100755
index 0000000..0bd7f0b
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove subuid and subgid ranges matching boundaries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-109999 -W 100000-109999 foo)..."
+usermod -V 100000-109999 -W 100000-109999 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config.txt b/tests/subids/28_usermod_remove_range_partial_begin/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/default/useradd b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/group b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/gshadow b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/passwd b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/shadow b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subgid b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subgid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subuid b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/data/subgid b/tests/subids/28_usermod_remove_range_partial_begin/data/subgid
new file mode 100644
index 0000000..8feb16c
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/data/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200001:9999
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/data/subuid b/tests/subids/28_usermod_remove_range_partial_begin/data/subuid
new file mode 100644
index 0000000..454c624
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/data/subuid
@@ -0,0 +1,2 @@
+foo:106000:4000
+foo:209999:1
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/usermod.test b/tests/subids/28_usermod_remove_range_partial_begin/usermod.test
new file mode 100755
index 0000000..03a7966
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges with matching lower boundaries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-105999 -W 200000-200000 foo)..."
+usermod -V 100000-105999 -W 200000-200000 -V 200000-209998 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config.txt b/tests/subids/29_usermod_remove_range_partial_middle/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/default/useradd b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/group b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/gshadow b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/passwd b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/shadow b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subgid b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subuid b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/data/subgid b/tests/subids/29_usermod_remove_range_partial_middle/data/subgid
new file mode 100644
index 0000000..179115c
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/data/subgid
@@ -0,0 +1,2 @@
+foo:100000:5000
+foo:109999:1
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/data/subuid b/tests/subids/29_usermod_remove_range_partial_middle/data/subuid
new file mode 100644
index 0000000..b1f3d76
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/data/subuid
@@ -0,0 +1,4 @@
+foo:100000:1
+foo:200000:5000
+foo:207001:2999
+foo:106000:4000
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/usermod.test b/tests/subids/29_usermod_remove_range_partial_middle/usermod.test
new file mode 100755
index 0000000..bba46bc
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges included in existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100001-105999 -W 105000-109998 -V 205000-207000 foo)..."
+usermod -V 100001-105999 -W 105000-109998 -V 205000-207000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config.txt b/tests/subids/30_usermod_remove_range_partial_end/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/default/useradd b/tests/subids/30_usermod_remove_range_partial_end/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/group b/tests/subids/30_usermod_remove_range_partial_end/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/gshadow b/tests/subids/30_usermod_remove_range_partial_end/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/passwd b/tests/subids/30_usermod_remove_range_partial_end/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/shadow b/tests/subids/30_usermod_remove_range_partial_end/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/subgid b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/subuid b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/30_usermod_remove_range_partial_end/data/subgid b/tests/subids/30_usermod_remove_range_partial_end/data/subgid
new file mode 100644
index 0000000..707bde6
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/data/subgid
@@ -0,0 +1 @@
+foo:100000:5000
diff --git a/tests/subids/30_usermod_remove_range_partial_end/data/subuid b/tests/subids/30_usermod_remove_range_partial_end/data/subuid
new file mode 100644
index 0000000..88ff38c
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/data/subuid
@@ -0,0 +1,2 @@
+foo:100000:1
+foo:200000:9999
diff --git a/tests/subids/30_usermod_remove_range_partial_end/usermod.test b/tests/subids/30_usermod_remove_range_partial_end/usermod.test
new file mode 100755
index 0000000..c110716
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges with matching upper boundaries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100001-109999 -W 105000-109999 -V 209998-209999 foo)..."
+usermod -V 100001-109999 -W 105000-109999 -V 209999-209999 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/31_usermod_remove_outside_range/config.txt b/tests/subids/31_usermod_remove_outside_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/default/useradd b/tests/subids/31_usermod_remove_outside_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/group b/tests/subids/31_usermod_remove_outside_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/gshadow b/tests/subids/31_usermod_remove_outside_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/passwd b/tests/subids/31_usermod_remove_outside_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/shadow b/tests/subids/31_usermod_remove_outside_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/subgid b/tests/subids/31_usermod_remove_outside_range/config/etc/subgid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/subuid b/tests/subids/31_usermod_remove_outside_range/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/31_usermod_remove_outside_range/data/subgid b/tests/subids/31_usermod_remove_outside_range/data/subgid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/data/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/31_usermod_remove_outside_range/data/subuid b/tests/subids/31_usermod_remove_outside_range/data/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/data/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/31_usermod_remove_outside_range/usermod.test b/tests/subids/31_usermod_remove_outside_range/usermod.test
new file mode 100755
index 0000000..477c722
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod does not remove subuid and subgid ranges if provided ranges are outside of existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 1000-99999 -W 110000-199999 foo)..."
+usermod -V 1000-99999 -W 110000-199999 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config.txt b/tests/subids/32_usermod_remove_overlapping_range_begin/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/default/useradd b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/group b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/gshadow b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/passwd b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/shadow b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subgid b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subuid b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/data/subgid b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subgid
new file mode 100644
index 0000000..c2dcd1a
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subgid
@@ -0,0 +1 @@
+foo:109999:1
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/data/subuid b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subuid
new file mode 100644
index 0000000..30bf143
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subuid
@@ -0,0 +1,2 @@
+foo:100001:9999
+foo:209999:1
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/usermod.test b/tests/subids/32_usermod_remove_overlapping_range_begin/usermod.test
new file mode 100755
index 0000000..1f2766a
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges overlapping beginning of existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 10000-100000 -W 5000-109998 -V 110000-209998 foo)..."
+usermod -V 10000-100000 -W 5000-109998 -V 110000-209998 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config.txt b/tests/subids/33_usermod_remove_overlapping_range_end/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/default/useradd b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/group b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/gshadow b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/passwd b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/shadow b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subgid b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subuid b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/data/subgid b/tests/subids/33_usermod_remove_overlapping_range_end/data/subgid
new file mode 100644
index 0000000..707bde6
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/data/subgid
@@ -0,0 +1 @@
+foo:100000:5000
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/data/subuid b/tests/subids/33_usermod_remove_overlapping_range_end/data/subuid
new file mode 100644
index 0000000..88ff38c
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/data/subuid
@@ -0,0 +1,2 @@
+foo:100000:1
+foo:200000:9999
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/usermod.test b/tests/subids/33_usermod_remove_overlapping_range_end/usermod.test
new file mode 100755
index 0000000..545fd27
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges overlapping upper boundaries of existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100001-109999 -W 105000-120000 -V 209999-210001 foo)..."
+usermod -V 100001-109999 -W 105000-120000 -V 209999-210001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config.txt b/tests/subids/34_usermod_remove_overlapping_range_all/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/default/useradd b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/group b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/gshadow b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/passwd b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/shadow b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subgid b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subuid b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/data/subgid b/tests/subids/34_usermod_remove_overlapping_range_all/data/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/data/subgid
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/data/subuid b/tests/subids/34_usermod_remove_overlapping_range_all/data/subuid
new file mode 100644
index 0000000..92313ec
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/data/subuid
@@ -0,0 +1 @@
+foo:100000:9999
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/usermod.test b/tests/subids/34_usermod_remove_overlapping_range_all/usermod.test
new file mode 100755
index 0000000..ba781eb
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges whose boundaries overlap boundaries of existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -W 99997-110002 -V 109999-210000 foo)..."
+usermod -W 99997-110002 -V 109999-210000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config.txt b/tests/subids/35_usermod_remove_only_user_ranges/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/default/useradd b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/group b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/gshadow b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/passwd b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/shadow b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subgid b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subgid
new file mode 100644
index 0000000..81c7134
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subgid
@@ -0,0 +1,4 @@
+root:100000:10000
+foo:100000:10000
+foo:200000:10000
+foo:100000:10000
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subuid b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subuid
new file mode 100644
index 0000000..96f8274
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subuid
@@ -0,0 +1,4 @@
+foo:100000:10000
+foo:200000:10000
+root:100000:10000
+foo:100000:10000
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/data/subgid b/tests/subids/35_usermod_remove_only_user_ranges/data/subgid
new file mode 100644
index 0000000..ba36f20
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/data/subgid
@@ -0,0 +1,2 @@
+root:100000:10000
+foo:200000:10000
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/data/subuid b/tests/subids/35_usermod_remove_only_user_ranges/data/subuid
new file mode 100644
index 0000000..5000837
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/data/subuid
@@ -0,0 +1,2 @@
+foo:200000:10000
+root:100000:10000
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/usermod.test b/tests/subids/35_usermod_remove_only_user_ranges/usermod.test
new file mode 100755
index 0000000..191ffb2
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod does not remove subuid and subgid ranges of other users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-109999 -W 100000-109999 foo)..."
+usermod -V 100000-109999 -W 100000-109999 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/36_usermod_remove_with_comment/config.txt b/tests/subids/36_usermod_remove_with_comment/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/default/useradd b/tests/subids/36_usermod_remove_with_comment/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/group b/tests/subids/36_usermod_remove_with_comment/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/gshadow b/tests/subids/36_usermod_remove_with_comment/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/passwd b/tests/subids/36_usermod_remove_with_comment/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/shadow b/tests/subids/36_usermod_remove_with_comment/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/subgid b/tests/subids/36_usermod_remove_with_comment/config/etc/subgid
new file mode 100644
index 0000000..efd5bbc
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/subgid
@@ -0,0 +1,3 @@
+foo:100000:10000
+# This is a duplicate entry
+foo:100000:10000
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/subuid b/tests/subids/36_usermod_remove_with_comment/config/etc/subuid
new file mode 100644
index 0000000..efd5bbc
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/subuid
@@ -0,0 +1,3 @@
+foo:100000:10000
+# This is a duplicate entry
+foo:100000:10000
diff --git a/tests/subids/36_usermod_remove_with_comment/data/subgid b/tests/subids/36_usermod_remove_with_comment/data/subgid
new file mode 100644
index 0000000..cbb145c
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/data/subgid
@@ -0,0 +1 @@
+# This is a duplicate entry
diff --git a/tests/subids/36_usermod_remove_with_comment/data/subuid b/tests/subids/36_usermod_remove_with_comment/data/subuid
new file mode 100644
index 0000000..cbb145c
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/data/subuid
@@ -0,0 +1 @@
+# This is a duplicate entry
diff --git a/tests/subids/36_usermod_remove_with_comment/usermod.test b/tests/subids/36_usermod_remove_with_comment/usermod.test
new file mode 100755
index 0000000..ae1e146
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod ignores and keeps comments when ranges are removed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-109999 -W 100000-109999 foo)..."
+usermod -V 100000-109999 -W 100000-109999 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/37_usermod_-v_invalid_range/config.txt b/tests/subids/37_usermod_-v_invalid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/default/useradd b/tests/subids/37_usermod_-v_invalid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/group b/tests/subids/37_usermod_-v_invalid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/gshadow b/tests/subids/37_usermod_-v_invalid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/passwd b/tests/subids/37_usermod_-v_invalid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/shadow b/tests/subids/37_usermod_-v_invalid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/subgid b/tests/subids/37_usermod_-v_invalid_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/subuid b/tests/subids/37_usermod_-v_invalid_range/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/37_usermod_-v_invalid_range/data/usermod.err b/tests/subids/37_usermod_-v_invalid_range/data/usermod.err
new file mode 100644
index 0000000..b863376
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '110000-100000'
diff --git a/tests/subids/37_usermod_-v_invalid_range/usermod.test b/tests/subids/37_usermod_-v_invalid_range/usermod.test
new file mode 100755
index 0000000..4f0ec18
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "min > max (usermod -v 110000-100000 foo)..."
+usermod -v 110000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/38_usermod_-V_invalid_range/config.txt b/tests/subids/38_usermod_-V_invalid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/default/useradd b/tests/subids/38_usermod_-V_invalid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/group b/tests/subids/38_usermod_-V_invalid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/gshadow b/tests/subids/38_usermod_-V_invalid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/passwd b/tests/subids/38_usermod_-V_invalid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/shadow b/tests/subids/38_usermod_-V_invalid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/subgid b/tests/subids/38_usermod_-V_invalid_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/subuid b/tests/subids/38_usermod_-V_invalid_range/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/38_usermod_-V_invalid_range/data/usermod.err b/tests/subids/38_usermod_-V_invalid_range/data/usermod.err
new file mode 100644
index 0000000..2d8964d
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '110000'
diff --git a/tests/subids/38_usermod_-V_invalid_range/usermod.test b/tests/subids/38_usermod_-V_invalid_range/usermod.test
new file mode 100755
index 0000000..462c803
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "range is a single value (usermod -V 110000 foo)..."
+usermod -V 110000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/39_usermod_-w_invalid_range/config.txt b/tests/subids/39_usermod_-w_invalid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/default/useradd b/tests/subids/39_usermod_-w_invalid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/group b/tests/subids/39_usermod_-w_invalid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/gshadow b/tests/subids/39_usermod_-w_invalid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/passwd b/tests/subids/39_usermod_-w_invalid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/shadow b/tests/subids/39_usermod_-w_invalid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/subgid b/tests/subids/39_usermod_-w_invalid_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/subuid b/tests/subids/39_usermod_-w_invalid_range/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/39_usermod_-w_invalid_range/data/usermod.err b/tests/subids/39_usermod_-w_invalid_range/data/usermod.err
new file mode 100644
index 0000000..1e3eb0b
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate gid range '100000a-110000'
diff --git a/tests/subids/39_usermod_-w_invalid_range/usermod.test b/tests/subids/39_usermod_-w_invalid_range/usermod.test
new file mode 100755
index 0000000..8d56dc3
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "characters insterted in range (usermod -w 100000a-110000 foo)..."
+usermod -w 100000a-110000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/40_usermod_-W_invalid_range/config.txt b/tests/subids/40_usermod_-W_invalid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/default/useradd b/tests/subids/40_usermod_-W_invalid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/group b/tests/subids/40_usermod_-W_invalid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/gshadow b/tests/subids/40_usermod_-W_invalid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/passwd b/tests/subids/40_usermod_-W_invalid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/shadow b/tests/subids/40_usermod_-W_invalid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/subgid b/tests/subids/40_usermod_-W_invalid_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/subuid b/tests/subids/40_usermod_-W_invalid_range/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/40_usermod_-W_invalid_range/data/usermod.err b/tests/subids/40_usermod_-W_invalid_range/data/usermod.err
new file mode 100644
index 0000000..15803ff
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate gid range '100000-110000a'
diff --git a/tests/subids/40_usermod_-W_invalid_range/usermod.test b/tests/subids/40_usermod_-W_invalid_range/usermod.test
new file mode 100755
index 0000000..803ab62
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "invalid characters appended (usermod -W 100000-110000a foo)..."
+usermod -W 100000-110000a foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/41_usermod_locked_subuid/config.txt b/tests/subids/41_usermod_locked_subuid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config.txt
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/default/useradd b/tests/subids/41_usermod_locked_subuid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/group b/tests/subids/41_usermod_locked_subuid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/gshadow b/tests/subids/41_usermod_locked_subuid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/passwd b/tests/subids/41_usermod_locked_subuid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/shadow b/tests/subids/41_usermod_locked_subuid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/subgid b/tests/subids/41_usermod_locked_subuid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/subgid
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/subuid b/tests/subids/41_usermod_locked_subuid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/subuid
diff --git a/tests/subids/41_usermod_locked_subuid/data/usermod.err b/tests/subids/41_usermod_locked_subuid/data/usermod.err
new file mode 100644
index 0000000..5d2daeb
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/subuid.lock without a PID
+usermod: cannot lock /etc/subuid; try again later.
diff --git a/tests/subids/41_usermod_locked_subuid/usermod.test b/tests/subids/41_usermod_locked_subuid/usermod.test
new file mode 100755
index 0000000..8b954ea
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/usermod.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks if the subuid file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subuid.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/subuid..."
+touch /etc/subuid.lock
+echo "done"
+
+echo -n "Add subuid ranges to user foo (usermod -v 100000-100000 foo)..."
+usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/subuid.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/42_usermod_locked_subgid/config.txt b/tests/subids/42_usermod_locked_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config.txt
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/default/useradd b/tests/subids/42_usermod_locked_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/group b/tests/subids/42_usermod_locked_subgid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/gshadow b/tests/subids/42_usermod_locked_subgid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/passwd b/tests/subids/42_usermod_locked_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/shadow b/tests/subids/42_usermod_locked_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/subgid b/tests/subids/42_usermod_locked_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/subgid
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/subuid b/tests/subids/42_usermod_locked_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/subuid
diff --git a/tests/subids/42_usermod_locked_subgid/data/usermod.err b/tests/subids/42_usermod_locked_subgid/data/usermod.err
new file mode 100644
index 0000000..dee7b1d
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/subgid.lock without a PID
+usermod: cannot lock /etc/subgid; try again later.
diff --git a/tests/subids/42_usermod_locked_subgid/usermod.test b/tests/subids/42_usermod_locked_subgid/usermod.test
new file mode 100755
index 0000000..c44be3a
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/usermod.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks if the subgid file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subgid.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/subgid..."
+touch /etc/subgid.lock
+echo "done"
+
+echo -n "Add subgid ranges to user foo (usermod -w 100000-100000 foo)..."
+usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/subgid.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/43_usermod_-w_no_subgid/config.txt b/tests/subids/43_usermod_-w_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config.txt
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/default/useradd b/tests/subids/43_usermod_-w_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/group b/tests/subids/43_usermod_-w_no_subgid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/gshadow b/tests/subids/43_usermod_-w_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/passwd b/tests/subids/43_usermod_-w_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/shadow b/tests/subids/43_usermod_-w_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/subgid b/tests/subids/43_usermod_-w_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/subgid
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/subuid b/tests/subids/43_usermod_-w_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/subuid
diff --git a/tests/subids/43_usermod_-w_no_subgid/data/usermod.err b/tests/subids/43_usermod_-w_no_subgid/data/usermod.err
new file mode 100644
index 0000000..4f03a68
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/data/usermod.err
@@ -0,0 +1 @@
+usermod: /etc/subgid does not exist, you cannot use the flags -w or -W
diff --git a/tests/subids/43_usermod_-w_no_subgid/usermod.test b/tests/subids/43_usermod_-w_no_subgid/usermod.test
new file mode 100755
index 0000000..118bc4a
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/usermod.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -w fails is there is no subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subgid..."
+rm -f /etc/subgid
+echo "OK"
+
+echo -n "Add subgid ranges to user foo (usermod -w 100000-100000 foo)..."
+usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+test ! -f /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/44_usermod_-W_no_subgid/config.txt b/tests/subids/44_usermod_-W_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config.txt
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/default/useradd b/tests/subids/44_usermod_-W_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/group b/tests/subids/44_usermod_-W_no_subgid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/gshadow b/tests/subids/44_usermod_-W_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/passwd b/tests/subids/44_usermod_-W_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/shadow b/tests/subids/44_usermod_-W_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/subgid b/tests/subids/44_usermod_-W_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/subgid
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/subuid b/tests/subids/44_usermod_-W_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/subuid
diff --git a/tests/subids/44_usermod_-W_no_subgid/data/usermod.err b/tests/subids/44_usermod_-W_no_subgid/data/usermod.err
new file mode 100644
index 0000000..4f03a68
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/data/usermod.err
@@ -0,0 +1 @@
+usermod: /etc/subgid does not exist, you cannot use the flags -w or -W
diff --git a/tests/subids/44_usermod_-W_no_subgid/usermod.test b/tests/subids/44_usermod_-W_no_subgid/usermod.test
new file mode 100755
index 0000000..da7788e
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/usermod.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -W fails is there is no subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subgid..."
+rm -f /etc/subgid
+echo "OK"
+
+echo -n "Remove subgid ranges to user foo (usermod -W 100000-100000 foo)..."
+usermod -W 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+test ! -f /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/45_usermod_-v_no_subgid/config.txt b/tests/subids/45_usermod_-v_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config.txt
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/default/useradd b/tests/subids/45_usermod_-v_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/group b/tests/subids/45_usermod_-v_no_subgid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/gshadow b/tests/subids/45_usermod_-v_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/passwd b/tests/subids/45_usermod_-v_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/shadow b/tests/subids/45_usermod_-v_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/subgid b/tests/subids/45_usermod_-v_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/subgid
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/subuid b/tests/subids/45_usermod_-v_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/subuid
diff --git a/tests/subids/45_usermod_-v_no_subgid/data/usermod.err b/tests/subids/45_usermod_-v_no_subgid/data/usermod.err
new file mode 100644
index 0000000..e3ea042
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/data/usermod.err
@@ -0,0 +1 @@
+usermod: /etc/subuid does not exist, you cannot use the flags -v or -V
diff --git a/tests/subids/45_usermod_-v_no_subgid/usermod.test b/tests/subids/45_usermod_-v_no_subgid/usermod.test
new file mode 100755
index 0000000..af1359d
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/usermod.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -v fails is there is no subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subuid..."
+rm -f /etc/subuid
+echo "OK"
+
+echo -n "Add subuid ranges to user foo (usermod -v 100000-100000 foo)..."
+usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/46_usermod_-V_no_subgid/config.txt b/tests/subids/46_usermod_-V_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config.txt
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/default/useradd b/tests/subids/46_usermod_-V_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/group b/tests/subids/46_usermod_-V_no_subgid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/gshadow b/tests/subids/46_usermod_-V_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/passwd b/tests/subids/46_usermod_-V_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/shadow b/tests/subids/46_usermod_-V_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/subgid b/tests/subids/46_usermod_-V_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/subgid
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/subuid b/tests/subids/46_usermod_-V_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/subuid
diff --git a/tests/subids/46_usermod_-V_no_subgid/data/usermod.err b/tests/subids/46_usermod_-V_no_subgid/data/usermod.err
new file mode 100644
index 0000000..e3ea042
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/data/usermod.err
@@ -0,0 +1 @@
+usermod: /etc/subuid does not exist, you cannot use the flags -v or -V
diff --git a/tests/subids/46_usermod_-V_no_subgid/usermod.test b/tests/subids/46_usermod_-V_no_subgid/usermod.test
new file mode 100755
index 0000000..df95f3f
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/usermod.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -V fails is there is no subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subuid..."
+rm -f /etc/subuid
+echo "OK"
+
+echo -n "Remove subuid ranges to user foo (usermod -V 100000-100000 foo)..."
+usermod -V 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config.txt b/tests/subids/47_usermod_-v_invalid_range2/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/default/useradd b/tests/subids/47_usermod_-v_invalid_range2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/group b/tests/subids/47_usermod_-v_invalid_range2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/gshadow b/tests/subids/47_usermod_-v_invalid_range2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/passwd b/tests/subids/47_usermod_-v_invalid_range2/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/shadow b/tests/subids/47_usermod_-v_invalid_range2/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/subgid b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/subuid b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/47_usermod_-v_invalid_range2/data/usermod.err b/tests/subids/47_usermod_-v_invalid_range2/data/usermod.err
new file mode 100644
index 0000000..384efdc
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range 'a100000-110000'
diff --git a/tests/subids/47_usermod_-v_invalid_range2/usermod.test b/tests/subids/47_usermod_-v_invalid_range2/usermod.test
new file mode 100755
index 0000000..776e383
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "invalid characters at the beginning (usermod -v a100000-110000 foo)..."
+usermod -v a100000-110000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config.txt b/tests/subids/48_usermod_-v_invalid_range3/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/default/useradd b/tests/subids/48_usermod_-v_invalid_range3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/group b/tests/subids/48_usermod_-v_invalid_range3/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/gshadow b/tests/subids/48_usermod_-v_invalid_range3/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/passwd b/tests/subids/48_usermod_-v_invalid_range3/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/shadow b/tests/subids/48_usermod_-v_invalid_range3/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/subgid b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/subuid b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/48_usermod_-v_invalid_range3/data/usermod.err b/tests/subids/48_usermod_-v_invalid_range3/data/usermod.err
new file mode 100644
index 0000000..26b5963
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range ''
diff --git a/tests/subids/48_usermod_-v_invalid_range3/usermod.test b/tests/subids/48_usermod_-v_invalid_range3/usermod.test
new file mode 100755
index 0000000..3363322
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "empty range (usermod -v '' foo)..."
+usermod -v '' foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config.txt b/tests/subids/49_usermod_-v_invalid_range4/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/default/useradd b/tests/subids/49_usermod_-v_invalid_range4/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/group b/tests/subids/49_usermod_-v_invalid_range4/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/gshadow b/tests/subids/49_usermod_-v_invalid_range4/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/passwd b/tests/subids/49_usermod_-v_invalid_range4/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/shadow b/tests/subids/49_usermod_-v_invalid_range4/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/subgid b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/subuid b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/49_usermod_-v_invalid_range4/data/usermod.err b/tests/subids/49_usermod_-v_invalid_range4/data/usermod.err
new file mode 100644
index 0000000..3b7df62
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '-100000-110000'
diff --git a/tests/subids/49_usermod_-v_invalid_range4/usermod.test b/tests/subids/49_usermod_-v_invalid_range4/usermod.test
new file mode 100755
index 0000000..c0b9357
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "negative UID (usermod -v -100000-110000 foo)..."
+usermod -v -100000-110000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config.txt b/tests/subids/50_usermod_-v_invalid_range5/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/default/useradd b/tests/subids/50_usermod_-v_invalid_range5/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/group b/tests/subids/50_usermod_-v_invalid_range5/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/gshadow b/tests/subids/50_usermod_-v_invalid_range5/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/passwd b/tests/subids/50_usermod_-v_invalid_range5/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/shadow b/tests/subids/50_usermod_-v_invalid_range5/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/subgid b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/subuid b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/50_usermod_-v_invalid_range5/data/usermod.err b/tests/subids/50_usermod_-v_invalid_range5/data/usermod.err
new file mode 100644
index 0000000..4d538c9
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '9223372036854775808-110000'
diff --git a/tests/subids/50_usermod_-v_invalid_range5/usermod.test b/tests/subids/50_usermod_-v_invalid_range5/usermod.test
new file mode 100755
index 0000000..ddd831f
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "out of range UID (usermod -v 9223372036854775808-110000 foo)..."
+usermod -v 9223372036854775808-110000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config.txt b/tests/subids/51_usermod_-v_invalid_range6/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/default/useradd b/tests/subids/51_usermod_-v_invalid_range6/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/group b/tests/subids/51_usermod_-v_invalid_range6/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/gshadow b/tests/subids/51_usermod_-v_invalid_range6/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/passwd b/tests/subids/51_usermod_-v_invalid_range6/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/shadow b/tests/subids/51_usermod_-v_invalid_range6/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/subgid b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/subuid b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/51_usermod_-v_invalid_range6/data/usermod.err b/tests/subids/51_usermod_-v_invalid_range6/data/usermod.err
new file mode 100644
index 0000000..64d4f80
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '110000-9223372036854775808'
diff --git a/tests/subids/51_usermod_-v_invalid_range6/usermod.test b/tests/subids/51_usermod_-v_invalid_range6/usermod.test
new file mode 100755
index 0000000..3b23c76
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "out of range UID (usermod -v 110000-9223372036854775808 foo)..."
+usermod -v 110000-9223372036854775808 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config.txt b/tests/subids/52_usermod_-v_invalid_range7/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/default/useradd b/tests/subids/52_usermod_-v_invalid_range7/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/group b/tests/subids/52_usermod_-v_invalid_range7/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/gshadow b/tests/subids/52_usermod_-v_invalid_range7/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/passwd b/tests/subids/52_usermod_-v_invalid_range7/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/shadow b/tests/subids/52_usermod_-v_invalid_range7/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/subgid b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/subuid b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/52_usermod_-v_invalid_range7/data/usermod.err b/tests/subids/52_usermod_-v_invalid_range7/data/usermod.err
new file mode 100644
index 0000000..746202a
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '100000--110000'
diff --git a/tests/subids/52_usermod_-v_invalid_range7/usermod.test b/tests/subids/52_usermod_-v_invalid_range7/usermod.test
new file mode 100755
index 0000000..a00cf16
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "negative upper limit (usermod -v 100000--110000 foo)..."
+usermod -v 100000--110000 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/53_userdel_one_subuid_range/config.txt b/tests/subids/53_userdel_one_subuid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/default/useradd b/tests/subids/53_userdel_one_subuid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/group b/tests/subids/53_userdel_one_subuid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/gshadow b/tests/subids/53_userdel_one_subuid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/passwd b/tests/subids/53_userdel_one_subuid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/shadow b/tests/subids/53_userdel_one_subuid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/subgid b/tests/subids/53_userdel_one_subuid_range/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/subgid
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/subuid b/tests/subids/53_userdel_one_subuid_range/config/etc/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/53_userdel_one_subuid_range/data/group b/tests/subids/53_userdel_one_subuid_range/data/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/53_userdel_one_subuid_range/data/gshadow b/tests/subids/53_userdel_one_subuid_range/data/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/53_userdel_one_subuid_range/data/passwd b/tests/subids/53_userdel_one_subuid_range/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/53_userdel_one_subuid_range/data/shadow b/tests/subids/53_userdel_one_subuid_range/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/53_userdel_one_subuid_range/data/subuid b/tests/subids/53_userdel_one_subuid_range/data/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/data/subuid
diff --git a/tests/subids/53_userdel_one_subuid_range/userdel.test b/tests/subids/53_userdel_one_subuid_range/userdel.test
new file mode 100755
index 0000000..2588794
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/userdel.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can delete an user with its subordinate UIDs range"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/54_userdel_one_subgid_range/config.txt b/tests/subids/54_userdel_one_subgid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/default/useradd b/tests/subids/54_userdel_one_subgid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/group b/tests/subids/54_userdel_one_subgid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/gshadow b/tests/subids/54_userdel_one_subgid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/passwd b/tests/subids/54_userdel_one_subgid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/shadow b/tests/subids/54_userdel_one_subgid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/subgid b/tests/subids/54_userdel_one_subgid_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/subuid b/tests/subids/54_userdel_one_subgid_range/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/subuid
diff --git a/tests/subids/54_userdel_one_subgid_range/data/group b/tests/subids/54_userdel_one_subgid_range/data/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/54_userdel_one_subgid_range/data/gshadow b/tests/subids/54_userdel_one_subgid_range/data/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/54_userdel_one_subgid_range/data/passwd b/tests/subids/54_userdel_one_subgid_range/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/54_userdel_one_subgid_range/data/shadow b/tests/subids/54_userdel_one_subgid_range/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/54_userdel_one_subgid_range/data/subgid b/tests/subids/54_userdel_one_subgid_range/data/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/data/subgid
diff --git a/tests/subids/54_userdel_one_subgid_range/userdel.test b/tests/subids/54_userdel_one_subgid_range/userdel.test
new file mode 100755
index 0000000..4ac57f8
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/userdel.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can delete an user with its subordinate GIDs range"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/55_userdel_no_subuid/config.txt b/tests/subids/55_userdel_no_subuid/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/default/useradd b/tests/subids/55_userdel_no_subuid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/group b/tests/subids/55_userdel_no_subuid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/gshadow b/tests/subids/55_userdel_no_subuid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/passwd b/tests/subids/55_userdel_no_subuid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/shadow b/tests/subids/55_userdel_no_subuid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/subgid b/tests/subids/55_userdel_no_subuid/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/subuid b/tests/subids/55_userdel_no_subuid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/subuid
diff --git a/tests/subids/55_userdel_no_subuid/data/group b/tests/subids/55_userdel_no_subuid/data/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/55_userdel_no_subuid/data/gshadow b/tests/subids/55_userdel_no_subuid/data/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/55_userdel_no_subuid/data/passwd b/tests/subids/55_userdel_no_subuid/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/55_userdel_no_subuid/data/shadow b/tests/subids/55_userdel_no_subuid/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/55_userdel_no_subuid/data/subgid b/tests/subids/55_userdel_no_subuid/data/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/data/subgid
diff --git a/tests/subids/55_userdel_no_subuid/userdel.test b/tests/subids/55_userdel_no_subuid/userdel.test
new file mode 100755
index 0000000..8b9f33f
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/userdel.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can remove an user with its subordinate GIDs even if /etc/subuid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/subgid..."
+rm -f /etc/subuid
+echo "OK"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/56_userdel_no_subgid/config.txt b/tests/subids/56_userdel_no_subgid/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/default/useradd b/tests/subids/56_userdel_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/group b/tests/subids/56_userdel_no_subgid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/gshadow b/tests/subids/56_userdel_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/passwd b/tests/subids/56_userdel_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/shadow b/tests/subids/56_userdel_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/subgid b/tests/subids/56_userdel_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/subgid
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/subuid b/tests/subids/56_userdel_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/56_userdel_no_subgid/data/group b/tests/subids/56_userdel_no_subgid/data/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/56_userdel_no_subgid/data/gshadow b/tests/subids/56_userdel_no_subgid/data/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/56_userdel_no_subgid/data/passwd b/tests/subids/56_userdel_no_subgid/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/56_userdel_no_subgid/data/shadow b/tests/subids/56_userdel_no_subgid/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/56_userdel_no_subgid/data/subuid b/tests/subids/56_userdel_no_subgid/data/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/data/subuid
diff --git a/tests/subids/56_userdel_no_subgid/userdel.test b/tests/subids/56_userdel_no_subgid/userdel.test
new file mode 100755
index 0000000..fe545c0
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/userdel.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can remove an user with its subordinate UIDs even if /etc/subgid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/subgid..."
+rm -f /etc/subgid
+echo "OK"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+test ! -f /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/57_userdel_multiple_ranges/config.txt b/tests/subids/57_userdel_multiple_ranges/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/default/useradd b/tests/subids/57_userdel_multiple_ranges/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/group b/tests/subids/57_userdel_multiple_ranges/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/gshadow b/tests/subids/57_userdel_multiple_ranges/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/passwd b/tests/subids/57_userdel_multiple_ranges/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/shadow b/tests/subids/57_userdel_multiple_ranges/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/subgid b/tests/subids/57_userdel_multiple_ranges/config/etc/subgid
new file mode 100644
index 0000000..4b52edc
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/subgid
@@ -0,0 +1,14 @@
+#1
+foo:10000:500
+#2
+foo:100000:10000
+foo:100000:5000
+#3
+foo:200000:10000
+foo:200000:20000
+#4
+foo:300000:10000
+roo:300000:10000
+foo:300000:10000
+foo:400000:10000
+root:500000:1000
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/subuid b/tests/subids/57_userdel_multiple_ranges/config/etc/subuid
new file mode 100644
index 0000000..4b52edc
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/subuid
@@ -0,0 +1,14 @@
+#1
+foo:10000:500
+#2
+foo:100000:10000
+foo:100000:5000
+#3
+foo:200000:10000
+foo:200000:20000
+#4
+foo:300000:10000
+roo:300000:10000
+foo:300000:10000
+foo:400000:10000
+root:500000:1000
diff --git a/tests/subids/57_userdel_multiple_ranges/data/group b/tests/subids/57_userdel_multiple_ranges/data/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/57_userdel_multiple_ranges/data/gshadow b/tests/subids/57_userdel_multiple_ranges/data/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/57_userdel_multiple_ranges/data/passwd b/tests/subids/57_userdel_multiple_ranges/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/57_userdel_multiple_ranges/data/shadow b/tests/subids/57_userdel_multiple_ranges/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/57_userdel_multiple_ranges/data/subgid b/tests/subids/57_userdel_multiple_ranges/data/subgid
new file mode 100644
index 0000000..adb2561
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/subgid
@@ -0,0 +1,6 @@
+#1
+#2
+#3
+#4
+roo:300000:10000
+root:500000:1000
diff --git a/tests/subids/57_userdel_multiple_ranges/data/subuid b/tests/subids/57_userdel_multiple_ranges/data/subuid
new file mode 100644
index 0000000..adb2561
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/subuid
@@ -0,0 +1,6 @@
+#1
+#2
+#3
+#4
+roo:300000:10000
+root:500000:1000
diff --git a/tests/subids/57_userdel_multiple_ranges/userdel.test b/tests/subids/57_userdel_multiple_ranges/userdel.test
new file mode 100755
index 0000000..93f116f
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/userdel.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can delete an user with its subordinate UIDs ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/58_newusers_with_subids/config.txt b/tests/subids/58_newusers_with_subids/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config.txt
diff --git a/tests/subids/58_newusers_with_subids/config/etc/group b/tests/subids/58_newusers_with_subids/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/58_newusers_with_subids/config/etc/gshadow b/tests/subids/58_newusers_with_subids/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/58_newusers_with_subids/config/etc/pam.d/common-password b/tests/subids/58_newusers_with_subids/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/subids/58_newusers_with_subids/config/etc/pam.d/newusers b/tests/subids/58_newusers_with_subids/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/subids/58_newusers_with_subids/config/etc/passwd b/tests/subids/58_newusers_with_subids/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/58_newusers_with_subids/config/etc/shadow b/tests/subids/58_newusers_with_subids/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/58_newusers_with_subids/config/etc/subgid b/tests/subids/58_newusers_with_subids/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/subgid
diff --git a/tests/subids/58_newusers_with_subids/config/etc/subuid b/tests/subids/58_newusers_with_subids/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/subuid
diff --git a/tests/subids/58_newusers_with_subids/data/group b/tests/subids/58_newusers_with_subids/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/58_newusers_with_subids/data/gshadow b/tests/subids/58_newusers_with_subids/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/58_newusers_with_subids/data/newusers.list b/tests/subids/58_newusers_with_subids/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/58_newusers_with_subids/data/passwd b/tests/subids/58_newusers_with_subids/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/58_newusers_with_subids/data/shadow b/tests/subids/58_newusers_with_subids/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/subids/58_newusers_with_subids/data/subgid b/tests/subids/58_newusers_with_subids/data/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/58_newusers_with_subids/data/subuid b/tests/subids/58_newusers_with_subids/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/58_newusers_with_subids/newusers.test b/tests/subids/58_newusers_with_subids/newusers.test
new file mode 100755
index 0000000..2b69632
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/newusers.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers creates subordinate IDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/59_newusers_no_subuid/config.txt b/tests/subids/59_newusers_no_subuid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config.txt
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/group b/tests/subids/59_newusers_no_subuid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/gshadow b/tests/subids/59_newusers_no_subuid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/pam.d/common-password b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/pam.d/newusers b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/passwd b/tests/subids/59_newusers_no_subuid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/shadow b/tests/subids/59_newusers_no_subuid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/subgid b/tests/subids/59_newusers_no_subuid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/subgid
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/subuid b/tests/subids/59_newusers_no_subuid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/subuid
diff --git a/tests/subids/59_newusers_no_subuid/data/group b/tests/subids/59_newusers_no_subuid/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/59_newusers_no_subuid/data/gshadow b/tests/subids/59_newusers_no_subuid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/59_newusers_no_subuid/data/newusers.list b/tests/subids/59_newusers_no_subuid/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/59_newusers_no_subuid/data/passwd b/tests/subids/59_newusers_no_subuid/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/59_newusers_no_subuid/data/shadow b/tests/subids/59_newusers_no_subuid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/subids/59_newusers_no_subuid/data/subgid b/tests/subids/59_newusers_no_subuid/data/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/59_newusers_no_subuid/newusers.test b/tests/subids/59_newusers_no_subuid/newusers.test
new file mode 100755
index 0000000..f99d9a5
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers create subordinate GIDs even if /etc/subuid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/subuid..."
+rm -f /etc/subuid
+echo "OK"
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/60_newusers_no_subgid/config.txt b/tests/subids/60_newusers_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config.txt
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/group b/tests/subids/60_newusers_no_subgid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/gshadow b/tests/subids/60_newusers_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/pam.d/common-password b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/pam.d/newusers b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/passwd b/tests/subids/60_newusers_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/shadow b/tests/subids/60_newusers_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/subgid b/tests/subids/60_newusers_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/subgid
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/subuid b/tests/subids/60_newusers_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/subuid
diff --git a/tests/subids/60_newusers_no_subgid/data/group b/tests/subids/60_newusers_no_subgid/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/60_newusers_no_subgid/data/gshadow b/tests/subids/60_newusers_no_subgid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/60_newusers_no_subgid/data/newusers.list b/tests/subids/60_newusers_no_subgid/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/60_newusers_no_subgid/data/passwd b/tests/subids/60_newusers_no_subgid/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/60_newusers_no_subgid/data/shadow b/tests/subids/60_newusers_no_subgid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/subids/60_newusers_no_subgid/data/subuid b/tests/subids/60_newusers_no_subgid/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/60_newusers_no_subgid/newusers.test b/tests/subids/60_newusers_no_subgid/newusers.test
new file mode 100755
index 0000000..32a4174
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers create subordinate UIDs even if /etc/subgid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/subgid..."
+rm -f /etc/subgid
+echo "OK"
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+test ! -f /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config.txt b/tests/subids/61_newusers_user_already_has_subgids/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config.txt
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/group b/tests/subids/61_newusers_user_already_has_subgids/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/gshadow b/tests/subids/61_newusers_user_already_has_subgids/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/common-password b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/newusers b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/passwd b/tests/subids/61_newusers_user_already_has_subgids/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/shadow b/tests/subids/61_newusers_user_already_has_subgids/config/etc/shadow
new file mode 100644
index 0000000..648c54d
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/subgid b/tests/subids/61_newusers_user_already_has_subgids/config/etc/subgid
new file mode 100644
index 0000000..c6faa36
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/subgid
@@ -0,0 +1 @@
+foo:200000:2000
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/subuid b/tests/subids/61_newusers_user_already_has_subgids/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/subuid
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/group b/tests/subids/61_newusers_user_already_has_subgids/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/gshadow b/tests/subids/61_newusers_user_already_has_subgids/data/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/newusers.list b/tests/subids/61_newusers_user_already_has_subgids/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/passwd b/tests/subids/61_newusers_user_already_has_subgids/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/shadow b/tests/subids/61_newusers_user_already_has_subgids/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/subuid b/tests/subids/61_newusers_user_already_has_subgids/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/61_newusers_user_already_has_subgids/newusers.test b/tests/subids/61_newusers_user_already_has_subgids/newusers.test
new file mode 100755
index 0000000..752932e
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/newusers.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers does not create subordinate GIDs if the user already has subordinate GIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config.txt b/tests/subids/62_newusers_user_already_has_subuids/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config.txt
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/group b/tests/subids/62_newusers_user_already_has_subuids/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/gshadow b/tests/subids/62_newusers_user_already_has_subuids/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/common-password b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/newusers b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/passwd b/tests/subids/62_newusers_user_already_has_subuids/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/shadow b/tests/subids/62_newusers_user_already_has_subuids/config/etc/shadow
new file mode 100644
index 0000000..648c54d
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/subgid b/tests/subids/62_newusers_user_already_has_subuids/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/subgid
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/subuid b/tests/subids/62_newusers_user_already_has_subuids/config/etc/subuid
new file mode 100644
index 0000000..ad0d53a
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/subuid
@@ -0,0 +1,2 @@
+root:150000:10000
+foo:200000:2000
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/group b/tests/subids/62_newusers_user_already_has_subuids/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/gshadow b/tests/subids/62_newusers_user_already_has_subuids/data/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/newusers.list b/tests/subids/62_newusers_user_already_has_subuids/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/passwd b/tests/subids/62_newusers_user_already_has_subuids/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/shadow b/tests/subids/62_newusers_user_already_has_subuids/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/subgid b/tests/subids/62_newusers_user_already_has_subuids/data/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/62_newusers_user_already_has_subuids/newusers.test b/tests/subids/62_newusers_user_already_has_subuids/newusers.test
new file mode 100755
index 0000000..d300db8
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/newusers.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers does not create subordinate UIDs if the user already has subordinate UIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/63_useradd_fill_gap4/config.txt b/tests/subids/63_useradd_fill_gap4/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config.txt
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/default/useradd b/tests/subids/63_useradd_fill_gap4/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/group b/tests/subids/63_useradd_fill_gap4/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/gshadow b/tests/subids/63_useradd_fill_gap4/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/passwd b/tests/subids/63_useradd_fill_gap4/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/shadow b/tests/subids/63_useradd_fill_gap4/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/subgid b/tests/subids/63_useradd_fill_gap4/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/subuid b/tests/subids/63_useradd_fill_gap4/config/etc/subuid
new file mode 100644
index 0000000..5d64255
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/subuid
@@ -0,0 +1,3 @@
+root:100000:599990001
+# This is after max
+root:600100001:10000
diff --git a/tests/subids/63_useradd_fill_gap4/data/group b/tests/subids/63_useradd_fill_gap4/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/63_useradd_fill_gap4/data/gshadow b/tests/subids/63_useradd_fill_gap4/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/63_useradd_fill_gap4/data/passwd b/tests/subids/63_useradd_fill_gap4/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/63_useradd_fill_gap4/data/shadow b/tests/subids/63_useradd_fill_gap4/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/63_useradd_fill_gap4/data/subgid b/tests/subids/63_useradd_fill_gap4/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/63_useradd_fill_gap4/data/subuid b/tests/subids/63_useradd_fill_gap4/data/subuid
new file mode 100644
index 0000000..15b3a3c
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/subuid
@@ -0,0 +1,4 @@
+root:100000:599990001
+root:600100001:10000
+# This is after max
+foo:600090001:10000
diff --git a/tests/subids/63_useradd_fill_gap4/useradd.test b/tests/subids/63_useradd_fill_gap4/useradd.test
new file mode 100755
index 0000000..eb399cf
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd fills subids gaps in /etc/sub[ug]id"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/64_useradd_fill_gap5/config.txt b/tests/subids/64_useradd_fill_gap5/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config.txt
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/default/useradd b/tests/subids/64_useradd_fill_gap5/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/group b/tests/subids/64_useradd_fill_gap5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/gshadow b/tests/subids/64_useradd_fill_gap5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/passwd b/tests/subids/64_useradd_fill_gap5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/shadow b/tests/subids/64_useradd_fill_gap5/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/subgid b/tests/subids/64_useradd_fill_gap5/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/subuid b/tests/subids/64_useradd_fill_gap5/config/etc/subuid
new file mode 100644
index 0000000..c178aee
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/subuid
@@ -0,0 +1,3 @@
+root:100000:599990001
+# This is after max
+root:600100002:10000
diff --git a/tests/subids/64_useradd_fill_gap5/data/group b/tests/subids/64_useradd_fill_gap5/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/64_useradd_fill_gap5/data/gshadow b/tests/subids/64_useradd_fill_gap5/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/64_useradd_fill_gap5/data/passwd b/tests/subids/64_useradd_fill_gap5/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/64_useradd_fill_gap5/data/shadow b/tests/subids/64_useradd_fill_gap5/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/64_useradd_fill_gap5/data/subgid b/tests/subids/64_useradd_fill_gap5/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/64_useradd_fill_gap5/data/subuid b/tests/subids/64_useradd_fill_gap5/data/subuid
new file mode 100644
index 0000000..a992af1
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/subuid
@@ -0,0 +1,4 @@
+root:100000:599990001
+root:600100002:10000
+# This is after max
+foo:600090001:10000
diff --git a/tests/subids/64_useradd_fill_gap5/useradd.test b/tests/subids/64_useradd_fill_gap5/useradd.test
new file mode 100755
index 0000000..eb399cf
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd fills subids gaps in /etc/sub[ug]id"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/65_useradd_fill_gap6/config.txt b/tests/subids/65_useradd_fill_gap6/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config.txt
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/default/useradd b/tests/subids/65_useradd_fill_gap6/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/group b/tests/subids/65_useradd_fill_gap6/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/gshadow b/tests/subids/65_useradd_fill_gap6/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/passwd b/tests/subids/65_useradd_fill_gap6/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/shadow b/tests/subids/65_useradd_fill_gap6/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/subgid b/tests/subids/65_useradd_fill_gap6/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/subuid b/tests/subids/65_useradd_fill_gap6/config/etc/subuid
new file mode 100644
index 0000000..7f96123
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/subuid
@@ -0,0 +1 @@
+root:90000:5000
diff --git a/tests/subids/65_useradd_fill_gap6/data/group b/tests/subids/65_useradd_fill_gap6/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/65_useradd_fill_gap6/data/gshadow b/tests/subids/65_useradd_fill_gap6/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/65_useradd_fill_gap6/data/passwd b/tests/subids/65_useradd_fill_gap6/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/65_useradd_fill_gap6/data/shadow b/tests/subids/65_useradd_fill_gap6/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/65_useradd_fill_gap6/data/subgid b/tests/subids/65_useradd_fill_gap6/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/65_useradd_fill_gap6/data/subuid b/tests/subids/65_useradd_fill_gap6/data/subuid
new file mode 100644
index 0000000..d275cb0
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/subuid
@@ -0,0 +1,2 @@
+root:90000:5000
+foo:100000:10000
diff --git a/tests/subids/65_useradd_fill_gap6/useradd.test b/tests/subids/65_useradd_fill_gap6/useradd.test
new file mode 100755
index 0000000..11baa08
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd create subids in /etc/sub[ug]id (range occupied before min)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/66_subordinate_range_cmp/config.txt b/tests/subids/66_subordinate_range_cmp/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config.txt
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/default/useradd b/tests/subids/66_subordinate_range_cmp/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/group b/tests/subids/66_subordinate_range_cmp/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/gshadow b/tests/subids/66_subordinate_range_cmp/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/passwd b/tests/subids/66_subordinate_range_cmp/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/shadow b/tests/subids/66_subordinate_range_cmp/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/subgid b/tests/subids/66_subordinate_range_cmp/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/subuid b/tests/subids/66_subordinate_range_cmp/config/etc/subuid
new file mode 100644
index 0000000..973cff0
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/subuid
@@ -0,0 +1,15 @@
+#1
+root:90000:5000
+sfoo:300000:10000
+root:300000:10000
+root:200000:15000
+root:200000:10000
+root:100000:5000
+#2
+root:90000:5000
+root:200000:10000
+root:200000:15000
+root:300000:10000
+sfoo:300000:10000
+root:100000:5000
+#3
diff --git a/tests/subids/66_subordinate_range_cmp/data/group b/tests/subids/66_subordinate_range_cmp/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/66_subordinate_range_cmp/data/gshadow b/tests/subids/66_subordinate_range_cmp/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/66_subordinate_range_cmp/data/passwd b/tests/subids/66_subordinate_range_cmp/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/66_subordinate_range_cmp/data/shadow b/tests/subids/66_subordinate_range_cmp/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/66_subordinate_range_cmp/data/subgid b/tests/subids/66_subordinate_range_cmp/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/66_subordinate_range_cmp/data/subuid b/tests/subids/66_subordinate_range_cmp/data/subuid
new file mode 100644
index 0000000..1bd0022
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/subuid
@@ -0,0 +1,16 @@
+root:90000:5000
+root:90000:5000
+root:100000:5000
+root:100000:5000
+root:200000:10000
+root:200000:10000
+root:200000:15000
+root:200000:15000
+root:300000:10000
+root:300000:10000
+sfoo:300000:10000
+sfoo:300000:10000
+#3
+#2
+#1
+foo:105000:10000
diff --git a/tests/subids/66_subordinate_range_cmp/useradd.test b/tests/subids/66_subordinate_range_cmp/useradd.test
new file mode 100755
index 0000000..966db07
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "test the sort algorithm for subordinate IDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/67_invalid_subuid_file1/config.txt b/tests/subids/67_invalid_subuid_file1/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config.txt
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/default/useradd b/tests/subids/67_invalid_subuid_file1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/group b/tests/subids/67_invalid_subuid_file1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/gshadow b/tests/subids/67_invalid_subuid_file1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/passwd b/tests/subids/67_invalid_subuid_file1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/shadow b/tests/subids/67_invalid_subuid_file1/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/subgid b/tests/subids/67_invalid_subuid_file1/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/subuid b/tests/subids/67_invalid_subuid_file1/config/etc/subuid
new file mode 100644
index 0000000..5ebb946
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/subuid
@@ -0,0 +1,2 @@
+root::5000
+root:200000:10000
diff --git a/tests/subids/67_invalid_subuid_file1/data/group b/tests/subids/67_invalid_subuid_file1/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/67_invalid_subuid_file1/data/gshadow b/tests/subids/67_invalid_subuid_file1/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/67_invalid_subuid_file1/data/passwd b/tests/subids/67_invalid_subuid_file1/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/67_invalid_subuid_file1/data/shadow b/tests/subids/67_invalid_subuid_file1/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/67_invalid_subuid_file1/data/subgid b/tests/subids/67_invalid_subuid_file1/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/67_invalid_subuid_file1/data/subuid b/tests/subids/67_invalid_subuid_file1/data/subuid
new file mode 100644
index 0000000..492cd04
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/subuid
@@ -0,0 +1,3 @@
+root:200000:10000
+root::5000
+foo:100000:10000
diff --git a/tests/subids/67_invalid_subuid_file1/useradd.test b/tests/subids/67_invalid_subuid_file1/useradd.test
new file mode 100755
index 0000000..acdd793
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd ignores invalid lines in /etc/subuid (no numerical subordinate user ID)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/68_invalid_subuid_file2/config.txt b/tests/subids/68_invalid_subuid_file2/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config.txt
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/default/useradd b/tests/subids/68_invalid_subuid_file2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/group b/tests/subids/68_invalid_subuid_file2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/gshadow b/tests/subids/68_invalid_subuid_file2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/passwd b/tests/subids/68_invalid_subuid_file2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/shadow b/tests/subids/68_invalid_subuid_file2/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/subgid b/tests/subids/68_invalid_subuid_file2/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/subuid b/tests/subids/68_invalid_subuid_file2/config/etc/subuid
new file mode 100644
index 0000000..154481d
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/subuid
@@ -0,0 +1,2 @@
+root:100000:
+root:200000:10000
diff --git a/tests/subids/68_invalid_subuid_file2/data/group b/tests/subids/68_invalid_subuid_file2/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/68_invalid_subuid_file2/data/gshadow b/tests/subids/68_invalid_subuid_file2/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/68_invalid_subuid_file2/data/passwd b/tests/subids/68_invalid_subuid_file2/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/68_invalid_subuid_file2/data/shadow b/tests/subids/68_invalid_subuid_file2/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/68_invalid_subuid_file2/data/subgid b/tests/subids/68_invalid_subuid_file2/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/68_invalid_subuid_file2/data/subuid b/tests/subids/68_invalid_subuid_file2/data/subuid
new file mode 100644
index 0000000..162f05c
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/subuid
@@ -0,0 +1,3 @@
+root:200000:10000
+root:100000:
+foo:100000:10000
diff --git a/tests/subids/68_invalid_subuid_file2/useradd.test b/tests/subids/68_invalid_subuid_file2/useradd.test
new file mode 100755
index 0000000..fa67277
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd ignores invalid lines in /etc/subuid (no numerical subordinate user ID count)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/69_invalid_subuid_file3/config.txt b/tests/subids/69_invalid_subuid_file3/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config.txt
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/default/useradd b/tests/subids/69_invalid_subuid_file3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/group b/tests/subids/69_invalid_subuid_file3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/gshadow b/tests/subids/69_invalid_subuid_file3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/passwd b/tests/subids/69_invalid_subuid_file3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/shadow b/tests/subids/69_invalid_subuid_file3/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/subgid b/tests/subids/69_invalid_subuid_file3/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/subuid b/tests/subids/69_invalid_subuid_file3/config/etc/subuid
new file mode 100644
index 0000000..86fd00d
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/subuid
@@ -0,0 +1,2 @@
+:100000:10000
+root:200000:10000
diff --git a/tests/subids/69_invalid_subuid_file3/data/group b/tests/subids/69_invalid_subuid_file3/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/69_invalid_subuid_file3/data/gshadow b/tests/subids/69_invalid_subuid_file3/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/69_invalid_subuid_file3/data/passwd b/tests/subids/69_invalid_subuid_file3/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/69_invalid_subuid_file3/data/shadow b/tests/subids/69_invalid_subuid_file3/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/69_invalid_subuid_file3/data/subgid b/tests/subids/69_invalid_subuid_file3/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/69_invalid_subuid_file3/data/subuid b/tests/subids/69_invalid_subuid_file3/data/subuid
new file mode 100644
index 0000000..7faccee
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/subuid
@@ -0,0 +1,3 @@
+root:200000:10000
+:100000:10000
+foo:100000:10000
diff --git a/tests/subids/69_invalid_subuid_file3/useradd.test b/tests/subids/69_invalid_subuid_file3/useradd.test
new file mode 100755
index 0000000..89bc4cb
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd ignores invalid lines in /etc/subuid (no login name)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/70_invalid_subuid_file4/config.txt b/tests/subids/70_invalid_subuid_file4/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config.txt
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/default/useradd b/tests/subids/70_invalid_subuid_file4/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/group b/tests/subids/70_invalid_subuid_file4/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/gshadow b/tests/subids/70_invalid_subuid_file4/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/passwd b/tests/subids/70_invalid_subuid_file4/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/shadow b/tests/subids/70_invalid_subuid_file4/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/subgid b/tests/subids/70_invalid_subuid_file4/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/subuid b/tests/subids/70_invalid_subuid_file4/config/etc/subuid
new file mode 100644
index 0000000..c8f2b70
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/subuid
@@ -0,0 +1,5 @@
+root:-1:10000
+root:100000:-1
+root:100000a:10000
+root:100000:10000a
+root:200000:10000
diff --git a/tests/subids/70_invalid_subuid_file4/data/group b/tests/subids/70_invalid_subuid_file4/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/70_invalid_subuid_file4/data/gshadow b/tests/subids/70_invalid_subuid_file4/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/70_invalid_subuid_file4/data/passwd b/tests/subids/70_invalid_subuid_file4/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/70_invalid_subuid_file4/data/shadow b/tests/subids/70_invalid_subuid_file4/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/70_invalid_subuid_file4/data/subgid b/tests/subids/70_invalid_subuid_file4/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/70_invalid_subuid_file4/data/subuid b/tests/subids/70_invalid_subuid_file4/data/subuid
new file mode 100644
index 0000000..d162a80
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/subuid
@@ -0,0 +1,6 @@
+root:200000:10000
+root:100000:10000a
+root:100000a:10000
+root:100000:-1
+root:-1:10000
+foo:100000:10000
diff --git a/tests/subids/70_invalid_subuid_file4/useradd.test b/tests/subids/70_invalid_subuid_file4/useradd.test
new file mode 100755
index 0000000..a20e0e9
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd ignores invalid lines in /etc/subuid (invalid numerical values)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/01_useradd_add_user.test b/tests/usertools/01/01_useradd_add_user.test
new file mode 100755
index 0000000..dfd0366
--- /dev/null
+++ b/tests/usertools/01/01_useradd_add_user.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_useradd_add_user/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_useradd_add_user/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_useradd_add_user/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_useradd_add_user/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/01_useradd_add_user/group b/tests/usertools/01/01_useradd_add_user/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/01_useradd_add_user/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/01_useradd_add_user/gshadow b/tests/usertools/01/01_useradd_add_user/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/01_useradd_add_user/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/01_useradd_add_user/passwd b/tests/usertools/01/01_useradd_add_user/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/01_useradd_add_user/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/01_useradd_add_user/shadow b/tests/usertools/01/01_useradd_add_user/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/01_useradd_add_user/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/01_userdel_delete_user.test b/tests/usertools/01/01_userdel_delete_user.test
new file mode 100755
index 0000000..132e16a
--- /dev/null
+++ b/tests/usertools/01/01_userdel_delete_user.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Delete user test1 (userdel test1)..."
+userdel test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user.test b/tests/usertools/01/02_useradd_recreate_deleted_user.test
new file mode 100755
index 0000000..44721f5
--- /dev/null
+++ b/tests/usertools/01/02_useradd_recreate_deleted_user.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Delete user test1 (userdel test1)..."
+userdel test1
+echo "OK"
+echo -n "Create user test2 (useradd test1)..."
+useradd test2
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 02_useradd_recreate_deleted_user/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 02_useradd_recreate_deleted_user/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 02_useradd_recreate_deleted_user/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_useradd_recreate_deleted_user/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/group b/tests/usertools/01/02_useradd_recreate_deleted_user/group
new file mode 100644
index 0000000..3b8e510
--- /dev/null
+++ b/tests/usertools/01/02_useradd_recreate_deleted_user/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test2:x:1000:
diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/gshadow b/tests/usertools/01/02_useradd_recreate_deleted_user/gshadow
new file mode 100644
index 0000000..73d0298
--- /dev/null
+++ b/tests/usertools/01/02_useradd_recreate_deleted_user/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test2:!::
diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/passwd b/tests/usertools/01/02_useradd_recreate_deleted_user/passwd
new file mode 100644
index 0000000..0a8cf88
--- /dev/null
+++ b/tests/usertools/01/02_useradd_recreate_deleted_user/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test2:x:1000:1000::/home/test2:/bin/sh
diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/shadow b/tests/usertools/01/02_useradd_recreate_deleted_user/shadow
new file mode 100644
index 0000000..1ca61d8
--- /dev/null
+++ b/tests/usertools/01/02_useradd_recreate_deleted_user/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test2:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/03_useradd_additional_options.test b/tests/usertools/01/03_useradd_additional_options.test
new file mode 100755
index 0000000..5808e45
--- /dev/null
+++ b/tests/usertools/01/03_useradd_additional_options.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd options --comment, --expiredate, --shell, --inactive, --home-dir"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test3 with options)..."
+useradd --comment "comment test3" \
+ --expiredate "2006-02-04" \
+ --shell "/bin/bash" \
+ --inactive "12" \
+ --home-dir "/nonexistenthomedir" \
+ test3
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 03_useradd_additional_options/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 03_useradd_additional_options/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 03_useradd_additional_options/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 03_useradd_additional_options/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir /home/test3..."
+test ! -d /home/test3
+echo "OK"
+echo -n "no homedir /nonexistenthomedir..."
+test ! -d /nonexistenthomedir
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/03_useradd_additional_options/group b/tests/usertools/01/03_useradd_additional_options/group
new file mode 100644
index 0000000..a0c1381
--- /dev/null
+++ b/tests/usertools/01/03_useradd_additional_options/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test3:x:1000:
diff --git a/tests/usertools/01/03_useradd_additional_options/gshadow b/tests/usertools/01/03_useradd_additional_options/gshadow
new file mode 100644
index 0000000..88e4ab1
--- /dev/null
+++ b/tests/usertools/01/03_useradd_additional_options/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test3:!::
diff --git a/tests/usertools/01/03_useradd_additional_options/passwd b/tests/usertools/01/03_useradd_additional_options/passwd
new file mode 100644
index 0000000..725da57
--- /dev/null
+++ b/tests/usertools/01/03_useradd_additional_options/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test3:x:1000:1000:comment test3:/nonexistenthomedir:/bin/bash
diff --git a/tests/usertools/01/03_useradd_additional_options/shadow b/tests/usertools/01/03_useradd_additional_options/shadow
new file mode 100644
index 0000000..77fbfbc
--- /dev/null
+++ b/tests/usertools/01/03_useradd_additional_options/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test3:!:@TODAY@:0:99999:7:12:13183:
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail.test b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail.test
new file mode 100755
index 0000000..7332451
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with an existing ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4242 test1)..."
+useradd -u 4242 test1
+echo "OK"
+echo -n "Create user test2 with the same ID (useradd -u 4242 test2)..."
+useradd -u 4242 test2 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+echo "All right, useradd returned error $status."
+echo -n "Check returned status..."
+test "$status" = "4"
+echo "OK"
+
+echo "useradd displayed:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au 04_useradd_add_user_with_existing_UID_fail/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/group b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/group
new file mode 100644
index 0000000..6c7895c
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:4242:
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/gshadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/passwd b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/passwd
new file mode 100644
index 0000000..4b6c808
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4242:4242::/home/test1:/bin/sh
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/shadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/useradd.err b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/useradd.err
new file mode 100644
index 0000000..23e5962
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/useradd.err
@@ -0,0 +1 @@
+useradd: UID 4242 is not unique
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test
new file mode 100755
index 0000000..b630c67
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified existing ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4242 test1)..."
+useradd -u 4242 test1
+echo "OK"
+echo -n "Create user test2 with the same ID (useradd -u 4242 -o test2)..."
+useradd -u 4242 -o test2
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir /home/test1..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir /home/test2..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/group b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/group
new file mode 100644
index 0000000..a951b25
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:4242:
+test2:x:4243:
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/gshadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/gshadow
new file mode 100644
index 0000000..11e7389
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
+test2:!::
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/passwd b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/passwd
new file mode 100644
index 0000000..58c50dd
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4242:4242::/home/test1:/bin/sh
+test2:x:4242:4243::/home/test2:/bin/sh
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/shadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/shadow
new file mode 100644
index 0000000..4c40f47
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
+test2:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/04_useradd_specified_UID.test b/tests/usertools/01/04_useradd_specified_UID.test
new file mode 100755
index 0000000..240899b
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4242 test1)..."
+useradd -u 4242 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_useradd_specified_UID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_useradd_specified_UID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_useradd_specified_UID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_useradd_specified_UID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/04_useradd_specified_UID/group b/tests/usertools/01/04_useradd_specified_UID/group
new file mode 100644
index 0000000..6c7895c
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:4242:
diff --git a/tests/usertools/01/04_useradd_specified_UID/gshadow b/tests/usertools/01/04_useradd_specified_UID/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/04_useradd_specified_UID/passwd b/tests/usertools/01/04_useradd_specified_UID/passwd
new file mode 100644
index 0000000..4b6c808
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4242:4242::/home/test1:/bin/sh
diff --git a/tests/usertools/01/04_useradd_specified_UID/shadow b/tests/usertools/01/04_useradd_specified_UID/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID.test b/tests/usertools/01/04_useradd_specified_UID_and_GID.test
new file mode 100755
index 0000000..1e11971
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID_and_GID.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified existing UID and GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4242 test1)..."
+useradd -u 4242 test1
+echo "OK"
+echo -n "Create user test2 with the same ID (useradd -u 4242 -g 4242 -o test2)..."
+useradd -u 4242 -g 4242 -o test2
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_useradd_specified_UID_and_GID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_useradd_specified_UID_and_GID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_useradd_specified_UID_and_GID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_useradd_specified_UID_and_GID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir /home/test1..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir /home/test2..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/group b/tests/usertools/01/04_useradd_specified_UID_and_GID/group
new file mode 100644
index 0000000..6c7895c
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:4242:
diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/gshadow b/tests/usertools/01/04_useradd_specified_UID_and_GID/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/passwd b/tests/usertools/01/04_useradd_specified_UID_and_GID/passwd
new file mode 100644
index 0000000..2603e1e
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4242:4242::/home/test1:/bin/sh
+test2:x:4242:4242::/home/test2:/bin/sh
diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/shadow b/tests/usertools/01/04_useradd_specified_UID_and_GID/shadow
new file mode 100644
index 0000000..4c40f47
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
+test2:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID.test b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID.test
new file mode 100755
index 0000000..de2a189
--- /dev/null
+++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID.test
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Remove an user with a duplicate ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4242 test1)..."
+useradd -u 4242 test1
+echo "OK"
+echo -n "Create user test2 with the same ID (useradd -u 4242 -o test2)..."
+useradd -u 4242 -o test2
+echo "OK"
+echo -n "Delete user test2 (userdel test2)..."
+userdel test2
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir /home/test1..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir /home/test2..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/group b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/group
new file mode 100644
index 0000000..6c7895c
--- /dev/null
+++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:4242:
diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/gshadow b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/passwd b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/passwd
new file mode 100644
index 0000000..4b6c808
--- /dev/null
+++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4242:4242::/home/test1:/bin/sh
diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/shadow b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/05_useradd_invalid_numeric_primary_group.test b/tests/usertools/01/05_useradd_invalid_numeric_primary_group.test
new file mode 100755
index 0000000..04b4bd0
--- /dev/null
+++ b/tests/usertools/01/05_useradd_invalid_numeric_primary_group.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified unexisting GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -g 4242 test1)..."
+useradd -g 4242 test1 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+echo "OK"
+echo "All right, useradd returned error $status."
+echo -n "Check returned status..."
+test "$status" = "6"
+echo "OK"
+
+echo "useradd displayed:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au 05_useradd_invalid_numeric_primary_group/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/05_useradd_invalid_numeric_primary_group/useradd.err b/tests/usertools/01/05_useradd_invalid_numeric_primary_group/useradd.err
new file mode 100644
index 0000000..eb2629d
--- /dev/null
+++ b/tests/usertools/01/05_useradd_invalid_numeric_primary_group/useradd.err
@@ -0,0 +1 @@
+useradd: group '4242' does not exist
diff --git a/tests/usertools/01/06_useradd_invalid_named_primary_group.test b/tests/usertools/01/06_useradd_invalid_named_primary_group.test
new file mode 100755
index 0000000..ea02d5f
--- /dev/null
+++ b/tests/usertools/01/06_useradd_invalid_named_primary_group.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified unexisting GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1 -g nekral)..."
+useradd test1 -g nekral 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+echo "OK"
+echo "All right, useradd returned error $status."
+echo -n "Check returned status..."
+test "$status" = "6"
+echo "OK"
+
+echo "useradd displayed:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au 06_useradd_invalid_named_primary_group/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/06_useradd_invalid_named_primary_group/useradd.err b/tests/usertools/01/06_useradd_invalid_named_primary_group/useradd.err
new file mode 100644
index 0000000..2b201fe
--- /dev/null
+++ b/tests/usertools/01/06_useradd_invalid_named_primary_group/useradd.err
@@ -0,0 +1 @@
+useradd: group 'nekral' does not exist
diff --git a/tests/usertools/01/07_useradd_numerical_primary_group.test b/tests/usertools/01/07_useradd_numerical_primary_group.test
new file mode 100755
index 0000000..1f1f14c
--- /dev/null
+++ b/tests/usertools/01/07_useradd_numerical_primary_group.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a numerical GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -g 1 test1)..."
+useradd -g 1 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 07_useradd_numerical_primary_group/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 07_useradd_numerical_primary_group/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 07_useradd_numerical_primary_group/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 07_useradd_numerical_primary_group/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/group b/tests/usertools/01/07_useradd_numerical_primary_group/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/07_useradd_numerical_primary_group/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/gshadow b/tests/usertools/01/07_useradd_numerical_primary_group/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/07_useradd_numerical_primary_group/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/passwd b/tests/usertools/01/07_useradd_numerical_primary_group/passwd
new file mode 100644
index 0000000..902efbe
--- /dev/null
+++ b/tests/usertools/01/07_useradd_numerical_primary_group/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1::/home/test1:/bin/sh
diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/shadow b/tests/usertools/01/07_useradd_numerical_primary_group/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/07_useradd_numerical_primary_group/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/08_useradd_named_primary_group.test b/tests/usertools/01/08_useradd_named_primary_group.test
new file mode 100755
index 0000000..d18acdf
--- /dev/null
+++ b/tests/usertools/01/08_useradd_named_primary_group.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a named GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1 -g nogroup)..."
+useradd test1 -g nogroup
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 08_useradd_named_primary_group/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 08_useradd_named_primary_group/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 08_useradd_named_primary_group/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 08_useradd_named_primary_group/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/08_useradd_named_primary_group/group b/tests/usertools/01/08_useradd_named_primary_group/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/08_useradd_named_primary_group/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/08_useradd_named_primary_group/gshadow b/tests/usertools/01/08_useradd_named_primary_group/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/08_useradd_named_primary_group/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/08_useradd_named_primary_group/passwd b/tests/usertools/01/08_useradd_named_primary_group/passwd
new file mode 100644
index 0000000..42ef2e2
--- /dev/null
+++ b/tests/usertools/01/08_useradd_named_primary_group/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:65534::/home/test1:/bin/sh
diff --git a/tests/usertools/01/08_useradd_named_primary_group/shadow b/tests/usertools/01/08_useradd_named_primary_group/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/08_useradd_named_primary_group/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/09_usermod_change_user_info.test b/tests/usertools/01/09_usermod_change_user_info.test
new file mode 100755
index 0000000..75d00b2
--- /dev/null
+++ b/tests/usertools/01/09_usermod_change_user_info.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change user information with usermod"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user test1..."
+usermod -g 1 --comment "comment" -e 2000-09-01 -f 17 -s /bin/bash -d /tmp test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 09_usermod_change_user_info/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 09_usermod_change_user_info/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 09_usermod_change_user_info/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 09_usermod_change_user_info/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/09_usermod_change_user_info/group b/tests/usertools/01/09_usermod_change_user_info/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/09_usermod_change_user_info/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/09_usermod_change_user_info/gshadow b/tests/usertools/01/09_usermod_change_user_info/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/09_usermod_change_user_info/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/09_usermod_change_user_info/passwd b/tests/usertools/01/09_usermod_change_user_info/passwd
new file mode 100644
index 0000000..60c8e45
--- /dev/null
+++ b/tests/usertools/01/09_usermod_change_user_info/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1:comment:/tmp:/bin/bash
diff --git a/tests/usertools/01/09_usermod_change_user_info/shadow b/tests/usertools/01/09_usermod_change_user_info/shadow
new file mode 100644
index 0000000..cf6bc25
--- /dev/null
+++ b/tests/usertools/01/09_usermod_change_user_info/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:17:11201:
diff --git a/tests/usertools/01/10_usermod_rename_user.test b/tests/usertools/01/10_usermod_rename_user.test
new file mode 100755
index 0000000..202e9b6
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Rename user test1 to test2 (usermod -l test2 test1)..."
+usermod -l test2 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 10_usermod_rename_user/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 10_usermod_rename_user/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 10_usermod_rename_user/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 10_usermod_rename_user/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir (/home/test1)..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir (/home/test2)..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/10_usermod_rename_user/group b/tests/usertools/01/10_usermod_rename_user/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/10_usermod_rename_user/gshadow b/tests/usertools/01/10_usermod_rename_user/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/10_usermod_rename_user/passwd b/tests/usertools/01/10_usermod_rename_user/passwd
new file mode 100644
index 0000000..0d1ab51
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test2:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/10_usermod_rename_user/shadow b/tests/usertools/01/10_usermod_rename_user/shadow
new file mode 100644
index 0000000..1ca61d8
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test2:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/10_usermod_rename_user_in_group.test b/tests/usertools/01/10_usermod_rename_user_in_group.test
new file mode 100755
index 0000000..374acab
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user_in_group.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 also in group daemon (useradd test1 -G daemon)..."
+useradd test1 -G daemon
+echo "OK"
+echo -n "Rename user test1 to test2 (usermod -l test2 test1)..."
+usermod -l test2 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 10_usermod_rename_user_in_group/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 10_usermod_rename_user_in_group/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 10_usermod_rename_user_in_group/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 10_usermod_rename_user_in_group/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir (/home/test1)..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir (/home/test2)..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/group b/tests/usertools/01/10_usermod_rename_user_in_group/group
new file mode 100644
index 0000000..271a2c3
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user_in_group/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:test2
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/gshadow b/tests/usertools/01/10_usermod_rename_user_in_group/gshadow
new file mode 100644
index 0000000..879d206
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user_in_group/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::test2
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/passwd b/tests/usertools/01/10_usermod_rename_user_in_group/passwd
new file mode 100644
index 0000000..0d1ab51
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user_in_group/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test2:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/shadow b/tests/usertools/01/10_usermod_rename_user_in_group/shadow
new file mode 100644
index 0000000..1ca61d8
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user_in_group/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test2:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/11_usermod_change_password.test b/tests/usertools/01/11_usermod_change_password.test
new file mode 100755
index 0000000..a6e7ace
--- /dev/null
+++ b/tests/usertools/01/11_usermod_change_password.test
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user's password..."
+usermod -p '$1$12345678$0jEt1CYOyE.5NxWFMZyZy1' test1
+# (test1F00barbaz)
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 11_usermod_change_password/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 11_usermod_change_password/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 11_usermod_change_password/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 11_usermod_change_password/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/11_usermod_change_password/group b/tests/usertools/01/11_usermod_change_password/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/11_usermod_change_password/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/11_usermod_change_password/gshadow b/tests/usertools/01/11_usermod_change_password/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/11_usermod_change_password/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/11_usermod_change_password/passwd b/tests/usertools/01/11_usermod_change_password/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/11_usermod_change_password/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/11_usermod_change_password/shadow b/tests/usertools/01/11_usermod_change_password/shadow
new file mode 100644
index 0000000..72025a2
--- /dev/null
+++ b/tests/usertools/01/11_usermod_change_password/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:$1$12345678$0jEt1CYOyE.5NxWFMZyZy1:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/11_usermod_lock_password.test b/tests/usertools/01/11_usermod_lock_password.test
new file mode 100755
index 0000000..f5e6a9f
--- /dev/null
+++ b/tests/usertools/01/11_usermod_lock_password.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user's password..."
+usermod -p '$1$12345678$0jEt1CYOyE.5NxWFMZyZy1' test1
+# (test1F00barbaz)
+echo "OK"
+echo -n "Lock user's password..."
+usermod -L test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 11_usermod_lock_password/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 11_usermod_lock_password/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 11_usermod_lock_password/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 11_usermod_lock_password/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/11_usermod_lock_password/group b/tests/usertools/01/11_usermod_lock_password/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/11_usermod_lock_password/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/11_usermod_lock_password/gshadow b/tests/usertools/01/11_usermod_lock_password/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/11_usermod_lock_password/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/11_usermod_lock_password/passwd b/tests/usertools/01/11_usermod_lock_password/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/11_usermod_lock_password/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/11_usermod_lock_password/shadow b/tests/usertools/01/11_usermod_lock_password/shadow
new file mode 100644
index 0000000..5a236b7
--- /dev/null
+++ b/tests/usertools/01/11_usermod_lock_password/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!$1$12345678$0jEt1CYOyE.5NxWFMZyZy1:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password.test b/tests/usertools/01/11_usermod_unlock_empty_password.test
new file mode 100755
index 0000000..d12dfd8
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Unlock user's password..."
+usermod -U test1 2>tmp/err
+echo "OK"
+
+echo "usermod displayed:"
+echo "======================================================================="
+cat tmp/err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au 11_usermod_unlock_empty_password/usermod.err tmp/err
+echo "error message OK."
+rm -f tmp/err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 11_usermod_unlock_empty_password/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 11_usermod_unlock_empty_password/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 11_usermod_unlock_empty_password/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 11_usermod_unlock_empty_password/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/group b/tests/usertools/01/11_usermod_unlock_empty_password/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/gshadow b/tests/usertools/01/11_usermod_unlock_empty_password/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/passwd b/tests/usertools/01/11_usermod_unlock_empty_password/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/shadow b/tests/usertools/01/11_usermod_unlock_empty_password/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/usermod.err b/tests/usertools/01/11_usermod_unlock_empty_password/usermod.err
new file mode 100644
index 0000000..2564dbf
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password/usermod.err
@@ -0,0 +1,2 @@
+usermod: unlocking the user's password would result in a passwordless account.
+You should set a password with usermod -p to unlock this user's password.
diff --git a/tests/usertools/01/11_usermod_unlock_password.test b/tests/usertools/01/11_usermod_unlock_password.test
new file mode 100755
index 0000000..905b2c0
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_password.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user's password..."
+usermod -p '$1$12345678$0jEt1CYOyE.5NxWFMZyZy1' test1
+# (test1F00barbaz)
+echo "OK"
+echo -n "Lock user's password..."
+usermod -L test1
+echo "OK"
+echo -n "Unlock user's password..."
+usermod -U test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 11_usermod_unlock_password/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 11_usermod_unlock_password/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 11_usermod_unlock_password/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 11_usermod_unlock_password/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/11_usermod_unlock_password/group b/tests/usertools/01/11_usermod_unlock_password/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_password/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/11_usermod_unlock_password/gshadow b/tests/usertools/01/11_usermod_unlock_password/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_password/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/11_usermod_unlock_password/passwd b/tests/usertools/01/11_usermod_unlock_password/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_password/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/11_usermod_unlock_password/shadow b/tests/usertools/01/11_usermod_unlock_password/shadow
new file mode 100644
index 0000000..72025a2
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_password/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:$1$12345678$0jEt1CYOyE.5NxWFMZyZy1:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/12_usermod_change_gid_name.test b/tests/usertools/01/12_usermod_change_gid_name.test
new file mode 100755
index 0000000..8148149
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_name.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user's group..."
+usermod -g daemon test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 12_usermod_change_gid_name/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 12_usermod_change_gid_name/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 12_usermod_change_gid_name/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 12_usermod_change_gid_name/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/12_usermod_change_gid_name/group b/tests/usertools/01/12_usermod_change_gid_name/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_name/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/12_usermod_change_gid_name/gshadow b/tests/usertools/01/12_usermod_change_gid_name/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_name/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/12_usermod_change_gid_name/passwd b/tests/usertools/01/12_usermod_change_gid_name/passwd
new file mode 100644
index 0000000..902efbe
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_name/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1::/home/test1:/bin/sh
diff --git a/tests/usertools/01/12_usermod_change_gid_name/shadow b/tests/usertools/01/12_usermod_change_gid_name/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_name/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/12_usermod_change_gid_number.test b/tests/usertools/01/12_usermod_change_gid_number.test
new file mode 100755
index 0000000..e4172a8
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_number.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user's group..."
+usermod -g 1 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 12_usermod_change_gid_number/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 12_usermod_change_gid_number/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 12_usermod_change_gid_number/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 12_usermod_change_gid_number/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/12_usermod_change_gid_number/group b/tests/usertools/01/12_usermod_change_gid_number/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_number/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/12_usermod_change_gid_number/gshadow b/tests/usertools/01/12_usermod_change_gid_number/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_number/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/12_usermod_change_gid_number/passwd b/tests/usertools/01/12_usermod_change_gid_number/passwd
new file mode 100644
index 0000000..902efbe
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_number/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1::/home/test1:/bin/sh
diff --git a/tests/usertools/01/12_usermod_change_gid_number/shadow b/tests/usertools/01/12_usermod_change_gid_number/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_number/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/13_useradd_negative_UID.test b/tests/usertools/01/13_useradd_negative_UID.test
new file mode 100755
index 0000000..f049a91
--- /dev/null
+++ b/tests/usertools/01/13_useradd_negative_UID.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 with a negative UID (useradd -u -1 test1)..."
+msg=$(useradd -u -1 test1 2>&1) && exit 1 || {
+ status=$?
+}
+echo "OK"
+echo "useradd returned status $status,"
+echo "and displayed \"$msg\""
+echo -n "The returned status should be 3..."
+test "$status" = "3"
+echo "OK"
+echo -n "Test the error message (should be \"useradd: invalid user ID '-1'\")..."
+test "$msg" = "useradd: invalid user ID '-1'"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 13_useradd_negative_UID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 13_useradd_negative_UID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 13_useradd_negative_UID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 13_useradd_negative_UID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/13_useradd_negative_UID/group b/tests/usertools/01/13_useradd_negative_UID/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/13_useradd_negative_UID/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/13_useradd_negative_UID/gshadow b/tests/usertools/01/13_useradd_negative_UID/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/13_useradd_negative_UID/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/13_useradd_negative_UID/passwd b/tests/usertools/01/13_useradd_negative_UID/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/01/13_useradd_negative_UID/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/01/13_useradd_negative_UID/shadow b/tests/usertools/01/13_useradd_negative_UID/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/01/13_useradd_negative_UID/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/01/14_useradd_out_of_range_UID.test b/tests/usertools/01/14_useradd_out_of_range_UID.test
new file mode 100755
index 0000000..88cac26
--- /dev/null
+++ b/tests/usertools/01/14_useradd_out_of_range_UID.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 with UID 4294967296 (useradd -u 4294967296 test1)..."
+msg=$(useradd -u 4294967296 test1 2>&1) && exit 1 || {
+ status=$?
+}
+echo "OK"
+echo "useradd returned status $status,"
+echo "and displayed \"$msg\""
+echo -n "The returned status should be 3..."
+test "$status" = "3"
+echo "OK"
+echo -n "Test the error message (should be \"useradd: invalid user ID '4294967296'\")..."
+test "$msg" = "useradd: invalid user ID '4294967296'"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 14_useradd_out_of_range_UID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 14_useradd_out_of_range_UID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 14_useradd_out_of_range_UID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 14_useradd_out_of_range_UID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/group b/tests/usertools/01/14_useradd_out_of_range_UID/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/14_useradd_out_of_range_UID/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/gshadow b/tests/usertools/01/14_useradd_out_of_range_UID/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/14_useradd_out_of_range_UID/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/passwd b/tests/usertools/01/14_useradd_out_of_range_UID/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/01/14_useradd_out_of_range_UID/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/shadow b/tests/usertools/01/14_useradd_out_of_range_UID/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/01/14_useradd_out_of_range_UID/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/01/15_useradd_specified_large_UID.test b/tests/usertools/01/15_useradd_specified_large_UID.test
new file mode 100755
index 0000000..69fd5db
--- /dev/null
+++ b/tests/usertools/01/15_useradd_specified_large_UID.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 2147483647 test1)..."
+useradd -u 2147483647 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 15_useradd_specified_large_UID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 15_useradd_specified_large_UID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 15_useradd_specified_large_UID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 15_useradd_specified_large_UID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/15_useradd_specified_large_UID/group b/tests/usertools/01/15_useradd_specified_large_UID/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/15_useradd_specified_large_UID/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/15_useradd_specified_large_UID/gshadow b/tests/usertools/01/15_useradd_specified_large_UID/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/15_useradd_specified_large_UID/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/15_useradd_specified_large_UID/passwd b/tests/usertools/01/15_useradd_specified_large_UID/passwd
new file mode 100644
index 0000000..116c1c7
--- /dev/null
+++ b/tests/usertools/01/15_useradd_specified_large_UID/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:2147483647:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/15_useradd_specified_large_UID/shadow b/tests/usertools/01/15_useradd_specified_large_UID/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/15_useradd_specified_large_UID/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups.test b/tests/usertools/01/16_useradd_add_user_to_multiple_groups.test
new file mode 100755
index 0000000..3e0323e
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1, and add it to group src (useradd test1 -g src)..."
+useradd test1 -g nogroup -G src,daemon,bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/group b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/group
new file mode 100644
index 0000000..04d5635
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:test1
+bin:x:2:test1
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:test1
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/gshadow b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/gshadow
new file mode 100644
index 0000000..1605ab6
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::test1
+bin:*::test1
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::test1
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/passwd b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/passwd
new file mode 100644
index 0000000..42ef2e2
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:65534::/home/test1:/bin/sh
diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/shadow b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group.test b/tests/usertools/01/16_useradd_add_user_to_one_group.test
new file mode 100755
index 0000000..38c0020
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_one_group.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1, and add it to group src (useradd test1 -g src)..."
+useradd test1 -G src
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 16_useradd_add_user_to_one_group/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 16_useradd_add_user_to_one_group/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 16_useradd_add_user_to_one_group/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 16_useradd_add_user_to_one_group/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/group b/tests/usertools/01/16_useradd_add_user_to_one_group/group
new file mode 100644
index 0000000..1c6668e
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_one_group/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:test1
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/gshadow b/tests/usertools/01/16_useradd_add_user_to_one_group/gshadow
new file mode 100644
index 0000000..680a5dc
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_one_group/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::test1
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/passwd b/tests/usertools/01/16_useradd_add_user_to_one_group/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_one_group/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/shadow b/tests/usertools/01/16_useradd_add_user_to_one_group/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_one_group/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/17_useradd_create_homedir.test b/tests/usertools/01/17_useradd_create_homedir.test
new file mode 100755
index 0000000..cf27140
--- /dev/null
+++ b/tests/usertools/01/17_useradd_create_homedir.test
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 with homedir (useradd --create-home test1)..."
+useradd --create-home test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_useradd_add_user/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_useradd_add_user/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_useradd_add_user/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_useradd_add_user/gshadow /etc/gshadow
+echo "OK"
+echo -n "homedir created..."
+test -d /home/test1
+echo "OK"
+echo -n "Check if skeleton files were added..."
+diff -rauN /etc/skel /home/test1
+echo "OK"
+rm -rf /home/test1
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/17_useradd_create_homedir/group b/tests/usertools/01/17_useradd_create_homedir/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/17_useradd_create_homedir/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/17_useradd_create_homedir/gshadow b/tests/usertools/01/17_useradd_create_homedir/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/17_useradd_create_homedir/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/17_useradd_create_homedir/passwd b/tests/usertools/01/17_useradd_create_homedir/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/17_useradd_create_homedir/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/17_useradd_create_homedir/shadow b/tests/usertools/01/17_useradd_create_homedir/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/17_useradd_create_homedir/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/18_userdel_remove_homedir.test b/tests/usertools/01/18_userdel_remove_homedir.test
new file mode 100755
index 0000000..085381d
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 with homedir (useradd --create-home test1)..."
+useradd --create-home test1
+echo "OK"
+echo -n "Delete user test1 with homedir (userdel --remove test1)..."
+userdel --remove test1 2>tmp/userdel.err
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check the userdel message..."
+diff -au 18_userdel_remove_homedir/userdel.err tmp/userdel.err
+echo "userdel message OK."
+rm -f tmp/userdel.err
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "homedir removed..."
+test ! -d /home/test1
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/18_userdel_remove_homedir/group b/tests/usertools/01/18_userdel_remove_homedir/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/18_userdel_remove_homedir/gshadow b/tests/usertools/01/18_userdel_remove_homedir/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/18_userdel_remove_homedir/passwd b/tests/usertools/01/18_userdel_remove_homedir/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/18_userdel_remove_homedir/shadow b/tests/usertools/01/18_userdel_remove_homedir/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/18_userdel_remove_homedir/userdel.err b/tests/usertools/01/18_userdel_remove_homedir/userdel.err
new file mode 100644
index 0000000..0b2f1ff
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir/userdel.err
@@ -0,0 +1 @@
+userdel: test1 mail spool (/var/mail/test1) not found
diff --git a/tests/usertools/01/19_userdel_delete_user_in_group.test b/tests/usertools/01/19_userdel_delete_user_in_group.test
new file mode 100755
index 0000000..7787899
--- /dev/null
+++ b/tests/usertools/01/19_userdel_delete_user_in_group.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 and add it to groups daemon and bin (useradd test1 -G daemon,bin)..."
+useradd test1 -G daemon,bin
+echo "OK"
+echo -n "Delete user test1 (userdel test1)..."
+userdel test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/20_usermod_change_homedir.test b/tests/usertools/01/20_usermod_change_homedir.test
new file mode 100755
index 0000000..6ef6e8f
--- /dev/null
+++ b/tests/usertools/01/20_usermod_change_homedir.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 and its homedir (useradd test1 -m)..."
+useradd test1 -m
+echo "OK"
+echo -n "Change the user's homedir (usermod --home /home/test1.new test1)..."
+usermod --home /home/test1.new test1
+echo "OK"
+echo -n "Test if the new homedir was not created..."
+test ! -d /home/test1.new
+echo "OK"
+echo -n "test if the old homedir was kept..."
+test -d /home/test1
+echo "OK"
+echo -n "Delete user test1 (userdel test1)..."
+userdel test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "old homedir kept (/home/test1)..."
+test -d /home/test1
+echo "OK"
+echo -n "no homedir (/home/test1.new)..."
+test ! -d /home/test1.new
+echo "OK"
+rm -rf /home/test1
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/21_usermod_change_and_move_homedir.test b/tests/usertools/01/21_usermod_change_and_move_homedir.test
new file mode 100755
index 0000000..0f26920
--- /dev/null
+++ b/tests/usertools/01/21_usermod_change_and_move_homedir.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 and its homedir (useradd test1 -m)..."
+useradd test1 -m
+echo "OK"
+echo -n "Change the user's homedir (usermod -m --home /home/test1.new test1)..."
+usermod -m --home /home/test1.new test1
+echo "OK"
+echo -n "Test if the new homedir exists..."
+test -d /home/test1.new
+echo "OK"
+echo -n "test if the old homedir was removed..."
+test ! -d /home/test1
+echo "OK"
+echo -n "Delete user test1 (userdel test1)..."
+userdel test1 --remove 2>tmp/userdel.err
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check the userdel message..."
+diff -au 18_userdel_remove_homedir/userdel.err tmp/userdel.err
+echo "userdel message OK."
+rm -f tmp/userdel.err
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir (/home/test1)..."
+test ! -d /home/test1
+echo "OK"
+echo -n "no homedir (/home/test1.new)..."
+test ! -d /home/test1.new
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/22_usermod_new_groups.test b/tests/usertools/01/22_usermod_new_groups.test
new file mode 100755
index 0000000..2cbdfa2
--- /dev/null
+++ b/tests/usertools/01/22_usermod_new_groups.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Add test1 to groups nogroup, daemon, and src..."
+usermod -G nogroup,daemon,src test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 22_usermod_new_groups/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 22_usermod_new_groups/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 22_usermod_new_groups/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 22_usermod_new_groups/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/22_usermod_new_groups/group b/tests/usertools/01/22_usermod_new_groups/group
new file mode 100644
index 0000000..e529520
--- /dev/null
+++ b/tests/usertools/01/22_usermod_new_groups/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:test1
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:test1
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:test1
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/22_usermod_new_groups/gshadow b/tests/usertools/01/22_usermod_new_groups/gshadow
new file mode 100644
index 0000000..87749e3
--- /dev/null
+++ b/tests/usertools/01/22_usermod_new_groups/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::test1
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::test1
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::test1
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/22_usermod_new_groups/passwd b/tests/usertools/01/22_usermod_new_groups/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/22_usermod_new_groups/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/22_usermod_new_groups/shadow b/tests/usertools/01/22_usermod_new_groups/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/22_usermod_new_groups/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/23_usermod_add_groups.test b/tests/usertools/01/23_usermod_add_groups.test
new file mode 100755
index 0000000..754bdd4
--- /dev/null
+++ b/tests/usertools/01/23_usermod_add_groups.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 and add it to group bin (useradd test1 -G bin)..."
+useradd test1 -G bin
+echo "OK"
+echo -n "Add test1 to the additional groups nogroup, daemon, and src..."
+usermod -a -G nogroup,daemon,src test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 23_usermod_add_groups/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 23_usermod_add_groups/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 23_usermod_add_groups/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 23_usermod_add_groups/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/23_usermod_add_groups/group b/tests/usertools/01/23_usermod_add_groups/group
new file mode 100644
index 0000000..09243dd
--- /dev/null
+++ b/tests/usertools/01/23_usermod_add_groups/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:test1
+bin:x:2:test1
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:test1
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:test1
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/23_usermod_add_groups/gshadow b/tests/usertools/01/23_usermod_add_groups/gshadow
new file mode 100644
index 0000000..a572a19
--- /dev/null
+++ b/tests/usertools/01/23_usermod_add_groups/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::test1
+bin:*::test1
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::test1
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::test1
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/23_usermod_add_groups/passwd b/tests/usertools/01/23_usermod_add_groups/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/23_usermod_add_groups/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/23_usermod_add_groups/shadow b/tests/usertools/01/23_usermod_add_groups/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/23_usermod_add_groups/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups.test b/tests/usertools/01/24_usermod_new_groups_remove_old_groups.test
new file mode 100755
index 0000000..6b217c6
--- /dev/null
+++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 and add it to group bin (useradd test1 -G bin)..."
+useradd test1 -G bin
+echo "OK"
+echo -n "Change the groups of test1 to nogroup, daemon, and src..."
+usermod -G nogroup,daemon,src test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/group b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/group
new file mode 100644
index 0000000..e529520
--- /dev/null
+++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:test1
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:test1
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:test1
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/gshadow b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/gshadow
new file mode 100644
index 0000000..87749e3
--- /dev/null
+++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::test1
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::test1
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::test1
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/passwd b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/shadow b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/25_useradd_specified_large_UID2.test b/tests/usertools/01/25_useradd_specified_large_UID2.test
new file mode 100755
index 0000000..ed4858c
--- /dev/null
+++ b/tests/usertools/01/25_useradd_specified_large_UID2.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4294967294 test1)..."
+useradd -u 4294967294 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 25_useradd_specified_large_UID2/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 25_useradd_specified_large_UID2/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 25_useradd_specified_large_UID2/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 25_useradd_specified_large_UID2/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/group b/tests/usertools/01/25_useradd_specified_large_UID2/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/25_useradd_specified_large_UID2/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/gshadow b/tests/usertools/01/25_useradd_specified_large_UID2/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/25_useradd_specified_large_UID2/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/passwd b/tests/usertools/01/25_useradd_specified_large_UID2/passwd
new file mode 100644
index 0000000..cef4912
--- /dev/null
+++ b/tests/usertools/01/25_useradd_specified_large_UID2/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4294967294:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/shadow b/tests/usertools/01/25_useradd_specified_large_UID2/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/25_useradd_specified_large_UID2/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/26_useradd_UID_-1.test b/tests/usertools/01/26_useradd_UID_-1.test
new file mode 100755
index 0000000..18bedb5
--- /dev/null
+++ b/tests/usertools/01/26_useradd_UID_-1.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 with UID 4294967295 (useradd -u 4294967295 test1)..."
+msg=$(useradd -u 4294967295 test1 2>&1) && exit 1 || {
+ status=$?
+}
+echo "OK"
+echo "useradd returned status $status,"
+echo "and displayed \"$msg\""
+echo -n "The returned status should be 3..."
+test "$status" = "3"
+echo "OK"
+echo -n "Test the error message (should be \"useradd: invalid user ID '4294967295'\")..."
+test "$msg" = "useradd: invalid user ID '4294967295'"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 26_useradd_UID_-1/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 26_useradd_UID_-1/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 26_useradd_UID_-1/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 26_useradd_UID_-1/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/26_useradd_UID_-1/group b/tests/usertools/01/26_useradd_UID_-1/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/26_useradd_UID_-1/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/26_useradd_UID_-1/gshadow b/tests/usertools/01/26_useradd_UID_-1/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/26_useradd_UID_-1/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/26_useradd_UID_-1/passwd b/tests/usertools/01/26_useradd_UID_-1/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/01/26_useradd_UID_-1/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/01/26_useradd_UID_-1/shadow b/tests/usertools/01/26_useradd_UID_-1/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/01/26_useradd_UID_-1/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/01/config/etc/default/useradd b/tests/usertools/01/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/usertools/01/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/01/config/etc/group b/tests/usertools/01/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/config/etc/gshadow b/tests/usertools/01/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/config/etc/passwd b/tests/usertools/01/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/01/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/01/config/etc/shadow b/tests/usertools/01/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/01/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/02/config.txt b/tests/usertools/02/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/usertools/02/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/usertools/02/config/etc/default/useradd b/tests/usertools/02/config/etc/default/useradd
new file mode 100644
index 0000000..a834fef
--- /dev/null
+++ b/tests/usertools/02/config/etc/default/useradd
@@ -0,0 +1,37 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
diff --git a/tests/usertools/02/config/etc/group b/tests/usertools/02/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/usertools/02/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/usertools/02/config/etc/gshadow b/tests/usertools/02/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/usertools/02/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/usertools/02/config/etc/passwd b/tests/usertools/02/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/usertools/02/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/usertools/02/config/etc/shadow b/tests/usertools/02/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/usertools/02/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/usertools/02/data/useradd-D.out b/tests/usertools/02/data/useradd-D.out
new file mode 100644
index 0000000..a3f48f3
--- /dev/null
+++ b/tests/usertools/02/data/useradd-D.out
@@ -0,0 +1,7 @@
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=/bin/sh
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/data/useradd-D_default_values.out b/tests/usertools/02/data/useradd-D_default_values.out
new file mode 100644
index 0000000..1eb58e2
--- /dev/null
+++ b/tests/usertools/02/data/useradd-D_default_values.out
@@ -0,0 +1,7 @@
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_default_EXPIRE.test b/tests/usertools/02/useradd_change_default_EXPIRE.test
new file mode 100755
index 0000000..6901603
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_EXPIRE.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change default shell (useradd -D --expiredate 1979-11-24)..."
+useradd -D --expiredate 1979-11-24
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_default_EXPIRE/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_default_EXPIRE/useradd.default b/tests/usertools/02/useradd_change_default_EXPIRE/useradd.default
new file mode 100644
index 0000000..aa3cd2b
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_EXPIRE/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=1979-11-24
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_default_GROUP.test b/tests/usertools/02/useradd_change_default_GROUP.test
new file mode 100755
index 0000000..07ea62b
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_GROUP.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change default shell (useradd -D --gid nogroup)..."
+useradd -D --gid nogroup
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_default_GROUP/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_default_GROUP/useradd.default b/tests/usertools/02/useradd_change_default_GROUP/useradd.default
new file mode 100644
index 0000000..c26a28b
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_GROUP/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=65534
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_default_HOME.test b/tests/usertools/02/useradd_change_default_HOME.test
new file mode 100755
index 0000000..8d8357c
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_HOME.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change default shell (useradd -D --base-dir /tmp)..."
+useradd -D --base-dir /tmp
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_default_HOME/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_default_HOME/useradd.default b/tests/usertools/02/useradd_change_default_HOME/useradd.default
new file mode 100644
index 0000000..75953c6
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_HOME/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=100
+HOME=/tmp
+INACTIVE=-1
+EXPIRE=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_default_INACTIVE.test b/tests/usertools/02/useradd_change_default_INACTIVE.test
new file mode 100755
index 0000000..7257439
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_INACTIVE.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change default shell (useradd -D --inactive 10)..."
+useradd -D --inactive 10
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_default_INACTIVE/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_default_INACTIVE/useradd.default b/tests/usertools/02/useradd_change_default_INACTIVE/useradd.default
new file mode 100644
index 0000000..fc2f084
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_INACTIVE/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=100
+HOME=/home
+INACTIVE=10
+EXPIRE=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_default_SHELL.test b/tests/usertools/02/useradd_change_default_SHELL.test
new file mode 100755
index 0000000..d6c22dc
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_SHELL.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change default shell (useradd -D --shell /bin/foobar)..."
+useradd -D --shell /bin/foobar
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_default_SHELL/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_default_SHELL/useradd.default b/tests/usertools/02/useradd_change_default_SHELL/useradd.default
new file mode 100644
index 0000000..421f1a0
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_SHELL/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_defaults.test b/tests/usertools/02/useradd_change_defaults.test
new file mode 100755
index 0000000..665a995
--- /dev/null
+++ b/tests/usertools/02/useradd_change_defaults.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: set all default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change useradd defaults..."
+useradd -D -b /var/tmp -e 1979-11-24 -f 12 -g 1 -s /usr/bin/foobar
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_defaults/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_defaults/useradd.default b/tests/usertools/02/useradd_change_defaults/useradd.default
new file mode 100644
index 0000000..9edb781
--- /dev/null
+++ b/tests/usertools/02/useradd_change_defaults/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/usr/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=1
+HOME=/var/tmp
+INACTIVE=12
+EXPIRE=1979-11-24
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_default_default_values.test b/tests/usertools/02/useradd_default_default_values.test
new file mode 100755
index 0000000..4c6cf0e
--- /dev/null
+++ b/tests/usertools/02/useradd_default_default_values.test
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/default/useradd..."
+rm -f /etc/default/useradd
+echo "OK"
+
+echo -n "Get default values: 'useradd -D > tmp/out'..."
+useradd -D > tmp/out
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au data/useradd-D_default_values.out tmp/out
+echo "OK"
+
+rm -f tmp/out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_get_default_values.test b/tests/usertools/02/useradd_get_default_values.test
new file mode 100755
index 0000000..a18fb04
--- /dev/null
+++ b/tests/usertools/02/useradd_get_default_values.test
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get default values: 'useradd -D > tmp/out'..."
+useradd -D > tmp/out
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au data/useradd-D.out tmp/out
+echo "OK"
+
+rm -f tmp/out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/03/config.txt b/tests/usertools/03/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/usertools/03/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/usertools/03/config/etc/default/useradd b/tests/usertools/03/config/etc/default/useradd
new file mode 100644
index 0000000..f34b3ff
--- /dev/null
+++ b/tests/usertools/03/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+# SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/03/config/etc/group b/tests/usertools/03/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/usertools/03/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/usertools/03/config/etc/gshadow b/tests/usertools/03/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/usertools/03/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/usertools/03/config/etc/passwd b/tests/usertools/03/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/usertools/03/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/usertools/03/config/etc/shadow b/tests/usertools/03/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/usertools/03/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/usertools/03/useradd_change_defaults.test b/tests/usertools/03/useradd_change_defaults.test
new file mode 100755
index 0000000..665a995
--- /dev/null
+++ b/tests/usertools/03/useradd_change_defaults.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: set all default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change useradd defaults..."
+useradd -D -b /var/tmp -e 1979-11-24 -f 12 -g 1 -s /usr/bin/foobar
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_defaults/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/03/useradd_change_defaults/useradd.default b/tests/usertools/03/useradd_change_defaults/useradd.default
new file mode 100644
index 0000000..7ef8db6
--- /dev/null
+++ b/tests/usertools/03/useradd_change_defaults/useradd.default
@@ -0,0 +1,37 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+# SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=1
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/var/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=1979-11-24
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=yes
+SHELL=/usr/bin/foobar
diff --git a/tests/usertools/04/01_useradd_add_user.test b/tests/usertools/04/01_useradd_add_user.test
new file mode 100755
index 0000000..47aea8a
--- /dev/null
+++ b/tests/usertools/04/01_useradd_add_user.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_useradd_add_user/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_useradd_add_user/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_useradd_add_user/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_useradd_add_user/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir (/home/test1)..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir (/tmp/test1)..."
+test -d /tmp/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/04/01_useradd_add_user/group b/tests/usertools/04/01_useradd_add_user/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/04/01_useradd_add_user/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/04/01_useradd_add_user/gshadow b/tests/usertools/04/01_useradd_add_user/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/04/01_useradd_add_user/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/04/01_useradd_add_user/passwd b/tests/usertools/04/01_useradd_add_user/passwd
new file mode 100644
index 0000000..725e58b
--- /dev/null
+++ b/tests/usertools/04/01_useradd_add_user/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/tmp/test1:/bin/foobar
diff --git a/tests/usertools/04/01_useradd_add_user/shadow b/tests/usertools/04/01_useradd_add_user/shadow
new file mode 100644
index 0000000..116140f
--- /dev/null
+++ b/tests/usertools/04/01_useradd_add_user/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/04/config.txt b/tests/usertools/04/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/usertools/04/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/usertools/04/config/etc/default/useradd b/tests/usertools/04/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/04/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/04/config/etc/group b/tests/usertools/04/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/04/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/04/config/etc/gshadow b/tests/usertools/04/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/04/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/04/config/etc/passwd b/tests/usertools/04/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/04/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/04/config/etc/shadow b/tests/usertools/04/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/04/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/05_userdel_del_from_group_members/config.txt b/tests/usertools/05_userdel_del_from_group_members/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/default/useradd b/tests/usertools/05_userdel_del_from_group_members/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/group b/tests/usertools/05_userdel_del_from_group_members/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/gshadow b/tests/usertools/05_userdel_del_from_group_members/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/passwd b/tests/usertools/05_userdel_del_from_group_members/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/shadow b/tests/usertools/05_userdel_del_from_group_members/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/05_userdel_del_from_group_members/data/group b/tests/usertools/05_userdel_del_from_group_members/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/05_userdel_del_from_group_members/data/gshadow b/tests/usertools/05_userdel_del_from_group_members/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/05_userdel_del_from_group_members/data/passwd b/tests/usertools/05_userdel_del_from_group_members/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/05_userdel_del_from_group_members/data/shadow b/tests/usertools/05_userdel_del_from_group_members/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/05_userdel_del_from_group_members/userdel.test b/tests/usertools/05_userdel_del_from_group_members/userdel.test
new file mode 100755
index 0000000..89e749b
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel removes the user from the member lists of /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config.txt b/tests/usertools/06_userdel_del_from_gshadow_members/config.txt
new file mode 100644
index 0000000..73de400
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/gshadow only
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/default/useradd b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/group b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/group
new file mode 100644
index 0000000..0bf8d5d
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root,foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/gshadow b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/passwd b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/shadow b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/group b/tests/usertools/06_userdel_del_from_gshadow_members/data/group
new file mode 100644
index 0000000..838b9b9
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/gshadow b/tests/usertools/06_userdel_del_from_gshadow_members/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/passwd b/tests/usertools/06_userdel_del_from_gshadow_members/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/shadow b/tests/usertools/06_userdel_del_from_gshadow_members/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/userdel.test b/tests/usertools/06_userdel_del_from_gshadow_members/userdel.test
new file mode 100755
index 0000000..dd502f3
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel removes the user from the member lists of /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config.txt b/tests/usertools/07_userdel_del_from_gshadow_admins/config.txt
new file mode 100644
index 0000000..56313e3
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config.txt
@@ -0,0 +1,2 @@
+user foo, admin of group users according to /etc/gshadow
+user foo in group users according to /etc/group
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/default/useradd b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/group b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/group
new file mode 100644
index 0000000..f60e18c
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/gshadow b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/gshadow
new file mode 100644
index 0000000..59e5042
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/passwd b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/shadow b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/group b/tests/usertools/07_userdel_del_from_gshadow_admins/data/group
new file mode 100644
index 0000000..838b9b9
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/gshadow b/tests/usertools/07_userdel_del_from_gshadow_admins/data/gshadow
new file mode 100644
index 0000000..0f3592a
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/passwd b/tests/usertools/07_userdel_del_from_gshadow_admins/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/shadow b/tests/usertools/07_userdel_del_from_gshadow_admins/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/userdel.test b/tests/usertools/07_userdel_del_from_gshadow_admins/userdel.test
new file mode 100755
index 0000000..b14aeb2
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel removes the user from the admins lists of /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config.txt b/tests/usertools/08_userdel_del_from_group_and_gshadow/config.txt
new file mode 100644
index 0000000..d339d5a
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config.txt
@@ -0,0 +1,4 @@
+user foo, in group users and mail according to /etc/group
+user foo, in group disk and audio according to /etc/gshadow
+foo member and admin of group users according to /etc/gshadow
+root in group users
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/default/useradd b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/group b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/group
new file mode 100644
index 0000000..bb62de1
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:foo
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/gshadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..7556fcf
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::foo
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::foo
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo,root:root,foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/passwd b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/shadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/group b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/group
new file mode 100644
index 0000000..838b9b9
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/gshadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/gshadow
new file mode 100644
index 0000000..f8384c9
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:root:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/passwd b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/shadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/userdel.test b/tests/usertools/08_userdel_del_from_group_and_gshadow/userdel.test
new file mode 100755
index 0000000..db13fb4
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel removes the user from lists in /etc/group and /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/09_userdel_del_homedir/config.txt b/tests/usertools/09_userdel_del_homedir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/default/useradd b/tests/usertools/09_userdel_del_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/group b/tests/usertools/09_userdel_del_homedir/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/gshadow b/tests/usertools/09_userdel_del_homedir/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/passwd b/tests/usertools/09_userdel_del_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/shadow b/tests/usertools/09_userdel_del_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/09_userdel_del_homedir/data/group b/tests/usertools/09_userdel_del_homedir/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/09_userdel_del_homedir/data/gshadow b/tests/usertools/09_userdel_del_homedir/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/09_userdel_del_homedir/data/passwd b/tests/usertools/09_userdel_del_homedir/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/09_userdel_del_homedir/data/shadow b/tests/usertools/09_userdel_del_homedir/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/09_userdel_del_homedir/userdel.test b/tests/usertools/09_userdel_del_homedir/userdel.test
new file mode 100755
index 0000000..5d2a7aa
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/userdel.test
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can delete the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+mkdir /home/foo
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0
+echo toto > /home/foo/toto
+touch /var/mail/foo
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /var/mail/foo /home/foo' 0
+chown -R foo:foo /var/mail/foo /home/foo
+
+echo -n "Delete user foo (userdel -r foo)..."
+userdel -r foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's mail spool was removed..."
+test ! -f /var/mail/foo
+echo "OK"
+
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config.txt b/tests/usertools/10_userdel_del_homedir_wrong_owner/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/default/useradd b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/group b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/gshadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/passwd b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/shadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/group b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/gshadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/passwd b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/shadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/userdel.err b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/userdel.err
new file mode 100644
index 0000000..ca8e8ab
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/userdel.err
@@ -0,0 +1 @@
+userdel: /home/foo not owned by foo, not removing
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/userdel.test b/tests/usertools/10_userdel_del_homedir_wrong_owner/userdel.test
new file mode 100755
index 0000000..37b1674
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/userdel.test
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel does not delete the user's home directory if it is not owned by the user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /var/mail/foo /home/foo' 0
+
+change_config
+
+mkdir /home/foo
+echo toto > /home/foo/toto
+touch /var/mail/foo
+chown -R foo:foo /var/mail/foo
+chown -R root:root /home/foo
+
+echo -n "Delete user foo (userdel -r foo)..."
+userdel -r foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo "The user should have been removed."
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was not removed..."
+test -d /home/foo
+echo "OK"
+echo -n "Check the user's mail spool was removed..."
+test ! -f /var/mail/foo
+echo "OK"
+rm -rf /home/foo
+
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/11_usermod_move_homedir/config.txt b/tests/usertools/11_usermod_move_homedir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/default/useradd b/tests/usertools/11_usermod_move_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/group b/tests/usertools/11_usermod_move_homedir/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/gshadow b/tests/usertools/11_usermod_move_homedir/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/passwd b/tests/usertools/11_usermod_move_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/shadow b/tests/usertools/11_usermod_move_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/11_usermod_move_homedir/data/home_ls-a b/tests/usertools/11_usermod_move_homedir/data/home_ls-a
new file mode 100644
index 0000000..89bbbd9
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/data/home_ls-a
@@ -0,0 +1,3 @@
+-rw-r--r-- foo:foo `/home/foo2/toto'
+drwxr-xr-x foo:foo `/home/foo2/.'
+drwxr-xr-x root:root `/home/foo2/..'
diff --git a/tests/usertools/11_usermod_move_homedir/data/passwd b/tests/usertools/11_usermod_move_homedir/data/passwd
new file mode 100644
index 0000000..bc9a6f0
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/11_usermod_move_homedir/usermod.test b/tests/usertools/11_usermod_move_homedir/usermod.test
new file mode 100755
index 0000000..b0ebf5c
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/usermod.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0
+
+change_config
+
+mkdir /home/foo
+echo toto > /home/foo/toto
+chown -R foo:foo /home/foo
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /home/foo2
+echo "done"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config.txt b/tests/usertools/12_usermod_move_homedir_dev_null/config.txt
new file mode 100644
index 0000000..75f05ab
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config.txt
@@ -0,0 +1 @@
+user foo's home directory is /dev/null
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/default/useradd b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/group b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/gshadow b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/passwd b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/passwd
new file mode 100644
index 0000000..b1fd322
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/dev/null:/bin/false
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/shadow b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/data/passwd b/tests/usertools/12_usermod_move_homedir_dev_null/data/passwd
new file mode 100644
index 0000000..bc9a6f0
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/data/usermod.err b/tests/usertools/12_usermod_move_homedir_dev_null/data/usermod.err
new file mode 100644
index 0000000..f02fc5a
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/data/usermod.err
@@ -0,0 +1 @@
+usermod: The previous home directory (/dev/null) was not a directory. It is not removed and no home directories are created.
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/usermod.test b/tests/usertools/12_usermod_move_homedir_dev_null/usermod.test
new file mode 100755
index 0000000..c0ce1c1
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/usermod.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+# TBC: should usermod create the home directory?
+log_start "$0" "usermod does not move non-directory (/dev/null)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo2 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Make sure /dev/null was not removed..."
+test -c /dev/null
+echo "OK"
+echo -n "Make sure the user's home directory was not removed..."
+test ! -e /home/foo2
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/13_usermod_move_homedir_file/config.txt b/tests/usertools/13_usermod_move_homedir_file/config.txt
new file mode 100644
index 0000000..5e41c31
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config.txt
@@ -0,0 +1 @@
+user foo's home directory is /home/foo, which will be created by usermod.test as a regular file.
diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/default/useradd b/tests/usertools/13_usermod_move_homedir_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/group b/tests/usertools/13_usermod_move_homedir_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/gshadow b/tests/usertools/13_usermod_move_homedir_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/passwd b/tests/usertools/13_usermod_move_homedir_file/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/shadow b/tests/usertools/13_usermod_move_homedir_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/13_usermod_move_homedir_file/data/passwd b/tests/usertools/13_usermod_move_homedir_file/data/passwd
new file mode 100644
index 0000000..bc9a6f0
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/13_usermod_move_homedir_file/data/usermod.err b/tests/usertools/13_usermod_move_homedir_file/data/usermod.err
new file mode 100644
index 0000000..d271507
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/data/usermod.err
@@ -0,0 +1 @@
+usermod: The previous home directory (/home/foo) was not a directory. It is not removed and no home directories are created.
diff --git a/tests/usertools/13_usermod_move_homedir_file/usermod.test b/tests/usertools/13_usermod_move_homedir_file/usermod.test
new file mode 100755
index 0000000..2df56e0
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/usermod.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+# TBC: should usermod create the home directory?
+log_start "$0" "usermod does not move non-directory (regular file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /home/foo' 0
+
+change_config
+
+touch /home/foo
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo2 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check /home/foo was not removed..."
+test -f /home/foo
+echo "OK"
+echo -n "Check the user's home directory was not created..."
+test ! -e /home/foo2
+echo "OK"
+
+rm -f /home/foo
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config.txt b/tests/usertools/14_usermod_move_homedir_other_device/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/default/useradd b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/group b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/gshadow b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/passwd b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/shadow b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/data/home_ls-a b/tests/usertools/14_usermod_move_homedir_other_device/data/home_ls-a
new file mode 100644
index 0000000..f7abeaa
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/data/home_ls-a
@@ -0,0 +1,7 @@
+-rw-r--r-- foo:foo `/tmp/home/foo2/.tata'
+-rw-r--r-- foo:foo `/tmp/home/foo2/toto'
+crw-r--r-- foo:foo `/tmp/home/foo2/null'
+drwxr-xr-x foo:foo `/tmp/home/foo2/.'
+drwxr-xr-x foo:foo `/tmp/home/foo2/titi'
+drwxr-xr-x root:root `/tmp/home/foo2/..'
+lrwxrwxrwx foo:foo `/tmp/home/foo2/tutu' -> `/tmp/home/foo2/toto'
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/data/passwd b/tests/usertools/14_usermod_move_homedir_other_device/data/passwd
new file mode 100644
index 0000000..86c29de
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/home/foo2:/bin/false
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/usermod.test b/tests/usertools/14_usermod_move_homedir_other_device/usermod.test
new file mode 100755
index 0000000..e595ed3
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/usermod.test
@@ -0,0 +1,68 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod keeps links or devices when it moves the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2; umount /tmp/home; rmdir /tmp/home' 0
+
+change_config
+
+mkdir /home/foo
+mkdir /home/foo/titi
+echo toto > /home/foo/toto
+ln /home/foo/toto /home/foo/.tata
+ln -s /home/foo/toto /home/foo/tutu
+mknod /home/foo/null c 1 3
+chown -R foo:foo /home/foo
+
+mkdir /tmp/home
+mount --bind /home /tmp/home
+
+echo -n "Change the user's home directory (usermod -m -d /tmp/home/foo2 foo)..."
+usermod -m -d /tmp/home/foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/home/foo2/..."
+stat --printf "%A %U:%G %N\n" /tmp/home/foo2/* /tmp/home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /tmp/home/foo2
+echo "done"
+
+umount /tmp/home
+rmdir /tmp/home
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config.txt b/tests/usertools/15_usermod_change_supplementary_groups/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/default/useradd b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/group b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/gshadow b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/passwd b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/shadow b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/data/group b/tests/usertools/15_usermod_change_supplementary_groups/data/group
new file mode 100644
index 0000000..6de5fa5
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:foo
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/data/gshadow b/tests/usertools/15_usermod_change_supplementary_groups/data/gshadow
new file mode 100644
index 0000000..8df27c9
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::foo
+sys:*::root
+adm:*::root
+tty:*::
+disk:*:foo:
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:
+voice:*::
+cdrom:*:foo:
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/usermod.test b/tests/usertools/15_usermod_change_supplementary_groups/usermod.test
new file mode 100755
index 0000000..74d3ab7
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can change the list of supplementary groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin,daemon foo)..."
+usermod -G bin,daemon foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config.txt b/tests/usertools/16_usermod_remove_supplementary_groups/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/default/useradd b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/group b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/gshadow b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/passwd b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/shadow b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/data/group b/tests/usertools/16_usermod_remove_supplementary_groups/data/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/data/gshadow b/tests/usertools/16_usermod_remove_supplementary_groups/data/gshadow
new file mode 100644
index 0000000..c152e93
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*:foo:
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:
+voice:*::
+cdrom:*:foo:
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/usermod.test b/tests/usertools/16_usermod_remove_supplementary_groups/usermod.test
new file mode 100755
index 0000000..6965190
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can clear the list of supplementary groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -G \"\" foo)..."
+usermod -G "" foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config.txt b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/default/useradd b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/group b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/gshadow b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/passwd b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/shadow b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/group b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/group
new file mode 100644
index 0000000..09dc6c1
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:root,foo
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:foo
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/gshadow b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/gshadow
new file mode 100644
index 0000000..f111ae2
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::root,foo
+adm:*::root
+tty:*::
+disk:*:foo:
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::foo
+kmem:*::
+dialout:*::
+fax:*:foo:
+voice:*::
+cdrom:*:foo:
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/usermod.test b/tests/usertools/17_usermod_change_supplementary_groups_numerical/usermod.test
new file mode 100755
index 0000000..ecd3a5f
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can change the list of supplementary groups, with numerical groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -G 13,bin,3 foo)..."
+usermod -G 13,bin,3 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config.txt b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/default/useradd b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/group b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/gshadow b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/passwd b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/shadow b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/data/usermod.err b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/data/usermod.err
new file mode 100644
index 0000000..6cf0f1f
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/data/usermod.err
@@ -0,0 +1 @@
+usermod: group 'damon' does not exist
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test
new file mode 100755
index 0000000..002bc53
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod fails if asked to add an user to an unknown named group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin,damon foo)..."
+usermod -G bin,damon foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config.txt b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/default/useradd b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/group b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/gshadow b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/passwd b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/shadow b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/data/usermod.err b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/data/usermod.err
new file mode 100644
index 0000000..5702177
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/data/usermod.err
@@ -0,0 +1 @@
+usermod: group '4242' does not exist
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test
new file mode 100755
index 0000000..1915240
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod fails if asked to add an user to an unknown numerical group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin,4242,daemon foo)..."
+usermod -G bin,4242,daemon foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config.txt b/tests/usertools/20_usermod_rename_user_in_member_lists/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/default/useradd b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/group b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/gshadow b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/passwd b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/shadow b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/group b/tests/usertools/20_usermod_rename_user_in_member_lists/data/group
new file mode 100644
index 0000000..730e4dd
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo2
+tty:x:5:
+disk:x:6:
+lp:x:7:root,foo2
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo2
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo2
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo2
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/gshadow b/tests/usertools/20_usermod_rename_user_in_member_lists/data/gshadow
new file mode 100644
index 0000000..af81c09
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo2
+tty:*::foo2
+disk:*:foo2:
+lp:*::root,foo2
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo2:foo2
+voice:*::
+cdrom:*:foo2:foo2
+floppy:*::foo2
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/passwd b/tests/usertools/20_usermod_rename_user_in_member_lists/data/passwd
new file mode 100644
index 0000000..f9b7829
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/shadow b/tests/usertools/20_usermod_rename_user_in_member_lists/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/usermod.test b/tests/usertools/20_usermod_rename_user_in_member_lists/usermod.test
new file mode 100755
index 0000000..8e0a2cd
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod rename the user in the lists of members, when an user is renamed with -l"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename user foo (usermod -l foo2 foo)..."
+usermod -l foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config.txt b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/default/useradd b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/group b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/gshadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/passwd b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/shadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/group b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/group
new file mode 100644
index 0000000..99e54fa
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo2
+bin:x:2:foo2
+sys:x:3:root
+adm:x:4:root,foo2
+tty:x:5:
+disk:x:6:
+lp:x:7:root,foo2
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo2
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo2
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo2
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/gshadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/gshadow
new file mode 100644
index 0000000..6ce4903
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo2
+bin:*::foo2
+sys:*::root
+adm:*::root,foo2
+tty:*::foo2
+disk:*:foo2:
+lp:*::root,foo2
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo2:foo2
+voice:*::
+cdrom:*:foo2:foo2
+floppy:*::foo2
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/passwd b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/passwd
new file mode 100644
index 0000000..f9b7829
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/shadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test
new file mode 100755
index 0000000..409b3ac
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod rename the user in the lists of members and uses the right username when adding the user to supplementary groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename the user and change the user's list of supplementary groups (usermod -l foo2 -a -G bin,daemon foo)..."
+usermod -l foo2 -a -G bin,daemon foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config.txt b/tests/usertools/22_usermod-a_existing_supplementary_group/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/default/useradd b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/group b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/gshadow b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/passwd b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/shadow b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/data/group b/tests/usertools/22_usermod-a_existing_supplementary_group/data/group
new file mode 100644
index 0000000..84c8697
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:foo
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/data/gshadow b/tests/usertools/22_usermod-a_existing_supplementary_group/data/gshadow
new file mode 100644
index 0000000..d0a61a3
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::foo
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/usermod.test b/tests/usertools/22_usermod-a_existing_supplementary_group/usermod.test
new file mode 100755
index 0000000..e83a3e0
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod does not fail when requested to add the user to a group it is already a member"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -a -G bin,daemon,floppy foo)..."
+usermod -a -G bin,daemon,floppy foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config.txt b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/default/useradd b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/group b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/gshadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/passwd b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/shadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/group b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/group
new file mode 100644
index 0000000..99e54fa
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo2
+bin:x:2:foo2
+sys:x:3:root
+adm:x:4:root,foo2
+tty:x:5:
+disk:x:6:
+lp:x:7:root,foo2
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo2
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo2
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo2
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/gshadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/gshadow
new file mode 100644
index 0000000..6ce4903
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo2
+bin:*::foo2
+sys:*::root
+adm:*::root,foo2
+tty:*::foo2
+disk:*:foo2:
+lp:*::root,foo2
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo2:foo2
+voice:*::
+cdrom:*:foo2:foo2
+floppy:*::foo2
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/passwd b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/passwd
new file mode 100644
index 0000000..f9b7829
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/shadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test
new file mode 100755
index 0000000..a2b74ae
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod renames the user when requested to add an user to a group it is already a member and to rename this user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename the user and change the its list of supplementary groups (usermod -l foo2 -a -G bin,daemon,floppy foo)..."
+usermod -l foo2 -a -G bin,daemon,floppy foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/24_usermod_locked_passwd/config.txt b/tests/usertools/24_usermod_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config.txt
diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/default/useradd b/tests/usertools/24_usermod_locked_passwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/group b/tests/usertools/24_usermod_locked_passwd/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/gshadow b/tests/usertools/24_usermod_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/passwd b/tests/usertools/24_usermod_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/shadow b/tests/usertools/24_usermod_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/24_usermod_locked_passwd/data/usermod.err b/tests/usertools/24_usermod_locked_passwd/data/usermod.err
new file mode 100644
index 0000000..b1d59ec
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/passwd.lock without a PID
+usermod: cannot lock /etc/passwd; try again later.
diff --git a/tests/usertools/24_usermod_locked_passwd/usermod.test b/tests/usertools/24_usermod_locked_passwd/usermod.test
new file mode 100755
index 0000000..6348998
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -G checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..."
+usermod -G bin foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/25_usermod-G_locked_group/config.txt b/tests/usertools/25_usermod-G_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config.txt
diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/default/useradd b/tests/usertools/25_usermod-G_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/group b/tests/usertools/25_usermod-G_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/gshadow b/tests/usertools/25_usermod-G_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/passwd b/tests/usertools/25_usermod-G_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/shadow b/tests/usertools/25_usermod-G_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/25_usermod-G_locked_group/data/usermod.err b/tests/usertools/25_usermod-G_locked_group/data/usermod.err
new file mode 100644
index 0000000..4b1d8f9
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/group.lock without a PID
+usermod: cannot lock /etc/group; try again later.
diff --git a/tests/usertools/25_usermod-G_locked_group/usermod.test b/tests/usertools/25_usermod-G_locked_group/usermod.test
new file mode 100755
index 0000000..a29cfaa
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -G checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..."
+usermod -G bin foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/26_usermod_locked_shadow/config.txt b/tests/usertools/26_usermod_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config.txt
diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/default/useradd b/tests/usertools/26_usermod_locked_shadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/group b/tests/usertools/26_usermod_locked_shadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/gshadow b/tests/usertools/26_usermod_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/passwd b/tests/usertools/26_usermod_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/shadow b/tests/usertools/26_usermod_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/26_usermod_locked_shadow/data/usermod.err b/tests/usertools/26_usermod_locked_shadow/data/usermod.err
new file mode 100644
index 0000000..f490717
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/shadow.lock without a PID
+usermod: cannot lock /etc/shadow; try again later.
diff --git a/tests/usertools/26_usermod_locked_shadow/usermod.test b/tests/usertools/26_usermod_locked_shadow/usermod.test
new file mode 100755
index 0000000..b35c69b
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -G checks if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..."
+usermod -G bin foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config.txt b/tests/usertools/27_usermod-G_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config.txt
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/default/useradd b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/group b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/gshadow b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/passwd b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/shadow b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/data/usermod.err b/tests/usertools/27_usermod-G_locked_gshadow/data/usermod.err
new file mode 100644
index 0000000..d065cee
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/gshadow.lock without a PID
+usermod: cannot lock /etc/gshadow; try again later.
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/usermod.test b/tests/usertools/27_usermod-G_locked_gshadow/usermod.test
new file mode 100755
index 0000000..6709fbc
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -G checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..."
+usermod -G bin foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/28_usermod-c_locked_group/config.txt b/tests/usertools/28_usermod-c_locked_group/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/default/useradd b/tests/usertools/28_usermod-c_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/group b/tests/usertools/28_usermod-c_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/gshadow b/tests/usertools/28_usermod-c_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/passwd b/tests/usertools/28_usermod-c_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/shadow b/tests/usertools/28_usermod-c_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/28_usermod-c_locked_group/data/passwd b/tests/usertools/28_usermod-c_locked_group/data/passwd
new file mode 100644
index 0000000..c7bb997
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:new comment:/home/foo:/bin/false
diff --git a/tests/usertools/28_usermod-c_locked_group/usermod.test b/tests/usertools/28_usermod-c_locked_group/usermod.test
new file mode 100755
index 0000000..6275a9a
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -c does not check if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change the user's comment (usermod -c \"new coment\" foo)..."
+usermod -c "new comment" foo
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config.txt b/tests/usertools/29_usermod-c_locked_gshadow/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/default/useradd b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/group b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/gshadow b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/passwd b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/shadow b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/data/passwd b/tests/usertools/29_usermod-c_locked_gshadow/data/passwd
new file mode 100644
index 0000000..c7bb997
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:new comment:/home/foo:/bin/false
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/usermod.test b/tests/usertools/29_usermod-c_locked_gshadow/usermod.test
new file mode 100755
index 0000000..f7a14c9
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -c does not check if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change the user's comment (usermod -c \"new coment\" foo)..."
+usermod -c "new comment" foo
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/30_usermod-l_locked_group/config.txt b/tests/usertools/30_usermod-l_locked_group/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/default/useradd b/tests/usertools/30_usermod-l_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/group b/tests/usertools/30_usermod-l_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/gshadow b/tests/usertools/30_usermod-l_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/passwd b/tests/usertools/30_usermod-l_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/shadow b/tests/usertools/30_usermod-l_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/30_usermod-l_locked_group/data/usermod.err b/tests/usertools/30_usermod-l_locked_group/data/usermod.err
new file mode 100644
index 0000000..4b1d8f9
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/group.lock without a PID
+usermod: cannot lock /etc/group; try again later.
diff --git a/tests/usertools/30_usermod-l_locked_group/usermod.test b/tests/usertools/30_usermod-l_locked_group/usermod.test
new file mode 100755
index 0000000..8b3799c
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -l fails if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -l foo2 foo)..."
+usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config.txt b/tests/usertools/31_usermod-l_locked_gshadow/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/default/useradd b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/group b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/gshadow b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/passwd b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/shadow b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/data/usermod.err b/tests/usertools/31_usermod-l_locked_gshadow/data/usermod.err
new file mode 100644
index 0000000..d065cee
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/gshadow.lock without a PID
+usermod: cannot lock /etc/gshadow; try again later.
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/usermod.test b/tests/usertools/31_usermod-l_locked_gshadow/usermod.test
new file mode 100755
index 0000000..1e18287
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -l fails if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -l foo2 foo)..."
+usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/32_usermod-u_new_UID/config.txt b/tests/usertools/32_usermod-u_new_UID/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/default/useradd b/tests/usertools/32_usermod-u_new_UID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/group b/tests/usertools/32_usermod-u_new_UID/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/gshadow b/tests/usertools/32_usermod-u_new_UID/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/passwd b/tests/usertools/32_usermod-u_new_UID/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/shadow b/tests/usertools/32_usermod-u_new_UID/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/32_usermod-u_new_UID/data/passwd b/tests/usertools/32_usermod-u_new_UID/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/32_usermod-u_new_UID/usermod.test b/tests/usertools/32_usermod-u_new_UID/usermod.test
new file mode 100755
index 0000000..ca04c6f
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can change the user's UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/33_usermod-u_existing_UID/config.txt b/tests/usertools/33_usermod-u_existing_UID/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/default/useradd b/tests/usertools/33_usermod-u_existing_UID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/group b/tests/usertools/33_usermod-u_existing_UID/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/gshadow b/tests/usertools/33_usermod-u_existing_UID/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/passwd b/tests/usertools/33_usermod-u_existing_UID/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/shadow b/tests/usertools/33_usermod-u_existing_UID/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/33_usermod-u_existing_UID/data/usermod.err b/tests/usertools/33_usermod-u_existing_UID/data/usermod.err
new file mode 100644
index 0000000..dd2fa8a
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/data/usermod.err
@@ -0,0 +1 @@
+usermod: UID '1001' already exists
diff --git a/tests/usertools/33_usermod-u_existing_UID/usermod.test b/tests/usertools/33_usermod-u_existing_UID/usermod.test
new file mode 100755
index 0000000..10c1e28
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod tests if the new user's UID is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's UID (usermod -u 1001 foo)..."
+usermod -u 1001 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config.txt b/tests/usertools/34_usermod-u-o_existing_UID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/default/useradd b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/group b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/gshadow b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/passwd b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/shadow b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/data/passwd b/tests/usertools/34_usermod-u-o_existing_UID/data/passwd
new file mode 100644
index 0000000..28bc739
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1001:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/usermod.test b/tests/usertools/34_usermod-u-o_existing_UID/usermod.test
new file mode 100755
index 0000000..5ea5210
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can change the user's UID to an existing UID (with -o)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's UID (usermod -o -u 1001 foo)..."
+usermod -o -u 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config.txt b/tests/usertools/35_usermod-u_invalid_UID/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/default/useradd b/tests/usertools/35_usermod-u_invalid_UID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/group b/tests/usertools/35_usermod-u_invalid_UID/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/gshadow b/tests/usertools/35_usermod-u_invalid_UID/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/passwd b/tests/usertools/35_usermod-u_invalid_UID/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/shadow b/tests/usertools/35_usermod-u_invalid_UID/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/35_usermod-u_invalid_UID/data/usermod.err b/tests/usertools/35_usermod-u_invalid_UID/data/usermod.err
new file mode 100644
index 0000000..2d5c5e9
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid user ID '100a1'
diff --git a/tests/usertools/35_usermod-u_invalid_UID/usermod.test b/tests/usertools/35_usermod-u_invalid_UID/usermod.test
new file mode 100755
index 0000000..43f0daf
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks if the uid is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's UID (usermod -u 100a1 foo)..."
+usermod -u 100a1 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config.txt b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config.txt
new file mode 100644
index 0000000..b337f3f
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000, home directory: /home/foo
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/default/useradd b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/group b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/gshadow b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/passwd b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/shadow b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/home_ls-a b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/home_ls-a
new file mode 100644
index 0000000..24c9573
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/home_ls-a
@@ -0,0 +1,7 @@
+-rw-r--r-- 1001:1000 `/home/foo2/.tata'
+-rw-r--r-- 1001:1000 `/home/foo2/toto'
+crw-r--r-- 1001:1000 `/home/foo2/null'
+drwxr-xr-x 0:0 `/home/foo2/..'
+drwxr-xr-x 1001:1000 `/home/foo2/.'
+drwxr-xr-x 1001:1000 `/home/foo2/titi'
+lrwxrwxrwx 1001:1000 `/home/foo2/tutu' -> `/tmp/home/foo2/toto'
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/passwd b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/passwd
new file mode 100644
index 0000000..9327c6d
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1001:1000::/tmp/home/foo2:/bin/false
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test
new file mode 100755
index 0000000..6a8d708
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory, over a new device and changes the owner of the user's file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2; umount /tmp/home; rmdir /tmp/home' 0
+
+change_config
+
+mkdir /home/foo
+mkdir /home/foo/titi
+echo toto > /home/foo/toto
+ln /home/foo/toto /home/foo/.tata
+ln -s /home/foo/toto /home/foo/tutu
+mknod /home/foo/null c 1 3
+chown -R foo:foo /home/foo
+stat --printf "%A %u:%g %N\n" /home/foo/* /home/foo/.* 2>/dev/null | sort
+
+mkdir /tmp/home
+mount --bind /home /tmp/home
+
+echo -n "Change the user's home directory (usermod -m -d /tmp/home/foo2 -u 1001 foo ..."
+usermod -m -d /tmp/home/foo2 -u 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %u:%g %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /home/foo2
+echo "done"
+
+umount /tmp/home
+rmdir /tmp/home
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/37_Debian_Bug_470745/config.txt b/tests/usertools/37_Debian_Bug_470745/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/default/useradd b/tests/usertools/37_Debian_Bug_470745/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/group b/tests/usertools/37_Debian_Bug_470745/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/gshadow b/tests/usertools/37_Debian_Bug_470745/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/passwd b/tests/usertools/37_Debian_Bug_470745/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/shadow b/tests/usertools/37_Debian_Bug_470745/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/37_Debian_Bug_470745/data/group b/tests/usertools/37_Debian_Bug_470745/data/group
new file mode 100644
index 0000000..ad32c02
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/data/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
+tr:x:1002:
+rtr:x:1003:
diff --git a/tests/usertools/37_Debian_Bug_470745/data/gshadow b/tests/usertools/37_Debian_Bug_470745/data/gshadow
new file mode 100644
index 0000000..01b3553
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/data/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
+tr:!::
+tr:!::
diff --git a/tests/usertools/37_Debian_Bug_470745/data/passwd b/tests/usertools/37_Debian_Bug_470745/data/passwd
new file mode 100644
index 0000000..0e31259
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
+tr:x:1002:1002::/tmp/tr:/bin/foobar
diff --git a/tests/usertools/37_Debian_Bug_470745/data/shadow b/tests/usertools/37_Debian_Bug_470745/data/shadow
new file mode 100644
index 0000000..ccbe580
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/data/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+tr:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/37_Debian_Bug_470745/data/usermod.err b/tests/usertools/37_Debian_Bug_470745/data/usermod.err
new file mode 100644
index 0000000..46df292
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/data/usermod.err
@@ -0,0 +1,2 @@
+Multiple entries named 'tr' in /etc/gshadow. Please fix this with pwck or grpck.
+usermod: failed to prepare the new /etc/gshadow entry 'tr'
diff --git a/tests/usertools/37_Debian_Bug_470745/usermod.test b/tests/usertools/37_Debian_Bug_470745/usermod.test
new file mode 100755
index 0000000..8aa75ba
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/usermod.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod tests if the new user's UID is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo add group tr
+groupadd tr
+echo add group rtr
+groupadd rtr
+echo add user tr to group tr
+useradd -g tr tr
+echo rename group rtr to tr in /etc/gshadow
+perl -pi -e 's/rtr/tr/g' /etc/gshadow
+echo add user tr to the member list of tr
+usermod -G tr tr 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/38_usermod_invalid_user/config.txt b/tests/usertools/38_usermod_invalid_user/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/default/useradd b/tests/usertools/38_usermod_invalid_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/group b/tests/usertools/38_usermod_invalid_user/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/gshadow b/tests/usertools/38_usermod_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/passwd b/tests/usertools/38_usermod_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/shadow b/tests/usertools/38_usermod_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/38_usermod_invalid_user/data/usermod.err b/tests/usertools/38_usermod_invalid_user/data/usermod.err
new file mode 100644
index 0000000..83a9183
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/data/usermod.err
@@ -0,0 +1 @@
+usermod: user 'fooinvalid' does not exist
diff --git a/tests/usertools/38_usermod_invalid_user/usermod.test b/tests/usertools/38_usermod_invalid_user/usermod.test
new file mode 100755
index 0000000..e88034d
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks if the user is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change an invalid user (usermod -u 100 fooinvalid)..."
+usermod -u 100 fooinvalid 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config.txt b/tests/usertools/39_usermod_-c_invalid_comment/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/default/useradd b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/group b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/gshadow b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/passwd b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/shadow b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/data/usermod.err b/tests/usertools/39_usermod_-c_invalid_comment/data/usermod.err
new file mode 100644
index 0000000..2cdfa7a
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid field 'com:ment'
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/usermod.test b/tests/usertools/39_usermod_-c_invalid_comment/usermod.test
new file mode 100755
index 0000000..5a240ed
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks validity of -c argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change to and invalid comment (usermod -c 'com:ment' foo)..."
+usermod -c 'com:ment' foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config.txt b/tests/usertools/40_usermod_-d_invalid_homedir/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/default/useradd b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/group b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/gshadow b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/passwd b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/shadow b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/data/usermod.err b/tests/usertools/40_usermod_-d_invalid_homedir/data/usermod.err
new file mode 100644
index 0000000..0b376d6
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: invalid field 'home
+directory'
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/usermod.test b/tests/usertools/40_usermod_-d_invalid_homedir/usermod.test
new file mode 100755
index 0000000..c510489
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/usermod.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks validity of -d argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change to and invalid homedir (usermod -d 'home
+directory' foo)..."
+usermod -d 'home
+directory' foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config.txt b/tests/usertools/41_usermod_-d_invalid_shell/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/default/useradd b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/group b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/gshadow b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/passwd b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/shadow b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/data/usermod.err b/tests/usertools/41_usermod_-d_invalid_shell/data/usermod.err
new file mode 100644
index 0000000..b105c0e
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid field 'sh:ell'
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/usermod.test b/tests/usertools/41_usermod_-d_invalid_shell/usermod.test
new file mode 100755
index 0000000..44ce22b
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks validity of -s argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change to and invalid shell (usermod -s 'sh:ell' foo)..."
+usermod -s 'sh:ell' foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config.txt b/tests/usertools/42_usermod_-g_invalid_group_name/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/default/useradd b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/group b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/gshadow b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/passwd b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/shadow b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/data/usermod.err b/tests/usertools/42_usermod_-g_invalid_group_name/data/usermod.err
new file mode 100644
index 0000000..dbd9dc7
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/data/usermod.err
@@ -0,0 +1 @@
+usermod: group 'fooinvalid' does not exist
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/usermod.test b/tests/usertools/42_usermod_-g_invalid_group_name/usermod.test
new file mode 100755
index 0000000..22fd107
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks existence of the specified primary group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change to and invalid shell (usermod -g 'fooinvalid' foo)..."
+usermod -g 'fooinvalid' foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config.txt b/tests/usertools/43_usermod_-g_invalid_group_ID/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/default/useradd b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/group b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/gshadow b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/passwd b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/shadow b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/data/usermod.err b/tests/usertools/43_usermod_-g_invalid_group_ID/data/usermod.err
new file mode 100644
index 0000000..82d3de6
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/data/usermod.err
@@ -0,0 +1 @@
+usermod: group '12345' does not exist
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/usermod.test b/tests/usertools/43_usermod_-g_invalid_group_ID/usermod.test
new file mode 100755
index 0000000..5d60cef
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks existence of the specified primary group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change to and invalid shell (usermod -g 12345 foo)..."
+usermod -g 12345 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/44_usermod-l_existing_username/config.txt b/tests/usertools/44_usermod-l_existing_username/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/default/useradd b/tests/usertools/44_usermod-l_existing_username/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/group b/tests/usertools/44_usermod-l_existing_username/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/gshadow b/tests/usertools/44_usermod-l_existing_username/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/passwd b/tests/usertools/44_usermod-l_existing_username/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/shadow b/tests/usertools/44_usermod-l_existing_username/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/44_usermod-l_existing_username/data/usermod.err b/tests/usertools/44_usermod-l_existing_username/data/usermod.err
new file mode 100644
index 0000000..895463e
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/data/usermod.err
@@ -0,0 +1 @@
+usermod: user 'foo2' already exists
diff --git a/tests/usertools/44_usermod-l_existing_username/usermod.test b/tests/usertools/44_usermod-l_existing_username/usermod.test
new file mode 100755
index 0000000..f3cbf15
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod tests if the new username is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's name (usermod -l foo2 foo)..."
+usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config.txt b/tests/usertools/45_usermod-l_existing_username_passwd/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/default/useradd b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/group b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/gshadow b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/passwd b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/shadow b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/shadow
new file mode 100644
index 0000000..7d2cc65
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo3:!:12977:0:99999:7:::
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/data/usermod.err b/tests/usertools/45_usermod-l_existing_username_passwd/data/usermod.err
new file mode 100644
index 0000000..895463e
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/data/usermod.err
@@ -0,0 +1 @@
+usermod: user 'foo2' already exists
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/usermod.test b/tests/usertools/45_usermod-l_existing_username_passwd/usermod.test
new file mode 100755
index 0000000..f3cbf15
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod tests if the new username is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's name (usermod -l foo2 foo)..."
+usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config.txt b/tests/usertools/46_usermod-l_existing_username_shadow/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/default/useradd b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/group b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/gshadow b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/passwd b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/passwd
new file mode 100644
index 0000000..92eddca
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo3:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/shadow b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/data/usermod.err b/tests/usertools/46_usermod-l_existing_username_shadow/data/usermod.err
new file mode 100644
index 0000000..16ef5fc
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/data/usermod.err
@@ -0,0 +1 @@
+usermod: user 'foo2' already exists in /etc/shadow
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/usermod.test b/tests/usertools/46_usermod-l_existing_username_shadow/usermod.test
new file mode 100755
index 0000000..f3cbf15
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod tests if the new username is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's name (usermod -l foo2 foo)..."
+usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config.txt b/tests/usertools/47_usermod-l_no_shadow_file/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/default/useradd b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/group b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/gshadow b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/passwd b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/shadow b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/data/group b/tests/usertools/47_usermod-l_no_shadow_file/data/group
new file mode 100644
index 0000000..730e4dd
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo2
+tty:x:5:
+disk:x:6:
+lp:x:7:root,foo2
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo2
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo2
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo2
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/data/gshadow b/tests/usertools/47_usermod-l_no_shadow_file/data/gshadow
new file mode 100644
index 0000000..af81c09
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo2
+tty:*::foo2
+disk:*:foo2:
+lp:*::root,foo2
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo2:foo2
+voice:*::
+cdrom:*:foo2:foo2
+floppy:*::foo2
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/data/passwd b/tests/usertools/47_usermod-l_no_shadow_file/data/passwd
new file mode 100644
index 0000000..f542fb0
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/usermod.test b/tests/usertools/47_usermod-l_no_shadow_file/usermod.test
new file mode 100755
index 0000000..46bdc57
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/usermod.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod does not require a shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Change the user's name (usermod -l foo2 foo)..."
+usermod -l foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config.txt b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/default/useradd b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/group b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/gshadow b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/passwd b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/passwd
new file mode 100644
index 0000000..9ae1f6f
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1000:::/bin/false
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/shadow b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/group b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/passwd b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/passwd
new file mode 100644
index 0000000..6b6522f
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1000:::/bin/false
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/shadow b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/userdel.err b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/userdel.err
new file mode 100644
index 0000000..157a8fc
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/userdel.err
@@ -0,0 +1 @@
+userdel: group foo is the primary group of another user and is not removed.
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/userdel.test b/tests/usertools/48_userdel_keep_group_if_primary_other_user/userdel.test
new file mode 100755
index 0000000..750780e
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/userdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if it is still used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user test1 (userdel foo)..."
+userdel foo 2>tmp/userdel.err
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/49_userdel_delete_users_group/config.txt b/tests/usertools/49_userdel_delete_users_group/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/default/useradd b/tests/usertools/49_userdel_delete_users_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/group b/tests/usertools/49_userdel_delete_users_group/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/gshadow b/tests/usertools/49_userdel_delete_users_group/config/etc/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/passwd b/tests/usertools/49_userdel_delete_users_group/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/shadow b/tests/usertools/49_userdel_delete_users_group/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/49_userdel_delete_users_group/data/group b/tests/usertools/49_userdel_delete_users_group/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/usertools/49_userdel_delete_users_group/data/gshadow b/tests/usertools/49_userdel_delete_users_group/data/gshadow
new file mode 100644
index 0000000..08d25a2
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo2:*::
diff --git a/tests/usertools/49_userdel_delete_users_group/data/passwd b/tests/usertools/49_userdel_delete_users_group/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/49_userdel_delete_users_group/data/shadow b/tests/usertools/49_userdel_delete_users_group/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/49_userdel_delete_users_group/userdel.test b/tests/usertools/49_userdel_delete_users_group/userdel.test
new file mode 100755
index 0000000..90e7afc
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if it is still used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user test1 (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config.txt b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/default/useradd b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/group b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/gshadow b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9fdfaa0
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo3:*::
+foo2:*::
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/passwd b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/shadow b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/group b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/passwd b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/shadow b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test
new file mode 100755
index 0000000..4293f27
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel remove the user's group even if it does not exist in gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user test1 (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config.txt b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/default/useradd b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/group b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/gshadow b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..9fdfaa0
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo3:*::
+foo2:*::
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/passwd b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/shadow b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/group b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/passwd b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/shadow b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test
new file mode 100755
index 0000000..72cd32f
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel remove the user's group even if it does not exist in gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/gshadow..."
+rm -f /etc/gshadow
+echo "done"
+
+echo -n "Delete user test1 (userdel foo)..."
+userdel foo
+echo "OK"
+
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config.txt b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/default/useradd b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/group b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/gshadow b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/passwd b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/shadow b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..2c64068
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo3:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/group b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/gshadow b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/gshadow
new file mode 100644
index 0000000..08d25a2
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo2:*::
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/passwd b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/userdel.test b/tests/usertools/52_userdel_delete_user_no_shadow_entry/userdel.test
new file mode 100755
index 0000000..244adc9
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel accepts when the user has no shadow entry"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config.txt b/tests/usertools/53_userdel_delete_user_no_shadow_file/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/default/useradd b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/group b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/gshadow b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/passwd b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/shadow b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2c64068
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo3:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/data/group b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/data/gshadow b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/gshadow
new file mode 100644
index 0000000..08d25a2
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo2:*::
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/data/passwd b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/userdel.test b/tests/usertools/53_userdel_delete_user_no_shadow_file/userdel.test
new file mode 100755
index 0000000..26bc485
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/userdel.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel accepts when the user is not is shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Delete user test1 (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config.txt b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/default/useradd b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/group b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/gshadow b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/passwd b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/shadow b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/data/usermod.err b/tests/usertools/54_usermod-u_invalid_UID_4294967295/data/usermod.err
new file mode 100644
index 0000000..862ad44
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid user ID '4294967295'
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/usermod.test b/tests/usertools/54_usermod-u_invalid_UID_4294967295/usermod.test
new file mode 100755
index 0000000..0872846
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks if the uid is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's UID (usermod -u 4294967295 foo)..."
+usermod -u 4294967295 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/55_userdel_busy_user/config.txt b/tests/usertools/55_userdel_busy_user/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/55_userdel_busy_user/config/etc/default/useradd b/tests/usertools/55_userdel_busy_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/55_userdel_busy_user/config/etc/group b/tests/usertools/55_userdel_busy_user/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/55_userdel_busy_user/config/etc/gshadow b/tests/usertools/55_userdel_busy_user/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/55_userdel_busy_user/config/etc/passwd b/tests/usertools/55_userdel_busy_user/config/etc/passwd
new file mode 100644
index 0000000..82223ff
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/bash
diff --git a/tests/usertools/55_userdel_busy_user/config/etc/shadow b/tests/usertools/55_userdel_busy_user/config/etc/shadow
new file mode 100644
index 0000000..23ff0c0
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12977:0:99999:7:::
diff --git a/tests/usertools/55_userdel_busy_user/data/userdel.err b/tests/usertools/55_userdel_busy_user/data/userdel.err
new file mode 100644
index 0000000..860d096
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/data/userdel.err
@@ -0,0 +1 @@
+userdel: user foo is currently used by process <PID>
diff --git a/tests/usertools/55_userdel_busy_user/userdel.test b/tests/usertools/55_userdel_busy_user/userdel.test
new file mode 100755
index 0000000..45d6e3f
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/userdel.test
@@ -0,0 +1,68 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel accepts when the user is not is shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; kill $pid' 0
+
+change_config
+
+echo -n "Create a process for foo (su -l foo -c \"sleep 10\")..."
+su -l foo -c "sleep 10" 2>/dev/null &
+echo "OK"
+
+# Make sure su was started.
+sleep 1
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.err && exit 1 || {
+ ps=$(echo $! $?)
+ pid=$(echo $ps | cut -f1 -d' ')
+ status=$(echo $ps | cut -f2 -d' ')
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "8"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+sed -i -e "s/ [0-9]*$/ <PID>/" tmp/userdel.err
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+
+kill $pid || true
+wait || true
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/56_userdel_locked_passwd/config.txt b/tests/usertools/56_userdel_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config.txt
diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/default/useradd b/tests/usertools/56_userdel_locked_passwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/group b/tests/usertools/56_userdel_locked_passwd/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/gshadow b/tests/usertools/56_userdel_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/passwd b/tests/usertools/56_userdel_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/shadow b/tests/usertools/56_userdel_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/56_userdel_locked_passwd/data/userdel.err b/tests/usertools/56_userdel_locked_passwd/data/userdel.err
new file mode 100644
index 0000000..183acb4
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/data/userdel.err
@@ -0,0 +1,2 @@
+userdel: existing lock file /etc/passwd.lock without a PID
+userdel: cannot lock /etc/passwd; try again later.
diff --git a/tests/usertools/56_userdel_locked_passwd/userdel.test b/tests/usertools/56_userdel_locked_passwd/userdel.test
new file mode 100755
index 0000000..af186a9
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/57_userdel_locked_group/config.txt b/tests/usertools/57_userdel_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config.txt
diff --git a/tests/usertools/57_userdel_locked_group/config/etc/default/useradd b/tests/usertools/57_userdel_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/57_userdel_locked_group/config/etc/group b/tests/usertools/57_userdel_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/57_userdel_locked_group/config/etc/gshadow b/tests/usertools/57_userdel_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/57_userdel_locked_group/config/etc/passwd b/tests/usertools/57_userdel_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/57_userdel_locked_group/config/etc/shadow b/tests/usertools/57_userdel_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/57_userdel_locked_group/data/userdel.err b/tests/usertools/57_userdel_locked_group/data/userdel.err
new file mode 100644
index 0000000..1e947b2
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/data/userdel.err
@@ -0,0 +1,2 @@
+userdel: existing lock file /etc/group.lock without a PID
+userdel: cannot lock /etc/group; try again later.
diff --git a/tests/usertools/57_userdel_locked_group/userdel.test b/tests/usertools/57_userdel_locked_group/userdel.test
new file mode 100755
index 0000000..01e8c8c
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/58_userdel_locked_shadow/config.txt b/tests/usertools/58_userdel_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config.txt
diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/default/useradd b/tests/usertools/58_userdel_locked_shadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/group b/tests/usertools/58_userdel_locked_shadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/gshadow b/tests/usertools/58_userdel_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/passwd b/tests/usertools/58_userdel_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/shadow b/tests/usertools/58_userdel_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/58_userdel_locked_shadow/data/userdel.err b/tests/usertools/58_userdel_locked_shadow/data/userdel.err
new file mode 100644
index 0000000..324b9ec
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/data/userdel.err
@@ -0,0 +1,2 @@
+userdel: existing lock file /etc/shadow.lock without a PID
+userdel: cannot lock /etc/shadow; try again later.
diff --git a/tests/usertools/58_userdel_locked_shadow/userdel.test b/tests/usertools/58_userdel_locked_shadow/userdel.test
new file mode 100755
index 0000000..54acf61
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel checks if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/59_userdel_locked_gshadow/config.txt b/tests/usertools/59_userdel_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config.txt
diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/default/useradd b/tests/usertools/59_userdel_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/group b/tests/usertools/59_userdel_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/gshadow b/tests/usertools/59_userdel_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/passwd b/tests/usertools/59_userdel_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/shadow b/tests/usertools/59_userdel_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/59_userdel_locked_gshadow/data/userdel.err b/tests/usertools/59_userdel_locked_gshadow/data/userdel.err
new file mode 100644
index 0000000..7a56771
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/data/userdel.err
@@ -0,0 +1,2 @@
+userdel: existing lock file /etc/gshadow.lock without a PID
+userdel: cannot lock /etc/gshadow; try again later.
diff --git a/tests/usertools/59_userdel_locked_gshadow/userdel.test b/tests/usertools/59_userdel_locked_gshadow/userdel.test
new file mode 100755
index 0000000..97993b9
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/60_userdel_invalid_user/config.txt b/tests/usertools/60_userdel_invalid_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config.txt
diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/default/useradd b/tests/usertools/60_userdel_invalid_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/group b/tests/usertools/60_userdel_invalid_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/gshadow b/tests/usertools/60_userdel_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/passwd b/tests/usertools/60_userdel_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/shadow b/tests/usertools/60_userdel_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/60_userdel_invalid_user/data/userdel.err b/tests/usertools/60_userdel_invalid_user/data/userdel.err
new file mode 100644
index 0000000..97598b9
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/data/userdel.err
@@ -0,0 +1 @@
+userdel: user 'fooo' does not exist
diff --git a/tests/usertools/60_userdel_invalid_user/userdel.test b/tests/usertools/60_userdel_invalid_user/userdel.test
new file mode 100755
index 0000000..b070736
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel checks if the user exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user fooo (userdel fooo)..."
+userdel fooo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config.txt b/tests/usertools/61_userdel_del_homedir_with_symlinks/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/default/useradd b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/group b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/gshadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/passwd b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/shadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/group b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/gshadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/passwd b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/shadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/userdel.err b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/userdel.err
new file mode 100644
index 0000000..5d7b44f
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/userdel.err
@@ -0,0 +1 @@
+userdel: foo mail spool (/var/mail/foo) not found
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/userdel.test b/tests/usertools/61_userdel_del_homedir_with_symlinks/userdel.test
new file mode 100755
index 0000000..a123ccb
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/userdel.test
@@ -0,0 +1,70 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel delete links, but not the pointed file/directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+mkdir /home/foo
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0
+mkdir /home/bar
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/bar' 0
+touch /home/baz
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/bar /home/baz' 0
+echo toto > /home/foo/toto
+ln -s /home/bar /home/foo/bar
+ln -s /home/baz /home/foo/baz
+chown -R foo:foo /home/foo /home/bar /home/baz
+
+echo -n "Delete user foo (userdel -r foo)..."
+userdel -r foo 2>tmp/userdel.err
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check the userdel message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "userdel message OK."
+rm -f tmp/userdel.err
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check that directory pointed from a foo's link is not removed..."
+test -d /home/bar
+echo "OK"
+echo -n "Check that file pointed from a foo's link is not removed..."
+test -f /home/baz
+echo "OK"
+rm -rf /home/bar /home/baz
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test
new file mode 100755
index 0000000..519d0a2
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd fails if an user does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody, lp, and foooo's password..."
+echo 'nobody:test
+lp:test2
+foooo:test3' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/group b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/passwd b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/shadow b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/chpasswd.err
new file mode 100644
index 0000000..8a3011f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/chpasswd.err
@@ -0,0 +1,3 @@
+chpasswd: (user foooo) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 3, user foooo) password not changed
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/shadow b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/shadow
new file mode 100644
index 0000000..cb54856
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_MD5 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test
new file mode 100755
index 0000000..c036205
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can change the password of multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/group b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/gshadow b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/passwd b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/shadow b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/data/shadow b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/data/shadow
new file mode 100644
index 0000000..d69c00c
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_DES test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test
new file mode 100755
index 0000000..fb915a1
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/group b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/gshadow b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/passwd b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..bd03706
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:bar:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/shadow b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/data/passwd b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/data/passwd
new file mode 100644
index 0000000..36fa602
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:@PASS_MD5 test2@:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:@PASS_MD5 test@:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test
new file mode 100755
index 0000000..2660213
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd entry if there are no shadow entries"
+# FIXME: The PAM and !PAM versions differs:
+# PAM will create a shadow entry if the shadow file exists
+# !PAM will update the passwd entry and leave the shadow file untouched
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/group b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..54dc57e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,40 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..f4f74a5
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,18 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/data/shadow b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..090d61a
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+lp:@PASS_DES test2@:@TODAY@::::::
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test
new file mode 100755
index 0000000..5760ca5
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd fails if no password are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/group b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/gshadow b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/passwd b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/shadow b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/chpasswd.err b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/chpasswd.err
new file mode 100644
index 0000000..a02b7d6
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/chpasswd.err
@@ -0,0 +1 @@
+chpasswd: line 2: missing new password
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/shadow b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/shadow
new file mode 100644
index 0000000..658661b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
new file mode 100755
index 0000000..fda6230
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chpasswd usage (chpasswd -h)..."
+chpasswd -h >tmp/usage.out
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config.txt b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/group b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/gshadow b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/passwd b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/shadow b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/data/usage.out b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/data/usage.out
new file mode 100644
index 0000000..59c8b35
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/data/usage.out
@@ -0,0 +1,12 @@
+Usage: chpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
new file mode 100755
index 0000000..f75e674
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd displays its usage message in case on non recognized option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chpasswd usage (chpasswd --foo)..."
+chpasswd --foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config.txt b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/group b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/gshadow b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/passwd b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/shadow b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/data/usage.out b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/data/usage.out
new file mode 100644
index 0000000..4e26b6d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: unrecognized option '--foo'
+Usage: chpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
new file mode 100755
index 0000000..ecfbb20
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that -e and -m are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password are encrypted and must use md5 (chpasswd -m -e)..."
+echo 'nobody:test' | chpasswd -m -e 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config.txt b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/group b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/gshadow b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/passwd b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/shadow b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/data/usage.out b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/data/usage.out
new file mode 100644
index 0000000..799c8dd
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: the -c, -e, and -m flags are exclusive
+Usage: chpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
new file mode 100755
index 0000000..ab5deec
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that -e and -c are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password are encrypted and must use another method (chpasswd -c SHA512 -e)..."
+echo 'nobody:test' | chpasswd -c SHA512 -e 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config.txt b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/group b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/gshadow b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/passwd b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/shadow b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/data/usage.out b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/data/usage.out
new file mode 100644
index 0000000..799c8dd
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: the -c, -e, and -m flags are exclusive
+Usage: chpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
new file mode 100755
index 0000000..fe2bbd7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that -c and -m are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chpasswd -m -c SHA256)..."
+echo 'nobody:test' | chpasswd -m -c SHA256 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config.txt b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/group b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/gshadow b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/passwd b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/shadow b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/data/usage.out b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/data/usage.out
new file mode 100644
index 0000000..799c8dd
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: the -c, -e, and -m flags are exclusive
+Usage: chpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
new file mode 100755
index 0000000..29982fc
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that -c is provided if -s is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chpasswd --sha-rounds 12)..."
+echo 'nobody:test' | chpasswd --sha-rounds 12 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config.txt b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/group b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/gshadow b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/passwd b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/shadow b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/data/usage.out b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/data/usage.out
new file mode 100644
index 0000000..ab133e2
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: -s flag is only allowed with the -c flag
+Usage: chpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
new file mode 100755
index 0000000..1b478f9
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks the -s argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chpasswd --sha-rounds 12foo -c SHA512)..."
+echo 'nobody:test' | chpasswd --sha-rounds 12foo -c SHA512 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config.txt b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/group b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/gshadow b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/passwd b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/shadow b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/data/usage.out b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/data/usage.out
new file mode 100644
index 0000000..bcfcf6d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: invalid numeric argument '12foo'
+Usage: chpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
new file mode 100755
index 0000000..a2f653c
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks the -c argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chpasswd --crypt-method SHA513)..."
+echo 'nobody:test' | chpasswd --crypt-method SHA513 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config.txt b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/group b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/gshadow b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/passwd b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/shadow b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/data/usage.out b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/data/usage.out
new file mode 100644
index 0000000..2c9e5aa
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: unsupported crypt method: SHA513
+Usage: chpasswd [options]
+
+Options:
+ -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512)
+ -e, --encrypted supplied passwords are encrypted
+ -h, --help display this help message and exit
+ -m, --md5 encrypt the clear text password using
+ the MD5 algorithm
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --sha-rounds number of SHA rounds for the SHA*
+ crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test
new file mode 100755
index 0000000..3591462
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | chpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/group b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/gshadow b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/passwd b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/shadow b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/data/shadow b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/data/shadow
new file mode 100644
index 0000000..269ee68
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:test2:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test
new file mode 100755
index 0000000..534fb6f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create md5 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --md5)..."
+echo 'nobody:test
+lp:test2' | chpasswd --md5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/group b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/gshadow b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/passwd b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/shadow b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/data/shadow b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/data/shadow
new file mode 100644
index 0000000..cb54856
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_MD5 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test
new file mode 100755
index 0000000..e7c1b4e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use encrypted passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd -c NONE)..."
+echo 'nobody:test
+lp:test2' | chpasswd -c NONE
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/group b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/gshadow b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/passwd b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/shadow b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/data/shadow b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/data/shadow
new file mode 100644
index 0000000..269ee68
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:test2:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test
new file mode 100755
index 0000000..f7da2c6
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create MD5 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method MD5)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method MD5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/group b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/gshadow b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/passwd b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/shadow b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/data/shadow b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/data/shadow
new file mode 100644
index 0000000..cb54856
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_MD5 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test
new file mode 100755
index 0000000..750b82f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create DES passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method DES)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method DES
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/group b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/gshadow b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/passwd b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/shadow b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/data/shadow b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/data/shadow
new file mode 100644
index 0000000..d69c00c
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_DES test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test
new file mode 100755
index 0000000..56c67bf
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA256 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA256)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA256
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/group b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/gshadow b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/passwd b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/shadow b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/data/shadow b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/data/shadow
new file mode 100644
index 0000000..2705a06
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test
new file mode 100755
index 0000000..9a0b0d7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA256 passwords and use at least 1000 rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA256 -s 900)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA256 -s 900
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+grep nobody /etc/shadow | grep -q ':\$5\$rounds=1000\$'
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/group b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/gshadow b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/passwd b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/shadow b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/data/shadow b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/data/shadow
new file mode 100644
index 0000000..2705a06
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test
new file mode 100755
index 0000000..6f5f586
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA256 passwords and use the requested number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA256 -s 9000)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA256 -s 9000
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+grep nobody /etc/shadow | grep -q ':\$5\$rounds=9000\$'
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/group b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/gshadow b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/passwd b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/shadow b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/data/shadow b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/data/shadow
new file mode 100644
index 0000000..2705a06
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test
new file mode 100755
index 0000000..856665f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA512 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA512)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA512
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/group b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/gshadow b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/passwd b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/shadow b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/data/shadow b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/data/shadow
new file mode 100644
index 0000000..83bc0c9
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test
new file mode 100755
index 0000000..4382ab5
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA512 passwords and use at least 1000 rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA512 -s 900)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA512 -s 900
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+grep nobody /etc/shadow | grep -q ':\$6\$rounds=1000\$'
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/group b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/gshadow b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/passwd b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/shadow b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/data/shadow b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/data/shadow
new file mode 100644
index 0000000..83bc0c9
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test
new file mode 100755
index 0000000..f42c7be
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA512 passwords and use the requested number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA512 -s 9000)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA512 -s 9000
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+grep nobody /etc/shadow | grep -q ':\$6\$rounds=9000\$'
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/group b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/gshadow b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/passwd b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/shadow b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/data/shadow b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/data/shadow
new file mode 100644
index 0000000..83bc0c9
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test
new file mode 100755
index 0000000..ce881e8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/group b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/gshadow b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/passwd b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/shadow b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/data/passwd b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/data/passwd
new file mode 100644
index 0000000..0489957
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:test2:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:test:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test
new file mode 100755
index 0000000..7aa511e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/group b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/gshadow b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/passwd b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/shadow b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/data/chpasswd.err b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/data/chpasswd.err
new file mode 100644
index 0000000..498b5c8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/data/chpasswd.err
@@ -0,0 +1,6 @@
+chpasswd: (user nobody) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 1, user nobody) password not changed
+chpasswd: (user lp) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 2, user lp) password not changed
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test
new file mode 100755
index 0000000..0578c1f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/group b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/passwd
new file mode 100644
index 0000000..0d29119
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/chpasswd.err b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/chpasswd.err
new file mode 100644
index 0000000..1381d0e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/chpasswd.err
@@ -0,0 +1,3 @@
+chpasswd: (user lp) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 2, user lp) password not changed
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/passwd b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/passwd
new file mode 100644
index 0000000..9a44671
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:@PASS_MD5 test@:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test
new file mode 100755
index 0000000..0578c1f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/group b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/passwd
new file mode 100644
index 0000000..6ba390f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:bar:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/chpasswd.err b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/chpasswd.err
new file mode 100644
index 0000000..9eb11ca
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/chpasswd.err
@@ -0,0 +1,3 @@
+chpasswd: (user nobody) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 1, user nobody) password not changed
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/passwd b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/passwd
new file mode 100644
index 0000000..978ea44
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:@PASS_MD5 test2@:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test
new file mode 100755
index 0000000..c341285
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd entry if there are no shadow entries"
+# FIXME: The PAM and !PAM versions differs:
+# PAM will create a shadow entry if the shadow file exists
+# !PAM will update the passwd entry and leave the shadow file untouched
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/group b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..54dc57e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,40 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..f4f74a5
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,18 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/passwd b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/shadow b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..fcb19db
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+lp:test2:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test
new file mode 100755
index 0000000..a18f912
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config.txt b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config.txt
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/group b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/gshadow b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/passwd b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/shadow b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/data/chpasswd.err b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/data/chpasswd.err
new file mode 100644
index 0000000..468b8b6
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/data/chpasswd.err
@@ -0,0 +1,2 @@
+chpasswd: existing lock file /etc/passwd.lock without a PID
+chpasswd: cannot lock /etc/passwd; try again later.
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test
new file mode 100755
index 0000000..3686758
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config.txt b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config.txt
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/group b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/gshadow b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/passwd b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/shadow b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/data/chpasswd.err b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/data/chpasswd.err
new file mode 100644
index 0000000..507310f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/data/chpasswd.err
@@ -0,0 +1,2 @@
+chpasswd: existing lock file /etc/shadow.lock without a PID
+chpasswd: cannot lock /etc/shadow; try again later.
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test
new file mode 100755
index 0000000..05bf394
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that users exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd)..."
+echo 'nobody:test
+bar:bar2
+lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config.txt b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config.txt
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/group b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/passwd b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/shadow b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/chpasswd.err
new file mode 100644
index 0000000..245a3b2
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/chpasswd.err
@@ -0,0 +1,3 @@
+chpasswd: (user bar) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 2, user bar) password not changed
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/shadow b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/shadow
new file mode 100644
index 0000000..958f25b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test
new file mode 100755
index 0000000..05c6a31
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that users exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+bar:bar2
+lp:test2' | chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config.txt b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config.txt
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/group b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/passwd b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/shadow b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/data/chpasswd.err
new file mode 100644
index 0000000..7182e70
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/data/chpasswd.err
@@ -0,0 +1,2 @@
+chpasswd: line 2: user 'bar' does not exist
+chpasswd: error detected, changes ignored
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test
new file mode 100755
index 0000000..5e3bc03
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | chpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/group b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/gshadow b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords. Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/passwd b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/passwd
new file mode 100644
index 0000000..5648ba0
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:oldpass:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/shadow b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/passwd b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/passwd
new file mode 100644
index 0000000..1ed98b3
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:test2:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/shadow b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/shadow
new file mode 100644
index 0000000..269ee68
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:test2:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test b/tests/usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test
new file mode 100755
index 0000000..f1d09e9
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd fails if an user does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody, lp, and foooo's password..."
+echo 'nobody:test
+lp:test2
+foooo:test3' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/group b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/login.defs b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/passwd b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/shadow b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd/01_chpasswd_invalid_user/data/chpasswd.err
new file mode 100644
index 0000000..3478c55
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/data/chpasswd.err
@@ -0,0 +1,2 @@
+chpasswd: line 3: user 'foooo' does not exist
+chpasswd: error detected, changes ignored
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test b/tests/usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test
new file mode 100755
index 0000000..c036205
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can change the password of multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/group b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/gshadow b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/login.defs b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/passwd b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/shadow b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/data/shadow b/tests/usertools/chpasswd/02_chpasswd_multiple_users/data/shadow
new file mode 100644
index 0000000..d69c00c
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_DES test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test
new file mode 100755
index 0000000..fb915a1
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/group b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/gshadow b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/login.defs b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/passwd b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/shadow b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/data/passwd b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/data/passwd
new file mode 100644
index 0000000..a9a8b92
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:@PASS_DES test2@:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:@PASS_DES test@:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test
new file mode 100755
index 0000000..d97d8b5
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd entry if there are no shadow entries"
+# FIXME: The PAM and !PAM versions differs:
+# PAM will create a shadow entry if the shadow file exists
+# !PAM will update the passwd entry and leave the shadow file untouched
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/group b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/gshadow b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..54dc57e
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,40 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/login.defs b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/passwd b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/shadow b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..f4f74a5
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,18 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/passwd b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..e7f6c7b
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:@PASS_DES test2@:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/shadow b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..8e10590
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/shadow
@@ -0,0 +1,18 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test b/tests/usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test
new file mode 100755
index 0000000..005b7ba
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd fails if no password are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/group b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/gshadow b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/login.defs b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+#
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 100
+GID_MAX 60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/passwd b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/shadow b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/data/chpasswd.err b/tests/usertools/chpasswd/05_chpasswd_error_no_password/data/chpasswd.err
new file mode 100644
index 0000000..afeef27
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/data/chpasswd.err
@@ -0,0 +1,2 @@
+chpasswd: line 2: missing new password
+chpasswd: error detected, changes ignored
diff --git a/tests/usertools/useradd/01_useradd_usage/config.txt b/tests/usertools/useradd/01_useradd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/default/useradd b/tests/usertools/useradd/01_useradd_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/group b/tests/usertools/useradd/01_useradd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/gshadow b/tests/usertools/useradd/01_useradd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/passwd b/tests/usertools/useradd/01_useradd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/shadow b/tests/usertools/useradd/01_useradd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/01_useradd_usage/data/usage.out b/tests/usertools/useradd/01_useradd_usage/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/01_useradd_usage/useradd.test b/tests/usertools/useradd/01_useradd_usage/useradd.test
new file mode 100755
index 0000000..a7fe046
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get useradd usage (useradd -h)..."
+useradd -h >tmp/usage.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config.txt b/tests/usertools/useradd/02_useradd_usage_invalid_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/default/useradd b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/group b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/gshadow b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/passwd b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/shadow b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/data/usage.out b/tests/usertools/useradd/02_useradd_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..2efa134
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/data/usage.out
@@ -0,0 +1,36 @@
+useradd: unrecognized option '--foo'
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/useradd.test b/tests/usertools/useradd/02_useradd_usage_invalid_option/useradd.test
new file mode 100755
index 0000000..6711b26
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid option (useradd --foo)..."
+useradd --foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config.txt b/tests/usertools/useradd/03_useradd_usage_no_users/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/default/useradd b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/group b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/gshadow b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/passwd b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/shadow b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/data/usage.out b/tests/usertools/useradd/03_useradd_usage_no_users/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/useradd.test b/tests/usertools/useradd/03_useradd_usage_no_users/useradd.test
new file mode 100755
index 0000000..fe178eb
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd without an user (useradd -f 12)..."
+useradd -f 12 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config.txt b/tests/usertools/useradd/04_useradd_usage_2_users/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/default/useradd b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/group b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/gshadow b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/passwd b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/shadow b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/data/usage.out b/tests/usertools/useradd/04_useradd_usage_2_users/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/useradd.test b/tests/usertools/useradd/04_useradd_usage_2_users/useradd.test
new file mode 100755
index 0000000..c51e8bc
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with 2 users (useradd -f 12 bin nobody)..."
+useradd -f 12 bin nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config.txt b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/default/useradd b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/group b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/gshadow b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/passwd b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/shadow b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/data/usage.out b/tests/usertools/useradd/05_useradd_usage-b_invalid1/data/usage.out
new file mode 100644
index 0000000..6f4cd08
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid base directory '/home/no:body'
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/useradd.test b/tests/usertools/useradd/05_useradd_usage-b_invalid1/useradd.test
new file mode 100755
index 0000000..a880dde
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -b '/home/no:body' nobody)..."
+useradd -b '/home/no:body' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config.txt b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/default/useradd b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/group b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/gshadow b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/passwd b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/shadow b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/data/usage.out b/tests/usertools/useradd/06_useradd_usage-b_invalid2/data/usage.out
new file mode 100644
index 0000000..22a5df8
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid base directory '/home/no
+body'
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/useradd.test b/tests/usertools/useradd/06_useradd_usage-b_invalid2/useradd.test
new file mode 100755
index 0000000..37f27c0
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -b '/home/no
+body' nobody)..."
+useradd -b '/home/no
+body' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config.txt b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/default/useradd b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/group b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/gshadow b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/passwd b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/shadow b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/data/usage.out b/tests/usertools/useradd/07_useradd_usage-b_invalid3/data/usage.out
new file mode 100644
index 0000000..de930e6
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid base directory 'home/nobody'
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/useradd.test b/tests/usertools/useradd/07_useradd_usage-b_invalid3/useradd.test
new file mode 100755
index 0000000..a0ff227
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -b 'home/nobody' nobody)..."
+useradd -b 'home/nobody' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config.txt b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/default/useradd b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/group b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/gshadow b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/passwd b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/shadow b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/data/usage.out b/tests/usertools/useradd/08_useradd_usage-c_invalid1/data/usage.out
new file mode 100644
index 0000000..ec0e2ab
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid comment 'comm:ent'
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/useradd.test b/tests/usertools/useradd/08_useradd_usage-c_invalid1/useradd.test
new file mode 100755
index 0000000..6cd2262
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -c 'comm:ent' nobody)..."
+useradd -c 'comm:ent' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config.txt b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/default/useradd b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/group b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/gshadow b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/passwd b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/shadow b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/data/usage.out b/tests/usertools/useradd/09_useradd_usage-c_invalid2/data/usage.out
new file mode 100644
index 0000000..30daaab
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid comment 'comm
+ent'
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/useradd.test b/tests/usertools/useradd/09_useradd_usage-c_invalid2/useradd.test
new file mode 100755
index 0000000..98f6420
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -c 'comm
+ent' nobody)..."
+useradd -c 'comm
+ent' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config.txt b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/default/useradd b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/group b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/gshadow b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/passwd b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/shadow b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/data/usage.out b/tests/usertools/useradd/10_useradd_usage-d_invalid1/data/usage.out
new file mode 100644
index 0000000..34b6e40
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid home directory '/home/no:body'
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/useradd.test b/tests/usertools/useradd/10_useradd_usage-d_invalid1/useradd.test
new file mode 100755
index 0000000..3f3b81e
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -d '/home/no:body' nobody)..."
+useradd -d '/home/no:body' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config.txt b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/default/useradd b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/group b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/gshadow b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/passwd b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/shadow b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/data/usage.out b/tests/usertools/useradd/11_useradd_usage-d_invalid2/data/usage.out
new file mode 100644
index 0000000..0ac0eed
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid home directory '/home/no
+body'
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/useradd.test b/tests/usertools/useradd/11_useradd_usage-d_invalid2/useradd.test
new file mode 100755
index 0000000..12569b5
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -d '/home/no
+body' nobody)..."
+useradd -d '/home/no
+body' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config.txt b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/default/useradd b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/group b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/gshadow b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/passwd b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/shadow b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/data/usage.out b/tests/usertools/useradd/12_useradd_usage-d_invalid3/data/usage.out
new file mode 100644
index 0000000..722cb57
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid home directory 'home/nobody'
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/useradd.test b/tests/usertools/useradd/12_useradd_usage-d_invalid3/useradd.test
new file mode 100755
index 0000000..3b624c1
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -d 'home/nobody' nobody)..."
+useradd -d 'home/nobody' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config.txt b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/default/useradd b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/group b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/gshadow b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/passwd b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/shadow b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/data/usage.out b/tests/usertools/useradd/13_useradd_usage-e_invalid1/data/usage.out
new file mode 100644
index 0000000..02f2e40
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid date '2011-09-09-11'
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/useradd.test b/tests/usertools/useradd/13_useradd_usage-e_invalid1/useradd.test
new file mode 100755
index 0000000..15acb22
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -e '2011-09-09-11' nobody)..."
+useradd -e '2011-09-09-11' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config.txt b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/default/useradd b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/group b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/gshadow b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/passwd b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/shadow b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/data/usage.out b/tests/usertools/useradd/14_useradd_usage-e_invalid2/data/usage.out
new file mode 100644
index 0000000..c0d25cb
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid date '1900-09-11'
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/useradd.test b/tests/usertools/useradd/14_useradd_usage-e_invalid2/useradd.test
new file mode 100755
index 0000000..c5642f0
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -e '1900-09-11' nobody)..."
+useradd -e '1900-09-11' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config.txt b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/group b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/data/usage.out b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/data/usage.out
new file mode 100644
index 0000000..f148d91
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/data/usage.out
@@ -0,0 +1 @@
+useradd: shadow passwords required for -e
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test
new file mode 100755
index 0000000..255a799
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Call useradd with the -e option (useradd -e '2011-09-11' nobody)..."
+useradd -e '2011-09-11' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config.txt b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/default/useradd b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/group b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/gshadow b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/passwd b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/shadow b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/data/usage.out b/tests/usertools/useradd/16_useradd_usage-f_invalid1/data/usage.out
new file mode 100644
index 0000000..40d8d93
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid numeric argument '2011f'
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/useradd.test b/tests/usertools/useradd/16_useradd_usage-f_invalid1/useradd.test
new file mode 100755
index 0000000..ad948d5
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -f '2011f' nobody)..."
+useradd -f '2011f' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config.txt b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/default/useradd b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/group b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/gshadow b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/passwd b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/shadow b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/data/usage.out b/tests/usertools/useradd/17_useradd_usage-f_invalid2/data/usage.out
new file mode 100644
index 0000000..add36d3
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid numeric argument '-2'
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/useradd.test b/tests/usertools/useradd/17_useradd_usage-f_invalid2/useradd.test
new file mode 100755
index 0000000..2f5a385
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -f '-2' nobody)..."
+useradd -f '-2' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config.txt b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/group b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/data/usage.out b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/data/usage.out
new file mode 100644
index 0000000..f5095a5
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/data/usage.out
@@ -0,0 +1 @@
+useradd: shadow passwords required for -f
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test
new file mode 100755
index 0000000..aa5b54e
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Call useradd with the -f option (useradd -f '12' nobody)..."
+useradd -f '12' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config.txt b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/default/useradd b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/group b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/gshadow b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/passwd b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/shadow b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/data/usage.out b/tests/usertools/useradd/19_useradd_usage-K_invalid1/data/usage.out
new file mode 100644
index 0000000..9eaa315
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: -K requires KEY=VALUE
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/useradd.test b/tests/usertools/useradd/19_useradd_usage-K_invalid1/useradd.test
new file mode 100755
index 0000000..bef12a6
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -K 'VALUE' nobody)..."
+useradd -K 'VALUE' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config.txt b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/default/useradd b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/group b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/gshadow b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/passwd b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/shadow b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/data/usage.out b/tests/usertools/useradd/20_useradd_usage-O_invalid2/data/usage.out
new file mode 100644
index 0000000..cb3b31a
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/data/usage.out
@@ -0,0 +1 @@
+configuration error - unknown item 'KEY' (notify administrator)
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/useradd.test b/tests/usertools/useradd/20_useradd_usage-O_invalid2/useradd.test
new file mode 100755
index 0000000..883eac5
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -O 'KEY=VALUE' nobody)..."
+useradd -O 'KEY=VALUE' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config.txt b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/default/useradd b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/group b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/gshadow b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/passwd b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/shadow b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/data/usage.out b/tests/usertools/useradd/21_useradd_usage-p_invalid1/data/usage.out
new file mode 100644
index 0000000..6e06315
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid field 'no:body'
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/useradd.test b/tests/usertools/useradd/21_useradd_usage-p_invalid1/useradd.test
new file mode 100755
index 0000000..86e99ff
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -p 'no:body' nobody)..."
+useradd -p 'no:body' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config.txt b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/default/useradd b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/group b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/gshadow b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/passwd b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/shadow b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/data/usage.out b/tests/usertools/useradd/22_useradd_usage-p_invalid2/data/usage.out
new file mode 100644
index 0000000..19f477e
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid field 'no
+body'
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/useradd.test b/tests/usertools/useradd/22_useradd_usage-p_invalid2/useradd.test
new file mode 100755
index 0000000..9888c75
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -p 'no
+body' nobody)..."
+useradd -p 'no
+body' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config.txt b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/default/useradd b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/group b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/gshadow b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/passwd b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/shadow b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/data/usage.out b/tests/usertools/useradd/23_useradd_usage-s_invalid1/data/usage.out
new file mode 100644
index 0000000..2b9b157
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid shell '/home/no:body'
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/useradd.test b/tests/usertools/useradd/23_useradd_usage-s_invalid1/useradd.test
new file mode 100755
index 0000000..9864e42
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -s '/home/no:body' nobody)..."
+useradd -s '/home/no:body' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config.txt b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/default/useradd b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/group b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/gshadow b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/passwd b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/shadow b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/data/usage.out b/tests/usertools/useradd/24_useradd_usage-s_invalid2/data/usage.out
new file mode 100644
index 0000000..e2891b2
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid shell '/home/no
+body'
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/useradd.test b/tests/usertools/useradd/24_useradd_usage-s_invalid2/useradd.test
new file mode 100755
index 0000000..4704ed5
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -s '/home/no
+body' nobody)..."
+useradd -s '/home/no
+body' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config.txt b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/default/useradd b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/group b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/gshadow b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/passwd b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/shadow b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/data/usage.out b/tests/usertools/useradd/25_useradd_usage-s_invalid3/data/usage.out
new file mode 100644
index 0000000..9fb467e
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid shell 'home/nobody'
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/useradd.test b/tests/usertools/useradd/25_useradd_usage-s_invalid3/useradd.test
new file mode 100755
index 0000000..ea1ada3
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -s 'home/nobody' nobody)..."
+useradd -s 'home/nobody' nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config.txt b/tests/usertools/useradd/26_useradd_usage-o_without-u/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/default/useradd b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/group b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/gshadow b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/passwd b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/shadow b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/data/usage.out b/tests/usertools/useradd/26_useradd_usage-o_without-u/data/usage.out
new file mode 100644
index 0000000..f0e24c5
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/data/usage.out
@@ -0,0 +1,36 @@
+useradd: -o flag is only allowed with the -u flag
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/useradd.test b/tests/usertools/useradd/26_useradd_usage-o_without-u/useradd.test
new file mode 100755
index 0000000..36498ce
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -o without -u"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Allow duplicate UID without UID (useradd -o foo)..."
+useradd -o foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config.txt b/tests/usertools/useradd/27_useradd_usage-k_without-m/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/default/useradd b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/group b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/gshadow b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/passwd b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/shadow b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/data/usage.out b/tests/usertools/useradd/27_useradd_usage-k_without-m/data/usage.out
new file mode 100644
index 0000000..e27e5b6
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/data/usage.out
@@ -0,0 +1,36 @@
+useradd: -k flag is only allowed with the -m flag
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/useradd.test b/tests/usertools/useradd/27_useradd_usage-k_without-m/useradd.test
new file mode 100755
index 0000000..c64af4a
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -k without -m"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Copy skeleton without creating home dir (useradd -k foo)..."
+useradd -k foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config.txt b/tests/usertools/useradd/28_useradd_usage-U_with-g/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/default/useradd b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/group b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/gshadow b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/passwd b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/shadow b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/data/usage.out b/tests/usertools/useradd/28_useradd_usage-U_with-g/data/usage.out
new file mode 100644
index 0000000..3b030c3
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/data/usage.out
@@ -0,0 +1,36 @@
+useradd: options -U and -g conflict
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/useradd.test b/tests/usertools/useradd/28_useradd_usage-U_with-g/useradd.test
new file mode 100755
index 0000000..2a7b381
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -U with -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Usergroup and fixed group (useradd -U -g 100 foo)..."
+useradd -U -g 100 foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config.txt b/tests/usertools/useradd/29_useradd_usage-U_with-N/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/default/useradd b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/group b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/gshadow b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/passwd b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/shadow b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/data/usage.out b/tests/usertools/useradd/29_useradd_usage-U_with-N/data/usage.out
new file mode 100644
index 0000000..7a7bc5d
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/data/usage.out
@@ -0,0 +1,36 @@
+useradd: options -U and -N conflict
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/useradd.test b/tests/usertools/useradd/29_useradd_usage-U_with-N/useradd.test
new file mode 100755
index 0000000..57eabd3
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -U with -N"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Usergroup and no usergroup (useradd -U -N foo)..."
+useradd -U -N foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config.txt b/tests/usertools/useradd/30_useradd_usage-m_with-M/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/default/useradd b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/group b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/gshadow b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/passwd b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/shadow b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/data/usage.out b/tests/usertools/useradd/30_useradd_usage-m_with-M/data/usage.out
new file mode 100644
index 0000000..37a90dc
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/data/usage.out
@@ -0,0 +1,36 @@
+useradd: options -m and -M conflict
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/useradd.test b/tests/usertools/useradd/30_useradd_usage-m_with-M/useradd.test
new file mode 100755
index 0000000..80d7a5a
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -m with -M"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create and do not create home directory (useradd -M -m foo)..."
+useradd -M -m foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config.txt b/tests/usertools/useradd/31_useradd_usage_user_with-D/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/default/useradd b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/group b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/gshadow b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/passwd b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/shadow b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/data/usage.out b/tests/usertools/useradd/31_useradd_usage_user_with-D/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/useradd.test b/tests/usertools/useradd/31_useradd_usage_user_with-D/useradd.test
new file mode 100755
index 0000000..b66842b
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set defaulkt with useradd and specify an user (useradd -D nobody)..."
+useradd -D nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config.txt b/tests/usertools/useradd/32_useradd_usage-D_with_other/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/default/useradd b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/group b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/gshadow b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/passwd b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/shadow b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/data/usage.out b/tests/usertools/useradd/32_useradd_usage-D_with_other/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/useradd.test b/tests/usertools/useradd/32_useradd_usage-D_with_other/useradd.test
new file mode 100755
index 0000000..c3aacfb
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/useradd.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -m with -M"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for opt in "-u 1010" "-G nogroup" "-d /home/foo" "-c comment" "-m"
+do
+ echo -n "Call useradd -D with option $opt (useradd -D $opt)..."
+ useradd -D $opt 2>tmp/usage.out && exit 1 || {
+ status=$?
+ }
+
+ echo "OK"
+
+ echo -n "Check returned status ($status)..."
+ test "$status" = "2"
+ echo "OK"
+
+ echo "useradd reported:"
+ echo "======================================================================="
+ cat tmp/usage.out
+ echo "======================================================================="
+ echo -n "Check the usage message..."
+ diff -au data/usage.out tmp/usage.out
+ echo "usage message OK."
+ rm -f tmp/usage.out
+done
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config.txt b/tests/usertools/useradd/33_useradd_usage_invalid_username/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/default/useradd b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/group b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/gshadow b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/passwd b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/shadow b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/data/usage.out b/tests/usertools/useradd/33_useradd_usage_invalid_username/data/usage.out
new file mode 100644
index 0000000..c1c58fa
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid user name 'user:name'
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/useradd.test b/tests/usertools/useradd/33_useradd_usage_invalid_username/useradd.test
new file mode 100755
index 0000000..8024f7d
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd checks the username validity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid username (useradd user:name)..."
+useradd user:name 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config.txt b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/default/useradd b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/group b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/gshadow b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/passwd b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/shadow b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/passwd b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/passwd
new file mode 100644
index 0000000..540cc99
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:10::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/shadow b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/useradd.test b/tests/usertools/useradd/34_useradd_default_GROUP_GID/useradd.test
new file mode 100755
index 0000000..df98f82
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config.txt b/tests/usertools/useradd/35_useradd_default_GROUP_name/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/default/useradd b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/default/useradd
new file mode 100644
index 0000000..487e328
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=nogroup
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/group b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/gshadow b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/passwd b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/shadow b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/data/passwd b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/passwd
new file mode 100644
index 0000000..4e481a1
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:65534::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/data/shadow b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/useradd.test b/tests/usertools/useradd/35_useradd_default_GROUP_name/useradd.test
new file mode 100755
index 0000000..df98f82
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config.txt b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/default/useradd b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/default/useradd
new file mode 100644
index 0000000..4da665d
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=3000
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/group b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/gshadow b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/passwd b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/shadow b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/passwd b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/passwd
new file mode 100644
index 0000000..db82966
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:100::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/shadow b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/usage.out b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/usage.out
new file mode 100644
index 0000000..6e4920f
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/usage.out
@@ -0,0 +1,2 @@
+useradd: group '3000' does not exist
+useradd: the GROUP= configuration in /etc/default/useradd will be ignored
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test
new file mode 100755
index 0000000..c030cd2
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo 2>tmp/usage.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config.txt b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/default/useradd b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/default/useradd
new file mode 100644
index 0000000..3d298ac
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=invalidgroup
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/group b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/gshadow b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/passwd b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/shadow b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/passwd b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/passwd
new file mode 100644
index 0000000..db82966
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:100::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/shadow b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/usage.out b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/usage.out
new file mode 100644
index 0000000..06f5b8c
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/usage.out
@@ -0,0 +1,2 @@
+useradd: group 'invalidgroup' does not exist
+useradd: the GROUP= configuration in /etc/default/useradd will be ignored
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test
new file mode 100755
index 0000000..c030cd2
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo 2>tmp/usage.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config.txt b/tests/usertools/useradd/38_useradd_default_INACTIVE/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/default/useradd b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/default/useradd
new file mode 100644
index 0000000..095cf3d
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/group b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/gshadow b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/passwd b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/shadow b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/data/passwd b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/passwd
new file mode 100644
index 0000000..540cc99
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:10::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/data/shadow b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/shadow
new file mode 100644
index 0000000..b8db0a7
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:42:13849:
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/useradd.test b/tests/usertools/useradd/38_useradd_default_INACTIVE/useradd.test
new file mode 100755
index 0000000..dbee2ad
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the INACT default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config.txt b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/default/useradd b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..e7513e4
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=1a
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/group b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/gshadow b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/passwd b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/shadow b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/passwd b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/passwd
new file mode 100644
index 0000000..540cc99
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:10::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/shadow b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/shadow
new file mode 100644
index 0000000..39849f5
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7::13849:
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/usage.out b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/usage.out
new file mode 100644
index 0000000..d27941e
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid numeric argument '1a'
+useradd: the INACTIVE= configuration in /etc/default/useradd will be ignored
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test
new file mode 100755
index 0000000..c030cd2
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo 2>tmp/usage.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config.txt b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/default/useradd b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..b3f265e
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=-2
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/group b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/gshadow b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/passwd b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/shadow b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/passwd b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/passwd
new file mode 100644
index 0000000..540cc99
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:10::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/shadow b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/shadow
new file mode 100644
index 0000000..39849f5
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7::13849:
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/usage.out b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/usage.out
new file mode 100644
index 0000000..d301073
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid numeric argument '-2'
+useradd: the INACTIVE= configuration in /etc/default/useradd will be ignored
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test
new file mode 100755
index 0000000..c030cd2
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo 2>tmp/usage.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config.txt b/tests/usertools/useradd/41_useradd_default_default_SKEL/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/default/useradd b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/default/useradd
new file mode 100644
index 0000000..3fca45b
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/group b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/gshadow b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/passwd b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/shadow b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/data/defaults b/tests/usertools/useradd/41_useradd_default_default_SKEL/data/defaults
new file mode 100644
index 0000000..90cfe79
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/data/defaults
@@ -0,0 +1,7 @@
+GROUP=10
+HOME=/tmp
+INACTIVE=42
+EXPIRE=2007-12-02
+SHELL=/bin/foobar
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/useradd.test b/tests/usertools/useradd/41_useradd_default_default_SKEL/useradd.test
new file mode 100755
index 0000000..0ca12b6
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the defautl SKEL value is SKEL is set to empty"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get default value (useradd -D)..."
+useradd -D >tmp/defaults
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/defaults
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/defaults tmp/defaults
+echo "usage message OK."
+rm -f tmp/defaults
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config.txt b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/default/useradd b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/default/useradd
new file mode 100644
index 0000000..bbb85b4
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/group b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/gshadow b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/passwd b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/shadow b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/data/defaults b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/data/defaults
new file mode 100644
index 0000000..90cfe79
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/data/defaults
@@ -0,0 +1,7 @@
+GROUP=10
+HOME=/tmp
+INACTIVE=42
+EXPIRE=2007-12-02
+SHELL=/bin/foobar
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test
new file mode 100755
index 0000000..0ca12b6
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the defautl SKEL value is SKEL is set to empty"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get default value (useradd -D)..."
+useradd -D >tmp/defaults
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/defaults
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/defaults tmp/defaults
+echo "usage message OK."
+rm -f tmp/defaults
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config.txt b/tests/usertools/useradd/43_useradd_default_no_final_eol/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/default/useradd b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/default/useradd
new file mode 100644
index 0000000..b85eaf3
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/default/useradd
@@ -0,0 +1,37 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=
+# \ No newline at end of file
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/group b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/gshadow b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/passwd b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/shadow b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/data/useradd b/tests/usertools/useradd/43_useradd_default_no_final_eol/data/useradd
new file mode 100644
index 0000000..15084f0
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/data/useradd
@@ -0,0 +1,38 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/toto
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
+#
+SKEL=/etc/skel
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/useradd.test b/tests/usertools/useradd/43_useradd_default_no_final_eol/useradd.test
new file mode 100755
index 0000000..110e3ae
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/useradd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd accepts a line with no eol at eof"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set a default value (useradd -D -b /toto)..."
+useradd -D -b /toto
+echo "OK"
+
+echo -n "Check the default file..."
+diff -Nau data/useradd /etc/default/useradd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config.txt b/tests/usertools/useradd/44_useradd_default_no_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/default/useradd b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/default/useradd
new file mode 100644
index 0000000..b85eaf3
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/default/useradd
@@ -0,0 +1,37 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=
+# \ No newline at end of file
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/group b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/gshadow b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/passwd b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/shadow b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/data/useradd b/tests/usertools/useradd/44_useradd_default_no_file/data/useradd
new file mode 100644
index 0000000..796e8dd
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/data/useradd
@@ -0,0 +1,8 @@
+# useradd defaults file
+GROUP=100
+HOME=/toto
+INACTIVE=-1
+EXPIRE=
+SHELL=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/useradd.test b/tests/usertools/useradd/44_useradd_default_no_file/useradd.test
new file mode 100755
index 0000000..0bc2804
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/useradd.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can create a defaults file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete the defaults file..."
+rm -f /etc/default/useradd
+echo "OK"
+
+echo -n "Set a default value (useradd -D -b /toto)..."
+useradd -D -b /toto
+echo "OK"
+
+echo -n "Check the default file..."
+diff -Nau data/useradd /etc/default/useradd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config.txt b/tests/usertools/useradd/45_useradd-G_UID_name/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/default/useradd b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/group b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/gshadow b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/passwd b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/shadow b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/group b/tests/usertools/useradd/45_useradd-G_UID_name/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/gshadow b/tests/usertools/useradd/45_useradd-G_UID_name/data/gshadow
new file mode 100644
index 0000000..ec19c4a
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/passwd b/tests/usertools/useradd/45_useradd-G_UID_name/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/shadow b/tests/usertools/useradd/45_useradd-G_UID_name/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/useradd.test b/tests/usertools/useradd/45_useradd-G_UID_name/useradd.test
new file mode 100755
index 0000000..480c4a3
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user to specified groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..."
+useradd -G bin,adm,12,cdrom foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config.txt b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/default/useradd b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/group b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/gshadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/passwd b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/shadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/group b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/gshadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/gshadow
new file mode 100644
index 0000000..ec19c4a
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/passwd b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/shadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/useradd.test b/tests/usertools/useradd/46_useradd-G_UID_duplicate/useradd.test
new file mode 100755
index 0000000..1de8138
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user to specified groups (once)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom,12 foo)..."
+useradd -G bin,adm,12,cdrom,12 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config.txt b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/default/useradd b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/group b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/gshadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/passwd b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/shadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/group b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/gshadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/gshadow
new file mode 100644
index 0000000..ec19c4a
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/passwd b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/shadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test
new file mode 100755
index 0000000..cb7bed8
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user to specified groups (once)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom,man foo)..."
+useradd -G bin,adm,12,cdrom,man foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config.txt b/tests/usertools/useradd/48_useradd-G_name_duplicate/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/default/useradd b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/group b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/gshadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/passwd b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/shadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/group b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/gshadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/gshadow
new file mode 100644
index 0000000..ec19c4a
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/passwd b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/shadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/useradd.test b/tests/usertools/useradd/48_useradd-G_name_duplicate/useradd.test
new file mode 100755
index 0000000..44f63c1
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user to specified groups (once)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom,adm foo)..."
+useradd -G bin,adm,12,cdrom,adm foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config.txt b/tests/usertools/useradd/49_useradd-G_invalid_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/default/useradd b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/group b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/gshadow b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/passwd b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/shadow b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/data/usage.out b/tests/usertools/useradd/49_useradd-G_invalid_group/data/usage.out
new file mode 100644
index 0000000..23ea5dd
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/data/usage.out
@@ -0,0 +1 @@
+useradd: group 'cdromm' does not exist
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/useradd.test b/tests/usertools/useradd/49_useradd-G_invalid_group/useradd.test
new file mode 100755
index 0000000..5d16073
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd check the validity of groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups with an invalid group (useradd -G bin,adm,12,cdromm,adm foo)..."
+useradd -G bin,adm,12,cdromm,adm foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/50_useradd-r/config.txt b/tests/usertools/useradd/50_useradd-r/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/default/useradd b/tests/usertools/useradd/50_useradd-r/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/group b/tests/usertools/useradd/50_useradd-r/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/gshadow b/tests/usertools/useradd/50_useradd-r/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/passwd b/tests/usertools/useradd/50_useradd-r/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/shadow b/tests/usertools/useradd/50_useradd-r/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/50_useradd-r/data/group b/tests/usertools/useradd/50_useradd-r/data/group
new file mode 100644
index 0000000..b5b6ce2
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:
diff --git a/tests/usertools/useradd/50_useradd-r/data/gshadow b/tests/usertools/useradd/50_useradd-r/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/50_useradd-r/data/passwd b/tests/usertools/useradd/50_useradd-r/data/passwd
new file mode 100644
index 0000000..640a0cc
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:101:999::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/50_useradd-r/data/shadow b/tests/usertools/useradd/50_useradd-r/data/shadow
new file mode 100644
index 0000000..823c4c0
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@::::::
diff --git a/tests/usertools/useradd/50_useradd-r/useradd.test b/tests/usertools/useradd/50_useradd-r/useradd.test
new file mode 100755
index 0000000..0eacc6a
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can create system users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create system user foo (useradd -r foo)..."
+useradd -r foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config.txt b/tests/usertools/useradd/51_useradd_already_exist/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/default/useradd b/tests/usertools/useradd/51_useradd_already_exist/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/group b/tests/usertools/useradd/51_useradd_already_exist/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/gshadow b/tests/usertools/useradd/51_useradd_already_exist/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/passwd b/tests/usertools/useradd/51_useradd_already_exist/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/shadow b/tests/usertools/useradd/51_useradd_already_exist/config/etc/shadow
new file mode 100644
index 0000000..498ef86
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:*:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/51_useradd_already_exist/data/usage.out b/tests/usertools/useradd/51_useradd_already_exist/data/usage.out
new file mode 100644
index 0000000..5d12530
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/data/usage.out
@@ -0,0 +1 @@
+useradd: user 'foo' already exists
diff --git a/tests/usertools/useradd/51_useradd_already_exist/useradd.test b/tests/usertools/useradd/51_useradd_already_exist/useradd.test
new file mode 100755
index 0000000..539e718
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd checks ifthe requested new user already exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an existing user (useradd foo)..."
+useradd foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config.txt b/tests/usertools/useradd/52_useradd-U_group_already_exist/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/default/useradd b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/group b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/gshadow b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/passwd b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/shadow b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/data/usage.out b/tests/usertools/useradd/52_useradd-U_group_already_exist/data/usage.out
new file mode 100644
index 0000000..c000a60
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/data/usage.out
@@ -0,0 +1 @@
+useradd: group foo exists - if you want to add this user to that group, use -g.
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/useradd.test b/tests/usertools/useradd/52_useradd-U_group_already_exist/useradd.test
new file mode 100755
index 0000000..7fe651d
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd -U checks if a group with the same name already exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd -U with an existing group (useradd -U foo)..."
+useradd -U foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config.txt b/tests/usertools/useradd/53_useradd-G_empty/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/default/useradd b/tests/usertools/useradd/53_useradd-G_empty/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/group b/tests/usertools/useradd/53_useradd-G_empty/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/gshadow b/tests/usertools/useradd/53_useradd-G_empty/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/passwd b/tests/usertools/useradd/53_useradd-G_empty/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/shadow b/tests/usertools/useradd/53_useradd-G_empty/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/group b/tests/usertools/useradd/53_useradd-G_empty/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/gshadow b/tests/usertools/useradd/53_useradd-G_empty/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/passwd b/tests/usertools/useradd/53_useradd-G_empty/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/shadow b/tests/usertools/useradd/53_useradd-G_empty/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/53_useradd-G_empty/useradd.test b/tests/usertools/useradd/53_useradd-G_empty/useradd.test
new file mode 100755
index 0000000..8eac65e
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd accepts empty list of groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo with empty group list (useradd -G "" foo)..."
+useradd -G "" foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config.txt b/tests/usertools/useradd/54_useradd_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/group b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/data/group b/tests/usertools/useradd/54_useradd_no_shadow_file/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/data/gshadow b/tests/usertools/useradd/54_useradd_no_shadow_file/data/gshadow
new file mode 100644
index 0000000..ec19c4a
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/data/passwd b/tests/usertools/useradd/54_useradd_no_shadow_file/data/passwd
new file mode 100644
index 0000000..e2c466a
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/useradd.test b/tests/usertools/useradd/54_useradd_no_shadow_file/useradd.test
new file mode 100755
index 0000000..c7ab56b
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/useradd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user even if /etc/shadow is missing"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..."
+useradd -G bin,adm,12,cdrom foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config.txt b/tests/usertools/useradd/55_useradd_no_gshadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/default/useradd b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/group b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/gshadow b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/passwd b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/shadow b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/data/group b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/group
new file mode 100644
index 0000000..eb2e1b5
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:!:1000:
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/data/passwd b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/data/shadow b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/useradd.test b/tests/usertools/useradd/55_useradd_no_gshadow_file/useradd.test
new file mode 100755
index 0000000..b5519b9
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/useradd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user and groups even if /etc/gshadow is missing"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/gshadow..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..."
+useradd -G bin,adm,12,cdrom foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config.txt b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/default/useradd b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/group b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/gshadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/gshadow
new file mode 100644
index 0000000..3c9bae9
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test:x::
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/passwd b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/shadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/group b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/gshadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/gshadow
new file mode 100644
index 0000000..fd939a3
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test:x::
+foo:!::
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/passwd b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/shadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test
new file mode 100755
index 0000000..c8a6666
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user and groups even if /etc/gshadow is missing"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..."
+useradd -G bin,adm,12,cdrom foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config.txt b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/default/useradd b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/group b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/gshadow b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/passwd b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/shadow b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/data/usage.out b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+ useradd -D
+ useradd -D [options]
+
+Options:
+ -b, --base-dir BASE_DIR base directory for the home directory of the
+ new account
+ -c, --comment COMMENT GECOS field of the new account
+ -d, --home-dir HOME_DIR home directory of the new account
+ -D, --defaults print or change default useradd configuration
+ -e, --expiredate EXPIRE_DATE expiration date of the new account
+ -f, --inactive INACTIVE password inactivity period of the new account
+ -g, --gid GROUP name or ID of the primary group of the new
+ account
+ -G, --groups GROUPS list of supplementary groups of the new
+ account
+ -h, --help display this help message and exit
+ -k, --skel SKEL_DIR use this alternative skeleton directory
+ -K, --key KEY=VALUE override /etc/login.defs defaults
+ -l, --no-log-init do not add the user to the lastlog and
+ faillog databases
+ -m, --create-home create the user's home directory
+ -M, --no-create-home do not create the user's home directory
+ -N, --no-user-group do not create a group with the same name as
+ the user
+ -o, --non-unique allow to create users with duplicate
+ (non-unique) UID
+ -p, --password PASSWORD encrypted password of the new account
+ -r, --system create a system account
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL login shell of the new account
+ -u, --uid UID user ID of the new account
+ -U, --user-group create a group with the same name as the user
+ -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test
new file mode 100755
index 0000000..97e011d
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with -D as second option (useradd -f 12 -D)..."
+useradd -f 12 -D 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config.txt b/tests/usertools/useradd/58_useradd-e_empty/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/default/useradd b/tests/usertools/useradd/58_useradd-e_empty/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/group b/tests/usertools/useradd/58_useradd-e_empty/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/gshadow b/tests/usertools/useradd/58_useradd-e_empty/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/passwd b/tests/usertools/useradd/58_useradd-e_empty/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/shadow b/tests/usertools/useradd/58_useradd-e_empty/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/group b/tests/usertools/useradd/58_useradd-e_empty/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/gshadow b/tests/usertools/useradd/58_useradd-e_empty/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/passwd b/tests/usertools/useradd/58_useradd-e_empty/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/shadow b/tests/usertools/useradd/58_useradd-e_empty/data/shadow
new file mode 100644
index 0000000..949c978
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12::
diff --git a/tests/usertools/useradd/58_useradd-e_empty/useradd.test b/tests/usertools/useradd/58_useradd-e_empty/useradd.test
new file mode 100755
index 0000000..ab90d67
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd accepts empty list of groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo without expiry (useradd -e "" foo)..."
+useradd -e "" foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config.txt b/tests/usertools/useradd/59_useradd-e-1-f-1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/default/useradd b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/group b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/gshadow b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/passwd b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/shadow b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/group b/tests/usertools/useradd/59_useradd-e-1-f-1/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/gshadow b/tests/usertools/useradd/59_useradd-e-1-f-1/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/passwd b/tests/usertools/useradd/59_useradd-e-1-f-1/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/shadow b/tests/usertools/useradd/59_useradd-e-1-f-1/data/shadow
new file mode 100644
index 0000000..602bef5
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/useradd.test b/tests/usertools/useradd/59_useradd-e-1-f-1/useradd.test
new file mode 100755
index 0000000..ff5233c
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd accepts -1 as expiry and inactivity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo without expiry (useradd -e -1 -f -1 foo)..."
+useradd -e -1 -f -1 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config.txt b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/group b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/group b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/gshadow b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/passwd b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/passwd
new file mode 100644
index 0000000..e2c466a
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test
new file mode 100755
index 0000000..0170ef8
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd accepts -1 as expiry and inactivity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Create user foo without expiry (useradd -e -1 -f -1 foo)..."
+useradd -e -1 -f -1 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/61_useradd-K/config.txt b/tests/usertools/useradd/61_useradd-K/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/default/useradd b/tests/usertools/useradd/61_useradd-K/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/group b/tests/usertools/useradd/61_useradd-K/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/gshadow b/tests/usertools/useradd/61_useradd-K/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/passwd b/tests/usertools/useradd/61_useradd-K/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/shadow b/tests/usertools/useradd/61_useradd-K/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/61_useradd-K/data/group b/tests/usertools/useradd/61_useradd-K/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/61_useradd-K/data/gshadow b/tests/usertools/useradd/61_useradd-K/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/61_useradd-K/data/passwd b/tests/usertools/useradd/61_useradd-K/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/61_useradd-K/data/shadow b/tests/usertools/useradd/61_useradd-K/data/shadow
new file mode 100644
index 0000000..bfd9ffa
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:42:7:12:13849:
diff --git a/tests/usertools/useradd/61_useradd-K/useradd.test b/tests/usertools/useradd/61_useradd-K/useradd.test
new file mode 100755
index 0000000..3a8ee29
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses -K options"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo and set option with -K (useradd -K PASS_MAX_DAYS=42 foo)..."
+useradd -K PASS_MAX_DAYS=42 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/62_useradd-p/config.txt b/tests/usertools/useradd/62_useradd-p/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/default/useradd b/tests/usertools/useradd/62_useradd-p/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/group b/tests/usertools/useradd/62_useradd-p/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/gshadow b/tests/usertools/useradd/62_useradd-p/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/passwd b/tests/usertools/useradd/62_useradd-p/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/shadow b/tests/usertools/useradd/62_useradd-p/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/62_useradd-p/data/group b/tests/usertools/useradd/62_useradd-p/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/62_useradd-p/data/gshadow b/tests/usertools/useradd/62_useradd-p/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/62_useradd-p/data/passwd b/tests/usertools/useradd/62_useradd-p/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/62_useradd-p/data/shadow b/tests/usertools/useradd/62_useradd-p/data/shadow
new file mode 100644
index 0000000..4abac0c
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:fooPass:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/62_useradd-p/useradd.test b/tests/usertools/useradd/62_useradd-p/useradd.test
new file mode 100755
index 0000000..655f871
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "The -p option can set the password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo and set password (useradd -p fooPass foo)..."
+useradd -p fooPass foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/63_useradd-s/config.txt b/tests/usertools/useradd/63_useradd-s/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/default/useradd b/tests/usertools/useradd/63_useradd-s/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/group b/tests/usertools/useradd/63_useradd-s/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/gshadow b/tests/usertools/useradd/63_useradd-s/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/passwd b/tests/usertools/useradd/63_useradd-s/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/shadow b/tests/usertools/useradd/63_useradd-s/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/63_useradd-s/data/group b/tests/usertools/useradd/63_useradd-s/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/63_useradd-s/data/gshadow b/tests/usertools/useradd/63_useradd-s/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/63_useradd-s/data/passwd b/tests/usertools/useradd/63_useradd-s/data/passwd
new file mode 100644
index 0000000..5c7dfc4
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:*/bin/dash
diff --git a/tests/usertools/useradd/63_useradd-s/data/shadow b/tests/usertools/useradd/63_useradd-s/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/63_useradd-s/useradd.test b/tests/usertools/useradd/63_useradd-s/useradd.test
new file mode 100755
index 0000000..99e783b
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "The -s option can change the default shell"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo and set shell (useradd -s \"*/bin/dash\" foo)..."
+useradd -s "*/bin/dash" foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config.txt b/tests/usertools/useradd/64_useradd_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config.txt
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/default/useradd b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/group b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/gshadow b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/passwd b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/shadow b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/data/useradd.err b/tests/usertools/useradd/64_useradd_locked_passwd/data/useradd.err
new file mode 100644
index 0000000..c4b6ed3
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/passwd.lock without a PID
+useradd: cannot lock /etc/passwd; try again later.
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/useradd.test b/tests/usertools/useradd/64_useradd_locked_passwd/useradd.test
new file mode 100755
index 0000000..8dde325
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd -G checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config.txt b/tests/usertools/useradd/65_useradd_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config.txt
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/default/useradd b/tests/usertools/useradd/65_useradd_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/group b/tests/usertools/useradd/65_useradd_locked_group/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/gshadow b/tests/usertools/useradd/65_useradd_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/passwd b/tests/usertools/useradd/65_useradd_locked_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/shadow b/tests/usertools/useradd/65_useradd_locked_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/65_useradd_locked_group/data/useradd.err b/tests/usertools/useradd/65_useradd_locked_group/data/useradd.err
new file mode 100644
index 0000000..b36210f
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/group.lock without a PID
+useradd: cannot lock /etc/group; try again later.
diff --git a/tests/usertools/useradd/65_useradd_locked_group/useradd.test b/tests/usertools/useradd/65_useradd_locked_group/useradd.test
new file mode 100755
index 0000000..e6583ba
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd -G checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config.txt b/tests/usertools/useradd/66_useradd_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config.txt
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/default/useradd b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/group b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/gshadow b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/passwd b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/shadow b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/data/useradd.err b/tests/usertools/useradd/66_useradd_locked_shadow/data/useradd.err
new file mode 100644
index 0000000..a29346a
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/shadow.lock without a PID
+useradd: cannot lock /etc/shadow; try again later.
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/useradd.test b/tests/usertools/useradd/66_useradd_locked_shadow/useradd.test
new file mode 100755
index 0000000..24ef14f
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd -G checks if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config.txt b/tests/usertools/useradd/67_useradd_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config.txt
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/default/useradd b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/group b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/gshadow b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/passwd b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/shadow b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/data/useradd.err b/tests/usertools/useradd/67_useradd_locked_gshadow/data/useradd.err
new file mode 100644
index 0000000..9155bfd
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/gshadow.lock without a PID
+useradd: cannot lock /etc/gshadow; try again later.
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/useradd.test b/tests/usertools/useradd/67_useradd_locked_gshadow/useradd.test
new file mode 100755
index 0000000..71f7dc0
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd -G checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config.txt b/tests/usertools/useradd/68_useradd-s_empty/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/default/useradd b/tests/usertools/useradd/68_useradd-s_empty/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/group b/tests/usertools/useradd/68_useradd-s_empty/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/gshadow b/tests/usertools/useradd/68_useradd-s_empty/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/passwd b/tests/usertools/useradd/68_useradd-s_empty/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/shadow b/tests/usertools/useradd/68_useradd-s_empty/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/group b/tests/usertools/useradd/68_useradd-s_empty/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/gshadow b/tests/usertools/useradd/68_useradd-s_empty/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/passwd b/tests/usertools/useradd/68_useradd-s_empty/data/passwd
new file mode 100644
index 0000000..8a4ebe5
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:
diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/shadow b/tests/usertools/useradd/68_useradd-s_empty/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/68_useradd-s_empty/useradd.test b/tests/usertools/useradd/68_useradd-s_empty/useradd.test
new file mode 100755
index 0000000..448000c
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "The -s option can set an empty shell"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo and set empty shell (useradd -s \"\" foo)..."
+useradd -s "" foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/01_userdel_usage/config.txt b/tests/usertools/userdel/01_userdel_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/default/useradd b/tests/usertools/userdel/01_userdel_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/group b/tests/usertools/userdel/01_userdel_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/gshadow b/tests/usertools/userdel/01_userdel_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/passwd b/tests/usertools/userdel/01_userdel_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/shadow b/tests/usertools/userdel/01_userdel_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/01_userdel_usage/data/usage.out b/tests/usertools/userdel/01_userdel_usage/data/usage.out
new file mode 100644
index 0000000..955c793
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/data/usage.out
@@ -0,0 +1,10 @@
+Usage: userdel [options] LOGIN
+
+Options:
+ -f, --force force removal of files,
+ even if not owned by user
+ -h, --help display this help message and exit
+ -r, --remove remove home directory and mail spool
+ -R, --root CHROOT_DIR directory to chroot into
+ -Z, --selinux-user remove any SELinux user mapping for the user
+
diff --git a/tests/usertools/userdel/01_userdel_usage/userdel.test b/tests/usertools/userdel/01_userdel_usage/userdel.test
new file mode 100755
index 0000000..6d2b9e8
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/userdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get userdel usage (userdel -h)..."
+userdel -h >tmp/usage.out
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config.txt b/tests/usertools/userdel/02_userdel_usage_invalid_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/default/useradd b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/group b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/gshadow b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/passwd b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/shadow b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/data/usage.out b/tests/usertools/userdel/02_userdel_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..a0dcbf8
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/data/usage.out
@@ -0,0 +1,11 @@
+userdel: unrecognized option '--foo'
+Usage: userdel [options] LOGIN
+
+Options:
+ -f, --force force removal of files,
+ even if not owned by user
+ -h, --help display this help message and exit
+ -r, --remove remove home directory and mail spool
+ -R, --root CHROOT_DIR directory to chroot into
+ -Z, --selinux-user remove any SELinux user mapping for the user
+
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/userdel.test b/tests/usertools/userdel/02_userdel_usage_invalid_option/userdel.test
new file mode 100755
index 0000000..7d134f0
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call userdel with an invalid option (userdel --foo)..."
+userdel --foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config.txt b/tests/usertools/userdel/03_userdel_usage_no_users/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/default/useradd b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/group b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/gshadow b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/passwd b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/shadow b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/data/usage.out b/tests/usertools/userdel/03_userdel_usage_no_users/data/usage.out
new file mode 100644
index 0000000..955c793
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/data/usage.out
@@ -0,0 +1,10 @@
+Usage: userdel [options] LOGIN
+
+Options:
+ -f, --force force removal of files,
+ even if not owned by user
+ -h, --help display this help message and exit
+ -r, --remove remove home directory and mail spool
+ -R, --root CHROOT_DIR directory to chroot into
+ -Z, --selinux-user remove any SELinux user mapping for the user
+
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/userdel.test b/tests/usertools/userdel/03_userdel_usage_no_users/userdel.test
new file mode 100755
index 0000000..9bf3685
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call userdel without an user (userdel -f)..."
+userdel -f 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config.txt b/tests/usertools/userdel/04_userdel_usage_2_users/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/default/useradd b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/group b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/gshadow b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/passwd b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/shadow b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/data/usage.out b/tests/usertools/userdel/04_userdel_usage_2_users/data/usage.out
new file mode 100644
index 0000000..955c793
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/data/usage.out
@@ -0,0 +1,10 @@
+Usage: userdel [options] LOGIN
+
+Options:
+ -f, --force force removal of files,
+ even if not owned by user
+ -h, --help display this help message and exit
+ -r, --remove remove home directory and mail spool
+ -R, --root CHROOT_DIR directory to chroot into
+ -Z, --selinux-user remove any SELinux user mapping for the user
+
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/userdel.test b/tests/usertools/userdel/04_userdel_usage_2_users/userdel.test
new file mode 100755
index 0000000..6788240
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call userdel with 2 users (userdel -f bin nobody)..."
+userdel -f bin nobody 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config.txt b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/default/useradd b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/group b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/gshadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/login.defs b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/login.defs
new file mode 100644
index 0000000..7f41dc8
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB no
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/passwd b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/shadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/group b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/group
new file mode 100644
index 0000000..c60d727
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/gshadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/passwd b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/shadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test
new file mode 100755
index 0000000..83e801f
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if USERGROUPS_ENAB is disabled"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config.txt b/tests/usertools/userdel/06_userdel_no_usergroup/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/default/useradd b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/group b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/group
new file mode 100644
index 0000000..d5d74e2
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/gshadow b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/gshadow
new file mode 100644
index 0000000..5e2c5d3
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/login.defs b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/passwd b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/shadow b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/group b/tests/usertools/userdel/06_userdel_no_usergroup/data/group
new file mode 100644
index 0000000..15f4c27
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/gshadow b/tests/usertools/userdel/06_userdel_no_usergroup/data/gshadow
new file mode 100644
index 0000000..5e2c5d3
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/passwd b/tests/usertools/userdel/06_userdel_no_usergroup/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/shadow b/tests/usertools/userdel/06_userdel_no_usergroup/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/userdel.test b/tests/usertools/userdel/06_userdel_no_usergroup/userdel.test
new file mode 100755
index 0000000..f0907c6
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if it has a different name"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config.txt b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/default/useradd b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/group b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/group
new file mode 100644
index 0000000..c39e02c
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/gshadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/gshadow
new file mode 100644
index 0000000..75ecdfe
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo1:*::
+foo2:*::
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/login.defs b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/passwd b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/shadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/group b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/group
new file mode 100644
index 0000000..3aa5282
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/gshadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/gshadow
new file mode 100644
index 0000000..75ecdfe
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo1:*::
+foo2:*::
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/passwd b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/shadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/userdel.out b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/userdel.out
new file mode 100644
index 0000000..0ccbef6
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/userdel.out
@@ -0,0 +1 @@
+userdel: group foo not removed because it is not the primary group of user foo.
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/userdel.test b/tests/usertools/userdel/07_userdel_usergroup_not_primary/userdel.test
new file mode 100755
index 0000000..9ff44d4
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/userdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if it has a different name"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.out
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/userdel.out tmp/userdel.out
+echo "usage message OK."
+rm -f tmp/userdel.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config.txt b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/default/useradd b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/group b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/group
new file mode 100644
index 0000000..ff15b82
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo2
+foo2:x:1001:
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/gshadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/gshadow
new file mode 100644
index 0000000..50ca6ce
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo2
+foo2:*::
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/login.defs b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/passwd b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/shadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/group b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/group
new file mode 100644
index 0000000..5e4034b
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo2
+foo2:x:1001:
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/gshadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/gshadow
new file mode 100644
index 0000000..50ca6ce
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo2
+foo2:*::
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/passwd b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/shadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/userdel.out b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/userdel.out
new file mode 100644
index 0000000..2dc27c8
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/userdel.out
@@ -0,0 +1 @@
+userdel: group foo not removed because it has other members.
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test
new file mode 100755
index 0000000..69fc339
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if is has other members"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.out
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/userdel.out tmp/userdel.out
+echo "usage message OK."
+rm -f tmp/userdel.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config.txt b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/default/useradd b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/group b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/group
new file mode 100644
index 0000000..ff15b82
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo2
+foo2:x:1001:
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/gshadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/login.defs b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/passwd b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/shadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/group b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/group
new file mode 100644
index 0000000..5e4034b
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo2
+foo2:x:1001:
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/gshadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/passwd b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/shadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/userdel.out b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/userdel.out
new file mode 100644
index 0000000..2dc27c8
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/userdel.out
@@ -0,0 +1 @@
+userdel: group foo not removed because it has other members.
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test
new file mode 100755
index 0000000..2387401
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group from gshadow if there were no additional members in gshadow but there were in group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.out
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/userdel.out tmp/userdel.out
+echo "usage message OK."
+rm -f tmp/userdel.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config.txt b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/default/useradd b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/group b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/gshadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/passwd b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/shadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/group b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/gshadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/passwd b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/shadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/userdel.err b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/userdel.err
new file mode 100644
index 0000000..893b416
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/userdel.err
@@ -0,0 +1 @@
+userdel: /home/foo is a symbolic link, not removing
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/userdel.test b/tests/usertools/userdel/10_userdel_del_homedir_symlink/userdel.test
new file mode 100755
index 0000000..eb9c6fe
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/userdel.test
@@ -0,0 +1,72 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not delete the user's home directory as symlink"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /var/mail/foo /home/foo /home/foo2' 0
+
+change_config
+
+mkdir /home/foo2
+touch /home/foo2/file
+chown -R foo:foo /home/foo2
+ln -s foo2 /home/foo
+touch /var/mail/foo
+chown --no-dereference foo:foo /var/mail/foo /home/foo
+
+echo -n "Delete user foo (userdel -r foo)..."
+userdel -r foo 2>tmp/userdel.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo "The user should have been removed."
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was not removed..."
+test -L /home/foo
+test -d /home/foo2
+test -f /home/foo2/file
+echo "OK"
+echo -n "Check the user's mail spool was removed..."
+test ! -f /var/mail/foo
+echo "OK"
+rm -rf /home/foo /home/foo2
+
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config.txt b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/default/useradd b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/group b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/gshadow b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/passwd b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/shadow b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/data/passwd b/tests/usertools/usermod/01_usermod-p_no_shadow_file/data/passwd
new file mode 100644
index 0000000..d9798a6
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/usermod.test b/tests/usertools/usermod/01_usermod-p_no_shadow_file/usermod.test
new file mode 100755
index 0000000..e272fc8
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/usermod.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not require a shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Change the user's password (usermod -p foopass foo)..."
+usermod -p foopass foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config.txt b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/default/useradd b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/group b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/gshadow b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/passwd b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/shadow b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/data/passwd b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9798a6
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test
new file mode 100755
index 0000000..a5231c5
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not require a shadow entry"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's password (usermod -p foopass foo)..."
+usermod -p foopass foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config.txt b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/default/useradd b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/group b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/gshadow b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/passwd b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/shadow b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/data/shadow b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/data/shadow
new file mode 100644
index 0000000..0c6770f
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:foopass:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test
new file mode 100755
index 0000000..3cdfabc
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not require a shadow entry"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's password (usermod -p foopass foo)..."
+usermod -p foopass foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config.txt b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/default/useradd b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/group b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/gshadow b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/passwd b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/shadow b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/shadow
new file mode 100644
index 0000000..151547d
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!oldpass:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test
new file mode 100755
index 0000000..9f4907f
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to lock an already locked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock foo's password (usermod -L foo)..."
+usermod -L foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config.txt b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/default/useradd b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/group b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/gshadow b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/passwd b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/passwd
new file mode 100644
index 0000000..9abcbc4
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/shadow b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/shadow
new file mode 100644
index 0000000..6e9fa8e
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/data/shadow b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/data/shadow
new file mode 100644
index 0000000..18b71a2
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!blahblahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test
new file mode 100755
index 0000000..bd8e338
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to lock an already locked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock foo's password (usermod -L foo)..."
+usermod -L foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config.txt b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/default/useradd b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/group b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/gshadow b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/passwd b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/passwd
new file mode 100644
index 0000000..9abcbc4
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/shadow b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test
new file mode 100755
index 0000000..9f4907f
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to lock an already locked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock foo's password (usermod -L foo)..."
+usermod -L foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config.txt b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/default/useradd b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/group b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/gshadow b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/passwd b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/shadow b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/shadow
new file mode 100644
index 0000000..6e9fa8e
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test
new file mode 100755
index 0000000..68c6d4c
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to unlock an already unlocked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unlock foo's password (usermod -U foo)..."
+usermod -U foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config.txt b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/default/useradd b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/group b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/gshadow b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/passwd b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/shadow b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/shadow
new file mode 100644
index 0000000..3d01e1a
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!unusedblahblahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/data/shadow b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/data/shadow
new file mode 100644
index 0000000..646a9a5
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:unusedblahblahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test
new file mode 100755
index 0000000..a845677
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to unlock an already unlocked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unlock foo's password (usermod -U foo)..."
+usermod -U foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config.txt b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/default/useradd b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/group b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/gshadow b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/passwd b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/shadow b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test
new file mode 100755
index 0000000..68c6d4c
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to unlock an already unlocked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unlock foo's password (usermod -U foo)..."
+usermod -U foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/10_usermod_usage/config.txt b/tests/usertools/usermod/10_usermod_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/default/useradd b/tests/usertools/usermod/10_usermod_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/group b/tests/usertools/usermod/10_usermod_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/gshadow b/tests/usertools/usermod/10_usermod_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/passwd b/tests/usertools/usermod/10_usermod_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/shadow b/tests/usertools/usermod/10_usermod_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/10_usermod_usage/data/usage.out b/tests/usertools/usermod/10_usermod_usage/data/usage.out
new file mode 100644
index 0000000..6e12e63
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/data/usage.out
@@ -0,0 +1,30 @@
+Usage: usermod [options] LOGIN
+
+Options:
+ -c, --comment COMMENT new value of the GECOS field
+ -d, --home HOME_DIR new home directory for the user account
+ -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -f, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -g, --gid GROUP force use GROUP as new primary group
+ -G, --groups GROUPS new list of supplementary GROUPS
+ -a, --append append the user to the supplemental GROUPS
+ mentioned by the -G option without removing
+ him/her from other groups
+ -h, --help display this help message and exit
+ -l, --login NEW_LOGIN new value of the login name
+ -L, --lock lock the user account
+ -m, --move-home move contents of the home directory to the
+ new location (use only with -d)
+ -o, --non-unique allow using duplicate (non-unique) UID
+ -p, --password PASSWORD use encrypted password for the new password
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+ -u, --uid UID new UID for the user account
+ -U, --unlock unlock the user account
+ -v, --add-subuids FIRST-LAST add range of subordinate uids
+ -V, --del-subuids FIRST-LAST remove range of subordinate uids
+ -w, --add-subgids FIRST-LAST add range of subordinate gids
+ -W, --del-subgids FIRST-LAST remove range of subordinate gids
+ -Z, --selinux-user SEUSER new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/10_usermod_usage/usermod.test b/tests/usertools/usermod/10_usermod_usage/usermod.test
new file mode 100755
index 0000000..2f96442
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/usermod.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get usermod usage (usermod -h)..."
+usermod -h >tmp/usage.out
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config.txt b/tests/usertools/usermod/11_usermod_usage_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/default/useradd b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/group b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/gshadow b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/passwd b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/shadow b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/data/usage.out b/tests/usertools/usermod/11_usermod_usage_bad_option/data/usage.out
new file mode 100644
index 0000000..e228571
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/data/usage.out
@@ -0,0 +1,31 @@
+usermod: unrecognized option '--foo'
+Usage: usermod [options] LOGIN
+
+Options:
+ -c, --comment COMMENT new value of the GECOS field
+ -d, --home HOME_DIR new home directory for the user account
+ -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -f, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -g, --gid GROUP force use GROUP as new primary group
+ -G, --groups GROUPS new list of supplementary GROUPS
+ -a, --append append the user to the supplemental GROUPS
+ mentioned by the -G option without removing
+ him/her from other groups
+ -h, --help display this help message and exit
+ -l, --login NEW_LOGIN new value of the login name
+ -L, --lock lock the user account
+ -m, --move-home move contents of the home directory to the
+ new location (use only with -d)
+ -o, --non-unique allow using duplicate (non-unique) UID
+ -p, --password PASSWORD use encrypted password for the new password
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+ -u, --uid UID new UID for the user account
+ -U, --unlock unlock the user account
+ -v, --add-subuids FIRST-LAST add range of subordinate uids
+ -V, --del-subuids FIRST-LAST remove range of subordinate uids
+ -w, --add-subgids FIRST-LAST add range of subordinate gids
+ -W, --del-subgids FIRST-LAST remove range of subordinate gids
+ -Z, --selinux-user SEUSER new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/usermod.test b/tests/usertools/usermod/11_usermod_usage_bad_option/usermod.test
new file mode 100755
index 0000000..a5ebf49
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod displays its usage message in case on non recognized option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get usermod usage (usermod --foo)..."
+usermod --foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config.txt b/tests/usertools/usermod/12_usermod_usage_bad-f/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/default/useradd b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/group b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/gshadow b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/passwd b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/shadow b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/data/usermod.err b/tests/usertools/usermod/12_usermod_usage_bad-f/data/usermod.err
new file mode 100644
index 0000000..e5438f4
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid numeric argument 'bar'
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/usermod.test b/tests/usertools/usermod/12_usermod_usage_bad-f/usermod.test
new file mode 100755
index 0000000..68a6563
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that the number of inactive days is a number"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use -f without a number (usermod -f bar foo)..."
+usermod -f bar foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config.txt b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/default/useradd b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/group b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/gshadow b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/passwd b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/shadow b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/data/usermod.err b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/data/usermod.err
new file mode 100644
index 0000000..4e80b68
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid numeric argument '-2'
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test
new file mode 100755
index 0000000..b7655a3
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod displays its usage message in case when -f receive a wrong number"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set number of inactive days to -2 (usermod -f -2)..."
+usermod -f -2 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config.txt b/tests/usertools/usermod/14_usermod_usage_no_options/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/default/useradd b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/group b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/gshadow b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/passwd b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/shadow b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/data/usage.out b/tests/usertools/usermod/14_usermod_usage_no_options/data/usage.out
new file mode 100644
index 0000000..f2a56d7
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/data/usage.out
@@ -0,0 +1,31 @@
+usermod: no options
+Usage: usermod [options] LOGIN
+
+Options:
+ -c, --comment COMMENT new value of the GECOS field
+ -d, --home HOME_DIR new home directory for the user account
+ -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -f, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -g, --gid GROUP force use GROUP as new primary group
+ -G, --groups GROUPS new list of supplementary GROUPS
+ -a, --append append the user to the supplemental GROUPS
+ mentioned by the -G option without removing
+ him/her from other groups
+ -h, --help display this help message and exit
+ -l, --login NEW_LOGIN new value of the login name
+ -L, --lock lock the user account
+ -m, --move-home move contents of the home directory to the
+ new location (use only with -d)
+ -o, --non-unique allow using duplicate (non-unique) UID
+ -p, --password PASSWORD use encrypted password for the new password
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+ -u, --uid UID new UID for the user account
+ -U, --unlock unlock the user account
+ -v, --add-subuids FIRST-LAST add range of subordinate uids
+ -V, --del-subuids FIRST-LAST remove range of subordinate uids
+ -w, --add-subgids FIRST-LAST add range of subordinate gids
+ -W, --del-subgids FIRST-LAST remove range of subordinate gids
+ -Z, --selinux-user SEUSER new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/usermod.test b/tests/usertools/usermod/14_usermod_usage_no_options/usermod.test
new file mode 100755
index 0000000..caa9de7
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that there is actually something to change"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user foo (usermod foo)..."
+usermod foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config.txt b/tests/usertools/usermod/15_usermod_usage_no_user/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/default/useradd b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/group b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/gshadow b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/passwd b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/shadow b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/data/usage.out b/tests/usertools/usermod/15_usermod_usage_no_user/data/usage.out
new file mode 100644
index 0000000..6e12e63
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/data/usage.out
@@ -0,0 +1,30 @@
+Usage: usermod [options] LOGIN
+
+Options:
+ -c, --comment COMMENT new value of the GECOS field
+ -d, --home HOME_DIR new home directory for the user account
+ -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -f, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -g, --gid GROUP force use GROUP as new primary group
+ -G, --groups GROUPS new list of supplementary GROUPS
+ -a, --append append the user to the supplemental GROUPS
+ mentioned by the -G option without removing
+ him/her from other groups
+ -h, --help display this help message and exit
+ -l, --login NEW_LOGIN new value of the login name
+ -L, --lock lock the user account
+ -m, --move-home move contents of the home directory to the
+ new location (use only with -d)
+ -o, --non-unique allow using duplicate (non-unique) UID
+ -p, --password PASSWORD use encrypted password for the new password
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+ -u, --uid UID new UID for the user account
+ -U, --unlock unlock the user account
+ -v, --add-subuids FIRST-LAST add range of subordinate uids
+ -V, --del-subuids FIRST-LAST remove range of subordinate uids
+ -w, --add-subgids FIRST-LAST add range of subordinate gids
+ -W, --del-subgids FIRST-LAST remove range of subordinate gids
+ -Z, --selinux-user SEUSER new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/usermod.test b/tests/usertools/usermod/15_usermod_usage_no_user/usermod.test
new file mode 100755
index 0000000..98e8c09
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that the user to be changed is provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change a user name (usermod -l bar)..."
+usermod -l bar 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config.txt b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/default/useradd b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/group b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/gshadow b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/passwd b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/shadow b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/data/usage.out b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/data/usage.out
new file mode 100644
index 0000000..4068a75
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/data/usage.out
@@ -0,0 +1 @@
+usermod: shadow passwords required for -e and -f
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test
new file mode 100755
index 0000000..1cf05f5
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that the shadow file exist for option -e"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Change expire date (usermod -e 10 foo)..."
+usermod -e 10 foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config.txt b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/default/useradd b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/group b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/gshadow b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/passwd b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/shadow b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/data/usage.out b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/data/usage.out
new file mode 100644
index 0000000..4068a75
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/data/usage.out
@@ -0,0 +1 @@
+usermod: shadow passwords required for -e and -f
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test
new file mode 100755
index 0000000..f62a292
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that the shadow file exist for option -f"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Change number of inactive days (usermod -f 10 foo)..."
+usermod -f 10 foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config.txt b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/default/useradd b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/group b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/gshadow b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/passwd b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/shadow b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/data/usage.out b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/data/usage.out
new file mode 100644
index 0000000..97b98e8
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/data/usage.out
@@ -0,0 +1,31 @@
+usermod: the -L, -p, and -U flags are exclusive
+Usage: usermod [options] LOGIN
+
+Options:
+ -c, --comment COMMENT new value of the GECOS field
+ -d, --home HOME_DIR new home directory for the user account
+ -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -f, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -g, --gid GROUP force use GROUP as new primary group
+ -G, --groups GROUPS new list of supplementary GROUPS
+ -a, --append append the user to the supplemental GROUPS
+ mentioned by the -G option without removing
+ him/her from other groups
+ -h, --help display this help message and exit
+ -l, --login NEW_LOGIN new value of the login name
+ -L, --lock lock the user account
+ -m, --move-home move contents of the home directory to the
+ new location (use only with -d)
+ -o, --non-unique allow using duplicate (non-unique) UID
+ -p, --password PASSWORD use encrypted password for the new password
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+ -u, --uid UID new UID for the user account
+ -U, --unlock unlock the user account
+ -v, --add-subuids FIRST-LAST add range of subordinate uids
+ -V, --del-subuids FIRST-LAST remove range of subordinate uids
+ -w, --add-subgids FIRST-LAST add range of subordinate gids
+ -W, --del-subgids FIRST-LAST remove range of subordinate gids
+ -Z, --selinux-user SEUSER new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test
new file mode 100755
index 0000000..3886f26
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that -L and -p are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change an lock password (usermod -L -p newpass foo)..."
+usermod -L -p newpass foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config.txt b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/default/useradd b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/group b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/gshadow b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/passwd b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/shadow b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/data/usage.out b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/data/usage.out
new file mode 100644
index 0000000..97b98e8
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/data/usage.out
@@ -0,0 +1,31 @@
+usermod: the -L, -p, and -U flags are exclusive
+Usage: usermod [options] LOGIN
+
+Options:
+ -c, --comment COMMENT new value of the GECOS field
+ -d, --home HOME_DIR new home directory for the user account
+ -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -f, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -g, --gid GROUP force use GROUP as new primary group
+ -G, --groups GROUPS new list of supplementary GROUPS
+ -a, --append append the user to the supplemental GROUPS
+ mentioned by the -G option without removing
+ him/her from other groups
+ -h, --help display this help message and exit
+ -l, --login NEW_LOGIN new value of the login name
+ -L, --lock lock the user account
+ -m, --move-home move contents of the home directory to the
+ new location (use only with -d)
+ -o, --non-unique allow using duplicate (non-unique) UID
+ -p, --password PASSWORD use encrypted password for the new password
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+ -u, --uid UID new UID for the user account
+ -U, --unlock unlock the user account
+ -v, --add-subuids FIRST-LAST add range of subordinate uids
+ -V, --del-subuids FIRST-LAST remove range of subordinate uids
+ -w, --add-subgids FIRST-LAST add range of subordinate gids
+ -W, --del-subgids FIRST-LAST remove range of subordinate gids
+ -Z, --selinux-user SEUSER new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test
new file mode 100755
index 0000000..5ab2270
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that -L and -U are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock an unlock password (usermod -L -U foo)..."
+usermod -L -U foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config.txt b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/default/useradd b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/group b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/gshadow b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/passwd b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/shadow b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/data/usage.out b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/data/usage.out
new file mode 100644
index 0000000..97b98e8
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/data/usage.out
@@ -0,0 +1,31 @@
+usermod: the -L, -p, and -U flags are exclusive
+Usage: usermod [options] LOGIN
+
+Options:
+ -c, --comment COMMENT new value of the GECOS field
+ -d, --home HOME_DIR new home directory for the user account
+ -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -f, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -g, --gid GROUP force use GROUP as new primary group
+ -G, --groups GROUPS new list of supplementary GROUPS
+ -a, --append append the user to the supplemental GROUPS
+ mentioned by the -G option without removing
+ him/her from other groups
+ -h, --help display this help message and exit
+ -l, --login NEW_LOGIN new value of the login name
+ -L, --lock lock the user account
+ -m, --move-home move contents of the home directory to the
+ new location (use only with -d)
+ -o, --non-unique allow using duplicate (non-unique) UID
+ -p, --password PASSWORD use encrypted password for the new password
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+ -u, --uid UID new UID for the user account
+ -U, --unlock unlock the user account
+ -v, --add-subuids FIRST-LAST add range of subordinate uids
+ -V, --del-subuids FIRST-LAST remove range of subordinate uids
+ -w, --add-subgids FIRST-LAST add range of subordinate gids
+ -W, --del-subgids FIRST-LAST remove range of subordinate gids
+ -Z, --selinux-user SEUSER new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test
new file mode 100755
index 0000000..0dc1ea4
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that -U and -p are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change an unlock password (usermod -U -p newpass foo)..."
+usermod -U -p newpass foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config.txt b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/default/useradd b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/group b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/gshadow b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/passwd b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/shadow b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/group b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/group
new file mode 100644
index 0000000..730e4dd
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo2
+tty:x:5:
+disk:x:6:
+lp:x:7:root,foo2
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo2
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo2
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo2
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/passwd b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/passwd
new file mode 100644
index 0000000..f9b7829
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/shadow b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test
new file mode 100755
index 0000000..5ad5bf9
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod rename the user in the lists of members, when an user is renamed with -l"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/gshadow..."
+rm -f /etc/gshadow
+echo "done"
+
+echo -n "Rename user foo (usermod -l foo2 foo)..."
+usermod -l foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config.txt b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/default/useradd b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/group b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/gshadow b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/passwd b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/shadow b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/data/usage.out b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/data/usage.out
new file mode 100644
index 0000000..5a96e57
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/data/usage.out
@@ -0,0 +1 @@
+usermod: invalid user name '2:bar'
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test
new file mode 100755
index 0000000..66ff45a
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks the validity of a new username"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename with invalid username (usermod -l 2bar foo)..."
+usermod -l 2:bar foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/23_usermod-e_date/config.txt b/tests/usertools/usermod/23_usermod-e_date/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/default/useradd b/tests/usertools/usermod/23_usermod-e_date/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/group b/tests/usertools/usermod/23_usermod-e_date/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/gshadow b/tests/usertools/usermod/23_usermod-e_date/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/passwd b/tests/usertools/usermod/23_usermod-e_date/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/shadow b/tests/usertools/usermod/23_usermod-e_date/config/etc/shadow
new file mode 100644
index 0000000..e678938
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/23_usermod-e_date/data/shadow b/tests/usertools/usermod/23_usermod-e_date/data/shadow
new file mode 100644
index 0000000..af98956
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::15320:
diff --git a/tests/usertools/usermod/23_usermod-e_date/usermod.test b/tests/usertools/usermod/23_usermod-e_date/usermod.test
new file mode 100755
index 0000000..5ab527f
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can set the expiry date"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's expiry date (usermod -e 2011-12-12 foo)..."
+usermod -e 2011-12-12 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/24_usermod-e_date/config.txt b/tests/usertools/usermod/24_usermod-e_date/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/default/useradd b/tests/usertools/usermod/24_usermod-e_date/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/group b/tests/usertools/usermod/24_usermod-e_date/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/gshadow b/tests/usertools/usermod/24_usermod-e_date/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/passwd b/tests/usertools/usermod/24_usermod-e_date/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/shadow b/tests/usertools/usermod/24_usermod-e_date/config/etc/shadow
new file mode 100644
index 0000000..ae79ac5
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::42:
diff --git a/tests/usertools/usermod/24_usermod-e_date/data/shadow b/tests/usertools/usermod/24_usermod-e_date/data/shadow
new file mode 100644
index 0000000..a1923b5
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::42424:
diff --git a/tests/usertools/usermod/24_usermod-e_date/usermod.test b/tests/usertools/usermod/24_usermod-e_date/usermod.test
new file mode 100755
index 0000000..a2ae15a
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can set the expiry date (number of days)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's expiry date (usermod -e 42424 foo)..."
+usermod -e 42424 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config.txt b/tests/usertools/usermod/25_usermod-e_empty_arg/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/default/useradd b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/group b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/gshadow b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/passwd b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/shadow b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/shadow
new file mode 100644
index 0000000..b21ccf8
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::2:
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/data/shadow b/tests/usertools/usermod/25_usermod-e_empty_arg/data/shadow
new file mode 100644
index 0000000..e678938
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/usermod.test b/tests/usertools/usermod/25_usermod-e_empty_arg/usermod.test
new file mode 100755
index 0000000..997d51a
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can disable the expiry date"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable the user's expiry date (usermod -e '' foo)..."
+usermod -e '' foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/26_usermod-e-1/config.txt b/tests/usertools/usermod/26_usermod-e-1/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/default/useradd b/tests/usertools/usermod/26_usermod-e-1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/group b/tests/usertools/usermod/26_usermod-e-1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/gshadow b/tests/usertools/usermod/26_usermod-e-1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/passwd b/tests/usertools/usermod/26_usermod-e-1/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/shadow b/tests/usertools/usermod/26_usermod-e-1/config/etc/shadow
new file mode 100644
index 0000000..b21ccf8
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::2:
diff --git a/tests/usertools/usermod/26_usermod-e-1/data/shadow b/tests/usertools/usermod/26_usermod-e-1/data/shadow
new file mode 100644
index 0000000..e678938
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/26_usermod-e-1/usermod.test b/tests/usertools/usermod/26_usermod-e-1/usermod.test
new file mode 100755
index 0000000..c15ddc6
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can disable the expiry date"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable the user's expiry date (usermod -e -1 foo)..."
+usermod -e -1 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config.txt b/tests/usertools/usermod/27_usermod-e_invalid1/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/default/useradd b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/group b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/gshadow b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/passwd b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/shadow b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/shadow
new file mode 100644
index 0000000..b21ccf8
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::2:
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/data/usermod.err b/tests/usertools/usermod/27_usermod-e_invalid1/data/usermod.err
new file mode 100644
index 0000000..3de424e
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid date '-2'
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/usermod.test b/tests/usertools/usermod/27_usermod-e_invalid1/usermod.test
new file mode 100755
index 0000000..c564197
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks the validity of the expiry argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable the user's expiry date (usermod -e -2 foo)..."
+usermod -e -2 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config.txt b/tests/usertools/usermod/28_usermod-e_invalid2/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/default/useradd b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/group b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/gshadow b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/passwd b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/shadow b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/shadow
new file mode 100644
index 0000000..b21ccf8
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::2:
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/data/usermod.err b/tests/usertools/usermod/28_usermod-e_invalid2/data/usermod.err
new file mode 100644
index 0000000..43494b0
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid date 'bar'
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/usermod.test b/tests/usertools/usermod/28_usermod-e_invalid2/usermod.test
new file mode 100755
index 0000000..fa761b2
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks the validity of the expiry argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable the user's expiry date (usermod -e bar foo)..."
+usermod -e bar foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config.txt b/tests/usertools/usermod/29_usermod_no_changes/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/default/useradd b/tests/usertools/usermod/29_usermod_no_changes/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/group b/tests/usertools/usermod/29_usermod_no_changes/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/gshadow b/tests/usertools/usermod/29_usermod_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/passwd b/tests/usertools/usermod/29_usermod_no_changes/config/etc/passwd
new file mode 100644
index 0000000..7c90a9b
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:GeCoS:/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/shadow b/tests/usertools/usermod/29_usermod_no_changes/config/etc/shadow
new file mode 100644
index 0000000..0a24422
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:oldpass:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/29_usermod_no_changes/data/usermod.err b/tests/usertools/usermod/29_usermod_no_changes/data/usermod.err
new file mode 100644
index 0000000..ea8edd6
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/data/usermod.err
@@ -0,0 +1 @@
+usermod: no changes
diff --git a/tests/usertools/usermod/29_usermod_no_changes/usermod.test b/tests/usertools/usermod/29_usermod_no_changes/usermod.test
new file mode 100755
index 0000000..5d70329
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/usermod.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod detects when no real changes are requested"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Perform non changes (usermod -l foo -c GeCoS -e -1 -f -1 -u 1000 -d /nonexistent -s /bin/sh foo)..."
+usermod -l foo -c GeCoS -e -1 -f -1 -u 1000 -d /nonexistent -s /bin/sh foo 2>tmp/usermod.err
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config.txt b/tests/usertools/usermod/30_usermod_usage-a_without-G/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/default/useradd b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/group b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/gshadow b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/passwd b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/shadow b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/data/usage.out b/tests/usertools/usermod/30_usermod_usage-a_without-G/data/usage.out
new file mode 100644
index 0000000..27dcca7
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/data/usage.out
@@ -0,0 +1,31 @@
+usermod: -a flag is only allowed with the -G flag
+Usage: usermod [options] LOGIN
+
+Options:
+ -c, --comment COMMENT new value of the GECOS field
+ -d, --home HOME_DIR new home directory for the user account
+ -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -f, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -g, --gid GROUP force use GROUP as new primary group
+ -G, --groups GROUPS new list of supplementary GROUPS
+ -a, --append append the user to the supplemental GROUPS
+ mentioned by the -G option without removing
+ him/her from other groups
+ -h, --help display this help message and exit
+ -l, --login NEW_LOGIN new value of the login name
+ -L, --lock lock the user account
+ -m, --move-home move contents of the home directory to the
+ new location (use only with -d)
+ -o, --non-unique allow using duplicate (non-unique) UID
+ -p, --password PASSWORD use encrypted password for the new password
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+ -u, --uid UID new UID for the user account
+ -U, --unlock unlock the user account
+ -v, --add-subuids FIRST-LAST add range of subordinate uids
+ -V, --del-subuids FIRST-LAST remove range of subordinate uids
+ -w, --add-subgids FIRST-LAST add range of subordinate gids
+ -W, --del-subgids FIRST-LAST remove range of subordinate gids
+ -Z, --selinux-user SEUSER new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/usermod.test b/tests/usertools/usermod/30_usermod_usage-a_without-G/usermod.test
new file mode 100755
index 0000000..6e30cfd
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod rejects -a without -G"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Append groups without groups (usermod -a foo)..."
+usermod -a foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config.txt b/tests/usertools/usermod/31_usermod_usage-o_without-u/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/default/useradd b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/group b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/gshadow b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/passwd b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/shadow b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/data/usage.out b/tests/usertools/usermod/31_usermod_usage-o_without-u/data/usage.out
new file mode 100644
index 0000000..d3a108f
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/data/usage.out
@@ -0,0 +1,31 @@
+usermod: -o flag is only allowed with the -u flag
+Usage: usermod [options] LOGIN
+
+Options:
+ -c, --comment COMMENT new value of the GECOS field
+ -d, --home HOME_DIR new home directory for the user account
+ -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -f, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -g, --gid GROUP force use GROUP as new primary group
+ -G, --groups GROUPS new list of supplementary GROUPS
+ -a, --append append the user to the supplemental GROUPS
+ mentioned by the -G option without removing
+ him/her from other groups
+ -h, --help display this help message and exit
+ -l, --login NEW_LOGIN new value of the login name
+ -L, --lock lock the user account
+ -m, --move-home move contents of the home directory to the
+ new location (use only with -d)
+ -o, --non-unique allow using duplicate (non-unique) UID
+ -p, --password PASSWORD use encrypted password for the new password
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+ -u, --uid UID new UID for the user account
+ -U, --unlock unlock the user account
+ -v, --add-subuids FIRST-LAST add range of subordinate uids
+ -V, --del-subuids FIRST-LAST remove range of subordinate uids
+ -w, --add-subgids FIRST-LAST add range of subordinate gids
+ -W, --del-subgids FIRST-LAST remove range of subordinate gids
+ -Z, --selinux-user SEUSER new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/usermod.test b/tests/usertools/usermod/31_usermod_usage-o_without-u/usermod.test
new file mode 100755
index 0000000..bf57aa7
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/usermod.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod rejects -o without -u"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Append groups without groups (usermod -o foo)..."
+usermod -o foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config.txt b/tests/usertools/usermod/32_usermod_usage-m_without-d/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/default/useradd b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/group b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/gshadow b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/passwd b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/shadow b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/data/usage.out b/tests/usertools/usermod/32_usermod_usage-m_without-d/data/usage.out
new file mode 100644
index 0000000..0dbcdef
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/data/usage.out
@@ -0,0 +1,31 @@
+usermod: -m flag is only allowed with the -d flag
+Usage: usermod [options] LOGIN
+
+Options:
+ -c, --comment COMMENT new value of the GECOS field
+ -d, --home HOME_DIR new home directory for the user account
+ -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
+ -f, --inactive INACTIVE set password inactive after expiration
+ to INACTIVE
+ -g, --gid GROUP force use GROUP as new primary group
+ -G, --groups GROUPS new list of supplementary GROUPS
+ -a, --append append the user to the supplemental GROUPS
+ mentioned by the -G option without removing
+ him/her from other groups
+ -h, --help display this help message and exit
+ -l, --login NEW_LOGIN new value of the login name
+ -L, --lock lock the user account
+ -m, --move-home move contents of the home directory to the
+ new location (use only with -d)
+ -o, --non-unique allow using duplicate (non-unique) UID
+ -p, --password PASSWORD use encrypted password for the new password
+ -R, --root CHROOT_DIR directory to chroot into
+ -s, --shell SHELL new login shell for the user account
+ -u, --uid UID new UID for the user account
+ -U, --unlock unlock the user account
+ -v, --add-subuids FIRST-LAST add range of subordinate uids
+ -V, --del-subuids FIRST-LAST remove range of subordinate uids
+ -w, --add-subgids FIRST-LAST add range of subordinate gids
+ -W, --del-subgids FIRST-LAST remove range of subordinate gids
+ -Z, --selinux-user SEUSER new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/usermod.test b/tests/usertools/usermod/32_usermod_usage-m_without-d/usermod.test
new file mode 100755
index 0000000..407dc32
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod rejects -m without -d"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Move home without new home (usermod -m foo)..."
+usermod -m foo 2>tmp/usage.out && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config.txt b/tests/usertools/usermod/33_usermod_change_shell/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/default/useradd b/tests/usertools/usermod/33_usermod_change_shell/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/group b/tests/usertools/usermod/33_usermod_change_shell/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/gshadow b/tests/usertools/usermod/33_usermod_change_shell/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/passwd b/tests/usertools/usermod/33_usermod_change_shell/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/shadow b/tests/usertools/usermod/33_usermod_change_shell/config/etc/shadow
new file mode 100644
index 0000000..e678938
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/33_usermod_change_shell/data/passwd b/tests/usertools/usermod/33_usermod_change_shell/data/passwd
new file mode 100644
index 0000000..57c4cf3
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/bash
diff --git a/tests/usertools/usermod/33_usermod_change_shell/usermod.test b/tests/usertools/usermod/33_usermod_change_shell/usermod.test
new file mode 100755
index 0000000..81145df
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can change the shell"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's shell (usermod -s /bin/bash foo)..."
+usermod -s /bin/bash foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config.txt b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/default/useradd b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/group b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/gshadow b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/passwd b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..0175ffc
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:oldpass:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/shadow b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/data/shadow b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..64ee844
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:oldpass:@TODAY@:0:99999:7::15320:
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test
new file mode 100755
index 0000000..fa2e567
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod create a shadow entry to set the expiry date"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's expiry date (usermod -e 2011-12-12 foo)..."
+usermod -e 2011-12-12 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config.txt b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/default/useradd b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/group b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/gshadow b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/passwd b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..0175ffc
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:oldpass:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/shadow b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/data/shadow b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..43a9175
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:oldpass:@TODAY@:0:99999:7:42::
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test
new file mode 100755
index 0000000..0c1d293
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod create a shadow entry to set the number of inactive days"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's number of inactive days (usermod -f 42 foo)..."
+usermod -f 42 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config.txt b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/default/useradd b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/group b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/gshadow b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/passwd b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/shadow b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a
new file mode 100644
index 0000000..62a6381
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a
@@ -0,0 +1,3 @@
+-rw-r--r-- foo:foo `/home/foo/toto'
+drwxr-xr-x foo:foo `/home/foo/.'
+drwxr-xr-x root:root `/home/foo/..'
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a2 b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a2
new file mode 100644
index 0000000..e69e95d
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a2
@@ -0,0 +1,2 @@
+drwxr-xr-x root:root `/home/foo2/.'
+drwxr-xr-x root:root `/home/foo2/..'
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/passwd b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/passwd
new file mode 100644
index 0000000..bc9a6f0
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/usermod.err b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/usermod.err
new file mode 100644
index 0000000..64b72d1
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/usermod.err
@@ -0,0 +1 @@
+usermod: directory /home/foo2 exists
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test
new file mode 100755
index 0000000..0821c02
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test
@@ -0,0 +1,84 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0
+
+change_config
+
+mkdir /home/foo
+echo toto > /home/foo/toto
+chown -R foo:foo /home/foo
+
+echo -n "Create /home/foo2"...
+mkdir /home/foo2
+echo "OK"
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo2 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was not removed..."
+test -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was not moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /home/foo/..."
+stat --printf "%A %U:%G %N\n" /home/foo/* /home/foo/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+echo -n "Check content of /home/foo2/..."
+stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a2
+diff -rauN data/home_ls-a2 tmp/home_ls-a2
+echo "OK"
+rm -f tmp/home_ls-a2
+
+echo -n "Remove the home directories..."
+rm -rf /home/foo /home/foo2
+echo "done"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config.txt b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/default/useradd b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/group b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/gshadow b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/passwd b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/shadow b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/data/passwd b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/data/passwd
new file mode 100644
index 0000000..bc9a6f0
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test
new file mode 100755
index 0000000..3b3ba6f
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0
+
+change_config
+
+# Do not create the user's /home/foo home directory
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the old user's home directory was not created..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the new user's home directory was not created..."
+test ! -d /home/foo2
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config.txt b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/default/useradd b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/group b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/gshadow b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/passwd b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/shadow b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/data/passwd b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test
new file mode 100755
index 0000000..b232d9e
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/lastlog' 0
+
+change_config
+
+echo -n "Remove /var/log/lastlog (it will not be restored)..."
+rm -f /var/log/lastlog
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the /var/log/lastlog file was not created"...
+test ! -f /var/log/lastlog
+echo "OK"
+
+touch /var/log/lastlog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config.txt b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/default/useradd b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/group b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/gshadow b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/passwd b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/shadow b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/data/passwd b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/data/passwd
new file mode 100644
index 0000000..137b91d
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/sh
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/login.exp b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/login.exp
new file mode 100755
index 0000000..c8866d9
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/login.exp
@@ -0,0 +1,13 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -f foo\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test
new file mode 100755
index 0000000..8b4f43f
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+touch /var/log/lastlog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+lastlog > tmp/lastlog.out
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+lastlog > tmp/lastlog.out2
+
+echo "lastlog:"
+echo "======================================================================="
+cat tmp/lastlog.out2
+echo "======================================================================="
+
+echo -n "Check the lastlog message..."
+diff -au tmp/lastlog.out tmp/lastlog.out2
+echo "lastlog message OK."
+rm -f tmp/lastlog.out tmp/lastlog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config.txt b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/default/useradd b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/group b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/group
new file mode 100644
index 0000000..6470be5
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:10000:
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/gshadow b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/gshadow
new file mode 100644
index 0000000..e982c7c
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/passwd b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/passwd
new file mode 100644
index 0000000..5173c28
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+bar:x:10000:10000::/home/bar:/bin/sh
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/shadow b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/shadow
new file mode 100644
index 0000000..5f73f33
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/group b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/group
new file mode 100644
index 0000000..d972111
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:10000:
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/passwd b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/passwd
new file mode 100644
index 0000000..1cfb31f
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:10000::/home/bar:/bin/sh
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/shadow b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/login.exp b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/login.exp
new file mode 100755
index 0000000..c8866d9
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/login.exp
@@ -0,0 +1,13 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -f foo\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test
new file mode 100755
index 0000000..5efc96f
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test
@@ -0,0 +1,74 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+touch /var/log/lastlog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+lastlog > tmp/lastlog.out
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Manually delete the user foo (to keep the lastlog entry)..."
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+sed -e '/^foo:/d' -i /etc/group
+sed -e '/^foo:/d' -i /etc/gshadow
+echo "OK"
+
+echo -n "Change the user's UID to reuse foo's (usermod -u 1000 bar)..."
+usermod -u 1000 bar
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+lastlog > tmp/lastlog.out2
+
+echo "lastlog:"
+echo "======================================================================="
+cat tmp/lastlog.out2
+echo "======================================================================="
+
+echo -n "Check the lastlog message..."
+sed -e '/^foo /d' -i tmp/lastlog.out
+diff -au tmp/lastlog.out tmp/lastlog.out2
+echo "lastlog message OK."
+rm -f tmp/lastlog.out tmp/lastlog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config.txt b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/default/useradd b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/group b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/gshadow b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/passwd b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/shadow b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/data/passwd b/tests/usertools/usermod/41_usermod-u_faillog_not_created/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/usermod.test b/tests/usertools/usermod/41_usermod-u_faillog_not_created/usermod.test
new file mode 100755
index 0000000..2122a87
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/usermod.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/faillog' 0
+
+change_config
+
+echo -n "Remove /var/log/faillog (it will not be restored)..."
+rm -f /var/log/faillog
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the /var/log/faillog file was not created"...
+test ! -f /var/log/faillog
+echo "OK"
+
+touch /var/log/faillog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config.txt b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/default/useradd b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/group b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/gshadow b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/pam.d/login b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/passwd b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/shadow b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/shadow
new file mode 100644
index 0000000..9b99f4d
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/data/passwd b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/data/passwd
new file mode 100644
index 0000000..137b91d
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/sh
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/login.exp b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/login.exp
new file mode 100755
index 0000000..bb91e57
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/login.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login foo\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test
new file mode 100755
index 0000000..769e5dc
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+faillog > tmp/faillog.out
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+faillog > tmp/faillog.out2
+
+echo "faillog:"
+echo "======================================================================="
+cat tmp/faillog.out2
+echo "======================================================================="
+
+echo -n "Check the faillog message..."
+diff -au tmp/faillog.out tmp/faillog.out2
+echo "faillog message OK."
+rm -f tmp/faillog.out tmp/faillog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config.txt b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/default/useradd b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/group b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/group
new file mode 100644
index 0000000..6470be5
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:10000:
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/gshadow b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/gshadow
new file mode 100644
index 0000000..e982c7c
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/pam.d/login b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# Added to support faillog
+auth required pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/passwd b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/passwd
new file mode 100644
index 0000000..5173c28
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+bar:x:10000:10000::/home/bar:/bin/sh
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/shadow b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/shadow
new file mode 100644
index 0000000..5f73f33
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/group b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/group
new file mode 100644
index 0000000..d972111
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:10000:
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/passwd b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/passwd
new file mode 100644
index 0000000..1cfb31f
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:10000::/home/bar:/bin/sh
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/shadow b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/login.exp b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/login.exp
new file mode 100755
index 0000000..bb91e57
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/login.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login foo\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test
new file mode 100755
index 0000000..ee262b6
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test
@@ -0,0 +1,75 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+touch /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+faillog > tmp/faillog.out
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+rm -f tmp/faillog.out
+
+echo -n "Manually delete the user foo (to keep the faillog entry)..."
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+sed -e '/^foo:/d' -i /etc/group
+sed -e '/^foo:/d' -i /etc/gshadow
+echo "OK"
+
+echo -n "Change the user's UID to reuse foo's (usermod -u 1000 bar)..."
+usermod -u 1000 bar
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+faillog > tmp/faillog.out2
+
+echo "faillog:"
+echo "======================================================================="
+cat tmp/faillog.out2
+echo "======================================================================="
+
+echo -n "Check the faillog message..."
+c=$(cat tmp/faillog.out2 | wc -c)
+test $c = "0"
+echo "empty faillog OK."
+rm -f tmp/faillog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config.txt b/tests/usertools/usermod/44_usermod-l_move_mailbox/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/default/useradd b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/group b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/gshadow b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/passwd b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/shadow b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/data/mailbox.perms b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/mailbox.perms
new file mode 100644
index 0000000..92d36ea
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/mailbox.perms
@@ -0,0 +1 @@
+7 -rw-r--r-- bar:mail `/var/mail/bar'
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/data/passwd b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/passwd
new file mode 100644
index 0000000..656230a
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/data/shadow b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/test b/tests/usertools/usermod/44_usermod-l_move_mailbox/test
new file mode 100644
index 0000000..fbcf12d
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/test
@@ -0,0 +1 @@
+toto
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/usermod.test b/tests/usertools/usermod/44_usermod-l_move_mailbox/usermod.test
new file mode 100755
index 0000000..dfd0ef9
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/usermod.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod move the mailbox if it exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo /var/mail/bar' 0
+
+change_config
+
+echo -n "Create foo mailbox /var/mail/foo ..."
+echo foobar > /var/mail/foo
+chown foo:mail /var/mail/foo
+echo "OK"
+
+echo -n "Change the user's name (usermod -l bar foo)..."
+usermod -l bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the new mailbox was created..."
+test -f /var/mail/bar
+echo "OK"
+echo -n "Check that the old mailbox was removed..."
+test ! -f /var/mail/foo
+echo "OK"
+echo -n "Check permissions of the mailbox..."
+stat --printf "%s %A %U:%G %N\n" /var/mail/bar | sort > tmp/mailbox.perms
+diff -rauN data/mailbox.perms tmp/mailbox.perms
+echo "OK"
+rm -f tmp/mailbox.perms
+
+rm -f /var/mail/bar
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config.txt b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/default/useradd b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/group b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/gshadow b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/passwd b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/shadow b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/mailbox.perms b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/mailbox.perms
new file mode 100644
index 0000000..52233be
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/mailbox.perms
@@ -0,0 +1 @@
+-rw-r--r-- foo:mail `/var/mail/foo'
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/passwd b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test
new file mode 100755
index 0000000..3fb509b
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod changes the mailbox ownership"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0
+
+change_config
+
+echo -n "Create foo mailbox /var/mail/foo ..."
+touch /var/mail/foo
+chown foo:mail /var/mail/foo
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the mailbox was moved..."
+test -f /var/mail/foo
+echo "OK"
+echo -n "Check permissions of the mailbox..."
+stat --printf "%A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms
+diff -rauN data/mailbox.perms tmp/mailbox.perms
+echo "OK"
+rm -f tmp/mailbox.perms
+
+rm -f /var/mail/foo
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config.txt b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/default/useradd b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/group b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/group
new file mode 100644
index 0000000..7fca720
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/gshadow b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/gshadow
new file mode 100644
index 0000000..f735fda
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/passwd b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/passwd
new file mode 100644
index 0000000..6082b5f
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+bar:x:1001:1001::/home/bar:/bin/false
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/shadow b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/shadow
new file mode 100644
index 0000000..5f73f33
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/mailbox.perms b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/mailbox.perms
new file mode 100644
index 0000000..2c8f112
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/mailbox.perms
@@ -0,0 +1 @@
+7 -rw-r--r-- bar:mail `/var/mail/foo'
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/passwd b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/passwd
new file mode 100644
index 0000000..138adcc
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
+bar:x:1001:1001::/home/bar:/bin/false
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/usermod.err b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/usermod.err
new file mode 100644
index 0000000..8f67460
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/usermod.err
@@ -0,0 +1 @@
+usermod: warning: /var/mail/foo not owned by foo
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test
new file mode 100755
index 0000000..ab57a79
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks the mailbox ownership"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0
+
+change_config
+
+echo -n "Create foo mailbox /var/mail/foo ..."
+echo foobar> /var/mail/foo
+chown bar:mail /var/mail/foo
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo 2>tmp/usermod.err
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the mailbox was moved..."
+test -f /var/mail/foo
+echo "OK"
+echo -n "Check permissions of the mailbox..."
+stat --printf "%s %A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms
+diff -rauN data/mailbox.perms tmp/mailbox.perms
+echo "OK"
+rm -f tmp/mailbox.perms
+
+rm -f /var/mail/foo
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config.txt b/tests/usertools/usermod/47_usermod-u_default_maildir/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/default/useradd b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/group b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/gshadow b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/login.defs b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/login.defs
new file mode 100644
index 0000000..901481e
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+#MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/passwd b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/shadow b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/data/mailbox.perms b/tests/usertools/usermod/47_usermod-u_default_maildir/data/mailbox.perms
new file mode 100644
index 0000000..52233be
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/data/mailbox.perms
@@ -0,0 +1 @@
+-rw-r--r-- foo:mail `/var/mail/foo'
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/data/passwd b/tests/usertools/usermod/47_usermod-u_default_maildir/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/usermod.test b/tests/usertools/usermod/47_usermod-u_default_maildir/usermod.test
new file mode 100755
index 0000000..3fb509b
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod changes the mailbox ownership"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0
+
+change_config
+
+echo -n "Create foo mailbox /var/mail/foo ..."
+touch /var/mail/foo
+chown foo:mail /var/mail/foo
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the mailbox was moved..."
+test -f /var/mail/foo
+echo "OK"
+echo -n "Check permissions of the mailbox..."
+stat --printf "%A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms
+diff -rauN data/mailbox.perms tmp/mailbox.perms
+echo "OK"
+rm -f tmp/mailbox.perms
+
+rm -f /var/mail/foo
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config.txt b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/default/useradd b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/group b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/gshadow b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/login.defs b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/login.defs
new file mode 100644
index 0000000..35665e0
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+#MAIL_DIR /var/mail
+MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/passwd b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/shadow b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/mailbox.perms b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/mailbox.perms
new file mode 100644
index 0000000..9e78a91
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/mailbox.perms
@@ -0,0 +1 @@
+-rw-r--r-- UNKNOWN:mail `/var/mail/foo'
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/passwd b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test
new file mode 100755
index 0000000..3fb509b
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod changes the mailbox ownership"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0
+
+change_config
+
+echo -n "Create foo mailbox /var/mail/foo ..."
+touch /var/mail/foo
+chown foo:mail /var/mail/foo
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the mailbox was moved..."
+test -f /var/mail/foo
+echo "OK"
+echo -n "Check permissions of the mailbox..."
+stat --printf "%A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms
+diff -rauN data/mailbox.perms tmp/mailbox.perms
+echo "OK"
+rm -f tmp/mailbox.perms
+
+rm -f /var/mail/foo
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config.txt b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config.txt
new file mode 100644
index 0000000..b337f3f
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000, home directory: /home/foo
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/default/useradd b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/group b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/group
new file mode 100644
index 0000000..65ffe60
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/gshadow b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/passwd b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/shadow b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/home_ls-a b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/home_ls-a
new file mode 100644
index 0000000..654c2be
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/home_ls-a
@@ -0,0 +1,12 @@
+-rw-r--r-- 0:1001 `/home/foo2/uroot'
+-rw-r--r-- 1000:0 `/home/foo2/groot'
+-rw-r--r-- 1000:1001 `/home/foo2/.tata'
+-rw-r--r-- 1000:1001 `/home/foo2/.tyty'
+-rw-r--r-- 1000:1001 `/home/foo2/profile2'
+-rw-r--r-- 1000:1001 `/home/foo2/toto'
+-rw-r--r-- 1000:1001 `/home/foo2/tyty'
+crw-r--r-- 1000:1001 `/home/foo2/null'
+drwxr-xr-x 0:0 `/home/foo2/..'
+drwxr-xr-x 1000:1001 `/home/foo2/.'
+drwxr-xr-x 1000:1001 `/home/foo2/titi'
+lrwxrwxrwx 1000:1001 `/home/foo2/tutu' -> `/tmp/home/foo2/toto'
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/passwd b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/passwd
new file mode 100644
index 0000000..b966e61
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001::/tmp/home/foo2:/bin/false
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test
new file mode 100755
index 0000000..9a42e8d
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test
@@ -0,0 +1,87 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory, over a new device and changes the owner of the user's file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2; umount /tmp/home; rmdir /tmp/home' 0
+
+change_config
+
+mkdir /home/foo
+mkdir /home/foo/titi
+echo toto > /home/foo/toto
+echo tyty > /home/foo/tyty
+ln /home/foo/toto /home/foo/.tata
+ln /home/foo/tyty /home/foo/.tyty
+ln -s /home/foo/toto /home/foo/tutu
+mknod /home/foo/null c 1 3
+ln /etc/profile /home/foo/profile2
+echo root > /home/foo/uroot
+echo root > /home/foo/groot
+chown -R foo:foo /home/foo
+chown root /home/foo/uroot
+chgrp root /home/foo/groot
+stat --printf "%A %u:%g %N\n" /home/foo/* /home/foo/.* 2>/dev/null | sort
+
+mkdir /tmp/home
+mount --bind /home /tmp/home
+
+echo -n "Change the user's home directory (usermod -m -d /tmp/home/foo2 -g 1001 foo ..."
+usermod -m -d /tmp/home/foo2 -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %u:%g %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+echo -n "Check that hardlink to another homedir file remains a hardlink..."
+dev_ino=$(stat --printf "%d-%i" /home/foo2/toto)
+dev_ino2=$(stat --printf "%d-%i" /home/foo2/.tata)
+test "$dev_ino" = "$dev_ino2"
+echo "OK"
+echo -n "Check hardlink to outside the homedir..."
+dev_ino=$(stat --printf "%d-%i" /etc/profile)
+dev_ino2=$(stat --printf "%d-%i" /home/foo2/profile2)
+echo "$dev_ino" != "$dev_ino2"
+#test "$dev_ino" = "$dev_ino2"
+echo "NOT IMPLEMENTED"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /home/foo2
+echo "done"
+
+umount /tmp/home
+rmdir /tmp/home
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config.txt b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/default/useradd b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/group b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/gshadow b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/passwd b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/shadow b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/home_ls-a b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/home_ls-a
new file mode 100644
index 0000000..161c30f
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/home_ls-a
@@ -0,0 +1,5 @@
+-rw-r--r-- foo:foo `/home/foo2/toto'
+-rw-r--r-- foo:root `/home/foo2/groot'
+-rw-r--r-- root:foo `/home/foo2/uroot'
+drwxr-xr-x foo:foo `/home/foo2/.'
+drwxr-xr-x root:root `/home/foo2/..'
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/passwd b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/passwd
new file mode 100644
index 0000000..6074624
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1001:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test
new file mode 100755
index 0000000..6ac347c
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0
+
+change_config
+
+mkdir /home/foo
+echo toto > /home/foo/toto
+echo root > /home/foo/uroot
+echo root > /home/foo/groot
+chown -R foo:foo /home/foo
+chown root /home/foo/uroot
+chgrp root /home/foo/groot
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 -u 1001 foo)..."
+usermod -m -d /home/foo2 -u 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /home/foo2
+echo "done"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config.txt b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/default/useradd b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/group b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/group
new file mode 100644
index 0000000..65ffe60
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/gshadow b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/passwd b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/shadow b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/home_ls-a b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/home_ls-a
new file mode 100644
index 0000000..74d7ab0
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/home_ls-a
@@ -0,0 +1,3 @@
+-rw-r--r-- foo:bar `/home/foo2/toto'
+drwxr-xr-x foo:bar `/home/foo2/.'
+drwxr-xr-x root:root `/home/foo2/..'
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/passwd b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/passwd
new file mode 100644
index 0000000..676b112
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test
new file mode 100755
index 0000000..6bc87f3
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory and change the group permissions"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0
+
+change_config
+
+mkdir /home/foo
+echo toto > /home/foo/toto
+chown -R foo:foo /home/foo
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 -g 1001 foo)..."
+usermod -m -d /home/foo2 -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /home/foo2
+echo "done"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config.txt b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/default/useradd b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/group b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/gshadow b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/passwd b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/shadow b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a
new file mode 100644
index 0000000..62a6381
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a
@@ -0,0 +1,3 @@
+-rw-r--r-- foo:foo `/home/foo/toto'
+drwxr-xr-x foo:foo `/home/foo/.'
+drwxr-xr-x root:root `/home/foo/..'
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a2 b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a2
new file mode 100644
index 0000000..e69e95d
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a2
@@ -0,0 +1,2 @@
+drwxr-xr-x root:root `/home/foo2/.'
+drwxr-xr-x root:root `/home/foo2/..'
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/passwd b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/passwd
new file mode 100644
index 0000000..9da880b
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo3:/bin/false
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/usermod.err b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/usermod.err
new file mode 100644
index 0000000..c8f9de2
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/usermod.err
@@ -0,0 +1 @@
+usermod: directory /home/foo could not be moved
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/usermod.test b/tests/usertools/usermod/52_usermod_move_homedir_symlink/usermod.test
new file mode 100755
index 0000000..8bd0fd0
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/usermod.test
@@ -0,0 +1,75 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can't move the user's home directory when it's a symlink"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2/file /home/foo2' 0
+
+change_config
+
+mkdir /home/foo2
+echo toto > /home/foo2/file
+ln -s foo2 /home/foo
+chown -R foo:foo /home/foo /home/foo2
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo3 foo 2>tmp/usermod.err && exit 1 || {
+ status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that /home/foo is still a symlink..."
+test -L /home/foo
+echo "OK"
+echo -n "Check that /home/foo2 was not removed..."
+test -d /home/foo2
+test -f /home/foo2/file
+echo "OK"
+echo -n "Check that /home/foo3 was not created..."
+test ! -f /home/foo3
+echo "OK"
+
+echo -n "Remove the home directories..."
+rm -rf /home/foo /home/foo2
+echo "done"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+